1 /* 2 * Copyright (c) 2004-2006 3 * Damien Bergamini <damien.bergamini@free.fr>. 4 * Copyright (c) 2004, 2005 5 * Andrew Atrens <atrens@nortelnetworks.com>. 6 * 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice unmodified, this list of conditions, and the following 14 * disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.8.2.6 2006/02/23 02:06:46 sam Exp $ 32 * $DragonFly: src/sys/dev/netif/iwi/if_iwi.c,v 1.15 2006/09/05 00:55:40 dillon Exp $ 33 */ 34 35 /*- 36 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 37 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 38 */ 39 40 #include <sys/param.h> 41 #include <sys/sysctl.h> 42 #include <sys/sockio.h> 43 #include <sys/mbuf.h> 44 #include <sys/kernel.h> 45 #include <sys/kthread.h> 46 #include <sys/socket.h> 47 #include <sys/systm.h> 48 #include <sys/malloc.h> 49 #include <sys/module.h> 50 #include <sys/bus.h> 51 #include <sys/endian.h> 52 #include <sys/proc.h> 53 #include <sys/ucred.h> 54 #include <sys/serialize.h> 55 56 #include <machine/bus.h> 57 #include <machine/resource.h> 58 #include <sys/rman.h> 59 60 #include <bus/pci/pcidevs.h> 61 #include <bus/pci/pcireg.h> 62 #include <bus/pci/pcivar.h> 63 64 #include <net/bpf.h> 65 #include <net/if.h> 66 #include <net/if_arp.h> 67 #include <net/ethernet.h> 68 #include <net/if_dl.h> 69 #include <net/if_media.h> 70 #include <net/if_types.h> 71 #include <net/ifq_var.h> 72 73 #include <netproto/802_11/ieee80211_var.h> 74 #include <netproto/802_11/ieee80211_radiotap.h> 75 76 #include <netinet/in.h> 77 #include <netinet/in_systm.h> 78 #include <netinet/in_var.h> 79 #include <netinet/ip.h> 80 #include <netinet/if_ether.h> 81 82 #include <dev/netif/iwi/if_iwireg.h> 83 #include <dev/netif/iwi/if_iwivar.h> 84 85 #ifdef IWI_DEBUG 86 #define DPRINTF(x) do { if (iwi_debug > 0) printf x; } while (0) 87 #define DPRINTFN(n, x) do { if (iwi_debug >= (n)) printf x; } while (0) 88 int iwi_debug = 0; 89 SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level"); 90 #else 91 #define DPRINTF(x) 92 #define DPRINTFN(n, x) 93 #endif 94 95 static struct iwi_ident { 96 uint16_t vendor; 97 uint16_t device; 98 const char *name; 99 } iwi_ident_table[] = { 100 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2200BG, 101 "Intel(R) PRO/Wireless 2200BG" }, 102 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2225BG, 103 "Intel(R) PRO/Wireless 2225BG" }, 104 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1, 105 "Intel(R) PRO/Wireless 2915ABG" }, 106 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2, 107 "Intel(R) PRO/Wireless 2915ABG" }, 108 { 0, 0, NULL } 109 }; 110 111 static void iwi_fw_monitor(void *); 112 static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 113 static void iwi_dma_map_mbuf(void *, bus_dma_segment_t *, int, bus_size_t, 114 int); 115 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 116 int); 117 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 118 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 119 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 120 int, bus_addr_t, bus_addr_t); 121 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 122 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 123 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 124 int); 125 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 126 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 127 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 128 static void iwi_node_free(struct ieee80211_node *); 129 static int iwi_media_change(struct ifnet *); 130 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 131 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 132 static int iwi_wme_update(struct ieee80211com *); 133 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 134 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 135 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 136 struct iwi_frame *); 137 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 138 static void iwi_rx_intr(struct iwi_softc *); 139 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 140 static void iwi_intr(void *); 141 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 142 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 143 static int iwi_tx_start(struct ifnet *, struct mbuf *, 144 struct ieee80211_node *, int); 145 static void iwi_start(struct ifnet *); 146 static void iwi_watchdog(struct ifnet *); 147 static int iwi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 148 static void iwi_stop_master(struct iwi_softc *); 149 static int iwi_reset(struct iwi_softc *); 150 static int iwi_load_ucode(struct iwi_softc *, void *, int); 151 static int iwi_load_firmware(struct iwi_softc *, void *, int); 152 static int iwi_cache_firmware(struct iwi_softc *, void *); 153 static void iwi_free_firmware(struct iwi_softc *); 154 static int iwi_config(struct iwi_softc *); 155 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 156 static int iwi_scan(struct iwi_softc *); 157 static int iwi_auth_and_assoc(struct iwi_softc *); 158 static void iwi_init(void *); 159 static void iwi_stop(void *); 160 static int iwi_sysctl_stats(SYSCTL_HANDLER_ARGS); 161 static int iwi_sysctl_radio(SYSCTL_HANDLER_ARGS); 162 163 static int iwi_probe(device_t); 164 static int iwi_attach(device_t); 165 static int iwi_detach(device_t); 166 static int iwi_shutdown(device_t); 167 static int iwi_suspend(device_t); 168 static int iwi_resume(device_t); 169 170 static int iwi_alloc_ibss_node(struct iwi_softc *); 171 static void iwi_free_ibss_node(struct iwi_softc *, int); 172 173 static device_method_t iwi_methods[] = { 174 /* Device interface */ 175 DEVMETHOD(device_probe, iwi_probe), 176 DEVMETHOD(device_attach, iwi_attach), 177 DEVMETHOD(device_detach, iwi_detach), 178 DEVMETHOD(device_shutdown, iwi_shutdown), 179 DEVMETHOD(device_suspend, iwi_suspend), 180 DEVMETHOD(device_resume, iwi_resume), 181 182 { 0, 0 } 183 }; 184 185 static driver_t iwi_driver = { 186 "iwi", 187 iwi_methods, 188 sizeof (struct iwi_softc) 189 }; 190 191 static devclass_t iwi_devclass; 192 193 DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0); 194 195 MODULE_DEPEND(iwi, pci, 1, 1, 1); 196 MODULE_DEPEND(iwi, wlan, 1, 1, 1); 197 198 /* 199 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 200 */ 201 static const struct ieee80211_rateset iwi_rateset_11a = 202 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 203 204 static const struct ieee80211_rateset iwi_rateset_11b = 205 { 4, { 2, 4, 11, 22 } }; 206 207 static const struct ieee80211_rateset iwi_rateset_11g = 208 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 209 210 static void 211 iwi_fw_monitor(void *arg) 212 { 213 struct iwi_softc *sc = arg; 214 struct ifnet *ifp = &sc->sc_ic.ic_if; 215 216 lwkt_serialize_enter(ifp->if_serializer); 217 for (;;) { 218 int error = 0; 219 220 /* 221 * Test to see whether we are detaching, 222 * this is used to avoid race condition 223 * especially when attaching fails. 224 */ 225 if ((sc->flags & IWI_FLAG_EXIT) == 0) { 226 crit_enter(); 227 tsleep_interlock(IWI_FW_WAKE_MONITOR(sc)); 228 lwkt_serialize_exit(ifp->if_serializer); 229 error = tsleep(IWI_FW_WAKE_MONITOR(sc), 230 0, "iwifwm", 0); 231 crit_exit(); 232 lwkt_serialize_enter(ifp->if_serializer); 233 } 234 235 if (error == 0) { 236 int boff; 237 238 if (sc->flags & IWI_FLAG_EXIT) 239 break; 240 else if ((sc->flags & IWI_FLAG_RESET) == 0) 241 continue; 242 243 if_printf(ifp, "reset firmware\n"); 244 for (boff = 1; sc->flags & IWI_FLAG_RESET; boff++) { 245 iwi_init(sc); 246 if (sc->flags & IWI_FLAG_FW_INITED) { 247 sc->flags &= ~IWI_FLAG_RESET; 248 } else if (boff > 10) { /* XXX */ 249 if_printf(ifp, "fw reset failed. " 250 "retrying...\n"); 251 252 /* XXX avoid to sleep to long */ 253 boff = 1; 254 } 255 256 /* 257 * Since this would be infinite loop, 258 * if reseting firmware never succeeded, 259 * we test to see whether we are detaching. 260 */ 261 if (sc->flags & IWI_FLAG_EXIT) 262 break; 263 264 crit_enter(); 265 tsleep_interlock(IWI_FW_CMD_ACKED(sc)); 266 lwkt_serialize_exit(ifp->if_serializer); 267 error = tsleep(IWI_FW_CMD_ACKED(sc), 0, 268 "iwirun", boff * hz); 269 crit_exit(); 270 lwkt_serialize_enter(ifp->if_serializer); 271 } 272 } 273 } 274 lwkt_serialize_exit(ifp->if_serializer); 275 276 if_printf(ifp, "fw monitor exiting\n"); 277 wakeup(IWI_FW_EXIT_MONITOR(sc)); 278 kthread_exit(); 279 } 280 281 static int 282 iwi_probe(device_t dev) 283 { 284 const struct iwi_ident *ident; 285 uint16_t vid, did; 286 287 vid = pci_get_vendor(dev); 288 did = pci_get_device(dev); 289 for (ident = iwi_ident_table; ident->name != NULL; ident++) { 290 if (vid == ident->vendor && did == ident->device) { 291 device_set_desc(dev, ident->name); 292 return 0; 293 } 294 } 295 return ENXIO; 296 } 297 298 /* Base Address Register */ 299 #define IWI_PCI_BAR0 0x10 300 301 static int 302 iwi_attach(device_t dev) 303 { 304 struct iwi_softc *sc = device_get_softc(dev); 305 struct ieee80211com *ic = &sc->sc_ic; 306 struct ifnet *ifp = &ic->ic_if; 307 uint16_t val; 308 int error, i; 309 310 sc->sc_dev = dev; 311 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 312 313 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { 314 device_printf(dev, "chip is in D%d power mode " 315 "-- setting to D0\n", pci_get_powerstate(dev)); 316 pci_set_powerstate(dev, PCI_POWERSTATE_D0); 317 } 318 319 pci_write_config(dev, 0x41, 0, 1); 320 321 /* enable bus-mastering */ 322 pci_enable_busmaster(dev); 323 324 sc->mem_rid = IWI_PCI_BAR0; 325 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid, 326 RF_ACTIVE); 327 if (sc->mem == NULL) { 328 device_printf(dev, "could not allocate memory resource\n"); 329 return ENXIO; 330 } 331 sc->sc_st = rman_get_bustag(sc->mem); 332 sc->sc_sh = rman_get_bushandle(sc->mem); 333 334 sc->irq_rid = 0; 335 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid, 336 RF_ACTIVE | RF_SHAREABLE); 337 if (sc->irq == NULL) { 338 device_printf(dev, "could not allocate interrupt resource\n"); 339 goto fail; 340 } 341 342 if (iwi_reset(sc) != 0) { 343 device_printf(dev, "could not reset adapter\n"); 344 goto fail; 345 } 346 347 /* 348 * Allocate rings. 349 */ 350 error = iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT); 351 if (error != 0) { 352 device_printf(dev, "could not allocate Cmd ring\n"); 353 goto fail; 354 } 355 356 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 357 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 358 if (error != 0) { 359 device_printf(dev, "could not allocate Tx ring 1\n"); 360 goto fail; 361 } 362 363 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 364 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 365 if (error != 0) { 366 device_printf(dev, "could not allocate Tx ring 2\n"); 367 goto fail; 368 } 369 370 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 371 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 372 if (error != 0) { 373 device_printf(dev, "could not allocate Tx ring 3\n"); 374 goto fail; 375 } 376 377 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 378 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 379 if (error != 0) { 380 device_printf(dev, "could not allocate Tx ring 4\n"); 381 goto fail; 382 } 383 384 error = iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT); 385 if (error != 0) { 386 device_printf(dev, "could not allocate Rx ring\n"); 387 goto fail; 388 } 389 390 sysctl_ctx_init(&sc->sysctl_ctx); 391 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx, 392 SYSCTL_STATIC_CHILDREN(_hw), 393 OID_AUTO, 394 device_get_nameunit(dev), 395 CTLFLAG_RD, 396 0, ""); 397 if (sc->sysctl_tree == NULL) { 398 device_printf(dev, "sysctl add node failed\n"); 399 error = EIO; 400 goto fail; 401 } 402 403 ifp->if_softc = sc; 404 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 405 ifp->if_init = iwi_init; 406 ifp->if_ioctl = iwi_ioctl; 407 ifp->if_start = iwi_start; 408 ifp->if_watchdog = iwi_watchdog; 409 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN); 410 ifq_set_ready(&ifp->if_snd); 411 412 ic->ic_wme.wme_update = iwi_wme_update; 413 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 414 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 415 ic->ic_state = IEEE80211_S_INIT; 416 417 /* set device capabilities */ 418 ic->ic_caps = 419 IEEE80211_C_IBSS | /* IBSS mode supported */ 420 IEEE80211_C_MONITOR | /* monitor mode supported */ 421 IEEE80211_C_TXPMGT | /* tx power management */ 422 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 423 IEEE80211_C_WEP | /* WEP */ 424 IEEE80211_C_WPA | /* 802.11i */ 425 IEEE80211_C_WME; /* 802.11e */ 426 427 /* read MAC address from EEPROM */ 428 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 429 ic->ic_myaddr[0] = val & 0xff; 430 ic->ic_myaddr[1] = val >> 8; 431 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 432 ic->ic_myaddr[2] = val & 0xff; 433 ic->ic_myaddr[3] = val >> 8; 434 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 435 ic->ic_myaddr[4] = val & 0xff; 436 ic->ic_myaddr[5] = val >> 8; 437 438 if (pci_get_device(dev) >= 0x4223) { 439 /* set supported .11a rates (2915ABG only) */ 440 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 441 442 /* set supported .11a channels */ 443 for (i = 36; i <= 64; i += 4) { 444 ic->ic_channels[i].ic_freq = 445 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 446 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 447 } 448 for (i = 149; i <= 165; i += 4) { 449 ic->ic_channels[i].ic_freq = 450 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 451 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 452 } 453 } 454 455 /* set supported .11b and .11g rates */ 456 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 457 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 458 459 /* set supported .11b and .11g channels (1 through 14) */ 460 for (i = 1; i <= 14; i++) { 461 ic->ic_channels[i].ic_freq = 462 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 463 ic->ic_channels[i].ic_flags = 464 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 465 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 466 } 467 468 ieee80211_ifattach(ic); 469 /* override default methods */ 470 ic->ic_node_alloc = iwi_node_alloc; 471 sc->sc_node_free = ic->ic_node_free; 472 ic->ic_node_free = iwi_node_free; 473 /* override state transition machine */ 474 sc->sc_newstate = ic->ic_newstate; 475 ic->ic_newstate = iwi_newstate; 476 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 477 478 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO, 479 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 480 481 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 482 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 483 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 484 485 sc->sc_txtap_len = sizeof sc->sc_txtapu; 486 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 487 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 488 489 /* 490 * Add a few sysctl knobs. 491 */ 492 sc->dwelltime = 100; 493 sc->bluetooth = 1; 494 sc->antenna = 0; 495 496 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 497 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "radio", 498 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I", 499 "radio transmitter switch state (0=off, 1=on)"); 500 501 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 502 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "stats", 503 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S", 504 "statistics"); 505 506 SYSCTL_ADD_INT(&sc->sysctl_ctx, 507 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell", 508 CTLFLAG_RW, &sc->dwelltime, 0, 509 "channel dwell time (ms) for AP/station scanning"); 510 511 SYSCTL_ADD_INT(&sc->sysctl_ctx, 512 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "bluetooth", 513 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence"); 514 515 SYSCTL_ADD_INT(&sc->sysctl_ctx, 516 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "antenna", 517 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)"); 518 519 /* 520 * Start firmware monitoring thread 521 * 522 * NOTE: 523 * This should be done only after serializer is initialized, 524 * i.e. after ieee80211_ifattach(), because serializer will be 525 * held once iwi_fw_monitor() is entered. 526 */ 527 error = kthread_create(iwi_fw_monitor, sc, &sc->sc_fw_monitor, 528 "%s:fw-monitor", device_get_nameunit(dev)); 529 if (error) { 530 device_printf(dev, "could not create fw monitor\n"); 531 goto fail1; 532 } 533 sc->flags |= IWI_FLAG_MONITOR; 534 535 /* 536 * Hook our interrupt after all initialization is complete. 537 */ 538 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, iwi_intr, sc, 539 &sc->sc_ih, ifp->if_serializer); 540 if (error != 0) { 541 device_printf(dev, "could not set up interrupt\n"); 542 goto fail1; 543 } 544 545 if (bootverbose) 546 ieee80211_announce(ic); 547 548 return 0; 549 550 fail1: 551 bpfdetach(ifp); 552 ieee80211_ifdetach(ic); 553 fail: 554 iwi_detach(dev); 555 return ENXIO; 556 } 557 558 static int 559 iwi_detach(device_t dev) 560 { 561 struct iwi_softc *sc = device_get_softc(dev); 562 struct ieee80211com *ic = &sc->sc_ic; 563 struct ifnet *ifp = ic->ic_ifp; 564 565 if (sc->flags & IWI_FLAG_MONITOR) { 566 lwkt_serialize_enter(ifp->if_serializer); 567 sc->flags |= IWI_FLAG_EXIT; 568 wakeup(IWI_FW_WAKE_MONITOR(sc)); 569 570 crit_enter(); 571 tsleep_interlock(IWI_FW_EXIT_MONITOR(sc)); 572 lwkt_serialize_exit(ifp->if_serializer); 573 tsleep(IWI_FW_EXIT_MONITOR(sc), 0, "iwiexi", 0); 574 crit_exit(); 575 /* No need to hold serializer again */ 576 577 if_printf(ifp, "fw monitor exited\n"); 578 } 579 580 if (device_is_attached(dev)) { 581 lwkt_serialize_enter(ifp->if_serializer); 582 583 iwi_stop(sc); 584 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 585 iwi_free_firmware(sc); 586 587 lwkt_serialize_exit(ifp->if_serializer); 588 589 bpfdetach(ifp); 590 ieee80211_ifdetach(ic); 591 } 592 593 iwi_free_cmd_ring(sc, &sc->cmdq); 594 iwi_free_tx_ring(sc, &sc->txq[0]); 595 iwi_free_tx_ring(sc, &sc->txq[1]); 596 iwi_free_tx_ring(sc, &sc->txq[2]); 597 iwi_free_tx_ring(sc, &sc->txq[3]); 598 iwi_free_rx_ring(sc, &sc->rxq); 599 600 if (sc->irq != NULL) 601 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq); 602 603 if (sc->mem != NULL) 604 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem); 605 606 if (sc->sysctl_tree != NULL) 607 sysctl_ctx_free(&sc->sysctl_ctx); 608 609 return 0; 610 } 611 612 static void 613 iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 614 { 615 if (error != 0) 616 return; 617 618 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 619 620 *(bus_addr_t *)arg = segs[0].ds_addr; 621 } 622 623 static int 624 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count) 625 { 626 int error; 627 628 ring->count = count; 629 ring->queued = 0; 630 ring->cur = ring->next = 0; 631 632 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 633 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_CMD_DESC_SIZE, 1, 634 count * IWI_CMD_DESC_SIZE, 0, &ring->desc_dmat); 635 if (error != 0) { 636 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 637 goto fail; 638 } 639 640 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 641 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 642 if (error != 0) { 643 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 644 goto fail; 645 } 646 647 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 648 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 649 if (error != 0) { 650 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 651 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 652 ring->desc = NULL; 653 return error; 654 } 655 656 return 0; 657 658 fail: iwi_free_cmd_ring(sc, ring); 659 return error; 660 } 661 662 static void 663 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 664 { 665 ring->queued = 0; 666 ring->cur = ring->next = 0; 667 } 668 669 static void 670 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 671 { 672 if (ring->desc != NULL) { 673 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 674 BUS_DMASYNC_POSTWRITE); 675 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 676 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 677 ring->desc = NULL; 678 } 679 680 if (ring->desc_dmat != NULL) { 681 bus_dma_tag_destroy(ring->desc_dmat); 682 ring->desc_dmat = NULL; 683 } 684 } 685 686 static int 687 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count, 688 bus_addr_t csr_ridx, bus_addr_t csr_widx) 689 { 690 int i, error; 691 692 ring->count = count; 693 ring->queued = 0; 694 ring->cur = ring->next = 0; 695 ring->csr_ridx = csr_ridx; 696 ring->csr_widx = csr_widx; 697 698 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 699 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_TX_DESC_SIZE, 1, 700 count * IWI_TX_DESC_SIZE, 0, &ring->desc_dmat); 701 if (error != 0) { 702 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 703 goto fail; 704 } 705 706 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 707 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 708 if (error != 0) { 709 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 710 goto fail; 711 } 712 713 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 714 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 715 if (error != 0) { 716 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 717 718 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 719 ring->desc = NULL; 720 goto fail; 721 } 722 723 ring->data = kmalloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 724 M_WAITOK | M_ZERO); 725 726 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 727 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, IWI_MAX_NSEG - 2, 728 MCLBYTES, 0, &ring->data_dmat); 729 if (error != 0) { 730 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 731 goto fail; 732 } 733 734 for (i = 0; i < count; i++) { 735 error = bus_dmamap_create(ring->data_dmat, 0, 736 &ring->data[i].map); 737 if (error != 0) { 738 device_printf(sc->sc_dev, "could not create DMA map\n"); 739 goto fail; 740 } 741 } 742 743 return 0; 744 745 fail: iwi_free_tx_ring(sc, ring); 746 return error; 747 } 748 749 static void 750 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 751 { 752 struct iwi_tx_data *data; 753 int i; 754 755 for (i = 0; i < ring->count; i++) { 756 data = &ring->data[i]; 757 758 if (data->m != NULL) { 759 bus_dmamap_sync(ring->data_dmat, data->map, 760 BUS_DMASYNC_POSTWRITE); 761 bus_dmamap_unload(ring->data_dmat, data->map); 762 m_freem(data->m); 763 data->m = NULL; 764 } 765 766 if (data->ni != NULL) { 767 ieee80211_free_node(data->ni); 768 data->ni = NULL; 769 } 770 } 771 772 ring->queued = 0; 773 ring->cur = ring->next = 0; 774 } 775 776 static void 777 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 778 { 779 struct iwi_tx_data *data; 780 int i; 781 782 if (ring->desc != NULL) { 783 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 784 BUS_DMASYNC_POSTWRITE); 785 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 786 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 787 ring->desc = NULL; 788 } 789 790 if (ring->desc_dmat != NULL) { 791 bus_dma_tag_destroy(ring->desc_dmat); 792 ring->desc_dmat = NULL; 793 } 794 795 if (ring->data != NULL) { 796 for (i = 0; i < ring->count; i++) { 797 data = &ring->data[i]; 798 799 if (data->m != NULL) { 800 bus_dmamap_sync(ring->data_dmat, data->map, 801 BUS_DMASYNC_POSTWRITE); 802 bus_dmamap_unload(ring->data_dmat, data->map); 803 m_freem(data->m); 804 data->m = NULL; 805 } 806 807 if (data->ni != NULL) { 808 ieee80211_free_node(data->ni); 809 data->ni = NULL; 810 } 811 812 if (data->map != NULL) { 813 bus_dmamap_destroy(ring->data_dmat, data->map); 814 data->map = NULL; 815 } 816 } 817 818 kfree(ring->data, M_DEVBUF); 819 ring->data = NULL; 820 } 821 822 if (ring->data_dmat != NULL) { 823 bus_dma_tag_destroy(ring->data_dmat); 824 ring->data_dmat = NULL; 825 } 826 } 827 828 static int 829 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count) 830 { 831 struct iwi_rx_data *data; 832 int i, error; 833 834 ring->count = count; 835 ring->cur = 0; 836 837 ring->data = kmalloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 838 M_WAITOK | M_ZERO); 839 840 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 841 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, 842 &ring->data_dmat); 843 if (error != 0) { 844 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 845 goto fail; 846 } 847 848 for (i = 0; i < count; i++) { 849 data = &ring->data[i]; 850 851 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 852 if (error != 0) { 853 device_printf(sc->sc_dev, "could not create DMA map\n"); 854 goto fail; 855 } 856 857 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR); 858 if (data->m == NULL) { 859 device_printf(sc->sc_dev, 860 "could not allocate rx mbuf\n"); 861 error = ENOMEM; 862 goto fail; 863 } 864 865 error = bus_dmamap_load(ring->data_dmat, data->map, 866 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 867 &data->physaddr, 0); 868 if (error != 0) { 869 device_printf(sc->sc_dev, 870 "could not load rx buf DMA map"); 871 872 m_freem(data->m); 873 data->m = NULL; 874 goto fail; 875 } 876 877 data->reg = IWI_CSR_RX_BASE + i * 4; 878 } 879 880 return 0; 881 882 fail: iwi_free_rx_ring(sc, ring); 883 return error; 884 } 885 886 static void 887 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 888 { 889 ring->cur = 0; 890 } 891 892 static void 893 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 894 { 895 struct iwi_rx_data *data; 896 int i; 897 898 if (ring->data != NULL) { 899 for (i = 0; i < ring->count; i++) { 900 data = &ring->data[i]; 901 902 if (data->m != NULL) { 903 bus_dmamap_sync(ring->data_dmat, data->map, 904 BUS_DMASYNC_POSTREAD); 905 bus_dmamap_unload(ring->data_dmat, data->map); 906 m_freem(data->m); 907 data->m = NULL; 908 } 909 910 if (data->map != NULL) { 911 bus_dmamap_destroy(ring->data_dmat, data->map); 912 data->map = NULL; 913 } 914 } 915 916 kfree(ring->data, M_DEVBUF); 917 ring->data = NULL; 918 } 919 920 if (ring->data_dmat != NULL) { 921 bus_dma_tag_destroy(ring->data_dmat); 922 ring->data_dmat = NULL; 923 } 924 } 925 926 static int 927 iwi_shutdown(device_t dev) 928 { 929 struct iwi_softc *sc = device_get_softc(dev); 930 struct ifnet *ifp = &sc->sc_ic.ic_if; 931 932 lwkt_serialize_enter(ifp->if_serializer); 933 iwi_stop(sc); 934 lwkt_serialize_exit(ifp->if_serializer); 935 936 return 0; 937 } 938 939 static int 940 iwi_suspend(device_t dev) 941 { 942 struct iwi_softc *sc = device_get_softc(dev); 943 struct ifnet *ifp = &sc->sc_ic.ic_if; 944 945 lwkt_serialize_enter(ifp->if_serializer); 946 iwi_stop(sc); 947 lwkt_serialize_exit(ifp->if_serializer); 948 949 return 0; 950 } 951 952 static int 953 iwi_resume(device_t dev) 954 { 955 struct iwi_softc *sc = device_get_softc(dev); 956 struct ifnet *ifp = sc->sc_ic.ic_ifp; 957 958 lwkt_serialize_enter(ifp->if_serializer); 959 960 pci_write_config(dev, 0x41, 0, 1); 961 962 if (ifp->if_flags & IFF_UP) { 963 ifp->if_init(ifp->if_softc); 964 if (ifp->if_flags & IFF_RUNNING) 965 ifp->if_start(ifp); 966 } 967 968 lwkt_serialize_exit(ifp->if_serializer); 969 970 return 0; 971 } 972 973 static struct ieee80211_node * 974 iwi_node_alloc(struct ieee80211_node_table *nt) 975 { 976 struct iwi_node *in; 977 978 in = kmalloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 979 if (in == NULL) 980 return NULL; 981 982 in->in_station = -1; 983 984 return &in->in_node; 985 } 986 987 static void 988 iwi_node_free(struct ieee80211_node *ni) 989 { 990 struct ieee80211com *ic = ni->ni_ic; 991 struct iwi_softc *sc = ic->ic_ifp->if_softc; 992 struct iwi_node *in = (struct iwi_node *)ni; 993 994 if (in->in_station != -1) 995 iwi_free_ibss_node(sc, in->in_station); 996 997 sc->sc_node_free(ni); 998 } 999 1000 static int 1001 iwi_media_change(struct ifnet *ifp) 1002 { 1003 struct iwi_softc *sc = ifp->if_softc; 1004 int error; 1005 1006 ASSERT_SERIALIZED(ifp->if_serializer); 1007 1008 error = ieee80211_media_change(ifp); 1009 if (error != ENETRESET) 1010 return error; 1011 1012 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1013 iwi_init(sc); 1014 return 0; 1015 } 1016 1017 /* 1018 * The firmware automatically adapts the transmit speed. We report its current 1019 * value here. 1020 */ 1021 static void 1022 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 1023 { 1024 struct iwi_softc *sc = ifp->if_softc; 1025 struct ieee80211com *ic = &sc->sc_ic; 1026 #define N(a) (sizeof (a) / sizeof (a[0])) 1027 static const struct { 1028 uint32_t val; 1029 int rate; 1030 } rates[] = { 1031 { IWI_RATE_DS1, 2 }, 1032 { IWI_RATE_DS2, 4 }, 1033 { IWI_RATE_DS5, 11 }, 1034 { IWI_RATE_DS11, 22 }, 1035 { IWI_RATE_OFDM6, 12 }, 1036 { IWI_RATE_OFDM9, 18 }, 1037 { IWI_RATE_OFDM12, 24 }, 1038 { IWI_RATE_OFDM18, 36 }, 1039 { IWI_RATE_OFDM24, 48 }, 1040 { IWI_RATE_OFDM36, 72 }, 1041 { IWI_RATE_OFDM48, 96 }, 1042 { IWI_RATE_OFDM54, 108 }, 1043 }; 1044 uint32_t val; 1045 int rate, i; 1046 1047 imr->ifm_status = IFM_AVALID; 1048 imr->ifm_active = IFM_IEEE80211; 1049 if (ic->ic_state == IEEE80211_S_RUN) 1050 imr->ifm_status |= IFM_ACTIVE; 1051 1052 /* read current transmission rate from adapter */ 1053 val = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE); 1054 1055 /* convert rate to 802.11 rate */ 1056 for (i = 0; i < N(rates) && rates[i].val != val; i++); 1057 rate = (i < N(rates)) ? rates[i].rate : 0; 1058 1059 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 1060 switch (ic->ic_opmode) { 1061 case IEEE80211_M_STA: 1062 break; 1063 1064 case IEEE80211_M_IBSS: 1065 imr->ifm_active |= IFM_IEEE80211_ADHOC; 1066 break; 1067 1068 case IEEE80211_M_MONITOR: 1069 imr->ifm_active |= IFM_IEEE80211_MONITOR; 1070 break; 1071 1072 case IEEE80211_M_AHDEMO: 1073 case IEEE80211_M_HOSTAP: 1074 /* should not get there */ 1075 break; 1076 } 1077 #undef N 1078 } 1079 1080 static int 1081 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1082 { 1083 struct ifnet *ifp = ic->ic_ifp; 1084 struct iwi_softc *sc = ifp->if_softc; 1085 enum ieee80211_state ostate; 1086 uint32_t tmp; 1087 1088 ostate = ic->ic_state; 1089 1090 switch (nstate) { 1091 case IEEE80211_S_SCAN: 1092 if (sc->flags & IWI_FLAG_SCANNING) 1093 break; 1094 1095 ieee80211_node_table_reset(&ic->ic_scan); 1096 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1097 sc->flags |= IWI_FLAG_SCANNING; 1098 iwi_scan(sc); 1099 break; 1100 1101 case IEEE80211_S_AUTH: 1102 iwi_auth_and_assoc(sc); 1103 break; 1104 1105 case IEEE80211_S_RUN: 1106 if (ic->ic_opmode == IEEE80211_M_IBSS) 1107 iwi_auth_and_assoc(sc); 1108 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1109 iwi_set_chan(sc, ic->ic_ibss_chan); 1110 1111 /* assoc led on */ 1112 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1113 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp | IWI_LED_ASSOC); 1114 1115 return sc->sc_newstate(ic, nstate, 1116 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1117 1118 case IEEE80211_S_ASSOC: 1119 break; 1120 1121 case IEEE80211_S_INIT: 1122 sc->flags &= ~IWI_FLAG_SCANNING; 1123 1124 if (ostate != IEEE80211_S_RUN) 1125 break; 1126 1127 /* assoc led off */ 1128 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1129 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp & ~IWI_LED_ASSOC); 1130 break; 1131 } 1132 1133 ic->ic_state = nstate; 1134 1135 return 0; 1136 } 1137 1138 /* 1139 * WME parameters coming from IEEE 802.11e specification. These values are 1140 * already declared in ieee80211_proto.c, but they are static so they can't 1141 * be reused here. 1142 */ 1143 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1144 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1145 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1146 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1147 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1148 }; 1149 1150 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1151 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1152 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1153 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1154 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1155 }; 1156 1157 static int 1158 iwi_wme_update(struct ieee80211com *ic) 1159 { 1160 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1161 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1162 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1163 struct iwi_wme_params wme[3]; 1164 const struct wmeParams *wmep; 1165 int ac; 1166 1167 /* 1168 * We shall not override firmware default WME values if WME is not 1169 * actually enabled. 1170 */ 1171 if (!(ic->ic_flags & IEEE80211_F_WME)) 1172 return 0; 1173 1174 for (ac = 0; ac < WME_NUM_AC; ac++) { 1175 /* set WME values for current operating mode */ 1176 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1177 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1178 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1179 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1180 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1181 wme[0].acm[ac] = wmep->wmep_acm; 1182 1183 /* set WME values for CCK modulation */ 1184 wmep = &iwi_wme_cck_params[ac]; 1185 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1186 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1187 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1188 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1189 wme[1].acm[ac] = wmep->wmep_acm; 1190 1191 /* set WME values for OFDM modulation */ 1192 wmep = &iwi_wme_ofdm_params[ac]; 1193 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1194 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1195 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1196 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1197 wme[2].acm[ac] = wmep->wmep_acm; 1198 } 1199 1200 DPRINTF(("Setting WME parameters\n")); 1201 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1202 #undef IWI_USEC 1203 #undef IWI_EXP2 1204 } 1205 1206 /* 1207 * Read 16 bits at address 'addr' from the serial EEPROM. 1208 */ 1209 static uint16_t 1210 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1211 { 1212 uint32_t tmp; 1213 uint16_t val; 1214 int n; 1215 1216 /* Clock C once before the first command */ 1217 IWI_EEPROM_CTL(sc, 0); 1218 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1219 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1220 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1221 1222 /* Write start bit (1) */ 1223 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1224 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1225 1226 /* Write READ opcode (10) */ 1227 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1228 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1229 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1230 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1231 1232 /* Write address A7-A0 */ 1233 for (n = 7; n >= 0; n--) { 1234 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1235 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1236 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1237 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1238 } 1239 1240 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1241 1242 /* Read data Q15-Q0 */ 1243 val = 0; 1244 for (n = 15; n >= 0; n--) { 1245 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1246 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1247 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1248 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1249 } 1250 1251 IWI_EEPROM_CTL(sc, 0); 1252 1253 /* Clear Chip Select and clock C */ 1254 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1255 IWI_EEPROM_CTL(sc, 0); 1256 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1257 1258 return val; 1259 } 1260 1261 /* 1262 * XXX: Hack to set the current channel to the value advertised in beacons or 1263 * probe responses. Only used during AP detection. 1264 */ 1265 static void 1266 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1267 { 1268 struct ieee80211_frame *wh; 1269 uint8_t subtype; 1270 uint8_t *frm, *efrm; 1271 1272 wh = mtod(m, struct ieee80211_frame *); 1273 1274 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1275 return; 1276 1277 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1278 1279 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1280 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1281 return; 1282 1283 frm = (uint8_t *)(wh + 1); 1284 efrm = mtod(m, uint8_t *) + m->m_len; 1285 1286 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1287 while (frm < efrm) { 1288 if (*frm == IEEE80211_ELEMID_DSPARMS) 1289 #if IEEE80211_CHAN_MAX < 255 1290 if (frm[2] <= IEEE80211_CHAN_MAX) 1291 #endif 1292 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1293 1294 frm += frm[1] + 2; 1295 } 1296 } 1297 1298 static void 1299 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1300 struct iwi_frame *frame) 1301 { 1302 struct ieee80211com *ic = &sc->sc_ic; 1303 struct ifnet *ifp = ic->ic_ifp; 1304 struct mbuf *mnew, *m; 1305 struct ieee80211_frame *wh; 1306 struct ieee80211_node *ni; 1307 int error; 1308 1309 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1310 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1311 1312 if (le16toh(frame->len) < sizeof (struct ieee80211_frame)) 1313 return; 1314 1315 /* 1316 * Try to allocate a new mbuf for this ring element and load it before 1317 * processing the current mbuf. If the ring element cannot be loaded, 1318 * drop the received packet and reuse the old mbuf. In the unlikely 1319 * case that the old mbuf can't be reloaded either, explicitly panic. 1320 */ 1321 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR); 1322 if (mnew == NULL) { 1323 ifp->if_ierrors++; 1324 return; 1325 } 1326 1327 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1328 1329 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1330 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr, 1331 0); 1332 if (error != 0) { 1333 m_freem(mnew); 1334 1335 /* try to reload the old mbuf */ 1336 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1337 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 1338 &data->physaddr, 0); 1339 if (error != 0) { 1340 /* very unlikely that it will fail... */ 1341 panic("%s: could not load old rx mbuf", 1342 device_get_name(sc->sc_dev)); 1343 } 1344 ifp->if_ierrors++; 1345 return; 1346 } 1347 1348 /* 1349 * New mbuf successfully loaded, update Rx ring and continue 1350 * processing. 1351 */ 1352 m = data->m; 1353 data->m = mnew; 1354 CSR_WRITE_4(sc, data->reg, data->physaddr); 1355 1356 /* Finalize mbuf */ 1357 m->m_pkthdr.rcvif = ifp; 1358 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1359 sizeof (struct iwi_frame) + le16toh(frame->len); 1360 1361 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1362 1363 if (ic->ic_state == IEEE80211_S_SCAN) 1364 iwi_fix_channel(ic, m); 1365 1366 if (sc->sc_drvbpf != NULL) { 1367 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1368 1369 tap->wr_flags = 0; 1370 tap->wr_rate = frame->rate; 1371 tap->wr_chan_freq = 1372 htole16(ic->ic_channels[frame->chan].ic_freq); 1373 tap->wr_chan_flags = 1374 htole16(ic->ic_channels[frame->chan].ic_flags); 1375 tap->wr_antsignal = frame->signal; 1376 tap->wr_antenna = frame->antenna; 1377 1378 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len); 1379 } 1380 1381 wh = mtod(m, struct ieee80211_frame *); 1382 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1383 1384 /* send the frame to the 802.11 layer */ 1385 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1386 1387 /* node is no longer needed */ 1388 ieee80211_free_node(ni); 1389 } 1390 1391 static void 1392 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1393 { 1394 struct ieee80211com *ic = &sc->sc_ic; 1395 struct iwi_notif_scan_channel *chan; 1396 struct iwi_notif_scan_complete *scan; 1397 struct iwi_notif_authentication *auth; 1398 struct iwi_notif_association *assoc; 1399 1400 switch (notif->type) { 1401 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1402 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1403 1404 DPRINTFN(2, ("Scanning channel (%u)\n", chan->nchan)); 1405 break; 1406 1407 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1408 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1409 1410 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1411 scan->status)); 1412 1413 /* monitor mode uses scan to set the channel ... */ 1414 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1415 sc->flags &= ~IWI_FLAG_SCANNING; 1416 ieee80211_end_scan(ic); 1417 } else 1418 iwi_set_chan(sc, ic->ic_ibss_chan); 1419 break; 1420 1421 case IWI_NOTIF_TYPE_AUTHENTICATION: 1422 auth = (struct iwi_notif_authentication *)(notif + 1); 1423 1424 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1425 1426 switch (auth->state) { 1427 case IWI_AUTHENTICATED: 1428 ieee80211_node_authorize(ic->ic_bss); 1429 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1430 break; 1431 1432 case IWI_DEAUTHENTICATED: 1433 break; 1434 1435 default: 1436 device_printf(sc->sc_dev, 1437 "unknown authentication state %u\n", auth->state); 1438 } 1439 break; 1440 1441 case IWI_NOTIF_TYPE_ASSOCIATION: 1442 assoc = (struct iwi_notif_association *)(notif + 1); 1443 1444 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1445 assoc->status)); 1446 1447 switch (assoc->state) { 1448 case IWI_AUTHENTICATED: 1449 /* re-association, do nothing */ 1450 break; 1451 1452 case IWI_ASSOCIATED: 1453 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1454 break; 1455 1456 case IWI_DEASSOCIATED: 1457 ieee80211_begin_scan(ic, 1); 1458 break; 1459 1460 default: 1461 device_printf(sc->sc_dev, 1462 "unknown association state %u\n", assoc->state); 1463 } 1464 break; 1465 1466 default: 1467 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1468 } 1469 } 1470 1471 static void 1472 iwi_rx_intr(struct iwi_softc *sc) 1473 { 1474 struct iwi_rx_data *data; 1475 struct iwi_hdr *hdr; 1476 uint32_t hw; 1477 1478 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1479 1480 for (; sc->rxq.cur != hw;) { 1481 data = &sc->rxq.data[sc->rxq.cur]; 1482 1483 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1484 BUS_DMASYNC_POSTREAD); 1485 1486 hdr = mtod(data->m, struct iwi_hdr *); 1487 1488 switch (hdr->type) { 1489 case IWI_HDR_TYPE_FRAME: 1490 iwi_frame_intr(sc, data, sc->rxq.cur, 1491 (struct iwi_frame *)(hdr + 1)); 1492 break; 1493 1494 case IWI_HDR_TYPE_NOTIF: 1495 iwi_notification_intr(sc, 1496 (struct iwi_notif *)(hdr + 1)); 1497 break; 1498 1499 default: 1500 device_printf(sc->sc_dev, "unknown hdr type %u\n", 1501 hdr->type); 1502 } 1503 1504 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1505 1506 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT; 1507 } 1508 1509 /* Tell the firmware what we have processed */ 1510 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1; 1511 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1512 } 1513 1514 static void 1515 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1516 { 1517 struct ieee80211com *ic = &sc->sc_ic; 1518 struct ifnet *ifp = ic->ic_ifp; 1519 struct iwi_tx_data *data; 1520 uint32_t hw; 1521 1522 hw = CSR_READ_4(sc, txq->csr_ridx); 1523 1524 for (; txq->next != hw;) { 1525 data = &txq->data[txq->next]; 1526 1527 bus_dmamap_sync(txq->data_dmat, data->map, 1528 BUS_DMASYNC_POSTWRITE); 1529 bus_dmamap_unload(txq->data_dmat, data->map); 1530 m_freem(data->m); 1531 data->m = NULL; 1532 ieee80211_free_node(data->ni); 1533 data->ni = NULL; 1534 1535 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1536 1537 ifp->if_opackets++; 1538 1539 txq->queued--; 1540 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT; 1541 } 1542 1543 sc->sc_tx_timer = 0; 1544 ifp->if_flags &= ~IFF_OACTIVE; 1545 iwi_start(ifp); 1546 } 1547 1548 static void 1549 iwi_intr(void *arg) 1550 { 1551 struct iwi_softc *sc = arg; 1552 uint32_t r; 1553 1554 r = CSR_READ_4(sc, IWI_CSR_INTR); 1555 if (r == 0 || r == 0xffffffff) 1556 return; 1557 1558 /* disable interrupts */ 1559 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1560 1561 if (r & IWI_INTR_FATAL_ERROR) { 1562 device_printf(sc->sc_dev, "fatal error\n"); 1563 1564 if ((sc->flags & (IWI_FLAG_EXIT | IWI_FLAG_RESET)) == 0) { 1565 sc->flags |= IWI_FLAG_RESET; 1566 device_printf(sc->sc_dev, "wake firmware monitor\n"); 1567 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1568 } 1569 } 1570 1571 if (r & IWI_INTR_PARITY_ERROR) { 1572 device_printf(sc->sc_dev, "parity error\n"); 1573 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1574 iwi_stop(sc); 1575 } 1576 1577 if (r & IWI_INTR_FW_INITED) { 1578 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1579 wakeup(IWI_FW_INITIALIZED(sc)); 1580 } 1581 1582 if (r & IWI_INTR_RADIO_OFF) { 1583 DPRINTF(("radio transmitter turned off\n")); 1584 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1585 iwi_stop(sc); 1586 } 1587 1588 if (r & IWI_INTR_CMD_DONE) 1589 wakeup(IWI_FW_CMD_ACKED(sc)); 1590 1591 if (r & IWI_INTR_TX1_DONE) 1592 iwi_tx_intr(sc, &sc->txq[0]); 1593 1594 if (r & IWI_INTR_TX2_DONE) 1595 iwi_tx_intr(sc, &sc->txq[1]); 1596 1597 if (r & IWI_INTR_TX3_DONE) 1598 iwi_tx_intr(sc, &sc->txq[2]); 1599 1600 if (r & IWI_INTR_TX4_DONE) 1601 iwi_tx_intr(sc, &sc->txq[3]); 1602 1603 if (r & IWI_INTR_RX_DONE) 1604 iwi_rx_intr(sc); 1605 1606 /* acknowledge interrupts */ 1607 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1608 1609 /* re-enable interrupts */ 1610 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 1611 } 1612 1613 static int 1614 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, int async) 1615 { 1616 struct iwi_cmd_desc *desc; 1617 struct ifnet *ifp = &sc->sc_ic.ic_if; 1618 int ret; 1619 1620 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1621 1622 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1623 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1624 desc->type = type; 1625 desc->len = len; 1626 memcpy(desc->data, data, len); 1627 1628 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map, 1629 BUS_DMASYNC_PREWRITE); 1630 1631 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1632 type, len)); 1633 1634 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT; 1635 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1636 1637 if (!async) { 1638 ASSERT_SERIALIZED(ifp->if_serializer); 1639 1640 crit_enter(); 1641 tsleep_interlock(IWI_FW_CMD_ACKED(sc)); 1642 lwkt_serialize_exit(ifp->if_serializer); 1643 ret = tsleep(IWI_FW_CMD_ACKED(sc), 0, "iwicmd", hz); 1644 crit_exit(); 1645 lwkt_serialize_enter(ifp->if_serializer); 1646 } else { 1647 ret = 0; 1648 } 1649 1650 return ret; 1651 } 1652 1653 static void 1654 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1655 { 1656 struct iwi_ibssnode node; 1657 1658 /* write node information into NIC memory */ 1659 memset(&node, 0, sizeof node); 1660 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1661 1662 CSR_WRITE_REGION_1(sc, 1663 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1664 (uint8_t *)&node, sizeof node); 1665 } 1666 1667 struct iwi_dma_mapping { 1668 bus_dma_segment_t segs[IWI_MAX_NSEG]; 1669 int nseg; 1670 bus_size_t mapsize; 1671 }; 1672 1673 static void 1674 iwi_dma_map_mbuf(void *arg, bus_dma_segment_t *segs, int nseg, 1675 bus_size_t mapsize, int error) 1676 { 1677 struct iwi_dma_mapping *map = arg; 1678 1679 if (error != 0) 1680 return; 1681 1682 KASSERT(nseg <= IWI_MAX_NSEG, ("too many DMA segments %d", nseg)); 1683 1684 bcopy(segs, map->segs, nseg * sizeof(bus_dma_segment_t)); 1685 map->nseg = nseg; 1686 map->mapsize = mapsize; 1687 } 1688 1689 static int 1690 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1691 int ac) 1692 { 1693 struct iwi_softc *sc = ifp->if_softc; 1694 struct ieee80211com *ic = &sc->sc_ic; 1695 struct iwi_node *in = (struct iwi_node *)ni; 1696 struct ieee80211_frame *wh; 1697 struct ieee80211_key *k; 1698 const struct chanAccParams *cap; 1699 struct iwi_tx_ring *txq = &sc->txq[ac]; 1700 struct iwi_tx_data *data; 1701 struct iwi_tx_desc *desc; 1702 struct mbuf *mnew; 1703 struct iwi_dma_mapping map; 1704 int error, hdrlen, i, noack = 0; 1705 1706 wh = mtod(m0, struct ieee80211_frame *); 1707 1708 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1709 hdrlen = sizeof (struct ieee80211_qosframe); 1710 cap = &ic->ic_wme.wme_chanParams; 1711 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1712 } else 1713 hdrlen = sizeof (struct ieee80211_frame); 1714 1715 /* 1716 * This is only used in IBSS mode where the firmware expect an index 1717 * in a h/w table instead of a destination address. 1718 */ 1719 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1720 in->in_station = iwi_alloc_ibss_node(sc); 1721 if (in->in_station == -1) { /* h/w table is full */ 1722 m_freem(m0); 1723 ieee80211_free_node(ni); 1724 ifp->if_oerrors++; 1725 if_printf(ifp, "ibss table is full\n"); 1726 return 0; 1727 } 1728 iwi_write_ibssnode(sc, in); 1729 } 1730 1731 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1732 k = ieee80211_crypto_encap(ic, ni, m0); 1733 if (k == NULL) { 1734 m_freem(m0); 1735 return ENOBUFS; 1736 } 1737 1738 /* packet header may have moved, reset our local pointer */ 1739 wh = mtod(m0, struct ieee80211_frame *); 1740 } 1741 1742 if (sc->sc_drvbpf != NULL) { 1743 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1744 1745 tap->wt_flags = 0; 1746 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1747 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1748 1749 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len); 1750 } 1751 1752 data = &txq->data[txq->cur]; 1753 desc = &txq->desc[txq->cur]; 1754 1755 /* save and trim IEEE802.11 header */ 1756 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1757 m_adj(m0, hdrlen); 1758 1759 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1760 iwi_dma_map_mbuf, &map, BUS_DMA_NOWAIT); 1761 if (error != 0 && error != EFBIG) { 1762 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1763 error); 1764 m_freem(m0); 1765 return error; 1766 } 1767 if (error != 0) { 1768 mnew = m_defrag(m0, MB_DONTWAIT); 1769 if (mnew == NULL) { 1770 device_printf(sc->sc_dev, 1771 "could not defragment mbuf\n"); 1772 m_freem(m0); 1773 return ENOBUFS; 1774 } 1775 m0 = mnew; 1776 1777 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1778 iwi_dma_map_mbuf, &map, 1779 BUS_DMA_NOWAIT); 1780 if (error != 0) { 1781 device_printf(sc->sc_dev, 1782 "could not map mbuf (error %d)\n", error); 1783 m_freem(m0); 1784 return error; 1785 } 1786 } 1787 1788 data->m = m0; 1789 data->ni = ni; 1790 1791 desc->hdr.type = IWI_HDR_TYPE_DATA; 1792 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1793 desc->station = 1794 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1795 desc->cmd = IWI_DATA_CMD_TX; 1796 desc->len = htole16(m0->m_pkthdr.len); 1797 desc->flags = 0; 1798 desc->xflags = 0; 1799 1800 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1801 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1802 1803 #if 0 1804 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1805 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1806 desc->weptxkey = ic->ic_crypto.cs_def_txkey; 1807 } else 1808 #endif 1809 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1810 1811 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1812 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1813 1814 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1815 desc->xflags |= IWI_DATA_XFLAG_QOS; 1816 1817 desc->nseg = htole32(map.nseg); 1818 for (i = 0; i < map.nseg; i++) { 1819 desc->seg_addr[i] = htole32(map.segs[i].ds_addr); 1820 desc->seg_len[i] = htole16(map.segs[i].ds_len); 1821 } 1822 1823 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1824 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1825 1826 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1827 ac, txq->cur, le16toh(desc->len), map.nseg)); 1828 1829 txq->queued++; 1830 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT; 1831 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1832 1833 return 0; 1834 } 1835 1836 static void 1837 iwi_start(struct ifnet *ifp) 1838 { 1839 struct iwi_softc *sc = ifp->if_softc; 1840 struct ieee80211com *ic = &sc->sc_ic; 1841 struct mbuf *m0; 1842 struct ether_header *eh; 1843 struct ieee80211_node *ni; 1844 int ac; 1845 1846 if (ic->ic_state != IEEE80211_S_RUN) 1847 return; 1848 1849 for (;;) { 1850 m0 = ifq_dequeue(&ifp->if_snd, NULL); 1851 if (m0 == NULL) 1852 break; 1853 1854 if (m0->m_len < sizeof (struct ether_header) && 1855 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1856 ifp->if_oerrors++; 1857 continue; 1858 } 1859 eh = mtod(m0, struct ether_header *); 1860 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1861 if (ni == NULL) { 1862 m_freem(m0); 1863 ifp->if_oerrors++; 1864 continue; 1865 } 1866 1867 /* classify mbuf so we can find which tx ring to use */ 1868 if (ieee80211_classify(ic, m0, ni) != 0) { 1869 m_freem(m0); 1870 ieee80211_free_node(ni); 1871 ifp->if_oerrors++; 1872 continue; 1873 } 1874 1875 /* no QoS encapsulation for EAPOL frames */ 1876 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1877 M_WME_GETAC(m0) : WME_AC_BE; 1878 1879 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) { 1880 /* there is no place left in this ring */ 1881 m_freem(m0); 1882 ieee80211_free_node(ni); 1883 ifp->if_flags |= IFF_OACTIVE; 1884 break; 1885 } 1886 1887 BPF_MTAP(ifp, m0); 1888 1889 m0 = ieee80211_encap(ic, m0, ni); 1890 if (m0 == NULL) { 1891 ieee80211_free_node(ni); 1892 ifp->if_oerrors++; 1893 continue; 1894 } 1895 1896 if (ic->ic_rawbpf != NULL) 1897 bpf_mtap(ic->ic_rawbpf, m0); 1898 1899 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1900 ieee80211_free_node(ni); 1901 ifp->if_oerrors++; 1902 break; 1903 } 1904 1905 sc->sc_tx_timer = 5; 1906 ifp->if_timer = 1; 1907 } 1908 } 1909 1910 static void 1911 iwi_watchdog(struct ifnet *ifp) 1912 { 1913 struct iwi_softc *sc = ifp->if_softc; 1914 struct ieee80211com *ic = &sc->sc_ic; 1915 1916 ifp->if_timer = 0; 1917 1918 if (sc->sc_tx_timer > 0) { 1919 if (--sc->sc_tx_timer == 0) { 1920 if_printf(ifp, "device timeout\n"); 1921 ifp->if_oerrors++; 1922 sc->flags |= IWI_FLAG_RESET; 1923 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1924 return; 1925 } 1926 ifp->if_timer = 1; 1927 } 1928 1929 ieee80211_watchdog(ic); 1930 } 1931 1932 static int 1933 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 1934 { 1935 struct iwi_softc *sc = ifp->if_softc; 1936 struct ieee80211com *ic = &sc->sc_ic; 1937 struct ifreq *ifr; 1938 int error = 0; 1939 1940 switch (cmd) { 1941 case SIOCSIFFLAGS: 1942 if (ifp->if_flags & IFF_UP) { 1943 if (!(ifp->if_flags & IFF_RUNNING)) 1944 iwi_init(sc); 1945 } else { 1946 if (ifp->if_flags & IFF_RUNNING) 1947 iwi_stop(sc); 1948 } 1949 break; 1950 1951 case SIOCSLOADFW: 1952 /* only super-user can do that! */ 1953 error = suser_cred(cr, NULL_CRED_OKAY); 1954 if (error != 0) 1955 break; 1956 1957 ifr = (struct ifreq *)data; 1958 error = iwi_cache_firmware(sc, ifr->ifr_data); 1959 break; 1960 1961 case SIOCSKILLFW: 1962 /* only super-user can do that! */ 1963 error = suser_cred(cr, NULL_CRED_OKAY); 1964 if (error != 0) 1965 break; 1966 1967 ifp->if_flags &= ~IFF_UP; 1968 iwi_stop(sc); 1969 iwi_free_firmware(sc); 1970 break; 1971 1972 default: 1973 error = ieee80211_ioctl(ic, cmd, data, cr); 1974 } 1975 1976 if (error == ENETRESET) { 1977 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1978 (IFF_UP | IFF_RUNNING) && 1979 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1980 iwi_init(sc); 1981 error = 0; 1982 } 1983 1984 return error; 1985 } 1986 1987 static void 1988 iwi_stop_master(struct iwi_softc *sc) 1989 { 1990 uint32_t tmp; 1991 int ntries; 1992 1993 /* disable interrupts */ 1994 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1995 1996 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 1997 for (ntries = 0; ntries < 5; ntries++) { 1998 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1999 break; 2000 DELAY(10); 2001 } 2002 if (ntries == 5) 2003 if_printf(&sc->sc_ic.ic_if, "timeout waiting for master\n"); 2004 2005 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2006 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET); 2007 2008 sc->flags &= ~IWI_FLAG_FW_INITED; 2009 } 2010 2011 static int 2012 iwi_reset(struct iwi_softc *sc) 2013 { 2014 uint32_t tmp; 2015 int i, ntries; 2016 2017 iwi_stop_master(sc); 2018 2019 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2020 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2021 2022 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 2023 2024 /* Wait for clock stabilization */ 2025 for (ntries = 0; ntries < 1000; ntries++) { 2026 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 2027 break; 2028 DELAY(200); 2029 } 2030 if (ntries == 1000) { 2031 if_printf(&sc->sc_ic.ic_if, 2032 "timeout waiting for clock stabilization\n"); 2033 return EIO; 2034 } 2035 2036 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2037 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET); 2038 2039 DELAY(10); 2040 2041 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2042 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2043 2044 /* Clear NIC memory */ 2045 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2046 for (i = 0; i < 0xc000; i++) 2047 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2048 2049 return 0; 2050 } 2051 2052 static int 2053 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 2054 { 2055 uint32_t tmp; 2056 uint16_t *w; 2057 int ntries, i; 2058 2059 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2060 IWI_RST_STOP_MASTER); 2061 for (ntries = 0; ntries < 5; ntries++) { 2062 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2063 break; 2064 DELAY(10); 2065 } 2066 if (ntries == 5) { 2067 device_printf(sc->sc_dev, "timeout waiting for master\n"); 2068 return EIO; 2069 } 2070 2071 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2072 DELAY(5000); 2073 2074 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2075 tmp &= ~IWI_RST_PRINCETON_RESET; 2076 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2077 2078 DELAY(5000); 2079 MEM_WRITE_4(sc, 0x3000e0, 0); 2080 DELAY(1000); 2081 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 1); 2082 DELAY(1000); 2083 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 0); 2084 DELAY(1000); 2085 MEM_WRITE_1(sc, 0x200000, 0x00); 2086 MEM_WRITE_1(sc, 0x200000, 0x40); 2087 DELAY(1000); 2088 2089 /* write microcode into adapter memory */ 2090 for (w = uc; size > 0; w++, size -= 2) 2091 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2092 2093 MEM_WRITE_1(sc, 0x200000, 0x00); 2094 MEM_WRITE_1(sc, 0x200000, 0x80); 2095 2096 /* wait until we get an answer */ 2097 for (ntries = 0; ntries < 100; ntries++) { 2098 if (MEM_READ_1(sc, 0x200000) & 1) 2099 break; 2100 DELAY(100); 2101 } 2102 if (ntries == 100) { 2103 device_printf(sc->sc_dev, 2104 "timeout waiting for ucode to initialize\n"); 2105 return EIO; 2106 } 2107 2108 /* read the answer or the firmware will not initialize properly */ 2109 for (i = 0; i < 7; i++) 2110 MEM_READ_4(sc, 0x200004); 2111 2112 MEM_WRITE_1(sc, 0x200000, 0x00); 2113 2114 return 0; 2115 } 2116 2117 /* macro to handle unaligned little endian data in firmware image */ 2118 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2119 2120 static int 2121 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2122 { 2123 bus_dma_tag_t dmat; 2124 bus_dmamap_t map; 2125 bus_addr_t physaddr; 2126 void *virtaddr; 2127 u_char *p, *end; 2128 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp; 2129 int ntries, error = 0; 2130 struct ifnet *ifp = &sc->sc_ic.ic_if; 2131 2132 ASSERT_SERIALIZED(ifp->if_serializer); 2133 2134 /* Allocate DMA memory for mapping firmware image */ 2135 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 2136 BUS_SPACE_MAXADDR, NULL, NULL, size, 1, size, 0, &dmat); 2137 if (error != 0) { 2138 device_printf(sc->sc_dev, 2139 "could not create firmware DMA tag\n"); 2140 goto fail1; 2141 } 2142 2143 error = bus_dmamem_alloc(dmat, &virtaddr, BUS_DMA_WAITOK, &map); 2144 if (error != 0) { 2145 device_printf(sc->sc_dev, 2146 "could not allocate firmware DMA memory\n"); 2147 goto fail2; 2148 } 2149 2150 error = bus_dmamap_load(dmat, map, virtaddr, size, iwi_dma_map_addr, 2151 &physaddr, 0); 2152 if (error != 0) { 2153 device_printf(sc->sc_dev, "could not load firmware DMA map\n"); 2154 goto fail3; 2155 } 2156 2157 /* Copy firmware image to DMA memory */ 2158 memcpy(virtaddr, fw, size); 2159 2160 /* Make sure the adapter will get up-to-date values */ 2161 bus_dmamap_sync(dmat, map, BUS_DMASYNC_PREWRITE); 2162 2163 /* Tell the adapter where the command blocks are stored */ 2164 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2165 2166 /* 2167 * Store command blocks into adapter's internal memory using register 2168 * indirections. The adapter will read the firmware image through DMA 2169 * using information stored in command blocks. 2170 */ 2171 src = physaddr; 2172 p = virtaddr; 2173 end = p + size; 2174 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2175 2176 while (p < end) { 2177 dst = GETLE32(p); p += 4; src += 4; 2178 len = GETLE32(p); p += 4; src += 4; 2179 p += len; 2180 2181 while (len > 0) { 2182 mlen = min(len, IWI_CB_MAXDATALEN); 2183 2184 ctl = IWI_CB_DEFAULT_CTL | mlen; 2185 sum = ctl ^ src ^ dst; 2186 2187 /* Write a command block */ 2188 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2189 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src); 2190 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst); 2191 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2192 2193 src += mlen; 2194 dst += mlen; 2195 len -= mlen; 2196 } 2197 } 2198 2199 /* Write a fictive final command block (sentinel) */ 2200 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2201 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2202 2203 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2204 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER); 2205 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2206 2207 /* Tell the adapter to start processing command blocks */ 2208 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2209 2210 /* Wait until the adapter reaches the sentinel */ 2211 for (ntries = 0; ntries < 400; ntries++) { 2212 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2213 break; 2214 DELAY(100); 2215 } 2216 if (ntries == 400) { 2217 device_printf(sc->sc_dev, 2218 "timeout processing command blocks\n"); 2219 error = EIO; 2220 goto fail4; 2221 } 2222 2223 /* We're done with command blocks processing */ 2224 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2225 2226 /* Allow interrupts so we know when the firmware is ready */ 2227 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2228 2229 /* Tell the adapter to initialize the firmware */ 2230 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2231 2232 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2233 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY); 2234 2235 /* wait at most one second for firmware initialization to complete */ 2236 crit_enter(); 2237 tsleep_interlock(IWI_FW_INITIALIZED(sc)); 2238 lwkt_serialize_exit(ifp->if_serializer); 2239 error = tsleep(IWI_FW_INITIALIZED(sc), 0, "iwiinit", hz); 2240 crit_exit(); 2241 lwkt_serialize_enter(ifp->if_serializer); 2242 if (error != 0) { 2243 device_printf(sc->sc_dev, "timeout waiting for firmware " 2244 "initialization to complete\n"); 2245 goto fail4; 2246 } 2247 2248 fail4: bus_dmamap_sync(dmat, map, BUS_DMASYNC_POSTWRITE); 2249 bus_dmamap_unload(dmat, map); 2250 fail3: bus_dmamem_free(dmat, virtaddr, map); 2251 fail2: bus_dma_tag_destroy(dmat); 2252 fail1: 2253 return error; 2254 } 2255 2256 /* 2257 * Store firmware into kernel memory so we can download it when we need to, 2258 * e.g when the adapter wakes up from suspend mode. 2259 */ 2260 static int 2261 iwi_cache_firmware(struct iwi_softc *sc, void *data) 2262 { 2263 struct iwi_firmware *kfw = &sc->fw; 2264 struct iwi_firmware ufw; 2265 int error; 2266 2267 iwi_free_firmware(sc); 2268 2269 if ((error = copyin(data, &ufw, sizeof ufw)) != 0) 2270 return error; 2271 2272 kfw->boot_size = ufw.boot_size; 2273 kfw->ucode_size = ufw.ucode_size; 2274 kfw->main_size = ufw.main_size; 2275 2276 kfw->boot = kmalloc(kfw->boot_size, M_DEVBUF, M_WAITOK); 2277 kfw->ucode = kmalloc(kfw->ucode_size, M_DEVBUF, M_WAITOK); 2278 kfw->main = kmalloc(kfw->main_size, M_DEVBUF, M_WAITOK); 2279 2280 if ((error = copyin(ufw.boot, kfw->boot, kfw->boot_size)) != 0) 2281 goto fail; 2282 2283 if ((error = copyin(ufw.ucode, kfw->ucode, kfw->ucode_size)) != 0) 2284 goto fail; 2285 2286 if ((error = copyin(ufw.main, kfw->main, kfw->main_size)) != 0) 2287 goto fail; 2288 2289 DPRINTF(("Firmware cached: boot %u, ucode %u, main %u\n", 2290 kfw->boot_size, kfw->ucode_size, kfw->main_size)); 2291 2292 sc->flags |= IWI_FLAG_FW_CACHED; 2293 2294 return 0; 2295 2296 fail: 2297 kfree(kfw->boot, M_DEVBUF); 2298 kfree(kfw->ucode, M_DEVBUF); 2299 kfree(kfw->main, M_DEVBUF); 2300 2301 return error; 2302 } 2303 2304 static void 2305 iwi_free_firmware(struct iwi_softc *sc) 2306 { 2307 if (!(sc->flags & IWI_FLAG_FW_CACHED)) 2308 return; 2309 2310 kfree(sc->fw.boot, M_DEVBUF); 2311 kfree(sc->fw.ucode, M_DEVBUF); 2312 kfree(sc->fw.main, M_DEVBUF); 2313 2314 sc->flags &= ~IWI_FLAG_FW_CACHED; 2315 } 2316 2317 static int 2318 iwi_config(struct iwi_softc *sc) 2319 { 2320 struct ieee80211com *ic = &sc->sc_ic; 2321 struct ifnet *ifp = ic->ic_ifp; 2322 struct iwi_configuration config; 2323 struct iwi_rateset rs; 2324 struct iwi_txpower power; 2325 struct ieee80211_key *wk; 2326 struct iwi_wep_key wepkey; 2327 uint32_t data; 2328 int error, i; 2329 2330 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2331 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":")); 2332 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2333 IEEE80211_ADDR_LEN, 0); 2334 if (error != 0) 2335 return error; 2336 2337 memset(&config, 0, sizeof config); 2338 config.bluetooth_coexistence = sc->bluetooth; 2339 config.antenna = sc->antenna; 2340 config.multicast_enabled = 1; 2341 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2342 config.disable_unicast_decryption = 1; 2343 config.disable_multicast_decryption = 1; 2344 DPRINTF(("Configuring adapter\n")); 2345 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 0); 2346 if (error != 0) 2347 return error; 2348 2349 data = htole32(IWI_POWER_MODE_CAM); 2350 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2351 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2352 if (error != 0) 2353 return error; 2354 2355 data = htole32(ic->ic_rtsthreshold); 2356 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2357 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2358 if (error != 0) 2359 return error; 2360 2361 data = htole32(ic->ic_fragthreshold); 2362 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2363 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2364 if (error != 0) 2365 return error; 2366 2367 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2368 power.mode = IWI_MODE_11B; 2369 power.nchan = 11; 2370 for (i = 0; i < 11; i++) { 2371 power.chan[i].chan = i + 1; 2372 power.chan[i].power = IWI_TXPOWER_MAX; 2373 } 2374 DPRINTF(("Setting .11b channels tx power\n")); 2375 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2376 0); 2377 if (error != 0) 2378 return error; 2379 2380 power.mode = IWI_MODE_11G; 2381 DPRINTF(("Setting .11g channels tx power\n")); 2382 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2383 0); 2384 if (error != 0) 2385 return error; 2386 } 2387 2388 rs.mode = IWI_MODE_11G; 2389 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2390 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2391 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2392 rs.nrates); 2393 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2394 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2395 if (error != 0) 2396 return error; 2397 2398 rs.mode = IWI_MODE_11A; 2399 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2400 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2401 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2402 rs.nrates); 2403 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2404 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2405 if (error != 0) 2406 return error; 2407 2408 /* if we have a desired ESSID, set it now */ 2409 if (ic->ic_des_esslen != 0) { 2410 #ifdef IWI_DEBUG 2411 if (iwi_debug > 0) { 2412 printf("Setting desired ESSID to "); 2413 ieee80211_print_essid(ic->ic_des_essid, 2414 ic->ic_des_esslen); 2415 printf("\n"); 2416 } 2417 #endif 2418 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2419 ic->ic_des_esslen, 0); 2420 if (error != 0) 2421 return error; 2422 } 2423 2424 data = htole32(karc4random()); 2425 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2426 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2427 if (error != 0) 2428 return error; 2429 2430 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2431 wk = &ic->ic_crypto.cs_nw_keys[i]; 2432 2433 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2434 wepkey.idx = i; 2435 wepkey.len = wk->wk_keylen; 2436 memset(wepkey.key, 0, sizeof wepkey.key); 2437 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2438 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx, 2439 wepkey.len)); 2440 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2441 sizeof wepkey, 0); 2442 if (error != 0) 2443 return error; 2444 } 2445 2446 /* Enable adapter */ 2447 DPRINTF(("Enabling adapter\n")); 2448 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2449 } 2450 2451 static int 2452 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2453 { 2454 struct ieee80211com *ic = &sc->sc_ic; 2455 struct iwi_scan scan; 2456 2457 memset(&scan, 0, sizeof scan); 2458 memset(scan.type, IWI_SCAN_TYPE_PASSIVE, sizeof scan.type); 2459 scan.passive = htole16(2000); 2460 scan.channels[0] = 1 | 2461 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2462 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2463 2464 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2465 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2466 } 2467 2468 static int 2469 iwi_scan(struct iwi_softc *sc) 2470 { 2471 struct ieee80211com *ic = &sc->sc_ic; 2472 struct iwi_scan scan; 2473 uint8_t *p; 2474 int i, count; 2475 2476 memset(&scan, 0, sizeof scan); 2477 2478 if (ic->ic_des_esslen != 0) { 2479 scan.bdirected = htole16(sc->dwelltime); 2480 memset(scan.type, IWI_SCAN_TYPE_BDIRECTED, sizeof scan.type); 2481 } else { 2482 scan.broadcast = htole16(sc->dwelltime); 2483 memset(scan.type, IWI_SCAN_TYPE_BROADCAST, sizeof scan.type); 2484 } 2485 2486 p = scan.channels; 2487 count = 0; 2488 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2489 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2490 isset(ic->ic_chan_active, i)) { 2491 *++p = i; 2492 count++; 2493 } 2494 } 2495 *(p - count) = IWI_CHAN_5GHZ | count; 2496 2497 p = (count > 0) ? p + 1 : scan.channels; 2498 count = 0; 2499 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2500 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2501 isset(ic->ic_chan_active, i)) { 2502 *++p = i; 2503 count++; 2504 } 2505 } 2506 *(p - count) = IWI_CHAN_2GHZ | count; 2507 2508 DPRINTF(("Start scanning\n")); 2509 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2510 } 2511 2512 static int 2513 iwi_auth_and_assoc(struct iwi_softc *sc) 2514 { 2515 struct ieee80211com *ic = &sc->sc_ic; 2516 struct ifnet *ifp = ic->ic_ifp; 2517 struct ieee80211_node *ni = ic->ic_bss; 2518 struct ieee80211_wme_info wme; 2519 struct iwi_configuration config; 2520 struct iwi_associate assoc; 2521 struct iwi_rateset rs; 2522 uint16_t capinfo; 2523 uint32_t data; 2524 int error; 2525 2526 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2527 memset(&config, 0, sizeof config); 2528 config.bluetooth_coexistence = sc->bluetooth; 2529 config.antenna = sc->antenna; 2530 config.multicast_enabled = 1; 2531 config.use_protection = 1; 2532 config.answer_pbreq = 2533 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2534 config.disable_unicast_decryption = 1; 2535 config.disable_multicast_decryption = 1; 2536 DPRINTF(("Configuring adapter\n")); 2537 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 2538 1); 2539 if (error != 0) 2540 return error; 2541 } 2542 2543 #ifdef IWI_DEBUG 2544 if (iwi_debug > 0) { 2545 printf("Setting ESSID to "); 2546 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2547 printf("\n"); 2548 } 2549 #endif 2550 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2551 if (error != 0) 2552 return error; 2553 2554 /* the rate set has already been "negotiated" */ 2555 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2556 IWI_MODE_11G; 2557 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2558 rs.nrates = ni->ni_rates.rs_nrates; 2559 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2560 DPRINTF(("Setting negociated rates (%u)\n", rs.nrates)); 2561 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2562 if (error != 0) 2563 return error; 2564 2565 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2566 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2567 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2568 wme.wme_oui[0] = 0x00; 2569 wme.wme_oui[1] = 0x50; 2570 wme.wme_oui[2] = 0xf2; 2571 wme.wme_type = WME_OUI_TYPE; 2572 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2573 wme.wme_version = WME_VERSION; 2574 wme.wme_info = 0; 2575 2576 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2577 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2578 if (error != 0) 2579 return error; 2580 } 2581 2582 if (ic->ic_opt_ie != NULL) { 2583 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2584 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2585 ic->ic_opt_ie_len, 1); 2586 if (error != 0) 2587 return error; 2588 } 2589 2590 data = htole32(ni->ni_rssi); 2591 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2592 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2593 if (error != 0) 2594 return error; 2595 2596 memset(&assoc, 0, sizeof assoc); 2597 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2598 IWI_MODE_11G; 2599 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2600 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2601 assoc.auth = ic->ic_crypto.cs_def_txkey << 4 | IWI_AUTH_SHARED; 2602 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2603 assoc.policy |= htole16(IWI_POLICY_WME); 2604 if (ic->ic_flags & IEEE80211_F_WPA) 2605 assoc.policy |= htole16(IWI_POLICY_WPA); 2606 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2607 2608 if (ic->ic_opmode == IEEE80211_M_IBSS) 2609 capinfo = IEEE80211_CAPINFO_IBSS; 2610 else 2611 capinfo = IEEE80211_CAPINFO_ESS; 2612 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2613 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2614 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2615 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2616 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2617 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2618 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2619 assoc.capinfo = htole16(capinfo); 2620 2621 assoc.lintval = htole16(ic->ic_lintval); 2622 assoc.intval = htole16(ni->ni_intval); 2623 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2624 if (ic->ic_opmode == IEEE80211_M_IBSS) 2625 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2626 else 2627 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2628 2629 DPRINTF(("Trying to associate to %6D channel %u auth %u\n", 2630 assoc.bssid, ":", assoc.chan, assoc.auth)); 2631 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2632 } 2633 2634 static void 2635 iwi_init(void *priv) 2636 { 2637 struct iwi_softc *sc = priv; 2638 struct ieee80211com *ic = &sc->sc_ic; 2639 struct ifnet *ifp = ic->ic_ifp; 2640 struct iwi_firmware *fw = &sc->fw; 2641 struct iwi_rx_data *data; 2642 int i; 2643 2644 /* exit immediately if firmware has not been ioctl'd */ 2645 if (!(sc->flags & IWI_FLAG_FW_CACHED)) { 2646 if (!(sc->flags & IWI_FLAG_FW_WARNED)) 2647 device_printf(sc->sc_dev, "Please load firmware\n"); 2648 sc->flags |= IWI_FLAG_FW_WARNED; 2649 ifp->if_flags &= ~IFF_UP; 2650 return; 2651 } 2652 2653 iwi_stop(sc); 2654 2655 if (iwi_reset(sc) != 0) { 2656 device_printf(sc->sc_dev, "could not reset adapter\n"); 2657 goto fail; 2658 } 2659 2660 if (iwi_load_firmware(sc, fw->boot, fw->boot_size) != 0) { 2661 device_printf(sc->sc_dev, "could not load boot firmware\n"); 2662 goto fail; 2663 } 2664 2665 if (iwi_load_ucode(sc, fw->ucode, fw->ucode_size) != 0) { 2666 device_printf(sc->sc_dev, "could not load microcode\n"); 2667 goto fail; 2668 } 2669 2670 iwi_stop_master(sc); 2671 2672 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr); 2673 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2674 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2675 2676 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr); 2677 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2678 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2679 2680 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr); 2681 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2682 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2683 2684 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr); 2685 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2686 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2687 2688 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr); 2689 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2690 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2691 2692 for (i = 0; i < sc->rxq.count; i++) { 2693 data = &sc->rxq.data[i]; 2694 CSR_WRITE_4(sc, data->reg, data->physaddr); 2695 } 2696 2697 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1); 2698 2699 if (iwi_load_firmware(sc, fw->main, fw->main_size) != 0) { 2700 device_printf(sc->sc_dev, "could not load main firmware\n"); 2701 goto fail; 2702 } 2703 2704 sc->flags |= IWI_FLAG_FW_INITED; 2705 2706 if (iwi_config(sc) != 0) { 2707 device_printf(sc->sc_dev, "device configuration failed\n"); 2708 goto fail; 2709 } 2710 2711 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2712 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2713 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2714 } else 2715 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2716 2717 ifp->if_flags &= ~IFF_OACTIVE; 2718 ifp->if_flags |= IFF_RUNNING; 2719 2720 return; 2721 2722 fail: ifp->if_flags &= ~IFF_UP; 2723 iwi_stop(sc); 2724 } 2725 2726 static void 2727 iwi_stop(void *priv) 2728 { 2729 struct iwi_softc *sc = priv; 2730 struct ieee80211com *ic = &sc->sc_ic; 2731 struct ifnet *ifp = ic->ic_ifp; 2732 2733 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2734 2735 iwi_stop_master(sc); 2736 2737 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET); 2738 2739 /* reset rings */ 2740 iwi_reset_cmd_ring(sc, &sc->cmdq); 2741 iwi_reset_tx_ring(sc, &sc->txq[0]); 2742 iwi_reset_tx_ring(sc, &sc->txq[1]); 2743 iwi_reset_tx_ring(sc, &sc->txq[2]); 2744 iwi_reset_tx_ring(sc, &sc->txq[3]); 2745 iwi_reset_rx_ring(sc, &sc->rxq); 2746 2747 sc->sc_tx_timer = 0; 2748 ifp->if_timer = 0; 2749 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2750 } 2751 2752 static int 2753 iwi_sysctl_stats(SYSCTL_HANDLER_ARGS) 2754 { 2755 struct iwi_softc *sc = arg1; 2756 struct ifnet *ifp = &sc->sc_ic.ic_if; 2757 uint32_t size, buf[128]; 2758 2759 lwkt_serialize_enter(ifp->if_serializer); 2760 2761 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 2762 memset(buf, 0, sizeof buf); 2763 goto back; 2764 } 2765 2766 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 2767 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 2768 back: 2769 lwkt_serialize_exit(ifp->if_serializer); 2770 return SYSCTL_OUT(req, buf, sizeof buf); 2771 } 2772 2773 static int 2774 iwi_sysctl_radio(SYSCTL_HANDLER_ARGS) 2775 { 2776 struct iwi_softc *sc = arg1; 2777 struct ifnet *ifp = &sc->sc_ic.ic_if; 2778 int val; 2779 2780 lwkt_serialize_enter(ifp->if_serializer); 2781 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 2782 lwkt_serialize_exit(ifp->if_serializer); 2783 2784 return SYSCTL_OUT(req, &val, sizeof val); 2785 } 2786 2787 static const int8_t iwi_bitmap[256] = { 2788 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2789 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2790 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2791 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2792 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2793 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2794 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2795 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 7, 2796 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2797 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2798 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2799 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2800 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2801 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2802 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2803 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, -1 2804 }; 2805 2806 static int 2807 iwi_alloc_ibss_node(struct iwi_softc *sc) 2808 { 2809 int i; 2810 2811 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2812 2813 for (i = 0; i < IWI_MAX_IBSSNODE_NBYTE; ++i) { 2814 int ret; 2815 2816 ret = iwi_bitmap[sc->sc_ibss_node[i]]; 2817 if (ret != -1) { 2818 sc->sc_ibss_node[i] |= (1 << ret); 2819 ret += (i * NBBY); 2820 return ret; 2821 } 2822 } 2823 return -1; 2824 } 2825 2826 static void 2827 iwi_free_ibss_node(struct iwi_softc *sc, int ibss_node) 2828 { 2829 int i, b; 2830 2831 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2832 KASSERT(ibss_node < IWI_MAX_IBSSNODE, ("free ibss node, out of range")); 2833 2834 i = ibss_node / NBBY; 2835 b = ibss_node % NBBY; 2836 2837 sc->sc_ibss_node[i] &= ~(1 << b); 2838 } 2839