1 /* $NetBSD: atw.c,v 1.134 2007/11/16 23:51:02 dyoung Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 1999, 2000, 2002, 2003, 2004 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by David Young, by Jason R. Thorpe, and by Charles M. Hannum. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39 /* 40 * Device driver for the ADMtek ADM8211 802.11 MAC/BBP. 41 */ 42 43 #include <sys/cdefs.h> 44 __KERNEL_RCSID(0, "$NetBSD: atw.c,v 1.134 2007/11/16 23:51:02 dyoung Exp $"); 45 46 #include "bpfilter.h" 47 48 #include <sys/param.h> 49 #include <sys/systm.h> 50 #include <sys/callout.h> 51 #include <sys/mbuf.h> 52 #include <sys/malloc.h> 53 #include <sys/kernel.h> 54 #include <sys/socket.h> 55 #include <sys/ioctl.h> 56 #include <sys/errno.h> 57 #include <sys/device.h> 58 #include <sys/time.h> 59 #include <lib/libkern/libkern.h> 60 61 #include <machine/endian.h> 62 63 #include <uvm/uvm_extern.h> 64 65 #include <net/if.h> 66 #include <net/if_dl.h> 67 #include <net/if_media.h> 68 #include <net/if_ether.h> 69 70 #include <net80211/ieee80211_netbsd.h> 71 #include <net80211/ieee80211_var.h> 72 #include <net80211/ieee80211_radiotap.h> 73 74 #if NBPFILTER > 0 75 #include <net/bpf.h> 76 #endif 77 78 #include <sys/bus.h> 79 #include <sys/intr.h> 80 81 #include <dev/ic/atwreg.h> 82 #include <dev/ic/rf3000reg.h> 83 #include <dev/ic/si4136reg.h> 84 #include <dev/ic/atwvar.h> 85 #include <dev/ic/smc93cx6var.h> 86 87 /* XXX TBD open questions 88 * 89 * 90 * When should I set DSSS PAD in reg 0x15 of RF3000? In 1-2Mbps 91 * modes only, or all modes (5.5-11 Mbps CCK modes, too?) Does the MAC 92 * handle this for me? 93 * 94 */ 95 /* device attachment 96 * 97 * print TOFS[012] 98 * 99 * device initialization 100 * 101 * clear ATW_FRCTL_MAXPSP to disable max power saving 102 * set ATW_TXBR_ALCUPDATE to enable ALC 103 * set TOFS[012]? (hope not) 104 * disable rx/tx 105 * set ATW_PAR_SWR (software reset) 106 * wait for ATW_PAR_SWR clear 107 * disable interrupts 108 * ack status register 109 * enable interrupts 110 * 111 * rx/tx initialization 112 * 113 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 114 * allocate and init descriptor rings 115 * write ATW_PAR_DSL (descriptor skip length) 116 * write descriptor base addrs: ATW_TDBD, ATW_TDBP, write ATW_RDB 117 * write ATW_NAR_SQ for one/both transmit descriptor rings 118 * write ATW_NAR_SQ for one/both transmit descriptor rings 119 * enable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 120 * 121 * rx/tx end 122 * 123 * stop DMA 124 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 125 * flush tx w/ ATW_NAR_HF 126 * 127 * scan 128 * 129 * initialize rx/tx 130 * 131 * BSS join: (re)association response 132 * 133 * set ATW_FRCTL_AID 134 * 135 * optimizations ??? 136 * 137 */ 138 139 #define ATW_REFSLAVE /* slavishly do what the reference driver does */ 140 141 #define VOODOO_DUR_11_ROUNDING 0x01 /* necessary */ 142 #define VOODOO_DUR_2_4_SPECIALCASE 0x02 /* NOT necessary */ 143 int atw_voodoo = VOODOO_DUR_11_ROUNDING; 144 145 int atw_pseudo_milli = 1; 146 int atw_magic_delay1 = 100 * 1000; 147 int atw_magic_delay2 = 100 * 1000; 148 /* more magic multi-millisecond delays (units: microseconds) */ 149 int atw_nar_delay = 20 * 1000; 150 int atw_magic_delay4 = 10 * 1000; 151 int atw_rf_delay1 = 10 * 1000; 152 int atw_rf_delay2 = 5 * 1000; 153 int atw_plcphd_delay = 2 * 1000; 154 int atw_bbp_io_enable_delay = 20 * 1000; 155 int atw_bbp_io_disable_delay = 2 * 1000; 156 int atw_writewep_delay = 1000; 157 int atw_beacon_len_adjust = 4; 158 int atw_dwelltime = 200; 159 int atw_xindiv2 = 0; 160 161 #ifdef ATW_DEBUG 162 int atw_debug = 0; 163 164 #define ATW_DPRINTF(x) if (atw_debug > 0) printf x 165 #define ATW_DPRINTF2(x) if (atw_debug > 1) printf x 166 #define ATW_DPRINTF3(x) if (atw_debug > 2) printf x 167 #define DPRINTF(sc, x) if ((sc)->sc_if.if_flags & IFF_DEBUG) printf x 168 #define DPRINTF2(sc, x) if ((sc)->sc_if.if_flags & IFF_DEBUG) ATW_DPRINTF2(x) 169 #define DPRINTF3(sc, x) if ((sc)->sc_if.if_flags & IFF_DEBUG) ATW_DPRINTF3(x) 170 171 static void atw_dump_pkt(struct ifnet *, struct mbuf *); 172 static void atw_print_regs(struct atw_softc *, const char *); 173 174 /* Note well: I never got atw_rf3000_read or atw_si4126_read to work. */ 175 # ifdef ATW_BBPDEBUG 176 static void atw_rf3000_print(struct atw_softc *); 177 static int atw_rf3000_read(struct atw_softc *sc, u_int, u_int *); 178 # endif /* ATW_BBPDEBUG */ 179 180 # ifdef ATW_SYNDEBUG 181 static void atw_si4126_print(struct atw_softc *); 182 static int atw_si4126_read(struct atw_softc *, u_int, u_int *); 183 # endif /* ATW_SYNDEBUG */ 184 185 #else 186 #define ATW_DPRINTF(x) 187 #define ATW_DPRINTF2(x) 188 #define ATW_DPRINTF3(x) 189 #define DPRINTF(sc, x) /* nothing */ 190 #define DPRINTF2(sc, x) /* nothing */ 191 #define DPRINTF3(sc, x) /* nothing */ 192 #endif 193 194 /* ifnet methods */ 195 int atw_init(struct ifnet *); 196 int atw_ioctl(struct ifnet *, u_long, void *); 197 void atw_start(struct ifnet *); 198 void atw_stop(struct ifnet *, int); 199 void atw_watchdog(struct ifnet *); 200 201 /* Device attachment */ 202 void atw_attach(struct atw_softc *); 203 int atw_detach(struct atw_softc *); 204 static void atw_evcnt_attach(struct atw_softc *); 205 static void atw_evcnt_detach(struct atw_softc *); 206 207 /* Rx/Tx process */ 208 int atw_add_rxbuf(struct atw_softc *, int); 209 void atw_idle(struct atw_softc *, u_int32_t); 210 void atw_rxdrain(struct atw_softc *); 211 void atw_txdrain(struct atw_softc *); 212 213 /* Device (de)activation and power state */ 214 void atw_disable(struct atw_softc *); 215 int atw_enable(struct atw_softc *); 216 void atw_power(int, void *); 217 void atw_reset(struct atw_softc *); 218 void atw_shutdown(void *); 219 220 /* Interrupt handlers */ 221 void atw_linkintr(struct atw_softc *, u_int32_t); 222 void atw_rxintr(struct atw_softc *); 223 void atw_txintr(struct atw_softc *); 224 225 /* 802.11 state machine */ 226 static int atw_newstate(struct ieee80211com *, enum ieee80211_state, int); 227 static void atw_next_scan(void *); 228 static void atw_recv_mgmt(struct ieee80211com *, struct mbuf *, 229 struct ieee80211_node *, int, int, u_int32_t); 230 static int atw_tune(struct atw_softc *); 231 232 /* Device initialization */ 233 static void atw_bbp_io_init(struct atw_softc *); 234 static void atw_cfp_init(struct atw_softc *); 235 static void atw_cmdr_init(struct atw_softc *); 236 static void atw_ifs_init(struct atw_softc *); 237 static void atw_nar_init(struct atw_softc *); 238 static void atw_response_times_init(struct atw_softc *); 239 static void atw_rf_reset(struct atw_softc *); 240 static void atw_test1_init(struct atw_softc *); 241 static void atw_tofs0_init(struct atw_softc *); 242 static void atw_tofs2_init(struct atw_softc *); 243 static void atw_txlmt_init(struct atw_softc *); 244 static void atw_wcsr_init(struct atw_softc *); 245 246 /* Key management */ 247 static int atw_key_delete(struct ieee80211com *, const struct ieee80211_key *); 248 static int atw_key_set(struct ieee80211com *, const struct ieee80211_key *, 249 const u_int8_t[IEEE80211_ADDR_LEN]); 250 static void atw_key_update_begin(struct ieee80211com *); 251 static void atw_key_update_end(struct ieee80211com *); 252 253 /* RAM/ROM utilities */ 254 static void atw_clear_sram(struct atw_softc *); 255 static void atw_write_sram(struct atw_softc *, u_int, u_int8_t *, u_int); 256 static int atw_read_srom(struct atw_softc *); 257 258 /* BSS setup */ 259 static void atw_predict_beacon(struct atw_softc *); 260 static void atw_start_beacon(struct atw_softc *, int); 261 static void atw_write_bssid(struct atw_softc *); 262 static void atw_write_ssid(struct atw_softc *); 263 static void atw_write_sup_rates(struct atw_softc *); 264 static void atw_write_wep(struct atw_softc *); 265 266 /* Media */ 267 static int atw_media_change(struct ifnet *); 268 269 static void atw_filter_setup(struct atw_softc *); 270 271 /* 802.11 utilities */ 272 static uint64_t atw_get_tsft(struct atw_softc *); 273 static inline uint32_t atw_last_even_tsft(uint32_t, uint32_t, 274 uint32_t); 275 static struct ieee80211_node *atw_node_alloc(struct ieee80211_node_table *); 276 static void atw_node_free(struct ieee80211_node *); 277 278 /* 279 * Tuner/transceiver/modem 280 */ 281 static void atw_bbp_io_enable(struct atw_softc *, int); 282 283 /* RFMD RF3000 Baseband Processor */ 284 static int atw_rf3000_init(struct atw_softc *); 285 static int atw_rf3000_tune(struct atw_softc *, u_int); 286 static int atw_rf3000_write(struct atw_softc *, u_int, u_int); 287 288 /* Silicon Laboratories Si4126 RF/IF Synthesizer */ 289 static void atw_si4126_tune(struct atw_softc *, u_int); 290 static void atw_si4126_write(struct atw_softc *, u_int, u_int); 291 292 const struct atw_txthresh_tab atw_txthresh_tab_lo[] = ATW_TXTHRESH_TAB_LO_RATE; 293 const struct atw_txthresh_tab atw_txthresh_tab_hi[] = ATW_TXTHRESH_TAB_HI_RATE; 294 295 const char *atw_tx_state[] = { 296 "STOPPED", 297 "RUNNING - read descriptor", 298 "RUNNING - transmitting", 299 "RUNNING - filling fifo", /* XXX */ 300 "SUSPENDED", 301 "RUNNING -- write descriptor", 302 "RUNNING -- write last descriptor", 303 "RUNNING - fifo full" 304 }; 305 306 const char *atw_rx_state[] = { 307 "STOPPED", 308 "RUNNING - read descriptor", 309 "RUNNING - check this packet, pre-fetch next", 310 "RUNNING - wait for reception", 311 "SUSPENDED", 312 "RUNNING - write descriptor", 313 "RUNNING - flush fifo", 314 "RUNNING - fifo drain" 315 }; 316 317 static inline int 318 is_running(struct ifnet *ifp) 319 { 320 return (ifp->if_flags & (IFF_RUNNING|IFF_UP)) == (IFF_RUNNING|IFF_UP); 321 } 322 323 int 324 atw_activate(struct device *self, enum devact act) 325 { 326 struct atw_softc *sc = (struct atw_softc *)self; 327 int rv = 0, s; 328 329 s = splnet(); 330 switch (act) { 331 case DVACT_ACTIVATE: 332 rv = EOPNOTSUPP; 333 break; 334 335 case DVACT_DEACTIVATE: 336 if_deactivate(&sc->sc_if); 337 break; 338 } 339 splx(s); 340 return rv; 341 } 342 343 /* 344 * atw_enable: 345 * 346 * Enable the ADM8211 chip. 347 */ 348 int 349 atw_enable(struct atw_softc *sc) 350 { 351 352 if (ATW_IS_ENABLED(sc) == 0) { 353 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) { 354 printf("%s: device enable failed\n", 355 sc->sc_dev.dv_xname); 356 return (EIO); 357 } 358 sc->sc_flags |= ATWF_ENABLED; 359 /* Power may have been removed, and WEP keys thus 360 * reset. 361 */ 362 sc->sc_flags &= ~ATWF_WEP_SRAM_VALID; 363 } 364 return (0); 365 } 366 367 /* 368 * atw_disable: 369 * 370 * Disable the ADM8211 chip. 371 */ 372 void 373 atw_disable(struct atw_softc *sc) 374 { 375 if (!ATW_IS_ENABLED(sc)) 376 return; 377 if (sc->sc_disable != NULL) 378 (*sc->sc_disable)(sc); 379 sc->sc_flags &= ~ATWF_ENABLED; 380 } 381 382 /* Returns -1 on failure. */ 383 static int 384 atw_read_srom(struct atw_softc *sc) 385 { 386 struct seeprom_descriptor sd; 387 uint32_t test0, fail_bits; 388 389 (void)memset(&sd, 0, sizeof(sd)); 390 391 test0 = ATW_READ(sc, ATW_TEST0); 392 393 switch (sc->sc_rev) { 394 case ATW_REVISION_BA: 395 case ATW_REVISION_CA: 396 fail_bits = ATW_TEST0_EPNE; 397 break; 398 default: 399 fail_bits = ATW_TEST0_EPNE|ATW_TEST0_EPSNM; 400 break; 401 } 402 if ((test0 & fail_bits) != 0) { 403 printf("%s: bad or missing/bad SROM\n", sc->sc_dev.dv_xname); 404 return -1; 405 } 406 407 switch (test0 & ATW_TEST0_EPTYP_MASK) { 408 case ATW_TEST0_EPTYP_93c66: 409 ATW_DPRINTF(("%s: 93c66 SROM\n", sc->sc_dev.dv_xname)); 410 sc->sc_sromsz = 512; 411 sd.sd_chip = C56_66; 412 break; 413 case ATW_TEST0_EPTYP_93c46: 414 ATW_DPRINTF(("%s: 93c46 SROM\n", sc->sc_dev.dv_xname)); 415 sc->sc_sromsz = 128; 416 sd.sd_chip = C46; 417 break; 418 default: 419 printf("%s: unknown SROM type %" __PRIuBITS "\n", 420 sc->sc_dev.dv_xname, 421 __SHIFTOUT(test0, ATW_TEST0_EPTYP_MASK)); 422 return -1; 423 } 424 425 sc->sc_srom = malloc(sc->sc_sromsz, M_DEVBUF, M_NOWAIT); 426 427 if (sc->sc_srom == NULL) { 428 printf("%s: unable to allocate SROM buffer\n", 429 sc->sc_dev.dv_xname); 430 return -1; 431 } 432 433 (void)memset(sc->sc_srom, 0, sc->sc_sromsz); 434 435 /* ADM8211 has a single 32-bit register for controlling the 436 * 93cx6 SROM. Bit SRS enables the serial port. There is no 437 * "ready" bit. The ADM8211 input/output sense is the reverse 438 * of read_seeprom's. 439 */ 440 sd.sd_tag = sc->sc_st; 441 sd.sd_bsh = sc->sc_sh; 442 sd.sd_regsize = 4; 443 sd.sd_control_offset = ATW_SPR; 444 sd.sd_status_offset = ATW_SPR; 445 sd.sd_dataout_offset = ATW_SPR; 446 sd.sd_CK = ATW_SPR_SCLK; 447 sd.sd_CS = ATW_SPR_SCS; 448 sd.sd_DI = ATW_SPR_SDO; 449 sd.sd_DO = ATW_SPR_SDI; 450 sd.sd_MS = ATW_SPR_SRS; 451 sd.sd_RDY = 0; 452 453 if (!read_seeprom(&sd, sc->sc_srom, 0, sc->sc_sromsz/2)) { 454 printf("%s: could not read SROM\n", sc->sc_dev.dv_xname); 455 free(sc->sc_srom, M_DEVBUF); 456 return -1; 457 } 458 #ifdef ATW_DEBUG 459 { 460 int i; 461 ATW_DPRINTF(("\nSerial EEPROM:\n\t")); 462 for (i = 0; i < sc->sc_sromsz/2; i = i + 1) { 463 if (((i % 8) == 0) && (i != 0)) { 464 ATW_DPRINTF(("\n\t")); 465 } 466 ATW_DPRINTF((" 0x%x", sc->sc_srom[i])); 467 } 468 ATW_DPRINTF(("\n")); 469 } 470 #endif /* ATW_DEBUG */ 471 return 0; 472 } 473 474 #ifdef ATW_DEBUG 475 static void 476 atw_print_regs(struct atw_softc *sc, const char *where) 477 { 478 #define PRINTREG(sc, reg) \ 479 ATW_DPRINTF2(("%s: reg[ " #reg " / %03x ] = %08x\n", \ 480 sc->sc_dev.dv_xname, reg, ATW_READ(sc, reg))) 481 482 ATW_DPRINTF2(("%s: %s\n", sc->sc_dev.dv_xname, where)); 483 484 PRINTREG(sc, ATW_PAR); 485 PRINTREG(sc, ATW_FRCTL); 486 PRINTREG(sc, ATW_TDR); 487 PRINTREG(sc, ATW_WTDP); 488 PRINTREG(sc, ATW_RDR); 489 PRINTREG(sc, ATW_WRDP); 490 PRINTREG(sc, ATW_RDB); 491 PRINTREG(sc, ATW_CSR3A); 492 PRINTREG(sc, ATW_TDBD); 493 PRINTREG(sc, ATW_TDBP); 494 PRINTREG(sc, ATW_STSR); 495 PRINTREG(sc, ATW_CSR5A); 496 PRINTREG(sc, ATW_NAR); 497 PRINTREG(sc, ATW_CSR6A); 498 PRINTREG(sc, ATW_IER); 499 PRINTREG(sc, ATW_CSR7A); 500 PRINTREG(sc, ATW_LPC); 501 PRINTREG(sc, ATW_TEST1); 502 PRINTREG(sc, ATW_SPR); 503 PRINTREG(sc, ATW_TEST0); 504 PRINTREG(sc, ATW_WCSR); 505 PRINTREG(sc, ATW_WPDR); 506 PRINTREG(sc, ATW_GPTMR); 507 PRINTREG(sc, ATW_GPIO); 508 PRINTREG(sc, ATW_BBPCTL); 509 PRINTREG(sc, ATW_SYNCTL); 510 PRINTREG(sc, ATW_PLCPHD); 511 PRINTREG(sc, ATW_MMIWADDR); 512 PRINTREG(sc, ATW_MMIRADDR1); 513 PRINTREG(sc, ATW_MMIRADDR2); 514 PRINTREG(sc, ATW_TXBR); 515 PRINTREG(sc, ATW_CSR15A); 516 PRINTREG(sc, ATW_ALCSTAT); 517 PRINTREG(sc, ATW_TOFS2); 518 PRINTREG(sc, ATW_CMDR); 519 PRINTREG(sc, ATW_PCIC); 520 PRINTREG(sc, ATW_PMCSR); 521 PRINTREG(sc, ATW_PAR0); 522 PRINTREG(sc, ATW_PAR1); 523 PRINTREG(sc, ATW_MAR0); 524 PRINTREG(sc, ATW_MAR1); 525 PRINTREG(sc, ATW_ATIMDA0); 526 PRINTREG(sc, ATW_ABDA1); 527 PRINTREG(sc, ATW_BSSID0); 528 PRINTREG(sc, ATW_TXLMT); 529 PRINTREG(sc, ATW_MIBCNT); 530 PRINTREG(sc, ATW_BCNT); 531 PRINTREG(sc, ATW_TSFTH); 532 PRINTREG(sc, ATW_TSC); 533 PRINTREG(sc, ATW_SYNRF); 534 PRINTREG(sc, ATW_BPLI); 535 PRINTREG(sc, ATW_CAP0); 536 PRINTREG(sc, ATW_CAP1); 537 PRINTREG(sc, ATW_RMD); 538 PRINTREG(sc, ATW_CFPP); 539 PRINTREG(sc, ATW_TOFS0); 540 PRINTREG(sc, ATW_TOFS1); 541 PRINTREG(sc, ATW_IFST); 542 PRINTREG(sc, ATW_RSPT); 543 PRINTREG(sc, ATW_TSFTL); 544 PRINTREG(sc, ATW_WEPCTL); 545 PRINTREG(sc, ATW_WESK); 546 PRINTREG(sc, ATW_WEPCNT); 547 PRINTREG(sc, ATW_MACTEST); 548 PRINTREG(sc, ATW_FER); 549 PRINTREG(sc, ATW_FEMR); 550 PRINTREG(sc, ATW_FPSR); 551 PRINTREG(sc, ATW_FFER); 552 #undef PRINTREG 553 } 554 #endif /* ATW_DEBUG */ 555 556 /* 557 * Finish attaching an ADMtek ADM8211 MAC. Called by bus-specific front-end. 558 */ 559 void 560 atw_attach(struct atw_softc *sc) 561 { 562 static const u_int8_t empty_macaddr[IEEE80211_ADDR_LEN] = { 563 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 564 }; 565 struct ieee80211com *ic = &sc->sc_ic; 566 struct ifnet *ifp = &sc->sc_if; 567 int country_code, error, i, nrate, srom_major; 568 u_int32_t reg; 569 static const char *type_strings[] = {"Intersil (not supported)", 570 "RFMD", "Marvel (not supported)"}; 571 572 sc->sc_txth = atw_txthresh_tab_lo; 573 574 SIMPLEQ_INIT(&sc->sc_txfreeq); 575 SIMPLEQ_INIT(&sc->sc_txdirtyq); 576 577 #ifdef ATW_DEBUG 578 atw_print_regs(sc, "atw_attach"); 579 #endif /* ATW_DEBUG */ 580 581 /* 582 * Allocate the control data structures, and create and load the 583 * DMA map for it. 584 */ 585 if ((error = bus_dmamem_alloc(sc->sc_dmat, 586 sizeof(struct atw_control_data), PAGE_SIZE, 0, &sc->sc_cdseg, 587 1, &sc->sc_cdnseg, 0)) != 0) { 588 printf("%s: unable to allocate control data, error = %d\n", 589 sc->sc_dev.dv_xname, error); 590 goto fail_0; 591 } 592 593 if ((error = bus_dmamem_map(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg, 594 sizeof(struct atw_control_data), (void **)&sc->sc_control_data, 595 BUS_DMA_COHERENT)) != 0) { 596 printf("%s: unable to map control data, error = %d\n", 597 sc->sc_dev.dv_xname, error); 598 goto fail_1; 599 } 600 601 if ((error = bus_dmamap_create(sc->sc_dmat, 602 sizeof(struct atw_control_data), 1, 603 sizeof(struct atw_control_data), 0, 0, &sc->sc_cddmamap)) != 0) { 604 printf("%s: unable to create control data DMA map, " 605 "error = %d\n", sc->sc_dev.dv_xname, error); 606 goto fail_2; 607 } 608 609 if ((error = bus_dmamap_load(sc->sc_dmat, sc->sc_cddmamap, 610 sc->sc_control_data, sizeof(struct atw_control_data), NULL, 611 0)) != 0) { 612 printf("%s: unable to load control data DMA map, error = %d\n", 613 sc->sc_dev.dv_xname, error); 614 goto fail_3; 615 } 616 617 /* 618 * Create the transmit buffer DMA maps. 619 */ 620 sc->sc_ntxsegs = ATW_NTXSEGS; 621 for (i = 0; i < ATW_TXQUEUELEN; i++) { 622 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 623 sc->sc_ntxsegs, MCLBYTES, 0, 0, 624 &sc->sc_txsoft[i].txs_dmamap)) != 0) { 625 printf("%s: unable to create tx DMA map %d, " 626 "error = %d\n", sc->sc_dev.dv_xname, i, error); 627 goto fail_4; 628 } 629 } 630 631 /* 632 * Create the receive buffer DMA maps. 633 */ 634 for (i = 0; i < ATW_NRXDESC; i++) { 635 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 636 MCLBYTES, 0, 0, &sc->sc_rxsoft[i].rxs_dmamap)) != 0) { 637 printf("%s: unable to create rx DMA map %d, " 638 "error = %d\n", sc->sc_dev.dv_xname, i, error); 639 goto fail_5; 640 } 641 } 642 for (i = 0; i < ATW_NRXDESC; i++) { 643 sc->sc_rxsoft[i].rxs_mbuf = NULL; 644 } 645 646 switch (sc->sc_rev) { 647 case ATW_REVISION_AB: 648 case ATW_REVISION_AF: 649 sc->sc_sramlen = ATW_SRAM_A_SIZE; 650 break; 651 case ATW_REVISION_BA: 652 case ATW_REVISION_CA: 653 sc->sc_sramlen = ATW_SRAM_B_SIZE; 654 break; 655 } 656 657 /* Reset the chip to a known state. */ 658 atw_reset(sc); 659 660 if (atw_read_srom(sc) == -1) 661 return; 662 663 sc->sc_rftype = __SHIFTOUT(sc->sc_srom[ATW_SR_CSR20], 664 ATW_SR_RFTYPE_MASK); 665 666 sc->sc_bbptype = __SHIFTOUT(sc->sc_srom[ATW_SR_CSR20], 667 ATW_SR_BBPTYPE_MASK); 668 669 if (sc->sc_rftype >= __arraycount(type_strings)) { 670 printf("%s: unknown RF\n", sc->sc_dev.dv_xname); 671 return; 672 } 673 if (sc->sc_bbptype >= __arraycount(type_strings)) { 674 printf("%s: unknown BBP\n", sc->sc_dev.dv_xname); 675 return; 676 } 677 678 printf("%s: %s RF, %s BBP", sc->sc_dev.dv_xname, 679 type_strings[sc->sc_rftype], type_strings[sc->sc_bbptype]); 680 681 /* XXX There exists a Linux driver which seems to use RFType = 0 for 682 * MARVEL. My bug, or theirs? 683 */ 684 685 reg = __SHIFTIN(sc->sc_rftype, ATW_SYNCTL_RFTYPE_MASK); 686 687 switch (sc->sc_rftype) { 688 case ATW_RFTYPE_INTERSIL: 689 reg |= ATW_SYNCTL_CS1; 690 break; 691 case ATW_RFTYPE_RFMD: 692 reg |= ATW_SYNCTL_CS0; 693 break; 694 case ATW_RFTYPE_MARVEL: 695 break; 696 } 697 698 sc->sc_synctl_rd = reg | ATW_SYNCTL_RD; 699 sc->sc_synctl_wr = reg | ATW_SYNCTL_WR; 700 701 reg = __SHIFTIN(sc->sc_bbptype, ATW_BBPCTL_TYPE_MASK); 702 703 switch (sc->sc_bbptype) { 704 case ATW_BBPTYPE_INTERSIL: 705 reg |= ATW_BBPCTL_TWI; 706 break; 707 case ATW_BBPTYPE_RFMD: 708 reg |= ATW_BBPCTL_RF3KADDR_ADDR | ATW_BBPCTL_NEGEDGE_DO | 709 ATW_BBPCTL_CCA_ACTLO; 710 break; 711 case ATW_BBPTYPE_MARVEL: 712 break; 713 case ATW_C_BBPTYPE_RFMD: 714 printf("%s: ADM8211C MAC/RFMD BBP not supported yet.\n", 715 sc->sc_dev.dv_xname); 716 break; 717 } 718 719 sc->sc_bbpctl_wr = reg | ATW_BBPCTL_WR; 720 sc->sc_bbpctl_rd = reg | ATW_BBPCTL_RD; 721 722 /* 723 * From this point forward, the attachment cannot fail. A failure 724 * before this point releases all resources that may have been 725 * allocated. 726 */ 727 sc->sc_flags |= ATWF_ATTACHED /* | ATWF_RTSCTS */; 728 729 ATW_DPRINTF((" SROM MAC %04x%04x%04x", 730 htole16(sc->sc_srom[ATW_SR_MAC00]), 731 htole16(sc->sc_srom[ATW_SR_MAC01]), 732 htole16(sc->sc_srom[ATW_SR_MAC10]))); 733 734 srom_major = __SHIFTOUT(sc->sc_srom[ATW_SR_FORMAT_VERSION], 735 ATW_SR_MAJOR_MASK); 736 737 if (srom_major < 2) 738 sc->sc_rf3000_options1 = 0; 739 else if (sc->sc_rev == ATW_REVISION_BA) { 740 sc->sc_rf3000_options1 = 741 __SHIFTOUT(sc->sc_srom[ATW_SR_CR28_CR03], 742 ATW_SR_CR28_MASK); 743 } else 744 sc->sc_rf3000_options1 = 0; 745 746 sc->sc_rf3000_options2 = __SHIFTOUT(sc->sc_srom[ATW_SR_CTRY_CR29], 747 ATW_SR_CR29_MASK); 748 749 country_code = __SHIFTOUT(sc->sc_srom[ATW_SR_CTRY_CR29], 750 ATW_SR_CTRY_MASK); 751 752 #define ADD_CHANNEL(_ic, _chan) do { \ 753 _ic->ic_channels[_chan].ic_flags = IEEE80211_CHAN_B; \ 754 _ic->ic_channels[_chan].ic_freq = \ 755 ieee80211_ieee2mhz(_chan, _ic->ic_channels[_chan].ic_flags);\ 756 } while (0) 757 758 /* Find available channels */ 759 switch (country_code) { 760 case COUNTRY_MMK2: /* 1-14 */ 761 ADD_CHANNEL(ic, 14); 762 /*FALLTHROUGH*/ 763 case COUNTRY_ETSI: /* 1-13 */ 764 for (i = 1; i <= 13; i++) 765 ADD_CHANNEL(ic, i); 766 break; 767 case COUNTRY_FCC: /* 1-11 */ 768 case COUNTRY_IC: /* 1-11 */ 769 for (i = 1; i <= 11; i++) 770 ADD_CHANNEL(ic, i); 771 break; 772 case COUNTRY_MMK: /* 14 */ 773 ADD_CHANNEL(ic, 14); 774 break; 775 case COUNTRY_FRANCE: /* 10-13 */ 776 for (i = 10; i <= 13; i++) 777 ADD_CHANNEL(ic, i); 778 break; 779 default: /* assume channels 10-11 */ 780 case COUNTRY_SPAIN: /* 10-11 */ 781 for (i = 10; i <= 11; i++) 782 ADD_CHANNEL(ic, i); 783 break; 784 } 785 786 /* Read the MAC address. */ 787 reg = ATW_READ(sc, ATW_PAR0); 788 ic->ic_myaddr[0] = __SHIFTOUT(reg, ATW_PAR0_PAB0_MASK); 789 ic->ic_myaddr[1] = __SHIFTOUT(reg, ATW_PAR0_PAB1_MASK); 790 ic->ic_myaddr[2] = __SHIFTOUT(reg, ATW_PAR0_PAB2_MASK); 791 ic->ic_myaddr[3] = __SHIFTOUT(reg, ATW_PAR0_PAB3_MASK); 792 reg = ATW_READ(sc, ATW_PAR1); 793 ic->ic_myaddr[4] = __SHIFTOUT(reg, ATW_PAR1_PAB4_MASK); 794 ic->ic_myaddr[5] = __SHIFTOUT(reg, ATW_PAR1_PAB5_MASK); 795 796 if (IEEE80211_ADDR_EQ(ic->ic_myaddr, empty_macaddr)) { 797 printf(" could not get mac address, attach failed\n"); 798 return; 799 } 800 801 printf(" 802.11 address %s\n", ether_sprintf(ic->ic_myaddr)); 802 803 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 804 ifp->if_softc = sc; 805 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST | 806 IFF_NOTRAILERS; 807 ifp->if_ioctl = atw_ioctl; 808 ifp->if_start = atw_start; 809 ifp->if_watchdog = atw_watchdog; 810 ifp->if_init = atw_init; 811 ifp->if_stop = atw_stop; 812 IFQ_SET_READY(&ifp->if_snd); 813 814 ic->ic_ifp = ifp; 815 ic->ic_phytype = IEEE80211_T_DS; 816 ic->ic_opmode = IEEE80211_M_STA; 817 ic->ic_caps = IEEE80211_C_PMGT | IEEE80211_C_IBSS | 818 IEEE80211_C_HOSTAP | IEEE80211_C_MONITOR; 819 820 nrate = 0; 821 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 2; 822 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 4; 823 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 11; 824 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 22; 825 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_nrates = nrate; 826 827 /* 828 * Call MI attach routines. 829 */ 830 831 if_attach(ifp); 832 ieee80211_ifattach(ic); 833 834 atw_evcnt_attach(sc); 835 836 sc->sc_newstate = ic->ic_newstate; 837 ic->ic_newstate = atw_newstate; 838 839 sc->sc_recv_mgmt = ic->ic_recv_mgmt; 840 ic->ic_recv_mgmt = atw_recv_mgmt; 841 842 sc->sc_node_free = ic->ic_node_free; 843 ic->ic_node_free = atw_node_free; 844 845 sc->sc_node_alloc = ic->ic_node_alloc; 846 ic->ic_node_alloc = atw_node_alloc; 847 848 ic->ic_crypto.cs_key_delete = atw_key_delete; 849 ic->ic_crypto.cs_key_set = atw_key_set; 850 ic->ic_crypto.cs_key_update_begin = atw_key_update_begin; 851 ic->ic_crypto.cs_key_update_end = atw_key_update_end; 852 853 /* possibly we should fill in our own sc_send_prresp, since 854 * the ADM8211 is probably sending probe responses in ad hoc 855 * mode. 856 */ 857 858 /* complete initialization */ 859 ieee80211_media_init(ic, atw_media_change, ieee80211_media_status); 860 callout_init(&sc->sc_scan_ch, 0); 861 862 #if NBPFILTER > 0 863 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 864 sizeof(struct ieee80211_frame) + 64, &sc->sc_radiobpf); 865 #endif 866 867 /* 868 * Make sure the interface is shutdown during reboot. 869 */ 870 sc->sc_sdhook = shutdownhook_establish(atw_shutdown, sc); 871 if (sc->sc_sdhook == NULL) 872 printf("%s: WARNING: unable to establish shutdown hook\n", 873 sc->sc_dev.dv_xname); 874 875 /* 876 * Add a suspend hook to make sure we come back up after a 877 * resume. 878 */ 879 sc->sc_powerhook = powerhook_establish(sc->sc_dev.dv_xname, 880 atw_power, sc); 881 if (sc->sc_powerhook == NULL) 882 printf("%s: WARNING: unable to establish power hook\n", 883 sc->sc_dev.dv_xname); 884 885 memset(&sc->sc_rxtapu, 0, sizeof(sc->sc_rxtapu)); 886 sc->sc_rxtap.ar_ihdr.it_len = htole16(sizeof(sc->sc_rxtapu)); 887 sc->sc_rxtap.ar_ihdr.it_present = htole32(ATW_RX_RADIOTAP_PRESENT); 888 889 memset(&sc->sc_txtapu, 0, sizeof(sc->sc_txtapu)); 890 sc->sc_txtap.at_ihdr.it_len = htole16(sizeof(sc->sc_txtapu)); 891 sc->sc_txtap.at_ihdr.it_present = htole32(ATW_TX_RADIOTAP_PRESENT); 892 893 ieee80211_announce(ic); 894 return; 895 896 /* 897 * Free any resources we've allocated during the failed attach 898 * attempt. Do this in reverse order and fall through. 899 */ 900 fail_5: 901 for (i = 0; i < ATW_NRXDESC; i++) { 902 if (sc->sc_rxsoft[i].rxs_dmamap == NULL) 903 continue; 904 bus_dmamap_destroy(sc->sc_dmat, sc->sc_rxsoft[i].rxs_dmamap); 905 } 906 fail_4: 907 for (i = 0; i < ATW_TXQUEUELEN; i++) { 908 if (sc->sc_txsoft[i].txs_dmamap == NULL) 909 continue; 910 bus_dmamap_destroy(sc->sc_dmat, sc->sc_txsoft[i].txs_dmamap); 911 } 912 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 913 fail_3: 914 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 915 fail_2: 916 bus_dmamem_unmap(sc->sc_dmat, (void *)sc->sc_control_data, 917 sizeof(struct atw_control_data)); 918 fail_1: 919 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 920 fail_0: 921 return; 922 } 923 924 static struct ieee80211_node * 925 atw_node_alloc(struct ieee80211_node_table *nt) 926 { 927 struct atw_softc *sc = (struct atw_softc *)nt->nt_ic->ic_ifp->if_softc; 928 struct ieee80211_node *ni = (*sc->sc_node_alloc)(nt); 929 930 DPRINTF(sc, ("%s: alloc node %p\n", sc->sc_dev.dv_xname, ni)); 931 return ni; 932 } 933 934 static void 935 atw_node_free(struct ieee80211_node *ni) 936 { 937 struct atw_softc *sc = (struct atw_softc *)ni->ni_ic->ic_ifp->if_softc; 938 939 DPRINTF(sc, ("%s: freeing node %p %s\n", sc->sc_dev.dv_xname, ni, 940 ether_sprintf(ni->ni_bssid))); 941 (*sc->sc_node_free)(ni); 942 } 943 944 945 static void 946 atw_test1_reset(struct atw_softc *sc) 947 { 948 switch (sc->sc_rev) { 949 case ATW_REVISION_BA: 950 if (1 /* XXX condition on transceiver type */) { 951 ATW_SET(sc, ATW_TEST1, ATW_TEST1_TESTMODE_MONITOR); 952 } 953 break; 954 case ATW_REVISION_CA: 955 ATW_CLR(sc, ATW_TEST1, ATW_TEST1_TESTMODE_MASK); 956 break; 957 default: 958 break; 959 } 960 } 961 962 /* 963 * atw_reset: 964 * 965 * Perform a soft reset on the ADM8211. 966 */ 967 void 968 atw_reset(struct atw_softc *sc) 969 { 970 int i; 971 uint32_t lpc; 972 973 ATW_WRITE(sc, ATW_NAR, 0x0); 974 DELAY(atw_nar_delay); 975 976 /* Reference driver has a cryptic remark indicating that this might 977 * power-on the chip. I know that it turns off power-saving.... 978 */ 979 ATW_WRITE(sc, ATW_FRCTL, 0x0); 980 981 ATW_WRITE(sc, ATW_PAR, ATW_PAR_SWR); 982 983 for (i = 0; i < 50000 / atw_pseudo_milli; i++) { 984 if ((ATW_READ(sc, ATW_PAR) & ATW_PAR_SWR) == 0) 985 break; 986 DELAY(atw_pseudo_milli); 987 } 988 989 /* ... and then pause 100ms longer for good measure. */ 990 DELAY(atw_magic_delay1); 991 992 DPRINTF2(sc, ("%s: atw_reset %d iterations\n", sc->sc_dev.dv_xname, i)); 993 994 if (ATW_ISSET(sc, ATW_PAR, ATW_PAR_SWR)) 995 printf("%s: reset failed to complete\n", sc->sc_dev.dv_xname); 996 997 /* 998 * Initialize the PCI Access Register. 999 */ 1000 sc->sc_busmode = ATW_PAR_PBL_8DW; 1001 1002 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 1003 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 1004 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 1005 1006 atw_test1_reset(sc); 1007 1008 /* Turn off maximum power saving, etc. */ 1009 ATW_WRITE(sc, ATW_FRCTL, 0x0); 1010 1011 DELAY(atw_magic_delay2); 1012 1013 /* Recall EEPROM. */ 1014 ATW_SET(sc, ATW_TEST0, ATW_TEST0_EPRLD); 1015 1016 DELAY(atw_magic_delay4); 1017 1018 lpc = ATW_READ(sc, ATW_LPC); 1019 1020 DPRINTF(sc, ("%s: ATW_LPC %#08x\n", __func__, lpc)); 1021 1022 /* A reset seems to affect the SRAM contents, so put them into 1023 * a known state. 1024 */ 1025 atw_clear_sram(sc); 1026 1027 memset(sc->sc_bssid, 0xff, sizeof(sc->sc_bssid)); 1028 } 1029 1030 static void 1031 atw_clear_sram(struct atw_softc *sc) 1032 { 1033 memset(sc->sc_sram, 0, sizeof(sc->sc_sram)); 1034 sc->sc_flags &= ~ATWF_WEP_SRAM_VALID; 1035 /* XXX not for revision 0x20. */ 1036 atw_write_sram(sc, 0, sc->sc_sram, sc->sc_sramlen); 1037 } 1038 1039 /* TBD atw_init 1040 * 1041 * set MAC based on ic->ic_bss->myaddr 1042 * write WEP keys 1043 * set TX rate 1044 */ 1045 1046 /* Tell the ADM8211 to raise ATW_INTR_LINKOFF if 7 beacon intervals pass 1047 * without receiving a beacon with the preferred BSSID & SSID. 1048 * atw_write_bssid & atw_write_ssid set the BSSID & SSID. 1049 */ 1050 static void 1051 atw_wcsr_init(struct atw_softc *sc) 1052 { 1053 uint32_t wcsr; 1054 1055 wcsr = ATW_READ(sc, ATW_WCSR); 1056 wcsr &= ~(ATW_WCSR_BLN_MASK|ATW_WCSR_LSOE|ATW_WCSR_MPRE|ATW_WCSR_LSOE); 1057 wcsr |= __SHIFTIN(7, ATW_WCSR_BLN_MASK); 1058 ATW_WRITE(sc, ATW_WCSR, wcsr); /* XXX resets wake-up status bits */ 1059 1060 DPRINTF(sc, ("%s: %s reg[WCSR] = %08x\n", 1061 sc->sc_dev.dv_xname, __func__, ATW_READ(sc, ATW_WCSR))); 1062 } 1063 1064 /* Turn off power management. Set Rx store-and-forward mode. */ 1065 static void 1066 atw_cmdr_init(struct atw_softc *sc) 1067 { 1068 uint32_t cmdr; 1069 cmdr = ATW_READ(sc, ATW_CMDR); 1070 cmdr &= ~ATW_CMDR_APM; 1071 cmdr |= ATW_CMDR_RTE; 1072 cmdr &= ~ATW_CMDR_DRT_MASK; 1073 cmdr |= ATW_CMDR_DRT_SF; 1074 1075 ATW_WRITE(sc, ATW_CMDR, cmdr); 1076 } 1077 1078 static void 1079 atw_tofs2_init(struct atw_softc *sc) 1080 { 1081 uint32_t tofs2; 1082 /* XXX this magic can probably be figured out from the RFMD docs */ 1083 #ifndef ATW_REFSLAVE 1084 tofs2 = __SHIFTIN(4, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 1085 __SHIFTIN(13, ATW_TOFS2_PWR0PAPE_MASK) | /* 13 us */ 1086 __SHIFTIN(8, ATW_TOFS2_PWR1PAPE_MASK) | /* 8 us */ 1087 __SHIFTIN(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 1088 __SHIFTIN(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 1089 __SHIFTIN(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 1090 __SHIFTIN(4, ATW_TOFS2_PWR1PE2_MASK) | /* 4 us */ 1091 __SHIFTIN(5, ATW_TOFS2_PWR0TXPE_MASK); /* 5 us */ 1092 #else 1093 /* XXX new magic from reference driver source */ 1094 tofs2 = __SHIFTIN(8, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 1095 __SHIFTIN(8, ATW_TOFS2_PWR0PAPE_MASK) | /* 8 us */ 1096 __SHIFTIN(1, ATW_TOFS2_PWR1PAPE_MASK) | /* 1 us */ 1097 __SHIFTIN(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 1098 __SHIFTIN(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 1099 __SHIFTIN(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 1100 __SHIFTIN(1, ATW_TOFS2_PWR1PE2_MASK) | /* 1 us */ 1101 __SHIFTIN(8, ATW_TOFS2_PWR0TXPE_MASK); /* 8 us */ 1102 #endif 1103 ATW_WRITE(sc, ATW_TOFS2, tofs2); 1104 } 1105 1106 static void 1107 atw_nar_init(struct atw_softc *sc) 1108 { 1109 ATW_WRITE(sc, ATW_NAR, ATW_NAR_SF|ATW_NAR_PB); 1110 } 1111 1112 static void 1113 atw_txlmt_init(struct atw_softc *sc) 1114 { 1115 ATW_WRITE(sc, ATW_TXLMT, __SHIFTIN(512, ATW_TXLMT_MTMLT_MASK) | 1116 __SHIFTIN(1, ATW_TXLMT_SRTYLIM_MASK)); 1117 } 1118 1119 static void 1120 atw_test1_init(struct atw_softc *sc) 1121 { 1122 uint32_t test1; 1123 1124 test1 = ATW_READ(sc, ATW_TEST1); 1125 test1 &= ~(ATW_TEST1_DBGREAD_MASK|ATW_TEST1_CONTROL); 1126 /* XXX magic 0x1 */ 1127 test1 |= __SHIFTIN(0x1, ATW_TEST1_DBGREAD_MASK) | ATW_TEST1_CONTROL; 1128 ATW_WRITE(sc, ATW_TEST1, test1); 1129 } 1130 1131 static void 1132 atw_rf_reset(struct atw_softc *sc) 1133 { 1134 /* XXX this resets an Intersil RF front-end? */ 1135 /* TBD condition on Intersil RFType? */ 1136 ATW_WRITE(sc, ATW_SYNRF, ATW_SYNRF_INTERSIL_EN); 1137 DELAY(atw_rf_delay1); 1138 ATW_WRITE(sc, ATW_SYNRF, 0); 1139 DELAY(atw_rf_delay2); 1140 } 1141 1142 /* Set 16 TU max duration for the contention-free period (CFP). */ 1143 static void 1144 atw_cfp_init(struct atw_softc *sc) 1145 { 1146 uint32_t cfpp; 1147 1148 cfpp = ATW_READ(sc, ATW_CFPP); 1149 cfpp &= ~ATW_CFPP_CFPMD; 1150 cfpp |= __SHIFTIN(16, ATW_CFPP_CFPMD); 1151 ATW_WRITE(sc, ATW_CFPP, cfpp); 1152 } 1153 1154 static void 1155 atw_tofs0_init(struct atw_softc *sc) 1156 { 1157 /* XXX I guess that the Cardbus clock is 22 MHz? 1158 * I am assuming that the role of ATW_TOFS0_USCNT is 1159 * to divide the bus clock to get a 1 MHz clock---the datasheet is not 1160 * very clear on this point. It says in the datasheet that it is 1161 * possible for the ADM8211 to accommodate bus speeds between 22 MHz 1162 * and 33 MHz; maybe this is the way? I see a binary-only driver write 1163 * these values. These values are also the power-on default. 1164 */ 1165 ATW_WRITE(sc, ATW_TOFS0, 1166 __SHIFTIN(22, ATW_TOFS0_USCNT_MASK) | 1167 ATW_TOFS0_TUCNT_MASK /* set all bits in TUCNT */); 1168 } 1169 1170 /* Initialize interframe spacing: 802.11b slot time, SIFS, DIFS, EIFS. */ 1171 static void 1172 atw_ifs_init(struct atw_softc *sc) 1173 { 1174 uint32_t ifst; 1175 /* XXX EIFS=0x64, SIFS=110 are used by the reference driver. 1176 * Go figure. 1177 */ 1178 ifst = __SHIFTIN(IEEE80211_DUR_DS_SLOT, ATW_IFST_SLOT_MASK) | 1179 __SHIFTIN(22 * 5 /* IEEE80211_DUR_DS_SIFS */ /* # of 22 MHz cycles */, 1180 ATW_IFST_SIFS_MASK) | 1181 __SHIFTIN(IEEE80211_DUR_DS_DIFS, ATW_IFST_DIFS_MASK) | 1182 __SHIFTIN(0x64 /* IEEE80211_DUR_DS_EIFS */, ATW_IFST_EIFS_MASK); 1183 1184 ATW_WRITE(sc, ATW_IFST, ifst); 1185 } 1186 1187 static void 1188 atw_response_times_init(struct atw_softc *sc) 1189 { 1190 /* XXX More magic. Relates to ACK timing? The datasheet seems to 1191 * indicate that the MAC expects at least SIFS + MIRT microseconds 1192 * to pass after it transmits a frame that requires a response; 1193 * it waits at most SIFS + MART microseconds for the response. 1194 * Surely this is not the ACK timeout? 1195 */ 1196 ATW_WRITE(sc, ATW_RSPT, __SHIFTIN(0xffff, ATW_RSPT_MART_MASK) | 1197 __SHIFTIN(0xff, ATW_RSPT_MIRT_MASK)); 1198 } 1199 1200 /* Set up the MMI read/write addresses for the baseband. The Tx/Rx 1201 * engines read and write baseband registers after Rx and before 1202 * Tx, respectively. 1203 */ 1204 static void 1205 atw_bbp_io_init(struct atw_softc *sc) 1206 { 1207 uint32_t mmiraddr2; 1208 1209 /* XXX The reference driver does this, but is it *really* 1210 * necessary? 1211 */ 1212 switch (sc->sc_rev) { 1213 case ATW_REVISION_AB: 1214 case ATW_REVISION_AF: 1215 mmiraddr2 = 0x0; 1216 break; 1217 default: 1218 mmiraddr2 = ATW_READ(sc, ATW_MMIRADDR2); 1219 mmiraddr2 &= 1220 ~(ATW_MMIRADDR2_PROREXT|ATW_MMIRADDR2_PRORLEN_MASK); 1221 break; 1222 } 1223 1224 switch (sc->sc_bbptype) { 1225 case ATW_BBPTYPE_INTERSIL: 1226 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_INTERSIL); 1227 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_INTERSIL); 1228 mmiraddr2 |= ATW_MMIRADDR2_INTERSIL; 1229 break; 1230 case ATW_BBPTYPE_MARVEL: 1231 /* TBD find out the Marvel settings. */ 1232 break; 1233 case ATW_BBPTYPE_RFMD: 1234 default: 1235 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_RFMD); 1236 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_RFMD); 1237 mmiraddr2 |= ATW_MMIRADDR2_RFMD; 1238 break; 1239 } 1240 ATW_WRITE(sc, ATW_MMIRADDR2, mmiraddr2); 1241 ATW_WRITE(sc, ATW_MACTEST, ATW_MACTEST_MMI_USETXCLK); 1242 } 1243 1244 /* 1245 * atw_init: [ ifnet interface function ] 1246 * 1247 * Initialize the interface. Must be called at splnet(). 1248 */ 1249 int 1250 atw_init(struct ifnet *ifp) 1251 { 1252 struct atw_softc *sc = ifp->if_softc; 1253 struct ieee80211com *ic = &sc->sc_ic; 1254 struct atw_txsoft *txs; 1255 struct atw_rxsoft *rxs; 1256 int i, error = 0; 1257 1258 if ((error = atw_enable(sc)) != 0) 1259 goto out; 1260 1261 /* 1262 * Cancel any pending I/O. This also resets. 1263 */ 1264 atw_stop(ifp, 0); 1265 1266 DPRINTF(sc, ("%s: channel %d freq %d flags 0x%04x\n", 1267 __func__, ieee80211_chan2ieee(ic, ic->ic_curchan), 1268 ic->ic_curchan->ic_freq, ic->ic_curchan->ic_flags)); 1269 1270 atw_wcsr_init(sc); 1271 1272 atw_cmdr_init(sc); 1273 1274 /* Set data rate for PLCP Signal field, 1Mbps = 10 x 100Kb/s. 1275 * 1276 * XXX Set transmit power for ATIM, RTS, Beacon. 1277 */ 1278 ATW_WRITE(sc, ATW_PLCPHD, __SHIFTIN(10, ATW_PLCPHD_SIGNAL_MASK) | 1279 __SHIFTIN(0xb0, ATW_PLCPHD_SERVICE_MASK)); 1280 1281 atw_tofs2_init(sc); 1282 1283 atw_nar_init(sc); 1284 1285 atw_txlmt_init(sc); 1286 1287 atw_test1_init(sc); 1288 1289 atw_rf_reset(sc); 1290 1291 atw_cfp_init(sc); 1292 1293 atw_tofs0_init(sc); 1294 1295 atw_ifs_init(sc); 1296 1297 /* XXX Fall asleep after one second of inactivity. 1298 * XXX A frame may only dribble in for 65536us. 1299 */ 1300 ATW_WRITE(sc, ATW_RMD, 1301 __SHIFTIN(1, ATW_RMD_PCNT) | __SHIFTIN(0xffff, ATW_RMD_RMRD_MASK)); 1302 1303 atw_response_times_init(sc); 1304 1305 atw_bbp_io_init(sc); 1306 1307 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1308 1309 if ((error = atw_rf3000_init(sc)) != 0) 1310 goto out; 1311 1312 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 1313 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 1314 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 1315 1316 /* 1317 * Initialize the transmit descriptor ring. 1318 */ 1319 memset(sc->sc_txdescs, 0, sizeof(sc->sc_txdescs)); 1320 for (i = 0; i < ATW_NTXDESC; i++) { 1321 sc->sc_txdescs[i].at_ctl = 0; 1322 /* no transmit chaining */ 1323 sc->sc_txdescs[i].at_flags = 0 /* ATW_TXFLAG_TCH */; 1324 sc->sc_txdescs[i].at_buf2 = 1325 htole32(ATW_CDTXADDR(sc, ATW_NEXTTX(i))); 1326 } 1327 /* use ring mode */ 1328 sc->sc_txdescs[ATW_NTXDESC - 1].at_flags |= htole32(ATW_TXFLAG_TER); 1329 ATW_CDTXSYNC(sc, 0, ATW_NTXDESC, 1330 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 1331 sc->sc_txfree = ATW_NTXDESC; 1332 sc->sc_txnext = 0; 1333 1334 /* 1335 * Initialize the transmit job descriptors. 1336 */ 1337 SIMPLEQ_INIT(&sc->sc_txfreeq); 1338 SIMPLEQ_INIT(&sc->sc_txdirtyq); 1339 for (i = 0; i < ATW_TXQUEUELEN; i++) { 1340 txs = &sc->sc_txsoft[i]; 1341 txs->txs_mbuf = NULL; 1342 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 1343 } 1344 1345 /* 1346 * Initialize the receive descriptor and receive job 1347 * descriptor rings. 1348 */ 1349 for (i = 0; i < ATW_NRXDESC; i++) { 1350 rxs = &sc->sc_rxsoft[i]; 1351 if (rxs->rxs_mbuf == NULL) { 1352 if ((error = atw_add_rxbuf(sc, i)) != 0) { 1353 printf("%s: unable to allocate or map rx " 1354 "buffer %d, error = %d\n", 1355 sc->sc_dev.dv_xname, i, error); 1356 /* 1357 * XXX Should attempt to run with fewer receive 1358 * XXX buffers instead of just failing. 1359 */ 1360 atw_rxdrain(sc); 1361 goto out; 1362 } 1363 } else 1364 atw_init_rxdesc(sc, i); 1365 } 1366 sc->sc_rxptr = 0; 1367 1368 /* 1369 * Initialize the interrupt mask and enable interrupts. 1370 */ 1371 /* normal interrupts */ 1372 sc->sc_inten = ATW_INTR_TCI | ATW_INTR_TDU | ATW_INTR_RCI | 1373 ATW_INTR_NISS | ATW_INTR_LINKON | ATW_INTR_BCNTC; 1374 1375 /* abnormal interrupts */ 1376 sc->sc_inten |= ATW_INTR_TPS | ATW_INTR_TLT | ATW_INTR_TRT | 1377 ATW_INTR_TUF | ATW_INTR_RDU | ATW_INTR_RPS | ATW_INTR_AISS | 1378 ATW_INTR_FBE | ATW_INTR_LINKOFF | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1379 1380 sc->sc_linkint_mask = ATW_INTR_LINKON | ATW_INTR_LINKOFF | 1381 ATW_INTR_BCNTC | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1382 sc->sc_rxint_mask = ATW_INTR_RCI | ATW_INTR_RDU; 1383 sc->sc_txint_mask = ATW_INTR_TCI | ATW_INTR_TUF | ATW_INTR_TLT | 1384 ATW_INTR_TRT; 1385 1386 sc->sc_linkint_mask &= sc->sc_inten; 1387 sc->sc_rxint_mask &= sc->sc_inten; 1388 sc->sc_txint_mask &= sc->sc_inten; 1389 1390 ATW_WRITE(sc, ATW_IER, sc->sc_inten); 1391 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1392 1393 DPRINTF(sc, ("%s: ATW_IER %08x, inten %08x\n", 1394 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_IER), sc->sc_inten)); 1395 1396 /* 1397 * Give the transmit and receive rings to the ADM8211. 1398 */ 1399 ATW_WRITE(sc, ATW_RDB, ATW_CDRXADDR(sc, sc->sc_rxptr)); 1400 ATW_WRITE(sc, ATW_TDBD, ATW_CDTXADDR(sc, sc->sc_txnext)); 1401 1402 sc->sc_txthresh = 0; 1403 sc->sc_opmode = ATW_NAR_SR | ATW_NAR_ST | 1404 sc->sc_txth[sc->sc_txthresh].txth_opmode; 1405 1406 /* common 802.11 configuration */ 1407 ic->ic_flags &= ~IEEE80211_F_IBSSON; 1408 switch (ic->ic_opmode) { 1409 case IEEE80211_M_STA: 1410 break; 1411 case IEEE80211_M_AHDEMO: /* XXX */ 1412 case IEEE80211_M_IBSS: 1413 ic->ic_flags |= IEEE80211_F_IBSSON; 1414 /*FALLTHROUGH*/ 1415 case IEEE80211_M_HOSTAP: /* XXX */ 1416 break; 1417 case IEEE80211_M_MONITOR: /* XXX */ 1418 break; 1419 } 1420 1421 switch (ic->ic_opmode) { 1422 case IEEE80211_M_AHDEMO: 1423 case IEEE80211_M_HOSTAP: 1424 #ifndef IEEE80211_NO_HOSTAP 1425 ic->ic_bss->ni_intval = ic->ic_lintval; 1426 ic->ic_bss->ni_rssi = 0; 1427 ic->ic_bss->ni_rstamp = 0; 1428 #endif /* !IEEE80211_NO_HOSTAP */ 1429 break; 1430 default: /* XXX */ 1431 break; 1432 } 1433 1434 sc->sc_wepctl = 0; 1435 1436 atw_write_ssid(sc); 1437 atw_write_sup_rates(sc); 1438 atw_write_wep(sc); 1439 1440 ic->ic_state = IEEE80211_S_INIT; 1441 1442 /* 1443 * Set the receive filter. This will start the transmit and 1444 * receive processes. 1445 */ 1446 atw_filter_setup(sc); 1447 1448 /* 1449 * Start the receive process. 1450 */ 1451 ATW_WRITE(sc, ATW_RDR, 0x1); 1452 1453 /* 1454 * Note that the interface is now running. 1455 */ 1456 ifp->if_flags |= IFF_RUNNING; 1457 ifp->if_flags &= ~IFF_OACTIVE; 1458 1459 /* send no beacons, yet. */ 1460 atw_start_beacon(sc, 0); 1461 1462 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1463 error = ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1464 else 1465 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1466 out: 1467 if (error) { 1468 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1469 sc->sc_tx_timer = 0; 1470 ifp->if_timer = 0; 1471 printf("%s: interface not running\n", sc->sc_dev.dv_xname); 1472 } 1473 #ifdef ATW_DEBUG 1474 atw_print_regs(sc, "end of init"); 1475 #endif /* ATW_DEBUG */ 1476 1477 return (error); 1478 } 1479 1480 /* enable == 1: host control of RF3000/Si4126 through ATW_SYNCTL. 1481 * 0: MAC control of RF3000/Si4126. 1482 * 1483 * Applies power, or selects RF front-end? Sets reset condition. 1484 * 1485 * TBD support non-RFMD BBP, non-SiLabs synth. 1486 */ 1487 static void 1488 atw_bbp_io_enable(struct atw_softc *sc, int enable) 1489 { 1490 if (enable) { 1491 ATW_WRITE(sc, ATW_SYNRF, 1492 ATW_SYNRF_SELRF|ATW_SYNRF_PE1|ATW_SYNRF_PHYRST); 1493 DELAY(atw_bbp_io_enable_delay); 1494 } else { 1495 ATW_WRITE(sc, ATW_SYNRF, 0); 1496 DELAY(atw_bbp_io_disable_delay); /* shorter for some reason */ 1497 } 1498 } 1499 1500 static int 1501 atw_tune(struct atw_softc *sc) 1502 { 1503 int rc; 1504 u_int chan; 1505 struct ieee80211com *ic = &sc->sc_ic; 1506 1507 chan = ieee80211_chan2ieee(ic, ic->ic_curchan); 1508 if (chan == IEEE80211_CHAN_ANY) 1509 panic("%s: chan == IEEE80211_CHAN_ANY\n", __func__); 1510 1511 if (chan == sc->sc_cur_chan) 1512 return 0; 1513 1514 DPRINTF(sc, ("%s: chan %d -> %d\n", sc->sc_dev.dv_xname, 1515 sc->sc_cur_chan, chan)); 1516 1517 atw_idle(sc, ATW_NAR_SR|ATW_NAR_ST); 1518 1519 atw_si4126_tune(sc, chan); 1520 if ((rc = atw_rf3000_tune(sc, chan)) != 0) 1521 printf("%s: failed to tune channel %d\n", sc->sc_dev.dv_xname, 1522 chan); 1523 1524 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 1525 DELAY(atw_nar_delay); 1526 ATW_WRITE(sc, ATW_RDR, 0x1); 1527 1528 if (rc == 0) { 1529 sc->sc_cur_chan = chan; 1530 sc->sc_rxtap.ar_chan_freq = sc->sc_txtap.at_chan_freq = 1531 htole16(ic->ic_curchan->ic_freq); 1532 sc->sc_rxtap.ar_chan_flags = sc->sc_txtap.at_chan_flags = 1533 htole16(ic->ic_curchan->ic_flags); 1534 } 1535 1536 return rc; 1537 } 1538 1539 #ifdef ATW_SYNDEBUG 1540 static void 1541 atw_si4126_print(struct atw_softc *sc) 1542 { 1543 struct ifnet *ifp = &sc->sc_if; 1544 u_int addr, val; 1545 1546 val = 0; 1547 1548 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1549 return; 1550 1551 for (addr = 0; addr <= 8; addr++) { 1552 printf("%s: synth[%d] = ", sc->sc_dev.dv_xname, addr); 1553 if (atw_si4126_read(sc, addr, &val) == 0) { 1554 printf("<unknown> (quitting print-out)\n"); 1555 break; 1556 } 1557 printf("%05x\n", val); 1558 } 1559 } 1560 #endif /* ATW_SYNDEBUG */ 1561 1562 /* Tune to channel chan by adjusting the Si4126 RF/IF synthesizer. 1563 * 1564 * The RF/IF synthesizer produces two reference frequencies for 1565 * the RF2948B transceiver. The first frequency the RF2948B requires 1566 * is two times the so-called "intermediate frequency" (IF). Since 1567 * a SAW filter on the radio fixes the IF at 374 MHz, I program the 1568 * Si4126 to generate IF LO = 374 MHz x 2 = 748 MHz. The second 1569 * frequency required by the transceiver is the radio frequency 1570 * (RF). This is a superheterodyne transceiver; for f(chan) the 1571 * center frequency of the channel we are tuning, RF = f(chan) - 1572 * IF. 1573 * 1574 * XXX I am told by SiLabs that the Si4126 will accept a broader range 1575 * of XIN than the 2-25 MHz mentioned by the datasheet, even *without* 1576 * XINDIV2 = 1. I've tried this (it is necessary to double R) and it 1577 * works, but I have still programmed for XINDIV2 = 1 to be safe. 1578 */ 1579 static void 1580 atw_si4126_tune(struct atw_softc *sc, u_int chan) 1581 { 1582 u_int mhz; 1583 u_int R; 1584 u_int32_t gpio; 1585 u_int16_t gain; 1586 1587 #ifdef ATW_SYNDEBUG 1588 atw_si4126_print(sc); 1589 #endif /* ATW_SYNDEBUG */ 1590 1591 if (chan == 14) 1592 mhz = 2484; 1593 else 1594 mhz = 2412 + 5 * (chan - 1); 1595 1596 /* Tune IF to 748 MHz to suit the IF LO input of the 1597 * RF2494B, which is 2 x IF. No need to set an IF divider 1598 * because an IF in 526 MHz - 952 MHz is allowed. 1599 * 1600 * XIN is 44.000 MHz, so divide it by two to get allowable 1601 * range of 2-25 MHz. SiLabs tells me that this is not 1602 * strictly necessary. 1603 */ 1604 1605 if (atw_xindiv2) 1606 R = 44; 1607 else 1608 R = 88; 1609 1610 /* Power-up RF, IF synthesizers. */ 1611 atw_si4126_write(sc, SI4126_POWER, 1612 SI4126_POWER_PDIB|SI4126_POWER_PDRB); 1613 1614 /* set LPWR, too? */ 1615 atw_si4126_write(sc, SI4126_MAIN, 1616 (atw_xindiv2) ? SI4126_MAIN_XINDIV2 : 0); 1617 1618 /* Set the phase-locked loop gain. If RF2 N > 2047, then 1619 * set KP2 to 1. 1620 * 1621 * REFDIF This is different from the reference driver, which 1622 * always sets SI4126_GAIN to 0. 1623 */ 1624 gain = __SHIFTIN(((mhz - 374) > 2047) ? 1 : 0, SI4126_GAIN_KP2_MASK); 1625 1626 atw_si4126_write(sc, SI4126_GAIN, gain); 1627 1628 /* XIN = 44 MHz. 1629 * 1630 * If XINDIV2 = 1, IF = N/(2 * R) * XIN. I choose N = 1496, 1631 * R = 44 so that 1496/(2 * 44) * 44 MHz = 748 MHz. 1632 * 1633 * If XINDIV2 = 0, IF = N/R * XIN. I choose N = 1496, R = 88 1634 * so that 1496/88 * 44 MHz = 748 MHz. 1635 */ 1636 atw_si4126_write(sc, SI4126_IFN, 1496); 1637 1638 atw_si4126_write(sc, SI4126_IFR, R); 1639 1640 #ifndef ATW_REFSLAVE 1641 /* Set RF1 arbitrarily. DO NOT configure RF1 after RF2, because 1642 * then RF1 becomes the active RF synthesizer, even on the Si4126, 1643 * which has no RF1! 1644 */ 1645 atw_si4126_write(sc, SI4126_RF1R, R); 1646 1647 atw_si4126_write(sc, SI4126_RF1N, mhz - 374); 1648 #endif 1649 1650 /* N/R * XIN = RF. XIN = 44 MHz. We desire RF = mhz - IF, 1651 * where IF = 374 MHz. Let's divide XIN to 1 MHz. So R = 44. 1652 * Now let's multiply it to mhz. So mhz - IF = N. 1653 */ 1654 atw_si4126_write(sc, SI4126_RF2R, R); 1655 1656 atw_si4126_write(sc, SI4126_RF2N, mhz - 374); 1657 1658 /* wait 100us from power-up for RF, IF to settle */ 1659 DELAY(100); 1660 1661 gpio = ATW_READ(sc, ATW_GPIO); 1662 gpio &= ~(ATW_GPIO_EN_MASK|ATW_GPIO_O_MASK|ATW_GPIO_I_MASK); 1663 gpio |= __SHIFTIN(1, ATW_GPIO_EN_MASK); 1664 1665 if ((sc->sc_if.if_flags & IFF_LINK1) != 0 && chan != 14) { 1666 /* Set a Prism RF front-end to a special mode for channel 14? 1667 * 1668 * Apparently the SMC2635W needs this, although I don't think 1669 * it has a Prism RF. 1670 */ 1671 gpio |= __SHIFTIN(1, ATW_GPIO_O_MASK); 1672 } 1673 ATW_WRITE(sc, ATW_GPIO, gpio); 1674 1675 #ifdef ATW_SYNDEBUG 1676 atw_si4126_print(sc); 1677 #endif /* ATW_SYNDEBUG */ 1678 } 1679 1680 /* Baseline initialization of RF3000 BBP: set CCA mode and enable antenna 1681 * diversity. 1682 * 1683 * !!! 1684 * !!! Call this w/ Tx/Rx suspended, atw_idle(, ATW_NAR_ST|ATW_NAR_SR). 1685 * !!! 1686 */ 1687 static int 1688 atw_rf3000_init(struct atw_softc *sc) 1689 { 1690 int rc = 0; 1691 1692 atw_bbp_io_enable(sc, 1); 1693 1694 /* CCA is acquisition sensitive */ 1695 rc = atw_rf3000_write(sc, RF3000_CCACTL, 1696 __SHIFTIN(RF3000_CCACTL_MODE_BOTH, RF3000_CCACTL_MODE_MASK)); 1697 1698 if (rc != 0) 1699 goto out; 1700 1701 /* enable diversity */ 1702 rc = atw_rf3000_write(sc, RF3000_DIVCTL, RF3000_DIVCTL_ENABLE); 1703 1704 if (rc != 0) 1705 goto out; 1706 1707 /* sensible setting from a binary-only driver */ 1708 rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1709 __SHIFTIN(0x1d, RF3000_GAINCTL_TXVGC_MASK)); 1710 1711 if (rc != 0) 1712 goto out; 1713 1714 /* magic from a binary-only driver */ 1715 rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, 1716 __SHIFTIN(0x38, RF3000_LOGAINCAL_CAL_MASK)); 1717 1718 if (rc != 0) 1719 goto out; 1720 1721 rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, RF3000_HIGAINCAL_DSSSPAD); 1722 1723 if (rc != 0) 1724 goto out; 1725 1726 /* XXX Reference driver remarks that Abocom sets this to 50. 1727 * Meaning 0x50, I think.... 50 = 0x32, which would set a bit 1728 * in the "reserved" area of register RF3000_OPTIONS1. 1729 */ 1730 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, sc->sc_rf3000_options1); 1731 1732 if (rc != 0) 1733 goto out; 1734 1735 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, sc->sc_rf3000_options2); 1736 1737 if (rc != 0) 1738 goto out; 1739 1740 out: 1741 atw_bbp_io_enable(sc, 0); 1742 return rc; 1743 } 1744 1745 #ifdef ATW_BBPDEBUG 1746 static void 1747 atw_rf3000_print(struct atw_softc *sc) 1748 { 1749 struct ifnet *ifp = &sc->sc_if; 1750 u_int addr, val; 1751 1752 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1753 return; 1754 1755 for (addr = 0x01; addr <= 0x15; addr++) { 1756 printf("%s: bbp[%d] = \n", sc->sc_dev.dv_xname, addr); 1757 if (atw_rf3000_read(sc, addr, &val) != 0) { 1758 printf("<unknown> (quitting print-out)\n"); 1759 break; 1760 } 1761 printf("%08x\n", val); 1762 } 1763 } 1764 #endif /* ATW_BBPDEBUG */ 1765 1766 /* Set the power settings on the BBP for channel `chan'. */ 1767 static int 1768 atw_rf3000_tune(struct atw_softc *sc, u_int chan) 1769 { 1770 int rc = 0; 1771 u_int32_t reg; 1772 u_int16_t txpower, lpf_cutoff, lna_gs_thresh; 1773 1774 txpower = sc->sc_srom[ATW_SR_TXPOWER(chan)]; 1775 lpf_cutoff = sc->sc_srom[ATW_SR_LPF_CUTOFF(chan)]; 1776 lna_gs_thresh = sc->sc_srom[ATW_SR_LNA_GS_THRESH(chan)]; 1777 1778 /* odd channels: LSB, even channels: MSB */ 1779 if (chan % 2 == 1) { 1780 txpower &= 0xFF; 1781 lpf_cutoff &= 0xFF; 1782 lna_gs_thresh &= 0xFF; 1783 } else { 1784 txpower >>= 8; 1785 lpf_cutoff >>= 8; 1786 lna_gs_thresh >>= 8; 1787 } 1788 1789 #ifdef ATW_BBPDEBUG 1790 atw_rf3000_print(sc); 1791 #endif /* ATW_BBPDEBUG */ 1792 1793 DPRINTF(sc, ("%s: chan %d txpower %02x, lpf_cutoff %02x, " 1794 "lna_gs_thresh %02x\n", 1795 sc->sc_dev.dv_xname, chan, txpower, lpf_cutoff, lna_gs_thresh)); 1796 1797 atw_bbp_io_enable(sc, 1); 1798 1799 if ((rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1800 __SHIFTIN(txpower, RF3000_GAINCTL_TXVGC_MASK))) != 0) 1801 goto out; 1802 1803 if ((rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, lpf_cutoff)) != 0) 1804 goto out; 1805 1806 if ((rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, lna_gs_thresh)) != 0) 1807 goto out; 1808 1809 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, 0x0); 1810 1811 if (rc != 0) 1812 goto out; 1813 1814 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, RF3000_OPTIONS2_LNAGS_DELAY); 1815 1816 if (rc != 0) 1817 goto out; 1818 1819 #ifdef ATW_BBPDEBUG 1820 atw_rf3000_print(sc); 1821 #endif /* ATW_BBPDEBUG */ 1822 1823 out: 1824 atw_bbp_io_enable(sc, 0); 1825 1826 /* set beacon, rts, atim transmit power */ 1827 reg = ATW_READ(sc, ATW_PLCPHD); 1828 reg &= ~ATW_PLCPHD_SERVICE_MASK; 1829 reg |= __SHIFTIN(__SHIFTIN(txpower, RF3000_GAINCTL_TXVGC_MASK), 1830 ATW_PLCPHD_SERVICE_MASK); 1831 ATW_WRITE(sc, ATW_PLCPHD, reg); 1832 DELAY(atw_plcphd_delay); 1833 1834 return rc; 1835 } 1836 1837 /* Write a register on the RF3000 baseband processor using the 1838 * registers provided by the ADM8211 for this purpose. 1839 * 1840 * Return 0 on success. 1841 */ 1842 static int 1843 atw_rf3000_write(struct atw_softc *sc, u_int addr, u_int val) 1844 { 1845 u_int32_t reg; 1846 int i; 1847 1848 reg = sc->sc_bbpctl_wr | 1849 __SHIFTIN(val & 0xff, ATW_BBPCTL_DATA_MASK) | 1850 __SHIFTIN(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1851 1852 for (i = 20000 / atw_pseudo_milli; --i >= 0; ) { 1853 ATW_WRITE(sc, ATW_BBPCTL, reg); 1854 DELAY(2 * atw_pseudo_milli); 1855 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_WR) == 0) 1856 break; 1857 } 1858 1859 if (i < 0) { 1860 printf("%s: BBPCTL still busy\n", sc->sc_dev.dv_xname); 1861 return ETIMEDOUT; 1862 } 1863 return 0; 1864 } 1865 1866 /* Read a register on the RF3000 baseband processor using the registers 1867 * the ADM8211 provides for this purpose. 1868 * 1869 * The 7-bit register address is addr. Record the 8-bit data in the register 1870 * in *val. 1871 * 1872 * Return 0 on success. 1873 * 1874 * XXX This does not seem to work. The ADM8211 must require more or 1875 * different magic to read the chip than to write it. Possibly some 1876 * of the magic I have derived from a binary-only driver concerns 1877 * the "chip address" (see the RF3000 manual). 1878 */ 1879 #ifdef ATW_BBPDEBUG 1880 static int 1881 atw_rf3000_read(struct atw_softc *sc, u_int addr, u_int *val) 1882 { 1883 u_int32_t reg; 1884 int i; 1885 1886 for (i = 1000; --i >= 0; ) { 1887 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD|ATW_BBPCTL_WR) == 0) 1888 break; 1889 DELAY(100); 1890 } 1891 1892 if (i < 0) { 1893 printf("%s: start atw_rf3000_read, BBPCTL busy\n", 1894 sc->sc_dev.dv_xname); 1895 return ETIMEDOUT; 1896 } 1897 1898 reg = sc->sc_bbpctl_rd | __SHIFTIN(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1899 1900 ATW_WRITE(sc, ATW_BBPCTL, reg); 1901 1902 for (i = 1000; --i >= 0; ) { 1903 DELAY(100); 1904 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD) == 0) 1905 break; 1906 } 1907 1908 ATW_CLR(sc, ATW_BBPCTL, ATW_BBPCTL_RD); 1909 1910 if (i < 0) { 1911 printf("%s: atw_rf3000_read wrote %08x; BBPCTL still busy\n", 1912 sc->sc_dev.dv_xname, reg); 1913 return ETIMEDOUT; 1914 } 1915 if (val != NULL) 1916 *val = __SHIFTOUT(reg, ATW_BBPCTL_DATA_MASK); 1917 return 0; 1918 } 1919 #endif /* ATW_BBPDEBUG */ 1920 1921 /* Write a register on the Si4126 RF/IF synthesizer using the registers 1922 * provided by the ADM8211 for that purpose. 1923 * 1924 * val is 18 bits of data, and val is the 4-bit address of the register. 1925 * 1926 * Return 0 on success. 1927 */ 1928 static void 1929 atw_si4126_write(struct atw_softc *sc, u_int addr, u_int val) 1930 { 1931 uint32_t bits, mask, reg; 1932 const int nbits = 22; 1933 1934 KASSERT((addr & ~__SHIFTOUT_MASK(SI4126_TWI_ADDR_MASK)) == 0); 1935 KASSERT((val & ~__SHIFTOUT_MASK(SI4126_TWI_DATA_MASK)) == 0); 1936 1937 bits = __SHIFTIN(val, SI4126_TWI_DATA_MASK) | 1938 __SHIFTIN(addr, SI4126_TWI_ADDR_MASK); 1939 1940 reg = ATW_SYNRF_SELSYN; 1941 /* reference driver: reset Si4126 serial bus to initial 1942 * conditions? 1943 */ 1944 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_LEIF); 1945 ATW_WRITE(sc, ATW_SYNRF, reg); 1946 1947 for (mask = __BIT(nbits - 1); mask != 0; mask >>= 1) { 1948 if ((bits & mask) != 0) 1949 reg |= ATW_SYNRF_SYNDATA; 1950 else 1951 reg &= ~ATW_SYNRF_SYNDATA; 1952 ATW_WRITE(sc, ATW_SYNRF, reg); 1953 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_SYNCLK); 1954 ATW_WRITE(sc, ATW_SYNRF, reg); 1955 } 1956 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_LEIF); 1957 ATW_WRITE(sc, ATW_SYNRF, 0x0); 1958 } 1959 1960 /* Read 18-bit data from the 4-bit address addr in Si4126 1961 * RF synthesizer and write the data to *val. Return 0 on success. 1962 * 1963 * XXX This does not seem to work. The ADM8211 must require more or 1964 * different magic to read the chip than to write it. 1965 */ 1966 #ifdef ATW_SYNDEBUG 1967 static int 1968 atw_si4126_read(struct atw_softc *sc, u_int addr, u_int *val) 1969 { 1970 u_int32_t reg; 1971 int i; 1972 1973 KASSERT((addr & ~__SHIFTOUT_MASK(SI4126_TWI_ADDR_MASK)) == 0); 1974 1975 for (i = 1000; --i >= 0; ) { 1976 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD|ATW_SYNCTL_WR) == 0) 1977 break; 1978 DELAY(100); 1979 } 1980 1981 if (i < 0) { 1982 printf("%s: start atw_si4126_read, SYNCTL busy\n", 1983 sc->sc_dev.dv_xname); 1984 return ETIMEDOUT; 1985 } 1986 1987 reg = sc->sc_synctl_rd | __SHIFTIN(addr, ATW_SYNCTL_DATA_MASK); 1988 1989 ATW_WRITE(sc, ATW_SYNCTL, reg); 1990 1991 for (i = 1000; --i >= 0; ) { 1992 DELAY(100); 1993 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD) == 0) 1994 break; 1995 } 1996 1997 ATW_CLR(sc, ATW_SYNCTL, ATW_SYNCTL_RD); 1998 1999 if (i < 0) { 2000 printf("%s: atw_si4126_read wrote %#08x, SYNCTL still busy\n", 2001 sc->sc_dev.dv_xname, reg); 2002 return ETIMEDOUT; 2003 } 2004 if (val != NULL) 2005 *val = __SHIFTOUT(ATW_READ(sc, ATW_SYNCTL), 2006 ATW_SYNCTL_DATA_MASK); 2007 return 0; 2008 } 2009 #endif /* ATW_SYNDEBUG */ 2010 2011 /* XXX is the endianness correct? test. */ 2012 #define atw_calchash(addr) \ 2013 (ether_crc32_le((addr), IEEE80211_ADDR_LEN) & __BITS(5, 0)) 2014 2015 /* 2016 * atw_filter_setup: 2017 * 2018 * Set the ADM8211's receive filter. 2019 */ 2020 static void 2021 atw_filter_setup(struct atw_softc *sc) 2022 { 2023 struct ieee80211com *ic = &sc->sc_ic; 2024 struct ethercom *ec = &sc->sc_ec; 2025 struct ifnet *ifp = &sc->sc_if; 2026 int hash; 2027 u_int32_t hashes[2]; 2028 struct ether_multi *enm; 2029 struct ether_multistep step; 2030 2031 /* According to comments in tlp_al981_filter_setup 2032 * (dev/ic/tulip.c) the ADMtek AL981 does not like for its 2033 * multicast filter to be set while it is running. Hopefully 2034 * the ADM8211 is not the same! 2035 */ 2036 if ((ifp->if_flags & IFF_RUNNING) != 0) 2037 atw_idle(sc, ATW_NAR_SR); 2038 2039 sc->sc_opmode &= ~(ATW_NAR_PB|ATW_NAR_PR|ATW_NAR_MM); 2040 ifp->if_flags &= ~IFF_ALLMULTI; 2041 2042 /* XXX in scan mode, do not filter packets. Maybe this is 2043 * unnecessary. 2044 */ 2045 if (ic->ic_state == IEEE80211_S_SCAN || 2046 (ifp->if_flags & IFF_PROMISC) != 0) { 2047 sc->sc_opmode |= ATW_NAR_PR | ATW_NAR_PB; 2048 goto allmulti; 2049 } 2050 2051 hashes[0] = hashes[1] = 0x0; 2052 2053 /* 2054 * Program the 64-bit multicast hash filter. 2055 */ 2056 ETHER_FIRST_MULTI(step, ec, enm); 2057 while (enm != NULL) { 2058 if (memcmp(enm->enm_addrlo, enm->enm_addrhi, 2059 ETHER_ADDR_LEN) != 0) 2060 goto allmulti; 2061 2062 hash = atw_calchash(enm->enm_addrlo); 2063 hashes[hash >> 5] |= 1 << (hash & 0x1f); 2064 ETHER_NEXT_MULTI(step, enm); 2065 sc->sc_opmode |= ATW_NAR_MM; 2066 } 2067 ifp->if_flags &= ~IFF_ALLMULTI; 2068 goto setit; 2069 2070 allmulti: 2071 sc->sc_opmode |= ATW_NAR_MM; 2072 ifp->if_flags |= IFF_ALLMULTI; 2073 hashes[0] = hashes[1] = 0xffffffff; 2074 2075 setit: 2076 ATW_WRITE(sc, ATW_MAR0, hashes[0]); 2077 ATW_WRITE(sc, ATW_MAR1, hashes[1]); 2078 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2079 DELAY(atw_nar_delay); 2080 ATW_WRITE(sc, ATW_RDR, 0x1); 2081 2082 DPRINTF(sc, ("%s: ATW_NAR %08x opmode %08x\n", sc->sc_dev.dv_xname, 2083 ATW_READ(sc, ATW_NAR), sc->sc_opmode)); 2084 } 2085 2086 /* Tell the ADM8211 our preferred BSSID. The ADM8211 must match 2087 * a beacon's BSSID and SSID against the preferred BSSID and SSID 2088 * before it will raise ATW_INTR_LINKON. When the ADM8211 receives 2089 * no beacon with the preferred BSSID and SSID in the number of 2090 * beacon intervals given in ATW_BPLI, then it raises ATW_INTR_LINKOFF. 2091 */ 2092 static void 2093 atw_write_bssid(struct atw_softc *sc) 2094 { 2095 struct ieee80211com *ic = &sc->sc_ic; 2096 u_int8_t *bssid; 2097 2098 bssid = ic->ic_bss->ni_bssid; 2099 2100 ATW_WRITE(sc, ATW_BSSID0, 2101 __SHIFTIN(bssid[0], ATW_BSSID0_BSSIDB0_MASK) | 2102 __SHIFTIN(bssid[1], ATW_BSSID0_BSSIDB1_MASK) | 2103 __SHIFTIN(bssid[2], ATW_BSSID0_BSSIDB2_MASK) | 2104 __SHIFTIN(bssid[3], ATW_BSSID0_BSSIDB3_MASK)); 2105 2106 ATW_WRITE(sc, ATW_ABDA1, 2107 (ATW_READ(sc, ATW_ABDA1) & 2108 ~(ATW_ABDA1_BSSIDB4_MASK|ATW_ABDA1_BSSIDB5_MASK)) | 2109 __SHIFTIN(bssid[4], ATW_ABDA1_BSSIDB4_MASK) | 2110 __SHIFTIN(bssid[5], ATW_ABDA1_BSSIDB5_MASK)); 2111 2112 DPRINTF(sc, ("%s: BSSID %s -> ", sc->sc_dev.dv_xname, 2113 ether_sprintf(sc->sc_bssid))); 2114 DPRINTF(sc, ("%s\n", ether_sprintf(bssid))); 2115 2116 memcpy(sc->sc_bssid, bssid, sizeof(sc->sc_bssid)); 2117 } 2118 2119 /* Write buflen bytes from buf to SRAM starting at the SRAM's ofs'th 2120 * 16-bit word. 2121 */ 2122 static void 2123 atw_write_sram(struct atw_softc *sc, u_int ofs, u_int8_t *buf, u_int buflen) 2124 { 2125 u_int i; 2126 u_int8_t *ptr; 2127 2128 memcpy(&sc->sc_sram[ofs], buf, buflen); 2129 2130 KASSERT(ofs % 2 == 0 && buflen % 2 == 0); 2131 2132 KASSERT(buflen + ofs <= sc->sc_sramlen); 2133 2134 ptr = &sc->sc_sram[ofs]; 2135 2136 for (i = 0; i < buflen; i += 2) { 2137 ATW_WRITE(sc, ATW_WEPCTL, ATW_WEPCTL_WR | 2138 __SHIFTIN((ofs + i) / 2, ATW_WEPCTL_TBLADD_MASK)); 2139 DELAY(atw_writewep_delay); 2140 2141 ATW_WRITE(sc, ATW_WESK, 2142 __SHIFTIN((ptr[i + 1] << 8) | ptr[i], ATW_WESK_DATA_MASK)); 2143 DELAY(atw_writewep_delay); 2144 } 2145 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); /* restore WEP condition */ 2146 2147 if (sc->sc_if.if_flags & IFF_DEBUG) { 2148 int n_octets = 0; 2149 printf("%s: wrote %d bytes at 0x%x wepctl 0x%08x\n", 2150 sc->sc_dev.dv_xname, buflen, ofs, sc->sc_wepctl); 2151 for (i = 0; i < buflen; i++) { 2152 printf(" %02x", ptr[i]); 2153 if (++n_octets % 24 == 0) 2154 printf("\n"); 2155 } 2156 if (n_octets % 24 != 0) 2157 printf("\n"); 2158 } 2159 } 2160 2161 static int 2162 atw_key_delete(struct ieee80211com *ic, const struct ieee80211_key *k) 2163 { 2164 struct atw_softc *sc = ic->ic_ifp->if_softc; 2165 u_int keyix = k->wk_keyix; 2166 2167 DPRINTF(sc, ("%s: delete key %u\n", __func__, keyix)); 2168 2169 if (keyix >= IEEE80211_WEP_NKID) 2170 return 0; 2171 if (k->wk_keylen != 0) 2172 sc->sc_flags &= ~ATWF_WEP_SRAM_VALID; 2173 2174 return 1; 2175 } 2176 2177 static int 2178 atw_key_set(struct ieee80211com *ic, const struct ieee80211_key *k, 2179 const u_int8_t mac[IEEE80211_ADDR_LEN]) 2180 { 2181 struct atw_softc *sc = ic->ic_ifp->if_softc; 2182 2183 DPRINTF(sc, ("%s: set key %u\n", __func__, k->wk_keyix)); 2184 2185 if (k->wk_keyix >= IEEE80211_WEP_NKID) 2186 return 0; 2187 2188 sc->sc_flags &= ~ATWF_WEP_SRAM_VALID; 2189 2190 return 1; 2191 } 2192 2193 static void 2194 atw_key_update_begin(struct ieee80211com *ic) 2195 { 2196 #ifdef ATW_DEBUG 2197 struct ifnet *ifp = ic->ic_ifp; 2198 struct atw_softc *sc = ifp->if_softc; 2199 #endif 2200 2201 DPRINTF(sc, ("%s:\n", __func__)); 2202 } 2203 2204 static void 2205 atw_key_update_end(struct ieee80211com *ic) 2206 { 2207 struct ifnet *ifp = ic->ic_ifp; 2208 struct atw_softc *sc = ifp->if_softc; 2209 2210 DPRINTF(sc, ("%s:\n", __func__)); 2211 2212 if ((sc->sc_flags & ATWF_WEP_SRAM_VALID) != 0) 2213 return; 2214 if (ATW_IS_ENABLED(sc) == 0) 2215 return; 2216 atw_idle(sc, ATW_NAR_SR | ATW_NAR_ST); 2217 atw_write_wep(sc); 2218 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2219 DELAY(atw_nar_delay); 2220 ATW_WRITE(sc, ATW_RDR, 0x1); 2221 } 2222 2223 /* Write WEP keys from the ieee80211com to the ADM8211's SRAM. */ 2224 static void 2225 atw_write_wep(struct atw_softc *sc) 2226 { 2227 #if 0 2228 struct ieee80211com *ic = &sc->sc_ic; 2229 u_int32_t reg; 2230 int i; 2231 #endif 2232 /* SRAM shared-key record format: key0 flags key1 ... key12 */ 2233 u_int8_t buf[IEEE80211_WEP_NKID] 2234 [1 /* key[0] */ + 1 /* flags */ + 12 /* key[1 .. 12] */]; 2235 2236 sc->sc_wepctl = 0; 2237 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); 2238 2239 memset(&buf[0][0], 0, sizeof(buf)); 2240 2241 #if 0 2242 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2243 if (ic->ic_nw_keys[i].wk_keylen > 5) { 2244 buf[i][1] = ATW_WEP_ENABLED | ATW_WEP_104BIT; 2245 } else if (ic->ic_nw_keys[i].wk_keylen != 0) { 2246 buf[i][1] = ATW_WEP_ENABLED; 2247 } else { 2248 buf[i][1] = 0; 2249 continue; 2250 } 2251 buf[i][0] = ic->ic_nw_keys[i].wk_key[0]; 2252 memcpy(&buf[i][2], &ic->ic_nw_keys[i].wk_key[1], 2253 ic->ic_nw_keys[i].wk_keylen - 1); 2254 } 2255 2256 reg = ATW_READ(sc, ATW_MACTEST); 2257 reg |= ATW_MACTEST_MMI_USETXCLK | ATW_MACTEST_FORCE_KEYID; 2258 reg &= ~ATW_MACTEST_KEYID_MASK; 2259 reg |= __SHIFTIN(ic->ic_def_txkey, ATW_MACTEST_KEYID_MASK); 2260 ATW_WRITE(sc, ATW_MACTEST, reg); 2261 2262 if ((ic->ic_flags & IEEE80211_F_PRIVACY) != 0) 2263 sc->sc_wepctl |= ATW_WEPCTL_WEPENABLE; 2264 2265 switch (sc->sc_rev) { 2266 case ATW_REVISION_AB: 2267 case ATW_REVISION_AF: 2268 /* Bypass WEP on Rx. */ 2269 sc->sc_wepctl |= ATW_WEPCTL_WEPRXBYP; 2270 break; 2271 default: 2272 break; 2273 } 2274 #endif 2275 2276 atw_write_sram(sc, ATW_SRAM_ADDR_SHARED_KEY, (u_int8_t*)&buf[0][0], 2277 sizeof(buf)); 2278 2279 sc->sc_flags |= ATWF_WEP_SRAM_VALID; 2280 } 2281 2282 static void 2283 atw_recv_mgmt(struct ieee80211com *ic, struct mbuf *m, 2284 struct ieee80211_node *ni, int subtype, int rssi, u_int32_t rstamp) 2285 { 2286 struct atw_softc *sc = (struct atw_softc *)ic->ic_ifp->if_softc; 2287 2288 /* The ADM8211A answers probe requests. TBD ADM8211B/C. */ 2289 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_REQ) 2290 return; 2291 2292 (*sc->sc_recv_mgmt)(ic, m, ni, subtype, rssi, rstamp); 2293 2294 switch (subtype) { 2295 case IEEE80211_FC0_SUBTYPE_PROBE_RESP: 2296 case IEEE80211_FC0_SUBTYPE_BEACON: 2297 if (ic->ic_opmode == IEEE80211_M_IBSS && 2298 ic->ic_state == IEEE80211_S_RUN) { 2299 if (le64toh(ni->ni_tstamp.tsf) >= atw_get_tsft(sc)) 2300 (void)ieee80211_ibss_merge(ni); 2301 } 2302 break; 2303 default: 2304 break; 2305 } 2306 return; 2307 } 2308 2309 /* Write the SSID in the ieee80211com to the SRAM on the ADM8211. 2310 * In ad hoc mode, the SSID is written to the beacons sent by the 2311 * ADM8211. In both ad hoc and infrastructure mode, beacons received 2312 * with matching SSID affect ATW_INTR_LINKON/ATW_INTR_LINKOFF 2313 * indications. 2314 */ 2315 static void 2316 atw_write_ssid(struct atw_softc *sc) 2317 { 2318 struct ieee80211com *ic = &sc->sc_ic; 2319 /* 34 bytes are reserved in ADM8211 SRAM for the SSID, but 2320 * it only expects the element length, not its ID. 2321 */ 2322 u_int8_t buf[roundup(1 /* length */ + IEEE80211_NWID_LEN, 2)]; 2323 2324 memset(buf, 0, sizeof(buf)); 2325 buf[0] = ic->ic_bss->ni_esslen; 2326 memcpy(&buf[1], ic->ic_bss->ni_essid, ic->ic_bss->ni_esslen); 2327 2328 atw_write_sram(sc, ATW_SRAM_ADDR_SSID, buf, 2329 roundup(1 + ic->ic_bss->ni_esslen, 2)); 2330 } 2331 2332 /* Write the supported rates in the ieee80211com to the SRAM of the ADM8211. 2333 * In ad hoc mode, the supported rates are written to beacons sent by the 2334 * ADM8211. 2335 */ 2336 static void 2337 atw_write_sup_rates(struct atw_softc *sc) 2338 { 2339 struct ieee80211com *ic = &sc->sc_ic; 2340 /* 14 bytes are probably (XXX) reserved in the ADM8211 SRAM for 2341 * supported rates 2342 */ 2343 u_int8_t buf[roundup(1 /* length */ + IEEE80211_RATE_SIZE, 2)]; 2344 2345 memset(buf, 0, sizeof(buf)); 2346 2347 buf[0] = ic->ic_bss->ni_rates.rs_nrates; 2348 2349 memcpy(&buf[1], ic->ic_bss->ni_rates.rs_rates, 2350 ic->ic_bss->ni_rates.rs_nrates); 2351 2352 atw_write_sram(sc, ATW_SRAM_ADDR_SUPRATES, buf, sizeof(buf)); 2353 } 2354 2355 /* Start/stop sending beacons. */ 2356 void 2357 atw_start_beacon(struct atw_softc *sc, int start) 2358 { 2359 struct ieee80211com *ic = &sc->sc_ic; 2360 uint16_t chan; 2361 uint32_t bcnt, bpli, cap0, cap1, capinfo; 2362 size_t len; 2363 2364 if (ATW_IS_ENABLED(sc) == 0) 2365 return; 2366 2367 /* start beacons */ 2368 len = sizeof(struct ieee80211_frame) + 2369 8 /* timestamp */ + 2 /* beacon interval */ + 2370 2 /* capability info */ + 2371 2 + ic->ic_bss->ni_esslen /* SSID element */ + 2372 2 + ic->ic_bss->ni_rates.rs_nrates /* rates element */ + 2373 3 /* DS parameters */ + 2374 IEEE80211_CRC_LEN; 2375 2376 bcnt = ATW_READ(sc, ATW_BCNT) & ~ATW_BCNT_BCNT_MASK; 2377 cap0 = ATW_READ(sc, ATW_CAP0) & ~ATW_CAP0_CHN_MASK; 2378 cap1 = ATW_READ(sc, ATW_CAP1) & ~ATW_CAP1_CAPI_MASK; 2379 2380 ATW_WRITE(sc, ATW_BCNT, bcnt); 2381 ATW_WRITE(sc, ATW_CAP1, cap1); 2382 2383 if (!start) 2384 return; 2385 2386 /* TBD use ni_capinfo */ 2387 2388 capinfo = 0; 2389 if (sc->sc_flags & ATWF_SHORT_PREAMBLE) 2390 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2391 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2392 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2393 2394 switch (ic->ic_opmode) { 2395 case IEEE80211_M_IBSS: 2396 len += 4; /* IBSS parameters */ 2397 capinfo |= IEEE80211_CAPINFO_IBSS; 2398 break; 2399 case IEEE80211_M_HOSTAP: 2400 /* XXX 6-byte minimum TIM */ 2401 len += atw_beacon_len_adjust; 2402 capinfo |= IEEE80211_CAPINFO_ESS; 2403 break; 2404 default: 2405 return; 2406 } 2407 2408 /* set listen interval 2409 * XXX do software units agree w/ hardware? 2410 */ 2411 bpli = __SHIFTIN(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2412 __SHIFTIN(ic->ic_lintval / ic->ic_bss->ni_intval, ATW_BPLI_LI_MASK); 2413 2414 chan = ieee80211_chan2ieee(ic, ic->ic_curchan); 2415 2416 bcnt |= __SHIFTIN(len, ATW_BCNT_BCNT_MASK); 2417 cap0 |= __SHIFTIN(chan, ATW_CAP0_CHN_MASK); 2418 cap1 |= __SHIFTIN(capinfo, ATW_CAP1_CAPI_MASK); 2419 2420 ATW_WRITE(sc, ATW_BCNT, bcnt); 2421 ATW_WRITE(sc, ATW_BPLI, bpli); 2422 ATW_WRITE(sc, ATW_CAP0, cap0); 2423 ATW_WRITE(sc, ATW_CAP1, cap1); 2424 2425 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_BCNT] = %08x\n", 2426 sc->sc_dev.dv_xname, bcnt)); 2427 2428 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_CAP1] = %08x\n", 2429 sc->sc_dev.dv_xname, cap1)); 2430 } 2431 2432 /* Return the 32 lsb of the last TSFT divisible by ival. */ 2433 static inline uint32_t 2434 atw_last_even_tsft(uint32_t tsfth, uint32_t tsftl, uint32_t ival) 2435 { 2436 /* Following the reference driver's lead, I compute 2437 * 2438 * (uint32_t)((((uint64_t)tsfth << 32) | tsftl) % ival) 2439 * 2440 * without using 64-bit arithmetic, using the following 2441 * relationship: 2442 * 2443 * (0x100000000 * H + L) % m 2444 * = ((0x100000000 % m) * H + L) % m 2445 * = (((0xffffffff + 1) % m) * H + L) % m 2446 * = ((0xffffffff % m + 1 % m) * H + L) % m 2447 * = ((0xffffffff % m + 1) * H + L) % m 2448 */ 2449 return ((0xFFFFFFFF % ival + 1) * tsfth + tsftl) % ival; 2450 } 2451 2452 static uint64_t 2453 atw_get_tsft(struct atw_softc *sc) 2454 { 2455 int i; 2456 uint32_t tsfth, tsftl; 2457 for (i = 0; i < 2; i++) { 2458 tsfth = ATW_READ(sc, ATW_TSFTH); 2459 tsftl = ATW_READ(sc, ATW_TSFTL); 2460 if (ATW_READ(sc, ATW_TSFTH) == tsfth) 2461 break; 2462 } 2463 return ((uint64_t)tsfth << 32) | tsftl; 2464 } 2465 2466 /* If we've created an IBSS, write the TSF time in the ADM8211 to 2467 * the ieee80211com. 2468 * 2469 * Predict the next target beacon transmission time (TBTT) and 2470 * write it to the ADM8211. 2471 */ 2472 static void 2473 atw_predict_beacon(struct atw_softc *sc) 2474 { 2475 #define TBTTOFS 20 /* TU */ 2476 2477 struct ieee80211com *ic = &sc->sc_ic; 2478 uint64_t tsft; 2479 uint32_t ival, past_even, tbtt, tsfth, tsftl; 2480 union { 2481 uint64_t word; 2482 uint8_t tstamp[8]; 2483 } u; 2484 2485 if ((ic->ic_opmode == IEEE80211_M_HOSTAP) || 2486 ((ic->ic_opmode == IEEE80211_M_IBSS) && 2487 (ic->ic_flags & IEEE80211_F_SIBSS))) { 2488 tsft = atw_get_tsft(sc); 2489 u.word = htole64(tsft); 2490 (void)memcpy(&ic->ic_bss->ni_tstamp, &u.tstamp[0], 2491 sizeof(ic->ic_bss->ni_tstamp)); 2492 } else 2493 tsft = le64toh(ic->ic_bss->ni_tstamp.tsf); 2494 2495 ival = ic->ic_bss->ni_intval * IEEE80211_DUR_TU; 2496 2497 tsftl = tsft & 0xFFFFFFFF; 2498 tsfth = tsft >> 32; 2499 2500 /* We sent/received the last beacon `past' microseconds 2501 * after the interval divided the TSF timer. 2502 */ 2503 past_even = tsftl - atw_last_even_tsft(tsfth, tsftl, ival); 2504 2505 /* Skip ten beacons so that the TBTT cannot pass before 2506 * we've programmed it. Ten is an arbitrary number. 2507 */ 2508 tbtt = past_even + ival * 10; 2509 2510 ATW_WRITE(sc, ATW_TOFS1, 2511 __SHIFTIN(1, ATW_TOFS1_TSFTOFSR_MASK) | 2512 __SHIFTIN(TBTTOFS, ATW_TOFS1_TBTTOFS_MASK) | 2513 __SHIFTIN(__SHIFTOUT(tbtt - TBTTOFS * IEEE80211_DUR_TU, 2514 ATW_TBTTPRE_MASK), ATW_TOFS1_TBTTPRE_MASK)); 2515 #undef TBTTOFS 2516 } 2517 2518 static void 2519 atw_next_scan(void *arg) 2520 { 2521 struct atw_softc *sc = arg; 2522 struct ieee80211com *ic = &sc->sc_ic; 2523 int s; 2524 2525 /* don't call atw_start w/o network interrupts blocked */ 2526 s = splnet(); 2527 if (ic->ic_state == IEEE80211_S_SCAN) 2528 ieee80211_next_scan(ic); 2529 splx(s); 2530 } 2531 2532 /* Synchronize the hardware state with the software state. */ 2533 static int 2534 atw_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 2535 { 2536 struct ifnet *ifp = ic->ic_ifp; 2537 struct atw_softc *sc = ifp->if_softc; 2538 enum ieee80211_state ostate; 2539 int error = 0; 2540 2541 ostate = ic->ic_state; 2542 callout_stop(&sc->sc_scan_ch); 2543 2544 switch (nstate) { 2545 case IEEE80211_S_AUTH: 2546 case IEEE80211_S_ASSOC: 2547 atw_write_bssid(sc); 2548 error = atw_tune(sc); 2549 break; 2550 case IEEE80211_S_INIT: 2551 callout_stop(&sc->sc_scan_ch); 2552 sc->sc_cur_chan = IEEE80211_CHAN_ANY; 2553 atw_start_beacon(sc, 0); 2554 break; 2555 case IEEE80211_S_SCAN: 2556 error = atw_tune(sc); 2557 callout_reset(&sc->sc_scan_ch, atw_dwelltime * hz / 1000, 2558 atw_next_scan, sc); 2559 break; 2560 case IEEE80211_S_RUN: 2561 error = atw_tune(sc); 2562 atw_write_bssid(sc); 2563 atw_write_ssid(sc); 2564 atw_write_sup_rates(sc); 2565 2566 if (ic->ic_opmode == IEEE80211_M_AHDEMO || 2567 ic->ic_opmode == IEEE80211_M_MONITOR) 2568 break; 2569 2570 /* set listen interval 2571 * XXX do software units agree w/ hardware? 2572 */ 2573 ATW_WRITE(sc, ATW_BPLI, 2574 __SHIFTIN(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2575 __SHIFTIN(ic->ic_lintval / ic->ic_bss->ni_intval, 2576 ATW_BPLI_LI_MASK)); 2577 2578 DPRINTF(sc, ("%s: reg[ATW_BPLI] = %08x\n", sc->sc_dev.dv_xname, 2579 ATW_READ(sc, ATW_BPLI))); 2580 2581 atw_predict_beacon(sc); 2582 2583 switch (ic->ic_opmode) { 2584 case IEEE80211_M_AHDEMO: 2585 case IEEE80211_M_HOSTAP: 2586 case IEEE80211_M_IBSS: 2587 atw_start_beacon(sc, 1); 2588 break; 2589 case IEEE80211_M_MONITOR: 2590 case IEEE80211_M_STA: 2591 break; 2592 } 2593 2594 break; 2595 } 2596 return (error != 0) ? error : (*sc->sc_newstate)(ic, nstate, arg); 2597 } 2598 2599 /* 2600 * atw_add_rxbuf: 2601 * 2602 * Add a receive buffer to the indicated descriptor. 2603 */ 2604 int 2605 atw_add_rxbuf(struct atw_softc *sc, int idx) 2606 { 2607 struct atw_rxsoft *rxs = &sc->sc_rxsoft[idx]; 2608 struct mbuf *m; 2609 int error; 2610 2611 MGETHDR(m, M_DONTWAIT, MT_DATA); 2612 if (m == NULL) 2613 return (ENOBUFS); 2614 2615 MCLGET(m, M_DONTWAIT); 2616 if ((m->m_flags & M_EXT) == 0) { 2617 m_freem(m); 2618 return (ENOBUFS); 2619 } 2620 2621 if (rxs->rxs_mbuf != NULL) 2622 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2623 2624 rxs->rxs_mbuf = m; 2625 2626 error = bus_dmamap_load(sc->sc_dmat, rxs->rxs_dmamap, 2627 m->m_ext.ext_buf, m->m_ext.ext_size, NULL, 2628 BUS_DMA_READ|BUS_DMA_NOWAIT); 2629 if (error) { 2630 printf("%s: can't load rx DMA map %d, error = %d\n", 2631 sc->sc_dev.dv_xname, idx, error); 2632 panic("atw_add_rxbuf"); /* XXX */ 2633 } 2634 2635 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 2636 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 2637 2638 atw_init_rxdesc(sc, idx); 2639 2640 return (0); 2641 } 2642 2643 /* 2644 * Release any queued transmit buffers. 2645 */ 2646 void 2647 atw_txdrain(struct atw_softc *sc) 2648 { 2649 struct atw_txsoft *txs; 2650 2651 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 2652 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 2653 if (txs->txs_mbuf != NULL) { 2654 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2655 m_freem(txs->txs_mbuf); 2656 txs->txs_mbuf = NULL; 2657 } 2658 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 2659 sc->sc_txfree += txs->txs_ndescs; 2660 } 2661 2662 KASSERT((sc->sc_if.if_flags & IFF_RUNNING) == 0 || 2663 !(SIMPLEQ_EMPTY(&sc->sc_txfreeq) || 2664 sc->sc_txfree != ATW_NTXDESC)); 2665 sc->sc_if.if_flags &= ~IFF_OACTIVE; 2666 sc->sc_tx_timer = 0; 2667 } 2668 2669 /* 2670 * atw_stop: [ ifnet interface function ] 2671 * 2672 * Stop transmission on the interface. 2673 */ 2674 void 2675 atw_stop(struct ifnet *ifp, int disable) 2676 { 2677 struct atw_softc *sc = ifp->if_softc; 2678 struct ieee80211com *ic = &sc->sc_ic; 2679 2680 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2681 2682 /* Disable interrupts. */ 2683 ATW_WRITE(sc, ATW_IER, 0); 2684 2685 /* Stop the transmit and receive processes. */ 2686 sc->sc_opmode = 0; 2687 ATW_WRITE(sc, ATW_NAR, 0); 2688 DELAY(atw_nar_delay); 2689 ATW_WRITE(sc, ATW_TDBD, 0); 2690 ATW_WRITE(sc, ATW_TDBP, 0); 2691 ATW_WRITE(sc, ATW_RDB, 0); 2692 2693 atw_txdrain(sc); 2694 2695 if (disable) { 2696 atw_rxdrain(sc); 2697 atw_disable(sc); 2698 } 2699 2700 /* 2701 * Mark the interface down and cancel the watchdog timer. 2702 */ 2703 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2704 sc->sc_tx_timer = 0; 2705 ifp->if_timer = 0; 2706 2707 if (!disable) 2708 atw_reset(sc); 2709 } 2710 2711 /* 2712 * atw_rxdrain: 2713 * 2714 * Drain the receive queue. 2715 */ 2716 void 2717 atw_rxdrain(struct atw_softc *sc) 2718 { 2719 struct atw_rxsoft *rxs; 2720 int i; 2721 2722 for (i = 0; i < ATW_NRXDESC; i++) { 2723 rxs = &sc->sc_rxsoft[i]; 2724 if (rxs->rxs_mbuf == NULL) 2725 continue; 2726 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2727 m_freem(rxs->rxs_mbuf); 2728 rxs->rxs_mbuf = NULL; 2729 } 2730 } 2731 2732 /* 2733 * atw_detach: 2734 * 2735 * Detach an ADM8211 interface. 2736 */ 2737 int 2738 atw_detach(struct atw_softc *sc) 2739 { 2740 struct ifnet *ifp = &sc->sc_if; 2741 struct atw_rxsoft *rxs; 2742 struct atw_txsoft *txs; 2743 int i; 2744 2745 /* 2746 * Succeed now if there isn't any work to do. 2747 */ 2748 if ((sc->sc_flags & ATWF_ATTACHED) == 0) 2749 return (0); 2750 2751 callout_stop(&sc->sc_scan_ch); 2752 2753 ieee80211_ifdetach(&sc->sc_ic); 2754 if_detach(ifp); 2755 2756 for (i = 0; i < ATW_NRXDESC; i++) { 2757 rxs = &sc->sc_rxsoft[i]; 2758 if (rxs->rxs_mbuf != NULL) { 2759 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2760 m_freem(rxs->rxs_mbuf); 2761 rxs->rxs_mbuf = NULL; 2762 } 2763 bus_dmamap_destroy(sc->sc_dmat, rxs->rxs_dmamap); 2764 } 2765 for (i = 0; i < ATW_TXQUEUELEN; i++) { 2766 txs = &sc->sc_txsoft[i]; 2767 if (txs->txs_mbuf != NULL) { 2768 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2769 m_freem(txs->txs_mbuf); 2770 txs->txs_mbuf = NULL; 2771 } 2772 bus_dmamap_destroy(sc->sc_dmat, txs->txs_dmamap); 2773 } 2774 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 2775 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 2776 bus_dmamem_unmap(sc->sc_dmat, (void *)sc->sc_control_data, 2777 sizeof(struct atw_control_data)); 2778 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 2779 2780 shutdownhook_disestablish(sc->sc_sdhook); 2781 powerhook_disestablish(sc->sc_powerhook); 2782 2783 if (sc->sc_srom) 2784 free(sc->sc_srom, M_DEVBUF); 2785 2786 atw_evcnt_detach(sc); 2787 2788 return (0); 2789 } 2790 2791 /* atw_shutdown: make sure the interface is stopped at reboot time. */ 2792 void 2793 atw_shutdown(void *arg) 2794 { 2795 struct atw_softc *sc = arg; 2796 2797 atw_stop(&sc->sc_if, 1); 2798 } 2799 2800 int 2801 atw_intr(void *arg) 2802 { 2803 struct atw_softc *sc = arg; 2804 struct ifnet *ifp = &sc->sc_if; 2805 u_int32_t status, rxstatus, txstatus, linkstatus; 2806 int handled = 0, txthresh; 2807 2808 #ifdef DEBUG 2809 if (ATW_IS_ENABLED(sc) == 0) 2810 panic("%s: atw_intr: not enabled", sc->sc_dev.dv_xname); 2811 #endif 2812 2813 /* 2814 * If the interface isn't running, the interrupt couldn't 2815 * possibly have come from us. 2816 */ 2817 if ((ifp->if_flags & IFF_RUNNING) == 0 || 2818 !device_is_active(&sc->sc_dev)) 2819 return (0); 2820 2821 for (;;) { 2822 status = ATW_READ(sc, ATW_STSR); 2823 2824 if (status) 2825 ATW_WRITE(sc, ATW_STSR, status); 2826 2827 #ifdef ATW_DEBUG 2828 #define PRINTINTR(flag) do { \ 2829 if ((status & flag) != 0) { \ 2830 printf("%s" #flag, delim); \ 2831 delim = ","; \ 2832 } \ 2833 } while (0) 2834 2835 if (atw_debug > 1 && status) { 2836 const char *delim = "<"; 2837 2838 printf("%s: reg[STSR] = %x", 2839 sc->sc_dev.dv_xname, status); 2840 2841 PRINTINTR(ATW_INTR_FBE); 2842 PRINTINTR(ATW_INTR_LINKOFF); 2843 PRINTINTR(ATW_INTR_LINKON); 2844 PRINTINTR(ATW_INTR_RCI); 2845 PRINTINTR(ATW_INTR_RDU); 2846 PRINTINTR(ATW_INTR_REIS); 2847 PRINTINTR(ATW_INTR_RPS); 2848 PRINTINTR(ATW_INTR_TCI); 2849 PRINTINTR(ATW_INTR_TDU); 2850 PRINTINTR(ATW_INTR_TLT); 2851 PRINTINTR(ATW_INTR_TPS); 2852 PRINTINTR(ATW_INTR_TRT); 2853 PRINTINTR(ATW_INTR_TUF); 2854 PRINTINTR(ATW_INTR_BCNTC); 2855 PRINTINTR(ATW_INTR_ATIME); 2856 PRINTINTR(ATW_INTR_TBTT); 2857 PRINTINTR(ATW_INTR_TSCZ); 2858 PRINTINTR(ATW_INTR_TSFTF); 2859 printf(">\n"); 2860 } 2861 #undef PRINTINTR 2862 #endif /* ATW_DEBUG */ 2863 2864 if ((status & sc->sc_inten) == 0) 2865 break; 2866 2867 handled = 1; 2868 2869 rxstatus = status & sc->sc_rxint_mask; 2870 txstatus = status & sc->sc_txint_mask; 2871 linkstatus = status & sc->sc_linkint_mask; 2872 2873 if (linkstatus) { 2874 atw_linkintr(sc, linkstatus); 2875 } 2876 2877 if (rxstatus) { 2878 /* Grab any new packets. */ 2879 atw_rxintr(sc); 2880 2881 if (rxstatus & ATW_INTR_RDU) { 2882 printf("%s: receive ring overrun\n", 2883 sc->sc_dev.dv_xname); 2884 /* Get the receive process going again. */ 2885 ATW_WRITE(sc, ATW_RDR, 0x1); 2886 break; 2887 } 2888 } 2889 2890 if (txstatus) { 2891 /* Sweep up transmit descriptors. */ 2892 atw_txintr(sc); 2893 2894 if (txstatus & ATW_INTR_TLT) { 2895 DPRINTF(sc, ("%s: tx lifetime exceeded\n", 2896 sc->sc_dev.dv_xname)); 2897 } 2898 2899 if (txstatus & ATW_INTR_TRT) { 2900 DPRINTF(sc, ("%s: tx retry limit exceeded\n", 2901 sc->sc_dev.dv_xname)); 2902 } 2903 2904 /* If Tx under-run, increase our transmit threshold 2905 * if another is available. 2906 */ 2907 txthresh = sc->sc_txthresh + 1; 2908 if ((txstatus & ATW_INTR_TUF) && 2909 sc->sc_txth[txthresh].txth_name != NULL) { 2910 /* Idle the transmit process. */ 2911 atw_idle(sc, ATW_NAR_ST); 2912 2913 sc->sc_txthresh = txthresh; 2914 sc->sc_opmode &= ~(ATW_NAR_TR_MASK|ATW_NAR_SF); 2915 sc->sc_opmode |= 2916 sc->sc_txth[txthresh].txth_opmode; 2917 printf("%s: transmit underrun; new " 2918 "threshold: %s\n", sc->sc_dev.dv_xname, 2919 sc->sc_txth[txthresh].txth_name); 2920 2921 /* Set the new threshold and restart 2922 * the transmit process. 2923 */ 2924 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2925 DELAY(atw_nar_delay); 2926 ATW_WRITE(sc, ATW_RDR, 0x1); 2927 /* XXX Log every Nth underrun from 2928 * XXX now on? 2929 */ 2930 } 2931 } 2932 2933 if (status & (ATW_INTR_TPS|ATW_INTR_RPS)) { 2934 if (status & ATW_INTR_TPS) 2935 printf("%s: transmit process stopped\n", 2936 sc->sc_dev.dv_xname); 2937 if (status & ATW_INTR_RPS) 2938 printf("%s: receive process stopped\n", 2939 sc->sc_dev.dv_xname); 2940 (void)atw_init(ifp); 2941 break; 2942 } 2943 2944 if (status & ATW_INTR_FBE) { 2945 printf("%s: fatal bus error\n", sc->sc_dev.dv_xname); 2946 (void)atw_init(ifp); 2947 break; 2948 } 2949 2950 /* 2951 * Not handled: 2952 * 2953 * Transmit buffer unavailable -- normal 2954 * condition, nothing to do, really. 2955 * 2956 * Early receive interrupt -- not available on 2957 * all chips, we just use RI. We also only 2958 * use single-segment receive DMA, so this 2959 * is mostly useless. 2960 * 2961 * TBD others 2962 */ 2963 } 2964 2965 /* Try to get more packets going. */ 2966 atw_start(ifp); 2967 2968 return (handled); 2969 } 2970 2971 /* 2972 * atw_idle: 2973 * 2974 * Cause the transmit and/or receive processes to go idle. 2975 * 2976 * XXX It seems that the ADM8211 will not signal the end of the Rx/Tx 2977 * process in STSR if I clear SR or ST after the process has already 2978 * ceased. Fair enough. But the Rx process status bits in ATW_TEST0 2979 * do not seem to be too reliable. Perhaps I have the sense of the 2980 * Rx bits switched with the Tx bits? 2981 */ 2982 void 2983 atw_idle(struct atw_softc *sc, u_int32_t bits) 2984 { 2985 u_int32_t ackmask = 0, opmode, stsr, test0; 2986 int i, s; 2987 2988 s = splnet(); 2989 2990 opmode = sc->sc_opmode & ~bits; 2991 2992 if (bits & ATW_NAR_SR) 2993 ackmask |= ATW_INTR_RPS; 2994 2995 if (bits & ATW_NAR_ST) { 2996 ackmask |= ATW_INTR_TPS; 2997 /* set ATW_NAR_HF to flush TX FIFO. */ 2998 opmode |= ATW_NAR_HF; 2999 } 3000 3001 ATW_WRITE(sc, ATW_NAR, opmode); 3002 DELAY(atw_nar_delay); 3003 3004 for (i = 0; i < 1000; i++) { 3005 stsr = ATW_READ(sc, ATW_STSR); 3006 if ((stsr & ackmask) == ackmask) 3007 break; 3008 DELAY(10); 3009 } 3010 3011 ATW_WRITE(sc, ATW_STSR, stsr & ackmask); 3012 3013 if ((stsr & ackmask) == ackmask) 3014 goto out; 3015 3016 test0 = ATW_READ(sc, ATW_TEST0); 3017 3018 if ((bits & ATW_NAR_ST) != 0 && (stsr & ATW_INTR_TPS) == 0 && 3019 (test0 & ATW_TEST0_TS_MASK) != ATW_TEST0_TS_STOPPED) { 3020 printf("%s: transmit process not idle [%s]\n", 3021 sc->sc_dev.dv_xname, 3022 atw_tx_state[__SHIFTOUT(test0, ATW_TEST0_TS_MASK)]); 3023 printf("%s: bits %08x test0 %08x stsr %08x\n", 3024 sc->sc_dev.dv_xname, bits, test0, stsr); 3025 } 3026 3027 if ((bits & ATW_NAR_SR) != 0 && (stsr & ATW_INTR_RPS) == 0 && 3028 (test0 & ATW_TEST0_RS_MASK) != ATW_TEST0_RS_STOPPED) { 3029 DPRINTF2(sc, ("%s: receive process not idle [%s]\n", 3030 sc->sc_dev.dv_xname, 3031 atw_rx_state[__SHIFTOUT(test0, ATW_TEST0_RS_MASK)])); 3032 DPRINTF2(sc, ("%s: bits %08x test0 %08x stsr %08x\n", 3033 sc->sc_dev.dv_xname, bits, test0, stsr)); 3034 } 3035 out: 3036 if ((bits & ATW_NAR_ST) != 0) 3037 atw_txdrain(sc); 3038 splx(s); 3039 return; 3040 } 3041 3042 /* 3043 * atw_linkintr: 3044 * 3045 * Helper; handle link-status interrupts. 3046 */ 3047 void 3048 atw_linkintr(struct atw_softc *sc, u_int32_t linkstatus) 3049 { 3050 struct ieee80211com *ic = &sc->sc_ic; 3051 3052 if (ic->ic_state != IEEE80211_S_RUN) 3053 return; 3054 3055 if (linkstatus & ATW_INTR_LINKON) { 3056 DPRINTF(sc, ("%s: link on\n", sc->sc_dev.dv_xname)); 3057 sc->sc_rescan_timer = 0; 3058 } else if (linkstatus & ATW_INTR_LINKOFF) { 3059 DPRINTF(sc, ("%s: link off\n", sc->sc_dev.dv_xname)); 3060 if (ic->ic_opmode != IEEE80211_M_STA) 3061 return; 3062 sc->sc_rescan_timer = 3; 3063 sc->sc_if.if_timer = 1; 3064 } 3065 } 3066 3067 static inline int 3068 atw_hw_decrypted(struct atw_softc *sc, struct ieee80211_frame_min *wh) 3069 { 3070 if ((sc->sc_ic.ic_flags & IEEE80211_F_PRIVACY) == 0) 3071 return 0; 3072 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) == 0) 3073 return 0; 3074 return (sc->sc_wepctl & ATW_WEPCTL_WEPRXBYP) == 0; 3075 } 3076 3077 /* 3078 * atw_rxintr: 3079 * 3080 * Helper; handle receive interrupts. 3081 */ 3082 void 3083 atw_rxintr(struct atw_softc *sc) 3084 { 3085 static int rate_tbl[] = {2, 4, 11, 22, 44}; 3086 struct ieee80211com *ic = &sc->sc_ic; 3087 struct ieee80211_node *ni; 3088 struct ieee80211_frame_min *wh; 3089 struct ifnet *ifp = &sc->sc_if; 3090 struct atw_rxsoft *rxs; 3091 struct mbuf *m; 3092 u_int32_t rxstat; 3093 int i, len, rate, rate0; 3094 u_int32_t rssi, ctlrssi; 3095 3096 for (i = sc->sc_rxptr;; i = ATW_NEXTRX(i)) { 3097 rxs = &sc->sc_rxsoft[i]; 3098 3099 ATW_CDRXSYNC(sc, i, BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3100 3101 rxstat = le32toh(sc->sc_rxdescs[i].ar_stat); 3102 ctlrssi = le32toh(sc->sc_rxdescs[i].ar_ctlrssi); 3103 rate0 = __SHIFTOUT(rxstat, ATW_RXSTAT_RXDR_MASK); 3104 3105 if (rxstat & ATW_RXSTAT_OWN) 3106 break; /* We have processed all receive buffers. */ 3107 3108 DPRINTF3(sc, 3109 ("%s: rx stat %08x ctlrssi %08x buf1 %08x buf2 %08x\n", 3110 sc->sc_dev.dv_xname, 3111 rxstat, ctlrssi, 3112 le32toh(sc->sc_rxdescs[i].ar_buf1), 3113 le32toh(sc->sc_rxdescs[i].ar_buf2))); 3114 3115 /* 3116 * Make sure the packet fits in one buffer. This should 3117 * always be the case. 3118 */ 3119 if ((rxstat & (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) != 3120 (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) { 3121 printf("%s: incoming packet spilled, resetting\n", 3122 sc->sc_dev.dv_xname); 3123 (void)atw_init(ifp); 3124 return; 3125 } 3126 3127 /* 3128 * If an error occurred, update stats, clear the status 3129 * word, and leave the packet buffer in place. It will 3130 * simply be reused the next time the ring comes around. 3131 */ 3132 if ((rxstat & (ATW_RXSTAT_DE | ATW_RXSTAT_RXTOE)) != 0) { 3133 #define PRINTERR(bit, str) \ 3134 if (rxstat & (bit)) \ 3135 printf("%s: receive error: %s\n", \ 3136 sc->sc_dev.dv_xname, str) 3137 ifp->if_ierrors++; 3138 PRINTERR(ATW_RXSTAT_DE, "descriptor error"); 3139 PRINTERR(ATW_RXSTAT_RXTOE, "time-out"); 3140 #if 0 3141 PRINTERR(ATW_RXSTAT_SFDE, "PLCP SFD error"); 3142 PRINTERR(ATW_RXSTAT_SIGE, "PLCP signal error"); 3143 PRINTERR(ATW_RXSTAT_CRC16E, "PLCP CRC16 error"); 3144 PRINTERR(ATW_RXSTAT_ICVE, "WEP ICV error"); 3145 #endif 3146 #undef PRINTERR 3147 atw_init_rxdesc(sc, i); 3148 continue; 3149 } 3150 3151 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3152 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 3153 3154 /* 3155 * No errors; receive the packet. Note the ADM8211 3156 * includes the CRC in promiscuous mode. 3157 */ 3158 len = __SHIFTOUT(rxstat, ATW_RXSTAT_FL_MASK); 3159 3160 /* 3161 * Allocate a new mbuf cluster. If that fails, we are 3162 * out of memory, and must drop the packet and recycle 3163 * the buffer that's already attached to this descriptor. 3164 */ 3165 m = rxs->rxs_mbuf; 3166 if (atw_add_rxbuf(sc, i) != 0) { 3167 ifp->if_ierrors++; 3168 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3169 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 3170 atw_init_rxdesc(sc, i); 3171 continue; 3172 } 3173 3174 ifp->if_ipackets++; 3175 m->m_pkthdr.rcvif = ifp; 3176 m->m_pkthdr.len = m->m_len = MIN(m->m_ext.ext_size, len); 3177 3178 rate = (rate0 < __arraycount(rate_tbl)) ? rate_tbl[rate0] : 0; 3179 3180 /* The RSSI comes straight from a register in the 3181 * baseband processor. I know that for the RF3000, 3182 * the RSSI register also contains the antenna-selection 3183 * bits. Mask those off. 3184 * 3185 * TBD Treat other basebands. 3186 * TBD Use short-preamble bit and such in RF3000_RXSTAT. 3187 */ 3188 if (sc->sc_bbptype == ATW_BBPTYPE_RFMD) 3189 rssi = ctlrssi & RF3000_RSSI_MASK; 3190 else 3191 rssi = ctlrssi; 3192 3193 #if NBPFILTER > 0 3194 /* Pass this up to any BPF listeners. */ 3195 if (sc->sc_radiobpf != NULL) { 3196 struct atw_rx_radiotap_header *tap = &sc->sc_rxtap; 3197 3198 tap->ar_rate = rate; 3199 3200 /* TBD verify units are dB */ 3201 tap->ar_antsignal = (int)rssi; 3202 if (sc->sc_opmode & ATW_NAR_PR) 3203 tap->ar_flags = IEEE80211_RADIOTAP_F_FCS; 3204 else 3205 tap->ar_flags = 0; 3206 3207 if ((rxstat & ATW_RXSTAT_CRC32E) != 0) 3208 tap->ar_flags |= IEEE80211_RADIOTAP_F_BADFCS; 3209 3210 bpf_mtap2(sc->sc_radiobpf, tap, 3211 sizeof(sc->sc_rxtapu), m); 3212 } 3213 #endif /* NBPFILTER > 0 */ 3214 3215 sc->sc_recv_ev.ev_count++; 3216 3217 if ((rxstat & (ATW_RXSTAT_CRC16E|ATW_RXSTAT_CRC32E|ATW_RXSTAT_ICVE|ATW_RXSTAT_SFDE|ATW_RXSTAT_SIGE)) != 0) { 3218 if (rxstat & ATW_RXSTAT_CRC16E) 3219 sc->sc_crc16e_ev.ev_count++; 3220 if (rxstat & ATW_RXSTAT_CRC32E) 3221 sc->sc_crc32e_ev.ev_count++; 3222 if (rxstat & ATW_RXSTAT_ICVE) 3223 sc->sc_icve_ev.ev_count++; 3224 if (rxstat & ATW_RXSTAT_SFDE) 3225 sc->sc_sfde_ev.ev_count++; 3226 if (rxstat & ATW_RXSTAT_SIGE) 3227 sc->sc_sige_ev.ev_count++; 3228 ifp->if_ierrors++; 3229 m_freem(m); 3230 continue; 3231 } 3232 3233 if (sc->sc_opmode & ATW_NAR_PR) 3234 m_adj(m, -IEEE80211_CRC_LEN); 3235 3236 wh = mtod(m, struct ieee80211_frame_min *); 3237 ni = ieee80211_find_rxnode(ic, wh); 3238 #if 0 3239 if (atw_hw_decrypted(sc, wh)) { 3240 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 3241 DPRINTF(sc, ("%s: hw decrypted\n", __func__)); 3242 } 3243 #endif 3244 ieee80211_input(ic, m, ni, (int)rssi, 0); 3245 ieee80211_free_node(ni); 3246 } 3247 3248 /* Update the receive pointer. */ 3249 sc->sc_rxptr = i; 3250 } 3251 3252 /* 3253 * atw_txintr: 3254 * 3255 * Helper; handle transmit interrupts. 3256 */ 3257 void 3258 atw_txintr(struct atw_softc *sc) 3259 { 3260 static char txstat_buf[sizeof("ffffffff<>" ATW_TXSTAT_FMT)]; 3261 struct ifnet *ifp = &sc->sc_if; 3262 struct atw_txsoft *txs; 3263 u_int32_t txstat; 3264 3265 DPRINTF3(sc, ("%s: atw_txintr: sc_flags 0x%08x\n", 3266 sc->sc_dev.dv_xname, sc->sc_flags)); 3267 3268 /* 3269 * Go through our Tx list and free mbufs for those 3270 * frames that have been transmitted. 3271 */ 3272 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 3273 ATW_CDTXSYNC(sc, txs->txs_lastdesc, 1, 3274 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3275 3276 #ifdef ATW_DEBUG 3277 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3278 int i; 3279 printf(" txsoft %p transmit chain:\n", txs); 3280 ATW_CDTXSYNC(sc, txs->txs_firstdesc, 3281 txs->txs_ndescs - 1, 3282 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3283 for (i = txs->txs_firstdesc;; i = ATW_NEXTTX(i)) { 3284 printf(" descriptor %d:\n", i); 3285 printf(" at_status: 0x%08x\n", 3286 le32toh(sc->sc_txdescs[i].at_stat)); 3287 printf(" at_flags: 0x%08x\n", 3288 le32toh(sc->sc_txdescs[i].at_flags)); 3289 printf(" at_buf1: 0x%08x\n", 3290 le32toh(sc->sc_txdescs[i].at_buf1)); 3291 printf(" at_buf2: 0x%08x\n", 3292 le32toh(sc->sc_txdescs[i].at_buf2)); 3293 if (i == txs->txs_lastdesc) 3294 break; 3295 } 3296 } 3297 #endif 3298 3299 txstat = le32toh(sc->sc_txdescs[txs->txs_lastdesc].at_stat); 3300 if (txstat & ATW_TXSTAT_OWN) 3301 break; 3302 3303 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 3304 3305 sc->sc_txfree += txs->txs_ndescs; 3306 3307 bus_dmamap_sync(sc->sc_dmat, txs->txs_dmamap, 3308 0, txs->txs_dmamap->dm_mapsize, 3309 BUS_DMASYNC_POSTWRITE); 3310 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 3311 m_freem(txs->txs_mbuf); 3312 txs->txs_mbuf = NULL; 3313 3314 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 3315 3316 KASSERT(!(SIMPLEQ_EMPTY(&sc->sc_txfreeq) || 3317 sc->sc_txfree == 0)); 3318 ifp->if_flags &= ~IFF_OACTIVE; 3319 3320 if ((ifp->if_flags & IFF_DEBUG) != 0 && 3321 (txstat & ATW_TXSTAT_ERRMASK) != 0) { 3322 bitmask_snprintf(txstat & ATW_TXSTAT_ERRMASK, 3323 ATW_TXSTAT_FMT, txstat_buf, sizeof(txstat_buf)); 3324 printf("%s: txstat %s %" __PRIuBITS "\n", 3325 sc->sc_dev.dv_xname, txstat_buf, 3326 __SHIFTOUT(txstat, ATW_TXSTAT_ARC_MASK)); 3327 } 3328 3329 /* 3330 * Check for errors and collisions. 3331 */ 3332 if (txstat & ATW_TXSTAT_TUF) 3333 sc->sc_stats.ts_tx_tuf++; 3334 if (txstat & ATW_TXSTAT_TLT) 3335 sc->sc_stats.ts_tx_tlt++; 3336 if (txstat & ATW_TXSTAT_TRT) 3337 sc->sc_stats.ts_tx_trt++; 3338 if (txstat & ATW_TXSTAT_TRO) 3339 sc->sc_stats.ts_tx_tro++; 3340 if (txstat & ATW_TXSTAT_SOFBR) { 3341 sc->sc_stats.ts_tx_sofbr++; 3342 } 3343 3344 if ((txstat & ATW_TXSTAT_ES) == 0) 3345 ifp->if_collisions += 3346 __SHIFTOUT(txstat, ATW_TXSTAT_ARC_MASK); 3347 else 3348 ifp->if_oerrors++; 3349 3350 ifp->if_opackets++; 3351 } 3352 3353 /* 3354 * If there are no more pending transmissions, cancel the watchdog 3355 * timer. 3356 */ 3357 if (txs == NULL) { 3358 KASSERT((ifp->if_flags & IFF_OACTIVE) == 0); 3359 sc->sc_tx_timer = 0; 3360 } 3361 } 3362 3363 /* 3364 * atw_watchdog: [ifnet interface function] 3365 * 3366 * Watchdog timer handler. 3367 */ 3368 void 3369 atw_watchdog(struct ifnet *ifp) 3370 { 3371 struct atw_softc *sc = ifp->if_softc; 3372 struct ieee80211com *ic = &sc->sc_ic; 3373 3374 ifp->if_timer = 0; 3375 if (ATW_IS_ENABLED(sc) == 0) 3376 return; 3377 3378 if (sc->sc_rescan_timer) { 3379 if (--sc->sc_rescan_timer == 0) 3380 (void)ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3381 } 3382 if (sc->sc_tx_timer) { 3383 if (--sc->sc_tx_timer == 0 && 3384 !SIMPLEQ_EMPTY(&sc->sc_txdirtyq)) { 3385 printf("%s: transmit timeout\n", ifp->if_xname); 3386 ifp->if_oerrors++; 3387 (void)atw_init(ifp); 3388 atw_start(ifp); 3389 } 3390 } 3391 if (sc->sc_tx_timer != 0 || sc->sc_rescan_timer != 0) 3392 ifp->if_timer = 1; 3393 ieee80211_watchdog(ic); 3394 } 3395 3396 static void 3397 atw_evcnt_detach(struct atw_softc *sc) 3398 { 3399 evcnt_detach(&sc->sc_sige_ev); 3400 evcnt_detach(&sc->sc_sfde_ev); 3401 evcnt_detach(&sc->sc_icve_ev); 3402 evcnt_detach(&sc->sc_crc32e_ev); 3403 evcnt_detach(&sc->sc_crc16e_ev); 3404 evcnt_detach(&sc->sc_recv_ev); 3405 } 3406 3407 static void 3408 atw_evcnt_attach(struct atw_softc *sc) 3409 { 3410 evcnt_attach_dynamic(&sc->sc_recv_ev, EVCNT_TYPE_MISC, 3411 NULL, sc->sc_if.if_xname, "recv"); 3412 evcnt_attach_dynamic(&sc->sc_crc16e_ev, EVCNT_TYPE_MISC, 3413 &sc->sc_recv_ev, sc->sc_if.if_xname, "CRC16 error"); 3414 evcnt_attach_dynamic(&sc->sc_crc32e_ev, EVCNT_TYPE_MISC, 3415 &sc->sc_recv_ev, sc->sc_if.if_xname, "CRC32 error"); 3416 evcnt_attach_dynamic(&sc->sc_icve_ev, EVCNT_TYPE_MISC, 3417 &sc->sc_recv_ev, sc->sc_if.if_xname, "ICV error"); 3418 evcnt_attach_dynamic(&sc->sc_sfde_ev, EVCNT_TYPE_MISC, 3419 &sc->sc_recv_ev, sc->sc_if.if_xname, "PLCP SFD error"); 3420 evcnt_attach_dynamic(&sc->sc_sige_ev, EVCNT_TYPE_MISC, 3421 &sc->sc_recv_ev, sc->sc_if.if_xname, "PLCP Signal Field error"); 3422 } 3423 3424 #ifdef ATW_DEBUG 3425 static void 3426 atw_dump_pkt(struct ifnet *ifp, struct mbuf *m0) 3427 { 3428 struct atw_softc *sc = ifp->if_softc; 3429 struct mbuf *m; 3430 int i, noctets = 0; 3431 3432 printf("%s: %d-byte packet\n", sc->sc_dev.dv_xname, 3433 m0->m_pkthdr.len); 3434 3435 for (m = m0; m; m = m->m_next) { 3436 if (m->m_len == 0) 3437 continue; 3438 for (i = 0; i < m->m_len; i++) { 3439 printf(" %02x", ((u_int8_t*)m->m_data)[i]); 3440 if (++noctets % 24 == 0) 3441 printf("\n"); 3442 } 3443 } 3444 printf("%s%s: %d bytes emitted\n", 3445 (noctets % 24 != 0) ? "\n" : "", sc->sc_dev.dv_xname, noctets); 3446 } 3447 #endif /* ATW_DEBUG */ 3448 3449 /* 3450 * atw_start: [ifnet interface function] 3451 * 3452 * Start packet transmission on the interface. 3453 */ 3454 void 3455 atw_start(struct ifnet *ifp) 3456 { 3457 struct atw_softc *sc = ifp->if_softc; 3458 struct ieee80211_key *k; 3459 struct ieee80211com *ic = &sc->sc_ic; 3460 struct ieee80211_node *ni; 3461 struct ieee80211_frame_min *whm; 3462 struct ieee80211_frame *wh; 3463 struct atw_frame *hh; 3464 struct mbuf *m0, *m; 3465 struct atw_txsoft *txs, *last_txs; 3466 struct atw_txdesc *txd; 3467 int npkt, rate; 3468 bus_dmamap_t dmamap; 3469 int ctl, error, firsttx, nexttx, lasttx, first, ofree, seg; 3470 3471 DPRINTF2(sc, ("%s: atw_start: sc_flags 0x%08x, if_flags 0x%08x\n", 3472 sc->sc_dev.dv_xname, sc->sc_flags, ifp->if_flags)); 3473 3474 if ((ifp->if_flags & (IFF_RUNNING|IFF_OACTIVE)) != IFF_RUNNING) 3475 return; 3476 3477 /* 3478 * Remember the previous number of free descriptors and 3479 * the first descriptor we'll use. 3480 */ 3481 ofree = sc->sc_txfree; 3482 firsttx = lasttx = sc->sc_txnext; 3483 3484 DPRINTF2(sc, ("%s: atw_start: txfree %d, txnext %d\n", 3485 sc->sc_dev.dv_xname, ofree, firsttx)); 3486 3487 /* 3488 * Loop through the send queue, setting up transmit descriptors 3489 * until we drain the queue, or use up all available transmit 3490 * descriptors. 3491 */ 3492 while ((txs = SIMPLEQ_FIRST(&sc->sc_txfreeq)) != NULL && 3493 sc->sc_txfree != 0) { 3494 3495 /* 3496 * Grab a packet off the management queue, if it 3497 * is not empty. Otherwise, from the data queue. 3498 */ 3499 IF_DEQUEUE(&ic->ic_mgtq, m0); 3500 if (m0 != NULL) { 3501 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 3502 m0->m_pkthdr.rcvif = NULL; 3503 } else if (ic->ic_state != IEEE80211_S_RUN) 3504 break; /* send no data until associated */ 3505 else { 3506 IFQ_DEQUEUE(&ifp->if_snd, m0); 3507 if (m0 == NULL) 3508 break; 3509 #if NBPFILTER > 0 3510 if (ifp->if_bpf != NULL) 3511 bpf_mtap(ifp->if_bpf, m0); 3512 #endif /* NBPFILTER > 0 */ 3513 ni = ieee80211_find_txnode(ic, 3514 mtod(m0, struct ether_header *)->ether_dhost); 3515 if (ni == NULL) { 3516 ifp->if_oerrors++; 3517 break; 3518 } 3519 if ((m0 = ieee80211_encap(ic, m0, ni)) == NULL) { 3520 ieee80211_free_node(ni); 3521 ifp->if_oerrors++; 3522 break; 3523 } 3524 } 3525 3526 rate = MAX(ieee80211_get_rate(ni), 2); 3527 3528 whm = mtod(m0, struct ieee80211_frame_min *); 3529 3530 if ((whm->i_fc[1] & IEEE80211_FC1_WEP) == 0) 3531 k = NULL; 3532 else if ((k = ieee80211_crypto_encap(ic, ni, m0)) == NULL) { 3533 m_freem(m0); 3534 ieee80211_free_node(ni); 3535 ifp->if_oerrors++; 3536 break; 3537 } 3538 3539 if (ieee80211_compute_duration(whm, k, m0->m_pkthdr.len, 3540 ic->ic_flags, ic->ic_fragthreshold, rate, 3541 &txs->txs_d0, &txs->txs_dn, &npkt, 0) == -1) { 3542 DPRINTF2(sc, ("%s: fail compute duration\n", __func__)); 3543 m_freem(m0); 3544 break; 3545 } 3546 3547 /* XXX Misleading if fragmentation is enabled. Better 3548 * to fragment in software? 3549 */ 3550 *(uint16_t *)whm->i_dur = htole16(txs->txs_d0.d_rts_dur); 3551 3552 #if NBPFILTER > 0 3553 /* 3554 * Pass the packet to any BPF listeners. 3555 */ 3556 if (ic->ic_rawbpf != NULL) 3557 bpf_mtap((void *)ic->ic_rawbpf, m0); 3558 3559 if (sc->sc_radiobpf != NULL) { 3560 struct atw_tx_radiotap_header *tap = &sc->sc_txtap; 3561 3562 tap->at_rate = rate; 3563 3564 bpf_mtap2(sc->sc_radiobpf, tap, 3565 sizeof(sc->sc_txtapu), m0); 3566 } 3567 #endif /* NBPFILTER > 0 */ 3568 3569 M_PREPEND(m0, offsetof(struct atw_frame, atw_ihdr), M_DONTWAIT); 3570 3571 if (ni != NULL) 3572 ieee80211_free_node(ni); 3573 3574 if (m0 == NULL) { 3575 ifp->if_oerrors++; 3576 break; 3577 } 3578 3579 /* just to make sure. */ 3580 m0 = m_pullup(m0, sizeof(struct atw_frame)); 3581 3582 if (m0 == NULL) { 3583 ifp->if_oerrors++; 3584 break; 3585 } 3586 3587 hh = mtod(m0, struct atw_frame *); 3588 wh = &hh->atw_ihdr; 3589 3590 /* Copy everything we need from the 802.11 header: 3591 * Frame Control; address 1, address 3, or addresses 3592 * 3 and 4. NIC fills in BSSID, SA. 3593 */ 3594 if (wh->i_fc[1] & IEEE80211_FC1_DIR_TODS) { 3595 if (wh->i_fc[1] & IEEE80211_FC1_DIR_FROMDS) 3596 panic("%s: illegal WDS frame", 3597 sc->sc_dev.dv_xname); 3598 memcpy(hh->atw_dst, wh->i_addr3, IEEE80211_ADDR_LEN); 3599 } else 3600 memcpy(hh->atw_dst, wh->i_addr1, IEEE80211_ADDR_LEN); 3601 3602 *(u_int16_t*)hh->atw_fc = *(u_int16_t*)wh->i_fc; 3603 3604 /* initialize remaining Tx parameters */ 3605 memset(&hh->u, 0, sizeof(hh->u)); 3606 3607 hh->atw_rate = rate * 5; 3608 /* XXX this could be incorrect if M_FCS. _encap should 3609 * probably strip FCS just in case it sticks around in 3610 * bridged packets. 3611 */ 3612 hh->atw_service = 0x00; /* XXX guess */ 3613 hh->atw_paylen = htole16(m0->m_pkthdr.len - 3614 sizeof(struct atw_frame)); 3615 3616 hh->atw_fragthr = htole16(ic->ic_fragthreshold); 3617 hh->atw_rtylmt = 3; 3618 hh->atw_hdrctl = htole16(ATW_HDRCTL_UNKNOWN1); 3619 #if 0 3620 if (do_encrypt) { 3621 hh->atw_hdrctl |= htole16(ATW_HDRCTL_WEP); 3622 hh->atw_keyid = ic->ic_def_txkey; 3623 } 3624 #endif 3625 3626 hh->atw_head_plcplen = htole16(txs->txs_d0.d_plcp_len); 3627 hh->atw_tail_plcplen = htole16(txs->txs_dn.d_plcp_len); 3628 if (txs->txs_d0.d_residue) 3629 hh->atw_head_plcplen |= htole16(0x8000); 3630 if (txs->txs_dn.d_residue) 3631 hh->atw_tail_plcplen |= htole16(0x8000); 3632 hh->atw_head_dur = htole16(txs->txs_d0.d_rts_dur); 3633 hh->atw_tail_dur = htole16(txs->txs_dn.d_rts_dur); 3634 3635 /* never fragment multicast frames */ 3636 if (IEEE80211_IS_MULTICAST(hh->atw_dst)) { 3637 hh->atw_fragthr = htole16(ic->ic_fragthreshold); 3638 } else if (sc->sc_flags & ATWF_RTSCTS) { 3639 hh->atw_hdrctl |= htole16(ATW_HDRCTL_RTSCTS); 3640 } 3641 3642 #ifdef ATW_DEBUG 3643 hh->atw_fragnum = 0; 3644 3645 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3646 printf("%s: dst = %s, rate = 0x%02x, " 3647 "service = 0x%02x, paylen = 0x%04x\n", 3648 sc->sc_dev.dv_xname, ether_sprintf(hh->atw_dst), 3649 hh->atw_rate, hh->atw_service, hh->atw_paylen); 3650 3651 printf("%s: fc[0] = 0x%02x, fc[1] = 0x%02x, " 3652 "dur1 = 0x%04x, dur2 = 0x%04x, " 3653 "dur3 = 0x%04x, rts_dur = 0x%04x\n", 3654 sc->sc_dev.dv_xname, hh->atw_fc[0], hh->atw_fc[1], 3655 hh->atw_tail_plcplen, hh->atw_head_plcplen, 3656 hh->atw_tail_dur, hh->atw_head_dur); 3657 3658 printf("%s: hdrctl = 0x%04x, fragthr = 0x%04x, " 3659 "fragnum = 0x%02x, rtylmt = 0x%04x\n", 3660 sc->sc_dev.dv_xname, hh->atw_hdrctl, 3661 hh->atw_fragthr, hh->atw_fragnum, hh->atw_rtylmt); 3662 3663 printf("%s: keyid = %d\n", 3664 sc->sc_dev.dv_xname, hh->atw_keyid); 3665 3666 atw_dump_pkt(ifp, m0); 3667 } 3668 #endif /* ATW_DEBUG */ 3669 3670 dmamap = txs->txs_dmamap; 3671 3672 /* 3673 * Load the DMA map. Copy and try (once) again if the packet 3674 * didn't fit in the alloted number of segments. 3675 */ 3676 for (first = 1; 3677 (error = bus_dmamap_load_mbuf(sc->sc_dmat, dmamap, m0, 3678 BUS_DMA_WRITE|BUS_DMA_NOWAIT)) != 0 && first; 3679 first = 0) { 3680 MGETHDR(m, M_DONTWAIT, MT_DATA); 3681 if (m == NULL) { 3682 printf("%s: unable to allocate Tx mbuf\n", 3683 sc->sc_dev.dv_xname); 3684 break; 3685 } 3686 if (m0->m_pkthdr.len > MHLEN) { 3687 MCLGET(m, M_DONTWAIT); 3688 if ((m->m_flags & M_EXT) == 0) { 3689 printf("%s: unable to allocate Tx " 3690 "cluster\n", sc->sc_dev.dv_xname); 3691 m_freem(m); 3692 break; 3693 } 3694 } 3695 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(m, void *)); 3696 m->m_pkthdr.len = m->m_len = m0->m_pkthdr.len; 3697 m_freem(m0); 3698 m0 = m; 3699 m = NULL; 3700 } 3701 if (error != 0) { 3702 printf("%s: unable to load Tx buffer, " 3703 "error = %d\n", sc->sc_dev.dv_xname, error); 3704 m_freem(m0); 3705 break; 3706 } 3707 3708 /* 3709 * Ensure we have enough descriptors free to describe 3710 * the packet. 3711 */ 3712 if (dmamap->dm_nsegs > sc->sc_txfree) { 3713 /* 3714 * Not enough free descriptors to transmit 3715 * this packet. Unload the DMA map and 3716 * drop the packet. Notify the upper layer 3717 * that there are no more slots left. 3718 * 3719 * XXX We could allocate an mbuf and copy, but 3720 * XXX it is worth it? 3721 */ 3722 bus_dmamap_unload(sc->sc_dmat, dmamap); 3723 m_freem(m0); 3724 break; 3725 } 3726 3727 /* 3728 * WE ARE NOW COMMITTED TO TRANSMITTING THE PACKET. 3729 */ 3730 3731 /* Sync the DMA map. */ 3732 bus_dmamap_sync(sc->sc_dmat, dmamap, 0, dmamap->dm_mapsize, 3733 BUS_DMASYNC_PREWRITE); 3734 3735 /* XXX arbitrary retry limit; 8 because I have seen it in 3736 * use already and maybe 0 means "no tries" ! 3737 */ 3738 ctl = htole32(__SHIFTIN(8, ATW_TXCTL_TL_MASK)); 3739 3740 DPRINTF2(sc, ("%s: TXDR <- max(10, %d)\n", 3741 sc->sc_dev.dv_xname, rate * 5)); 3742 ctl |= htole32(__SHIFTIN(MAX(10, rate * 5), ATW_TXCTL_TXDR_MASK)); 3743 3744 /* 3745 * Initialize the transmit descriptors. 3746 */ 3747 for (nexttx = sc->sc_txnext, seg = 0; 3748 seg < dmamap->dm_nsegs; 3749 seg++, nexttx = ATW_NEXTTX(nexttx)) { 3750 /* 3751 * If this is the first descriptor we're 3752 * enqueueing, don't set the OWN bit just 3753 * yet. That could cause a race condition. 3754 * We'll do it below. 3755 */ 3756 txd = &sc->sc_txdescs[nexttx]; 3757 txd->at_ctl = ctl | 3758 ((nexttx == firsttx) ? 0 : htole32(ATW_TXCTL_OWN)); 3759 3760 txd->at_buf1 = htole32(dmamap->dm_segs[seg].ds_addr); 3761 txd->at_flags = 3762 htole32(__SHIFTIN(dmamap->dm_segs[seg].ds_len, 3763 ATW_TXFLAG_TBS1_MASK)) | 3764 ((nexttx == (ATW_NTXDESC - 1)) 3765 ? htole32(ATW_TXFLAG_TER) : 0); 3766 lasttx = nexttx; 3767 } 3768 3769 /* Set `first segment' and `last segment' appropriately. */ 3770 sc->sc_txdescs[sc->sc_txnext].at_flags |= 3771 htole32(ATW_TXFLAG_FS); 3772 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_LS); 3773 3774 #ifdef ATW_DEBUG 3775 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3776 printf(" txsoft %p transmit chain:\n", txs); 3777 for (seg = sc->sc_txnext;; seg = ATW_NEXTTX(seg)) { 3778 printf(" descriptor %d:\n", seg); 3779 printf(" at_ctl: 0x%08x\n", 3780 le32toh(sc->sc_txdescs[seg].at_ctl)); 3781 printf(" at_flags: 0x%08x\n", 3782 le32toh(sc->sc_txdescs[seg].at_flags)); 3783 printf(" at_buf1: 0x%08x\n", 3784 le32toh(sc->sc_txdescs[seg].at_buf1)); 3785 printf(" at_buf2: 0x%08x\n", 3786 le32toh(sc->sc_txdescs[seg].at_buf2)); 3787 if (seg == lasttx) 3788 break; 3789 } 3790 } 3791 #endif 3792 3793 /* Sync the descriptors we're using. */ 3794 ATW_CDTXSYNC(sc, sc->sc_txnext, dmamap->dm_nsegs, 3795 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3796 3797 /* 3798 * Store a pointer to the packet so we can free it later, 3799 * and remember what txdirty will be once the packet is 3800 * done. 3801 */ 3802 txs->txs_mbuf = m0; 3803 txs->txs_firstdesc = sc->sc_txnext; 3804 txs->txs_lastdesc = lasttx; 3805 txs->txs_ndescs = dmamap->dm_nsegs; 3806 3807 /* Advance the tx pointer. */ 3808 sc->sc_txfree -= dmamap->dm_nsegs; 3809 sc->sc_txnext = nexttx; 3810 3811 SIMPLEQ_REMOVE_HEAD(&sc->sc_txfreeq, txs_q); 3812 SIMPLEQ_INSERT_TAIL(&sc->sc_txdirtyq, txs, txs_q); 3813 3814 last_txs = txs; 3815 } 3816 3817 if (sc->sc_txfree != ofree) { 3818 DPRINTF2(sc, ("%s: packets enqueued, IC on %d, OWN on %d\n", 3819 sc->sc_dev.dv_xname, lasttx, firsttx)); 3820 /* 3821 * Cause a transmit interrupt to happen on the 3822 * last packet we enqueued. 3823 */ 3824 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_IC); 3825 ATW_CDTXSYNC(sc, lasttx, 1, 3826 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3827 3828 /* 3829 * The entire packet chain is set up. Give the 3830 * first descriptor to the chip now. 3831 */ 3832 sc->sc_txdescs[firsttx].at_ctl |= htole32(ATW_TXCTL_OWN); 3833 ATW_CDTXSYNC(sc, firsttx, 1, 3834 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3835 3836 /* Wake up the transmitter. */ 3837 ATW_WRITE(sc, ATW_TDR, 0x1); 3838 3839 if (txs == NULL || sc->sc_txfree == 0) 3840 ifp->if_flags |= IFF_OACTIVE; 3841 3842 /* Set a watchdog timer in case the chip flakes out. */ 3843 sc->sc_tx_timer = 5; 3844 ifp->if_timer = 1; 3845 } 3846 } 3847 3848 /* 3849 * atw_power: 3850 * 3851 * Power management (suspend/resume) hook. 3852 */ 3853 void 3854 atw_power(int why, void *arg) 3855 { 3856 struct atw_softc *sc = arg; 3857 struct ifnet *ifp = &sc->sc_if; 3858 int s; 3859 3860 DPRINTF(sc, ("%s: atw_power(%d,)\n", sc->sc_dev.dv_xname, why)); 3861 3862 s = splnet(); 3863 switch (why) { 3864 case PWR_STANDBY: 3865 /* XXX do nothing. */ 3866 break; 3867 case PWR_SUSPEND: 3868 atw_stop(ifp, 0); 3869 if (sc->sc_power != NULL) 3870 (*sc->sc_power)(sc, why); 3871 break; 3872 case PWR_RESUME: 3873 if (ifp->if_flags & IFF_UP) { 3874 if (sc->sc_power != NULL) 3875 (*sc->sc_power)(sc, why); 3876 atw_init(ifp); 3877 } 3878 break; 3879 case PWR_SOFTSUSPEND: 3880 case PWR_SOFTSTANDBY: 3881 case PWR_SOFTRESUME: 3882 break; 3883 } 3884 splx(s); 3885 } 3886 3887 /* 3888 * atw_ioctl: [ifnet interface function] 3889 * 3890 * Handle control requests from the operator. 3891 */ 3892 int 3893 atw_ioctl(struct ifnet *ifp, u_long cmd, void *data) 3894 { 3895 struct atw_softc *sc = ifp->if_softc; 3896 int s, error = 0; 3897 3898 /* XXX monkey see, monkey do. comes from wi_ioctl. */ 3899 if (!device_is_active(&sc->sc_dev)) 3900 return ENXIO; 3901 3902 s = splnet(); 3903 3904 switch (cmd) { 3905 case SIOCSIFFLAGS: 3906 if (ifp->if_flags & IFF_UP) { 3907 if (ATW_IS_ENABLED(sc)) { 3908 /* 3909 * To avoid rescanning another access point, 3910 * do not call atw_init() here. Instead, 3911 * only reflect media settings. 3912 */ 3913 atw_filter_setup(sc); 3914 } else 3915 error = atw_init(ifp); 3916 } else if (ATW_IS_ENABLED(sc)) 3917 atw_stop(ifp, 1); 3918 break; 3919 case SIOCADDMULTI: 3920 case SIOCDELMULTI: 3921 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 3922 if (ifp->if_flags & IFF_RUNNING) 3923 atw_filter_setup(sc); /* do not rescan */ 3924 error = 0; 3925 } 3926 break; 3927 default: 3928 error = ieee80211_ioctl(&sc->sc_ic, cmd, data); 3929 if (error == ENETRESET || error == ERESTART) { 3930 if (is_running(ifp)) 3931 error = atw_init(ifp); 3932 else 3933 error = 0; 3934 } 3935 break; 3936 } 3937 3938 /* Try to get more packets going. */ 3939 if (ATW_IS_ENABLED(sc)) 3940 atw_start(ifp); 3941 3942 splx(s); 3943 return (error); 3944 } 3945 3946 static int 3947 atw_media_change(struct ifnet *ifp) 3948 { 3949 int error; 3950 3951 error = ieee80211_media_change(ifp); 3952 if (error == ENETRESET) { 3953 if (is_running(ifp)) 3954 error = atw_init(ifp); 3955 else 3956 error = 0; 3957 } 3958 return error; 3959 } 3960