1 /* $NetBSD: atw.c,v 1.84 2005/02/27 00:27:00 perry Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 1999, 2000, 2002, 2003, 2004 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by David Young, by Jason R. Thorpe, and by Charles M. Hannum. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39 /* 40 * Device driver for the ADMtek ADM8211 802.11 MAC/BBP. 41 */ 42 43 #include <sys/cdefs.h> 44 __KERNEL_RCSID(0, "$NetBSD: atw.c,v 1.84 2005/02/27 00:27:00 perry Exp $"); 45 46 #include "bpfilter.h" 47 48 #include <sys/param.h> 49 #include <sys/systm.h> 50 #include <sys/callout.h> 51 #include <sys/mbuf.h> 52 #include <sys/malloc.h> 53 #include <sys/kernel.h> 54 #include <sys/socket.h> 55 #include <sys/ioctl.h> 56 #include <sys/errno.h> 57 #include <sys/device.h> 58 #include <sys/time.h> 59 60 #include <machine/endian.h> 61 62 #include <uvm/uvm_extern.h> 63 64 #include <net/if.h> 65 #include <net/if_dl.h> 66 #include <net/if_media.h> 67 #include <net/if_ether.h> 68 69 #include <net80211/ieee80211_var.h> 70 #include <net80211/ieee80211_compat.h> 71 #include <net80211/ieee80211_radiotap.h> 72 73 #if NBPFILTER > 0 74 #include <net/bpf.h> 75 #endif 76 77 #include <machine/bus.h> 78 #include <machine/intr.h> 79 80 #include <dev/ic/atwreg.h> 81 #include <dev/ic/rf3000reg.h> 82 #include <dev/ic/si4136reg.h> 83 #include <dev/ic/atwvar.h> 84 #include <dev/ic/smc93cx6var.h> 85 86 /* XXX TBD open questions 87 * 88 * 89 * When should I set DSSS PAD in reg 0x15 of RF3000? In 1-2Mbps 90 * modes only, or all modes (5.5-11 Mbps CCK modes, too?) Does the MAC 91 * handle this for me? 92 * 93 */ 94 /* device attachment 95 * 96 * print TOFS[012] 97 * 98 * device initialization 99 * 100 * clear ATW_FRCTL_MAXPSP to disable max power saving 101 * set ATW_TXBR_ALCUPDATE to enable ALC 102 * set TOFS[012]? (hope not) 103 * disable rx/tx 104 * set ATW_PAR_SWR (software reset) 105 * wait for ATW_PAR_SWR clear 106 * disable interrupts 107 * ack status register 108 * enable interrupts 109 * 110 * rx/tx initialization 111 * 112 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 113 * allocate and init descriptor rings 114 * write ATW_PAR_DSL (descriptor skip length) 115 * write descriptor base addrs: ATW_TDBD, ATW_TDBP, write ATW_RDB 116 * write ATW_NAR_SQ for one/both transmit descriptor rings 117 * write ATW_NAR_SQ for one/both transmit descriptor rings 118 * enable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 119 * 120 * rx/tx end 121 * 122 * stop DMA 123 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 124 * flush tx w/ ATW_NAR_HF 125 * 126 * scan 127 * 128 * initialize rx/tx 129 * 130 * BSS join: (re)association response 131 * 132 * set ATW_FRCTL_AID 133 * 134 * optimizations ??? 135 * 136 */ 137 138 #define ATW_REFSLAVE /* slavishly do what the reference driver does */ 139 140 #define VOODOO_DUR_11_ROUNDING 0x01 /* necessary */ 141 #define VOODOO_DUR_2_4_SPECIALCASE 0x02 /* NOT necessary */ 142 int atw_voodoo = VOODOO_DUR_11_ROUNDING; 143 144 int atw_pseudo_milli = 1; 145 int atw_magic_delay1 = 100 * 1000; 146 int atw_magic_delay2 = 100 * 1000; 147 /* more magic multi-millisecond delays (units: microseconds) */ 148 int atw_nar_delay = 20 * 1000; 149 int atw_magic_delay4 = 10 * 1000; 150 int atw_rf_delay1 = 10 * 1000; 151 int atw_rf_delay2 = 5 * 1000; 152 int atw_plcphd_delay = 2 * 1000; 153 int atw_bbp_io_enable_delay = 20 * 1000; 154 int atw_bbp_io_disable_delay = 2 * 1000; 155 int atw_writewep_delay = 1000; 156 int atw_beacon_len_adjust = 4; 157 int atw_dwelltime = 200; 158 int atw_xindiv2 = 0; 159 160 #ifdef ATW_DEBUG 161 int atw_debug = 0; 162 163 #define ATW_DPRINTF(x) if (atw_debug > 0) printf x 164 #define ATW_DPRINTF2(x) if (atw_debug > 1) printf x 165 #define ATW_DPRINTF3(x) if (atw_debug > 2) printf x 166 #define DPRINTF(sc, x) if ((sc)->sc_ic.ic_if.if_flags & IFF_DEBUG) printf x 167 #define DPRINTF2(sc, x) if ((sc)->sc_ic.ic_if.if_flags & IFF_DEBUG) ATW_DPRINTF2(x) 168 #define DPRINTF3(sc, x) if ((sc)->sc_ic.ic_if.if_flags & IFF_DEBUG) ATW_DPRINTF3(x) 169 170 static void atw_dump_pkt(struct ifnet *, struct mbuf *); 171 static void atw_print_regs(struct atw_softc *, const char *); 172 173 /* Note well: I never got atw_rf3000_read or atw_si4126_read to work. */ 174 # ifdef ATW_BBPDEBUG 175 static void atw_rf3000_print(struct atw_softc *); 176 static int atw_rf3000_read(struct atw_softc *sc, u_int, u_int *); 177 # endif /* ATW_BBPDEBUG */ 178 179 # ifdef ATW_SYNDEBUG 180 static void atw_si4126_print(struct atw_softc *); 181 static int atw_si4126_read(struct atw_softc *, u_int, u_int *); 182 # endif /* ATW_SYNDEBUG */ 183 184 #else 185 #define ATW_DPRINTF(x) 186 #define ATW_DPRINTF2(x) 187 #define ATW_DPRINTF3(x) 188 #define DPRINTF(sc, x) /* nothing */ 189 #define DPRINTF2(sc, x) /* nothing */ 190 #define DPRINTF3(sc, x) /* nothing */ 191 #endif 192 193 /* ifnet methods */ 194 int atw_init(struct ifnet *); 195 int atw_ioctl(struct ifnet *, u_long, caddr_t); 196 void atw_start(struct ifnet *); 197 void atw_stop(struct ifnet *, int); 198 void atw_watchdog(struct ifnet *); 199 200 /* Device attachment */ 201 void atw_attach(struct atw_softc *); 202 int atw_detach(struct atw_softc *); 203 204 /* Rx/Tx process */ 205 int atw_add_rxbuf(struct atw_softc *, int); 206 void atw_idle(struct atw_softc *, u_int32_t); 207 void atw_rxdrain(struct atw_softc *); 208 void atw_txdrain(struct atw_softc *); 209 210 /* Device (de)activation and power state */ 211 void atw_disable(struct atw_softc *); 212 int atw_enable(struct atw_softc *); 213 void atw_power(int, void *); 214 void atw_reset(struct atw_softc *); 215 void atw_shutdown(void *); 216 217 /* Interrupt handlers */ 218 void atw_linkintr(struct atw_softc *, u_int32_t); 219 void atw_rxintr(struct atw_softc *); 220 void atw_txintr(struct atw_softc *); 221 222 /* 802.11 state machine */ 223 static int atw_newstate(struct ieee80211com *, enum ieee80211_state, int); 224 static void atw_next_scan(void *); 225 static void atw_recv_mgmt(struct ieee80211com *, struct mbuf *, 226 struct ieee80211_node *, int, int, u_int32_t); 227 static int atw_tune(struct atw_softc *); 228 229 /* Device initialization */ 230 static void atw_bbp_io_init(struct atw_softc *); 231 static void atw_cfp_init(struct atw_softc *); 232 static void atw_cmdr_init(struct atw_softc *); 233 static void atw_ifs_init(struct atw_softc *); 234 static void atw_nar_init(struct atw_softc *); 235 static void atw_response_times_init(struct atw_softc *); 236 static void atw_rf_reset(struct atw_softc *); 237 static void atw_test1_init(struct atw_softc *); 238 static void atw_tofs0_init(struct atw_softc *); 239 static void atw_tofs2_init(struct atw_softc *); 240 static void atw_txlmt_init(struct atw_softc *); 241 static void atw_wcsr_init(struct atw_softc *); 242 243 /* RAM/ROM utilities */ 244 static void atw_clear_sram(struct atw_softc *); 245 static void atw_write_sram(struct atw_softc *, u_int, u_int8_t *, u_int); 246 static int atw_read_srom(struct atw_softc *); 247 248 /* BSS setup */ 249 static void atw_predict_beacon(struct atw_softc *); 250 static void atw_start_beacon(struct atw_softc *, int); 251 static void atw_write_bssid(struct atw_softc *); 252 static void atw_write_ssid(struct atw_softc *); 253 static void atw_write_sup_rates(struct atw_softc *); 254 static void atw_write_wep(struct atw_softc *); 255 256 /* Media */ 257 static int atw_media_change(struct ifnet *); 258 static void atw_media_status(struct ifnet *, struct ifmediareq *); 259 260 static void atw_filter_setup(struct atw_softc *); 261 262 /* 802.11 utilities */ 263 static void atw_frame_setdurs(struct atw_softc *, 264 struct atw_frame *, int, int); 265 static uint64_t atw_get_tsft(struct atw_softc *); 266 static __inline uint32_t atw_last_even_tsft(uint32_t, uint32_t, 267 uint32_t); 268 static struct ieee80211_node *atw_node_alloc(struct ieee80211com *); 269 static void atw_node_free(struct ieee80211com *, 270 struct ieee80211_node *); 271 static void atw_change_ibss(struct atw_softc *); 272 273 /* 274 * Tuner/transceiver/modem 275 */ 276 static void atw_bbp_io_enable(struct atw_softc *, int); 277 278 /* RFMD RF3000 Baseband Processor */ 279 static int atw_rf3000_init(struct atw_softc *); 280 static int atw_rf3000_tune(struct atw_softc *, u_int); 281 static int atw_rf3000_write(struct atw_softc *, u_int, u_int); 282 283 /* Silicon Laboratories Si4126 RF/IF Synthesizer */ 284 static void atw_si4126_tune(struct atw_softc *, u_int); 285 static void atw_si4126_write(struct atw_softc *, u_int, u_int); 286 287 const struct atw_txthresh_tab atw_txthresh_tab_lo[] = ATW_TXTHRESH_TAB_LO_RATE; 288 const struct atw_txthresh_tab atw_txthresh_tab_hi[] = ATW_TXTHRESH_TAB_HI_RATE; 289 290 const char *atw_tx_state[] = { 291 "STOPPED", 292 "RUNNING - read descriptor", 293 "RUNNING - transmitting", 294 "RUNNING - filling fifo", /* XXX */ 295 "SUSPENDED", 296 "RUNNING -- write descriptor", 297 "RUNNING -- write last descriptor", 298 "RUNNING - fifo full" 299 }; 300 301 const char *atw_rx_state[] = { 302 "STOPPED", 303 "RUNNING - read descriptor", 304 "RUNNING - check this packet, pre-fetch next", 305 "RUNNING - wait for reception", 306 "SUSPENDED", 307 "RUNNING - write descriptor", 308 "RUNNING - flush fifo", 309 "RUNNING - fifo drain" 310 }; 311 312 int 313 atw_activate(struct device *self, enum devact act) 314 { 315 struct atw_softc *sc = (struct atw_softc *)self; 316 int rv = 0, s; 317 318 s = splnet(); 319 switch (act) { 320 case DVACT_ACTIVATE: 321 rv = EOPNOTSUPP; 322 break; 323 324 case DVACT_DEACTIVATE: 325 if_deactivate(&sc->sc_ic.ic_if); 326 break; 327 } 328 splx(s); 329 return rv; 330 } 331 332 /* 333 * atw_enable: 334 * 335 * Enable the ADM8211 chip. 336 */ 337 int 338 atw_enable(struct atw_softc *sc) 339 { 340 341 if (ATW_IS_ENABLED(sc) == 0) { 342 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) { 343 printf("%s: device enable failed\n", 344 sc->sc_dev.dv_xname); 345 return (EIO); 346 } 347 sc->sc_flags |= ATWF_ENABLED; 348 } 349 return (0); 350 } 351 352 /* 353 * atw_disable: 354 * 355 * Disable the ADM8211 chip. 356 */ 357 void 358 atw_disable(struct atw_softc *sc) 359 { 360 if (!ATW_IS_ENABLED(sc)) 361 return; 362 if (sc->sc_disable != NULL) 363 (*sc->sc_disable)(sc); 364 sc->sc_flags &= ~ATWF_ENABLED; 365 } 366 367 /* Returns -1 on failure. */ 368 static int 369 atw_read_srom(struct atw_softc *sc) 370 { 371 struct seeprom_descriptor sd; 372 uint32_t test0, fail_bits; 373 374 (void)memset(&sd, 0, sizeof(sd)); 375 376 test0 = ATW_READ(sc, ATW_TEST0); 377 378 switch (sc->sc_rev) { 379 case ATW_REVISION_BA: 380 case ATW_REVISION_CA: 381 fail_bits = ATW_TEST0_EPNE; 382 break; 383 default: 384 fail_bits = ATW_TEST0_EPNE|ATW_TEST0_EPSNM; 385 break; 386 } 387 if ((test0 & fail_bits) != 0) { 388 printf("%s: bad or missing/bad SROM\n", sc->sc_dev.dv_xname); 389 return -1; 390 } 391 392 switch (test0 & ATW_TEST0_EPTYP_MASK) { 393 case ATW_TEST0_EPTYP_93c66: 394 ATW_DPRINTF(("%s: 93c66 SROM\n", sc->sc_dev.dv_xname)); 395 sc->sc_sromsz = 512; 396 sd.sd_chip = C56_66; 397 break; 398 case ATW_TEST0_EPTYP_93c46: 399 ATW_DPRINTF(("%s: 93c46 SROM\n", sc->sc_dev.dv_xname)); 400 sc->sc_sromsz = 128; 401 sd.sd_chip = C46; 402 break; 403 default: 404 printf("%s: unknown SROM type %d\n", sc->sc_dev.dv_xname, 405 MASK_AND_RSHIFT(test0, ATW_TEST0_EPTYP_MASK)); 406 return -1; 407 } 408 409 sc->sc_srom = malloc(sc->sc_sromsz, M_DEVBUF, M_NOWAIT); 410 411 if (sc->sc_srom == NULL) { 412 printf("%s: unable to allocate SROM buffer\n", 413 sc->sc_dev.dv_xname); 414 return -1; 415 } 416 417 (void)memset(sc->sc_srom, 0, sc->sc_sromsz); 418 419 /* ADM8211 has a single 32-bit register for controlling the 420 * 93cx6 SROM. Bit SRS enables the serial port. There is no 421 * "ready" bit. The ADM8211 input/output sense is the reverse 422 * of read_seeprom's. 423 */ 424 sd.sd_tag = sc->sc_st; 425 sd.sd_bsh = sc->sc_sh; 426 sd.sd_regsize = 4; 427 sd.sd_control_offset = ATW_SPR; 428 sd.sd_status_offset = ATW_SPR; 429 sd.sd_dataout_offset = ATW_SPR; 430 sd.sd_CK = ATW_SPR_SCLK; 431 sd.sd_CS = ATW_SPR_SCS; 432 sd.sd_DI = ATW_SPR_SDO; 433 sd.sd_DO = ATW_SPR_SDI; 434 sd.sd_MS = ATW_SPR_SRS; 435 sd.sd_RDY = 0; 436 437 if (!read_seeprom(&sd, sc->sc_srom, 0, sc->sc_sromsz/2)) { 438 printf("%s: could not read SROM\n", sc->sc_dev.dv_xname); 439 free(sc->sc_srom, M_DEVBUF); 440 return -1; 441 } 442 #ifdef ATW_DEBUG 443 { 444 int i; 445 ATW_DPRINTF(("\nSerial EEPROM:\n\t")); 446 for (i = 0; i < sc->sc_sromsz/2; i = i + 1) { 447 if (((i % 8) == 0) && (i != 0)) { 448 ATW_DPRINTF(("\n\t")); 449 } 450 ATW_DPRINTF((" 0x%x", sc->sc_srom[i])); 451 } 452 ATW_DPRINTF(("\n")); 453 } 454 #endif /* ATW_DEBUG */ 455 return 0; 456 } 457 458 #ifdef ATW_DEBUG 459 static void 460 atw_print_regs(struct atw_softc *sc, const char *where) 461 { 462 #define PRINTREG(sc, reg) \ 463 ATW_DPRINTF2(("%s: reg[ " #reg " / %03x ] = %08x\n", \ 464 sc->sc_dev.dv_xname, reg, ATW_READ(sc, reg))) 465 466 ATW_DPRINTF2(("%s: %s\n", sc->sc_dev.dv_xname, where)); 467 468 PRINTREG(sc, ATW_PAR); 469 PRINTREG(sc, ATW_FRCTL); 470 PRINTREG(sc, ATW_TDR); 471 PRINTREG(sc, ATW_WTDP); 472 PRINTREG(sc, ATW_RDR); 473 PRINTREG(sc, ATW_WRDP); 474 PRINTREG(sc, ATW_RDB); 475 PRINTREG(sc, ATW_CSR3A); 476 PRINTREG(sc, ATW_TDBD); 477 PRINTREG(sc, ATW_TDBP); 478 PRINTREG(sc, ATW_STSR); 479 PRINTREG(sc, ATW_CSR5A); 480 PRINTREG(sc, ATW_NAR); 481 PRINTREG(sc, ATW_CSR6A); 482 PRINTREG(sc, ATW_IER); 483 PRINTREG(sc, ATW_CSR7A); 484 PRINTREG(sc, ATW_LPC); 485 PRINTREG(sc, ATW_TEST1); 486 PRINTREG(sc, ATW_SPR); 487 PRINTREG(sc, ATW_TEST0); 488 PRINTREG(sc, ATW_WCSR); 489 PRINTREG(sc, ATW_WPDR); 490 PRINTREG(sc, ATW_GPTMR); 491 PRINTREG(sc, ATW_GPIO); 492 PRINTREG(sc, ATW_BBPCTL); 493 PRINTREG(sc, ATW_SYNCTL); 494 PRINTREG(sc, ATW_PLCPHD); 495 PRINTREG(sc, ATW_MMIWADDR); 496 PRINTREG(sc, ATW_MMIRADDR1); 497 PRINTREG(sc, ATW_MMIRADDR2); 498 PRINTREG(sc, ATW_TXBR); 499 PRINTREG(sc, ATW_CSR15A); 500 PRINTREG(sc, ATW_ALCSTAT); 501 PRINTREG(sc, ATW_TOFS2); 502 PRINTREG(sc, ATW_CMDR); 503 PRINTREG(sc, ATW_PCIC); 504 PRINTREG(sc, ATW_PMCSR); 505 PRINTREG(sc, ATW_PAR0); 506 PRINTREG(sc, ATW_PAR1); 507 PRINTREG(sc, ATW_MAR0); 508 PRINTREG(sc, ATW_MAR1); 509 PRINTREG(sc, ATW_ATIMDA0); 510 PRINTREG(sc, ATW_ABDA1); 511 PRINTREG(sc, ATW_BSSID0); 512 PRINTREG(sc, ATW_TXLMT); 513 PRINTREG(sc, ATW_MIBCNT); 514 PRINTREG(sc, ATW_BCNT); 515 PRINTREG(sc, ATW_TSFTH); 516 PRINTREG(sc, ATW_TSC); 517 PRINTREG(sc, ATW_SYNRF); 518 PRINTREG(sc, ATW_BPLI); 519 PRINTREG(sc, ATW_CAP0); 520 PRINTREG(sc, ATW_CAP1); 521 PRINTREG(sc, ATW_RMD); 522 PRINTREG(sc, ATW_CFPP); 523 PRINTREG(sc, ATW_TOFS0); 524 PRINTREG(sc, ATW_TOFS1); 525 PRINTREG(sc, ATW_IFST); 526 PRINTREG(sc, ATW_RSPT); 527 PRINTREG(sc, ATW_TSFTL); 528 PRINTREG(sc, ATW_WEPCTL); 529 PRINTREG(sc, ATW_WESK); 530 PRINTREG(sc, ATW_WEPCNT); 531 PRINTREG(sc, ATW_MACTEST); 532 PRINTREG(sc, ATW_FER); 533 PRINTREG(sc, ATW_FEMR); 534 PRINTREG(sc, ATW_FPSR); 535 PRINTREG(sc, ATW_FFER); 536 #undef PRINTREG 537 } 538 #endif /* ATW_DEBUG */ 539 540 /* 541 * Finish attaching an ADMtek ADM8211 MAC. Called by bus-specific front-end. 542 */ 543 void 544 atw_attach(struct atw_softc *sc) 545 { 546 static const u_int8_t empty_macaddr[IEEE80211_ADDR_LEN] = { 547 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 548 }; 549 struct ieee80211com *ic = &sc->sc_ic; 550 struct ifnet *ifp = &ic->ic_if; 551 int country_code, error, i, nrate, srom_major; 552 u_int32_t reg; 553 static const char *type_strings[] = {"Intersil (not supported)", 554 "RFMD", "Marvel (not supported)"}; 555 556 sc->sc_txth = atw_txthresh_tab_lo; 557 558 SIMPLEQ_INIT(&sc->sc_txfreeq); 559 SIMPLEQ_INIT(&sc->sc_txdirtyq); 560 561 #ifdef ATW_DEBUG 562 atw_print_regs(sc, "atw_attach"); 563 #endif /* ATW_DEBUG */ 564 565 /* 566 * Allocate the control data structures, and create and load the 567 * DMA map for it. 568 */ 569 if ((error = bus_dmamem_alloc(sc->sc_dmat, 570 sizeof(struct atw_control_data), PAGE_SIZE, 0, &sc->sc_cdseg, 571 1, &sc->sc_cdnseg, 0)) != 0) { 572 printf("%s: unable to allocate control data, error = %d\n", 573 sc->sc_dev.dv_xname, error); 574 goto fail_0; 575 } 576 577 if ((error = bus_dmamem_map(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg, 578 sizeof(struct atw_control_data), (caddr_t *)&sc->sc_control_data, 579 BUS_DMA_COHERENT)) != 0) { 580 printf("%s: unable to map control data, error = %d\n", 581 sc->sc_dev.dv_xname, error); 582 goto fail_1; 583 } 584 585 if ((error = bus_dmamap_create(sc->sc_dmat, 586 sizeof(struct atw_control_data), 1, 587 sizeof(struct atw_control_data), 0, 0, &sc->sc_cddmamap)) != 0) { 588 printf("%s: unable to create control data DMA map, " 589 "error = %d\n", sc->sc_dev.dv_xname, error); 590 goto fail_2; 591 } 592 593 if ((error = bus_dmamap_load(sc->sc_dmat, sc->sc_cddmamap, 594 sc->sc_control_data, sizeof(struct atw_control_data), NULL, 595 0)) != 0) { 596 printf("%s: unable to load control data DMA map, error = %d\n", 597 sc->sc_dev.dv_xname, error); 598 goto fail_3; 599 } 600 601 /* 602 * Create the transmit buffer DMA maps. 603 */ 604 sc->sc_ntxsegs = ATW_NTXSEGS; 605 for (i = 0; i < ATW_TXQUEUELEN; i++) { 606 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 607 sc->sc_ntxsegs, MCLBYTES, 0, 0, 608 &sc->sc_txsoft[i].txs_dmamap)) != 0) { 609 printf("%s: unable to create tx DMA map %d, " 610 "error = %d\n", sc->sc_dev.dv_xname, i, error); 611 goto fail_4; 612 } 613 } 614 615 /* 616 * Create the receive buffer DMA maps. 617 */ 618 for (i = 0; i < ATW_NRXDESC; i++) { 619 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 620 MCLBYTES, 0, 0, &sc->sc_rxsoft[i].rxs_dmamap)) != 0) { 621 printf("%s: unable to create rx DMA map %d, " 622 "error = %d\n", sc->sc_dev.dv_xname, i, error); 623 goto fail_5; 624 } 625 } 626 for (i = 0; i < ATW_NRXDESC; i++) { 627 sc->sc_rxsoft[i].rxs_mbuf = NULL; 628 } 629 630 switch (sc->sc_rev) { 631 case ATW_REVISION_AB: 632 case ATW_REVISION_AF: 633 sc->sc_sramlen = ATW_SRAM_A_SIZE; 634 break; 635 case ATW_REVISION_BA: 636 case ATW_REVISION_CA: 637 sc->sc_sramlen = ATW_SRAM_B_SIZE; 638 break; 639 } 640 641 /* Reset the chip to a known state. */ 642 atw_reset(sc); 643 644 if (atw_read_srom(sc) == -1) 645 return; 646 647 sc->sc_rftype = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CSR20], 648 ATW_SR_RFTYPE_MASK); 649 650 sc->sc_bbptype = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CSR20], 651 ATW_SR_BBPTYPE_MASK); 652 653 if (sc->sc_rftype > sizeof(type_strings)/sizeof(type_strings[0])) { 654 printf("%s: unknown RF\n", sc->sc_dev.dv_xname); 655 return; 656 } 657 if (sc->sc_bbptype > sizeof(type_strings)/sizeof(type_strings[0])) { 658 printf("%s: unknown BBP\n", sc->sc_dev.dv_xname); 659 return; 660 } 661 662 printf("%s: %s RF, %s BBP", sc->sc_dev.dv_xname, 663 type_strings[sc->sc_rftype], type_strings[sc->sc_bbptype]); 664 665 /* XXX There exists a Linux driver which seems to use RFType = 0 for 666 * MARVEL. My bug, or theirs? 667 */ 668 669 reg = LSHIFT(sc->sc_rftype, ATW_SYNCTL_RFTYPE_MASK); 670 671 switch (sc->sc_rftype) { 672 case ATW_RFTYPE_INTERSIL: 673 reg |= ATW_SYNCTL_CS1; 674 break; 675 case ATW_RFTYPE_RFMD: 676 reg |= ATW_SYNCTL_CS0; 677 break; 678 case ATW_RFTYPE_MARVEL: 679 break; 680 } 681 682 sc->sc_synctl_rd = reg | ATW_SYNCTL_RD; 683 sc->sc_synctl_wr = reg | ATW_SYNCTL_WR; 684 685 reg = LSHIFT(sc->sc_bbptype, ATW_BBPCTL_TYPE_MASK); 686 687 switch (sc->sc_bbptype) { 688 case ATW_BBPTYPE_INTERSIL: 689 reg |= ATW_BBPCTL_TWI; 690 break; 691 case ATW_BBPTYPE_RFMD: 692 reg |= ATW_BBPCTL_RF3KADDR_ADDR | ATW_BBPCTL_NEGEDGE_DO | 693 ATW_BBPCTL_CCA_ACTLO; 694 break; 695 case ATW_BBPTYPE_MARVEL: 696 break; 697 case ATW_C_BBPTYPE_RFMD: 698 printf("%s: ADM8211C MAC/RFMD BBP not supported yet.\n", 699 sc->sc_dev.dv_xname); 700 break; 701 } 702 703 sc->sc_bbpctl_wr = reg | ATW_BBPCTL_WR; 704 sc->sc_bbpctl_rd = reg | ATW_BBPCTL_RD; 705 706 /* 707 * From this point forward, the attachment cannot fail. A failure 708 * before this point releases all resources that may have been 709 * allocated. 710 */ 711 sc->sc_flags |= ATWF_ATTACHED /* | ATWF_RTSCTS */; 712 713 ATW_DPRINTF((" SROM MAC %04x%04x%04x", 714 htole16(sc->sc_srom[ATW_SR_MAC00]), 715 htole16(sc->sc_srom[ATW_SR_MAC01]), 716 htole16(sc->sc_srom[ATW_SR_MAC10]))); 717 718 srom_major = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_FORMAT_VERSION], 719 ATW_SR_MAJOR_MASK); 720 721 if (srom_major < 2) 722 sc->sc_rf3000_options1 = 0; 723 else if (sc->sc_rev == ATW_REVISION_BA) { 724 sc->sc_rf3000_options1 = 725 MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CR28_CR03], 726 ATW_SR_CR28_MASK); 727 } else 728 sc->sc_rf3000_options1 = 0; 729 730 sc->sc_rf3000_options2 = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CTRY_CR29], 731 ATW_SR_CR29_MASK); 732 733 country_code = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CTRY_CR29], 734 ATW_SR_CTRY_MASK); 735 736 #define ADD_CHANNEL(_ic, _chan) do { \ 737 _ic->ic_channels[_chan].ic_flags = IEEE80211_CHAN_B; \ 738 _ic->ic_channels[_chan].ic_freq = \ 739 ieee80211_ieee2mhz(_chan, _ic->ic_channels[_chan].ic_flags);\ 740 } while (0) 741 742 /* Find available channels */ 743 switch (country_code) { 744 case COUNTRY_MMK2: /* 1-14 */ 745 ADD_CHANNEL(ic, 14); 746 /*FALLTHROUGH*/ 747 case COUNTRY_ETSI: /* 1-13 */ 748 for (i = 1; i <= 13; i++) 749 ADD_CHANNEL(ic, i); 750 break; 751 case COUNTRY_FCC: /* 1-11 */ 752 case COUNTRY_IC: /* 1-11 */ 753 for (i = 1; i <= 11; i++) 754 ADD_CHANNEL(ic, i); 755 break; 756 case COUNTRY_MMK: /* 14 */ 757 ADD_CHANNEL(ic, 14); 758 break; 759 case COUNTRY_FRANCE: /* 10-13 */ 760 for (i = 10; i <= 13; i++) 761 ADD_CHANNEL(ic, i); 762 break; 763 default: /* assume channels 10-11 */ 764 case COUNTRY_SPAIN: /* 10-11 */ 765 for (i = 10; i <= 11; i++) 766 ADD_CHANNEL(ic, i); 767 break; 768 } 769 770 /* Read the MAC address. */ 771 reg = ATW_READ(sc, ATW_PAR0); 772 ic->ic_myaddr[0] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB0_MASK); 773 ic->ic_myaddr[1] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB1_MASK); 774 ic->ic_myaddr[2] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB2_MASK); 775 ic->ic_myaddr[3] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB3_MASK); 776 reg = ATW_READ(sc, ATW_PAR1); 777 ic->ic_myaddr[4] = MASK_AND_RSHIFT(reg, ATW_PAR1_PAB4_MASK); 778 ic->ic_myaddr[5] = MASK_AND_RSHIFT(reg, ATW_PAR1_PAB5_MASK); 779 780 if (IEEE80211_ADDR_EQ(ic->ic_myaddr, empty_macaddr)) { 781 printf(" could not get mac address, attach failed\n"); 782 return; 783 } 784 785 printf(" 802.11 address %s\n", ether_sprintf(ic->ic_myaddr)); 786 787 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 788 ifp->if_softc = sc; 789 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST | 790 IFF_NOTRAILERS; 791 ifp->if_ioctl = atw_ioctl; 792 ifp->if_start = atw_start; 793 ifp->if_watchdog = atw_watchdog; 794 ifp->if_init = atw_init; 795 ifp->if_stop = atw_stop; 796 IFQ_SET_READY(&ifp->if_snd); 797 798 ic->ic_phytype = IEEE80211_T_DS; 799 ic->ic_opmode = IEEE80211_M_STA; 800 ic->ic_caps = IEEE80211_C_PMGT | IEEE80211_C_IBSS | 801 IEEE80211_C_HOSTAP | IEEE80211_C_MONITOR | IEEE80211_C_WEP; 802 803 nrate = 0; 804 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 2; 805 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 4; 806 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 11; 807 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 22; 808 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_nrates = nrate; 809 810 /* 811 * Call MI attach routines. 812 */ 813 814 if_attach(ifp); 815 ieee80211_ifattach(ifp); 816 817 sc->sc_newstate = ic->ic_newstate; 818 ic->ic_newstate = atw_newstate; 819 820 sc->sc_recv_mgmt = ic->ic_recv_mgmt; 821 ic->ic_recv_mgmt = atw_recv_mgmt; 822 823 sc->sc_node_free = ic->ic_node_free; 824 ic->ic_node_free = atw_node_free; 825 826 sc->sc_node_alloc = ic->ic_node_alloc; 827 ic->ic_node_alloc = atw_node_alloc; 828 829 /* possibly we should fill in our own sc_send_prresp, since 830 * the ADM8211 is probably sending probe responses in ad hoc 831 * mode. 832 */ 833 834 /* complete initialization */ 835 ieee80211_media_init(ifp, atw_media_change, atw_media_status); 836 callout_init(&sc->sc_scan_ch); 837 838 #if NBPFILTER > 0 839 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 840 sizeof(struct ieee80211_frame) + 64, &sc->sc_radiobpf); 841 #endif 842 843 /* 844 * Make sure the interface is shutdown during reboot. 845 */ 846 sc->sc_sdhook = shutdownhook_establish(atw_shutdown, sc); 847 if (sc->sc_sdhook == NULL) 848 printf("%s: WARNING: unable to establish shutdown hook\n", 849 sc->sc_dev.dv_xname); 850 851 /* 852 * Add a suspend hook to make sure we come back up after a 853 * resume. 854 */ 855 sc->sc_powerhook = powerhook_establish(atw_power, sc); 856 if (sc->sc_powerhook == NULL) 857 printf("%s: WARNING: unable to establish power hook\n", 858 sc->sc_dev.dv_xname); 859 860 memset(&sc->sc_rxtapu, 0, sizeof(sc->sc_rxtapu)); 861 sc->sc_rxtap.ar_ihdr.it_len = sizeof(sc->sc_rxtapu); 862 sc->sc_rxtap.ar_ihdr.it_present = ATW_RX_RADIOTAP_PRESENT; 863 864 memset(&sc->sc_txtapu, 0, sizeof(sc->sc_txtapu)); 865 sc->sc_txtap.at_ihdr.it_len = sizeof(sc->sc_txtapu); 866 sc->sc_txtap.at_ihdr.it_present = ATW_TX_RADIOTAP_PRESENT; 867 868 return; 869 870 /* 871 * Free any resources we've allocated during the failed attach 872 * attempt. Do this in reverse order and fall through. 873 */ 874 fail_5: 875 for (i = 0; i < ATW_NRXDESC; i++) { 876 if (sc->sc_rxsoft[i].rxs_dmamap == NULL) 877 continue; 878 bus_dmamap_destroy(sc->sc_dmat, sc->sc_rxsoft[i].rxs_dmamap); 879 } 880 fail_4: 881 for (i = 0; i < ATW_TXQUEUELEN; i++) { 882 if (sc->sc_txsoft[i].txs_dmamap == NULL) 883 continue; 884 bus_dmamap_destroy(sc->sc_dmat, sc->sc_txsoft[i].txs_dmamap); 885 } 886 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 887 fail_3: 888 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 889 fail_2: 890 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->sc_control_data, 891 sizeof(struct atw_control_data)); 892 fail_1: 893 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 894 fail_0: 895 return; 896 } 897 898 static struct ieee80211_node * 899 atw_node_alloc(struct ieee80211com *ic) 900 { 901 struct atw_softc *sc = (struct atw_softc *)ic->ic_if.if_softc; 902 struct ieee80211_node *ni = (*sc->sc_node_alloc)(ic); 903 904 DPRINTF(sc, ("%s: alloc node %p\n", sc->sc_dev.dv_xname, ni)); 905 return ni; 906 } 907 908 static void 909 atw_node_free(struct ieee80211com *ic, struct ieee80211_node *ni) 910 { 911 struct atw_softc *sc = (struct atw_softc *)ic->ic_if.if_softc; 912 913 DPRINTF(sc, ("%s: freeing node %p %s\n", sc->sc_dev.dv_xname, ni, 914 ether_sprintf(ni->ni_bssid))); 915 (*sc->sc_node_free)(ic, ni); 916 } 917 918 919 static void 920 atw_test1_reset(struct atw_softc *sc) 921 { 922 switch (sc->sc_rev) { 923 case ATW_REVISION_BA: 924 if (1 /* XXX condition on transceiver type */) { 925 ATW_SET(sc, ATW_TEST1, ATW_TEST1_TESTMODE_MONITOR); 926 } 927 break; 928 case ATW_REVISION_CA: 929 ATW_CLR(sc, ATW_TEST1, ATW_TEST1_TESTMODE_MASK); 930 break; 931 default: 932 break; 933 } 934 } 935 936 /* 937 * atw_reset: 938 * 939 * Perform a soft reset on the ADM8211. 940 */ 941 void 942 atw_reset(struct atw_softc *sc) 943 { 944 int i; 945 uint32_t lpc; 946 947 ATW_WRITE(sc, ATW_NAR, 0x0); 948 DELAY(atw_nar_delay); 949 950 /* Reference driver has a cryptic remark indicating that this might 951 * power-on the chip. I know that it turns off power-saving.... 952 */ 953 ATW_WRITE(sc, ATW_FRCTL, 0x0); 954 955 ATW_WRITE(sc, ATW_PAR, ATW_PAR_SWR); 956 957 for (i = 0; i < 50000 / atw_pseudo_milli; i++) { 958 if (ATW_READ(sc, ATW_PAR) == 0) 959 break; 960 DELAY(atw_pseudo_milli); 961 } 962 963 /* ... and then pause 100ms longer for good measure. */ 964 DELAY(atw_magic_delay1); 965 966 DPRINTF2(sc, ("%s: atw_reset %d iterations\n", sc->sc_dev.dv_xname, i)); 967 968 if (ATW_ISSET(sc, ATW_PAR, ATW_PAR_SWR)) 969 printf("%s: reset failed to complete\n", sc->sc_dev.dv_xname); 970 971 atw_test1_reset(sc); 972 /* 973 * Initialize the PCI Access Register. 974 */ 975 sc->sc_busmode = ATW_PAR_PBL_8DW; 976 977 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 978 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 979 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 980 981 /* Turn off maximum power saving, etc. 982 * 983 * XXX Following example of reference driver, should I set 984 * an AID of 1? It didn't seem to help.... 985 */ 986 ATW_WRITE(sc, ATW_FRCTL, 0x0); 987 988 DELAY(atw_magic_delay2); 989 990 /* Recall EEPROM. */ 991 ATW_SET(sc, ATW_TEST0, ATW_TEST0_EPRLD); 992 993 DELAY(atw_magic_delay4); 994 995 lpc = ATW_READ(sc, ATW_LPC); 996 997 DPRINTF(sc, ("%s: ATW_LPC %#08x\n", __func__, lpc)); 998 999 /* A reset seems to affect the SRAM contents, so put them into 1000 * a known state. 1001 */ 1002 atw_clear_sram(sc); 1003 1004 memset(sc->sc_bssid, 0xff, sizeof(sc->sc_bssid)); 1005 } 1006 1007 static void 1008 atw_clear_sram(struct atw_softc *sc) 1009 { 1010 memset(sc->sc_sram, 0, sizeof(sc->sc_sram)); 1011 /* XXX not for revision 0x20. */ 1012 atw_write_sram(sc, 0, sc->sc_sram, sc->sc_sramlen); 1013 } 1014 1015 /* TBD atw_init 1016 * 1017 * set MAC based on ic->ic_bss->myaddr 1018 * write WEP keys 1019 * set TX rate 1020 */ 1021 1022 /* Tell the ADM8211 to raise ATW_INTR_LINKOFF if 7 beacon intervals pass 1023 * without receiving a beacon with the preferred BSSID & SSID. 1024 * atw_write_bssid & atw_write_ssid set the BSSID & SSID. 1025 */ 1026 static void 1027 atw_wcsr_init(struct atw_softc *sc) 1028 { 1029 uint32_t wcsr; 1030 1031 wcsr = ATW_READ(sc, ATW_WCSR); 1032 wcsr &= ~(ATW_WCSR_BLN_MASK|ATW_WCSR_LSOE|ATW_WCSR_MPRE|ATW_WCSR_LSOE); 1033 wcsr |= LSHIFT(7, ATW_WCSR_BLN_MASK); 1034 ATW_WRITE(sc, ATW_WCSR, wcsr); /* XXX resets wake-up status bits */ 1035 1036 DPRINTF(sc, ("%s: %s reg[WCSR] = %08x\n", 1037 sc->sc_dev.dv_xname, __func__, ATW_READ(sc, ATW_WCSR))); 1038 } 1039 1040 /* Turn off power management. Set Rx store-and-forward mode. */ 1041 static void 1042 atw_cmdr_init(struct atw_softc *sc) 1043 { 1044 uint32_t cmdr; 1045 cmdr = ATW_READ(sc, ATW_CMDR); 1046 cmdr &= ~ATW_CMDR_APM; 1047 cmdr |= ATW_CMDR_RTE; 1048 cmdr &= ~ATW_CMDR_DRT_MASK; 1049 cmdr |= ATW_CMDR_DRT_SF; 1050 1051 ATW_WRITE(sc, ATW_CMDR, cmdr); 1052 } 1053 1054 static void 1055 atw_tofs2_init(struct atw_softc *sc) 1056 { 1057 uint32_t tofs2; 1058 /* XXX this magic can probably be figured out from the RFMD docs */ 1059 #ifndef ATW_REFSLAVE 1060 tofs2 = LSHIFT(4, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 1061 LSHIFT(13, ATW_TOFS2_PWR0PAPE_MASK) | /* 13 us */ 1062 LSHIFT(8, ATW_TOFS2_PWR1PAPE_MASK) | /* 8 us */ 1063 LSHIFT(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 1064 LSHIFT(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 1065 LSHIFT(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 1066 LSHIFT(4, ATW_TOFS2_PWR1PE2_MASK) | /* 4 us */ 1067 LSHIFT(5, ATW_TOFS2_PWR0TXPE_MASK); /* 5 us */ 1068 #else 1069 /* XXX new magic from reference driver source */ 1070 tofs2 = LSHIFT(8, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 1071 LSHIFT(8, ATW_TOFS2_PWR0PAPE_MASK) | /* 13 us */ 1072 LSHIFT(1, ATW_TOFS2_PWR1PAPE_MASK) | /* 8 us */ 1073 LSHIFT(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 1074 LSHIFT(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 1075 LSHIFT(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 1076 LSHIFT(1, ATW_TOFS2_PWR1PE2_MASK) | /* 4 us */ 1077 LSHIFT(8, ATW_TOFS2_PWR0TXPE_MASK); /* 5 us */ 1078 #endif 1079 ATW_WRITE(sc, ATW_TOFS2, tofs2); 1080 } 1081 1082 static void 1083 atw_nar_init(struct atw_softc *sc) 1084 { 1085 ATW_WRITE(sc, ATW_NAR, ATW_NAR_SF|ATW_NAR_PB); 1086 } 1087 1088 static void 1089 atw_txlmt_init(struct atw_softc *sc) 1090 { 1091 ATW_WRITE(sc, ATW_TXLMT, LSHIFT(512, ATW_TXLMT_MTMLT_MASK) | 1092 LSHIFT(1, ATW_TXLMT_SRTYLIM_MASK)); 1093 } 1094 1095 static void 1096 atw_test1_init(struct atw_softc *sc) 1097 { 1098 uint32_t test1; 1099 1100 test1 = ATW_READ(sc, ATW_TEST1); 1101 test1 &= ~(ATW_TEST1_DBGREAD_MASK|ATW_TEST1_CONTROL); 1102 /* XXX magic 0x1 */ 1103 test1 |= LSHIFT(0x1, ATW_TEST1_DBGREAD_MASK) | ATW_TEST1_CONTROL; 1104 ATW_WRITE(sc, ATW_TEST1, test1); 1105 } 1106 1107 static void 1108 atw_rf_reset(struct atw_softc *sc) 1109 { 1110 /* XXX this resets an Intersil RF front-end? */ 1111 /* TBD condition on Intersil RFType? */ 1112 ATW_WRITE(sc, ATW_SYNRF, ATW_SYNRF_INTERSIL_EN); 1113 DELAY(atw_rf_delay1); 1114 ATW_WRITE(sc, ATW_SYNRF, 0); 1115 DELAY(atw_rf_delay2); 1116 } 1117 1118 /* Set 16 TU max duration for the contention-free period (CFP). */ 1119 static void 1120 atw_cfp_init(struct atw_softc *sc) 1121 { 1122 uint32_t cfpp; 1123 1124 cfpp = ATW_READ(sc, ATW_CFPP); 1125 cfpp &= ~ATW_CFPP_CFPMD; 1126 cfpp |= LSHIFT(16, ATW_CFPP_CFPMD); 1127 ATW_WRITE(sc, ATW_CFPP, cfpp); 1128 } 1129 1130 static void 1131 atw_tofs0_init(struct atw_softc *sc) 1132 { 1133 /* XXX I guess that the Cardbus clock is 22MHz? 1134 * I am assuming that the role of ATW_TOFS0_USCNT is 1135 * to divide the bus clock to get a 1MHz clock---the datasheet is not 1136 * very clear on this point. It says in the datasheet that it is 1137 * possible for the ADM8211 to accomodate bus speeds between 22MHz 1138 * and 33MHz; maybe this is the way? I see a binary-only driver write 1139 * these values. These values are also the power-on default. 1140 */ 1141 ATW_WRITE(sc, ATW_TOFS0, 1142 LSHIFT(22, ATW_TOFS0_USCNT_MASK) | 1143 ATW_TOFS0_TUCNT_MASK /* set all bits in TUCNT */); 1144 } 1145 1146 /* Initialize interframe spacing: 802.11b slot time, SIFS, DIFS, EIFS. */ 1147 static void 1148 atw_ifs_init(struct atw_softc *sc) 1149 { 1150 uint32_t ifst; 1151 /* XXX EIFS=0x64, SIFS=110 are used by the reference driver. 1152 * Go figure. 1153 */ 1154 ifst = LSHIFT(IEEE80211_DUR_DS_SLOT, ATW_IFST_SLOT_MASK) | 1155 LSHIFT(22 * 5 /* IEEE80211_DUR_DS_SIFS */ /* # of 22MHz cycles */, 1156 ATW_IFST_SIFS_MASK) | 1157 LSHIFT(IEEE80211_DUR_DS_DIFS, ATW_IFST_DIFS_MASK) | 1158 LSHIFT(0x64 /* IEEE80211_DUR_DS_EIFS */, ATW_IFST_EIFS_MASK); 1159 1160 ATW_WRITE(sc, ATW_IFST, ifst); 1161 } 1162 1163 static void 1164 atw_response_times_init(struct atw_softc *sc) 1165 { 1166 /* XXX More magic. Relates to ACK timing? The datasheet seems to 1167 * indicate that the MAC expects at least SIFS + MIRT microseconds 1168 * to pass after it transmits a frame that requires a response; 1169 * it waits at most SIFS + MART microseconds for the response. 1170 * Surely this is not the ACK timeout? 1171 */ 1172 ATW_WRITE(sc, ATW_RSPT, LSHIFT(0xffff, ATW_RSPT_MART_MASK) | 1173 LSHIFT(0xff, ATW_RSPT_MIRT_MASK)); 1174 } 1175 1176 /* Set up the MMI read/write addresses for the baseband. The Tx/Rx 1177 * engines read and write baseband registers after Rx and before 1178 * Tx, respectively. 1179 */ 1180 static void 1181 atw_bbp_io_init(struct atw_softc *sc) 1182 { 1183 uint32_t mmiraddr2; 1184 1185 /* XXX The reference driver does this, but is it *really* 1186 * necessary? 1187 */ 1188 switch (sc->sc_rev) { 1189 case ATW_REVISION_AB: 1190 case ATW_REVISION_AF: 1191 mmiraddr2 = 0x0; 1192 break; 1193 default: 1194 mmiraddr2 = ATW_READ(sc, ATW_MMIRADDR2); 1195 mmiraddr2 &= 1196 ~(ATW_MMIRADDR2_PROREXT|ATW_MMIRADDR2_PRORLEN_MASK); 1197 break; 1198 } 1199 1200 switch (sc->sc_bbptype) { 1201 case ATW_BBPTYPE_INTERSIL: 1202 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_INTERSIL); 1203 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_INTERSIL); 1204 mmiraddr2 |= ATW_MMIRADDR2_INTERSIL; 1205 break; 1206 case ATW_BBPTYPE_MARVEL: 1207 /* TBD find out the Marvel settings. */ 1208 break; 1209 case ATW_BBPTYPE_RFMD: 1210 default: 1211 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_RFMD); 1212 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_RFMD); 1213 mmiraddr2 |= ATW_MMIRADDR2_RFMD; 1214 break; 1215 } 1216 ATW_WRITE(sc, ATW_MMIRADDR2, mmiraddr2); 1217 ATW_WRITE(sc, ATW_MACTEST, ATW_MACTEST_MMI_USETXCLK); 1218 } 1219 1220 /* 1221 * atw_init: [ ifnet interface function ] 1222 * 1223 * Initialize the interface. Must be called at splnet(). 1224 */ 1225 int 1226 atw_init(struct ifnet *ifp) 1227 { 1228 struct atw_softc *sc = ifp->if_softc; 1229 struct ieee80211com *ic = &sc->sc_ic; 1230 struct atw_txsoft *txs; 1231 struct atw_rxsoft *rxs; 1232 int i, error = 0; 1233 1234 if ((error = atw_enable(sc)) != 0) 1235 goto out; 1236 1237 /* 1238 * Cancel any pending I/O. This also resets. 1239 */ 1240 atw_stop(ifp, 0); 1241 1242 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1243 DPRINTF(sc, ("%s: channel %d freq %d flags 0x%04x\n", 1244 __func__, ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan), 1245 ic->ic_bss->ni_chan->ic_freq, ic->ic_bss->ni_chan->ic_flags)); 1246 1247 atw_wcsr_init(sc); 1248 1249 atw_cmdr_init(sc); 1250 1251 /* Set data rate for PLCP Signal field, 1Mbps = 10 x 100Kb/s. 1252 * 1253 * XXX Set transmit power for ATIM, RTS, Beacon. 1254 */ 1255 ATW_WRITE(sc, ATW_PLCPHD, LSHIFT(10, ATW_PLCPHD_SIGNAL_MASK) | 1256 LSHIFT(0xb0, ATW_PLCPHD_SERVICE_MASK)); 1257 1258 atw_tofs2_init(sc); 1259 1260 atw_nar_init(sc); 1261 1262 atw_txlmt_init(sc); 1263 1264 atw_test1_init(sc); 1265 1266 atw_rf_reset(sc); 1267 1268 atw_cfp_init(sc); 1269 1270 atw_tofs0_init(sc); 1271 1272 atw_ifs_init(sc); 1273 1274 /* XXX Fall asleep after one second of inactivity. 1275 * XXX A frame may only dribble in for 65536us. 1276 */ 1277 ATW_WRITE(sc, ATW_RMD, 1278 LSHIFT(1, ATW_RMD_PCNT) | LSHIFT(0xffff, ATW_RMD_RMRD_MASK)); 1279 1280 atw_response_times_init(sc); 1281 1282 atw_bbp_io_init(sc); 1283 1284 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1285 1286 if ((error = atw_rf3000_init(sc)) != 0) 1287 goto out; 1288 1289 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 1290 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 1291 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 1292 1293 /* 1294 * Initialize the transmit descriptor ring. 1295 */ 1296 memset(sc->sc_txdescs, 0, sizeof(sc->sc_txdescs)); 1297 for (i = 0; i < ATW_NTXDESC; i++) { 1298 sc->sc_txdescs[i].at_ctl = 0; 1299 /* no transmit chaining */ 1300 sc->sc_txdescs[i].at_flags = 0 /* ATW_TXFLAG_TCH */; 1301 sc->sc_txdescs[i].at_buf2 = 1302 htole32(ATW_CDTXADDR(sc, ATW_NEXTTX(i))); 1303 } 1304 /* use ring mode */ 1305 sc->sc_txdescs[ATW_NTXDESC - 1].at_flags |= htole32(ATW_TXFLAG_TER); 1306 ATW_CDTXSYNC(sc, 0, ATW_NTXDESC, 1307 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 1308 sc->sc_txfree = ATW_NTXDESC; 1309 sc->sc_txnext = 0; 1310 1311 /* 1312 * Initialize the transmit job descriptors. 1313 */ 1314 SIMPLEQ_INIT(&sc->sc_txfreeq); 1315 SIMPLEQ_INIT(&sc->sc_txdirtyq); 1316 for (i = 0; i < ATW_TXQUEUELEN; i++) { 1317 txs = &sc->sc_txsoft[i]; 1318 txs->txs_mbuf = NULL; 1319 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 1320 } 1321 1322 /* 1323 * Initialize the receive descriptor and receive job 1324 * descriptor rings. 1325 */ 1326 for (i = 0; i < ATW_NRXDESC; i++) { 1327 rxs = &sc->sc_rxsoft[i]; 1328 if (rxs->rxs_mbuf == NULL) { 1329 if ((error = atw_add_rxbuf(sc, i)) != 0) { 1330 printf("%s: unable to allocate or map rx " 1331 "buffer %d, error = %d\n", 1332 sc->sc_dev.dv_xname, i, error); 1333 /* 1334 * XXX Should attempt to run with fewer receive 1335 * XXX buffers instead of just failing. 1336 */ 1337 atw_rxdrain(sc); 1338 goto out; 1339 } 1340 } else 1341 ATW_INIT_RXDESC(sc, i); 1342 } 1343 sc->sc_rxptr = 0; 1344 1345 /* 1346 * Initialize the interrupt mask and enable interrupts. 1347 */ 1348 /* normal interrupts */ 1349 sc->sc_inten = ATW_INTR_TCI | ATW_INTR_TDU | ATW_INTR_RCI | 1350 ATW_INTR_NISS | ATW_INTR_LINKON | ATW_INTR_BCNTC; 1351 1352 /* abnormal interrupts */ 1353 sc->sc_inten |= ATW_INTR_TPS | ATW_INTR_TLT | ATW_INTR_TRT | 1354 ATW_INTR_TUF | ATW_INTR_RDU | ATW_INTR_RPS | ATW_INTR_AISS | 1355 ATW_INTR_FBE | ATW_INTR_LINKOFF | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1356 1357 sc->sc_linkint_mask = ATW_INTR_LINKON | ATW_INTR_LINKOFF | 1358 ATW_INTR_BCNTC | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1359 sc->sc_rxint_mask = ATW_INTR_RCI | ATW_INTR_RDU; 1360 sc->sc_txint_mask = ATW_INTR_TCI | ATW_INTR_TUF | ATW_INTR_TLT | 1361 ATW_INTR_TRT; 1362 1363 sc->sc_linkint_mask &= sc->sc_inten; 1364 sc->sc_rxint_mask &= sc->sc_inten; 1365 sc->sc_txint_mask &= sc->sc_inten; 1366 1367 ATW_WRITE(sc, ATW_IER, sc->sc_inten); 1368 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1369 1370 DPRINTF(sc, ("%s: ATW_IER %08x, inten %08x\n", 1371 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_IER), sc->sc_inten)); 1372 1373 /* 1374 * Give the transmit and receive rings to the ADM8211. 1375 */ 1376 ATW_WRITE(sc, ATW_RDB, ATW_CDRXADDR(sc, sc->sc_rxptr)); 1377 ATW_WRITE(sc, ATW_TDBD, ATW_CDTXADDR(sc, sc->sc_txnext)); 1378 1379 sc->sc_txthresh = 0; 1380 sc->sc_opmode = ATW_NAR_SR | ATW_NAR_ST | 1381 sc->sc_txth[sc->sc_txthresh].txth_opmode; 1382 1383 /* common 802.11 configuration */ 1384 ic->ic_flags &= ~IEEE80211_F_IBSSON; 1385 switch (ic->ic_opmode) { 1386 case IEEE80211_M_STA: 1387 break; 1388 case IEEE80211_M_AHDEMO: /* XXX */ 1389 case IEEE80211_M_IBSS: 1390 ic->ic_flags |= IEEE80211_F_IBSSON; 1391 /*FALLTHROUGH*/ 1392 case IEEE80211_M_HOSTAP: /* XXX */ 1393 break; 1394 case IEEE80211_M_MONITOR: /* XXX */ 1395 break; 1396 } 1397 1398 switch (ic->ic_opmode) { 1399 case IEEE80211_M_AHDEMO: 1400 case IEEE80211_M_HOSTAP: 1401 ic->ic_bss->ni_intval = ic->ic_lintval; 1402 ic->ic_bss->ni_rssi = 0; 1403 ic->ic_bss->ni_rstamp = 0; 1404 break; 1405 default: /* XXX */ 1406 break; 1407 } 1408 1409 sc->sc_wepctl = 0; 1410 1411 atw_write_ssid(sc); 1412 atw_write_sup_rates(sc); 1413 if (ic->ic_caps & IEEE80211_C_WEP) 1414 atw_write_wep(sc); 1415 1416 ic->ic_state = IEEE80211_S_INIT; 1417 1418 /* 1419 * Set the receive filter. This will start the transmit and 1420 * receive processes. 1421 */ 1422 atw_filter_setup(sc); 1423 1424 /* 1425 * Start the receive process. 1426 */ 1427 ATW_WRITE(sc, ATW_RDR, 0x1); 1428 1429 /* 1430 * Note that the interface is now running. 1431 */ 1432 ifp->if_flags |= IFF_RUNNING; 1433 ifp->if_flags &= ~IFF_OACTIVE; 1434 1435 /* send no beacons, yet. */ 1436 atw_start_beacon(sc, 0); 1437 1438 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1439 error = ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1440 else 1441 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1442 out: 1443 if (error) { 1444 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1445 ifp->if_timer = 0; 1446 printf("%s: interface not running\n", sc->sc_dev.dv_xname); 1447 } 1448 #ifdef ATW_DEBUG 1449 atw_print_regs(sc, "end of init"); 1450 #endif /* ATW_DEBUG */ 1451 1452 return (error); 1453 } 1454 1455 /* enable == 1: host control of RF3000/Si4126 through ATW_SYNCTL. 1456 * 0: MAC control of RF3000/Si4126. 1457 * 1458 * Applies power, or selects RF front-end? Sets reset condition. 1459 * 1460 * TBD support non-RFMD BBP, non-SiLabs synth. 1461 */ 1462 static void 1463 atw_bbp_io_enable(struct atw_softc *sc, int enable) 1464 { 1465 if (enable) { 1466 ATW_WRITE(sc, ATW_SYNRF, 1467 ATW_SYNRF_SELRF|ATW_SYNRF_PE1|ATW_SYNRF_PHYRST); 1468 DELAY(atw_bbp_io_enable_delay); 1469 } else { 1470 ATW_WRITE(sc, ATW_SYNRF, 0); 1471 DELAY(atw_bbp_io_disable_delay); /* shorter for some reason */ 1472 } 1473 } 1474 1475 static int 1476 atw_tune(struct atw_softc *sc) 1477 { 1478 int rc; 1479 u_int chan; 1480 struct ieee80211com *ic = &sc->sc_ic; 1481 1482 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 1483 if (chan == IEEE80211_CHAN_ANY) 1484 panic("%s: chan == IEEE80211_CHAN_ANY\n", __func__); 1485 1486 if (chan == sc->sc_cur_chan) 1487 return 0; 1488 1489 DPRINTF(sc, ("%s: chan %d -> %d\n", sc->sc_dev.dv_xname, 1490 sc->sc_cur_chan, chan)); 1491 1492 atw_idle(sc, ATW_NAR_SR|ATW_NAR_ST); 1493 1494 atw_si4126_tune(sc, chan); 1495 if ((rc = atw_rf3000_tune(sc, chan)) != 0) 1496 printf("%s: failed to tune channel %d\n", sc->sc_dev.dv_xname, 1497 chan); 1498 1499 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 1500 DELAY(atw_nar_delay); 1501 ATW_WRITE(sc, ATW_RDR, 0x1); 1502 1503 if (rc == 0) 1504 sc->sc_cur_chan = chan; 1505 1506 return rc; 1507 } 1508 1509 #ifdef ATW_SYNDEBUG 1510 static void 1511 atw_si4126_print(struct atw_softc *sc) 1512 { 1513 struct ifnet *ifp = &sc->sc_ic.ic_if; 1514 u_int addr, val; 1515 1516 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1517 return; 1518 1519 for (addr = 0; addr <= 8; addr++) { 1520 printf("%s: synth[%d] = ", sc->sc_dev.dv_xname, addr); 1521 if (atw_si4126_read(sc, addr, &val) == 0) { 1522 printf("<unknown> (quitting print-out)\n"); 1523 break; 1524 } 1525 printf("%05x\n", val); 1526 } 1527 } 1528 #endif /* ATW_SYNDEBUG */ 1529 1530 /* Tune to channel chan by adjusting the Si4126 RF/IF synthesizer. 1531 * 1532 * The RF/IF synthesizer produces two reference frequencies for 1533 * the RF2948B transceiver. The first frequency the RF2948B requires 1534 * is two times the so-called "intermediate frequency" (IF). Since 1535 * a SAW filter on the radio fixes the IF at 374MHz, I program the 1536 * Si4126 to generate IF LO = 374MHz x 2 = 748MHz. The second 1537 * frequency required by the transceiver is the radio frequency 1538 * (RF). This is a superheterodyne transceiver; for f(chan) the 1539 * center frequency of the channel we are tuning, RF = f(chan) - 1540 * IF. 1541 * 1542 * XXX I am told by SiLabs that the Si4126 will accept a broader range 1543 * of XIN than the 2-25MHz mentioned by the datasheet, even *without* 1544 * XINDIV2 = 1. I've tried this (it is necessary to double R) and it 1545 * works, but I have still programmed for XINDIV2 = 1 to be safe. 1546 */ 1547 static void 1548 atw_si4126_tune(struct atw_softc *sc, u_int chan) 1549 { 1550 u_int mhz; 1551 u_int R; 1552 u_int32_t gpio; 1553 u_int16_t gain; 1554 1555 #ifdef ATW_SYNDEBUG 1556 atw_si4126_print(sc); 1557 #endif /* ATW_SYNDEBUG */ 1558 1559 if (chan == 14) 1560 mhz = 2484; 1561 else 1562 mhz = 2412 + 5 * (chan - 1); 1563 1564 /* Tune IF to 748MHz to suit the IF LO input of the 1565 * RF2494B, which is 2 x IF. No need to set an IF divider 1566 * because an IF in 526MHz - 952MHz is allowed. 1567 * 1568 * XIN is 44.000MHz, so divide it by two to get allowable 1569 * range of 2-25MHz. SiLabs tells me that this is not 1570 * strictly necessary. 1571 */ 1572 1573 if (atw_xindiv2) 1574 R = 44; 1575 else 1576 R = 88; 1577 1578 /* Power-up RF, IF synthesizers. */ 1579 atw_si4126_write(sc, SI4126_POWER, 1580 SI4126_POWER_PDIB|SI4126_POWER_PDRB); 1581 1582 /* set LPWR, too? */ 1583 atw_si4126_write(sc, SI4126_MAIN, 1584 (atw_xindiv2) ? SI4126_MAIN_XINDIV2 : 0); 1585 1586 /* Set the phase-locked loop gain. If RF2 N > 2047, then 1587 * set KP2 to 1. 1588 * 1589 * REFDIF This is different from the reference driver, which 1590 * always sets SI4126_GAIN to 0. 1591 */ 1592 gain = LSHIFT(((mhz - 374) > 2047) ? 1 : 0, SI4126_GAIN_KP2_MASK); 1593 1594 atw_si4126_write(sc, SI4126_GAIN, gain); 1595 1596 /* XIN = 44MHz. 1597 * 1598 * If XINDIV2 = 1, IF = N/(2 * R) * XIN. I choose N = 1496, 1599 * R = 44 so that 1496/(2 * 44) * 44MHz = 748MHz. 1600 * 1601 * If XINDIV2 = 0, IF = N/R * XIN. I choose N = 1496, R = 88 1602 * so that 1496/88 * 44MHz = 748MHz. 1603 */ 1604 atw_si4126_write(sc, SI4126_IFN, 1496); 1605 1606 atw_si4126_write(sc, SI4126_IFR, R); 1607 1608 #ifndef ATW_REFSLAVE 1609 /* Set RF1 arbitrarily. DO NOT configure RF1 after RF2, because 1610 * then RF1 becomes the active RF synthesizer, even on the Si4126, 1611 * which has no RF1! 1612 */ 1613 atw_si4126_write(sc, SI4126_RF1R, R); 1614 1615 atw_si4126_write(sc, SI4126_RF1N, mhz - 374); 1616 #endif 1617 1618 /* N/R * XIN = RF. XIN = 44MHz. We desire RF = mhz - IF, 1619 * where IF = 374MHz. Let's divide XIN to 1MHz. So R = 44. 1620 * Now let's multiply it to mhz. So mhz - IF = N. 1621 */ 1622 atw_si4126_write(sc, SI4126_RF2R, R); 1623 1624 atw_si4126_write(sc, SI4126_RF2N, mhz - 374); 1625 1626 /* wait 100us from power-up for RF, IF to settle */ 1627 DELAY(100); 1628 1629 gpio = ATW_READ(sc, ATW_GPIO); 1630 gpio &= ~(ATW_GPIO_EN_MASK|ATW_GPIO_O_MASK|ATW_GPIO_I_MASK); 1631 gpio |= LSHIFT(1, ATW_GPIO_EN_MASK); 1632 1633 if ((sc->sc_if.if_flags & IFF_LINK1) != 0 && chan != 14) { 1634 /* Set a Prism RF front-end to a special mode for channel 14? 1635 * 1636 * Apparently the SMC2635W needs this, although I don't think 1637 * it has a Prism RF. 1638 */ 1639 gpio |= LSHIFT(1, ATW_GPIO_O_MASK); 1640 } 1641 ATW_WRITE(sc, ATW_GPIO, gpio); 1642 1643 #ifdef ATW_SYNDEBUG 1644 atw_si4126_print(sc); 1645 #endif /* ATW_SYNDEBUG */ 1646 } 1647 1648 /* Baseline initialization of RF3000 BBP: set CCA mode and enable antenna 1649 * diversity. 1650 * 1651 * !!! 1652 * !!! Call this w/ Tx/Rx suspended, atw_idle(, ATW_NAR_ST|ATW_NAR_SR). 1653 * !!! 1654 */ 1655 static int 1656 atw_rf3000_init(struct atw_softc *sc) 1657 { 1658 int rc = 0; 1659 1660 atw_bbp_io_enable(sc, 1); 1661 1662 /* CCA is acquisition sensitive */ 1663 rc = atw_rf3000_write(sc, RF3000_CCACTL, 1664 LSHIFT(RF3000_CCACTL_MODE_BOTH, RF3000_CCACTL_MODE_MASK)); 1665 1666 if (rc != 0) 1667 goto out; 1668 1669 /* enable diversity */ 1670 rc = atw_rf3000_write(sc, RF3000_DIVCTL, RF3000_DIVCTL_ENABLE); 1671 1672 if (rc != 0) 1673 goto out; 1674 1675 /* sensible setting from a binary-only driver */ 1676 rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1677 LSHIFT(0x1d, RF3000_GAINCTL_TXVGC_MASK)); 1678 1679 if (rc != 0) 1680 goto out; 1681 1682 /* magic from a binary-only driver */ 1683 rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, 1684 LSHIFT(0x38, RF3000_LOGAINCAL_CAL_MASK)); 1685 1686 if (rc != 0) 1687 goto out; 1688 1689 rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, RF3000_HIGAINCAL_DSSSPAD); 1690 1691 if (rc != 0) 1692 goto out; 1693 1694 /* XXX Reference driver remarks that Abocom sets this to 50. 1695 * Meaning 0x50, I think.... 50 = 0x32, which would set a bit 1696 * in the "reserved" area of register RF3000_OPTIONS1. 1697 */ 1698 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, sc->sc_rf3000_options1); 1699 1700 if (rc != 0) 1701 goto out; 1702 1703 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, sc->sc_rf3000_options2); 1704 1705 if (rc != 0) 1706 goto out; 1707 1708 out: 1709 atw_bbp_io_enable(sc, 0); 1710 return rc; 1711 } 1712 1713 #ifdef ATW_BBPDEBUG 1714 static void 1715 atw_rf3000_print(struct atw_softc *sc) 1716 { 1717 struct ifnet *ifp = &sc->sc_ic.ic_if; 1718 u_int addr, val; 1719 1720 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1721 return; 1722 1723 for (addr = 0x01; addr <= 0x15; addr++) { 1724 printf("%s: bbp[%d] = \n", sc->sc_dev.dv_xname, addr); 1725 if (atw_rf3000_read(sc, addr, &val) != 0) { 1726 printf("<unknown> (quitting print-out)\n"); 1727 break; 1728 } 1729 printf("%08x\n", val); 1730 } 1731 } 1732 #endif /* ATW_BBPDEBUG */ 1733 1734 /* Set the power settings on the BBP for channel `chan'. */ 1735 static int 1736 atw_rf3000_tune(struct atw_softc *sc, u_int chan) 1737 { 1738 int rc = 0; 1739 u_int32_t reg; 1740 u_int16_t txpower, lpf_cutoff, lna_gs_thresh; 1741 1742 txpower = sc->sc_srom[ATW_SR_TXPOWER(chan)]; 1743 lpf_cutoff = sc->sc_srom[ATW_SR_LPF_CUTOFF(chan)]; 1744 lna_gs_thresh = sc->sc_srom[ATW_SR_LNA_GS_THRESH(chan)]; 1745 1746 /* odd channels: LSB, even channels: MSB */ 1747 if (chan % 2 == 1) { 1748 txpower &= 0xFF; 1749 lpf_cutoff &= 0xFF; 1750 lna_gs_thresh &= 0xFF; 1751 } else { 1752 txpower >>= 8; 1753 lpf_cutoff >>= 8; 1754 lna_gs_thresh >>= 8; 1755 } 1756 1757 #ifdef ATW_BBPDEBUG 1758 atw_rf3000_print(sc); 1759 #endif /* ATW_BBPDEBUG */ 1760 1761 DPRINTF(sc, ("%s: chan %d txpower %02x, lpf_cutoff %02x, " 1762 "lna_gs_thresh %02x\n", 1763 sc->sc_dev.dv_xname, chan, txpower, lpf_cutoff, lna_gs_thresh)); 1764 1765 atw_bbp_io_enable(sc, 1); 1766 1767 if ((rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1768 LSHIFT(txpower, RF3000_GAINCTL_TXVGC_MASK))) != 0) 1769 goto out; 1770 1771 if ((rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, lpf_cutoff)) != 0) 1772 goto out; 1773 1774 if ((rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, lna_gs_thresh)) != 0) 1775 goto out; 1776 1777 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, 0x0); 1778 1779 if (rc != 0) 1780 goto out; 1781 1782 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, RF3000_OPTIONS2_LNAGS_DELAY); 1783 1784 if (rc != 0) 1785 goto out; 1786 1787 #ifdef ATW_BBPDEBUG 1788 atw_rf3000_print(sc); 1789 #endif /* ATW_BBPDEBUG */ 1790 1791 out: 1792 atw_bbp_io_enable(sc, 0); 1793 1794 /* set beacon, rts, atim transmit power */ 1795 reg = ATW_READ(sc, ATW_PLCPHD); 1796 reg &= ~ATW_PLCPHD_SERVICE_MASK; 1797 reg |= LSHIFT(LSHIFT(txpower, RF3000_GAINCTL_TXVGC_MASK), 1798 ATW_PLCPHD_SERVICE_MASK); 1799 ATW_WRITE(sc, ATW_PLCPHD, reg); 1800 DELAY(atw_plcphd_delay); 1801 1802 return rc; 1803 } 1804 1805 /* Write a register on the RF3000 baseband processor using the 1806 * registers provided by the ADM8211 for this purpose. 1807 * 1808 * Return 0 on success. 1809 */ 1810 static int 1811 atw_rf3000_write(struct atw_softc *sc, u_int addr, u_int val) 1812 { 1813 u_int32_t reg; 1814 int i; 1815 1816 reg = sc->sc_bbpctl_wr | 1817 LSHIFT(val & 0xff, ATW_BBPCTL_DATA_MASK) | 1818 LSHIFT(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1819 1820 for (i = 20000 / atw_pseudo_milli; --i >= 0; ) { 1821 ATW_WRITE(sc, ATW_BBPCTL, reg); 1822 DELAY(2 * atw_pseudo_milli); 1823 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_WR) == 0) 1824 break; 1825 } 1826 1827 if (i < 0) { 1828 printf("%s: BBPCTL still busy\n", sc->sc_dev.dv_xname); 1829 return ETIMEDOUT; 1830 } 1831 return 0; 1832 } 1833 1834 /* Read a register on the RF3000 baseband processor using the registers 1835 * the ADM8211 provides for this purpose. 1836 * 1837 * The 7-bit register address is addr. Record the 8-bit data in the register 1838 * in *val. 1839 * 1840 * Return 0 on success. 1841 * 1842 * XXX This does not seem to work. The ADM8211 must require more or 1843 * different magic to read the chip than to write it. Possibly some 1844 * of the magic I have derived from a binary-only driver concerns 1845 * the "chip address" (see the RF3000 manual). 1846 */ 1847 #ifdef ATW_BBPDEBUG 1848 static int 1849 atw_rf3000_read(struct atw_softc *sc, u_int addr, u_int *val) 1850 { 1851 u_int32_t reg; 1852 int i; 1853 1854 for (i = 1000; --i >= 0; ) { 1855 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD|ATW_BBPCTL_WR) == 0) 1856 break; 1857 DELAY(100); 1858 } 1859 1860 if (i < 0) { 1861 printf("%s: start atw_rf3000_read, BBPCTL busy\n", 1862 sc->sc_dev.dv_xname); 1863 return ETIMEDOUT; 1864 } 1865 1866 reg = sc->sc_bbpctl_rd | LSHIFT(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1867 1868 ATW_WRITE(sc, ATW_BBPCTL, reg); 1869 1870 for (i = 1000; --i >= 0; ) { 1871 DELAY(100); 1872 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD) == 0) 1873 break; 1874 } 1875 1876 ATW_CLR(sc, ATW_BBPCTL, ATW_BBPCTL_RD); 1877 1878 if (i < 0) { 1879 printf("%s: atw_rf3000_read wrote %08x; BBPCTL still busy\n", 1880 sc->sc_dev.dv_xname, reg); 1881 return ETIMEDOUT; 1882 } 1883 if (val != NULL) 1884 *val = MASK_AND_RSHIFT(reg, ATW_BBPCTL_DATA_MASK); 1885 return 0; 1886 } 1887 #endif /* ATW_BBPDEBUG */ 1888 1889 /* Write a register on the Si4126 RF/IF synthesizer using the registers 1890 * provided by the ADM8211 for that purpose. 1891 * 1892 * val is 18 bits of data, and val is the 4-bit address of the register. 1893 * 1894 * Return 0 on success. 1895 */ 1896 static void 1897 atw_si4126_write(struct atw_softc *sc, u_int addr, u_int val) 1898 { 1899 uint32_t bits, mask, reg; 1900 const int nbits = 22; 1901 1902 KASSERT((addr & ~PRESHIFT(SI4126_TWI_ADDR_MASK)) == 0); 1903 KASSERT((val & ~PRESHIFT(SI4126_TWI_DATA_MASK)) == 0); 1904 1905 bits = LSHIFT(val, SI4126_TWI_DATA_MASK) | 1906 LSHIFT(addr, SI4126_TWI_ADDR_MASK); 1907 1908 reg = ATW_SYNRF_SELSYN; 1909 /* reference driver: reset Si4126 serial bus to initial 1910 * conditions? 1911 */ 1912 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_LEIF); 1913 ATW_WRITE(sc, ATW_SYNRF, reg); 1914 1915 for (mask = BIT(nbits - 1); mask != 0; mask >>= 1) { 1916 if ((bits & mask) != 0) 1917 reg |= ATW_SYNRF_SYNDATA; 1918 else 1919 reg &= ~ATW_SYNRF_SYNDATA; 1920 ATW_WRITE(sc, ATW_SYNRF, reg); 1921 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_SYNCLK); 1922 ATW_WRITE(sc, ATW_SYNRF, reg); 1923 } 1924 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_LEIF); 1925 ATW_WRITE(sc, ATW_SYNRF, 0x0); 1926 } 1927 1928 /* Read 18-bit data from the 4-bit address addr in Si4126 1929 * RF synthesizer and write the data to *val. Return 0 on success. 1930 * 1931 * XXX This does not seem to work. The ADM8211 must require more or 1932 * different magic to read the chip than to write it. 1933 */ 1934 #ifdef ATW_SYNDEBUG 1935 static int 1936 atw_si4126_read(struct atw_softc *sc, u_int addr, u_int *val) 1937 { 1938 u_int32_t reg; 1939 int i; 1940 1941 KASSERT((addr & ~PRESHIFT(SI4126_TWI_ADDR_MASK)) == 0); 1942 1943 for (i = 1000; --i >= 0; ) { 1944 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD|ATW_SYNCTL_WR) == 0) 1945 break; 1946 DELAY(100); 1947 } 1948 1949 if (i < 0) { 1950 printf("%s: start atw_si4126_read, SYNCTL busy\n", 1951 sc->sc_dev.dv_xname); 1952 return ETIMEDOUT; 1953 } 1954 1955 reg = sc->sc_synctl_rd | LSHIFT(addr, ATW_SYNCTL_DATA_MASK); 1956 1957 ATW_WRITE(sc, ATW_SYNCTL, reg); 1958 1959 for (i = 1000; --i >= 0; ) { 1960 DELAY(100); 1961 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD) == 0) 1962 break; 1963 } 1964 1965 ATW_CLR(sc, ATW_SYNCTL, ATW_SYNCTL_RD); 1966 1967 if (i < 0) { 1968 printf("%s: atw_si4126_read wrote %#08x, SYNCTL still busy\n", 1969 sc->sc_dev.dv_xname, reg); 1970 return ETIMEDOUT; 1971 } 1972 if (val != NULL) 1973 *val = MASK_AND_RSHIFT(ATW_READ(sc, ATW_SYNCTL), 1974 ATW_SYNCTL_DATA_MASK); 1975 return 0; 1976 } 1977 #endif /* ATW_SYNDEBUG */ 1978 1979 /* XXX is the endianness correct? test. */ 1980 #define atw_calchash(addr) \ 1981 (ether_crc32_le((addr), IEEE80211_ADDR_LEN) & BITS(5, 0)) 1982 1983 /* 1984 * atw_filter_setup: 1985 * 1986 * Set the ADM8211's receive filter. 1987 */ 1988 static void 1989 atw_filter_setup(struct atw_softc *sc) 1990 { 1991 struct ieee80211com *ic = &sc->sc_ic; 1992 struct ethercom *ec = &ic->ic_ec; 1993 struct ifnet *ifp = &sc->sc_ic.ic_if; 1994 int hash; 1995 u_int32_t hashes[2]; 1996 struct ether_multi *enm; 1997 struct ether_multistep step; 1998 1999 /* According to comments in tlp_al981_filter_setup 2000 * (dev/ic/tulip.c) the ADMtek AL981 does not like for its 2001 * multicast filter to be set while it is running. Hopefully 2002 * the ADM8211 is not the same! 2003 */ 2004 if ((ifp->if_flags & IFF_RUNNING) != 0) 2005 atw_idle(sc, ATW_NAR_SR); 2006 2007 sc->sc_opmode &= ~(ATW_NAR_PR|ATW_NAR_MM); 2008 2009 /* XXX in scan mode, do not filter packets. Maybe this is 2010 * unnecessary. 2011 */ 2012 if (ic->ic_state == IEEE80211_S_SCAN || 2013 (ifp->if_flags & IFF_PROMISC) != 0) { 2014 sc->sc_opmode |= ATW_NAR_PR; 2015 goto allmulti; 2016 } 2017 2018 hashes[0] = hashes[1] = 0x0; 2019 2020 /* 2021 * Program the 64-bit multicast hash filter. 2022 */ 2023 ETHER_FIRST_MULTI(step, ec, enm); 2024 while (enm != NULL) { 2025 if (memcmp(enm->enm_addrlo, enm->enm_addrhi, 2026 ETHER_ADDR_LEN) != 0) 2027 goto allmulti; 2028 2029 hash = atw_calchash(enm->enm_addrlo); 2030 hashes[hash >> 5] |= 1 << (hash & 0x1f); 2031 ETHER_NEXT_MULTI(step, enm); 2032 sc->sc_opmode |= ATW_NAR_MM; 2033 } 2034 ifp->if_flags &= ~IFF_ALLMULTI; 2035 goto setit; 2036 2037 allmulti: 2038 sc->sc_opmode |= ATW_NAR_MM; 2039 ifp->if_flags |= IFF_ALLMULTI; 2040 hashes[0] = hashes[1] = 0xffffffff; 2041 2042 setit: 2043 ATW_WRITE(sc, ATW_MAR0, hashes[0]); 2044 ATW_WRITE(sc, ATW_MAR1, hashes[1]); 2045 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2046 DELAY(atw_nar_delay); 2047 2048 DPRINTF(sc, ("%s: ATW_NAR %08x opmode %08x\n", sc->sc_dev.dv_xname, 2049 ATW_READ(sc, ATW_NAR), sc->sc_opmode)); 2050 } 2051 2052 /* Tell the ADM8211 our preferred BSSID. The ADM8211 must match 2053 * a beacon's BSSID and SSID against the preferred BSSID and SSID 2054 * before it will raise ATW_INTR_LINKON. When the ADM8211 receives 2055 * no beacon with the preferred BSSID and SSID in the number of 2056 * beacon intervals given in ATW_BPLI, then it raises ATW_INTR_LINKOFF. 2057 */ 2058 static void 2059 atw_write_bssid(struct atw_softc *sc) 2060 { 2061 struct ieee80211com *ic = &sc->sc_ic; 2062 u_int8_t *bssid; 2063 2064 bssid = ic->ic_bss->ni_bssid; 2065 2066 ATW_WRITE(sc, ATW_BSSID0, 2067 LSHIFT(bssid[0], ATW_BSSID0_BSSIDB0_MASK) | 2068 LSHIFT(bssid[1], ATW_BSSID0_BSSIDB1_MASK) | 2069 LSHIFT(bssid[2], ATW_BSSID0_BSSIDB2_MASK) | 2070 LSHIFT(bssid[3], ATW_BSSID0_BSSIDB3_MASK)); 2071 2072 ATW_WRITE(sc, ATW_ABDA1, 2073 (ATW_READ(sc, ATW_ABDA1) & 2074 ~(ATW_ABDA1_BSSIDB4_MASK|ATW_ABDA1_BSSIDB5_MASK)) | 2075 LSHIFT(bssid[4], ATW_ABDA1_BSSIDB4_MASK) | 2076 LSHIFT(bssid[5], ATW_ABDA1_BSSIDB5_MASK)); 2077 2078 DPRINTF(sc, ("%s: BSSID %s -> ", sc->sc_dev.dv_xname, 2079 ether_sprintf(sc->sc_bssid))); 2080 DPRINTF(sc, ("%s\n", ether_sprintf(bssid))); 2081 2082 memcpy(sc->sc_bssid, bssid, sizeof(sc->sc_bssid)); 2083 } 2084 2085 /* Write buflen bytes from buf to SRAM starting at the SRAM's ofs'th 2086 * 16-bit word. 2087 */ 2088 static void 2089 atw_write_sram(struct atw_softc *sc, u_int ofs, u_int8_t *buf, u_int buflen) 2090 { 2091 u_int i; 2092 u_int8_t *ptr; 2093 2094 memcpy(&sc->sc_sram[ofs], buf, buflen); 2095 2096 KASSERT(ofs % 2 == 0 && buflen % 2 == 0); 2097 2098 KASSERT(buflen + ofs <= sc->sc_sramlen); 2099 2100 ptr = &sc->sc_sram[ofs]; 2101 2102 for (i = 0; i < buflen; i += 2) { 2103 ATW_WRITE(sc, ATW_WEPCTL, ATW_WEPCTL_WR | 2104 LSHIFT((ofs + i) / 2, ATW_WEPCTL_TBLADD_MASK)); 2105 DELAY(atw_writewep_delay); 2106 2107 ATW_WRITE(sc, ATW_WESK, 2108 LSHIFT((ptr[i + 1] << 8) | ptr[i], ATW_WESK_DATA_MASK)); 2109 DELAY(atw_writewep_delay); 2110 } 2111 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); /* restore WEP condition */ 2112 2113 if (sc->sc_if.if_flags & IFF_DEBUG) { 2114 int n_octets = 0; 2115 printf("%s: wrote %d bytes at 0x%x wepctl 0x%08x\n", 2116 sc->sc_dev.dv_xname, buflen, ofs, sc->sc_wepctl); 2117 for (i = 0; i < buflen; i++) { 2118 printf(" %02x", ptr[i]); 2119 if (++n_octets % 24 == 0) 2120 printf("\n"); 2121 } 2122 if (n_octets % 24 != 0) 2123 printf("\n"); 2124 } 2125 } 2126 2127 /* Write WEP keys from the ieee80211com to the ADM8211's SRAM. */ 2128 static void 2129 atw_write_wep(struct atw_softc *sc) 2130 { 2131 struct ieee80211com *ic = &sc->sc_ic; 2132 /* SRAM shared-key record format: key0 flags key1 ... key12 */ 2133 u_int8_t buf[IEEE80211_WEP_NKID] 2134 [1 /* key[0] */ + 1 /* flags */ + 12 /* key[1 .. 12] */]; 2135 u_int32_t reg; 2136 int i; 2137 2138 sc->sc_wepctl = 0; 2139 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); 2140 2141 if ((ic->ic_flags & IEEE80211_F_PRIVACY) == 0) 2142 return; 2143 2144 memset(&buf[0][0], 0, sizeof(buf)); 2145 2146 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2147 if (ic->ic_nw_keys[i].wk_len > 5) { 2148 buf[i][1] = ATW_WEP_ENABLED | ATW_WEP_104BIT; 2149 } else if (ic->ic_nw_keys[i].wk_len != 0) { 2150 buf[i][1] = ATW_WEP_ENABLED; 2151 } else { 2152 buf[i][1] = 0; 2153 continue; 2154 } 2155 buf[i][0] = ic->ic_nw_keys[i].wk_key[0]; 2156 memcpy(&buf[i][2], &ic->ic_nw_keys[i].wk_key[1], 2157 ic->ic_nw_keys[i].wk_len - 1); 2158 } 2159 2160 reg = ATW_READ(sc, ATW_MACTEST); 2161 reg |= ATW_MACTEST_MMI_USETXCLK | ATW_MACTEST_FORCE_KEYID; 2162 reg &= ~ATW_MACTEST_KEYID_MASK; 2163 reg |= LSHIFT(ic->ic_wep_txkey, ATW_MACTEST_KEYID_MASK); 2164 ATW_WRITE(sc, ATW_MACTEST, reg); 2165 2166 sc->sc_wepctl = ATW_WEPCTL_WEPENABLE; 2167 2168 switch (sc->sc_rev) { 2169 case ATW_REVISION_AB: 2170 case ATW_REVISION_AF: 2171 /* Bypass WEP on Rx. */ 2172 sc->sc_wepctl |= ATW_WEPCTL_WEPRXBYP; 2173 break; 2174 default: 2175 break; 2176 } 2177 2178 atw_write_sram(sc, ATW_SRAM_ADDR_SHARED_KEY, (u_int8_t*)&buf[0][0], 2179 sizeof(buf)); 2180 } 2181 2182 static void 2183 atw_change_ibss(struct atw_softc *sc) 2184 { 2185 atw_predict_beacon(sc); 2186 atw_write_bssid(sc); 2187 atw_start_beacon(sc, 1); 2188 } 2189 2190 static void 2191 atw_recv_mgmt(struct ieee80211com *ic, struct mbuf *m, 2192 struct ieee80211_node *ni, int subtype, int rssi, u_int32_t rstamp) 2193 { 2194 struct atw_softc *sc = (struct atw_softc*)ic->ic_softc; 2195 2196 /* The ADM8211A answers probe requests. TBD ADM8211B/C. */ 2197 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_REQ) 2198 return; 2199 2200 (*sc->sc_recv_mgmt)(ic, m, ni, subtype, rssi, rstamp); 2201 2202 switch (subtype) { 2203 case IEEE80211_FC0_SUBTYPE_PROBE_RESP: 2204 case IEEE80211_FC0_SUBTYPE_BEACON: 2205 if (ic->ic_opmode != IEEE80211_M_IBSS || 2206 ic->ic_state != IEEE80211_S_RUN) 2207 break; 2208 if (le64toh(ni->ni_tsf) >= atw_get_tsft(sc) && 2209 ieee80211_ibss_merge(ic, ni) == ENETRESET) 2210 atw_change_ibss(sc); 2211 break; 2212 default: 2213 break; 2214 } 2215 return; 2216 } 2217 2218 /* Write the SSID in the ieee80211com to the SRAM on the ADM8211. 2219 * In ad hoc mode, the SSID is written to the beacons sent by the 2220 * ADM8211. In both ad hoc and infrastructure mode, beacons received 2221 * with matching SSID affect ATW_INTR_LINKON/ATW_INTR_LINKOFF 2222 * indications. 2223 */ 2224 static void 2225 atw_write_ssid(struct atw_softc *sc) 2226 { 2227 struct ieee80211com *ic = &sc->sc_ic; 2228 /* 34 bytes are reserved in ADM8211 SRAM for the SSID, but 2229 * it only expects the element length, not its ID. 2230 */ 2231 u_int8_t buf[roundup(1 /* length */ + IEEE80211_NWID_LEN, 2)]; 2232 2233 memset(buf, 0, sizeof(buf)); 2234 buf[0] = ic->ic_bss->ni_esslen; 2235 memcpy(&buf[1], ic->ic_bss->ni_essid, ic->ic_bss->ni_esslen); 2236 2237 atw_write_sram(sc, ATW_SRAM_ADDR_SSID, buf, 2238 roundup(1 + ic->ic_bss->ni_esslen, 2)); 2239 } 2240 2241 /* Write the supported rates in the ieee80211com to the SRAM of the ADM8211. 2242 * In ad hoc mode, the supported rates are written to beacons sent by the 2243 * ADM8211. 2244 */ 2245 static void 2246 atw_write_sup_rates(struct atw_softc *sc) 2247 { 2248 struct ieee80211com *ic = &sc->sc_ic; 2249 /* 14 bytes are probably (XXX) reserved in the ADM8211 SRAM for 2250 * supported rates 2251 */ 2252 u_int8_t buf[roundup(1 /* length */ + IEEE80211_RATE_SIZE, 2)]; 2253 2254 memset(buf, 0, sizeof(buf)); 2255 2256 buf[0] = ic->ic_bss->ni_rates.rs_nrates; 2257 2258 memcpy(&buf[1], ic->ic_bss->ni_rates.rs_rates, 2259 ic->ic_bss->ni_rates.rs_nrates); 2260 2261 atw_write_sram(sc, ATW_SRAM_ADDR_SUPRATES, buf, sizeof(buf)); 2262 } 2263 2264 /* Start/stop sending beacons. */ 2265 void 2266 atw_start_beacon(struct atw_softc *sc, int start) 2267 { 2268 struct ieee80211com *ic = &sc->sc_ic; 2269 uint16_t chan; 2270 uint32_t bcnt, bpli, cap0, cap1, capinfo; 2271 size_t len; 2272 2273 if (ATW_IS_ENABLED(sc) == 0) 2274 return; 2275 2276 /* start beacons */ 2277 len = sizeof(struct ieee80211_frame) + 2278 8 /* timestamp */ + 2 /* beacon interval */ + 2279 2 /* capability info */ + 2280 2 + ic->ic_bss->ni_esslen /* SSID element */ + 2281 2 + ic->ic_bss->ni_rates.rs_nrates /* rates element */ + 2282 3 /* DS parameters */ + 2283 IEEE80211_CRC_LEN; 2284 2285 bcnt = ATW_READ(sc, ATW_BCNT) & ~ATW_BCNT_BCNT_MASK; 2286 cap0 = ATW_READ(sc, ATW_CAP0) & ~ATW_CAP0_CHN_MASK; 2287 cap1 = ATW_READ(sc, ATW_CAP1) & ~ATW_CAP1_CAPI_MASK; 2288 2289 ATW_WRITE(sc, ATW_BCNT, bcnt); 2290 ATW_WRITE(sc, ATW_CAP1, cap1); 2291 2292 if (!start) 2293 return; 2294 2295 /* TBD use ni_capinfo */ 2296 2297 capinfo = 0; 2298 if (sc->sc_flags & ATWF_SHORT_PREAMBLE) 2299 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2300 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2301 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2302 2303 switch (ic->ic_opmode) { 2304 case IEEE80211_M_IBSS: 2305 len += 4; /* IBSS parameters */ 2306 capinfo |= IEEE80211_CAPINFO_IBSS; 2307 break; 2308 case IEEE80211_M_HOSTAP: 2309 /* XXX 6-byte minimum TIM */ 2310 len += atw_beacon_len_adjust; 2311 capinfo |= IEEE80211_CAPINFO_ESS; 2312 break; 2313 default: 2314 return; 2315 } 2316 2317 /* set listen interval 2318 * XXX do software units agree w/ hardware? 2319 */ 2320 bpli = LSHIFT(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2321 LSHIFT(ic->ic_lintval / ic->ic_bss->ni_intval, ATW_BPLI_LI_MASK); 2322 2323 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 2324 2325 bcnt |= LSHIFT(len, ATW_BCNT_BCNT_MASK); 2326 cap0 |= LSHIFT(chan, ATW_CAP0_CHN_MASK); 2327 cap1 |= LSHIFT(capinfo, ATW_CAP1_CAPI_MASK); 2328 2329 ATW_WRITE(sc, ATW_BCNT, bcnt); 2330 ATW_WRITE(sc, ATW_BPLI, bpli); 2331 ATW_WRITE(sc, ATW_CAP0, cap0); 2332 ATW_WRITE(sc, ATW_CAP1, cap1); 2333 2334 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_BCNT] = %08x\n", 2335 sc->sc_dev.dv_xname, bcnt)); 2336 2337 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_CAP1] = %08x\n", 2338 sc->sc_dev.dv_xname, cap1)); 2339 } 2340 2341 /* Return the 32 lsb of the last TSFT divisible by ival. */ 2342 static __inline uint32_t 2343 atw_last_even_tsft(uint32_t tsfth, uint32_t tsftl, uint32_t ival) 2344 { 2345 /* Following the reference driver's lead, I compute 2346 * 2347 * (uint32_t)((((uint64_t)tsfth << 32) | tsftl) % ival) 2348 * 2349 * without using 64-bit arithmetic, using the following 2350 * relationship: 2351 * 2352 * (0x100000000 * H + L) % m 2353 * = ((0x100000000 % m) * H + L) % m 2354 * = (((0xffffffff + 1) % m) * H + L) % m 2355 * = ((0xffffffff % m + 1 % m) * H + L) % m 2356 * = ((0xffffffff % m + 1) * H + L) % m 2357 */ 2358 return ((0xFFFFFFFF % ival + 1) * tsfth + tsftl) % ival; 2359 } 2360 2361 static uint64_t 2362 atw_get_tsft(struct atw_softc *sc) 2363 { 2364 int i; 2365 uint32_t tsfth, tsftl; 2366 for (i = 0; i < 2; i++) { 2367 tsfth = ATW_READ(sc, ATW_TSFTH); 2368 tsftl = ATW_READ(sc, ATW_TSFTL); 2369 if (ATW_READ(sc, ATW_TSFTH) == tsfth) 2370 break; 2371 } 2372 return ((uint64_t)tsfth << 32) | tsftl; 2373 } 2374 2375 /* If we've created an IBSS, write the TSF time in the ADM8211 to 2376 * the ieee80211com. 2377 * 2378 * Predict the next target beacon transmission time (TBTT) and 2379 * write it to the ADM8211. 2380 */ 2381 static void 2382 atw_predict_beacon(struct atw_softc *sc) 2383 { 2384 #define TBTTOFS 20 /* TU */ 2385 2386 struct ieee80211com *ic = &sc->sc_ic; 2387 uint64_t tsft; 2388 uint32_t ival, past_even, tbtt, tsfth, tsftl; 2389 union { 2390 uint64_t word; 2391 uint8_t tstamp[8]; 2392 } u; 2393 2394 if ((ic->ic_opmode == IEEE80211_M_HOSTAP) || 2395 ((ic->ic_opmode == IEEE80211_M_IBSS) && 2396 (ic->ic_flags & IEEE80211_F_SIBSS))) { 2397 tsft = atw_get_tsft(sc); 2398 u.word = htole64(tsft); 2399 (void)memcpy(&ic->ic_bss->ni_tstamp[0], &u.tstamp[0], 2400 sizeof(ic->ic_bss->ni_tstamp)); 2401 } else { 2402 (void)memcpy(&u, &ic->ic_bss->ni_tstamp[0], sizeof(u)); 2403 tsft = le64toh(u.word); 2404 } 2405 2406 ival = ic->ic_bss->ni_intval * IEEE80211_DUR_TU; 2407 2408 tsftl = tsft & 0xFFFFFFFF; 2409 tsfth = tsft >> 32; 2410 2411 /* We sent/received the last beacon `past' microseconds 2412 * after the interval divided the TSF timer. 2413 */ 2414 past_even = tsftl - atw_last_even_tsft(tsfth, tsftl, ival); 2415 2416 /* Skip ten beacons so that the TBTT cannot pass before 2417 * we've programmed it. Ten is an arbitrary number. 2418 */ 2419 tbtt = past_even + ival * 10; 2420 2421 ATW_WRITE(sc, ATW_TOFS1, 2422 LSHIFT(1, ATW_TOFS1_TSFTOFSR_MASK) | 2423 LSHIFT(TBTTOFS, ATW_TOFS1_TBTTOFS_MASK) | 2424 LSHIFT(MASK_AND_RSHIFT(tbtt - TBTTOFS * IEEE80211_DUR_TU, 2425 ATW_TBTTPRE_MASK), ATW_TOFS1_TBTTPRE_MASK)); 2426 #undef TBTTOFS 2427 } 2428 2429 static void 2430 atw_next_scan(void *arg) 2431 { 2432 struct atw_softc *sc = arg; 2433 struct ieee80211com *ic = &sc->sc_ic; 2434 int s; 2435 2436 /* don't call atw_start w/o network interrupts blocked */ 2437 s = splnet(); 2438 if (ic->ic_state == IEEE80211_S_SCAN) 2439 ieee80211_next_scan(ic); 2440 splx(s); 2441 } 2442 2443 /* Synchronize the hardware state with the software state. */ 2444 static int 2445 atw_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 2446 { 2447 struct ifnet *ifp = &ic->ic_if; 2448 struct atw_softc *sc = ifp->if_softc; 2449 enum ieee80211_state ostate; 2450 int error; 2451 2452 ostate = ic->ic_state; 2453 2454 if (nstate == IEEE80211_S_INIT) { 2455 callout_stop(&sc->sc_scan_ch); 2456 sc->sc_cur_chan = IEEE80211_CHAN_ANY; 2457 atw_start_beacon(sc, 0); 2458 return (*sc->sc_newstate)(ic, nstate, arg); 2459 } 2460 2461 if ((error = atw_tune(sc)) != 0) 2462 return error; 2463 2464 switch (nstate) { 2465 case IEEE80211_S_ASSOC: 2466 break; 2467 case IEEE80211_S_INIT: 2468 panic("%s: unexpected state IEEE80211_S_INIT\n", __func__); 2469 break; 2470 case IEEE80211_S_SCAN: 2471 callout_reset(&sc->sc_scan_ch, atw_dwelltime * hz / 1000, 2472 atw_next_scan, sc); 2473 2474 break; 2475 case IEEE80211_S_RUN: 2476 if (ic->ic_opmode == IEEE80211_M_STA) 2477 break; 2478 /*FALLTHROUGH*/ 2479 case IEEE80211_S_AUTH: 2480 atw_write_bssid(sc); 2481 atw_write_ssid(sc); 2482 atw_write_sup_rates(sc); 2483 2484 if (ic->ic_opmode == IEEE80211_M_AHDEMO || 2485 ic->ic_opmode == IEEE80211_M_MONITOR) 2486 break; 2487 2488 /* set listen interval 2489 * XXX do software units agree w/ hardware? 2490 */ 2491 ATW_WRITE(sc, ATW_BPLI, 2492 LSHIFT(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2493 LSHIFT(ic->ic_lintval / ic->ic_bss->ni_intval, 2494 ATW_BPLI_LI_MASK)); 2495 2496 DPRINTF(sc, ("%s: reg[ATW_BPLI] = %08x\n", 2497 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_BPLI))); 2498 2499 atw_predict_beacon(sc); 2500 break; 2501 } 2502 2503 if (nstate != IEEE80211_S_SCAN) 2504 callout_stop(&sc->sc_scan_ch); 2505 2506 if (nstate == IEEE80211_S_RUN && 2507 (ic->ic_opmode == IEEE80211_M_HOSTAP || 2508 ic->ic_opmode == IEEE80211_M_IBSS)) 2509 atw_start_beacon(sc, 1); 2510 else 2511 atw_start_beacon(sc, 0); 2512 2513 error = (*sc->sc_newstate)(ic, nstate, arg); 2514 2515 if (ostate == IEEE80211_S_INIT && nstate == IEEE80211_S_SCAN) 2516 atw_write_bssid(sc); 2517 2518 return error; 2519 } 2520 2521 /* 2522 * atw_add_rxbuf: 2523 * 2524 * Add a receive buffer to the indicated descriptor. 2525 */ 2526 int 2527 atw_add_rxbuf(struct atw_softc *sc, int idx) 2528 { 2529 struct atw_rxsoft *rxs = &sc->sc_rxsoft[idx]; 2530 struct mbuf *m; 2531 int error; 2532 2533 MGETHDR(m, M_DONTWAIT, MT_DATA); 2534 if (m == NULL) 2535 return (ENOBUFS); 2536 2537 MCLGET(m, M_DONTWAIT); 2538 if ((m->m_flags & M_EXT) == 0) { 2539 m_freem(m); 2540 return (ENOBUFS); 2541 } 2542 2543 if (rxs->rxs_mbuf != NULL) 2544 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2545 2546 rxs->rxs_mbuf = m; 2547 2548 error = bus_dmamap_load(sc->sc_dmat, rxs->rxs_dmamap, 2549 m->m_ext.ext_buf, m->m_ext.ext_size, NULL, 2550 BUS_DMA_READ|BUS_DMA_NOWAIT); 2551 if (error) { 2552 printf("%s: can't load rx DMA map %d, error = %d\n", 2553 sc->sc_dev.dv_xname, idx, error); 2554 panic("atw_add_rxbuf"); /* XXX */ 2555 } 2556 2557 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 2558 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 2559 2560 ATW_INIT_RXDESC(sc, idx); 2561 2562 return (0); 2563 } 2564 2565 /* 2566 * Release any queued transmit buffers. 2567 */ 2568 void 2569 atw_txdrain(struct atw_softc *sc) 2570 { 2571 struct atw_txsoft *txs; 2572 2573 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 2574 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 2575 if (txs->txs_mbuf != NULL) { 2576 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2577 m_freem(txs->txs_mbuf); 2578 txs->txs_mbuf = NULL; 2579 } 2580 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 2581 } 2582 sc->sc_tx_timer = 0; 2583 } 2584 2585 /* 2586 * atw_stop: [ ifnet interface function ] 2587 * 2588 * Stop transmission on the interface. 2589 */ 2590 void 2591 atw_stop(struct ifnet *ifp, int disable) 2592 { 2593 struct atw_softc *sc = ifp->if_softc; 2594 struct ieee80211com *ic = &sc->sc_ic; 2595 2596 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2597 2598 /* Disable interrupts. */ 2599 ATW_WRITE(sc, ATW_IER, 0); 2600 2601 /* Stop the transmit and receive processes. */ 2602 sc->sc_opmode = 0; 2603 ATW_WRITE(sc, ATW_NAR, 0); 2604 DELAY(atw_nar_delay); 2605 ATW_WRITE(sc, ATW_TDBD, 0); 2606 ATW_WRITE(sc, ATW_TDBP, 0); 2607 ATW_WRITE(sc, ATW_RDB, 0); 2608 2609 atw_txdrain(sc); 2610 2611 if (disable) { 2612 atw_rxdrain(sc); 2613 atw_disable(sc); 2614 } 2615 2616 /* 2617 * Mark the interface down and cancel the watchdog timer. 2618 */ 2619 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2620 ifp->if_timer = 0; 2621 2622 if (!disable) 2623 atw_reset(sc); 2624 } 2625 2626 /* 2627 * atw_rxdrain: 2628 * 2629 * Drain the receive queue. 2630 */ 2631 void 2632 atw_rxdrain(struct atw_softc *sc) 2633 { 2634 struct atw_rxsoft *rxs; 2635 int i; 2636 2637 for (i = 0; i < ATW_NRXDESC; i++) { 2638 rxs = &sc->sc_rxsoft[i]; 2639 if (rxs->rxs_mbuf == NULL) 2640 continue; 2641 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2642 m_freem(rxs->rxs_mbuf); 2643 rxs->rxs_mbuf = NULL; 2644 } 2645 } 2646 2647 /* 2648 * atw_detach: 2649 * 2650 * Detach an ADM8211 interface. 2651 */ 2652 int 2653 atw_detach(struct atw_softc *sc) 2654 { 2655 struct ifnet *ifp = &sc->sc_ic.ic_if; 2656 struct atw_rxsoft *rxs; 2657 struct atw_txsoft *txs; 2658 int i; 2659 2660 /* 2661 * Succeed now if there isn't any work to do. 2662 */ 2663 if ((sc->sc_flags & ATWF_ATTACHED) == 0) 2664 return (0); 2665 2666 callout_stop(&sc->sc_scan_ch); 2667 2668 ieee80211_ifdetach(ifp); 2669 if_detach(ifp); 2670 2671 for (i = 0; i < ATW_NRXDESC; i++) { 2672 rxs = &sc->sc_rxsoft[i]; 2673 if (rxs->rxs_mbuf != NULL) { 2674 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2675 m_freem(rxs->rxs_mbuf); 2676 rxs->rxs_mbuf = NULL; 2677 } 2678 bus_dmamap_destroy(sc->sc_dmat, rxs->rxs_dmamap); 2679 } 2680 for (i = 0; i < ATW_TXQUEUELEN; i++) { 2681 txs = &sc->sc_txsoft[i]; 2682 if (txs->txs_mbuf != NULL) { 2683 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2684 m_freem(txs->txs_mbuf); 2685 txs->txs_mbuf = NULL; 2686 } 2687 bus_dmamap_destroy(sc->sc_dmat, txs->txs_dmamap); 2688 } 2689 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 2690 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 2691 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->sc_control_data, 2692 sizeof(struct atw_control_data)); 2693 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 2694 2695 shutdownhook_disestablish(sc->sc_sdhook); 2696 powerhook_disestablish(sc->sc_powerhook); 2697 2698 if (sc->sc_srom) 2699 free(sc->sc_srom, M_DEVBUF); 2700 2701 return (0); 2702 } 2703 2704 /* atw_shutdown: make sure the interface is stopped at reboot time. */ 2705 void 2706 atw_shutdown(void *arg) 2707 { 2708 struct atw_softc *sc = arg; 2709 2710 atw_stop(&sc->sc_ic.ic_if, 1); 2711 } 2712 2713 int 2714 atw_intr(void *arg) 2715 { 2716 struct atw_softc *sc = arg; 2717 struct ifnet *ifp = &sc->sc_ic.ic_if; 2718 u_int32_t status, rxstatus, txstatus, linkstatus; 2719 int handled = 0, txthresh; 2720 2721 #ifdef DEBUG 2722 if (ATW_IS_ENABLED(sc) == 0) 2723 panic("%s: atw_intr: not enabled", sc->sc_dev.dv_xname); 2724 #endif 2725 2726 /* 2727 * If the interface isn't running, the interrupt couldn't 2728 * possibly have come from us. 2729 */ 2730 if ((ifp->if_flags & IFF_RUNNING) == 0 || 2731 (sc->sc_dev.dv_flags & DVF_ACTIVE) == 0) 2732 return (0); 2733 2734 for (;;) { 2735 status = ATW_READ(sc, ATW_STSR); 2736 2737 if (status) 2738 ATW_WRITE(sc, ATW_STSR, status); 2739 2740 #ifdef ATW_DEBUG 2741 #define PRINTINTR(flag) do { \ 2742 if ((status & flag) != 0) { \ 2743 printf("%s" #flag, delim); \ 2744 delim = ","; \ 2745 } \ 2746 } while (0) 2747 2748 if (atw_debug > 1 && status) { 2749 const char *delim = "<"; 2750 2751 printf("%s: reg[STSR] = %x", 2752 sc->sc_dev.dv_xname, status); 2753 2754 PRINTINTR(ATW_INTR_FBE); 2755 PRINTINTR(ATW_INTR_LINKOFF); 2756 PRINTINTR(ATW_INTR_LINKON); 2757 PRINTINTR(ATW_INTR_RCI); 2758 PRINTINTR(ATW_INTR_RDU); 2759 PRINTINTR(ATW_INTR_REIS); 2760 PRINTINTR(ATW_INTR_RPS); 2761 PRINTINTR(ATW_INTR_TCI); 2762 PRINTINTR(ATW_INTR_TDU); 2763 PRINTINTR(ATW_INTR_TLT); 2764 PRINTINTR(ATW_INTR_TPS); 2765 PRINTINTR(ATW_INTR_TRT); 2766 PRINTINTR(ATW_INTR_TUF); 2767 PRINTINTR(ATW_INTR_BCNTC); 2768 PRINTINTR(ATW_INTR_ATIME); 2769 PRINTINTR(ATW_INTR_TBTT); 2770 PRINTINTR(ATW_INTR_TSCZ); 2771 PRINTINTR(ATW_INTR_TSFTF); 2772 printf(">\n"); 2773 } 2774 #undef PRINTINTR 2775 #endif /* ATW_DEBUG */ 2776 2777 if ((status & sc->sc_inten) == 0) 2778 break; 2779 2780 handled = 1; 2781 2782 rxstatus = status & sc->sc_rxint_mask; 2783 txstatus = status & sc->sc_txint_mask; 2784 linkstatus = status & sc->sc_linkint_mask; 2785 2786 if (linkstatus) { 2787 atw_linkintr(sc, linkstatus); 2788 } 2789 2790 if (rxstatus) { 2791 /* Grab any new packets. */ 2792 atw_rxintr(sc); 2793 2794 if (rxstatus & ATW_INTR_RDU) { 2795 printf("%s: receive ring overrun\n", 2796 sc->sc_dev.dv_xname); 2797 /* Get the receive process going again. */ 2798 ATW_WRITE(sc, ATW_RDR, 0x1); 2799 break; 2800 } 2801 } 2802 2803 if (txstatus) { 2804 /* Sweep up transmit descriptors. */ 2805 atw_txintr(sc); 2806 2807 if (txstatus & ATW_INTR_TLT) 2808 DPRINTF(sc, ("%s: tx lifetime exceeded\n", 2809 sc->sc_dev.dv_xname)); 2810 2811 if (txstatus & ATW_INTR_TRT) 2812 DPRINTF(sc, ("%s: tx retry limit exceeded\n", 2813 sc->sc_dev.dv_xname)); 2814 2815 /* If Tx under-run, increase our transmit threshold 2816 * if another is available. 2817 */ 2818 txthresh = sc->sc_txthresh + 1; 2819 if ((txstatus & ATW_INTR_TUF) && 2820 sc->sc_txth[txthresh].txth_name != NULL) { 2821 /* Idle the transmit process. */ 2822 atw_idle(sc, ATW_NAR_ST); 2823 2824 sc->sc_txthresh = txthresh; 2825 sc->sc_opmode &= ~(ATW_NAR_TR_MASK|ATW_NAR_SF); 2826 sc->sc_opmode |= 2827 sc->sc_txth[txthresh].txth_opmode; 2828 printf("%s: transmit underrun; new " 2829 "threshold: %s\n", sc->sc_dev.dv_xname, 2830 sc->sc_txth[txthresh].txth_name); 2831 2832 /* Set the new threshold and restart 2833 * the transmit process. 2834 */ 2835 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2836 DELAY(atw_nar_delay); 2837 ATW_WRITE(sc, ATW_RDR, 0x1); 2838 /* XXX Log every Nth underrun from 2839 * XXX now on? 2840 */ 2841 } 2842 } 2843 2844 if (status & (ATW_INTR_TPS|ATW_INTR_RPS)) { 2845 if (status & ATW_INTR_TPS) 2846 printf("%s: transmit process stopped\n", 2847 sc->sc_dev.dv_xname); 2848 if (status & ATW_INTR_RPS) 2849 printf("%s: receive process stopped\n", 2850 sc->sc_dev.dv_xname); 2851 (void)atw_init(ifp); 2852 break; 2853 } 2854 2855 if (status & ATW_INTR_FBE) { 2856 printf("%s: fatal bus error\n", sc->sc_dev.dv_xname); 2857 (void)atw_init(ifp); 2858 break; 2859 } 2860 2861 /* 2862 * Not handled: 2863 * 2864 * Transmit buffer unavailable -- normal 2865 * condition, nothing to do, really. 2866 * 2867 * Early receive interrupt -- not available on 2868 * all chips, we just use RI. We also only 2869 * use single-segment receive DMA, so this 2870 * is mostly useless. 2871 * 2872 * TBD others 2873 */ 2874 } 2875 2876 /* Try to get more packets going. */ 2877 atw_start(ifp); 2878 2879 return (handled); 2880 } 2881 2882 /* 2883 * atw_idle: 2884 * 2885 * Cause the transmit and/or receive processes to go idle. 2886 * 2887 * XXX It seems that the ADM8211 will not signal the end of the Rx/Tx 2888 * process in STSR if I clear SR or ST after the process has already 2889 * ceased. Fair enough. But the Rx process status bits in ATW_TEST0 2890 * do not seem to be too reliable. Perhaps I have the sense of the 2891 * Rx bits switched with the Tx bits? 2892 */ 2893 void 2894 atw_idle(struct atw_softc *sc, u_int32_t bits) 2895 { 2896 u_int32_t ackmask = 0, opmode, stsr, test0; 2897 int i, s; 2898 2899 s = splnet(); 2900 2901 opmode = sc->sc_opmode & ~bits; 2902 2903 if (bits & ATW_NAR_SR) 2904 ackmask |= ATW_INTR_RPS; 2905 2906 if (bits & ATW_NAR_ST) { 2907 ackmask |= ATW_INTR_TPS; 2908 /* set ATW_NAR_HF to flush TX FIFO. */ 2909 opmode |= ATW_NAR_HF; 2910 } 2911 2912 ATW_WRITE(sc, ATW_NAR, opmode); 2913 DELAY(atw_nar_delay); 2914 2915 for (i = 0; i < 1000; i++) { 2916 stsr = ATW_READ(sc, ATW_STSR); 2917 if ((stsr & ackmask) == ackmask) 2918 break; 2919 DELAY(10); 2920 } 2921 2922 ATW_WRITE(sc, ATW_STSR, stsr & ackmask); 2923 2924 if ((stsr & ackmask) == ackmask) 2925 goto out; 2926 2927 test0 = ATW_READ(sc, ATW_TEST0); 2928 2929 if ((bits & ATW_NAR_ST) != 0 && (stsr & ATW_INTR_TPS) == 0 && 2930 (test0 & ATW_TEST0_TS_MASK) != ATW_TEST0_TS_STOPPED) { 2931 printf("%s: transmit process not idle [%s]\n", 2932 sc->sc_dev.dv_xname, 2933 atw_tx_state[MASK_AND_RSHIFT(test0, ATW_TEST0_TS_MASK)]); 2934 printf("%s: bits %08x test0 %08x stsr %08x\n", 2935 sc->sc_dev.dv_xname, bits, test0, stsr); 2936 } 2937 2938 if ((bits & ATW_NAR_SR) != 0 && (stsr & ATW_INTR_RPS) == 0 && 2939 (test0 & ATW_TEST0_RS_MASK) != ATW_TEST0_RS_STOPPED) { 2940 DPRINTF2(sc, ("%s: receive process not idle [%s]\n", 2941 sc->sc_dev.dv_xname, 2942 atw_rx_state[MASK_AND_RSHIFT(test0, ATW_TEST0_RS_MASK)])); 2943 DPRINTF2(sc, ("%s: bits %08x test0 %08x stsr %08x\n", 2944 sc->sc_dev.dv_xname, bits, test0, stsr)); 2945 } 2946 out: 2947 if ((bits & ATW_NAR_ST) != 0) 2948 atw_txdrain(sc); 2949 splx(s); 2950 return; 2951 } 2952 2953 /* 2954 * atw_linkintr: 2955 * 2956 * Helper; handle link-status interrupts. 2957 */ 2958 void 2959 atw_linkintr(struct atw_softc *sc, u_int32_t linkstatus) 2960 { 2961 struct ieee80211com *ic = &sc->sc_ic; 2962 2963 if (ic->ic_state != IEEE80211_S_RUN) 2964 return; 2965 2966 if (linkstatus & ATW_INTR_LINKON) { 2967 DPRINTF(sc, ("%s: link on\n", sc->sc_dev.dv_xname)); 2968 sc->sc_rescan_timer = 0; 2969 } else if (linkstatus & ATW_INTR_LINKOFF) { 2970 DPRINTF(sc, ("%s: link off\n", sc->sc_dev.dv_xname)); 2971 if (ic->ic_opmode != IEEE80211_M_STA) 2972 return; 2973 sc->sc_rescan_timer = 3; 2974 ic->ic_if.if_timer = 1; 2975 } 2976 } 2977 2978 static __inline int 2979 atw_hw_decrypted(struct atw_softc *sc, struct ieee80211_frame *wh) 2980 { 2981 if ((sc->sc_ic.ic_flags & IEEE80211_F_PRIVACY) == 0) 2982 return 0; 2983 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) == 0) 2984 return 0; 2985 return (sc->sc_wepctl & ATW_WEPCTL_WEPRXBYP) == 0; 2986 } 2987 2988 /* 2989 * atw_rxintr: 2990 * 2991 * Helper; handle receive interrupts. 2992 */ 2993 void 2994 atw_rxintr(struct atw_softc *sc) 2995 { 2996 static int rate_tbl[] = {2, 4, 11, 22, 44}; 2997 struct ieee80211com *ic = &sc->sc_ic; 2998 struct ieee80211_node *ni; 2999 struct ieee80211_frame *wh; 3000 struct ifnet *ifp = &ic->ic_if; 3001 struct atw_rxsoft *rxs; 3002 struct mbuf *m; 3003 u_int32_t rxstat; 3004 int i, len, rate, rate0; 3005 u_int32_t rssi, rssi0; 3006 3007 for (i = sc->sc_rxptr;; i = ATW_NEXTRX(i)) { 3008 rxs = &sc->sc_rxsoft[i]; 3009 3010 ATW_CDRXSYNC(sc, i, BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3011 3012 rxstat = le32toh(sc->sc_rxdescs[i].ar_stat); 3013 rssi0 = le32toh(sc->sc_rxdescs[i].ar_rssi); 3014 rate0 = MASK_AND_RSHIFT(rxstat, ATW_RXSTAT_RXDR_MASK); 3015 3016 if (rxstat & ATW_RXSTAT_OWN) 3017 break; /* We have processed all receive buffers. */ 3018 3019 DPRINTF3(sc, 3020 ("%s: rx stat %08x rssi0 %08x buf1 %08x buf2 %08x\n", 3021 sc->sc_dev.dv_xname, 3022 rxstat, rssi0, 3023 le32toh(sc->sc_rxdescs[i].ar_buf1), 3024 le32toh(sc->sc_rxdescs[i].ar_buf2))); 3025 3026 /* 3027 * Make sure the packet fits in one buffer. This should 3028 * always be the case. 3029 */ 3030 if ((rxstat & (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) != 3031 (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) { 3032 printf("%s: incoming packet spilled, resetting\n", 3033 sc->sc_dev.dv_xname); 3034 (void)atw_init(ifp); 3035 return; 3036 } 3037 3038 /* 3039 * If an error occurred, update stats, clear the status 3040 * word, and leave the packet buffer in place. It will 3041 * simply be reused the next time the ring comes around. 3042 * If 802.1Q VLAN MTU is enabled, ignore the Frame Too Long 3043 * error. 3044 */ 3045 3046 if ((rxstat & ATW_RXSTAT_ES) != 0 && 3047 ((sc->sc_ic.ic_ec.ec_capenable & ETHERCAP_VLAN_MTU) == 0 || 3048 (rxstat & (ATW_RXSTAT_DE | ATW_RXSTAT_SFDE | 3049 ATW_RXSTAT_SIGE | ATW_RXSTAT_CRC16E | 3050 ATW_RXSTAT_RXTOE | ATW_RXSTAT_CRC32E | 3051 ATW_RXSTAT_ICVE)) != 0)) { 3052 #define PRINTERR(bit, str) \ 3053 if (rxstat & (bit)) \ 3054 printf("%s: receive error: %s\n", \ 3055 sc->sc_dev.dv_xname, str) 3056 ifp->if_ierrors++; 3057 PRINTERR(ATW_RXSTAT_DE, "descriptor error"); 3058 PRINTERR(ATW_RXSTAT_SFDE, "PLCP SFD error"); 3059 PRINTERR(ATW_RXSTAT_SIGE, "PLCP signal error"); 3060 PRINTERR(ATW_RXSTAT_CRC16E, "PLCP CRC16 error"); 3061 PRINTERR(ATW_RXSTAT_RXTOE, "time-out"); 3062 PRINTERR(ATW_RXSTAT_CRC32E, "FCS error"); 3063 PRINTERR(ATW_RXSTAT_ICVE, "WEP ICV error"); 3064 #undef PRINTERR 3065 ATW_INIT_RXDESC(sc, i); 3066 continue; 3067 } 3068 3069 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3070 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 3071 3072 /* 3073 * No errors; receive the packet. Note the ADM8211 3074 * includes the CRC in promiscuous mode. 3075 */ 3076 len = MASK_AND_RSHIFT(rxstat, ATW_RXSTAT_FL_MASK); 3077 3078 /* 3079 * Allocate a new mbuf cluster. If that fails, we are 3080 * out of memory, and must drop the packet and recycle 3081 * the buffer that's already attached to this descriptor. 3082 */ 3083 m = rxs->rxs_mbuf; 3084 if (atw_add_rxbuf(sc, i) != 0) { 3085 ifp->if_ierrors++; 3086 ATW_INIT_RXDESC(sc, i); 3087 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3088 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 3089 continue; 3090 } 3091 3092 ifp->if_ipackets++; 3093 if (sc->sc_opmode & ATW_NAR_PR) 3094 len -= IEEE80211_CRC_LEN; 3095 m->m_pkthdr.rcvif = ifp; 3096 m->m_pkthdr.len = m->m_len = MIN(m->m_ext.ext_size, len); 3097 3098 if (rate0 >= sizeof(rate_tbl) / sizeof(rate_tbl[0])) 3099 rate = 0; 3100 else 3101 rate = rate_tbl[rate0]; 3102 3103 /* The RSSI comes straight from a register in the 3104 * baseband processor. I know that for the RF3000, 3105 * the RSSI register also contains the antenna-selection 3106 * bits. Mask those off. 3107 * 3108 * TBD Treat other basebands. 3109 */ 3110 if (sc->sc_bbptype == ATW_BBPTYPE_RFMD) 3111 rssi = rssi0 & RF3000_RSSI_MASK; 3112 else 3113 rssi = rssi0; 3114 3115 #if NBPFILTER > 0 3116 /* Pass this up to any BPF listeners. */ 3117 if (sc->sc_radiobpf != NULL) { 3118 struct atw_rx_radiotap_header *tap = &sc->sc_rxtap; 3119 3120 tap->ar_rate = rate; 3121 tap->ar_chan_freq = ic->ic_bss->ni_chan->ic_freq; 3122 tap->ar_chan_flags = ic->ic_bss->ni_chan->ic_flags; 3123 3124 /* TBD verify units are dB */ 3125 tap->ar_antsignal = (int)rssi; 3126 /* TBD tap->ar_flags */ 3127 3128 bpf_mtap2(sc->sc_radiobpf, (caddr_t)tap, 3129 tap->ar_ihdr.it_len, m); 3130 } 3131 #endif /* NPBFILTER > 0 */ 3132 3133 wh = mtod(m, struct ieee80211_frame *); 3134 ni = ieee80211_find_rxnode(ic, wh); 3135 if (atw_hw_decrypted(sc, wh)) 3136 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 3137 ieee80211_input(ifp, m, ni, (int)rssi, 0); 3138 /* 3139 * The frame may have caused the node to be marked for 3140 * reclamation (e.g. in response to a DEAUTH message) 3141 * so use release_node here instead of unref_node. 3142 */ 3143 ieee80211_release_node(ic, ni); 3144 } 3145 3146 /* Update the receive pointer. */ 3147 sc->sc_rxptr = i; 3148 } 3149 3150 /* 3151 * atw_txintr: 3152 * 3153 * Helper; handle transmit interrupts. 3154 */ 3155 void 3156 atw_txintr(struct atw_softc *sc) 3157 { 3158 #define TXSTAT_ERRMASK (ATW_TXSTAT_TUF | ATW_TXSTAT_TLT | ATW_TXSTAT_TRT | \ 3159 ATW_TXSTAT_TRO | ATW_TXSTAT_SOFBR) 3160 #define TXSTAT_FMT "\20\31ATW_TXSTAT_SOFBR\32ATW_TXSTAT_TRO\33ATW_TXSTAT_TUF" \ 3161 "\34ATW_TXSTAT_TRT\35ATW_TXSTAT_TLT" 3162 3163 static char txstat_buf[sizeof("ffffffff<>" TXSTAT_FMT)]; 3164 struct ifnet *ifp = &sc->sc_ic.ic_if; 3165 struct atw_txsoft *txs; 3166 u_int32_t txstat; 3167 3168 DPRINTF3(sc, ("%s: atw_txintr: sc_flags 0x%08x\n", 3169 sc->sc_dev.dv_xname, sc->sc_flags)); 3170 3171 ifp->if_flags &= ~IFF_OACTIVE; 3172 3173 /* 3174 * Go through our Tx list and free mbufs for those 3175 * frames that have been transmitted. 3176 */ 3177 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 3178 ATW_CDTXSYNC(sc, txs->txs_lastdesc, 1, 3179 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3180 3181 #ifdef ATW_DEBUG 3182 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3183 int i; 3184 printf(" txsoft %p transmit chain:\n", txs); 3185 ATW_CDTXSYNC(sc, txs->txs_firstdesc, 3186 txs->txs_ndescs - 1, 3187 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3188 for (i = txs->txs_firstdesc;; i = ATW_NEXTTX(i)) { 3189 printf(" descriptor %d:\n", i); 3190 printf(" at_status: 0x%08x\n", 3191 le32toh(sc->sc_txdescs[i].at_stat)); 3192 printf(" at_flags: 0x%08x\n", 3193 le32toh(sc->sc_txdescs[i].at_flags)); 3194 printf(" at_buf1: 0x%08x\n", 3195 le32toh(sc->sc_txdescs[i].at_buf1)); 3196 printf(" at_buf2: 0x%08x\n", 3197 le32toh(sc->sc_txdescs[i].at_buf2)); 3198 if (i == txs->txs_lastdesc) 3199 break; 3200 } 3201 } 3202 #endif 3203 3204 txstat = le32toh(sc->sc_txdescs[txs->txs_lastdesc].at_stat); 3205 if (txstat & ATW_TXSTAT_OWN) 3206 break; 3207 3208 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 3209 3210 sc->sc_txfree += txs->txs_ndescs; 3211 3212 bus_dmamap_sync(sc->sc_dmat, txs->txs_dmamap, 3213 0, txs->txs_dmamap->dm_mapsize, 3214 BUS_DMASYNC_POSTWRITE); 3215 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 3216 m_freem(txs->txs_mbuf); 3217 txs->txs_mbuf = NULL; 3218 3219 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 3220 3221 if ((ifp->if_flags & IFF_DEBUG) != 0 && 3222 (txstat & TXSTAT_ERRMASK) != 0) { 3223 bitmask_snprintf(txstat & TXSTAT_ERRMASK, TXSTAT_FMT, 3224 txstat_buf, sizeof(txstat_buf)); 3225 printf("%s: txstat %s %d\n", sc->sc_dev.dv_xname, 3226 txstat_buf, 3227 MASK_AND_RSHIFT(txstat, ATW_TXSTAT_ARC_MASK)); 3228 } 3229 3230 /* 3231 * Check for errors and collisions. 3232 */ 3233 if (txstat & ATW_TXSTAT_TUF) 3234 sc->sc_stats.ts_tx_tuf++; 3235 if (txstat & ATW_TXSTAT_TLT) 3236 sc->sc_stats.ts_tx_tlt++; 3237 if (txstat & ATW_TXSTAT_TRT) 3238 sc->sc_stats.ts_tx_trt++; 3239 if (txstat & ATW_TXSTAT_TRO) 3240 sc->sc_stats.ts_tx_tro++; 3241 if (txstat & ATW_TXSTAT_SOFBR) { 3242 sc->sc_stats.ts_tx_sofbr++; 3243 } 3244 3245 if ((txstat & ATW_TXSTAT_ES) == 0) 3246 ifp->if_collisions += 3247 MASK_AND_RSHIFT(txstat, ATW_TXSTAT_ARC_MASK); 3248 else 3249 ifp->if_oerrors++; 3250 3251 ifp->if_opackets++; 3252 } 3253 3254 /* 3255 * If there are no more pending transmissions, cancel the watchdog 3256 * timer. 3257 */ 3258 if (txs == NULL) 3259 sc->sc_tx_timer = 0; 3260 #undef TXSTAT_ERRMASK 3261 #undef TXSTAT_FMT 3262 } 3263 3264 /* 3265 * atw_watchdog: [ifnet interface function] 3266 * 3267 * Watchdog timer handler. 3268 */ 3269 void 3270 atw_watchdog(struct ifnet *ifp) 3271 { 3272 struct atw_softc *sc = ifp->if_softc; 3273 struct ieee80211com *ic = &sc->sc_ic; 3274 3275 ifp->if_timer = 0; 3276 if (ATW_IS_ENABLED(sc) == 0) 3277 return; 3278 3279 if (sc->sc_rescan_timer) { 3280 if (--sc->sc_rescan_timer == 0) 3281 (void)ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3282 } 3283 if (sc->sc_tx_timer) { 3284 if (--sc->sc_tx_timer == 0 && 3285 !SIMPLEQ_EMPTY(&sc->sc_txdirtyq)) { 3286 printf("%s: transmit timeout\n", ifp->if_xname); 3287 ifp->if_oerrors++; 3288 (void)atw_init(ifp); 3289 atw_start(ifp); 3290 } 3291 } 3292 if (sc->sc_tx_timer != 0 || sc->sc_rescan_timer != 0) 3293 ifp->if_timer = 1; 3294 ieee80211_watchdog(ifp); 3295 } 3296 3297 /* Compute the 802.11 Duration field and the PLCP Length fields for 3298 * a len-byte frame (HEADER + PAYLOAD + FCS) sent at rate * 500Kbps. 3299 * Write the fields to the ADM8211 Tx header, frm. 3300 * 3301 * TBD use the fragmentation threshold to find the right duration for 3302 * the first & last fragments. 3303 * 3304 * TBD make certain of the duration fields applied by the ADM8211 to each 3305 * fragment. I think that the ADM8211 knows how to subtract the CTS 3306 * duration when ATW_HDRCTL_RTSCTS is clear; that is why I add it regardless. 3307 * I also think that the ADM8211 does *some* arithmetic for us, because 3308 * otherwise I think we would have to set a first duration for CTS/first 3309 * fragment, a second duration for fragments between the first and the 3310 * last, and a third duration for the last fragment. 3311 * 3312 * TBD make certain that duration fields reflect addition of FCS/WEP 3313 * and correct duration arithmetic as necessary. 3314 */ 3315 static void 3316 atw_frame_setdurs(struct atw_softc *sc, struct atw_frame *frm, int rate, 3317 int len) 3318 { 3319 int remainder; 3320 3321 /* deal also with encrypted fragments */ 3322 if (frm->atw_hdrctl & htole16(ATW_HDRCTL_WEP)) { 3323 DPRINTF2(sc, ("%s: atw_frame_setdurs len += 8\n", 3324 sc->sc_dev.dv_xname)); 3325 len += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + 3326 IEEE80211_WEP_CRCLEN; 3327 } 3328 3329 /* 802.11 Duration Field for CTS/Data/ACK sequence minus FCS & WEP 3330 * duration (XXX added by MAC?). 3331 */ 3332 frm->atw_head_dur = (16 * (len - IEEE80211_CRC_LEN)) / rate; 3333 remainder = (16 * (len - IEEE80211_CRC_LEN)) % rate; 3334 3335 if (rate <= 4) 3336 /* 1-2Mbps WLAN: send ACK/CTS at 1Mbps */ 3337 frm->atw_head_dur += 3 * (IEEE80211_DUR_DS_SIFS + 3338 IEEE80211_DUR_DS_SHORT_PREAMBLE + 3339 IEEE80211_DUR_DS_FAST_PLCPHDR) + 3340 IEEE80211_DUR_DS_SLOW_CTS + IEEE80211_DUR_DS_SLOW_ACK; 3341 else 3342 /* 5-11Mbps WLAN: send ACK/CTS at 2Mbps */ 3343 frm->atw_head_dur += 3 * (IEEE80211_DUR_DS_SIFS + 3344 IEEE80211_DUR_DS_SHORT_PREAMBLE + 3345 IEEE80211_DUR_DS_FAST_PLCPHDR) + 3346 IEEE80211_DUR_DS_FAST_CTS + IEEE80211_DUR_DS_FAST_ACK; 3347 3348 /* lengthen duration if long preamble */ 3349 if ((sc->sc_flags & ATWF_SHORT_PREAMBLE) == 0) 3350 frm->atw_head_dur += 3351 3 * (IEEE80211_DUR_DS_LONG_PREAMBLE - 3352 IEEE80211_DUR_DS_SHORT_PREAMBLE) + 3353 3 * (IEEE80211_DUR_DS_SLOW_PLCPHDR - 3354 IEEE80211_DUR_DS_FAST_PLCPHDR); 3355 3356 if (remainder != 0) 3357 frm->atw_head_dur++; 3358 3359 if ((atw_voodoo & VOODOO_DUR_2_4_SPECIALCASE) && 3360 (rate == 2 || rate == 4)) { 3361 /* derived from Linux: how could this be right? */ 3362 frm->atw_head_plcplen = frm->atw_head_dur; 3363 } else { 3364 frm->atw_head_plcplen = (16 * len) / rate; 3365 remainder = (80 * len) % (rate * 5); 3366 3367 if (remainder != 0) { 3368 frm->atw_head_plcplen++; 3369 3370 /* XXX magic */ 3371 if ((atw_voodoo & VOODOO_DUR_11_ROUNDING) && 3372 rate == 22 && remainder <= 30) 3373 frm->atw_head_plcplen |= 0x8000; 3374 } 3375 } 3376 frm->atw_tail_plcplen = frm->atw_head_plcplen = 3377 htole16(frm->atw_head_plcplen); 3378 frm->atw_tail_dur = frm->atw_head_dur = htole16(frm->atw_head_dur); 3379 } 3380 3381 #ifdef ATW_DEBUG 3382 static void 3383 atw_dump_pkt(struct ifnet *ifp, struct mbuf *m0) 3384 { 3385 struct atw_softc *sc = ifp->if_softc; 3386 struct mbuf *m; 3387 int i, noctets = 0; 3388 3389 printf("%s: %d-byte packet\n", sc->sc_dev.dv_xname, 3390 m0->m_pkthdr.len); 3391 3392 for (m = m0; m; m = m->m_next) { 3393 if (m->m_len == 0) 3394 continue; 3395 for (i = 0; i < m->m_len; i++) { 3396 printf(" %02x", ((u_int8_t*)m->m_data)[i]); 3397 if (++noctets % 24 == 0) 3398 printf("\n"); 3399 } 3400 } 3401 printf("%s%s: %d bytes emitted\n", 3402 (noctets % 24 != 0) ? "\n" : "", sc->sc_dev.dv_xname, noctets); 3403 } 3404 #endif /* ATW_DEBUG */ 3405 3406 /* 3407 * atw_start: [ifnet interface function] 3408 * 3409 * Start packet transmission on the interface. 3410 */ 3411 void 3412 atw_start(struct ifnet *ifp) 3413 { 3414 struct atw_softc *sc = ifp->if_softc; 3415 struct ieee80211com *ic = &sc->sc_ic; 3416 struct ieee80211_node *ni; 3417 struct ieee80211_frame *wh; 3418 struct atw_frame *hh; 3419 struct mbuf *m0, *m; 3420 struct atw_txsoft *txs, *last_txs; 3421 struct atw_txdesc *txd; 3422 int do_encrypt, rate; 3423 bus_dmamap_t dmamap; 3424 int ctl, error, firsttx, nexttx, lasttx = -1, first, ofree, seg; 3425 3426 DPRINTF2(sc, ("%s: atw_start: sc_flags 0x%08x, if_flags 0x%08x\n", 3427 sc->sc_dev.dv_xname, sc->sc_flags, ifp->if_flags)); 3428 3429 if ((ifp->if_flags & (IFF_RUNNING|IFF_OACTIVE)) != IFF_RUNNING) 3430 return; 3431 3432 /* 3433 * Remember the previous number of free descriptors and 3434 * the first descriptor we'll use. 3435 */ 3436 ofree = sc->sc_txfree; 3437 firsttx = sc->sc_txnext; 3438 3439 DPRINTF2(sc, ("%s: atw_start: txfree %d, txnext %d\n", 3440 sc->sc_dev.dv_xname, ofree, firsttx)); 3441 3442 /* 3443 * Loop through the send queue, setting up transmit descriptors 3444 * until we drain the queue, or use up all available transmit 3445 * descriptors. 3446 */ 3447 while ((txs = SIMPLEQ_FIRST(&sc->sc_txfreeq)) != NULL && 3448 sc->sc_txfree != 0) { 3449 3450 /* 3451 * Grab a packet off the management queue, if it 3452 * is not empty. Otherwise, from the data queue. 3453 */ 3454 IF_DEQUEUE(&ic->ic_mgtq, m0); 3455 if (m0 != NULL) { 3456 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 3457 m0->m_pkthdr.rcvif = NULL; 3458 } else { 3459 /* send no data packets until we are associated */ 3460 if (ic->ic_state != IEEE80211_S_RUN) 3461 break; 3462 IFQ_DEQUEUE(&ifp->if_snd, m0); 3463 if (m0 == NULL) 3464 break; 3465 #if NBPFILTER > 0 3466 if (ifp->if_bpf != NULL) 3467 bpf_mtap(ifp->if_bpf, m0); 3468 #endif /* NBPFILTER > 0 */ 3469 if ((m0 = ieee80211_encap(ifp, m0, &ni)) == NULL) { 3470 ifp->if_oerrors++; 3471 break; 3472 } 3473 } 3474 3475 rate = MAX(ieee80211_get_rate(ic), 2); 3476 3477 #if NBPFILTER > 0 3478 /* 3479 * Pass the packet to any BPF listeners. 3480 */ 3481 if (ic->ic_rawbpf != NULL) 3482 bpf_mtap((caddr_t)ic->ic_rawbpf, m0); 3483 3484 if (sc->sc_radiobpf != NULL) { 3485 struct atw_tx_radiotap_header *tap = &sc->sc_txtap; 3486 3487 tap->at_rate = rate; 3488 tap->at_chan_freq = ic->ic_bss->ni_chan->ic_freq; 3489 tap->at_chan_flags = ic->ic_bss->ni_chan->ic_flags; 3490 3491 /* TBD tap->at_flags */ 3492 3493 bpf_mtap2(sc->sc_radiobpf, (caddr_t)tap, 3494 tap->at_ihdr.it_len, m0); 3495 } 3496 #endif /* NBPFILTER > 0 */ 3497 3498 M_PREPEND(m0, offsetof(struct atw_frame, atw_ihdr), M_DONTWAIT); 3499 3500 if (ni != NULL) 3501 ieee80211_release_node(ic, ni); 3502 3503 if (m0 == NULL) { 3504 ifp->if_oerrors++; 3505 break; 3506 } 3507 3508 /* just to make sure. */ 3509 m0 = m_pullup(m0, sizeof(struct atw_frame)); 3510 3511 if (m0 == NULL) { 3512 ifp->if_oerrors++; 3513 break; 3514 } 3515 3516 hh = mtod(m0, struct atw_frame *); 3517 wh = &hh->atw_ihdr; 3518 3519 do_encrypt = ((wh->i_fc[1] & IEEE80211_FC1_WEP) != 0) ? 1 : 0; 3520 3521 /* Copy everything we need from the 802.11 header: 3522 * Frame Control; address 1, address 3, or addresses 3523 * 3 and 4. NIC fills in BSSID, SA. 3524 */ 3525 if (wh->i_fc[1] & IEEE80211_FC1_DIR_TODS) { 3526 if (wh->i_fc[1] & IEEE80211_FC1_DIR_FROMDS) 3527 panic("%s: illegal WDS frame", 3528 sc->sc_dev.dv_xname); 3529 memcpy(hh->atw_dst, wh->i_addr3, IEEE80211_ADDR_LEN); 3530 } else 3531 memcpy(hh->atw_dst, wh->i_addr1, IEEE80211_ADDR_LEN); 3532 3533 *(u_int16_t*)hh->atw_fc = *(u_int16_t*)wh->i_fc; 3534 3535 /* initialize remaining Tx parameters */ 3536 memset(&hh->u, 0, sizeof(hh->u)); 3537 3538 hh->atw_rate = rate * 5; 3539 /* XXX this could be incorrect if M_FCS. _encap should 3540 * probably strip FCS just in case it sticks around in 3541 * bridged packets. 3542 */ 3543 hh->atw_service = 0x00; /* XXX guess */ 3544 hh->atw_paylen = htole16(m0->m_pkthdr.len - 3545 sizeof(struct atw_frame)); 3546 3547 hh->atw_fragthr = htole16(ATW_FRAGTHR_FRAGTHR_MASK); 3548 hh->atw_rtylmt = 3; 3549 hh->atw_hdrctl = htole16(ATW_HDRCTL_UNKNOWN1); 3550 if (do_encrypt) { 3551 hh->atw_hdrctl |= htole16(ATW_HDRCTL_WEP); 3552 hh->atw_keyid = ic->ic_wep_txkey; 3553 } 3554 3555 /* TBD 4-addr frames */ 3556 atw_frame_setdurs(sc, hh, rate, 3557 m0->m_pkthdr.len - sizeof(struct atw_frame) + 3558 sizeof(struct ieee80211_frame) + IEEE80211_CRC_LEN); 3559 3560 /* never fragment multicast frames */ 3561 if (IEEE80211_IS_MULTICAST(hh->atw_dst)) { 3562 hh->atw_fragthr = htole16(ATW_FRAGTHR_FRAGTHR_MASK); 3563 } else if (sc->sc_flags & ATWF_RTSCTS) { 3564 hh->atw_hdrctl |= htole16(ATW_HDRCTL_RTSCTS); 3565 } 3566 3567 #ifdef ATW_DEBUG 3568 hh->atw_fragnum = 0; 3569 3570 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3571 printf("%s: dst = %s, rate = 0x%02x, " 3572 "service = 0x%02x, paylen = 0x%04x\n", 3573 sc->sc_dev.dv_xname, ether_sprintf(hh->atw_dst), 3574 hh->atw_rate, hh->atw_service, hh->atw_paylen); 3575 3576 printf("%s: fc[0] = 0x%02x, fc[1] = 0x%02x, " 3577 "dur1 = 0x%04x, dur2 = 0x%04x, " 3578 "dur3 = 0x%04x, rts_dur = 0x%04x\n", 3579 sc->sc_dev.dv_xname, hh->atw_fc[0], hh->atw_fc[1], 3580 hh->atw_tail_plcplen, hh->atw_head_plcplen, 3581 hh->atw_tail_dur, hh->atw_head_dur); 3582 3583 printf("%s: hdrctl = 0x%04x, fragthr = 0x%04x, " 3584 "fragnum = 0x%02x, rtylmt = 0x%04x\n", 3585 sc->sc_dev.dv_xname, hh->atw_hdrctl, 3586 hh->atw_fragthr, hh->atw_fragnum, hh->atw_rtylmt); 3587 3588 printf("%s: keyid = %d\n", 3589 sc->sc_dev.dv_xname, hh->atw_keyid); 3590 3591 atw_dump_pkt(ifp, m0); 3592 } 3593 #endif /* ATW_DEBUG */ 3594 3595 dmamap = txs->txs_dmamap; 3596 3597 /* 3598 * Load the DMA map. Copy and try (once) again if the packet 3599 * didn't fit in the alloted number of segments. 3600 */ 3601 for (first = 1; 3602 (error = bus_dmamap_load_mbuf(sc->sc_dmat, dmamap, m0, 3603 BUS_DMA_WRITE|BUS_DMA_NOWAIT)) != 0 && first; 3604 first = 0) { 3605 MGETHDR(m, M_DONTWAIT, MT_DATA); 3606 if (m == NULL) { 3607 printf("%s: unable to allocate Tx mbuf\n", 3608 sc->sc_dev.dv_xname); 3609 break; 3610 } 3611 if (m0->m_pkthdr.len > MHLEN) { 3612 MCLGET(m, M_DONTWAIT); 3613 if ((m->m_flags & M_EXT) == 0) { 3614 printf("%s: unable to allocate Tx " 3615 "cluster\n", sc->sc_dev.dv_xname); 3616 m_freem(m); 3617 break; 3618 } 3619 } 3620 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(m, caddr_t)); 3621 m->m_pkthdr.len = m->m_len = m0->m_pkthdr.len; 3622 m_freem(m0); 3623 m0 = m; 3624 m = NULL; 3625 } 3626 if (error != 0) { 3627 printf("%s: unable to load Tx buffer, " 3628 "error = %d\n", sc->sc_dev.dv_xname, error); 3629 m_freem(m0); 3630 break; 3631 } 3632 3633 /* 3634 * Ensure we have enough descriptors free to describe 3635 * the packet. 3636 */ 3637 if (dmamap->dm_nsegs > sc->sc_txfree) { 3638 /* 3639 * Not enough free descriptors to transmit 3640 * this packet. Unload the DMA map and 3641 * drop the packet. Notify the upper layer 3642 * that there are no more slots left. 3643 * 3644 * XXX We could allocate an mbuf and copy, but 3645 * XXX it is worth it? 3646 */ 3647 ifp->if_flags |= IFF_OACTIVE; 3648 bus_dmamap_unload(sc->sc_dmat, dmamap); 3649 m_freem(m0); 3650 break; 3651 } 3652 3653 /* 3654 * WE ARE NOW COMMITTED TO TRANSMITTING THE PACKET. 3655 */ 3656 3657 /* Sync the DMA map. */ 3658 bus_dmamap_sync(sc->sc_dmat, dmamap, 0, dmamap->dm_mapsize, 3659 BUS_DMASYNC_PREWRITE); 3660 3661 /* XXX arbitrary retry limit; 8 because I have seen it in 3662 * use already and maybe 0 means "no tries" ! 3663 */ 3664 ctl = htole32(LSHIFT(8, ATW_TXCTL_TL_MASK)); 3665 3666 DPRINTF2(sc, ("%s: TXDR <- max(10, %d)\n", 3667 sc->sc_dev.dv_xname, rate * 5)); 3668 ctl |= htole32(LSHIFT(MAX(10, rate * 5), ATW_TXCTL_TXDR_MASK)); 3669 3670 /* 3671 * Initialize the transmit descriptors. 3672 */ 3673 for (nexttx = sc->sc_txnext, seg = 0; 3674 seg < dmamap->dm_nsegs; 3675 seg++, nexttx = ATW_NEXTTX(nexttx)) { 3676 /* 3677 * If this is the first descriptor we're 3678 * enqueueing, don't set the OWN bit just 3679 * yet. That could cause a race condition. 3680 * We'll do it below. 3681 */ 3682 txd = &sc->sc_txdescs[nexttx]; 3683 txd->at_ctl = ctl | 3684 ((nexttx == firsttx) ? 0 : htole32(ATW_TXCTL_OWN)); 3685 3686 txd->at_buf1 = htole32(dmamap->dm_segs[seg].ds_addr); 3687 txd->at_flags = 3688 htole32(LSHIFT(dmamap->dm_segs[seg].ds_len, 3689 ATW_TXFLAG_TBS1_MASK)) | 3690 ((nexttx == (ATW_NTXDESC - 1)) 3691 ? htole32(ATW_TXFLAG_TER) : 0); 3692 lasttx = nexttx; 3693 } 3694 3695 IASSERT(lasttx != -1, ("bad lastx")); 3696 /* Set `first segment' and `last segment' appropriately. */ 3697 sc->sc_txdescs[sc->sc_txnext].at_flags |= 3698 htole32(ATW_TXFLAG_FS); 3699 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_LS); 3700 3701 #ifdef ATW_DEBUG 3702 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3703 printf(" txsoft %p transmit chain:\n", txs); 3704 for (seg = sc->sc_txnext;; seg = ATW_NEXTTX(seg)) { 3705 printf(" descriptor %d:\n", seg); 3706 printf(" at_ctl: 0x%08x\n", 3707 le32toh(sc->sc_txdescs[seg].at_ctl)); 3708 printf(" at_flags: 0x%08x\n", 3709 le32toh(sc->sc_txdescs[seg].at_flags)); 3710 printf(" at_buf1: 0x%08x\n", 3711 le32toh(sc->sc_txdescs[seg].at_buf1)); 3712 printf(" at_buf2: 0x%08x\n", 3713 le32toh(sc->sc_txdescs[seg].at_buf2)); 3714 if (seg == lasttx) 3715 break; 3716 } 3717 } 3718 #endif 3719 3720 /* Sync the descriptors we're using. */ 3721 ATW_CDTXSYNC(sc, sc->sc_txnext, dmamap->dm_nsegs, 3722 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3723 3724 /* 3725 * Store a pointer to the packet so we can free it later, 3726 * and remember what txdirty will be once the packet is 3727 * done. 3728 */ 3729 txs->txs_mbuf = m0; 3730 txs->txs_firstdesc = sc->sc_txnext; 3731 txs->txs_lastdesc = lasttx; 3732 txs->txs_ndescs = dmamap->dm_nsegs; 3733 3734 /* Advance the tx pointer. */ 3735 sc->sc_txfree -= dmamap->dm_nsegs; 3736 sc->sc_txnext = nexttx; 3737 3738 SIMPLEQ_REMOVE_HEAD(&sc->sc_txfreeq, txs_q); 3739 SIMPLEQ_INSERT_TAIL(&sc->sc_txdirtyq, txs, txs_q); 3740 3741 last_txs = txs; 3742 } 3743 3744 if (txs == NULL || sc->sc_txfree == 0) { 3745 /* No more slots left; notify upper layer. */ 3746 ifp->if_flags |= IFF_OACTIVE; 3747 } 3748 3749 if (sc->sc_txfree != ofree) { 3750 DPRINTF2(sc, ("%s: packets enqueued, IC on %d, OWN on %d\n", 3751 sc->sc_dev.dv_xname, lasttx, firsttx)); 3752 /* 3753 * Cause a transmit interrupt to happen on the 3754 * last packet we enqueued. 3755 */ 3756 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_IC); 3757 ATW_CDTXSYNC(sc, lasttx, 1, 3758 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3759 3760 /* 3761 * The entire packet chain is set up. Give the 3762 * first descriptor to the chip now. 3763 */ 3764 sc->sc_txdescs[firsttx].at_ctl |= htole32(ATW_TXCTL_OWN); 3765 ATW_CDTXSYNC(sc, firsttx, 1, 3766 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3767 3768 /* Wake up the transmitter. */ 3769 ATW_WRITE(sc, ATW_TDR, 0x1); 3770 3771 /* Set a watchdog timer in case the chip flakes out. */ 3772 sc->sc_tx_timer = 5; 3773 ifp->if_timer = 1; 3774 } 3775 } 3776 3777 /* 3778 * atw_power: 3779 * 3780 * Power management (suspend/resume) hook. 3781 */ 3782 void 3783 atw_power(int why, void *arg) 3784 { 3785 struct atw_softc *sc = arg; 3786 struct ifnet *ifp = &sc->sc_ic.ic_if; 3787 int s; 3788 3789 DPRINTF(sc, ("%s: atw_power(%d,)\n", sc->sc_dev.dv_xname, why)); 3790 3791 s = splnet(); 3792 switch (why) { 3793 case PWR_STANDBY: 3794 /* XXX do nothing. */ 3795 break; 3796 case PWR_SUSPEND: 3797 atw_stop(ifp, 0); 3798 if (sc->sc_power != NULL) 3799 (*sc->sc_power)(sc, why); 3800 break; 3801 case PWR_RESUME: 3802 if (ifp->if_flags & IFF_UP) { 3803 if (sc->sc_power != NULL) 3804 (*sc->sc_power)(sc, why); 3805 atw_init(ifp); 3806 } 3807 break; 3808 case PWR_SOFTSUSPEND: 3809 case PWR_SOFTSTANDBY: 3810 case PWR_SOFTRESUME: 3811 break; 3812 } 3813 splx(s); 3814 } 3815 3816 /* 3817 * atw_ioctl: [ifnet interface function] 3818 * 3819 * Handle control requests from the operator. 3820 */ 3821 int 3822 atw_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3823 { 3824 struct atw_softc *sc = ifp->if_softc; 3825 struct ifreq *ifr = (struct ifreq *)data; 3826 int s, error = 0; 3827 3828 /* XXX monkey see, monkey do. comes from wi_ioctl. */ 3829 if ((sc->sc_dev.dv_flags & DVF_ACTIVE) == 0) 3830 return ENXIO; 3831 3832 s = splnet(); 3833 3834 switch (cmd) { 3835 case SIOCSIFFLAGS: 3836 if (ifp->if_flags & IFF_UP) { 3837 if (ATW_IS_ENABLED(sc)) { 3838 /* 3839 * To avoid rescanning another access point, 3840 * do not call atw_init() here. Instead, 3841 * only reflect media settings. 3842 */ 3843 atw_filter_setup(sc); 3844 } else 3845 error = atw_init(ifp); 3846 } else if (ATW_IS_ENABLED(sc)) 3847 atw_stop(ifp, 1); 3848 break; 3849 case SIOCADDMULTI: 3850 case SIOCDELMULTI: 3851 error = (cmd == SIOCADDMULTI) ? 3852 ether_addmulti(ifr, &sc->sc_ic.ic_ec) : 3853 ether_delmulti(ifr, &sc->sc_ic.ic_ec); 3854 if (error == ENETRESET) { 3855 if (ifp->if_flags & IFF_RUNNING) 3856 atw_filter_setup(sc); /* do not rescan */ 3857 error = 0; 3858 } 3859 break; 3860 default: 3861 error = ieee80211_ioctl(ifp, cmd, data); 3862 if (error == ENETRESET) { 3863 if (ATW_IS_ENABLED(sc)) 3864 error = atw_init(ifp); 3865 else 3866 error = 0; 3867 } 3868 break; 3869 } 3870 3871 /* Try to get more packets going. */ 3872 if (ATW_IS_ENABLED(sc)) 3873 atw_start(ifp); 3874 3875 splx(s); 3876 return (error); 3877 } 3878 3879 static int 3880 atw_media_change(struct ifnet *ifp) 3881 { 3882 int error; 3883 3884 error = ieee80211_media_change(ifp); 3885 if (error == ENETRESET) { 3886 if ((ifp->if_flags & (IFF_RUNNING|IFF_UP)) == 3887 (IFF_RUNNING|IFF_UP)) 3888 atw_init(ifp); /* XXX lose error */ 3889 error = 0; 3890 } 3891 return error; 3892 } 3893 3894 static void 3895 atw_media_status(struct ifnet *ifp, struct ifmediareq *imr) 3896 { 3897 struct atw_softc *sc = ifp->if_softc; 3898 3899 if (ATW_IS_ENABLED(sc) == 0) { 3900 imr->ifm_active = IFM_IEEE80211 | IFM_NONE; 3901 imr->ifm_status = 0; 3902 return; 3903 } 3904 ieee80211_media_status(ifp, imr); 3905 } 3906