1 /*- 2 * Copyright (c) 2006,2007 3 * Damien Bergamini <damien.bergamini@free.fr> 4 * Benjamin Close <Benjamin.Close@clearchain.com> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 #define VERSION "20071127" 20 21 #include <sys/cdefs.h> 22 __FBSDID("$FreeBSD$"); 23 24 /* 25 * Driver for Intel PRO/Wireless 3945ABG 802.11 network adapters. 26 * 27 * The 3945ABG network adapter doesn't use traditional hardware as 28 * many other adaptors do. Instead at run time the eeprom is set into a known 29 * state and told to load boot firmware. The boot firmware loads an init and a 30 * main binary firmware image into SRAM on the card via DMA. 31 * Once the firmware is loaded, the driver/hw then 32 * communicate by way of circular dma rings via the SRAM to the firmware. 33 * 34 * There is 6 memory rings. 1 command ring, 1 rx data ring & 4 tx data rings. 35 * The 4 tx data rings allow for prioritization QoS. 36 * 37 * The rx data ring consists of 32 dma buffers. Two registers are used to 38 * indicate where in the ring the driver and the firmware are up to. The 39 * driver sets the initial read index (reg1) and the initial write index (reg2), 40 * the firmware updates the read index (reg1) on rx of a packet and fires an 41 * interrupt. The driver then processes the buffers starting at reg1 indicating 42 * to the firmware which buffers have been accessed by updating reg2. At the 43 * same time allocating new memory for the processed buffer. 44 * 45 * A similar thing happens with the tx rings. The difference is the firmware 46 * stop processing buffers once the queue is full and until confirmation 47 * of a successful transmition (tx_intr) has occurred. 48 * 49 * The command ring operates in the same manner as the tx queues. 50 * 51 * All communication direct to the card (ie eeprom) is classed as Stage1 52 * communication 53 * 54 * All communication via the firmware to the card is classed as State2. 55 * The firmware consists of 2 parts. A bootstrap firmware and a runtime 56 * firmware. The bootstrap firmware and runtime firmware are loaded 57 * from host memory via dma to the card then told to execute. From this point 58 * on the majority of communications between the driver and the card goes 59 * via the firmware. 60 */ 61 62 #include "opt_wlan.h" 63 64 #include <sys/param.h> 65 #include <sys/sysctl.h> 66 #include <sys/sockio.h> 67 #include <sys/mbuf.h> 68 #include <sys/kernel.h> 69 #include <sys/socket.h> 70 #include <sys/systm.h> 71 #include <sys/malloc.h> 72 #include <sys/queue.h> 73 #include <sys/taskqueue.h> 74 #include <sys/module.h> 75 #include <sys/bus.h> 76 #include <sys/endian.h> 77 #include <sys/linker.h> 78 #include <sys/firmware.h> 79 80 #include <sys/stdbool.h> 81 #include <sys/rman.h> 82 83 #include <bus/pci/pcireg.h> 84 #include <bus/pci/pcivar.h> 85 86 #include <net/bpf.h> 87 #include <net/if.h> 88 #include <net/if_var.h> 89 #include <net/if_arp.h> 90 #include <net/ethernet.h> 91 #include <net/if_dl.h> 92 #include <net/if_media.h> 93 #include <net/if_types.h> 94 #include <net/ifq_var.h> 95 96 #include <netproto/802_11/ieee80211_var.h> 97 #include <netproto/802_11/ieee80211_radiotap.h> 98 #include <netproto/802_11/ieee80211_regdomain.h> 99 #include <netproto/802_11/ieee80211_ratectl.h> 100 101 #include <netinet/in.h> 102 #include <netinet/in_systm.h> 103 #include <netinet/in_var.h> 104 #include <netinet/ip.h> 105 #include <netinet/if_ether.h> 106 107 #include <dev/netif/wpi/if_wpireg.h> 108 #include <dev/netif/wpi/if_wpivar.h> 109 110 #define WPI_DEBUG 111 112 #ifdef WPI_DEBUG 113 #define DPRINTF(x) do { if (wpi_debug != 0) kprintf x; } while (0) 114 #define DPRINTFN(n, x) do { if (wpi_debug & n) kprintf x; } while (0) 115 #define WPI_DEBUG_SET (wpi_debug != 0) 116 117 enum { 118 WPI_DEBUG_UNUSED = 0x00000001, /* Unused */ 119 WPI_DEBUG_HW = 0x00000002, /* Stage 1 (eeprom) debugging */ 120 WPI_DEBUG_TX = 0x00000004, /* Stage 2 TX intrp debugging*/ 121 WPI_DEBUG_RX = 0x00000008, /* Stage 2 RX intrp debugging */ 122 WPI_DEBUG_CMD = 0x00000010, /* Stage 2 CMD intrp debugging*/ 123 WPI_DEBUG_FIRMWARE = 0x00000020, /* firmware(9) loading debug */ 124 WPI_DEBUG_DMA = 0x00000040, /* DMA (de)allocations/syncs */ 125 WPI_DEBUG_SCANNING = 0x00000080, /* Stage 2 Scanning debugging */ 126 WPI_DEBUG_NOTIFY = 0x00000100, /* State 2 Noftif intr debug */ 127 WPI_DEBUG_TEMP = 0x00000200, /* TXPower/Temp Calibration */ 128 WPI_DEBUG_OPS = 0x00000400, /* wpi_ops taskq debug */ 129 WPI_DEBUG_WATCHDOG = 0x00000800, /* Watch dog debug */ 130 WPI_DEBUG_ANY = 0xffffffff 131 }; 132 133 static int wpi_debug; 134 SYSCTL_INT(_debug, OID_AUTO, wpi, CTLFLAG_RW, &wpi_debug, 0, "wpi debug level"); 135 TUNABLE_INT("debug.wpi", &wpi_debug); 136 137 #else 138 #define DPRINTF(x) 139 #define DPRINTFN(n, x) 140 #define WPI_DEBUG_SET 0 141 #endif 142 143 struct wpi_ident { 144 uint16_t vendor; 145 uint16_t device; 146 uint16_t subdevice; 147 const char *name; 148 }; 149 150 static const struct wpi_ident wpi_ident_table[] = { 151 /* The below entries support ABG regardless of the subid */ 152 { 0x8086, 0x4222, 0x0, "Intel(R) PRO/Wireless 3945ABG" }, 153 { 0x8086, 0x4227, 0x0, "Intel(R) PRO/Wireless 3945ABG" }, 154 /* The below entries only support BG */ 155 { 0x8086, 0x4222, 0x1005, "Intel(R) PRO/Wireless 3945BG" }, 156 { 0x8086, 0x4222, 0x1034, "Intel(R) PRO/Wireless 3945BG" }, 157 { 0x8086, 0x4227, 0x1014, "Intel(R) PRO/Wireless 3945BG" }, 158 { 0x8086, 0x4222, 0x1044, "Intel(R) PRO/Wireless 3945BG" }, 159 { 0, 0, 0, NULL } 160 }; 161 162 static struct ieee80211vap *wpi_vap_create(struct ieee80211com *, 163 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 164 const uint8_t [IEEE80211_ADDR_LEN], 165 const uint8_t [IEEE80211_ADDR_LEN]); 166 static void wpi_vap_delete(struct ieee80211vap *); 167 static int wpi_dma_contig_alloc(struct wpi_softc *, struct wpi_dma_info *, 168 void **, bus_size_t, bus_size_t, int); 169 static void wpi_dma_contig_free(struct wpi_dma_info *); 170 static void wpi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 171 static int wpi_alloc_shared(struct wpi_softc *); 172 static void wpi_free_shared(struct wpi_softc *); 173 static int wpi_alloc_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 174 static void wpi_reset_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 175 static void wpi_free_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 176 static int wpi_alloc_tx_ring(struct wpi_softc *, struct wpi_tx_ring *, 177 int, int); 178 static void wpi_reset_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 179 static void wpi_free_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 180 static int wpi_newstate(struct ieee80211vap *, enum ieee80211_state, int); 181 static void wpi_mem_lock(struct wpi_softc *); 182 static void wpi_mem_unlock(struct wpi_softc *); 183 static uint32_t wpi_mem_read(struct wpi_softc *, uint16_t); 184 static void wpi_mem_write(struct wpi_softc *, uint16_t, uint32_t); 185 static void wpi_mem_write_region_4(struct wpi_softc *, uint16_t, 186 const uint32_t *, int); 187 static uint16_t wpi_read_prom_data(struct wpi_softc *, uint32_t, void *, int); 188 static int wpi_alloc_fwmem(struct wpi_softc *); 189 static void wpi_free_fwmem(struct wpi_softc *); 190 static int wpi_load_firmware(struct wpi_softc *); 191 static void wpi_unload_firmware(struct wpi_softc *); 192 static int wpi_load_microcode(struct wpi_softc *, const uint8_t *, int); 193 static void wpi_rx_intr(struct wpi_softc *, struct wpi_rx_desc *, 194 struct wpi_rx_data *); 195 static void wpi_tx_intr(struct wpi_softc *, struct wpi_rx_desc *); 196 static void wpi_cmd_intr(struct wpi_softc *, struct wpi_rx_desc *); 197 static void wpi_notif_intr(struct wpi_softc *); 198 static void wpi_intr(void *); 199 static uint8_t wpi_plcp_signal(int); 200 static void wpi_watchdog(void *); 201 static int wpi_tx_data(struct wpi_softc *, struct mbuf *, 202 struct ieee80211_node *, int); 203 static void wpi_start(struct ifnet *, struct ifaltq_subque *); 204 static void wpi_start_locked(struct ifnet *); 205 static int wpi_raw_xmit(struct ieee80211_node *, struct mbuf *, 206 const struct ieee80211_bpf_params *); 207 static void wpi_scan_start(struct ieee80211com *); 208 static void wpi_scan_end(struct ieee80211com *); 209 static void wpi_set_channel(struct ieee80211com *); 210 static void wpi_scan_curchan(struct ieee80211_scan_state *, unsigned long); 211 static void wpi_scan_mindwell(struct ieee80211_scan_state *); 212 static int wpi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 213 static void wpi_read_eeprom(struct wpi_softc *, 214 uint8_t macaddr[IEEE80211_ADDR_LEN]); 215 static void wpi_read_eeprom_channels(struct wpi_softc *, int); 216 static void wpi_read_eeprom_group(struct wpi_softc *, int); 217 static int wpi_cmd(struct wpi_softc *, int, const void *, int, int); 218 static int wpi_wme_update(struct ieee80211com *); 219 static int wpi_mrr_setup(struct wpi_softc *); 220 static void wpi_set_led(struct wpi_softc *, uint8_t, uint8_t, uint8_t); 221 static void wpi_enable_tsf(struct wpi_softc *, struct ieee80211_node *); 222 #if 0 223 static int wpi_setup_beacon(struct wpi_softc *, struct ieee80211_node *); 224 #endif 225 static int wpi_auth(struct wpi_softc *, struct ieee80211vap *); 226 static int wpi_run(struct wpi_softc *, struct ieee80211vap *); 227 static int wpi_scan(struct wpi_softc *); 228 static int wpi_config(struct wpi_softc *); 229 static void wpi_stop_master(struct wpi_softc *); 230 static int wpi_power_up(struct wpi_softc *); 231 static int wpi_reset(struct wpi_softc *); 232 static void wpi_hwreset(void *, int); 233 static void wpi_rfreset(void *, int); 234 static void wpi_hw_config(struct wpi_softc *); 235 static void wpi_init(void *); 236 static void wpi_init_locked(struct wpi_softc *, int); 237 static void wpi_stop(struct wpi_softc *); 238 static void wpi_stop_locked(struct wpi_softc *); 239 240 static int wpi_set_txpower(struct wpi_softc *, struct ieee80211_channel *, 241 int); 242 static void wpi_calib_timeout(void *); 243 static void wpi_power_calibration(struct wpi_softc *, int); 244 static int wpi_get_power_index(struct wpi_softc *, 245 struct wpi_power_group *, struct ieee80211_channel *, int); 246 #ifdef WPI_DEBUG 247 static const char *wpi_cmd_str(int); 248 #endif 249 static int wpi_probe(device_t); 250 static int wpi_attach(device_t); 251 static int wpi_detach(device_t); 252 static int wpi_shutdown(device_t); 253 static int wpi_suspend(device_t); 254 static int wpi_resume(device_t); 255 256 #if defined(__DragonFly__) 257 static int wpi_sleep(struct wpi_softc *sc, void *wchan, 258 int flags, const char *wmsg, int timo); 259 #endif 260 261 static device_method_t wpi_methods[] = { 262 /* Device interface */ 263 DEVMETHOD(device_probe, wpi_probe), 264 DEVMETHOD(device_attach, wpi_attach), 265 DEVMETHOD(device_detach, wpi_detach), 266 DEVMETHOD(device_shutdown, wpi_shutdown), 267 DEVMETHOD(device_suspend, wpi_suspend), 268 DEVMETHOD(device_resume, wpi_resume), 269 270 DEVMETHOD_END 271 }; 272 273 static driver_t wpi_driver = { 274 "wpi", 275 wpi_methods, 276 sizeof (struct wpi_softc) 277 }; 278 279 static devclass_t wpi_devclass; 280 281 DRIVER_MODULE(wpi, pci, wpi_driver, wpi_devclass, NULL, NULL); 282 283 MODULE_VERSION(wpi, 1); 284 285 static const uint8_t wpi_ridx_to_plcp[] = { 286 /* OFDM: IEEE Std 802.11a-1999, pp. 14 Table 80 */ 287 /* R1-R4 (ral/ural is R4-R1) */ 288 0xd, 0xf, 0x5, 0x7, 0x9, 0xb, 0x1, 0x3, 289 /* CCK: device-dependent */ 290 10, 20, 55, 110 291 }; 292 293 static const uint8_t wpi_ridx_to_rate[] = { 294 12, 18, 24, 36, 48, 72, 96, 108, /* OFDM */ 295 2, 4, 11, 22 /*CCK */ 296 }; 297 298 static int 299 wpi_probe(device_t dev) 300 { 301 const struct wpi_ident *ident; 302 303 for (ident = wpi_ident_table; ident->name != NULL; ident++) { 304 if (pci_get_vendor(dev) == ident->vendor && 305 pci_get_device(dev) == ident->device) { 306 device_set_desc(dev, ident->name); 307 return (BUS_PROBE_DEFAULT); 308 } 309 } 310 return ENXIO; 311 } 312 313 /** 314 * Load the firmare image from disk to the allocated dma buffer. 315 * we also maintain the reference to the firmware pointer as there 316 * is times where we may need to reload the firmware but we are not 317 * in a context that can access the filesystem (ie taskq cause by restart) 318 * 319 * @return 0 on success, an errno on failure 320 */ 321 static int 322 wpi_load_firmware(struct wpi_softc *sc) 323 { 324 const struct firmware *fp; 325 struct wpi_dma_info *dma = &sc->fw_dma; 326 const struct wpi_firmware_hdr *hdr; 327 const uint8_t *itext, *idata, *rtext, *rdata, *btext; 328 uint32_t itextsz, idatasz, rtextsz, rdatasz, btextsz; 329 int error; 330 331 DPRINTFN(WPI_DEBUG_FIRMWARE, 332 ("Attempting Loading Firmware from wpi_fw module\n")); 333 334 WPI_UNLOCK(sc); 335 336 if (sc->fw_fp == NULL && (sc->fw_fp = firmware_get("wpifw")) == NULL) { 337 device_printf(sc->sc_dev, 338 "could not load firmware image 'wpifw'\n"); 339 error = ENOENT; 340 WPI_LOCK(sc); 341 goto fail; 342 } 343 344 fp = sc->fw_fp; 345 346 WPI_LOCK(sc); 347 348 /* Validate the firmware is minimum a particular version */ 349 if (fp->version < WPI_FW_MINVERSION) { 350 device_printf(sc->sc_dev, 351 "firmware version is too old. Need %d, got %d\n", 352 WPI_FW_MINVERSION, 353 fp->version); 354 error = ENXIO; 355 goto fail; 356 } 357 358 if (fp->datasize < sizeof (struct wpi_firmware_hdr)) { 359 device_printf(sc->sc_dev, 360 "firmware file too short: %zu bytes\n", fp->datasize); 361 error = ENXIO; 362 goto fail; 363 } 364 365 hdr = (const struct wpi_firmware_hdr *)fp->data; 366 367 /* | RUNTIME FIRMWARE | INIT FIRMWARE | BOOT FW | 368 |HDR|<--TEXT-->|<--DATA-->|<--TEXT-->|<--DATA-->|<--TEXT-->| */ 369 370 rtextsz = le32toh(hdr->rtextsz); 371 rdatasz = le32toh(hdr->rdatasz); 372 itextsz = le32toh(hdr->itextsz); 373 idatasz = le32toh(hdr->idatasz); 374 btextsz = le32toh(hdr->btextsz); 375 376 /* check that all firmware segments are present */ 377 if (fp->datasize < sizeof (struct wpi_firmware_hdr) + 378 rtextsz + rdatasz + itextsz + idatasz + btextsz) { 379 device_printf(sc->sc_dev, 380 "firmware file too short: %zu bytes\n", fp->datasize); 381 error = ENXIO; /* XXX appropriate error code? */ 382 goto fail; 383 } 384 385 /* get pointers to firmware segments */ 386 rtext = (const uint8_t *)(hdr + 1); 387 rdata = rtext + rtextsz; 388 itext = rdata + rdatasz; 389 idata = itext + itextsz; 390 btext = idata + idatasz; 391 392 DPRINTFN(WPI_DEBUG_FIRMWARE, 393 ("Firmware Version: Major %d, Minor %d, Driver %d, \n" 394 "runtime (text: %u, data: %u) init (text: %u, data %u) boot (text %u)\n", 395 (le32toh(hdr->version) & 0xff000000) >> 24, 396 (le32toh(hdr->version) & 0x00ff0000) >> 16, 397 (le32toh(hdr->version) & 0x0000ffff), 398 rtextsz, rdatasz, 399 itextsz, idatasz, btextsz)); 400 401 DPRINTFN(WPI_DEBUG_FIRMWARE,("rtext 0x%x\n", *(const uint32_t *)rtext)); 402 DPRINTFN(WPI_DEBUG_FIRMWARE,("rdata 0x%x\n", *(const uint32_t *)rdata)); 403 DPRINTFN(WPI_DEBUG_FIRMWARE,("itext 0x%x\n", *(const uint32_t *)itext)); 404 DPRINTFN(WPI_DEBUG_FIRMWARE,("idata 0x%x\n", *(const uint32_t *)idata)); 405 DPRINTFN(WPI_DEBUG_FIRMWARE,("btext 0x%x\n", *(const uint32_t *)btext)); 406 407 /* sanity checks */ 408 if (rtextsz > WPI_FW_MAIN_TEXT_MAXSZ || 409 rdatasz > WPI_FW_MAIN_DATA_MAXSZ || 410 itextsz > WPI_FW_INIT_TEXT_MAXSZ || 411 idatasz > WPI_FW_INIT_DATA_MAXSZ || 412 btextsz > WPI_FW_BOOT_TEXT_MAXSZ || 413 (btextsz & 3) != 0) { 414 device_printf(sc->sc_dev, "firmware invalid\n"); 415 error = EINVAL; 416 goto fail; 417 } 418 419 /* copy initialization images into pre-allocated DMA-safe memory */ 420 memcpy(dma->vaddr, idata, idatasz); 421 memcpy(dma->vaddr + WPI_FW_INIT_DATA_MAXSZ, itext, itextsz); 422 423 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 424 425 /* tell adapter where to find initialization images */ 426 wpi_mem_lock(sc); 427 wpi_mem_write(sc, WPI_MEM_DATA_BASE, dma->paddr); 428 wpi_mem_write(sc, WPI_MEM_DATA_SIZE, idatasz); 429 wpi_mem_write(sc, WPI_MEM_TEXT_BASE, 430 dma->paddr + WPI_FW_INIT_DATA_MAXSZ); 431 wpi_mem_write(sc, WPI_MEM_TEXT_SIZE, itextsz); 432 wpi_mem_unlock(sc); 433 434 /* load firmware boot code */ 435 if ((error = wpi_load_microcode(sc, btext, btextsz)) != 0) { 436 device_printf(sc->sc_dev, "Failed to load microcode\n"); 437 goto fail; 438 } 439 440 /* now press "execute" */ 441 WPI_WRITE(sc, WPI_RESET, 0); 442 443 /* wait at most one second for the first alive notification */ 444 #if defined(__DragonFly__) 445 if ((error = wpi_sleep(sc, sc, PCATCH, "wpiinit", hz)) != 0) { 446 device_printf(sc->sc_dev, 447 "timeout waiting for adapter to initialize\n"); 448 goto fail; 449 } 450 #else 451 if ((error = msleep(sc, &sc->sc_mtx, PCATCH, "wpiinit", hz)) != 0) { 452 device_printf(sc->sc_dev, 453 "timeout waiting for adapter to initialize\n"); 454 goto fail; 455 } 456 #endif 457 458 /* copy runtime images into pre-allocated DMA-sage memory */ 459 memcpy(dma->vaddr, rdata, rdatasz); 460 memcpy(dma->vaddr + WPI_FW_MAIN_DATA_MAXSZ, rtext, rtextsz); 461 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 462 463 /* tell adapter where to find runtime images */ 464 wpi_mem_lock(sc); 465 wpi_mem_write(sc, WPI_MEM_DATA_BASE, dma->paddr); 466 wpi_mem_write(sc, WPI_MEM_DATA_SIZE, rdatasz); 467 wpi_mem_write(sc, WPI_MEM_TEXT_BASE, 468 dma->paddr + WPI_FW_MAIN_DATA_MAXSZ); 469 wpi_mem_write(sc, WPI_MEM_TEXT_SIZE, WPI_FW_UPDATED | rtextsz); 470 wpi_mem_unlock(sc); 471 472 /* wait at most one second for the first alive notification */ 473 #if defined(__DragonFly__) 474 if ((error = wpi_sleep(sc, sc, PCATCH, "wpiinit", hz)) != 0) { 475 device_printf(sc->sc_dev, 476 "timeout waiting for adapter to initialize2\n"); 477 goto fail; 478 } 479 #else 480 if ((error = msleep(sc, &sc->sc_mtx, PCATCH, "wpiinit", hz)) != 0) { 481 device_printf(sc->sc_dev, 482 "timeout waiting for adapter to initialize2\n"); 483 goto fail; 484 } 485 #endif 486 487 DPRINTFN(WPI_DEBUG_FIRMWARE, 488 ("Firmware loaded to driver successfully\n")); 489 return error; 490 fail: 491 wpi_unload_firmware(sc); 492 return error; 493 } 494 495 /** 496 * Free the referenced firmware image 497 */ 498 static void 499 wpi_unload_firmware(struct wpi_softc *sc) 500 { 501 502 if (sc->fw_fp) { 503 WPI_UNLOCK(sc); 504 firmware_put(sc->fw_fp, FIRMWARE_UNLOAD); 505 WPI_LOCK(sc); 506 sc->fw_fp = NULL; 507 } 508 } 509 510 static int 511 wpi_attach(device_t dev) 512 { 513 struct wpi_softc *sc = device_get_softc(dev); 514 struct ifnet *ifp; 515 struct ieee80211com *ic; 516 int ac, error, rid, supportsa = 1; 517 uint32_t tmp; 518 const struct wpi_ident *ident; 519 uint8_t macaddr[IEEE80211_ADDR_LEN]; 520 521 sc->sc_dev = dev; 522 523 if (bootverbose || WPI_DEBUG_SET) 524 device_printf(sc->sc_dev,"Driver Revision %s\n", VERSION); 525 526 /* 527 * Some card's only support 802.11b/g not a, check to see if 528 * this is one such card. A 0x0 in the subdevice table indicates 529 * the entire subdevice range is to be ignored. 530 */ 531 for (ident = wpi_ident_table; ident->name != NULL; ident++) { 532 if (ident->subdevice && 533 pci_get_subdevice(dev) == ident->subdevice) { 534 supportsa = 0; 535 break; 536 } 537 } 538 539 /* Create the tasks that can be queued */ 540 TASK_INIT(&sc->sc_restarttask, 0, wpi_hwreset, sc); 541 TASK_INIT(&sc->sc_radiotask, 0, wpi_rfreset, sc); 542 543 WPI_LOCK_INIT(sc); 544 545 callout_init_mtx(&sc->calib_to, &sc->sc_mtx, 0); 546 callout_init_mtx(&sc->watchdog_to, &sc->sc_mtx, 0); 547 548 /* disable the retry timeout register */ 549 pci_write_config(dev, 0x41, 0, 1); 550 551 /* enable bus-mastering */ 552 pci_enable_busmaster(dev); 553 554 rid = PCIR_BAR(0); 555 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &rid, 556 RF_ACTIVE); 557 if (sc->mem == NULL) { 558 device_printf(dev, "could not allocate memory resource\n"); 559 error = ENOMEM; 560 goto fail; 561 } 562 563 sc->sc_st = rman_get_bustag(sc->mem); 564 sc->sc_sh = rman_get_bushandle(sc->mem); 565 566 rid = 0; 567 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid, 568 RF_ACTIVE | RF_SHAREABLE); 569 if (sc->irq == NULL) { 570 device_printf(dev, "could not allocate interrupt resource\n"); 571 error = ENOMEM; 572 goto fail; 573 } 574 575 /* 576 * Allocate DMA memory for firmware transfers. 577 */ 578 if ((error = wpi_alloc_fwmem(sc)) != 0) { 579 kprintf(": could not allocate firmware memory\n"); 580 error = ENOMEM; 581 goto fail; 582 } 583 584 /* 585 * Put adapter into a known state. 586 */ 587 if ((error = wpi_reset(sc)) != 0) { 588 device_printf(dev, "could not reset adapter\n"); 589 goto fail; 590 } 591 592 wpi_mem_lock(sc); 593 tmp = wpi_mem_read(sc, WPI_MEM_PCIDEV); 594 if (bootverbose || WPI_DEBUG_SET) 595 device_printf(sc->sc_dev, "Hardware Revision (0x%X)\n", tmp); 596 597 wpi_mem_unlock(sc); 598 599 /* Allocate shared page */ 600 if ((error = wpi_alloc_shared(sc)) != 0) { 601 device_printf(dev, "could not allocate shared page\n"); 602 goto fail; 603 } 604 605 /* tx data queues - 4 for QoS purposes */ 606 for (ac = 0; ac < WME_NUM_AC; ac++) { 607 error = wpi_alloc_tx_ring(sc, &sc->txq[ac], WPI_TX_RING_COUNT, ac); 608 if (error != 0) { 609 device_printf(dev, "could not allocate Tx ring %d\n",ac); 610 goto fail; 611 } 612 } 613 614 /* command queue to talk to the card's firmware */ 615 error = wpi_alloc_tx_ring(sc, &sc->cmdq, WPI_CMD_RING_COUNT, 4); 616 if (error != 0) { 617 device_printf(dev, "could not allocate command ring\n"); 618 goto fail; 619 } 620 621 /* receive data queue */ 622 error = wpi_alloc_rx_ring(sc, &sc->rxq); 623 if (error != 0) { 624 device_printf(dev, "could not allocate Rx ring\n"); 625 goto fail; 626 } 627 628 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 629 if (ifp == NULL) { 630 device_printf(dev, "can not if_alloc()\n"); 631 error = ENOMEM; 632 goto fail; 633 } 634 ic = ifp->if_l2com; 635 636 ic->ic_ifp = ifp; 637 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 638 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 639 640 /* set device capabilities */ 641 ic->ic_caps = 642 IEEE80211_C_STA /* station mode supported */ 643 | IEEE80211_C_MONITOR /* monitor mode supported */ 644 | IEEE80211_C_TXPMGT /* tx power management */ 645 | IEEE80211_C_SHSLOT /* short slot time supported */ 646 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 647 | IEEE80211_C_WPA /* 802.11i */ 648 /* XXX looks like WME is partly supported? */ 649 #if 0 650 | IEEE80211_C_IBSS /* IBSS mode support */ 651 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 652 | IEEE80211_C_WME /* 802.11e */ 653 | IEEE80211_C_HOSTAP /* Host access point mode */ 654 #endif 655 ; 656 657 /* 658 * Read in the eeprom and also setup the channels for 659 * net80211. We don't set the rates as net80211 does this for us 660 */ 661 wpi_read_eeprom(sc, macaddr); 662 663 if (bootverbose || WPI_DEBUG_SET) { 664 device_printf(sc->sc_dev, "Regulatory Domain: %.4s\n", sc->domain); 665 device_printf(sc->sc_dev, "Hardware Type: %c\n", 666 sc->type > 1 ? 'B': '?'); 667 device_printf(sc->sc_dev, "Hardware Revision: %c\n", 668 ((le16toh(sc->rev) & 0xf0) == 0xd0) ? 'D': '?'); 669 device_printf(sc->sc_dev, "SKU %s support 802.11a\n", 670 supportsa ? "does" : "does not"); 671 672 /* XXX hw_config uses the PCIDEV for the Hardware rev. Must check 673 what sc->rev really represents - benjsc 20070615 */ 674 } 675 676 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 677 ifp->if_softc = sc; 678 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 679 ifp->if_init = wpi_init; 680 ifp->if_ioctl = wpi_ioctl; 681 ifp->if_start = wpi_start; 682 #if defined(__DragonFly__) 683 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen); 684 #else 685 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 686 ifp->if_snd.ifq_drv_maxlen = ifqmaxlen; 687 IFQ_SET_READY(&ifp->if_snd); 688 #endif 689 690 ieee80211_ifattach(ic, macaddr); 691 /* override default methods */ 692 ic->ic_raw_xmit = wpi_raw_xmit; 693 ic->ic_wme.wme_update = wpi_wme_update; 694 ic->ic_scan_start = wpi_scan_start; 695 ic->ic_scan_end = wpi_scan_end; 696 ic->ic_set_channel = wpi_set_channel; 697 ic->ic_scan_curchan = wpi_scan_curchan; 698 ic->ic_scan_mindwell = wpi_scan_mindwell; 699 700 ic->ic_vap_create = wpi_vap_create; 701 ic->ic_vap_delete = wpi_vap_delete; 702 703 ieee80211_radiotap_attach(ic, 704 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 705 WPI_TX_RADIOTAP_PRESENT, 706 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 707 WPI_RX_RADIOTAP_PRESENT); 708 709 /* 710 * Hook our interrupt after all initialization is complete. 711 */ 712 #if defined (__DragonFly__) 713 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, 714 wpi_intr, sc, &sc->sc_ih, &wlan_global_serializer); 715 #else 716 error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET |INTR_MPSAFE, 717 NULL, wpi_intr, sc, &sc->sc_ih); 718 #endif 719 if (error != 0) { 720 device_printf(dev, "could not set up interrupt\n"); 721 goto fail; 722 } 723 724 if (bootverbose) 725 ieee80211_announce(ic); 726 #ifdef XXX_DEBUG 727 ieee80211_announce_channels(ic); 728 #endif 729 return 0; 730 731 fail: wpi_detach(dev); 732 return ENXIO; 733 } 734 735 static int 736 wpi_detach(device_t dev) 737 { 738 struct wpi_softc *sc = device_get_softc(dev); 739 struct ifnet *ifp = sc->sc_ifp; 740 struct ieee80211com *ic; 741 int ac; 742 743 if (sc->irq != NULL) 744 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 745 746 if (ifp != NULL) { 747 ic = ifp->if_l2com; 748 749 ieee80211_draintask(ic, &sc->sc_restarttask); 750 ieee80211_draintask(ic, &sc->sc_radiotask); 751 wpi_stop(sc); 752 callout_drain(&sc->watchdog_to); 753 callout_drain(&sc->calib_to); 754 ieee80211_ifdetach(ic); 755 } 756 757 WPI_LOCK(sc); 758 if (sc->txq[0].data_dmat) { 759 for (ac = 0; ac < WME_NUM_AC; ac++) 760 wpi_free_tx_ring(sc, &sc->txq[ac]); 761 762 wpi_free_tx_ring(sc, &sc->cmdq); 763 wpi_free_rx_ring(sc, &sc->rxq); 764 wpi_free_shared(sc); 765 } 766 767 if (sc->fw_fp != NULL) { 768 wpi_unload_firmware(sc); 769 } 770 771 if (sc->fw_dma.tag) 772 wpi_free_fwmem(sc); 773 WPI_UNLOCK(sc); 774 775 if (sc->irq != NULL) 776 bus_release_resource(dev, SYS_RES_IRQ, rman_get_rid(sc->irq), 777 sc->irq); 778 if (sc->mem != NULL) 779 bus_release_resource(dev, SYS_RES_MEMORY, 780 rman_get_rid(sc->mem), sc->mem); 781 782 if (ifp != NULL) 783 if_free(ifp); 784 785 WPI_LOCK_DESTROY(sc); 786 787 return 0; 788 } 789 790 static struct ieee80211vap * 791 wpi_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 792 enum ieee80211_opmode opmode, int flags, 793 const uint8_t bssid[IEEE80211_ADDR_LEN], 794 const uint8_t mac[IEEE80211_ADDR_LEN]) 795 { 796 struct wpi_vap *wvp; 797 struct ieee80211vap *vap; 798 799 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 800 return NULL; 801 wvp = (struct wpi_vap *) kmalloc(sizeof(struct wpi_vap), 802 M_80211_VAP, M_INTWAIT | M_ZERO); 803 if (wvp == NULL) 804 return NULL; 805 vap = &wvp->vap; 806 ieee80211_vap_setup(ic, vap, name, unit, opmode, flags, bssid, mac); 807 /* override with driver methods */ 808 wvp->newstate = vap->iv_newstate; 809 vap->iv_newstate = wpi_newstate; 810 811 ieee80211_ratectl_init(vap); 812 /* complete setup */ 813 ieee80211_vap_attach(vap, ieee80211_media_change, ieee80211_media_status); 814 ic->ic_opmode = opmode; 815 return vap; 816 } 817 818 static void 819 wpi_vap_delete(struct ieee80211vap *vap) 820 { 821 struct wpi_vap *wvp = WPI_VAP(vap); 822 823 ieee80211_ratectl_deinit(vap); 824 ieee80211_vap_detach(vap); 825 kfree(wvp, M_80211_VAP); 826 } 827 828 static void 829 wpi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nsegs, int error) 830 { 831 if (error != 0) 832 return; 833 834 KASSERT(nsegs == 1, ("too many DMA segments, %d should be 1", nsegs)); 835 836 *(bus_addr_t *)arg = segs[0].ds_addr; 837 } 838 839 /* 840 * Allocates a contiguous block of dma memory of the requested size and 841 * alignment. Due to limitations of the FreeBSD dma subsystem as of 20071217, 842 * allocations greater than 4096 may fail. Hence if the requested alignment is 843 * greater we allocate 'alignment' size extra memory and shift the vaddr and 844 * paddr after the dma load. This bypasses the problem at the cost of a little 845 * more memory. 846 */ 847 static int 848 wpi_dma_contig_alloc(struct wpi_softc *sc, struct wpi_dma_info *dma, 849 void **kvap, bus_size_t size, bus_size_t alignment, int flags) 850 { 851 int error; 852 bus_size_t align; 853 bus_size_t reqsize; 854 855 DPRINTFN(WPI_DEBUG_DMA, 856 ("Size: %zd - alignment %zd\n", size, alignment)); 857 858 dma->size = size; 859 dma->tag = NULL; 860 861 if (alignment > 4096) { 862 align = PAGE_SIZE; 863 reqsize = size + alignment; 864 } else { 865 align = alignment; 866 reqsize = size; 867 } 868 #if defined(__DragonFly__) 869 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), align, 870 0, BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, 871 NULL, NULL, reqsize, 872 1, reqsize, flags, 873 &dma->tag); 874 #else 875 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), align, 876 0, BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, 877 NULL, NULL, reqsize, 878 1, reqsize, flags, 879 NULL, NULL, &dma->tag); 880 #endif 881 if (error != 0) { 882 device_printf(sc->sc_dev, 883 "could not create shared page DMA tag\n"); 884 goto fail; 885 } 886 error = bus_dmamem_alloc(dma->tag, (void **)&dma->vaddr_start, 887 flags | BUS_DMA_ZERO, &dma->map); 888 if (error != 0) { 889 device_printf(sc->sc_dev, 890 "could not allocate shared page DMA memory\n"); 891 goto fail; 892 } 893 894 error = bus_dmamap_load(dma->tag, dma->map, dma->vaddr_start, 895 reqsize, wpi_dma_map_addr, &dma->paddr_start, flags); 896 897 /* Save the original pointers so we can free all the memory */ 898 dma->paddr = dma->paddr_start; 899 dma->vaddr = dma->vaddr_start; 900 901 /* 902 * Check the alignment and increment by 4096 until we get the 903 * requested alignment. Fail if can't obtain the alignment 904 * we requested. 905 */ 906 if ((dma->paddr & (alignment -1 )) != 0) { 907 int i; 908 909 for (i = 0; i < alignment / 4096; i++) { 910 if ((dma->paddr & (alignment - 1 )) == 0) 911 break; 912 dma->paddr += 4096; 913 dma->vaddr += 4096; 914 } 915 if (i == alignment / 4096) { 916 device_printf(sc->sc_dev, 917 "alignment requirement was not satisfied\n"); 918 goto fail; 919 } 920 } 921 922 if (error != 0) { 923 device_printf(sc->sc_dev, 924 "could not load shared page DMA map\n"); 925 goto fail; 926 } 927 928 if (kvap != NULL) 929 *kvap = dma->vaddr; 930 931 return 0; 932 933 fail: 934 wpi_dma_contig_free(dma); 935 return error; 936 } 937 938 static void 939 wpi_dma_contig_free(struct wpi_dma_info *dma) 940 { 941 if (dma->tag) { 942 if (dma->vaddr_start != NULL) { 943 if (dma->paddr_start != 0) { 944 bus_dmamap_sync(dma->tag, dma->map, 945 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 946 bus_dmamap_unload(dma->tag, dma->map); 947 } 948 bus_dmamem_free(dma->tag, dma->vaddr_start, dma->map); 949 } 950 bus_dma_tag_destroy(dma->tag); 951 } 952 } 953 954 /* 955 * Allocate a shared page between host and NIC. 956 */ 957 static int 958 wpi_alloc_shared(struct wpi_softc *sc) 959 { 960 int error; 961 962 error = wpi_dma_contig_alloc(sc, &sc->shared_dma, 963 (void **)&sc->shared, sizeof (struct wpi_shared), 964 PAGE_SIZE, 965 BUS_DMA_NOWAIT); 966 967 if (error != 0) { 968 device_printf(sc->sc_dev, 969 "could not allocate shared area DMA memory\n"); 970 } 971 972 return error; 973 } 974 975 static void 976 wpi_free_shared(struct wpi_softc *sc) 977 { 978 wpi_dma_contig_free(&sc->shared_dma); 979 } 980 981 static int 982 wpi_alloc_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 983 { 984 985 int i, error; 986 987 ring->cur = 0; 988 989 error = wpi_dma_contig_alloc(sc, &ring->desc_dma, 990 (void **)&ring->desc, WPI_RX_RING_COUNT * sizeof (uint32_t), 991 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 992 993 if (error != 0) { 994 device_printf(sc->sc_dev, 995 "%s: could not allocate rx ring DMA memory, error %d\n", 996 __func__, error); 997 goto fail; 998 } 999 1000 #if defined(__DragonFly__) 1001 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 1002 BUS_SPACE_MAXADDR_32BIT, 1003 BUS_SPACE_MAXADDR, NULL, NULL, MJUMPAGESIZE, 1, 1004 MJUMPAGESIZE, BUS_DMA_NOWAIT, &ring->data_dmat); 1005 #else 1006 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 1007 BUS_SPACE_MAXADDR_32BIT, 1008 BUS_SPACE_MAXADDR, NULL, NULL, MJUMPAGESIZE, 1, 1009 MJUMPAGESIZE, BUS_DMA_NOWAIT, NULL, NULL, &ring->data_dmat); 1010 #endif 1011 if (error != 0) { 1012 device_printf(sc->sc_dev, 1013 "%s: bus_dma_tag_create_failed, error %d\n", 1014 __func__, error); 1015 goto fail; 1016 } 1017 1018 /* 1019 * Setup Rx buffers. 1020 */ 1021 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 1022 struct wpi_rx_data *data = &ring->data[i]; 1023 struct mbuf *m; 1024 bus_addr_t paddr; 1025 1026 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 1027 if (error != 0) { 1028 device_printf(sc->sc_dev, 1029 "%s: bus_dmamap_create failed, error %d\n", 1030 __func__, error); 1031 goto fail; 1032 } 1033 m = m_getjcl(MB_DONTWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE); 1034 if (m == NULL) { 1035 device_printf(sc->sc_dev, 1036 "%s: could not allocate rx mbuf\n", __func__); 1037 error = ENOMEM; 1038 goto fail; 1039 } 1040 /* map page */ 1041 error = bus_dmamap_load(ring->data_dmat, data->map, 1042 mtod(m, caddr_t), MJUMPAGESIZE, 1043 wpi_dma_map_addr, &paddr, BUS_DMA_NOWAIT); 1044 if (error != 0 && error != EFBIG) { 1045 device_printf(sc->sc_dev, 1046 "%s: bus_dmamap_load failed, error %d\n", 1047 __func__, error); 1048 m_freem(m); 1049 error = ENOMEM; /* XXX unique code */ 1050 goto fail; 1051 } 1052 bus_dmamap_sync(ring->data_dmat, data->map, 1053 BUS_DMASYNC_PREWRITE); 1054 1055 data->m = m; 1056 ring->desc[i] = htole32(paddr); 1057 } 1058 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 1059 BUS_DMASYNC_PREWRITE); 1060 return 0; 1061 fail: 1062 wpi_free_rx_ring(sc, ring); 1063 return error; 1064 } 1065 1066 static void 1067 wpi_reset_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 1068 { 1069 int ntries; 1070 1071 wpi_mem_lock(sc); 1072 1073 WPI_WRITE(sc, WPI_RX_CONFIG, 0); 1074 1075 for (ntries = 0; ntries < 100; ntries++) { 1076 if (WPI_READ(sc, WPI_RX_STATUS) & WPI_RX_IDLE) 1077 break; 1078 DELAY(10); 1079 } 1080 1081 wpi_mem_unlock(sc); 1082 1083 #ifdef WPI_DEBUG 1084 if (ntries == 100 && wpi_debug > 0) 1085 device_printf(sc->sc_dev, "timeout resetting Rx ring\n"); 1086 #endif 1087 1088 ring->cur = 0; 1089 } 1090 1091 static void 1092 wpi_free_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 1093 { 1094 int i; 1095 1096 wpi_dma_contig_free(&ring->desc_dma); 1097 1098 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 1099 struct wpi_rx_data *data = &ring->data[i]; 1100 1101 if (data->m != NULL) { 1102 bus_dmamap_sync(ring->data_dmat, data->map, 1103 BUS_DMASYNC_POSTREAD); 1104 bus_dmamap_unload(ring->data_dmat, data->map); 1105 m_freem(data->m); 1106 } 1107 if (data->map != NULL) 1108 bus_dmamap_destroy(ring->data_dmat, data->map); 1109 } 1110 } 1111 1112 static int 1113 wpi_alloc_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring, int count, 1114 int qid) 1115 { 1116 struct wpi_tx_data *data; 1117 int i, error; 1118 1119 ring->qid = qid; 1120 ring->count = count; 1121 ring->queued = 0; 1122 ring->cur = 0; 1123 ring->data = NULL; 1124 1125 error = wpi_dma_contig_alloc(sc, &ring->desc_dma, 1126 (void **)&ring->desc, count * sizeof (struct wpi_tx_desc), 1127 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 1128 1129 if (error != 0) { 1130 device_printf(sc->sc_dev, "could not allocate tx dma memory\n"); 1131 goto fail; 1132 } 1133 1134 /* update shared page with ring's base address */ 1135 sc->shared->txbase[qid] = htole32(ring->desc_dma.paddr); 1136 1137 error = wpi_dma_contig_alloc(sc, &ring->cmd_dma, (void **)&ring->cmd, 1138 count * sizeof (struct wpi_tx_cmd), WPI_RING_DMA_ALIGN, 1139 BUS_DMA_NOWAIT); 1140 1141 if (error != 0) { 1142 device_printf(sc->sc_dev, 1143 "could not allocate tx command DMA memory\n"); 1144 goto fail; 1145 } 1146 1147 ring->data = kmalloc(count * sizeof (struct wpi_tx_data), M_DEVBUF, 1148 M_INTWAIT | M_ZERO); 1149 if (ring->data == NULL) { 1150 device_printf(sc->sc_dev, 1151 "could not allocate tx data slots\n"); 1152 goto fail; 1153 } 1154 1155 #if defined(__DragonFly__) 1156 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 1157 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1158 WPI_MAX_SCATTER - 1, MCLBYTES, BUS_DMA_NOWAIT, 1159 &ring->data_dmat); 1160 #else 1161 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 1162 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1163 WPI_MAX_SCATTER - 1, MCLBYTES, BUS_DMA_NOWAIT, NULL, NULL, 1164 &ring->data_dmat); 1165 #endif 1166 if (error != 0) { 1167 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 1168 goto fail; 1169 } 1170 1171 for (i = 0; i < count; i++) { 1172 data = &ring->data[i]; 1173 1174 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 1175 if (error != 0) { 1176 device_printf(sc->sc_dev, 1177 "could not create tx buf DMA map\n"); 1178 goto fail; 1179 } 1180 bus_dmamap_sync(ring->data_dmat, data->map, 1181 BUS_DMASYNC_PREWRITE); 1182 } 1183 1184 return 0; 1185 1186 fail: 1187 wpi_free_tx_ring(sc, ring); 1188 return error; 1189 } 1190 1191 static void 1192 wpi_reset_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 1193 { 1194 struct wpi_tx_data *data; 1195 int i, ntries; 1196 1197 wpi_mem_lock(sc); 1198 1199 WPI_WRITE(sc, WPI_TX_CONFIG(ring->qid), 0); 1200 for (ntries = 0; ntries < 100; ntries++) { 1201 if (WPI_READ(sc, WPI_TX_STATUS) & WPI_TX_IDLE(ring->qid)) 1202 break; 1203 DELAY(10); 1204 } 1205 #ifdef WPI_DEBUG 1206 if (ntries == 100 && wpi_debug > 0) 1207 device_printf(sc->sc_dev, "timeout resetting Tx ring %d\n", 1208 ring->qid); 1209 #endif 1210 wpi_mem_unlock(sc); 1211 1212 for (i = 0; i < ring->count; i++) { 1213 data = &ring->data[i]; 1214 1215 if (data->m != NULL) { 1216 bus_dmamap_unload(ring->data_dmat, data->map); 1217 m_freem(data->m); 1218 data->m = NULL; 1219 } 1220 } 1221 1222 ring->queued = 0; 1223 ring->cur = 0; 1224 } 1225 1226 static void 1227 wpi_free_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 1228 { 1229 struct wpi_tx_data *data; 1230 int i; 1231 1232 wpi_dma_contig_free(&ring->desc_dma); 1233 wpi_dma_contig_free(&ring->cmd_dma); 1234 1235 if (ring->data != NULL) { 1236 for (i = 0; i < ring->count; i++) { 1237 data = &ring->data[i]; 1238 1239 if (data->m != NULL) { 1240 bus_dmamap_sync(ring->data_dmat, data->map, 1241 BUS_DMASYNC_POSTWRITE); 1242 bus_dmamap_unload(ring->data_dmat, data->map); 1243 m_freem(data->m); 1244 data->m = NULL; 1245 } 1246 } 1247 kfree(ring->data, M_DEVBUF); 1248 } 1249 1250 if (ring->data_dmat != NULL) 1251 bus_dma_tag_destroy(ring->data_dmat); 1252 } 1253 1254 static int 1255 wpi_shutdown(device_t dev) 1256 { 1257 struct wpi_softc *sc = device_get_softc(dev); 1258 1259 WPI_LOCK(sc); 1260 wpi_stop_locked(sc); 1261 wpi_unload_firmware(sc); 1262 WPI_UNLOCK(sc); 1263 1264 return 0; 1265 } 1266 1267 static int 1268 wpi_suspend(device_t dev) 1269 { 1270 struct wpi_softc *sc = device_get_softc(dev); 1271 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 1272 1273 ieee80211_suspend_all(ic); 1274 return 0; 1275 } 1276 1277 static int 1278 wpi_resume(device_t dev) 1279 { 1280 struct wpi_softc *sc = device_get_softc(dev); 1281 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 1282 1283 pci_write_config(dev, 0x41, 0, 1); 1284 1285 ieee80211_resume_all(ic); 1286 return 0; 1287 } 1288 1289 /** 1290 * Called by net80211 when ever there is a change to 80211 state machine 1291 */ 1292 static int 1293 wpi_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 1294 { 1295 struct wpi_vap *wvp = WPI_VAP(vap); 1296 struct ieee80211com *ic = vap->iv_ic; 1297 struct ifnet *ifp = ic->ic_ifp; 1298 struct wpi_softc *sc = ifp->if_softc; 1299 int error; 1300 1301 DPRINTF(("%s: %s -> %s flags 0x%x\n", __func__, 1302 ieee80211_state_name[vap->iv_state], 1303 ieee80211_state_name[nstate], sc->flags)); 1304 1305 IEEE80211_UNLOCK(ic); 1306 WPI_LOCK(sc); 1307 if (nstate == IEEE80211_S_SCAN && vap->iv_state != IEEE80211_S_INIT) { 1308 /* 1309 * On !INIT -> SCAN transitions, we need to clear any possible 1310 * knowledge about associations. 1311 */ 1312 error = wpi_config(sc); 1313 if (error != 0) { 1314 device_printf(sc->sc_dev, 1315 "%s: device config failed, error %d\n", 1316 __func__, error); 1317 } 1318 } 1319 if (nstate == IEEE80211_S_AUTH || 1320 (nstate == IEEE80211_S_ASSOC && vap->iv_state == IEEE80211_S_RUN)) { 1321 /* 1322 * The node must be registered in the firmware before auth. 1323 * Also the associd must be cleared on RUN -> ASSOC 1324 * transitions. 1325 */ 1326 error = wpi_auth(sc, vap); 1327 if (error != 0) { 1328 device_printf(sc->sc_dev, 1329 "%s: could not move to auth state, error %d\n", 1330 __func__, error); 1331 } 1332 } 1333 if (nstate == IEEE80211_S_RUN && vap->iv_state != IEEE80211_S_RUN) { 1334 error = wpi_run(sc, vap); 1335 if (error != 0) { 1336 device_printf(sc->sc_dev, 1337 "%s: could not move to run state, error %d\n", 1338 __func__, error); 1339 } 1340 } 1341 if (nstate == IEEE80211_S_RUN) { 1342 /* RUN -> RUN transition; just restart the timers */ 1343 wpi_calib_timeout(sc); 1344 /* XXX split out rate control timer */ 1345 } 1346 WPI_UNLOCK(sc); 1347 IEEE80211_LOCK(ic); 1348 return wvp->newstate(vap, nstate, arg); 1349 } 1350 1351 /* 1352 * Grab exclusive access to NIC memory. 1353 */ 1354 static void 1355 wpi_mem_lock(struct wpi_softc *sc) 1356 { 1357 int ntries; 1358 uint32_t tmp; 1359 1360 tmp = WPI_READ(sc, WPI_GPIO_CTL); 1361 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_MAC); 1362 1363 /* spin until we actually get the lock */ 1364 for (ntries = 0; ntries < 100; ntries++) { 1365 if ((WPI_READ(sc, WPI_GPIO_CTL) & 1366 (WPI_GPIO_CLOCK | WPI_GPIO_SLEEP)) == WPI_GPIO_CLOCK) 1367 break; 1368 DELAY(10); 1369 } 1370 if (ntries == 100) 1371 device_printf(sc->sc_dev, "could not lock memory\n"); 1372 } 1373 1374 /* 1375 * Release lock on NIC memory. 1376 */ 1377 static void 1378 wpi_mem_unlock(struct wpi_softc *sc) 1379 { 1380 uint32_t tmp = WPI_READ(sc, WPI_GPIO_CTL); 1381 WPI_WRITE(sc, WPI_GPIO_CTL, tmp & ~WPI_GPIO_MAC); 1382 } 1383 1384 static uint32_t 1385 wpi_mem_read(struct wpi_softc *sc, uint16_t addr) 1386 { 1387 WPI_WRITE(sc, WPI_READ_MEM_ADDR, WPI_MEM_4 | addr); 1388 return WPI_READ(sc, WPI_READ_MEM_DATA); 1389 } 1390 1391 static void 1392 wpi_mem_write(struct wpi_softc *sc, uint16_t addr, uint32_t data) 1393 { 1394 WPI_WRITE(sc, WPI_WRITE_MEM_ADDR, WPI_MEM_4 | addr); 1395 WPI_WRITE(sc, WPI_WRITE_MEM_DATA, data); 1396 } 1397 1398 static void 1399 wpi_mem_write_region_4(struct wpi_softc *sc, uint16_t addr, 1400 const uint32_t *data, int wlen) 1401 { 1402 for (; wlen > 0; wlen--, data++, addr+=4) 1403 wpi_mem_write(sc, addr, *data); 1404 } 1405 1406 /* 1407 * Read data from the EEPROM. We access EEPROM through the MAC instead of 1408 * using the traditional bit-bang method. Data is read up until len bytes have 1409 * been obtained. 1410 */ 1411 static uint16_t 1412 wpi_read_prom_data(struct wpi_softc *sc, uint32_t addr, void *data, int len) 1413 { 1414 int ntries; 1415 uint32_t val; 1416 uint8_t *out = data; 1417 1418 wpi_mem_lock(sc); 1419 1420 for (; len > 0; len -= 2, addr++) { 1421 WPI_WRITE(sc, WPI_EEPROM_CTL, addr << 2); 1422 1423 for (ntries = 0; ntries < 10; ntries++) { 1424 if ((val = WPI_READ(sc, WPI_EEPROM_CTL)) & WPI_EEPROM_READY) 1425 break; 1426 DELAY(5); 1427 } 1428 1429 if (ntries == 10) { 1430 device_printf(sc->sc_dev, "could not read EEPROM\n"); 1431 return ETIMEDOUT; 1432 } 1433 1434 *out++= val >> 16; 1435 if (len > 1) 1436 *out ++= val >> 24; 1437 } 1438 1439 wpi_mem_unlock(sc); 1440 1441 return 0; 1442 } 1443 1444 /* 1445 * The firmware text and data segments are transferred to the NIC using DMA. 1446 * The driver just copies the firmware into DMA-safe memory and tells the NIC 1447 * where to find it. Once the NIC has copied the firmware into its internal 1448 * memory, we can free our local copy in the driver. 1449 */ 1450 static int 1451 wpi_load_microcode(struct wpi_softc *sc, const uint8_t *fw, int size) 1452 { 1453 int error, ntries; 1454 1455 DPRINTFN(WPI_DEBUG_HW,("Loading microcode size 0x%x\n", size)); 1456 1457 size /= sizeof(uint32_t); 1458 1459 wpi_mem_lock(sc); 1460 1461 wpi_mem_write_region_4(sc, WPI_MEM_UCODE_BASE, 1462 (const uint32_t *)fw, size); 1463 1464 wpi_mem_write(sc, WPI_MEM_UCODE_SRC, 0); 1465 wpi_mem_write(sc, WPI_MEM_UCODE_DST, WPI_FW_TEXT); 1466 wpi_mem_write(sc, WPI_MEM_UCODE_SIZE, size); 1467 1468 /* run microcode */ 1469 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_RUN); 1470 1471 /* wait while the adapter is busy copying the firmware */ 1472 for (error = 0, ntries = 0; ntries < 1000; ntries++) { 1473 uint32_t status = WPI_READ(sc, WPI_TX_STATUS); 1474 DPRINTFN(WPI_DEBUG_HW, 1475 ("firmware status=0x%x, val=0x%x, result=0x%x\n", status, 1476 WPI_TX_IDLE(6), status & WPI_TX_IDLE(6))); 1477 if (status & WPI_TX_IDLE(6)) { 1478 DPRINTFN(WPI_DEBUG_HW, 1479 ("Status Match! - ntries = %d\n", ntries)); 1480 break; 1481 } 1482 DELAY(10); 1483 } 1484 if (ntries == 1000) { 1485 device_printf(sc->sc_dev, "timeout transferring firmware\n"); 1486 error = ETIMEDOUT; 1487 } 1488 1489 /* start the microcode executing */ 1490 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_ENABLE); 1491 1492 wpi_mem_unlock(sc); 1493 1494 return (error); 1495 } 1496 1497 static void 1498 wpi_rx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc, 1499 struct wpi_rx_data *data) 1500 { 1501 struct ifnet *ifp = sc->sc_ifp; 1502 struct ieee80211com *ic = ifp->if_l2com; 1503 struct wpi_rx_ring *ring = &sc->rxq; 1504 struct wpi_rx_stat *stat; 1505 struct wpi_rx_head *head; 1506 struct wpi_rx_tail *tail; 1507 struct ieee80211_node *ni; 1508 struct mbuf *m, *mnew; 1509 bus_addr_t paddr; 1510 int error; 1511 1512 stat = (struct wpi_rx_stat *)(desc + 1); 1513 1514 if (stat->len > WPI_STAT_MAXLEN) { 1515 device_printf(sc->sc_dev, "invalid rx statistic header\n"); 1516 #if defined(__DragonFly__) 1517 IFNET_STAT_INC(ifp, ierrors, 1); 1518 #else 1519 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 1520 #endif 1521 return; 1522 } 1523 1524 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_POSTREAD); 1525 head = (struct wpi_rx_head *)((caddr_t)(stat + 1) + stat->len); 1526 tail = (struct wpi_rx_tail *)((caddr_t)(head + 1) + le16toh(head->len)); 1527 1528 DPRINTFN(WPI_DEBUG_RX, ("rx intr: idx=%d len=%d stat len=%d rssi=%d " 1529 "rate=%x chan=%d tstamp=%ju\n", ring->cur, le32toh(desc->len), 1530 le16toh(head->len), (int8_t)stat->rssi, head->rate, head->chan, 1531 (uintmax_t)le64toh(tail->tstamp))); 1532 1533 /* discard Rx frames with bad CRC early */ 1534 if ((le32toh(tail->flags) & WPI_RX_NOERROR) != WPI_RX_NOERROR) { 1535 DPRINTFN(WPI_DEBUG_RX, ("%s: rx flags error %x\n", __func__, 1536 le32toh(tail->flags))); 1537 #if defined(__DragonFly__) 1538 IFNET_STAT_INC(ifp, ierrors, 1); 1539 #else 1540 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 1541 #endif 1542 return; 1543 } 1544 if (le16toh(head->len) < sizeof (struct ieee80211_frame)) { 1545 DPRINTFN(WPI_DEBUG_RX, ("%s: frame too short: %d\n", __func__, 1546 le16toh(head->len))); 1547 #if defined(__DragonFly__) 1548 IFNET_STAT_INC(ifp, ierrors, 1); 1549 #else 1550 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 1551 #endif 1552 return; 1553 } 1554 1555 /* XXX don't need mbuf, just dma buffer */ 1556 mnew = m_getjcl(MB_DONTWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE); 1557 if (mnew == NULL) { 1558 DPRINTFN(WPI_DEBUG_RX, ("%s: no mbuf to restock ring\n", 1559 __func__)); 1560 #if defined(__DragonFly__) 1561 IFNET_STAT_INC(ifp, ierrors, 1); 1562 #else 1563 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 1564 #endif 1565 return; 1566 } 1567 bus_dmamap_unload(ring->data_dmat, data->map); 1568 1569 error = bus_dmamap_load(ring->data_dmat, data->map, 1570 mtod(mnew, caddr_t), MJUMPAGESIZE, 1571 wpi_dma_map_addr, &paddr, BUS_DMA_NOWAIT); 1572 if (error != 0 && error != EFBIG) { 1573 device_printf(sc->sc_dev, 1574 "%s: bus_dmamap_load failed, error %d\n", __func__, error); 1575 m_freem(mnew); 1576 #if defined(__DragonFly__) 1577 IFNET_STAT_INC(ifp, ierrors, 1); 1578 #else 1579 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 1580 #endif 1581 return; 1582 } 1583 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1584 1585 /* finalize mbuf and swap in new one */ 1586 m = data->m; 1587 m->m_pkthdr.rcvif = ifp; 1588 m->m_data = (caddr_t)(head + 1); 1589 m->m_pkthdr.len = m->m_len = le16toh(head->len); 1590 1591 data->m = mnew; 1592 /* update Rx descriptor */ 1593 ring->desc[ring->cur] = htole32(paddr); 1594 1595 if (ieee80211_radiotap_active(ic)) { 1596 struct wpi_rx_radiotap_header *tap = &sc->sc_rxtap; 1597 1598 tap->wr_flags = 0; 1599 tap->wr_chan_freq = 1600 htole16(ic->ic_channels[head->chan].ic_freq); 1601 tap->wr_chan_flags = 1602 htole16(ic->ic_channels[head->chan].ic_flags); 1603 tap->wr_dbm_antsignal = (int8_t)(stat->rssi - WPI_RSSI_OFFSET); 1604 tap->wr_dbm_antnoise = (int8_t)le16toh(stat->noise); 1605 tap->wr_tsft = tail->tstamp; 1606 tap->wr_antenna = (le16toh(head->flags) >> 4) & 0xf; 1607 switch (head->rate) { 1608 /* CCK rates */ 1609 case 10: tap->wr_rate = 2; break; 1610 case 20: tap->wr_rate = 4; break; 1611 case 55: tap->wr_rate = 11; break; 1612 case 110: tap->wr_rate = 22; break; 1613 /* OFDM rates */ 1614 case 0xd: tap->wr_rate = 12; break; 1615 case 0xf: tap->wr_rate = 18; break; 1616 case 0x5: tap->wr_rate = 24; break; 1617 case 0x7: tap->wr_rate = 36; break; 1618 case 0x9: tap->wr_rate = 48; break; 1619 case 0xb: tap->wr_rate = 72; break; 1620 case 0x1: tap->wr_rate = 96; break; 1621 case 0x3: tap->wr_rate = 108; break; 1622 /* unknown rate: should not happen */ 1623 default: tap->wr_rate = 0; 1624 } 1625 if (le16toh(head->flags) & 0x4) 1626 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1627 } 1628 1629 WPI_UNLOCK(sc); 1630 1631 ni = ieee80211_find_rxnode(ic, mtod(m, struct ieee80211_frame_min *)); 1632 if (ni != NULL) { 1633 (void) ieee80211_input(ni, m, stat->rssi, 0); 1634 ieee80211_free_node(ni); 1635 } else 1636 (void) ieee80211_input_all(ic, m, stat->rssi, 0); 1637 1638 WPI_LOCK(sc); 1639 } 1640 1641 static void 1642 wpi_tx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1643 { 1644 struct ifnet *ifp = sc->sc_ifp; 1645 struct wpi_tx_ring *ring = &sc->txq[desc->qid & 0x3]; 1646 struct wpi_tx_data *txdata = &ring->data[desc->idx]; 1647 struct wpi_tx_stat *stat = (struct wpi_tx_stat *)(desc + 1); 1648 struct ieee80211_node *ni = txdata->ni; 1649 struct ieee80211vap *vap = ni->ni_vap; 1650 int retrycnt = 0; 1651 1652 DPRINTFN(WPI_DEBUG_TX, ("tx done: qid=%d idx=%d retries=%d nkill=%d " 1653 "rate=%x duration=%d status=%x\n", desc->qid, desc->idx, 1654 stat->ntries, stat->nkill, stat->rate, le32toh(stat->duration), 1655 le32toh(stat->status))); 1656 1657 /* 1658 * Update rate control statistics for the node. 1659 * XXX we should not count mgmt frames since they're always sent at 1660 * the lowest available bit-rate. 1661 * XXX frames w/o ACK shouldn't be used either 1662 */ 1663 if (stat->ntries > 0) { 1664 DPRINTFN(WPI_DEBUG_TX, ("%d retries\n", stat->ntries)); 1665 retrycnt = 1; 1666 } 1667 ieee80211_ratectl_tx_complete(vap, ni, IEEE80211_RATECTL_TX_SUCCESS, 1668 &retrycnt, NULL); 1669 1670 /* XXX oerrors should only count errors !maxtries */ 1671 #if defined(__DragonFly__) 1672 if ((le32toh(stat->status) & 0xff) != 1) 1673 IFNET_STAT_INC(ifp, oerrors, 1); 1674 else 1675 IFNET_STAT_INC(ifp, opackets, 1); 1676 #else 1677 if ((le32toh(stat->status) & 0xff) != 1) 1678 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 1679 else 1680 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 1681 #endif 1682 1683 bus_dmamap_sync(ring->data_dmat, txdata->map, BUS_DMASYNC_POSTWRITE); 1684 bus_dmamap_unload(ring->data_dmat, txdata->map); 1685 /* XXX handle M_TXCB? */ 1686 m_freem(txdata->m); 1687 txdata->m = NULL; 1688 ieee80211_free_node(txdata->ni); 1689 txdata->ni = NULL; 1690 1691 ring->queued--; 1692 1693 sc->sc_tx_timer = 0; 1694 #if defined(__DragonFly__) 1695 ifq_clr_oactive(&ifp->if_snd); 1696 #else 1697 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 1698 #endif 1699 wpi_start_locked(ifp); 1700 } 1701 1702 static void 1703 wpi_cmd_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1704 { 1705 struct wpi_tx_ring *ring = &sc->cmdq; 1706 struct wpi_tx_data *data; 1707 1708 DPRINTFN(WPI_DEBUG_CMD, ("cmd notification qid=%x idx=%d flags=%x " 1709 "type=%s len=%d\n", desc->qid, desc->idx, 1710 desc->flags, wpi_cmd_str(desc->type), 1711 le32toh(desc->len))); 1712 1713 if ((desc->qid & 7) != 4) 1714 return; /* not a command ack */ 1715 1716 data = &ring->data[desc->idx]; 1717 1718 /* if the command was mapped in a mbuf, free it */ 1719 if (data->m != NULL) { 1720 bus_dmamap_unload(ring->data_dmat, data->map); 1721 m_freem(data->m); 1722 data->m = NULL; 1723 } 1724 1725 sc->flags &= ~WPI_FLAG_BUSY; 1726 wakeup(&ring->cmd[desc->idx]); 1727 } 1728 1729 static void 1730 wpi_notif_intr(struct wpi_softc *sc) 1731 { 1732 struct ifnet *ifp = sc->sc_ifp; 1733 struct ieee80211com *ic = ifp->if_l2com; 1734 struct wpi_rx_desc *desc; 1735 struct wpi_rx_data *data; 1736 uint32_t hw; 1737 1738 bus_dmamap_sync(sc->shared_dma.tag, sc->shared_dma.map, 1739 BUS_DMASYNC_POSTREAD); 1740 1741 hw = le32toh(sc->shared->next); 1742 while (sc->rxq.cur != hw) { 1743 data = &sc->rxq.data[sc->rxq.cur]; 1744 1745 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1746 BUS_DMASYNC_POSTREAD); 1747 desc = (void *)data->m->m_ext.ext_buf; 1748 1749 DPRINTFN(WPI_DEBUG_NOTIFY, 1750 ("notify qid=%x idx=%d flags=%x type=%d len=%d\n", 1751 desc->qid, 1752 desc->idx, 1753 desc->flags, 1754 desc->type, 1755 le32toh(desc->len))); 1756 1757 if (!(desc->qid & 0x80)) /* reply to a command */ 1758 wpi_cmd_intr(sc, desc); 1759 1760 switch (desc->type) { 1761 case WPI_RX_DONE: 1762 /* a 802.11 frame was received */ 1763 wpi_rx_intr(sc, desc, data); 1764 break; 1765 1766 case WPI_TX_DONE: 1767 /* a 802.11 frame has been transmitted */ 1768 wpi_tx_intr(sc, desc); 1769 break; 1770 1771 case WPI_UC_READY: 1772 { 1773 struct wpi_ucode_info *uc = 1774 (struct wpi_ucode_info *)(desc + 1); 1775 1776 /* the microcontroller is ready */ 1777 DPRINTF(("microcode alive notification version %x " 1778 "alive %x\n", le32toh(uc->version), 1779 le32toh(uc->valid))); 1780 1781 if (le32toh(uc->valid) != 1) { 1782 device_printf(sc->sc_dev, 1783 "microcontroller initialization failed\n"); 1784 wpi_stop_locked(sc); 1785 } 1786 break; 1787 } 1788 case WPI_STATE_CHANGED: 1789 { 1790 uint32_t *status = (uint32_t *)(desc + 1); 1791 1792 /* enabled/disabled notification */ 1793 DPRINTF(("state changed to %x\n", le32toh(*status))); 1794 1795 if (le32toh(*status) & 1) { 1796 device_printf(sc->sc_dev, 1797 "Radio transmitter is switched off\n"); 1798 sc->flags |= WPI_FLAG_HW_RADIO_OFF; 1799 #if defined(__DragonFly__) 1800 ifp->if_flags &= ~IFF_RUNNING; 1801 #else 1802 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 1803 #endif 1804 /* Disable firmware commands */ 1805 WPI_WRITE(sc, WPI_UCODE_SET, WPI_DISABLE_CMD); 1806 } 1807 break; 1808 } 1809 case WPI_START_SCAN: 1810 { 1811 #ifdef WPI_DEBUG 1812 struct wpi_start_scan *scan = 1813 (struct wpi_start_scan *)(desc + 1); 1814 #endif 1815 1816 DPRINTFN(WPI_DEBUG_SCANNING, 1817 ("scanning channel %d status %x\n", 1818 scan->chan, le32toh(scan->status))); 1819 break; 1820 } 1821 case WPI_STOP_SCAN: 1822 { 1823 #ifdef WPI_DEBUG 1824 struct wpi_stop_scan *scan = 1825 (struct wpi_stop_scan *)(desc + 1); 1826 #endif 1827 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1828 1829 DPRINTFN(WPI_DEBUG_SCANNING, 1830 ("scan finished nchan=%d status=%d chan=%d\n", 1831 scan->nchan, scan->status, scan->chan)); 1832 1833 sc->sc_scan_timer = 0; 1834 ieee80211_scan_next(vap); 1835 break; 1836 } 1837 case WPI_MISSED_BEACON: 1838 { 1839 struct wpi_missed_beacon *beacon = 1840 (struct wpi_missed_beacon *)(desc + 1); 1841 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1842 1843 if (le32toh(beacon->consecutive) >= 1844 vap->iv_bmissthreshold) { 1845 DPRINTF(("Beacon miss: %u >= %u\n", 1846 le32toh(beacon->consecutive), 1847 vap->iv_bmissthreshold)); 1848 ieee80211_beacon_miss(ic); 1849 } 1850 break; 1851 } 1852 } 1853 1854 sc->rxq.cur = (sc->rxq.cur + 1) % WPI_RX_RING_COUNT; 1855 } 1856 1857 /* tell the firmware what we have processed */ 1858 hw = (hw == 0) ? WPI_RX_RING_COUNT - 1 : hw - 1; 1859 WPI_WRITE(sc, WPI_RX_WIDX, hw & ~7); 1860 } 1861 1862 static void 1863 wpi_intr(void *arg) 1864 { 1865 struct wpi_softc *sc = arg; 1866 uint32_t r; 1867 1868 WPI_LOCK(sc); 1869 1870 r = WPI_READ(sc, WPI_INTR); 1871 if (r == 0 || r == 0xffffffff) { 1872 WPI_UNLOCK(sc); 1873 return; 1874 } 1875 1876 /* disable interrupts */ 1877 WPI_WRITE(sc, WPI_MASK, 0); 1878 /* ack interrupts */ 1879 WPI_WRITE(sc, WPI_INTR, r); 1880 1881 if (r & (WPI_SW_ERROR | WPI_HW_ERROR)) { 1882 struct ifnet *ifp = sc->sc_ifp; 1883 struct ieee80211com *ic = ifp->if_l2com; 1884 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1885 1886 device_printf(sc->sc_dev, "fatal firmware error\n"); 1887 DPRINTFN(6,("(%s)\n", (r & WPI_SW_ERROR) ? "(Software Error)" : 1888 "(Hardware Error)")); 1889 if (vap != NULL) 1890 ieee80211_cancel_scan(vap); 1891 ieee80211_runtask(ic, &sc->sc_restarttask); 1892 sc->flags &= ~WPI_FLAG_BUSY; 1893 WPI_UNLOCK(sc); 1894 return; 1895 } 1896 1897 if (r & WPI_RX_INTR) 1898 wpi_notif_intr(sc); 1899 1900 if (r & WPI_ALIVE_INTR) /* firmware initialized */ 1901 wakeup(sc); 1902 1903 /* re-enable interrupts */ 1904 if (sc->sc_ifp->if_flags & IFF_UP) 1905 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 1906 1907 WPI_UNLOCK(sc); 1908 } 1909 1910 static uint8_t 1911 wpi_plcp_signal(int rate) 1912 { 1913 switch (rate) { 1914 /* CCK rates (returned values are device-dependent) */ 1915 case 2: return 10; 1916 case 4: return 20; 1917 case 11: return 55; 1918 case 22: return 110; 1919 1920 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1921 /* R1-R4 (ral/ural is R4-R1) */ 1922 case 12: return 0xd; 1923 case 18: return 0xf; 1924 case 24: return 0x5; 1925 case 36: return 0x7; 1926 case 48: return 0x9; 1927 case 72: return 0xb; 1928 case 96: return 0x1; 1929 case 108: return 0x3; 1930 1931 /* unsupported rates (should not get there) */ 1932 default: return 0; 1933 } 1934 } 1935 1936 /* quickly determine if a given rate is CCK or OFDM */ 1937 #define WPI_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1938 1939 /* 1940 * Construct the data packet for a transmit buffer and acutally put 1941 * the buffer onto the transmit ring, kicking the card to process the 1942 * the buffer. 1943 */ 1944 static int 1945 wpi_tx_data(struct wpi_softc *sc, struct mbuf *m0, struct ieee80211_node *ni, 1946 int ac) 1947 { 1948 struct ieee80211vap *vap = ni->ni_vap; 1949 struct ifnet *ifp = sc->sc_ifp; 1950 struct ieee80211com *ic = ifp->if_l2com; 1951 const struct chanAccParams *cap = &ic->ic_wme.wme_chanParams; 1952 struct wpi_tx_ring *ring = &sc->txq[ac]; 1953 struct wpi_tx_desc *desc; 1954 struct wpi_tx_data *data; 1955 struct wpi_tx_cmd *cmd; 1956 struct wpi_cmd_data *tx; 1957 struct ieee80211_frame *wh; 1958 const struct ieee80211_txparam *tp; 1959 struct ieee80211_key *k; 1960 struct mbuf *mnew; 1961 int i, error, nsegs, rate, hdrlen, ismcast; 1962 bus_dma_segment_t segs[WPI_MAX_SCATTER]; 1963 1964 desc = &ring->desc[ring->cur]; 1965 data = &ring->data[ring->cur]; 1966 1967 wh = mtod(m0, struct ieee80211_frame *); 1968 1969 hdrlen = ieee80211_hdrsize(wh); 1970 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1971 1972 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1973 k = ieee80211_crypto_encap(ni, m0); 1974 if (k == NULL) { 1975 m_freem(m0); 1976 return ENOBUFS; 1977 } 1978 /* packet header may have moved, reset our local pointer */ 1979 wh = mtod(m0, struct ieee80211_frame *); 1980 } 1981 1982 cmd = &ring->cmd[ring->cur]; 1983 cmd->code = WPI_CMD_TX_DATA; 1984 cmd->flags = 0; 1985 cmd->qid = ring->qid; 1986 cmd->idx = ring->cur; 1987 1988 tx = (struct wpi_cmd_data *)cmd->data; 1989 tx->flags = htole32(WPI_TX_AUTO_SEQ); 1990 tx->timeout = htole16(0); 1991 tx->ofdm_mask = 0xff; 1992 tx->cck_mask = 0x0f; 1993 tx->lifetime = htole32(WPI_LIFETIME_INFINITE); 1994 tx->id = ismcast ? WPI_ID_BROADCAST : WPI_ID_BSS; 1995 tx->len = htole16(m0->m_pkthdr.len); 1996 1997 if (!ismcast) { 1998 if ((ni->ni_flags & IEEE80211_NODE_QOS) == 0 || 1999 !cap->cap_wmeParams[ac].wmep_noackPolicy) 2000 tx->flags |= htole32(WPI_TX_NEED_ACK); 2001 if (m0->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold) { 2002 tx->flags |= htole32(WPI_TX_NEED_RTS|WPI_TX_FULL_TXOP); 2003 tx->rts_ntries = 7; 2004 } 2005 } 2006 /* pick a rate */ 2007 tp = &vap->iv_txparms[ieee80211_chan2mode(ni->ni_chan)]; 2008 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == IEEE80211_FC0_TYPE_MGT) { 2009 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2010 /* tell h/w to set timestamp in probe responses */ 2011 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 2012 tx->flags |= htole32(WPI_TX_INSERT_TSTAMP); 2013 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 2014 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 2015 tx->timeout = htole16(3); 2016 else 2017 tx->timeout = htole16(2); 2018 rate = tp->mgmtrate; 2019 } else if (ismcast) { 2020 rate = tp->mcastrate; 2021 } else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2022 rate = tp->ucastrate; 2023 } else { 2024 (void) ieee80211_ratectl_rate(ni, NULL, 0); 2025 rate = ni->ni_txrate; 2026 } 2027 tx->rate = wpi_plcp_signal(rate); 2028 2029 /* be very persistant at sending frames out */ 2030 #if 0 2031 tx->data_ntries = tp->maxretry; 2032 #else 2033 tx->data_ntries = 15; /* XXX way too high */ 2034 #endif 2035 2036 if (ieee80211_radiotap_active_vap(vap)) { 2037 struct wpi_tx_radiotap_header *tap = &sc->sc_txtap; 2038 tap->wt_flags = 0; 2039 tap->wt_rate = rate; 2040 tap->wt_hwqueue = ac; 2041 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) 2042 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2043 2044 ieee80211_radiotap_tx(vap, m0); 2045 } 2046 2047 /* save and trim IEEE802.11 header */ 2048 m_copydata(m0, 0, hdrlen, (caddr_t)&tx->wh); 2049 m_adj(m0, hdrlen); 2050 2051 #if defined(__DragonFly__) 2052 error = bus_dmamap_load_mbuf_segment(ring->data_dmat, data->map, 2053 m0, segs, 1, &nsegs, BUS_DMA_NOWAIT); 2054 #else 2055 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, m0, segs, 2056 &nsegs, BUS_DMA_NOWAIT); 2057 #endif 2058 if (error != 0 && error != EFBIG) { 2059 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 2060 error); 2061 m_freem(m0); 2062 return error; 2063 } 2064 if (error != 0) { 2065 /* XXX use m_collapse */ 2066 mnew = m_defrag(m0, MB_DONTWAIT); 2067 if (mnew == NULL) { 2068 device_printf(sc->sc_dev, 2069 "could not defragment mbuf\n"); 2070 m_freem(m0); 2071 return ENOBUFS; 2072 } 2073 m0 = mnew; 2074 2075 #if defined(__DragonFly__) 2076 error = bus_dmamap_load_mbuf_segment(ring->data_dmat, 2077 data->map, m0, segs, 1, &nsegs, BUS_DMA_NOWAIT); 2078 #else 2079 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, 2080 m0, segs, &nsegs, BUS_DMA_NOWAIT); 2081 #endif 2082 if (error != 0) { 2083 device_printf(sc->sc_dev, 2084 "could not map mbuf (error %d)\n", error); 2085 m_freem(m0); 2086 return error; 2087 } 2088 } 2089 2090 data->m = m0; 2091 data->ni = ni; 2092 2093 DPRINTFN(WPI_DEBUG_TX, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 2094 ring->qid, ring->cur, m0->m_pkthdr.len, nsegs)); 2095 2096 /* first scatter/gather segment is used by the tx data command */ 2097 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 2098 (1 + nsegs) << 24); 2099 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 2100 ring->cur * sizeof (struct wpi_tx_cmd)); 2101 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_data)); 2102 for (i = 1; i <= nsegs; i++) { 2103 desc->segs[i].addr = htole32(segs[i - 1].ds_addr); 2104 desc->segs[i].len = htole32(segs[i - 1].ds_len); 2105 } 2106 2107 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 2108 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 2109 BUS_DMASYNC_PREWRITE); 2110 2111 ring->queued++; 2112 2113 /* kick ring */ 2114 ring->cur = (ring->cur + 1) % WPI_TX_RING_COUNT; 2115 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2116 2117 return 0; 2118 } 2119 2120 /** 2121 * Process data waiting to be sent on the IFNET output queue 2122 */ 2123 static void 2124 wpi_start(struct ifnet *ifp, struct ifaltq_subque *ifsq) 2125 { 2126 struct wpi_softc *sc = ifp->if_softc; 2127 2128 ASSERT_ALTQ_SQ_DEFAULT(ifp, ifsq); 2129 2130 WPI_LOCK(sc); 2131 wpi_start_locked(ifp); 2132 WPI_UNLOCK(sc); 2133 } 2134 2135 static void 2136 wpi_start_locked(struct ifnet *ifp) 2137 { 2138 struct wpi_softc *sc = ifp->if_softc; 2139 struct ieee80211_node *ni; 2140 struct mbuf *m; 2141 int ac; 2142 2143 WPI_LOCK_ASSERT(sc); 2144 2145 #if defined(__DragonFly__) 2146 if ((ifp->if_flags & IFF_RUNNING) == 0) 2147 return; 2148 #else 2149 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 2150 return; 2151 #endif 2152 2153 for (;;) { 2154 #if defined(__DragonFly__) 2155 m = ifq_dequeue(&ifp->if_snd); 2156 #else 2157 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 2158 #endif 2159 if (m == NULL) 2160 break; 2161 ac = M_WME_GETAC(m); 2162 if (sc->txq[ac].queued > sc->txq[ac].count - 8) { 2163 /* there is no place left in this ring */ 2164 #if defined(__DragonFly__) 2165 ifq_prepend(&ifp->if_snd, m); 2166 ifq_set_oactive(&ifp->if_snd); 2167 #else 2168 IFQ_DRV_PREPEND(&ifp->if_snd, m); 2169 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 2170 #endif 2171 break; 2172 } 2173 ni = (struct ieee80211_node *) m->m_pkthdr.rcvif; 2174 if (wpi_tx_data(sc, m, ni, ac) != 0) { 2175 ieee80211_free_node(ni); 2176 #if defined(__DragonFly__) 2177 IFNET_STAT_INC(ifp, oerrors, 1); 2178 #else 2179 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 2180 #endif 2181 break; 2182 } 2183 sc->sc_tx_timer = 5; 2184 } 2185 } 2186 2187 static int 2188 wpi_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 2189 const struct ieee80211_bpf_params *params) 2190 { 2191 struct ieee80211com *ic = ni->ni_ic; 2192 struct ifnet *ifp = ic->ic_ifp; 2193 struct wpi_softc *sc = ifp->if_softc; 2194 2195 /* prevent management frames from being sent if we're not ready */ 2196 #if defined(__DragonFly__) 2197 if (!(ifp->if_flags & IFF_RUNNING)) { 2198 m_freem(m); 2199 ieee80211_free_node(ni); 2200 return ENETDOWN; 2201 } 2202 #else 2203 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 2204 m_freem(m); 2205 ieee80211_free_node(ni); 2206 return ENETDOWN; 2207 } 2208 #endif 2209 WPI_LOCK(sc); 2210 2211 /* management frames go into ring 0 */ 2212 if (sc->txq[0].queued > sc->txq[0].count - 8) { 2213 #if defined(__DragonFly__) 2214 ifq_set_oactive(&ifp->if_snd); 2215 #else 2216 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 2217 #endif 2218 m_freem(m); 2219 WPI_UNLOCK(sc); 2220 ieee80211_free_node(ni); 2221 return ENOBUFS; /* XXX */ 2222 } 2223 2224 #if defined(__DragonFly__) 2225 IFNET_STAT_INC(ifp, opackets, 1); 2226 #else 2227 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 2228 #endif 2229 if (wpi_tx_data(sc, m, ni, 0) != 0) 2230 goto bad; 2231 sc->sc_tx_timer = 5; 2232 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc); 2233 2234 WPI_UNLOCK(sc); 2235 return 0; 2236 bad: 2237 #if defined(__DragonFly__) 2238 IFNET_STAT_INC(ifp, oerrors, 1); 2239 #else 2240 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 2241 #endif 2242 WPI_UNLOCK(sc); 2243 ieee80211_free_node(ni); 2244 return EIO; /* XXX */ 2245 } 2246 2247 static int 2248 wpi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, 2249 struct ucred *cred __unused) 2250 { 2251 struct wpi_softc *sc = ifp->if_softc; 2252 struct ieee80211com *ic = ifp->if_l2com; 2253 struct ifreq *ifr = (struct ifreq *) data; 2254 int error = 0, startall = 0; 2255 2256 switch (cmd) { 2257 case SIOCSIFFLAGS: 2258 WPI_LOCK(sc); 2259 #if defined(__DragonFly__) 2260 if ((ifp->if_flags & IFF_UP)) { 2261 if (!(ifp->if_flags & IFF_RUNNING)) { 2262 wpi_init_locked(sc, 0); 2263 startall = 1; 2264 } 2265 } else if ((ifp->if_flags & IFF_RUNNING) || 2266 (sc->flags & WPI_FLAG_HW_RADIO_OFF)) 2267 wpi_stop_locked(sc); 2268 #else 2269 if ((ifp->if_flags & IFF_UP)) { 2270 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 2271 wpi_init_locked(sc, 0); 2272 startall = 1; 2273 } 2274 } else if ((ifp->if_drv_flags & IFF_DRV_RUNNING) || 2275 (sc->flags & WPI_FLAG_HW_RADIO_OFF)) 2276 wpi_stop_locked(sc); 2277 #endif 2278 WPI_UNLOCK(sc); 2279 if (startall) 2280 ieee80211_start_all(ic); 2281 break; 2282 case SIOCGIFMEDIA: 2283 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 2284 break; 2285 case SIOCGIFADDR: 2286 error = ether_ioctl(ifp, cmd, data); 2287 break; 2288 default: 2289 error = EINVAL; 2290 break; 2291 } 2292 return error; 2293 } 2294 2295 /* 2296 * Extract various information from EEPROM. 2297 */ 2298 static void 2299 wpi_read_eeprom(struct wpi_softc *sc, uint8_t macaddr[IEEE80211_ADDR_LEN]) 2300 { 2301 int i; 2302 2303 /* read the hardware capabilities, revision and SKU type */ 2304 wpi_read_prom_data(sc, WPI_EEPROM_CAPABILITIES, &sc->cap,1); 2305 wpi_read_prom_data(sc, WPI_EEPROM_REVISION, &sc->rev,2); 2306 wpi_read_prom_data(sc, WPI_EEPROM_TYPE, &sc->type, 1); 2307 2308 /* read the regulatory domain */ 2309 wpi_read_prom_data(sc, WPI_EEPROM_DOMAIN, sc->domain, 4); 2310 2311 /* read in the hw MAC address */ 2312 wpi_read_prom_data(sc, WPI_EEPROM_MAC, macaddr, 6); 2313 2314 /* read the list of authorized channels */ 2315 for (i = 0; i < WPI_CHAN_BANDS_COUNT; i++) 2316 wpi_read_eeprom_channels(sc,i); 2317 2318 /* read the power level calibration info for each group */ 2319 for (i = 0; i < WPI_POWER_GROUPS_COUNT; i++) 2320 wpi_read_eeprom_group(sc,i); 2321 } 2322 2323 /* 2324 * Send a command to the firmware. 2325 */ 2326 static int 2327 wpi_cmd(struct wpi_softc *sc, int code, const void *buf, int size, int async) 2328 { 2329 struct wpi_tx_ring *ring = &sc->cmdq; 2330 struct wpi_tx_desc *desc; 2331 struct wpi_tx_cmd *cmd; 2332 2333 #ifdef WPI_DEBUG 2334 if (!async) { 2335 WPI_LOCK_ASSERT(sc); 2336 } 2337 #endif 2338 2339 DPRINTFN(WPI_DEBUG_CMD,("wpi_cmd %d size %d async %d\n", code, size, 2340 async)); 2341 2342 if (sc->flags & WPI_FLAG_BUSY) { 2343 device_printf(sc->sc_dev, "%s: cmd %d not sent, busy\n", 2344 __func__, code); 2345 return EAGAIN; 2346 } 2347 sc->flags|= WPI_FLAG_BUSY; 2348 2349 KASSERT(size <= sizeof cmd->data, ("command %d too large: %d bytes", 2350 code, size)); 2351 2352 desc = &ring->desc[ring->cur]; 2353 cmd = &ring->cmd[ring->cur]; 2354 2355 cmd->code = code; 2356 cmd->flags = 0; 2357 cmd->qid = ring->qid; 2358 cmd->idx = ring->cur; 2359 memcpy(cmd->data, buf, size); 2360 2361 desc->flags = htole32(WPI_PAD32(size) << 28 | 1 << 24); 2362 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 2363 ring->cur * sizeof (struct wpi_tx_cmd)); 2364 desc->segs[0].len = htole32(4 + size); 2365 2366 /* kick cmd ring */ 2367 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2368 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2369 2370 if (async) { 2371 sc->flags &= ~ WPI_FLAG_BUSY; 2372 return 0; 2373 } 2374 2375 #if defined(__DragonFly__) 2376 return wpi_sleep(sc, cmd, PCATCH, "wpicmd", hz); 2377 #else 2378 return msleep(cmd, &sc->sc_mtx, PCATCH, "wpicmd", hz); 2379 #endif 2380 } 2381 2382 static int 2383 wpi_wme_update(struct ieee80211com *ic) 2384 { 2385 #define WPI_EXP2(v) htole16((1 << (v)) - 1) 2386 #define WPI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 2387 struct wpi_softc *sc = ic->ic_ifp->if_softc; 2388 const struct wmeParams *wmep; 2389 struct wpi_wme_setup wme; 2390 int ac; 2391 2392 /* don't override default WME values if WME is not actually enabled */ 2393 if (!(ic->ic_flags & IEEE80211_F_WME)) 2394 return 0; 2395 2396 wme.flags = 0; 2397 for (ac = 0; ac < WME_NUM_AC; ac++) { 2398 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 2399 wme.ac[ac].aifsn = wmep->wmep_aifsn; 2400 wme.ac[ac].cwmin = WPI_EXP2(wmep->wmep_logcwmin); 2401 wme.ac[ac].cwmax = WPI_EXP2(wmep->wmep_logcwmax); 2402 wme.ac[ac].txop = WPI_USEC(wmep->wmep_txopLimit); 2403 2404 DPRINTF(("setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d " 2405 "txop=%d\n", ac, wme.ac[ac].aifsn, wme.ac[ac].cwmin, 2406 wme.ac[ac].cwmax, wme.ac[ac].txop)); 2407 } 2408 return wpi_cmd(sc, WPI_CMD_SET_WME, &wme, sizeof wme, 1); 2409 #undef WPI_USEC 2410 #undef WPI_EXP2 2411 } 2412 2413 /* 2414 * Configure h/w multi-rate retries. 2415 */ 2416 static int 2417 wpi_mrr_setup(struct wpi_softc *sc) 2418 { 2419 struct ifnet *ifp = sc->sc_ifp; 2420 struct ieee80211com *ic = ifp->if_l2com; 2421 struct wpi_mrr_setup mrr; 2422 int i, error; 2423 2424 memset(&mrr, 0, sizeof (struct wpi_mrr_setup)); 2425 2426 /* CCK rates (not used with 802.11a) */ 2427 for (i = WPI_CCK1; i <= WPI_CCK11; i++) { 2428 mrr.rates[i].flags = 0; 2429 mrr.rates[i].signal = wpi_ridx_to_plcp[i]; 2430 /* fallback to the immediate lower CCK rate (if any) */ 2431 mrr.rates[i].next = (i == WPI_CCK1) ? WPI_CCK1 : i - 1; 2432 /* try one time at this rate before falling back to "next" */ 2433 mrr.rates[i].ntries = 1; 2434 } 2435 2436 /* OFDM rates (not used with 802.11b) */ 2437 for (i = WPI_OFDM6; i <= WPI_OFDM54; i++) { 2438 mrr.rates[i].flags = 0; 2439 mrr.rates[i].signal = wpi_ridx_to_plcp[i]; 2440 /* fallback to the immediate lower OFDM rate (if any) */ 2441 /* we allow fallback from OFDM/6 to CCK/2 in 11b/g mode */ 2442 mrr.rates[i].next = (i == WPI_OFDM6) ? 2443 ((ic->ic_curmode == IEEE80211_MODE_11A) ? 2444 WPI_OFDM6 : WPI_CCK2) : 2445 i - 1; 2446 /* try one time at this rate before falling back to "next" */ 2447 mrr.rates[i].ntries = 1; 2448 } 2449 2450 /* setup MRR for control frames */ 2451 mrr.which = WPI_MRR_CTL; 2452 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0); 2453 if (error != 0) { 2454 device_printf(sc->sc_dev, 2455 "could not setup MRR for control frames\n"); 2456 return error; 2457 } 2458 2459 /* setup MRR for data frames */ 2460 mrr.which = WPI_MRR_DATA; 2461 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0); 2462 if (error != 0) { 2463 device_printf(sc->sc_dev, 2464 "could not setup MRR for data frames\n"); 2465 return error; 2466 } 2467 2468 return 0; 2469 } 2470 2471 static void 2472 wpi_set_led(struct wpi_softc *sc, uint8_t which, uint8_t off, uint8_t on) 2473 { 2474 struct wpi_cmd_led led; 2475 2476 led.which = which; 2477 led.unit = htole32(100000); /* on/off in unit of 100ms */ 2478 led.off = off; 2479 led.on = on; 2480 2481 (void)wpi_cmd(sc, WPI_CMD_SET_LED, &led, sizeof led, 1); 2482 } 2483 2484 static void 2485 wpi_enable_tsf(struct wpi_softc *sc, struct ieee80211_node *ni) 2486 { 2487 struct wpi_cmd_tsf tsf; 2488 uint64_t val, mod; 2489 2490 memset(&tsf, 0, sizeof tsf); 2491 memcpy(&tsf.tstamp, ni->ni_tstamp.data, 8); 2492 tsf.bintval = htole16(ni->ni_intval); 2493 tsf.lintval = htole16(10); 2494 2495 /* compute remaining time until next beacon */ 2496 val = (uint64_t)ni->ni_intval * 1024; /* msec -> usec */ 2497 mod = le64toh(tsf.tstamp) % val; 2498 tsf.binitval = htole32((uint32_t)(val - mod)); 2499 2500 if (wpi_cmd(sc, WPI_CMD_TSF, &tsf, sizeof tsf, 1) != 0) 2501 device_printf(sc->sc_dev, "could not enable TSF\n"); 2502 } 2503 2504 #if 0 2505 /* 2506 * Build a beacon frame that the firmware will broadcast periodically in 2507 * IBSS or HostAP modes. 2508 */ 2509 static int 2510 wpi_setup_beacon(struct wpi_softc *sc, struct ieee80211_node *ni) 2511 { 2512 struct ifnet *ifp = sc->sc_ifp; 2513 struct ieee80211com *ic = ifp->if_l2com; 2514 struct wpi_tx_ring *ring = &sc->cmdq; 2515 struct wpi_tx_desc *desc; 2516 struct wpi_tx_data *data; 2517 struct wpi_tx_cmd *cmd; 2518 struct wpi_cmd_beacon *bcn; 2519 struct ieee80211_beacon_offsets bo; 2520 struct mbuf *m0; 2521 bus_addr_t physaddr; 2522 int error; 2523 2524 desc = &ring->desc[ring->cur]; 2525 data = &ring->data[ring->cur]; 2526 2527 m0 = ieee80211_beacon_alloc(ic, ni, &bo); 2528 if (m0 == NULL) { 2529 device_printf(sc->sc_dev, "could not allocate beacon frame\n"); 2530 return ENOMEM; 2531 } 2532 2533 cmd = &ring->cmd[ring->cur]; 2534 cmd->code = WPI_CMD_SET_BEACON; 2535 cmd->flags = 0; 2536 cmd->qid = ring->qid; 2537 cmd->idx = ring->cur; 2538 2539 bcn = (struct wpi_cmd_beacon *)cmd->data; 2540 memset(bcn, 0, sizeof (struct wpi_cmd_beacon)); 2541 bcn->id = WPI_ID_BROADCAST; 2542 bcn->ofdm_mask = 0xff; 2543 bcn->cck_mask = 0x0f; 2544 bcn->lifetime = htole32(WPI_LIFETIME_INFINITE); 2545 bcn->len = htole16(m0->m_pkthdr.len); 2546 bcn->rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2547 wpi_plcp_signal(12) : wpi_plcp_signal(2); 2548 bcn->flags = htole32(WPI_TX_AUTO_SEQ | WPI_TX_INSERT_TSTAMP); 2549 2550 /* save and trim IEEE802.11 header */ 2551 m_copydata(m0, 0, sizeof (struct ieee80211_frame), (caddr_t)&bcn->wh); 2552 m_adj(m0, sizeof (struct ieee80211_frame)); 2553 2554 /* assume beacon frame is contiguous */ 2555 error = bus_dmamap_load(ring->data_dmat, data->map, mtod(m0, void *), 2556 m0->m_pkthdr.len, wpi_dma_map_addr, &physaddr, 0); 2557 if (error != 0) { 2558 device_printf(sc->sc_dev, "could not map beacon\n"); 2559 m_freem(m0); 2560 return error; 2561 } 2562 2563 data->m = m0; 2564 2565 /* first scatter/gather segment is used by the beacon command */ 2566 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 2 << 24); 2567 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 2568 ring->cur * sizeof (struct wpi_tx_cmd)); 2569 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_beacon)); 2570 desc->segs[1].addr = htole32(physaddr); 2571 desc->segs[1].len = htole32(m0->m_pkthdr.len); 2572 2573 /* kick cmd ring */ 2574 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2575 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2576 2577 return 0; 2578 } 2579 #endif 2580 2581 static int 2582 wpi_auth(struct wpi_softc *sc, struct ieee80211vap *vap) 2583 { 2584 struct ieee80211com *ic = vap->iv_ic; 2585 struct ieee80211_node *ni = vap->iv_bss; 2586 struct wpi_node_info node; 2587 int error; 2588 2589 2590 /* update adapter's configuration */ 2591 sc->config.associd = 0; 2592 sc->config.filter &= ~htole32(WPI_FILTER_BSS); 2593 IEEE80211_ADDR_COPY(sc->config.bssid, ni->ni_bssid); 2594 sc->config.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2595 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2596 sc->config.flags |= htole32(WPI_CONFIG_AUTO | 2597 WPI_CONFIG_24GHZ); 2598 } else { 2599 sc->config.flags &= ~htole32(WPI_CONFIG_AUTO | 2600 WPI_CONFIG_24GHZ); 2601 } 2602 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) { 2603 sc->config.cck_mask = 0; 2604 sc->config.ofdm_mask = 0x15; 2605 } else if (IEEE80211_IS_CHAN_B(ni->ni_chan)) { 2606 sc->config.cck_mask = 0x03; 2607 sc->config.ofdm_mask = 0; 2608 } else { 2609 /* XXX assume 802.11b/g */ 2610 sc->config.cck_mask = 0x0f; 2611 sc->config.ofdm_mask = 0x15; 2612 } 2613 2614 DPRINTF(("config chan %d flags %x cck %x ofdm %x\n", sc->config.chan, 2615 sc->config.flags, sc->config.cck_mask, sc->config.ofdm_mask)); 2616 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 2617 sizeof (struct wpi_config), 1); 2618 if (error != 0) { 2619 device_printf(sc->sc_dev, "could not configure\n"); 2620 return error; 2621 } 2622 2623 /* configuration has changed, set Tx power accordingly */ 2624 if ((error = wpi_set_txpower(sc, ni->ni_chan, 1)) != 0) { 2625 device_printf(sc->sc_dev, "could not set Tx power\n"); 2626 return error; 2627 } 2628 2629 /* add default node */ 2630 memset(&node, 0, sizeof node); 2631 IEEE80211_ADDR_COPY(node.bssid, ni->ni_bssid); 2632 node.id = WPI_ID_BSS; 2633 node.rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2634 wpi_plcp_signal(12) : wpi_plcp_signal(2); 2635 node.action = htole32(WPI_ACTION_SET_RATE); 2636 node.antenna = WPI_ANTENNA_BOTH; 2637 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 1); 2638 if (error != 0) 2639 device_printf(sc->sc_dev, "could not add BSS node\n"); 2640 2641 return (error); 2642 } 2643 2644 static int 2645 wpi_run(struct wpi_softc *sc, struct ieee80211vap *vap) 2646 { 2647 struct ieee80211com *ic = vap->iv_ic; 2648 struct ieee80211_node *ni = vap->iv_bss; 2649 int error; 2650 2651 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 2652 /* link LED blinks while monitoring */ 2653 wpi_set_led(sc, WPI_LED_LINK, 5, 5); 2654 return 0; 2655 } 2656 2657 wpi_enable_tsf(sc, ni); 2658 2659 /* update adapter's configuration */ 2660 sc->config.associd = htole16(ni->ni_associd & ~0xc000); 2661 /* short preamble/slot time are negotiated when associating */ 2662 sc->config.flags &= ~htole32(WPI_CONFIG_SHPREAMBLE | 2663 WPI_CONFIG_SHSLOT); 2664 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2665 sc->config.flags |= htole32(WPI_CONFIG_SHSLOT); 2666 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2667 sc->config.flags |= htole32(WPI_CONFIG_SHPREAMBLE); 2668 sc->config.filter |= htole32(WPI_FILTER_BSS); 2669 2670 /* XXX put somewhere HC_QOS_SUPPORT_ASSOC + HC_IBSS_START */ 2671 2672 DPRINTF(("config chan %d flags %x\n", sc->config.chan, 2673 sc->config.flags)); 2674 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, sizeof (struct 2675 wpi_config), 1); 2676 if (error != 0) { 2677 device_printf(sc->sc_dev, "could not update configuration\n"); 2678 return error; 2679 } 2680 2681 error = wpi_set_txpower(sc, ni->ni_chan, 1); 2682 if (error != 0) { 2683 device_printf(sc->sc_dev, "could set txpower\n"); 2684 return error; 2685 } 2686 2687 /* link LED always on while associated */ 2688 wpi_set_led(sc, WPI_LED_LINK, 0, 1); 2689 2690 /* start automatic rate control timer */ 2691 callout_reset(&sc->calib_to, 60*hz, wpi_calib_timeout, sc); 2692 2693 return (error); 2694 } 2695 2696 /* 2697 * Send a scan request to the firmware. Since this command is huge, we map it 2698 * into a mbufcluster instead of using the pre-allocated set of commands. Note, 2699 * much of this code is similar to that in wpi_cmd but because we must manually 2700 * construct the probe & channels, we duplicate what's needed here. XXX In the 2701 * future, this function should be modified to use wpi_cmd to help cleanup the 2702 * code base. 2703 */ 2704 static int 2705 wpi_scan(struct wpi_softc *sc) 2706 { 2707 struct ifnet *ifp = sc->sc_ifp; 2708 struct ieee80211com *ic = ifp->if_l2com; 2709 struct ieee80211_scan_state *ss = ic->ic_scan; 2710 struct wpi_tx_ring *ring = &sc->cmdq; 2711 struct wpi_tx_desc *desc; 2712 struct wpi_tx_data *data; 2713 struct wpi_tx_cmd *cmd; 2714 struct wpi_scan_hdr *hdr; 2715 struct wpi_scan_chan *chan; 2716 struct ieee80211_frame *wh; 2717 struct ieee80211_rateset *rs; 2718 struct ieee80211_channel *c; 2719 enum ieee80211_phymode mode; 2720 uint8_t *frm; 2721 int pktlen, error, i, nssid; 2722 bus_addr_t physaddr; 2723 2724 desc = &ring->desc[ring->cur]; 2725 data = &ring->data[ring->cur]; 2726 2727 data->m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 2728 if (data->m == NULL) { 2729 device_printf(sc->sc_dev, 2730 "could not allocate mbuf for scan command\n"); 2731 return ENOMEM; 2732 } 2733 2734 cmd = mtod(data->m, struct wpi_tx_cmd *); 2735 cmd->code = WPI_CMD_SCAN; 2736 cmd->flags = 0; 2737 cmd->qid = ring->qid; 2738 cmd->idx = ring->cur; 2739 2740 hdr = (struct wpi_scan_hdr *)cmd->data; 2741 memset(hdr, 0, sizeof(struct wpi_scan_hdr)); 2742 2743 /* 2744 * Move to the next channel if no packets are received within 5 msecs 2745 * after sending the probe request (this helps to reduce the duration 2746 * of active scans). 2747 */ 2748 hdr->quiet = htole16(5); 2749 hdr->threshold = htole16(1); 2750 2751 if (IEEE80211_IS_CHAN_A(ic->ic_curchan)) { 2752 /* send probe requests at 6Mbps */ 2753 hdr->tx.rate = wpi_ridx_to_plcp[WPI_OFDM6]; 2754 2755 /* Enable crc checking */ 2756 hdr->promotion = htole16(1); 2757 } else { 2758 hdr->flags = htole32(WPI_CONFIG_24GHZ | WPI_CONFIG_AUTO); 2759 /* send probe requests at 1Mbps */ 2760 hdr->tx.rate = wpi_ridx_to_plcp[WPI_CCK1]; 2761 } 2762 hdr->tx.id = WPI_ID_BROADCAST; 2763 hdr->tx.lifetime = htole32(WPI_LIFETIME_INFINITE); 2764 hdr->tx.flags = htole32(WPI_TX_AUTO_SEQ); 2765 2766 memset(hdr->scan_essids, 0, sizeof(hdr->scan_essids)); 2767 nssid = MIN(ss->ss_nssid, WPI_SCAN_MAX_ESSIDS); 2768 for (i = 0; i < nssid; i++) { 2769 hdr->scan_essids[i].id = IEEE80211_ELEMID_SSID; 2770 hdr->scan_essids[i].esslen = MIN(ss->ss_ssid[i].len, IEEE80211_NWID_LEN); 2771 memcpy(hdr->scan_essids[i].essid, ss->ss_ssid[i].ssid, 2772 hdr->scan_essids[i].esslen); 2773 #ifdef WPI_DEBUG 2774 if (wpi_debug & WPI_DEBUG_SCANNING) { 2775 kprintf("Scanning Essid: "); 2776 ieee80211_print_essid(hdr->scan_essids[i].essid, 2777 hdr->scan_essids[i].esslen); 2778 kprintf("\n"); 2779 } 2780 #endif 2781 } 2782 2783 /* 2784 * Build a probe request frame. Most of the following code is a 2785 * copy & paste of what is done in net80211. 2786 */ 2787 wh = (struct ieee80211_frame *)&hdr->scan_essids[WPI_SCAN_MAX_ESSIDS]; 2788 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2789 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 2790 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2791 IEEE80211_ADDR_COPY(wh->i_addr1, ifp->if_broadcastaddr); 2792 IEEE80211_ADDR_COPY(wh->i_addr2, IF_LLADDR(ifp)); 2793 IEEE80211_ADDR_COPY(wh->i_addr3, ifp->if_broadcastaddr); 2794 *(u_int16_t *)&wh->i_dur[0] = 0; /* filled by h/w */ 2795 *(u_int16_t *)&wh->i_seq[0] = 0; /* filled by h/w */ 2796 2797 frm = (uint8_t *)(wh + 1); 2798 2799 mode = ieee80211_chan2mode(ic->ic_curchan); 2800 rs = &ic->ic_sup_rates[mode]; 2801 2802 frm = ieee80211_add_ssid(frm, NULL, 0); 2803 frm = ieee80211_add_rates(frm, rs); 2804 frm = ieee80211_add_xrates(frm, rs); 2805 2806 /* setup length of probe request */ 2807 hdr->tx.len = htole16(frm - (uint8_t *)wh); 2808 2809 /* 2810 * Construct information about the channel that we 2811 * want to scan. The firmware expects this to be directly 2812 * after the scan probe request 2813 */ 2814 c = ic->ic_curchan; 2815 chan = (struct wpi_scan_chan *)frm; 2816 chan->chan = ieee80211_chan2ieee(ic, c); 2817 chan->flags = 0; 2818 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) { 2819 chan->flags |= WPI_CHAN_ACTIVE; 2820 if (nssid != 0) 2821 chan->flags |= WPI_CHAN_DIRECT; 2822 } 2823 chan->gain_dsp = 0x6e; /* Default level */ 2824 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2825 chan->active = htole16(10); 2826 chan->passive = htole16(ss->ss_maxdwell); 2827 chan->gain_radio = 0x3b; 2828 } else { 2829 chan->active = htole16(20); 2830 chan->passive = htole16(ss->ss_maxdwell); 2831 chan->gain_radio = 0x28; 2832 } 2833 2834 DPRINTFN(WPI_DEBUG_SCANNING, 2835 ("Scanning %u Passive: %d\n", 2836 chan->chan, 2837 c->ic_flags & IEEE80211_CHAN_PASSIVE)); 2838 2839 hdr->nchan++; 2840 chan++; 2841 2842 frm += sizeof (struct wpi_scan_chan); 2843 #if 0 2844 // XXX All Channels.... 2845 for (c = &ic->ic_channels[1]; 2846 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 2847 if ((c->ic_flags & ic->ic_curchan->ic_flags) != ic->ic_curchan->ic_flags) 2848 continue; 2849 2850 chan->chan = ieee80211_chan2ieee(ic, c); 2851 chan->flags = 0; 2852 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) { 2853 chan->flags |= WPI_CHAN_ACTIVE; 2854 if (ic->ic_des_ssid[0].len != 0) 2855 chan->flags |= WPI_CHAN_DIRECT; 2856 } 2857 chan->gain_dsp = 0x6e; /* Default level */ 2858 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2859 chan->active = htole16(10); 2860 chan->passive = htole16(110); 2861 chan->gain_radio = 0x3b; 2862 } else { 2863 chan->active = htole16(20); 2864 chan->passive = htole16(120); 2865 chan->gain_radio = 0x28; 2866 } 2867 2868 DPRINTFN(WPI_DEBUG_SCANNING, 2869 ("Scanning %u Passive: %d\n", 2870 chan->chan, 2871 c->ic_flags & IEEE80211_CHAN_PASSIVE)); 2872 2873 hdr->nchan++; 2874 chan++; 2875 2876 frm += sizeof (struct wpi_scan_chan); 2877 } 2878 #endif 2879 2880 hdr->len = htole16(frm - (uint8_t *)hdr); 2881 pktlen = frm - (uint8_t *)cmd; 2882 2883 error = bus_dmamap_load(ring->data_dmat, data->map, cmd, pktlen, 2884 wpi_dma_map_addr, &physaddr, BUS_DMA_NOWAIT); 2885 if (error != 0) { 2886 device_printf(sc->sc_dev, "could not map scan command\n"); 2887 m_freem(data->m); 2888 data->m = NULL; 2889 return error; 2890 } 2891 2892 desc->flags = htole32(WPI_PAD32(pktlen) << 28 | 1 << 24); 2893 desc->segs[0].addr = htole32(physaddr); 2894 desc->segs[0].len = htole32(pktlen); 2895 2896 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 2897 BUS_DMASYNC_PREWRITE); 2898 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 2899 2900 /* kick cmd ring */ 2901 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2902 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2903 2904 sc->sc_scan_timer = 5; 2905 return 0; /* will be notified async. of failure/success */ 2906 } 2907 2908 /** 2909 * Configure the card to listen to a particular channel, this transisions the 2910 * card in to being able to receive frames from remote devices. 2911 */ 2912 static int 2913 wpi_config(struct wpi_softc *sc) 2914 { 2915 struct ifnet *ifp = sc->sc_ifp; 2916 struct ieee80211com *ic = ifp->if_l2com; 2917 struct wpi_power power; 2918 struct wpi_bluetooth bluetooth; 2919 struct wpi_node_info node; 2920 int error; 2921 2922 /* set power mode */ 2923 memset(&power, 0, sizeof power); 2924 power.flags = htole32(WPI_POWER_CAM|0x8); 2925 error = wpi_cmd(sc, WPI_CMD_SET_POWER_MODE, &power, sizeof power, 0); 2926 if (error != 0) { 2927 device_printf(sc->sc_dev, "could not set power mode\n"); 2928 return error; 2929 } 2930 2931 /* configure bluetooth coexistence */ 2932 memset(&bluetooth, 0, sizeof bluetooth); 2933 bluetooth.flags = 3; 2934 bluetooth.lead = 0xaa; 2935 bluetooth.kill = 1; 2936 error = wpi_cmd(sc, WPI_CMD_BLUETOOTH, &bluetooth, sizeof bluetooth, 2937 0); 2938 if (error != 0) { 2939 device_printf(sc->sc_dev, 2940 "could not configure bluetooth coexistence\n"); 2941 return error; 2942 } 2943 2944 /* configure adapter */ 2945 memset(&sc->config, 0, sizeof (struct wpi_config)); 2946 IEEE80211_ADDR_COPY(sc->config.myaddr, IF_LLADDR(ifp)); 2947 /*set default channel*/ 2948 sc->config.chan = htole16(ieee80211_chan2ieee(ic, ic->ic_curchan)); 2949 sc->config.flags = htole32(WPI_CONFIG_TSF); 2950 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) { 2951 sc->config.flags |= htole32(WPI_CONFIG_AUTO | 2952 WPI_CONFIG_24GHZ); 2953 } 2954 sc->config.filter = 0; 2955 switch (ic->ic_opmode) { 2956 case IEEE80211_M_STA: 2957 case IEEE80211_M_WDS: /* No know setup, use STA for now */ 2958 sc->config.mode = WPI_MODE_STA; 2959 sc->config.filter |= htole32(WPI_FILTER_MULTICAST); 2960 break; 2961 case IEEE80211_M_IBSS: 2962 case IEEE80211_M_AHDEMO: 2963 sc->config.mode = WPI_MODE_IBSS; 2964 sc->config.filter |= htole32(WPI_FILTER_BEACON | 2965 WPI_FILTER_MULTICAST); 2966 break; 2967 case IEEE80211_M_HOSTAP: 2968 sc->config.mode = WPI_MODE_HOSTAP; 2969 break; 2970 case IEEE80211_M_MONITOR: 2971 sc->config.mode = WPI_MODE_MONITOR; 2972 sc->config.filter |= htole32(WPI_FILTER_MULTICAST | 2973 WPI_FILTER_CTL | WPI_FILTER_PROMISC); 2974 break; 2975 default: 2976 device_printf(sc->sc_dev, "unknown opmode %d\n", ic->ic_opmode); 2977 return EINVAL; 2978 } 2979 sc->config.cck_mask = 0x0f; /* not yet negotiated */ 2980 sc->config.ofdm_mask = 0xff; /* not yet negotiated */ 2981 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 2982 sizeof (struct wpi_config), 0); 2983 if (error != 0) { 2984 device_printf(sc->sc_dev, "configure command failed\n"); 2985 return error; 2986 } 2987 2988 /* configuration has changed, set Tx power accordingly */ 2989 if ((error = wpi_set_txpower(sc, ic->ic_curchan, 0)) != 0) { 2990 device_printf(sc->sc_dev, "could not set Tx power\n"); 2991 return error; 2992 } 2993 2994 /* add broadcast node */ 2995 memset(&node, 0, sizeof node); 2996 IEEE80211_ADDR_COPY(node.bssid, ifp->if_broadcastaddr); 2997 node.id = WPI_ID_BROADCAST; 2998 node.rate = wpi_plcp_signal(2); 2999 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 0); 3000 if (error != 0) { 3001 device_printf(sc->sc_dev, "could not add broadcast node\n"); 3002 return error; 3003 } 3004 3005 /* Setup rate scalling */ 3006 error = wpi_mrr_setup(sc); 3007 if (error != 0) { 3008 device_printf(sc->sc_dev, "could not setup MRR\n"); 3009 return error; 3010 } 3011 3012 return 0; 3013 } 3014 3015 static void 3016 wpi_stop_master(struct wpi_softc *sc) 3017 { 3018 uint32_t tmp; 3019 int ntries; 3020 3021 DPRINTFN(WPI_DEBUG_HW,("Disabling Firmware execution\n")); 3022 3023 tmp = WPI_READ(sc, WPI_RESET); 3024 WPI_WRITE(sc, WPI_RESET, tmp | WPI_STOP_MASTER | WPI_NEVO_RESET); 3025 3026 tmp = WPI_READ(sc, WPI_GPIO_CTL); 3027 if ((tmp & WPI_GPIO_PWR_STATUS) == WPI_GPIO_PWR_SLEEP) 3028 return; /* already asleep */ 3029 3030 for (ntries = 0; ntries < 100; ntries++) { 3031 if (WPI_READ(sc, WPI_RESET) & WPI_MASTER_DISABLED) 3032 break; 3033 DELAY(10); 3034 } 3035 if (ntries == 100) { 3036 device_printf(sc->sc_dev, "timeout waiting for master\n"); 3037 } 3038 } 3039 3040 static int 3041 wpi_power_up(struct wpi_softc *sc) 3042 { 3043 uint32_t tmp; 3044 int ntries; 3045 3046 wpi_mem_lock(sc); 3047 tmp = wpi_mem_read(sc, WPI_MEM_POWER); 3048 wpi_mem_write(sc, WPI_MEM_POWER, tmp & ~0x03000000); 3049 wpi_mem_unlock(sc); 3050 3051 for (ntries = 0; ntries < 5000; ntries++) { 3052 if (WPI_READ(sc, WPI_GPIO_STATUS) & WPI_POWERED) 3053 break; 3054 DELAY(10); 3055 } 3056 if (ntries == 5000) { 3057 device_printf(sc->sc_dev, 3058 "timeout waiting for NIC to power up\n"); 3059 return ETIMEDOUT; 3060 } 3061 return 0; 3062 } 3063 3064 static int 3065 wpi_reset(struct wpi_softc *sc) 3066 { 3067 uint32_t tmp; 3068 int ntries; 3069 3070 DPRINTFN(WPI_DEBUG_HW, 3071 ("Resetting the card - clearing any uploaded firmware\n")); 3072 3073 /* clear any pending interrupts */ 3074 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 3075 3076 tmp = WPI_READ(sc, WPI_PLL_CTL); 3077 WPI_WRITE(sc, WPI_PLL_CTL, tmp | WPI_PLL_INIT); 3078 3079 tmp = WPI_READ(sc, WPI_CHICKEN); 3080 WPI_WRITE(sc, WPI_CHICKEN, tmp | WPI_CHICKEN_RXNOLOS); 3081 3082 tmp = WPI_READ(sc, WPI_GPIO_CTL); 3083 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_INIT); 3084 3085 /* wait for clock stabilization */ 3086 for (ntries = 0; ntries < 25000; ntries++) { 3087 if (WPI_READ(sc, WPI_GPIO_CTL) & WPI_GPIO_CLOCK) 3088 break; 3089 DELAY(10); 3090 } 3091 if (ntries == 25000) { 3092 device_printf(sc->sc_dev, 3093 "timeout waiting for clock stabilization\n"); 3094 return ETIMEDOUT; 3095 } 3096 3097 /* initialize EEPROM */ 3098 tmp = WPI_READ(sc, WPI_EEPROM_STATUS); 3099 3100 if ((tmp & WPI_EEPROM_VERSION) == 0) { 3101 device_printf(sc->sc_dev, "EEPROM not found\n"); 3102 return EIO; 3103 } 3104 WPI_WRITE(sc, WPI_EEPROM_STATUS, tmp & ~WPI_EEPROM_LOCKED); 3105 3106 return 0; 3107 } 3108 3109 static void 3110 wpi_hw_config(struct wpi_softc *sc) 3111 { 3112 uint32_t rev, hw; 3113 3114 /* voodoo from the Linux "driver".. */ 3115 hw = WPI_READ(sc, WPI_HWCONFIG); 3116 3117 rev = pci_read_config(sc->sc_dev, PCIR_REVID, 1); 3118 if ((rev & 0xc0) == 0x40) 3119 hw |= WPI_HW_ALM_MB; 3120 else if (!(rev & 0x80)) 3121 hw |= WPI_HW_ALM_MM; 3122 3123 if (sc->cap == 0x80) 3124 hw |= WPI_HW_SKU_MRC; 3125 3126 hw &= ~WPI_HW_REV_D; 3127 if ((le16toh(sc->rev) & 0xf0) == 0xd0) 3128 hw |= WPI_HW_REV_D; 3129 3130 if (sc->type > 1) 3131 hw |= WPI_HW_TYPE_B; 3132 3133 WPI_WRITE(sc, WPI_HWCONFIG, hw); 3134 } 3135 3136 static void 3137 wpi_rfkill_resume(struct wpi_softc *sc) 3138 { 3139 struct ifnet *ifp = sc->sc_ifp; 3140 struct ieee80211com *ic = ifp->if_l2com; 3141 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3142 int ntries; 3143 3144 /* enable firmware again */ 3145 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3146 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_DISABLE_CMD); 3147 3148 /* wait for thermal sensors to calibrate */ 3149 for (ntries = 0; ntries < 1000; ntries++) { 3150 if ((sc->temp = (int)WPI_READ(sc, WPI_TEMPERATURE)) != 0) 3151 break; 3152 DELAY(10); 3153 } 3154 3155 if (ntries == 1000) { 3156 device_printf(sc->sc_dev, 3157 "timeout waiting for thermal calibration\n"); 3158 return; 3159 } 3160 DPRINTFN(WPI_DEBUG_TEMP,("temperature %d\n", sc->temp)); 3161 3162 if (wpi_config(sc) != 0) { 3163 device_printf(sc->sc_dev, "device config failed\n"); 3164 return; 3165 } 3166 3167 #if defined(__DragonFly__) 3168 ifq_clr_oactive(&ifp->if_snd); 3169 ifp->if_flags |= IFF_RUNNING; 3170 #else 3171 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3172 ifp->if_drv_flags |= IFF_DRV_RUNNING; 3173 #endif 3174 sc->flags &= ~WPI_FLAG_HW_RADIO_OFF; 3175 3176 if (vap != NULL) { 3177 if ((ic->ic_flags & IEEE80211_F_SCAN) == 0) { 3178 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 3179 ieee80211_beacon_miss(ic); 3180 wpi_set_led(sc, WPI_LED_LINK, 0, 1); 3181 } else 3182 wpi_set_led(sc, WPI_LED_LINK, 5, 5); 3183 } else { 3184 ieee80211_scan_next(vap); 3185 wpi_set_led(sc, WPI_LED_LINK, 20, 2); 3186 } 3187 } 3188 3189 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc); 3190 } 3191 3192 static void 3193 wpi_init_locked(struct wpi_softc *sc, int force) 3194 { 3195 struct ifnet *ifp = sc->sc_ifp; 3196 uint32_t tmp; 3197 int ntries, qid; 3198 3199 wpi_stop_locked(sc); 3200 (void)wpi_reset(sc); 3201 3202 wpi_mem_lock(sc); 3203 wpi_mem_write(sc, WPI_MEM_CLOCK1, 0xa00); 3204 DELAY(20); 3205 tmp = wpi_mem_read(sc, WPI_MEM_PCIDEV); 3206 wpi_mem_write(sc, WPI_MEM_PCIDEV, tmp | 0x800); 3207 wpi_mem_unlock(sc); 3208 3209 (void)wpi_power_up(sc); 3210 wpi_hw_config(sc); 3211 3212 /* init Rx ring */ 3213 wpi_mem_lock(sc); 3214 WPI_WRITE(sc, WPI_RX_BASE, sc->rxq.desc_dma.paddr); 3215 WPI_WRITE(sc, WPI_RX_RIDX_PTR, sc->shared_dma.paddr + 3216 offsetof(struct wpi_shared, next)); 3217 WPI_WRITE(sc, WPI_RX_WIDX, (WPI_RX_RING_COUNT - 1) & ~7); 3218 WPI_WRITE(sc, WPI_RX_CONFIG, 0xa9601010); 3219 wpi_mem_unlock(sc); 3220 3221 /* init Tx rings */ 3222 wpi_mem_lock(sc); 3223 wpi_mem_write(sc, WPI_MEM_MODE, 2); /* bypass mode */ 3224 wpi_mem_write(sc, WPI_MEM_RA, 1); /* enable RA0 */ 3225 wpi_mem_write(sc, WPI_MEM_TXCFG, 0x3f); /* enable all 6 Tx rings */ 3226 wpi_mem_write(sc, WPI_MEM_BYPASS1, 0x10000); 3227 wpi_mem_write(sc, WPI_MEM_BYPASS2, 0x30002); 3228 wpi_mem_write(sc, WPI_MEM_MAGIC4, 4); 3229 wpi_mem_write(sc, WPI_MEM_MAGIC5, 5); 3230 3231 WPI_WRITE(sc, WPI_TX_BASE_PTR, sc->shared_dma.paddr); 3232 WPI_WRITE(sc, WPI_MSG_CONFIG, 0xffff05a5); 3233 3234 for (qid = 0; qid < 6; qid++) { 3235 WPI_WRITE(sc, WPI_TX_CTL(qid), 0); 3236 WPI_WRITE(sc, WPI_TX_BASE(qid), 0); 3237 WPI_WRITE(sc, WPI_TX_CONFIG(qid), 0x80200008); 3238 } 3239 wpi_mem_unlock(sc); 3240 3241 /* clear "radio off" and "disable command" bits (reversed logic) */ 3242 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3243 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_DISABLE_CMD); 3244 sc->flags &= ~WPI_FLAG_HW_RADIO_OFF; 3245 3246 /* clear any pending interrupts */ 3247 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 3248 3249 /* enable interrupts */ 3250 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 3251 3252 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3253 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3254 3255 if ((wpi_load_firmware(sc)) != 0) { 3256 device_printf(sc->sc_dev, 3257 "A problem occurred loading the firmware to the driver\n"); 3258 return; 3259 } 3260 3261 /* At this point the firmware is up and running. If the hardware 3262 * RF switch is turned off thermal calibration will fail, though 3263 * the card is still happy to continue to accept commands, catch 3264 * this case and schedule a task to watch for it to be turned on. 3265 */ 3266 wpi_mem_lock(sc); 3267 tmp = wpi_mem_read(sc, WPI_MEM_HW_RADIO_OFF); 3268 wpi_mem_unlock(sc); 3269 3270 if (!(tmp & 0x1)) { 3271 sc->flags |= WPI_FLAG_HW_RADIO_OFF; 3272 device_printf(sc->sc_dev,"Radio Transmitter is switched off\n"); 3273 goto out; 3274 } 3275 3276 /* wait for thermal sensors to calibrate */ 3277 for (ntries = 0; ntries < 1000; ntries++) { 3278 if ((sc->temp = (int)WPI_READ(sc, WPI_TEMPERATURE)) != 0) 3279 break; 3280 DELAY(10); 3281 } 3282 3283 if (ntries == 1000) { 3284 device_printf(sc->sc_dev, 3285 "timeout waiting for thermal sensors calibration\n"); 3286 return; 3287 } 3288 DPRINTFN(WPI_DEBUG_TEMP,("temperature %d\n", sc->temp)); 3289 3290 if (wpi_config(sc) != 0) { 3291 device_printf(sc->sc_dev, "device config failed\n"); 3292 return; 3293 } 3294 3295 #if defined(__DragonFly__) 3296 ifq_clr_oactive(&ifp->if_snd); 3297 ifp->if_flags |= IFF_RUNNING; 3298 #else 3299 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3300 ifp->if_drv_flags |= IFF_DRV_RUNNING; 3301 #endif 3302 out: 3303 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc); 3304 } 3305 3306 static void 3307 wpi_init(void *arg) 3308 { 3309 struct wpi_softc *sc = arg; 3310 struct ifnet *ifp = sc->sc_ifp; 3311 struct ieee80211com *ic = ifp->if_l2com; 3312 3313 WPI_LOCK(sc); 3314 wpi_init_locked(sc, 0); 3315 WPI_UNLOCK(sc); 3316 3317 #if defined(__DragonFly__) 3318 if (ifp->if_flags & IFF_RUNNING) 3319 ieee80211_start_all(ic); /* start all vaps */ 3320 #else 3321 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 3322 ieee80211_start_all(ic); /* start all vaps */ 3323 #endif 3324 } 3325 3326 static void 3327 wpi_stop_locked(struct wpi_softc *sc) 3328 { 3329 struct ifnet *ifp = sc->sc_ifp; 3330 uint32_t tmp; 3331 int ac; 3332 3333 sc->sc_tx_timer = 0; 3334 sc->sc_scan_timer = 0; 3335 #if defined(__DragonFly__) 3336 ifq_clr_oactive(&ifp->if_snd); 3337 ifp->if_flags &= ~IFF_RUNNING; 3338 #else 3339 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 3340 #endif 3341 sc->flags &= ~WPI_FLAG_HW_RADIO_OFF; 3342 callout_stop_sync(&sc->watchdog_to); 3343 callout_stop_sync(&sc->calib_to); 3344 3345 /* disable interrupts */ 3346 WPI_WRITE(sc, WPI_MASK, 0); 3347 WPI_WRITE(sc, WPI_INTR, WPI_INTR_MASK); 3348 WPI_WRITE(sc, WPI_INTR_STATUS, 0xff); 3349 WPI_WRITE(sc, WPI_INTR_STATUS, 0x00070000); 3350 3351 wpi_mem_lock(sc); 3352 wpi_mem_write(sc, WPI_MEM_MODE, 0); 3353 wpi_mem_unlock(sc); 3354 3355 /* reset all Tx rings */ 3356 for (ac = 0; ac < 4; ac++) 3357 wpi_reset_tx_ring(sc, &sc->txq[ac]); 3358 wpi_reset_tx_ring(sc, &sc->cmdq); 3359 3360 /* reset Rx ring */ 3361 wpi_reset_rx_ring(sc, &sc->rxq); 3362 3363 wpi_mem_lock(sc); 3364 wpi_mem_write(sc, WPI_MEM_CLOCK2, 0x200); 3365 wpi_mem_unlock(sc); 3366 3367 DELAY(5); 3368 3369 wpi_stop_master(sc); 3370 3371 tmp = WPI_READ(sc, WPI_RESET); 3372 WPI_WRITE(sc, WPI_RESET, tmp | WPI_SW_RESET); 3373 sc->flags &= ~WPI_FLAG_BUSY; 3374 } 3375 3376 static void 3377 wpi_stop(struct wpi_softc *sc) 3378 { 3379 WPI_LOCK(sc); 3380 wpi_stop_locked(sc); 3381 WPI_UNLOCK(sc); 3382 } 3383 3384 static void 3385 wpi_calib_timeout(void *arg) 3386 { 3387 struct wpi_softc *sc = arg; 3388 struct ifnet *ifp = sc->sc_ifp; 3389 struct ieee80211com *ic = ifp->if_l2com; 3390 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3391 int temp; 3392 3393 if (vap->iv_state != IEEE80211_S_RUN) 3394 return; 3395 3396 /* update sensor data */ 3397 temp = (int)WPI_READ(sc, WPI_TEMPERATURE); 3398 DPRINTFN(WPI_DEBUG_TEMP,("Temp in calibration is: %d\n", temp)); 3399 3400 wpi_power_calibration(sc, temp); 3401 3402 callout_reset(&sc->calib_to, 60*hz, wpi_calib_timeout, sc); 3403 } 3404 3405 /* 3406 * This function is called periodically (every 60 seconds) to adjust output 3407 * power to temperature changes. 3408 */ 3409 static void 3410 wpi_power_calibration(struct wpi_softc *sc, int temp) 3411 { 3412 struct ifnet *ifp = sc->sc_ifp; 3413 struct ieee80211com *ic = ifp->if_l2com; 3414 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3415 3416 /* sanity-check read value */ 3417 if (temp < -260 || temp > 25) { 3418 /* this can't be correct, ignore */ 3419 DPRINTFN(WPI_DEBUG_TEMP, 3420 ("out-of-range temperature reported: %d\n", temp)); 3421 return; 3422 } 3423 3424 DPRINTFN(WPI_DEBUG_TEMP,("temperature %d->%d\n", sc->temp, temp)); 3425 3426 /* adjust Tx power if need be */ 3427 if (abs(temp - sc->temp) <= 6) 3428 return; 3429 3430 sc->temp = temp; 3431 3432 if (wpi_set_txpower(sc, vap->iv_bss->ni_chan, 1) != 0) { 3433 /* just warn, too bad for the automatic calibration... */ 3434 device_printf(sc->sc_dev,"could not adjust Tx power\n"); 3435 } 3436 } 3437 3438 /** 3439 * Read the eeprom to find out what channels are valid for the given 3440 * band and update net80211 with what we find. 3441 */ 3442 static void 3443 wpi_read_eeprom_channels(struct wpi_softc *sc, int n) 3444 { 3445 struct ifnet *ifp = sc->sc_ifp; 3446 struct ieee80211com *ic = ifp->if_l2com; 3447 const struct wpi_chan_band *band = &wpi_bands[n]; 3448 struct wpi_eeprom_chan channels[WPI_MAX_CHAN_PER_BAND]; 3449 struct ieee80211_channel *c; 3450 int chan, i, passive; 3451 3452 wpi_read_prom_data(sc, band->addr, channels, 3453 band->nchan * sizeof (struct wpi_eeprom_chan)); 3454 3455 for (i = 0; i < band->nchan; i++) { 3456 if (!(channels[i].flags & WPI_EEPROM_CHAN_VALID)) { 3457 DPRINTFN(WPI_DEBUG_HW, 3458 ("Channel Not Valid: %d, band %d\n", 3459 band->chan[i],n)); 3460 continue; 3461 } 3462 3463 passive = 0; 3464 chan = band->chan[i]; 3465 c = &ic->ic_channels[ic->ic_nchans++]; 3466 3467 /* is active scan allowed on this channel? */ 3468 if (!(channels[i].flags & WPI_EEPROM_CHAN_ACTIVE)) { 3469 passive = IEEE80211_CHAN_PASSIVE; 3470 } 3471 3472 if (n == 0) { /* 2GHz band */ 3473 c->ic_ieee = chan; 3474 c->ic_freq = ieee80211_ieee2mhz(chan, 3475 IEEE80211_CHAN_2GHZ); 3476 c->ic_flags = IEEE80211_CHAN_B | passive; 3477 3478 c = &ic->ic_channels[ic->ic_nchans++]; 3479 c->ic_ieee = chan; 3480 c->ic_freq = ieee80211_ieee2mhz(chan, 3481 IEEE80211_CHAN_2GHZ); 3482 c->ic_flags = IEEE80211_CHAN_G | passive; 3483 3484 } else { /* 5GHz band */ 3485 /* 3486 * Some 3945ABG adapters support channels 7, 8, 11 3487 * and 12 in the 2GHz *and* 5GHz bands. 3488 * Because of limitations in our net80211(9) stack, 3489 * we can't support these channels in 5GHz band. 3490 * XXX not true; just need to map to proper frequency 3491 */ 3492 if (chan <= 14) 3493 continue; 3494 3495 c->ic_ieee = chan; 3496 c->ic_freq = ieee80211_ieee2mhz(chan, 3497 IEEE80211_CHAN_5GHZ); 3498 c->ic_flags = IEEE80211_CHAN_A | passive; 3499 } 3500 3501 /* save maximum allowed power for this channel */ 3502 sc->maxpwr[chan] = channels[i].maxpwr; 3503 3504 #if 0 3505 // XXX We can probably use this an get rid of maxpwr - ben 20070617 3506 ic->ic_channels[chan].ic_maxpower = channels[i].maxpwr; 3507 //ic->ic_channels[chan].ic_minpower... 3508 //ic->ic_channels[chan].ic_maxregtxpower... 3509 #endif 3510 3511 DPRINTF(("adding chan %d (%dMHz) flags=0x%x maxpwr=%d" 3512 " passive=%d, offset %d\n", chan, c->ic_freq, 3513 channels[i].flags, sc->maxpwr[chan], 3514 (c->ic_flags & IEEE80211_CHAN_PASSIVE) != 0, 3515 ic->ic_nchans)); 3516 } 3517 } 3518 3519 static void 3520 wpi_read_eeprom_group(struct wpi_softc *sc, int n) 3521 { 3522 struct wpi_power_group *group = &sc->groups[n]; 3523 struct wpi_eeprom_group rgroup; 3524 int i; 3525 3526 wpi_read_prom_data(sc, WPI_EEPROM_POWER_GRP + n * 32, &rgroup, 3527 sizeof rgroup); 3528 3529 /* save power group information */ 3530 group->chan = rgroup.chan; 3531 group->maxpwr = rgroup.maxpwr; 3532 /* temperature at which the samples were taken */ 3533 group->temp = (int16_t)le16toh(rgroup.temp); 3534 3535 DPRINTF(("power group %d: chan=%d maxpwr=%d temp=%d\n", n, 3536 group->chan, group->maxpwr, group->temp)); 3537 3538 for (i = 0; i < WPI_SAMPLES_COUNT; i++) { 3539 group->samples[i].index = rgroup.samples[i].index; 3540 group->samples[i].power = rgroup.samples[i].power; 3541 3542 DPRINTF(("\tsample %d: index=%d power=%d\n", i, 3543 group->samples[i].index, group->samples[i].power)); 3544 } 3545 } 3546 3547 /* 3548 * Update Tx power to match what is defined for channel `c'. 3549 */ 3550 static int 3551 wpi_set_txpower(struct wpi_softc *sc, struct ieee80211_channel *c, int async) 3552 { 3553 struct ifnet *ifp = sc->sc_ifp; 3554 struct ieee80211com *ic = ifp->if_l2com; 3555 struct wpi_power_group *group; 3556 struct wpi_cmd_txpower txpower; 3557 u_int chan; 3558 int i; 3559 3560 /* get channel number */ 3561 chan = ieee80211_chan2ieee(ic, c); 3562 3563 /* find the power group to which this channel belongs */ 3564 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3565 for (group = &sc->groups[1]; group < &sc->groups[4]; group++) 3566 if (chan <= group->chan) 3567 break; 3568 } else 3569 group = &sc->groups[0]; 3570 3571 memset(&txpower, 0, sizeof txpower); 3572 txpower.band = IEEE80211_IS_CHAN_5GHZ(c) ? 0 : 1; 3573 txpower.channel = htole16(chan); 3574 3575 /* set Tx power for all OFDM and CCK rates */ 3576 for (i = 0; i <= 11 ; i++) { 3577 /* retrieve Tx power for this channel/rate combination */ 3578 int idx = wpi_get_power_index(sc, group, c, 3579 wpi_ridx_to_rate[i]); 3580 3581 txpower.rates[i].rate = wpi_ridx_to_plcp[i]; 3582 3583 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3584 txpower.rates[i].gain_radio = wpi_rf_gain_5ghz[idx]; 3585 txpower.rates[i].gain_dsp = wpi_dsp_gain_5ghz[idx]; 3586 } else { 3587 txpower.rates[i].gain_radio = wpi_rf_gain_2ghz[idx]; 3588 txpower.rates[i].gain_dsp = wpi_dsp_gain_2ghz[idx]; 3589 } 3590 DPRINTFN(WPI_DEBUG_TEMP,("chan %d/rate %d: power index %d\n", 3591 chan, wpi_ridx_to_rate[i], idx)); 3592 } 3593 3594 return wpi_cmd(sc, WPI_CMD_TXPOWER, &txpower, sizeof txpower, async); 3595 } 3596 3597 /* 3598 * Determine Tx power index for a given channel/rate combination. 3599 * This takes into account the regulatory information from EEPROM and the 3600 * current temperature. 3601 */ 3602 static int 3603 wpi_get_power_index(struct wpi_softc *sc, struct wpi_power_group *group, 3604 struct ieee80211_channel *c, int rate) 3605 { 3606 /* fixed-point arithmetic division using a n-bit fractional part */ 3607 #define fdivround(a, b, n) \ 3608 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 3609 3610 /* linear interpolation */ 3611 #define interpolate(x, x1, y1, x2, y2, n) \ 3612 ((y1) + fdivround(((x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 3613 3614 struct ifnet *ifp = sc->sc_ifp; 3615 struct ieee80211com *ic = ifp->if_l2com; 3616 struct wpi_power_sample *sample; 3617 int pwr, idx; 3618 u_int chan; 3619 3620 /* get channel number */ 3621 chan = ieee80211_chan2ieee(ic, c); 3622 3623 /* default power is group's maximum power - 3dB */ 3624 pwr = group->maxpwr / 2; 3625 3626 /* decrease power for highest OFDM rates to reduce distortion */ 3627 switch (rate) { 3628 case 72: /* 36Mb/s */ 3629 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 0 : 5; 3630 break; 3631 case 96: /* 48Mb/s */ 3632 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 7 : 10; 3633 break; 3634 case 108: /* 54Mb/s */ 3635 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 9 : 12; 3636 break; 3637 } 3638 3639 /* never exceed channel's maximum allowed Tx power */ 3640 pwr = min(pwr, sc->maxpwr[chan]); 3641 3642 /* retrieve power index into gain tables from samples */ 3643 for (sample = group->samples; sample < &group->samples[3]; sample++) 3644 if (pwr > sample[1].power) 3645 break; 3646 /* fixed-point linear interpolation using a 19-bit fractional part */ 3647 idx = interpolate(pwr, sample[0].power, sample[0].index, 3648 sample[1].power, sample[1].index, 19); 3649 3650 /* 3651 * Adjust power index based on current temperature 3652 * - if colder than factory-calibrated: decreate output power 3653 * - if warmer than factory-calibrated: increase output power 3654 */ 3655 idx -= (sc->temp - group->temp) * 11 / 100; 3656 3657 /* decrease power for CCK rates (-5dB) */ 3658 if (!WPI_RATE_IS_OFDM(rate)) 3659 idx += 10; 3660 3661 /* keep power index in a valid range */ 3662 if (idx < 0) 3663 return 0; 3664 if (idx > WPI_MAX_PWR_INDEX) 3665 return WPI_MAX_PWR_INDEX; 3666 return idx; 3667 3668 #undef interpolate 3669 #undef fdivround 3670 } 3671 3672 /** 3673 * Called by net80211 framework to indicate that a scan 3674 * is starting. This function doesn't actually do the scan, 3675 * wpi_scan_curchan starts things off. This function is more 3676 * of an early warning from the framework we should get ready 3677 * for the scan. 3678 */ 3679 static void 3680 wpi_scan_start(struct ieee80211com *ic) 3681 { 3682 struct ifnet *ifp = ic->ic_ifp; 3683 struct wpi_softc *sc = ifp->if_softc; 3684 3685 WPI_LOCK(sc); 3686 wpi_set_led(sc, WPI_LED_LINK, 20, 2); 3687 WPI_UNLOCK(sc); 3688 } 3689 3690 /** 3691 * Called by the net80211 framework, indicates that the 3692 * scan has ended. If there is a scan in progress on the card 3693 * then it should be aborted. 3694 */ 3695 static void 3696 wpi_scan_end(struct ieee80211com *ic) 3697 { 3698 /* XXX ignore */ 3699 } 3700 3701 /** 3702 * Called by the net80211 framework to indicate to the driver 3703 * that the channel should be changed 3704 */ 3705 static void 3706 wpi_set_channel(struct ieee80211com *ic) 3707 { 3708 struct ifnet *ifp = ic->ic_ifp; 3709 struct wpi_softc *sc = ifp->if_softc; 3710 int error; 3711 3712 /* 3713 * Only need to set the channel in Monitor mode. AP scanning and auth 3714 * are already taken care of by their respective firmware commands. 3715 */ 3716 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 3717 WPI_LOCK(sc); 3718 error = wpi_config(sc); 3719 WPI_UNLOCK(sc); 3720 if (error != 0) 3721 device_printf(sc->sc_dev, 3722 "error %d settting channel\n", error); 3723 } 3724 } 3725 3726 /** 3727 * Called by net80211 to indicate that we need to scan the current 3728 * channel. The channel is previously be set via the wpi_set_channel 3729 * callback. 3730 */ 3731 static void 3732 wpi_scan_curchan(struct ieee80211_scan_state *ss, unsigned long maxdwell) 3733 { 3734 struct ieee80211vap *vap = ss->ss_vap; 3735 struct ifnet *ifp = vap->iv_ic->ic_ifp; 3736 struct wpi_softc *sc = ifp->if_softc; 3737 3738 WPI_LOCK(sc); 3739 if (wpi_scan(sc)) 3740 ieee80211_cancel_scan(vap); 3741 WPI_UNLOCK(sc); 3742 } 3743 3744 /** 3745 * Called by the net80211 framework to indicate 3746 * the minimum dwell time has been met, terminate the scan. 3747 * We don't actually terminate the scan as the firmware will notify 3748 * us when it's finished and we have no way to interrupt it. 3749 */ 3750 static void 3751 wpi_scan_mindwell(struct ieee80211_scan_state *ss) 3752 { 3753 /* NB: don't try to abort scan; wait for firmware to finish */ 3754 } 3755 3756 static void 3757 wpi_hwreset(void *arg, int pending) 3758 { 3759 struct wpi_softc *sc = arg; 3760 3761 WPI_LOCK(sc); 3762 wpi_init_locked(sc, 0); 3763 WPI_UNLOCK(sc); 3764 } 3765 3766 static void 3767 wpi_rfreset(void *arg, int pending) 3768 { 3769 struct wpi_softc *sc = arg; 3770 3771 WPI_LOCK(sc); 3772 wpi_rfkill_resume(sc); 3773 WPI_UNLOCK(sc); 3774 } 3775 3776 /* 3777 * Allocate DMA-safe memory for firmware transfer. 3778 */ 3779 static int 3780 wpi_alloc_fwmem(struct wpi_softc *sc) 3781 { 3782 /* allocate enough contiguous space to store text and data */ 3783 return wpi_dma_contig_alloc(sc, &sc->fw_dma, NULL, 3784 WPI_FW_MAIN_TEXT_MAXSZ + WPI_FW_MAIN_DATA_MAXSZ, 1, 3785 BUS_DMA_NOWAIT); 3786 } 3787 3788 static void 3789 wpi_free_fwmem(struct wpi_softc *sc) 3790 { 3791 wpi_dma_contig_free(&sc->fw_dma); 3792 } 3793 3794 /** 3795 * Called every second, wpi_watchdog used by the watch dog timer 3796 * to check that the card is still alive 3797 */ 3798 static void 3799 wpi_watchdog(void *arg) 3800 { 3801 struct wpi_softc *sc = arg; 3802 struct ifnet *ifp = sc->sc_ifp; 3803 struct ieee80211com *ic = ifp->if_l2com; 3804 uint32_t tmp; 3805 3806 DPRINTFN(WPI_DEBUG_WATCHDOG,("Watchdog: tick\n")); 3807 3808 if (sc->flags & WPI_FLAG_HW_RADIO_OFF) { 3809 /* No need to lock firmware memory */ 3810 tmp = wpi_mem_read(sc, WPI_MEM_HW_RADIO_OFF); 3811 3812 if ((tmp & 0x1) == 0) { 3813 /* Radio kill switch is still off */ 3814 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc); 3815 return; 3816 } 3817 3818 device_printf(sc->sc_dev, "Hardware Switch Enabled\n"); 3819 ieee80211_runtask(ic, &sc->sc_radiotask); 3820 return; 3821 } 3822 3823 if (sc->sc_tx_timer > 0) { 3824 if (--sc->sc_tx_timer == 0) { 3825 device_printf(sc->sc_dev,"device timeout\n"); 3826 #if defined(__DragonFly__) 3827 IFNET_STAT_INC(ifp, oerrors, 1); 3828 #else 3829 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 3830 #endif 3831 ieee80211_runtask(ic, &sc->sc_restarttask); 3832 } 3833 } 3834 if (sc->sc_scan_timer > 0) { 3835 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3836 if (--sc->sc_scan_timer == 0 && vap != NULL) { 3837 device_printf(sc->sc_dev,"scan timeout\n"); 3838 ieee80211_cancel_scan(vap); 3839 ieee80211_runtask(ic, &sc->sc_restarttask); 3840 } 3841 } 3842 3843 #if defined(__DragonFly__) 3844 if (ifp->if_flags & IFF_RUNNING) 3845 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc); 3846 #else 3847 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 3848 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc); 3849 #endif 3850 } 3851 3852 #if defined(__DragonFly__) 3853 static int 3854 wpi_sleep(struct wpi_softc *sc, void *wchan, 3855 int flags, const char *wmsg, int timo) 3856 { 3857 int iws; 3858 int error; 3859 iws = wlan_is_serialized(); 3860 if (iws) 3861 wlan_serialize_exit(); 3862 error = lksleep(wchan, &sc->sc_mtx, flags, wmsg, timo); 3863 if (iws) 3864 wlan_serialize_enter(); 3865 return error; 3866 } 3867 #endif 3868 3869 3870 #ifdef WPI_DEBUG 3871 static const char *wpi_cmd_str(int cmd) 3872 { 3873 switch (cmd) { 3874 case WPI_DISABLE_CMD: return "WPI_DISABLE_CMD"; 3875 case WPI_CMD_CONFIGURE: return "WPI_CMD_CONFIGURE"; 3876 case WPI_CMD_ASSOCIATE: return "WPI_CMD_ASSOCIATE"; 3877 case WPI_CMD_SET_WME: return "WPI_CMD_SET_WME"; 3878 case WPI_CMD_TSF: return "WPI_CMD_TSF"; 3879 case WPI_CMD_ADD_NODE: return "WPI_CMD_ADD_NODE"; 3880 case WPI_CMD_TX_DATA: return "WPI_CMD_TX_DATA"; 3881 case WPI_CMD_MRR_SETUP: return "WPI_CMD_MRR_SETUP"; 3882 case WPI_CMD_SET_LED: return "WPI_CMD_SET_LED"; 3883 case WPI_CMD_SET_POWER_MODE: return "WPI_CMD_SET_POWER_MODE"; 3884 case WPI_CMD_SCAN: return "WPI_CMD_SCAN"; 3885 case WPI_CMD_SET_BEACON:return "WPI_CMD_SET_BEACON"; 3886 case WPI_CMD_TXPOWER: return "WPI_CMD_TXPOWER"; 3887 case WPI_CMD_BLUETOOTH: return "WPI_CMD_BLUETOOTH"; 3888 3889 default: 3890 KASSERT(1, ("Unknown Command: %d", cmd)); 3891 return "UNKNOWN CMD"; /* Make the compiler happy */ 3892 } 3893 } 3894 #endif 3895 3896 MODULE_DEPEND(wpi, pci, 1, 1, 1); 3897 MODULE_DEPEND(wpi, wlan, 1, 1, 1); 3898 MODULE_DEPEND(wpi, firmware, 1, 1, 1); 3899