1 /* $NetBSD: if_iwi.c,v 1.43 2005/12/05 09:24:54 skrll Exp $ */ 2 3 /*- 4 * Copyright (c) 2004, 2005 5 * Damien Bergamini <damien.bergamini@free.fr>. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice unmodified, this list of conditions, and the following 12 * disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 __KERNEL_RCSID(0, "$NetBSD: if_iwi.c,v 1.43 2005/12/05 09:24:54 skrll Exp $"); 32 33 /*- 34 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 35 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 36 */ 37 38 #include "bpfilter.h" 39 40 #include <sys/param.h> 41 #include <sys/sockio.h> 42 #include <sys/sysctl.h> 43 #include <sys/mbuf.h> 44 #include <sys/kernel.h> 45 #include <sys/socket.h> 46 #include <sys/systm.h> 47 #include <sys/malloc.h> 48 #include <sys/conf.h> 49 50 #include <machine/bus.h> 51 #include <machine/endian.h> 52 #include <machine/intr.h> 53 54 #include <dev/pci/pcireg.h> 55 #include <dev/pci/pcivar.h> 56 #include <dev/pci/pcidevs.h> 57 58 #if NBPFILTER > 0 59 #include <net/bpf.h> 60 #endif 61 #include <net/if.h> 62 #include <net/if_arp.h> 63 #include <net/if_dl.h> 64 #include <net/if_ether.h> 65 #include <net/if_media.h> 66 #include <net/if_types.h> 67 68 #include <net80211/ieee80211_var.h> 69 #include <net80211/ieee80211_radiotap.h> 70 71 #include <netinet/in.h> 72 #include <netinet/in_systm.h> 73 #include <netinet/in_var.h> 74 #include <netinet/ip.h> 75 76 #include <crypto/arc4/arc4.h> 77 78 #include <dev/pci/if_iwireg.h> 79 #include <dev/pci/if_iwivar.h> 80 81 #ifdef IWI_DEBUG 82 #define DPRINTF(x) if (iwi_debug > 0) printf x 83 #define DPRINTFN(n, x) if (iwi_debug >= (n)) printf x 84 int iwi_debug = 4; 85 #else 86 #define DPRINTF(x) 87 #define DPRINTFN(n, x) 88 #endif 89 90 static int iwi_match(struct device *, struct cfdata *, void *); 91 static void iwi_attach(struct device *, struct device *, void *); 92 static int iwi_detach(struct device *, int); 93 94 static void iwi_shutdown(void *); 95 static int iwi_suspend(struct iwi_softc *); 96 static int iwi_resume(struct iwi_softc *); 97 static void iwi_powerhook(int, void *); 98 99 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 100 int); 101 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 102 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 103 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 104 int, bus_addr_t, bus_addr_t); 105 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 106 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 107 static struct mbuf * 108 iwi_alloc_rx_buf(struct iwi_softc *sc); 109 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 110 int); 111 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 112 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 113 114 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 115 static void iwi_node_free(struct ieee80211_node *); 116 117 static int iwi_media_change(struct ifnet *); 118 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 119 static int iwi_wme_update(struct ieee80211com *); 120 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 121 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 122 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 123 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 124 struct iwi_frame *); 125 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 126 static void iwi_cmd_intr(struct iwi_softc *); 127 static void iwi_rx_intr(struct iwi_softc *); 128 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 129 static int iwi_intr(void *); 130 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 131 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 132 static int iwi_tx_start(struct ifnet *, struct mbuf *, struct ieee80211_node *, 133 int); 134 static void iwi_start(struct ifnet *); 135 static void iwi_watchdog(struct ifnet *); 136 137 static int iwi_alloc_unr(struct iwi_softc *); 138 static void iwi_free_unr(struct iwi_softc *, int); 139 140 static int iwi_get_table0(struct iwi_softc *, uint32_t *); 141 static int iwi_get_radio(struct iwi_softc *, int *); 142 143 static int iwi_ioctl(struct ifnet *, u_long, caddr_t); 144 static void iwi_stop_master(struct iwi_softc *); 145 static int iwi_reset(struct iwi_softc *); 146 static int iwi_load_ucode(struct iwi_softc *, void *, int); 147 static int iwi_load_firmware(struct iwi_softc *, void *, int); 148 static int iwi_cache_firmware(struct iwi_softc *, void *); 149 static void iwi_free_firmware(struct iwi_softc *); 150 static int iwi_config(struct iwi_softc *); 151 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 152 static int iwi_scan(struct iwi_softc *); 153 static int iwi_auth_and_assoc(struct iwi_softc *); 154 static int iwi_init(struct ifnet *); 155 static void iwi_stop(struct ifnet *, int); 156 static void iwi_led_set(struct iwi_softc *, uint32_t, int); 157 static void iwi_error_log(struct iwi_softc *); 158 159 /* 160 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 161 */ 162 static const struct ieee80211_rateset iwi_rateset_11a = 163 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 164 165 static const struct ieee80211_rateset iwi_rateset_11b = 166 { 4, { 2, 4, 11, 22 } }; 167 168 static const struct ieee80211_rateset iwi_rateset_11g = 169 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 170 171 static __inline uint8_t 172 MEM_READ_1(struct iwi_softc *sc, uint32_t addr) 173 { 174 CSR_WRITE_4(sc, IWI_CSR_INDIRECT_ADDR, addr); 175 return CSR_READ_1(sc, IWI_CSR_INDIRECT_DATA); 176 } 177 178 static __inline uint32_t 179 MEM_READ_4(struct iwi_softc *sc, uint32_t addr) 180 { 181 CSR_WRITE_4(sc, IWI_CSR_INDIRECT_ADDR, addr); 182 return CSR_READ_4(sc, IWI_CSR_INDIRECT_DATA); 183 } 184 185 static void 186 MEM_CPY(struct iwi_softc *sc, void *dst, uint32_t base, size_t sz) 187 { 188 KASSERT(sz % 4 == 0); 189 int j; 190 191 uint32_t *p = dst; 192 193 for (j = 0; j < sz / 4; j++) 194 p[j] = MEM_READ_4(sc, base + j * sizeof(uint32_t)); 195 } 196 197 CFATTACH_DECL(iwi, sizeof (struct iwi_softc), iwi_match, iwi_attach, 198 iwi_detach, NULL); 199 200 static int 201 iwi_match(struct device *parent, struct cfdata *match, void *aux) 202 { 203 struct pci_attach_args *pa = aux; 204 205 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 206 return 0; 207 208 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2200BG || 209 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2225BG || 210 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1 || 211 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2) 212 return 1; 213 214 return 0; 215 } 216 217 /* Base Address Register */ 218 #define IWI_PCI_BAR0 0x10 219 220 static void 221 iwi_attach(struct device *parent, struct device *self, void *aux) 222 { 223 struct iwi_softc *sc = (struct iwi_softc *)self; 224 struct ieee80211com *ic = &sc->sc_ic; 225 struct ifnet *ifp = &sc->sc_if; 226 struct pci_attach_args *pa = aux; 227 const char *intrstr; 228 char devinfo[256]; 229 bus_space_tag_t memt; 230 bus_space_handle_t memh; 231 bus_addr_t base; 232 pci_intr_handle_t ih; 233 pcireg_t data; 234 uint16_t val; 235 int error, revision, i; 236 237 sc->sc_pct = pa->pa_pc; 238 sc->sc_pcitag = pa->pa_tag; 239 240 pci_devinfo(pa->pa_id, pa->pa_class, 0, devinfo, sizeof devinfo); 241 revision = PCI_REVISION(pa->pa_class); 242 aprint_normal(": %s (rev. 0x%02x)\n", devinfo, revision); 243 244 /* clear device specific PCI configuration register 0x41 */ 245 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 246 data &= ~0x0000ff00; 247 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 248 249 /* clear unit numbers allocated to IBSS */ 250 sc->sc_unr = 0; 251 252 /* enable bus-mastering */ 253 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 254 data |= PCI_COMMAND_MASTER_ENABLE; 255 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, data); 256 257 /* map the register window */ 258 error = pci_mapreg_map(pa, IWI_PCI_BAR0, PCI_MAPREG_TYPE_MEM | 259 PCI_MAPREG_MEM_TYPE_32BIT, 0, &memt, &memh, &base, &sc->sc_sz); 260 if (error != 0) { 261 aprint_error("%s: could not map memory space\n", 262 sc->sc_dev.dv_xname); 263 return; 264 } 265 266 sc->sc_st = memt; 267 sc->sc_sh = memh; 268 sc->sc_dmat = pa->pa_dmat; 269 270 /* disable interrupts */ 271 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 272 273 if (pci_intr_map(pa, &ih) != 0) { 274 aprint_error("%s: could not map interrupt\n", 275 sc->sc_dev.dv_xname); 276 return; 277 } 278 279 intrstr = pci_intr_string(sc->sc_pct, ih); 280 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, iwi_intr, sc); 281 if (sc->sc_ih == NULL) { 282 aprint_error("%s: could not establish interrupt", 283 sc->sc_dev.dv_xname); 284 if (intrstr != NULL) 285 aprint_error(" at %s", intrstr); 286 aprint_error("\n"); 287 return; 288 } 289 aprint_normal("%s: interrupting at %s\n", sc->sc_dev.dv_xname, intrstr); 290 291 if (iwi_reset(sc) != 0) { 292 aprint_error("%s: could not reset adapter\n", 293 sc->sc_dev.dv_xname); 294 return; 295 } 296 297 /* 298 * Allocate rings. 299 */ 300 if (iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT) != 0) { 301 aprint_error("%s: could not allocate command ring\n", 302 sc->sc_dev.dv_xname); 303 goto fail; 304 } 305 306 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 307 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 308 if (error != 0) { 309 aprint_error("%s: could not allocate Tx ring 1\n", 310 sc->sc_dev.dv_xname); 311 goto fail; 312 } 313 314 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 315 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 316 if (error != 0) { 317 aprint_error("%s: could not allocate Tx ring 2\n", 318 sc->sc_dev.dv_xname); 319 goto fail; 320 } 321 322 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 323 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 324 if (error != 0) { 325 aprint_error("%s: could not allocate Tx ring 3\n", 326 sc->sc_dev.dv_xname); 327 goto fail; 328 } 329 330 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 331 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 332 if (error != 0) { 333 aprint_error("%s: could not allocate Tx ring 4\n", 334 sc->sc_dev.dv_xname); 335 goto fail; 336 } 337 338 if (iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT) != 0) { 339 aprint_error("%s: could not allocate Rx ring\n", 340 sc->sc_dev.dv_xname); 341 goto fail; 342 } 343 344 ic->ic_ifp = ifp; 345 ic->ic_wme.wme_update = iwi_wme_update; 346 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 347 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 348 ic->ic_state = IEEE80211_S_INIT; 349 350 /* set device capabilities */ 351 ic->ic_caps = 352 IEEE80211_C_IBSS | /* IBSS mode supported */ 353 IEEE80211_C_MONITOR | /* monitor mode supported */ 354 IEEE80211_C_TXPMGT | /* tx power management */ 355 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 356 IEEE80211_C_WPA | /* 802.11i */ 357 IEEE80211_C_WME; /* 802.11e */ 358 359 /* read MAC address from EEPROM */ 360 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 361 ic->ic_myaddr[0] = val & 0xff; 362 ic->ic_myaddr[1] = val >> 8; 363 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 364 ic->ic_myaddr[2] = val & 0xff; 365 ic->ic_myaddr[3] = val >> 8; 366 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 367 ic->ic_myaddr[4] = val & 0xff; 368 ic->ic_myaddr[5] = val >> 8; 369 370 aprint_normal("%s: 802.11 address %s\n", sc->sc_dev.dv_xname, 371 ether_sprintf(ic->ic_myaddr)); 372 373 /* read the NIC type from EEPROM */ 374 val = iwi_read_prom_word(sc, IWI_EEPROM_NIC_TYPE); 375 sc->nictype = val & 0xff; 376 377 DPRINTF(("%s: NIC type %d\n", sc->sc_dev.dv_xname, sc->nictype)); 378 379 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1 || 380 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2) { 381 /* set supported .11a rates (2915ABG only) */ 382 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 383 384 /* set supported .11a channels */ 385 for (i = 36; i <= 64; i += 4) { 386 ic->ic_channels[i].ic_freq = 387 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 388 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 389 } 390 for (i = 149; i <= 165; i += 4) { 391 ic->ic_channels[i].ic_freq = 392 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 393 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 394 } 395 } 396 397 /* set supported .11b and .11g rates */ 398 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 399 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 400 401 /* set supported .11b and .11g channels (1 through 14) */ 402 for (i = 1; i <= 14; i++) { 403 ic->ic_channels[i].ic_freq = 404 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 405 ic->ic_channels[i].ic_flags = 406 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 407 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 408 } 409 410 ifp->if_softc = sc; 411 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 412 ifp->if_init = iwi_init; 413 ifp->if_stop = iwi_stop; 414 ifp->if_ioctl = iwi_ioctl; 415 ifp->if_start = iwi_start; 416 ifp->if_watchdog = iwi_watchdog; 417 IFQ_SET_READY(&ifp->if_snd); 418 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 419 420 if_attach(ifp); 421 ieee80211_ifattach(ic); 422 /* override default methods */ 423 ic->ic_node_alloc = iwi_node_alloc; 424 sc->sc_node_free = ic->ic_node_free; 425 ic->ic_node_free = iwi_node_free; 426 /* override state transition machine */ 427 sc->sc_newstate = ic->ic_newstate; 428 ic->ic_newstate = iwi_newstate; 429 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 430 431 #if NBPFILTER > 0 432 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 433 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 434 435 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 436 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 437 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 438 439 sc->sc_txtap_len = sizeof sc->sc_txtapu; 440 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 441 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 442 #endif 443 444 /* 445 * Make sure the interface is shutdown during reboot. 446 */ 447 sc->sc_sdhook = shutdownhook_establish(iwi_shutdown, sc); 448 if (sc->sc_sdhook == NULL) 449 aprint_error("%s: WARNING: unable to establish shutdown hook\n", 450 sc->sc_dev.dv_xname); 451 sc->sc_powerhook = powerhook_establish(iwi_powerhook, sc); 452 if (sc->sc_powerhook == NULL) 453 printf("%s: WARNING: unable to establish power hook\n", 454 sc->sc_dev.dv_xname); 455 456 ieee80211_announce(ic); 457 /* 458 * Add a few sysctl knobs. 459 * XXX: Not yet. 460 */ 461 sc->dwelltime = 100; 462 sc->bluetooth = 1; 463 sc->antenna = 0; 464 465 return; 466 467 fail: iwi_detach(self, 0); 468 } 469 470 static int 471 iwi_detach(struct device* self, int flags) 472 { 473 struct iwi_softc *sc = (struct iwi_softc *)self; 474 struct ifnet *ifp = &sc->sc_if; 475 476 iwi_stop(ifp, 1); 477 iwi_free_firmware(sc); 478 479 #if NBPFILTER > 0 480 if (ifp != NULL) 481 bpfdetach(ifp); 482 #endif 483 ieee80211_ifdetach(&sc->sc_ic); 484 if (ifp != NULL) 485 if_detach(ifp); 486 487 iwi_free_cmd_ring(sc, &sc->cmdq); 488 iwi_free_tx_ring(sc, &sc->txq[0]); 489 iwi_free_tx_ring(sc, &sc->txq[1]); 490 iwi_free_tx_ring(sc, &sc->txq[2]); 491 iwi_free_tx_ring(sc, &sc->txq[3]); 492 iwi_free_rx_ring(sc, &sc->rxq); 493 494 if (sc->sc_ih != NULL) { 495 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 496 sc->sc_ih = NULL; 497 } 498 499 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 500 501 powerhook_disestablish(sc->sc_powerhook); 502 shutdownhook_disestablish(sc->sc_sdhook); 503 504 return 0; 505 } 506 507 static int 508 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, 509 int count) 510 { 511 int error, nsegs; 512 513 ring->count = count; 514 ring->queued = 0; 515 ring->cur = ring->next = 0; 516 517 /* 518 * Allocate and map command ring 519 */ 520 error = bus_dmamap_create(sc->sc_dmat, 521 IWI_CMD_DESC_SIZE * count, 1, 522 IWI_CMD_DESC_SIZE * count, 0, 523 BUS_DMA_NOWAIT, &ring->desc_map); 524 if (error != 0) { 525 aprint_error("%s: could not create command ring DMA map\n", 526 sc->sc_dev.dv_xname); 527 goto fail; 528 } 529 530 error = bus_dmamem_alloc(sc->sc_dmat, 531 IWI_CMD_DESC_SIZE * count, PAGE_SIZE, 0, 532 &sc->cmdq.desc_seg, 1, &nsegs, BUS_DMA_NOWAIT); 533 if (error != 0) { 534 aprint_error("%s: could not allocate command ring DMA memory\n", 535 sc->sc_dev.dv_xname); 536 goto fail; 537 } 538 539 error = bus_dmamem_map(sc->sc_dmat, &sc->cmdq.desc_seg, nsegs, 540 IWI_CMD_DESC_SIZE * count, 541 (caddr_t *)&sc->cmdq.desc, BUS_DMA_NOWAIT); 542 if (error != 0) { 543 aprint_error("%s: could not map command ring DMA memory\n", 544 sc->sc_dev.dv_xname); 545 goto fail; 546 } 547 548 error = bus_dmamap_load(sc->sc_dmat, sc->cmdq.desc_map, sc->cmdq.desc, 549 IWI_CMD_DESC_SIZE * count, NULL, 550 BUS_DMA_NOWAIT); 551 if (error != 0) { 552 aprint_error("%s: could not load command ring DMA map\n", 553 sc->sc_dev.dv_xname); 554 goto fail; 555 } 556 557 memset(sc->cmdq.desc, 0, 558 IWI_CMD_DESC_SIZE * count); 559 560 return 0; 561 562 fail: iwi_free_cmd_ring(sc, ring); 563 return error; 564 } 565 566 static void 567 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 568 { 569 int i; 570 571 for (i = ring->next; i != ring->cur;) { 572 bus_dmamap_sync(sc->sc_dmat, sc->cmdq.desc_map, 573 i * IWI_CMD_DESC_SIZE, IWI_CMD_DESC_SIZE, 574 BUS_DMASYNC_POSTWRITE); 575 576 wakeup(&ring->desc[i]); 577 i = (i + 1) % ring->count; 578 } 579 580 ring->queued = 0; 581 ring->cur = ring->next = 0; 582 } 583 584 static void 585 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 586 { 587 if (ring->desc_map != NULL) { 588 if (ring->desc != NULL) { 589 bus_dmamap_unload(sc->sc_dmat, ring->desc_map); 590 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc, 591 IWI_CMD_DESC_SIZE * ring->count); 592 bus_dmamem_free(sc->sc_dmat, &ring->desc_seg, 1); 593 } 594 bus_dmamap_destroy(sc->sc_dmat, ring->desc_map); 595 } 596 } 597 598 static int 599 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, 600 int count, bus_addr_t csr_ridx, bus_addr_t csr_widx) 601 { 602 int i, error, nsegs; 603 604 ring->count = count; 605 ring->queued = 0; 606 ring->cur = ring->next = 0; 607 ring->csr_ridx = csr_ridx; 608 ring->csr_widx = csr_widx; 609 610 /* 611 * Allocate and map Tx ring 612 */ 613 error = bus_dmamap_create(sc->sc_dmat, 614 IWI_TX_DESC_SIZE * count, 1, 615 IWI_TX_DESC_SIZE * count, 0, BUS_DMA_NOWAIT, 616 &ring->desc_map); 617 if (error != 0) { 618 aprint_error("%s: could not create tx ring DMA map\n", 619 sc->sc_dev.dv_xname); 620 goto fail; 621 } 622 623 error = bus_dmamem_alloc(sc->sc_dmat, 624 IWI_TX_DESC_SIZE * count, PAGE_SIZE, 0, 625 &ring->desc_seg, 1, &nsegs, BUS_DMA_NOWAIT); 626 if (error != 0) { 627 aprint_error("%s: could not allocate tx ring DMA memory\n", 628 sc->sc_dev.dv_xname); 629 goto fail; 630 } 631 632 error = bus_dmamem_map(sc->sc_dmat, &ring->desc_seg, nsegs, 633 IWI_TX_DESC_SIZE * count, 634 (caddr_t *)&ring->desc, BUS_DMA_NOWAIT); 635 if (error != 0) { 636 aprint_error("%s: could not map tx ring DMA memory\n", 637 sc->sc_dev.dv_xname); 638 goto fail; 639 } 640 641 error = bus_dmamap_load(sc->sc_dmat, ring->desc_map, ring->desc, 642 IWI_TX_DESC_SIZE * count, NULL, 643 BUS_DMA_NOWAIT); 644 if (error != 0) { 645 aprint_error("%s: could not load tx ring DMA map\n", 646 sc->sc_dev.dv_xname); 647 goto fail; 648 } 649 650 memset(ring->desc, 0, IWI_TX_DESC_SIZE * count); 651 652 ring->data = malloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 653 M_NOWAIT | M_ZERO); 654 if (ring->data == NULL) { 655 aprint_error("%s: could not allocate soft data\n", 656 sc->sc_dev.dv_xname); 657 error = ENOMEM; 658 goto fail; 659 } 660 661 /* 662 * Allocate Tx buffers DMA maps 663 */ 664 for (i = 0; i < count; i++) { 665 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, IWI_MAX_NSEG, 666 MCLBYTES, 0, BUS_DMA_NOWAIT, &ring->data[i].map); 667 if (error != 0) { 668 aprint_error("%s: could not create tx buf DMA map", 669 sc->sc_dev.dv_xname); 670 goto fail; 671 } 672 } 673 return 0; 674 675 fail: iwi_free_tx_ring(sc, ring); 676 return error; 677 } 678 679 static void 680 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 681 { 682 struct iwi_tx_data *data; 683 int i; 684 685 for (i = 0; i < ring->count; i++) { 686 data = &ring->data[i]; 687 688 if (data->m != NULL) { 689 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 690 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 691 bus_dmamap_unload(sc->sc_dmat, data->map); 692 m_freem(data->m); 693 data->m = NULL; 694 } 695 696 if (data->ni != NULL) { 697 ieee80211_free_node(data->ni); 698 data->ni = NULL; 699 } 700 } 701 702 ring->queued = 0; 703 ring->cur = ring->next = 0; 704 } 705 706 static void 707 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 708 { 709 int i; 710 711 if (ring->desc_map != NULL) { 712 if (ring->desc != NULL) { 713 bus_dmamap_unload(sc->sc_dmat, ring->desc_map); 714 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc, 715 IWI_TX_DESC_SIZE * ring->count); 716 bus_dmamem_free(sc->sc_dmat, &ring->desc_seg, 1); 717 } 718 bus_dmamap_destroy(sc->sc_dmat, ring->desc_map); 719 } 720 721 for (i = 0; i < ring->count; i++) { 722 if (ring->data[i].m != NULL) { 723 bus_dmamap_unload(sc->sc_dmat, ring->data[i].map); 724 m_freem(ring->data[i].m); 725 } 726 bus_dmamap_destroy(sc->sc_dmat, ring->data[i].map); 727 } 728 } 729 730 static int 731 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, 732 int count) 733 { 734 int i, error; 735 736 ring->count = count; 737 ring->cur = 0; 738 739 ring->data = malloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 740 M_NOWAIT | M_ZERO); 741 if (ring->data == NULL) { 742 aprint_error("%s: could not allocate soft data\n", 743 sc->sc_dev.dv_xname); 744 error = ENOMEM; 745 goto fail; 746 } 747 748 /* 749 * Allocate and map Rx buffers 750 */ 751 for (i = 0; i < count; i++) { 752 753 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 754 0, BUS_DMA_WAITOK | BUS_DMA_ALLOCNOW, &ring->data[i].map); 755 if (error != 0) { 756 aprint_error("%s: could not create rx buf DMA map", 757 sc->sc_dev.dv_xname); 758 goto fail; 759 } 760 761 if ((ring->data[i].m = iwi_alloc_rx_buf(sc)) == NULL) { 762 error = ENOMEM; 763 goto fail; 764 } 765 766 error = bus_dmamap_load_mbuf(sc->sc_dmat, ring->data[i].map, 767 ring->data[i].m, BUS_DMA_READ | BUS_DMA_NOWAIT); 768 if (error != 0) { 769 aprint_error("%s: could not load rx buffer DMA map\n", 770 sc->sc_dev.dv_xname); 771 goto fail; 772 } 773 774 bus_dmamap_sync(sc->sc_dmat, ring->data[i].map, 0, 775 ring->data[i].map->dm_mapsize, BUS_DMASYNC_PREREAD); 776 } 777 778 return 0; 779 780 fail: iwi_free_rx_ring(sc, ring); 781 return error; 782 } 783 784 static void 785 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 786 { 787 ring->cur = 0; 788 } 789 790 static void 791 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 792 { 793 int i; 794 795 for (i = 0; i < ring->count; i++) { 796 if (ring->data[i].m != NULL) { 797 bus_dmamap_unload(sc->sc_dmat, ring->data[i].map); 798 m_freem(ring->data[i].m); 799 } 800 bus_dmamap_destroy(sc->sc_dmat, ring->data[i].map); 801 } 802 } 803 804 static void 805 iwi_shutdown(void *arg) 806 { 807 struct iwi_softc *sc = (struct iwi_softc *)arg; 808 struct ifnet *ifp = sc->sc_ic.ic_ifp; 809 810 iwi_stop(ifp, 1); 811 } 812 813 static int 814 iwi_suspend(struct iwi_softc *sc) 815 { 816 struct ifnet *ifp = sc->sc_ic.ic_ifp; 817 818 iwi_stop(ifp, 1); 819 820 return 0; 821 } 822 823 static int 824 iwi_resume(struct iwi_softc *sc) 825 { 826 struct ifnet *ifp = sc->sc_ic.ic_ifp; 827 pcireg_t data; 828 829 /* clear device specific PCI configuration register 0x41 */ 830 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 831 data &= ~0x0000ff00; 832 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 833 834 if (ifp->if_flags & IFF_UP) { 835 iwi_init(ifp); 836 if (ifp->if_flags & IFF_RUNNING) 837 iwi_start(ifp); 838 } 839 840 return 0; 841 } 842 843 static void 844 iwi_powerhook(int why, void *arg) 845 { 846 struct iwi_softc *sc = arg; 847 int s; 848 849 s = splnet(); 850 switch (why) { 851 case PWR_SUSPEND: 852 case PWR_STANDBY: 853 iwi_suspend(sc); 854 break; 855 case PWR_RESUME: 856 iwi_resume(sc); 857 break; 858 case PWR_SOFTSUSPEND: 859 case PWR_SOFTSTANDBY: 860 case PWR_SOFTRESUME: 861 break; 862 } 863 splx(s); 864 } 865 866 static struct ieee80211_node * 867 iwi_node_alloc(struct ieee80211_node_table *nt) 868 { 869 struct iwi_node *in; 870 871 in = malloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 872 if (in == NULL) 873 return NULL; 874 875 in->in_station = -1; 876 877 return &in->in_node; 878 } 879 880 static int 881 iwi_alloc_unr(struct iwi_softc *sc) 882 { 883 int i; 884 885 for (i = 0; i < IWI_MAX_IBSSNODE - 1; i++) 886 if ((sc->sc_unr & (1 << i)) == 0) { 887 sc->sc_unr |= 1 << i; 888 return i; 889 } 890 891 return -1; 892 } 893 894 static void 895 iwi_free_unr(struct iwi_softc *sc, int r) 896 { 897 898 sc->sc_unr &= 1 << r; 899 } 900 901 static void 902 iwi_node_free(struct ieee80211_node *ni) 903 { 904 struct ieee80211com *ic = ni->ni_ic; 905 struct iwi_softc *sc = ic->ic_ifp->if_softc; 906 struct iwi_node *in = (struct iwi_node *)ni; 907 908 if (in->in_station != -1) 909 iwi_free_unr(sc, in->in_station); 910 911 sc->sc_node_free(ni); 912 } 913 914 static int 915 iwi_media_change(struct ifnet *ifp) 916 { 917 int error; 918 919 error = ieee80211_media_change(ifp); 920 if (error != ENETRESET) 921 return error; 922 923 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 924 iwi_init(ifp); 925 926 return 0; 927 } 928 929 /* 930 * The firmware automatically adapts the transmit speed. We report its current 931 * value here. 932 */ 933 static void 934 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 935 { 936 struct iwi_softc *sc = ifp->if_softc; 937 struct ieee80211com *ic = &sc->sc_ic; 938 #define N(a) (sizeof (a) / sizeof (a[0])) 939 static const struct { 940 uint32_t val; 941 int rate; 942 } rates[] = { 943 { IWI_RATE_DS1, 2 }, 944 { IWI_RATE_DS2, 4 }, 945 { IWI_RATE_DS5, 11 }, 946 { IWI_RATE_DS11, 22 }, 947 { IWI_RATE_OFDM6, 12 }, 948 { IWI_RATE_OFDM9, 18 }, 949 { IWI_RATE_OFDM12, 24 }, 950 { IWI_RATE_OFDM18, 36 }, 951 { IWI_RATE_OFDM24, 48 }, 952 { IWI_RATE_OFDM36, 72 }, 953 { IWI_RATE_OFDM48, 96 }, 954 { IWI_RATE_OFDM54, 108 }, 955 }; 956 uint32_t val; 957 int rate, i; 958 959 imr->ifm_status = IFM_AVALID; 960 imr->ifm_active = IFM_IEEE80211; 961 if (ic->ic_state == IEEE80211_S_RUN) 962 imr->ifm_status |= IFM_ACTIVE; 963 964 /* read current transmission rate from adapter */ 965 val = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE); 966 967 /* convert rate to 802.11 rate */ 968 for (i = 0; i < N(rates) && rates[i].val != val; i++); 969 rate = (i < N(rates)) ? rates[i].rate : 0; 970 971 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 972 switch (ic->ic_opmode) { 973 case IEEE80211_M_STA: 974 break; 975 976 case IEEE80211_M_IBSS: 977 imr->ifm_active |= IFM_IEEE80211_ADHOC; 978 break; 979 980 case IEEE80211_M_MONITOR: 981 imr->ifm_active |= IFM_IEEE80211_MONITOR; 982 break; 983 984 case IEEE80211_M_AHDEMO: 985 case IEEE80211_M_HOSTAP: 986 /* should not get there */ 987 break; 988 } 989 #undef N 990 } 991 992 static int 993 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 994 { 995 struct iwi_softc *sc = ic->ic_ifp->if_softc; 996 997 switch (nstate) { 998 case IEEE80211_S_SCAN: 999 if (sc->flags & IWI_FLAG_SCANNING) 1000 break; 1001 1002 ieee80211_node_table_reset(&ic->ic_scan); 1003 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1004 sc->flags |= IWI_FLAG_SCANNING; 1005 /* blink the led while scanning */ 1006 iwi_led_set(sc, IWI_LED_ASSOCIATED, 1); 1007 iwi_scan(sc); 1008 break; 1009 1010 case IEEE80211_S_AUTH: 1011 iwi_auth_and_assoc(sc); 1012 break; 1013 1014 case IEEE80211_S_RUN: 1015 if (ic->ic_opmode == IEEE80211_M_IBSS) 1016 ieee80211_new_state(ic, IEEE80211_S_AUTH, -1); 1017 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1018 iwi_set_chan(sc, ic->ic_ibss_chan); 1019 1020 return (*sc->sc_newstate)(ic, nstate, 1021 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1022 1023 case IEEE80211_S_ASSOC: 1024 iwi_led_set(sc, IWI_LED_ASSOCIATED, 0); 1025 break; 1026 1027 case IEEE80211_S_INIT: 1028 sc->flags &= ~IWI_FLAG_SCANNING; 1029 return (*sc->sc_newstate)(ic, nstate, arg); 1030 } 1031 1032 ic->ic_state = nstate; 1033 return 0; 1034 } 1035 1036 /* 1037 * WME parameters coming from IEEE 802.11e specification. These values are 1038 * already declared in ieee80211_proto.c, but they are static so they can't 1039 * be reused here. 1040 */ 1041 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1042 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1043 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1044 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1045 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1046 }; 1047 1048 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1049 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1050 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1051 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1052 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1053 }; 1054 1055 static int 1056 iwi_wme_update(struct ieee80211com *ic) 1057 { 1058 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1059 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1060 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1061 struct iwi_wme_params wme[3]; 1062 const struct wmeParams *wmep; 1063 int ac; 1064 1065 /* 1066 * We shall not override firmware default WME values if WME is not 1067 * actually enabled. 1068 */ 1069 if (!(ic->ic_flags & IEEE80211_F_WME)) 1070 return 0; 1071 1072 for (ac = 0; ac < WME_NUM_AC; ac++) { 1073 /* set WME values for current operating mode */ 1074 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1075 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1076 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1077 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1078 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1079 wme[0].acm[ac] = wmep->wmep_acm; 1080 1081 /* set WME values for CCK modulation */ 1082 wmep = &iwi_wme_cck_params[ac]; 1083 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1084 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1085 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1086 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1087 wme[1].acm[ac] = wmep->wmep_acm; 1088 1089 /* set WME values for OFDM modulation */ 1090 wmep = &iwi_wme_ofdm_params[ac]; 1091 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1092 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1093 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1094 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1095 wme[2].acm[ac] = wmep->wmep_acm; 1096 } 1097 1098 DPRINTF(("Setting WME parameters\n")); 1099 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1100 #undef IWI_USEC 1101 #undef IWI_EXP2 1102 } 1103 1104 /* 1105 * Read 16 bits at address 'addr' from the serial EEPROM. 1106 */ 1107 static uint16_t 1108 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1109 { 1110 uint32_t tmp; 1111 uint16_t val; 1112 int n; 1113 1114 /* Clock C once before the first command */ 1115 IWI_EEPROM_CTL(sc, 0); 1116 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1117 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1118 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1119 1120 /* Write start bit (1) */ 1121 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1122 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1123 1124 /* Write READ opcode (10) */ 1125 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1126 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1127 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1128 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1129 1130 /* Write address A7-A0 */ 1131 for (n = 7; n >= 0; n--) { 1132 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1133 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1134 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1135 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1136 } 1137 1138 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1139 1140 /* Read data Q15-Q0 */ 1141 val = 0; 1142 for (n = 15; n >= 0; n--) { 1143 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1144 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1145 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1146 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1147 } 1148 1149 IWI_EEPROM_CTL(sc, 0); 1150 1151 /* Clear Chip Select and clock C */ 1152 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1153 IWI_EEPROM_CTL(sc, 0); 1154 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1155 1156 return val; 1157 } 1158 1159 /* 1160 * XXX: Hack to set the current channel to the value advertised in beacons or 1161 * probe responses. Only used during AP detection. 1162 */ 1163 static void 1164 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1165 { 1166 struct ieee80211_frame *wh; 1167 uint8_t subtype; 1168 uint8_t *frm, *efrm; 1169 1170 wh = mtod(m, struct ieee80211_frame *); 1171 1172 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1173 return; 1174 1175 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1176 1177 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1178 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1179 return; 1180 1181 frm = (uint8_t *)(wh + 1); 1182 efrm = mtod(m, uint8_t *) + m->m_len; 1183 1184 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1185 while (frm < efrm) { 1186 if (*frm == IEEE80211_ELEMID_DSPARMS) 1187 #if IEEE80211_CHAN_MAX < 255 1188 if (frm[2] <= IEEE80211_CHAN_MAX) 1189 #endif 1190 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1191 1192 frm += frm[1] + 2; 1193 } 1194 } 1195 1196 static struct mbuf * 1197 iwi_alloc_rx_buf(struct iwi_softc *sc) 1198 { 1199 struct mbuf *m; 1200 1201 MGETHDR(m, M_DONTWAIT, MT_DATA); 1202 if (m == NULL) { 1203 aprint_error("%s: could not allocate rx mbuf\n", 1204 sc->sc_dev.dv_xname); 1205 return NULL; 1206 } 1207 1208 MCLGET(m, M_DONTWAIT); 1209 if (!(m->m_flags & M_EXT)) { 1210 aprint_error("%s: could not allocate rx mbuf cluster\n", 1211 sc->sc_dev.dv_xname); 1212 m_freem(m); 1213 return NULL; 1214 } 1215 1216 m->m_pkthdr.len = m->m_len = m->m_ext.ext_size; 1217 return m; 1218 } 1219 1220 static void 1221 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1222 struct iwi_frame *frame) 1223 { 1224 struct ieee80211com *ic = &sc->sc_ic; 1225 struct ifnet *ifp = ic->ic_ifp; 1226 struct mbuf *m, *m_new; 1227 struct ieee80211_frame *wh; 1228 struct ieee80211_node *ni; 1229 int error; 1230 1231 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1232 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1233 1234 if (le16toh(frame->len) < sizeof (struct ieee80211_frame) || 1235 le16toh(frame->len) > MCLBYTES) { 1236 DPRINTF(("%s: bad frame length\n", sc->sc_dev.dv_xname)); 1237 ifp->if_ierrors++; 1238 return; 1239 } 1240 1241 /* 1242 * Try to allocate a new mbuf for this ring element and 1243 * load it before processing the current mbuf. If the ring 1244 * element cannot be reloaded, drop the received packet 1245 * and reuse the old mbuf. In the unlikely case that 1246 * the old mbuf can't be reloaded either, explicitly panic. 1247 * 1248 * XXX Reorganize buffer by moving elements from the logical 1249 * end of the ring to the front instead of dropping. 1250 */ 1251 if ((m_new = iwi_alloc_rx_buf(sc)) == NULL) { 1252 ifp->if_ierrors++; 1253 return; 1254 } 1255 1256 bus_dmamap_unload(sc->sc_dmat, data->map); 1257 1258 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m_new, 1259 BUS_DMA_READ | BUS_DMA_NOWAIT); 1260 if (error != 0) { 1261 aprint_error("%s: could not load rx buf DMA map\n", 1262 sc->sc_dev.dv_xname); 1263 m_freem(m_new); 1264 ifp->if_ierrors++; 1265 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, 1266 data->m, BUS_DMA_READ | BUS_DMA_NOWAIT); 1267 if (error) 1268 panic("%s: unable to remap rx buf", 1269 sc->sc_dev.dv_xname); 1270 return; 1271 } 1272 1273 /* 1274 * New mbuf successfully loaded, update RX ring and continue 1275 * processing. 1276 */ 1277 m = data->m; 1278 data->m = m_new; 1279 CSR_WRITE_4(sc, IWI_CSR_RX_BASE + i * 4, data->map->dm_segs[0].ds_addr); 1280 1281 /* Finalize mbuf */ 1282 m->m_pkthdr.rcvif = ifp; 1283 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1284 sizeof (struct iwi_frame) + le16toh(frame->len); 1285 1286 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1287 1288 if (ic->ic_state == IEEE80211_S_SCAN) 1289 iwi_fix_channel(ic, m); 1290 1291 #if NBPFILTER > 0 1292 if (sc->sc_drvbpf != NULL) { 1293 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1294 1295 tap->wr_flags = 0; 1296 tap->wr_rate = frame->rate; 1297 tap->wr_chan_freq = 1298 htole16(ic->ic_channels[frame->chan].ic_freq); 1299 tap->wr_chan_flags = 1300 htole16(ic->ic_channels[frame->chan].ic_flags); 1301 tap->wr_antsignal = frame->signal; 1302 tap->wr_antenna = frame->antenna; 1303 1304 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1305 } 1306 #endif 1307 1308 wh = mtod(m, struct ieee80211_frame *); 1309 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1310 1311 /* Send the frame to the upper layer */ 1312 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1313 1314 /* node is no longer needed */ 1315 ieee80211_free_node(ni); 1316 } 1317 1318 static void 1319 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1320 { 1321 struct ieee80211com *ic = &sc->sc_ic; 1322 struct iwi_notif_scan_channel *chan; 1323 struct iwi_notif_scan_complete *scan; 1324 struct iwi_notif_authentication *auth; 1325 struct iwi_notif_association *assoc; 1326 1327 switch (notif->type) { 1328 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1329 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1330 1331 DPRINTFN(2, ("Finished scanning channel (%u)\n", chan->nchan)); 1332 break; 1333 1334 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1335 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1336 1337 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1338 scan->status)); 1339 1340 /* monitor mode uses scan to set the channel ... */ 1341 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1342 sc->flags &= ~IWI_FLAG_SCANNING; 1343 ieee80211_end_scan(ic); 1344 } else 1345 iwi_set_chan(sc, ic->ic_ibss_chan); 1346 break; 1347 1348 case IWI_NOTIF_TYPE_AUTHENTICATION: 1349 auth = (struct iwi_notif_authentication *)(notif + 1); 1350 1351 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1352 1353 switch (auth->state) { 1354 case IWI_AUTHENTICATED: 1355 ieee80211_node_authorize(ic->ic_bss); 1356 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1357 break; 1358 1359 case IWI_DEAUTHENTICATED: 1360 break; 1361 1362 default: 1363 aprint_error("%s: unknown authentication state %u\n", 1364 sc->sc_dev.dv_xname, auth->state); 1365 } 1366 break; 1367 1368 case IWI_NOTIF_TYPE_ASSOCIATION: 1369 assoc = (struct iwi_notif_association *)(notif + 1); 1370 1371 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1372 assoc->status)); 1373 1374 switch (assoc->state) { 1375 case IWI_AUTHENTICATED: 1376 /* re-association, do nothing */ 1377 break; 1378 1379 case IWI_ASSOCIATED: 1380 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1381 break; 1382 1383 case IWI_DEASSOCIATED: 1384 ieee80211_begin_scan(ic, 1); 1385 break; 1386 1387 default: 1388 aprint_error("%s: unknown association state %u\n", 1389 sc->sc_dev.dv_xname, assoc->state); 1390 } 1391 break; 1392 1393 case IWI_NOTIF_TYPE_CALIBRATION: 1394 case IWI_NOTIF_TYPE_BEACON: 1395 case IWI_NOTIF_TYPE_NOISE: 1396 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1397 break; 1398 1399 default: 1400 aprint_error("%s: unknown notification type %u\n", 1401 sc->sc_dev.dv_xname, notif->type); 1402 } 1403 } 1404 1405 static void 1406 iwi_cmd_intr(struct iwi_softc *sc) 1407 { 1408 uint32_t hw; 1409 1410 hw = CSR_READ_4(sc, IWI_CSR_CMD_RIDX); 1411 1412 for (; sc->cmdq.next != hw;) { 1413 bus_dmamap_sync(sc->sc_dmat, sc->cmdq.desc_map, 1414 sc->cmdq.next * IWI_CMD_DESC_SIZE, IWI_CMD_DESC_SIZE, 1415 BUS_DMASYNC_POSTWRITE); 1416 1417 wakeup(&sc->cmdq.desc[sc->cmdq.next]); 1418 sc->cmdq.next = (sc->cmdq.next + 1) % sc->cmdq.count; 1419 } 1420 } 1421 1422 static void 1423 iwi_rx_intr(struct iwi_softc *sc) 1424 { 1425 struct iwi_rx_data *data; 1426 struct iwi_hdr *hdr; 1427 uint32_t hw; 1428 1429 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1430 1431 for (; sc->rxq.cur != hw;) { 1432 data = &sc->rxq.data[sc->rxq.cur]; 1433 1434 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1435 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1436 1437 hdr = mtod(data->m, struct iwi_hdr *); 1438 1439 switch (hdr->type) { 1440 case IWI_HDR_TYPE_FRAME: 1441 iwi_frame_intr(sc, data, sc->rxq.cur, 1442 (struct iwi_frame *)(hdr + 1)); 1443 break; 1444 1445 case IWI_HDR_TYPE_NOTIF: 1446 iwi_notification_intr(sc, 1447 (struct iwi_notif *)(hdr + 1)); 1448 break; 1449 1450 default: 1451 aprint_error("%s: unknown hdr type %u\n", 1452 sc->sc_dev.dv_xname, hdr->type); 1453 } 1454 1455 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1456 data->map->dm_mapsize, BUS_DMASYNC_PREREAD); 1457 1458 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1459 1460 sc->rxq.cur = (sc->rxq.cur + 1) % sc->rxq.count; 1461 } 1462 1463 1464 /* Tell the firmware what we have processed */ 1465 hw = (hw == 0) ? sc->rxq.count - 1 : hw - 1; 1466 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1467 } 1468 1469 static void 1470 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1471 { 1472 struct ifnet *ifp = &sc->sc_if; 1473 struct iwi_tx_data *data; 1474 uint32_t hw; 1475 1476 hw = CSR_READ_4(sc, txq->csr_ridx); 1477 1478 for (; txq->next != hw;) { 1479 data = &txq->data[txq->next]; 1480 1481 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1482 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1483 bus_dmamap_unload(sc->sc_dmat, data->map); 1484 m_freem(data->m); 1485 data->m = NULL; 1486 ieee80211_free_node(data->ni); 1487 data->ni = NULL; 1488 1489 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1490 1491 ifp->if_opackets++; 1492 1493 txq->queued--; 1494 txq->next = (txq->next + 1) % txq->count; 1495 } 1496 1497 sc->sc_tx_timer = 0; 1498 ifp->if_flags &= ~IFF_OACTIVE; 1499 1500 /* Call start() since some buffer descriptors have been released */ 1501 (*ifp->if_start)(ifp); 1502 } 1503 1504 static int 1505 iwi_intr(void *arg) 1506 { 1507 struct iwi_softc *sc = arg; 1508 uint32_t r; 1509 1510 if ((r = CSR_READ_4(sc, IWI_CSR_INTR)) == 0 || r == 0xffffffff) 1511 return 0; 1512 1513 /* Acknowledge interrupts */ 1514 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1515 1516 if (r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR)) { 1517 aprint_error("%s: fatal error\n", sc->sc_dev.dv_xname); 1518 if (r & IWI_INTR_FATAL_ERROR) 1519 iwi_error_log(sc); 1520 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1521 iwi_stop(&sc->sc_if, 1); 1522 return (1); 1523 } 1524 1525 if (r & IWI_INTR_FW_INITED) { 1526 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1527 wakeup(sc); 1528 } 1529 1530 if (r & IWI_INTR_RADIO_OFF) { 1531 DPRINTF(("radio transmitter off\n")); 1532 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1533 iwi_stop(&sc->sc_if, 1); 1534 return (1); 1535 } 1536 1537 if (r & IWI_INTR_CMD_DONE) 1538 iwi_cmd_intr(sc); 1539 1540 if (r & IWI_INTR_TX1_DONE) 1541 iwi_tx_intr(sc, &sc->txq[0]); 1542 1543 if (r & IWI_INTR_TX2_DONE) 1544 iwi_tx_intr(sc, &sc->txq[1]); 1545 1546 if (r & IWI_INTR_TX3_DONE) 1547 iwi_tx_intr(sc, &sc->txq[2]); 1548 1549 if (r & IWI_INTR_TX4_DONE) 1550 iwi_tx_intr(sc, &sc->txq[3]); 1551 1552 if (r & IWI_INTR_RX_DONE) 1553 iwi_rx_intr(sc); 1554 1555 return 1; 1556 } 1557 1558 static int 1559 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, 1560 int async) 1561 { 1562 struct iwi_cmd_desc *desc; 1563 1564 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1565 1566 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1567 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1568 desc->type = type; 1569 desc->len = len; 1570 memcpy(desc->data, data, len); 1571 1572 bus_dmamap_sync(sc->sc_dmat, sc->cmdq.desc_map, 1573 sc->cmdq.cur * IWI_CMD_DESC_SIZE, 1574 IWI_CMD_DESC_SIZE, BUS_DMASYNC_PREWRITE); 1575 1576 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1577 type, len)); 1578 1579 sc->cmdq.cur = (sc->cmdq.cur + 1) % sc->cmdq.count; 1580 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1581 1582 return async ? 0 : tsleep(desc, 0, "iwicmd", hz); 1583 } 1584 1585 static void 1586 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1587 { 1588 struct iwi_ibssnode node; 1589 1590 /* write node information into NIC memory */ 1591 memset(&node, 0, sizeof node); 1592 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1593 1594 CSR_WRITE_REGION_1(sc, 1595 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1596 (uint8_t *)&node, sizeof node); 1597 } 1598 1599 static int 1600 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1601 int ac) 1602 { 1603 struct iwi_softc *sc = ifp->if_softc; 1604 struct ieee80211com *ic = &sc->sc_ic; 1605 struct iwi_node *in = (struct iwi_node *)ni; 1606 struct ieee80211_frame *wh; 1607 struct ieee80211_key *k; 1608 const struct chanAccParams *cap; 1609 struct iwi_tx_ring *txq = &sc->txq[ac]; 1610 struct iwi_tx_data *data; 1611 struct iwi_tx_desc *desc; 1612 struct mbuf *mnew; 1613 int error, hdrlen, i, noack = 0; 1614 1615 wh = mtod(m0, struct ieee80211_frame *); 1616 1617 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1618 hdrlen = sizeof (struct ieee80211_qosframe); 1619 cap = &ic->ic_wme.wme_chanParams; 1620 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1621 } else 1622 hdrlen = sizeof (struct ieee80211_frame); 1623 1624 /* 1625 * This is only used in IBSS mode where the firmware expect an index 1626 * in a h/w table instead of a destination address. 1627 */ 1628 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1629 in->in_station = iwi_alloc_unr(sc); 1630 1631 if (in->in_station == -1) { /* h/w table is full */ 1632 m_freem(m0); 1633 ieee80211_free_node(ni); 1634 ifp->if_oerrors++; 1635 return 0; 1636 } 1637 iwi_write_ibssnode(sc, in); 1638 } 1639 1640 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1641 k = ieee80211_crypto_encap(ic, ni, m0); 1642 if (k == NULL) { 1643 m_freem(m0); 1644 return ENOBUFS; 1645 } 1646 1647 /* packet header may have moved, reset our local pointer */ 1648 wh = mtod(m0, struct ieee80211_frame *); 1649 } 1650 1651 #if NBPFILTER > 0 1652 if (sc->sc_drvbpf != NULL) { 1653 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1654 1655 tap->wt_flags = 0; 1656 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1657 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1658 1659 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1660 } 1661 #endif 1662 1663 data = &txq->data[txq->cur]; 1664 desc = &txq->desc[txq->cur]; 1665 1666 /* save and trim IEEE802.11 header */ 1667 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1668 m_adj(m0, hdrlen); 1669 1670 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1671 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1672 if (error != 0 && error != EFBIG) { 1673 aprint_error("%s: could not map mbuf (error %d)\n", 1674 sc->sc_dev.dv_xname, error); 1675 m_freem(m0); 1676 return error; 1677 } 1678 if (error != 0) { 1679 /* too many fragments, linearize */ 1680 1681 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1682 if (mnew == NULL) { 1683 m_freem(m0); 1684 return ENOMEM; 1685 } 1686 1687 M_COPY_PKTHDR(mnew, m0); 1688 1689 /* If the data won't fit in the header, get a cluster */ 1690 if (m0->m_pkthdr.len > MHLEN) { 1691 MCLGET(mnew, M_DONTWAIT); 1692 if (!(mnew->m_flags & M_EXT)) { 1693 m_freem(m0); 1694 m_freem(mnew); 1695 return ENOMEM; 1696 } 1697 } 1698 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, caddr_t)); 1699 m_freem(m0); 1700 mnew->m_len = mnew->m_pkthdr.len; 1701 m0 = mnew; 1702 1703 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1704 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1705 if (error != 0) { 1706 aprint_error("%s: could not map mbuf (error %d)\n", 1707 sc->sc_dev.dv_xname, error); 1708 m_freem(m0); 1709 return error; 1710 } 1711 } 1712 1713 data->m = m0; 1714 data->ni = ni; 1715 1716 desc->hdr.type = IWI_HDR_TYPE_DATA; 1717 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1718 desc->station = 1719 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1720 desc->cmd = IWI_DATA_CMD_TX; 1721 desc->len = htole16(m0->m_pkthdr.len); 1722 desc->flags = 0; 1723 desc->xflags = 0; 1724 1725 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1726 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1727 1728 #if 0 1729 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1730 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1731 desc->wep_txkey = ic->ic_crypto.cs_def_txkey; 1732 } else 1733 #endif 1734 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1735 1736 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1737 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1738 1739 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1740 desc->xflags |= IWI_DATA_XFLAG_QOS; 1741 1742 desc->nseg = htole32(data->map->dm_nsegs); 1743 for (i = 0; i < data->map->dm_nsegs; i++) { 1744 desc->seg_addr[i] = htole32(data->map->dm_segs[i].ds_addr); 1745 desc->seg_len[i] = htole16(data->map->dm_segs[i].ds_len); 1746 } 1747 1748 bus_dmamap_sync(sc->sc_dmat, txq->desc_map, 1749 txq->cur * IWI_TX_DESC_SIZE, 1750 IWI_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE); 1751 1752 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1753 BUS_DMASYNC_PREWRITE); 1754 1755 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1756 ac, txq->cur, le16toh(desc->len), le32toh(desc->nseg))); 1757 1758 /* Inform firmware about this new packet */ 1759 txq->queued++; 1760 txq->cur = (txq->cur + 1) % txq->count; 1761 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1762 1763 return 0; 1764 } 1765 1766 static void 1767 iwi_start(struct ifnet *ifp) 1768 { 1769 struct iwi_softc *sc = ifp->if_softc; 1770 struct ieee80211com *ic = &sc->sc_ic; 1771 struct mbuf *m0; 1772 struct ether_header *eh; 1773 struct ieee80211_node *ni; 1774 int ac; 1775 1776 if (ic->ic_state != IEEE80211_S_RUN) 1777 return; 1778 1779 for (;;) { 1780 IF_DEQUEUE(&ifp->if_snd, m0); 1781 if (m0 == NULL) 1782 break; 1783 1784 if (m0->m_len < sizeof (struct ether_header) && 1785 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1786 ifp->if_oerrors++; 1787 continue; 1788 } 1789 1790 eh = mtod(m0, struct ether_header *); 1791 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1792 if (ni == NULL) { 1793 m_freem(m0); 1794 ifp->if_oerrors++; 1795 continue; 1796 } 1797 1798 /* classify mbuf so we can find which tx ring to use */ 1799 if (ieee80211_classify(ic, m0, ni) != 0) { 1800 m_freem(m0); 1801 ieee80211_free_node(ni); 1802 ifp->if_oerrors++; 1803 continue; 1804 } 1805 1806 /* no QoS encapsulation for EAPOL frames */ 1807 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1808 M_WME_GETAC(m0) : WME_AC_BE; 1809 1810 if (sc->txq[ac].queued > sc->txq[ac].count - 8) { 1811 /* there is no place left in this ring */ 1812 IF_PREPEND(&ifp->if_snd, m0); 1813 ifp->if_flags |= IFF_OACTIVE; 1814 break; 1815 } 1816 1817 #if NBPFILTER > 0 1818 if (ifp->if_bpf != NULL) 1819 bpf_mtap(ifp->if_bpf, m0); 1820 #endif 1821 1822 m0 = ieee80211_encap(ic, m0, ni); 1823 if (m0 == NULL) { 1824 ieee80211_free_node(ni); 1825 ifp->if_oerrors++; 1826 continue; 1827 } 1828 1829 #if NBPFILTER > 0 1830 if (ic->ic_rawbpf != NULL) 1831 bpf_mtap(ic->ic_rawbpf, m0); 1832 #endif 1833 1834 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1835 ieee80211_free_node(ni); 1836 ifp->if_oerrors++; 1837 break; 1838 } 1839 1840 /* start watchdog timer */ 1841 sc->sc_tx_timer = 5; 1842 ifp->if_timer = 1; 1843 } 1844 } 1845 1846 static void 1847 iwi_watchdog(struct ifnet *ifp) 1848 { 1849 struct iwi_softc *sc = ifp->if_softc; 1850 1851 ifp->if_timer = 0; 1852 1853 if (sc->sc_tx_timer > 0) { 1854 if (--sc->sc_tx_timer == 0) { 1855 aprint_error("%s: device timeout\n", 1856 sc->sc_dev.dv_xname); 1857 ifp->if_oerrors++; 1858 ifp->if_flags &= ~IFF_UP; 1859 iwi_stop(ifp, 1); 1860 return; 1861 } 1862 ifp->if_timer = 1; 1863 } 1864 1865 ieee80211_watchdog(&sc->sc_ic); 1866 } 1867 1868 static int 1869 iwi_get_table0(struct iwi_softc *sc, uint32_t *tbl) 1870 { 1871 uint32_t size, buf[128]; 1872 1873 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 1874 memset(buf, 0, sizeof buf); 1875 return copyout(buf, tbl, sizeof buf); 1876 } 1877 1878 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 1879 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 1880 1881 return copyout(buf, tbl, sizeof buf); 1882 } 1883 1884 static int 1885 iwi_get_radio(struct iwi_softc *sc, int *ret) 1886 { 1887 int val; 1888 1889 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 1890 return copyout(&val, ret, sizeof val); 1891 } 1892 1893 static int 1894 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1895 { 1896 #define IS_RUNNING(ifp) \ 1897 ((ifp->if_flags & IFF_UP) && (ifp->if_flags & IFF_RUNNING)) 1898 1899 struct iwi_softc *sc = ifp->if_softc; 1900 struct ieee80211com *ic = &sc->sc_ic; 1901 struct ifreq *ifr = (struct ifreq *)data; 1902 int s, error = 0; 1903 1904 s = splnet(); 1905 1906 switch (cmd) { 1907 case SIOCSIFFLAGS: 1908 if (ifp->if_flags & IFF_UP) { 1909 if (!(ifp->if_flags & IFF_RUNNING)) 1910 iwi_init(ifp); 1911 } else { 1912 if (ifp->if_flags & IFF_RUNNING) 1913 iwi_stop(ifp, 1); 1914 } 1915 break; 1916 1917 case SIOCADDMULTI: 1918 case SIOCDELMULTI: 1919 error = (cmd == SIOCADDMULTI) ? 1920 ether_addmulti(ifr, &sc->sc_ec) : 1921 ether_delmulti(ifr, &sc->sc_ec); 1922 if (error == ENETRESET) { 1923 /* setup multicast filter, etc */ 1924 error = 0; 1925 } 1926 break; 1927 1928 case SIOCGTABLE0: 1929 error = iwi_get_table0(sc, (uint32_t *)ifr->ifr_data); 1930 break; 1931 1932 case SIOCGRADIO: 1933 error = iwi_get_radio(sc, (int *)ifr->ifr_data); 1934 break; 1935 1936 case SIOCSLOADFW: 1937 /* only super-user can do that! */ 1938 if ((error = suser(curproc->p_ucred, &curproc->p_acflag)) != 0) 1939 break; 1940 1941 error = iwi_cache_firmware(sc, ifr->ifr_data); 1942 break; 1943 1944 case SIOCSKILLFW: 1945 /* only super-user can do that! */ 1946 if ((error = suser(curproc->p_ucred, &curproc->p_acflag)) != 0) 1947 break; 1948 1949 ifp->if_flags &= ~IFF_UP; 1950 iwi_stop(ifp, 1); 1951 iwi_free_firmware(sc); 1952 break; 1953 1954 default: 1955 error = ieee80211_ioctl(&sc->sc_ic, cmd, data); 1956 1957 if (error == ENETRESET) { 1958 if (IS_RUNNING(ifp) && 1959 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1960 iwi_init(ifp); 1961 error = 0; 1962 } 1963 } 1964 1965 splx(s); 1966 return error; 1967 #undef IS_RUNNING 1968 } 1969 1970 static void 1971 iwi_stop_master(struct iwi_softc *sc) 1972 { 1973 int ntries; 1974 1975 /* Disable interrupts */ 1976 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1977 1978 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 1979 for (ntries = 0; ntries < 5; ntries++) { 1980 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1981 break; 1982 DELAY(10); 1983 } 1984 if (ntries == 5) 1985 aprint_error("%s: timeout waiting for master\n", 1986 sc->sc_dev.dv_xname); 1987 1988 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 1989 IWI_RST_PRINCETON_RESET); 1990 1991 sc->flags &= ~IWI_FLAG_FW_INITED; 1992 } 1993 1994 static int 1995 iwi_reset(struct iwi_softc *sc) 1996 { 1997 int i, ntries; 1998 1999 iwi_stop_master(sc); 2000 2001 /* Move adapter to D0 state */ 2002 CSR_WRITE_4(sc, IWI_CSR_CTL, CSR_READ_4(sc, IWI_CSR_CTL) | 2003 IWI_CTL_INIT); 2004 2005 /* Initialize Phase-Locked Level (PLL) */ 2006 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 2007 2008 /* Wait for clock stabilization */ 2009 for (ntries = 0; ntries < 1000; ntries++) { 2010 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 2011 break; 2012 DELAY(200); 2013 } 2014 if (ntries == 1000) { 2015 aprint_error("%s: timeout waiting for clock stabilization\n", 2016 sc->sc_dev.dv_xname); 2017 return EIO; 2018 } 2019 2020 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2021 IWI_RST_SW_RESET); 2022 2023 DELAY(10); 2024 2025 CSR_WRITE_4(sc, IWI_CSR_CTL, CSR_READ_4(sc, IWI_CSR_CTL) | 2026 IWI_CTL_INIT); 2027 2028 /* Clear NIC memory */ 2029 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2030 for (i = 0; i < 0xc000; i++) 2031 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2032 2033 return 0; 2034 } 2035 2036 static int 2037 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 2038 { 2039 uint16_t *w; 2040 int ntries, i; 2041 2042 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2043 IWI_RST_STOP_MASTER); 2044 for (ntries = 0; ntries < 5; ntries++) { 2045 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2046 break; 2047 DELAY(10); 2048 } 2049 if (ntries == 5) { 2050 aprint_error("%s: timeout waiting for master\n", 2051 sc->sc_dev.dv_xname); 2052 return EIO; 2053 } 2054 2055 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2056 DELAY(5000); 2057 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) & 2058 ~IWI_RST_PRINCETON_RESET); 2059 DELAY(5000); 2060 MEM_WRITE_4(sc, 0x3000e0, 0); 2061 DELAY(1000); 2062 MEM_WRITE_4(sc, 0x300004, 1); 2063 DELAY(1000); 2064 MEM_WRITE_4(sc, 0x300004, 0); 2065 DELAY(1000); 2066 MEM_WRITE_1(sc, 0x200000, 0x00); 2067 MEM_WRITE_1(sc, 0x200000, 0x40); 2068 DELAY(1000); 2069 2070 /* Adapter is buggy, we must set the address for each word */ 2071 for (w = uc; size > 0; w++, size -= 2) 2072 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2073 2074 MEM_WRITE_1(sc, 0x200000, 0x00); 2075 MEM_WRITE_1(sc, 0x200000, 0x80); 2076 2077 /* Wait until we get a response in the uc queue */ 2078 for (ntries = 0; ntries < 100; ntries++) { 2079 if (MEM_READ_1(sc, 0x200000) & 1) 2080 break; 2081 DELAY(100); 2082 } 2083 if (ntries == 100) { 2084 aprint_error("%s: timeout waiting for ucode to initialize\n", 2085 sc->sc_dev.dv_xname); 2086 return EIO; 2087 } 2088 2089 /* Empty the uc queue or the firmware will not initialize properly */ 2090 for (i = 0; i < 7; i++) 2091 MEM_READ_4(sc, 0x200004); 2092 2093 MEM_WRITE_1(sc, 0x200000, 0x00); 2094 2095 return 0; 2096 } 2097 2098 /* macro to handle unaligned little endian data in firmware image */ 2099 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2100 static int 2101 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2102 { 2103 bus_dmamap_t map; 2104 u_char *p, *end; 2105 uint32_t sentinel, ctl, sum; 2106 uint32_t cs, sl, cd, cl; 2107 int ntries, nsegs, error; 2108 int sn; 2109 2110 nsegs = (size + PAGE_SIZE - 1) / PAGE_SIZE; 2111 2112 /* Create a DMA map for the firmware image */ 2113 error = bus_dmamap_create(sc->sc_dmat, size, nsegs, size, 0, 2114 BUS_DMA_NOWAIT, &map); 2115 if (error != 0) { 2116 aprint_error("%s: could not create firmware DMA map\n", 2117 sc->sc_dev.dv_xname); 2118 goto fail1; 2119 } 2120 2121 error = bus_dmamap_load(sc->sc_dmat, map, fw, size, NULL, 2122 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 2123 if (error != 0) { 2124 aprint_error("%s: could not load fw dma map(%d)\n", 2125 sc->sc_dev.dv_xname, error); 2126 goto fail2; 2127 } 2128 2129 /* Make sure the adapter will get up-to-date values */ 2130 bus_dmamap_sync(sc->sc_dmat, map, 0, size, BUS_DMASYNC_PREWRITE); 2131 2132 /* Tell the adapter where the command blocks are stored */ 2133 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2134 2135 /* 2136 * Store command blocks into adapter's internal memory using register 2137 * indirections. The adapter will read the firmware image through DMA 2138 * using information stored in command blocks. 2139 */ 2140 p = fw; 2141 end = p + size; 2142 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2143 2144 sn = 0; 2145 sl = cl = 0; 2146 cs = cd = 0; 2147 while (p < end) { 2148 if (sl == 0) { 2149 cs = map->dm_segs[sn].ds_addr; 2150 sl = map->dm_segs[sn].ds_len; 2151 sn++; 2152 } 2153 if (cl == 0) { 2154 cd = GETLE32(p); p += 4; cs += 4; sl -= 4; 2155 cl = GETLE32(p); p += 4; cs += 4; sl -= 4; 2156 } 2157 while (sl > 0 && cl > 0) { 2158 int len = min(cl, sl); 2159 2160 sl -= len; 2161 cl -= len; 2162 p += len; 2163 2164 while (len > 0) { 2165 int mlen = min(len, IWI_CB_MAXDATALEN); 2166 2167 ctl = IWI_CB_DEFAULT_CTL | mlen; 2168 sum = ctl ^ cs ^ cd; 2169 2170 /* Write a command block */ 2171 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2172 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, cs); 2173 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, cd); 2174 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2175 2176 cs += mlen; 2177 cd += mlen; 2178 len -= mlen; 2179 } 2180 } 2181 } 2182 2183 /* Write a fictive final command block (sentinel) */ 2184 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2185 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2186 2187 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) & 2188 ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER)); 2189 2190 /* Tell the adapter to start processing command blocks */ 2191 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2192 2193 /* Wait until the adapter has processed all command blocks */ 2194 for (ntries = 0; ntries < 400; ntries++) { 2195 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2196 break; 2197 DELAY(100); 2198 } 2199 if (ntries == 400) { 2200 aprint_error("%s: timeout processing cb\n", 2201 sc->sc_dev.dv_xname); 2202 error = EIO; 2203 goto fail3; 2204 } 2205 2206 /* We're done with command blocks processing */ 2207 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2208 2209 /* Allow interrupts so we know when the firmware is inited */ 2210 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2211 2212 /* Tell the adapter to initialize the firmware */ 2213 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2214 CSR_WRITE_4(sc, IWI_CSR_CTL, CSR_READ_4(sc, IWI_CSR_CTL) | 2215 IWI_CTL_ALLOW_STANDBY); 2216 2217 /* Wait at most one second for firmware initialization to complete */ 2218 if ((error = tsleep(sc, 0, "iwiinit", hz)) != 0) { 2219 aprint_error("%s: timeout waiting for firmware initialization " 2220 "to complete\n", sc->sc_dev.dv_xname); 2221 goto fail3; 2222 } 2223 2224 fail3: 2225 bus_dmamap_sync(sc->sc_dmat, map, 0, size, BUS_DMASYNC_POSTWRITE); 2226 bus_dmamap_unload(sc->sc_dmat, map); 2227 fail2: 2228 bus_dmamap_destroy(sc->sc_dmat, map); 2229 2230 fail1: 2231 return error; 2232 } 2233 2234 /* 2235 * Store firmware into kernel memory so we can download it when we need to, 2236 * e.g when the adapter wakes up from suspend mode. 2237 */ 2238 static int 2239 iwi_cache_firmware(struct iwi_softc *sc, void *data) 2240 { 2241 struct iwi_firmware *kfw = &sc->fw; 2242 struct iwi_firmware ufw; 2243 int error; 2244 2245 iwi_free_firmware(sc); 2246 2247 if ((error = copyin(data, &ufw, sizeof ufw)) != 0) 2248 goto fail1; 2249 2250 kfw->boot_size = ufw.boot_size; 2251 kfw->ucode_size = ufw.ucode_size; 2252 kfw->main_size = ufw.main_size; 2253 2254 kfw->boot = malloc(kfw->boot_size, M_DEVBUF, M_NOWAIT); 2255 if (kfw->boot == NULL) { 2256 error = ENOMEM; 2257 goto fail1; 2258 } 2259 2260 kfw->ucode = malloc(kfw->ucode_size, M_DEVBUF, M_NOWAIT); 2261 if (kfw->ucode == NULL) { 2262 error = ENOMEM; 2263 goto fail2; 2264 } 2265 2266 kfw->main = malloc(kfw->main_size, M_DEVBUF, M_NOWAIT); 2267 if (kfw->main == NULL) { 2268 error = ENOMEM; 2269 goto fail3; 2270 } 2271 2272 if ((error = copyin(ufw.boot, kfw->boot, kfw->boot_size)) != 0) 2273 goto fail4; 2274 2275 if ((error = copyin(ufw.ucode, kfw->ucode, kfw->ucode_size)) != 0) 2276 goto fail4; 2277 2278 if ((error = copyin(ufw.main, kfw->main, kfw->main_size)) != 0) 2279 goto fail4; 2280 2281 DPRINTF(("Firmware cached: boot %u, ucode %u, main %u\n", 2282 kfw->boot_size, kfw->ucode_size, kfw->main_size)); 2283 2284 sc->flags |= IWI_FLAG_FW_CACHED; 2285 2286 return 0; 2287 2288 fail4: free(kfw->boot, M_DEVBUF); 2289 fail3: free(kfw->ucode, M_DEVBUF); 2290 fail2: free(kfw->main, M_DEVBUF); 2291 fail1: 2292 return error; 2293 } 2294 2295 static void 2296 iwi_free_firmware(struct iwi_softc *sc) 2297 { 2298 if (!(sc->flags & IWI_FLAG_FW_CACHED)) 2299 return; 2300 2301 free(sc->fw.boot, M_DEVBUF); 2302 free(sc->fw.ucode, M_DEVBUF); 2303 free(sc->fw.main, M_DEVBUF); 2304 2305 sc->flags &= ~IWI_FLAG_FW_CACHED; 2306 } 2307 2308 static int 2309 iwi_config(struct iwi_softc *sc) 2310 { 2311 struct ieee80211com *ic = &sc->sc_ic; 2312 struct ifnet *ifp = &sc->sc_if; 2313 struct iwi_configuration config; 2314 struct iwi_rateset rs; 2315 struct iwi_txpower power; 2316 struct ieee80211_key *wk; 2317 struct iwi_wep_key wepkey; 2318 uint32_t data; 2319 int error, i; 2320 2321 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2322 DPRINTF(("Setting MAC address to %s\n", ether_sprintf(ic->ic_myaddr))); 2323 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2324 IEEE80211_ADDR_LEN, 0); 2325 if (error != 0) 2326 return error; 2327 2328 memset(&config, 0, sizeof config); 2329 config.bluetooth_coexistence = sc->bluetooth; 2330 config.antenna = sc->antenna; 2331 config.multicast_enabled = 1; 2332 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2333 config.disable_unicast_decryption = 1; 2334 config.disable_multicast_decryption = 1; 2335 DPRINTF(("Configuring adapter\n")); 2336 error = iwi_cmd(sc, IWI_CMD_SET_CONFIGURATION, &config, sizeof config, 2337 0); 2338 if (error != 0) 2339 return error; 2340 2341 data = htole32(IWI_POWER_MODE_CAM); 2342 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2343 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2344 if (error != 0) 2345 return error; 2346 2347 data = htole32(ic->ic_rtsthreshold); 2348 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2349 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2350 if (error != 0) 2351 return error; 2352 2353 data = htole32(ic->ic_fragthreshold); 2354 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2355 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2356 if (error != 0) 2357 return error; 2358 2359 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2360 power.mode = IWI_MODE_11B; 2361 power.nchan = 11; 2362 for (i = 0; i < 11; i++) { 2363 power.chan[i].chan = i + 1; 2364 power.chan[i].power = IWI_TXPOWER_MAX; 2365 } 2366 DPRINTF(("Setting .11b channels tx power\n")); 2367 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2368 0); 2369 if (error != 0) 2370 return error; 2371 2372 power.mode = IWI_MODE_11G; 2373 DPRINTF(("Setting .11g channels tx power\n")); 2374 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2375 0); 2376 if (error != 0) 2377 return error; 2378 } 2379 2380 rs.mode = IWI_MODE_11G; 2381 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2382 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2383 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2384 rs.nrates); 2385 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2386 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2387 if (error != 0) 2388 return error; 2389 2390 rs.mode = IWI_MODE_11A; 2391 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2392 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2393 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2394 rs.nrates); 2395 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2396 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2397 if (error != 0) 2398 return error; 2399 2400 /* if we have a desired ESSID, set it now */ 2401 if (ic->ic_des_esslen != 0) { 2402 #ifdef IWI_DEBUG 2403 if (iwi_debug > 0) { 2404 printf("Setting desired ESSID to "); 2405 ieee80211_print_essid(ic->ic_des_essid, 2406 ic->ic_des_esslen); 2407 printf("\n"); 2408 } 2409 #endif 2410 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2411 ic->ic_des_esslen, 0); 2412 if (error != 0) 2413 return error; 2414 } 2415 2416 data = htole32(arc4random()); 2417 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2418 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2419 if (error != 0) 2420 return error; 2421 2422 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2423 wk = &ic->ic_crypto.cs_nw_keys[i]; 2424 2425 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2426 wepkey.idx = i; 2427 wepkey.len = wk->wk_keylen; 2428 memset(wepkey.key, 0, sizeof wepkey.key); 2429 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2430 DPRINTF(("Setting wep key index %u len %u\n", 2431 wepkey.idx, wepkey.len)); 2432 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2433 sizeof wepkey, 0); 2434 if (error != 0) 2435 return error; 2436 } 2437 2438 /* Enable adapter */ 2439 DPRINTF(("Enabling adapter\n")); 2440 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2441 } 2442 2443 static int 2444 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2445 { 2446 struct ieee80211com *ic = &sc->sc_ic; 2447 struct iwi_scan_v2 scan; 2448 2449 (void)memset(&scan, 0, sizeof scan); 2450 2451 scan.dwelltime[IWI_SCAN_TYPE_PASSIVE] = htole16(2000); 2452 scan.channels[0] = 1 | 2453 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2454 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2455 iwi_scan_type_set(scan, 1, IWI_SCAN_TYPE_PASSIVE); 2456 2457 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2458 return iwi_cmd(sc, IWI_CMD_SCAN_V2, &scan, sizeof scan, 1); 2459 } 2460 2461 static int 2462 iwi_scan(struct iwi_softc *sc) 2463 { 2464 struct ieee80211com *ic = &sc->sc_ic; 2465 struct iwi_scan_v2 scan; 2466 uint32_t type; 2467 uint8_t *p; 2468 int i, count, idx; 2469 2470 (void)memset(&scan, 0, sizeof scan); 2471 scan.dwelltime[IWI_SCAN_TYPE_ACTIVE_BROADCAST] = 2472 htole16(sc->dwelltime); 2473 scan.dwelltime[IWI_SCAN_TYPE_ACTIVE_BDIRECT] = 2474 htole16(sc->dwelltime); 2475 2476 /* tell the firmware about the desired essid */ 2477 if (ic->ic_des_esslen) { 2478 int error; 2479 2480 DPRINTF(("%s: Setting adapter desired ESSID to %s\n", 2481 __func__, ic->ic_des_essid)); 2482 2483 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, 2484 ic->ic_des_essid, ic->ic_des_esslen, 1); 2485 if (error) 2486 return error; 2487 2488 type = IWI_SCAN_TYPE_ACTIVE_BDIRECT; 2489 } else { 2490 type = IWI_SCAN_TYPE_ACTIVE_BROADCAST; 2491 } 2492 2493 p = &scan.channels[0]; 2494 count = idx = 0; 2495 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2496 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2497 isset(ic->ic_chan_active, i)) { 2498 *++p = i; 2499 count++; 2500 idx++; 2501 iwi_scan_type_set(scan, idx, type); 2502 } 2503 } 2504 if (count) { 2505 *(p - count) = IWI_CHAN_5GHZ | count; 2506 p++; 2507 } 2508 2509 count = 0; 2510 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2511 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2512 isset(ic->ic_chan_active, i)) { 2513 *++p = i; 2514 count++; 2515 idx++; 2516 iwi_scan_type_set(scan, idx, type); 2517 } 2518 } 2519 *(p - count) = IWI_CHAN_2GHZ | count; 2520 2521 DPRINTF(("Start scanning\n")); 2522 return iwi_cmd(sc, IWI_CMD_SCAN_V2, &scan, sizeof scan, 1); 2523 } 2524 2525 static int 2526 iwi_auth_and_assoc(struct iwi_softc *sc) 2527 { 2528 struct ieee80211com *ic = &sc->sc_ic; 2529 struct ieee80211_node *ni = ic->ic_bss; 2530 struct ifnet *ifp = &sc->sc_if; 2531 struct ieee80211_wme_info wme; 2532 struct iwi_configuration config; 2533 struct iwi_associate assoc; 2534 struct iwi_rateset rs; 2535 uint16_t capinfo; 2536 uint32_t data; 2537 int error; 2538 2539 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2540 memset(&config, 0, sizeof config); 2541 config.bluetooth_coexistence = sc->bluetooth; 2542 config.antenna = sc->antenna; 2543 config.multicast_enabled = 1; 2544 config.use_protection = 1; 2545 config.answer_pbreq = 2546 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2547 config.disable_unicast_decryption = 1; 2548 config.disable_multicast_decryption = 1; 2549 DPRINTF(("Configuring adapter\n")); 2550 error = iwi_cmd(sc, IWI_CMD_SET_CONFIGURATION, &config, 2551 sizeof config, 1); 2552 if (error != 0) 2553 return error; 2554 } 2555 2556 #ifdef IWI_DEBUG 2557 if (iwi_debug > 0) { 2558 printf("Setting ESSID to "); 2559 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2560 printf("\n"); 2561 } 2562 #endif 2563 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2564 if (error != 0) 2565 return error; 2566 2567 /* the rate set has already been "negotiated" */ 2568 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2569 IWI_MODE_11G; 2570 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2571 rs.nrates = ni->ni_rates.rs_nrates; 2572 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2573 DPRINTF(("Setting negotiated rates (%u)\n", rs.nrates)); 2574 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2575 if (error != 0) 2576 return error; 2577 2578 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2579 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2580 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2581 wme.wme_oui[0] = 0x00; 2582 wme.wme_oui[1] = 0x50; 2583 wme.wme_oui[2] = 0xf2; 2584 wme.wme_type = WME_OUI_TYPE; 2585 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2586 wme.wme_version = WME_VERSION; 2587 wme.wme_info = 0; 2588 2589 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2590 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2591 if (error != 0) 2592 return error; 2593 } 2594 2595 if (ic->ic_opt_ie != NULL) { 2596 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2597 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2598 ic->ic_opt_ie_len, 1); 2599 if (error != 0) 2600 return error; 2601 } 2602 data = htole32(ni->ni_rssi); 2603 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2604 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2605 if (error != 0) 2606 return error; 2607 2608 memset(&assoc, 0, sizeof assoc); 2609 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2610 IWI_MODE_11G; 2611 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2612 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2613 assoc.auth = (ic->ic_crypto.cs_def_txkey << 4) | IWI_AUTH_SHARED; 2614 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2615 assoc.policy |= htole16(IWI_POLICY_WME); 2616 if (ic->ic_opt_ie != NULL) 2617 assoc.policy |= htole16(IWI_POLICY_WPA); 2618 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2619 2620 if (ic->ic_opmode == IEEE80211_M_IBSS) 2621 capinfo = IEEE80211_CAPINFO_IBSS; 2622 else 2623 capinfo = IEEE80211_CAPINFO_ESS; 2624 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2625 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2626 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2627 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2628 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2629 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2630 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2631 assoc.capinfo = htole16(capinfo); 2632 2633 assoc.lintval = htole16(ic->ic_lintval); 2634 assoc.intval = htole16(ni->ni_intval); 2635 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2636 if (ic->ic_opmode == IEEE80211_M_IBSS) 2637 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2638 else 2639 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2640 DPRINTF(("Trying to associate to %s channel %u auth %u\n", 2641 ether_sprintf(assoc.bssid), assoc.chan, assoc.auth)); 2642 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2643 } 2644 2645 static int 2646 iwi_init(struct ifnet *ifp) 2647 { 2648 struct iwi_softc *sc = ifp->if_softc; 2649 struct ieee80211com *ic = &sc->sc_ic; 2650 struct iwi_firmware *fw = &sc->fw; 2651 int i, error; 2652 2653 /* exit immediately if firmware has not been ioctl'd */ 2654 if (!(sc->flags & IWI_FLAG_FW_CACHED)) { 2655 if (!(sc->flags & IWI_FLAG_FW_WARNED)) 2656 aprint_error("%s: Firmware not loaded\n", 2657 sc->sc_dev.dv_xname); 2658 sc->flags |= IWI_FLAG_FW_WARNED; 2659 ifp->if_flags &= ~IFF_UP; 2660 return EIO; 2661 } 2662 2663 iwi_stop(ifp, 0); 2664 2665 if ((error = iwi_reset(sc)) != 0) { 2666 aprint_error("%s: could not reset adapter\n", 2667 sc->sc_dev.dv_xname); 2668 goto fail; 2669 } 2670 2671 if ((error = iwi_load_firmware(sc, fw->boot, fw->boot_size)) != 0) { 2672 aprint_error("%s: could not load boot firmware\n", 2673 sc->sc_dev.dv_xname); 2674 goto fail; 2675 } 2676 2677 if ((error = iwi_load_ucode(sc, fw->ucode, fw->ucode_size)) != 0) { 2678 aprint_error("%s: could not load microcode\n", 2679 sc->sc_dev.dv_xname); 2680 goto fail; 2681 } 2682 2683 iwi_stop_master(sc); 2684 2685 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.desc_map->dm_segs[0].ds_addr); 2686 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2687 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2688 2689 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].desc_map->dm_segs[0].ds_addr); 2690 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2691 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2692 2693 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].desc_map->dm_segs[0].ds_addr); 2694 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2695 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2696 2697 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].desc_map->dm_segs[0].ds_addr); 2698 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2699 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2700 2701 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].desc_map->dm_segs[0].ds_addr); 2702 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2703 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2704 2705 for (i = 0; i < sc->rxq.count; i++) 2706 CSR_WRITE_4(sc, IWI_CSR_RX_BASE + i * 4, 2707 sc->rxq.data[i].map->dm_segs[0].ds_addr); 2708 2709 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count -1); 2710 2711 if ((error = iwi_load_firmware(sc, fw->main, fw->main_size)) != 0) { 2712 aprint_error("%s: could not load main firmware\n", 2713 sc->sc_dev.dv_xname); 2714 goto fail; 2715 } 2716 2717 sc->flags |= IWI_FLAG_FW_INITED; 2718 2719 if ((error = iwi_config(sc)) != 0) { 2720 aprint_error("%s: device configuration failed\n", 2721 sc->sc_dev.dv_xname); 2722 goto fail; 2723 } 2724 2725 ic->ic_state = IEEE80211_S_INIT; 2726 2727 ifp->if_flags &= ~IFF_OACTIVE; 2728 ifp->if_flags |= IFF_RUNNING; 2729 2730 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2731 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2732 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2733 } else 2734 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2735 2736 return 0; 2737 2738 fail: ifp->if_flags &= ~IFF_UP; 2739 iwi_stop(ifp, 0); 2740 2741 return error; 2742 } 2743 2744 static void 2745 iwi_stop(struct ifnet *ifp, int disable) 2746 { 2747 struct iwi_softc *sc = ifp->if_softc; 2748 struct ieee80211com *ic = &sc->sc_ic; 2749 2750 IWI_LED_OFF(sc); 2751 2752 iwi_stop_master(sc); 2753 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SW_RESET); 2754 2755 /* reset rings */ 2756 iwi_reset_cmd_ring(sc, &sc->cmdq); 2757 iwi_reset_tx_ring(sc, &sc->txq[0]); 2758 iwi_reset_tx_ring(sc, &sc->txq[1]); 2759 iwi_reset_tx_ring(sc, &sc->txq[2]); 2760 iwi_reset_tx_ring(sc, &sc->txq[3]); 2761 iwi_reset_rx_ring(sc, &sc->rxq); 2762 2763 ifp->if_timer = 0; 2764 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2765 2766 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2767 } 2768 2769 static void 2770 iwi_led_set(struct iwi_softc *sc, uint32_t state, int toggle) 2771 { 2772 uint32_t val; 2773 2774 val = MEM_READ_4(sc, IWI_MEM_EVENT_CTL); 2775 2776 switch (sc->nictype) { 2777 case 1: 2778 /* special NIC type: reversed leds */ 2779 if (state == IWI_LED_ACTIVITY) { 2780 state &= ~IWI_LED_ACTIVITY; 2781 state |= IWI_LED_ASSOCIATED; 2782 } else if (state == IWI_LED_ASSOCIATED) { 2783 state &= ~IWI_LED_ASSOCIATED; 2784 state |= IWI_LED_ACTIVITY; 2785 } 2786 /* and ignore toggle effect */ 2787 val |= state; 2788 break; 2789 case 0: 2790 case 2: 2791 case 3: 2792 case 4: 2793 val = (toggle && (val & state)) ? val & ~state : val | state; 2794 break; 2795 default: 2796 aprint_normal("%s: unknown NIC type %d\n", 2797 sc->sc_dev.dv_xname, sc->nictype); 2798 return; 2799 break; 2800 } 2801 2802 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, val); 2803 2804 return; 2805 } 2806 2807 static void 2808 iwi_error_log(struct iwi_softc *sc) 2809 { 2810 uint32_t b, n; 2811 int i; 2812 2813 static const char *const msg[] = { 2814 "no error", 2815 "failed", 2816 "memory range low", 2817 "memory range high", 2818 "bad parameter", 2819 "checksum", 2820 "NMI", 2821 "bad database", 2822 "allocation failed", 2823 "DMA underrun", 2824 "DMA status", 2825 "DINO", 2826 "EEPROM", 2827 "device assert", 2828 "fatal" 2829 }; 2830 2831 b = CSR_READ_4(sc, IWI_CSR_ERRORLOG); 2832 n = MEM_READ_4(sc, b); 2833 2834 b += 4; 2835 2836 for (i = 0; i < n ; i++) { 2837 struct iwi_error fw_error; 2838 2839 MEM_CPY(sc, &fw_error, b, sizeof(fw_error)); 2840 2841 printf("%s: %s\n", sc->sc_dev.dv_xname, 2842 msg[fw_error.type]); 2843 2844 b += sizeof(fw_error); 2845 } 2846 } 2847