1 /* $NetBSD: atw.c,v 1.105 2005/12/29 22:20:03 dyoung Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 1999, 2000, 2002, 2003, 2004 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by David Young, by Jason R. Thorpe, and by Charles M. Hannum. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39 /* 40 * Device driver for the ADMtek ADM8211 802.11 MAC/BBP. 41 */ 42 43 #include <sys/cdefs.h> 44 __KERNEL_RCSID(0, "$NetBSD: atw.c,v 1.105 2005/12/29 22:20:03 dyoung Exp $"); 45 46 #include "bpfilter.h" 47 48 #include <sys/param.h> 49 #include <sys/systm.h> 50 #include <sys/callout.h> 51 #include <sys/mbuf.h> 52 #include <sys/malloc.h> 53 #include <sys/kernel.h> 54 #include <sys/socket.h> 55 #include <sys/ioctl.h> 56 #include <sys/errno.h> 57 #include <sys/device.h> 58 #include <sys/time.h> 59 60 #include <machine/endian.h> 61 62 #include <uvm/uvm_extern.h> 63 64 #include <net/if.h> 65 #include <net/if_dl.h> 66 #include <net/if_media.h> 67 #include <net/if_ether.h> 68 69 #include <net80211/ieee80211_netbsd.h> 70 #include <net80211/ieee80211_var.h> 71 #include <net80211/ieee80211_radiotap.h> 72 73 #if NBPFILTER > 0 74 #include <net/bpf.h> 75 #endif 76 77 #include <machine/bus.h> 78 #include <machine/intr.h> 79 80 #include <dev/ic/atwreg.h> 81 #include <dev/ic/rf3000reg.h> 82 #include <dev/ic/si4136reg.h> 83 #include <dev/ic/atwvar.h> 84 #include <dev/ic/smc93cx6var.h> 85 86 /* XXX TBD open questions 87 * 88 * 89 * When should I set DSSS PAD in reg 0x15 of RF3000? In 1-2Mbps 90 * modes only, or all modes (5.5-11 Mbps CCK modes, too?) Does the MAC 91 * handle this for me? 92 * 93 */ 94 /* device attachment 95 * 96 * print TOFS[012] 97 * 98 * device initialization 99 * 100 * clear ATW_FRCTL_MAXPSP to disable max power saving 101 * set ATW_TXBR_ALCUPDATE to enable ALC 102 * set TOFS[012]? (hope not) 103 * disable rx/tx 104 * set ATW_PAR_SWR (software reset) 105 * wait for ATW_PAR_SWR clear 106 * disable interrupts 107 * ack status register 108 * enable interrupts 109 * 110 * rx/tx initialization 111 * 112 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 113 * allocate and init descriptor rings 114 * write ATW_PAR_DSL (descriptor skip length) 115 * write descriptor base addrs: ATW_TDBD, ATW_TDBP, write ATW_RDB 116 * write ATW_NAR_SQ for one/both transmit descriptor rings 117 * write ATW_NAR_SQ for one/both transmit descriptor rings 118 * enable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 119 * 120 * rx/tx end 121 * 122 * stop DMA 123 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 124 * flush tx w/ ATW_NAR_HF 125 * 126 * scan 127 * 128 * initialize rx/tx 129 * 130 * BSS join: (re)association response 131 * 132 * set ATW_FRCTL_AID 133 * 134 * optimizations ??? 135 * 136 */ 137 138 #define ATW_REFSLAVE /* slavishly do what the reference driver does */ 139 140 #define VOODOO_DUR_11_ROUNDING 0x01 /* necessary */ 141 #define VOODOO_DUR_2_4_SPECIALCASE 0x02 /* NOT necessary */ 142 int atw_voodoo = VOODOO_DUR_11_ROUNDING; 143 144 int atw_pseudo_milli = 1; 145 int atw_magic_delay1 = 100 * 1000; 146 int atw_magic_delay2 = 100 * 1000; 147 /* more magic multi-millisecond delays (units: microseconds) */ 148 int atw_nar_delay = 20 * 1000; 149 int atw_magic_delay4 = 10 * 1000; 150 int atw_rf_delay1 = 10 * 1000; 151 int atw_rf_delay2 = 5 * 1000; 152 int atw_plcphd_delay = 2 * 1000; 153 int atw_bbp_io_enable_delay = 20 * 1000; 154 int atw_bbp_io_disable_delay = 2 * 1000; 155 int atw_writewep_delay = 1000; 156 int atw_beacon_len_adjust = 4; 157 int atw_dwelltime = 200; 158 int atw_xindiv2 = 0; 159 160 #ifdef ATW_DEBUG 161 int atw_debug = 0; 162 163 #define ATW_DPRINTF(x) if (atw_debug > 0) printf x 164 #define ATW_DPRINTF2(x) if (atw_debug > 1) printf x 165 #define ATW_DPRINTF3(x) if (atw_debug > 2) printf x 166 #define DPRINTF(sc, x) if ((sc)->sc_if.if_flags & IFF_DEBUG) printf x 167 #define DPRINTF2(sc, x) if ((sc)->sc_if.if_flags & IFF_DEBUG) ATW_DPRINTF2(x) 168 #define DPRINTF3(sc, x) if ((sc)->sc_if.if_flags & IFF_DEBUG) ATW_DPRINTF3(x) 169 170 static void atw_dump_pkt(struct ifnet *, struct mbuf *); 171 static void atw_print_regs(struct atw_softc *, const char *); 172 173 /* Note well: I never got atw_rf3000_read or atw_si4126_read to work. */ 174 # ifdef ATW_BBPDEBUG 175 static void atw_rf3000_print(struct atw_softc *); 176 static int atw_rf3000_read(struct atw_softc *sc, u_int, u_int *); 177 # endif /* ATW_BBPDEBUG */ 178 179 # ifdef ATW_SYNDEBUG 180 static void atw_si4126_print(struct atw_softc *); 181 static int atw_si4126_read(struct atw_softc *, u_int, u_int *); 182 # endif /* ATW_SYNDEBUG */ 183 184 #else 185 #define ATW_DPRINTF(x) 186 #define ATW_DPRINTF2(x) 187 #define ATW_DPRINTF3(x) 188 #define DPRINTF(sc, x) /* nothing */ 189 #define DPRINTF2(sc, x) /* nothing */ 190 #define DPRINTF3(sc, x) /* nothing */ 191 #endif 192 193 /* ifnet methods */ 194 int atw_init(struct ifnet *); 195 int atw_ioctl(struct ifnet *, u_long, caddr_t); 196 void atw_start(struct ifnet *); 197 void atw_stop(struct ifnet *, int); 198 void atw_watchdog(struct ifnet *); 199 200 /* Device attachment */ 201 void atw_attach(struct atw_softc *); 202 int atw_detach(struct atw_softc *); 203 204 /* Rx/Tx process */ 205 int atw_add_rxbuf(struct atw_softc *, int); 206 void atw_idle(struct atw_softc *, u_int32_t); 207 void atw_rxdrain(struct atw_softc *); 208 void atw_txdrain(struct atw_softc *); 209 210 /* Device (de)activation and power state */ 211 void atw_disable(struct atw_softc *); 212 int atw_enable(struct atw_softc *); 213 void atw_power(int, void *); 214 void atw_reset(struct atw_softc *); 215 void atw_shutdown(void *); 216 217 /* Interrupt handlers */ 218 void atw_linkintr(struct atw_softc *, u_int32_t); 219 void atw_rxintr(struct atw_softc *); 220 void atw_txintr(struct atw_softc *); 221 222 /* 802.11 state machine */ 223 static int atw_newstate(struct ieee80211com *, enum ieee80211_state, int); 224 static void atw_next_scan(void *); 225 static void atw_recv_mgmt(struct ieee80211com *, struct mbuf *, 226 struct ieee80211_node *, int, int, u_int32_t); 227 static int atw_tune(struct atw_softc *); 228 229 /* Device initialization */ 230 static void atw_bbp_io_init(struct atw_softc *); 231 static void atw_cfp_init(struct atw_softc *); 232 static void atw_cmdr_init(struct atw_softc *); 233 static void atw_ifs_init(struct atw_softc *); 234 static void atw_nar_init(struct atw_softc *); 235 static void atw_response_times_init(struct atw_softc *); 236 static void atw_rf_reset(struct atw_softc *); 237 static void atw_test1_init(struct atw_softc *); 238 static void atw_tofs0_init(struct atw_softc *); 239 static void atw_tofs2_init(struct atw_softc *); 240 static void atw_txlmt_init(struct atw_softc *); 241 static void atw_wcsr_init(struct atw_softc *); 242 243 /* Key management */ 244 static int atw_key_delete(struct ieee80211com *, const struct ieee80211_key *); 245 static int atw_key_set(struct ieee80211com *, const struct ieee80211_key *, 246 const u_int8_t[IEEE80211_ADDR_LEN]); 247 static void atw_key_update_begin(struct ieee80211com *); 248 static void atw_key_update_end(struct ieee80211com *); 249 250 /* RAM/ROM utilities */ 251 static void atw_clear_sram(struct atw_softc *); 252 static void atw_write_sram(struct atw_softc *, u_int, u_int8_t *, u_int); 253 static int atw_read_srom(struct atw_softc *); 254 255 /* BSS setup */ 256 static void atw_predict_beacon(struct atw_softc *); 257 static void atw_start_beacon(struct atw_softc *, int); 258 static void atw_write_bssid(struct atw_softc *); 259 static void atw_write_ssid(struct atw_softc *); 260 static void atw_write_sup_rates(struct atw_softc *); 261 static void atw_write_wep(struct atw_softc *); 262 263 /* Media */ 264 static int atw_media_change(struct ifnet *); 265 266 static void atw_filter_setup(struct atw_softc *); 267 268 /* 802.11 utilities */ 269 static uint64_t atw_get_tsft(struct atw_softc *); 270 static inline uint32_t atw_last_even_tsft(uint32_t, uint32_t, 271 uint32_t); 272 static struct ieee80211_node *atw_node_alloc(struct ieee80211_node_table *); 273 static void atw_node_free(struct ieee80211_node *); 274 275 /* 276 * Tuner/transceiver/modem 277 */ 278 static void atw_bbp_io_enable(struct atw_softc *, int); 279 280 /* RFMD RF3000 Baseband Processor */ 281 static int atw_rf3000_init(struct atw_softc *); 282 static int atw_rf3000_tune(struct atw_softc *, u_int); 283 static int atw_rf3000_write(struct atw_softc *, u_int, u_int); 284 285 /* Silicon Laboratories Si4126 RF/IF Synthesizer */ 286 static void atw_si4126_tune(struct atw_softc *, u_int); 287 static void atw_si4126_write(struct atw_softc *, u_int, u_int); 288 289 const struct atw_txthresh_tab atw_txthresh_tab_lo[] = ATW_TXTHRESH_TAB_LO_RATE; 290 const struct atw_txthresh_tab atw_txthresh_tab_hi[] = ATW_TXTHRESH_TAB_HI_RATE; 291 292 const char *atw_tx_state[] = { 293 "STOPPED", 294 "RUNNING - read descriptor", 295 "RUNNING - transmitting", 296 "RUNNING - filling fifo", /* XXX */ 297 "SUSPENDED", 298 "RUNNING -- write descriptor", 299 "RUNNING -- write last descriptor", 300 "RUNNING - fifo full" 301 }; 302 303 const char *atw_rx_state[] = { 304 "STOPPED", 305 "RUNNING - read descriptor", 306 "RUNNING - check this packet, pre-fetch next", 307 "RUNNING - wait for reception", 308 "SUSPENDED", 309 "RUNNING - write descriptor", 310 "RUNNING - flush fifo", 311 "RUNNING - fifo drain" 312 }; 313 314 static inline int 315 is_running(struct ifnet *ifp) 316 { 317 return (ifp->if_flags & (IFF_RUNNING|IFF_UP)) == (IFF_RUNNING|IFF_UP); 318 } 319 320 int 321 atw_activate(struct device *self, enum devact act) 322 { 323 struct atw_softc *sc = (struct atw_softc *)self; 324 int rv = 0, s; 325 326 s = splnet(); 327 switch (act) { 328 case DVACT_ACTIVATE: 329 rv = EOPNOTSUPP; 330 break; 331 332 case DVACT_DEACTIVATE: 333 if_deactivate(&sc->sc_if); 334 break; 335 } 336 splx(s); 337 return rv; 338 } 339 340 /* 341 * atw_enable: 342 * 343 * Enable the ADM8211 chip. 344 */ 345 int 346 atw_enable(struct atw_softc *sc) 347 { 348 349 if (ATW_IS_ENABLED(sc) == 0) { 350 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) { 351 printf("%s: device enable failed\n", 352 sc->sc_dev.dv_xname); 353 return (EIO); 354 } 355 sc->sc_flags |= ATWF_ENABLED; 356 } 357 return (0); 358 } 359 360 /* 361 * atw_disable: 362 * 363 * Disable the ADM8211 chip. 364 */ 365 void 366 atw_disable(struct atw_softc *sc) 367 { 368 if (!ATW_IS_ENABLED(sc)) 369 return; 370 if (sc->sc_disable != NULL) 371 (*sc->sc_disable)(sc); 372 sc->sc_flags &= ~ATWF_ENABLED; 373 } 374 375 /* Returns -1 on failure. */ 376 static int 377 atw_read_srom(struct atw_softc *sc) 378 { 379 struct seeprom_descriptor sd; 380 uint32_t test0, fail_bits; 381 382 (void)memset(&sd, 0, sizeof(sd)); 383 384 test0 = ATW_READ(sc, ATW_TEST0); 385 386 switch (sc->sc_rev) { 387 case ATW_REVISION_BA: 388 case ATW_REVISION_CA: 389 fail_bits = ATW_TEST0_EPNE; 390 break; 391 default: 392 fail_bits = ATW_TEST0_EPNE|ATW_TEST0_EPSNM; 393 break; 394 } 395 if ((test0 & fail_bits) != 0) { 396 printf("%s: bad or missing/bad SROM\n", sc->sc_dev.dv_xname); 397 return -1; 398 } 399 400 switch (test0 & ATW_TEST0_EPTYP_MASK) { 401 case ATW_TEST0_EPTYP_93c66: 402 ATW_DPRINTF(("%s: 93c66 SROM\n", sc->sc_dev.dv_xname)); 403 sc->sc_sromsz = 512; 404 sd.sd_chip = C56_66; 405 break; 406 case ATW_TEST0_EPTYP_93c46: 407 ATW_DPRINTF(("%s: 93c46 SROM\n", sc->sc_dev.dv_xname)); 408 sc->sc_sromsz = 128; 409 sd.sd_chip = C46; 410 break; 411 default: 412 printf("%s: unknown SROM type %d\n", sc->sc_dev.dv_xname, 413 MASK_AND_RSHIFT(test0, ATW_TEST0_EPTYP_MASK)); 414 return -1; 415 } 416 417 sc->sc_srom = malloc(sc->sc_sromsz, M_DEVBUF, M_NOWAIT); 418 419 if (sc->sc_srom == NULL) { 420 printf("%s: unable to allocate SROM buffer\n", 421 sc->sc_dev.dv_xname); 422 return -1; 423 } 424 425 (void)memset(sc->sc_srom, 0, sc->sc_sromsz); 426 427 /* ADM8211 has a single 32-bit register for controlling the 428 * 93cx6 SROM. Bit SRS enables the serial port. There is no 429 * "ready" bit. The ADM8211 input/output sense is the reverse 430 * of read_seeprom's. 431 */ 432 sd.sd_tag = sc->sc_st; 433 sd.sd_bsh = sc->sc_sh; 434 sd.sd_regsize = 4; 435 sd.sd_control_offset = ATW_SPR; 436 sd.sd_status_offset = ATW_SPR; 437 sd.sd_dataout_offset = ATW_SPR; 438 sd.sd_CK = ATW_SPR_SCLK; 439 sd.sd_CS = ATW_SPR_SCS; 440 sd.sd_DI = ATW_SPR_SDO; 441 sd.sd_DO = ATW_SPR_SDI; 442 sd.sd_MS = ATW_SPR_SRS; 443 sd.sd_RDY = 0; 444 445 if (!read_seeprom(&sd, sc->sc_srom, 0, sc->sc_sromsz/2)) { 446 printf("%s: could not read SROM\n", sc->sc_dev.dv_xname); 447 free(sc->sc_srom, M_DEVBUF); 448 return -1; 449 } 450 #ifdef ATW_DEBUG 451 { 452 int i; 453 ATW_DPRINTF(("\nSerial EEPROM:\n\t")); 454 for (i = 0; i < sc->sc_sromsz/2; i = i + 1) { 455 if (((i % 8) == 0) && (i != 0)) { 456 ATW_DPRINTF(("\n\t")); 457 } 458 ATW_DPRINTF((" 0x%x", sc->sc_srom[i])); 459 } 460 ATW_DPRINTF(("\n")); 461 } 462 #endif /* ATW_DEBUG */ 463 return 0; 464 } 465 466 #ifdef ATW_DEBUG 467 static void 468 atw_print_regs(struct atw_softc *sc, const char *where) 469 { 470 #define PRINTREG(sc, reg) \ 471 ATW_DPRINTF2(("%s: reg[ " #reg " / %03x ] = %08x\n", \ 472 sc->sc_dev.dv_xname, reg, ATW_READ(sc, reg))) 473 474 ATW_DPRINTF2(("%s: %s\n", sc->sc_dev.dv_xname, where)); 475 476 PRINTREG(sc, ATW_PAR); 477 PRINTREG(sc, ATW_FRCTL); 478 PRINTREG(sc, ATW_TDR); 479 PRINTREG(sc, ATW_WTDP); 480 PRINTREG(sc, ATW_RDR); 481 PRINTREG(sc, ATW_WRDP); 482 PRINTREG(sc, ATW_RDB); 483 PRINTREG(sc, ATW_CSR3A); 484 PRINTREG(sc, ATW_TDBD); 485 PRINTREG(sc, ATW_TDBP); 486 PRINTREG(sc, ATW_STSR); 487 PRINTREG(sc, ATW_CSR5A); 488 PRINTREG(sc, ATW_NAR); 489 PRINTREG(sc, ATW_CSR6A); 490 PRINTREG(sc, ATW_IER); 491 PRINTREG(sc, ATW_CSR7A); 492 PRINTREG(sc, ATW_LPC); 493 PRINTREG(sc, ATW_TEST1); 494 PRINTREG(sc, ATW_SPR); 495 PRINTREG(sc, ATW_TEST0); 496 PRINTREG(sc, ATW_WCSR); 497 PRINTREG(sc, ATW_WPDR); 498 PRINTREG(sc, ATW_GPTMR); 499 PRINTREG(sc, ATW_GPIO); 500 PRINTREG(sc, ATW_BBPCTL); 501 PRINTREG(sc, ATW_SYNCTL); 502 PRINTREG(sc, ATW_PLCPHD); 503 PRINTREG(sc, ATW_MMIWADDR); 504 PRINTREG(sc, ATW_MMIRADDR1); 505 PRINTREG(sc, ATW_MMIRADDR2); 506 PRINTREG(sc, ATW_TXBR); 507 PRINTREG(sc, ATW_CSR15A); 508 PRINTREG(sc, ATW_ALCSTAT); 509 PRINTREG(sc, ATW_TOFS2); 510 PRINTREG(sc, ATW_CMDR); 511 PRINTREG(sc, ATW_PCIC); 512 PRINTREG(sc, ATW_PMCSR); 513 PRINTREG(sc, ATW_PAR0); 514 PRINTREG(sc, ATW_PAR1); 515 PRINTREG(sc, ATW_MAR0); 516 PRINTREG(sc, ATW_MAR1); 517 PRINTREG(sc, ATW_ATIMDA0); 518 PRINTREG(sc, ATW_ABDA1); 519 PRINTREG(sc, ATW_BSSID0); 520 PRINTREG(sc, ATW_TXLMT); 521 PRINTREG(sc, ATW_MIBCNT); 522 PRINTREG(sc, ATW_BCNT); 523 PRINTREG(sc, ATW_TSFTH); 524 PRINTREG(sc, ATW_TSC); 525 PRINTREG(sc, ATW_SYNRF); 526 PRINTREG(sc, ATW_BPLI); 527 PRINTREG(sc, ATW_CAP0); 528 PRINTREG(sc, ATW_CAP1); 529 PRINTREG(sc, ATW_RMD); 530 PRINTREG(sc, ATW_CFPP); 531 PRINTREG(sc, ATW_TOFS0); 532 PRINTREG(sc, ATW_TOFS1); 533 PRINTREG(sc, ATW_IFST); 534 PRINTREG(sc, ATW_RSPT); 535 PRINTREG(sc, ATW_TSFTL); 536 PRINTREG(sc, ATW_WEPCTL); 537 PRINTREG(sc, ATW_WESK); 538 PRINTREG(sc, ATW_WEPCNT); 539 PRINTREG(sc, ATW_MACTEST); 540 PRINTREG(sc, ATW_FER); 541 PRINTREG(sc, ATW_FEMR); 542 PRINTREG(sc, ATW_FPSR); 543 PRINTREG(sc, ATW_FFER); 544 #undef PRINTREG 545 } 546 #endif /* ATW_DEBUG */ 547 548 /* 549 * Finish attaching an ADMtek ADM8211 MAC. Called by bus-specific front-end. 550 */ 551 void 552 atw_attach(struct atw_softc *sc) 553 { 554 static const u_int8_t empty_macaddr[IEEE80211_ADDR_LEN] = { 555 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 556 }; 557 struct ieee80211com *ic = &sc->sc_ic; 558 struct ifnet *ifp = &sc->sc_if; 559 int country_code, error, i, nrate, srom_major; 560 u_int32_t reg; 561 static const char *type_strings[] = {"Intersil (not supported)", 562 "RFMD", "Marvel (not supported)"}; 563 564 sc->sc_txth = atw_txthresh_tab_lo; 565 566 SIMPLEQ_INIT(&sc->sc_txfreeq); 567 SIMPLEQ_INIT(&sc->sc_txdirtyq); 568 569 #ifdef ATW_DEBUG 570 atw_print_regs(sc, "atw_attach"); 571 #endif /* ATW_DEBUG */ 572 573 /* 574 * Allocate the control data structures, and create and load the 575 * DMA map for it. 576 */ 577 if ((error = bus_dmamem_alloc(sc->sc_dmat, 578 sizeof(struct atw_control_data), PAGE_SIZE, 0, &sc->sc_cdseg, 579 1, &sc->sc_cdnseg, 0)) != 0) { 580 printf("%s: unable to allocate control data, error = %d\n", 581 sc->sc_dev.dv_xname, error); 582 goto fail_0; 583 } 584 585 if ((error = bus_dmamem_map(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg, 586 sizeof(struct atw_control_data), (caddr_t *)&sc->sc_control_data, 587 BUS_DMA_COHERENT)) != 0) { 588 printf("%s: unable to map control data, error = %d\n", 589 sc->sc_dev.dv_xname, error); 590 goto fail_1; 591 } 592 593 if ((error = bus_dmamap_create(sc->sc_dmat, 594 sizeof(struct atw_control_data), 1, 595 sizeof(struct atw_control_data), 0, 0, &sc->sc_cddmamap)) != 0) { 596 printf("%s: unable to create control data DMA map, " 597 "error = %d\n", sc->sc_dev.dv_xname, error); 598 goto fail_2; 599 } 600 601 if ((error = bus_dmamap_load(sc->sc_dmat, sc->sc_cddmamap, 602 sc->sc_control_data, sizeof(struct atw_control_data), NULL, 603 0)) != 0) { 604 printf("%s: unable to load control data DMA map, error = %d\n", 605 sc->sc_dev.dv_xname, error); 606 goto fail_3; 607 } 608 609 /* 610 * Create the transmit buffer DMA maps. 611 */ 612 sc->sc_ntxsegs = ATW_NTXSEGS; 613 for (i = 0; i < ATW_TXQUEUELEN; i++) { 614 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 615 sc->sc_ntxsegs, MCLBYTES, 0, 0, 616 &sc->sc_txsoft[i].txs_dmamap)) != 0) { 617 printf("%s: unable to create tx DMA map %d, " 618 "error = %d\n", sc->sc_dev.dv_xname, i, error); 619 goto fail_4; 620 } 621 } 622 623 /* 624 * Create the receive buffer DMA maps. 625 */ 626 for (i = 0; i < ATW_NRXDESC; i++) { 627 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 628 MCLBYTES, 0, 0, &sc->sc_rxsoft[i].rxs_dmamap)) != 0) { 629 printf("%s: unable to create rx DMA map %d, " 630 "error = %d\n", sc->sc_dev.dv_xname, i, error); 631 goto fail_5; 632 } 633 } 634 for (i = 0; i < ATW_NRXDESC; i++) { 635 sc->sc_rxsoft[i].rxs_mbuf = NULL; 636 } 637 638 switch (sc->sc_rev) { 639 case ATW_REVISION_AB: 640 case ATW_REVISION_AF: 641 sc->sc_sramlen = ATW_SRAM_A_SIZE; 642 break; 643 case ATW_REVISION_BA: 644 case ATW_REVISION_CA: 645 sc->sc_sramlen = ATW_SRAM_B_SIZE; 646 break; 647 } 648 649 /* Reset the chip to a known state. */ 650 atw_reset(sc); 651 652 if (atw_read_srom(sc) == -1) 653 return; 654 655 sc->sc_rftype = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CSR20], 656 ATW_SR_RFTYPE_MASK); 657 658 sc->sc_bbptype = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CSR20], 659 ATW_SR_BBPTYPE_MASK); 660 661 if (sc->sc_rftype > sizeof(type_strings)/sizeof(type_strings[0])) { 662 printf("%s: unknown RF\n", sc->sc_dev.dv_xname); 663 return; 664 } 665 if (sc->sc_bbptype > sizeof(type_strings)/sizeof(type_strings[0])) { 666 printf("%s: unknown BBP\n", sc->sc_dev.dv_xname); 667 return; 668 } 669 670 printf("%s: %s RF, %s BBP", sc->sc_dev.dv_xname, 671 type_strings[sc->sc_rftype], type_strings[sc->sc_bbptype]); 672 673 /* XXX There exists a Linux driver which seems to use RFType = 0 for 674 * MARVEL. My bug, or theirs? 675 */ 676 677 reg = LSHIFT(sc->sc_rftype, ATW_SYNCTL_RFTYPE_MASK); 678 679 switch (sc->sc_rftype) { 680 case ATW_RFTYPE_INTERSIL: 681 reg |= ATW_SYNCTL_CS1; 682 break; 683 case ATW_RFTYPE_RFMD: 684 reg |= ATW_SYNCTL_CS0; 685 break; 686 case ATW_RFTYPE_MARVEL: 687 break; 688 } 689 690 sc->sc_synctl_rd = reg | ATW_SYNCTL_RD; 691 sc->sc_synctl_wr = reg | ATW_SYNCTL_WR; 692 693 reg = LSHIFT(sc->sc_bbptype, ATW_BBPCTL_TYPE_MASK); 694 695 switch (sc->sc_bbptype) { 696 case ATW_BBPTYPE_INTERSIL: 697 reg |= ATW_BBPCTL_TWI; 698 break; 699 case ATW_BBPTYPE_RFMD: 700 reg |= ATW_BBPCTL_RF3KADDR_ADDR | ATW_BBPCTL_NEGEDGE_DO | 701 ATW_BBPCTL_CCA_ACTLO; 702 break; 703 case ATW_BBPTYPE_MARVEL: 704 break; 705 case ATW_C_BBPTYPE_RFMD: 706 printf("%s: ADM8211C MAC/RFMD BBP not supported yet.\n", 707 sc->sc_dev.dv_xname); 708 break; 709 } 710 711 sc->sc_bbpctl_wr = reg | ATW_BBPCTL_WR; 712 sc->sc_bbpctl_rd = reg | ATW_BBPCTL_RD; 713 714 /* 715 * From this point forward, the attachment cannot fail. A failure 716 * before this point releases all resources that may have been 717 * allocated. 718 */ 719 sc->sc_flags |= ATWF_ATTACHED /* | ATWF_RTSCTS */; 720 721 ATW_DPRINTF((" SROM MAC %04x%04x%04x", 722 htole16(sc->sc_srom[ATW_SR_MAC00]), 723 htole16(sc->sc_srom[ATW_SR_MAC01]), 724 htole16(sc->sc_srom[ATW_SR_MAC10]))); 725 726 srom_major = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_FORMAT_VERSION], 727 ATW_SR_MAJOR_MASK); 728 729 if (srom_major < 2) 730 sc->sc_rf3000_options1 = 0; 731 else if (sc->sc_rev == ATW_REVISION_BA) { 732 sc->sc_rf3000_options1 = 733 MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CR28_CR03], 734 ATW_SR_CR28_MASK); 735 } else 736 sc->sc_rf3000_options1 = 0; 737 738 sc->sc_rf3000_options2 = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CTRY_CR29], 739 ATW_SR_CR29_MASK); 740 741 country_code = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CTRY_CR29], 742 ATW_SR_CTRY_MASK); 743 744 #define ADD_CHANNEL(_ic, _chan) do { \ 745 _ic->ic_channels[_chan].ic_flags = IEEE80211_CHAN_B; \ 746 _ic->ic_channels[_chan].ic_freq = \ 747 ieee80211_ieee2mhz(_chan, _ic->ic_channels[_chan].ic_flags);\ 748 } while (0) 749 750 /* Find available channels */ 751 switch (country_code) { 752 case COUNTRY_MMK2: /* 1-14 */ 753 ADD_CHANNEL(ic, 14); 754 /*FALLTHROUGH*/ 755 case COUNTRY_ETSI: /* 1-13 */ 756 for (i = 1; i <= 13; i++) 757 ADD_CHANNEL(ic, i); 758 break; 759 case COUNTRY_FCC: /* 1-11 */ 760 case COUNTRY_IC: /* 1-11 */ 761 for (i = 1; i <= 11; i++) 762 ADD_CHANNEL(ic, i); 763 break; 764 case COUNTRY_MMK: /* 14 */ 765 ADD_CHANNEL(ic, 14); 766 break; 767 case COUNTRY_FRANCE: /* 10-13 */ 768 for (i = 10; i <= 13; i++) 769 ADD_CHANNEL(ic, i); 770 break; 771 default: /* assume channels 10-11 */ 772 case COUNTRY_SPAIN: /* 10-11 */ 773 for (i = 10; i <= 11; i++) 774 ADD_CHANNEL(ic, i); 775 break; 776 } 777 778 /* Read the MAC address. */ 779 reg = ATW_READ(sc, ATW_PAR0); 780 ic->ic_myaddr[0] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB0_MASK); 781 ic->ic_myaddr[1] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB1_MASK); 782 ic->ic_myaddr[2] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB2_MASK); 783 ic->ic_myaddr[3] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB3_MASK); 784 reg = ATW_READ(sc, ATW_PAR1); 785 ic->ic_myaddr[4] = MASK_AND_RSHIFT(reg, ATW_PAR1_PAB4_MASK); 786 ic->ic_myaddr[5] = MASK_AND_RSHIFT(reg, ATW_PAR1_PAB5_MASK); 787 788 if (IEEE80211_ADDR_EQ(ic->ic_myaddr, empty_macaddr)) { 789 printf(" could not get mac address, attach failed\n"); 790 return; 791 } 792 793 printf(" 802.11 address %s\n", ether_sprintf(ic->ic_myaddr)); 794 795 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 796 ifp->if_softc = sc; 797 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST | 798 IFF_NOTRAILERS; 799 ifp->if_ioctl = atw_ioctl; 800 ifp->if_start = atw_start; 801 ifp->if_watchdog = atw_watchdog; 802 ifp->if_init = atw_init; 803 ifp->if_stop = atw_stop; 804 IFQ_SET_READY(&ifp->if_snd); 805 806 ic->ic_ifp = ifp; 807 ic->ic_phytype = IEEE80211_T_DS; 808 ic->ic_opmode = IEEE80211_M_STA; 809 ic->ic_caps = IEEE80211_C_PMGT | IEEE80211_C_IBSS | 810 IEEE80211_C_HOSTAP | IEEE80211_C_MONITOR; 811 812 nrate = 0; 813 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 2; 814 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 4; 815 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 11; 816 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 22; 817 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_nrates = nrate; 818 819 /* 820 * Call MI attach routines. 821 */ 822 823 if_attach(ifp); 824 ieee80211_ifattach(ic); 825 826 sc->sc_newstate = ic->ic_newstate; 827 ic->ic_newstate = atw_newstate; 828 829 sc->sc_recv_mgmt = ic->ic_recv_mgmt; 830 ic->ic_recv_mgmt = atw_recv_mgmt; 831 832 sc->sc_node_free = ic->ic_node_free; 833 ic->ic_node_free = atw_node_free; 834 835 sc->sc_node_alloc = ic->ic_node_alloc; 836 ic->ic_node_alloc = atw_node_alloc; 837 838 ic->ic_crypto.cs_key_delete = atw_key_delete; 839 ic->ic_crypto.cs_key_set = atw_key_set; 840 ic->ic_crypto.cs_key_update_begin = atw_key_update_begin; 841 ic->ic_crypto.cs_key_update_end = atw_key_update_end; 842 843 /* possibly we should fill in our own sc_send_prresp, since 844 * the ADM8211 is probably sending probe responses in ad hoc 845 * mode. 846 */ 847 848 /* complete initialization */ 849 ieee80211_media_init(ic, atw_media_change, ieee80211_media_status); 850 callout_init(&sc->sc_scan_ch); 851 852 #if NBPFILTER > 0 853 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 854 sizeof(struct ieee80211_frame) + 64, &sc->sc_radiobpf); 855 #endif 856 857 /* 858 * Make sure the interface is shutdown during reboot. 859 */ 860 sc->sc_sdhook = shutdownhook_establish(atw_shutdown, sc); 861 if (sc->sc_sdhook == NULL) 862 printf("%s: WARNING: unable to establish shutdown hook\n", 863 sc->sc_dev.dv_xname); 864 865 /* 866 * Add a suspend hook to make sure we come back up after a 867 * resume. 868 */ 869 sc->sc_powerhook = powerhook_establish(atw_power, sc); 870 if (sc->sc_powerhook == NULL) 871 printf("%s: WARNING: unable to establish power hook\n", 872 sc->sc_dev.dv_xname); 873 874 memset(&sc->sc_rxtapu, 0, sizeof(sc->sc_rxtapu)); 875 sc->sc_rxtap.ar_ihdr.it_len = sizeof(sc->sc_rxtapu); 876 sc->sc_rxtap.ar_ihdr.it_present = ATW_RX_RADIOTAP_PRESENT; 877 878 memset(&sc->sc_txtapu, 0, sizeof(sc->sc_txtapu)); 879 sc->sc_txtap.at_ihdr.it_len = sizeof(sc->sc_txtapu); 880 sc->sc_txtap.at_ihdr.it_present = ATW_TX_RADIOTAP_PRESENT; 881 882 ieee80211_announce(ic); 883 return; 884 885 /* 886 * Free any resources we've allocated during the failed attach 887 * attempt. Do this in reverse order and fall through. 888 */ 889 fail_5: 890 for (i = 0; i < ATW_NRXDESC; i++) { 891 if (sc->sc_rxsoft[i].rxs_dmamap == NULL) 892 continue; 893 bus_dmamap_destroy(sc->sc_dmat, sc->sc_rxsoft[i].rxs_dmamap); 894 } 895 fail_4: 896 for (i = 0; i < ATW_TXQUEUELEN; i++) { 897 if (sc->sc_txsoft[i].txs_dmamap == NULL) 898 continue; 899 bus_dmamap_destroy(sc->sc_dmat, sc->sc_txsoft[i].txs_dmamap); 900 } 901 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 902 fail_3: 903 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 904 fail_2: 905 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->sc_control_data, 906 sizeof(struct atw_control_data)); 907 fail_1: 908 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 909 fail_0: 910 return; 911 } 912 913 static struct ieee80211_node * 914 atw_node_alloc(struct ieee80211_node_table *nt) 915 { 916 struct atw_softc *sc = (struct atw_softc *)nt->nt_ic->ic_ifp->if_softc; 917 struct ieee80211_node *ni = (*sc->sc_node_alloc)(nt); 918 919 DPRINTF(sc, ("%s: alloc node %p\n", sc->sc_dev.dv_xname, ni)); 920 return ni; 921 } 922 923 static void 924 atw_node_free(struct ieee80211_node *ni) 925 { 926 struct atw_softc *sc = (struct atw_softc *)ni->ni_ic->ic_ifp->if_softc; 927 928 DPRINTF(sc, ("%s: freeing node %p %s\n", sc->sc_dev.dv_xname, ni, 929 ether_sprintf(ni->ni_bssid))); 930 (*sc->sc_node_free)(ni); 931 } 932 933 934 static void 935 atw_test1_reset(struct atw_softc *sc) 936 { 937 switch (sc->sc_rev) { 938 case ATW_REVISION_BA: 939 if (1 /* XXX condition on transceiver type */) { 940 ATW_SET(sc, ATW_TEST1, ATW_TEST1_TESTMODE_MONITOR); 941 } 942 break; 943 case ATW_REVISION_CA: 944 ATW_CLR(sc, ATW_TEST1, ATW_TEST1_TESTMODE_MASK); 945 break; 946 default: 947 break; 948 } 949 } 950 951 /* 952 * atw_reset: 953 * 954 * Perform a soft reset on the ADM8211. 955 */ 956 void 957 atw_reset(struct atw_softc *sc) 958 { 959 int i; 960 uint32_t lpc; 961 962 ATW_WRITE(sc, ATW_NAR, 0x0); 963 DELAY(atw_nar_delay); 964 965 /* Reference driver has a cryptic remark indicating that this might 966 * power-on the chip. I know that it turns off power-saving.... 967 */ 968 ATW_WRITE(sc, ATW_FRCTL, 0x0); 969 970 ATW_WRITE(sc, ATW_PAR, ATW_PAR_SWR); 971 972 for (i = 0; i < 50000 / atw_pseudo_milli; i++) { 973 if ((ATW_READ(sc, ATW_PAR) & ATW_PAR_SWR) == 0) 974 break; 975 DELAY(atw_pseudo_milli); 976 } 977 978 /* ... and then pause 100ms longer for good measure. */ 979 DELAY(atw_magic_delay1); 980 981 DPRINTF2(sc, ("%s: atw_reset %d iterations\n", sc->sc_dev.dv_xname, i)); 982 983 if (ATW_ISSET(sc, ATW_PAR, ATW_PAR_SWR)) 984 printf("%s: reset failed to complete\n", sc->sc_dev.dv_xname); 985 986 /* 987 * Initialize the PCI Access Register. 988 */ 989 sc->sc_busmode = ATW_PAR_PBL_8DW; 990 991 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 992 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 993 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 994 995 atw_test1_reset(sc); 996 997 /* Turn off maximum power saving, etc. */ 998 ATW_WRITE(sc, ATW_FRCTL, 0x0); 999 1000 DELAY(atw_magic_delay2); 1001 1002 /* Recall EEPROM. */ 1003 ATW_SET(sc, ATW_TEST0, ATW_TEST0_EPRLD); 1004 1005 DELAY(atw_magic_delay4); 1006 1007 lpc = ATW_READ(sc, ATW_LPC); 1008 1009 DPRINTF(sc, ("%s: ATW_LPC %#08x\n", __func__, lpc)); 1010 1011 /* A reset seems to affect the SRAM contents, so put them into 1012 * a known state. 1013 */ 1014 atw_clear_sram(sc); 1015 1016 memset(sc->sc_bssid, 0xff, sizeof(sc->sc_bssid)); 1017 } 1018 1019 static void 1020 atw_clear_sram(struct atw_softc *sc) 1021 { 1022 memset(sc->sc_sram, 0, sizeof(sc->sc_sram)); 1023 sc->sc_flags &= ~ATWF_WEP_SRAM_VALID; 1024 /* XXX not for revision 0x20. */ 1025 atw_write_sram(sc, 0, sc->sc_sram, sc->sc_sramlen); 1026 } 1027 1028 /* TBD atw_init 1029 * 1030 * set MAC based on ic->ic_bss->myaddr 1031 * write WEP keys 1032 * set TX rate 1033 */ 1034 1035 /* Tell the ADM8211 to raise ATW_INTR_LINKOFF if 7 beacon intervals pass 1036 * without receiving a beacon with the preferred BSSID & SSID. 1037 * atw_write_bssid & atw_write_ssid set the BSSID & SSID. 1038 */ 1039 static void 1040 atw_wcsr_init(struct atw_softc *sc) 1041 { 1042 uint32_t wcsr; 1043 1044 wcsr = ATW_READ(sc, ATW_WCSR); 1045 wcsr &= ~(ATW_WCSR_BLN_MASK|ATW_WCSR_LSOE|ATW_WCSR_MPRE|ATW_WCSR_LSOE); 1046 wcsr |= LSHIFT(7, ATW_WCSR_BLN_MASK); 1047 ATW_WRITE(sc, ATW_WCSR, wcsr); /* XXX resets wake-up status bits */ 1048 1049 DPRINTF(sc, ("%s: %s reg[WCSR] = %08x\n", 1050 sc->sc_dev.dv_xname, __func__, ATW_READ(sc, ATW_WCSR))); 1051 } 1052 1053 /* Turn off power management. Set Rx store-and-forward mode. */ 1054 static void 1055 atw_cmdr_init(struct atw_softc *sc) 1056 { 1057 uint32_t cmdr; 1058 cmdr = ATW_READ(sc, ATW_CMDR); 1059 cmdr &= ~ATW_CMDR_APM; 1060 cmdr |= ATW_CMDR_RTE; 1061 cmdr &= ~ATW_CMDR_DRT_MASK; 1062 cmdr |= ATW_CMDR_DRT_SF; 1063 1064 ATW_WRITE(sc, ATW_CMDR, cmdr); 1065 } 1066 1067 static void 1068 atw_tofs2_init(struct atw_softc *sc) 1069 { 1070 uint32_t tofs2; 1071 /* XXX this magic can probably be figured out from the RFMD docs */ 1072 #ifndef ATW_REFSLAVE 1073 tofs2 = LSHIFT(4, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 1074 LSHIFT(13, ATW_TOFS2_PWR0PAPE_MASK) | /* 13 us */ 1075 LSHIFT(8, ATW_TOFS2_PWR1PAPE_MASK) | /* 8 us */ 1076 LSHIFT(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 1077 LSHIFT(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 1078 LSHIFT(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 1079 LSHIFT(4, ATW_TOFS2_PWR1PE2_MASK) | /* 4 us */ 1080 LSHIFT(5, ATW_TOFS2_PWR0TXPE_MASK); /* 5 us */ 1081 #else 1082 /* XXX new magic from reference driver source */ 1083 tofs2 = LSHIFT(8, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 1084 LSHIFT(8, ATW_TOFS2_PWR0PAPE_MASK) | /* 13 us */ 1085 LSHIFT(1, ATW_TOFS2_PWR1PAPE_MASK) | /* 8 us */ 1086 LSHIFT(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 1087 LSHIFT(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 1088 LSHIFT(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 1089 LSHIFT(1, ATW_TOFS2_PWR1PE2_MASK) | /* 4 us */ 1090 LSHIFT(8, ATW_TOFS2_PWR0TXPE_MASK); /* 5 us */ 1091 #endif 1092 ATW_WRITE(sc, ATW_TOFS2, tofs2); 1093 } 1094 1095 static void 1096 atw_nar_init(struct atw_softc *sc) 1097 { 1098 ATW_WRITE(sc, ATW_NAR, ATW_NAR_SF|ATW_NAR_PB); 1099 } 1100 1101 static void 1102 atw_txlmt_init(struct atw_softc *sc) 1103 { 1104 ATW_WRITE(sc, ATW_TXLMT, LSHIFT(512, ATW_TXLMT_MTMLT_MASK) | 1105 LSHIFT(1, ATW_TXLMT_SRTYLIM_MASK)); 1106 } 1107 1108 static void 1109 atw_test1_init(struct atw_softc *sc) 1110 { 1111 uint32_t test1; 1112 1113 test1 = ATW_READ(sc, ATW_TEST1); 1114 test1 &= ~(ATW_TEST1_DBGREAD_MASK|ATW_TEST1_CONTROL); 1115 /* XXX magic 0x1 */ 1116 test1 |= LSHIFT(0x1, ATW_TEST1_DBGREAD_MASK) | ATW_TEST1_CONTROL; 1117 ATW_WRITE(sc, ATW_TEST1, test1); 1118 } 1119 1120 static void 1121 atw_rf_reset(struct atw_softc *sc) 1122 { 1123 /* XXX this resets an Intersil RF front-end? */ 1124 /* TBD condition on Intersil RFType? */ 1125 ATW_WRITE(sc, ATW_SYNRF, ATW_SYNRF_INTERSIL_EN); 1126 DELAY(atw_rf_delay1); 1127 ATW_WRITE(sc, ATW_SYNRF, 0); 1128 DELAY(atw_rf_delay2); 1129 } 1130 1131 /* Set 16 TU max duration for the contention-free period (CFP). */ 1132 static void 1133 atw_cfp_init(struct atw_softc *sc) 1134 { 1135 uint32_t cfpp; 1136 1137 cfpp = ATW_READ(sc, ATW_CFPP); 1138 cfpp &= ~ATW_CFPP_CFPMD; 1139 cfpp |= LSHIFT(16, ATW_CFPP_CFPMD); 1140 ATW_WRITE(sc, ATW_CFPP, cfpp); 1141 } 1142 1143 static void 1144 atw_tofs0_init(struct atw_softc *sc) 1145 { 1146 /* XXX I guess that the Cardbus clock is 22MHz? 1147 * I am assuming that the role of ATW_TOFS0_USCNT is 1148 * to divide the bus clock to get a 1MHz clock---the datasheet is not 1149 * very clear on this point. It says in the datasheet that it is 1150 * possible for the ADM8211 to accomodate bus speeds between 22MHz 1151 * and 33MHz; maybe this is the way? I see a binary-only driver write 1152 * these values. These values are also the power-on default. 1153 */ 1154 ATW_WRITE(sc, ATW_TOFS0, 1155 LSHIFT(22, ATW_TOFS0_USCNT_MASK) | 1156 ATW_TOFS0_TUCNT_MASK /* set all bits in TUCNT */); 1157 } 1158 1159 /* Initialize interframe spacing: 802.11b slot time, SIFS, DIFS, EIFS. */ 1160 static void 1161 atw_ifs_init(struct atw_softc *sc) 1162 { 1163 uint32_t ifst; 1164 /* XXX EIFS=0x64, SIFS=110 are used by the reference driver. 1165 * Go figure. 1166 */ 1167 ifst = LSHIFT(IEEE80211_DUR_DS_SLOT, ATW_IFST_SLOT_MASK) | 1168 LSHIFT(22 * 5 /* IEEE80211_DUR_DS_SIFS */ /* # of 22MHz cycles */, 1169 ATW_IFST_SIFS_MASK) | 1170 LSHIFT(IEEE80211_DUR_DS_DIFS, ATW_IFST_DIFS_MASK) | 1171 LSHIFT(0x64 /* IEEE80211_DUR_DS_EIFS */, ATW_IFST_EIFS_MASK); 1172 1173 ATW_WRITE(sc, ATW_IFST, ifst); 1174 } 1175 1176 static void 1177 atw_response_times_init(struct atw_softc *sc) 1178 { 1179 /* XXX More magic. Relates to ACK timing? The datasheet seems to 1180 * indicate that the MAC expects at least SIFS + MIRT microseconds 1181 * to pass after it transmits a frame that requires a response; 1182 * it waits at most SIFS + MART microseconds for the response. 1183 * Surely this is not the ACK timeout? 1184 */ 1185 ATW_WRITE(sc, ATW_RSPT, LSHIFT(0xffff, ATW_RSPT_MART_MASK) | 1186 LSHIFT(0xff, ATW_RSPT_MIRT_MASK)); 1187 } 1188 1189 /* Set up the MMI read/write addresses for the baseband. The Tx/Rx 1190 * engines read and write baseband registers after Rx and before 1191 * Tx, respectively. 1192 */ 1193 static void 1194 atw_bbp_io_init(struct atw_softc *sc) 1195 { 1196 uint32_t mmiraddr2; 1197 1198 /* XXX The reference driver does this, but is it *really* 1199 * necessary? 1200 */ 1201 switch (sc->sc_rev) { 1202 case ATW_REVISION_AB: 1203 case ATW_REVISION_AF: 1204 mmiraddr2 = 0x0; 1205 break; 1206 default: 1207 mmiraddr2 = ATW_READ(sc, ATW_MMIRADDR2); 1208 mmiraddr2 &= 1209 ~(ATW_MMIRADDR2_PROREXT|ATW_MMIRADDR2_PRORLEN_MASK); 1210 break; 1211 } 1212 1213 switch (sc->sc_bbptype) { 1214 case ATW_BBPTYPE_INTERSIL: 1215 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_INTERSIL); 1216 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_INTERSIL); 1217 mmiraddr2 |= ATW_MMIRADDR2_INTERSIL; 1218 break; 1219 case ATW_BBPTYPE_MARVEL: 1220 /* TBD find out the Marvel settings. */ 1221 break; 1222 case ATW_BBPTYPE_RFMD: 1223 default: 1224 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_RFMD); 1225 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_RFMD); 1226 mmiraddr2 |= ATW_MMIRADDR2_RFMD; 1227 break; 1228 } 1229 ATW_WRITE(sc, ATW_MMIRADDR2, mmiraddr2); 1230 ATW_WRITE(sc, ATW_MACTEST, ATW_MACTEST_MMI_USETXCLK); 1231 } 1232 1233 /* 1234 * atw_init: [ ifnet interface function ] 1235 * 1236 * Initialize the interface. Must be called at splnet(). 1237 */ 1238 int 1239 atw_init(struct ifnet *ifp) 1240 { 1241 struct atw_softc *sc = ifp->if_softc; 1242 struct ieee80211com *ic = &sc->sc_ic; 1243 struct atw_txsoft *txs; 1244 struct atw_rxsoft *rxs; 1245 int i, error = 0; 1246 1247 if ((error = atw_enable(sc)) != 0) 1248 goto out; 1249 1250 /* 1251 * Cancel any pending I/O. This also resets. 1252 */ 1253 atw_stop(ifp, 0); 1254 1255 DPRINTF(sc, ("%s: channel %d freq %d flags 0x%04x\n", 1256 __func__, ieee80211_chan2ieee(ic, ic->ic_curchan), 1257 ic->ic_curchan->ic_freq, ic->ic_curchan->ic_flags)); 1258 1259 atw_wcsr_init(sc); 1260 1261 atw_cmdr_init(sc); 1262 1263 /* Set data rate for PLCP Signal field, 1Mbps = 10 x 100Kb/s. 1264 * 1265 * XXX Set transmit power for ATIM, RTS, Beacon. 1266 */ 1267 ATW_WRITE(sc, ATW_PLCPHD, LSHIFT(10, ATW_PLCPHD_SIGNAL_MASK) | 1268 LSHIFT(0xb0, ATW_PLCPHD_SERVICE_MASK)); 1269 1270 atw_tofs2_init(sc); 1271 1272 atw_nar_init(sc); 1273 1274 atw_txlmt_init(sc); 1275 1276 atw_test1_init(sc); 1277 1278 atw_rf_reset(sc); 1279 1280 atw_cfp_init(sc); 1281 1282 atw_tofs0_init(sc); 1283 1284 atw_ifs_init(sc); 1285 1286 /* XXX Fall asleep after one second of inactivity. 1287 * XXX A frame may only dribble in for 65536us. 1288 */ 1289 ATW_WRITE(sc, ATW_RMD, 1290 LSHIFT(1, ATW_RMD_PCNT) | LSHIFT(0xffff, ATW_RMD_RMRD_MASK)); 1291 1292 atw_response_times_init(sc); 1293 1294 atw_bbp_io_init(sc); 1295 1296 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1297 1298 if ((error = atw_rf3000_init(sc)) != 0) 1299 goto out; 1300 1301 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 1302 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 1303 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 1304 1305 /* 1306 * Initialize the transmit descriptor ring. 1307 */ 1308 memset(sc->sc_txdescs, 0, sizeof(sc->sc_txdescs)); 1309 for (i = 0; i < ATW_NTXDESC; i++) { 1310 sc->sc_txdescs[i].at_ctl = 0; 1311 /* no transmit chaining */ 1312 sc->sc_txdescs[i].at_flags = 0 /* ATW_TXFLAG_TCH */; 1313 sc->sc_txdescs[i].at_buf2 = 1314 htole32(ATW_CDTXADDR(sc, ATW_NEXTTX(i))); 1315 } 1316 /* use ring mode */ 1317 sc->sc_txdescs[ATW_NTXDESC - 1].at_flags |= htole32(ATW_TXFLAG_TER); 1318 ATW_CDTXSYNC(sc, 0, ATW_NTXDESC, 1319 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 1320 sc->sc_txfree = ATW_NTXDESC; 1321 sc->sc_txnext = 0; 1322 1323 /* 1324 * Initialize the transmit job descriptors. 1325 */ 1326 SIMPLEQ_INIT(&sc->sc_txfreeq); 1327 SIMPLEQ_INIT(&sc->sc_txdirtyq); 1328 for (i = 0; i < ATW_TXQUEUELEN; i++) { 1329 txs = &sc->sc_txsoft[i]; 1330 txs->txs_mbuf = NULL; 1331 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 1332 } 1333 1334 /* 1335 * Initialize the receive descriptor and receive job 1336 * descriptor rings. 1337 */ 1338 for (i = 0; i < ATW_NRXDESC; i++) { 1339 rxs = &sc->sc_rxsoft[i]; 1340 if (rxs->rxs_mbuf == NULL) { 1341 if ((error = atw_add_rxbuf(sc, i)) != 0) { 1342 printf("%s: unable to allocate or map rx " 1343 "buffer %d, error = %d\n", 1344 sc->sc_dev.dv_xname, i, error); 1345 /* 1346 * XXX Should attempt to run with fewer receive 1347 * XXX buffers instead of just failing. 1348 */ 1349 atw_rxdrain(sc); 1350 goto out; 1351 } 1352 } else 1353 ATW_INIT_RXDESC(sc, i); 1354 } 1355 sc->sc_rxptr = 0; 1356 1357 /* 1358 * Initialize the interrupt mask and enable interrupts. 1359 */ 1360 /* normal interrupts */ 1361 sc->sc_inten = ATW_INTR_TCI | ATW_INTR_TDU | ATW_INTR_RCI | 1362 ATW_INTR_NISS | ATW_INTR_LINKON | ATW_INTR_BCNTC; 1363 1364 /* abnormal interrupts */ 1365 sc->sc_inten |= ATW_INTR_TPS | ATW_INTR_TLT | ATW_INTR_TRT | 1366 ATW_INTR_TUF | ATW_INTR_RDU | ATW_INTR_RPS | ATW_INTR_AISS | 1367 ATW_INTR_FBE | ATW_INTR_LINKOFF | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1368 1369 sc->sc_linkint_mask = ATW_INTR_LINKON | ATW_INTR_LINKOFF | 1370 ATW_INTR_BCNTC | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1371 sc->sc_rxint_mask = ATW_INTR_RCI | ATW_INTR_RDU; 1372 sc->sc_txint_mask = ATW_INTR_TCI | ATW_INTR_TUF | ATW_INTR_TLT | 1373 ATW_INTR_TRT; 1374 1375 sc->sc_linkint_mask &= sc->sc_inten; 1376 sc->sc_rxint_mask &= sc->sc_inten; 1377 sc->sc_txint_mask &= sc->sc_inten; 1378 1379 ATW_WRITE(sc, ATW_IER, sc->sc_inten); 1380 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1381 1382 DPRINTF(sc, ("%s: ATW_IER %08x, inten %08x\n", 1383 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_IER), sc->sc_inten)); 1384 1385 /* 1386 * Give the transmit and receive rings to the ADM8211. 1387 */ 1388 ATW_WRITE(sc, ATW_RDB, ATW_CDRXADDR(sc, sc->sc_rxptr)); 1389 ATW_WRITE(sc, ATW_TDBD, ATW_CDTXADDR(sc, sc->sc_txnext)); 1390 1391 sc->sc_txthresh = 0; 1392 sc->sc_opmode = ATW_NAR_SR | ATW_NAR_ST | 1393 sc->sc_txth[sc->sc_txthresh].txth_opmode; 1394 1395 /* common 802.11 configuration */ 1396 ic->ic_flags &= ~IEEE80211_F_IBSSON; 1397 switch (ic->ic_opmode) { 1398 case IEEE80211_M_STA: 1399 break; 1400 case IEEE80211_M_AHDEMO: /* XXX */ 1401 case IEEE80211_M_IBSS: 1402 ic->ic_flags |= IEEE80211_F_IBSSON; 1403 /*FALLTHROUGH*/ 1404 case IEEE80211_M_HOSTAP: /* XXX */ 1405 break; 1406 case IEEE80211_M_MONITOR: /* XXX */ 1407 break; 1408 } 1409 1410 switch (ic->ic_opmode) { 1411 case IEEE80211_M_AHDEMO: 1412 case IEEE80211_M_HOSTAP: 1413 #ifndef IEEE80211_NO_HOSTAP 1414 ic->ic_bss->ni_intval = ic->ic_lintval; 1415 ic->ic_bss->ni_rssi = 0; 1416 ic->ic_bss->ni_rstamp = 0; 1417 #endif /* !IEEE80211_NO_HOSTAP */ 1418 break; 1419 default: /* XXX */ 1420 break; 1421 } 1422 1423 sc->sc_wepctl = 0; 1424 1425 atw_write_ssid(sc); 1426 atw_write_sup_rates(sc); 1427 atw_write_wep(sc); 1428 1429 ic->ic_state = IEEE80211_S_INIT; 1430 1431 /* 1432 * Set the receive filter. This will start the transmit and 1433 * receive processes. 1434 */ 1435 atw_filter_setup(sc); 1436 1437 /* 1438 * Start the receive process. 1439 */ 1440 ATW_WRITE(sc, ATW_RDR, 0x1); 1441 1442 /* 1443 * Note that the interface is now running. 1444 */ 1445 ifp->if_flags |= IFF_RUNNING; 1446 ifp->if_flags &= ~IFF_OACTIVE; 1447 1448 /* send no beacons, yet. */ 1449 atw_start_beacon(sc, 0); 1450 1451 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1452 error = ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1453 else 1454 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1455 out: 1456 if (error) { 1457 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1458 sc->sc_tx_timer = 0; 1459 ifp->if_timer = 0; 1460 printf("%s: interface not running\n", sc->sc_dev.dv_xname); 1461 } 1462 #ifdef ATW_DEBUG 1463 atw_print_regs(sc, "end of init"); 1464 #endif /* ATW_DEBUG */ 1465 1466 return (error); 1467 } 1468 1469 /* enable == 1: host control of RF3000/Si4126 through ATW_SYNCTL. 1470 * 0: MAC control of RF3000/Si4126. 1471 * 1472 * Applies power, or selects RF front-end? Sets reset condition. 1473 * 1474 * TBD support non-RFMD BBP, non-SiLabs synth. 1475 */ 1476 static void 1477 atw_bbp_io_enable(struct atw_softc *sc, int enable) 1478 { 1479 if (enable) { 1480 ATW_WRITE(sc, ATW_SYNRF, 1481 ATW_SYNRF_SELRF|ATW_SYNRF_PE1|ATW_SYNRF_PHYRST); 1482 DELAY(atw_bbp_io_enable_delay); 1483 } else { 1484 ATW_WRITE(sc, ATW_SYNRF, 0); 1485 DELAY(atw_bbp_io_disable_delay); /* shorter for some reason */ 1486 } 1487 } 1488 1489 static int 1490 atw_tune(struct atw_softc *sc) 1491 { 1492 int rc; 1493 u_int chan; 1494 struct ieee80211com *ic = &sc->sc_ic; 1495 1496 chan = ieee80211_chan2ieee(ic, ic->ic_curchan); 1497 if (chan == IEEE80211_CHAN_ANY) 1498 panic("%s: chan == IEEE80211_CHAN_ANY\n", __func__); 1499 1500 if (chan == sc->sc_cur_chan) 1501 return 0; 1502 1503 DPRINTF(sc, ("%s: chan %d -> %d\n", sc->sc_dev.dv_xname, 1504 sc->sc_cur_chan, chan)); 1505 1506 atw_idle(sc, ATW_NAR_SR|ATW_NAR_ST); 1507 1508 atw_si4126_tune(sc, chan); 1509 if ((rc = atw_rf3000_tune(sc, chan)) != 0) 1510 printf("%s: failed to tune channel %d\n", sc->sc_dev.dv_xname, 1511 chan); 1512 1513 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 1514 DELAY(atw_nar_delay); 1515 ATW_WRITE(sc, ATW_RDR, 0x1); 1516 1517 if (rc == 0) 1518 sc->sc_cur_chan = chan; 1519 1520 return rc; 1521 } 1522 1523 #ifdef ATW_SYNDEBUG 1524 static void 1525 atw_si4126_print(struct atw_softc *sc) 1526 { 1527 struct ifnet *ifp = &sc->sc_if; 1528 u_int addr, val; 1529 1530 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1531 return; 1532 1533 for (addr = 0; addr <= 8; addr++) { 1534 printf("%s: synth[%d] = ", sc->sc_dev.dv_xname, addr); 1535 if (atw_si4126_read(sc, addr, &val) == 0) { 1536 printf("<unknown> (quitting print-out)\n"); 1537 break; 1538 } 1539 printf("%05x\n", val); 1540 } 1541 } 1542 #endif /* ATW_SYNDEBUG */ 1543 1544 /* Tune to channel chan by adjusting the Si4126 RF/IF synthesizer. 1545 * 1546 * The RF/IF synthesizer produces two reference frequencies for 1547 * the RF2948B transceiver. The first frequency the RF2948B requires 1548 * is two times the so-called "intermediate frequency" (IF). Since 1549 * a SAW filter on the radio fixes the IF at 374MHz, I program the 1550 * Si4126 to generate IF LO = 374MHz x 2 = 748MHz. The second 1551 * frequency required by the transceiver is the radio frequency 1552 * (RF). This is a superheterodyne transceiver; for f(chan) the 1553 * center frequency of the channel we are tuning, RF = f(chan) - 1554 * IF. 1555 * 1556 * XXX I am told by SiLabs that the Si4126 will accept a broader range 1557 * of XIN than the 2-25MHz mentioned by the datasheet, even *without* 1558 * XINDIV2 = 1. I've tried this (it is necessary to double R) and it 1559 * works, but I have still programmed for XINDIV2 = 1 to be safe. 1560 */ 1561 static void 1562 atw_si4126_tune(struct atw_softc *sc, u_int chan) 1563 { 1564 u_int mhz; 1565 u_int R; 1566 u_int32_t gpio; 1567 u_int16_t gain; 1568 1569 #ifdef ATW_SYNDEBUG 1570 atw_si4126_print(sc); 1571 #endif /* ATW_SYNDEBUG */ 1572 1573 if (chan == 14) 1574 mhz = 2484; 1575 else 1576 mhz = 2412 + 5 * (chan - 1); 1577 1578 /* Tune IF to 748MHz to suit the IF LO input of the 1579 * RF2494B, which is 2 x IF. No need to set an IF divider 1580 * because an IF in 526MHz - 952MHz is allowed. 1581 * 1582 * XIN is 44.000MHz, so divide it by two to get allowable 1583 * range of 2-25MHz. SiLabs tells me that this is not 1584 * strictly necessary. 1585 */ 1586 1587 if (atw_xindiv2) 1588 R = 44; 1589 else 1590 R = 88; 1591 1592 /* Power-up RF, IF synthesizers. */ 1593 atw_si4126_write(sc, SI4126_POWER, 1594 SI4126_POWER_PDIB|SI4126_POWER_PDRB); 1595 1596 /* set LPWR, too? */ 1597 atw_si4126_write(sc, SI4126_MAIN, 1598 (atw_xindiv2) ? SI4126_MAIN_XINDIV2 : 0); 1599 1600 /* Set the phase-locked loop gain. If RF2 N > 2047, then 1601 * set KP2 to 1. 1602 * 1603 * REFDIF This is different from the reference driver, which 1604 * always sets SI4126_GAIN to 0. 1605 */ 1606 gain = LSHIFT(((mhz - 374) > 2047) ? 1 : 0, SI4126_GAIN_KP2_MASK); 1607 1608 atw_si4126_write(sc, SI4126_GAIN, gain); 1609 1610 /* XIN = 44MHz. 1611 * 1612 * If XINDIV2 = 1, IF = N/(2 * R) * XIN. I choose N = 1496, 1613 * R = 44 so that 1496/(2 * 44) * 44MHz = 748MHz. 1614 * 1615 * If XINDIV2 = 0, IF = N/R * XIN. I choose N = 1496, R = 88 1616 * so that 1496/88 * 44MHz = 748MHz. 1617 */ 1618 atw_si4126_write(sc, SI4126_IFN, 1496); 1619 1620 atw_si4126_write(sc, SI4126_IFR, R); 1621 1622 #ifndef ATW_REFSLAVE 1623 /* Set RF1 arbitrarily. DO NOT configure RF1 after RF2, because 1624 * then RF1 becomes the active RF synthesizer, even on the Si4126, 1625 * which has no RF1! 1626 */ 1627 atw_si4126_write(sc, SI4126_RF1R, R); 1628 1629 atw_si4126_write(sc, SI4126_RF1N, mhz - 374); 1630 #endif 1631 1632 /* N/R * XIN = RF. XIN = 44MHz. We desire RF = mhz - IF, 1633 * where IF = 374MHz. Let's divide XIN to 1MHz. So R = 44. 1634 * Now let's multiply it to mhz. So mhz - IF = N. 1635 */ 1636 atw_si4126_write(sc, SI4126_RF2R, R); 1637 1638 atw_si4126_write(sc, SI4126_RF2N, mhz - 374); 1639 1640 /* wait 100us from power-up for RF, IF to settle */ 1641 DELAY(100); 1642 1643 gpio = ATW_READ(sc, ATW_GPIO); 1644 gpio &= ~(ATW_GPIO_EN_MASK|ATW_GPIO_O_MASK|ATW_GPIO_I_MASK); 1645 gpio |= LSHIFT(1, ATW_GPIO_EN_MASK); 1646 1647 if ((sc->sc_if.if_flags & IFF_LINK1) != 0 && chan != 14) { 1648 /* Set a Prism RF front-end to a special mode for channel 14? 1649 * 1650 * Apparently the SMC2635W needs this, although I don't think 1651 * it has a Prism RF. 1652 */ 1653 gpio |= LSHIFT(1, ATW_GPIO_O_MASK); 1654 } 1655 ATW_WRITE(sc, ATW_GPIO, gpio); 1656 1657 #ifdef ATW_SYNDEBUG 1658 atw_si4126_print(sc); 1659 #endif /* ATW_SYNDEBUG */ 1660 } 1661 1662 /* Baseline initialization of RF3000 BBP: set CCA mode and enable antenna 1663 * diversity. 1664 * 1665 * !!! 1666 * !!! Call this w/ Tx/Rx suspended, atw_idle(, ATW_NAR_ST|ATW_NAR_SR). 1667 * !!! 1668 */ 1669 static int 1670 atw_rf3000_init(struct atw_softc *sc) 1671 { 1672 int rc = 0; 1673 1674 atw_bbp_io_enable(sc, 1); 1675 1676 /* CCA is acquisition sensitive */ 1677 rc = atw_rf3000_write(sc, RF3000_CCACTL, 1678 LSHIFT(RF3000_CCACTL_MODE_BOTH, RF3000_CCACTL_MODE_MASK)); 1679 1680 if (rc != 0) 1681 goto out; 1682 1683 /* enable diversity */ 1684 rc = atw_rf3000_write(sc, RF3000_DIVCTL, RF3000_DIVCTL_ENABLE); 1685 1686 if (rc != 0) 1687 goto out; 1688 1689 /* sensible setting from a binary-only driver */ 1690 rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1691 LSHIFT(0x1d, RF3000_GAINCTL_TXVGC_MASK)); 1692 1693 if (rc != 0) 1694 goto out; 1695 1696 /* magic from a binary-only driver */ 1697 rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, 1698 LSHIFT(0x38, RF3000_LOGAINCAL_CAL_MASK)); 1699 1700 if (rc != 0) 1701 goto out; 1702 1703 rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, RF3000_HIGAINCAL_DSSSPAD); 1704 1705 if (rc != 0) 1706 goto out; 1707 1708 /* XXX Reference driver remarks that Abocom sets this to 50. 1709 * Meaning 0x50, I think.... 50 = 0x32, which would set a bit 1710 * in the "reserved" area of register RF3000_OPTIONS1. 1711 */ 1712 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, sc->sc_rf3000_options1); 1713 1714 if (rc != 0) 1715 goto out; 1716 1717 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, sc->sc_rf3000_options2); 1718 1719 if (rc != 0) 1720 goto out; 1721 1722 out: 1723 atw_bbp_io_enable(sc, 0); 1724 return rc; 1725 } 1726 1727 #ifdef ATW_BBPDEBUG 1728 static void 1729 atw_rf3000_print(struct atw_softc *sc) 1730 { 1731 struct ifnet *ifp = &sc->sc_if; 1732 u_int addr, val; 1733 1734 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1735 return; 1736 1737 for (addr = 0x01; addr <= 0x15; addr++) { 1738 printf("%s: bbp[%d] = \n", sc->sc_dev.dv_xname, addr); 1739 if (atw_rf3000_read(sc, addr, &val) != 0) { 1740 printf("<unknown> (quitting print-out)\n"); 1741 break; 1742 } 1743 printf("%08x\n", val); 1744 } 1745 } 1746 #endif /* ATW_BBPDEBUG */ 1747 1748 /* Set the power settings on the BBP for channel `chan'. */ 1749 static int 1750 atw_rf3000_tune(struct atw_softc *sc, u_int chan) 1751 { 1752 int rc = 0; 1753 u_int32_t reg; 1754 u_int16_t txpower, lpf_cutoff, lna_gs_thresh; 1755 1756 txpower = sc->sc_srom[ATW_SR_TXPOWER(chan)]; 1757 lpf_cutoff = sc->sc_srom[ATW_SR_LPF_CUTOFF(chan)]; 1758 lna_gs_thresh = sc->sc_srom[ATW_SR_LNA_GS_THRESH(chan)]; 1759 1760 /* odd channels: LSB, even channels: MSB */ 1761 if (chan % 2 == 1) { 1762 txpower &= 0xFF; 1763 lpf_cutoff &= 0xFF; 1764 lna_gs_thresh &= 0xFF; 1765 } else { 1766 txpower >>= 8; 1767 lpf_cutoff >>= 8; 1768 lna_gs_thresh >>= 8; 1769 } 1770 1771 #ifdef ATW_BBPDEBUG 1772 atw_rf3000_print(sc); 1773 #endif /* ATW_BBPDEBUG */ 1774 1775 DPRINTF(sc, ("%s: chan %d txpower %02x, lpf_cutoff %02x, " 1776 "lna_gs_thresh %02x\n", 1777 sc->sc_dev.dv_xname, chan, txpower, lpf_cutoff, lna_gs_thresh)); 1778 1779 atw_bbp_io_enable(sc, 1); 1780 1781 if ((rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1782 LSHIFT(txpower, RF3000_GAINCTL_TXVGC_MASK))) != 0) 1783 goto out; 1784 1785 if ((rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, lpf_cutoff)) != 0) 1786 goto out; 1787 1788 if ((rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, lna_gs_thresh)) != 0) 1789 goto out; 1790 1791 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, 0x0); 1792 1793 if (rc != 0) 1794 goto out; 1795 1796 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, RF3000_OPTIONS2_LNAGS_DELAY); 1797 1798 if (rc != 0) 1799 goto out; 1800 1801 #ifdef ATW_BBPDEBUG 1802 atw_rf3000_print(sc); 1803 #endif /* ATW_BBPDEBUG */ 1804 1805 out: 1806 atw_bbp_io_enable(sc, 0); 1807 1808 /* set beacon, rts, atim transmit power */ 1809 reg = ATW_READ(sc, ATW_PLCPHD); 1810 reg &= ~ATW_PLCPHD_SERVICE_MASK; 1811 reg |= LSHIFT(LSHIFT(txpower, RF3000_GAINCTL_TXVGC_MASK), 1812 ATW_PLCPHD_SERVICE_MASK); 1813 ATW_WRITE(sc, ATW_PLCPHD, reg); 1814 DELAY(atw_plcphd_delay); 1815 1816 return rc; 1817 } 1818 1819 /* Write a register on the RF3000 baseband processor using the 1820 * registers provided by the ADM8211 for this purpose. 1821 * 1822 * Return 0 on success. 1823 */ 1824 static int 1825 atw_rf3000_write(struct atw_softc *sc, u_int addr, u_int val) 1826 { 1827 u_int32_t reg; 1828 int i; 1829 1830 reg = sc->sc_bbpctl_wr | 1831 LSHIFT(val & 0xff, ATW_BBPCTL_DATA_MASK) | 1832 LSHIFT(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1833 1834 for (i = 20000 / atw_pseudo_milli; --i >= 0; ) { 1835 ATW_WRITE(sc, ATW_BBPCTL, reg); 1836 DELAY(2 * atw_pseudo_milli); 1837 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_WR) == 0) 1838 break; 1839 } 1840 1841 if (i < 0) { 1842 printf("%s: BBPCTL still busy\n", sc->sc_dev.dv_xname); 1843 return ETIMEDOUT; 1844 } 1845 return 0; 1846 } 1847 1848 /* Read a register on the RF3000 baseband processor using the registers 1849 * the ADM8211 provides for this purpose. 1850 * 1851 * The 7-bit register address is addr. Record the 8-bit data in the register 1852 * in *val. 1853 * 1854 * Return 0 on success. 1855 * 1856 * XXX This does not seem to work. The ADM8211 must require more or 1857 * different magic to read the chip than to write it. Possibly some 1858 * of the magic I have derived from a binary-only driver concerns 1859 * the "chip address" (see the RF3000 manual). 1860 */ 1861 #ifdef ATW_BBPDEBUG 1862 static int 1863 atw_rf3000_read(struct atw_softc *sc, u_int addr, u_int *val) 1864 { 1865 u_int32_t reg; 1866 int i; 1867 1868 for (i = 1000; --i >= 0; ) { 1869 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD|ATW_BBPCTL_WR) == 0) 1870 break; 1871 DELAY(100); 1872 } 1873 1874 if (i < 0) { 1875 printf("%s: start atw_rf3000_read, BBPCTL busy\n", 1876 sc->sc_dev.dv_xname); 1877 return ETIMEDOUT; 1878 } 1879 1880 reg = sc->sc_bbpctl_rd | LSHIFT(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1881 1882 ATW_WRITE(sc, ATW_BBPCTL, reg); 1883 1884 for (i = 1000; --i >= 0; ) { 1885 DELAY(100); 1886 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD) == 0) 1887 break; 1888 } 1889 1890 ATW_CLR(sc, ATW_BBPCTL, ATW_BBPCTL_RD); 1891 1892 if (i < 0) { 1893 printf("%s: atw_rf3000_read wrote %08x; BBPCTL still busy\n", 1894 sc->sc_dev.dv_xname, reg); 1895 return ETIMEDOUT; 1896 } 1897 if (val != NULL) 1898 *val = MASK_AND_RSHIFT(reg, ATW_BBPCTL_DATA_MASK); 1899 return 0; 1900 } 1901 #endif /* ATW_BBPDEBUG */ 1902 1903 /* Write a register on the Si4126 RF/IF synthesizer using the registers 1904 * provided by the ADM8211 for that purpose. 1905 * 1906 * val is 18 bits of data, and val is the 4-bit address of the register. 1907 * 1908 * Return 0 on success. 1909 */ 1910 static void 1911 atw_si4126_write(struct atw_softc *sc, u_int addr, u_int val) 1912 { 1913 uint32_t bits, mask, reg; 1914 const int nbits = 22; 1915 1916 KASSERT((addr & ~PRESHIFT(SI4126_TWI_ADDR_MASK)) == 0); 1917 KASSERT((val & ~PRESHIFT(SI4126_TWI_DATA_MASK)) == 0); 1918 1919 bits = LSHIFT(val, SI4126_TWI_DATA_MASK) | 1920 LSHIFT(addr, SI4126_TWI_ADDR_MASK); 1921 1922 reg = ATW_SYNRF_SELSYN; 1923 /* reference driver: reset Si4126 serial bus to initial 1924 * conditions? 1925 */ 1926 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_LEIF); 1927 ATW_WRITE(sc, ATW_SYNRF, reg); 1928 1929 for (mask = BIT(nbits - 1); mask != 0; mask >>= 1) { 1930 if ((bits & mask) != 0) 1931 reg |= ATW_SYNRF_SYNDATA; 1932 else 1933 reg &= ~ATW_SYNRF_SYNDATA; 1934 ATW_WRITE(sc, ATW_SYNRF, reg); 1935 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_SYNCLK); 1936 ATW_WRITE(sc, ATW_SYNRF, reg); 1937 } 1938 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_LEIF); 1939 ATW_WRITE(sc, ATW_SYNRF, 0x0); 1940 } 1941 1942 /* Read 18-bit data from the 4-bit address addr in Si4126 1943 * RF synthesizer and write the data to *val. Return 0 on success. 1944 * 1945 * XXX This does not seem to work. The ADM8211 must require more or 1946 * different magic to read the chip than to write it. 1947 */ 1948 #ifdef ATW_SYNDEBUG 1949 static int 1950 atw_si4126_read(struct atw_softc *sc, u_int addr, u_int *val) 1951 { 1952 u_int32_t reg; 1953 int i; 1954 1955 KASSERT((addr & ~PRESHIFT(SI4126_TWI_ADDR_MASK)) == 0); 1956 1957 for (i = 1000; --i >= 0; ) { 1958 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD|ATW_SYNCTL_WR) == 0) 1959 break; 1960 DELAY(100); 1961 } 1962 1963 if (i < 0) { 1964 printf("%s: start atw_si4126_read, SYNCTL busy\n", 1965 sc->sc_dev.dv_xname); 1966 return ETIMEDOUT; 1967 } 1968 1969 reg = sc->sc_synctl_rd | LSHIFT(addr, ATW_SYNCTL_DATA_MASK); 1970 1971 ATW_WRITE(sc, ATW_SYNCTL, reg); 1972 1973 for (i = 1000; --i >= 0; ) { 1974 DELAY(100); 1975 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD) == 0) 1976 break; 1977 } 1978 1979 ATW_CLR(sc, ATW_SYNCTL, ATW_SYNCTL_RD); 1980 1981 if (i < 0) { 1982 printf("%s: atw_si4126_read wrote %#08x, SYNCTL still busy\n", 1983 sc->sc_dev.dv_xname, reg); 1984 return ETIMEDOUT; 1985 } 1986 if (val != NULL) 1987 *val = MASK_AND_RSHIFT(ATW_READ(sc, ATW_SYNCTL), 1988 ATW_SYNCTL_DATA_MASK); 1989 return 0; 1990 } 1991 #endif /* ATW_SYNDEBUG */ 1992 1993 /* XXX is the endianness correct? test. */ 1994 #define atw_calchash(addr) \ 1995 (ether_crc32_le((addr), IEEE80211_ADDR_LEN) & BITS(5, 0)) 1996 1997 /* 1998 * atw_filter_setup: 1999 * 2000 * Set the ADM8211's receive filter. 2001 */ 2002 static void 2003 atw_filter_setup(struct atw_softc *sc) 2004 { 2005 struct ieee80211com *ic = &sc->sc_ic; 2006 struct ethercom *ec = &sc->sc_ec; 2007 struct ifnet *ifp = &sc->sc_if; 2008 int hash; 2009 u_int32_t hashes[2]; 2010 struct ether_multi *enm; 2011 struct ether_multistep step; 2012 2013 /* According to comments in tlp_al981_filter_setup 2014 * (dev/ic/tulip.c) the ADMtek AL981 does not like for its 2015 * multicast filter to be set while it is running. Hopefully 2016 * the ADM8211 is not the same! 2017 */ 2018 if ((ifp->if_flags & IFF_RUNNING) != 0) 2019 atw_idle(sc, ATW_NAR_SR); 2020 2021 sc->sc_opmode &= ~(ATW_NAR_PR|ATW_NAR_MM); 2022 ifp->if_flags &= ~IFF_ALLMULTI; 2023 2024 /* XXX in scan mode, do not filter packets. Maybe this is 2025 * unnecessary. 2026 */ 2027 if (ic->ic_state == IEEE80211_S_SCAN || 2028 (ifp->if_flags & IFF_PROMISC) != 0) { 2029 sc->sc_opmode |= ATW_NAR_PR; 2030 goto allmulti; 2031 } 2032 2033 hashes[0] = hashes[1] = 0x0; 2034 2035 /* 2036 * Program the 64-bit multicast hash filter. 2037 */ 2038 ETHER_FIRST_MULTI(step, ec, enm); 2039 while (enm != NULL) { 2040 if (memcmp(enm->enm_addrlo, enm->enm_addrhi, 2041 ETHER_ADDR_LEN) != 0) 2042 goto allmulti; 2043 2044 hash = atw_calchash(enm->enm_addrlo); 2045 hashes[hash >> 5] |= 1 << (hash & 0x1f); 2046 ETHER_NEXT_MULTI(step, enm); 2047 sc->sc_opmode |= ATW_NAR_MM; 2048 } 2049 ifp->if_flags &= ~IFF_ALLMULTI; 2050 goto setit; 2051 2052 allmulti: 2053 sc->sc_opmode |= ATW_NAR_MM; 2054 ifp->if_flags |= IFF_ALLMULTI; 2055 hashes[0] = hashes[1] = 0xffffffff; 2056 2057 setit: 2058 ATW_WRITE(sc, ATW_MAR0, hashes[0]); 2059 ATW_WRITE(sc, ATW_MAR1, hashes[1]); 2060 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2061 DELAY(atw_nar_delay); 2062 ATW_WRITE(sc, ATW_RDR, 0x1); 2063 2064 DPRINTF(sc, ("%s: ATW_NAR %08x opmode %08x\n", sc->sc_dev.dv_xname, 2065 ATW_READ(sc, ATW_NAR), sc->sc_opmode)); 2066 } 2067 2068 /* Tell the ADM8211 our preferred BSSID. The ADM8211 must match 2069 * a beacon's BSSID and SSID against the preferred BSSID and SSID 2070 * before it will raise ATW_INTR_LINKON. When the ADM8211 receives 2071 * no beacon with the preferred BSSID and SSID in the number of 2072 * beacon intervals given in ATW_BPLI, then it raises ATW_INTR_LINKOFF. 2073 */ 2074 static void 2075 atw_write_bssid(struct atw_softc *sc) 2076 { 2077 struct ieee80211com *ic = &sc->sc_ic; 2078 u_int8_t *bssid; 2079 2080 bssid = ic->ic_bss->ni_bssid; 2081 2082 ATW_WRITE(sc, ATW_BSSID0, 2083 LSHIFT(bssid[0], ATW_BSSID0_BSSIDB0_MASK) | 2084 LSHIFT(bssid[1], ATW_BSSID0_BSSIDB1_MASK) | 2085 LSHIFT(bssid[2], ATW_BSSID0_BSSIDB2_MASK) | 2086 LSHIFT(bssid[3], ATW_BSSID0_BSSIDB3_MASK)); 2087 2088 ATW_WRITE(sc, ATW_ABDA1, 2089 (ATW_READ(sc, ATW_ABDA1) & 2090 ~(ATW_ABDA1_BSSIDB4_MASK|ATW_ABDA1_BSSIDB5_MASK)) | 2091 LSHIFT(bssid[4], ATW_ABDA1_BSSIDB4_MASK) | 2092 LSHIFT(bssid[5], ATW_ABDA1_BSSIDB5_MASK)); 2093 2094 DPRINTF(sc, ("%s: BSSID %s -> ", sc->sc_dev.dv_xname, 2095 ether_sprintf(sc->sc_bssid))); 2096 DPRINTF(sc, ("%s\n", ether_sprintf(bssid))); 2097 2098 memcpy(sc->sc_bssid, bssid, sizeof(sc->sc_bssid)); 2099 } 2100 2101 /* Write buflen bytes from buf to SRAM starting at the SRAM's ofs'th 2102 * 16-bit word. 2103 */ 2104 static void 2105 atw_write_sram(struct atw_softc *sc, u_int ofs, u_int8_t *buf, u_int buflen) 2106 { 2107 u_int i; 2108 u_int8_t *ptr; 2109 2110 memcpy(&sc->sc_sram[ofs], buf, buflen); 2111 2112 KASSERT(ofs % 2 == 0 && buflen % 2 == 0); 2113 2114 KASSERT(buflen + ofs <= sc->sc_sramlen); 2115 2116 ptr = &sc->sc_sram[ofs]; 2117 2118 for (i = 0; i < buflen; i += 2) { 2119 ATW_WRITE(sc, ATW_WEPCTL, ATW_WEPCTL_WR | 2120 LSHIFT((ofs + i) / 2, ATW_WEPCTL_TBLADD_MASK)); 2121 DELAY(atw_writewep_delay); 2122 2123 ATW_WRITE(sc, ATW_WESK, 2124 LSHIFT((ptr[i + 1] << 8) | ptr[i], ATW_WESK_DATA_MASK)); 2125 DELAY(atw_writewep_delay); 2126 } 2127 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); /* restore WEP condition */ 2128 2129 if (sc->sc_if.if_flags & IFF_DEBUG) { 2130 int n_octets = 0; 2131 printf("%s: wrote %d bytes at 0x%x wepctl 0x%08x\n", 2132 sc->sc_dev.dv_xname, buflen, ofs, sc->sc_wepctl); 2133 for (i = 0; i < buflen; i++) { 2134 printf(" %02x", ptr[i]); 2135 if (++n_octets % 24 == 0) 2136 printf("\n"); 2137 } 2138 if (n_octets % 24 != 0) 2139 printf("\n"); 2140 } 2141 } 2142 2143 static int 2144 atw_key_delete(struct ieee80211com *ic, const struct ieee80211_key *k) 2145 { 2146 struct atw_softc *sc = ic->ic_ifp->if_softc; 2147 u_int keyix = k->wk_keyix; 2148 2149 DPRINTF(sc, ("%s: delete key %u\n", __func__, keyix)); 2150 2151 if (keyix >= IEEE80211_WEP_NKID) 2152 return 0; 2153 if (k->wk_keylen != 0) 2154 sc->sc_flags &= ~ATWF_WEP_SRAM_VALID; 2155 2156 return 1; 2157 } 2158 2159 static int 2160 atw_key_set(struct ieee80211com *ic, const struct ieee80211_key *k, 2161 const u_int8_t mac[IEEE80211_ADDR_LEN]) 2162 { 2163 struct atw_softc *sc = ic->ic_ifp->if_softc; 2164 2165 DPRINTF(sc, ("%s: set key %u\n", __func__, k->wk_keyix)); 2166 2167 if (k->wk_keyix >= IEEE80211_WEP_NKID) 2168 return 0; 2169 2170 sc->sc_flags &= ~ATWF_WEP_SRAM_VALID; 2171 2172 return 1; 2173 } 2174 2175 static void 2176 atw_key_update_begin(struct ieee80211com *ic) 2177 { 2178 #ifdef ATW_DEBUG 2179 struct ifnet *ifp = ic->ic_ifp; 2180 struct atw_softc *sc = ifp->if_softc; 2181 #endif 2182 2183 DPRINTF(sc, ("%s:\n", __func__)); 2184 } 2185 2186 static void 2187 atw_key_update_end(struct ieee80211com *ic) 2188 { 2189 struct ifnet *ifp = ic->ic_ifp; 2190 struct atw_softc *sc = ifp->if_softc; 2191 2192 DPRINTF(sc, ("%s:\n", __func__)); 2193 2194 if ((sc->sc_flags & ATWF_WEP_SRAM_VALID) != 0) 2195 return; 2196 if (ATW_IS_ENABLED(sc) == 0) 2197 return; 2198 atw_idle(sc, ATW_NAR_SR | ATW_NAR_ST); 2199 atw_write_wep(sc); 2200 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2201 DELAY(atw_nar_delay); 2202 ATW_WRITE(sc, ATW_RDR, 0x1); 2203 } 2204 2205 /* Write WEP keys from the ieee80211com to the ADM8211's SRAM. */ 2206 static void 2207 atw_write_wep(struct atw_softc *sc) 2208 { 2209 struct ieee80211com *ic = &sc->sc_ic; 2210 /* SRAM shared-key record format: key0 flags key1 ... key12 */ 2211 u_int8_t buf[IEEE80211_WEP_NKID] 2212 [1 /* key[0] */ + 1 /* flags */ + 12 /* key[1 .. 12] */]; 2213 u_int32_t reg; 2214 int i; 2215 2216 sc->sc_wepctl = 0; 2217 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); 2218 2219 memset(&buf[0][0], 0, sizeof(buf)); 2220 2221 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2222 if (ic->ic_nw_keys[i].wk_keylen > 5) { 2223 buf[i][1] = ATW_WEP_ENABLED | ATW_WEP_104BIT; 2224 } else if (ic->ic_nw_keys[i].wk_keylen != 0) { 2225 buf[i][1] = ATW_WEP_ENABLED; 2226 } else { 2227 buf[i][1] = 0; 2228 continue; 2229 } 2230 buf[i][0] = ic->ic_nw_keys[i].wk_key[0]; 2231 memcpy(&buf[i][2], &ic->ic_nw_keys[i].wk_key[1], 2232 ic->ic_nw_keys[i].wk_keylen - 1); 2233 } 2234 2235 reg = ATW_READ(sc, ATW_MACTEST); 2236 reg |= ATW_MACTEST_MMI_USETXCLK | ATW_MACTEST_FORCE_KEYID; 2237 reg &= ~ATW_MACTEST_KEYID_MASK; 2238 reg |= LSHIFT(ic->ic_def_txkey, ATW_MACTEST_KEYID_MASK); 2239 ATW_WRITE(sc, ATW_MACTEST, reg); 2240 2241 if ((ic->ic_flags & IEEE80211_F_PRIVACY) != 0) 2242 sc->sc_wepctl |= ATW_WEPCTL_WEPENABLE; 2243 2244 switch (sc->sc_rev) { 2245 case ATW_REVISION_AB: 2246 case ATW_REVISION_AF: 2247 /* Bypass WEP on Rx. */ 2248 sc->sc_wepctl |= ATW_WEPCTL_WEPRXBYP; 2249 break; 2250 default: 2251 break; 2252 } 2253 2254 atw_write_sram(sc, ATW_SRAM_ADDR_SHARED_KEY, (u_int8_t*)&buf[0][0], 2255 sizeof(buf)); 2256 2257 sc->sc_flags |= ATWF_WEP_SRAM_VALID; 2258 } 2259 2260 static void 2261 atw_recv_mgmt(struct ieee80211com *ic, struct mbuf *m, 2262 struct ieee80211_node *ni, int subtype, int rssi, u_int32_t rstamp) 2263 { 2264 struct atw_softc *sc = (struct atw_softc *)ic->ic_ifp->if_softc; 2265 2266 /* The ADM8211A answers probe requests. TBD ADM8211B/C. */ 2267 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_REQ) 2268 return; 2269 2270 (*sc->sc_recv_mgmt)(ic, m, ni, subtype, rssi, rstamp); 2271 2272 switch (subtype) { 2273 case IEEE80211_FC0_SUBTYPE_PROBE_RESP: 2274 case IEEE80211_FC0_SUBTYPE_BEACON: 2275 if (ic->ic_opmode == IEEE80211_M_IBSS && 2276 ic->ic_state == IEEE80211_S_RUN) { 2277 if (le64toh(ni->ni_tstamp.tsf) >= atw_get_tsft(sc)) 2278 (void)ieee80211_ibss_merge(ni); 2279 } 2280 break; 2281 default: 2282 break; 2283 } 2284 return; 2285 } 2286 2287 /* Write the SSID in the ieee80211com to the SRAM on the ADM8211. 2288 * In ad hoc mode, the SSID is written to the beacons sent by the 2289 * ADM8211. In both ad hoc and infrastructure mode, beacons received 2290 * with matching SSID affect ATW_INTR_LINKON/ATW_INTR_LINKOFF 2291 * indications. 2292 */ 2293 static void 2294 atw_write_ssid(struct atw_softc *sc) 2295 { 2296 struct ieee80211com *ic = &sc->sc_ic; 2297 /* 34 bytes are reserved in ADM8211 SRAM for the SSID, but 2298 * it only expects the element length, not its ID. 2299 */ 2300 u_int8_t buf[roundup(1 /* length */ + IEEE80211_NWID_LEN, 2)]; 2301 2302 memset(buf, 0, sizeof(buf)); 2303 buf[0] = ic->ic_bss->ni_esslen; 2304 memcpy(&buf[1], ic->ic_bss->ni_essid, ic->ic_bss->ni_esslen); 2305 2306 atw_write_sram(sc, ATW_SRAM_ADDR_SSID, buf, 2307 roundup(1 + ic->ic_bss->ni_esslen, 2)); 2308 } 2309 2310 /* Write the supported rates in the ieee80211com to the SRAM of the ADM8211. 2311 * In ad hoc mode, the supported rates are written to beacons sent by the 2312 * ADM8211. 2313 */ 2314 static void 2315 atw_write_sup_rates(struct atw_softc *sc) 2316 { 2317 struct ieee80211com *ic = &sc->sc_ic; 2318 /* 14 bytes are probably (XXX) reserved in the ADM8211 SRAM for 2319 * supported rates 2320 */ 2321 u_int8_t buf[roundup(1 /* length */ + IEEE80211_RATE_SIZE, 2)]; 2322 2323 memset(buf, 0, sizeof(buf)); 2324 2325 buf[0] = ic->ic_bss->ni_rates.rs_nrates; 2326 2327 memcpy(&buf[1], ic->ic_bss->ni_rates.rs_rates, 2328 ic->ic_bss->ni_rates.rs_nrates); 2329 2330 atw_write_sram(sc, ATW_SRAM_ADDR_SUPRATES, buf, sizeof(buf)); 2331 } 2332 2333 /* Start/stop sending beacons. */ 2334 void 2335 atw_start_beacon(struct atw_softc *sc, int start) 2336 { 2337 struct ieee80211com *ic = &sc->sc_ic; 2338 uint16_t chan; 2339 uint32_t bcnt, bpli, cap0, cap1, capinfo; 2340 size_t len; 2341 2342 if (ATW_IS_ENABLED(sc) == 0) 2343 return; 2344 2345 /* start beacons */ 2346 len = sizeof(struct ieee80211_frame) + 2347 8 /* timestamp */ + 2 /* beacon interval */ + 2348 2 /* capability info */ + 2349 2 + ic->ic_bss->ni_esslen /* SSID element */ + 2350 2 + ic->ic_bss->ni_rates.rs_nrates /* rates element */ + 2351 3 /* DS parameters */ + 2352 IEEE80211_CRC_LEN; 2353 2354 bcnt = ATW_READ(sc, ATW_BCNT) & ~ATW_BCNT_BCNT_MASK; 2355 cap0 = ATW_READ(sc, ATW_CAP0) & ~ATW_CAP0_CHN_MASK; 2356 cap1 = ATW_READ(sc, ATW_CAP1) & ~ATW_CAP1_CAPI_MASK; 2357 2358 ATW_WRITE(sc, ATW_BCNT, bcnt); 2359 ATW_WRITE(sc, ATW_CAP1, cap1); 2360 2361 if (!start) 2362 return; 2363 2364 /* TBD use ni_capinfo */ 2365 2366 capinfo = 0; 2367 if (sc->sc_flags & ATWF_SHORT_PREAMBLE) 2368 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2369 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2370 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2371 2372 switch (ic->ic_opmode) { 2373 case IEEE80211_M_IBSS: 2374 len += 4; /* IBSS parameters */ 2375 capinfo |= IEEE80211_CAPINFO_IBSS; 2376 break; 2377 case IEEE80211_M_HOSTAP: 2378 /* XXX 6-byte minimum TIM */ 2379 len += atw_beacon_len_adjust; 2380 capinfo |= IEEE80211_CAPINFO_ESS; 2381 break; 2382 default: 2383 return; 2384 } 2385 2386 /* set listen interval 2387 * XXX do software units agree w/ hardware? 2388 */ 2389 bpli = LSHIFT(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2390 LSHIFT(ic->ic_lintval / ic->ic_bss->ni_intval, ATW_BPLI_LI_MASK); 2391 2392 chan = ieee80211_chan2ieee(ic, ic->ic_curchan); 2393 2394 bcnt |= LSHIFT(len, ATW_BCNT_BCNT_MASK); 2395 cap0 |= LSHIFT(chan, ATW_CAP0_CHN_MASK); 2396 cap1 |= LSHIFT(capinfo, ATW_CAP1_CAPI_MASK); 2397 2398 ATW_WRITE(sc, ATW_BCNT, bcnt); 2399 ATW_WRITE(sc, ATW_BPLI, bpli); 2400 ATW_WRITE(sc, ATW_CAP0, cap0); 2401 ATW_WRITE(sc, ATW_CAP1, cap1); 2402 2403 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_BCNT] = %08x\n", 2404 sc->sc_dev.dv_xname, bcnt)); 2405 2406 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_CAP1] = %08x\n", 2407 sc->sc_dev.dv_xname, cap1)); 2408 } 2409 2410 /* Return the 32 lsb of the last TSFT divisible by ival. */ 2411 static inline uint32_t 2412 atw_last_even_tsft(uint32_t tsfth, uint32_t tsftl, uint32_t ival) 2413 { 2414 /* Following the reference driver's lead, I compute 2415 * 2416 * (uint32_t)((((uint64_t)tsfth << 32) | tsftl) % ival) 2417 * 2418 * without using 64-bit arithmetic, using the following 2419 * relationship: 2420 * 2421 * (0x100000000 * H + L) % m 2422 * = ((0x100000000 % m) * H + L) % m 2423 * = (((0xffffffff + 1) % m) * H + L) % m 2424 * = ((0xffffffff % m + 1 % m) * H + L) % m 2425 * = ((0xffffffff % m + 1) * H + L) % m 2426 */ 2427 return ((0xFFFFFFFF % ival + 1) * tsfth + tsftl) % ival; 2428 } 2429 2430 static uint64_t 2431 atw_get_tsft(struct atw_softc *sc) 2432 { 2433 int i; 2434 uint32_t tsfth, tsftl; 2435 for (i = 0; i < 2; i++) { 2436 tsfth = ATW_READ(sc, ATW_TSFTH); 2437 tsftl = ATW_READ(sc, ATW_TSFTL); 2438 if (ATW_READ(sc, ATW_TSFTH) == tsfth) 2439 break; 2440 } 2441 return ((uint64_t)tsfth << 32) | tsftl; 2442 } 2443 2444 /* If we've created an IBSS, write the TSF time in the ADM8211 to 2445 * the ieee80211com. 2446 * 2447 * Predict the next target beacon transmission time (TBTT) and 2448 * write it to the ADM8211. 2449 */ 2450 static void 2451 atw_predict_beacon(struct atw_softc *sc) 2452 { 2453 #define TBTTOFS 20 /* TU */ 2454 2455 struct ieee80211com *ic = &sc->sc_ic; 2456 uint64_t tsft; 2457 uint32_t ival, past_even, tbtt, tsfth, tsftl; 2458 union { 2459 uint64_t word; 2460 uint8_t tstamp[8]; 2461 } u; 2462 2463 if ((ic->ic_opmode == IEEE80211_M_HOSTAP) || 2464 ((ic->ic_opmode == IEEE80211_M_IBSS) && 2465 (ic->ic_flags & IEEE80211_F_SIBSS))) { 2466 tsft = atw_get_tsft(sc); 2467 u.word = htole64(tsft); 2468 (void)memcpy(&ic->ic_bss->ni_tstamp, &u.tstamp[0], 2469 sizeof(ic->ic_bss->ni_tstamp)); 2470 } else 2471 tsft = le64toh(ic->ic_bss->ni_tstamp.tsf); 2472 2473 ival = ic->ic_bss->ni_intval * IEEE80211_DUR_TU; 2474 2475 tsftl = tsft & 0xFFFFFFFF; 2476 tsfth = tsft >> 32; 2477 2478 /* We sent/received the last beacon `past' microseconds 2479 * after the interval divided the TSF timer. 2480 */ 2481 past_even = tsftl - atw_last_even_tsft(tsfth, tsftl, ival); 2482 2483 /* Skip ten beacons so that the TBTT cannot pass before 2484 * we've programmed it. Ten is an arbitrary number. 2485 */ 2486 tbtt = past_even + ival * 10; 2487 2488 ATW_WRITE(sc, ATW_TOFS1, 2489 LSHIFT(1, ATW_TOFS1_TSFTOFSR_MASK) | 2490 LSHIFT(TBTTOFS, ATW_TOFS1_TBTTOFS_MASK) | 2491 LSHIFT(MASK_AND_RSHIFT(tbtt - TBTTOFS * IEEE80211_DUR_TU, 2492 ATW_TBTTPRE_MASK), ATW_TOFS1_TBTTPRE_MASK)); 2493 #undef TBTTOFS 2494 } 2495 2496 static void 2497 atw_next_scan(void *arg) 2498 { 2499 struct atw_softc *sc = arg; 2500 struct ieee80211com *ic = &sc->sc_ic; 2501 int s; 2502 2503 /* don't call atw_start w/o network interrupts blocked */ 2504 s = splnet(); 2505 if (ic->ic_state == IEEE80211_S_SCAN) 2506 ieee80211_next_scan(ic); 2507 splx(s); 2508 } 2509 2510 /* Synchronize the hardware state with the software state. */ 2511 static int 2512 atw_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 2513 { 2514 struct ifnet *ifp = ic->ic_ifp; 2515 struct atw_softc *sc = ifp->if_softc; 2516 enum ieee80211_state ostate; 2517 int error = 0; 2518 2519 ostate = ic->ic_state; 2520 callout_stop(&sc->sc_scan_ch); 2521 2522 switch (nstate) { 2523 case IEEE80211_S_AUTH: 2524 case IEEE80211_S_ASSOC: 2525 error = atw_tune(sc); 2526 break; 2527 case IEEE80211_S_INIT: 2528 callout_stop(&sc->sc_scan_ch); 2529 sc->sc_cur_chan = IEEE80211_CHAN_ANY; 2530 atw_start_beacon(sc, 0); 2531 break; 2532 case IEEE80211_S_SCAN: 2533 error = atw_tune(sc); 2534 callout_reset(&sc->sc_scan_ch, atw_dwelltime * hz / 1000, 2535 atw_next_scan, sc); 2536 break; 2537 case IEEE80211_S_RUN: 2538 error = atw_tune(sc); 2539 atw_write_bssid(sc); 2540 atw_write_ssid(sc); 2541 atw_write_sup_rates(sc); 2542 2543 if (ic->ic_opmode == IEEE80211_M_AHDEMO || 2544 ic->ic_opmode == IEEE80211_M_MONITOR) 2545 break; 2546 2547 /* set listen interval 2548 * XXX do software units agree w/ hardware? 2549 */ 2550 ATW_WRITE(sc, ATW_BPLI, 2551 LSHIFT(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2552 LSHIFT(ic->ic_lintval / ic->ic_bss->ni_intval, 2553 ATW_BPLI_LI_MASK)); 2554 2555 DPRINTF(sc, ("%s: reg[ATW_BPLI] = %08x\n", sc->sc_dev.dv_xname, 2556 ATW_READ(sc, ATW_BPLI))); 2557 2558 atw_predict_beacon(sc); 2559 2560 switch (ic->ic_opmode) { 2561 case IEEE80211_M_AHDEMO: 2562 case IEEE80211_M_HOSTAP: 2563 case IEEE80211_M_IBSS: 2564 atw_start_beacon(sc, 1); 2565 break; 2566 case IEEE80211_M_MONITOR: 2567 case IEEE80211_M_STA: 2568 break; 2569 } 2570 2571 break; 2572 } 2573 return (error != 0) ? error : (*sc->sc_newstate)(ic, nstate, arg); 2574 } 2575 2576 /* 2577 * atw_add_rxbuf: 2578 * 2579 * Add a receive buffer to the indicated descriptor. 2580 */ 2581 int 2582 atw_add_rxbuf(struct atw_softc *sc, int idx) 2583 { 2584 struct atw_rxsoft *rxs = &sc->sc_rxsoft[idx]; 2585 struct mbuf *m; 2586 int error; 2587 2588 MGETHDR(m, M_DONTWAIT, MT_DATA); 2589 if (m == NULL) 2590 return (ENOBUFS); 2591 2592 MCLGET(m, M_DONTWAIT); 2593 if ((m->m_flags & M_EXT) == 0) { 2594 m_freem(m); 2595 return (ENOBUFS); 2596 } 2597 2598 if (rxs->rxs_mbuf != NULL) 2599 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2600 2601 rxs->rxs_mbuf = m; 2602 2603 error = bus_dmamap_load(sc->sc_dmat, rxs->rxs_dmamap, 2604 m->m_ext.ext_buf, m->m_ext.ext_size, NULL, 2605 BUS_DMA_READ|BUS_DMA_NOWAIT); 2606 if (error) { 2607 printf("%s: can't load rx DMA map %d, error = %d\n", 2608 sc->sc_dev.dv_xname, idx, error); 2609 panic("atw_add_rxbuf"); /* XXX */ 2610 } 2611 2612 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 2613 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 2614 2615 ATW_INIT_RXDESC(sc, idx); 2616 2617 return (0); 2618 } 2619 2620 /* 2621 * Release any queued transmit buffers. 2622 */ 2623 void 2624 atw_txdrain(struct atw_softc *sc) 2625 { 2626 struct atw_txsoft *txs; 2627 2628 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 2629 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 2630 if (txs->txs_mbuf != NULL) { 2631 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2632 m_freem(txs->txs_mbuf); 2633 txs->txs_mbuf = NULL; 2634 } 2635 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 2636 sc->sc_txfree += txs->txs_ndescs; 2637 } 2638 2639 KASSERT((sc->sc_if.if_flags & IFF_RUNNING) == 0 || 2640 !(SIMPLEQ_EMPTY(&sc->sc_txfreeq) || 2641 sc->sc_txfree != ATW_NTXDESC)); 2642 sc->sc_if.if_flags &= ~IFF_OACTIVE; 2643 sc->sc_tx_timer = 0; 2644 } 2645 2646 /* 2647 * atw_stop: [ ifnet interface function ] 2648 * 2649 * Stop transmission on the interface. 2650 */ 2651 void 2652 atw_stop(struct ifnet *ifp, int disable) 2653 { 2654 struct atw_softc *sc = ifp->if_softc; 2655 struct ieee80211com *ic = &sc->sc_ic; 2656 2657 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2658 2659 /* Disable interrupts. */ 2660 ATW_WRITE(sc, ATW_IER, 0); 2661 2662 /* Stop the transmit and receive processes. */ 2663 sc->sc_opmode = 0; 2664 ATW_WRITE(sc, ATW_NAR, 0); 2665 DELAY(atw_nar_delay); 2666 ATW_WRITE(sc, ATW_TDBD, 0); 2667 ATW_WRITE(sc, ATW_TDBP, 0); 2668 ATW_WRITE(sc, ATW_RDB, 0); 2669 2670 atw_txdrain(sc); 2671 2672 if (disable) { 2673 atw_rxdrain(sc); 2674 atw_disable(sc); 2675 } 2676 2677 /* 2678 * Mark the interface down and cancel the watchdog timer. 2679 */ 2680 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2681 sc->sc_tx_timer = 0; 2682 ifp->if_timer = 0; 2683 2684 if (!disable) 2685 atw_reset(sc); 2686 } 2687 2688 /* 2689 * atw_rxdrain: 2690 * 2691 * Drain the receive queue. 2692 */ 2693 void 2694 atw_rxdrain(struct atw_softc *sc) 2695 { 2696 struct atw_rxsoft *rxs; 2697 int i; 2698 2699 for (i = 0; i < ATW_NRXDESC; i++) { 2700 rxs = &sc->sc_rxsoft[i]; 2701 if (rxs->rxs_mbuf == NULL) 2702 continue; 2703 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2704 m_freem(rxs->rxs_mbuf); 2705 rxs->rxs_mbuf = NULL; 2706 } 2707 } 2708 2709 /* 2710 * atw_detach: 2711 * 2712 * Detach an ADM8211 interface. 2713 */ 2714 int 2715 atw_detach(struct atw_softc *sc) 2716 { 2717 struct ifnet *ifp = &sc->sc_if; 2718 struct atw_rxsoft *rxs; 2719 struct atw_txsoft *txs; 2720 int i; 2721 2722 /* 2723 * Succeed now if there isn't any work to do. 2724 */ 2725 if ((sc->sc_flags & ATWF_ATTACHED) == 0) 2726 return (0); 2727 2728 callout_stop(&sc->sc_scan_ch); 2729 2730 ieee80211_ifdetach(&sc->sc_ic); 2731 if_detach(ifp); 2732 2733 for (i = 0; i < ATW_NRXDESC; i++) { 2734 rxs = &sc->sc_rxsoft[i]; 2735 if (rxs->rxs_mbuf != NULL) { 2736 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2737 m_freem(rxs->rxs_mbuf); 2738 rxs->rxs_mbuf = NULL; 2739 } 2740 bus_dmamap_destroy(sc->sc_dmat, rxs->rxs_dmamap); 2741 } 2742 for (i = 0; i < ATW_TXQUEUELEN; i++) { 2743 txs = &sc->sc_txsoft[i]; 2744 if (txs->txs_mbuf != NULL) { 2745 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2746 m_freem(txs->txs_mbuf); 2747 txs->txs_mbuf = NULL; 2748 } 2749 bus_dmamap_destroy(sc->sc_dmat, txs->txs_dmamap); 2750 } 2751 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 2752 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 2753 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->sc_control_data, 2754 sizeof(struct atw_control_data)); 2755 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 2756 2757 shutdownhook_disestablish(sc->sc_sdhook); 2758 powerhook_disestablish(sc->sc_powerhook); 2759 2760 if (sc->sc_srom) 2761 free(sc->sc_srom, M_DEVBUF); 2762 2763 return (0); 2764 } 2765 2766 /* atw_shutdown: make sure the interface is stopped at reboot time. */ 2767 void 2768 atw_shutdown(void *arg) 2769 { 2770 struct atw_softc *sc = arg; 2771 2772 atw_stop(&sc->sc_if, 1); 2773 } 2774 2775 int 2776 atw_intr(void *arg) 2777 { 2778 struct atw_softc *sc = arg; 2779 struct ifnet *ifp = &sc->sc_if; 2780 u_int32_t status, rxstatus, txstatus, linkstatus; 2781 int handled = 0, txthresh; 2782 2783 #ifdef DEBUG 2784 if (ATW_IS_ENABLED(sc) == 0) 2785 panic("%s: atw_intr: not enabled", sc->sc_dev.dv_xname); 2786 #endif 2787 2788 /* 2789 * If the interface isn't running, the interrupt couldn't 2790 * possibly have come from us. 2791 */ 2792 if ((ifp->if_flags & IFF_RUNNING) == 0 || 2793 (sc->sc_dev.dv_flags & DVF_ACTIVE) == 0) 2794 return (0); 2795 2796 for (;;) { 2797 status = ATW_READ(sc, ATW_STSR); 2798 2799 if (status) 2800 ATW_WRITE(sc, ATW_STSR, status); 2801 2802 #ifdef ATW_DEBUG 2803 #define PRINTINTR(flag) do { \ 2804 if ((status & flag) != 0) { \ 2805 printf("%s" #flag, delim); \ 2806 delim = ","; \ 2807 } \ 2808 } while (0) 2809 2810 if (atw_debug > 1 && status) { 2811 const char *delim = "<"; 2812 2813 printf("%s: reg[STSR] = %x", 2814 sc->sc_dev.dv_xname, status); 2815 2816 PRINTINTR(ATW_INTR_FBE); 2817 PRINTINTR(ATW_INTR_LINKOFF); 2818 PRINTINTR(ATW_INTR_LINKON); 2819 PRINTINTR(ATW_INTR_RCI); 2820 PRINTINTR(ATW_INTR_RDU); 2821 PRINTINTR(ATW_INTR_REIS); 2822 PRINTINTR(ATW_INTR_RPS); 2823 PRINTINTR(ATW_INTR_TCI); 2824 PRINTINTR(ATW_INTR_TDU); 2825 PRINTINTR(ATW_INTR_TLT); 2826 PRINTINTR(ATW_INTR_TPS); 2827 PRINTINTR(ATW_INTR_TRT); 2828 PRINTINTR(ATW_INTR_TUF); 2829 PRINTINTR(ATW_INTR_BCNTC); 2830 PRINTINTR(ATW_INTR_ATIME); 2831 PRINTINTR(ATW_INTR_TBTT); 2832 PRINTINTR(ATW_INTR_TSCZ); 2833 PRINTINTR(ATW_INTR_TSFTF); 2834 printf(">\n"); 2835 } 2836 #undef PRINTINTR 2837 #endif /* ATW_DEBUG */ 2838 2839 if ((status & sc->sc_inten) == 0) 2840 break; 2841 2842 handled = 1; 2843 2844 rxstatus = status & sc->sc_rxint_mask; 2845 txstatus = status & sc->sc_txint_mask; 2846 linkstatus = status & sc->sc_linkint_mask; 2847 2848 if (linkstatus) { 2849 atw_linkintr(sc, linkstatus); 2850 } 2851 2852 if (rxstatus) { 2853 /* Grab any new packets. */ 2854 atw_rxintr(sc); 2855 2856 if (rxstatus & ATW_INTR_RDU) { 2857 printf("%s: receive ring overrun\n", 2858 sc->sc_dev.dv_xname); 2859 /* Get the receive process going again. */ 2860 ATW_WRITE(sc, ATW_RDR, 0x1); 2861 break; 2862 } 2863 } 2864 2865 if (txstatus) { 2866 /* Sweep up transmit descriptors. */ 2867 atw_txintr(sc); 2868 2869 if (txstatus & ATW_INTR_TLT) 2870 DPRINTF(sc, ("%s: tx lifetime exceeded\n", 2871 sc->sc_dev.dv_xname)); 2872 2873 if (txstatus & ATW_INTR_TRT) 2874 DPRINTF(sc, ("%s: tx retry limit exceeded\n", 2875 sc->sc_dev.dv_xname)); 2876 2877 /* If Tx under-run, increase our transmit threshold 2878 * if another is available. 2879 */ 2880 txthresh = sc->sc_txthresh + 1; 2881 if ((txstatus & ATW_INTR_TUF) && 2882 sc->sc_txth[txthresh].txth_name != NULL) { 2883 /* Idle the transmit process. */ 2884 atw_idle(sc, ATW_NAR_ST); 2885 2886 sc->sc_txthresh = txthresh; 2887 sc->sc_opmode &= ~(ATW_NAR_TR_MASK|ATW_NAR_SF); 2888 sc->sc_opmode |= 2889 sc->sc_txth[txthresh].txth_opmode; 2890 printf("%s: transmit underrun; new " 2891 "threshold: %s\n", sc->sc_dev.dv_xname, 2892 sc->sc_txth[txthresh].txth_name); 2893 2894 /* Set the new threshold and restart 2895 * the transmit process. 2896 */ 2897 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2898 DELAY(atw_nar_delay); 2899 ATW_WRITE(sc, ATW_RDR, 0x1); 2900 /* XXX Log every Nth underrun from 2901 * XXX now on? 2902 */ 2903 } 2904 } 2905 2906 if (status & (ATW_INTR_TPS|ATW_INTR_RPS)) { 2907 if (status & ATW_INTR_TPS) 2908 printf("%s: transmit process stopped\n", 2909 sc->sc_dev.dv_xname); 2910 if (status & ATW_INTR_RPS) 2911 printf("%s: receive process stopped\n", 2912 sc->sc_dev.dv_xname); 2913 (void)atw_init(ifp); 2914 break; 2915 } 2916 2917 if (status & ATW_INTR_FBE) { 2918 printf("%s: fatal bus error\n", sc->sc_dev.dv_xname); 2919 (void)atw_init(ifp); 2920 break; 2921 } 2922 2923 /* 2924 * Not handled: 2925 * 2926 * Transmit buffer unavailable -- normal 2927 * condition, nothing to do, really. 2928 * 2929 * Early receive interrupt -- not available on 2930 * all chips, we just use RI. We also only 2931 * use single-segment receive DMA, so this 2932 * is mostly useless. 2933 * 2934 * TBD others 2935 */ 2936 } 2937 2938 /* Try to get more packets going. */ 2939 atw_start(ifp); 2940 2941 return (handled); 2942 } 2943 2944 /* 2945 * atw_idle: 2946 * 2947 * Cause the transmit and/or receive processes to go idle. 2948 * 2949 * XXX It seems that the ADM8211 will not signal the end of the Rx/Tx 2950 * process in STSR if I clear SR or ST after the process has already 2951 * ceased. Fair enough. But the Rx process status bits in ATW_TEST0 2952 * do not seem to be too reliable. Perhaps I have the sense of the 2953 * Rx bits switched with the Tx bits? 2954 */ 2955 void 2956 atw_idle(struct atw_softc *sc, u_int32_t bits) 2957 { 2958 u_int32_t ackmask = 0, opmode, stsr, test0; 2959 int i, s; 2960 2961 s = splnet(); 2962 2963 opmode = sc->sc_opmode & ~bits; 2964 2965 if (bits & ATW_NAR_SR) 2966 ackmask |= ATW_INTR_RPS; 2967 2968 if (bits & ATW_NAR_ST) { 2969 ackmask |= ATW_INTR_TPS; 2970 /* set ATW_NAR_HF to flush TX FIFO. */ 2971 opmode |= ATW_NAR_HF; 2972 } 2973 2974 ATW_WRITE(sc, ATW_NAR, opmode); 2975 DELAY(atw_nar_delay); 2976 2977 for (i = 0; i < 1000; i++) { 2978 stsr = ATW_READ(sc, ATW_STSR); 2979 if ((stsr & ackmask) == ackmask) 2980 break; 2981 DELAY(10); 2982 } 2983 2984 ATW_WRITE(sc, ATW_STSR, stsr & ackmask); 2985 2986 if ((stsr & ackmask) == ackmask) 2987 goto out; 2988 2989 test0 = ATW_READ(sc, ATW_TEST0); 2990 2991 if ((bits & ATW_NAR_ST) != 0 && (stsr & ATW_INTR_TPS) == 0 && 2992 (test0 & ATW_TEST0_TS_MASK) != ATW_TEST0_TS_STOPPED) { 2993 printf("%s: transmit process not idle [%s]\n", 2994 sc->sc_dev.dv_xname, 2995 atw_tx_state[MASK_AND_RSHIFT(test0, ATW_TEST0_TS_MASK)]); 2996 printf("%s: bits %08x test0 %08x stsr %08x\n", 2997 sc->sc_dev.dv_xname, bits, test0, stsr); 2998 } 2999 3000 if ((bits & ATW_NAR_SR) != 0 && (stsr & ATW_INTR_RPS) == 0 && 3001 (test0 & ATW_TEST0_RS_MASK) != ATW_TEST0_RS_STOPPED) { 3002 DPRINTF2(sc, ("%s: receive process not idle [%s]\n", 3003 sc->sc_dev.dv_xname, 3004 atw_rx_state[MASK_AND_RSHIFT(test0, ATW_TEST0_RS_MASK)])); 3005 DPRINTF2(sc, ("%s: bits %08x test0 %08x stsr %08x\n", 3006 sc->sc_dev.dv_xname, bits, test0, stsr)); 3007 } 3008 out: 3009 if ((bits & ATW_NAR_ST) != 0) 3010 atw_txdrain(sc); 3011 splx(s); 3012 return; 3013 } 3014 3015 /* 3016 * atw_linkintr: 3017 * 3018 * Helper; handle link-status interrupts. 3019 */ 3020 void 3021 atw_linkintr(struct atw_softc *sc, u_int32_t linkstatus) 3022 { 3023 struct ieee80211com *ic = &sc->sc_ic; 3024 3025 if (ic->ic_state != IEEE80211_S_RUN) 3026 return; 3027 3028 if (linkstatus & ATW_INTR_LINKON) { 3029 DPRINTF(sc, ("%s: link on\n", sc->sc_dev.dv_xname)); 3030 sc->sc_rescan_timer = 0; 3031 } else if (linkstatus & ATW_INTR_LINKOFF) { 3032 DPRINTF(sc, ("%s: link off\n", sc->sc_dev.dv_xname)); 3033 if (ic->ic_opmode != IEEE80211_M_STA) 3034 return; 3035 sc->sc_rescan_timer = 3; 3036 sc->sc_if.if_timer = 1; 3037 } 3038 } 3039 3040 static inline int 3041 atw_hw_decrypted(struct atw_softc *sc, struct ieee80211_frame_min *wh) 3042 { 3043 if ((sc->sc_ic.ic_flags & IEEE80211_F_PRIVACY) == 0) 3044 return 0; 3045 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) == 0) 3046 return 0; 3047 return (sc->sc_wepctl & ATW_WEPCTL_WEPRXBYP) == 0; 3048 } 3049 3050 /* 3051 * atw_rxintr: 3052 * 3053 * Helper; handle receive interrupts. 3054 */ 3055 void 3056 atw_rxintr(struct atw_softc *sc) 3057 { 3058 static int rate_tbl[] = {2, 4, 11, 22, 44}; 3059 struct ieee80211com *ic = &sc->sc_ic; 3060 struct ieee80211_node *ni; 3061 struct ieee80211_frame_min *wh; 3062 struct ifnet *ifp = &sc->sc_if; 3063 struct atw_rxsoft *rxs; 3064 struct mbuf *m; 3065 u_int32_t rxstat; 3066 int i, len, rate, rate0; 3067 u_int32_t rssi, rssi0; 3068 3069 for (i = sc->sc_rxptr;; i = ATW_NEXTRX(i)) { 3070 rxs = &sc->sc_rxsoft[i]; 3071 3072 ATW_CDRXSYNC(sc, i, BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3073 3074 rxstat = le32toh(sc->sc_rxdescs[i].ar_stat); 3075 rssi0 = le32toh(sc->sc_rxdescs[i].ar_rssi); 3076 rate0 = MASK_AND_RSHIFT(rxstat, ATW_RXSTAT_RXDR_MASK); 3077 3078 if (rxstat & ATW_RXSTAT_OWN) 3079 break; /* We have processed all receive buffers. */ 3080 3081 DPRINTF3(sc, 3082 ("%s: rx stat %08x rssi0 %08x buf1 %08x buf2 %08x\n", 3083 sc->sc_dev.dv_xname, 3084 rxstat, rssi0, 3085 le32toh(sc->sc_rxdescs[i].ar_buf1), 3086 le32toh(sc->sc_rxdescs[i].ar_buf2))); 3087 3088 /* 3089 * Make sure the packet fits in one buffer. This should 3090 * always be the case. 3091 */ 3092 if ((rxstat & (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) != 3093 (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) { 3094 printf("%s: incoming packet spilled, resetting\n", 3095 sc->sc_dev.dv_xname); 3096 (void)atw_init(ifp); 3097 return; 3098 } 3099 3100 /* 3101 * If an error occurred, update stats, clear the status 3102 * word, and leave the packet buffer in place. It will 3103 * simply be reused the next time the ring comes around. 3104 * If 802.1Q VLAN MTU is enabled, ignore the Frame Too Long 3105 * error. 3106 */ 3107 3108 if ((rxstat & ATW_RXSTAT_ES) != 0 && 3109 ((sc->sc_ec.ec_capenable & ETHERCAP_VLAN_MTU) == 0 || 3110 (rxstat & (ATW_RXSTAT_DE | ATW_RXSTAT_SFDE | 3111 ATW_RXSTAT_SIGE | ATW_RXSTAT_CRC16E | 3112 ATW_RXSTAT_RXTOE | ATW_RXSTAT_CRC32E | 3113 ATW_RXSTAT_ICVE)) != 0)) { 3114 #define PRINTERR(bit, str) \ 3115 if (rxstat & (bit)) \ 3116 printf("%s: receive error: %s\n", \ 3117 sc->sc_dev.dv_xname, str) 3118 ifp->if_ierrors++; 3119 PRINTERR(ATW_RXSTAT_DE, "descriptor error"); 3120 PRINTERR(ATW_RXSTAT_SFDE, "PLCP SFD error"); 3121 PRINTERR(ATW_RXSTAT_SIGE, "PLCP signal error"); 3122 PRINTERR(ATW_RXSTAT_CRC16E, "PLCP CRC16 error"); 3123 PRINTERR(ATW_RXSTAT_RXTOE, "time-out"); 3124 PRINTERR(ATW_RXSTAT_CRC32E, "FCS error"); 3125 PRINTERR(ATW_RXSTAT_ICVE, "WEP ICV error"); 3126 #undef PRINTERR 3127 ATW_INIT_RXDESC(sc, i); 3128 continue; 3129 } 3130 3131 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3132 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 3133 3134 /* 3135 * No errors; receive the packet. Note the ADM8211 3136 * includes the CRC in promiscuous mode. 3137 */ 3138 len = MASK_AND_RSHIFT(rxstat, ATW_RXSTAT_FL_MASK); 3139 3140 /* 3141 * Allocate a new mbuf cluster. If that fails, we are 3142 * out of memory, and must drop the packet and recycle 3143 * the buffer that's already attached to this descriptor. 3144 */ 3145 m = rxs->rxs_mbuf; 3146 if (atw_add_rxbuf(sc, i) != 0) { 3147 ifp->if_ierrors++; 3148 ATW_INIT_RXDESC(sc, i); 3149 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3150 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 3151 continue; 3152 } 3153 3154 ifp->if_ipackets++; 3155 if (sc->sc_opmode & ATW_NAR_PR) 3156 len -= IEEE80211_CRC_LEN; 3157 m->m_pkthdr.rcvif = ifp; 3158 m->m_pkthdr.len = m->m_len = MIN(m->m_ext.ext_size, len); 3159 3160 if (rate0 >= sizeof(rate_tbl) / sizeof(rate_tbl[0])) 3161 rate = 0; 3162 else 3163 rate = rate_tbl[rate0]; 3164 3165 /* The RSSI comes straight from a register in the 3166 * baseband processor. I know that for the RF3000, 3167 * the RSSI register also contains the antenna-selection 3168 * bits. Mask those off. 3169 * 3170 * TBD Treat other basebands. 3171 */ 3172 if (sc->sc_bbptype == ATW_BBPTYPE_RFMD) 3173 rssi = rssi0 & RF3000_RSSI_MASK; 3174 else 3175 rssi = rssi0; 3176 3177 #if NBPFILTER > 0 3178 /* Pass this up to any BPF listeners. */ 3179 if (sc->sc_radiobpf != NULL) { 3180 struct atw_rx_radiotap_header *tap = &sc->sc_rxtap; 3181 3182 tap->ar_rate = rate; 3183 tap->ar_chan_freq = ic->ic_curchan->ic_freq; 3184 tap->ar_chan_flags = ic->ic_curchan->ic_flags; 3185 3186 /* TBD verify units are dB */ 3187 tap->ar_antsignal = (int)rssi; 3188 /* TBD tap->ar_flags */ 3189 3190 bpf_mtap2(sc->sc_radiobpf, (caddr_t)tap, 3191 tap->ar_ihdr.it_len, m); 3192 } 3193 #endif /* NPBFILTER > 0 */ 3194 3195 wh = mtod(m, struct ieee80211_frame_min *); 3196 ni = ieee80211_find_rxnode(ic, wh); 3197 if (atw_hw_decrypted(sc, wh)) { 3198 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 3199 DPRINTF(sc, ("%s: hw decrypted\n", __func__)); 3200 } 3201 ieee80211_input(ic, m, ni, (int)rssi, 0); 3202 ieee80211_free_node(ni); 3203 } 3204 3205 /* Update the receive pointer. */ 3206 sc->sc_rxptr = i; 3207 } 3208 3209 /* 3210 * atw_txintr: 3211 * 3212 * Helper; handle transmit interrupts. 3213 */ 3214 void 3215 atw_txintr(struct atw_softc *sc) 3216 { 3217 #define TXSTAT_ERRMASK (ATW_TXSTAT_TUF | ATW_TXSTAT_TLT | ATW_TXSTAT_TRT | \ 3218 ATW_TXSTAT_TRO | ATW_TXSTAT_SOFBR) 3219 #define TXSTAT_FMT "\20\31ATW_TXSTAT_SOFBR\32ATW_TXSTAT_TRO\33ATW_TXSTAT_TUF" \ 3220 "\34ATW_TXSTAT_TRT\35ATW_TXSTAT_TLT" 3221 3222 static char txstat_buf[sizeof("ffffffff<>" TXSTAT_FMT)]; 3223 struct ifnet *ifp = &sc->sc_if; 3224 struct atw_txsoft *txs; 3225 u_int32_t txstat; 3226 3227 DPRINTF3(sc, ("%s: atw_txintr: sc_flags 0x%08x\n", 3228 sc->sc_dev.dv_xname, sc->sc_flags)); 3229 3230 /* 3231 * Go through our Tx list and free mbufs for those 3232 * frames that have been transmitted. 3233 */ 3234 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 3235 ATW_CDTXSYNC(sc, txs->txs_lastdesc, 1, 3236 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3237 3238 #ifdef ATW_DEBUG 3239 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3240 int i; 3241 printf(" txsoft %p transmit chain:\n", txs); 3242 ATW_CDTXSYNC(sc, txs->txs_firstdesc, 3243 txs->txs_ndescs - 1, 3244 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3245 for (i = txs->txs_firstdesc;; i = ATW_NEXTTX(i)) { 3246 printf(" descriptor %d:\n", i); 3247 printf(" at_status: 0x%08x\n", 3248 le32toh(sc->sc_txdescs[i].at_stat)); 3249 printf(" at_flags: 0x%08x\n", 3250 le32toh(sc->sc_txdescs[i].at_flags)); 3251 printf(" at_buf1: 0x%08x\n", 3252 le32toh(sc->sc_txdescs[i].at_buf1)); 3253 printf(" at_buf2: 0x%08x\n", 3254 le32toh(sc->sc_txdescs[i].at_buf2)); 3255 if (i == txs->txs_lastdesc) 3256 break; 3257 } 3258 } 3259 #endif 3260 3261 txstat = le32toh(sc->sc_txdescs[txs->txs_lastdesc].at_stat); 3262 if (txstat & ATW_TXSTAT_OWN) 3263 break; 3264 3265 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 3266 3267 sc->sc_txfree += txs->txs_ndescs; 3268 3269 bus_dmamap_sync(sc->sc_dmat, txs->txs_dmamap, 3270 0, txs->txs_dmamap->dm_mapsize, 3271 BUS_DMASYNC_POSTWRITE); 3272 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 3273 m_freem(txs->txs_mbuf); 3274 txs->txs_mbuf = NULL; 3275 3276 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 3277 3278 KASSERT(!(SIMPLEQ_EMPTY(&sc->sc_txfreeq) || 3279 sc->sc_txfree == 0)); 3280 ifp->if_flags &= ~IFF_OACTIVE; 3281 3282 if ((ifp->if_flags & IFF_DEBUG) != 0 && 3283 (txstat & TXSTAT_ERRMASK) != 0) { 3284 bitmask_snprintf(txstat & TXSTAT_ERRMASK, TXSTAT_FMT, 3285 txstat_buf, sizeof(txstat_buf)); 3286 printf("%s: txstat %s %d\n", sc->sc_dev.dv_xname, 3287 txstat_buf, 3288 MASK_AND_RSHIFT(txstat, ATW_TXSTAT_ARC_MASK)); 3289 } 3290 3291 /* 3292 * Check for errors and collisions. 3293 */ 3294 if (txstat & ATW_TXSTAT_TUF) 3295 sc->sc_stats.ts_tx_tuf++; 3296 if (txstat & ATW_TXSTAT_TLT) 3297 sc->sc_stats.ts_tx_tlt++; 3298 if (txstat & ATW_TXSTAT_TRT) 3299 sc->sc_stats.ts_tx_trt++; 3300 if (txstat & ATW_TXSTAT_TRO) 3301 sc->sc_stats.ts_tx_tro++; 3302 if (txstat & ATW_TXSTAT_SOFBR) { 3303 sc->sc_stats.ts_tx_sofbr++; 3304 } 3305 3306 if ((txstat & ATW_TXSTAT_ES) == 0) 3307 ifp->if_collisions += 3308 MASK_AND_RSHIFT(txstat, ATW_TXSTAT_ARC_MASK); 3309 else 3310 ifp->if_oerrors++; 3311 3312 ifp->if_opackets++; 3313 } 3314 3315 /* 3316 * If there are no more pending transmissions, cancel the watchdog 3317 * timer. 3318 */ 3319 if (txs == NULL) { 3320 KASSERT((ifp->if_flags & IFF_OACTIVE) == 0); 3321 sc->sc_tx_timer = 0; 3322 } 3323 #undef TXSTAT_ERRMASK 3324 #undef TXSTAT_FMT 3325 } 3326 3327 /* 3328 * atw_watchdog: [ifnet interface function] 3329 * 3330 * Watchdog timer handler. 3331 */ 3332 void 3333 atw_watchdog(struct ifnet *ifp) 3334 { 3335 struct atw_softc *sc = ifp->if_softc; 3336 struct ieee80211com *ic = &sc->sc_ic; 3337 3338 ifp->if_timer = 0; 3339 if (ATW_IS_ENABLED(sc) == 0) 3340 return; 3341 3342 if (sc->sc_rescan_timer) { 3343 if (--sc->sc_rescan_timer == 0) 3344 (void)ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3345 } 3346 if (sc->sc_tx_timer) { 3347 if (--sc->sc_tx_timer == 0 && 3348 !SIMPLEQ_EMPTY(&sc->sc_txdirtyq)) { 3349 printf("%s: transmit timeout\n", ifp->if_xname); 3350 ifp->if_oerrors++; 3351 (void)atw_init(ifp); 3352 atw_start(ifp); 3353 } 3354 } 3355 if (sc->sc_tx_timer != 0 || sc->sc_rescan_timer != 0) 3356 ifp->if_timer = 1; 3357 ieee80211_watchdog(ic); 3358 } 3359 3360 #ifdef ATW_DEBUG 3361 static void 3362 atw_dump_pkt(struct ifnet *ifp, struct mbuf *m0) 3363 { 3364 struct atw_softc *sc = ifp->if_softc; 3365 struct mbuf *m; 3366 int i, noctets = 0; 3367 3368 printf("%s: %d-byte packet\n", sc->sc_dev.dv_xname, 3369 m0->m_pkthdr.len); 3370 3371 for (m = m0; m; m = m->m_next) { 3372 if (m->m_len == 0) 3373 continue; 3374 for (i = 0; i < m->m_len; i++) { 3375 printf(" %02x", ((u_int8_t*)m->m_data)[i]); 3376 if (++noctets % 24 == 0) 3377 printf("\n"); 3378 } 3379 } 3380 printf("%s%s: %d bytes emitted\n", 3381 (noctets % 24 != 0) ? "\n" : "", sc->sc_dev.dv_xname, noctets); 3382 } 3383 #endif /* ATW_DEBUG */ 3384 3385 /* 3386 * atw_start: [ifnet interface function] 3387 * 3388 * Start packet transmission on the interface. 3389 */ 3390 void 3391 atw_start(struct ifnet *ifp) 3392 { 3393 struct atw_softc *sc = ifp->if_softc; 3394 struct ieee80211_key *k; 3395 struct ieee80211com *ic = &sc->sc_ic; 3396 struct ieee80211_node *ni; 3397 struct ieee80211_frame_min *whm; 3398 struct ieee80211_frame *wh; 3399 struct atw_frame *hh; 3400 struct mbuf *m0, *m; 3401 struct atw_txsoft *txs, *last_txs; 3402 struct atw_txdesc *txd; 3403 int do_encrypt, npkt, rate; 3404 bus_dmamap_t dmamap; 3405 int ctl, error, firsttx, nexttx, lasttx = -1, first, ofree, seg; 3406 3407 DPRINTF2(sc, ("%s: atw_start: sc_flags 0x%08x, if_flags 0x%08x\n", 3408 sc->sc_dev.dv_xname, sc->sc_flags, ifp->if_flags)); 3409 3410 if ((ifp->if_flags & (IFF_RUNNING|IFF_OACTIVE)) != IFF_RUNNING) 3411 return; 3412 3413 /* 3414 * Remember the previous number of free descriptors and 3415 * the first descriptor we'll use. 3416 */ 3417 ofree = sc->sc_txfree; 3418 firsttx = sc->sc_txnext; 3419 3420 DPRINTF2(sc, ("%s: atw_start: txfree %d, txnext %d\n", 3421 sc->sc_dev.dv_xname, ofree, firsttx)); 3422 3423 /* 3424 * Loop through the send queue, setting up transmit descriptors 3425 * until we drain the queue, or use up all available transmit 3426 * descriptors. 3427 */ 3428 while ((txs = SIMPLEQ_FIRST(&sc->sc_txfreeq)) != NULL && 3429 sc->sc_txfree != 0) { 3430 3431 /* 3432 * Grab a packet off the management queue, if it 3433 * is not empty. Otherwise, from the data queue. 3434 */ 3435 IF_DEQUEUE(&ic->ic_mgtq, m0); 3436 if (m0 != NULL) { 3437 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 3438 m0->m_pkthdr.rcvif = NULL; 3439 } else if (ic->ic_state != IEEE80211_S_RUN) 3440 break; /* send no data until associated */ 3441 else { 3442 IFQ_DEQUEUE(&ifp->if_snd, m0); 3443 if (m0 == NULL) 3444 break; 3445 #if NBPFILTER > 0 3446 if (ifp->if_bpf != NULL) 3447 bpf_mtap(ifp->if_bpf, m0); 3448 #endif /* NBPFILTER > 0 */ 3449 ni = ieee80211_find_txnode(ic, 3450 mtod(m0, struct ether_header *)->ether_dhost); 3451 if (ni == NULL) { 3452 ifp->if_oerrors++; 3453 break; 3454 } 3455 if ((m0 = ieee80211_encap(ic, m0, ni)) == NULL) { 3456 ieee80211_free_node(ni); 3457 ifp->if_oerrors++; 3458 break; 3459 } 3460 } 3461 3462 rate = MAX(ieee80211_get_rate(ic), 2); 3463 3464 whm = mtod(m0, struct ieee80211_frame_min *); 3465 3466 do_encrypt = ((whm->i_fc[1] & IEEE80211_FC1_WEP) != 0) ? 1 : 0; 3467 if (do_encrypt) 3468 k = &ic->ic_nw_keys[ic->ic_def_txkey]; 3469 else 3470 k = NULL; 3471 3472 if (ieee80211_compute_duration(whm, k, m0->m_pkthdr.len, 3473 ic->ic_flags, ic->ic_fragthreshold, rate, 3474 &txs->txs_d0, &txs->txs_dn, &npkt, 0) == -1) { 3475 DPRINTF2(sc, ("%s: fail compute duration\n", __func__)); 3476 m_freem(m0); 3477 break; 3478 } 3479 3480 /* XXX Misleading if fragmentation is enabled. Better 3481 * to fragment in software? 3482 */ 3483 *(uint16_t *)whm->i_dur = htole16(txs->txs_d0.d_rts_dur); 3484 3485 #if NBPFILTER > 0 3486 /* 3487 * Pass the packet to any BPF listeners. 3488 */ 3489 if (ic->ic_rawbpf != NULL) 3490 bpf_mtap((caddr_t)ic->ic_rawbpf, m0); 3491 3492 if (sc->sc_radiobpf != NULL) { 3493 struct atw_tx_radiotap_header *tap = &sc->sc_txtap; 3494 3495 tap->at_rate = rate; 3496 tap->at_chan_freq = ic->ic_curchan->ic_freq; 3497 tap->at_chan_flags = ic->ic_curchan->ic_flags; 3498 3499 /* TBD tap->at_flags */ 3500 3501 bpf_mtap2(sc->sc_radiobpf, (caddr_t)tap, 3502 tap->at_ihdr.it_len, m0); 3503 } 3504 #endif /* NBPFILTER > 0 */ 3505 3506 M_PREPEND(m0, offsetof(struct atw_frame, atw_ihdr), M_DONTWAIT); 3507 3508 if (ni != NULL) 3509 ieee80211_free_node(ni); 3510 3511 if (m0 == NULL) { 3512 ifp->if_oerrors++; 3513 break; 3514 } 3515 3516 /* just to make sure. */ 3517 m0 = m_pullup(m0, sizeof(struct atw_frame)); 3518 3519 if (m0 == NULL) { 3520 ifp->if_oerrors++; 3521 break; 3522 } 3523 3524 hh = mtod(m0, struct atw_frame *); 3525 wh = &hh->atw_ihdr; 3526 3527 /* Copy everything we need from the 802.11 header: 3528 * Frame Control; address 1, address 3, or addresses 3529 * 3 and 4. NIC fills in BSSID, SA. 3530 */ 3531 if (wh->i_fc[1] & IEEE80211_FC1_DIR_TODS) { 3532 if (wh->i_fc[1] & IEEE80211_FC1_DIR_FROMDS) 3533 panic("%s: illegal WDS frame", 3534 sc->sc_dev.dv_xname); 3535 memcpy(hh->atw_dst, wh->i_addr3, IEEE80211_ADDR_LEN); 3536 } else 3537 memcpy(hh->atw_dst, wh->i_addr1, IEEE80211_ADDR_LEN); 3538 3539 *(u_int16_t*)hh->atw_fc = *(u_int16_t*)wh->i_fc; 3540 3541 /* initialize remaining Tx parameters */ 3542 memset(&hh->u, 0, sizeof(hh->u)); 3543 3544 hh->atw_rate = rate * 5; 3545 /* XXX this could be incorrect if M_FCS. _encap should 3546 * probably strip FCS just in case it sticks around in 3547 * bridged packets. 3548 */ 3549 hh->atw_service = 0x00; /* XXX guess */ 3550 hh->atw_paylen = htole16(m0->m_pkthdr.len - 3551 sizeof(struct atw_frame)); 3552 3553 hh->atw_fragthr = htole16(ic->ic_fragthreshold); 3554 hh->atw_rtylmt = 3; 3555 hh->atw_hdrctl = htole16(ATW_HDRCTL_UNKNOWN1); 3556 if (do_encrypt) { 3557 hh->atw_hdrctl |= htole16(ATW_HDRCTL_WEP); 3558 hh->atw_keyid = ic->ic_def_txkey; 3559 } 3560 3561 hh->atw_head_plcplen = htole16(txs->txs_d0.d_plcp_len); 3562 hh->atw_tail_plcplen = htole16(txs->txs_dn.d_plcp_len); 3563 if (txs->txs_d0.d_residue) 3564 hh->atw_head_plcplen |= htole16(0x8000); 3565 if (txs->txs_dn.d_residue) 3566 hh->atw_tail_plcplen |= htole16(0x8000); 3567 hh->atw_head_dur = htole16(txs->txs_d0.d_rts_dur); 3568 hh->atw_tail_dur = htole16(txs->txs_dn.d_rts_dur); 3569 3570 /* never fragment multicast frames */ 3571 if (IEEE80211_IS_MULTICAST(hh->atw_dst)) { 3572 hh->atw_fragthr = htole16(ic->ic_fragthreshold); 3573 } else if (sc->sc_flags & ATWF_RTSCTS) { 3574 hh->atw_hdrctl |= htole16(ATW_HDRCTL_RTSCTS); 3575 } 3576 3577 #ifdef ATW_DEBUG 3578 hh->atw_fragnum = 0; 3579 3580 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3581 printf("%s: dst = %s, rate = 0x%02x, " 3582 "service = 0x%02x, paylen = 0x%04x\n", 3583 sc->sc_dev.dv_xname, ether_sprintf(hh->atw_dst), 3584 hh->atw_rate, hh->atw_service, hh->atw_paylen); 3585 3586 printf("%s: fc[0] = 0x%02x, fc[1] = 0x%02x, " 3587 "dur1 = 0x%04x, dur2 = 0x%04x, " 3588 "dur3 = 0x%04x, rts_dur = 0x%04x\n", 3589 sc->sc_dev.dv_xname, hh->atw_fc[0], hh->atw_fc[1], 3590 hh->atw_tail_plcplen, hh->atw_head_plcplen, 3591 hh->atw_tail_dur, hh->atw_head_dur); 3592 3593 printf("%s: hdrctl = 0x%04x, fragthr = 0x%04x, " 3594 "fragnum = 0x%02x, rtylmt = 0x%04x\n", 3595 sc->sc_dev.dv_xname, hh->atw_hdrctl, 3596 hh->atw_fragthr, hh->atw_fragnum, hh->atw_rtylmt); 3597 3598 printf("%s: keyid = %d\n", 3599 sc->sc_dev.dv_xname, hh->atw_keyid); 3600 3601 atw_dump_pkt(ifp, m0); 3602 } 3603 #endif /* ATW_DEBUG */ 3604 3605 dmamap = txs->txs_dmamap; 3606 3607 /* 3608 * Load the DMA map. Copy and try (once) again if the packet 3609 * didn't fit in the alloted number of segments. 3610 */ 3611 for (first = 1; 3612 (error = bus_dmamap_load_mbuf(sc->sc_dmat, dmamap, m0, 3613 BUS_DMA_WRITE|BUS_DMA_NOWAIT)) != 0 && first; 3614 first = 0) { 3615 MGETHDR(m, M_DONTWAIT, MT_DATA); 3616 if (m == NULL) { 3617 printf("%s: unable to allocate Tx mbuf\n", 3618 sc->sc_dev.dv_xname); 3619 break; 3620 } 3621 if (m0->m_pkthdr.len > MHLEN) { 3622 MCLGET(m, M_DONTWAIT); 3623 if ((m->m_flags & M_EXT) == 0) { 3624 printf("%s: unable to allocate Tx " 3625 "cluster\n", sc->sc_dev.dv_xname); 3626 m_freem(m); 3627 break; 3628 } 3629 } 3630 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(m, caddr_t)); 3631 m->m_pkthdr.len = m->m_len = m0->m_pkthdr.len; 3632 m_freem(m0); 3633 m0 = m; 3634 m = NULL; 3635 } 3636 if (error != 0) { 3637 printf("%s: unable to load Tx buffer, " 3638 "error = %d\n", sc->sc_dev.dv_xname, error); 3639 m_freem(m0); 3640 break; 3641 } 3642 3643 /* 3644 * Ensure we have enough descriptors free to describe 3645 * the packet. 3646 */ 3647 if (dmamap->dm_nsegs > sc->sc_txfree) { 3648 /* 3649 * Not enough free descriptors to transmit 3650 * this packet. Unload the DMA map and 3651 * drop the packet. Notify the upper layer 3652 * that there are no more slots left. 3653 * 3654 * XXX We could allocate an mbuf and copy, but 3655 * XXX it is worth it? 3656 */ 3657 bus_dmamap_unload(sc->sc_dmat, dmamap); 3658 m_freem(m0); 3659 break; 3660 } 3661 3662 /* 3663 * WE ARE NOW COMMITTED TO TRANSMITTING THE PACKET. 3664 */ 3665 3666 /* Sync the DMA map. */ 3667 bus_dmamap_sync(sc->sc_dmat, dmamap, 0, dmamap->dm_mapsize, 3668 BUS_DMASYNC_PREWRITE); 3669 3670 /* XXX arbitrary retry limit; 8 because I have seen it in 3671 * use already and maybe 0 means "no tries" ! 3672 */ 3673 ctl = htole32(LSHIFT(8, ATW_TXCTL_TL_MASK)); 3674 3675 DPRINTF2(sc, ("%s: TXDR <- max(10, %d)\n", 3676 sc->sc_dev.dv_xname, rate * 5)); 3677 ctl |= htole32(LSHIFT(MAX(10, rate * 5), ATW_TXCTL_TXDR_MASK)); 3678 3679 /* 3680 * Initialize the transmit descriptors. 3681 */ 3682 for (nexttx = sc->sc_txnext, seg = 0; 3683 seg < dmamap->dm_nsegs; 3684 seg++, nexttx = ATW_NEXTTX(nexttx)) { 3685 /* 3686 * If this is the first descriptor we're 3687 * enqueueing, don't set the OWN bit just 3688 * yet. That could cause a race condition. 3689 * We'll do it below. 3690 */ 3691 txd = &sc->sc_txdescs[nexttx]; 3692 txd->at_ctl = ctl | 3693 ((nexttx == firsttx) ? 0 : htole32(ATW_TXCTL_OWN)); 3694 3695 txd->at_buf1 = htole32(dmamap->dm_segs[seg].ds_addr); 3696 txd->at_flags = 3697 htole32(LSHIFT(dmamap->dm_segs[seg].ds_len, 3698 ATW_TXFLAG_TBS1_MASK)) | 3699 ((nexttx == (ATW_NTXDESC - 1)) 3700 ? htole32(ATW_TXFLAG_TER) : 0); 3701 lasttx = nexttx; 3702 } 3703 3704 IASSERT(lasttx != -1, ("bad lastx")); 3705 /* Set `first segment' and `last segment' appropriately. */ 3706 sc->sc_txdescs[sc->sc_txnext].at_flags |= 3707 htole32(ATW_TXFLAG_FS); 3708 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_LS); 3709 3710 #ifdef ATW_DEBUG 3711 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3712 printf(" txsoft %p transmit chain:\n", txs); 3713 for (seg = sc->sc_txnext;; seg = ATW_NEXTTX(seg)) { 3714 printf(" descriptor %d:\n", seg); 3715 printf(" at_ctl: 0x%08x\n", 3716 le32toh(sc->sc_txdescs[seg].at_ctl)); 3717 printf(" at_flags: 0x%08x\n", 3718 le32toh(sc->sc_txdescs[seg].at_flags)); 3719 printf(" at_buf1: 0x%08x\n", 3720 le32toh(sc->sc_txdescs[seg].at_buf1)); 3721 printf(" at_buf2: 0x%08x\n", 3722 le32toh(sc->sc_txdescs[seg].at_buf2)); 3723 if (seg == lasttx) 3724 break; 3725 } 3726 } 3727 #endif 3728 3729 /* Sync the descriptors we're using. */ 3730 ATW_CDTXSYNC(sc, sc->sc_txnext, dmamap->dm_nsegs, 3731 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3732 3733 /* 3734 * Store a pointer to the packet so we can free it later, 3735 * and remember what txdirty will be once the packet is 3736 * done. 3737 */ 3738 txs->txs_mbuf = m0; 3739 txs->txs_firstdesc = sc->sc_txnext; 3740 txs->txs_lastdesc = lasttx; 3741 txs->txs_ndescs = dmamap->dm_nsegs; 3742 3743 /* Advance the tx pointer. */ 3744 sc->sc_txfree -= dmamap->dm_nsegs; 3745 sc->sc_txnext = nexttx; 3746 3747 SIMPLEQ_REMOVE_HEAD(&sc->sc_txfreeq, txs_q); 3748 SIMPLEQ_INSERT_TAIL(&sc->sc_txdirtyq, txs, txs_q); 3749 3750 last_txs = txs; 3751 } 3752 3753 if (sc->sc_txfree != ofree) { 3754 DPRINTF2(sc, ("%s: packets enqueued, IC on %d, OWN on %d\n", 3755 sc->sc_dev.dv_xname, lasttx, firsttx)); 3756 /* 3757 * Cause a transmit interrupt to happen on the 3758 * last packet we enqueued. 3759 */ 3760 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_IC); 3761 ATW_CDTXSYNC(sc, lasttx, 1, 3762 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3763 3764 /* 3765 * The entire packet chain is set up. Give the 3766 * first descriptor to the chip now. 3767 */ 3768 sc->sc_txdescs[firsttx].at_ctl |= htole32(ATW_TXCTL_OWN); 3769 ATW_CDTXSYNC(sc, firsttx, 1, 3770 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3771 3772 /* Wake up the transmitter. */ 3773 ATW_WRITE(sc, ATW_TDR, 0x1); 3774 3775 if (txs == NULL || sc->sc_txfree == 0) 3776 ifp->if_flags |= IFF_OACTIVE; 3777 3778 /* Set a watchdog timer in case the chip flakes out. */ 3779 sc->sc_tx_timer = 5; 3780 ifp->if_timer = 1; 3781 } 3782 } 3783 3784 /* 3785 * atw_power: 3786 * 3787 * Power management (suspend/resume) hook. 3788 */ 3789 void 3790 atw_power(int why, void *arg) 3791 { 3792 struct atw_softc *sc = arg; 3793 struct ifnet *ifp = &sc->sc_if; 3794 int s; 3795 3796 DPRINTF(sc, ("%s: atw_power(%d,)\n", sc->sc_dev.dv_xname, why)); 3797 3798 s = splnet(); 3799 switch (why) { 3800 case PWR_STANDBY: 3801 /* XXX do nothing. */ 3802 break; 3803 case PWR_SUSPEND: 3804 atw_stop(ifp, 0); 3805 if (sc->sc_power != NULL) 3806 (*sc->sc_power)(sc, why); 3807 break; 3808 case PWR_RESUME: 3809 if (ifp->if_flags & IFF_UP) { 3810 if (sc->sc_power != NULL) 3811 (*sc->sc_power)(sc, why); 3812 atw_init(ifp); 3813 } 3814 break; 3815 case PWR_SOFTSUSPEND: 3816 case PWR_SOFTSTANDBY: 3817 case PWR_SOFTRESUME: 3818 break; 3819 } 3820 splx(s); 3821 } 3822 3823 /* 3824 * atw_ioctl: [ifnet interface function] 3825 * 3826 * Handle control requests from the operator. 3827 */ 3828 int 3829 atw_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3830 { 3831 struct atw_softc *sc = ifp->if_softc; 3832 struct ifreq *ifr = (struct ifreq *)data; 3833 int s, error = 0; 3834 3835 /* XXX monkey see, monkey do. comes from wi_ioctl. */ 3836 if ((sc->sc_dev.dv_flags & DVF_ACTIVE) == 0) 3837 return ENXIO; 3838 3839 s = splnet(); 3840 3841 switch (cmd) { 3842 case SIOCSIFFLAGS: 3843 if (ifp->if_flags & IFF_UP) { 3844 if (ATW_IS_ENABLED(sc)) { 3845 /* 3846 * To avoid rescanning another access point, 3847 * do not call atw_init() here. Instead, 3848 * only reflect media settings. 3849 */ 3850 atw_filter_setup(sc); 3851 } else 3852 error = atw_init(ifp); 3853 } else if (ATW_IS_ENABLED(sc)) 3854 atw_stop(ifp, 1); 3855 break; 3856 case SIOCADDMULTI: 3857 case SIOCDELMULTI: 3858 error = (cmd == SIOCADDMULTI) ? 3859 ether_addmulti(ifr, &sc->sc_ec) : 3860 ether_delmulti(ifr, &sc->sc_ec); 3861 if (error == ENETRESET) { 3862 if (ifp->if_flags & IFF_RUNNING) 3863 atw_filter_setup(sc); /* do not rescan */ 3864 error = 0; 3865 } 3866 break; 3867 default: 3868 error = ieee80211_ioctl(&sc->sc_ic, cmd, data); 3869 if (error == ENETRESET || error == ERESTART) { 3870 if (is_running(ifp)) 3871 error = atw_init(ifp); 3872 else 3873 error = 0; 3874 } 3875 break; 3876 } 3877 3878 /* Try to get more packets going. */ 3879 if (ATW_IS_ENABLED(sc)) 3880 atw_start(ifp); 3881 3882 splx(s); 3883 return (error); 3884 } 3885 3886 static int 3887 atw_media_change(struct ifnet *ifp) 3888 { 3889 int error; 3890 3891 error = ieee80211_media_change(ifp); 3892 if (error == ENETRESET) { 3893 if (is_running(ifp)) 3894 error = atw_init(ifp); 3895 else 3896 error = 0; 3897 } 3898 return error; 3899 } 3900