1 /* $NetBSD: if_iwi.c,v 1.46 2006/03/09 16:02:55 jmcneill Exp $ */ 2 3 /*- 4 * Copyright (c) 2004, 2005 5 * Damien Bergamini <damien.bergamini@free.fr>. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice unmodified, this list of conditions, and the following 12 * disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 __KERNEL_RCSID(0, "$NetBSD: if_iwi.c,v 1.46 2006/03/09 16:02:55 jmcneill Exp $"); 32 33 /*- 34 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 35 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 36 */ 37 38 #include "bpfilter.h" 39 40 #include <sys/param.h> 41 #include <sys/sockio.h> 42 #include <sys/sysctl.h> 43 #include <sys/mbuf.h> 44 #include <sys/kernel.h> 45 #include <sys/socket.h> 46 #include <sys/systm.h> 47 #include <sys/malloc.h> 48 #include <sys/conf.h> 49 50 #include <machine/bus.h> 51 #include <machine/endian.h> 52 #include <machine/intr.h> 53 54 #include <dev/pci/pcireg.h> 55 #include <dev/pci/pcivar.h> 56 #include <dev/pci/pcidevs.h> 57 58 #if NBPFILTER > 0 59 #include <net/bpf.h> 60 #endif 61 #include <net/if.h> 62 #include <net/if_arp.h> 63 #include <net/if_dl.h> 64 #include <net/if_ether.h> 65 #include <net/if_media.h> 66 #include <net/if_types.h> 67 68 #include <net80211/ieee80211_var.h> 69 #include <net80211/ieee80211_radiotap.h> 70 71 #include <netinet/in.h> 72 #include <netinet/in_systm.h> 73 #include <netinet/in_var.h> 74 #include <netinet/ip.h> 75 76 #include <crypto/arc4/arc4.h> 77 78 #include <dev/pci/if_iwireg.h> 79 #include <dev/pci/if_iwivar.h> 80 81 #ifdef IWI_DEBUG 82 #define DPRINTF(x) if (iwi_debug > 0) printf x 83 #define DPRINTFN(n, x) if (iwi_debug >= (n)) printf x 84 int iwi_debug = 4; 85 #else 86 #define DPRINTF(x) 87 #define DPRINTFN(n, x) 88 #endif 89 90 static int iwi_match(struct device *, struct cfdata *, void *); 91 static void iwi_attach(struct device *, struct device *, void *); 92 static int iwi_detach(struct device *, int); 93 94 static void iwi_shutdown(void *); 95 static int iwi_suspend(struct iwi_softc *); 96 static int iwi_resume(struct iwi_softc *); 97 static void iwi_powerhook(int, void *); 98 99 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 100 int); 101 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 102 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 103 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 104 int, bus_addr_t, bus_addr_t); 105 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 106 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 107 static struct mbuf * 108 iwi_alloc_rx_buf(struct iwi_softc *sc); 109 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 110 int); 111 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 112 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 113 114 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 115 static void iwi_node_free(struct ieee80211_node *); 116 117 static int iwi_media_change(struct ifnet *); 118 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 119 static int iwi_wme_update(struct ieee80211com *); 120 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 121 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 122 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 123 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 124 struct iwi_frame *); 125 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 126 static void iwi_cmd_intr(struct iwi_softc *); 127 static void iwi_rx_intr(struct iwi_softc *); 128 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 129 static int iwi_intr(void *); 130 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 131 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 132 static int iwi_tx_start(struct ifnet *, struct mbuf *, struct ieee80211_node *, 133 int); 134 static void iwi_start(struct ifnet *); 135 static void iwi_watchdog(struct ifnet *); 136 137 static int iwi_alloc_unr(struct iwi_softc *); 138 static void iwi_free_unr(struct iwi_softc *, int); 139 140 static int iwi_get_table0(struct iwi_softc *, uint32_t *); 141 static int iwi_get_radio(struct iwi_softc *, int *); 142 143 static int iwi_ioctl(struct ifnet *, u_long, caddr_t); 144 static void iwi_stop_master(struct iwi_softc *); 145 static int iwi_reset(struct iwi_softc *); 146 static int iwi_load_ucode(struct iwi_softc *, void *, int); 147 static int iwi_load_firmware(struct iwi_softc *, void *, int); 148 static int iwi_cache_firmware(struct iwi_softc *, void *); 149 static void iwi_free_firmware(struct iwi_softc *); 150 static int iwi_config(struct iwi_softc *); 151 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 152 static int iwi_scan(struct iwi_softc *); 153 static int iwi_auth_and_assoc(struct iwi_softc *); 154 static int iwi_init(struct ifnet *); 155 static void iwi_stop(struct ifnet *, int); 156 static void iwi_led_set(struct iwi_softc *, uint32_t, int); 157 static void iwi_error_log(struct iwi_softc *); 158 159 /* 160 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 161 */ 162 static const struct ieee80211_rateset iwi_rateset_11a = 163 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 164 165 static const struct ieee80211_rateset iwi_rateset_11b = 166 { 4, { 2, 4, 11, 22 } }; 167 168 static const struct ieee80211_rateset iwi_rateset_11g = 169 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 170 171 static inline uint8_t 172 MEM_READ_1(struct iwi_softc *sc, uint32_t addr) 173 { 174 CSR_WRITE_4(sc, IWI_CSR_INDIRECT_ADDR, addr); 175 return CSR_READ_1(sc, IWI_CSR_INDIRECT_DATA); 176 } 177 178 static inline uint32_t 179 MEM_READ_4(struct iwi_softc *sc, uint32_t addr) 180 { 181 CSR_WRITE_4(sc, IWI_CSR_INDIRECT_ADDR, addr); 182 return CSR_READ_4(sc, IWI_CSR_INDIRECT_DATA); 183 } 184 185 static void 186 MEM_CPY(struct iwi_softc *sc, void *dst, uint32_t base, size_t sz) 187 { 188 KASSERT(sz % 4 == 0); 189 int j; 190 191 uint32_t *p = dst; 192 193 for (j = 0; j < sz / 4; j++) 194 p[j] = MEM_READ_4(sc, base + j * sizeof(uint32_t)); 195 } 196 197 CFATTACH_DECL(iwi, sizeof (struct iwi_softc), iwi_match, iwi_attach, 198 iwi_detach, NULL); 199 200 static int 201 iwi_match(struct device *parent, struct cfdata *match, void *aux) 202 { 203 struct pci_attach_args *pa = aux; 204 205 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 206 return 0; 207 208 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2200BG || 209 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2225BG || 210 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1 || 211 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2) 212 return 1; 213 214 return 0; 215 } 216 217 /* Base Address Register */ 218 #define IWI_PCI_BAR0 0x10 219 220 static void 221 iwi_attach(struct device *parent, struct device *self, void *aux) 222 { 223 struct iwi_softc *sc = (struct iwi_softc *)self; 224 struct ieee80211com *ic = &sc->sc_ic; 225 struct ifnet *ifp = &sc->sc_if; 226 struct pci_attach_args *pa = aux; 227 const char *intrstr; 228 char devinfo[256]; 229 bus_space_tag_t memt; 230 bus_space_handle_t memh; 231 bus_addr_t base; 232 pci_intr_handle_t ih; 233 pcireg_t data; 234 uint16_t val; 235 int error, revision, i; 236 237 sc->sc_pct = pa->pa_pc; 238 sc->sc_pcitag = pa->pa_tag; 239 240 pci_devinfo(pa->pa_id, pa->pa_class, 0, devinfo, sizeof devinfo); 241 revision = PCI_REVISION(pa->pa_class); 242 aprint_normal(": %s (rev. 0x%02x)\n", devinfo, revision); 243 244 /* clear device specific PCI configuration register 0x41 */ 245 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 246 data &= ~0x0000ff00; 247 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 248 249 /* clear unit numbers allocated to IBSS */ 250 sc->sc_unr = 0; 251 252 /* enable bus-mastering */ 253 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 254 data |= PCI_COMMAND_MASTER_ENABLE; 255 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, data); 256 257 /* map the register window */ 258 error = pci_mapreg_map(pa, IWI_PCI_BAR0, PCI_MAPREG_TYPE_MEM | 259 PCI_MAPREG_MEM_TYPE_32BIT, 0, &memt, &memh, &base, &sc->sc_sz); 260 if (error != 0) { 261 aprint_error("%s: could not map memory space\n", 262 sc->sc_dev.dv_xname); 263 return; 264 } 265 266 sc->sc_st = memt; 267 sc->sc_sh = memh; 268 sc->sc_dmat = pa->pa_dmat; 269 270 /* disable interrupts */ 271 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 272 273 if (pci_intr_map(pa, &ih) != 0) { 274 aprint_error("%s: could not map interrupt\n", 275 sc->sc_dev.dv_xname); 276 return; 277 } 278 279 intrstr = pci_intr_string(sc->sc_pct, ih); 280 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, iwi_intr, sc); 281 if (sc->sc_ih == NULL) { 282 aprint_error("%s: could not establish interrupt", 283 sc->sc_dev.dv_xname); 284 if (intrstr != NULL) 285 aprint_error(" at %s", intrstr); 286 aprint_error("\n"); 287 return; 288 } 289 aprint_normal("%s: interrupting at %s\n", sc->sc_dev.dv_xname, intrstr); 290 291 if (iwi_reset(sc) != 0) { 292 aprint_error("%s: could not reset adapter\n", 293 sc->sc_dev.dv_xname); 294 return; 295 } 296 297 /* 298 * Allocate rings. 299 */ 300 if (iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT) != 0) { 301 aprint_error("%s: could not allocate command ring\n", 302 sc->sc_dev.dv_xname); 303 goto fail; 304 } 305 306 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 307 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 308 if (error != 0) { 309 aprint_error("%s: could not allocate Tx ring 1\n", 310 sc->sc_dev.dv_xname); 311 goto fail; 312 } 313 314 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 315 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 316 if (error != 0) { 317 aprint_error("%s: could not allocate Tx ring 2\n", 318 sc->sc_dev.dv_xname); 319 goto fail; 320 } 321 322 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 323 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 324 if (error != 0) { 325 aprint_error("%s: could not allocate Tx ring 3\n", 326 sc->sc_dev.dv_xname); 327 goto fail; 328 } 329 330 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 331 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 332 if (error != 0) { 333 aprint_error("%s: could not allocate Tx ring 4\n", 334 sc->sc_dev.dv_xname); 335 goto fail; 336 } 337 338 if (iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT) != 0) { 339 aprint_error("%s: could not allocate Rx ring\n", 340 sc->sc_dev.dv_xname); 341 goto fail; 342 } 343 344 ic->ic_ifp = ifp; 345 ic->ic_wme.wme_update = iwi_wme_update; 346 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 347 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 348 ic->ic_state = IEEE80211_S_INIT; 349 350 /* set device capabilities */ 351 ic->ic_caps = 352 IEEE80211_C_IBSS | /* IBSS mode supported */ 353 IEEE80211_C_MONITOR | /* monitor mode supported */ 354 IEEE80211_C_TXPMGT | /* tx power management */ 355 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 356 IEEE80211_C_WPA | /* 802.11i */ 357 IEEE80211_C_WME; /* 802.11e */ 358 359 /* read MAC address from EEPROM */ 360 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 361 ic->ic_myaddr[0] = val & 0xff; 362 ic->ic_myaddr[1] = val >> 8; 363 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 364 ic->ic_myaddr[2] = val & 0xff; 365 ic->ic_myaddr[3] = val >> 8; 366 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 367 ic->ic_myaddr[4] = val & 0xff; 368 ic->ic_myaddr[5] = val >> 8; 369 370 aprint_normal("%s: 802.11 address %s\n", sc->sc_dev.dv_xname, 371 ether_sprintf(ic->ic_myaddr)); 372 373 /* read the NIC type from EEPROM */ 374 val = iwi_read_prom_word(sc, IWI_EEPROM_NIC_TYPE); 375 sc->nictype = val & 0xff; 376 377 DPRINTF(("%s: NIC type %d\n", sc->sc_dev.dv_xname, sc->nictype)); 378 379 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1 || 380 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2) { 381 /* set supported .11a rates (2915ABG only) */ 382 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 383 384 /* set supported .11a channels */ 385 for (i = 36; i <= 64; i += 4) { 386 ic->ic_channels[i].ic_freq = 387 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 388 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 389 } 390 for (i = 149; i <= 165; i += 4) { 391 ic->ic_channels[i].ic_freq = 392 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 393 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 394 } 395 } 396 397 /* set supported .11b and .11g rates */ 398 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 399 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 400 401 /* set supported .11b and .11g channels (1 through 14) */ 402 for (i = 1; i <= 14; i++) { 403 ic->ic_channels[i].ic_freq = 404 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 405 ic->ic_channels[i].ic_flags = 406 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 407 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 408 } 409 410 ifp->if_softc = sc; 411 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 412 ifp->if_init = iwi_init; 413 ifp->if_stop = iwi_stop; 414 ifp->if_ioctl = iwi_ioctl; 415 ifp->if_start = iwi_start; 416 ifp->if_watchdog = iwi_watchdog; 417 IFQ_SET_READY(&ifp->if_snd); 418 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 419 420 if_attach(ifp); 421 ieee80211_ifattach(ic); 422 /* override default methods */ 423 ic->ic_node_alloc = iwi_node_alloc; 424 sc->sc_node_free = ic->ic_node_free; 425 ic->ic_node_free = iwi_node_free; 426 /* override state transition machine */ 427 sc->sc_newstate = ic->ic_newstate; 428 ic->ic_newstate = iwi_newstate; 429 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 430 431 #if NBPFILTER > 0 432 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 433 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 434 435 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 436 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 437 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 438 439 sc->sc_txtap_len = sizeof sc->sc_txtapu; 440 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 441 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 442 #endif 443 444 /* 445 * Make sure the interface is shutdown during reboot. 446 */ 447 sc->sc_sdhook = shutdownhook_establish(iwi_shutdown, sc); 448 if (sc->sc_sdhook == NULL) 449 aprint_error("%s: WARNING: unable to establish shutdown hook\n", 450 sc->sc_dev.dv_xname); 451 sc->sc_powerhook = powerhook_establish(iwi_powerhook, sc); 452 if (sc->sc_powerhook == NULL) 453 printf("%s: WARNING: unable to establish power hook\n", 454 sc->sc_dev.dv_xname); 455 456 ieee80211_announce(ic); 457 /* 458 * Add a few sysctl knobs. 459 * XXX: Not yet. 460 */ 461 sc->dwelltime = 100; 462 sc->bluetooth = 1; 463 sc->antenna = 0; 464 465 return; 466 467 fail: iwi_detach(self, 0); 468 } 469 470 static int 471 iwi_detach(struct device* self, int flags) 472 { 473 struct iwi_softc *sc = (struct iwi_softc *)self; 474 struct ifnet *ifp = &sc->sc_if; 475 476 iwi_stop(ifp, 1); 477 iwi_free_firmware(sc); 478 479 #if NBPFILTER > 0 480 if (ifp != NULL) 481 bpfdetach(ifp); 482 #endif 483 ieee80211_ifdetach(&sc->sc_ic); 484 if (ifp != NULL) 485 if_detach(ifp); 486 487 iwi_free_cmd_ring(sc, &sc->cmdq); 488 iwi_free_tx_ring(sc, &sc->txq[0]); 489 iwi_free_tx_ring(sc, &sc->txq[1]); 490 iwi_free_tx_ring(sc, &sc->txq[2]); 491 iwi_free_tx_ring(sc, &sc->txq[3]); 492 iwi_free_rx_ring(sc, &sc->rxq); 493 494 if (sc->sc_ih != NULL) { 495 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 496 sc->sc_ih = NULL; 497 } 498 499 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 500 501 powerhook_disestablish(sc->sc_powerhook); 502 shutdownhook_disestablish(sc->sc_sdhook); 503 504 return 0; 505 } 506 507 static int 508 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, 509 int count) 510 { 511 int error, nsegs; 512 513 ring->count = count; 514 ring->queued = 0; 515 ring->cur = ring->next = 0; 516 517 /* 518 * Allocate and map command ring 519 */ 520 error = bus_dmamap_create(sc->sc_dmat, 521 IWI_CMD_DESC_SIZE * count, 1, 522 IWI_CMD_DESC_SIZE * count, 0, 523 BUS_DMA_NOWAIT, &ring->desc_map); 524 if (error != 0) { 525 aprint_error("%s: could not create command ring DMA map\n", 526 sc->sc_dev.dv_xname); 527 goto fail; 528 } 529 530 error = bus_dmamem_alloc(sc->sc_dmat, 531 IWI_CMD_DESC_SIZE * count, PAGE_SIZE, 0, 532 &sc->cmdq.desc_seg, 1, &nsegs, BUS_DMA_NOWAIT); 533 if (error != 0) { 534 aprint_error("%s: could not allocate command ring DMA memory\n", 535 sc->sc_dev.dv_xname); 536 goto fail; 537 } 538 539 error = bus_dmamem_map(sc->sc_dmat, &sc->cmdq.desc_seg, nsegs, 540 IWI_CMD_DESC_SIZE * count, 541 (caddr_t *)&sc->cmdq.desc, BUS_DMA_NOWAIT); 542 if (error != 0) { 543 aprint_error("%s: could not map command ring DMA memory\n", 544 sc->sc_dev.dv_xname); 545 goto fail; 546 } 547 548 error = bus_dmamap_load(sc->sc_dmat, sc->cmdq.desc_map, sc->cmdq.desc, 549 IWI_CMD_DESC_SIZE * count, NULL, 550 BUS_DMA_NOWAIT); 551 if (error != 0) { 552 aprint_error("%s: could not load command ring DMA map\n", 553 sc->sc_dev.dv_xname); 554 goto fail; 555 } 556 557 memset(sc->cmdq.desc, 0, 558 IWI_CMD_DESC_SIZE * count); 559 560 return 0; 561 562 fail: iwi_free_cmd_ring(sc, ring); 563 return error; 564 } 565 566 static void 567 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 568 { 569 int i; 570 571 for (i = ring->next; i != ring->cur;) { 572 bus_dmamap_sync(sc->sc_dmat, sc->cmdq.desc_map, 573 i * IWI_CMD_DESC_SIZE, IWI_CMD_DESC_SIZE, 574 BUS_DMASYNC_POSTWRITE); 575 576 wakeup(&ring->desc[i]); 577 i = (i + 1) % ring->count; 578 } 579 580 ring->queued = 0; 581 ring->cur = ring->next = 0; 582 } 583 584 static void 585 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 586 { 587 if (ring->desc_map != NULL) { 588 if (ring->desc != NULL) { 589 bus_dmamap_unload(sc->sc_dmat, ring->desc_map); 590 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc, 591 IWI_CMD_DESC_SIZE * ring->count); 592 bus_dmamem_free(sc->sc_dmat, &ring->desc_seg, 1); 593 } 594 bus_dmamap_destroy(sc->sc_dmat, ring->desc_map); 595 } 596 } 597 598 static int 599 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, 600 int count, bus_addr_t csr_ridx, bus_addr_t csr_widx) 601 { 602 int i, error, nsegs; 603 604 ring->count = count; 605 ring->queued = 0; 606 ring->cur = ring->next = 0; 607 ring->csr_ridx = csr_ridx; 608 ring->csr_widx = csr_widx; 609 610 /* 611 * Allocate and map Tx ring 612 */ 613 error = bus_dmamap_create(sc->sc_dmat, 614 IWI_TX_DESC_SIZE * count, 1, 615 IWI_TX_DESC_SIZE * count, 0, BUS_DMA_NOWAIT, 616 &ring->desc_map); 617 if (error != 0) { 618 aprint_error("%s: could not create tx ring DMA map\n", 619 sc->sc_dev.dv_xname); 620 goto fail; 621 } 622 623 error = bus_dmamem_alloc(sc->sc_dmat, 624 IWI_TX_DESC_SIZE * count, PAGE_SIZE, 0, 625 &ring->desc_seg, 1, &nsegs, BUS_DMA_NOWAIT); 626 if (error != 0) { 627 aprint_error("%s: could not allocate tx ring DMA memory\n", 628 sc->sc_dev.dv_xname); 629 goto fail; 630 } 631 632 error = bus_dmamem_map(sc->sc_dmat, &ring->desc_seg, nsegs, 633 IWI_TX_DESC_SIZE * count, 634 (caddr_t *)&ring->desc, BUS_DMA_NOWAIT); 635 if (error != 0) { 636 aprint_error("%s: could not map tx ring DMA memory\n", 637 sc->sc_dev.dv_xname); 638 goto fail; 639 } 640 641 error = bus_dmamap_load(sc->sc_dmat, ring->desc_map, ring->desc, 642 IWI_TX_DESC_SIZE * count, NULL, 643 BUS_DMA_NOWAIT); 644 if (error != 0) { 645 aprint_error("%s: could not load tx ring DMA map\n", 646 sc->sc_dev.dv_xname); 647 goto fail; 648 } 649 650 memset(ring->desc, 0, IWI_TX_DESC_SIZE * count); 651 652 ring->data = malloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 653 M_NOWAIT | M_ZERO); 654 if (ring->data == NULL) { 655 aprint_error("%s: could not allocate soft data\n", 656 sc->sc_dev.dv_xname); 657 error = ENOMEM; 658 goto fail; 659 } 660 661 /* 662 * Allocate Tx buffers DMA maps 663 */ 664 for (i = 0; i < count; i++) { 665 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, IWI_MAX_NSEG, 666 MCLBYTES, 0, BUS_DMA_NOWAIT, &ring->data[i].map); 667 if (error != 0) { 668 aprint_error("%s: could not create tx buf DMA map", 669 sc->sc_dev.dv_xname); 670 goto fail; 671 } 672 } 673 return 0; 674 675 fail: iwi_free_tx_ring(sc, ring); 676 return error; 677 } 678 679 static void 680 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 681 { 682 struct iwi_tx_data *data; 683 int i; 684 685 for (i = 0; i < ring->count; i++) { 686 data = &ring->data[i]; 687 688 if (data->m != NULL) { 689 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 690 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 691 bus_dmamap_unload(sc->sc_dmat, data->map); 692 m_freem(data->m); 693 data->m = NULL; 694 } 695 696 if (data->ni != NULL) { 697 ieee80211_free_node(data->ni); 698 data->ni = NULL; 699 } 700 } 701 702 ring->queued = 0; 703 ring->cur = ring->next = 0; 704 } 705 706 static void 707 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 708 { 709 int i; 710 711 if (ring->desc_map != NULL) { 712 if (ring->desc != NULL) { 713 bus_dmamap_unload(sc->sc_dmat, ring->desc_map); 714 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc, 715 IWI_TX_DESC_SIZE * ring->count); 716 bus_dmamem_free(sc->sc_dmat, &ring->desc_seg, 1); 717 } 718 bus_dmamap_destroy(sc->sc_dmat, ring->desc_map); 719 } 720 721 for (i = 0; i < ring->count; i++) { 722 if (ring->data[i].m != NULL) { 723 bus_dmamap_unload(sc->sc_dmat, ring->data[i].map); 724 m_freem(ring->data[i].m); 725 } 726 bus_dmamap_destroy(sc->sc_dmat, ring->data[i].map); 727 } 728 } 729 730 static int 731 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, 732 int count) 733 { 734 int i, error; 735 736 ring->count = count; 737 ring->cur = 0; 738 739 ring->data = malloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 740 M_NOWAIT | M_ZERO); 741 if (ring->data == NULL) { 742 aprint_error("%s: could not allocate soft data\n", 743 sc->sc_dev.dv_xname); 744 error = ENOMEM; 745 goto fail; 746 } 747 748 /* 749 * Allocate and map Rx buffers 750 */ 751 for (i = 0; i < count; i++) { 752 753 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 754 0, BUS_DMA_WAITOK | BUS_DMA_ALLOCNOW, &ring->data[i].map); 755 if (error != 0) { 756 aprint_error("%s: could not create rx buf DMA map", 757 sc->sc_dev.dv_xname); 758 goto fail; 759 } 760 761 if ((ring->data[i].m = iwi_alloc_rx_buf(sc)) == NULL) { 762 error = ENOMEM; 763 goto fail; 764 } 765 766 error = bus_dmamap_load_mbuf(sc->sc_dmat, ring->data[i].map, 767 ring->data[i].m, BUS_DMA_READ | BUS_DMA_NOWAIT); 768 if (error != 0) { 769 aprint_error("%s: could not load rx buffer DMA map\n", 770 sc->sc_dev.dv_xname); 771 goto fail; 772 } 773 774 bus_dmamap_sync(sc->sc_dmat, ring->data[i].map, 0, 775 ring->data[i].map->dm_mapsize, BUS_DMASYNC_PREREAD); 776 } 777 778 return 0; 779 780 fail: iwi_free_rx_ring(sc, ring); 781 return error; 782 } 783 784 static void 785 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 786 { 787 ring->cur = 0; 788 } 789 790 static void 791 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 792 { 793 int i; 794 795 for (i = 0; i < ring->count; i++) { 796 if (ring->data[i].m != NULL) { 797 bus_dmamap_unload(sc->sc_dmat, ring->data[i].map); 798 m_freem(ring->data[i].m); 799 } 800 bus_dmamap_destroy(sc->sc_dmat, ring->data[i].map); 801 } 802 } 803 804 static void 805 iwi_shutdown(void *arg) 806 { 807 struct iwi_softc *sc = (struct iwi_softc *)arg; 808 struct ifnet *ifp = sc->sc_ic.ic_ifp; 809 810 iwi_stop(ifp, 1); 811 } 812 813 static int 814 iwi_suspend(struct iwi_softc *sc) 815 { 816 struct ifnet *ifp = sc->sc_ic.ic_ifp; 817 818 iwi_stop(ifp, 1); 819 820 return 0; 821 } 822 823 static int 824 iwi_resume(struct iwi_softc *sc) 825 { 826 struct ifnet *ifp = sc->sc_ic.ic_ifp; 827 pcireg_t data; 828 829 /* clear device specific PCI configuration register 0x41 */ 830 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 831 data &= ~0x0000ff00; 832 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 833 834 if (ifp->if_flags & IFF_UP) { 835 iwi_init(ifp); 836 if (ifp->if_flags & IFF_RUNNING) 837 iwi_start(ifp); 838 } 839 840 return 0; 841 } 842 843 static void 844 iwi_powerhook(int why, void *arg) 845 { 846 struct iwi_softc *sc = arg; 847 pci_chipset_tag_t pc = sc->sc_pct; 848 pcitag_t tag = sc->sc_pcitag; 849 int s; 850 851 s = splnet(); 852 switch (why) { 853 case PWR_SUSPEND: 854 case PWR_STANDBY: 855 pci_conf_capture(pc, tag, &sc->sc_pciconf); 856 break; 857 case PWR_RESUME: 858 pci_conf_restore(pc, tag, &sc->sc_pciconf); 859 break; 860 case PWR_SOFTSUSPEND: 861 case PWR_SOFTSTANDBY: 862 iwi_suspend(sc); 863 break; 864 case PWR_SOFTRESUME: 865 iwi_resume(sc); 866 break; 867 } 868 splx(s); 869 } 870 871 static struct ieee80211_node * 872 iwi_node_alloc(struct ieee80211_node_table *nt) 873 { 874 struct iwi_node *in; 875 876 in = malloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 877 if (in == NULL) 878 return NULL; 879 880 in->in_station = -1; 881 882 return &in->in_node; 883 } 884 885 static int 886 iwi_alloc_unr(struct iwi_softc *sc) 887 { 888 int i; 889 890 for (i = 0; i < IWI_MAX_IBSSNODE - 1; i++) 891 if ((sc->sc_unr & (1 << i)) == 0) { 892 sc->sc_unr |= 1 << i; 893 return i; 894 } 895 896 return -1; 897 } 898 899 static void 900 iwi_free_unr(struct iwi_softc *sc, int r) 901 { 902 903 sc->sc_unr &= 1 << r; 904 } 905 906 static void 907 iwi_node_free(struct ieee80211_node *ni) 908 { 909 struct ieee80211com *ic = ni->ni_ic; 910 struct iwi_softc *sc = ic->ic_ifp->if_softc; 911 struct iwi_node *in = (struct iwi_node *)ni; 912 913 if (in->in_station != -1) 914 iwi_free_unr(sc, in->in_station); 915 916 sc->sc_node_free(ni); 917 } 918 919 static int 920 iwi_media_change(struct ifnet *ifp) 921 { 922 int error; 923 924 error = ieee80211_media_change(ifp); 925 if (error != ENETRESET) 926 return error; 927 928 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 929 iwi_init(ifp); 930 931 return 0; 932 } 933 934 /* 935 * The firmware automatically adapts the transmit speed. We report its current 936 * value here. 937 */ 938 static void 939 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 940 { 941 struct iwi_softc *sc = ifp->if_softc; 942 struct ieee80211com *ic = &sc->sc_ic; 943 #define N(a) (sizeof (a) / sizeof (a[0])) 944 static const struct { 945 uint32_t val; 946 int rate; 947 } rates[] = { 948 { IWI_RATE_DS1, 2 }, 949 { IWI_RATE_DS2, 4 }, 950 { IWI_RATE_DS5, 11 }, 951 { IWI_RATE_DS11, 22 }, 952 { IWI_RATE_OFDM6, 12 }, 953 { IWI_RATE_OFDM9, 18 }, 954 { IWI_RATE_OFDM12, 24 }, 955 { IWI_RATE_OFDM18, 36 }, 956 { IWI_RATE_OFDM24, 48 }, 957 { IWI_RATE_OFDM36, 72 }, 958 { IWI_RATE_OFDM48, 96 }, 959 { IWI_RATE_OFDM54, 108 }, 960 }; 961 uint32_t val; 962 int rate, i; 963 964 imr->ifm_status = IFM_AVALID; 965 imr->ifm_active = IFM_IEEE80211; 966 if (ic->ic_state == IEEE80211_S_RUN) 967 imr->ifm_status |= IFM_ACTIVE; 968 969 /* read current transmission rate from adapter */ 970 val = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE); 971 972 /* convert rate to 802.11 rate */ 973 for (i = 0; i < N(rates) && rates[i].val != val; i++); 974 rate = (i < N(rates)) ? rates[i].rate : 0; 975 976 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 977 switch (ic->ic_opmode) { 978 case IEEE80211_M_STA: 979 break; 980 981 case IEEE80211_M_IBSS: 982 imr->ifm_active |= IFM_IEEE80211_ADHOC; 983 break; 984 985 case IEEE80211_M_MONITOR: 986 imr->ifm_active |= IFM_IEEE80211_MONITOR; 987 break; 988 989 case IEEE80211_M_AHDEMO: 990 case IEEE80211_M_HOSTAP: 991 /* should not get there */ 992 break; 993 } 994 #undef N 995 } 996 997 static int 998 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 999 { 1000 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1001 1002 switch (nstate) { 1003 case IEEE80211_S_SCAN: 1004 if (sc->flags & IWI_FLAG_SCANNING) 1005 break; 1006 1007 ieee80211_node_table_reset(&ic->ic_scan); 1008 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1009 sc->flags |= IWI_FLAG_SCANNING; 1010 /* blink the led while scanning */ 1011 iwi_led_set(sc, IWI_LED_ASSOCIATED, 1); 1012 iwi_scan(sc); 1013 break; 1014 1015 case IEEE80211_S_AUTH: 1016 iwi_auth_and_assoc(sc); 1017 break; 1018 1019 case IEEE80211_S_RUN: 1020 if (ic->ic_opmode == IEEE80211_M_IBSS) 1021 ieee80211_new_state(ic, IEEE80211_S_AUTH, -1); 1022 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1023 iwi_set_chan(sc, ic->ic_ibss_chan); 1024 1025 return (*sc->sc_newstate)(ic, nstate, 1026 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1027 1028 case IEEE80211_S_ASSOC: 1029 iwi_led_set(sc, IWI_LED_ASSOCIATED, 0); 1030 break; 1031 1032 case IEEE80211_S_INIT: 1033 sc->flags &= ~IWI_FLAG_SCANNING; 1034 return (*sc->sc_newstate)(ic, nstate, arg); 1035 } 1036 1037 ic->ic_state = nstate; 1038 return 0; 1039 } 1040 1041 /* 1042 * WME parameters coming from IEEE 802.11e specification. These values are 1043 * already declared in ieee80211_proto.c, but they are static so they can't 1044 * be reused here. 1045 */ 1046 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1047 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1048 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1049 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1050 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1051 }; 1052 1053 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1054 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1055 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1056 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1057 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1058 }; 1059 1060 static int 1061 iwi_wme_update(struct ieee80211com *ic) 1062 { 1063 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1064 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1065 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1066 struct iwi_wme_params wme[3]; 1067 const struct wmeParams *wmep; 1068 int ac; 1069 1070 /* 1071 * We shall not override firmware default WME values if WME is not 1072 * actually enabled. 1073 */ 1074 if (!(ic->ic_flags & IEEE80211_F_WME)) 1075 return 0; 1076 1077 for (ac = 0; ac < WME_NUM_AC; ac++) { 1078 /* set WME values for current operating mode */ 1079 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1080 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1081 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1082 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1083 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1084 wme[0].acm[ac] = wmep->wmep_acm; 1085 1086 /* set WME values for CCK modulation */ 1087 wmep = &iwi_wme_cck_params[ac]; 1088 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1089 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1090 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1091 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1092 wme[1].acm[ac] = wmep->wmep_acm; 1093 1094 /* set WME values for OFDM modulation */ 1095 wmep = &iwi_wme_ofdm_params[ac]; 1096 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1097 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1098 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1099 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1100 wme[2].acm[ac] = wmep->wmep_acm; 1101 } 1102 1103 DPRINTF(("Setting WME parameters\n")); 1104 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1105 #undef IWI_USEC 1106 #undef IWI_EXP2 1107 } 1108 1109 /* 1110 * Read 16 bits at address 'addr' from the serial EEPROM. 1111 */ 1112 static uint16_t 1113 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1114 { 1115 uint32_t tmp; 1116 uint16_t val; 1117 int n; 1118 1119 /* Clock C once before the first command */ 1120 IWI_EEPROM_CTL(sc, 0); 1121 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1122 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1123 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1124 1125 /* Write start bit (1) */ 1126 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1127 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1128 1129 /* Write READ opcode (10) */ 1130 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1131 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1132 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1133 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1134 1135 /* Write address A7-A0 */ 1136 for (n = 7; n >= 0; n--) { 1137 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1138 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1139 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1140 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1141 } 1142 1143 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1144 1145 /* Read data Q15-Q0 */ 1146 val = 0; 1147 for (n = 15; n >= 0; n--) { 1148 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1149 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1150 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1151 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1152 } 1153 1154 IWI_EEPROM_CTL(sc, 0); 1155 1156 /* Clear Chip Select and clock C */ 1157 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1158 IWI_EEPROM_CTL(sc, 0); 1159 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1160 1161 return val; 1162 } 1163 1164 /* 1165 * XXX: Hack to set the current channel to the value advertised in beacons or 1166 * probe responses. Only used during AP detection. 1167 */ 1168 static void 1169 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1170 { 1171 struct ieee80211_frame *wh; 1172 uint8_t subtype; 1173 uint8_t *frm, *efrm; 1174 1175 wh = mtod(m, struct ieee80211_frame *); 1176 1177 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1178 return; 1179 1180 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1181 1182 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1183 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1184 return; 1185 1186 frm = (uint8_t *)(wh + 1); 1187 efrm = mtod(m, uint8_t *) + m->m_len; 1188 1189 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1190 while (frm < efrm) { 1191 if (*frm == IEEE80211_ELEMID_DSPARMS) 1192 #if IEEE80211_CHAN_MAX < 255 1193 if (frm[2] <= IEEE80211_CHAN_MAX) 1194 #endif 1195 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1196 1197 frm += frm[1] + 2; 1198 } 1199 } 1200 1201 static struct mbuf * 1202 iwi_alloc_rx_buf(struct iwi_softc *sc) 1203 { 1204 struct mbuf *m; 1205 1206 MGETHDR(m, M_DONTWAIT, MT_DATA); 1207 if (m == NULL) { 1208 aprint_error("%s: could not allocate rx mbuf\n", 1209 sc->sc_dev.dv_xname); 1210 return NULL; 1211 } 1212 1213 MCLGET(m, M_DONTWAIT); 1214 if (!(m->m_flags & M_EXT)) { 1215 aprint_error("%s: could not allocate rx mbuf cluster\n", 1216 sc->sc_dev.dv_xname); 1217 m_freem(m); 1218 return NULL; 1219 } 1220 1221 m->m_pkthdr.len = m->m_len = m->m_ext.ext_size; 1222 return m; 1223 } 1224 1225 static void 1226 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1227 struct iwi_frame *frame) 1228 { 1229 struct ieee80211com *ic = &sc->sc_ic; 1230 struct ifnet *ifp = ic->ic_ifp; 1231 struct mbuf *m, *m_new; 1232 struct ieee80211_frame *wh; 1233 struct ieee80211_node *ni; 1234 int error; 1235 1236 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1237 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1238 1239 if (le16toh(frame->len) < sizeof (struct ieee80211_frame) || 1240 le16toh(frame->len) > MCLBYTES) { 1241 DPRINTF(("%s: bad frame length\n", sc->sc_dev.dv_xname)); 1242 ifp->if_ierrors++; 1243 return; 1244 } 1245 1246 /* 1247 * Try to allocate a new mbuf for this ring element and 1248 * load it before processing the current mbuf. If the ring 1249 * element cannot be reloaded, drop the received packet 1250 * and reuse the old mbuf. In the unlikely case that 1251 * the old mbuf can't be reloaded either, explicitly panic. 1252 * 1253 * XXX Reorganize buffer by moving elements from the logical 1254 * end of the ring to the front instead of dropping. 1255 */ 1256 if ((m_new = iwi_alloc_rx_buf(sc)) == NULL) { 1257 ifp->if_ierrors++; 1258 return; 1259 } 1260 1261 bus_dmamap_unload(sc->sc_dmat, data->map); 1262 1263 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m_new, 1264 BUS_DMA_READ | BUS_DMA_NOWAIT); 1265 if (error != 0) { 1266 aprint_error("%s: could not load rx buf DMA map\n", 1267 sc->sc_dev.dv_xname); 1268 m_freem(m_new); 1269 ifp->if_ierrors++; 1270 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, 1271 data->m, BUS_DMA_READ | BUS_DMA_NOWAIT); 1272 if (error) 1273 panic("%s: unable to remap rx buf", 1274 sc->sc_dev.dv_xname); 1275 return; 1276 } 1277 1278 /* 1279 * New mbuf successfully loaded, update RX ring and continue 1280 * processing. 1281 */ 1282 m = data->m; 1283 data->m = m_new; 1284 CSR_WRITE_4(sc, IWI_CSR_RX_BASE + i * 4, data->map->dm_segs[0].ds_addr); 1285 1286 /* Finalize mbuf */ 1287 m->m_pkthdr.rcvif = ifp; 1288 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1289 sizeof (struct iwi_frame) + le16toh(frame->len); 1290 1291 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1292 1293 if (ic->ic_state == IEEE80211_S_SCAN) 1294 iwi_fix_channel(ic, m); 1295 1296 #if NBPFILTER > 0 1297 if (sc->sc_drvbpf != NULL) { 1298 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1299 1300 tap->wr_flags = 0; 1301 tap->wr_rate = frame->rate; 1302 tap->wr_chan_freq = 1303 htole16(ic->ic_channels[frame->chan].ic_freq); 1304 tap->wr_chan_flags = 1305 htole16(ic->ic_channels[frame->chan].ic_flags); 1306 tap->wr_antsignal = frame->signal; 1307 tap->wr_antenna = frame->antenna; 1308 1309 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1310 } 1311 #endif 1312 1313 wh = mtod(m, struct ieee80211_frame *); 1314 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1315 1316 /* Send the frame to the upper layer */ 1317 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1318 1319 /* node is no longer needed */ 1320 ieee80211_free_node(ni); 1321 } 1322 1323 static void 1324 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1325 { 1326 struct ieee80211com *ic = &sc->sc_ic; 1327 struct iwi_notif_scan_channel *chan; 1328 struct iwi_notif_scan_complete *scan; 1329 struct iwi_notif_authentication *auth; 1330 struct iwi_notif_association *assoc; 1331 1332 switch (notif->type) { 1333 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1334 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1335 1336 DPRINTFN(2, ("Finished scanning channel (%u)\n", chan->nchan)); 1337 break; 1338 1339 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1340 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1341 1342 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1343 scan->status)); 1344 1345 /* monitor mode uses scan to set the channel ... */ 1346 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1347 sc->flags &= ~IWI_FLAG_SCANNING; 1348 ieee80211_end_scan(ic); 1349 } else 1350 iwi_set_chan(sc, ic->ic_ibss_chan); 1351 break; 1352 1353 case IWI_NOTIF_TYPE_AUTHENTICATION: 1354 auth = (struct iwi_notif_authentication *)(notif + 1); 1355 1356 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1357 1358 switch (auth->state) { 1359 case IWI_AUTHENTICATED: 1360 ieee80211_node_authorize(ic->ic_bss); 1361 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1362 break; 1363 1364 case IWI_DEAUTHENTICATED: 1365 break; 1366 1367 default: 1368 aprint_error("%s: unknown authentication state %u\n", 1369 sc->sc_dev.dv_xname, auth->state); 1370 } 1371 break; 1372 1373 case IWI_NOTIF_TYPE_ASSOCIATION: 1374 assoc = (struct iwi_notif_association *)(notif + 1); 1375 1376 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1377 assoc->status)); 1378 1379 switch (assoc->state) { 1380 case IWI_AUTHENTICATED: 1381 /* re-association, do nothing */ 1382 break; 1383 1384 case IWI_ASSOCIATED: 1385 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1386 break; 1387 1388 case IWI_DEASSOCIATED: 1389 ieee80211_begin_scan(ic, 1); 1390 break; 1391 1392 default: 1393 aprint_error("%s: unknown association state %u\n", 1394 sc->sc_dev.dv_xname, assoc->state); 1395 } 1396 break; 1397 1398 case IWI_NOTIF_TYPE_CALIBRATION: 1399 case IWI_NOTIF_TYPE_BEACON: 1400 case IWI_NOTIF_TYPE_NOISE: 1401 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1402 break; 1403 1404 default: 1405 aprint_error("%s: unknown notification type %u\n", 1406 sc->sc_dev.dv_xname, notif->type); 1407 } 1408 } 1409 1410 static void 1411 iwi_cmd_intr(struct iwi_softc *sc) 1412 { 1413 uint32_t hw; 1414 1415 hw = CSR_READ_4(sc, IWI_CSR_CMD_RIDX); 1416 1417 for (; sc->cmdq.next != hw;) { 1418 bus_dmamap_sync(sc->sc_dmat, sc->cmdq.desc_map, 1419 sc->cmdq.next * IWI_CMD_DESC_SIZE, IWI_CMD_DESC_SIZE, 1420 BUS_DMASYNC_POSTWRITE); 1421 1422 wakeup(&sc->cmdq.desc[sc->cmdq.next]); 1423 sc->cmdq.next = (sc->cmdq.next + 1) % sc->cmdq.count; 1424 } 1425 } 1426 1427 static void 1428 iwi_rx_intr(struct iwi_softc *sc) 1429 { 1430 struct iwi_rx_data *data; 1431 struct iwi_hdr *hdr; 1432 uint32_t hw; 1433 1434 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1435 1436 for (; sc->rxq.cur != hw;) { 1437 data = &sc->rxq.data[sc->rxq.cur]; 1438 1439 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1440 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1441 1442 hdr = mtod(data->m, struct iwi_hdr *); 1443 1444 switch (hdr->type) { 1445 case IWI_HDR_TYPE_FRAME: 1446 iwi_frame_intr(sc, data, sc->rxq.cur, 1447 (struct iwi_frame *)(hdr + 1)); 1448 break; 1449 1450 case IWI_HDR_TYPE_NOTIF: 1451 iwi_notification_intr(sc, 1452 (struct iwi_notif *)(hdr + 1)); 1453 break; 1454 1455 default: 1456 aprint_error("%s: unknown hdr type %u\n", 1457 sc->sc_dev.dv_xname, hdr->type); 1458 } 1459 1460 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1461 data->map->dm_mapsize, BUS_DMASYNC_PREREAD); 1462 1463 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1464 1465 sc->rxq.cur = (sc->rxq.cur + 1) % sc->rxq.count; 1466 } 1467 1468 1469 /* Tell the firmware what we have processed */ 1470 hw = (hw == 0) ? sc->rxq.count - 1 : hw - 1; 1471 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1472 } 1473 1474 static void 1475 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1476 { 1477 struct ifnet *ifp = &sc->sc_if; 1478 struct iwi_tx_data *data; 1479 uint32_t hw; 1480 1481 hw = CSR_READ_4(sc, txq->csr_ridx); 1482 1483 for (; txq->next != hw;) { 1484 data = &txq->data[txq->next]; 1485 1486 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1487 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1488 bus_dmamap_unload(sc->sc_dmat, data->map); 1489 m_freem(data->m); 1490 data->m = NULL; 1491 ieee80211_free_node(data->ni); 1492 data->ni = NULL; 1493 1494 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1495 1496 ifp->if_opackets++; 1497 1498 txq->queued--; 1499 txq->next = (txq->next + 1) % txq->count; 1500 } 1501 1502 sc->sc_tx_timer = 0; 1503 ifp->if_flags &= ~IFF_OACTIVE; 1504 1505 /* Call start() since some buffer descriptors have been released */ 1506 (*ifp->if_start)(ifp); 1507 } 1508 1509 static int 1510 iwi_intr(void *arg) 1511 { 1512 struct iwi_softc *sc = arg; 1513 uint32_t r; 1514 1515 if ((r = CSR_READ_4(sc, IWI_CSR_INTR)) == 0 || r == 0xffffffff) 1516 return 0; 1517 1518 /* Acknowledge interrupts */ 1519 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1520 1521 if (r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR)) { 1522 aprint_error("%s: fatal error\n", sc->sc_dev.dv_xname); 1523 if (r & IWI_INTR_FATAL_ERROR) 1524 iwi_error_log(sc); 1525 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1526 iwi_stop(&sc->sc_if, 1); 1527 return (1); 1528 } 1529 1530 if (r & IWI_INTR_FW_INITED) { 1531 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1532 wakeup(sc); 1533 } 1534 1535 if (r & IWI_INTR_RADIO_OFF) { 1536 DPRINTF(("radio transmitter off\n")); 1537 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1538 iwi_stop(&sc->sc_if, 1); 1539 return (1); 1540 } 1541 1542 if (r & IWI_INTR_CMD_DONE) 1543 iwi_cmd_intr(sc); 1544 1545 if (r & IWI_INTR_TX1_DONE) 1546 iwi_tx_intr(sc, &sc->txq[0]); 1547 1548 if (r & IWI_INTR_TX2_DONE) 1549 iwi_tx_intr(sc, &sc->txq[1]); 1550 1551 if (r & IWI_INTR_TX3_DONE) 1552 iwi_tx_intr(sc, &sc->txq[2]); 1553 1554 if (r & IWI_INTR_TX4_DONE) 1555 iwi_tx_intr(sc, &sc->txq[3]); 1556 1557 if (r & IWI_INTR_RX_DONE) 1558 iwi_rx_intr(sc); 1559 1560 return 1; 1561 } 1562 1563 static int 1564 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, 1565 int async) 1566 { 1567 struct iwi_cmd_desc *desc; 1568 1569 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1570 1571 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1572 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1573 desc->type = type; 1574 desc->len = len; 1575 memcpy(desc->data, data, len); 1576 1577 bus_dmamap_sync(sc->sc_dmat, sc->cmdq.desc_map, 1578 sc->cmdq.cur * IWI_CMD_DESC_SIZE, 1579 IWI_CMD_DESC_SIZE, BUS_DMASYNC_PREWRITE); 1580 1581 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1582 type, len)); 1583 1584 sc->cmdq.cur = (sc->cmdq.cur + 1) % sc->cmdq.count; 1585 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1586 1587 return async ? 0 : tsleep(desc, 0, "iwicmd", hz); 1588 } 1589 1590 static void 1591 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1592 { 1593 struct iwi_ibssnode node; 1594 1595 /* write node information into NIC memory */ 1596 memset(&node, 0, sizeof node); 1597 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1598 1599 CSR_WRITE_REGION_1(sc, 1600 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1601 (uint8_t *)&node, sizeof node); 1602 } 1603 1604 static int 1605 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1606 int ac) 1607 { 1608 struct iwi_softc *sc = ifp->if_softc; 1609 struct ieee80211com *ic = &sc->sc_ic; 1610 struct iwi_node *in = (struct iwi_node *)ni; 1611 struct ieee80211_frame *wh; 1612 struct ieee80211_key *k; 1613 const struct chanAccParams *cap; 1614 struct iwi_tx_ring *txq = &sc->txq[ac]; 1615 struct iwi_tx_data *data; 1616 struct iwi_tx_desc *desc; 1617 struct mbuf *mnew; 1618 int error, hdrlen, i, noack = 0; 1619 1620 wh = mtod(m0, struct ieee80211_frame *); 1621 1622 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1623 hdrlen = sizeof (struct ieee80211_qosframe); 1624 cap = &ic->ic_wme.wme_chanParams; 1625 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1626 } else 1627 hdrlen = sizeof (struct ieee80211_frame); 1628 1629 /* 1630 * This is only used in IBSS mode where the firmware expect an index 1631 * in a h/w table instead of a destination address. 1632 */ 1633 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1634 in->in_station = iwi_alloc_unr(sc); 1635 1636 if (in->in_station == -1) { /* h/w table is full */ 1637 m_freem(m0); 1638 ieee80211_free_node(ni); 1639 ifp->if_oerrors++; 1640 return 0; 1641 } 1642 iwi_write_ibssnode(sc, in); 1643 } 1644 1645 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1646 k = ieee80211_crypto_encap(ic, ni, m0); 1647 if (k == NULL) { 1648 m_freem(m0); 1649 return ENOBUFS; 1650 } 1651 1652 /* packet header may have moved, reset our local pointer */ 1653 wh = mtod(m0, struct ieee80211_frame *); 1654 } 1655 1656 #if NBPFILTER > 0 1657 if (sc->sc_drvbpf != NULL) { 1658 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1659 1660 tap->wt_flags = 0; 1661 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1662 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1663 1664 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1665 } 1666 #endif 1667 1668 data = &txq->data[txq->cur]; 1669 desc = &txq->desc[txq->cur]; 1670 1671 /* save and trim IEEE802.11 header */ 1672 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1673 m_adj(m0, hdrlen); 1674 1675 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1676 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1677 if (error != 0 && error != EFBIG) { 1678 aprint_error("%s: could not map mbuf (error %d)\n", 1679 sc->sc_dev.dv_xname, error); 1680 m_freem(m0); 1681 return error; 1682 } 1683 if (error != 0) { 1684 /* too many fragments, linearize */ 1685 1686 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1687 if (mnew == NULL) { 1688 m_freem(m0); 1689 return ENOMEM; 1690 } 1691 1692 M_COPY_PKTHDR(mnew, m0); 1693 1694 /* If the data won't fit in the header, get a cluster */ 1695 if (m0->m_pkthdr.len > MHLEN) { 1696 MCLGET(mnew, M_DONTWAIT); 1697 if (!(mnew->m_flags & M_EXT)) { 1698 m_freem(m0); 1699 m_freem(mnew); 1700 return ENOMEM; 1701 } 1702 } 1703 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, caddr_t)); 1704 m_freem(m0); 1705 mnew->m_len = mnew->m_pkthdr.len; 1706 m0 = mnew; 1707 1708 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1709 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1710 if (error != 0) { 1711 aprint_error("%s: could not map mbuf (error %d)\n", 1712 sc->sc_dev.dv_xname, error); 1713 m_freem(m0); 1714 return error; 1715 } 1716 } 1717 1718 data->m = m0; 1719 data->ni = ni; 1720 1721 desc->hdr.type = IWI_HDR_TYPE_DATA; 1722 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1723 desc->station = 1724 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1725 desc->cmd = IWI_DATA_CMD_TX; 1726 desc->len = htole16(m0->m_pkthdr.len); 1727 desc->flags = 0; 1728 desc->xflags = 0; 1729 1730 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1731 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1732 1733 #if 0 1734 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1735 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1736 desc->wep_txkey = ic->ic_crypto.cs_def_txkey; 1737 } else 1738 #endif 1739 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1740 1741 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1742 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1743 1744 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1745 desc->xflags |= IWI_DATA_XFLAG_QOS; 1746 1747 desc->nseg = htole32(data->map->dm_nsegs); 1748 for (i = 0; i < data->map->dm_nsegs; i++) { 1749 desc->seg_addr[i] = htole32(data->map->dm_segs[i].ds_addr); 1750 desc->seg_len[i] = htole16(data->map->dm_segs[i].ds_len); 1751 } 1752 1753 bus_dmamap_sync(sc->sc_dmat, txq->desc_map, 1754 txq->cur * IWI_TX_DESC_SIZE, 1755 IWI_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE); 1756 1757 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1758 BUS_DMASYNC_PREWRITE); 1759 1760 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1761 ac, txq->cur, le16toh(desc->len), le32toh(desc->nseg))); 1762 1763 /* Inform firmware about this new packet */ 1764 txq->queued++; 1765 txq->cur = (txq->cur + 1) % txq->count; 1766 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1767 1768 return 0; 1769 } 1770 1771 static void 1772 iwi_start(struct ifnet *ifp) 1773 { 1774 struct iwi_softc *sc = ifp->if_softc; 1775 struct ieee80211com *ic = &sc->sc_ic; 1776 struct mbuf *m0; 1777 struct ether_header *eh; 1778 struct ieee80211_node *ni; 1779 int ac; 1780 1781 if (ic->ic_state != IEEE80211_S_RUN) 1782 return; 1783 1784 for (;;) { 1785 IF_DEQUEUE(&ifp->if_snd, m0); 1786 if (m0 == NULL) 1787 break; 1788 1789 if (m0->m_len < sizeof (struct ether_header) && 1790 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1791 ifp->if_oerrors++; 1792 continue; 1793 } 1794 1795 eh = mtod(m0, struct ether_header *); 1796 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1797 if (ni == NULL) { 1798 m_freem(m0); 1799 ifp->if_oerrors++; 1800 continue; 1801 } 1802 1803 /* classify mbuf so we can find which tx ring to use */ 1804 if (ieee80211_classify(ic, m0, ni) != 0) { 1805 m_freem(m0); 1806 ieee80211_free_node(ni); 1807 ifp->if_oerrors++; 1808 continue; 1809 } 1810 1811 /* no QoS encapsulation for EAPOL frames */ 1812 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1813 M_WME_GETAC(m0) : WME_AC_BE; 1814 1815 if (sc->txq[ac].queued > sc->txq[ac].count - 8) { 1816 /* there is no place left in this ring */ 1817 IF_PREPEND(&ifp->if_snd, m0); 1818 ifp->if_flags |= IFF_OACTIVE; 1819 break; 1820 } 1821 1822 #if NBPFILTER > 0 1823 if (ifp->if_bpf != NULL) 1824 bpf_mtap(ifp->if_bpf, m0); 1825 #endif 1826 1827 m0 = ieee80211_encap(ic, m0, ni); 1828 if (m0 == NULL) { 1829 ieee80211_free_node(ni); 1830 ifp->if_oerrors++; 1831 continue; 1832 } 1833 1834 #if NBPFILTER > 0 1835 if (ic->ic_rawbpf != NULL) 1836 bpf_mtap(ic->ic_rawbpf, m0); 1837 #endif 1838 1839 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1840 ieee80211_free_node(ni); 1841 ifp->if_oerrors++; 1842 break; 1843 } 1844 1845 /* start watchdog timer */ 1846 sc->sc_tx_timer = 5; 1847 ifp->if_timer = 1; 1848 } 1849 } 1850 1851 static void 1852 iwi_watchdog(struct ifnet *ifp) 1853 { 1854 struct iwi_softc *sc = ifp->if_softc; 1855 1856 ifp->if_timer = 0; 1857 1858 if (sc->sc_tx_timer > 0) { 1859 if (--sc->sc_tx_timer == 0) { 1860 aprint_error("%s: device timeout\n", 1861 sc->sc_dev.dv_xname); 1862 ifp->if_oerrors++; 1863 ifp->if_flags &= ~IFF_UP; 1864 iwi_stop(ifp, 1); 1865 return; 1866 } 1867 ifp->if_timer = 1; 1868 } 1869 1870 ieee80211_watchdog(&sc->sc_ic); 1871 } 1872 1873 static int 1874 iwi_get_table0(struct iwi_softc *sc, uint32_t *tbl) 1875 { 1876 uint32_t size, buf[128]; 1877 1878 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 1879 memset(buf, 0, sizeof buf); 1880 return copyout(buf, tbl, sizeof buf); 1881 } 1882 1883 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 1884 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 1885 1886 return copyout(buf, tbl, sizeof buf); 1887 } 1888 1889 static int 1890 iwi_get_radio(struct iwi_softc *sc, int *ret) 1891 { 1892 int val; 1893 1894 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 1895 return copyout(&val, ret, sizeof val); 1896 } 1897 1898 static int 1899 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1900 { 1901 #define IS_RUNNING(ifp) \ 1902 ((ifp->if_flags & IFF_UP) && (ifp->if_flags & IFF_RUNNING)) 1903 1904 struct iwi_softc *sc = ifp->if_softc; 1905 struct ieee80211com *ic = &sc->sc_ic; 1906 struct ifreq *ifr = (struct ifreq *)data; 1907 int s, error = 0; 1908 1909 s = splnet(); 1910 1911 switch (cmd) { 1912 case SIOCSIFFLAGS: 1913 if (ifp->if_flags & IFF_UP) { 1914 if (!(ifp->if_flags & IFF_RUNNING)) 1915 iwi_init(ifp); 1916 } else { 1917 if (ifp->if_flags & IFF_RUNNING) 1918 iwi_stop(ifp, 1); 1919 } 1920 break; 1921 1922 case SIOCADDMULTI: 1923 case SIOCDELMULTI: 1924 error = (cmd == SIOCADDMULTI) ? 1925 ether_addmulti(ifr, &sc->sc_ec) : 1926 ether_delmulti(ifr, &sc->sc_ec); 1927 if (error == ENETRESET) { 1928 /* setup multicast filter, etc */ 1929 error = 0; 1930 } 1931 break; 1932 1933 case SIOCGTABLE0: 1934 error = iwi_get_table0(sc, (uint32_t *)ifr->ifr_data); 1935 break; 1936 1937 case SIOCGRADIO: 1938 error = iwi_get_radio(sc, (int *)ifr->ifr_data); 1939 break; 1940 1941 case SIOCSLOADFW: 1942 /* only super-user can do that! */ 1943 if ((error = suser(curproc->p_ucred, &curproc->p_acflag)) != 0) 1944 break; 1945 1946 error = iwi_cache_firmware(sc, ifr->ifr_data); 1947 break; 1948 1949 case SIOCSKILLFW: 1950 /* only super-user can do that! */ 1951 if ((error = suser(curproc->p_ucred, &curproc->p_acflag)) != 0) 1952 break; 1953 1954 ifp->if_flags &= ~IFF_UP; 1955 iwi_stop(ifp, 1); 1956 iwi_free_firmware(sc); 1957 break; 1958 1959 default: 1960 error = ieee80211_ioctl(&sc->sc_ic, cmd, data); 1961 1962 if (error == ENETRESET) { 1963 if (IS_RUNNING(ifp) && 1964 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1965 iwi_init(ifp); 1966 error = 0; 1967 } 1968 } 1969 1970 splx(s); 1971 return error; 1972 #undef IS_RUNNING 1973 } 1974 1975 static void 1976 iwi_stop_master(struct iwi_softc *sc) 1977 { 1978 int ntries; 1979 1980 /* Disable interrupts */ 1981 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1982 1983 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 1984 for (ntries = 0; ntries < 5; ntries++) { 1985 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1986 break; 1987 DELAY(10); 1988 } 1989 if (ntries == 5) 1990 aprint_error("%s: timeout waiting for master\n", 1991 sc->sc_dev.dv_xname); 1992 1993 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 1994 IWI_RST_PRINCETON_RESET); 1995 1996 sc->flags &= ~IWI_FLAG_FW_INITED; 1997 } 1998 1999 static int 2000 iwi_reset(struct iwi_softc *sc) 2001 { 2002 int i, ntries; 2003 2004 iwi_stop_master(sc); 2005 2006 /* Move adapter to D0 state */ 2007 CSR_WRITE_4(sc, IWI_CSR_CTL, CSR_READ_4(sc, IWI_CSR_CTL) | 2008 IWI_CTL_INIT); 2009 2010 /* Initialize Phase-Locked Level (PLL) */ 2011 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 2012 2013 /* Wait for clock stabilization */ 2014 for (ntries = 0; ntries < 1000; ntries++) { 2015 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 2016 break; 2017 DELAY(200); 2018 } 2019 if (ntries == 1000) { 2020 aprint_error("%s: timeout waiting for clock stabilization\n", 2021 sc->sc_dev.dv_xname); 2022 return EIO; 2023 } 2024 2025 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2026 IWI_RST_SW_RESET); 2027 2028 DELAY(10); 2029 2030 CSR_WRITE_4(sc, IWI_CSR_CTL, CSR_READ_4(sc, IWI_CSR_CTL) | 2031 IWI_CTL_INIT); 2032 2033 /* Clear NIC memory */ 2034 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2035 for (i = 0; i < 0xc000; i++) 2036 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2037 2038 return 0; 2039 } 2040 2041 static int 2042 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 2043 { 2044 uint16_t *w; 2045 int ntries, i; 2046 2047 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2048 IWI_RST_STOP_MASTER); 2049 for (ntries = 0; ntries < 5; ntries++) { 2050 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2051 break; 2052 DELAY(10); 2053 } 2054 if (ntries == 5) { 2055 aprint_error("%s: timeout waiting for master\n", 2056 sc->sc_dev.dv_xname); 2057 return EIO; 2058 } 2059 2060 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2061 DELAY(5000); 2062 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) & 2063 ~IWI_RST_PRINCETON_RESET); 2064 DELAY(5000); 2065 MEM_WRITE_4(sc, 0x3000e0, 0); 2066 DELAY(1000); 2067 MEM_WRITE_4(sc, 0x300004, 1); 2068 DELAY(1000); 2069 MEM_WRITE_4(sc, 0x300004, 0); 2070 DELAY(1000); 2071 MEM_WRITE_1(sc, 0x200000, 0x00); 2072 MEM_WRITE_1(sc, 0x200000, 0x40); 2073 DELAY(1000); 2074 2075 /* Adapter is buggy, we must set the address for each word */ 2076 for (w = uc; size > 0; w++, size -= 2) 2077 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2078 2079 MEM_WRITE_1(sc, 0x200000, 0x00); 2080 MEM_WRITE_1(sc, 0x200000, 0x80); 2081 2082 /* Wait until we get a response in the uc queue */ 2083 for (ntries = 0; ntries < 100; ntries++) { 2084 if (MEM_READ_1(sc, 0x200000) & 1) 2085 break; 2086 DELAY(100); 2087 } 2088 if (ntries == 100) { 2089 aprint_error("%s: timeout waiting for ucode to initialize\n", 2090 sc->sc_dev.dv_xname); 2091 return EIO; 2092 } 2093 2094 /* Empty the uc queue or the firmware will not initialize properly */ 2095 for (i = 0; i < 7; i++) 2096 MEM_READ_4(sc, 0x200004); 2097 2098 MEM_WRITE_1(sc, 0x200000, 0x00); 2099 2100 return 0; 2101 } 2102 2103 /* macro to handle unaligned little endian data in firmware image */ 2104 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2105 static int 2106 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2107 { 2108 bus_dmamap_t map; 2109 u_char *p, *end; 2110 uint32_t sentinel, ctl, sum; 2111 uint32_t cs, sl, cd, cl; 2112 int ntries, nsegs, error; 2113 int sn; 2114 2115 nsegs = (size + PAGE_SIZE - 1) / PAGE_SIZE; 2116 2117 /* Create a DMA map for the firmware image */ 2118 error = bus_dmamap_create(sc->sc_dmat, size, nsegs, size, 0, 2119 BUS_DMA_NOWAIT, &map); 2120 if (error != 0) { 2121 aprint_error("%s: could not create firmware DMA map\n", 2122 sc->sc_dev.dv_xname); 2123 goto fail1; 2124 } 2125 2126 error = bus_dmamap_load(sc->sc_dmat, map, fw, size, NULL, 2127 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 2128 if (error != 0) { 2129 aprint_error("%s: could not load fw dma map(%d)\n", 2130 sc->sc_dev.dv_xname, error); 2131 goto fail2; 2132 } 2133 2134 /* Make sure the adapter will get up-to-date values */ 2135 bus_dmamap_sync(sc->sc_dmat, map, 0, size, BUS_DMASYNC_PREWRITE); 2136 2137 /* Tell the adapter where the command blocks are stored */ 2138 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2139 2140 /* 2141 * Store command blocks into adapter's internal memory using register 2142 * indirections. The adapter will read the firmware image through DMA 2143 * using information stored in command blocks. 2144 */ 2145 p = fw; 2146 end = p + size; 2147 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2148 2149 sn = 0; 2150 sl = cl = 0; 2151 cs = cd = 0; 2152 while (p < end) { 2153 if (sl == 0) { 2154 cs = map->dm_segs[sn].ds_addr; 2155 sl = map->dm_segs[sn].ds_len; 2156 sn++; 2157 } 2158 if (cl == 0) { 2159 cd = GETLE32(p); p += 4; cs += 4; sl -= 4; 2160 cl = GETLE32(p); p += 4; cs += 4; sl -= 4; 2161 } 2162 while (sl > 0 && cl > 0) { 2163 int len = min(cl, sl); 2164 2165 sl -= len; 2166 cl -= len; 2167 p += len; 2168 2169 while (len > 0) { 2170 int mlen = min(len, IWI_CB_MAXDATALEN); 2171 2172 ctl = IWI_CB_DEFAULT_CTL | mlen; 2173 sum = ctl ^ cs ^ cd; 2174 2175 /* Write a command block */ 2176 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2177 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, cs); 2178 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, cd); 2179 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2180 2181 cs += mlen; 2182 cd += mlen; 2183 len -= mlen; 2184 } 2185 } 2186 } 2187 2188 /* Write a fictive final command block (sentinel) */ 2189 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2190 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2191 2192 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) & 2193 ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER)); 2194 2195 /* Tell the adapter to start processing command blocks */ 2196 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2197 2198 /* Wait until the adapter has processed all command blocks */ 2199 for (ntries = 0; ntries < 400; ntries++) { 2200 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2201 break; 2202 DELAY(100); 2203 } 2204 if (ntries == 400) { 2205 aprint_error("%s: timeout processing cb\n", 2206 sc->sc_dev.dv_xname); 2207 error = EIO; 2208 goto fail3; 2209 } 2210 2211 /* We're done with command blocks processing */ 2212 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2213 2214 /* Allow interrupts so we know when the firmware is inited */ 2215 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2216 2217 /* Tell the adapter to initialize the firmware */ 2218 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2219 CSR_WRITE_4(sc, IWI_CSR_CTL, CSR_READ_4(sc, IWI_CSR_CTL) | 2220 IWI_CTL_ALLOW_STANDBY); 2221 2222 /* Wait at most one second for firmware initialization to complete */ 2223 if ((error = tsleep(sc, 0, "iwiinit", hz)) != 0) { 2224 aprint_error("%s: timeout waiting for firmware initialization " 2225 "to complete\n", sc->sc_dev.dv_xname); 2226 goto fail3; 2227 } 2228 2229 fail3: 2230 bus_dmamap_sync(sc->sc_dmat, map, 0, size, BUS_DMASYNC_POSTWRITE); 2231 bus_dmamap_unload(sc->sc_dmat, map); 2232 fail2: 2233 bus_dmamap_destroy(sc->sc_dmat, map); 2234 2235 fail1: 2236 return error; 2237 } 2238 2239 /* 2240 * Store firmware into kernel memory so we can download it when we need to, 2241 * e.g when the adapter wakes up from suspend mode. 2242 */ 2243 static int 2244 iwi_cache_firmware(struct iwi_softc *sc, void *data) 2245 { 2246 struct iwi_firmware *kfw = &sc->fw; 2247 struct iwi_firmware ufw; 2248 int error; 2249 2250 iwi_free_firmware(sc); 2251 2252 if ((error = copyin(data, &ufw, sizeof ufw)) != 0) 2253 goto fail1; 2254 2255 kfw->boot_size = ufw.boot_size; 2256 kfw->ucode_size = ufw.ucode_size; 2257 kfw->main_size = ufw.main_size; 2258 2259 kfw->boot = malloc(kfw->boot_size, M_DEVBUF, M_NOWAIT); 2260 if (kfw->boot == NULL) { 2261 error = ENOMEM; 2262 goto fail1; 2263 } 2264 2265 kfw->ucode = malloc(kfw->ucode_size, M_DEVBUF, M_NOWAIT); 2266 if (kfw->ucode == NULL) { 2267 error = ENOMEM; 2268 goto fail2; 2269 } 2270 2271 kfw->main = malloc(kfw->main_size, M_DEVBUF, M_NOWAIT); 2272 if (kfw->main == NULL) { 2273 error = ENOMEM; 2274 goto fail3; 2275 } 2276 2277 if ((error = copyin(ufw.boot, kfw->boot, kfw->boot_size)) != 0) 2278 goto fail4; 2279 2280 if ((error = copyin(ufw.ucode, kfw->ucode, kfw->ucode_size)) != 0) 2281 goto fail4; 2282 2283 if ((error = copyin(ufw.main, kfw->main, kfw->main_size)) != 0) 2284 goto fail4; 2285 2286 DPRINTF(("Firmware cached: boot %u, ucode %u, main %u\n", 2287 kfw->boot_size, kfw->ucode_size, kfw->main_size)); 2288 2289 sc->flags |= IWI_FLAG_FW_CACHED; 2290 2291 return 0; 2292 2293 fail4: free(kfw->boot, M_DEVBUF); 2294 fail3: free(kfw->ucode, M_DEVBUF); 2295 fail2: free(kfw->main, M_DEVBUF); 2296 fail1: 2297 return error; 2298 } 2299 2300 static void 2301 iwi_free_firmware(struct iwi_softc *sc) 2302 { 2303 if (!(sc->flags & IWI_FLAG_FW_CACHED)) 2304 return; 2305 2306 free(sc->fw.boot, M_DEVBUF); 2307 free(sc->fw.ucode, M_DEVBUF); 2308 free(sc->fw.main, M_DEVBUF); 2309 2310 sc->flags &= ~IWI_FLAG_FW_CACHED; 2311 } 2312 2313 static int 2314 iwi_config(struct iwi_softc *sc) 2315 { 2316 struct ieee80211com *ic = &sc->sc_ic; 2317 struct ifnet *ifp = &sc->sc_if; 2318 struct iwi_configuration config; 2319 struct iwi_rateset rs; 2320 struct iwi_txpower power; 2321 struct ieee80211_key *wk; 2322 struct iwi_wep_key wepkey; 2323 uint32_t data; 2324 int error, i; 2325 2326 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2327 DPRINTF(("Setting MAC address to %s\n", ether_sprintf(ic->ic_myaddr))); 2328 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2329 IEEE80211_ADDR_LEN, 0); 2330 if (error != 0) 2331 return error; 2332 2333 memset(&config, 0, sizeof config); 2334 config.bluetooth_coexistence = sc->bluetooth; 2335 config.antenna = sc->antenna; 2336 config.multicast_enabled = 1; 2337 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2338 config.disable_unicast_decryption = 1; 2339 config.disable_multicast_decryption = 1; 2340 DPRINTF(("Configuring adapter\n")); 2341 error = iwi_cmd(sc, IWI_CMD_SET_CONFIGURATION, &config, sizeof config, 2342 0); 2343 if (error != 0) 2344 return error; 2345 2346 data = htole32(IWI_POWER_MODE_CAM); 2347 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2348 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2349 if (error != 0) 2350 return error; 2351 2352 data = htole32(ic->ic_rtsthreshold); 2353 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2354 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2355 if (error != 0) 2356 return error; 2357 2358 data = htole32(ic->ic_fragthreshold); 2359 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2360 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2361 if (error != 0) 2362 return error; 2363 2364 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2365 power.mode = IWI_MODE_11B; 2366 power.nchan = 11; 2367 for (i = 0; i < 11; i++) { 2368 power.chan[i].chan = i + 1; 2369 power.chan[i].power = IWI_TXPOWER_MAX; 2370 } 2371 DPRINTF(("Setting .11b channels tx power\n")); 2372 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2373 0); 2374 if (error != 0) 2375 return error; 2376 2377 power.mode = IWI_MODE_11G; 2378 DPRINTF(("Setting .11g channels tx power\n")); 2379 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2380 0); 2381 if (error != 0) 2382 return error; 2383 } 2384 2385 rs.mode = IWI_MODE_11G; 2386 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2387 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2388 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2389 rs.nrates); 2390 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2391 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2392 if (error != 0) 2393 return error; 2394 2395 rs.mode = IWI_MODE_11A; 2396 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2397 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2398 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2399 rs.nrates); 2400 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2401 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2402 if (error != 0) 2403 return error; 2404 2405 /* if we have a desired ESSID, set it now */ 2406 if (ic->ic_des_esslen != 0) { 2407 #ifdef IWI_DEBUG 2408 if (iwi_debug > 0) { 2409 printf("Setting desired ESSID to "); 2410 ieee80211_print_essid(ic->ic_des_essid, 2411 ic->ic_des_esslen); 2412 printf("\n"); 2413 } 2414 #endif 2415 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2416 ic->ic_des_esslen, 0); 2417 if (error != 0) 2418 return error; 2419 } 2420 2421 data = htole32(arc4random()); 2422 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2423 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2424 if (error != 0) 2425 return error; 2426 2427 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2428 wk = &ic->ic_crypto.cs_nw_keys[i]; 2429 2430 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2431 wepkey.idx = i; 2432 wepkey.len = wk->wk_keylen; 2433 memset(wepkey.key, 0, sizeof wepkey.key); 2434 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2435 DPRINTF(("Setting wep key index %u len %u\n", 2436 wepkey.idx, wepkey.len)); 2437 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2438 sizeof wepkey, 0); 2439 if (error != 0) 2440 return error; 2441 } 2442 2443 /* Enable adapter */ 2444 DPRINTF(("Enabling adapter\n")); 2445 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2446 } 2447 2448 static int 2449 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2450 { 2451 struct ieee80211com *ic = &sc->sc_ic; 2452 struct iwi_scan_v2 scan; 2453 2454 (void)memset(&scan, 0, sizeof scan); 2455 2456 scan.dwelltime[IWI_SCAN_TYPE_PASSIVE] = htole16(2000); 2457 scan.channels[0] = 1 | 2458 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2459 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2460 iwi_scan_type_set(scan, 1, IWI_SCAN_TYPE_PASSIVE); 2461 2462 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2463 return iwi_cmd(sc, IWI_CMD_SCAN_V2, &scan, sizeof scan, 1); 2464 } 2465 2466 static int 2467 iwi_scan(struct iwi_softc *sc) 2468 { 2469 struct ieee80211com *ic = &sc->sc_ic; 2470 struct iwi_scan_v2 scan; 2471 uint32_t type; 2472 uint8_t *p; 2473 int i, count, idx; 2474 2475 (void)memset(&scan, 0, sizeof scan); 2476 scan.dwelltime[IWI_SCAN_TYPE_ACTIVE_BROADCAST] = 2477 htole16(sc->dwelltime); 2478 scan.dwelltime[IWI_SCAN_TYPE_ACTIVE_BDIRECT] = 2479 htole16(sc->dwelltime); 2480 2481 /* tell the firmware about the desired essid */ 2482 if (ic->ic_des_esslen) { 2483 int error; 2484 2485 DPRINTF(("%s: Setting adapter desired ESSID to %s\n", 2486 __func__, ic->ic_des_essid)); 2487 2488 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, 2489 ic->ic_des_essid, ic->ic_des_esslen, 1); 2490 if (error) 2491 return error; 2492 2493 type = IWI_SCAN_TYPE_ACTIVE_BDIRECT; 2494 } else { 2495 type = IWI_SCAN_TYPE_ACTIVE_BROADCAST; 2496 } 2497 2498 p = &scan.channels[0]; 2499 count = idx = 0; 2500 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2501 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2502 isset(ic->ic_chan_active, i)) { 2503 *++p = i; 2504 count++; 2505 idx++; 2506 iwi_scan_type_set(scan, idx, type); 2507 } 2508 } 2509 if (count) { 2510 *(p - count) = IWI_CHAN_5GHZ | count; 2511 p++; 2512 } 2513 2514 count = 0; 2515 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2516 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2517 isset(ic->ic_chan_active, i)) { 2518 *++p = i; 2519 count++; 2520 idx++; 2521 iwi_scan_type_set(scan, idx, type); 2522 } 2523 } 2524 *(p - count) = IWI_CHAN_2GHZ | count; 2525 2526 DPRINTF(("Start scanning\n")); 2527 return iwi_cmd(sc, IWI_CMD_SCAN_V2, &scan, sizeof scan, 1); 2528 } 2529 2530 static int 2531 iwi_auth_and_assoc(struct iwi_softc *sc) 2532 { 2533 struct ieee80211com *ic = &sc->sc_ic; 2534 struct ieee80211_node *ni = ic->ic_bss; 2535 struct ifnet *ifp = &sc->sc_if; 2536 struct ieee80211_wme_info wme; 2537 struct iwi_configuration config; 2538 struct iwi_associate assoc; 2539 struct iwi_rateset rs; 2540 uint16_t capinfo; 2541 uint32_t data; 2542 int error; 2543 2544 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2545 memset(&config, 0, sizeof config); 2546 config.bluetooth_coexistence = sc->bluetooth; 2547 config.antenna = sc->antenna; 2548 config.multicast_enabled = 1; 2549 config.use_protection = 1; 2550 config.answer_pbreq = 2551 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2552 config.disable_unicast_decryption = 1; 2553 config.disable_multicast_decryption = 1; 2554 DPRINTF(("Configuring adapter\n")); 2555 error = iwi_cmd(sc, IWI_CMD_SET_CONFIGURATION, &config, 2556 sizeof config, 1); 2557 if (error != 0) 2558 return error; 2559 } 2560 2561 #ifdef IWI_DEBUG 2562 if (iwi_debug > 0) { 2563 printf("Setting ESSID to "); 2564 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2565 printf("\n"); 2566 } 2567 #endif 2568 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2569 if (error != 0) 2570 return error; 2571 2572 /* the rate set has already been "negotiated" */ 2573 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2574 IWI_MODE_11G; 2575 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2576 rs.nrates = ni->ni_rates.rs_nrates; 2577 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2578 DPRINTF(("Setting negotiated rates (%u)\n", rs.nrates)); 2579 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2580 if (error != 0) 2581 return error; 2582 2583 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2584 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2585 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2586 wme.wme_oui[0] = 0x00; 2587 wme.wme_oui[1] = 0x50; 2588 wme.wme_oui[2] = 0xf2; 2589 wme.wme_type = WME_OUI_TYPE; 2590 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2591 wme.wme_version = WME_VERSION; 2592 wme.wme_info = 0; 2593 2594 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2595 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2596 if (error != 0) 2597 return error; 2598 } 2599 2600 if (ic->ic_opt_ie != NULL) { 2601 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2602 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2603 ic->ic_opt_ie_len, 1); 2604 if (error != 0) 2605 return error; 2606 } 2607 data = htole32(ni->ni_rssi); 2608 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2609 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2610 if (error != 0) 2611 return error; 2612 2613 memset(&assoc, 0, sizeof assoc); 2614 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2615 IWI_MODE_11G; 2616 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2617 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2618 assoc.auth = (ic->ic_crypto.cs_def_txkey << 4) | IWI_AUTH_SHARED; 2619 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2620 assoc.policy |= htole16(IWI_POLICY_WME); 2621 if (ic->ic_flags & IEEE80211_F_WPA) 2622 assoc.policy |= htole16(IWI_POLICY_WPA); 2623 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2624 2625 if (ic->ic_opmode == IEEE80211_M_IBSS) 2626 capinfo = IEEE80211_CAPINFO_IBSS; 2627 else 2628 capinfo = IEEE80211_CAPINFO_ESS; 2629 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2630 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2631 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2632 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2633 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2634 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2635 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2636 assoc.capinfo = htole16(capinfo); 2637 2638 assoc.lintval = htole16(ic->ic_lintval); 2639 assoc.intval = htole16(ni->ni_intval); 2640 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2641 if (ic->ic_opmode == IEEE80211_M_IBSS) 2642 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2643 else 2644 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2645 DPRINTF(("Trying to associate to %s channel %u auth %u\n", 2646 ether_sprintf(assoc.bssid), assoc.chan, assoc.auth)); 2647 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2648 } 2649 2650 static int 2651 iwi_init(struct ifnet *ifp) 2652 { 2653 struct iwi_softc *sc = ifp->if_softc; 2654 struct ieee80211com *ic = &sc->sc_ic; 2655 struct iwi_firmware *fw = &sc->fw; 2656 int i, error; 2657 2658 /* exit immediately if firmware has not been ioctl'd */ 2659 if (!(sc->flags & IWI_FLAG_FW_CACHED)) { 2660 if (!(sc->flags & IWI_FLAG_FW_WARNED)) 2661 aprint_error("%s: Firmware not loaded\n", 2662 sc->sc_dev.dv_xname); 2663 sc->flags |= IWI_FLAG_FW_WARNED; 2664 ifp->if_flags &= ~IFF_UP; 2665 return EIO; 2666 } 2667 2668 iwi_stop(ifp, 0); 2669 2670 if ((error = iwi_reset(sc)) != 0) { 2671 aprint_error("%s: could not reset adapter\n", 2672 sc->sc_dev.dv_xname); 2673 goto fail; 2674 } 2675 2676 if ((error = iwi_load_firmware(sc, fw->boot, fw->boot_size)) != 0) { 2677 aprint_error("%s: could not load boot firmware\n", 2678 sc->sc_dev.dv_xname); 2679 goto fail; 2680 } 2681 2682 if ((error = iwi_load_ucode(sc, fw->ucode, fw->ucode_size)) != 0) { 2683 aprint_error("%s: could not load microcode\n", 2684 sc->sc_dev.dv_xname); 2685 goto fail; 2686 } 2687 2688 iwi_stop_master(sc); 2689 2690 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.desc_map->dm_segs[0].ds_addr); 2691 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2692 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2693 2694 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].desc_map->dm_segs[0].ds_addr); 2695 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2696 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2697 2698 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].desc_map->dm_segs[0].ds_addr); 2699 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2700 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2701 2702 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].desc_map->dm_segs[0].ds_addr); 2703 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2704 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2705 2706 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].desc_map->dm_segs[0].ds_addr); 2707 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2708 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2709 2710 for (i = 0; i < sc->rxq.count; i++) 2711 CSR_WRITE_4(sc, IWI_CSR_RX_BASE + i * 4, 2712 sc->rxq.data[i].map->dm_segs[0].ds_addr); 2713 2714 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count -1); 2715 2716 if ((error = iwi_load_firmware(sc, fw->main, fw->main_size)) != 0) { 2717 aprint_error("%s: could not load main firmware\n", 2718 sc->sc_dev.dv_xname); 2719 goto fail; 2720 } 2721 2722 sc->flags |= IWI_FLAG_FW_INITED; 2723 2724 if ((error = iwi_config(sc)) != 0) { 2725 aprint_error("%s: device configuration failed\n", 2726 sc->sc_dev.dv_xname); 2727 goto fail; 2728 } 2729 2730 ic->ic_state = IEEE80211_S_INIT; 2731 2732 ifp->if_flags &= ~IFF_OACTIVE; 2733 ifp->if_flags |= IFF_RUNNING; 2734 2735 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2736 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2737 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2738 } else 2739 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2740 2741 return 0; 2742 2743 fail: ifp->if_flags &= ~IFF_UP; 2744 iwi_stop(ifp, 0); 2745 2746 return error; 2747 } 2748 2749 static void 2750 iwi_stop(struct ifnet *ifp, int disable) 2751 { 2752 struct iwi_softc *sc = ifp->if_softc; 2753 struct ieee80211com *ic = &sc->sc_ic; 2754 2755 IWI_LED_OFF(sc); 2756 2757 iwi_stop_master(sc); 2758 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SW_RESET); 2759 2760 /* reset rings */ 2761 iwi_reset_cmd_ring(sc, &sc->cmdq); 2762 iwi_reset_tx_ring(sc, &sc->txq[0]); 2763 iwi_reset_tx_ring(sc, &sc->txq[1]); 2764 iwi_reset_tx_ring(sc, &sc->txq[2]); 2765 iwi_reset_tx_ring(sc, &sc->txq[3]); 2766 iwi_reset_rx_ring(sc, &sc->rxq); 2767 2768 ifp->if_timer = 0; 2769 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2770 2771 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2772 } 2773 2774 static void 2775 iwi_led_set(struct iwi_softc *sc, uint32_t state, int toggle) 2776 { 2777 uint32_t val; 2778 2779 val = MEM_READ_4(sc, IWI_MEM_EVENT_CTL); 2780 2781 switch (sc->nictype) { 2782 case 1: 2783 /* special NIC type: reversed leds */ 2784 if (state == IWI_LED_ACTIVITY) { 2785 state &= ~IWI_LED_ACTIVITY; 2786 state |= IWI_LED_ASSOCIATED; 2787 } else if (state == IWI_LED_ASSOCIATED) { 2788 state &= ~IWI_LED_ASSOCIATED; 2789 state |= IWI_LED_ACTIVITY; 2790 } 2791 /* and ignore toggle effect */ 2792 val |= state; 2793 break; 2794 case 0: 2795 case 2: 2796 case 3: 2797 case 4: 2798 val = (toggle && (val & state)) ? val & ~state : val | state; 2799 break; 2800 default: 2801 aprint_normal("%s: unknown NIC type %d\n", 2802 sc->sc_dev.dv_xname, sc->nictype); 2803 return; 2804 break; 2805 } 2806 2807 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, val); 2808 2809 return; 2810 } 2811 2812 static void 2813 iwi_error_log(struct iwi_softc *sc) 2814 { 2815 uint32_t b, n; 2816 int i; 2817 2818 static const char *const msg[] = { 2819 "no error", 2820 "failed", 2821 "memory range low", 2822 "memory range high", 2823 "bad parameter", 2824 "checksum", 2825 "NMI", 2826 "bad database", 2827 "allocation failed", 2828 "DMA underrun", 2829 "DMA status", 2830 "DINO", 2831 "EEPROM", 2832 "device assert", 2833 "fatal" 2834 }; 2835 2836 b = CSR_READ_4(sc, IWI_CSR_ERRORLOG); 2837 n = MEM_READ_4(sc, b); 2838 2839 b += 4; 2840 2841 for (i = 0; i < n ; i++) { 2842 struct iwi_error fw_error; 2843 2844 MEM_CPY(sc, &fw_error, b, sizeof(fw_error)); 2845 2846 printf("%s: %s\n", sc->sc_dev.dv_xname, 2847 msg[fw_error.type]); 2848 2849 b += sizeof(fw_error); 2850 } 2851 } 2852