1 /* $OpenBSD: if_ipw.c,v 1.129 2021/03/28 18:02:32 stsp Exp $ */ 2 3 /*- 4 * Copyright (c) 2004-2008 5 * Damien Bergamini <damien.bergamini@free.fr>. All rights reserved. 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /* 21 * Driver for Intel PRO/Wireless 2100 802.11 network adapters. 22 */ 23 24 #include "bpfilter.h" 25 26 #include <sys/param.h> 27 #include <sys/sockio.h> 28 #include <sys/task.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/rwlock.h> 32 #include <sys/socket.h> 33 #include <sys/systm.h> 34 #include <sys/conf.h> 35 #include <sys/device.h> 36 #include <sys/endian.h> 37 38 #include <machine/bus.h> 39 #include <machine/intr.h> 40 41 #include <dev/pci/pcireg.h> 42 #include <dev/pci/pcivar.h> 43 #include <dev/pci/pcidevs.h> 44 45 #if NBPFILTER > 0 46 #include <net/bpf.h> 47 #endif 48 #include <net/if.h> 49 #include <net/if_dl.h> 50 #include <net/if_media.h> 51 52 #include <netinet/in.h> 53 #include <netinet/if_ether.h> 54 55 #include <net80211/ieee80211_var.h> 56 #include <net80211/ieee80211_radiotap.h> 57 58 #include <dev/pci/if_ipwreg.h> 59 #include <dev/pci/if_ipwvar.h> 60 61 int ipw_match(struct device *, void *, void *); 62 void ipw_attach(struct device *, struct device *, void *); 63 int ipw_activate(struct device *, int); 64 void ipw_wakeup(struct ipw_softc *); 65 int ipw_dma_alloc(struct ipw_softc *); 66 void ipw_release(struct ipw_softc *); 67 int ipw_media_change(struct ifnet *); 68 void ipw_media_status(struct ifnet *, struct ifmediareq *); 69 int ipw_newstate(struct ieee80211com *, enum ieee80211_state, int); 70 uint16_t ipw_read_prom_word(struct ipw_softc *, uint8_t); 71 void ipw_command_intr(struct ipw_softc *, struct ipw_soft_buf *); 72 void ipw_newstate_intr(struct ipw_softc *, struct ipw_soft_buf *); 73 void ipw_data_intr(struct ipw_softc *, struct ipw_status *, 74 struct ipw_soft_bd *, struct ipw_soft_buf *, 75 struct mbuf_list *); 76 void ipw_notification_intr(struct ipw_softc *, 77 struct ipw_soft_buf *); 78 void ipw_rx_intr(struct ipw_softc *); 79 void ipw_release_sbd(struct ipw_softc *, struct ipw_soft_bd *); 80 void ipw_tx_intr(struct ipw_softc *); 81 int ipw_intr(void *); 82 int ipw_cmd(struct ipw_softc *, uint32_t, void *, uint32_t); 83 int ipw_send_mgmt(struct ieee80211com *, struct ieee80211_node *, 84 int, int, int); 85 int ipw_tx_start(struct ifnet *, struct mbuf *, 86 struct ieee80211_node *); 87 void ipw_start(struct ifnet *); 88 void ipw_watchdog(struct ifnet *); 89 int ipw_ioctl(struct ifnet *, u_long, caddr_t); 90 uint32_t ipw_read_table1(struct ipw_softc *, uint32_t); 91 void ipw_write_table1(struct ipw_softc *, uint32_t, uint32_t); 92 int ipw_read_table2(struct ipw_softc *, uint32_t, void *, 93 uint32_t *); 94 void ipw_stop_master(struct ipw_softc *); 95 int ipw_reset(struct ipw_softc *); 96 int ipw_load_ucode(struct ipw_softc *, u_char *, int); 97 int ipw_load_firmware(struct ipw_softc *, u_char *, int); 98 int ipw_read_firmware(struct ipw_softc *, struct ipw_firmware *); 99 void ipw_scan(void *); 100 void ipw_auth_and_assoc(void *); 101 int ipw_config(struct ipw_softc *); 102 int ipw_init(struct ifnet *); 103 void ipw_stop(struct ifnet *, int); 104 void ipw_read_mem_1(struct ipw_softc *, bus_size_t, uint8_t *, 105 bus_size_t); 106 void ipw_write_mem_1(struct ipw_softc *, bus_size_t, uint8_t *, 107 bus_size_t); 108 109 static __inline uint8_t 110 MEM_READ_1(struct ipw_softc *sc, uint32_t addr) 111 { 112 CSR_WRITE_4(sc, IPW_CSR_INDIRECT_ADDR, addr); 113 return CSR_READ_1(sc, IPW_CSR_INDIRECT_DATA); 114 } 115 116 static __inline uint32_t 117 MEM_READ_4(struct ipw_softc *sc, uint32_t addr) 118 { 119 CSR_WRITE_4(sc, IPW_CSR_INDIRECT_ADDR, addr); 120 return CSR_READ_4(sc, IPW_CSR_INDIRECT_DATA); 121 } 122 123 #ifdef IPW_DEBUG 124 #define DPRINTF(x) do { if (ipw_debug > 0) printf x; } while (0) 125 #define DPRINTFN(n, x) do { if (ipw_debug >= (n)) printf x; } while (0) 126 int ipw_debug = 0; 127 #else 128 #define DPRINTF(x) 129 #define DPRINTFN(n, x) 130 #endif 131 132 struct cfattach ipw_ca = { 133 sizeof (struct ipw_softc), ipw_match, ipw_attach, NULL, 134 ipw_activate 135 }; 136 137 int 138 ipw_match(struct device *parent, void *match, void *aux) 139 { 140 struct pci_attach_args *pa = aux; 141 142 if (PCI_VENDOR (pa->pa_id) == PCI_VENDOR_INTEL && 143 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2100) 144 return 1; 145 146 return 0; 147 } 148 149 /* Base Address Register */ 150 #define IPW_PCI_BAR0 0x10 151 152 void 153 ipw_attach(struct device *parent, struct device *self, void *aux) 154 { 155 struct ipw_softc *sc = (struct ipw_softc *)self; 156 struct ieee80211com *ic = &sc->sc_ic; 157 struct ifnet *ifp = &ic->ic_if; 158 struct pci_attach_args *pa = aux; 159 const char *intrstr; 160 bus_space_tag_t memt; 161 bus_space_handle_t memh; 162 bus_addr_t base; 163 pci_intr_handle_t ih; 164 pcireg_t data; 165 uint16_t val; 166 int error, i; 167 168 sc->sc_pct = pa->pa_pc; 169 sc->sc_pcitag = pa->pa_tag, 170 171 /* clear device specific PCI configuration register 0x41 */ 172 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 173 data &= ~0x0000ff00; 174 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 175 176 /* map the register window */ 177 error = pci_mapreg_map(pa, IPW_PCI_BAR0, PCI_MAPREG_TYPE_MEM | 178 PCI_MAPREG_MEM_TYPE_32BIT, 0, &memt, &memh, &base, &sc->sc_sz, 0); 179 if (error != 0) { 180 printf(": can't map mem space\n"); 181 return; 182 } 183 184 sc->sc_st = memt; 185 sc->sc_sh = memh; 186 sc->sc_dmat = pa->pa_dmat; 187 188 /* disable interrupts */ 189 CSR_WRITE_4(sc, IPW_CSR_INTR_MASK, 0); 190 191 if (pci_intr_map(pa, &ih) != 0) { 192 printf(": can't map interrupt\n"); 193 return; 194 } 195 196 intrstr = pci_intr_string(sc->sc_pct, ih); 197 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, ipw_intr, sc, 198 sc->sc_dev.dv_xname); 199 if (sc->sc_ih == NULL) { 200 printf(": can't establish interrupt"); 201 if (intrstr != NULL) 202 printf(" at %s", intrstr); 203 printf("\n"); 204 return; 205 } 206 printf(": %s", intrstr); 207 208 rw_init(&sc->sc_rwlock, "ipwlock"); 209 task_set(&sc->sc_scantask, ipw_scan, sc); 210 task_set(&sc->sc_authandassoctask, ipw_auth_and_assoc, sc); 211 212 if (ipw_reset(sc) != 0) { 213 printf(": could not reset adapter\n"); 214 return; 215 } 216 217 if (ipw_dma_alloc(sc) != 0) { 218 printf(": failed to allocate DMA resources\n"); 219 return; 220 } 221 222 ic->ic_phytype = IEEE80211_T_DS; 223 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 224 ic->ic_state = IEEE80211_S_INIT; 225 226 /* set device capabilities */ 227 ic->ic_caps = 228 #ifndef IEEE80211_STA_ONLY 229 IEEE80211_C_IBSS | /* IBSS mode supported */ 230 #endif 231 IEEE80211_C_MONITOR | /* monitor mode supported */ 232 IEEE80211_C_TXPMGT | /* tx power management */ 233 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 234 IEEE80211_C_WEP | /* s/w WEP */ 235 IEEE80211_C_RSN | /* WPA/RSN */ 236 IEEE80211_C_SCANALL; /* h/w scanning */ 237 238 /* read MAC address from EEPROM */ 239 val = ipw_read_prom_word(sc, IPW_EEPROM_MAC + 0); 240 ic->ic_myaddr[0] = val >> 8; 241 ic->ic_myaddr[1] = val & 0xff; 242 val = ipw_read_prom_word(sc, IPW_EEPROM_MAC + 1); 243 ic->ic_myaddr[2] = val >> 8; 244 ic->ic_myaddr[3] = val & 0xff; 245 val = ipw_read_prom_word(sc, IPW_EEPROM_MAC + 2); 246 ic->ic_myaddr[4] = val >> 8; 247 ic->ic_myaddr[5] = val & 0xff; 248 249 printf(", address %s\n", ether_sprintf(ic->ic_myaddr)); 250 251 /* set supported .11b rates */ 252 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 253 254 /* set supported .11b channels (1 through 14) */ 255 for (i = 1; i <= 14; i++) { 256 ic->ic_channels[i].ic_freq = 257 ieee80211_ieee2mhz(i, IEEE80211_CHAN_B); 258 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_B; 259 } 260 261 /* IBSS channel undefined for now */ 262 ic->ic_ibss_chan = &ic->ic_channels[0]; 263 264 ifp->if_softc = sc; 265 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 266 ifp->if_ioctl = ipw_ioctl; 267 ifp->if_start = ipw_start; 268 ifp->if_watchdog = ipw_watchdog; 269 bcopy(sc->sc_dev.dv_xname, ifp->if_xname, IFNAMSIZ); 270 271 if_attach(ifp); 272 ieee80211_ifattach(ifp); 273 /* override state transition machine */ 274 sc->sc_newstate = ic->ic_newstate; 275 ic->ic_newstate = ipw_newstate; 276 ic->ic_send_mgmt = ipw_send_mgmt; 277 ieee80211_media_init(ifp, ipw_media_change, ipw_media_status); 278 279 #if NBPFILTER > 0 280 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 281 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 282 283 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 284 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 285 sc->sc_rxtap.wr_ihdr.it_present = htole32(IPW_RX_RADIOTAP_PRESENT); 286 287 sc->sc_txtap_len = sizeof sc->sc_txtapu; 288 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 289 sc->sc_txtap.wt_ihdr.it_present = htole32(IPW_TX_RADIOTAP_PRESENT); 290 #endif 291 } 292 293 int 294 ipw_activate(struct device *self, int act) 295 { 296 struct ipw_softc *sc = (struct ipw_softc *)self; 297 struct ifnet *ifp = &sc->sc_ic.ic_if; 298 299 switch (act) { 300 case DVACT_SUSPEND: 301 if (ifp->if_flags & IFF_RUNNING) 302 ipw_stop(ifp, 0); 303 break; 304 case DVACT_WAKEUP: 305 ipw_wakeup(sc); 306 break; 307 } 308 309 return 0; 310 } 311 312 void 313 ipw_wakeup(struct ipw_softc *sc) 314 { 315 struct ifnet *ifp = &sc->sc_ic.ic_if; 316 pcireg_t data; 317 int s; 318 319 /* clear device specific PCI configuration register 0x41 */ 320 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 321 data &= ~0x0000ff00; 322 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 323 324 rw_enter_write(&sc->sc_rwlock); 325 s = splnet(); 326 327 if (ifp->if_flags & IFF_UP) 328 ipw_init(ifp); 329 330 splx(s); 331 rw_exit_write(&sc->sc_rwlock); 332 } 333 334 int 335 ipw_dma_alloc(struct ipw_softc *sc) 336 { 337 struct ipw_soft_bd *sbd; 338 struct ipw_soft_hdr *shdr; 339 struct ipw_soft_buf *sbuf; 340 int i, nsegs, error; 341 342 /* 343 * Allocate and map tx ring. 344 */ 345 error = bus_dmamap_create(sc->sc_dmat, IPW_TBD_SZ, 1, IPW_TBD_SZ, 0, 346 BUS_DMA_NOWAIT, &sc->tbd_map); 347 if (error != 0) { 348 printf("%s: could not create tx ring DMA map\n", 349 sc->sc_dev.dv_xname); 350 goto fail; 351 } 352 353 error = bus_dmamem_alloc(sc->sc_dmat, IPW_TBD_SZ, PAGE_SIZE, 0, 354 &sc->tbd_seg, 1, &nsegs, BUS_DMA_NOWAIT); 355 if (error != 0) { 356 printf("%s: could not allocate tx ring DMA memory\n", 357 sc->sc_dev.dv_xname); 358 goto fail; 359 } 360 361 error = bus_dmamem_map(sc->sc_dmat, &sc->tbd_seg, nsegs, IPW_TBD_SZ, 362 (caddr_t *)&sc->tbd_list, BUS_DMA_NOWAIT); 363 if (error != 0) { 364 printf("%s: can't map tx ring DMA memory\n", 365 sc->sc_dev.dv_xname); 366 goto fail; 367 } 368 369 error = bus_dmamap_load(sc->sc_dmat, sc->tbd_map, sc->tbd_list, 370 IPW_TBD_SZ, NULL, BUS_DMA_NOWAIT); 371 if (error != 0) { 372 printf("%s: could not load tx ring DMA map\n", 373 sc->sc_dev.dv_xname); 374 goto fail; 375 } 376 377 /* 378 * Allocate and map rx ring. 379 */ 380 error = bus_dmamap_create(sc->sc_dmat, IPW_RBD_SZ, 1, IPW_RBD_SZ, 0, 381 BUS_DMA_NOWAIT, &sc->rbd_map); 382 if (error != 0) { 383 printf("%s: could not create rx ring DMA map\n", 384 sc->sc_dev.dv_xname); 385 goto fail; 386 } 387 388 error = bus_dmamem_alloc(sc->sc_dmat, IPW_RBD_SZ, PAGE_SIZE, 0, 389 &sc->rbd_seg, 1, &nsegs, BUS_DMA_NOWAIT); 390 if (error != 0) { 391 printf("%s: could not allocate rx ring DMA memory\n", 392 sc->sc_dev.dv_xname); 393 goto fail; 394 } 395 396 error = bus_dmamem_map(sc->sc_dmat, &sc->rbd_seg, nsegs, IPW_RBD_SZ, 397 (caddr_t *)&sc->rbd_list, BUS_DMA_NOWAIT); 398 if (error != 0) { 399 printf("%s: can't map rx ring DMA memory\n", 400 sc->sc_dev.dv_xname); 401 goto fail; 402 } 403 404 error = bus_dmamap_load(sc->sc_dmat, sc->rbd_map, sc->rbd_list, 405 IPW_RBD_SZ, NULL, BUS_DMA_NOWAIT); 406 if (error != 0) { 407 printf("%s: could not load tx ring DMA map\n", 408 sc->sc_dev.dv_xname); 409 goto fail; 410 } 411 412 /* 413 * Allocate and map status ring. 414 */ 415 error = bus_dmamap_create(sc->sc_dmat, IPW_STATUS_SZ, 1, IPW_STATUS_SZ, 416 0, BUS_DMA_NOWAIT, &sc->status_map); 417 if (error != 0) { 418 printf("%s: could not create status ring DMA map\n", 419 sc->sc_dev.dv_xname); 420 goto fail; 421 } 422 423 error = bus_dmamem_alloc(sc->sc_dmat, IPW_STATUS_SZ, PAGE_SIZE, 0, 424 &sc->status_seg, 1, &nsegs, BUS_DMA_NOWAIT); 425 if (error != 0) { 426 printf("%s: could not allocate status ring DMA memory\n", 427 sc->sc_dev.dv_xname); 428 goto fail; 429 } 430 431 error = bus_dmamem_map(sc->sc_dmat, &sc->status_seg, nsegs, 432 IPW_STATUS_SZ, (caddr_t *)&sc->status_list, BUS_DMA_NOWAIT); 433 if (error != 0) { 434 printf("%s: can't map status ring DMA memory\n", 435 sc->sc_dev.dv_xname); 436 goto fail; 437 } 438 439 error = bus_dmamap_load(sc->sc_dmat, sc->status_map, sc->status_list, 440 IPW_STATUS_SZ, NULL, BUS_DMA_NOWAIT); 441 if (error != 0) { 442 printf("%s: could not load status ring DMA map\n", 443 sc->sc_dev.dv_xname); 444 goto fail; 445 } 446 447 /* 448 * Allocate command DMA map. 449 */ 450 error = bus_dmamap_create(sc->sc_dmat, sizeof (struct ipw_cmd), 1, 451 sizeof (struct ipw_cmd), 0, BUS_DMA_NOWAIT, &sc->cmd_map); 452 if (error != 0) { 453 printf("%s: could not create command DMA map\n", 454 sc->sc_dev.dv_xname); 455 goto fail; 456 } 457 458 /* 459 * Allocate headers DMA maps. 460 */ 461 SLIST_INIT(&sc->free_shdr); 462 for (i = 0; i < IPW_NDATA; i++) { 463 shdr = &sc->shdr_list[i]; 464 error = bus_dmamap_create(sc->sc_dmat, sizeof (struct ipw_hdr), 465 1, sizeof (struct ipw_hdr), 0, BUS_DMA_NOWAIT, &shdr->map); 466 if (error != 0) { 467 printf("%s: could not create header DMA map\n", 468 sc->sc_dev.dv_xname); 469 goto fail; 470 } 471 SLIST_INSERT_HEAD(&sc->free_shdr, shdr, next); 472 } 473 474 /* 475 * Allocate tx buffers DMA maps. 476 */ 477 SLIST_INIT(&sc->free_sbuf); 478 for (i = 0; i < IPW_NDATA; i++) { 479 sbuf = &sc->tx_sbuf_list[i]; 480 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, IPW_MAX_NSEG, 481 MCLBYTES, 0, BUS_DMA_NOWAIT, &sbuf->map); 482 if (error != 0) { 483 printf("%s: could not create tx DMA map\n", 484 sc->sc_dev.dv_xname); 485 goto fail; 486 } 487 SLIST_INSERT_HEAD(&sc->free_sbuf, sbuf, next); 488 } 489 490 /* 491 * Initialize tx ring. 492 */ 493 for (i = 0; i < IPW_NTBD; i++) { 494 sbd = &sc->stbd_list[i]; 495 sbd->bd = &sc->tbd_list[i]; 496 sbd->type = IPW_SBD_TYPE_NOASSOC; 497 } 498 499 /* 500 * Pre-allocate rx buffers and DMA maps. 501 */ 502 for (i = 0; i < IPW_NRBD; i++) { 503 sbd = &sc->srbd_list[i]; 504 sbuf = &sc->rx_sbuf_list[i]; 505 sbd->bd = &sc->rbd_list[i]; 506 507 MGETHDR(sbuf->m, M_DONTWAIT, MT_DATA); 508 if (sbuf->m == NULL) { 509 printf("%s: could not allocate rx mbuf\n", 510 sc->sc_dev.dv_xname); 511 error = ENOMEM; 512 goto fail; 513 } 514 MCLGET(sbuf->m, M_DONTWAIT); 515 if (!(sbuf->m->m_flags & M_EXT)) { 516 m_freem(sbuf->m); 517 printf("%s: could not allocate rx mbuf cluster\n", 518 sc->sc_dev.dv_xname); 519 error = ENOMEM; 520 goto fail; 521 } 522 523 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 524 0, BUS_DMA_NOWAIT, &sbuf->map); 525 if (error != 0) { 526 printf("%s: could not create rx DMA map\n", 527 sc->sc_dev.dv_xname); 528 goto fail; 529 } 530 531 error = bus_dmamap_load(sc->sc_dmat, sbuf->map, 532 mtod(sbuf->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 533 if (error != 0) { 534 printf("%s: can't map rx DMA memory\n", 535 sc->sc_dev.dv_xname); 536 goto fail; 537 } 538 539 sbd->type = IPW_SBD_TYPE_DATA; 540 sbd->priv = sbuf; 541 sbd->bd->physaddr = htole32(sbuf->map->dm_segs[0].ds_addr); 542 sbd->bd->len = htole32(MCLBYTES); 543 } 544 545 bus_dmamap_sync(sc->sc_dmat, sc->rbd_map, 0, IPW_RBD_SZ, 546 BUS_DMASYNC_PREWRITE); 547 548 return 0; 549 550 fail: ipw_release(sc); 551 return error; 552 } 553 554 void 555 ipw_release(struct ipw_softc *sc) 556 { 557 struct ipw_soft_buf *sbuf; 558 int i; 559 560 if (sc->tbd_map != NULL) { 561 if (sc->tbd_list != NULL) { 562 bus_dmamap_unload(sc->sc_dmat, sc->tbd_map); 563 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->tbd_list, 564 IPW_TBD_SZ); 565 bus_dmamem_free(sc->sc_dmat, &sc->tbd_seg, 1); 566 } 567 bus_dmamap_destroy(sc->sc_dmat, sc->tbd_map); 568 } 569 570 if (sc->rbd_map != NULL) { 571 if (sc->rbd_list != NULL) { 572 bus_dmamap_unload(sc->sc_dmat, sc->rbd_map); 573 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->rbd_list, 574 IPW_RBD_SZ); 575 bus_dmamem_free(sc->sc_dmat, &sc->rbd_seg, 1); 576 } 577 bus_dmamap_destroy(sc->sc_dmat, sc->rbd_map); 578 } 579 580 if (sc->status_map != NULL) { 581 if (sc->status_list != NULL) { 582 bus_dmamap_unload(sc->sc_dmat, sc->status_map); 583 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->status_list, 584 IPW_RBD_SZ); 585 bus_dmamem_free(sc->sc_dmat, &sc->status_seg, 1); 586 } 587 bus_dmamap_destroy(sc->sc_dmat, sc->status_map); 588 } 589 590 if (sc->cmd_map != NULL) 591 bus_dmamap_destroy(sc->sc_dmat, sc->cmd_map); 592 593 for (i = 0; i < IPW_NDATA; i++) 594 bus_dmamap_destroy(sc->sc_dmat, sc->shdr_list[i].map); 595 596 for (i = 0; i < IPW_NDATA; i++) 597 bus_dmamap_destroy(sc->sc_dmat, sc->tx_sbuf_list[i].map); 598 599 for (i = 0; i < IPW_NRBD; i++) { 600 sbuf = &sc->rx_sbuf_list[i]; 601 if (sbuf->map != NULL) { 602 if (sbuf->m != NULL) { 603 bus_dmamap_unload(sc->sc_dmat, sbuf->map); 604 m_freem(sbuf->m); 605 } 606 bus_dmamap_destroy(sc->sc_dmat, sbuf->map); 607 } 608 } 609 610 task_del(systq, &sc->sc_scantask); 611 task_del(systq, &sc->sc_authandassoctask); 612 } 613 614 int 615 ipw_media_change(struct ifnet *ifp) 616 { 617 int error; 618 619 error = ieee80211_media_change(ifp); 620 if (error != ENETRESET) 621 return error; 622 623 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 624 ipw_init(ifp); 625 626 return 0; 627 } 628 629 void 630 ipw_media_status(struct ifnet *ifp, struct ifmediareq *imr) 631 { 632 struct ipw_softc *sc = ifp->if_softc; 633 struct ieee80211com *ic = &sc->sc_ic; 634 static const struct { 635 uint32_t val; 636 int rate; 637 } rates[] = { 638 { IPW_RATE_DS1, 2 }, 639 { IPW_RATE_DS2, 4 }, 640 { IPW_RATE_DS5, 11 }, 641 { IPW_RATE_DS11, 22 }, 642 }; 643 uint32_t val; 644 int rate, i; 645 646 imr->ifm_status = IFM_AVALID; 647 imr->ifm_active = IFM_IEEE80211; 648 if (ic->ic_state == IEEE80211_S_RUN) 649 imr->ifm_status |= IFM_ACTIVE; 650 651 /* read current transmission rate from adapter */ 652 val = ipw_read_table1(sc, IPW_INFO_CURRENT_TX_RATE); 653 val &= 0xf; 654 655 /* convert rate to 802.11 rate */ 656 for (i = 0; i < nitems(rates) && rates[i].val != val; i++); 657 rate = (i < nitems(rates)) ? rates[i].rate : 0; 658 659 imr->ifm_active |= IFM_IEEE80211_11B; 660 imr->ifm_active |= ieee80211_rate2media(ic, rate, IEEE80211_MODE_11B); 661 switch (ic->ic_opmode) { 662 case IEEE80211_M_STA: 663 break; 664 #ifndef IEEE80211_STA_ONLY 665 case IEEE80211_M_IBSS: 666 imr->ifm_active |= IFM_IEEE80211_IBSS; 667 break; 668 #endif 669 case IEEE80211_M_MONITOR: 670 imr->ifm_active |= IFM_IEEE80211_MONITOR; 671 break; 672 default: 673 /* should not get there */ 674 break; 675 } 676 } 677 678 int 679 ipw_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 680 { 681 struct ipw_softc *sc = ic->ic_softc; 682 struct ifnet *ifp = &ic->ic_if; 683 684 if (LINK_STATE_IS_UP(ifp->if_link_state)) 685 ieee80211_set_link_state(ic, LINK_STATE_DOWN); 686 687 switch (nstate) { 688 case IEEE80211_S_SCAN: 689 task_add(systq, &sc->sc_scantask); 690 break; 691 692 case IEEE80211_S_AUTH: 693 task_add(systq, &sc->sc_authandassoctask); 694 break; 695 696 case IEEE80211_S_RUN: 697 if (!(ic->ic_flags & IEEE80211_F_RSNON)) { 698 /* 699 * NB: When RSN is enabled, we defer setting 700 * the link up until the port is valid. 701 */ 702 ieee80211_set_link_state(ic, LINK_STATE_UP); 703 } 704 break; 705 case IEEE80211_S_INIT: 706 case IEEE80211_S_ASSOC: 707 /* nothing to do */ 708 break; 709 } 710 711 ic->ic_state = nstate; 712 return 0; 713 } 714 715 /* 716 * Read 16 bits at address 'addr' from the Microwire EEPROM. 717 * DON'T PLAY WITH THIS CODE UNLESS YOU KNOW *EXACTLY* WHAT YOU'RE DOING! 718 */ 719 uint16_t 720 ipw_read_prom_word(struct ipw_softc *sc, uint8_t addr) 721 { 722 uint32_t tmp; 723 uint16_t val; 724 int n; 725 726 /* clock C once before the first command */ 727 IPW_EEPROM_CTL(sc, 0); 728 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 729 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_C); 730 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 731 732 /* write start bit (1) */ 733 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_D); 734 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_D | IPW_EEPROM_C); 735 736 /* write READ opcode (10) */ 737 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_D); 738 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_D | IPW_EEPROM_C); 739 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 740 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_C); 741 742 /* write address A7-A0 */ 743 for (n = 7; n >= 0; n--) { 744 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | 745 (((addr >> n) & 1) << IPW_EEPROM_SHIFT_D)); 746 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | 747 (((addr >> n) & 1) << IPW_EEPROM_SHIFT_D) | IPW_EEPROM_C); 748 } 749 750 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 751 752 /* read data Q15-Q0 */ 753 val = 0; 754 for (n = 15; n >= 0; n--) { 755 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_C); 756 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 757 tmp = MEM_READ_4(sc, IPW_MEM_EEPROM_CTL); 758 val |= ((tmp & IPW_EEPROM_Q) >> IPW_EEPROM_SHIFT_Q) << n; 759 } 760 761 IPW_EEPROM_CTL(sc, 0); 762 763 /* clear Chip Select and clock C */ 764 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 765 IPW_EEPROM_CTL(sc, 0); 766 IPW_EEPROM_CTL(sc, IPW_EEPROM_C); 767 768 return val; 769 } 770 771 void 772 ipw_command_intr(struct ipw_softc *sc, struct ipw_soft_buf *sbuf) 773 { 774 struct ipw_cmd *cmd; 775 776 bus_dmamap_sync(sc->sc_dmat, sbuf->map, 0, sizeof (struct ipw_cmd), 777 BUS_DMASYNC_POSTREAD); 778 779 cmd = mtod(sbuf->m, struct ipw_cmd *); 780 781 DPRINTFN(2, ("received command ack type=%u,status=%u\n", 782 letoh32(cmd->type), letoh32(cmd->status))); 783 784 wakeup(&sc->cmd); 785 } 786 787 void 788 ipw_newstate_intr(struct ipw_softc *sc, struct ipw_soft_buf *sbuf) 789 { 790 struct ieee80211com *ic = &sc->sc_ic; 791 struct ifnet *ifp = &ic->ic_if; 792 uint32_t state; 793 794 bus_dmamap_sync(sc->sc_dmat, sbuf->map, 0, sizeof state, 795 BUS_DMASYNC_POSTREAD); 796 797 state = letoh32(*mtod(sbuf->m, uint32_t *)); 798 799 DPRINTFN(2, ("firmware state changed to 0x%x\n", state)); 800 801 switch (state) { 802 case IPW_STATE_ASSOCIATED: 803 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 804 break; 805 806 case IPW_STATE_SCANNING: 807 if (ic->ic_state == IEEE80211_S_RUN) 808 ieee80211_begin_scan(ifp); 809 break; 810 811 case IPW_STATE_SCAN_COMPLETE: 812 if (ic->ic_state == IEEE80211_S_SCAN) 813 ieee80211_end_scan(ifp); 814 break; 815 816 case IPW_STATE_ASSOCIATION_LOST: 817 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 818 break; 819 820 case IPW_STATE_DISABLED: 821 wakeup(sc); 822 break; 823 824 case IPW_STATE_RADIO_DISABLED: 825 ipw_stop(&ic->ic_if, 1); 826 break; 827 } 828 } 829 830 void 831 ipw_data_intr(struct ipw_softc *sc, struct ipw_status *status, 832 struct ipw_soft_bd *sbd, struct ipw_soft_buf *sbuf, struct mbuf_list *ml) 833 { 834 struct ieee80211com *ic = &sc->sc_ic; 835 struct ifnet *ifp = &ic->ic_if; 836 struct mbuf *mnew, *m; 837 struct ieee80211_frame *wh; 838 struct ieee80211_rxinfo rxi; 839 struct ieee80211_node *ni; 840 int error; 841 842 DPRINTFN(5, ("received data frame len=%u,rssi=%u\n", 843 letoh32(status->len), status->rssi)); 844 845 /* 846 * Try to allocate a new mbuf for this ring element and load it before 847 * processing the current mbuf. If the ring element cannot be loaded, 848 * drop the received packet and reuse the old mbuf. In the unlikely 849 * case that the old mbuf can't be reloaded either, explicitly panic. 850 */ 851 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 852 if (mnew == NULL) { 853 ifp->if_ierrors++; 854 return; 855 } 856 MCLGET(mnew, M_DONTWAIT); 857 if (!(mnew->m_flags & M_EXT)) { 858 m_freem(mnew); 859 ifp->if_ierrors++; 860 return; 861 } 862 863 bus_dmamap_sync(sc->sc_dmat, sbuf->map, 0, letoh32(status->len), 864 BUS_DMASYNC_POSTREAD); 865 bus_dmamap_unload(sc->sc_dmat, sbuf->map); 866 867 error = bus_dmamap_load(sc->sc_dmat, sbuf->map, mtod(mnew, void *), 868 MCLBYTES, NULL, BUS_DMA_NOWAIT); 869 if (error != 0) { 870 m_freem(mnew); 871 872 /* try to reload the old mbuf */ 873 error = bus_dmamap_load(sc->sc_dmat, sbuf->map, 874 mtod(sbuf->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 875 if (error != 0) { 876 /* very unlikely that it will fail... */ 877 panic("%s: could not load old rx mbuf", 878 sc->sc_dev.dv_xname); 879 } 880 sbd->bd->physaddr = htole32(sbuf->map->dm_segs[0].ds_addr); 881 ifp->if_ierrors++; 882 return; 883 } 884 885 m = sbuf->m; 886 sbuf->m = mnew; 887 sbd->bd->physaddr = htole32(sbuf->map->dm_segs[0].ds_addr); 888 889 /* finalize mbuf */ 890 m->m_pkthdr.len = m->m_len = letoh32(status->len); 891 892 #if NBPFILTER > 0 893 if (sc->sc_drvbpf != NULL) { 894 struct ipw_rx_radiotap_header *tap = &sc->sc_rxtap; 895 896 tap->wr_flags = 0; 897 tap->wr_antsignal = status->rssi; 898 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 899 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 900 901 bpf_mtap_hdr(sc->sc_drvbpf, tap, sc->sc_rxtap_len, 902 m, BPF_DIRECTION_IN); 903 } 904 #endif 905 906 wh = mtod(m, struct ieee80211_frame *); 907 ni = ieee80211_find_rxnode(ic, wh); 908 909 /* send the frame to the upper layer */ 910 rxi.rxi_flags = 0; 911 rxi.rxi_rssi = status->rssi; 912 rxi.rxi_tstamp = 0; /* unused */ 913 ieee80211_inputm(ifp, m, ni, &rxi, ml); 914 915 ieee80211_release_node(ic, ni); 916 } 917 918 void 919 ipw_notification_intr(struct ipw_softc *sc, struct ipw_soft_buf *sbuf) 920 { 921 DPRINTFN(2, ("received notification\n")); 922 } 923 924 void 925 ipw_rx_intr(struct ipw_softc *sc) 926 { 927 struct mbuf_list ml = MBUF_LIST_INITIALIZER(); 928 struct ipw_status *status; 929 struct ipw_soft_bd *sbd; 930 struct ipw_soft_buf *sbuf; 931 uint32_t r, i; 932 933 r = CSR_READ_4(sc, IPW_CSR_RX_READ_INDEX); 934 935 for (i = (sc->rxcur + 1) % IPW_NRBD; i != r; i = (i + 1) % IPW_NRBD) { 936 937 bus_dmamap_sync(sc->sc_dmat, sc->rbd_map, 938 i * sizeof (struct ipw_bd), sizeof (struct ipw_bd), 939 BUS_DMASYNC_POSTREAD); 940 941 bus_dmamap_sync(sc->sc_dmat, sc->status_map, 942 i * sizeof (struct ipw_status), sizeof (struct ipw_status), 943 BUS_DMASYNC_POSTREAD); 944 945 status = &sc->status_list[i]; 946 sbd = &sc->srbd_list[i]; 947 sbuf = sbd->priv; 948 949 switch (letoh16(status->code) & 0xf) { 950 case IPW_STATUS_CODE_COMMAND: 951 ipw_command_intr(sc, sbuf); 952 break; 953 954 case IPW_STATUS_CODE_NEWSTATE: 955 ipw_newstate_intr(sc, sbuf); 956 break; 957 958 case IPW_STATUS_CODE_DATA_802_3: 959 case IPW_STATUS_CODE_DATA_802_11: 960 ipw_data_intr(sc, status, sbd, sbuf, &ml); 961 break; 962 963 case IPW_STATUS_CODE_NOTIFICATION: 964 ipw_notification_intr(sc, sbuf); 965 break; 966 967 default: 968 printf("%s: unknown status code %u\n", 969 sc->sc_dev.dv_xname, letoh16(status->code)); 970 } 971 sbd->bd->flags = 0; 972 973 bus_dmamap_sync(sc->sc_dmat, sc->rbd_map, 974 i * sizeof (struct ipw_bd), sizeof (struct ipw_bd), 975 BUS_DMASYNC_PREWRITE); 976 } 977 if_input(&sc->sc_ic.ic_if, &ml); 978 979 /* tell the firmware what we have processed */ 980 sc->rxcur = (r == 0) ? IPW_NRBD - 1 : r - 1; 981 CSR_WRITE_4(sc, IPW_CSR_RX_WRITE_INDEX, sc->rxcur); 982 } 983 984 void 985 ipw_release_sbd(struct ipw_softc *sc, struct ipw_soft_bd *sbd) 986 { 987 struct ieee80211com *ic = &sc->sc_ic; 988 struct ipw_soft_hdr *shdr; 989 struct ipw_soft_buf *sbuf; 990 991 switch (sbd->type) { 992 case IPW_SBD_TYPE_COMMAND: 993 bus_dmamap_unload(sc->sc_dmat, sc->cmd_map); 994 break; 995 996 case IPW_SBD_TYPE_HEADER: 997 shdr = sbd->priv; 998 bus_dmamap_unload(sc->sc_dmat, shdr->map); 999 SLIST_INSERT_HEAD(&sc->free_shdr, shdr, next); 1000 break; 1001 1002 case IPW_SBD_TYPE_DATA: 1003 sbuf = sbd->priv; 1004 bus_dmamap_unload(sc->sc_dmat, sbuf->map); 1005 SLIST_INSERT_HEAD(&sc->free_sbuf, sbuf, next); 1006 1007 m_freem(sbuf->m); 1008 1009 if (sbuf->ni != NULL) 1010 ieee80211_release_node(ic, sbuf->ni); 1011 1012 /* kill watchdog timer */ 1013 sc->sc_tx_timer = 0; 1014 break; 1015 } 1016 sbd->type = IPW_SBD_TYPE_NOASSOC; 1017 } 1018 1019 void 1020 ipw_tx_intr(struct ipw_softc *sc) 1021 { 1022 struct ifnet *ifp = &sc->sc_ic.ic_if; 1023 struct ipw_soft_bd *sbd; 1024 uint32_t r, i; 1025 1026 r = CSR_READ_4(sc, IPW_CSR_TX_READ_INDEX); 1027 1028 for (i = (sc->txold + 1) % IPW_NTBD; i != r; i = (i + 1) % IPW_NTBD) { 1029 sbd = &sc->stbd_list[i]; 1030 1031 ipw_release_sbd(sc, sbd); 1032 sc->txfree++; 1033 } 1034 1035 /* remember what the firmware has processed */ 1036 sc->txold = (r == 0) ? IPW_NTBD - 1 : r - 1; 1037 1038 /* call start() since some buffer descriptors have been released */ 1039 ifq_clr_oactive(&ifp->if_snd); 1040 (*ifp->if_start)(ifp); 1041 } 1042 1043 int 1044 ipw_intr(void *arg) 1045 { 1046 struct ipw_softc *sc = arg; 1047 struct ifnet *ifp = &sc->sc_ic.ic_if; 1048 uint32_t r; 1049 1050 if ((r = CSR_READ_4(sc, IPW_CSR_INTR)) == 0 || r == 0xffffffff) 1051 return 0; 1052 1053 /* disable interrupts */ 1054 CSR_WRITE_4(sc, IPW_CSR_INTR_MASK, 0); 1055 1056 if (r & (IPW_INTR_FATAL_ERROR | IPW_INTR_PARITY_ERROR)) { 1057 printf("%s: fatal firmware error\n", sc->sc_dev.dv_xname); 1058 ipw_stop(ifp, 1); 1059 return 1; 1060 } 1061 1062 if (r & IPW_INTR_FW_INIT_DONE) 1063 wakeup(sc); 1064 1065 if (r & IPW_INTR_RX_TRANSFER) 1066 ipw_rx_intr(sc); 1067 1068 if (r & IPW_INTR_TX_TRANSFER) 1069 ipw_tx_intr(sc); 1070 1071 /* acknowledge interrupts */ 1072 CSR_WRITE_4(sc, IPW_CSR_INTR, r); 1073 1074 /* re-enable interrupts */ 1075 CSR_WRITE_4(sc, IPW_CSR_INTR_MASK, IPW_INTR_MASK); 1076 1077 return 1; 1078 } 1079 1080 int 1081 ipw_cmd(struct ipw_softc *sc, uint32_t type, void *data, uint32_t len) 1082 { 1083 struct ipw_soft_bd *sbd; 1084 int s, error; 1085 1086 s = splnet(); 1087 1088 sc->cmd.type = htole32(type); 1089 sc->cmd.subtype = htole32(0); 1090 sc->cmd.len = htole32(len); 1091 sc->cmd.seq = htole32(0); 1092 if (data != NULL) 1093 bcopy(data, sc->cmd.data, len); 1094 1095 error = bus_dmamap_load(sc->sc_dmat, sc->cmd_map, &sc->cmd, 1096 sizeof (struct ipw_cmd), NULL, BUS_DMA_NOWAIT); 1097 if (error != 0) { 1098 printf("%s: can't map command DMA memory\n", 1099 sc->sc_dev.dv_xname); 1100 splx(s); 1101 return error; 1102 } 1103 1104 sbd = &sc->stbd_list[sc->txcur]; 1105 sbd->type = IPW_SBD_TYPE_COMMAND; 1106 sbd->bd->physaddr = htole32(sc->cmd_map->dm_segs[0].ds_addr); 1107 sbd->bd->len = htole32(sizeof (struct ipw_cmd)); 1108 sbd->bd->nfrag = 1; 1109 sbd->bd->flags = IPW_BD_FLAG_TX_FRAME_COMMAND | 1110 IPW_BD_FLAG_TX_LAST_FRAGMENT; 1111 1112 bus_dmamap_sync(sc->sc_dmat, sc->cmd_map, 0, sizeof (struct ipw_cmd), 1113 BUS_DMASYNC_PREWRITE); 1114 bus_dmamap_sync(sc->sc_dmat, sc->tbd_map, 1115 sc->txcur * sizeof (struct ipw_bd), sizeof (struct ipw_bd), 1116 BUS_DMASYNC_PREWRITE); 1117 1118 sc->txcur = (sc->txcur + 1) % IPW_NTBD; 1119 sc->txfree--; 1120 CSR_WRITE_4(sc, IPW_CSR_TX_WRITE_INDEX, sc->txcur); 1121 1122 DPRINTFN(2, ("sending command type=%u,len=%u\n", type, len)); 1123 1124 /* wait at most one second for command to complete */ 1125 error = tsleep_nsec(&sc->cmd, 0, "ipwcmd", SEC_TO_NSEC(1)); 1126 splx(s); 1127 1128 return error; 1129 } 1130 1131 /* ARGSUSED */ 1132 int 1133 ipw_send_mgmt(struct ieee80211com *ic, struct ieee80211_node *ni, int type, 1134 int arg1, int arg2) 1135 { 1136 return EOPNOTSUPP; 1137 } 1138 1139 int 1140 ipw_tx_start(struct ifnet *ifp, struct mbuf *m, struct ieee80211_node *ni) 1141 { 1142 struct ipw_softc *sc = ifp->if_softc; 1143 struct ieee80211com *ic = &sc->sc_ic; 1144 struct ieee80211_frame *wh; 1145 struct ieee80211_key *k; 1146 struct ipw_soft_bd *sbd; 1147 struct ipw_soft_hdr *shdr; 1148 struct ipw_soft_buf *sbuf; 1149 int error, i; 1150 1151 wh = mtod(m, struct ieee80211_frame *); 1152 1153 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1154 k = ieee80211_get_txkey(ic, wh, ni); 1155 1156 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) 1157 return ENOBUFS; 1158 1159 /* packet header may have moved, reset our local pointer */ 1160 wh = mtod(m, struct ieee80211_frame *); 1161 } 1162 1163 #if NBPFILTER > 0 1164 if (sc->sc_drvbpf != NULL) { 1165 struct ipw_tx_radiotap_header *tap = &sc->sc_txtap; 1166 1167 tap->wt_flags = 0; 1168 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1169 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1170 1171 bpf_mtap_hdr(sc->sc_drvbpf, tap, sc->sc_txtap_len, 1172 m, BPF_DIRECTION_OUT); 1173 } 1174 #endif 1175 1176 shdr = SLIST_FIRST(&sc->free_shdr); 1177 sbuf = SLIST_FIRST(&sc->free_sbuf); 1178 1179 shdr->hdr.type = htole32(IPW_HDR_TYPE_SEND); 1180 shdr->hdr.subtype = htole32(0); 1181 shdr->hdr.encrypted = (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) ? 1 : 0; 1182 shdr->hdr.encrypt = 0; 1183 shdr->hdr.keyidx = 0; 1184 shdr->hdr.keysz = 0; 1185 shdr->hdr.fragmentsz = htole16(0); 1186 IEEE80211_ADDR_COPY(shdr->hdr.src_addr, wh->i_addr2); 1187 if (ic->ic_opmode == IEEE80211_M_STA) 1188 IEEE80211_ADDR_COPY(shdr->hdr.dst_addr, wh->i_addr3); 1189 else 1190 IEEE80211_ADDR_COPY(shdr->hdr.dst_addr, wh->i_addr1); 1191 1192 /* trim IEEE802.11 header */ 1193 m_adj(m, sizeof (struct ieee80211_frame)); 1194 1195 error = bus_dmamap_load_mbuf(sc->sc_dmat, sbuf->map, m, BUS_DMA_NOWAIT); 1196 if (error != 0 && error != EFBIG) { 1197 printf("%s: can't map mbuf (error %d)\n", 1198 sc->sc_dev.dv_xname, error); 1199 m_freem(m); 1200 return error; 1201 } 1202 if (error != 0) { 1203 /* too many fragments, linearize */ 1204 if (m_defrag(m, M_DONTWAIT)) { 1205 m_freem(m); 1206 return ENOBUFS; 1207 } 1208 error = bus_dmamap_load_mbuf(sc->sc_dmat, sbuf->map, m, 1209 BUS_DMA_NOWAIT); 1210 if (error != 0) { 1211 printf("%s: can't map mbuf (error %d)\n", 1212 sc->sc_dev.dv_xname, error); 1213 m_freem(m); 1214 return error; 1215 } 1216 } 1217 1218 error = bus_dmamap_load(sc->sc_dmat, shdr->map, &shdr->hdr, 1219 sizeof (struct ipw_hdr), NULL, BUS_DMA_NOWAIT); 1220 if (error != 0) { 1221 printf("%s: can't map header DMA memory (error %d)\n", 1222 sc->sc_dev.dv_xname, error); 1223 bus_dmamap_unload(sc->sc_dmat, sbuf->map); 1224 m_freem(m); 1225 return error; 1226 } 1227 1228 SLIST_REMOVE_HEAD(&sc->free_sbuf, next); 1229 SLIST_REMOVE_HEAD(&sc->free_shdr, next); 1230 1231 sbd = &sc->stbd_list[sc->txcur]; 1232 sbd->type = IPW_SBD_TYPE_HEADER; 1233 sbd->priv = shdr; 1234 sbd->bd->physaddr = htole32(shdr->map->dm_segs[0].ds_addr); 1235 sbd->bd->len = htole32(sizeof (struct ipw_hdr)); 1236 sbd->bd->nfrag = 1 + sbuf->map->dm_nsegs; 1237 sbd->bd->flags = IPW_BD_FLAG_TX_FRAME_802_3 | 1238 IPW_BD_FLAG_TX_NOT_LAST_FRAGMENT; 1239 1240 bus_dmamap_sync(sc->sc_dmat, sc->tbd_map, 1241 sc->txcur * sizeof (struct ipw_bd), 1242 sizeof (struct ipw_bd), BUS_DMASYNC_PREWRITE); 1243 1244 sc->txcur = (sc->txcur + 1) % IPW_NTBD; 1245 sc->txfree--; 1246 1247 sbuf->m = m; 1248 sbuf->ni = ni; 1249 1250 for (i = 0; i < sbuf->map->dm_nsegs; i++) { 1251 sbd = &sc->stbd_list[sc->txcur]; 1252 sbd->bd->physaddr = htole32(sbuf->map->dm_segs[i].ds_addr); 1253 sbd->bd->len = htole32(sbuf->map->dm_segs[i].ds_len); 1254 sbd->bd->nfrag = 0; /* used only in first bd */ 1255 sbd->bd->flags = IPW_BD_FLAG_TX_FRAME_802_3; 1256 if (i == sbuf->map->dm_nsegs - 1) { 1257 sbd->type = IPW_SBD_TYPE_DATA; 1258 sbd->priv = sbuf; 1259 sbd->bd->flags |= IPW_BD_FLAG_TX_LAST_FRAGMENT; 1260 } else { 1261 sbd->type = IPW_SBD_TYPE_NOASSOC; 1262 sbd->bd->flags |= IPW_BD_FLAG_TX_NOT_LAST_FRAGMENT; 1263 } 1264 1265 bus_dmamap_sync(sc->sc_dmat, sc->tbd_map, 1266 sc->txcur * sizeof (struct ipw_bd), 1267 sizeof (struct ipw_bd), BUS_DMASYNC_PREWRITE); 1268 1269 sc->txcur = (sc->txcur + 1) % IPW_NTBD; 1270 sc->txfree--; 1271 } 1272 1273 bus_dmamap_sync(sc->sc_dmat, sbuf->map, 0, sbuf->map->dm_mapsize, 1274 BUS_DMASYNC_PREWRITE); 1275 bus_dmamap_sync(sc->sc_dmat, shdr->map, 0, sizeof (struct ipw_hdr), 1276 BUS_DMASYNC_PREWRITE); 1277 1278 /* inform firmware about this new packet */ 1279 CSR_WRITE_4(sc, IPW_CSR_TX_WRITE_INDEX, sc->txcur); 1280 1281 return 0; 1282 } 1283 1284 void 1285 ipw_start(struct ifnet *ifp) 1286 { 1287 struct ipw_softc *sc = ifp->if_softc; 1288 struct ieee80211com *ic = &sc->sc_ic; 1289 struct ieee80211_node *ni; 1290 struct mbuf *m; 1291 1292 if (ic->ic_state != IEEE80211_S_RUN) 1293 return; 1294 1295 for (;;) { 1296 if (sc->txfree < 1 + IPW_MAX_NSEG) { 1297 ifq_set_oactive(&ifp->if_snd); 1298 break; 1299 } 1300 1301 m = ifq_dequeue(&ifp->if_snd); 1302 if (m == NULL) 1303 break; 1304 1305 #if NBPFILTER > 0 1306 if (ifp->if_bpf != NULL) 1307 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 1308 #endif 1309 1310 m = ieee80211_encap(ifp, m, &ni); 1311 if (m == NULL) 1312 continue; 1313 #if NBPFILTER > 0 1314 if (ic->ic_rawbpf != NULL) 1315 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 1316 #endif 1317 if (ipw_tx_start(ifp, m, ni) != 0) { 1318 if (ni != NULL) 1319 ieee80211_release_node(ic, ni); 1320 ifp->if_oerrors++; 1321 break; 1322 } 1323 1324 /* start watchdog timer */ 1325 sc->sc_tx_timer = 5; 1326 ifp->if_timer = 1; 1327 } 1328 } 1329 1330 void 1331 ipw_watchdog(struct ifnet *ifp) 1332 { 1333 struct ipw_softc *sc = ifp->if_softc; 1334 1335 ifp->if_timer = 0; 1336 1337 if (sc->sc_tx_timer > 0) { 1338 if (--sc->sc_tx_timer == 0) { 1339 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1340 ipw_stop(ifp, 1); 1341 ifp->if_oerrors++; 1342 return; 1343 } 1344 ifp->if_timer = 1; 1345 } 1346 1347 ieee80211_watchdog(ifp); 1348 } 1349 1350 int 1351 ipw_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1352 { 1353 struct ipw_softc *sc = ifp->if_softc; 1354 int s, error = 0; 1355 1356 error = rw_enter(&sc->sc_rwlock, RW_WRITE | RW_INTR); 1357 if (error) 1358 return error; 1359 s = splnet(); 1360 1361 switch (cmd) { 1362 case SIOCSIFADDR: 1363 ifp->if_flags |= IFF_UP; 1364 /* FALLTHROUGH */ 1365 case SIOCSIFFLAGS: 1366 if (ifp->if_flags & IFF_UP) { 1367 if (!(ifp->if_flags & IFF_RUNNING)) 1368 ipw_init(ifp); 1369 } else { 1370 if (ifp->if_flags & IFF_RUNNING) 1371 ipw_stop(ifp, 1); 1372 } 1373 break; 1374 1375 case SIOCG80211TXPOWER: 1376 /* 1377 * If the hardware radio transmitter switch is off, report a 1378 * tx power of IEEE80211_TXPOWER_MIN to indicate that radio 1379 * transmitter is killed. 1380 */ 1381 ((struct ieee80211_txpower *)data)->i_val = 1382 (CSR_READ_4(sc, IPW_CSR_IO) & IPW_IO_RADIO_DISABLED) ? 1383 IEEE80211_TXPOWER_MIN : sc->sc_ic.ic_txpower; 1384 break; 1385 1386 default: 1387 error = ieee80211_ioctl(ifp, cmd, data); 1388 } 1389 1390 if (error == ENETRESET) { 1391 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1392 (IFF_UP | IFF_RUNNING)) 1393 ipw_init(ifp); 1394 error = 0; 1395 } 1396 1397 splx(s); 1398 rw_exit_write(&sc->sc_rwlock); 1399 return error; 1400 } 1401 1402 uint32_t 1403 ipw_read_table1(struct ipw_softc *sc, uint32_t off) 1404 { 1405 return MEM_READ_4(sc, MEM_READ_4(sc, sc->table1_base + off)); 1406 } 1407 1408 void 1409 ipw_write_table1(struct ipw_softc *sc, uint32_t off, uint32_t info) 1410 { 1411 MEM_WRITE_4(sc, MEM_READ_4(sc, sc->table1_base + off), info); 1412 } 1413 1414 int 1415 ipw_read_table2(struct ipw_softc *sc, uint32_t off, void *buf, uint32_t *len) 1416 { 1417 uint32_t addr, info; 1418 uint16_t count, size; 1419 uint32_t total; 1420 1421 /* addr[4] + count[2] + size[2] */ 1422 addr = MEM_READ_4(sc, sc->table2_base + off); 1423 info = MEM_READ_4(sc, sc->table2_base + off + 4); 1424 1425 count = info >> 16; 1426 size = info & 0xffff; 1427 total = count * size; 1428 1429 if (total > *len) { 1430 *len = total; 1431 return EINVAL; 1432 } 1433 *len = total; 1434 ipw_read_mem_1(sc, addr, buf, total); 1435 1436 return 0; 1437 } 1438 1439 void 1440 ipw_stop_master(struct ipw_softc *sc) 1441 { 1442 uint32_t tmp; 1443 int ntries; 1444 1445 /* disable interrupts */ 1446 CSR_WRITE_4(sc, IPW_CSR_INTR_MASK, 0); 1447 1448 CSR_WRITE_4(sc, IPW_CSR_RST, IPW_RST_STOP_MASTER); 1449 for (ntries = 0; ntries < 50; ntries++) { 1450 if (CSR_READ_4(sc, IPW_CSR_RST) & IPW_RST_MASTER_DISABLED) 1451 break; 1452 DELAY(10); 1453 } 1454 if (ntries == 50) 1455 printf("%s: timeout waiting for master\n", 1456 sc->sc_dev.dv_xname); 1457 1458 tmp = CSR_READ_4(sc, IPW_CSR_RST); 1459 CSR_WRITE_4(sc, IPW_CSR_RST, tmp | IPW_RST_PRINCETON_RESET); 1460 } 1461 1462 int 1463 ipw_reset(struct ipw_softc *sc) 1464 { 1465 uint32_t tmp; 1466 int ntries; 1467 1468 ipw_stop_master(sc); 1469 1470 /* move adapter to D0 state */ 1471 tmp = CSR_READ_4(sc, IPW_CSR_CTL); 1472 CSR_WRITE_4(sc, IPW_CSR_CTL, tmp | IPW_CTL_INIT); 1473 1474 /* wait for clock stabilization */ 1475 for (ntries = 0; ntries < 1000; ntries++) { 1476 if (CSR_READ_4(sc, IPW_CSR_CTL) & IPW_CTL_CLOCK_READY) 1477 break; 1478 DELAY(200); 1479 } 1480 if (ntries == 1000) 1481 return EIO; 1482 1483 tmp = CSR_READ_4(sc, IPW_CSR_RST); 1484 CSR_WRITE_4(sc, IPW_CSR_RST, tmp | IPW_RST_SW_RESET); 1485 1486 DELAY(10); 1487 1488 tmp = CSR_READ_4(sc, IPW_CSR_CTL); 1489 CSR_WRITE_4(sc, IPW_CSR_CTL, tmp | IPW_CTL_INIT); 1490 1491 return 0; 1492 } 1493 1494 int 1495 ipw_load_ucode(struct ipw_softc *sc, u_char *uc, int size) 1496 { 1497 int ntries; 1498 1499 /* voodoo from the Intel Linux driver */ 1500 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 1501 CSR_WRITE_4(sc, IPW_CSR_RST, 0); 1502 1503 MEM_WRITE_2(sc, 0x220000, 0x0703); 1504 MEM_WRITE_2(sc, 0x220000, 0x0707); 1505 1506 MEM_WRITE_1(sc, 0x210014, 0x72); 1507 MEM_WRITE_1(sc, 0x210014, 0x72); 1508 1509 MEM_WRITE_1(sc, 0x210000, 0x40); 1510 MEM_WRITE_1(sc, 0x210000, 0x00); 1511 MEM_WRITE_1(sc, 0x210000, 0x40); 1512 1513 MEM_WRITE_MULTI_1(sc, 0x210010, uc, size); 1514 1515 MEM_WRITE_1(sc, 0x210000, 0x00); 1516 MEM_WRITE_1(sc, 0x210000, 0x00); 1517 MEM_WRITE_1(sc, 0x210000, 0x80); 1518 1519 MEM_WRITE_2(sc, 0x220000, 0x0703); 1520 MEM_WRITE_2(sc, 0x220000, 0x0707); 1521 1522 MEM_WRITE_1(sc, 0x210014, 0x72); 1523 MEM_WRITE_1(sc, 0x210014, 0x72); 1524 1525 MEM_WRITE_1(sc, 0x210000, 0x00); 1526 MEM_WRITE_1(sc, 0x210000, 0x80); 1527 1528 for (ntries = 0; ntries < 100; ntries++) { 1529 if (MEM_READ_1(sc, 0x210000) & 1) 1530 break; 1531 DELAY(1000); 1532 } 1533 if (ntries == 100) { 1534 printf("%s: timeout waiting for ucode to initialize\n", 1535 sc->sc_dev.dv_xname); 1536 return EIO; 1537 } 1538 1539 MEM_WRITE_4(sc, 0x3000e0, 0); 1540 1541 return 0; 1542 } 1543 1544 /* set of macros to handle unaligned little endian data in firmware image */ 1545 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 1546 #define GETLE16(p) ((p)[0] | (p)[1] << 8) 1547 int 1548 ipw_load_firmware(struct ipw_softc *sc, u_char *fw, int size) 1549 { 1550 u_char *p, *end; 1551 uint32_t tmp, dst; 1552 uint16_t len; 1553 int error; 1554 1555 p = fw; 1556 end = fw + size; 1557 while (p < end) { 1558 if (p + 6 > end) 1559 return EINVAL; 1560 1561 dst = GETLE32(p); p += 4; 1562 len = GETLE16(p); p += 2; 1563 1564 if (p + len > end) 1565 return EINVAL; 1566 1567 ipw_write_mem_1(sc, dst, p, len); 1568 p += len; 1569 } 1570 1571 CSR_WRITE_4(sc, IPW_CSR_IO, IPW_IO_GPIO1_ENABLE | IPW_IO_GPIO3_MASK | 1572 IPW_IO_LED_OFF); 1573 1574 /* allow interrupts so we know when the firmware is inited */ 1575 CSR_WRITE_4(sc, IPW_CSR_INTR_MASK, IPW_INTR_MASK); 1576 1577 /* tell the adapter to initialize the firmware */ 1578 CSR_WRITE_4(sc, IPW_CSR_RST, 0); 1579 tmp = CSR_READ_4(sc, IPW_CSR_CTL); 1580 CSR_WRITE_4(sc, IPW_CSR_CTL, tmp | IPW_CTL_ALLOW_STANDBY); 1581 1582 /* wait at most one second for firmware initialization to complete */ 1583 if ((error = tsleep_nsec(sc, 0, "ipwinit", SEC_TO_NSEC(1))) != 0) { 1584 printf("%s: timeout waiting for firmware initialization to " 1585 "complete\n", sc->sc_dev.dv_xname); 1586 return error; 1587 } 1588 1589 tmp = CSR_READ_4(sc, IPW_CSR_IO); 1590 CSR_WRITE_4(sc, IPW_CSR_IO, tmp | IPW_IO_GPIO1_MASK | 1591 IPW_IO_GPIO3_MASK); 1592 1593 return 0; 1594 } 1595 1596 int 1597 ipw_read_firmware(struct ipw_softc *sc, struct ipw_firmware *fw) 1598 { 1599 const struct ipw_firmware_hdr *hdr; 1600 const char *name; 1601 int error; 1602 1603 switch (sc->sc_ic.ic_opmode) { 1604 case IEEE80211_M_STA: 1605 name = "ipw-bss"; 1606 break; 1607 #ifndef IEEE80211_STA_ONLY 1608 case IEEE80211_M_IBSS: 1609 name = "ipw-ibss"; 1610 break; 1611 #endif 1612 case IEEE80211_M_MONITOR: 1613 name = "ipw-monitor"; 1614 break; 1615 default: 1616 /* should not get there */ 1617 return ENODEV; 1618 } 1619 if ((error = loadfirmware(name, &fw->data, &fw->size)) != 0) 1620 return error; 1621 1622 if (fw->size < sizeof (*hdr)) { 1623 error = EINVAL; 1624 goto fail; 1625 } 1626 hdr = (const struct ipw_firmware_hdr *)fw->data; 1627 fw->main_size = letoh32(hdr->main_size); 1628 fw->ucode_size = letoh32(hdr->ucode_size); 1629 1630 if (fw->size < sizeof (*hdr) + fw->main_size + fw->ucode_size) { 1631 error = EINVAL; 1632 goto fail; 1633 } 1634 fw->main = fw->data + sizeof (*hdr); 1635 fw->ucode = fw->main + fw->main_size; 1636 1637 return 0; 1638 1639 fail: free(fw->data, M_DEVBUF, fw->size); 1640 return error; 1641 } 1642 1643 void 1644 ipw_scan(void *arg1) 1645 { 1646 struct ipw_softc *sc = arg1; 1647 struct ifnet *ifp = &sc->sc_ic.ic_if; 1648 struct ipw_scan_options scan; 1649 uint8_t ssid[IEEE80211_NWID_LEN]; 1650 int error; 1651 1652 /* 1653 * Firmware has a bug and does not honour the ``do not associate 1654 * after scan'' bit in the scan command. To prevent the firmware 1655 * from associating after the scan, we set the ESSID to something 1656 * unlikely to be used by a real AP. 1657 * XXX would setting the desired BSSID to a multicast address work? 1658 */ 1659 memset(ssid, '\r', sizeof ssid); 1660 error = ipw_cmd(sc, IPW_CMD_SET_ESSID, ssid, sizeof ssid); 1661 if (error != 0) 1662 goto fail; 1663 1664 /* no mandatory BSSID */ 1665 DPRINTF(("Setting mandatory BSSID to null\n")); 1666 error = ipw_cmd(sc, IPW_CMD_SET_MANDATORY_BSSID, NULL, 0); 1667 if (error != 0) 1668 goto fail; 1669 1670 scan.flags = htole32(IPW_SCAN_DO_NOT_ASSOCIATE | IPW_SCAN_MIXED_CELL); 1671 scan.channels = htole32(0x3fff); /* scan channels 1-14 */ 1672 DPRINTF(("Setting scan options to 0x%x\n", letoh32(scan.flags))); 1673 error = ipw_cmd(sc, IPW_CMD_SET_SCAN_OPTIONS, &scan, sizeof scan); 1674 if (error != 0) 1675 goto fail; 1676 1677 /* start scanning */ 1678 DPRINTF(("Enabling adapter\n")); 1679 error = ipw_cmd(sc, IPW_CMD_ENABLE, NULL, 0); 1680 if (error != 0) 1681 goto fail; 1682 1683 return; 1684 fail: 1685 printf("%s: scan request failed (error=%d)\n", sc->sc_dev.dv_xname, 1686 error); 1687 ieee80211_end_scan(ifp); 1688 } 1689 1690 void 1691 ipw_auth_and_assoc(void *arg1) 1692 { 1693 struct ipw_softc *sc = arg1; 1694 struct ieee80211com *ic = &sc->sc_ic; 1695 struct ieee80211_node *ni = ic->ic_bss; 1696 struct ipw_scan_options scan; 1697 struct ipw_security security; 1698 struct ipw_assoc_req assoc; 1699 uint32_t data; 1700 uint8_t chan; 1701 int s, error; 1702 1703 DPRINTF(("Disabling adapter\n")); 1704 error = ipw_cmd(sc, IPW_CMD_DISABLE, NULL, 0); 1705 if (error != 0) 1706 goto fail; 1707 #if 1 1708 /* wait at most one second for card to be disabled */ 1709 s = splnet(); 1710 error = tsleep_nsec(sc, 0, "ipwdis", SEC_TO_NSEC(1)); 1711 splx(s); 1712 if (error != 0) { 1713 printf("%s: timeout waiting for disabled state\n", 1714 sc->sc_dev.dv_xname); 1715 goto fail; 1716 } 1717 #else 1718 /* Intel's Linux driver polls for the DISABLED state instead.. */ 1719 for (ntries = 0; ntries < 1000; ntries++) { 1720 if (ipw_read_table1(sc, IPW_INFO_CARD_DISABLED) == 1) 1721 break; 1722 DELAY(10); 1723 } 1724 if (ntries == 1000) { 1725 printf("%s: timeout waiting for disabled state\n", 1726 sc->sc_dev.dv_xname); 1727 goto fail; 1728 } 1729 #endif 1730 1731 bzero(&security, sizeof security); 1732 security.authmode = IPW_AUTH_OPEN; 1733 security.ciphers = htole32(IPW_CIPHER_NONE); 1734 DPRINTF(("Setting authmode to %u\n", security.authmode)); 1735 error = ipw_cmd(sc, IPW_CMD_SET_SECURITY_INFORMATION, &security, 1736 sizeof security); 1737 if (error != 0) 1738 goto fail; 1739 1740 #ifdef IPW_DEBUG 1741 if (ipw_debug > 0) { 1742 printf("Setting ESSID to "); 1743 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 1744 printf("\n"); 1745 } 1746 #endif 1747 error = ipw_cmd(sc, IPW_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen); 1748 if (error != 0) 1749 goto fail; 1750 1751 DPRINTF(("Setting BSSID to %s\n", ether_sprintf(ni->ni_bssid))); 1752 error = ipw_cmd(sc, IPW_CMD_SET_MANDATORY_BSSID, ni->ni_bssid, 1753 IEEE80211_ADDR_LEN); 1754 if (error != 0) 1755 goto fail; 1756 1757 data = htole32((ic->ic_flags & (IEEE80211_F_WEPON | 1758 IEEE80211_F_RSNON)) ? IPW_PRIVACYON : 0); 1759 DPRINTF(("Setting privacy flags to 0x%x\n", letoh32(data))); 1760 error = ipw_cmd(sc, IPW_CMD_SET_PRIVACY_FLAGS, &data, sizeof data); 1761 if (error != 0) 1762 goto fail; 1763 1764 /* let firmware set the capinfo, lintval, and bssid fixed fields */ 1765 bzero(&assoc, sizeof assoc); 1766 if (ic->ic_flags & IEEE80211_F_RSNON) { 1767 uint8_t *frm = assoc.optie; 1768 1769 /* tell firmware to add a WPA or RSN IE in (Re)Assoc req */ 1770 if (ni->ni_rsnprotos & IEEE80211_PROTO_RSN) 1771 frm = ieee80211_add_rsn(frm, ic, ni); 1772 else if (ni->ni_rsnprotos & IEEE80211_PROTO_WPA) 1773 frm = ieee80211_add_wpa(frm, ic, ni); 1774 assoc.optie_len = htole32(frm - assoc.optie); 1775 } 1776 DPRINTF(("Preparing assocation request (optional IE length=%d)\n", 1777 letoh32(assoc.optie_len))); 1778 error = ipw_cmd(sc, IPW_CMD_SET_ASSOC_REQ, &assoc, sizeof assoc); 1779 if (error != 0) 1780 goto fail; 1781 1782 scan.flags = htole32(IPW_SCAN_MIXED_CELL); 1783 chan = ieee80211_chan2ieee(ic, ni->ni_chan); 1784 scan.channels = htole32(1 << (chan - 1)); 1785 DPRINTF(("Setting scan options to 0x%x\n", letoh32(scan.flags))); 1786 error = ipw_cmd(sc, IPW_CMD_SET_SCAN_OPTIONS, &scan, sizeof scan); 1787 if (error != 0) 1788 goto fail; 1789 1790 /* trigger scan+association */ 1791 DPRINTF(("Enabling adapter\n")); 1792 error = ipw_cmd(sc, IPW_CMD_ENABLE, NULL, 0); 1793 if (error != 0) 1794 goto fail; 1795 1796 /* 1797 * net80211 won't see the AP's auth response. Move to ASSOC state 1798 * in order to make net80211 accept the AP's assoc response. 1799 */ 1800 ic->ic_newstate(ic, IEEE80211_S_ASSOC, -1); 1801 1802 return; 1803 fail: 1804 printf("%s: association failed (error=%d)\n", sc->sc_dev.dv_xname, 1805 error); 1806 ieee80211_begin_scan(&ic->ic_if); 1807 } 1808 1809 int 1810 ipw_config(struct ipw_softc *sc) 1811 { 1812 struct ieee80211com *ic = &sc->sc_ic; 1813 struct ifnet *ifp = &ic->ic_if; 1814 struct ipw_configuration config; 1815 uint32_t data; 1816 int error; 1817 1818 switch (ic->ic_opmode) { 1819 case IEEE80211_M_STA: 1820 data = htole32(IPW_MODE_BSS); 1821 break; 1822 #ifndef IEEE80211_STA_ONLY 1823 case IEEE80211_M_IBSS: 1824 data = htole32(IPW_MODE_IBSS); 1825 break; 1826 #endif 1827 case IEEE80211_M_MONITOR: 1828 data = htole32(IPW_MODE_MONITOR); 1829 break; 1830 default: 1831 /* should not get there */ 1832 return ENODEV; 1833 } 1834 DPRINTF(("Setting mode to %u\n", letoh32(data))); 1835 error = ipw_cmd(sc, IPW_CMD_SET_MODE, &data, sizeof data); 1836 if (error != 0) 1837 return error; 1838 1839 if ( 1840 #ifndef IEEE80211_STA_ONLY 1841 ic->ic_opmode == IEEE80211_M_IBSS || 1842 #endif 1843 ic->ic_opmode == IEEE80211_M_MONITOR) { 1844 data = htole32(ieee80211_chan2ieee(ic, ic->ic_ibss_chan)); 1845 DPRINTF(("Setting channel to %u\n", letoh32(data))); 1846 error = ipw_cmd(sc, IPW_CMD_SET_CHANNEL, &data, sizeof data); 1847 if (error != 0) 1848 return error; 1849 } 1850 1851 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 1852 DPRINTF(("Enabling adapter\n")); 1853 return ipw_cmd(sc, IPW_CMD_ENABLE, NULL, 0); 1854 } 1855 1856 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1857 DPRINTF(("Setting MAC address to %s\n", ether_sprintf(ic->ic_myaddr))); 1858 error = ipw_cmd(sc, IPW_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 1859 IEEE80211_ADDR_LEN); 1860 if (error != 0) 1861 return error; 1862 1863 config.flags = htole32(IPW_CFG_BSS_MASK | IPW_CFG_IBSS_MASK | 1864 IPW_CFG_PREAMBLE_AUTO | IPW_CFG_802_1X_ENABLE); 1865 #ifndef IEEE80211_STA_ONLY 1866 if (ic->ic_opmode == IEEE80211_M_IBSS) 1867 config.flags |= htole32(IPW_CFG_IBSS_AUTO_START); 1868 #endif 1869 if (ifp->if_flags & IFF_PROMISC) 1870 config.flags |= htole32(IPW_CFG_PROMISCUOUS); 1871 config.bss_chan = htole32(0x3fff); /* channels 1-14 */ 1872 config.ibss_chan = htole32(0x7ff); /* channels 1-11 */ 1873 DPRINTF(("Setting configuration 0x%x\n", config.flags)); 1874 error = ipw_cmd(sc, IPW_CMD_SET_CONFIGURATION, &config, sizeof config); 1875 if (error != 0) 1876 return error; 1877 1878 data = htole32(ic->ic_rtsthreshold); 1879 DPRINTF(("Setting RTS threshold to %u\n", letoh32(data))); 1880 error = ipw_cmd(sc, IPW_CMD_SET_RTS_THRESHOLD, &data, sizeof data); 1881 if (error != 0) 1882 return error; 1883 1884 data = htole32(ic->ic_fragthreshold); 1885 DPRINTF(("Setting frag threshold to %u\n", letoh32(data))); 1886 error = ipw_cmd(sc, IPW_CMD_SET_FRAG_THRESHOLD, &data, sizeof data); 1887 if (error != 0) 1888 return error; 1889 1890 data = htole32(0x3); /* 1, 2 */ 1891 DPRINTF(("Setting basic tx rates to 0x%x\n", letoh32(data))); 1892 error = ipw_cmd(sc, IPW_CMD_SET_BASIC_TX_RATES, &data, sizeof data); 1893 if (error != 0) 1894 return error; 1895 1896 data = htole32(0xf); /* 1, 2, 5.5, 11 */ 1897 DPRINTF(("Setting tx rates to 0x%x\n", letoh32(data))); 1898 error = ipw_cmd(sc, IPW_CMD_SET_TX_RATES, &data, sizeof data); 1899 if (error != 0) 1900 return error; 1901 1902 data = htole32(0xf); /* 1, 2, 5.5, 11 */ 1903 DPRINTF(("Setting MSDU tx rates to 0x%x\n", letoh32(data))); 1904 error = ipw_cmd(sc, IPW_CMD_SET_MSDU_TX_RATES, &data, sizeof data); 1905 if (error != 0) 1906 return error; 1907 1908 data = htole32(IPW_POWER_MODE_CAM); 1909 DPRINTF(("Setting power mode to %u\n", letoh32(data))); 1910 error = ipw_cmd(sc, IPW_CMD_SET_POWER_MODE, &data, sizeof data); 1911 if (error != 0) 1912 return error; 1913 1914 #ifndef IEEE80211_STA_ONLY 1915 if (ic->ic_opmode == IEEE80211_M_IBSS) { 1916 data = htole32(32); /* default value */ 1917 DPRINTF(("Setting tx power index to %u\n", letoh32(data))); 1918 error = ipw_cmd(sc, IPW_CMD_SET_TX_POWER_INDEX, &data, 1919 sizeof data); 1920 if (error != 0) 1921 return error; 1922 1923 data = htole32(ic->ic_lintval); 1924 DPRINTF(("Setting beacon interval to %u\n", letoh32(data))); 1925 error = ipw_cmd(sc, IPW_CMD_SET_BEACON_INTERVAL, &data, 1926 sizeof data); 1927 if (error != 0) 1928 return error; 1929 } 1930 #endif 1931 return 0; 1932 } 1933 1934 int 1935 ipw_init(struct ifnet *ifp) 1936 { 1937 struct ipw_softc *sc = ifp->if_softc; 1938 struct ieee80211com *ic = &sc->sc_ic; 1939 struct ipw_firmware fw; 1940 int error; 1941 1942 ipw_stop(ifp, 0); 1943 1944 if ((error = ipw_reset(sc)) != 0) { 1945 printf("%s: could not reset adapter\n", sc->sc_dev.dv_xname); 1946 goto fail1; 1947 } 1948 1949 if ((error = ipw_read_firmware(sc, &fw)) != 0) { 1950 printf("%s: error %d, could not read firmware\n", 1951 sc->sc_dev.dv_xname, error); 1952 goto fail1; 1953 } 1954 if ((error = ipw_load_ucode(sc, fw.ucode, fw.ucode_size)) != 0) { 1955 printf("%s: could not load microcode\n", sc->sc_dev.dv_xname); 1956 goto fail2; 1957 } 1958 1959 ipw_stop_master(sc); 1960 1961 /* 1962 * Setup tx, rx and status rings. 1963 */ 1964 CSR_WRITE_4(sc, IPW_CSR_TX_BD_BASE, sc->tbd_map->dm_segs[0].ds_addr); 1965 CSR_WRITE_4(sc, IPW_CSR_TX_BD_SIZE, IPW_NTBD); 1966 CSR_WRITE_4(sc, IPW_CSR_TX_READ_INDEX, 0); 1967 CSR_WRITE_4(sc, IPW_CSR_TX_WRITE_INDEX, 0); 1968 sc->txold = IPW_NTBD - 1; /* latest bd index ack by firmware */ 1969 sc->txcur = 0; /* bd index to write to */ 1970 sc->txfree = IPW_NTBD - 2; 1971 1972 CSR_WRITE_4(sc, IPW_CSR_RX_BD_BASE, sc->rbd_map->dm_segs[0].ds_addr); 1973 CSR_WRITE_4(sc, IPW_CSR_RX_BD_SIZE, IPW_NRBD); 1974 CSR_WRITE_4(sc, IPW_CSR_RX_READ_INDEX, 0); 1975 CSR_WRITE_4(sc, IPW_CSR_RX_WRITE_INDEX, IPW_NRBD - 1); 1976 sc->rxcur = IPW_NRBD - 1; /* latest bd index I've read */ 1977 1978 CSR_WRITE_4(sc, IPW_CSR_RX_STATUS_BASE, 1979 sc->status_map->dm_segs[0].ds_addr); 1980 1981 if ((error = ipw_load_firmware(sc, fw.main, fw.main_size)) != 0) { 1982 printf("%s: could not load firmware\n", sc->sc_dev.dv_xname); 1983 goto fail2; 1984 } 1985 free(fw.data, M_DEVBUF, fw.size); 1986 fw.data = NULL; 1987 1988 /* retrieve information tables base addresses */ 1989 sc->table1_base = CSR_READ_4(sc, IPW_CSR_TABLE1_BASE); 1990 sc->table2_base = CSR_READ_4(sc, IPW_CSR_TABLE2_BASE); 1991 1992 ipw_write_table1(sc, IPW_INFO_LOCK, 0); 1993 1994 if ((error = ipw_config(sc)) != 0) { 1995 printf("%s: device configuration failed\n", 1996 sc->sc_dev.dv_xname); 1997 goto fail1; 1998 } 1999 2000 ifq_clr_oactive(&ifp->if_snd); 2001 ifp->if_flags |= IFF_RUNNING; 2002 2003 if (ic->ic_opmode != IEEE80211_M_MONITOR) 2004 ieee80211_begin_scan(ifp); 2005 else 2006 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2007 2008 return 0; 2009 2010 fail2: free(fw.data, M_DEVBUF, fw.size); 2011 fw.data = NULL; 2012 fail1: ipw_stop(ifp, 0); 2013 return error; 2014 } 2015 2016 void 2017 ipw_stop(struct ifnet *ifp, int disable) 2018 { 2019 struct ipw_softc *sc = ifp->if_softc; 2020 struct ieee80211com *ic = &sc->sc_ic; 2021 int i; 2022 2023 ipw_stop_master(sc); 2024 CSR_WRITE_4(sc, IPW_CSR_RST, IPW_RST_SW_RESET); 2025 2026 ifp->if_timer = 0; 2027 ifp->if_flags &= ~IFF_RUNNING; 2028 ifq_clr_oactive(&ifp->if_snd); 2029 2030 /* 2031 * Release tx buffers. 2032 */ 2033 for (i = 0; i < IPW_NTBD; i++) 2034 ipw_release_sbd(sc, &sc->stbd_list[i]); 2035 2036 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2037 } 2038 2039 void 2040 ipw_read_mem_1(struct ipw_softc *sc, bus_size_t offset, uint8_t *datap, 2041 bus_size_t count) 2042 { 2043 for (; count > 0; offset++, datap++, count--) { 2044 CSR_WRITE_4(sc, IPW_CSR_INDIRECT_ADDR, offset & ~3); 2045 *datap = CSR_READ_1(sc, IPW_CSR_INDIRECT_DATA + (offset & 3)); 2046 } 2047 } 2048 2049 void 2050 ipw_write_mem_1(struct ipw_softc *sc, bus_size_t offset, uint8_t *datap, 2051 bus_size_t count) 2052 { 2053 for (; count > 0; offset++, datap++, count--) { 2054 CSR_WRITE_4(sc, IPW_CSR_INDIRECT_ADDR, offset & ~3); 2055 CSR_WRITE_1(sc, IPW_CSR_INDIRECT_DATA + (offset & 3), *datap); 2056 } 2057 } 2058 2059 struct cfdriver ipw_cd = { 2060 NULL, "ipw", DV_IFNET 2061 }; 2062