1 /* $NetBSD: if_iwi.c,v 1.47 2006/04/11 15:42:56 rpaulo Exp $ */ 2 3 /*- 4 * Copyright (c) 2004, 2005 5 * Damien Bergamini <damien.bergamini@free.fr>. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice unmodified, this list of conditions, and the following 12 * disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 __KERNEL_RCSID(0, "$NetBSD: if_iwi.c,v 1.47 2006/04/11 15:42:56 rpaulo Exp $"); 32 33 /*- 34 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 35 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 36 */ 37 38 #include "bpfilter.h" 39 40 #include <sys/param.h> 41 #include <sys/sockio.h> 42 #include <sys/sysctl.h> 43 #include <sys/mbuf.h> 44 #include <sys/kernel.h> 45 #include <sys/socket.h> 46 #include <sys/systm.h> 47 #include <sys/malloc.h> 48 #include <sys/conf.h> 49 50 #include <machine/bus.h> 51 #include <machine/endian.h> 52 #include <machine/intr.h> 53 54 #include <dev/pci/pcireg.h> 55 #include <dev/pci/pcivar.h> 56 #include <dev/pci/pcidevs.h> 57 58 #if NBPFILTER > 0 59 #include <net/bpf.h> 60 #endif 61 #include <net/if.h> 62 #include <net/if_arp.h> 63 #include <net/if_dl.h> 64 #include <net/if_ether.h> 65 #include <net/if_media.h> 66 #include <net/if_types.h> 67 68 #include <net80211/ieee80211_var.h> 69 #include <net80211/ieee80211_radiotap.h> 70 71 #include <netinet/in.h> 72 #include <netinet/in_systm.h> 73 #include <netinet/in_var.h> 74 #include <netinet/ip.h> 75 76 #include <crypto/arc4/arc4.h> 77 78 #include <dev/pci/if_iwireg.h> 79 #include <dev/pci/if_iwivar.h> 80 81 #ifdef IWI_DEBUG 82 #define DPRINTF(x) if (iwi_debug > 0) printf x 83 #define DPRINTFN(n, x) if (iwi_debug >= (n)) printf x 84 int iwi_debug = 4; 85 #else 86 #define DPRINTF(x) 87 #define DPRINTFN(n, x) 88 #endif 89 90 static int iwi_match(struct device *, struct cfdata *, void *); 91 static void iwi_attach(struct device *, struct device *, void *); 92 static int iwi_detach(struct device *, int); 93 94 static void iwi_shutdown(void *); 95 static int iwi_suspend(struct iwi_softc *); 96 static int iwi_resume(struct iwi_softc *); 97 static void iwi_powerhook(int, void *); 98 99 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 100 int); 101 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 102 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 103 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 104 int, bus_addr_t, bus_addr_t); 105 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 106 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 107 static struct mbuf * 108 iwi_alloc_rx_buf(struct iwi_softc *sc); 109 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 110 int); 111 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 112 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 113 114 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 115 static void iwi_node_free(struct ieee80211_node *); 116 117 static int iwi_media_change(struct ifnet *); 118 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 119 static int iwi_wme_update(struct ieee80211com *); 120 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 121 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 122 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 123 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 124 struct iwi_frame *); 125 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 126 static void iwi_cmd_intr(struct iwi_softc *); 127 static void iwi_rx_intr(struct iwi_softc *); 128 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 129 static int iwi_intr(void *); 130 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 131 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 132 static int iwi_tx_start(struct ifnet *, struct mbuf *, struct ieee80211_node *, 133 int); 134 static void iwi_start(struct ifnet *); 135 static void iwi_watchdog(struct ifnet *); 136 137 static int iwi_alloc_unr(struct iwi_softc *); 138 static void iwi_free_unr(struct iwi_softc *, int); 139 140 static int iwi_get_table0(struct iwi_softc *, uint32_t *); 141 static int iwi_get_radio(struct iwi_softc *, int *); 142 143 static int iwi_ioctl(struct ifnet *, u_long, caddr_t); 144 static void iwi_stop_master(struct iwi_softc *); 145 static int iwi_reset(struct iwi_softc *); 146 static int iwi_load_ucode(struct iwi_softc *, void *, int); 147 static int iwi_load_firmware(struct iwi_softc *, void *, int); 148 static int iwi_cache_firmware(struct iwi_softc *, void *); 149 static void iwi_free_firmware(struct iwi_softc *); 150 static int iwi_config(struct iwi_softc *); 151 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 152 static int iwi_scan(struct iwi_softc *); 153 static int iwi_auth_and_assoc(struct iwi_softc *); 154 static int iwi_init(struct ifnet *); 155 static void iwi_stop(struct ifnet *, int); 156 static void iwi_led_set(struct iwi_softc *, uint32_t, int); 157 static void iwi_error_log(struct iwi_softc *); 158 159 /* 160 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 161 */ 162 static const struct ieee80211_rateset iwi_rateset_11a = 163 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 164 165 static const struct ieee80211_rateset iwi_rateset_11b = 166 { 4, { 2, 4, 11, 22 } }; 167 168 static const struct ieee80211_rateset iwi_rateset_11g = 169 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 170 171 static inline uint8_t 172 MEM_READ_1(struct iwi_softc *sc, uint32_t addr) 173 { 174 CSR_WRITE_4(sc, IWI_CSR_INDIRECT_ADDR, addr); 175 return CSR_READ_1(sc, IWI_CSR_INDIRECT_DATA); 176 } 177 178 static inline uint32_t 179 MEM_READ_4(struct iwi_softc *sc, uint32_t addr) 180 { 181 CSR_WRITE_4(sc, IWI_CSR_INDIRECT_ADDR, addr); 182 return CSR_READ_4(sc, IWI_CSR_INDIRECT_DATA); 183 } 184 185 static void 186 MEM_CPY(struct iwi_softc *sc, void *dst, uint32_t base, size_t sz) 187 { 188 KASSERT(sz % 4 == 0); 189 int j; 190 191 uint32_t *p = dst; 192 193 for (j = 0; j < sz / 4; j++) 194 p[j] = MEM_READ_4(sc, base + j * sizeof(uint32_t)); 195 } 196 197 CFATTACH_DECL(iwi, sizeof (struct iwi_softc), iwi_match, iwi_attach, 198 iwi_detach, NULL); 199 200 static int 201 iwi_match(struct device *parent, struct cfdata *match, void *aux) 202 { 203 struct pci_attach_args *pa = aux; 204 205 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 206 return 0; 207 208 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2200BG || 209 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2225BG || 210 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1 || 211 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2) 212 return 1; 213 214 return 0; 215 } 216 217 /* Base Address Register */ 218 #define IWI_PCI_BAR0 0x10 219 220 static void 221 iwi_attach(struct device *parent, struct device *self, void *aux) 222 { 223 struct iwi_softc *sc = (struct iwi_softc *)self; 224 struct ieee80211com *ic = &sc->sc_ic; 225 struct ifnet *ifp = &sc->sc_if; 226 struct pci_attach_args *pa = aux; 227 const char *intrstr; 228 char devinfo[256]; 229 bus_space_tag_t memt; 230 bus_space_handle_t memh; 231 bus_addr_t base; 232 pci_intr_handle_t ih; 233 pcireg_t data; 234 uint16_t val; 235 int error, revision, i; 236 237 sc->sc_pct = pa->pa_pc; 238 sc->sc_pcitag = pa->pa_tag; 239 240 pci_devinfo(pa->pa_id, pa->pa_class, 0, devinfo, sizeof devinfo); 241 revision = PCI_REVISION(pa->pa_class); 242 aprint_normal(": %s (rev. 0x%02x)\n", devinfo, revision); 243 244 /* clear device specific PCI configuration register 0x41 */ 245 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 246 data &= ~0x0000ff00; 247 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 248 249 /* clear unit numbers allocated to IBSS */ 250 sc->sc_unr = 0; 251 252 /* enable bus-mastering */ 253 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 254 data |= PCI_COMMAND_MASTER_ENABLE; 255 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, data); 256 257 /* map the register window */ 258 error = pci_mapreg_map(pa, IWI_PCI_BAR0, PCI_MAPREG_TYPE_MEM | 259 PCI_MAPREG_MEM_TYPE_32BIT, 0, &memt, &memh, &base, &sc->sc_sz); 260 if (error != 0) { 261 aprint_error("%s: could not map memory space\n", 262 sc->sc_dev.dv_xname); 263 return; 264 } 265 266 sc->sc_st = memt; 267 sc->sc_sh = memh; 268 sc->sc_dmat = pa->pa_dmat; 269 270 /* disable interrupts */ 271 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 272 273 if (pci_intr_map(pa, &ih) != 0) { 274 aprint_error("%s: could not map interrupt\n", 275 sc->sc_dev.dv_xname); 276 return; 277 } 278 279 intrstr = pci_intr_string(sc->sc_pct, ih); 280 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, iwi_intr, sc); 281 if (sc->sc_ih == NULL) { 282 aprint_error("%s: could not establish interrupt", 283 sc->sc_dev.dv_xname); 284 if (intrstr != NULL) 285 aprint_error(" at %s", intrstr); 286 aprint_error("\n"); 287 return; 288 } 289 aprint_normal("%s: interrupting at %s\n", sc->sc_dev.dv_xname, intrstr); 290 291 if (iwi_reset(sc) != 0) { 292 aprint_error("%s: could not reset adapter\n", 293 sc->sc_dev.dv_xname); 294 return; 295 } 296 297 /* 298 * Allocate rings. 299 */ 300 if (iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT) != 0) { 301 aprint_error("%s: could not allocate command ring\n", 302 sc->sc_dev.dv_xname); 303 goto fail; 304 } 305 306 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 307 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 308 if (error != 0) { 309 aprint_error("%s: could not allocate Tx ring 1\n", 310 sc->sc_dev.dv_xname); 311 goto fail; 312 } 313 314 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 315 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 316 if (error != 0) { 317 aprint_error("%s: could not allocate Tx ring 2\n", 318 sc->sc_dev.dv_xname); 319 goto fail; 320 } 321 322 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 323 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 324 if (error != 0) { 325 aprint_error("%s: could not allocate Tx ring 3\n", 326 sc->sc_dev.dv_xname); 327 goto fail; 328 } 329 330 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 331 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 332 if (error != 0) { 333 aprint_error("%s: could not allocate Tx ring 4\n", 334 sc->sc_dev.dv_xname); 335 goto fail; 336 } 337 338 if (iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT) != 0) { 339 aprint_error("%s: could not allocate Rx ring\n", 340 sc->sc_dev.dv_xname); 341 goto fail; 342 } 343 344 ic->ic_ifp = ifp; 345 ic->ic_wme.wme_update = iwi_wme_update; 346 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 347 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 348 ic->ic_state = IEEE80211_S_INIT; 349 350 /* set device capabilities */ 351 ic->ic_caps = 352 IEEE80211_C_IBSS | /* IBSS mode supported */ 353 IEEE80211_C_MONITOR | /* monitor mode supported */ 354 IEEE80211_C_TXPMGT | /* tx power management */ 355 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 356 IEEE80211_C_WPA | /* 802.11i */ 357 IEEE80211_C_WME; /* 802.11e */ 358 359 /* read MAC address from EEPROM */ 360 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 361 ic->ic_myaddr[0] = val & 0xff; 362 ic->ic_myaddr[1] = val >> 8; 363 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 364 ic->ic_myaddr[2] = val & 0xff; 365 ic->ic_myaddr[3] = val >> 8; 366 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 367 ic->ic_myaddr[4] = val & 0xff; 368 ic->ic_myaddr[5] = val >> 8; 369 370 aprint_normal("%s: 802.11 address %s\n", sc->sc_dev.dv_xname, 371 ether_sprintf(ic->ic_myaddr)); 372 373 /* read the NIC type from EEPROM */ 374 val = iwi_read_prom_word(sc, IWI_EEPROM_NIC_TYPE); 375 sc->nictype = val & 0xff; 376 377 DPRINTF(("%s: NIC type %d\n", sc->sc_dev.dv_xname, sc->nictype)); 378 379 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1 || 380 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2) { 381 /* set supported .11a rates (2915ABG only) */ 382 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 383 384 /* set supported .11a channels */ 385 for (i = 36; i <= 64; i += 4) { 386 ic->ic_channels[i].ic_freq = 387 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 388 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 389 } 390 for (i = 149; i <= 165; i += 4) { 391 ic->ic_channels[i].ic_freq = 392 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 393 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 394 } 395 } 396 397 /* set supported .11b and .11g rates */ 398 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 399 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 400 401 /* set supported .11b and .11g channels (1 through 14) */ 402 for (i = 1; i <= 14; i++) { 403 ic->ic_channels[i].ic_freq = 404 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 405 ic->ic_channels[i].ic_flags = 406 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 407 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 408 } 409 410 ifp->if_softc = sc; 411 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 412 ifp->if_init = iwi_init; 413 ifp->if_stop = iwi_stop; 414 ifp->if_ioctl = iwi_ioctl; 415 ifp->if_start = iwi_start; 416 ifp->if_watchdog = iwi_watchdog; 417 IFQ_SET_READY(&ifp->if_snd); 418 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 419 420 if_attach(ifp); 421 ieee80211_ifattach(ic); 422 /* override default methods */ 423 ic->ic_node_alloc = iwi_node_alloc; 424 sc->sc_node_free = ic->ic_node_free; 425 ic->ic_node_free = iwi_node_free; 426 /* override state transition machine */ 427 sc->sc_newstate = ic->ic_newstate; 428 ic->ic_newstate = iwi_newstate; 429 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 430 431 #if NBPFILTER > 0 432 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 433 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 434 435 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 436 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 437 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 438 439 sc->sc_txtap_len = sizeof sc->sc_txtapu; 440 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 441 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 442 #endif 443 444 /* 445 * Make sure the interface is shutdown during reboot. 446 */ 447 sc->sc_sdhook = shutdownhook_establish(iwi_shutdown, sc); 448 if (sc->sc_sdhook == NULL) 449 aprint_error("%s: WARNING: unable to establish shutdown hook\n", 450 sc->sc_dev.dv_xname); 451 sc->sc_powerhook = powerhook_establish(iwi_powerhook, sc); 452 if (sc->sc_powerhook == NULL) 453 printf("%s: WARNING: unable to establish power hook\n", 454 sc->sc_dev.dv_xname); 455 456 ieee80211_announce(ic); 457 /* 458 * Add a few sysctl knobs. 459 * XXX: Not yet. 460 */ 461 sc->dwelltime = 100; 462 sc->bluetooth = 1; 463 sc->antenna = 0; 464 465 return; 466 467 fail: iwi_detach(self, 0); 468 } 469 470 static int 471 iwi_detach(struct device* self, int flags) 472 { 473 struct iwi_softc *sc = (struct iwi_softc *)self; 474 struct ifnet *ifp = &sc->sc_if; 475 476 if (ifp != NULL) 477 iwi_stop(ifp, 1); 478 479 iwi_free_firmware(sc); 480 481 #if NBPFILTER > 0 482 if (ifp != NULL) 483 bpfdetach(ifp); 484 #endif 485 ieee80211_ifdetach(&sc->sc_ic); 486 if (ifp != NULL) 487 if_detach(ifp); 488 489 iwi_free_cmd_ring(sc, &sc->cmdq); 490 iwi_free_tx_ring(sc, &sc->txq[0]); 491 iwi_free_tx_ring(sc, &sc->txq[1]); 492 iwi_free_tx_ring(sc, &sc->txq[2]); 493 iwi_free_tx_ring(sc, &sc->txq[3]); 494 iwi_free_rx_ring(sc, &sc->rxq); 495 496 if (sc->sc_ih != NULL) { 497 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 498 sc->sc_ih = NULL; 499 } 500 501 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 502 503 powerhook_disestablish(sc->sc_powerhook); 504 shutdownhook_disestablish(sc->sc_sdhook); 505 506 return 0; 507 } 508 509 static int 510 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, 511 int count) 512 { 513 int error, nsegs; 514 515 ring->count = count; 516 ring->queued = 0; 517 ring->cur = ring->next = 0; 518 519 /* 520 * Allocate and map command ring 521 */ 522 error = bus_dmamap_create(sc->sc_dmat, 523 IWI_CMD_DESC_SIZE * count, 1, 524 IWI_CMD_DESC_SIZE * count, 0, 525 BUS_DMA_NOWAIT, &ring->desc_map); 526 if (error != 0) { 527 aprint_error("%s: could not create command ring DMA map\n", 528 sc->sc_dev.dv_xname); 529 goto fail; 530 } 531 532 error = bus_dmamem_alloc(sc->sc_dmat, 533 IWI_CMD_DESC_SIZE * count, PAGE_SIZE, 0, 534 &sc->cmdq.desc_seg, 1, &nsegs, BUS_DMA_NOWAIT); 535 if (error != 0) { 536 aprint_error("%s: could not allocate command ring DMA memory\n", 537 sc->sc_dev.dv_xname); 538 goto fail; 539 } 540 541 error = bus_dmamem_map(sc->sc_dmat, &sc->cmdq.desc_seg, nsegs, 542 IWI_CMD_DESC_SIZE * count, 543 (caddr_t *)&sc->cmdq.desc, BUS_DMA_NOWAIT); 544 if (error != 0) { 545 aprint_error("%s: could not map command ring DMA memory\n", 546 sc->sc_dev.dv_xname); 547 goto fail; 548 } 549 550 error = bus_dmamap_load(sc->sc_dmat, sc->cmdq.desc_map, sc->cmdq.desc, 551 IWI_CMD_DESC_SIZE * count, NULL, 552 BUS_DMA_NOWAIT); 553 if (error != 0) { 554 aprint_error("%s: could not load command ring DMA map\n", 555 sc->sc_dev.dv_xname); 556 goto fail; 557 } 558 559 memset(sc->cmdq.desc, 0, 560 IWI_CMD_DESC_SIZE * count); 561 562 return 0; 563 564 fail: iwi_free_cmd_ring(sc, ring); 565 return error; 566 } 567 568 static void 569 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 570 { 571 int i; 572 573 for (i = ring->next; i != ring->cur;) { 574 bus_dmamap_sync(sc->sc_dmat, sc->cmdq.desc_map, 575 i * IWI_CMD_DESC_SIZE, IWI_CMD_DESC_SIZE, 576 BUS_DMASYNC_POSTWRITE); 577 578 wakeup(&ring->desc[i]); 579 i = (i + 1) % ring->count; 580 } 581 582 ring->queued = 0; 583 ring->cur = ring->next = 0; 584 } 585 586 static void 587 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 588 { 589 if (ring->desc_map != NULL) { 590 if (ring->desc != NULL) { 591 bus_dmamap_unload(sc->sc_dmat, ring->desc_map); 592 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc, 593 IWI_CMD_DESC_SIZE * ring->count); 594 bus_dmamem_free(sc->sc_dmat, &ring->desc_seg, 1); 595 } 596 bus_dmamap_destroy(sc->sc_dmat, ring->desc_map); 597 } 598 } 599 600 static int 601 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, 602 int count, bus_addr_t csr_ridx, bus_addr_t csr_widx) 603 { 604 int i, error, nsegs; 605 606 ring->count = count; 607 ring->queued = 0; 608 ring->cur = ring->next = 0; 609 ring->csr_ridx = csr_ridx; 610 ring->csr_widx = csr_widx; 611 612 /* 613 * Allocate and map Tx ring 614 */ 615 error = bus_dmamap_create(sc->sc_dmat, 616 IWI_TX_DESC_SIZE * count, 1, 617 IWI_TX_DESC_SIZE * count, 0, BUS_DMA_NOWAIT, 618 &ring->desc_map); 619 if (error != 0) { 620 aprint_error("%s: could not create tx ring DMA map\n", 621 sc->sc_dev.dv_xname); 622 goto fail; 623 } 624 625 error = bus_dmamem_alloc(sc->sc_dmat, 626 IWI_TX_DESC_SIZE * count, PAGE_SIZE, 0, 627 &ring->desc_seg, 1, &nsegs, BUS_DMA_NOWAIT); 628 if (error != 0) { 629 aprint_error("%s: could not allocate tx ring DMA memory\n", 630 sc->sc_dev.dv_xname); 631 goto fail; 632 } 633 634 error = bus_dmamem_map(sc->sc_dmat, &ring->desc_seg, nsegs, 635 IWI_TX_DESC_SIZE * count, 636 (caddr_t *)&ring->desc, BUS_DMA_NOWAIT); 637 if (error != 0) { 638 aprint_error("%s: could not map tx ring DMA memory\n", 639 sc->sc_dev.dv_xname); 640 goto fail; 641 } 642 643 error = bus_dmamap_load(sc->sc_dmat, ring->desc_map, ring->desc, 644 IWI_TX_DESC_SIZE * count, NULL, 645 BUS_DMA_NOWAIT); 646 if (error != 0) { 647 aprint_error("%s: could not load tx ring DMA map\n", 648 sc->sc_dev.dv_xname); 649 goto fail; 650 } 651 652 memset(ring->desc, 0, IWI_TX_DESC_SIZE * count); 653 654 ring->data = malloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 655 M_NOWAIT | M_ZERO); 656 if (ring->data == NULL) { 657 aprint_error("%s: could not allocate soft data\n", 658 sc->sc_dev.dv_xname); 659 error = ENOMEM; 660 goto fail; 661 } 662 663 /* 664 * Allocate Tx buffers DMA maps 665 */ 666 for (i = 0; i < count; i++) { 667 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, IWI_MAX_NSEG, 668 MCLBYTES, 0, BUS_DMA_NOWAIT, &ring->data[i].map); 669 if (error != 0) { 670 aprint_error("%s: could not create tx buf DMA map", 671 sc->sc_dev.dv_xname); 672 goto fail; 673 } 674 } 675 return 0; 676 677 fail: iwi_free_tx_ring(sc, ring); 678 return error; 679 } 680 681 static void 682 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 683 { 684 struct iwi_tx_data *data; 685 int i; 686 687 for (i = 0; i < ring->count; i++) { 688 data = &ring->data[i]; 689 690 if (data->m != NULL) { 691 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 692 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 693 bus_dmamap_unload(sc->sc_dmat, data->map); 694 m_freem(data->m); 695 data->m = NULL; 696 } 697 698 if (data->ni != NULL) { 699 ieee80211_free_node(data->ni); 700 data->ni = NULL; 701 } 702 } 703 704 ring->queued = 0; 705 ring->cur = ring->next = 0; 706 } 707 708 static void 709 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 710 { 711 int i; 712 713 if (ring->desc_map != NULL) { 714 if (ring->desc != NULL) { 715 bus_dmamap_unload(sc->sc_dmat, ring->desc_map); 716 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc, 717 IWI_TX_DESC_SIZE * ring->count); 718 bus_dmamem_free(sc->sc_dmat, &ring->desc_seg, 1); 719 } 720 bus_dmamap_destroy(sc->sc_dmat, ring->desc_map); 721 } 722 723 for (i = 0; i < ring->count; i++) { 724 if (ring->data[i].m != NULL) { 725 bus_dmamap_unload(sc->sc_dmat, ring->data[i].map); 726 m_freem(ring->data[i].m); 727 } 728 bus_dmamap_destroy(sc->sc_dmat, ring->data[i].map); 729 } 730 } 731 732 static int 733 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, 734 int count) 735 { 736 int i, error; 737 738 ring->count = count; 739 ring->cur = 0; 740 741 ring->data = malloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 742 M_NOWAIT | M_ZERO); 743 if (ring->data == NULL) { 744 aprint_error("%s: could not allocate soft data\n", 745 sc->sc_dev.dv_xname); 746 error = ENOMEM; 747 goto fail; 748 } 749 750 /* 751 * Allocate and map Rx buffers 752 */ 753 for (i = 0; i < count; i++) { 754 755 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 756 0, BUS_DMA_WAITOK | BUS_DMA_ALLOCNOW, &ring->data[i].map); 757 if (error != 0) { 758 aprint_error("%s: could not create rx buf DMA map", 759 sc->sc_dev.dv_xname); 760 goto fail; 761 } 762 763 if ((ring->data[i].m = iwi_alloc_rx_buf(sc)) == NULL) { 764 error = ENOMEM; 765 goto fail; 766 } 767 768 error = bus_dmamap_load_mbuf(sc->sc_dmat, ring->data[i].map, 769 ring->data[i].m, BUS_DMA_READ | BUS_DMA_NOWAIT); 770 if (error != 0) { 771 aprint_error("%s: could not load rx buffer DMA map\n", 772 sc->sc_dev.dv_xname); 773 goto fail; 774 } 775 776 bus_dmamap_sync(sc->sc_dmat, ring->data[i].map, 0, 777 ring->data[i].map->dm_mapsize, BUS_DMASYNC_PREREAD); 778 } 779 780 return 0; 781 782 fail: iwi_free_rx_ring(sc, ring); 783 return error; 784 } 785 786 static void 787 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 788 { 789 ring->cur = 0; 790 } 791 792 static void 793 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 794 { 795 int i; 796 797 for (i = 0; i < ring->count; i++) { 798 if (ring->data[i].m != NULL) { 799 bus_dmamap_unload(sc->sc_dmat, ring->data[i].map); 800 m_freem(ring->data[i].m); 801 } 802 bus_dmamap_destroy(sc->sc_dmat, ring->data[i].map); 803 } 804 } 805 806 static void 807 iwi_shutdown(void *arg) 808 { 809 struct iwi_softc *sc = (struct iwi_softc *)arg; 810 struct ifnet *ifp = sc->sc_ic.ic_ifp; 811 812 iwi_stop(ifp, 1); 813 } 814 815 static int 816 iwi_suspend(struct iwi_softc *sc) 817 { 818 struct ifnet *ifp = sc->sc_ic.ic_ifp; 819 820 iwi_stop(ifp, 1); 821 822 return 0; 823 } 824 825 static int 826 iwi_resume(struct iwi_softc *sc) 827 { 828 struct ifnet *ifp = sc->sc_ic.ic_ifp; 829 pcireg_t data; 830 831 /* clear device specific PCI configuration register 0x41 */ 832 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 833 data &= ~0x0000ff00; 834 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 835 836 if (ifp->if_flags & IFF_UP) { 837 iwi_init(ifp); 838 if (ifp->if_flags & IFF_RUNNING) 839 iwi_start(ifp); 840 } 841 842 return 0; 843 } 844 845 static void 846 iwi_powerhook(int why, void *arg) 847 { 848 struct iwi_softc *sc = arg; 849 pci_chipset_tag_t pc = sc->sc_pct; 850 pcitag_t tag = sc->sc_pcitag; 851 int s; 852 853 s = splnet(); 854 switch (why) { 855 case PWR_SUSPEND: 856 case PWR_STANDBY: 857 pci_conf_capture(pc, tag, &sc->sc_pciconf); 858 break; 859 case PWR_RESUME: 860 pci_conf_restore(pc, tag, &sc->sc_pciconf); 861 break; 862 case PWR_SOFTSUSPEND: 863 case PWR_SOFTSTANDBY: 864 iwi_suspend(sc); 865 break; 866 case PWR_SOFTRESUME: 867 iwi_resume(sc); 868 break; 869 } 870 splx(s); 871 } 872 873 static struct ieee80211_node * 874 iwi_node_alloc(struct ieee80211_node_table *nt) 875 { 876 struct iwi_node *in; 877 878 in = malloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 879 if (in == NULL) 880 return NULL; 881 882 in->in_station = -1; 883 884 return &in->in_node; 885 } 886 887 static int 888 iwi_alloc_unr(struct iwi_softc *sc) 889 { 890 int i; 891 892 for (i = 0; i < IWI_MAX_IBSSNODE - 1; i++) 893 if ((sc->sc_unr & (1 << i)) == 0) { 894 sc->sc_unr |= 1 << i; 895 return i; 896 } 897 898 return -1; 899 } 900 901 static void 902 iwi_free_unr(struct iwi_softc *sc, int r) 903 { 904 905 sc->sc_unr &= 1 << r; 906 } 907 908 static void 909 iwi_node_free(struct ieee80211_node *ni) 910 { 911 struct ieee80211com *ic = ni->ni_ic; 912 struct iwi_softc *sc = ic->ic_ifp->if_softc; 913 struct iwi_node *in = (struct iwi_node *)ni; 914 915 if (in->in_station != -1) 916 iwi_free_unr(sc, in->in_station); 917 918 sc->sc_node_free(ni); 919 } 920 921 static int 922 iwi_media_change(struct ifnet *ifp) 923 { 924 int error; 925 926 error = ieee80211_media_change(ifp); 927 if (error != ENETRESET) 928 return error; 929 930 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 931 iwi_init(ifp); 932 933 return 0; 934 } 935 936 /* 937 * The firmware automatically adapts the transmit speed. We report its current 938 * value here. 939 */ 940 static void 941 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 942 { 943 struct iwi_softc *sc = ifp->if_softc; 944 struct ieee80211com *ic = &sc->sc_ic; 945 #define N(a) (sizeof (a) / sizeof (a[0])) 946 static const struct { 947 uint32_t val; 948 int rate; 949 } rates[] = { 950 { IWI_RATE_DS1, 2 }, 951 { IWI_RATE_DS2, 4 }, 952 { IWI_RATE_DS5, 11 }, 953 { IWI_RATE_DS11, 22 }, 954 { IWI_RATE_OFDM6, 12 }, 955 { IWI_RATE_OFDM9, 18 }, 956 { IWI_RATE_OFDM12, 24 }, 957 { IWI_RATE_OFDM18, 36 }, 958 { IWI_RATE_OFDM24, 48 }, 959 { IWI_RATE_OFDM36, 72 }, 960 { IWI_RATE_OFDM48, 96 }, 961 { IWI_RATE_OFDM54, 108 }, 962 }; 963 uint32_t val; 964 int rate, i; 965 966 imr->ifm_status = IFM_AVALID; 967 imr->ifm_active = IFM_IEEE80211; 968 if (ic->ic_state == IEEE80211_S_RUN) 969 imr->ifm_status |= IFM_ACTIVE; 970 971 /* read current transmission rate from adapter */ 972 val = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE); 973 974 /* convert rate to 802.11 rate */ 975 for (i = 0; i < N(rates) && rates[i].val != val; i++); 976 rate = (i < N(rates)) ? rates[i].rate : 0; 977 978 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 979 switch (ic->ic_opmode) { 980 case IEEE80211_M_STA: 981 break; 982 983 case IEEE80211_M_IBSS: 984 imr->ifm_active |= IFM_IEEE80211_ADHOC; 985 break; 986 987 case IEEE80211_M_MONITOR: 988 imr->ifm_active |= IFM_IEEE80211_MONITOR; 989 break; 990 991 case IEEE80211_M_AHDEMO: 992 case IEEE80211_M_HOSTAP: 993 /* should not get there */ 994 break; 995 } 996 #undef N 997 } 998 999 static int 1000 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1001 { 1002 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1003 1004 switch (nstate) { 1005 case IEEE80211_S_SCAN: 1006 if (sc->flags & IWI_FLAG_SCANNING) 1007 break; 1008 1009 ieee80211_node_table_reset(&ic->ic_scan); 1010 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1011 sc->flags |= IWI_FLAG_SCANNING; 1012 /* blink the led while scanning */ 1013 iwi_led_set(sc, IWI_LED_ASSOCIATED, 1); 1014 iwi_scan(sc); 1015 break; 1016 1017 case IEEE80211_S_AUTH: 1018 iwi_auth_and_assoc(sc); 1019 break; 1020 1021 case IEEE80211_S_RUN: 1022 if (ic->ic_opmode == IEEE80211_M_IBSS) 1023 ieee80211_new_state(ic, IEEE80211_S_AUTH, -1); 1024 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1025 iwi_set_chan(sc, ic->ic_ibss_chan); 1026 1027 return (*sc->sc_newstate)(ic, nstate, 1028 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1029 1030 case IEEE80211_S_ASSOC: 1031 iwi_led_set(sc, IWI_LED_ASSOCIATED, 0); 1032 break; 1033 1034 case IEEE80211_S_INIT: 1035 sc->flags &= ~IWI_FLAG_SCANNING; 1036 return (*sc->sc_newstate)(ic, nstate, arg); 1037 } 1038 1039 ic->ic_state = nstate; 1040 return 0; 1041 } 1042 1043 /* 1044 * WME parameters coming from IEEE 802.11e specification. These values are 1045 * already declared in ieee80211_proto.c, but they are static so they can't 1046 * be reused here. 1047 */ 1048 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1049 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1050 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1051 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1052 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1053 }; 1054 1055 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1056 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1057 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1058 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1059 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1060 }; 1061 1062 static int 1063 iwi_wme_update(struct ieee80211com *ic) 1064 { 1065 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1066 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1067 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1068 struct iwi_wme_params wme[3]; 1069 const struct wmeParams *wmep; 1070 int ac; 1071 1072 /* 1073 * We shall not override firmware default WME values if WME is not 1074 * actually enabled. 1075 */ 1076 if (!(ic->ic_flags & IEEE80211_F_WME)) 1077 return 0; 1078 1079 for (ac = 0; ac < WME_NUM_AC; ac++) { 1080 /* set WME values for current operating mode */ 1081 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1082 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1083 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1084 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1085 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1086 wme[0].acm[ac] = wmep->wmep_acm; 1087 1088 /* set WME values for CCK modulation */ 1089 wmep = &iwi_wme_cck_params[ac]; 1090 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1091 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1092 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1093 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1094 wme[1].acm[ac] = wmep->wmep_acm; 1095 1096 /* set WME values for OFDM modulation */ 1097 wmep = &iwi_wme_ofdm_params[ac]; 1098 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1099 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1100 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1101 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1102 wme[2].acm[ac] = wmep->wmep_acm; 1103 } 1104 1105 DPRINTF(("Setting WME parameters\n")); 1106 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1107 #undef IWI_USEC 1108 #undef IWI_EXP2 1109 } 1110 1111 /* 1112 * Read 16 bits at address 'addr' from the serial EEPROM. 1113 */ 1114 static uint16_t 1115 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1116 { 1117 uint32_t tmp; 1118 uint16_t val; 1119 int n; 1120 1121 /* Clock C once before the first command */ 1122 IWI_EEPROM_CTL(sc, 0); 1123 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1124 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1125 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1126 1127 /* Write start bit (1) */ 1128 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1129 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1130 1131 /* Write READ opcode (10) */ 1132 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1133 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1134 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1135 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1136 1137 /* Write address A7-A0 */ 1138 for (n = 7; n >= 0; n--) { 1139 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1140 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1141 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1142 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1143 } 1144 1145 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1146 1147 /* Read data Q15-Q0 */ 1148 val = 0; 1149 for (n = 15; n >= 0; n--) { 1150 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1151 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1152 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1153 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1154 } 1155 1156 IWI_EEPROM_CTL(sc, 0); 1157 1158 /* Clear Chip Select and clock C */ 1159 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1160 IWI_EEPROM_CTL(sc, 0); 1161 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1162 1163 return val; 1164 } 1165 1166 /* 1167 * XXX: Hack to set the current channel to the value advertised in beacons or 1168 * probe responses. Only used during AP detection. 1169 */ 1170 static void 1171 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1172 { 1173 struct ieee80211_frame *wh; 1174 uint8_t subtype; 1175 uint8_t *frm, *efrm; 1176 1177 wh = mtod(m, struct ieee80211_frame *); 1178 1179 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1180 return; 1181 1182 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1183 1184 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1185 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1186 return; 1187 1188 frm = (uint8_t *)(wh + 1); 1189 efrm = mtod(m, uint8_t *) + m->m_len; 1190 1191 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1192 while (frm < efrm) { 1193 if (*frm == IEEE80211_ELEMID_DSPARMS) 1194 #if IEEE80211_CHAN_MAX < 255 1195 if (frm[2] <= IEEE80211_CHAN_MAX) 1196 #endif 1197 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1198 1199 frm += frm[1] + 2; 1200 } 1201 } 1202 1203 static struct mbuf * 1204 iwi_alloc_rx_buf(struct iwi_softc *sc) 1205 { 1206 struct mbuf *m; 1207 1208 MGETHDR(m, M_DONTWAIT, MT_DATA); 1209 if (m == NULL) { 1210 aprint_error("%s: could not allocate rx mbuf\n", 1211 sc->sc_dev.dv_xname); 1212 return NULL; 1213 } 1214 1215 MCLGET(m, M_DONTWAIT); 1216 if (!(m->m_flags & M_EXT)) { 1217 aprint_error("%s: could not allocate rx mbuf cluster\n", 1218 sc->sc_dev.dv_xname); 1219 m_freem(m); 1220 return NULL; 1221 } 1222 1223 m->m_pkthdr.len = m->m_len = m->m_ext.ext_size; 1224 return m; 1225 } 1226 1227 static void 1228 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1229 struct iwi_frame *frame) 1230 { 1231 struct ieee80211com *ic = &sc->sc_ic; 1232 struct ifnet *ifp = ic->ic_ifp; 1233 struct mbuf *m, *m_new; 1234 struct ieee80211_frame *wh; 1235 struct ieee80211_node *ni; 1236 int error; 1237 1238 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1239 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1240 1241 if (le16toh(frame->len) < sizeof (struct ieee80211_frame) || 1242 le16toh(frame->len) > MCLBYTES) { 1243 DPRINTF(("%s: bad frame length\n", sc->sc_dev.dv_xname)); 1244 ifp->if_ierrors++; 1245 return; 1246 } 1247 1248 /* 1249 * Try to allocate a new mbuf for this ring element and 1250 * load it before processing the current mbuf. If the ring 1251 * element cannot be reloaded, drop the received packet 1252 * and reuse the old mbuf. In the unlikely case that 1253 * the old mbuf can't be reloaded either, explicitly panic. 1254 * 1255 * XXX Reorganize buffer by moving elements from the logical 1256 * end of the ring to the front instead of dropping. 1257 */ 1258 if ((m_new = iwi_alloc_rx_buf(sc)) == NULL) { 1259 ifp->if_ierrors++; 1260 return; 1261 } 1262 1263 bus_dmamap_unload(sc->sc_dmat, data->map); 1264 1265 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m_new, 1266 BUS_DMA_READ | BUS_DMA_NOWAIT); 1267 if (error != 0) { 1268 aprint_error("%s: could not load rx buf DMA map\n", 1269 sc->sc_dev.dv_xname); 1270 m_freem(m_new); 1271 ifp->if_ierrors++; 1272 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, 1273 data->m, BUS_DMA_READ | BUS_DMA_NOWAIT); 1274 if (error) 1275 panic("%s: unable to remap rx buf", 1276 sc->sc_dev.dv_xname); 1277 return; 1278 } 1279 1280 /* 1281 * New mbuf successfully loaded, update RX ring and continue 1282 * processing. 1283 */ 1284 m = data->m; 1285 data->m = m_new; 1286 CSR_WRITE_4(sc, IWI_CSR_RX_BASE + i * 4, data->map->dm_segs[0].ds_addr); 1287 1288 /* Finalize mbuf */ 1289 m->m_pkthdr.rcvif = ifp; 1290 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1291 sizeof (struct iwi_frame) + le16toh(frame->len); 1292 1293 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1294 1295 if (ic->ic_state == IEEE80211_S_SCAN) 1296 iwi_fix_channel(ic, m); 1297 1298 #if NBPFILTER > 0 1299 if (sc->sc_drvbpf != NULL) { 1300 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1301 1302 tap->wr_flags = 0; 1303 tap->wr_rate = frame->rate; 1304 tap->wr_chan_freq = 1305 htole16(ic->ic_channels[frame->chan].ic_freq); 1306 tap->wr_chan_flags = 1307 htole16(ic->ic_channels[frame->chan].ic_flags); 1308 tap->wr_antsignal = frame->signal; 1309 tap->wr_antenna = frame->antenna; 1310 1311 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1312 } 1313 #endif 1314 1315 wh = mtod(m, struct ieee80211_frame *); 1316 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1317 1318 /* Send the frame to the upper layer */ 1319 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1320 1321 /* node is no longer needed */ 1322 ieee80211_free_node(ni); 1323 } 1324 1325 static void 1326 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1327 { 1328 struct ieee80211com *ic = &sc->sc_ic; 1329 struct iwi_notif_scan_channel *chan; 1330 struct iwi_notif_scan_complete *scan; 1331 struct iwi_notif_authentication *auth; 1332 struct iwi_notif_association *assoc; 1333 1334 switch (notif->type) { 1335 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1336 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1337 1338 DPRINTFN(2, ("Finished scanning channel (%u)\n", chan->nchan)); 1339 break; 1340 1341 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1342 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1343 1344 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1345 scan->status)); 1346 1347 /* monitor mode uses scan to set the channel ... */ 1348 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1349 sc->flags &= ~IWI_FLAG_SCANNING; 1350 ieee80211_end_scan(ic); 1351 } else 1352 iwi_set_chan(sc, ic->ic_ibss_chan); 1353 break; 1354 1355 case IWI_NOTIF_TYPE_AUTHENTICATION: 1356 auth = (struct iwi_notif_authentication *)(notif + 1); 1357 1358 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1359 1360 switch (auth->state) { 1361 case IWI_AUTHENTICATED: 1362 ieee80211_node_authorize(ic->ic_bss); 1363 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1364 break; 1365 1366 case IWI_DEAUTHENTICATED: 1367 break; 1368 1369 default: 1370 aprint_error("%s: unknown authentication state %u\n", 1371 sc->sc_dev.dv_xname, auth->state); 1372 } 1373 break; 1374 1375 case IWI_NOTIF_TYPE_ASSOCIATION: 1376 assoc = (struct iwi_notif_association *)(notif + 1); 1377 1378 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1379 assoc->status)); 1380 1381 switch (assoc->state) { 1382 case IWI_AUTHENTICATED: 1383 /* re-association, do nothing */ 1384 break; 1385 1386 case IWI_ASSOCIATED: 1387 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1388 break; 1389 1390 case IWI_DEASSOCIATED: 1391 ieee80211_begin_scan(ic, 1); 1392 break; 1393 1394 default: 1395 aprint_error("%s: unknown association state %u\n", 1396 sc->sc_dev.dv_xname, assoc->state); 1397 } 1398 break; 1399 1400 case IWI_NOTIF_TYPE_CALIBRATION: 1401 case IWI_NOTIF_TYPE_BEACON: 1402 case IWI_NOTIF_TYPE_NOISE: 1403 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1404 break; 1405 1406 default: 1407 aprint_error("%s: unknown notification type %u\n", 1408 sc->sc_dev.dv_xname, notif->type); 1409 } 1410 } 1411 1412 static void 1413 iwi_cmd_intr(struct iwi_softc *sc) 1414 { 1415 uint32_t hw; 1416 1417 hw = CSR_READ_4(sc, IWI_CSR_CMD_RIDX); 1418 1419 for (; sc->cmdq.next != hw;) { 1420 bus_dmamap_sync(sc->sc_dmat, sc->cmdq.desc_map, 1421 sc->cmdq.next * IWI_CMD_DESC_SIZE, IWI_CMD_DESC_SIZE, 1422 BUS_DMASYNC_POSTWRITE); 1423 1424 wakeup(&sc->cmdq.desc[sc->cmdq.next]); 1425 sc->cmdq.next = (sc->cmdq.next + 1) % sc->cmdq.count; 1426 } 1427 } 1428 1429 static void 1430 iwi_rx_intr(struct iwi_softc *sc) 1431 { 1432 struct iwi_rx_data *data; 1433 struct iwi_hdr *hdr; 1434 uint32_t hw; 1435 1436 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1437 1438 for (; sc->rxq.cur != hw;) { 1439 data = &sc->rxq.data[sc->rxq.cur]; 1440 1441 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1442 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1443 1444 hdr = mtod(data->m, struct iwi_hdr *); 1445 1446 switch (hdr->type) { 1447 case IWI_HDR_TYPE_FRAME: 1448 iwi_frame_intr(sc, data, sc->rxq.cur, 1449 (struct iwi_frame *)(hdr + 1)); 1450 break; 1451 1452 case IWI_HDR_TYPE_NOTIF: 1453 iwi_notification_intr(sc, 1454 (struct iwi_notif *)(hdr + 1)); 1455 break; 1456 1457 default: 1458 aprint_error("%s: unknown hdr type %u\n", 1459 sc->sc_dev.dv_xname, hdr->type); 1460 } 1461 1462 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1463 data->map->dm_mapsize, BUS_DMASYNC_PREREAD); 1464 1465 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1466 1467 sc->rxq.cur = (sc->rxq.cur + 1) % sc->rxq.count; 1468 } 1469 1470 1471 /* Tell the firmware what we have processed */ 1472 hw = (hw == 0) ? sc->rxq.count - 1 : hw - 1; 1473 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1474 } 1475 1476 static void 1477 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1478 { 1479 struct ifnet *ifp = &sc->sc_if; 1480 struct iwi_tx_data *data; 1481 uint32_t hw; 1482 1483 hw = CSR_READ_4(sc, txq->csr_ridx); 1484 1485 for (; txq->next != hw;) { 1486 data = &txq->data[txq->next]; 1487 1488 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1489 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1490 bus_dmamap_unload(sc->sc_dmat, data->map); 1491 m_freem(data->m); 1492 data->m = NULL; 1493 ieee80211_free_node(data->ni); 1494 data->ni = NULL; 1495 1496 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1497 1498 ifp->if_opackets++; 1499 1500 txq->queued--; 1501 txq->next = (txq->next + 1) % txq->count; 1502 } 1503 1504 sc->sc_tx_timer = 0; 1505 ifp->if_flags &= ~IFF_OACTIVE; 1506 1507 /* Call start() since some buffer descriptors have been released */ 1508 (*ifp->if_start)(ifp); 1509 } 1510 1511 static int 1512 iwi_intr(void *arg) 1513 { 1514 struct iwi_softc *sc = arg; 1515 uint32_t r; 1516 1517 if ((r = CSR_READ_4(sc, IWI_CSR_INTR)) == 0 || r == 0xffffffff) 1518 return 0; 1519 1520 /* Acknowledge interrupts */ 1521 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1522 1523 if (r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR)) { 1524 aprint_error("%s: fatal error\n", sc->sc_dev.dv_xname); 1525 if (r & IWI_INTR_FATAL_ERROR) 1526 iwi_error_log(sc); 1527 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1528 iwi_stop(&sc->sc_if, 1); 1529 return (1); 1530 } 1531 1532 if (r & IWI_INTR_FW_INITED) { 1533 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1534 wakeup(sc); 1535 } 1536 1537 if (r & IWI_INTR_RADIO_OFF) { 1538 DPRINTF(("radio transmitter off\n")); 1539 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1540 iwi_stop(&sc->sc_if, 1); 1541 return (1); 1542 } 1543 1544 if (r & IWI_INTR_CMD_DONE) 1545 iwi_cmd_intr(sc); 1546 1547 if (r & IWI_INTR_TX1_DONE) 1548 iwi_tx_intr(sc, &sc->txq[0]); 1549 1550 if (r & IWI_INTR_TX2_DONE) 1551 iwi_tx_intr(sc, &sc->txq[1]); 1552 1553 if (r & IWI_INTR_TX3_DONE) 1554 iwi_tx_intr(sc, &sc->txq[2]); 1555 1556 if (r & IWI_INTR_TX4_DONE) 1557 iwi_tx_intr(sc, &sc->txq[3]); 1558 1559 if (r & IWI_INTR_RX_DONE) 1560 iwi_rx_intr(sc); 1561 1562 return 1; 1563 } 1564 1565 static int 1566 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, 1567 int async) 1568 { 1569 struct iwi_cmd_desc *desc; 1570 1571 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1572 1573 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1574 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1575 desc->type = type; 1576 desc->len = len; 1577 memcpy(desc->data, data, len); 1578 1579 bus_dmamap_sync(sc->sc_dmat, sc->cmdq.desc_map, 1580 sc->cmdq.cur * IWI_CMD_DESC_SIZE, 1581 IWI_CMD_DESC_SIZE, BUS_DMASYNC_PREWRITE); 1582 1583 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1584 type, len)); 1585 1586 sc->cmdq.cur = (sc->cmdq.cur + 1) % sc->cmdq.count; 1587 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1588 1589 return async ? 0 : tsleep(desc, 0, "iwicmd", hz); 1590 } 1591 1592 static void 1593 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1594 { 1595 struct iwi_ibssnode node; 1596 1597 /* write node information into NIC memory */ 1598 memset(&node, 0, sizeof node); 1599 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1600 1601 CSR_WRITE_REGION_1(sc, 1602 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1603 (uint8_t *)&node, sizeof node); 1604 } 1605 1606 static int 1607 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1608 int ac) 1609 { 1610 struct iwi_softc *sc = ifp->if_softc; 1611 struct ieee80211com *ic = &sc->sc_ic; 1612 struct iwi_node *in = (struct iwi_node *)ni; 1613 struct ieee80211_frame *wh; 1614 struct ieee80211_key *k; 1615 const struct chanAccParams *cap; 1616 struct iwi_tx_ring *txq = &sc->txq[ac]; 1617 struct iwi_tx_data *data; 1618 struct iwi_tx_desc *desc; 1619 struct mbuf *mnew; 1620 int error, hdrlen, i, noack = 0; 1621 1622 wh = mtod(m0, struct ieee80211_frame *); 1623 1624 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1625 hdrlen = sizeof (struct ieee80211_qosframe); 1626 cap = &ic->ic_wme.wme_chanParams; 1627 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1628 } else 1629 hdrlen = sizeof (struct ieee80211_frame); 1630 1631 /* 1632 * This is only used in IBSS mode where the firmware expect an index 1633 * in a h/w table instead of a destination address. 1634 */ 1635 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1636 in->in_station = iwi_alloc_unr(sc); 1637 1638 if (in->in_station == -1) { /* h/w table is full */ 1639 m_freem(m0); 1640 ieee80211_free_node(ni); 1641 ifp->if_oerrors++; 1642 return 0; 1643 } 1644 iwi_write_ibssnode(sc, in); 1645 } 1646 1647 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1648 k = ieee80211_crypto_encap(ic, ni, m0); 1649 if (k == NULL) { 1650 m_freem(m0); 1651 return ENOBUFS; 1652 } 1653 1654 /* packet header may have moved, reset our local pointer */ 1655 wh = mtod(m0, struct ieee80211_frame *); 1656 } 1657 1658 #if NBPFILTER > 0 1659 if (sc->sc_drvbpf != NULL) { 1660 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1661 1662 tap->wt_flags = 0; 1663 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1664 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1665 1666 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1667 } 1668 #endif 1669 1670 data = &txq->data[txq->cur]; 1671 desc = &txq->desc[txq->cur]; 1672 1673 /* save and trim IEEE802.11 header */ 1674 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1675 m_adj(m0, hdrlen); 1676 1677 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1678 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1679 if (error != 0 && error != EFBIG) { 1680 aprint_error("%s: could not map mbuf (error %d)\n", 1681 sc->sc_dev.dv_xname, error); 1682 m_freem(m0); 1683 return error; 1684 } 1685 if (error != 0) { 1686 /* too many fragments, linearize */ 1687 1688 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1689 if (mnew == NULL) { 1690 m_freem(m0); 1691 return ENOMEM; 1692 } 1693 1694 M_COPY_PKTHDR(mnew, m0); 1695 1696 /* If the data won't fit in the header, get a cluster */ 1697 if (m0->m_pkthdr.len > MHLEN) { 1698 MCLGET(mnew, M_DONTWAIT); 1699 if (!(mnew->m_flags & M_EXT)) { 1700 m_freem(m0); 1701 m_freem(mnew); 1702 return ENOMEM; 1703 } 1704 } 1705 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, caddr_t)); 1706 m_freem(m0); 1707 mnew->m_len = mnew->m_pkthdr.len; 1708 m0 = mnew; 1709 1710 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1711 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1712 if (error != 0) { 1713 aprint_error("%s: could not map mbuf (error %d)\n", 1714 sc->sc_dev.dv_xname, error); 1715 m_freem(m0); 1716 return error; 1717 } 1718 } 1719 1720 data->m = m0; 1721 data->ni = ni; 1722 1723 desc->hdr.type = IWI_HDR_TYPE_DATA; 1724 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1725 desc->station = 1726 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1727 desc->cmd = IWI_DATA_CMD_TX; 1728 desc->len = htole16(m0->m_pkthdr.len); 1729 desc->flags = 0; 1730 desc->xflags = 0; 1731 1732 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1733 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1734 1735 #if 0 1736 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1737 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1738 desc->wep_txkey = ic->ic_crypto.cs_def_txkey; 1739 } else 1740 #endif 1741 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1742 1743 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1744 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1745 1746 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1747 desc->xflags |= IWI_DATA_XFLAG_QOS; 1748 1749 desc->nseg = htole32(data->map->dm_nsegs); 1750 for (i = 0; i < data->map->dm_nsegs; i++) { 1751 desc->seg_addr[i] = htole32(data->map->dm_segs[i].ds_addr); 1752 desc->seg_len[i] = htole16(data->map->dm_segs[i].ds_len); 1753 } 1754 1755 bus_dmamap_sync(sc->sc_dmat, txq->desc_map, 1756 txq->cur * IWI_TX_DESC_SIZE, 1757 IWI_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE); 1758 1759 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1760 BUS_DMASYNC_PREWRITE); 1761 1762 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1763 ac, txq->cur, le16toh(desc->len), le32toh(desc->nseg))); 1764 1765 /* Inform firmware about this new packet */ 1766 txq->queued++; 1767 txq->cur = (txq->cur + 1) % txq->count; 1768 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1769 1770 return 0; 1771 } 1772 1773 static void 1774 iwi_start(struct ifnet *ifp) 1775 { 1776 struct iwi_softc *sc = ifp->if_softc; 1777 struct ieee80211com *ic = &sc->sc_ic; 1778 struct mbuf *m0; 1779 struct ether_header *eh; 1780 struct ieee80211_node *ni; 1781 int ac; 1782 1783 if (ic->ic_state != IEEE80211_S_RUN) 1784 return; 1785 1786 for (;;) { 1787 IF_DEQUEUE(&ifp->if_snd, m0); 1788 if (m0 == NULL) 1789 break; 1790 1791 if (m0->m_len < sizeof (struct ether_header) && 1792 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1793 ifp->if_oerrors++; 1794 continue; 1795 } 1796 1797 eh = mtod(m0, struct ether_header *); 1798 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1799 if (ni == NULL) { 1800 m_freem(m0); 1801 ifp->if_oerrors++; 1802 continue; 1803 } 1804 1805 /* classify mbuf so we can find which tx ring to use */ 1806 if (ieee80211_classify(ic, m0, ni) != 0) { 1807 m_freem(m0); 1808 ieee80211_free_node(ni); 1809 ifp->if_oerrors++; 1810 continue; 1811 } 1812 1813 /* no QoS encapsulation for EAPOL frames */ 1814 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1815 M_WME_GETAC(m0) : WME_AC_BE; 1816 1817 if (sc->txq[ac].queued > sc->txq[ac].count - 8) { 1818 /* there is no place left in this ring */ 1819 IF_PREPEND(&ifp->if_snd, m0); 1820 ifp->if_flags |= IFF_OACTIVE; 1821 break; 1822 } 1823 1824 #if NBPFILTER > 0 1825 if (ifp->if_bpf != NULL) 1826 bpf_mtap(ifp->if_bpf, m0); 1827 #endif 1828 1829 m0 = ieee80211_encap(ic, m0, ni); 1830 if (m0 == NULL) { 1831 ieee80211_free_node(ni); 1832 ifp->if_oerrors++; 1833 continue; 1834 } 1835 1836 #if NBPFILTER > 0 1837 if (ic->ic_rawbpf != NULL) 1838 bpf_mtap(ic->ic_rawbpf, m0); 1839 #endif 1840 1841 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1842 ieee80211_free_node(ni); 1843 ifp->if_oerrors++; 1844 break; 1845 } 1846 1847 /* start watchdog timer */ 1848 sc->sc_tx_timer = 5; 1849 ifp->if_timer = 1; 1850 } 1851 } 1852 1853 static void 1854 iwi_watchdog(struct ifnet *ifp) 1855 { 1856 struct iwi_softc *sc = ifp->if_softc; 1857 1858 ifp->if_timer = 0; 1859 1860 if (sc->sc_tx_timer > 0) { 1861 if (--sc->sc_tx_timer == 0) { 1862 aprint_error("%s: device timeout\n", 1863 sc->sc_dev.dv_xname); 1864 ifp->if_oerrors++; 1865 ifp->if_flags &= ~IFF_UP; 1866 iwi_stop(ifp, 1); 1867 return; 1868 } 1869 ifp->if_timer = 1; 1870 } 1871 1872 ieee80211_watchdog(&sc->sc_ic); 1873 } 1874 1875 static int 1876 iwi_get_table0(struct iwi_softc *sc, uint32_t *tbl) 1877 { 1878 uint32_t size, buf[128]; 1879 1880 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 1881 memset(buf, 0, sizeof buf); 1882 return copyout(buf, tbl, sizeof buf); 1883 } 1884 1885 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 1886 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 1887 1888 return copyout(buf, tbl, sizeof buf); 1889 } 1890 1891 static int 1892 iwi_get_radio(struct iwi_softc *sc, int *ret) 1893 { 1894 int val; 1895 1896 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 1897 return copyout(&val, ret, sizeof val); 1898 } 1899 1900 static int 1901 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1902 { 1903 #define IS_RUNNING(ifp) \ 1904 ((ifp->if_flags & IFF_UP) && (ifp->if_flags & IFF_RUNNING)) 1905 1906 struct iwi_softc *sc = ifp->if_softc; 1907 struct ieee80211com *ic = &sc->sc_ic; 1908 struct ifreq *ifr = (struct ifreq *)data; 1909 int s, error = 0; 1910 1911 s = splnet(); 1912 1913 switch (cmd) { 1914 case SIOCSIFFLAGS: 1915 if (ifp->if_flags & IFF_UP) { 1916 if (!(ifp->if_flags & IFF_RUNNING)) 1917 iwi_init(ifp); 1918 } else { 1919 if (ifp->if_flags & IFF_RUNNING) 1920 iwi_stop(ifp, 1); 1921 } 1922 break; 1923 1924 case SIOCADDMULTI: 1925 case SIOCDELMULTI: 1926 error = (cmd == SIOCADDMULTI) ? 1927 ether_addmulti(ifr, &sc->sc_ec) : 1928 ether_delmulti(ifr, &sc->sc_ec); 1929 if (error == ENETRESET) { 1930 /* setup multicast filter, etc */ 1931 error = 0; 1932 } 1933 break; 1934 1935 case SIOCGTABLE0: 1936 error = iwi_get_table0(sc, (uint32_t *)ifr->ifr_data); 1937 break; 1938 1939 case SIOCGRADIO: 1940 error = iwi_get_radio(sc, (int *)ifr->ifr_data); 1941 break; 1942 1943 case SIOCSLOADFW: 1944 /* only super-user can do that! */ 1945 if ((error = suser(curproc->p_ucred, &curproc->p_acflag)) != 0) 1946 break; 1947 1948 error = iwi_cache_firmware(sc, ifr->ifr_data); 1949 break; 1950 1951 case SIOCSKILLFW: 1952 /* only super-user can do that! */ 1953 if ((error = suser(curproc->p_ucred, &curproc->p_acflag)) != 0) 1954 break; 1955 1956 ifp->if_flags &= ~IFF_UP; 1957 iwi_stop(ifp, 1); 1958 iwi_free_firmware(sc); 1959 break; 1960 1961 default: 1962 error = ieee80211_ioctl(&sc->sc_ic, cmd, data); 1963 1964 if (error == ENETRESET) { 1965 if (IS_RUNNING(ifp) && 1966 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1967 iwi_init(ifp); 1968 error = 0; 1969 } 1970 } 1971 1972 splx(s); 1973 return error; 1974 #undef IS_RUNNING 1975 } 1976 1977 static void 1978 iwi_stop_master(struct iwi_softc *sc) 1979 { 1980 int ntries; 1981 1982 /* Disable interrupts */ 1983 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1984 1985 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 1986 for (ntries = 0; ntries < 5; ntries++) { 1987 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1988 break; 1989 DELAY(10); 1990 } 1991 if (ntries == 5) 1992 aprint_error("%s: timeout waiting for master\n", 1993 sc->sc_dev.dv_xname); 1994 1995 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 1996 IWI_RST_PRINCETON_RESET); 1997 1998 sc->flags &= ~IWI_FLAG_FW_INITED; 1999 } 2000 2001 static int 2002 iwi_reset(struct iwi_softc *sc) 2003 { 2004 int i, ntries; 2005 2006 iwi_stop_master(sc); 2007 2008 /* Move adapter to D0 state */ 2009 CSR_WRITE_4(sc, IWI_CSR_CTL, CSR_READ_4(sc, IWI_CSR_CTL) | 2010 IWI_CTL_INIT); 2011 2012 /* Initialize Phase-Locked Level (PLL) */ 2013 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 2014 2015 /* Wait for clock stabilization */ 2016 for (ntries = 0; ntries < 1000; ntries++) { 2017 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 2018 break; 2019 DELAY(200); 2020 } 2021 if (ntries == 1000) { 2022 aprint_error("%s: timeout waiting for clock stabilization\n", 2023 sc->sc_dev.dv_xname); 2024 return EIO; 2025 } 2026 2027 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2028 IWI_RST_SW_RESET); 2029 2030 DELAY(10); 2031 2032 CSR_WRITE_4(sc, IWI_CSR_CTL, CSR_READ_4(sc, IWI_CSR_CTL) | 2033 IWI_CTL_INIT); 2034 2035 /* Clear NIC memory */ 2036 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2037 for (i = 0; i < 0xc000; i++) 2038 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2039 2040 return 0; 2041 } 2042 2043 static int 2044 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 2045 { 2046 uint16_t *w; 2047 int ntries, i; 2048 2049 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2050 IWI_RST_STOP_MASTER); 2051 for (ntries = 0; ntries < 5; ntries++) { 2052 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2053 break; 2054 DELAY(10); 2055 } 2056 if (ntries == 5) { 2057 aprint_error("%s: timeout waiting for master\n", 2058 sc->sc_dev.dv_xname); 2059 return EIO; 2060 } 2061 2062 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2063 DELAY(5000); 2064 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) & 2065 ~IWI_RST_PRINCETON_RESET); 2066 DELAY(5000); 2067 MEM_WRITE_4(sc, 0x3000e0, 0); 2068 DELAY(1000); 2069 MEM_WRITE_4(sc, 0x300004, 1); 2070 DELAY(1000); 2071 MEM_WRITE_4(sc, 0x300004, 0); 2072 DELAY(1000); 2073 MEM_WRITE_1(sc, 0x200000, 0x00); 2074 MEM_WRITE_1(sc, 0x200000, 0x40); 2075 DELAY(1000); 2076 2077 /* Adapter is buggy, we must set the address for each word */ 2078 for (w = uc; size > 0; w++, size -= 2) 2079 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2080 2081 MEM_WRITE_1(sc, 0x200000, 0x00); 2082 MEM_WRITE_1(sc, 0x200000, 0x80); 2083 2084 /* Wait until we get a response in the uc queue */ 2085 for (ntries = 0; ntries < 100; ntries++) { 2086 if (MEM_READ_1(sc, 0x200000) & 1) 2087 break; 2088 DELAY(100); 2089 } 2090 if (ntries == 100) { 2091 aprint_error("%s: timeout waiting for ucode to initialize\n", 2092 sc->sc_dev.dv_xname); 2093 return EIO; 2094 } 2095 2096 /* Empty the uc queue or the firmware will not initialize properly */ 2097 for (i = 0; i < 7; i++) 2098 MEM_READ_4(sc, 0x200004); 2099 2100 MEM_WRITE_1(sc, 0x200000, 0x00); 2101 2102 return 0; 2103 } 2104 2105 /* macro to handle unaligned little endian data in firmware image */ 2106 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2107 static int 2108 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2109 { 2110 bus_dmamap_t map; 2111 u_char *p, *end; 2112 uint32_t sentinel, ctl, sum; 2113 uint32_t cs, sl, cd, cl; 2114 int ntries, nsegs, error; 2115 int sn; 2116 2117 nsegs = (size + PAGE_SIZE - 1) / PAGE_SIZE; 2118 2119 /* Create a DMA map for the firmware image */ 2120 error = bus_dmamap_create(sc->sc_dmat, size, nsegs, size, 0, 2121 BUS_DMA_NOWAIT, &map); 2122 if (error != 0) { 2123 aprint_error("%s: could not create firmware DMA map\n", 2124 sc->sc_dev.dv_xname); 2125 goto fail1; 2126 } 2127 2128 error = bus_dmamap_load(sc->sc_dmat, map, fw, size, NULL, 2129 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 2130 if (error != 0) { 2131 aprint_error("%s: could not load fw dma map(%d)\n", 2132 sc->sc_dev.dv_xname, error); 2133 goto fail2; 2134 } 2135 2136 /* Make sure the adapter will get up-to-date values */ 2137 bus_dmamap_sync(sc->sc_dmat, map, 0, size, BUS_DMASYNC_PREWRITE); 2138 2139 /* Tell the adapter where the command blocks are stored */ 2140 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2141 2142 /* 2143 * Store command blocks into adapter's internal memory using register 2144 * indirections. The adapter will read the firmware image through DMA 2145 * using information stored in command blocks. 2146 */ 2147 p = fw; 2148 end = p + size; 2149 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2150 2151 sn = 0; 2152 sl = cl = 0; 2153 cs = cd = 0; 2154 while (p < end) { 2155 if (sl == 0) { 2156 cs = map->dm_segs[sn].ds_addr; 2157 sl = map->dm_segs[sn].ds_len; 2158 sn++; 2159 } 2160 if (cl == 0) { 2161 cd = GETLE32(p); p += 4; cs += 4; sl -= 4; 2162 cl = GETLE32(p); p += 4; cs += 4; sl -= 4; 2163 } 2164 while (sl > 0 && cl > 0) { 2165 int len = min(cl, sl); 2166 2167 sl -= len; 2168 cl -= len; 2169 p += len; 2170 2171 while (len > 0) { 2172 int mlen = min(len, IWI_CB_MAXDATALEN); 2173 2174 ctl = IWI_CB_DEFAULT_CTL | mlen; 2175 sum = ctl ^ cs ^ cd; 2176 2177 /* Write a command block */ 2178 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2179 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, cs); 2180 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, cd); 2181 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2182 2183 cs += mlen; 2184 cd += mlen; 2185 len -= mlen; 2186 } 2187 } 2188 } 2189 2190 /* Write a fictive final command block (sentinel) */ 2191 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2192 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2193 2194 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) & 2195 ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER)); 2196 2197 /* Tell the adapter to start processing command blocks */ 2198 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2199 2200 /* Wait until the adapter has processed all command blocks */ 2201 for (ntries = 0; ntries < 400; ntries++) { 2202 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2203 break; 2204 DELAY(100); 2205 } 2206 if (ntries == 400) { 2207 aprint_error("%s: timeout processing cb\n", 2208 sc->sc_dev.dv_xname); 2209 error = EIO; 2210 goto fail3; 2211 } 2212 2213 /* We're done with command blocks processing */ 2214 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2215 2216 /* Allow interrupts so we know when the firmware is inited */ 2217 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2218 2219 /* Tell the adapter to initialize the firmware */ 2220 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2221 CSR_WRITE_4(sc, IWI_CSR_CTL, CSR_READ_4(sc, IWI_CSR_CTL) | 2222 IWI_CTL_ALLOW_STANDBY); 2223 2224 /* Wait at most one second for firmware initialization to complete */ 2225 if ((error = tsleep(sc, 0, "iwiinit", hz)) != 0) { 2226 aprint_error("%s: timeout waiting for firmware initialization " 2227 "to complete\n", sc->sc_dev.dv_xname); 2228 goto fail3; 2229 } 2230 2231 fail3: 2232 bus_dmamap_sync(sc->sc_dmat, map, 0, size, BUS_DMASYNC_POSTWRITE); 2233 bus_dmamap_unload(sc->sc_dmat, map); 2234 fail2: 2235 bus_dmamap_destroy(sc->sc_dmat, map); 2236 2237 fail1: 2238 return error; 2239 } 2240 2241 /* 2242 * Store firmware into kernel memory so we can download it when we need to, 2243 * e.g when the adapter wakes up from suspend mode. 2244 */ 2245 static int 2246 iwi_cache_firmware(struct iwi_softc *sc, void *data) 2247 { 2248 struct iwi_firmware *kfw = &sc->fw; 2249 struct iwi_firmware ufw; 2250 int error; 2251 2252 iwi_free_firmware(sc); 2253 2254 if ((error = copyin(data, &ufw, sizeof ufw)) != 0) 2255 goto fail1; 2256 2257 kfw->boot_size = ufw.boot_size; 2258 kfw->ucode_size = ufw.ucode_size; 2259 kfw->main_size = ufw.main_size; 2260 2261 kfw->boot = malloc(kfw->boot_size, M_DEVBUF, M_NOWAIT); 2262 if (kfw->boot == NULL) { 2263 error = ENOMEM; 2264 goto fail1; 2265 } 2266 2267 kfw->ucode = malloc(kfw->ucode_size, M_DEVBUF, M_NOWAIT); 2268 if (kfw->ucode == NULL) { 2269 error = ENOMEM; 2270 goto fail2; 2271 } 2272 2273 kfw->main = malloc(kfw->main_size, M_DEVBUF, M_NOWAIT); 2274 if (kfw->main == NULL) { 2275 error = ENOMEM; 2276 goto fail3; 2277 } 2278 2279 if ((error = copyin(ufw.boot, kfw->boot, kfw->boot_size)) != 0) 2280 goto fail4; 2281 2282 if ((error = copyin(ufw.ucode, kfw->ucode, kfw->ucode_size)) != 0) 2283 goto fail4; 2284 2285 if ((error = copyin(ufw.main, kfw->main, kfw->main_size)) != 0) 2286 goto fail4; 2287 2288 DPRINTF(("Firmware cached: boot %u, ucode %u, main %u\n", 2289 kfw->boot_size, kfw->ucode_size, kfw->main_size)); 2290 2291 sc->flags |= IWI_FLAG_FW_CACHED; 2292 2293 return 0; 2294 2295 fail4: free(kfw->boot, M_DEVBUF); 2296 fail3: free(kfw->ucode, M_DEVBUF); 2297 fail2: free(kfw->main, M_DEVBUF); 2298 fail1: 2299 return error; 2300 } 2301 2302 static void 2303 iwi_free_firmware(struct iwi_softc *sc) 2304 { 2305 if (!(sc->flags & IWI_FLAG_FW_CACHED)) 2306 return; 2307 2308 free(sc->fw.boot, M_DEVBUF); 2309 free(sc->fw.ucode, M_DEVBUF); 2310 free(sc->fw.main, M_DEVBUF); 2311 2312 sc->flags &= ~IWI_FLAG_FW_CACHED; 2313 } 2314 2315 static int 2316 iwi_config(struct iwi_softc *sc) 2317 { 2318 struct ieee80211com *ic = &sc->sc_ic; 2319 struct ifnet *ifp = &sc->sc_if; 2320 struct iwi_configuration config; 2321 struct iwi_rateset rs; 2322 struct iwi_txpower power; 2323 struct ieee80211_key *wk; 2324 struct iwi_wep_key wepkey; 2325 uint32_t data; 2326 int error, i; 2327 2328 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2329 DPRINTF(("Setting MAC address to %s\n", ether_sprintf(ic->ic_myaddr))); 2330 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2331 IEEE80211_ADDR_LEN, 0); 2332 if (error != 0) 2333 return error; 2334 2335 memset(&config, 0, sizeof config); 2336 config.bluetooth_coexistence = sc->bluetooth; 2337 config.antenna = sc->antenna; 2338 config.multicast_enabled = 1; 2339 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2340 config.disable_unicast_decryption = 1; 2341 config.disable_multicast_decryption = 1; 2342 DPRINTF(("Configuring adapter\n")); 2343 error = iwi_cmd(sc, IWI_CMD_SET_CONFIGURATION, &config, sizeof config, 2344 0); 2345 if (error != 0) 2346 return error; 2347 2348 data = htole32(IWI_POWER_MODE_CAM); 2349 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2350 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2351 if (error != 0) 2352 return error; 2353 2354 data = htole32(ic->ic_rtsthreshold); 2355 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2356 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2357 if (error != 0) 2358 return error; 2359 2360 data = htole32(ic->ic_fragthreshold); 2361 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2362 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2363 if (error != 0) 2364 return error; 2365 2366 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2367 power.mode = IWI_MODE_11B; 2368 power.nchan = 11; 2369 for (i = 0; i < 11; i++) { 2370 power.chan[i].chan = i + 1; 2371 power.chan[i].power = IWI_TXPOWER_MAX; 2372 } 2373 DPRINTF(("Setting .11b channels tx power\n")); 2374 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2375 0); 2376 if (error != 0) 2377 return error; 2378 2379 power.mode = IWI_MODE_11G; 2380 DPRINTF(("Setting .11g channels tx power\n")); 2381 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2382 0); 2383 if (error != 0) 2384 return error; 2385 } 2386 2387 rs.mode = IWI_MODE_11G; 2388 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2389 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2390 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2391 rs.nrates); 2392 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2393 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2394 if (error != 0) 2395 return error; 2396 2397 rs.mode = IWI_MODE_11A; 2398 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2399 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2400 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2401 rs.nrates); 2402 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2403 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2404 if (error != 0) 2405 return error; 2406 2407 /* if we have a desired ESSID, set it now */ 2408 if (ic->ic_des_esslen != 0) { 2409 #ifdef IWI_DEBUG 2410 if (iwi_debug > 0) { 2411 printf("Setting desired ESSID to "); 2412 ieee80211_print_essid(ic->ic_des_essid, 2413 ic->ic_des_esslen); 2414 printf("\n"); 2415 } 2416 #endif 2417 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2418 ic->ic_des_esslen, 0); 2419 if (error != 0) 2420 return error; 2421 } 2422 2423 data = htole32(arc4random()); 2424 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2425 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2426 if (error != 0) 2427 return error; 2428 2429 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2430 wk = &ic->ic_crypto.cs_nw_keys[i]; 2431 2432 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2433 wepkey.idx = i; 2434 wepkey.len = wk->wk_keylen; 2435 memset(wepkey.key, 0, sizeof wepkey.key); 2436 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2437 DPRINTF(("Setting wep key index %u len %u\n", 2438 wepkey.idx, wepkey.len)); 2439 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2440 sizeof wepkey, 0); 2441 if (error != 0) 2442 return error; 2443 } 2444 2445 /* Enable adapter */ 2446 DPRINTF(("Enabling adapter\n")); 2447 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2448 } 2449 2450 static int 2451 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2452 { 2453 struct ieee80211com *ic = &sc->sc_ic; 2454 struct iwi_scan_v2 scan; 2455 2456 (void)memset(&scan, 0, sizeof scan); 2457 2458 scan.dwelltime[IWI_SCAN_TYPE_PASSIVE] = htole16(2000); 2459 scan.channels[0] = 1 | 2460 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2461 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2462 iwi_scan_type_set(scan, 1, IWI_SCAN_TYPE_PASSIVE); 2463 2464 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2465 return iwi_cmd(sc, IWI_CMD_SCAN_V2, &scan, sizeof scan, 1); 2466 } 2467 2468 static int 2469 iwi_scan(struct iwi_softc *sc) 2470 { 2471 struct ieee80211com *ic = &sc->sc_ic; 2472 struct iwi_scan_v2 scan; 2473 uint32_t type; 2474 uint8_t *p; 2475 int i, count, idx; 2476 2477 (void)memset(&scan, 0, sizeof scan); 2478 scan.dwelltime[IWI_SCAN_TYPE_ACTIVE_BROADCAST] = 2479 htole16(sc->dwelltime); 2480 scan.dwelltime[IWI_SCAN_TYPE_ACTIVE_BDIRECT] = 2481 htole16(sc->dwelltime); 2482 2483 /* tell the firmware about the desired essid */ 2484 if (ic->ic_des_esslen) { 2485 int error; 2486 2487 DPRINTF(("%s: Setting adapter desired ESSID to %s\n", 2488 __func__, ic->ic_des_essid)); 2489 2490 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, 2491 ic->ic_des_essid, ic->ic_des_esslen, 1); 2492 if (error) 2493 return error; 2494 2495 type = IWI_SCAN_TYPE_ACTIVE_BDIRECT; 2496 } else { 2497 type = IWI_SCAN_TYPE_ACTIVE_BROADCAST; 2498 } 2499 2500 p = &scan.channels[0]; 2501 count = idx = 0; 2502 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2503 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2504 isset(ic->ic_chan_active, i)) { 2505 *++p = i; 2506 count++; 2507 idx++; 2508 iwi_scan_type_set(scan, idx, type); 2509 } 2510 } 2511 if (count) { 2512 *(p - count) = IWI_CHAN_5GHZ | count; 2513 p++; 2514 } 2515 2516 count = 0; 2517 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2518 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2519 isset(ic->ic_chan_active, i)) { 2520 *++p = i; 2521 count++; 2522 idx++; 2523 iwi_scan_type_set(scan, idx, type); 2524 } 2525 } 2526 *(p - count) = IWI_CHAN_2GHZ | count; 2527 2528 DPRINTF(("Start scanning\n")); 2529 return iwi_cmd(sc, IWI_CMD_SCAN_V2, &scan, sizeof scan, 1); 2530 } 2531 2532 static int 2533 iwi_auth_and_assoc(struct iwi_softc *sc) 2534 { 2535 struct ieee80211com *ic = &sc->sc_ic; 2536 struct ieee80211_node *ni = ic->ic_bss; 2537 struct ifnet *ifp = &sc->sc_if; 2538 struct ieee80211_wme_info wme; 2539 struct iwi_configuration config; 2540 struct iwi_associate assoc; 2541 struct iwi_rateset rs; 2542 uint16_t capinfo; 2543 uint32_t data; 2544 int error; 2545 2546 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2547 memset(&config, 0, sizeof config); 2548 config.bluetooth_coexistence = sc->bluetooth; 2549 config.antenna = sc->antenna; 2550 config.multicast_enabled = 1; 2551 config.use_protection = 1; 2552 config.answer_pbreq = 2553 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2554 config.disable_unicast_decryption = 1; 2555 config.disable_multicast_decryption = 1; 2556 DPRINTF(("Configuring adapter\n")); 2557 error = iwi_cmd(sc, IWI_CMD_SET_CONFIGURATION, &config, 2558 sizeof config, 1); 2559 if (error != 0) 2560 return error; 2561 } 2562 2563 #ifdef IWI_DEBUG 2564 if (iwi_debug > 0) { 2565 printf("Setting ESSID to "); 2566 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2567 printf("\n"); 2568 } 2569 #endif 2570 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2571 if (error != 0) 2572 return error; 2573 2574 /* the rate set has already been "negotiated" */ 2575 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2576 IWI_MODE_11G; 2577 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2578 rs.nrates = ni->ni_rates.rs_nrates; 2579 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2580 DPRINTF(("Setting negotiated rates (%u)\n", rs.nrates)); 2581 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2582 if (error != 0) 2583 return error; 2584 2585 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2586 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2587 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2588 wme.wme_oui[0] = 0x00; 2589 wme.wme_oui[1] = 0x50; 2590 wme.wme_oui[2] = 0xf2; 2591 wme.wme_type = WME_OUI_TYPE; 2592 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2593 wme.wme_version = WME_VERSION; 2594 wme.wme_info = 0; 2595 2596 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2597 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2598 if (error != 0) 2599 return error; 2600 } 2601 2602 if (ic->ic_opt_ie != NULL) { 2603 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2604 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2605 ic->ic_opt_ie_len, 1); 2606 if (error != 0) 2607 return error; 2608 } 2609 data = htole32(ni->ni_rssi); 2610 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2611 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2612 if (error != 0) 2613 return error; 2614 2615 memset(&assoc, 0, sizeof assoc); 2616 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2617 IWI_MODE_11G; 2618 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2619 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2620 assoc.auth = (ic->ic_crypto.cs_def_txkey << 4) | IWI_AUTH_SHARED; 2621 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2622 assoc.policy |= htole16(IWI_POLICY_WME); 2623 if (ic->ic_flags & IEEE80211_F_WPA) 2624 assoc.policy |= htole16(IWI_POLICY_WPA); 2625 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2626 2627 if (ic->ic_opmode == IEEE80211_M_IBSS) 2628 capinfo = IEEE80211_CAPINFO_IBSS; 2629 else 2630 capinfo = IEEE80211_CAPINFO_ESS; 2631 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2632 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2633 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2634 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2635 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2636 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2637 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2638 assoc.capinfo = htole16(capinfo); 2639 2640 assoc.lintval = htole16(ic->ic_lintval); 2641 assoc.intval = htole16(ni->ni_intval); 2642 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2643 if (ic->ic_opmode == IEEE80211_M_IBSS) 2644 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2645 else 2646 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2647 DPRINTF(("Trying to associate to %s channel %u auth %u\n", 2648 ether_sprintf(assoc.bssid), assoc.chan, assoc.auth)); 2649 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2650 } 2651 2652 static int 2653 iwi_init(struct ifnet *ifp) 2654 { 2655 struct iwi_softc *sc = ifp->if_softc; 2656 struct ieee80211com *ic = &sc->sc_ic; 2657 struct iwi_firmware *fw = &sc->fw; 2658 int i, error; 2659 2660 /* exit immediately if firmware has not been ioctl'd */ 2661 if (!(sc->flags & IWI_FLAG_FW_CACHED)) { 2662 if (!(sc->flags & IWI_FLAG_FW_WARNED)) 2663 aprint_error("%s: Firmware not loaded\n", 2664 sc->sc_dev.dv_xname); 2665 sc->flags |= IWI_FLAG_FW_WARNED; 2666 ifp->if_flags &= ~IFF_UP; 2667 return EIO; 2668 } 2669 2670 iwi_stop(ifp, 0); 2671 2672 if ((error = iwi_reset(sc)) != 0) { 2673 aprint_error("%s: could not reset adapter\n", 2674 sc->sc_dev.dv_xname); 2675 goto fail; 2676 } 2677 2678 if ((error = iwi_load_firmware(sc, fw->boot, fw->boot_size)) != 0) { 2679 aprint_error("%s: could not load boot firmware\n", 2680 sc->sc_dev.dv_xname); 2681 goto fail; 2682 } 2683 2684 if ((error = iwi_load_ucode(sc, fw->ucode, fw->ucode_size)) != 0) { 2685 aprint_error("%s: could not load microcode\n", 2686 sc->sc_dev.dv_xname); 2687 goto fail; 2688 } 2689 2690 iwi_stop_master(sc); 2691 2692 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.desc_map->dm_segs[0].ds_addr); 2693 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2694 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2695 2696 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].desc_map->dm_segs[0].ds_addr); 2697 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2698 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2699 2700 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].desc_map->dm_segs[0].ds_addr); 2701 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2702 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2703 2704 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].desc_map->dm_segs[0].ds_addr); 2705 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2706 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2707 2708 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].desc_map->dm_segs[0].ds_addr); 2709 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2710 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2711 2712 for (i = 0; i < sc->rxq.count; i++) 2713 CSR_WRITE_4(sc, IWI_CSR_RX_BASE + i * 4, 2714 sc->rxq.data[i].map->dm_segs[0].ds_addr); 2715 2716 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count -1); 2717 2718 if ((error = iwi_load_firmware(sc, fw->main, fw->main_size)) != 0) { 2719 aprint_error("%s: could not load main firmware\n", 2720 sc->sc_dev.dv_xname); 2721 goto fail; 2722 } 2723 2724 sc->flags |= IWI_FLAG_FW_INITED; 2725 2726 if ((error = iwi_config(sc)) != 0) { 2727 aprint_error("%s: device configuration failed\n", 2728 sc->sc_dev.dv_xname); 2729 goto fail; 2730 } 2731 2732 ic->ic_state = IEEE80211_S_INIT; 2733 2734 ifp->if_flags &= ~IFF_OACTIVE; 2735 ifp->if_flags |= IFF_RUNNING; 2736 2737 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2738 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2739 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2740 } else 2741 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2742 2743 return 0; 2744 2745 fail: ifp->if_flags &= ~IFF_UP; 2746 iwi_stop(ifp, 0); 2747 2748 return error; 2749 } 2750 2751 static void 2752 iwi_stop(struct ifnet *ifp, int disable) 2753 { 2754 struct iwi_softc *sc = ifp->if_softc; 2755 struct ieee80211com *ic = &sc->sc_ic; 2756 2757 IWI_LED_OFF(sc); 2758 2759 iwi_stop_master(sc); 2760 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SW_RESET); 2761 2762 /* reset rings */ 2763 iwi_reset_cmd_ring(sc, &sc->cmdq); 2764 iwi_reset_tx_ring(sc, &sc->txq[0]); 2765 iwi_reset_tx_ring(sc, &sc->txq[1]); 2766 iwi_reset_tx_ring(sc, &sc->txq[2]); 2767 iwi_reset_tx_ring(sc, &sc->txq[3]); 2768 iwi_reset_rx_ring(sc, &sc->rxq); 2769 2770 ifp->if_timer = 0; 2771 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2772 2773 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2774 } 2775 2776 static void 2777 iwi_led_set(struct iwi_softc *sc, uint32_t state, int toggle) 2778 { 2779 uint32_t val; 2780 2781 val = MEM_READ_4(sc, IWI_MEM_EVENT_CTL); 2782 2783 switch (sc->nictype) { 2784 case 1: 2785 /* special NIC type: reversed leds */ 2786 if (state == IWI_LED_ACTIVITY) { 2787 state &= ~IWI_LED_ACTIVITY; 2788 state |= IWI_LED_ASSOCIATED; 2789 } else if (state == IWI_LED_ASSOCIATED) { 2790 state &= ~IWI_LED_ASSOCIATED; 2791 state |= IWI_LED_ACTIVITY; 2792 } 2793 /* and ignore toggle effect */ 2794 val |= state; 2795 break; 2796 case 0: 2797 case 2: 2798 case 3: 2799 case 4: 2800 val = (toggle && (val & state)) ? val & ~state : val | state; 2801 break; 2802 default: 2803 aprint_normal("%s: unknown NIC type %d\n", 2804 sc->sc_dev.dv_xname, sc->nictype); 2805 return; 2806 break; 2807 } 2808 2809 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, val); 2810 2811 return; 2812 } 2813 2814 static void 2815 iwi_error_log(struct iwi_softc *sc) 2816 { 2817 uint32_t b, n; 2818 int i; 2819 2820 static const char *const msg[] = { 2821 "no error", 2822 "failed", 2823 "memory range low", 2824 "memory range high", 2825 "bad parameter", 2826 "checksum", 2827 "NMI", 2828 "bad database", 2829 "allocation failed", 2830 "DMA underrun", 2831 "DMA status", 2832 "DINO", 2833 "EEPROM", 2834 "device assert", 2835 "fatal" 2836 }; 2837 2838 b = CSR_READ_4(sc, IWI_CSR_ERRORLOG); 2839 n = MEM_READ_4(sc, b); 2840 2841 b += 4; 2842 2843 for (i = 0; i < n ; i++) { 2844 struct iwi_error fw_error; 2845 2846 MEM_CPY(sc, &fw_error, b, sizeof(fw_error)); 2847 2848 printf("%s: %s\n", sc->sc_dev.dv_xname, 2849 msg[fw_error.type]); 2850 2851 b += sizeof(fw_error); 2852 } 2853 } 2854