1 /* $NetBSD: if_iwn.c,v 1.82 2017/01/04 03:05:24 nonaka Exp $ */ 2 /* $OpenBSD: if_iwn.c,v 1.135 2014/09/10 07:22:09 dcoppa Exp $ */ 3 4 /*- 5 * Copyright (c) 2007-2010 Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /* 21 * Driver for Intel WiFi Link 4965 and 1000/5000/6000 Series 802.11 network 22 * adapters. 23 */ 24 #include <sys/cdefs.h> 25 __KERNEL_RCSID(0, "$NetBSD: if_iwn.c,v 1.82 2017/01/04 03:05:24 nonaka Exp $"); 26 27 #define IWN_USE_RBUF /* Use local storage for RX */ 28 #undef IWN_HWCRYPTO /* XXX does not even compile yet */ 29 30 #include <sys/param.h> 31 #include <sys/sockio.h> 32 #include <sys/proc.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/malloc.h> 38 #ifdef notyetMODULE 39 #include <sys/module.h> 40 #endif 41 #include <sys/mutex.h> 42 #include <sys/conf.h> 43 #include <sys/kauth.h> 44 #include <sys/callout.h> 45 46 #include <dev/sysmon/sysmonvar.h> 47 48 #include <sys/bus.h> 49 #include <machine/endian.h> 50 #include <machine/intr.h> 51 52 #include <dev/pci/pcireg.h> 53 #include <dev/pci/pcivar.h> 54 #include <dev/pci/pcidevs.h> 55 56 #include <net/bpf.h> 57 #include <net/if.h> 58 #include <net/if_arp.h> 59 #include <net/if_dl.h> 60 #include <net/if_media.h> 61 #include <net/if_types.h> 62 63 #include <netinet/in.h> 64 #include <netinet/in_systm.h> 65 #include <netinet/in_var.h> 66 #include <net/if_ether.h> 67 #include <netinet/ip.h> 68 69 #include <net80211/ieee80211_var.h> 70 #include <net80211/ieee80211_amrr.h> 71 #include <net80211/ieee80211_radiotap.h> 72 73 #include <dev/firmload.h> 74 75 #include <dev/pci/if_iwnreg.h> 76 #include <dev/pci/if_iwnvar.h> 77 78 static const pci_product_id_t iwn_devices[] = { 79 PCI_PRODUCT_INTEL_WIFI_LINK_1030_1, 80 PCI_PRODUCT_INTEL_WIFI_LINK_1030_2, 81 PCI_PRODUCT_INTEL_WIFI_LINK_4965_1, 82 PCI_PRODUCT_INTEL_WIFI_LINK_4965_2, 83 PCI_PRODUCT_INTEL_WIFI_LINK_4965_3, 84 PCI_PRODUCT_INTEL_WIFI_LINK_4965_4, 85 PCI_PRODUCT_INTEL_WIFI_LINK_5100_1, 86 PCI_PRODUCT_INTEL_WIFI_LINK_5100_2, 87 PCI_PRODUCT_INTEL_WIFI_LINK_5150_1, 88 PCI_PRODUCT_INTEL_WIFI_LINK_5150_2, 89 PCI_PRODUCT_INTEL_WIFI_LINK_5300_1, 90 PCI_PRODUCT_INTEL_WIFI_LINK_5300_2, 91 PCI_PRODUCT_INTEL_WIFI_LINK_5350_1, 92 PCI_PRODUCT_INTEL_WIFI_LINK_5350_2, 93 PCI_PRODUCT_INTEL_WIFI_LINK_1000_1, 94 PCI_PRODUCT_INTEL_WIFI_LINK_1000_2, 95 PCI_PRODUCT_INTEL_WIFI_LINK_6000_3X3_1, 96 PCI_PRODUCT_INTEL_WIFI_LINK_6000_3X3_2, 97 PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_1, 98 PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_2, 99 PCI_PRODUCT_INTEL_WIFI_LINK_6050_2X2_1, 100 PCI_PRODUCT_INTEL_WIFI_LINK_6050_2X2_2, 101 PCI_PRODUCT_INTEL_WIFI_LINK_6005_2X2_1, 102 PCI_PRODUCT_INTEL_WIFI_LINK_6005_2X2_2, 103 PCI_PRODUCT_INTEL_WIFI_LINK_6230_1, 104 PCI_PRODUCT_INTEL_WIFI_LINK_6230_2, 105 PCI_PRODUCT_INTEL_WIFI_LINK_6235, 106 PCI_PRODUCT_INTEL_WIFI_LINK_6235_2, 107 PCI_PRODUCT_INTEL_WIFI_LINK_100_1, 108 PCI_PRODUCT_INTEL_WIFI_LINK_100_2, 109 PCI_PRODUCT_INTEL_WIFI_LINK_130_1, 110 PCI_PRODUCT_INTEL_WIFI_LINK_130_2, 111 PCI_PRODUCT_INTEL_WIFI_LINK_2230_1, 112 PCI_PRODUCT_INTEL_WIFI_LINK_2230_2, 113 PCI_PRODUCT_INTEL_WIFI_LINK_2200_1, 114 PCI_PRODUCT_INTEL_WIFI_LINK_2200_2, 115 PCI_PRODUCT_INTEL_WIFI_LINK_135_1, 116 PCI_PRODUCT_INTEL_WIFI_LINK_135_2, 117 PCI_PRODUCT_INTEL_WIFI_LINK_105_1, 118 PCI_PRODUCT_INTEL_WIFI_LINK_105_2, 119 }; 120 121 /* 122 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 123 */ 124 static const struct ieee80211_rateset iwn_rateset_11a = 125 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 126 127 static const struct ieee80211_rateset iwn_rateset_11b = 128 { 4, { 2, 4, 11, 22 } }; 129 130 static const struct ieee80211_rateset iwn_rateset_11g = 131 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 132 133 static int iwn_match(device_t , struct cfdata *, void *); 134 static void iwn_attach(device_t , device_t , void *); 135 static int iwn4965_attach(struct iwn_softc *, pci_product_id_t); 136 static int iwn5000_attach(struct iwn_softc *, pci_product_id_t); 137 static void iwn_radiotap_attach(struct iwn_softc *); 138 static int iwn_detach(device_t , int); 139 #if 0 140 static void iwn_power(int, void *); 141 #endif 142 static bool iwn_resume(device_t, const pmf_qual_t *); 143 static int iwn_nic_lock(struct iwn_softc *); 144 static int iwn_eeprom_lock(struct iwn_softc *); 145 static int iwn_init_otprom(struct iwn_softc *); 146 static int iwn_read_prom_data(struct iwn_softc *, uint32_t, void *, int); 147 static int iwn_dma_contig_alloc(bus_dma_tag_t, struct iwn_dma_info *, 148 void **, bus_size_t, bus_size_t); 149 static void iwn_dma_contig_free(struct iwn_dma_info *); 150 static int iwn_alloc_sched(struct iwn_softc *); 151 static void iwn_free_sched(struct iwn_softc *); 152 static int iwn_alloc_kw(struct iwn_softc *); 153 static void iwn_free_kw(struct iwn_softc *); 154 static int iwn_alloc_ict(struct iwn_softc *); 155 static void iwn_free_ict(struct iwn_softc *); 156 static int iwn_alloc_fwmem(struct iwn_softc *); 157 static void iwn_free_fwmem(struct iwn_softc *); 158 static int iwn_alloc_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 159 static void iwn_reset_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 160 static void iwn_free_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 161 static int iwn_alloc_tx_ring(struct iwn_softc *, struct iwn_tx_ring *, 162 int); 163 static void iwn_reset_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 164 static void iwn_free_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 165 static void iwn5000_ict_reset(struct iwn_softc *); 166 static int iwn_read_eeprom(struct iwn_softc *); 167 static void iwn4965_read_eeprom(struct iwn_softc *); 168 169 #ifdef IWN_DEBUG 170 static void iwn4965_print_power_group(struct iwn_softc *, int); 171 #endif 172 static void iwn5000_read_eeprom(struct iwn_softc *); 173 static void iwn_read_eeprom_channels(struct iwn_softc *, int, uint32_t); 174 static void iwn_read_eeprom_enhinfo(struct iwn_softc *); 175 static struct ieee80211_node *iwn_node_alloc(struct ieee80211_node_table *); 176 static void iwn_newassoc(struct ieee80211_node *, int); 177 static int iwn_media_change(struct ifnet *); 178 static int iwn_newstate(struct ieee80211com *, enum ieee80211_state, int); 179 static void iwn_iter_func(void *, struct ieee80211_node *); 180 static void iwn_calib_timeout(void *); 181 static void iwn_rx_phy(struct iwn_softc *, struct iwn_rx_desc *, 182 struct iwn_rx_data *); 183 static void iwn_rx_done(struct iwn_softc *, struct iwn_rx_desc *, 184 struct iwn_rx_data *); 185 #ifndef IEEE80211_NO_HT 186 static void iwn_rx_compressed_ba(struct iwn_softc *, struct iwn_rx_desc *, 187 struct iwn_rx_data *); 188 #endif 189 static void iwn5000_rx_calib_results(struct iwn_softc *, 190 struct iwn_rx_desc *, struct iwn_rx_data *); 191 static void iwn_rx_statistics(struct iwn_softc *, struct iwn_rx_desc *, 192 struct iwn_rx_data *); 193 static void iwn4965_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 194 struct iwn_rx_data *); 195 static void iwn5000_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 196 struct iwn_rx_data *); 197 static void iwn_tx_done(struct iwn_softc *, struct iwn_rx_desc *, int, 198 uint8_t); 199 static void iwn_cmd_done(struct iwn_softc *, struct iwn_rx_desc *); 200 static void iwn_notif_intr(struct iwn_softc *); 201 static void iwn_wakeup_intr(struct iwn_softc *); 202 static void iwn_fatal_intr(struct iwn_softc *); 203 static int iwn_intr(void *); 204 static void iwn4965_update_sched(struct iwn_softc *, int, int, uint8_t, 205 uint16_t); 206 static void iwn5000_update_sched(struct iwn_softc *, int, int, uint8_t, 207 uint16_t); 208 #ifdef notyet 209 static void iwn5000_reset_sched(struct iwn_softc *, int, int); 210 #endif 211 static int iwn_tx(struct iwn_softc *, struct mbuf *, 212 struct ieee80211_node *, int); 213 static void iwn_start(struct ifnet *); 214 static void iwn_watchdog(struct ifnet *); 215 static int iwn_ioctl(struct ifnet *, u_long, void *); 216 static int iwn_cmd(struct iwn_softc *, int, const void *, int, int); 217 static int iwn4965_add_node(struct iwn_softc *, struct iwn_node_info *, 218 int); 219 static int iwn5000_add_node(struct iwn_softc *, struct iwn_node_info *, 220 int); 221 static int iwn_set_link_quality(struct iwn_softc *, 222 struct ieee80211_node *); 223 static int iwn_add_broadcast_node(struct iwn_softc *, int); 224 static void iwn_set_led(struct iwn_softc *, uint8_t, uint8_t, uint8_t); 225 static int iwn_set_critical_temp(struct iwn_softc *); 226 static int iwn_set_timing(struct iwn_softc *, struct ieee80211_node *); 227 static void iwn4965_power_calibration(struct iwn_softc *, int); 228 static int iwn4965_set_txpower(struct iwn_softc *, int); 229 static int iwn5000_set_txpower(struct iwn_softc *, int); 230 static int iwn4965_get_rssi(const struct iwn_rx_stat *); 231 static int iwn5000_get_rssi(const struct iwn_rx_stat *); 232 static int iwn_get_noise(const struct iwn_rx_general_stats *); 233 static int iwn4965_get_temperature(struct iwn_softc *); 234 static int iwn5000_get_temperature(struct iwn_softc *); 235 static int iwn_init_sensitivity(struct iwn_softc *); 236 static void iwn_collect_noise(struct iwn_softc *, 237 const struct iwn_rx_general_stats *); 238 static int iwn4965_init_gains(struct iwn_softc *); 239 static int iwn5000_init_gains(struct iwn_softc *); 240 static int iwn4965_set_gains(struct iwn_softc *); 241 static int iwn5000_set_gains(struct iwn_softc *); 242 static void iwn_tune_sensitivity(struct iwn_softc *, 243 const struct iwn_rx_stats *); 244 static int iwn_send_sensitivity(struct iwn_softc *); 245 static int iwn_set_pslevel(struct iwn_softc *, int, int, int); 246 static int iwn5000_runtime_calib(struct iwn_softc *); 247 248 static int iwn_config_bt_coex_bluetooth(struct iwn_softc *); 249 static int iwn_config_bt_coex_prio_table(struct iwn_softc *); 250 static int iwn_config_bt_coex_adv1(struct iwn_softc *); 251 static int iwn_config_bt_coex_adv2(struct iwn_softc *); 252 253 static int iwn_config(struct iwn_softc *); 254 static uint16_t iwn_get_active_dwell_time(struct iwn_softc *, uint16_t, 255 uint8_t); 256 static uint16_t iwn_limit_dwell(struct iwn_softc *, uint16_t); 257 static uint16_t iwn_get_passive_dwell_time(struct iwn_softc *, uint16_t); 258 static int iwn_scan(struct iwn_softc *, uint16_t); 259 static int iwn_auth(struct iwn_softc *); 260 static int iwn_run(struct iwn_softc *); 261 #ifdef IWN_HWCRYPTO 262 static int iwn_set_key(struct ieee80211com *, struct ieee80211_node *, 263 struct ieee80211_key *); 264 static void iwn_delete_key(struct ieee80211com *, struct ieee80211_node *, 265 struct ieee80211_key *); 266 #endif 267 static int iwn_wme_update(struct ieee80211com *); 268 #ifndef IEEE80211_NO_HT 269 static int iwn_ampdu_rx_start(struct ieee80211com *, 270 struct ieee80211_node *, uint8_t); 271 static void iwn_ampdu_rx_stop(struct ieee80211com *, 272 struct ieee80211_node *, uint8_t); 273 static int iwn_ampdu_tx_start(struct ieee80211com *, 274 struct ieee80211_node *, uint8_t); 275 static void iwn_ampdu_tx_stop(struct ieee80211com *, 276 struct ieee80211_node *, uint8_t); 277 static void iwn4965_ampdu_tx_start(struct iwn_softc *, 278 struct ieee80211_node *, uint8_t, uint16_t); 279 static void iwn4965_ampdu_tx_stop(struct iwn_softc *, 280 uint8_t, uint16_t); 281 static void iwn5000_ampdu_tx_start(struct iwn_softc *, 282 struct ieee80211_node *, uint8_t, uint16_t); 283 static void iwn5000_ampdu_tx_stop(struct iwn_softc *, 284 uint8_t, uint16_t); 285 #endif 286 static int iwn5000_query_calibration(struct iwn_softc *); 287 static int iwn5000_send_calibration(struct iwn_softc *); 288 static int iwn5000_send_wimax_coex(struct iwn_softc *); 289 static int iwn6000_temp_offset_calib(struct iwn_softc *); 290 static int iwn2000_temp_offset_calib(struct iwn_softc *); 291 static int iwn4965_post_alive(struct iwn_softc *); 292 static int iwn5000_post_alive(struct iwn_softc *); 293 static int iwn4965_load_bootcode(struct iwn_softc *, const uint8_t *, 294 int); 295 static int iwn4965_load_firmware(struct iwn_softc *); 296 static int iwn5000_load_firmware_section(struct iwn_softc *, uint32_t, 297 const uint8_t *, int); 298 static int iwn5000_load_firmware(struct iwn_softc *); 299 static int iwn_read_firmware_leg(struct iwn_softc *, 300 struct iwn_fw_info *); 301 static int iwn_read_firmware_tlv(struct iwn_softc *, 302 struct iwn_fw_info *, uint16_t); 303 static int iwn_read_firmware(struct iwn_softc *); 304 static int iwn_clock_wait(struct iwn_softc *); 305 static int iwn_apm_init(struct iwn_softc *); 306 static void iwn_apm_stop_master(struct iwn_softc *); 307 static void iwn_apm_stop(struct iwn_softc *); 308 static int iwn4965_nic_config(struct iwn_softc *); 309 static int iwn5000_nic_config(struct iwn_softc *); 310 static int iwn_hw_prepare(struct iwn_softc *); 311 static int iwn_hw_init(struct iwn_softc *); 312 static void iwn_hw_stop(struct iwn_softc *); 313 static int iwn_init(struct ifnet *); 314 static void iwn_stop(struct ifnet *, int); 315 316 /* XXX MCLGETI alternative */ 317 static struct mbuf *MCLGETIalt(struct iwn_softc *, int, 318 struct ifnet *, u_int); 319 #ifdef IWN_USE_RBUF 320 static struct iwn_rbuf *iwn_alloc_rbuf(struct iwn_softc *); 321 static void iwn_free_rbuf(struct mbuf *, void *, size_t, void *); 322 static int iwn_alloc_rpool(struct iwn_softc *); 323 static void iwn_free_rpool(struct iwn_softc *); 324 #endif 325 326 static void iwn_fix_channel(struct ieee80211com *, struct mbuf *, 327 struct iwn_rx_stat *); 328 329 #ifdef IWN_DEBUG 330 #define DPRINTF(x) do { if (iwn_debug > 0) printf x; } while (0) 331 #define DPRINTFN(n, x) do { if (iwn_debug >= (n)) printf x; } while (0) 332 int iwn_debug = 0; 333 #else 334 #define DPRINTF(x) 335 #define DPRINTFN(n, x) 336 #endif 337 338 CFATTACH_DECL_NEW(iwn, sizeof(struct iwn_softc), iwn_match, iwn_attach, 339 iwn_detach, NULL); 340 341 static int 342 iwn_match(device_t parent, cfdata_t match __unused, void *aux) 343 { 344 struct pci_attach_args *pa = aux; 345 size_t i; 346 347 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 348 return 0; 349 350 for (i = 0; i < __arraycount(iwn_devices); i++) 351 if (PCI_PRODUCT(pa->pa_id) == iwn_devices[i]) 352 return 1; 353 354 return 0; 355 } 356 357 static void 358 iwn_attach(device_t parent __unused, device_t self, void *aux) 359 { 360 struct iwn_softc *sc = device_private(self); 361 struct ieee80211com *ic = &sc->sc_ic; 362 struct ifnet *ifp = &sc->sc_ec.ec_if; 363 struct pci_attach_args *pa = aux; 364 const char *intrstr; 365 pci_intr_handle_t ih; 366 pcireg_t memtype, reg; 367 int i, error; 368 char intrbuf[PCI_INTRSTR_LEN]; 369 370 sc->sc_dev = self; 371 sc->sc_pct = pa->pa_pc; 372 sc->sc_pcitag = pa->pa_tag; 373 sc->sc_dmat = pa->pa_dmat; 374 mutex_init(&sc->sc_mtx, MUTEX_DEFAULT, IPL_NONE); 375 376 callout_init(&sc->calib_to, 0); 377 callout_setfunc(&sc->calib_to, iwn_calib_timeout, sc); 378 379 pci_aprint_devinfo(pa, NULL); 380 381 /* 382 * Get the offset of the PCI Express Capability Structure in PCI 383 * Configuration Space. 384 */ 385 error = pci_get_capability(sc->sc_pct, sc->sc_pcitag, 386 PCI_CAP_PCIEXPRESS, &sc->sc_cap_off, NULL); 387 if (error == 0) { 388 aprint_error_dev(self, 389 "PCIe capability structure not found!\n"); 390 return; 391 } 392 393 /* Clear device-specific "PCI retry timeout" register (41h). */ 394 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 395 if (reg & 0xff00) 396 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, reg & ~0xff00); 397 398 /* Enable bus-mastering and hardware bug workaround. */ 399 /* XXX verify the bus-mastering is really needed (not in OpenBSD) */ 400 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 401 reg |= PCI_COMMAND_MASTER_ENABLE; 402 if (reg & PCI_COMMAND_INTERRUPT_DISABLE) { 403 DPRINTF(("PCIe INTx Disable set\n")); 404 reg &= ~PCI_COMMAND_INTERRUPT_DISABLE; 405 } 406 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, reg); 407 408 memtype = pci_mapreg_type(pa->pa_pc, pa->pa_tag, IWN_PCI_BAR0); 409 error = pci_mapreg_map(pa, IWN_PCI_BAR0, memtype, 0, &sc->sc_st, 410 &sc->sc_sh, NULL, &sc->sc_sz); 411 if (error != 0) { 412 aprint_error_dev(self, "can't map mem space\n"); 413 return; 414 } 415 416 /* Install interrupt handler. */ 417 if (pci_intr_map(pa, &ih) != 0) { 418 aprint_error_dev(self, "can't map interrupt\n"); 419 return; 420 } 421 intrstr = pci_intr_string(sc->sc_pct, ih, intrbuf, sizeof(intrbuf)); 422 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, iwn_intr, sc); 423 if (sc->sc_ih == NULL) { 424 aprint_error_dev(self, "can't establish interrupt"); 425 if (intrstr != NULL) 426 aprint_error(" at %s", intrstr); 427 aprint_error("\n"); 428 return; 429 } 430 aprint_normal_dev(self, "interrupting at %s\n", intrstr); 431 432 /* Read hardware revision and attach. */ 433 sc->hw_type = 434 (IWN_READ(sc, IWN_HW_REV) & IWN_HW_REV_TYPE_MASK) 435 >> IWN_HW_REV_TYPE_SHIFT; 436 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 437 error = iwn4965_attach(sc, PCI_PRODUCT(pa->pa_id)); 438 else 439 error = iwn5000_attach(sc, PCI_PRODUCT(pa->pa_id)); 440 if (error != 0) { 441 aprint_error_dev(self, "could not attach device\n"); 442 return; 443 } 444 445 if ((error = iwn_hw_prepare(sc)) != 0) { 446 aprint_error_dev(self, "hardware not ready\n"); 447 return; 448 } 449 450 /* Read MAC address, channels, etc from EEPROM. */ 451 if ((error = iwn_read_eeprom(sc)) != 0) { 452 aprint_error_dev(self, "could not read EEPROM\n"); 453 return; 454 } 455 456 /* Allocate DMA memory for firmware transfers. */ 457 if ((error = iwn_alloc_fwmem(sc)) != 0) { 458 aprint_error_dev(self, 459 "could not allocate memory for firmware\n"); 460 return; 461 } 462 463 /* Allocate "Keep Warm" page. */ 464 if ((error = iwn_alloc_kw(sc)) != 0) { 465 aprint_error_dev(self, "could not allocate keep warm page\n"); 466 goto fail1; 467 } 468 469 /* Allocate ICT table for 5000 Series. */ 470 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 471 (error = iwn_alloc_ict(sc)) != 0) { 472 aprint_error_dev(self, "could not allocate ICT table\n"); 473 goto fail2; 474 } 475 476 /* Allocate TX scheduler "rings". */ 477 if ((error = iwn_alloc_sched(sc)) != 0) { 478 aprint_error_dev(self, 479 "could not allocate TX scheduler rings\n"); 480 goto fail3; 481 } 482 483 #ifdef IWN_USE_RBUF 484 /* Allocate RX buffers. */ 485 if ((error = iwn_alloc_rpool(sc)) != 0) { 486 aprint_error_dev(self, "could not allocate RX buffers\n"); 487 goto fail3; 488 } 489 #endif 490 491 /* Allocate TX rings (16 on 4965AGN, 20 on >=5000). */ 492 for (i = 0; i < sc->ntxqs; i++) { 493 if ((error = iwn_alloc_tx_ring(sc, &sc->txq[i], i)) != 0) { 494 aprint_error_dev(self, 495 "could not allocate TX ring %d\n", i); 496 goto fail4; 497 } 498 } 499 500 /* Allocate RX ring. */ 501 if ((error = iwn_alloc_rx_ring(sc, &sc->rxq)) != 0) { 502 aprint_error_dev(self, "could not allocate RX ring\n"); 503 goto fail4; 504 } 505 506 /* Clear pending interrupts. */ 507 IWN_WRITE(sc, IWN_INT, 0xffffffff); 508 509 /* Count the number of available chains. */ 510 sc->ntxchains = 511 ((sc->txchainmask >> 2) & 1) + 512 ((sc->txchainmask >> 1) & 1) + 513 ((sc->txchainmask >> 0) & 1); 514 sc->nrxchains = 515 ((sc->rxchainmask >> 2) & 1) + 516 ((sc->rxchainmask >> 1) & 1) + 517 ((sc->rxchainmask >> 0) & 1); 518 aprint_normal_dev(self, "MIMO %dT%dR, %.4s, address %s\n", 519 sc->ntxchains, sc->nrxchains, sc->eeprom_domain, 520 ether_sprintf(ic->ic_myaddr)); 521 522 ic->ic_ifp = ifp; 523 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 524 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 525 ic->ic_state = IEEE80211_S_INIT; 526 527 /* Set device capabilities. */ 528 /* XXX OpenBSD has IEEE80211_C_WEP, IEEE80211_C_RSN, 529 * and IEEE80211_C_PMGT too. */ 530 ic->ic_caps = 531 IEEE80211_C_IBSS | /* IBSS mode support */ 532 IEEE80211_C_WPA | /* 802.11i */ 533 IEEE80211_C_MONITOR | /* monitor mode supported */ 534 IEEE80211_C_TXPMGT | /* tx power management */ 535 IEEE80211_C_SHSLOT | /* short slot time supported */ 536 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 537 IEEE80211_C_WME; /* 802.11e */ 538 539 #ifndef IEEE80211_NO_HT 540 if (sc->sc_flags & IWN_FLAG_HAS_11N) { 541 /* Set HT capabilities. */ 542 ic->ic_htcaps = 543 #if IWN_RBUF_SIZE == 8192 544 IEEE80211_HTCAP_AMSDU7935 | 545 #endif 546 IEEE80211_HTCAP_CBW20_40 | 547 IEEE80211_HTCAP_SGI20 | 548 IEEE80211_HTCAP_SGI40; 549 if (sc->hw_type != IWN_HW_REV_TYPE_4965) 550 ic->ic_htcaps |= IEEE80211_HTCAP_GF; 551 if (sc->hw_type == IWN_HW_REV_TYPE_6050) 552 ic->ic_htcaps |= IEEE80211_HTCAP_SMPS_DYN; 553 else 554 ic->ic_htcaps |= IEEE80211_HTCAP_SMPS_DIS; 555 } 556 #endif /* !IEEE80211_NO_HT */ 557 558 /* Set supported legacy rates. */ 559 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwn_rateset_11b; 560 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwn_rateset_11g; 561 if (sc->sc_flags & IWN_FLAG_HAS_5GHZ) { 562 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwn_rateset_11a; 563 } 564 #ifndef IEEE80211_NO_HT 565 if (sc->sc_flags & IWN_FLAG_HAS_11N) { 566 /* Set supported HT rates. */ 567 ic->ic_sup_mcs[0] = 0xff; /* MCS 0-7 */ 568 if (sc->nrxchains > 1) 569 ic->ic_sup_mcs[1] = 0xff; /* MCS 7-15 */ 570 if (sc->nrxchains > 2) 571 ic->ic_sup_mcs[2] = 0xff; /* MCS 16-23 */ 572 } 573 #endif 574 575 /* IBSS channel undefined for now. */ 576 ic->ic_ibss_chan = &ic->ic_channels[0]; 577 578 ifp->if_softc = sc; 579 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 580 ifp->if_init = iwn_init; 581 ifp->if_ioctl = iwn_ioctl; 582 ifp->if_start = iwn_start; 583 ifp->if_stop = iwn_stop; 584 ifp->if_watchdog = iwn_watchdog; 585 IFQ_SET_READY(&ifp->if_snd); 586 memcpy(ifp->if_xname, device_xname(self), IFNAMSIZ); 587 588 if_attach(ifp); 589 if_deferred_start_init(ifp, NULL); 590 ieee80211_ifattach(ic); 591 ic->ic_node_alloc = iwn_node_alloc; 592 ic->ic_newassoc = iwn_newassoc; 593 #ifdef IWN_HWCRYPTO 594 ic->ic_crypto.cs_key_set = iwn_set_key; 595 ic->ic_crypto.cs_key_delete = iwn_delete_key; 596 #endif 597 ic->ic_wme.wme_update = iwn_wme_update; 598 #ifndef IEEE80211_NO_HT 599 ic->ic_ampdu_rx_start = iwn_ampdu_rx_start; 600 ic->ic_ampdu_rx_stop = iwn_ampdu_rx_stop; 601 ic->ic_ampdu_tx_start = iwn_ampdu_tx_start; 602 ic->ic_ampdu_tx_stop = iwn_ampdu_tx_stop; 603 #endif 604 605 /* Override 802.11 state transition machine. */ 606 sc->sc_newstate = ic->ic_newstate; 607 ic->ic_newstate = iwn_newstate; 608 ieee80211_media_init(ic, iwn_media_change, ieee80211_media_status); 609 610 sc->amrr.amrr_min_success_threshold = 1; 611 sc->amrr.amrr_max_success_threshold = 15; 612 613 iwn_radiotap_attach(sc); 614 615 /* 616 * XXX for NetBSD, OpenBSD timeout_set replaced by 617 * callout_init and callout_setfunc, above. 618 */ 619 620 if (pmf_device_register(self, NULL, iwn_resume)) 621 pmf_class_network_register(self, ifp); 622 else 623 aprint_error_dev(self, "couldn't establish power handler\n"); 624 625 /* XXX NetBSD add call to ieee80211_announce for dmesg. */ 626 ieee80211_announce(ic); 627 628 return; 629 630 /* Free allocated memory if something failed during attachment. */ 631 fail4: while (--i >= 0) 632 iwn_free_tx_ring(sc, &sc->txq[i]); 633 #ifdef IWN_USE_RBUF 634 iwn_free_rpool(sc); 635 #endif 636 iwn_free_sched(sc); 637 fail3: if (sc->ict != NULL) 638 iwn_free_ict(sc); 639 fail2: iwn_free_kw(sc); 640 fail1: iwn_free_fwmem(sc); 641 } 642 643 int 644 iwn4965_attach(struct iwn_softc *sc, pci_product_id_t pid) 645 { 646 struct iwn_ops *ops = &sc->ops; 647 648 ops->load_firmware = iwn4965_load_firmware; 649 ops->read_eeprom = iwn4965_read_eeprom; 650 ops->post_alive = iwn4965_post_alive; 651 ops->nic_config = iwn4965_nic_config; 652 ops->config_bt_coex = iwn_config_bt_coex_bluetooth; 653 ops->update_sched = iwn4965_update_sched; 654 ops->get_temperature = iwn4965_get_temperature; 655 ops->get_rssi = iwn4965_get_rssi; 656 ops->set_txpower = iwn4965_set_txpower; 657 ops->init_gains = iwn4965_init_gains; 658 ops->set_gains = iwn4965_set_gains; 659 ops->add_node = iwn4965_add_node; 660 ops->tx_done = iwn4965_tx_done; 661 #ifndef IEEE80211_NO_HT 662 ops->ampdu_tx_start = iwn4965_ampdu_tx_start; 663 ops->ampdu_tx_stop = iwn4965_ampdu_tx_stop; 664 #endif 665 sc->ntxqs = IWN4965_NTXQUEUES; 666 sc->ndmachnls = IWN4965_NDMACHNLS; 667 sc->broadcast_id = IWN4965_ID_BROADCAST; 668 sc->rxonsz = IWN4965_RXONSZ; 669 sc->schedsz = IWN4965_SCHEDSZ; 670 sc->fw_text_maxsz = IWN4965_FW_TEXT_MAXSZ; 671 sc->fw_data_maxsz = IWN4965_FW_DATA_MAXSZ; 672 sc->fwsz = IWN4965_FWSZ; 673 sc->sched_txfact_addr = IWN4965_SCHED_TXFACT; 674 sc->limits = &iwn4965_sensitivity_limits; 675 sc->fwname = "iwlwifi-4965-2.ucode"; 676 /* Override chains masks, ROM is known to be broken. */ 677 sc->txchainmask = IWN_ANT_AB; 678 sc->rxchainmask = IWN_ANT_ABC; 679 680 return 0; 681 } 682 683 int 684 iwn5000_attach(struct iwn_softc *sc, pci_product_id_t pid) 685 { 686 struct iwn_ops *ops = &sc->ops; 687 688 ops->load_firmware = iwn5000_load_firmware; 689 ops->read_eeprom = iwn5000_read_eeprom; 690 ops->post_alive = iwn5000_post_alive; 691 ops->nic_config = iwn5000_nic_config; 692 ops->config_bt_coex = iwn_config_bt_coex_bluetooth; 693 ops->update_sched = iwn5000_update_sched; 694 ops->get_temperature = iwn5000_get_temperature; 695 ops->get_rssi = iwn5000_get_rssi; 696 ops->set_txpower = iwn5000_set_txpower; 697 ops->init_gains = iwn5000_init_gains; 698 ops->set_gains = iwn5000_set_gains; 699 ops->add_node = iwn5000_add_node; 700 ops->tx_done = iwn5000_tx_done; 701 #ifndef IEEE80211_NO_HT 702 ops->ampdu_tx_start = iwn5000_ampdu_tx_start; 703 ops->ampdu_tx_stop = iwn5000_ampdu_tx_stop; 704 #endif 705 sc->ntxqs = IWN5000_NTXQUEUES; 706 sc->ndmachnls = IWN5000_NDMACHNLS; 707 sc->broadcast_id = IWN5000_ID_BROADCAST; 708 sc->rxonsz = IWN5000_RXONSZ; 709 sc->schedsz = IWN5000_SCHEDSZ; 710 sc->fw_text_maxsz = IWN5000_FW_TEXT_MAXSZ; 711 sc->fw_data_maxsz = IWN5000_FW_DATA_MAXSZ; 712 sc->fwsz = IWN5000_FWSZ; 713 sc->sched_txfact_addr = IWN5000_SCHED_TXFACT; 714 715 switch (sc->hw_type) { 716 case IWN_HW_REV_TYPE_5100: 717 sc->limits = &iwn5000_sensitivity_limits; 718 sc->fwname = "iwlwifi-5000-2.ucode"; 719 /* Override chains masks, ROM is known to be broken. */ 720 sc->txchainmask = IWN_ANT_B; 721 sc->rxchainmask = IWN_ANT_AB; 722 break; 723 case IWN_HW_REV_TYPE_5150: 724 sc->limits = &iwn5150_sensitivity_limits; 725 sc->fwname = "iwlwifi-5150-2.ucode"; 726 break; 727 case IWN_HW_REV_TYPE_5300: 728 case IWN_HW_REV_TYPE_5350: 729 sc->limits = &iwn5000_sensitivity_limits; 730 sc->fwname = "iwlwifi-5000-2.ucode"; 731 break; 732 case IWN_HW_REV_TYPE_1000: 733 sc->limits = &iwn1000_sensitivity_limits; 734 if (pid == PCI_PRODUCT_INTEL_WIFI_LINK_100_1 || 735 pid == PCI_PRODUCT_INTEL_WIFI_LINK_100_2) 736 sc->fwname = "iwlwifi-100-5.ucode"; 737 else 738 sc->fwname = "iwlwifi-1000-3.ucode"; 739 break; 740 case IWN_HW_REV_TYPE_6000: 741 sc->limits = &iwn6000_sensitivity_limits; 742 sc->fwname = "iwlwifi-6000-4.ucode"; 743 if (pid == PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_1 || 744 pid == PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_2) { 745 sc->sc_flags |= IWN_FLAG_INTERNAL_PA; 746 /* Override chains masks, ROM is known to be broken. */ 747 sc->txchainmask = IWN_ANT_BC; 748 sc->rxchainmask = IWN_ANT_BC; 749 } 750 break; 751 case IWN_HW_REV_TYPE_6050: 752 sc->limits = &iwn6000_sensitivity_limits; 753 sc->fwname = "iwlwifi-6050-5.ucode"; 754 break; 755 case IWN_HW_REV_TYPE_6005: 756 sc->limits = &iwn6000_sensitivity_limits; 757 /* Type 6030 cards return IWN_HW_REV_TYPE_6005 */ 758 if (pid == PCI_PRODUCT_INTEL_WIFI_LINK_1030_1 || 759 pid == PCI_PRODUCT_INTEL_WIFI_LINK_1030_2 || 760 pid == PCI_PRODUCT_INTEL_WIFI_LINK_6230_1 || 761 pid == PCI_PRODUCT_INTEL_WIFI_LINK_6230_2 || 762 pid == PCI_PRODUCT_INTEL_WIFI_LINK_6235 || 763 pid == PCI_PRODUCT_INTEL_WIFI_LINK_6235_2) { 764 sc->fwname = "iwlwifi-6000g2b-6.ucode"; 765 ops->config_bt_coex = iwn_config_bt_coex_adv1; 766 } 767 else 768 sc->fwname = "iwlwifi-6000g2a-5.ucode"; 769 break; 770 case IWN_HW_REV_TYPE_2030: 771 sc->limits = &iwn2000_sensitivity_limits; 772 sc->fwname = "iwlwifi-2030-6.ucode"; 773 ops->config_bt_coex = iwn_config_bt_coex_adv2; 774 break; 775 case IWN_HW_REV_TYPE_2000: 776 sc->limits = &iwn2000_sensitivity_limits; 777 sc->fwname = "iwlwifi-2000-6.ucode"; 778 break; 779 case IWN_HW_REV_TYPE_135: 780 sc->limits = &iwn2000_sensitivity_limits; 781 sc->fwname = "iwlwifi-135-6.ucode"; 782 ops->config_bt_coex = iwn_config_bt_coex_adv2; 783 break; 784 case IWN_HW_REV_TYPE_105: 785 sc->limits = &iwn2000_sensitivity_limits; 786 sc->fwname = "iwlwifi-105-6.ucode"; 787 break; 788 default: 789 aprint_normal(": adapter type %d not supported\n", sc->hw_type); 790 return ENOTSUP; 791 } 792 return 0; 793 } 794 795 /* 796 * Attach the interface to 802.11 radiotap. 797 */ 798 static void 799 iwn_radiotap_attach(struct iwn_softc *sc) 800 { 801 struct ifnet *ifp = sc->sc_ic.ic_ifp; 802 803 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 804 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 805 &sc->sc_drvbpf); 806 807 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 808 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 809 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWN_RX_RADIOTAP_PRESENT); 810 811 sc->sc_txtap_len = sizeof sc->sc_txtapu; 812 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 813 sc->sc_txtap.wt_ihdr.it_present = htole32(IWN_TX_RADIOTAP_PRESENT); 814 } 815 816 static int 817 iwn_detach(device_t self, int flags __unused) 818 { 819 struct iwn_softc *sc = device_private(self); 820 struct ifnet *ifp = sc->sc_ic.ic_ifp; 821 int qid; 822 823 callout_stop(&sc->calib_to); 824 825 /* Uninstall interrupt handler. */ 826 if (sc->sc_ih != NULL) 827 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 828 829 /* Free DMA resources. */ 830 iwn_free_rx_ring(sc, &sc->rxq); 831 for (qid = 0; qid < sc->ntxqs; qid++) 832 iwn_free_tx_ring(sc, &sc->txq[qid]); 833 #ifdef IWN_USE_RBUF 834 iwn_free_rpool(sc); 835 #endif 836 iwn_free_sched(sc); 837 iwn_free_kw(sc); 838 if (sc->ict != NULL) 839 iwn_free_ict(sc); 840 iwn_free_fwmem(sc); 841 842 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 843 844 ieee80211_ifdetach(&sc->sc_ic); 845 if_detach(ifp); 846 847 return 0; 848 } 849 850 #if 0 851 /* 852 * XXX Investigate if clearing the PCI retry timeout could eliminate 853 * the repeated scan calls. Also the calls to if_init and if_start 854 * are similar to the effect of adding the call to ifioctl_common . 855 */ 856 static void 857 iwn_power(int why, void *arg) 858 { 859 struct iwn_softc *sc = arg; 860 struct ifnet *ifp; 861 pcireg_t reg; 862 int s; 863 864 if (why != PWR_RESUME) 865 return; 866 867 /* Clear device-specific "PCI retry timeout" register (41h). */ 868 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 869 if (reg & 0xff00) 870 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, reg & ~0xff00); 871 872 s = splnet(); 873 ifp = &sc->sc_ic.ic_if; 874 if (ifp->if_flags & IFF_UP) { 875 ifp->if_init(ifp); 876 if (ifp->if_flags & IFF_RUNNING) 877 ifp->if_start(ifp); 878 } 879 splx(s); 880 } 881 #endif 882 883 static bool 884 iwn_resume(device_t dv, const pmf_qual_t *qual) 885 { 886 return true; 887 } 888 889 static int 890 iwn_nic_lock(struct iwn_softc *sc) 891 { 892 int ntries; 893 894 /* Request exclusive access to NIC. */ 895 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 896 897 /* Spin until we actually get the lock. */ 898 for (ntries = 0; ntries < 1000; ntries++) { 899 if ((IWN_READ(sc, IWN_GP_CNTRL) & 900 (IWN_GP_CNTRL_MAC_ACCESS_ENA | IWN_GP_CNTRL_SLEEP)) == 901 IWN_GP_CNTRL_MAC_ACCESS_ENA) 902 return 0; 903 DELAY(10); 904 } 905 return ETIMEDOUT; 906 } 907 908 static __inline void 909 iwn_nic_unlock(struct iwn_softc *sc) 910 { 911 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 912 } 913 914 static __inline uint32_t 915 iwn_prph_read(struct iwn_softc *sc, uint32_t addr) 916 { 917 IWN_WRITE(sc, IWN_PRPH_RADDR, IWN_PRPH_DWORD | addr); 918 IWN_BARRIER_READ_WRITE(sc); 919 return IWN_READ(sc, IWN_PRPH_RDATA); 920 } 921 922 static __inline void 923 iwn_prph_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 924 { 925 IWN_WRITE(sc, IWN_PRPH_WADDR, IWN_PRPH_DWORD | addr); 926 IWN_BARRIER_WRITE(sc); 927 IWN_WRITE(sc, IWN_PRPH_WDATA, data); 928 } 929 930 static __inline void 931 iwn_prph_setbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 932 { 933 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) | mask); 934 } 935 936 static __inline void 937 iwn_prph_clrbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 938 { 939 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) & ~mask); 940 } 941 942 static __inline void 943 iwn_prph_write_region_4(struct iwn_softc *sc, uint32_t addr, 944 const uint32_t *data, int count) 945 { 946 for (; count > 0; count--, data++, addr += 4) 947 iwn_prph_write(sc, addr, *data); 948 } 949 950 static __inline uint32_t 951 iwn_mem_read(struct iwn_softc *sc, uint32_t addr) 952 { 953 IWN_WRITE(sc, IWN_MEM_RADDR, addr); 954 IWN_BARRIER_READ_WRITE(sc); 955 return IWN_READ(sc, IWN_MEM_RDATA); 956 } 957 958 static __inline void 959 iwn_mem_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 960 { 961 IWN_WRITE(sc, IWN_MEM_WADDR, addr); 962 IWN_BARRIER_WRITE(sc); 963 IWN_WRITE(sc, IWN_MEM_WDATA, data); 964 } 965 966 #ifndef IEEE80211_NO_HT 967 static __inline void 968 iwn_mem_write_2(struct iwn_softc *sc, uint32_t addr, uint16_t data) 969 { 970 uint32_t tmp; 971 972 tmp = iwn_mem_read(sc, addr & ~3); 973 if (addr & 3) 974 tmp = (tmp & 0x0000ffff) | data << 16; 975 else 976 tmp = (tmp & 0xffff0000) | data; 977 iwn_mem_write(sc, addr & ~3, tmp); 978 } 979 #endif 980 981 static __inline void 982 iwn_mem_read_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t *data, 983 int count) 984 { 985 for (; count > 0; count--, addr += 4) 986 *data++ = iwn_mem_read(sc, addr); 987 } 988 989 static __inline void 990 iwn_mem_set_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t val, 991 int count) 992 { 993 for (; count > 0; count--, addr += 4) 994 iwn_mem_write(sc, addr, val); 995 } 996 997 static int 998 iwn_eeprom_lock(struct iwn_softc *sc) 999 { 1000 int i, ntries; 1001 1002 for (i = 0; i < 100; i++) { 1003 /* Request exclusive access to EEPROM. */ 1004 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 1005 IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1006 1007 /* Spin until we actually get the lock. */ 1008 for (ntries = 0; ntries < 100; ntries++) { 1009 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 1010 IWN_HW_IF_CONFIG_EEPROM_LOCKED) 1011 return 0; 1012 DELAY(10); 1013 } 1014 } 1015 return ETIMEDOUT; 1016 } 1017 1018 static __inline void 1019 iwn_eeprom_unlock(struct iwn_softc *sc) 1020 { 1021 IWN_CLRBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1022 } 1023 1024 /* 1025 * Initialize access by host to One Time Programmable ROM. 1026 * NB: This kind of ROM can be found on 1000 or 6000 Series only. 1027 */ 1028 static int 1029 iwn_init_otprom(struct iwn_softc *sc) 1030 { 1031 uint16_t prev = 0, base, next; 1032 int count, error; 1033 1034 /* Wait for clock stabilization before accessing prph. */ 1035 if ((error = iwn_clock_wait(sc)) != 0) 1036 return error; 1037 1038 if ((error = iwn_nic_lock(sc)) != 0) 1039 return error; 1040 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1041 DELAY(5); 1042 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1043 iwn_nic_unlock(sc); 1044 1045 /* Set auto clock gate disable bit for HW with OTP shadow RAM. */ 1046 if (sc->hw_type != IWN_HW_REV_TYPE_1000) { 1047 IWN_SETBITS(sc, IWN_DBG_LINK_PWR_MGMT, 1048 IWN_RESET_LINK_PWR_MGMT_DIS); 1049 } 1050 IWN_CLRBITS(sc, IWN_EEPROM_GP, IWN_EEPROM_GP_IF_OWNER); 1051 /* Clear ECC status. */ 1052 IWN_SETBITS(sc, IWN_OTP_GP, 1053 IWN_OTP_GP_ECC_CORR_STTS | IWN_OTP_GP_ECC_UNCORR_STTS); 1054 1055 /* 1056 * Find the block before last block (contains the EEPROM image) 1057 * for HW without OTP shadow RAM. 1058 */ 1059 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 1060 /* Switch to absolute addressing mode. */ 1061 IWN_CLRBITS(sc, IWN_OTP_GP, IWN_OTP_GP_RELATIVE_ACCESS); 1062 base = 0; 1063 for (count = 0; count < IWN1000_OTP_NBLOCKS; count++) { 1064 error = iwn_read_prom_data(sc, base, &next, 2); 1065 if (error != 0) 1066 return error; 1067 if (next == 0) /* End of linked-list. */ 1068 break; 1069 prev = base; 1070 base = le16toh(next); 1071 } 1072 if (count == 0 || count == IWN1000_OTP_NBLOCKS) 1073 return EIO; 1074 /* Skip "next" word. */ 1075 sc->prom_base = prev + 1; 1076 } 1077 return 0; 1078 } 1079 1080 static int 1081 iwn_read_prom_data(struct iwn_softc *sc, uint32_t addr, void *data, int count) 1082 { 1083 uint8_t *out = data; 1084 uint32_t val, tmp; 1085 int ntries; 1086 1087 addr += sc->prom_base; 1088 for (; count > 0; count -= 2, addr++) { 1089 IWN_WRITE(sc, IWN_EEPROM, addr << 2); 1090 for (ntries = 0; ntries < 10; ntries++) { 1091 val = IWN_READ(sc, IWN_EEPROM); 1092 if (val & IWN_EEPROM_READ_VALID) 1093 break; 1094 DELAY(5); 1095 } 1096 if (ntries == 10) { 1097 aprint_error_dev(sc->sc_dev, 1098 "timeout reading ROM at 0x%x\n", addr); 1099 return ETIMEDOUT; 1100 } 1101 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 1102 /* OTPROM, check for ECC errors. */ 1103 tmp = IWN_READ(sc, IWN_OTP_GP); 1104 if (tmp & IWN_OTP_GP_ECC_UNCORR_STTS) { 1105 aprint_error_dev(sc->sc_dev, 1106 "OTPROM ECC error at 0x%x\n", addr); 1107 return EIO; 1108 } 1109 if (tmp & IWN_OTP_GP_ECC_CORR_STTS) { 1110 /* Correctable ECC error, clear bit. */ 1111 IWN_SETBITS(sc, IWN_OTP_GP, 1112 IWN_OTP_GP_ECC_CORR_STTS); 1113 } 1114 } 1115 *out++ = val >> 16; 1116 if (count > 1) 1117 *out++ = val >> 24; 1118 } 1119 return 0; 1120 } 1121 1122 static int 1123 iwn_dma_contig_alloc(bus_dma_tag_t tag, struct iwn_dma_info *dma, void **kvap, 1124 bus_size_t size, bus_size_t alignment) 1125 { 1126 int nsegs, error; 1127 1128 dma->tag = tag; 1129 dma->size = size; 1130 1131 error = bus_dmamap_create(tag, size, 1, size, 0, BUS_DMA_NOWAIT, 1132 &dma->map); 1133 if (error != 0) 1134 goto fail; 1135 1136 error = bus_dmamem_alloc(tag, size, alignment, 0, &dma->seg, 1, &nsegs, 1137 BUS_DMA_NOWAIT); /* XXX OpenBSD adds BUS_DMA_ZERO */ 1138 if (error != 0) 1139 goto fail; 1140 1141 error = bus_dmamem_map(tag, &dma->seg, 1, size, &dma->vaddr, 1142 BUS_DMA_NOWAIT); /* XXX OpenBSD adds BUS_DMA_COHERENT */ 1143 if (error != 0) 1144 goto fail; 1145 1146 error = bus_dmamap_load(tag, dma->map, dma->vaddr, size, NULL, 1147 BUS_DMA_NOWAIT); 1148 if (error != 0) 1149 goto fail; 1150 1151 /* XXX Presumably needed because of missing BUS_DMA_ZERO, above. */ 1152 memset(dma->vaddr, 0, size); 1153 bus_dmamap_sync(tag, dma->map, 0, size, BUS_DMASYNC_PREWRITE); 1154 1155 dma->paddr = dma->map->dm_segs[0].ds_addr; 1156 if (kvap != NULL) 1157 *kvap = dma->vaddr; 1158 1159 return 0; 1160 1161 fail: iwn_dma_contig_free(dma); 1162 return error; 1163 } 1164 1165 static void 1166 iwn_dma_contig_free(struct iwn_dma_info *dma) 1167 { 1168 if (dma->map != NULL) { 1169 if (dma->vaddr != NULL) { 1170 bus_dmamap_sync(dma->tag, dma->map, 0, dma->size, 1171 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 1172 bus_dmamap_unload(dma->tag, dma->map); 1173 bus_dmamem_unmap(dma->tag, dma->vaddr, dma->size); 1174 bus_dmamem_free(dma->tag, &dma->seg, 1); 1175 dma->vaddr = NULL; 1176 } 1177 bus_dmamap_destroy(dma->tag, dma->map); 1178 dma->map = NULL; 1179 } 1180 } 1181 1182 static int 1183 iwn_alloc_sched(struct iwn_softc *sc) 1184 { 1185 /* TX scheduler rings must be aligned on a 1KB boundary. */ 1186 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->sched_dma, 1187 (void **)&sc->sched, sc->schedsz, 1024); 1188 } 1189 1190 static void 1191 iwn_free_sched(struct iwn_softc *sc) 1192 { 1193 iwn_dma_contig_free(&sc->sched_dma); 1194 } 1195 1196 static int 1197 iwn_alloc_kw(struct iwn_softc *sc) 1198 { 1199 /* "Keep Warm" page must be aligned on a 4KB boundary. */ 1200 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->kw_dma, NULL, 4096, 1201 4096); 1202 } 1203 1204 static void 1205 iwn_free_kw(struct iwn_softc *sc) 1206 { 1207 iwn_dma_contig_free(&sc->kw_dma); 1208 } 1209 1210 static int 1211 iwn_alloc_ict(struct iwn_softc *sc) 1212 { 1213 /* ICT table must be aligned on a 4KB boundary. */ 1214 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->ict_dma, 1215 (void **)&sc->ict, IWN_ICT_SIZE, 4096); 1216 } 1217 1218 static void 1219 iwn_free_ict(struct iwn_softc *sc) 1220 { 1221 iwn_dma_contig_free(&sc->ict_dma); 1222 } 1223 1224 static int 1225 iwn_alloc_fwmem(struct iwn_softc *sc) 1226 { 1227 /* Must be aligned on a 16-byte boundary. */ 1228 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->fw_dma, NULL, 1229 sc->fwsz, 16); 1230 } 1231 1232 static void 1233 iwn_free_fwmem(struct iwn_softc *sc) 1234 { 1235 iwn_dma_contig_free(&sc->fw_dma); 1236 } 1237 1238 static int 1239 iwn_alloc_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1240 { 1241 bus_size_t size; 1242 int i, error; 1243 1244 ring->cur = 0; 1245 1246 /* Allocate RX descriptors (256-byte aligned). */ 1247 size = IWN_RX_RING_COUNT * sizeof (uint32_t); 1248 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 1249 (void **)&ring->desc, size, 256); 1250 if (error != 0) { 1251 aprint_error_dev(sc->sc_dev, 1252 "could not allocate RX ring DMA memory\n"); 1253 goto fail; 1254 } 1255 1256 /* Allocate RX status area (16-byte aligned). */ 1257 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->stat_dma, 1258 (void **)&ring->stat, sizeof (struct iwn_rx_status), 16); 1259 if (error != 0) { 1260 aprint_error_dev(sc->sc_dev, 1261 "could not allocate RX status DMA memory\n"); 1262 goto fail; 1263 } 1264 1265 /* 1266 * Allocate and map RX buffers. 1267 */ 1268 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1269 struct iwn_rx_data *data = &ring->data[i]; 1270 1271 error = bus_dmamap_create(sc->sc_dmat, IWN_RBUF_SIZE, 1, 1272 IWN_RBUF_SIZE, 0, BUS_DMA_NOWAIT | BUS_DMA_ALLOCNOW, 1273 &data->map); 1274 if (error != 0) { 1275 aprint_error_dev(sc->sc_dev, 1276 "could not create RX buf DMA map\n"); 1277 goto fail; 1278 } 1279 1280 data->m = MCLGETIalt(sc, M_DONTWAIT, NULL, IWN_RBUF_SIZE); 1281 if (data->m == NULL) { 1282 aprint_error_dev(sc->sc_dev, 1283 "could not allocate RX mbuf\n"); 1284 error = ENOBUFS; 1285 goto fail; 1286 } 1287 1288 error = bus_dmamap_load(sc->sc_dmat, data->map, 1289 mtod(data->m, void *), IWN_RBUF_SIZE, NULL, 1290 BUS_DMA_NOWAIT | BUS_DMA_READ); 1291 if (error != 0) { 1292 aprint_error_dev(sc->sc_dev, 1293 "can't not map mbuf (error %d)\n", error); 1294 goto fail; 1295 } 1296 1297 /* Set physical address of RX buffer (256-byte aligned). */ 1298 ring->desc[i] = htole32(data->map->dm_segs[0].ds_addr >> 8); 1299 } 1300 1301 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 0, size, 1302 BUS_DMASYNC_PREWRITE); 1303 1304 return 0; 1305 1306 fail: iwn_free_rx_ring(sc, ring); 1307 return error; 1308 } 1309 1310 static void 1311 iwn_reset_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1312 { 1313 int ntries; 1314 1315 if (iwn_nic_lock(sc) == 0) { 1316 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 1317 for (ntries = 0; ntries < 1000; ntries++) { 1318 if (IWN_READ(sc, IWN_FH_RX_STATUS) & 1319 IWN_FH_RX_STATUS_IDLE) 1320 break; 1321 DELAY(10); 1322 } 1323 iwn_nic_unlock(sc); 1324 } 1325 ring->cur = 0; 1326 sc->last_rx_valid = 0; 1327 } 1328 1329 static void 1330 iwn_free_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1331 { 1332 int i; 1333 1334 iwn_dma_contig_free(&ring->desc_dma); 1335 iwn_dma_contig_free(&ring->stat_dma); 1336 1337 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1338 struct iwn_rx_data *data = &ring->data[i]; 1339 1340 if (data->m != NULL) { 1341 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1342 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1343 bus_dmamap_unload(sc->sc_dmat, data->map); 1344 m_freem(data->m); 1345 } 1346 if (data->map != NULL) 1347 bus_dmamap_destroy(sc->sc_dmat, data->map); 1348 } 1349 } 1350 1351 static int 1352 iwn_alloc_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring, int qid) 1353 { 1354 bus_addr_t paddr; 1355 bus_size_t size; 1356 int i, error; 1357 1358 ring->qid = qid; 1359 ring->queued = 0; 1360 ring->cur = 0; 1361 1362 /* Allocate TX descriptors (256-byte aligned). */ 1363 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_desc); 1364 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 1365 (void **)&ring->desc, size, 256); 1366 if (error != 0) { 1367 aprint_error_dev(sc->sc_dev, 1368 "could not allocate TX ring DMA memory\n"); 1369 goto fail; 1370 } 1371 /* 1372 * We only use rings 0 through 4 (4 EDCA + cmd) so there is no need 1373 * to allocate commands space for other rings. 1374 * XXX Do we really need to allocate descriptors for other rings? 1375 */ 1376 if (qid > 4) 1377 return 0; 1378 1379 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_cmd); 1380 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->cmd_dma, 1381 (void **)&ring->cmd, size, 4); 1382 if (error != 0) { 1383 aprint_error_dev(sc->sc_dev, 1384 "could not allocate TX cmd DMA memory\n"); 1385 goto fail; 1386 } 1387 1388 paddr = ring->cmd_dma.paddr; 1389 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1390 struct iwn_tx_data *data = &ring->data[i]; 1391 1392 data->cmd_paddr = paddr; 1393 data->scratch_paddr = paddr + 12; 1394 paddr += sizeof (struct iwn_tx_cmd); 1395 1396 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1397 IWN_MAX_SCATTER - 1, MCLBYTES, 0, BUS_DMA_NOWAIT, 1398 &data->map); 1399 if (error != 0) { 1400 aprint_error_dev(sc->sc_dev, 1401 "could not create TX buf DMA map\n"); 1402 goto fail; 1403 } 1404 } 1405 return 0; 1406 1407 fail: iwn_free_tx_ring(sc, ring); 1408 return error; 1409 } 1410 1411 static void 1412 iwn_reset_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 1413 { 1414 int i; 1415 1416 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1417 struct iwn_tx_data *data = &ring->data[i]; 1418 1419 if (data->m != NULL) { 1420 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1421 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1422 bus_dmamap_unload(sc->sc_dmat, data->map); 1423 m_freem(data->m); 1424 data->m = NULL; 1425 } 1426 } 1427 /* Clear TX descriptors. */ 1428 memset(ring->desc, 0, ring->desc_dma.size); 1429 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 0, 1430 ring->desc_dma.size, BUS_DMASYNC_PREWRITE); 1431 sc->qfullmsk &= ~(1 << ring->qid); 1432 ring->queued = 0; 1433 ring->cur = 0; 1434 } 1435 1436 static void 1437 iwn_free_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 1438 { 1439 int i; 1440 1441 iwn_dma_contig_free(&ring->desc_dma); 1442 iwn_dma_contig_free(&ring->cmd_dma); 1443 1444 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1445 struct iwn_tx_data *data = &ring->data[i]; 1446 1447 if (data->m != NULL) { 1448 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1449 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1450 bus_dmamap_unload(sc->sc_dmat, data->map); 1451 m_freem(data->m); 1452 } 1453 if (data->map != NULL) 1454 bus_dmamap_destroy(sc->sc_dmat, data->map); 1455 } 1456 } 1457 1458 static void 1459 iwn5000_ict_reset(struct iwn_softc *sc) 1460 { 1461 /* Disable interrupts. */ 1462 IWN_WRITE(sc, IWN_INT_MASK, 0); 1463 1464 /* Reset ICT table. */ 1465 memset(sc->ict, 0, IWN_ICT_SIZE); 1466 sc->ict_cur = 0; 1467 1468 /* Set physical address of ICT table (4KB aligned). */ 1469 DPRINTF(("enabling ICT\n")); 1470 IWN_WRITE(sc, IWN_DRAM_INT_TBL, IWN_DRAM_INT_TBL_ENABLE | 1471 IWN_DRAM_INT_TBL_WRAP_CHECK | sc->ict_dma.paddr >> 12); 1472 1473 /* Enable periodic RX interrupt. */ 1474 sc->int_mask |= IWN_INT_RX_PERIODIC; 1475 /* Switch to ICT interrupt mode in driver. */ 1476 sc->sc_flags |= IWN_FLAG_USE_ICT; 1477 1478 /* Re-enable interrupts. */ 1479 IWN_WRITE(sc, IWN_INT, 0xffffffff); 1480 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 1481 } 1482 1483 static int 1484 iwn_read_eeprom(struct iwn_softc *sc) 1485 { 1486 struct iwn_ops *ops = &sc->ops; 1487 struct ieee80211com *ic = &sc->sc_ic; 1488 uint16_t val; 1489 int error; 1490 1491 /* Check whether adapter has an EEPROM or an OTPROM. */ 1492 if (sc->hw_type >= IWN_HW_REV_TYPE_1000 && 1493 (IWN_READ(sc, IWN_OTP_GP) & IWN_OTP_GP_DEV_SEL_OTP)) 1494 sc->sc_flags |= IWN_FLAG_HAS_OTPROM; 1495 DPRINTF(("%s found\n", (sc->sc_flags & IWN_FLAG_HAS_OTPROM) ? 1496 "OTPROM" : "EEPROM")); 1497 1498 /* Adapter has to be powered on for EEPROM access to work. */ 1499 if ((error = iwn_apm_init(sc)) != 0) { 1500 aprint_error_dev(sc->sc_dev, 1501 "could not power ON adapter\n"); 1502 return error; 1503 } 1504 1505 if ((IWN_READ(sc, IWN_EEPROM_GP) & 0x7) == 0) { 1506 aprint_error_dev(sc->sc_dev, 1507 "bad ROM signature\n"); 1508 return EIO; 1509 } 1510 if ((error = iwn_eeprom_lock(sc)) != 0) { 1511 aprint_error_dev(sc->sc_dev, 1512 "could not lock ROM (error=%d)\n", error); 1513 return error; 1514 } 1515 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 1516 if ((error = iwn_init_otprom(sc)) != 0) { 1517 aprint_error_dev(sc->sc_dev, 1518 "could not initialize OTPROM\n"); 1519 return error; 1520 } 1521 } 1522 1523 iwn_read_prom_data(sc, IWN_EEPROM_SKU_CAP, &val, 2); 1524 DPRINTF(("SKU capabilities=0x%04x\n", le16toh(val))); 1525 /* Check if HT support is bonded out. */ 1526 if (val & htole16(IWN_EEPROM_SKU_CAP_11N)) 1527 sc->sc_flags |= IWN_FLAG_HAS_11N; 1528 1529 iwn_read_prom_data(sc, IWN_EEPROM_RFCFG, &val, 2); 1530 sc->rfcfg = le16toh(val); 1531 DPRINTF(("radio config=0x%04x\n", sc->rfcfg)); 1532 /* Read Tx/Rx chains from ROM unless it's known to be broken. */ 1533 if (sc->txchainmask == 0) 1534 sc->txchainmask = IWN_RFCFG_TXANTMSK(sc->rfcfg); 1535 if (sc->rxchainmask == 0) 1536 sc->rxchainmask = IWN_RFCFG_RXANTMSK(sc->rfcfg); 1537 1538 /* Read MAC address. */ 1539 iwn_read_prom_data(sc, IWN_EEPROM_MAC, ic->ic_myaddr, 6); 1540 1541 /* Read adapter-specific information from EEPROM. */ 1542 ops->read_eeprom(sc); 1543 1544 iwn_apm_stop(sc); /* Power OFF adapter. */ 1545 1546 iwn_eeprom_unlock(sc); 1547 return 0; 1548 } 1549 1550 static void 1551 iwn4965_read_eeprom(struct iwn_softc *sc) 1552 { 1553 uint32_t addr; 1554 uint16_t val; 1555 int i; 1556 1557 /* Read regulatory domain (4 ASCII characters). */ 1558 iwn_read_prom_data(sc, IWN4965_EEPROM_DOMAIN, sc->eeprom_domain, 4); 1559 1560 /* Read the list of authorized channels (20MHz ones only). */ 1561 for (i = 0; i < 5; i++) { 1562 addr = iwn4965_regulatory_bands[i]; 1563 iwn_read_eeprom_channels(sc, i, addr); 1564 } 1565 1566 /* Read maximum allowed TX power for 2GHz and 5GHz bands. */ 1567 iwn_read_prom_data(sc, IWN4965_EEPROM_MAXPOW, &val, 2); 1568 sc->maxpwr2GHz = val & 0xff; 1569 sc->maxpwr5GHz = val >> 8; 1570 /* Check that EEPROM values are within valid range. */ 1571 if (sc->maxpwr5GHz < 20 || sc->maxpwr5GHz > 50) 1572 sc->maxpwr5GHz = 38; 1573 if (sc->maxpwr2GHz < 20 || sc->maxpwr2GHz > 50) 1574 sc->maxpwr2GHz = 38; 1575 DPRINTF(("maxpwr 2GHz=%d 5GHz=%d\n", sc->maxpwr2GHz, sc->maxpwr5GHz)); 1576 1577 /* Read samples for each TX power group. */ 1578 iwn_read_prom_data(sc, IWN4965_EEPROM_BANDS, sc->bands, 1579 sizeof sc->bands); 1580 1581 /* Read voltage at which samples were taken. */ 1582 iwn_read_prom_data(sc, IWN4965_EEPROM_VOLTAGE, &val, 2); 1583 sc->eeprom_voltage = (int16_t)le16toh(val); 1584 DPRINTF(("voltage=%d (in 0.3V)\n", sc->eeprom_voltage)); 1585 1586 #ifdef IWN_DEBUG 1587 /* Print samples. */ 1588 if (iwn_debug > 0) { 1589 for (i = 0; i < IWN_NBANDS; i++) 1590 iwn4965_print_power_group(sc, i); 1591 } 1592 #endif 1593 } 1594 1595 #ifdef IWN_DEBUG 1596 static void 1597 iwn4965_print_power_group(struct iwn_softc *sc, int i) 1598 { 1599 struct iwn4965_eeprom_band *band = &sc->bands[i]; 1600 struct iwn4965_eeprom_chan_samples *chans = band->chans; 1601 int j, c; 1602 1603 aprint_normal("===band %d===\n", i); 1604 aprint_normal("chan lo=%d, chan hi=%d\n", band->lo, band->hi); 1605 aprint_normal("chan1 num=%d\n", chans[0].num); 1606 for (c = 0; c < 2; c++) { 1607 for (j = 0; j < IWN_NSAMPLES; j++) { 1608 aprint_normal("chain %d, sample %d: temp=%d gain=%d " 1609 "power=%d pa_det=%d\n", c, j, 1610 chans[0].samples[c][j].temp, 1611 chans[0].samples[c][j].gain, 1612 chans[0].samples[c][j].power, 1613 chans[0].samples[c][j].pa_det); 1614 } 1615 } 1616 aprint_normal("chan2 num=%d\n", chans[1].num); 1617 for (c = 0; c < 2; c++) { 1618 for (j = 0; j < IWN_NSAMPLES; j++) { 1619 aprint_normal("chain %d, sample %d: temp=%d gain=%d " 1620 "power=%d pa_det=%d\n", c, j, 1621 chans[1].samples[c][j].temp, 1622 chans[1].samples[c][j].gain, 1623 chans[1].samples[c][j].power, 1624 chans[1].samples[c][j].pa_det); 1625 } 1626 } 1627 } 1628 #endif 1629 1630 static void 1631 iwn5000_read_eeprom(struct iwn_softc *sc) 1632 { 1633 struct iwn5000_eeprom_calib_hdr hdr; 1634 int32_t volt; 1635 uint32_t base, addr; 1636 uint16_t val; 1637 int i; 1638 1639 /* Read regulatory domain (4 ASCII characters). */ 1640 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 1641 base = le16toh(val); 1642 iwn_read_prom_data(sc, base + IWN5000_EEPROM_DOMAIN, 1643 sc->eeprom_domain, 4); 1644 1645 /* Read the list of authorized channels (20MHz ones only). */ 1646 for (i = 0; i < 5; i++) { 1647 addr = base + iwn5000_regulatory_bands[i]; 1648 iwn_read_eeprom_channels(sc, i, addr); 1649 } 1650 1651 /* Read enhanced TX power information for 6000 Series. */ 1652 if (sc->hw_type >= IWN_HW_REV_TYPE_6000) 1653 iwn_read_eeprom_enhinfo(sc); 1654 1655 iwn_read_prom_data(sc, IWN5000_EEPROM_CAL, &val, 2); 1656 base = le16toh(val); 1657 iwn_read_prom_data(sc, base, &hdr, sizeof hdr); 1658 DPRINTF(("calib version=%u pa type=%u voltage=%u\n", 1659 hdr.version, hdr.pa_type, le16toh(hdr.volt))); 1660 sc->calib_ver = hdr.version; 1661 1662 if (sc->hw_type == IWN_HW_REV_TYPE_2030 || 1663 sc->hw_type == IWN_HW_REV_TYPE_2000 || 1664 sc->hw_type == IWN_HW_REV_TYPE_135 || 1665 sc->hw_type == IWN_HW_REV_TYPE_105) { 1666 sc->eeprom_voltage = le16toh(hdr.volt); 1667 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 1668 sc->eeprom_temp = le16toh(val); 1669 iwn_read_prom_data(sc, base + IWN2000_EEPROM_RAWTEMP, &val, 2); 1670 sc->eeprom_rawtemp = le16toh(val); 1671 } 1672 1673 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 1674 /* Compute temperature offset. */ 1675 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 1676 sc->eeprom_temp = le16toh(val); 1677 iwn_read_prom_data(sc, base + IWN5000_EEPROM_VOLT, &val, 2); 1678 volt = le16toh(val); 1679 sc->temp_off = sc->eeprom_temp - (volt / -5); 1680 DPRINTF(("temp=%d volt=%d offset=%dK\n", 1681 sc->eeprom_temp, volt, sc->temp_off)); 1682 } else { 1683 /* Read crystal calibration. */ 1684 iwn_read_prom_data(sc, base + IWN5000_EEPROM_CRYSTAL, 1685 &sc->eeprom_crystal, sizeof (uint32_t)); 1686 DPRINTF(("crystal calibration 0x%08x\n", 1687 le32toh(sc->eeprom_crystal))); 1688 } 1689 } 1690 1691 static void 1692 iwn_read_eeprom_channels(struct iwn_softc *sc, int n, uint32_t addr) 1693 { 1694 struct ieee80211com *ic = &sc->sc_ic; 1695 const struct iwn_chan_band *band = &iwn_bands[n]; 1696 struct iwn_eeprom_chan channels[IWN_MAX_CHAN_PER_BAND]; 1697 uint8_t chan; 1698 int i; 1699 1700 iwn_read_prom_data(sc, addr, channels, 1701 band->nchan * sizeof (struct iwn_eeprom_chan)); 1702 1703 for (i = 0; i < band->nchan; i++) { 1704 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) 1705 continue; 1706 1707 chan = band->chan[i]; 1708 1709 if (n == 0) { /* 2GHz band */ 1710 ic->ic_channels[chan].ic_freq = 1711 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 1712 ic->ic_channels[chan].ic_flags = 1713 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 1714 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 1715 1716 } else { /* 5GHz band */ 1717 /* 1718 * Some adapters support channels 7, 8, 11 and 12 1719 * both in the 2GHz and 4.9GHz bands. 1720 * Because of limitations in our net80211 layer, 1721 * we don't support them in the 4.9GHz band. 1722 */ 1723 if (chan <= 14) 1724 continue; 1725 1726 ic->ic_channels[chan].ic_freq = 1727 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 1728 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 1729 /* We have at least one valid 5GHz channel. */ 1730 sc->sc_flags |= IWN_FLAG_HAS_5GHZ; 1731 } 1732 1733 /* Is active scan allowed on this channel? */ 1734 if (!(channels[i].flags & IWN_EEPROM_CHAN_ACTIVE)) { 1735 ic->ic_channels[chan].ic_flags |= 1736 IEEE80211_CHAN_PASSIVE; 1737 } 1738 1739 /* Save maximum allowed TX power for this channel. */ 1740 sc->maxpwr[chan] = channels[i].maxpwr; 1741 1742 DPRINTF(("adding chan %d flags=0x%x maxpwr=%d\n", 1743 chan, channels[i].flags, sc->maxpwr[chan])); 1744 } 1745 } 1746 1747 static void 1748 iwn_read_eeprom_enhinfo(struct iwn_softc *sc) 1749 { 1750 struct iwn_eeprom_enhinfo enhinfo[35]; 1751 uint16_t val, base; 1752 int8_t maxpwr; 1753 int i; 1754 1755 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 1756 base = le16toh(val); 1757 iwn_read_prom_data(sc, base + IWN6000_EEPROM_ENHINFO, 1758 enhinfo, sizeof enhinfo); 1759 1760 memset(sc->enh_maxpwr, 0, sizeof sc->enh_maxpwr); 1761 for (i = 0; i < __arraycount(enhinfo); i++) { 1762 if (enhinfo[i].chan == 0 || enhinfo[i].reserved != 0) 1763 continue; /* Skip invalid entries. */ 1764 1765 maxpwr = 0; 1766 if (sc->txchainmask & IWN_ANT_A) 1767 maxpwr = MAX(maxpwr, enhinfo[i].chain[0]); 1768 if (sc->txchainmask & IWN_ANT_B) 1769 maxpwr = MAX(maxpwr, enhinfo[i].chain[1]); 1770 if (sc->txchainmask & IWN_ANT_C) 1771 maxpwr = MAX(maxpwr, enhinfo[i].chain[2]); 1772 if (sc->ntxchains == 2) 1773 maxpwr = MAX(maxpwr, enhinfo[i].mimo2); 1774 else if (sc->ntxchains == 3) 1775 maxpwr = MAX(maxpwr, enhinfo[i].mimo3); 1776 maxpwr /= 2; /* Convert half-dBm to dBm. */ 1777 1778 DPRINTF(("enhinfo %d, maxpwr=%d\n", i, maxpwr)); 1779 sc->enh_maxpwr[i] = maxpwr; 1780 } 1781 } 1782 1783 static struct ieee80211_node * 1784 iwn_node_alloc(struct ieee80211_node_table *ic __unused) 1785 { 1786 return malloc(sizeof (struct iwn_node), M_80211_NODE, M_NOWAIT | M_ZERO); 1787 } 1788 1789 static void 1790 iwn_newassoc(struct ieee80211_node *ni, int isnew) 1791 { 1792 struct iwn_softc *sc = ni->ni_ic->ic_ifp->if_softc; 1793 struct iwn_node *wn = (void *)ni; 1794 uint8_t rate; 1795 int ridx, i; 1796 1797 ieee80211_amrr_node_init(&sc->amrr, &wn->amn); 1798 /* Start at lowest available bit-rate, AMRR will raise. */ 1799 ni->ni_txrate = 0; 1800 1801 for (i = 0; i < ni->ni_rates.rs_nrates; i++) { 1802 rate = ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL; 1803 /* Map 802.11 rate to HW rate index. */ 1804 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) 1805 if (iwn_rates[ridx].rate == rate) 1806 break; 1807 wn->ridx[i] = ridx; 1808 } 1809 } 1810 1811 static int 1812 iwn_media_change(struct ifnet *ifp) 1813 { 1814 struct iwn_softc *sc = ifp->if_softc; 1815 struct ieee80211com *ic = &sc->sc_ic; 1816 uint8_t rate, ridx; 1817 int error; 1818 1819 error = ieee80211_media_change(ifp); 1820 if (error != ENETRESET) 1821 return error; 1822 1823 if (ic->ic_fixed_rate != -1) { 1824 rate = ic->ic_sup_rates[ic->ic_curmode]. 1825 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1826 /* Map 802.11 rate to HW rate index. */ 1827 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) 1828 if (iwn_rates[ridx].rate == rate) 1829 break; 1830 sc->fixed_ridx = ridx; 1831 } 1832 1833 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1834 (IFF_UP | IFF_RUNNING)) { 1835 iwn_stop(ifp, 0); 1836 error = iwn_init(ifp); 1837 } 1838 return error; 1839 } 1840 1841 static int 1842 iwn_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1843 { 1844 struct ifnet *ifp = ic->ic_ifp; 1845 struct iwn_softc *sc = ifp->if_softc; 1846 int error; 1847 1848 callout_stop(&sc->calib_to); 1849 1850 switch (nstate) { 1851 case IEEE80211_S_SCAN: 1852 /* XXX Do not abort a running scan. */ 1853 if (sc->sc_flags & IWN_FLAG_SCANNING) { 1854 if (ic->ic_state != nstate) 1855 aprint_debug_dev(sc->sc_dev, "scan request(%d) " 1856 "while scanning(%d) ignored\n", nstate, 1857 ic->ic_state); 1858 break; 1859 } 1860 1861 /* XXX Not sure if call and flags are needed. */ 1862 ieee80211_node_table_reset(&ic->ic_scan); 1863 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1864 sc->sc_flags |= IWN_FLAG_SCANNING_2GHZ; 1865 1866 /* Make the link LED blink while we're scanning. */ 1867 iwn_set_led(sc, IWN_LED_LINK, 10, 10); 1868 1869 if ((error = iwn_scan(sc, IEEE80211_CHAN_2GHZ)) != 0) { 1870 aprint_error_dev(sc->sc_dev, 1871 "could not initiate scan\n"); 1872 return error; 1873 } 1874 ic->ic_state = nstate; 1875 return 0; 1876 1877 case IEEE80211_S_ASSOC: 1878 if (ic->ic_state != IEEE80211_S_RUN) 1879 break; 1880 /* FALLTHROUGH */ 1881 case IEEE80211_S_AUTH: 1882 /* Reset state to handle reassociations correctly. */ 1883 sc->rxon.associd = 0; 1884 sc->rxon.filter &= ~htole32(IWN_FILTER_BSS); 1885 sc->calib.state = IWN_CALIB_STATE_INIT; 1886 1887 if ((error = iwn_auth(sc)) != 0) { 1888 aprint_error_dev(sc->sc_dev, 1889 "could not move to auth state\n"); 1890 return error; 1891 } 1892 break; 1893 1894 case IEEE80211_S_RUN: 1895 if ((error = iwn_run(sc)) != 0) { 1896 aprint_error_dev(sc->sc_dev, 1897 "could not move to run state\n"); 1898 return error; 1899 } 1900 break; 1901 1902 case IEEE80211_S_INIT: 1903 sc->sc_flags &= ~IWN_FLAG_SCANNING; 1904 sc->calib.state = IWN_CALIB_STATE_INIT; 1905 break; 1906 } 1907 1908 return sc->sc_newstate(ic, nstate, arg); 1909 } 1910 1911 static void 1912 iwn_iter_func(void *arg, struct ieee80211_node *ni) 1913 { 1914 struct iwn_softc *sc = arg; 1915 struct iwn_node *wn = (struct iwn_node *)ni; 1916 1917 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 1918 } 1919 1920 static void 1921 iwn_calib_timeout(void *arg) 1922 { 1923 struct iwn_softc *sc = arg; 1924 struct ieee80211com *ic = &sc->sc_ic; 1925 int s; 1926 1927 s = splnet(); 1928 if (ic->ic_fixed_rate == -1) { 1929 if (ic->ic_opmode == IEEE80211_M_STA) 1930 iwn_iter_func(sc, ic->ic_bss); 1931 else 1932 ieee80211_iterate_nodes(&ic->ic_sta, iwn_iter_func, sc); 1933 } 1934 /* Force automatic TX power calibration every 60 secs. */ 1935 if (++sc->calib_cnt >= 120) { 1936 uint32_t flags = 0; 1937 1938 DPRINTF(("sending request for statistics\n")); 1939 (void)iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, 1940 sizeof flags, 1); 1941 sc->calib_cnt = 0; 1942 } 1943 splx(s); 1944 1945 /* Automatic rate control triggered every 500ms. */ 1946 callout_schedule(&sc->calib_to, hz/2); 1947 } 1948 1949 /* 1950 * Process an RX_PHY firmware notification. This is usually immediately 1951 * followed by an MPDU_RX_DONE notification. 1952 */ 1953 static void 1954 iwn_rx_phy(struct iwn_softc *sc, struct iwn_rx_desc *desc, 1955 struct iwn_rx_data *data) 1956 { 1957 struct iwn_rx_stat *stat = (struct iwn_rx_stat *)(desc + 1); 1958 1959 DPRINTFN(2, ("received PHY stats\n")); 1960 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 1961 sizeof (*stat), BUS_DMASYNC_POSTREAD); 1962 1963 /* Save RX statistics, they will be used on MPDU_RX_DONE. */ 1964 memcpy(&sc->last_rx_stat, stat, sizeof (*stat)); 1965 sc->last_rx_valid = 1; 1966 } 1967 1968 /* 1969 * Process an RX_DONE (4965AGN only) or MPDU_RX_DONE firmware notification. 1970 * Each MPDU_RX_DONE notification must be preceded by an RX_PHY one. 1971 */ 1972 static void 1973 iwn_rx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 1974 struct iwn_rx_data *data) 1975 { 1976 struct iwn_ops *ops = &sc->ops; 1977 struct ieee80211com *ic = &sc->sc_ic; 1978 struct ifnet *ifp = ic->ic_ifp; 1979 struct iwn_rx_ring *ring = &sc->rxq; 1980 struct ieee80211_frame *wh; 1981 struct ieee80211_node *ni; 1982 struct mbuf *m, *m1; 1983 struct iwn_rx_stat *stat; 1984 char *head; 1985 uint32_t flags; 1986 int error, len, rssi; 1987 1988 if (desc->type == IWN_MPDU_RX_DONE) { 1989 /* Check for prior RX_PHY notification. */ 1990 if (!sc->last_rx_valid) { 1991 DPRINTF(("missing RX_PHY\n")); 1992 return; 1993 } 1994 sc->last_rx_valid = 0; 1995 stat = &sc->last_rx_stat; 1996 } else 1997 stat = (struct iwn_rx_stat *)(desc + 1); 1998 1999 bus_dmamap_sync(sc->sc_dmat, data->map, 0, IWN_RBUF_SIZE, 2000 BUS_DMASYNC_POSTREAD); 2001 2002 if (stat->cfg_phy_len > IWN_STAT_MAXLEN) { 2003 aprint_error_dev(sc->sc_dev, 2004 "invalid RX statistic header\n"); 2005 return; 2006 } 2007 if (desc->type == IWN_MPDU_RX_DONE) { 2008 struct iwn_rx_mpdu *mpdu = (struct iwn_rx_mpdu *)(desc + 1); 2009 head = (char *)(mpdu + 1); 2010 len = le16toh(mpdu->len); 2011 } else { 2012 head = (char *)(stat + 1) + stat->cfg_phy_len; 2013 len = le16toh(stat->len); 2014 } 2015 2016 flags = le32toh(*(uint32_t *)(head + len)); 2017 2018 /* Discard frames with a bad FCS early. */ 2019 if ((flags & IWN_RX_NOERROR) != IWN_RX_NOERROR) { 2020 DPRINTFN(2, ("RX flags error %x\n", flags)); 2021 ifp->if_ierrors++; 2022 return; 2023 } 2024 /* Discard frames that are too short. */ 2025 if (len < sizeof (*wh)) { 2026 DPRINTF(("frame too short: %d\n", len)); 2027 ic->ic_stats.is_rx_tooshort++; 2028 ifp->if_ierrors++; 2029 return; 2030 } 2031 2032 m1 = MCLGETIalt(sc, M_DONTWAIT, NULL, IWN_RBUF_SIZE); 2033 if (m1 == NULL) { 2034 ic->ic_stats.is_rx_nobuf++; 2035 ifp->if_ierrors++; 2036 return; 2037 } 2038 bus_dmamap_unload(sc->sc_dmat, data->map); 2039 2040 error = bus_dmamap_load(sc->sc_dmat, data->map, mtod(m1, void *), 2041 IWN_RBUF_SIZE, NULL, BUS_DMA_NOWAIT | BUS_DMA_READ); 2042 if (error != 0) { 2043 m_freem(m1); 2044 2045 /* Try to reload the old mbuf. */ 2046 error = bus_dmamap_load(sc->sc_dmat, data->map, 2047 mtod(data->m, void *), IWN_RBUF_SIZE, NULL, 2048 BUS_DMA_NOWAIT | BUS_DMA_READ); 2049 if (error != 0) { 2050 panic("%s: could not load old RX mbuf", 2051 device_xname(sc->sc_dev)); 2052 } 2053 /* Physical address may have changed. */ 2054 ring->desc[ring->cur] = 2055 htole32(data->map->dm_segs[0].ds_addr >> 8); 2056 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 2057 ring->cur * sizeof (uint32_t), sizeof (uint32_t), 2058 BUS_DMASYNC_PREWRITE); 2059 ifp->if_ierrors++; 2060 return; 2061 } 2062 2063 m = data->m; 2064 data->m = m1; 2065 /* Update RX descriptor. */ 2066 ring->desc[ring->cur] = htole32(data->map->dm_segs[0].ds_addr >> 8); 2067 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 2068 ring->cur * sizeof (uint32_t), sizeof (uint32_t), 2069 BUS_DMASYNC_PREWRITE); 2070 2071 /* Finalize mbuf. */ 2072 m_set_rcvif(m, ifp); 2073 m->m_data = head; 2074 m->m_pkthdr.len = m->m_len = len; 2075 2076 /* Grab a reference to the source node. */ 2077 wh = mtod(m, struct ieee80211_frame *); 2078 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 2079 2080 /* XXX OpenBSD adds decryption here (see also comments in iwn_tx). */ 2081 /* NetBSD does decryption in ieee80211_input. */ 2082 2083 rssi = ops->get_rssi(stat); 2084 2085 /* XXX Added for NetBSD: scans never stop without it */ 2086 if (ic->ic_state == IEEE80211_S_SCAN) 2087 iwn_fix_channel(ic, m, stat); 2088 2089 if (sc->sc_drvbpf != NULL) { 2090 struct iwn_rx_radiotap_header *tap = &sc->sc_rxtap; 2091 2092 tap->wr_flags = 0; 2093 if (stat->flags & htole16(IWN_STAT_FLAG_SHPREAMBLE)) 2094 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2095 tap->wr_chan_freq = 2096 htole16(ic->ic_channels[stat->chan].ic_freq); 2097 tap->wr_chan_flags = 2098 htole16(ic->ic_channels[stat->chan].ic_flags); 2099 tap->wr_dbm_antsignal = (int8_t)rssi; 2100 tap->wr_dbm_antnoise = (int8_t)sc->noise; 2101 tap->wr_tsft = stat->tstamp; 2102 switch (stat->rate) { 2103 /* CCK rates. */ 2104 case 10: tap->wr_rate = 2; break; 2105 case 20: tap->wr_rate = 4; break; 2106 case 55: tap->wr_rate = 11; break; 2107 case 110: tap->wr_rate = 22; break; 2108 /* OFDM rates. */ 2109 case 0xd: tap->wr_rate = 12; break; 2110 case 0xf: tap->wr_rate = 18; break; 2111 case 0x5: tap->wr_rate = 24; break; 2112 case 0x7: tap->wr_rate = 36; break; 2113 case 0x9: tap->wr_rate = 48; break; 2114 case 0xb: tap->wr_rate = 72; break; 2115 case 0x1: tap->wr_rate = 96; break; 2116 case 0x3: tap->wr_rate = 108; break; 2117 /* Unknown rate: should not happen. */ 2118 default: tap->wr_rate = 0; 2119 } 2120 2121 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 2122 } 2123 2124 /* Send the frame to the 802.11 layer. */ 2125 ieee80211_input(ic, m, ni, rssi, 0); 2126 2127 /* Node is no longer needed. */ 2128 ieee80211_free_node(ni); 2129 } 2130 2131 #ifndef IEEE80211_NO_HT 2132 /* Process an incoming Compressed BlockAck. */ 2133 static void 2134 iwn_rx_compressed_ba(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2135 struct iwn_rx_data *data) 2136 { 2137 struct iwn_compressed_ba *ba = (struct iwn_compressed_ba *)(desc + 1); 2138 struct iwn_tx_ring *txq; 2139 2140 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), sizeof (*ba), 2141 BUS_DMASYNC_POSTREAD); 2142 2143 txq = &sc->txq[le16toh(ba->qid)]; 2144 /* XXX TBD */ 2145 } 2146 #endif 2147 2148 /* 2149 * Process a CALIBRATION_RESULT notification sent by the initialization 2150 * firmware on response to a CMD_CALIB_CONFIG command (5000 only). 2151 */ 2152 static void 2153 iwn5000_rx_calib_results(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2154 struct iwn_rx_data *data) 2155 { 2156 struct iwn_phy_calib *calib = (struct iwn_phy_calib *)(desc + 1); 2157 int len, idx = -1; 2158 2159 /* Runtime firmware should not send such a notification. */ 2160 if (sc->sc_flags & IWN_FLAG_CALIB_DONE) 2161 return; 2162 2163 len = (le32toh(desc->len) & 0x3fff) - 4; 2164 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), len, 2165 BUS_DMASYNC_POSTREAD); 2166 2167 switch (calib->code) { 2168 case IWN5000_PHY_CALIB_DC: 2169 if (sc->hw_type == IWN_HW_REV_TYPE_5150 || 2170 sc->hw_type == IWN_HW_REV_TYPE_2030 || 2171 sc->hw_type == IWN_HW_REV_TYPE_2000 || 2172 sc->hw_type == IWN_HW_REV_TYPE_135 || 2173 sc->hw_type == IWN_HW_REV_TYPE_105) 2174 idx = 0; 2175 break; 2176 case IWN5000_PHY_CALIB_LO: 2177 idx = 1; 2178 break; 2179 case IWN5000_PHY_CALIB_TX_IQ: 2180 idx = 2; 2181 break; 2182 case IWN5000_PHY_CALIB_TX_IQ_PERIODIC: 2183 if (sc->hw_type < IWN_HW_REV_TYPE_6000 && 2184 sc->hw_type != IWN_HW_REV_TYPE_5150) 2185 idx = 3; 2186 break; 2187 case IWN5000_PHY_CALIB_BASE_BAND: 2188 idx = 4; 2189 break; 2190 } 2191 if (idx == -1) /* Ignore other results. */ 2192 return; 2193 2194 /* Save calibration result. */ 2195 if (sc->calibcmd[idx].buf != NULL) 2196 free(sc->calibcmd[idx].buf, M_DEVBUF); 2197 sc->calibcmd[idx].buf = malloc(len, M_DEVBUF, M_NOWAIT); 2198 if (sc->calibcmd[idx].buf == NULL) { 2199 DPRINTF(("not enough memory for calibration result %d\n", 2200 calib->code)); 2201 return; 2202 } 2203 DPRINTF(("saving calibration result code=%d len=%d\n", 2204 calib->code, len)); 2205 sc->calibcmd[idx].len = len; 2206 memcpy(sc->calibcmd[idx].buf, calib, len); 2207 } 2208 2209 /* 2210 * Process an RX_STATISTICS or BEACON_STATISTICS firmware notification. 2211 * The latter is sent by the firmware after each received beacon. 2212 */ 2213 static void 2214 iwn_rx_statistics(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2215 struct iwn_rx_data *data) 2216 { 2217 struct iwn_ops *ops = &sc->ops; 2218 struct ieee80211com *ic = &sc->sc_ic; 2219 struct iwn_calib_state *calib = &sc->calib; 2220 struct iwn_stats *stats = (struct iwn_stats *)(desc + 1); 2221 int temp; 2222 2223 /* Ignore statistics received during a scan. */ 2224 if (ic->ic_state != IEEE80211_S_RUN) 2225 return; 2226 2227 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2228 sizeof (*stats), BUS_DMASYNC_POSTREAD); 2229 2230 DPRINTFN(3, ("received statistics (cmd=%d)\n", desc->type)); 2231 sc->calib_cnt = 0; /* Reset TX power calibration timeout. */ 2232 2233 /* Test if temperature has changed. */ 2234 if (stats->general.temp != sc->rawtemp) { 2235 /* Convert "raw" temperature to degC. */ 2236 sc->rawtemp = stats->general.temp; 2237 temp = ops->get_temperature(sc); 2238 DPRINTFN(2, ("temperature=%dC\n", temp)); 2239 2240 /* Update TX power if need be (4965AGN only). */ 2241 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 2242 iwn4965_power_calibration(sc, temp); 2243 } 2244 2245 if (desc->type != IWN_BEACON_STATISTICS) 2246 return; /* Reply to a statistics request. */ 2247 2248 sc->noise = iwn_get_noise(&stats->rx.general); 2249 2250 /* Test that RSSI and noise are present in stats report. */ 2251 if (le32toh(stats->rx.general.flags) != 1) { 2252 DPRINTF(("received statistics without RSSI\n")); 2253 return; 2254 } 2255 2256 /* 2257 * XXX Differential gain calibration makes the 6005 firmware 2258 * crap out, so skip it for now. This effectively disables 2259 * sensitivity tuning as well. 2260 */ 2261 if (sc->hw_type == IWN_HW_REV_TYPE_6005) 2262 return; 2263 2264 if (calib->state == IWN_CALIB_STATE_ASSOC) 2265 iwn_collect_noise(sc, &stats->rx.general); 2266 else if (calib->state == IWN_CALIB_STATE_RUN) 2267 iwn_tune_sensitivity(sc, &stats->rx); 2268 } 2269 2270 /* 2271 * Process a TX_DONE firmware notification. Unfortunately, the 4965AGN 2272 * and 5000 adapters have different incompatible TX status formats. 2273 */ 2274 static void 2275 iwn4965_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2276 struct iwn_rx_data *data) 2277 { 2278 struct iwn4965_tx_stat *stat = (struct iwn4965_tx_stat *)(desc + 1); 2279 2280 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2281 sizeof (*stat), BUS_DMASYNC_POSTREAD); 2282 iwn_tx_done(sc, desc, stat->ackfailcnt, le32toh(stat->status) & 0xff); 2283 } 2284 2285 static void 2286 iwn5000_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2287 struct iwn_rx_data *data) 2288 { 2289 struct iwn5000_tx_stat *stat = (struct iwn5000_tx_stat *)(desc + 1); 2290 2291 #ifdef notyet 2292 /* Reset TX scheduler slot. */ 2293 iwn5000_reset_sched(sc, desc->qid & 0xf, desc->idx); 2294 #endif 2295 2296 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2297 sizeof (*stat), BUS_DMASYNC_POSTREAD); 2298 iwn_tx_done(sc, desc, stat->ackfailcnt, le16toh(stat->status) & 0xff); 2299 } 2300 2301 /* 2302 * Adapter-independent backend for TX_DONE firmware notifications. 2303 */ 2304 static void 2305 iwn_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, int ackfailcnt, 2306 uint8_t status) 2307 { 2308 struct ieee80211com *ic = &sc->sc_ic; 2309 struct ifnet *ifp = ic->ic_ifp; 2310 struct iwn_tx_ring *ring = &sc->txq[desc->qid & 0xf]; 2311 struct iwn_tx_data *data = &ring->data[desc->idx]; 2312 struct iwn_node *wn = (struct iwn_node *)data->ni; 2313 2314 /* Update rate control statistics. */ 2315 wn->amn.amn_txcnt++; 2316 if (ackfailcnt > 0) 2317 wn->amn.amn_retrycnt++; 2318 2319 if (status != 1 && status != 2) 2320 ifp->if_oerrors++; 2321 else 2322 ifp->if_opackets++; 2323 2324 /* Unmap and free mbuf. */ 2325 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 2326 BUS_DMASYNC_POSTWRITE); 2327 bus_dmamap_unload(sc->sc_dmat, data->map); 2328 m_freem(data->m); 2329 data->m = NULL; 2330 ieee80211_free_node(data->ni); 2331 data->ni = NULL; 2332 2333 sc->sc_tx_timer = 0; 2334 if (--ring->queued < IWN_TX_RING_LOMARK) { 2335 sc->qfullmsk &= ~(1 << ring->qid); 2336 if (sc->qfullmsk == 0 && (ifp->if_flags & IFF_OACTIVE)) { 2337 ifp->if_flags &= ~IFF_OACTIVE; 2338 if_schedule_deferred_start(ifp); 2339 } 2340 } 2341 } 2342 2343 /* 2344 * Process a "command done" firmware notification. This is where we wakeup 2345 * processes waiting for a synchronous command completion. 2346 */ 2347 static void 2348 iwn_cmd_done(struct iwn_softc *sc, struct iwn_rx_desc *desc) 2349 { 2350 struct iwn_tx_ring *ring = &sc->txq[4]; 2351 struct iwn_tx_data *data; 2352 2353 if ((desc->qid & 0xf) != 4) 2354 return; /* Not a command ack. */ 2355 2356 data = &ring->data[desc->idx]; 2357 2358 /* If the command was mapped in an mbuf, free it. */ 2359 if (data->m != NULL) { 2360 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 2361 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 2362 bus_dmamap_unload(sc->sc_dmat, data->map); 2363 m_freem(data->m); 2364 data->m = NULL; 2365 } 2366 wakeup(&ring->desc[desc->idx]); 2367 } 2368 2369 /* 2370 * Process an INT_FH_RX or INT_SW_RX interrupt. 2371 */ 2372 static void 2373 iwn_notif_intr(struct iwn_softc *sc) 2374 { 2375 struct iwn_ops *ops = &sc->ops; 2376 struct ieee80211com *ic = &sc->sc_ic; 2377 struct ifnet *ifp = ic->ic_ifp; 2378 uint16_t hw; 2379 2380 bus_dmamap_sync(sc->sc_dmat, sc->rxq.stat_dma.map, 2381 0, sc->rxq.stat_dma.size, BUS_DMASYNC_POSTREAD); 2382 2383 hw = le16toh(sc->rxq.stat->closed_count) & 0xfff; 2384 while (sc->rxq.cur != hw) { 2385 struct iwn_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 2386 struct iwn_rx_desc *desc; 2387 2388 bus_dmamap_sync(sc->sc_dmat, data->map, 0, sizeof (*desc), 2389 BUS_DMASYNC_POSTREAD); 2390 desc = mtod(data->m, struct iwn_rx_desc *); 2391 2392 DPRINTFN(4, ("notification qid=%d idx=%d flags=%x type=%d\n", 2393 desc->qid & 0xf, desc->idx, desc->flags, desc->type)); 2394 2395 if (!(desc->qid & 0x80)) /* Reply to a command. */ 2396 iwn_cmd_done(sc, desc); 2397 2398 switch (desc->type) { 2399 case IWN_RX_PHY: 2400 iwn_rx_phy(sc, desc, data); 2401 break; 2402 2403 case IWN_RX_DONE: /* 4965AGN only. */ 2404 case IWN_MPDU_RX_DONE: 2405 /* An 802.11 frame has been received. */ 2406 iwn_rx_done(sc, desc, data); 2407 break; 2408 #ifndef IEEE80211_NO_HT 2409 case IWN_RX_COMPRESSED_BA: 2410 /* A Compressed BlockAck has been received. */ 2411 iwn_rx_compressed_ba(sc, desc, data); 2412 break; 2413 #endif 2414 case IWN_TX_DONE: 2415 /* An 802.11 frame has been transmitted. */ 2416 ops->tx_done(sc, desc, data); 2417 break; 2418 2419 case IWN_RX_STATISTICS: 2420 case IWN_BEACON_STATISTICS: 2421 iwn_rx_statistics(sc, desc, data); 2422 break; 2423 2424 case IWN_BEACON_MISSED: 2425 { 2426 struct iwn_beacon_missed *miss = 2427 (struct iwn_beacon_missed *)(desc + 1); 2428 2429 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2430 sizeof (*miss), BUS_DMASYNC_POSTREAD); 2431 /* 2432 * If more than 5 consecutive beacons are missed, 2433 * reinitialize the sensitivity state machine. 2434 */ 2435 DPRINTF(("beacons missed %d/%d\n", 2436 le32toh(miss->consecutive), le32toh(miss->total))); 2437 if (ic->ic_state == IEEE80211_S_RUN && 2438 le32toh(miss->consecutive) > 5) 2439 (void)iwn_init_sensitivity(sc); 2440 break; 2441 } 2442 case IWN_UC_READY: 2443 { 2444 struct iwn_ucode_info *uc = 2445 (struct iwn_ucode_info *)(desc + 1); 2446 2447 /* The microcontroller is ready. */ 2448 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2449 sizeof (*uc), BUS_DMASYNC_POSTREAD); 2450 DPRINTF(("microcode alive notification version=%d.%d " 2451 "subtype=%x alive=%x\n", uc->major, uc->minor, 2452 uc->subtype, le32toh(uc->valid))); 2453 2454 if (le32toh(uc->valid) != 1) { 2455 aprint_error_dev(sc->sc_dev, 2456 "microcontroller initialization " 2457 "failed\n"); 2458 break; 2459 } 2460 if (uc->subtype == IWN_UCODE_INIT) { 2461 /* Save microcontroller report. */ 2462 memcpy(&sc->ucode_info, uc, sizeof (*uc)); 2463 } 2464 /* Save the address of the error log in SRAM. */ 2465 sc->errptr = le32toh(uc->errptr); 2466 break; 2467 } 2468 case IWN_STATE_CHANGED: 2469 { 2470 uint32_t *status = (uint32_t *)(desc + 1); 2471 2472 /* Enabled/disabled notification. */ 2473 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2474 sizeof (*status), BUS_DMASYNC_POSTREAD); 2475 DPRINTF(("state changed to %x\n", le32toh(*status))); 2476 2477 if (le32toh(*status) & 1) { 2478 /* The radio button has to be pushed. */ 2479 aprint_error_dev(sc->sc_dev, 2480 "Radio transmitter is off\n"); 2481 /* Turn the interface down. */ 2482 ifp->if_flags &= ~IFF_UP; 2483 iwn_stop(ifp, 1); 2484 return; /* No further processing. */ 2485 } 2486 break; 2487 } 2488 case IWN_START_SCAN: 2489 { 2490 struct iwn_start_scan *scan = 2491 (struct iwn_start_scan *)(desc + 1); 2492 2493 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2494 sizeof (*scan), BUS_DMASYNC_POSTREAD); 2495 DPRINTFN(2, ("scanning channel %d status %x\n", 2496 scan->chan, le32toh(scan->status))); 2497 2498 /* Fix current channel. */ 2499 ic->ic_bss->ni_chan = &ic->ic_channels[scan->chan]; 2500 break; 2501 } 2502 case IWN_STOP_SCAN: 2503 { 2504 struct iwn_stop_scan *scan = 2505 (struct iwn_stop_scan *)(desc + 1); 2506 2507 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2508 sizeof (*scan), BUS_DMASYNC_POSTREAD); 2509 DPRINTF(("scan finished nchan=%d status=%d chan=%d\n", 2510 scan->nchan, scan->status, scan->chan)); 2511 2512 if (scan->status == 1 && scan->chan <= 14 && 2513 (sc->sc_flags & IWN_FLAG_HAS_5GHZ)) { 2514 /* 2515 * We just finished scanning 2GHz channels, 2516 * start scanning 5GHz ones. 2517 */ 2518 sc->sc_flags &= ~IWN_FLAG_SCANNING_2GHZ; 2519 sc->sc_flags |= IWN_FLAG_SCANNING_5GHZ; 2520 if (iwn_scan(sc, IEEE80211_CHAN_5GHZ) == 0) 2521 break; 2522 } 2523 sc->sc_flags &= ~IWN_FLAG_SCANNING; 2524 ieee80211_end_scan(ic); 2525 break; 2526 } 2527 case IWN5000_CALIBRATION_RESULT: 2528 iwn5000_rx_calib_results(sc, desc, data); 2529 break; 2530 2531 case IWN5000_CALIBRATION_DONE: 2532 sc->sc_flags |= IWN_FLAG_CALIB_DONE; 2533 wakeup(sc); 2534 break; 2535 } 2536 2537 sc->rxq.cur = (sc->rxq.cur + 1) % IWN_RX_RING_COUNT; 2538 } 2539 2540 /* Tell the firmware what we have processed. */ 2541 hw = (hw == 0) ? IWN_RX_RING_COUNT - 1 : hw - 1; 2542 IWN_WRITE(sc, IWN_FH_RX_WPTR, hw & ~7); 2543 } 2544 2545 /* 2546 * Process an INT_WAKEUP interrupt raised when the microcontroller wakes up 2547 * from power-down sleep mode. 2548 */ 2549 static void 2550 iwn_wakeup_intr(struct iwn_softc *sc) 2551 { 2552 int qid; 2553 2554 DPRINTF(("ucode wakeup from power-down sleep\n")); 2555 2556 /* Wakeup RX and TX rings. */ 2557 IWN_WRITE(sc, IWN_FH_RX_WPTR, sc->rxq.cur & ~7); 2558 for (qid = 0; qid < sc->ntxqs; qid++) { 2559 struct iwn_tx_ring *ring = &sc->txq[qid]; 2560 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | ring->cur); 2561 } 2562 } 2563 2564 /* 2565 * Dump the error log of the firmware when a firmware panic occurs. Although 2566 * we can't debug the firmware because it is neither open source nor free, it 2567 * can help us to identify certain classes of problems. 2568 */ 2569 static void 2570 iwn_fatal_intr(struct iwn_softc *sc) 2571 { 2572 struct iwn_fw_dump dump; 2573 int i; 2574 2575 /* Force a complete recalibration on next init. */ 2576 sc->sc_flags &= ~IWN_FLAG_CALIB_DONE; 2577 2578 /* Check that the error log address is valid. */ 2579 if (sc->errptr < IWN_FW_DATA_BASE || 2580 sc->errptr + sizeof (dump) > 2581 IWN_FW_DATA_BASE + sc->fw_data_maxsz) { 2582 aprint_error_dev(sc->sc_dev, 2583 "bad firmware error log address 0x%08x\n", sc->errptr); 2584 return; 2585 } 2586 if (iwn_nic_lock(sc) != 0) { 2587 aprint_error_dev(sc->sc_dev, 2588 "could not read firmware error log\n"); 2589 return; 2590 } 2591 /* Read firmware error log from SRAM. */ 2592 iwn_mem_read_region_4(sc, sc->errptr, (uint32_t *)&dump, 2593 sizeof (dump) / sizeof (uint32_t)); 2594 iwn_nic_unlock(sc); 2595 2596 if (dump.valid == 0) { 2597 aprint_error_dev(sc->sc_dev, 2598 "firmware error log is empty\n"); 2599 return; 2600 } 2601 aprint_error("firmware error log:\n"); 2602 aprint_error(" error type = \"%s\" (0x%08X)\n", 2603 (dump.id < __arraycount(iwn_fw_errmsg)) ? 2604 iwn_fw_errmsg[dump.id] : "UNKNOWN", 2605 dump.id); 2606 aprint_error(" program counter = 0x%08X\n", dump.pc); 2607 aprint_error(" source line = 0x%08X\n", dump.src_line); 2608 aprint_error(" error data = 0x%08X%08X\n", 2609 dump.error_data[0], dump.error_data[1]); 2610 aprint_error(" branch link = 0x%08X%08X\n", 2611 dump.branch_link[0], dump.branch_link[1]); 2612 aprint_error(" interrupt link = 0x%08X%08X\n", 2613 dump.interrupt_link[0], dump.interrupt_link[1]); 2614 aprint_error(" time = %u\n", dump.time[0]); 2615 2616 /* Dump driver status (TX and RX rings) while we're here. */ 2617 aprint_error("driver status:\n"); 2618 for (i = 0; i < sc->ntxqs; i++) { 2619 struct iwn_tx_ring *ring = &sc->txq[i]; 2620 aprint_error(" tx ring %2d: qid=%-2d cur=%-3d queued=%-3d\n", 2621 i, ring->qid, ring->cur, ring->queued); 2622 } 2623 aprint_error(" rx ring: cur=%d\n", sc->rxq.cur); 2624 aprint_error(" 802.11 state %d\n", sc->sc_ic.ic_state); 2625 } 2626 2627 static int 2628 iwn_intr(void *arg) 2629 { 2630 struct iwn_softc *sc = arg; 2631 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2632 uint32_t r1, r2, tmp; 2633 2634 /* Disable interrupts. */ 2635 IWN_WRITE(sc, IWN_INT_MASK, 0); 2636 2637 /* Read interrupts from ICT (fast) or from registers (slow). */ 2638 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 2639 bus_dmamap_sync(sc->sc_dmat, sc->ict_dma.map, 0, 2640 IWN_ICT_SIZE, BUS_DMASYNC_POSTREAD); 2641 tmp = 0; 2642 while (sc->ict[sc->ict_cur] != 0) { 2643 tmp |= sc->ict[sc->ict_cur]; 2644 sc->ict[sc->ict_cur] = 0; /* Acknowledge. */ 2645 sc->ict_cur = (sc->ict_cur + 1) % IWN_ICT_COUNT; 2646 } 2647 bus_dmamap_sync(sc->sc_dmat, sc->ict_dma.map, 0, 2648 IWN_ICT_SIZE, BUS_DMASYNC_PREWRITE); 2649 tmp = le32toh(tmp); 2650 if (tmp == 0xffffffff) /* Shouldn't happen. */ 2651 tmp = 0; 2652 else if (tmp & 0xc0000) /* Workaround a HW bug. */ 2653 tmp |= 0x8000; 2654 r1 = (tmp & 0xff00) << 16 | (tmp & 0xff); 2655 r2 = 0; /* Unused. */ 2656 } else { 2657 r1 = IWN_READ(sc, IWN_INT); 2658 if (r1 == 0xffffffff || (r1 & 0xfffffff0) == 0xa5a5a5a0) 2659 return 0; /* Hardware gone! */ 2660 r2 = IWN_READ(sc, IWN_FH_INT); 2661 } 2662 if (r1 == 0 && r2 == 0) { 2663 if (ifp->if_flags & IFF_UP) 2664 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 2665 return 0; /* Interrupt not for us. */ 2666 } 2667 2668 /* Acknowledge interrupts. */ 2669 IWN_WRITE(sc, IWN_INT, r1); 2670 if (!(sc->sc_flags & IWN_FLAG_USE_ICT)) 2671 IWN_WRITE(sc, IWN_FH_INT, r2); 2672 2673 if (r1 & IWN_INT_RF_TOGGLED) { 2674 tmp = IWN_READ(sc, IWN_GP_CNTRL); 2675 aprint_error_dev(sc->sc_dev, 2676 "RF switch: radio %s\n", 2677 (tmp & IWN_GP_CNTRL_RFKILL) ? "enabled" : "disabled"); 2678 } 2679 if (r1 & IWN_INT_CT_REACHED) { 2680 aprint_error_dev(sc->sc_dev, 2681 "critical temperature reached!\n"); 2682 } 2683 if (r1 & (IWN_INT_SW_ERR | IWN_INT_HW_ERR)) { 2684 aprint_error_dev(sc->sc_dev, 2685 "fatal firmware error\n"); 2686 /* Dump firmware error log and stop. */ 2687 iwn_fatal_intr(sc); 2688 ifp->if_flags &= ~IFF_UP; 2689 iwn_stop(ifp, 1); 2690 return 1; 2691 } 2692 if ((r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX | IWN_INT_RX_PERIODIC)) || 2693 (r2 & IWN_FH_INT_RX)) { 2694 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 2695 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) 2696 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_RX); 2697 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 2698 IWN_INT_PERIODIC_DIS); 2699 iwn_notif_intr(sc); 2700 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) { 2701 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 2702 IWN_INT_PERIODIC_ENA); 2703 } 2704 } else 2705 iwn_notif_intr(sc); 2706 } 2707 2708 if ((r1 & IWN_INT_FH_TX) || (r2 & IWN_FH_INT_TX)) { 2709 if (sc->sc_flags & IWN_FLAG_USE_ICT) 2710 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_TX); 2711 wakeup(sc); /* FH DMA transfer completed. */ 2712 } 2713 2714 if (r1 & IWN_INT_ALIVE) 2715 wakeup(sc); /* Firmware is alive. */ 2716 2717 if (r1 & IWN_INT_WAKEUP) 2718 iwn_wakeup_intr(sc); 2719 2720 /* Re-enable interrupts. */ 2721 if (ifp->if_flags & IFF_UP) 2722 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 2723 2724 return 1; 2725 } 2726 2727 /* 2728 * Update TX scheduler ring when transmitting an 802.11 frame (4965AGN and 2729 * 5000 adapters use a slightly different format). 2730 */ 2731 static void 2732 iwn4965_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 2733 uint16_t len) 2734 { 2735 uint16_t *w = &sc->sched[qid * IWN4965_SCHED_COUNT + idx]; 2736 2737 *w = htole16(len + 8); 2738 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2739 (char *)(void *)w - (char *)(void *)sc->sched_dma.vaddr, 2740 sizeof (uint16_t), 2741 BUS_DMASYNC_PREWRITE); 2742 if (idx < IWN_SCHED_WINSZ) { 2743 *(w + IWN_TX_RING_COUNT) = *w; 2744 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2745 (char *)(void *)(w + IWN_TX_RING_COUNT) - 2746 (char *)(void *)sc->sched_dma.vaddr, 2747 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2748 } 2749 } 2750 2751 static void 2752 iwn5000_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 2753 uint16_t len) 2754 { 2755 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 2756 2757 *w = htole16(id << 12 | (len + 8)); 2758 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2759 (char *)(void *)w - (char *)(void *)sc->sched_dma.vaddr, 2760 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2761 if (idx < IWN_SCHED_WINSZ) { 2762 *(w + IWN_TX_RING_COUNT) = *w; 2763 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2764 (char *)(void *)(w + IWN_TX_RING_COUNT) - 2765 (char *)(void *)sc->sched_dma.vaddr, 2766 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2767 } 2768 } 2769 2770 #ifdef notyet 2771 static void 2772 iwn5000_reset_sched(struct iwn_softc *sc, int qid, int idx) 2773 { 2774 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 2775 2776 *w = (*w & htole16(0xf000)) | htole16(1); 2777 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2778 (char *)(void *)w - (char *)(void *)sc->sched_dma.vaddr, 2779 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2780 if (idx < IWN_SCHED_WINSZ) { 2781 *(w + IWN_TX_RING_COUNT) = *w; 2782 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2783 (char *)(void *)(w + IWN_TX_RING_COUNT) - 2784 (char *)(void *)sc->sched_dma.vaddr, 2785 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2786 } 2787 } 2788 #endif 2789 2790 static int 2791 iwn_tx(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni, int ac) 2792 { 2793 struct ieee80211com *ic = &sc->sc_ic; 2794 struct iwn_node *wn = (void *)ni; 2795 struct iwn_tx_ring *ring; 2796 struct iwn_tx_desc *desc; 2797 struct iwn_tx_data *data; 2798 struct iwn_tx_cmd *cmd; 2799 struct iwn_cmd_data *tx; 2800 const struct iwn_rate *rinfo; 2801 struct ieee80211_frame *wh; 2802 struct ieee80211_key *k = NULL; 2803 struct mbuf *m1; 2804 uint32_t flags; 2805 u_int hdrlen; 2806 bus_dma_segment_t *seg; 2807 uint8_t tid, ridx, txant, type; 2808 int i, totlen, error, pad; 2809 2810 const struct chanAccParams *cap; 2811 int noack; 2812 int hdrlen2; 2813 2814 wh = mtod(m, struct ieee80211_frame *); 2815 hdrlen = ieee80211_anyhdrsize(wh); 2816 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2817 2818 hdrlen2 = (ieee80211_has_qos(wh)) ? 2819 sizeof (struct ieee80211_qosframe) : 2820 sizeof (struct ieee80211_frame); 2821 2822 if (hdrlen != hdrlen2) 2823 aprint_error_dev(sc->sc_dev, "hdrlen error (%d != %d)\n", 2824 hdrlen, hdrlen2); 2825 2826 /* XXX OpenBSD sets a different tid when using QOS */ 2827 tid = 0; 2828 if (ieee80211_has_qos(wh)) { 2829 cap = &ic->ic_wme.wme_chanParams; 2830 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 2831 } 2832 else 2833 noack = 0; 2834 2835 ring = &sc->txq[ac]; 2836 desc = &ring->desc[ring->cur]; 2837 data = &ring->data[ring->cur]; 2838 2839 /* Choose a TX rate index. */ 2840 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2841 type != IEEE80211_FC0_TYPE_DATA) { 2842 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2843 IWN_RIDX_OFDM6 : IWN_RIDX_CCK1; 2844 } else if (ic->ic_fixed_rate != -1) { 2845 ridx = sc->fixed_ridx; 2846 } else 2847 ridx = wn->ridx[ni->ni_txrate]; 2848 rinfo = &iwn_rates[ridx]; 2849 2850 /* Encrypt the frame if need be. */ 2851 /* 2852 * XXX For now, NetBSD swaps the encryption and bpf sections 2853 * in order to match old code and other drivers. Tests with 2854 * tcpdump indicates that the order is irrelevant, however, 2855 * as bpf produces unencrypted data for both ordering choices. 2856 */ 2857 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2858 k = ieee80211_crypto_encap(ic, ni, m); 2859 if (k == NULL) { 2860 m_freem(m); 2861 return ENOBUFS; 2862 } 2863 /* Packet header may have moved, reset our local pointer. */ 2864 wh = mtod(m, struct ieee80211_frame *); 2865 } 2866 totlen = m->m_pkthdr.len; 2867 2868 if (sc->sc_drvbpf != NULL) { 2869 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 2870 2871 tap->wt_flags = 0; 2872 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 2873 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 2874 tap->wt_rate = rinfo->rate; 2875 tap->wt_hwqueue = ac; 2876 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 2877 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2878 2879 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m); 2880 } 2881 2882 /* Prepare TX firmware command. */ 2883 cmd = &ring->cmd[ring->cur]; 2884 cmd->code = IWN_CMD_TX_DATA; 2885 cmd->flags = 0; 2886 cmd->qid = ring->qid; 2887 cmd->idx = ring->cur; 2888 2889 tx = (struct iwn_cmd_data *)cmd->data; 2890 /* NB: No need to clear tx, all fields are reinitialized here. */ 2891 tx->scratch = 0; /* clear "scratch" area */ 2892 2893 flags = 0; 2894 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 2895 /* Unicast frame, check if an ACK is expected. */ 2896 if (!noack) 2897 flags |= IWN_TX_NEED_ACK; 2898 } 2899 2900 #ifdef notyet 2901 /* XXX NetBSD does not define IEEE80211_FC0_SUBTYPE_BAR */ 2902 if ((wh->i_fc[0] & 2903 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 2904 (IEEE80211_FC0_TYPE_CTL | IEEE80211_FC0_SUBTYPE_BAR)) 2905 flags |= IWN_TX_IMM_BA; /* Cannot happen yet. */ 2906 #endif 2907 2908 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) 2909 flags |= IWN_TX_MORE_FRAG; /* Cannot happen yet. */ 2910 2911 /* Check if frame must be protected using RTS/CTS or CTS-to-self. */ 2912 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 2913 /* NB: Group frames are sent using CCK in 802.11b/g. */ 2914 if (totlen + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) { 2915 flags |= IWN_TX_NEED_RTS; 2916 } else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 2917 ridx >= IWN_RIDX_OFDM6) { 2918 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 2919 flags |= IWN_TX_NEED_CTS; 2920 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 2921 flags |= IWN_TX_NEED_RTS; 2922 } 2923 if (flags & (IWN_TX_NEED_RTS | IWN_TX_NEED_CTS)) { 2924 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 2925 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 2926 flags &= ~(IWN_TX_NEED_RTS | IWN_TX_NEED_CTS); 2927 flags |= IWN_TX_NEED_PROTECTION; 2928 } else 2929 flags |= IWN_TX_FULL_TXOP; 2930 } 2931 } 2932 2933 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2934 type != IEEE80211_FC0_TYPE_DATA) 2935 tx->id = sc->broadcast_id; 2936 else 2937 tx->id = wn->id; 2938 2939 if (type == IEEE80211_FC0_TYPE_MGT) { 2940 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2941 2942 #ifndef IEEE80211_STA_ONLY 2943 /* Tell HW to set timestamp in probe responses. */ 2944 /* XXX NetBSD rev 1.11 added probe requests here but */ 2945 /* probe requests do not take timestamps (from Bergamini). */ 2946 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 2947 flags |= IWN_TX_INSERT_TSTAMP; 2948 #endif 2949 /* XXX NetBSD rev 1.11 and 1.20 added AUTH/DAUTH and RTS/CTS */ 2950 /* changes here. These are not needed (from Bergamini). */ 2951 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 2952 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 2953 tx->timeout = htole16(3); 2954 else 2955 tx->timeout = htole16(2); 2956 } else 2957 tx->timeout = htole16(0); 2958 2959 if (hdrlen & 3) { 2960 /* First segment length must be a multiple of 4. */ 2961 flags |= IWN_TX_NEED_PADDING; 2962 pad = 4 - (hdrlen & 3); 2963 } else 2964 pad = 0; 2965 2966 tx->len = htole16(totlen); 2967 tx->tid = tid; 2968 tx->rts_ntries = 60; 2969 tx->data_ntries = 15; 2970 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 2971 tx->plcp = rinfo->plcp; 2972 tx->rflags = rinfo->flags; 2973 if (tx->id == sc->broadcast_id) { 2974 /* Group or management frame. */ 2975 tx->linkq = 0; 2976 /* XXX Alternate between antenna A and B? */ 2977 txant = IWN_LSB(sc->txchainmask); 2978 tx->rflags |= IWN_RFLAG_ANT(txant); 2979 } else { 2980 tx->linkq = ni->ni_rates.rs_nrates - ni->ni_txrate - 1; 2981 flags |= IWN_TX_LINKQ; /* enable MRR */ 2982 } 2983 /* Set physical address of "scratch area". */ 2984 tx->loaddr = htole32(IWN_LOADDR(data->scratch_paddr)); 2985 tx->hiaddr = IWN_HIADDR(data->scratch_paddr); 2986 2987 /* Copy 802.11 header in TX command. */ 2988 /* XXX NetBSD changed this in rev 1.20 */ 2989 memcpy(((uint8_t *)tx) + sizeof(*tx), wh, hdrlen); 2990 2991 /* Trim 802.11 header. */ 2992 m_adj(m, hdrlen); 2993 tx->security = 0; 2994 tx->flags = htole32(flags); 2995 2996 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 2997 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 2998 if (error != 0) { 2999 if (error != EFBIG) { 3000 aprint_error_dev(sc->sc_dev, 3001 "can't map mbuf (error %d)\n", error); 3002 m_freem(m); 3003 return error; 3004 } 3005 /* Too many DMA segments, linearize mbuf. */ 3006 MGETHDR(m1, M_DONTWAIT, MT_DATA); 3007 if (m1 == NULL) { 3008 m_freem(m); 3009 return ENOBUFS; 3010 } 3011 if (m->m_pkthdr.len > MHLEN) { 3012 MCLGET(m1, M_DONTWAIT); 3013 if (!(m1->m_flags & M_EXT)) { 3014 m_freem(m); 3015 m_freem(m1); 3016 return ENOBUFS; 3017 } 3018 } 3019 m_copydata(m, 0, m->m_pkthdr.len, mtod(m1, void *)); 3020 m1->m_pkthdr.len = m1->m_len = m->m_pkthdr.len; 3021 m_freem(m); 3022 m = m1; 3023 3024 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 3025 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 3026 if (error != 0) { 3027 aprint_error_dev(sc->sc_dev, 3028 "can't map mbuf (error %d)\n", error); 3029 m_freem(m); 3030 return error; 3031 } 3032 } 3033 3034 data->m = m; 3035 data->ni = ni; 3036 3037 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 3038 ring->qid, ring->cur, m->m_pkthdr.len, data->map->dm_nsegs)); 3039 3040 /* Fill TX descriptor. */ 3041 desc->nsegs = 1 + data->map->dm_nsegs; 3042 /* First DMA segment is used by the TX command. */ 3043 desc->segs[0].addr = htole32(IWN_LOADDR(data->cmd_paddr)); 3044 desc->segs[0].len = htole16(IWN_HIADDR(data->cmd_paddr) | 3045 (4 + sizeof (*tx) + hdrlen + pad) << 4); 3046 /* Other DMA segments are for data payload. */ 3047 seg = data->map->dm_segs; 3048 for (i = 1; i <= data->map->dm_nsegs; i++) { 3049 desc->segs[i].addr = htole32(IWN_LOADDR(seg->ds_addr)); 3050 desc->segs[i].len = htole16(IWN_HIADDR(seg->ds_addr) | 3051 seg->ds_len << 4); 3052 seg++; 3053 } 3054 3055 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 3056 BUS_DMASYNC_PREWRITE); 3057 bus_dmamap_sync(sc->sc_dmat, ring->cmd_dma.map, 3058 (char *)(void *)cmd - (char *)(void *)ring->cmd_dma.vaddr, 3059 sizeof (*cmd), BUS_DMASYNC_PREWRITE); 3060 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 3061 (char *)(void *)desc - (char *)(void *)ring->desc_dma.vaddr, 3062 sizeof (*desc), BUS_DMASYNC_PREWRITE); 3063 3064 #ifdef notyet 3065 /* Update TX scheduler. */ 3066 ops->update_sched(sc, ring->qid, ring->cur, tx->id, totlen); 3067 #endif 3068 3069 /* Kick TX ring. */ 3070 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 3071 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 3072 3073 /* Mark TX ring as full if we reach a certain threshold. */ 3074 if (++ring->queued > IWN_TX_RING_HIMARK) 3075 sc->qfullmsk |= 1 << ring->qid; 3076 3077 return 0; 3078 } 3079 3080 static void 3081 iwn_start(struct ifnet *ifp) 3082 { 3083 struct iwn_softc *sc = ifp->if_softc; 3084 struct ieee80211com *ic = &sc->sc_ic; 3085 struct ieee80211_node *ni; 3086 struct ether_header *eh; 3087 struct mbuf *m; 3088 int ac; 3089 3090 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 3091 return; 3092 3093 for (;;) { 3094 if (sc->qfullmsk != 0) { 3095 ifp->if_flags |= IFF_OACTIVE; 3096 break; 3097 } 3098 /* Send pending management frames first. */ 3099 IF_DEQUEUE(&ic->ic_mgtq, m); 3100 if (m != NULL) { 3101 ni = M_GETCTX(m, struct ieee80211_node *); 3102 ac = 0; 3103 goto sendit; 3104 } 3105 if (ic->ic_state != IEEE80211_S_RUN) 3106 break; 3107 3108 /* Encapsulate and send data frames. */ 3109 IFQ_DEQUEUE(&ifp->if_snd, m); 3110 if (m == NULL) 3111 break; 3112 if (m->m_len < sizeof (*eh) && 3113 (m = m_pullup(m, sizeof (*eh))) == NULL) { 3114 ifp->if_oerrors++; 3115 continue; 3116 } 3117 eh = mtod(m, struct ether_header *); 3118 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 3119 if (ni == NULL) { 3120 m_freem(m); 3121 ifp->if_oerrors++; 3122 continue; 3123 } 3124 /* classify mbuf so we can find which tx ring to use */ 3125 if (ieee80211_classify(ic, m, ni) != 0) { 3126 m_freem(m); 3127 ieee80211_free_node(ni); 3128 ifp->if_oerrors++; 3129 continue; 3130 } 3131 3132 /* No QoS encapsulation for EAPOL frames. */ 3133 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 3134 M_WME_GETAC(m) : WME_AC_BE; 3135 3136 bpf_mtap(ifp, m); 3137 3138 if ((m = ieee80211_encap(ic, m, ni)) == NULL) { 3139 ieee80211_free_node(ni); 3140 ifp->if_oerrors++; 3141 continue; 3142 } 3143 sendit: 3144 bpf_mtap3(ic->ic_rawbpf, m); 3145 3146 if (iwn_tx(sc, m, ni, ac) != 0) { 3147 ieee80211_free_node(ni); 3148 ifp->if_oerrors++; 3149 continue; 3150 } 3151 3152 sc->sc_tx_timer = 5; 3153 ifp->if_timer = 1; 3154 } 3155 } 3156 3157 static void 3158 iwn_watchdog(struct ifnet *ifp) 3159 { 3160 struct iwn_softc *sc = ifp->if_softc; 3161 3162 ifp->if_timer = 0; 3163 3164 if (sc->sc_tx_timer > 0) { 3165 if (--sc->sc_tx_timer == 0) { 3166 aprint_error_dev(sc->sc_dev, 3167 "device timeout\n"); 3168 ifp->if_flags &= ~IFF_UP; 3169 iwn_stop(ifp, 1); 3170 ifp->if_oerrors++; 3171 return; 3172 } 3173 ifp->if_timer = 1; 3174 } 3175 3176 ieee80211_watchdog(&sc->sc_ic); 3177 } 3178 3179 static int 3180 iwn_ioctl(struct ifnet *ifp, u_long cmd, void *data) 3181 { 3182 struct iwn_softc *sc = ifp->if_softc; 3183 struct ieee80211com *ic = &sc->sc_ic; 3184 const struct sockaddr *sa; 3185 int s, error = 0; 3186 3187 s = splnet(); 3188 3189 switch (cmd) { 3190 case SIOCSIFADDR: 3191 ifp->if_flags |= IFF_UP; 3192 /* FALLTHROUGH */ 3193 case SIOCSIFFLAGS: 3194 /* XXX Added as it is in every NetBSD driver */ 3195 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 3196 break; 3197 if (ifp->if_flags & IFF_UP) { 3198 if (!(ifp->if_flags & IFF_RUNNING)) 3199 error = iwn_init(ifp); 3200 } else { 3201 if (ifp->if_flags & IFF_RUNNING) 3202 iwn_stop(ifp, 1); 3203 } 3204 break; 3205 3206 case SIOCADDMULTI: 3207 case SIOCDELMULTI: 3208 sa = ifreq_getaddr(SIOCADDMULTI, (struct ifreq *)data); 3209 error = (cmd == SIOCADDMULTI) ? 3210 ether_addmulti(sa, &sc->sc_ec) : 3211 ether_delmulti(sa, &sc->sc_ec); 3212 3213 if (error == ENETRESET) 3214 error = 0; 3215 break; 3216 3217 default: 3218 error = ieee80211_ioctl(ic, cmd, data); 3219 } 3220 3221 if (error == ENETRESET) { 3222 error = 0; 3223 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 3224 (IFF_UP | IFF_RUNNING)) { 3225 iwn_stop(ifp, 0); 3226 error = iwn_init(ifp); 3227 } 3228 } 3229 3230 splx(s); 3231 return error; 3232 } 3233 3234 /* 3235 * Send a command to the firmware. 3236 */ 3237 static int 3238 iwn_cmd(struct iwn_softc *sc, int code, const void *buf, int size, int async) 3239 { 3240 struct iwn_tx_ring *ring = &sc->txq[4]; 3241 struct iwn_tx_desc *desc; 3242 struct iwn_tx_data *data; 3243 struct iwn_tx_cmd *cmd; 3244 struct mbuf *m; 3245 bus_addr_t paddr; 3246 int totlen, error; 3247 3248 desc = &ring->desc[ring->cur]; 3249 data = &ring->data[ring->cur]; 3250 totlen = 4 + size; 3251 3252 if (size > sizeof cmd->data) { 3253 /* Command is too large to fit in a descriptor. */ 3254 if (totlen > MCLBYTES) 3255 return EINVAL; 3256 MGETHDR(m, M_DONTWAIT, MT_DATA); 3257 if (m == NULL) 3258 return ENOMEM; 3259 if (totlen > MHLEN) { 3260 MCLGET(m, M_DONTWAIT); 3261 if (!(m->m_flags & M_EXT)) { 3262 m_freem(m); 3263 return ENOMEM; 3264 } 3265 } 3266 cmd = mtod(m, struct iwn_tx_cmd *); 3267 error = bus_dmamap_load(sc->sc_dmat, data->map, cmd, totlen, 3268 NULL, BUS_DMA_NOWAIT | BUS_DMA_WRITE); 3269 if (error != 0) { 3270 m_freem(m); 3271 return error; 3272 } 3273 data->m = m; 3274 paddr = data->map->dm_segs[0].ds_addr; 3275 } else { 3276 cmd = &ring->cmd[ring->cur]; 3277 paddr = data->cmd_paddr; 3278 } 3279 3280 cmd->code = code; 3281 cmd->flags = 0; 3282 cmd->qid = ring->qid; 3283 cmd->idx = ring->cur; 3284 memcpy(cmd->data, buf, size); 3285 3286 desc->nsegs = 1; 3287 desc->segs[0].addr = htole32(IWN_LOADDR(paddr)); 3288 desc->segs[0].len = htole16(IWN_HIADDR(paddr) | totlen << 4); 3289 3290 if (size > sizeof cmd->data) { 3291 bus_dmamap_sync(sc->sc_dmat, data->map, 0, totlen, 3292 BUS_DMASYNC_PREWRITE); 3293 } else { 3294 bus_dmamap_sync(sc->sc_dmat, ring->cmd_dma.map, 3295 (char *)(void *)cmd - (char *)(void *)ring->cmd_dma.vaddr, 3296 totlen, BUS_DMASYNC_PREWRITE); 3297 } 3298 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 3299 (char *)(void *)desc - (char *)(void *)ring->desc_dma.vaddr, 3300 sizeof (*desc), BUS_DMASYNC_PREWRITE); 3301 3302 #ifdef notyet 3303 /* Update TX scheduler. */ 3304 ops->update_sched(sc, ring->qid, ring->cur, 0, 0); 3305 #endif 3306 DPRINTFN(4, ("iwn_cmd %d size=%d %s\n", code, size, async ? " (async)" : "")); 3307 3308 /* Kick command ring. */ 3309 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 3310 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 3311 3312 return async ? 0 : tsleep(desc, PCATCH, "iwncmd", hz); 3313 } 3314 3315 static int 3316 iwn4965_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 3317 { 3318 struct iwn4965_node_info hnode; 3319 char *src, *dst; 3320 3321 /* 3322 * We use the node structure for 5000 Series internally (it is 3323 * a superset of the one for 4965AGN). We thus copy the common 3324 * fields before sending the command. 3325 */ 3326 src = (char *)node; 3327 dst = (char *)&hnode; 3328 memcpy(dst, src, 48); 3329 /* Skip TSC, RX MIC and TX MIC fields from ``src''. */ 3330 memcpy(dst + 48, src + 72, 20); 3331 return iwn_cmd(sc, IWN_CMD_ADD_NODE, &hnode, sizeof hnode, async); 3332 } 3333 3334 static int 3335 iwn5000_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 3336 { 3337 /* Direct mapping. */ 3338 return iwn_cmd(sc, IWN_CMD_ADD_NODE, node, sizeof (*node), async); 3339 } 3340 3341 static int 3342 iwn_set_link_quality(struct iwn_softc *sc, struct ieee80211_node *ni) 3343 { 3344 struct iwn_node *wn = (void *)ni; 3345 struct ieee80211_rateset *rs = &ni->ni_rates; 3346 struct iwn_cmd_link_quality linkq; 3347 const struct iwn_rate *rinfo; 3348 uint8_t txant; 3349 int i, txrate; 3350 3351 /* Use the first valid TX antenna. */ 3352 txant = IWN_LSB(sc->txchainmask); 3353 3354 memset(&linkq, 0, sizeof linkq); 3355 linkq.id = wn->id; 3356 linkq.antmsk_1stream = txant; 3357 linkq.antmsk_2stream = IWN_ANT_AB; 3358 linkq.ampdu_max = 31; 3359 linkq.ampdu_threshold = 3; 3360 linkq.ampdu_limit = htole16(4000); /* 4ms */ 3361 3362 /* Start at highest available bit-rate. */ 3363 txrate = rs->rs_nrates - 1; 3364 for (i = 0; i < IWN_MAX_TX_RETRIES; i++) { 3365 rinfo = &iwn_rates[wn->ridx[txrate]]; 3366 linkq.retry[i].plcp = rinfo->plcp; 3367 linkq.retry[i].rflags = rinfo->flags; 3368 linkq.retry[i].rflags |= IWN_RFLAG_ANT(txant); 3369 /* Next retry at immediate lower bit-rate. */ 3370 if (txrate > 0) 3371 txrate--; 3372 } 3373 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, 1); 3374 } 3375 3376 /* 3377 * Broadcast node is used to send group-addressed and management frames. 3378 */ 3379 static int 3380 iwn_add_broadcast_node(struct iwn_softc *sc, int async) 3381 { 3382 struct iwn_ops *ops = &sc->ops; 3383 struct iwn_node_info node; 3384 struct iwn_cmd_link_quality linkq; 3385 const struct iwn_rate *rinfo; 3386 uint8_t txant; 3387 int i, error; 3388 3389 memset(&node, 0, sizeof node); 3390 IEEE80211_ADDR_COPY(node.macaddr, etherbroadcastaddr); 3391 node.id = sc->broadcast_id; 3392 DPRINTF(("adding broadcast node\n")); 3393 if ((error = ops->add_node(sc, &node, async)) != 0) 3394 return error; 3395 3396 /* Use the first valid TX antenna. */ 3397 txant = IWN_LSB(sc->txchainmask); 3398 3399 memset(&linkq, 0, sizeof linkq); 3400 linkq.id = sc->broadcast_id; 3401 linkq.antmsk_1stream = txant; 3402 linkq.antmsk_2stream = IWN_ANT_AB; 3403 linkq.ampdu_max = 64; 3404 linkq.ampdu_threshold = 3; 3405 linkq.ampdu_limit = htole16(4000); /* 4ms */ 3406 3407 /* Use lowest mandatory bit-rate. */ 3408 rinfo = (sc->sc_ic.ic_curmode != IEEE80211_MODE_11A) ? 3409 &iwn_rates[IWN_RIDX_CCK1] : &iwn_rates[IWN_RIDX_OFDM6]; 3410 linkq.retry[0].plcp = rinfo->plcp; 3411 linkq.retry[0].rflags = rinfo->flags; 3412 linkq.retry[0].rflags |= IWN_RFLAG_ANT(txant); 3413 /* Use same bit-rate for all TX retries. */ 3414 for (i = 1; i < IWN_MAX_TX_RETRIES; i++) { 3415 linkq.retry[i].plcp = linkq.retry[0].plcp; 3416 linkq.retry[i].rflags = linkq.retry[0].rflags; 3417 } 3418 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, async); 3419 } 3420 3421 static void 3422 iwn_set_led(struct iwn_softc *sc, uint8_t which, uint8_t off, uint8_t on) 3423 { 3424 struct iwn_cmd_led led; 3425 3426 /* Clear microcode LED ownership. */ 3427 IWN_CLRBITS(sc, IWN_LED, IWN_LED_BSM_CTRL); 3428 3429 led.which = which; 3430 led.unit = htole32(10000); /* on/off in unit of 100ms */ 3431 led.off = off; 3432 led.on = on; 3433 (void)iwn_cmd(sc, IWN_CMD_SET_LED, &led, sizeof led, 1); 3434 } 3435 3436 /* 3437 * Set the critical temperature at which the firmware will stop the radio 3438 * and notify us. 3439 */ 3440 static int 3441 iwn_set_critical_temp(struct iwn_softc *sc) 3442 { 3443 struct iwn_critical_temp crit; 3444 int32_t temp; 3445 3446 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CTEMP_STOP_RF); 3447 3448 if (sc->hw_type == IWN_HW_REV_TYPE_5150) 3449 temp = (IWN_CTOK(110) - sc->temp_off) * -5; 3450 else if (sc->hw_type == IWN_HW_REV_TYPE_4965) 3451 temp = IWN_CTOK(110); 3452 else 3453 temp = 110; 3454 memset(&crit, 0, sizeof crit); 3455 crit.tempR = htole32(temp); 3456 DPRINTF(("setting critical temperature to %d\n", temp)); 3457 return iwn_cmd(sc, IWN_CMD_SET_CRITICAL_TEMP, &crit, sizeof crit, 0); 3458 } 3459 3460 static int 3461 iwn_set_timing(struct iwn_softc *sc, struct ieee80211_node *ni) 3462 { 3463 struct iwn_cmd_timing cmd; 3464 uint64_t val, mod; 3465 3466 memset(&cmd, 0, sizeof cmd); 3467 memcpy(&cmd.tstamp, ni->ni_tstamp.data, sizeof (uint64_t)); 3468 cmd.bintval = htole16(ni->ni_intval); 3469 cmd.lintval = htole16(10); 3470 3471 /* Compute remaining time until next beacon. */ 3472 val = (uint64_t)ni->ni_intval * 1024; /* msecs -> usecs */ 3473 mod = le64toh(cmd.tstamp) % val; 3474 cmd.binitval = htole32((uint32_t)(val - mod)); 3475 3476 DPRINTF(("timing bintval=%u, tstamp=%" PRIu64 ", init=%" PRIu32 "\n", 3477 ni->ni_intval, le64toh(cmd.tstamp), (uint32_t)(val - mod))); 3478 3479 return iwn_cmd(sc, IWN_CMD_TIMING, &cmd, sizeof cmd, 1); 3480 } 3481 3482 static void 3483 iwn4965_power_calibration(struct iwn_softc *sc, int temp) 3484 { 3485 /* Adjust TX power if need be (delta >= 3 degC). */ 3486 DPRINTF(("temperature %d->%d\n", sc->temp, temp)); 3487 if (abs(temp - sc->temp) >= 3) { 3488 /* Record temperature of last calibration. */ 3489 sc->temp = temp; 3490 (void)iwn4965_set_txpower(sc, 1); 3491 } 3492 } 3493 3494 /* 3495 * Set TX power for current channel (each rate has its own power settings). 3496 * This function takes into account the regulatory information from EEPROM, 3497 * the current temperature and the current voltage. 3498 */ 3499 static int 3500 iwn4965_set_txpower(struct iwn_softc *sc, int async) 3501 { 3502 /* Fixed-point arithmetic division using a n-bit fractional part. */ 3503 #define fdivround(a, b, n) \ 3504 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 3505 /* Linear interpolation. */ 3506 #define interpolate(x, x1, y1, x2, y2, n) \ 3507 ((y1) + fdivround(((int)(x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 3508 3509 static const int tdiv[IWN_NATTEN_GROUPS] = { 9, 8, 8, 8, 6 }; 3510 struct ieee80211com *ic = &sc->sc_ic; 3511 struct iwn_ucode_info *uc = &sc->ucode_info; 3512 struct ieee80211_channel *ch; 3513 struct iwn4965_cmd_txpower cmd; 3514 struct iwn4965_eeprom_chan_samples *chans; 3515 const uint8_t *rf_gain, *dsp_gain; 3516 int32_t vdiff, tdiff; 3517 int i, c, grp, maxpwr; 3518 uint8_t chan; 3519 3520 /* Retrieve current channel from last RXON. */ 3521 chan = sc->rxon.chan; 3522 DPRINTF(("setting TX power for channel %d\n", chan)); 3523 ch = &ic->ic_channels[chan]; 3524 3525 memset(&cmd, 0, sizeof cmd); 3526 cmd.band = IEEE80211_IS_CHAN_5GHZ(ch) ? 0 : 1; 3527 cmd.chan = chan; 3528 3529 if (IEEE80211_IS_CHAN_5GHZ(ch)) { 3530 maxpwr = sc->maxpwr5GHz; 3531 rf_gain = iwn4965_rf_gain_5ghz; 3532 dsp_gain = iwn4965_dsp_gain_5ghz; 3533 } else { 3534 maxpwr = sc->maxpwr2GHz; 3535 rf_gain = iwn4965_rf_gain_2ghz; 3536 dsp_gain = iwn4965_dsp_gain_2ghz; 3537 } 3538 3539 /* Compute voltage compensation. */ 3540 vdiff = ((int32_t)le32toh(uc->volt) - sc->eeprom_voltage) / 7; 3541 if (vdiff > 0) 3542 vdiff *= 2; 3543 if (abs(vdiff) > 2) 3544 vdiff = 0; 3545 DPRINTF(("voltage compensation=%d (UCODE=%d, EEPROM=%d)\n", 3546 vdiff, le32toh(uc->volt), sc->eeprom_voltage)); 3547 3548 /* Get channel attenuation group. */ 3549 if (chan <= 20) /* 1-20 */ 3550 grp = 4; 3551 else if (chan <= 43) /* 34-43 */ 3552 grp = 0; 3553 else if (chan <= 70) /* 44-70 */ 3554 grp = 1; 3555 else if (chan <= 124) /* 71-124 */ 3556 grp = 2; 3557 else /* 125-200 */ 3558 grp = 3; 3559 DPRINTF(("chan %d, attenuation group=%d\n", chan, grp)); 3560 3561 /* Get channel sub-band. */ 3562 for (i = 0; i < IWN_NBANDS; i++) 3563 if (sc->bands[i].lo != 0 && 3564 sc->bands[i].lo <= chan && chan <= sc->bands[i].hi) 3565 break; 3566 if (i == IWN_NBANDS) /* Can't happen in real-life. */ 3567 return EINVAL; 3568 chans = sc->bands[i].chans; 3569 DPRINTF(("chan %d sub-band=%d\n", chan, i)); 3570 3571 for (c = 0; c < 2; c++) { 3572 uint8_t power, gain, temp; 3573 int maxchpwr, pwr, ridx, idx; 3574 3575 power = interpolate(chan, 3576 chans[0].num, chans[0].samples[c][1].power, 3577 chans[1].num, chans[1].samples[c][1].power, 1); 3578 gain = interpolate(chan, 3579 chans[0].num, chans[0].samples[c][1].gain, 3580 chans[1].num, chans[1].samples[c][1].gain, 1); 3581 temp = interpolate(chan, 3582 chans[0].num, chans[0].samples[c][1].temp, 3583 chans[1].num, chans[1].samples[c][1].temp, 1); 3584 DPRINTF(("TX chain %d: power=%d gain=%d temp=%d\n", 3585 c, power, gain, temp)); 3586 3587 /* Compute temperature compensation. */ 3588 tdiff = ((sc->temp - temp) * 2) / tdiv[grp]; 3589 DPRINTF(("temperature compensation=%d (current=%d, " 3590 "EEPROM=%d)\n", tdiff, sc->temp, temp)); 3591 3592 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) { 3593 /* Convert dBm to half-dBm. */ 3594 maxchpwr = sc->maxpwr[chan] * 2; 3595 if ((ridx / 8) & 1) 3596 maxchpwr -= 6; /* MIMO 2T: -3dB */ 3597 3598 pwr = maxpwr; 3599 3600 /* Adjust TX power based on rate. */ 3601 if ((ridx % 8) == 5) 3602 pwr -= 15; /* OFDM48: -7.5dB */ 3603 else if ((ridx % 8) == 6) 3604 pwr -= 17; /* OFDM54: -8.5dB */ 3605 else if ((ridx % 8) == 7) 3606 pwr -= 20; /* OFDM60: -10dB */ 3607 else 3608 pwr -= 10; /* Others: -5dB */ 3609 3610 /* Do not exceed channel max TX power. */ 3611 if (pwr > maxchpwr) 3612 pwr = maxchpwr; 3613 3614 idx = gain - (pwr - power) - tdiff - vdiff; 3615 if ((ridx / 8) & 1) /* MIMO */ 3616 idx += (int32_t)le32toh(uc->atten[grp][c]); 3617 3618 if (cmd.band == 0) 3619 idx += 9; /* 5GHz */ 3620 if (ridx == IWN_RIDX_MAX) 3621 idx += 5; /* CCK */ 3622 3623 /* Make sure idx stays in a valid range. */ 3624 if (idx < 0) 3625 idx = 0; 3626 else if (idx > IWN4965_MAX_PWR_INDEX) 3627 idx = IWN4965_MAX_PWR_INDEX; 3628 3629 DPRINTF(("TX chain %d, rate idx %d: power=%d\n", 3630 c, ridx, idx)); 3631 cmd.power[ridx].rf_gain[c] = rf_gain[idx]; 3632 cmd.power[ridx].dsp_gain[c] = dsp_gain[idx]; 3633 } 3634 } 3635 3636 DPRINTF(("setting TX power for chan %d\n", chan)); 3637 return iwn_cmd(sc, IWN_CMD_TXPOWER, &cmd, sizeof cmd, async); 3638 3639 #undef interpolate 3640 #undef fdivround 3641 } 3642 3643 static int 3644 iwn5000_set_txpower(struct iwn_softc *sc, int async) 3645 { 3646 struct iwn5000_cmd_txpower cmd; 3647 3648 /* 3649 * TX power calibration is handled automatically by the firmware 3650 * for 5000 Series. 3651 */ 3652 memset(&cmd, 0, sizeof cmd); 3653 cmd.global_limit = 2 * IWN5000_TXPOWER_MAX_DBM; /* 16 dBm */ 3654 cmd.flags = IWN5000_TXPOWER_NO_CLOSED; 3655 cmd.srv_limit = IWN5000_TXPOWER_AUTO; 3656 DPRINTF(("setting TX power\n")); 3657 return iwn_cmd(sc, IWN_CMD_TXPOWER_DBM, &cmd, sizeof cmd, async); 3658 } 3659 3660 /* 3661 * Retrieve the maximum RSSI (in dBm) among receivers. 3662 */ 3663 static int 3664 iwn4965_get_rssi(const struct iwn_rx_stat *stat) 3665 { 3666 const struct iwn4965_rx_phystat *phy = (const void *)stat->phybuf; 3667 uint8_t mask, agc; 3668 int rssi; 3669 3670 mask = (le16toh(phy->antenna) >> 4) & IWN_ANT_ABC; 3671 agc = (le16toh(phy->agc) >> 7) & 0x7f; 3672 3673 rssi = 0; 3674 if (mask & IWN_ANT_A) 3675 rssi = MAX(rssi, phy->rssi[0]); 3676 if (mask & IWN_ANT_B) 3677 rssi = MAX(rssi, phy->rssi[2]); 3678 if (mask & IWN_ANT_C) 3679 rssi = MAX(rssi, phy->rssi[4]); 3680 3681 return rssi - agc - IWN_RSSI_TO_DBM; 3682 } 3683 3684 static int 3685 iwn5000_get_rssi(const struct iwn_rx_stat *stat) 3686 { 3687 const struct iwn5000_rx_phystat *phy = (const void *)stat->phybuf; 3688 uint8_t agc; 3689 int rssi; 3690 3691 agc = (le32toh(phy->agc) >> 9) & 0x7f; 3692 3693 rssi = MAX(le16toh(phy->rssi[0]) & 0xff, 3694 le16toh(phy->rssi[1]) & 0xff); 3695 rssi = MAX(le16toh(phy->rssi[2]) & 0xff, rssi); 3696 3697 return rssi - agc - IWN_RSSI_TO_DBM; 3698 } 3699 3700 /* 3701 * Retrieve the average noise (in dBm) among receivers. 3702 */ 3703 static int 3704 iwn_get_noise(const struct iwn_rx_general_stats *stats) 3705 { 3706 int i, total, nbant, noise; 3707 3708 total = nbant = 0; 3709 for (i = 0; i < 3; i++) { 3710 if ((noise = le32toh(stats->noise[i]) & 0xff) == 0) 3711 continue; 3712 total += noise; 3713 nbant++; 3714 } 3715 /* There should be at least one antenna but check anyway. */ 3716 return (nbant == 0) ? -127 : (total / nbant) - 107; 3717 } 3718 3719 /* 3720 * Compute temperature (in degC) from last received statistics. 3721 */ 3722 static int 3723 iwn4965_get_temperature(struct iwn_softc *sc) 3724 { 3725 struct iwn_ucode_info *uc = &sc->ucode_info; 3726 int32_t r1, r2, r3, r4, temp; 3727 3728 r1 = le32toh(uc->temp[0].chan20MHz); 3729 r2 = le32toh(uc->temp[1].chan20MHz); 3730 r3 = le32toh(uc->temp[2].chan20MHz); 3731 r4 = le32toh(sc->rawtemp); 3732 3733 if (r1 == r3) /* Prevents division by 0 (should not happen). */ 3734 return 0; 3735 3736 /* Sign-extend 23-bit R4 value to 32-bit. */ 3737 r4 = ((r4 & 0xffffff) ^ 0x800000) - 0x800000; 3738 /* Compute temperature in Kelvin. */ 3739 temp = (259 * (r4 - r2)) / (r3 - r1); 3740 temp = (temp * 97) / 100 + 8; 3741 3742 DPRINTF(("temperature %dK/%dC\n", temp, IWN_KTOC(temp))); 3743 return IWN_KTOC(temp); 3744 } 3745 3746 static int 3747 iwn5000_get_temperature(struct iwn_softc *sc) 3748 { 3749 int32_t temp; 3750 3751 /* 3752 * Temperature is not used by the driver for 5000 Series because 3753 * TX power calibration is handled by firmware. We export it to 3754 * users through the sensor framework though. 3755 */ 3756 temp = le32toh(sc->rawtemp); 3757 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 3758 temp = (temp / -5) + sc->temp_off; 3759 temp = IWN_KTOC(temp); 3760 } 3761 return temp; 3762 } 3763 3764 /* 3765 * Initialize sensitivity calibration state machine. 3766 */ 3767 static int 3768 iwn_init_sensitivity(struct iwn_softc *sc) 3769 { 3770 struct iwn_ops *ops = &sc->ops; 3771 struct iwn_calib_state *calib = &sc->calib; 3772 uint32_t flags; 3773 int error; 3774 3775 /* Reset calibration state machine. */ 3776 memset(calib, 0, sizeof (*calib)); 3777 calib->state = IWN_CALIB_STATE_INIT; 3778 calib->cck_state = IWN_CCK_STATE_HIFA; 3779 /* Set initial correlation values. */ 3780 calib->ofdm_x1 = sc->limits->min_ofdm_x1; 3781 calib->ofdm_mrc_x1 = sc->limits->min_ofdm_mrc_x1; 3782 calib->ofdm_x4 = sc->limits->min_ofdm_x4; 3783 calib->ofdm_mrc_x4 = sc->limits->min_ofdm_mrc_x4; 3784 calib->cck_x4 = 125; 3785 calib->cck_mrc_x4 = sc->limits->min_cck_mrc_x4; 3786 calib->energy_cck = sc->limits->energy_cck; 3787 3788 /* Write initial sensitivity. */ 3789 if ((error = iwn_send_sensitivity(sc)) != 0) 3790 return error; 3791 3792 /* Write initial gains. */ 3793 if ((error = ops->init_gains(sc)) != 0) 3794 return error; 3795 3796 /* Request statistics at each beacon interval. */ 3797 flags = 0; 3798 DPRINTF(("sending request for statistics\n")); 3799 return iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, sizeof flags, 1); 3800 } 3801 3802 /* 3803 * Collect noise and RSSI statistics for the first 20 beacons received 3804 * after association and use them to determine connected antennas and 3805 * to set differential gains. 3806 */ 3807 static void 3808 iwn_collect_noise(struct iwn_softc *sc, 3809 const struct iwn_rx_general_stats *stats) 3810 { 3811 struct iwn_ops *ops = &sc->ops; 3812 struct iwn_calib_state *calib = &sc->calib; 3813 uint32_t val; 3814 int i; 3815 3816 /* Accumulate RSSI and noise for all 3 antennas. */ 3817 for (i = 0; i < 3; i++) { 3818 calib->rssi[i] += le32toh(stats->rssi[i]) & 0xff; 3819 calib->noise[i] += le32toh(stats->noise[i]) & 0xff; 3820 } 3821 /* NB: We update differential gains only once after 20 beacons. */ 3822 if (++calib->nbeacons < 20) 3823 return; 3824 3825 /* Determine highest average RSSI. */ 3826 val = MAX(calib->rssi[0], calib->rssi[1]); 3827 val = MAX(calib->rssi[2], val); 3828 3829 /* Determine which antennas are connected. */ 3830 sc->chainmask = sc->rxchainmask; 3831 for (i = 0; i < 3; i++) 3832 if (val - calib->rssi[i] > 15 * 20) 3833 sc->chainmask &= ~(1 << i); 3834 DPRINTF(("RX chains mask: theoretical=0x%x, actual=0x%x\n", 3835 sc->rxchainmask, sc->chainmask)); 3836 3837 /* If none of the TX antennas are connected, keep at least one. */ 3838 if ((sc->chainmask & sc->txchainmask) == 0) 3839 sc->chainmask |= IWN_LSB(sc->txchainmask); 3840 3841 (void)ops->set_gains(sc); 3842 calib->state = IWN_CALIB_STATE_RUN; 3843 3844 #ifdef notyet 3845 /* XXX Disable RX chains with no antennas connected. */ 3846 sc->rxon.rxchain = htole16(IWN_RXCHAIN_SEL(sc->chainmask)); 3847 (void)iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, sc->rxonsz, 1); 3848 #endif 3849 3850 /* Enable power-saving mode if requested by user. */ 3851 if (sc->sc_ic.ic_flags & IEEE80211_F_PMGTON) 3852 (void)iwn_set_pslevel(sc, 0, 3, 1); 3853 } 3854 3855 static int 3856 iwn4965_init_gains(struct iwn_softc *sc) 3857 { 3858 struct iwn_phy_calib_gain cmd; 3859 3860 memset(&cmd, 0, sizeof cmd); 3861 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 3862 /* Differential gains initially set to 0 for all 3 antennas. */ 3863 DPRINTF(("setting initial differential gains\n")); 3864 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3865 } 3866 3867 static int 3868 iwn5000_init_gains(struct iwn_softc *sc) 3869 { 3870 struct iwn_phy_calib cmd; 3871 3872 memset(&cmd, 0, sizeof cmd); 3873 cmd.code = sc->reset_noise_gain; 3874 cmd.ngroups = 1; 3875 cmd.isvalid = 1; 3876 DPRINTF(("setting initial differential gains\n")); 3877 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3878 } 3879 3880 static int 3881 iwn4965_set_gains(struct iwn_softc *sc) 3882 { 3883 struct iwn_calib_state *calib = &sc->calib; 3884 struct iwn_phy_calib_gain cmd; 3885 int i, delta, noise; 3886 3887 /* Get minimal noise among connected antennas. */ 3888 noise = INT_MAX; /* NB: There's at least one antenna. */ 3889 for (i = 0; i < 3; i++) 3890 if (sc->chainmask & (1 << i)) 3891 noise = MIN(calib->noise[i], noise); 3892 3893 memset(&cmd, 0, sizeof cmd); 3894 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 3895 /* Set differential gains for connected antennas. */ 3896 for (i = 0; i < 3; i++) { 3897 if (sc->chainmask & (1 << i)) { 3898 /* Compute attenuation (in unit of 1.5dB). */ 3899 delta = (noise - (int32_t)calib->noise[i]) / 30; 3900 /* NB: delta <= 0 */ 3901 /* Limit to [-4.5dB,0]. */ 3902 cmd.gain[i] = MIN(abs(delta), 3); 3903 if (delta < 0) 3904 cmd.gain[i] |= 1 << 2; /* sign bit */ 3905 } 3906 } 3907 DPRINTF(("setting differential gains Ant A/B/C: %x/%x/%x (%x)\n", 3908 cmd.gain[0], cmd.gain[1], cmd.gain[2], sc->chainmask)); 3909 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3910 } 3911 3912 static int 3913 iwn5000_set_gains(struct iwn_softc *sc) 3914 { 3915 struct iwn_calib_state *calib = &sc->calib; 3916 struct iwn_phy_calib_gain cmd; 3917 int i, ant, div, delta; 3918 3919 /* We collected 20 beacons and !=6050 need a 1.5 factor. */ 3920 div = (sc->hw_type == IWN_HW_REV_TYPE_6050) ? 20 : 30; 3921 3922 memset(&cmd, 0, sizeof cmd); 3923 cmd.code = sc->noise_gain; 3924 cmd.ngroups = 1; 3925 cmd.isvalid = 1; 3926 /* Get first available RX antenna as referential. */ 3927 ant = IWN_LSB(sc->rxchainmask); 3928 /* Set differential gains for other antennas. */ 3929 for (i = ant + 1; i < 3; i++) { 3930 if (sc->chainmask & (1 << i)) { 3931 /* The delta is relative to antenna "ant". */ 3932 delta = ((int32_t)calib->noise[ant] - 3933 (int32_t)calib->noise[i]) / div; 3934 /* Limit to [-4.5dB,+4.5dB]. */ 3935 cmd.gain[i - 1] = MIN(abs(delta), 3); 3936 if (delta < 0) 3937 cmd.gain[i - 1] |= 1 << 2; /* sign bit */ 3938 } 3939 } 3940 DPRINTF(("setting differential gains: %x/%x (%x)\n", 3941 cmd.gain[0], cmd.gain[1], sc->chainmask)); 3942 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3943 } 3944 3945 /* 3946 * Tune RF RX sensitivity based on the number of false alarms detected 3947 * during the last beacon period. 3948 */ 3949 static void 3950 iwn_tune_sensitivity(struct iwn_softc *sc, const struct iwn_rx_stats *stats) 3951 { 3952 #define inc(val, inc, max) \ 3953 if ((val) < (max)) { \ 3954 if ((val) < (max) - (inc)) \ 3955 (val) += (inc); \ 3956 else \ 3957 (val) = (max); \ 3958 needs_update = 1; \ 3959 } 3960 #define dec(val, dec, min) \ 3961 if ((val) > (min)) { \ 3962 if ((val) > (min) + (dec)) \ 3963 (val) -= (dec); \ 3964 else \ 3965 (val) = (min); \ 3966 needs_update = 1; \ 3967 } 3968 3969 const struct iwn_sensitivity_limits *limits = sc->limits; 3970 struct iwn_calib_state *calib = &sc->calib; 3971 uint32_t val, rxena, fa; 3972 uint32_t energy[3], energy_min; 3973 uint8_t noise[3], noise_ref; 3974 int i, needs_update = 0; 3975 3976 /* Check that we've been enabled long enough. */ 3977 if ((rxena = le32toh(stats->general.load)) == 0) 3978 return; 3979 3980 /* Compute number of false alarms since last call for OFDM. */ 3981 fa = le32toh(stats->ofdm.bad_plcp) - calib->bad_plcp_ofdm; 3982 fa += le32toh(stats->ofdm.fa) - calib->fa_ofdm; 3983 fa *= 200 * 1024; /* 200TU */ 3984 3985 /* Save counters values for next call. */ 3986 calib->bad_plcp_ofdm = le32toh(stats->ofdm.bad_plcp); 3987 calib->fa_ofdm = le32toh(stats->ofdm.fa); 3988 3989 if (fa > 50 * rxena) { 3990 /* High false alarm count, decrease sensitivity. */ 3991 DPRINTFN(2, ("OFDM high false alarm count: %u\n", fa)); 3992 inc(calib->ofdm_x1, 1, limits->max_ofdm_x1); 3993 inc(calib->ofdm_mrc_x1, 1, limits->max_ofdm_mrc_x1); 3994 inc(calib->ofdm_x4, 1, limits->max_ofdm_x4); 3995 inc(calib->ofdm_mrc_x4, 1, limits->max_ofdm_mrc_x4); 3996 3997 } else if (fa < 5 * rxena) { 3998 /* Low false alarm count, increase sensitivity. */ 3999 DPRINTFN(2, ("OFDM low false alarm count: %u\n", fa)); 4000 dec(calib->ofdm_x1, 1, limits->min_ofdm_x1); 4001 dec(calib->ofdm_mrc_x1, 1, limits->min_ofdm_mrc_x1); 4002 dec(calib->ofdm_x4, 1, limits->min_ofdm_x4); 4003 dec(calib->ofdm_mrc_x4, 1, limits->min_ofdm_mrc_x4); 4004 } 4005 4006 /* Compute maximum noise among 3 receivers. */ 4007 for (i = 0; i < 3; i++) 4008 noise[i] = (le32toh(stats->general.noise[i]) >> 8) & 0xff; 4009 val = MAX(noise[0], noise[1]); 4010 val = MAX(noise[2], val); 4011 /* Insert it into our samples table. */ 4012 calib->noise_samples[calib->cur_noise_sample] = val; 4013 calib->cur_noise_sample = (calib->cur_noise_sample + 1) % 20; 4014 4015 /* Compute maximum noise among last 20 samples. */ 4016 noise_ref = calib->noise_samples[0]; 4017 for (i = 1; i < 20; i++) 4018 noise_ref = MAX(noise_ref, calib->noise_samples[i]); 4019 4020 /* Compute maximum energy among 3 receivers. */ 4021 for (i = 0; i < 3; i++) 4022 energy[i] = le32toh(stats->general.energy[i]); 4023 val = MIN(energy[0], energy[1]); 4024 val = MIN(energy[2], val); 4025 /* Insert it into our samples table. */ 4026 calib->energy_samples[calib->cur_energy_sample] = val; 4027 calib->cur_energy_sample = (calib->cur_energy_sample + 1) % 10; 4028 4029 /* Compute minimum energy among last 10 samples. */ 4030 energy_min = calib->energy_samples[0]; 4031 for (i = 1; i < 10; i++) 4032 energy_min = MAX(energy_min, calib->energy_samples[i]); 4033 energy_min += 6; 4034 4035 /* Compute number of false alarms since last call for CCK. */ 4036 fa = le32toh(stats->cck.bad_plcp) - calib->bad_plcp_cck; 4037 fa += le32toh(stats->cck.fa) - calib->fa_cck; 4038 fa *= 200 * 1024; /* 200TU */ 4039 4040 /* Save counters values for next call. */ 4041 calib->bad_plcp_cck = le32toh(stats->cck.bad_plcp); 4042 calib->fa_cck = le32toh(stats->cck.fa); 4043 4044 if (fa > 50 * rxena) { 4045 /* High false alarm count, decrease sensitivity. */ 4046 DPRINTFN(2, ("CCK high false alarm count: %u\n", fa)); 4047 calib->cck_state = IWN_CCK_STATE_HIFA; 4048 calib->low_fa = 0; 4049 4050 if (calib->cck_x4 > 160) { 4051 calib->noise_ref = noise_ref; 4052 if (calib->energy_cck > 2) 4053 dec(calib->energy_cck, 2, energy_min); 4054 } 4055 if (calib->cck_x4 < 160) { 4056 calib->cck_x4 = 161; 4057 needs_update = 1; 4058 } else 4059 inc(calib->cck_x4, 3, limits->max_cck_x4); 4060 4061 inc(calib->cck_mrc_x4, 3, limits->max_cck_mrc_x4); 4062 4063 } else if (fa < 5 * rxena) { 4064 /* Low false alarm count, increase sensitivity. */ 4065 DPRINTFN(2, ("CCK low false alarm count: %u\n", fa)); 4066 calib->cck_state = IWN_CCK_STATE_LOFA; 4067 calib->low_fa++; 4068 4069 if (calib->cck_state != IWN_CCK_STATE_INIT && 4070 (((int32_t)calib->noise_ref - (int32_t)noise_ref) > 2 || 4071 calib->low_fa > 100)) { 4072 inc(calib->energy_cck, 2, limits->min_energy_cck); 4073 dec(calib->cck_x4, 3, limits->min_cck_x4); 4074 dec(calib->cck_mrc_x4, 3, limits->min_cck_mrc_x4); 4075 } 4076 } else { 4077 /* Not worth to increase or decrease sensitivity. */ 4078 DPRINTFN(2, ("CCK normal false alarm count: %u\n", fa)); 4079 calib->low_fa = 0; 4080 calib->noise_ref = noise_ref; 4081 4082 if (calib->cck_state == IWN_CCK_STATE_HIFA) { 4083 /* Previous interval had many false alarms. */ 4084 dec(calib->energy_cck, 8, energy_min); 4085 } 4086 calib->cck_state = IWN_CCK_STATE_INIT; 4087 } 4088 4089 if (needs_update) 4090 (void)iwn_send_sensitivity(sc); 4091 #undef dec 4092 #undef inc 4093 } 4094 4095 static int 4096 iwn_send_sensitivity(struct iwn_softc *sc) 4097 { 4098 struct iwn_calib_state *calib = &sc->calib; 4099 struct iwn_enhanced_sensitivity_cmd cmd; 4100 int len; 4101 4102 memset(&cmd, 0, sizeof cmd); 4103 len = sizeof (struct iwn_sensitivity_cmd); 4104 cmd.which = IWN_SENSITIVITY_WORKTBL; 4105 /* OFDM modulation. */ 4106 cmd.corr_ofdm_x1 = htole16(calib->ofdm_x1); 4107 cmd.corr_ofdm_mrc_x1 = htole16(calib->ofdm_mrc_x1); 4108 cmd.corr_ofdm_x4 = htole16(calib->ofdm_x4); 4109 cmd.corr_ofdm_mrc_x4 = htole16(calib->ofdm_mrc_x4); 4110 cmd.energy_ofdm = htole16(sc->limits->energy_ofdm); 4111 cmd.energy_ofdm_th = htole16(62); 4112 /* CCK modulation. */ 4113 cmd.corr_cck_x4 = htole16(calib->cck_x4); 4114 cmd.corr_cck_mrc_x4 = htole16(calib->cck_mrc_x4); 4115 cmd.energy_cck = htole16(calib->energy_cck); 4116 /* Barker modulation: use default values. */ 4117 cmd.corr_barker = htole16(190); 4118 cmd.corr_barker_mrc = htole16(390); 4119 if (!(sc->sc_flags & IWN_FLAG_ENH_SENS)) 4120 goto send; 4121 /* Enhanced sensitivity settings. */ 4122 len = sizeof (struct iwn_enhanced_sensitivity_cmd); 4123 cmd.ofdm_det_slope_mrc = htole16(668); 4124 cmd.ofdm_det_icept_mrc = htole16(4); 4125 cmd.ofdm_det_slope = htole16(486); 4126 cmd.ofdm_det_icept = htole16(37); 4127 cmd.cck_det_slope_mrc = htole16(853); 4128 cmd.cck_det_icept_mrc = htole16(4); 4129 cmd.cck_det_slope = htole16(476); 4130 cmd.cck_det_icept = htole16(99); 4131 send: 4132 DPRINTFN(2, ("setting sensitivity %d/%d/%d/%d/%d/%d/%d\n", 4133 calib->ofdm_x1, calib->ofdm_mrc_x1, calib->ofdm_x4, 4134 calib->ofdm_mrc_x4, calib->cck_x4, calib->cck_mrc_x4, 4135 calib->energy_cck)); 4136 return iwn_cmd(sc, IWN_CMD_SET_SENSITIVITY, &cmd, len, 1); 4137 } 4138 4139 /* 4140 * Set STA mode power saving level (between 0 and 5). 4141 * Level 0 is CAM (Continuously Aware Mode), 5 is for maximum power saving. 4142 */ 4143 static int 4144 iwn_set_pslevel(struct iwn_softc *sc, int dtim, int level, int async) 4145 { 4146 struct iwn_pmgt_cmd cmd; 4147 const struct iwn_pmgt *pmgt; 4148 uint32_t maxp, skip_dtim; 4149 pcireg_t reg; 4150 int i; 4151 4152 /* Select which PS parameters to use. */ 4153 if (dtim <= 2) 4154 pmgt = &iwn_pmgt[0][level]; 4155 else if (dtim <= 10) 4156 pmgt = &iwn_pmgt[1][level]; 4157 else 4158 pmgt = &iwn_pmgt[2][level]; 4159 4160 memset(&cmd, 0, sizeof cmd); 4161 if (level != 0) /* not CAM */ 4162 cmd.flags |= htole16(IWN_PS_ALLOW_SLEEP); 4163 if (level == 5) 4164 cmd.flags |= htole16(IWN_PS_FAST_PD); 4165 /* Retrieve PCIe Active State Power Management (ASPM). */ 4166 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 4167 sc->sc_cap_off + PCIE_LCSR); 4168 if (!(reg & PCIE_LCSR_ASPM_L0S)) /* L0s Entry disabled. */ 4169 cmd.flags |= htole16(IWN_PS_PCI_PMGT); 4170 cmd.rxtimeout = htole32(pmgt->rxtimeout * 1024); 4171 cmd.txtimeout = htole32(pmgt->txtimeout * 1024); 4172 4173 if (dtim == 0) { 4174 dtim = 1; 4175 skip_dtim = 0; 4176 } else 4177 skip_dtim = pmgt->skip_dtim; 4178 if (skip_dtim != 0) { 4179 cmd.flags |= htole16(IWN_PS_SLEEP_OVER_DTIM); 4180 maxp = pmgt->intval[4]; 4181 if (maxp == (uint32_t)-1) 4182 maxp = dtim * (skip_dtim + 1); 4183 else if (maxp > dtim) 4184 maxp = (maxp / dtim) * dtim; 4185 } else 4186 maxp = dtim; 4187 for (i = 0; i < 5; i++) 4188 cmd.intval[i] = htole32(MIN(maxp, pmgt->intval[i])); 4189 4190 DPRINTF(("setting power saving level to %d\n", level)); 4191 return iwn_cmd(sc, IWN_CMD_SET_POWER_MODE, &cmd, sizeof cmd, async); 4192 } 4193 4194 int 4195 iwn5000_runtime_calib(struct iwn_softc *sc) 4196 { 4197 struct iwn5000_calib_config cmd; 4198 4199 memset(&cmd, 0, sizeof cmd); 4200 cmd.ucode.once.enable = 0xffffffff; 4201 cmd.ucode.once.start = IWN5000_CALIB_DC; 4202 DPRINTF(("configuring runtime calibration\n")); 4203 return iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof(cmd), 0); 4204 } 4205 4206 static int 4207 iwn_config_bt_coex_bluetooth(struct iwn_softc *sc) 4208 { 4209 struct iwn_bluetooth bluetooth; 4210 4211 memset(&bluetooth, 0, sizeof bluetooth); 4212 bluetooth.flags = IWN_BT_COEX_ENABLE; 4213 bluetooth.lead_time = IWN_BT_LEAD_TIME_DEF; 4214 bluetooth.max_kill = IWN_BT_MAX_KILL_DEF; 4215 4216 DPRINTF(("configuring bluetooth coexistence\n")); 4217 return iwn_cmd(sc, IWN_CMD_BT_COEX, &bluetooth, sizeof bluetooth, 0); 4218 } 4219 4220 static int 4221 iwn_config_bt_coex_prio_table(struct iwn_softc *sc) 4222 { 4223 uint8_t prio_table[16]; 4224 4225 memset(&prio_table, 0, sizeof prio_table); 4226 prio_table[ 0] = 6; /* init calibration 1 */ 4227 prio_table[ 1] = 7; /* init calibration 2 */ 4228 prio_table[ 2] = 2; /* periodic calib low 1 */ 4229 prio_table[ 3] = 3; /* periodic calib low 2 */ 4230 prio_table[ 4] = 4; /* periodic calib high 1 */ 4231 prio_table[ 5] = 5; /* periodic calib high 2 */ 4232 prio_table[ 6] = 6; /* dtim */ 4233 prio_table[ 7] = 8; /* scan52 */ 4234 prio_table[ 8] = 10; /* scan24 */ 4235 4236 DPRINTF(("sending priority lookup table\n")); 4237 return iwn_cmd(sc, IWN_CMD_BT_COEX_PRIO_TABLE, 4238 &prio_table, sizeof prio_table, 0); 4239 } 4240 4241 static int 4242 iwn_config_bt_coex_adv_config(struct iwn_softc *sc, struct iwn_bt_basic *basic, 4243 size_t len) 4244 { 4245 struct iwn_btcoex_prot btprot; 4246 int error; 4247 4248 basic->bt.flags = IWN_BT_COEX_ENABLE; 4249 basic->bt.lead_time = IWN_BT_LEAD_TIME_DEF; 4250 basic->bt.max_kill = IWN_BT_MAX_KILL_DEF; 4251 basic->bt.bt3_timer_t7_value = IWN_BT_BT3_T7_DEF; 4252 basic->bt.kill_ack_mask = IWN_BT_KILL_ACK_MASK_DEF; 4253 basic->bt.kill_cts_mask = IWN_BT_KILL_CTS_MASK_DEF; 4254 basic->bt3_prio_sample_time = IWN_BT_BT3_PRIO_SAMPLE_DEF; 4255 basic->bt3_timer_t2_value = IWN_BT_BT3_T2_DEF; 4256 basic->bt3_lookup_table[ 0] = htole32(0xaaaaaaaa); /* Normal */ 4257 basic->bt3_lookup_table[ 1] = htole32(0xaaaaaaaa); 4258 basic->bt3_lookup_table[ 2] = htole32(0xaeaaaaaa); 4259 basic->bt3_lookup_table[ 3] = htole32(0xaaaaaaaa); 4260 basic->bt3_lookup_table[ 4] = htole32(0xcc00ff28); 4261 basic->bt3_lookup_table[ 5] = htole32(0x0000aaaa); 4262 basic->bt3_lookup_table[ 6] = htole32(0xcc00aaaa); 4263 basic->bt3_lookup_table[ 7] = htole32(0x0000aaaa); 4264 basic->bt3_lookup_table[ 8] = htole32(0xc0004000); 4265 basic->bt3_lookup_table[ 9] = htole32(0x00004000); 4266 basic->bt3_lookup_table[10] = htole32(0xf0005000); 4267 basic->bt3_lookup_table[11] = htole32(0xf0005000); 4268 basic->reduce_txpower = 0; /* as not implemented */ 4269 basic->valid = IWN_BT_ALL_VALID_MASK; 4270 4271 DPRINTF(("configuring advanced bluetooth coexistence v1\n")); 4272 error = iwn_cmd(sc, IWN_CMD_BT_COEX, basic, len, 0); 4273 if (error != 0) { 4274 aprint_error_dev(sc->sc_dev, 4275 "could not configure advanced bluetooth coexistence\n"); 4276 return error; 4277 } 4278 4279 error = iwn_config_bt_coex_prio_table(sc); 4280 if (error != 0) { 4281 aprint_error_dev(sc->sc_dev, 4282 "could not configure send BT priority table\n"); 4283 return error; 4284 } 4285 4286 /* Force BT state machine change */ 4287 memset(&btprot, 0, sizeof btprot); 4288 btprot.open = 1; 4289 btprot.type = 1; 4290 error = iwn_cmd(sc, IWN_CMD_BT_COEX_PROT, &btprot, sizeof btprot, 1); 4291 if (error != 0) { 4292 aprint_error_dev(sc->sc_dev, "could not open BT protcol\n"); 4293 return error; 4294 } 4295 4296 btprot.open = 0; 4297 error = iwn_cmd(sc, IWN_CMD_BT_COEX_PROT, &btprot, sizeof btprot, 1); 4298 if (error != 0) { 4299 aprint_error_dev(sc->sc_dev, "could not close BT protcol\n"); 4300 return error; 4301 } 4302 return 0; 4303 } 4304 4305 static int 4306 iwn_config_bt_coex_adv1(struct iwn_softc *sc) 4307 { 4308 struct iwn_bt_adv1 d; 4309 4310 memset(&d, 0, sizeof d); 4311 d.prio_boost = IWN_BT_PRIO_BOOST_DEF; 4312 d.tx_prio_boost = 0; 4313 d.rx_prio_boost = 0; 4314 return iwn_config_bt_coex_adv_config(sc, &d.basic, sizeof d); 4315 } 4316 4317 static int 4318 iwn_config_bt_coex_adv2(struct iwn_softc *sc) 4319 { 4320 struct iwn_bt_adv2 d; 4321 4322 memset(&d, 0, sizeof d); 4323 d.prio_boost = IWN_BT_PRIO_BOOST_DEF; 4324 d.tx_prio_boost = 0; 4325 d.rx_prio_boost = 0; 4326 return iwn_config_bt_coex_adv_config(sc, &d.basic, sizeof d); 4327 } 4328 4329 static int 4330 iwn_config(struct iwn_softc *sc) 4331 { 4332 struct iwn_ops *ops = &sc->ops; 4333 struct ieee80211com *ic = &sc->sc_ic; 4334 struct ifnet *ifp = ic->ic_ifp; 4335 uint32_t txmask; 4336 uint16_t rxchain; 4337 int error; 4338 4339 error = ops->config_bt_coex(sc); 4340 if (error != 0) { 4341 aprint_error_dev(sc->sc_dev, 4342 "could not configure bluetooth coexistence\n"); 4343 return error; 4344 } 4345 4346 /* Set radio temperature sensor offset. */ 4347 if (sc->hw_type == IWN_HW_REV_TYPE_6005) { 4348 error = iwn6000_temp_offset_calib(sc); 4349 if (error != 0) { 4350 aprint_error_dev(sc->sc_dev, 4351 "could not set temperature offset\n"); 4352 return error; 4353 } 4354 } 4355 4356 if (sc->hw_type == IWN_HW_REV_TYPE_2030 || 4357 sc->hw_type == IWN_HW_REV_TYPE_2000 || 4358 sc->hw_type == IWN_HW_REV_TYPE_135 || 4359 sc->hw_type == IWN_HW_REV_TYPE_105) { 4360 error = iwn2000_temp_offset_calib(sc); 4361 if (error != 0) { 4362 aprint_error_dev(sc->sc_dev, 4363 "could not set temperature offset\n"); 4364 return error; 4365 } 4366 } 4367 4368 if (sc->hw_type == IWN_HW_REV_TYPE_6050 || 4369 sc->hw_type == IWN_HW_REV_TYPE_6005) { 4370 /* Configure runtime DC calibration. */ 4371 error = iwn5000_runtime_calib(sc); 4372 if (error != 0) { 4373 aprint_error_dev(sc->sc_dev, 4374 "could not configure runtime calibration\n"); 4375 return error; 4376 } 4377 } 4378 4379 /* Configure valid TX chains for 5000 Series. */ 4380 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4381 txmask = htole32(sc->txchainmask); 4382 DPRINTF(("configuring valid TX chains 0x%x\n", txmask)); 4383 error = iwn_cmd(sc, IWN5000_CMD_TX_ANT_CONFIG, &txmask, 4384 sizeof txmask, 0); 4385 if (error != 0) { 4386 aprint_error_dev(sc->sc_dev, 4387 "could not configure valid TX chains\n"); 4388 return error; 4389 } 4390 } 4391 4392 /* Set mode, channel, RX filter and enable RX. */ 4393 memset(&sc->rxon, 0, sizeof (struct iwn_rxon)); 4394 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 4395 IEEE80211_ADDR_COPY(sc->rxon.myaddr, ic->ic_myaddr); 4396 IEEE80211_ADDR_COPY(sc->rxon.wlap, ic->ic_myaddr); 4397 sc->rxon.chan = ieee80211_chan2ieee(ic, ic->ic_ibss_chan); 4398 sc->rxon.flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 4399 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_ibss_chan)) 4400 sc->rxon.flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 4401 switch (ic->ic_opmode) { 4402 case IEEE80211_M_STA: 4403 sc->rxon.mode = IWN_MODE_STA; 4404 sc->rxon.filter = htole32(IWN_FILTER_MULTICAST); 4405 break; 4406 case IEEE80211_M_MONITOR: 4407 sc->rxon.mode = IWN_MODE_MONITOR; 4408 sc->rxon.filter = htole32(IWN_FILTER_MULTICAST | 4409 IWN_FILTER_CTL | IWN_FILTER_PROMISC); 4410 break; 4411 default: 4412 /* Should not get there. */ 4413 break; 4414 } 4415 sc->rxon.cck_mask = 0x0f; /* not yet negotiated */ 4416 sc->rxon.ofdm_mask = 0xff; /* not yet negotiated */ 4417 sc->rxon.ht_single_mask = 0xff; 4418 sc->rxon.ht_dual_mask = 0xff; 4419 sc->rxon.ht_triple_mask = 0xff; 4420 rxchain = 4421 IWN_RXCHAIN_VALID(sc->rxchainmask) | 4422 IWN_RXCHAIN_MIMO_COUNT(2) | 4423 IWN_RXCHAIN_IDLE_COUNT(2); 4424 sc->rxon.rxchain = htole16(rxchain); 4425 DPRINTF(("setting configuration\n")); 4426 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, sc->rxonsz, 0); 4427 if (error != 0) { 4428 aprint_error_dev(sc->sc_dev, 4429 "RXON command failed\n"); 4430 return error; 4431 } 4432 4433 if ((error = iwn_add_broadcast_node(sc, 0)) != 0) { 4434 aprint_error_dev(sc->sc_dev, 4435 "could not add broadcast node\n"); 4436 return error; 4437 } 4438 4439 /* Configuration has changed, set TX power accordingly. */ 4440 if ((error = ops->set_txpower(sc, 0)) != 0) { 4441 aprint_error_dev(sc->sc_dev, 4442 "could not set TX power\n"); 4443 return error; 4444 } 4445 4446 if ((error = iwn_set_critical_temp(sc)) != 0) { 4447 aprint_error_dev(sc->sc_dev, 4448 "could not set critical temperature\n"); 4449 return error; 4450 } 4451 4452 /* Set power saving level to CAM during initialization. */ 4453 if ((error = iwn_set_pslevel(sc, 0, 0, 0)) != 0) { 4454 aprint_error_dev(sc->sc_dev, 4455 "could not set power saving level\n"); 4456 return error; 4457 } 4458 return 0; 4459 } 4460 4461 static uint16_t 4462 iwn_get_active_dwell_time(struct iwn_softc *sc, uint16_t flags, 4463 uint8_t n_probes) 4464 { 4465 /* No channel? Default to 2GHz settings */ 4466 if (flags & IEEE80211_CHAN_2GHZ) 4467 return IWN_ACTIVE_DWELL_TIME_2GHZ + 4468 IWN_ACTIVE_DWELL_FACTOR_2GHZ * (n_probes + 1); 4469 4470 /* 5GHz dwell time */ 4471 return IWN_ACTIVE_DWELL_TIME_5GHZ + 4472 IWN_ACTIVE_DWELL_FACTOR_5GHZ * (n_probes + 1); 4473 } 4474 4475 /* 4476 * Limit the total dwell time to 85% of the beacon interval. 4477 * 4478 * Returns the dwell time in milliseconds. 4479 */ 4480 static uint16_t 4481 iwn_limit_dwell(struct iwn_softc *sc, uint16_t dwell_time) 4482 { 4483 struct ieee80211com *ic = &sc->sc_ic; 4484 struct ieee80211_node *ni = ic->ic_bss; 4485 int bintval = 0; 4486 4487 /* bintval is in TU (1.024mS) */ 4488 if (ni != NULL) 4489 bintval = ni->ni_intval; 4490 4491 /* 4492 * If it's non-zero, we should calculate the minimum of 4493 * it and the DWELL_BASE. 4494 * 4495 * XXX Yes, the math should take into account that bintval 4496 * is 1.024mS, not 1mS.. 4497 */ 4498 if (bintval > 0) 4499 return MIN(IWN_PASSIVE_DWELL_BASE, ((bintval * 85) / 100)); 4500 4501 /* No association context? Default */ 4502 return IWN_PASSIVE_DWELL_BASE; 4503 } 4504 4505 static uint16_t 4506 iwn_get_passive_dwell_time(struct iwn_softc *sc, uint16_t flags) 4507 { 4508 uint16_t passive; 4509 if (flags & IEEE80211_CHAN_2GHZ) 4510 passive = IWN_PASSIVE_DWELL_BASE + IWN_PASSIVE_DWELL_TIME_2GHZ; 4511 else 4512 passive = IWN_PASSIVE_DWELL_BASE + IWN_PASSIVE_DWELL_TIME_5GHZ; 4513 4514 /* Clamp to the beacon interval if we're associated */ 4515 return iwn_limit_dwell(sc, passive); 4516 } 4517 4518 static int 4519 iwn_scan(struct iwn_softc *sc, uint16_t flags) 4520 { 4521 struct ieee80211com *ic = &sc->sc_ic; 4522 struct iwn_scan_hdr *hdr; 4523 struct iwn_cmd_data *tx; 4524 struct iwn_scan_essid *essid; 4525 struct iwn_scan_chan *chan; 4526 struct ieee80211_frame *wh; 4527 struct ieee80211_rateset *rs; 4528 struct ieee80211_channel *c; 4529 uint8_t *buf, *frm; 4530 uint16_t rxchain, dwell_active, dwell_passive; 4531 uint8_t txant; 4532 int buflen, error, is_active; 4533 4534 buf = malloc(IWN_SCAN_MAXSZ, M_DEVBUF, M_NOWAIT | M_ZERO); 4535 if (buf == NULL) { 4536 aprint_error_dev(sc->sc_dev, 4537 "could not allocate buffer for scan command\n"); 4538 return ENOMEM; 4539 } 4540 hdr = (struct iwn_scan_hdr *)buf; 4541 /* 4542 * Move to the next channel if no frames are received within 10ms 4543 * after sending the probe request. 4544 */ 4545 hdr->quiet_time = htole16(10); /* timeout in milliseconds */ 4546 hdr->quiet_threshold = htole16(1); /* min # of packets */ 4547 4548 /* Select antennas for scanning. */ 4549 rxchain = 4550 IWN_RXCHAIN_VALID(sc->rxchainmask) | 4551 IWN_RXCHAIN_FORCE_MIMO_SEL(sc->rxchainmask) | 4552 IWN_RXCHAIN_DRIVER_FORCE; 4553 if ((flags & IEEE80211_CHAN_5GHZ) && 4554 sc->hw_type == IWN_HW_REV_TYPE_4965) { 4555 /* Ant A must be avoided in 5GHz because of an HW bug. */ 4556 rxchain |= IWN_RXCHAIN_FORCE_SEL(IWN_ANT_BC); 4557 } else /* Use all available RX antennas. */ 4558 rxchain |= IWN_RXCHAIN_FORCE_SEL(sc->rxchainmask); 4559 hdr->rxchain = htole16(rxchain); 4560 hdr->filter = htole32(IWN_FILTER_MULTICAST | IWN_FILTER_BEACON); 4561 4562 tx = (struct iwn_cmd_data *)(hdr + 1); 4563 tx->flags = htole32(IWN_TX_AUTO_SEQ); 4564 tx->id = sc->broadcast_id; 4565 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 4566 4567 if (flags & IEEE80211_CHAN_5GHZ) { 4568 hdr->crc_threshold = 0xffff; 4569 /* Send probe requests at 6Mbps. */ 4570 tx->plcp = iwn_rates[IWN_RIDX_OFDM6].plcp; 4571 rs = &ic->ic_sup_rates[IEEE80211_MODE_11A]; 4572 } else { 4573 hdr->flags = htole32(IWN_RXON_24GHZ | IWN_RXON_AUTO); 4574 /* Send probe requests at 1Mbps. */ 4575 tx->plcp = iwn_rates[IWN_RIDX_CCK1].plcp; 4576 tx->rflags = IWN_RFLAG_CCK; 4577 rs = &ic->ic_sup_rates[IEEE80211_MODE_11G]; 4578 } 4579 /* Use the first valid TX antenna. */ 4580 txant = IWN_LSB(sc->txchainmask); 4581 tx->rflags |= IWN_RFLAG_ANT(txant); 4582 4583 /* 4584 * Only do active scanning if we're announcing a probe request 4585 * for a given SSID (or more, if we ever add it to the driver.) 4586 */ 4587 is_active = 0; 4588 4589 essid = (struct iwn_scan_essid *)(tx + 1); 4590 if (ic->ic_des_esslen != 0) { 4591 essid[0].id = IEEE80211_ELEMID_SSID; 4592 essid[0].len = ic->ic_des_esslen; 4593 memcpy(essid[0].data, ic->ic_des_essid, ic->ic_des_esslen); 4594 4595 is_active = 1; 4596 } 4597 /* 4598 * Build a probe request frame. Most of the following code is a 4599 * copy & paste of what is done in net80211. 4600 */ 4601 wh = (struct ieee80211_frame *)(essid + 20); 4602 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 4603 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 4604 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 4605 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 4606 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 4607 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 4608 *(uint16_t *)&wh->i_dur[0] = 0; /* filled by HW */ 4609 *(uint16_t *)&wh->i_seq[0] = 0; /* filled by HW */ 4610 4611 frm = (uint8_t *)(wh + 1); 4612 frm = ieee80211_add_ssid(frm, NULL, 0); 4613 frm = ieee80211_add_rates(frm, rs); 4614 #ifndef IEEE80211_NO_HT 4615 if (ic->ic_flags & IEEE80211_F_HTON) 4616 frm = ieee80211_add_htcaps(frm, ic); 4617 #endif 4618 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 4619 frm = ieee80211_add_xrates(frm, rs); 4620 4621 /* Set length of probe request. */ 4622 tx->len = htole16(frm - (uint8_t *)wh); 4623 4624 4625 /* 4626 * If active scanning is requested but a certain channel is 4627 * marked passive, we can do active scanning if we detect 4628 * transmissions. 4629 * 4630 * There is an issue with some firmware versions that triggers 4631 * a sysassert on a "good CRC threshold" of zero (== disabled), 4632 * on a radar channel even though this means that we should NOT 4633 * send probes. 4634 * 4635 * The "good CRC threshold" is the number of frames that we 4636 * need to receive during our dwell time on a channel before 4637 * sending out probes -- setting this to a huge value will 4638 * mean we never reach it, but at the same time work around 4639 * the aforementioned issue. Thus use IWN_GOOD_CRC_TH_NEVER 4640 * here instead of IWN_GOOD_CRC_TH_DISABLED. 4641 * 4642 * This was fixed in later versions along with some other 4643 * scan changes, and the threshold behaves as a flag in those 4644 * versions. 4645 */ 4646 4647 /* 4648 * If we're doing active scanning, set the crc_threshold 4649 * to a suitable value. This is different to active veruss 4650 * passive scanning depending upon the channel flags; the 4651 * firmware will obey that particular check for us. 4652 */ 4653 if (sc->tlv_feature_flags & IWN_UCODE_TLV_FLAGS_NEWSCAN) 4654 hdr->crc_threshold = is_active ? 4655 IWN_GOOD_CRC_TH_DEFAULT : IWN_GOOD_CRC_TH_DISABLED; 4656 else 4657 hdr->crc_threshold = is_active ? 4658 IWN_GOOD_CRC_TH_DEFAULT : IWN_GOOD_CRC_TH_NEVER; 4659 4660 chan = (struct iwn_scan_chan *)frm; 4661 for (c = &ic->ic_channels[1]; 4662 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 4663 if ((c->ic_flags & flags) != flags) 4664 continue; 4665 4666 chan->chan = htole16(ieee80211_chan2ieee(ic, c)); 4667 DPRINTFN(2, ("adding channel %d\n", chan->chan)); 4668 chan->flags = 0; 4669 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) 4670 chan->flags |= htole32(IWN_CHAN_ACTIVE); 4671 if (ic->ic_des_esslen != 0) 4672 chan->flags |= htole32(IWN_CHAN_NPBREQS(1)); 4673 4674 /* 4675 * Calculate the active/passive dwell times. 4676 */ 4677 4678 dwell_active = iwn_get_active_dwell_time(sc, flags, is_active); 4679 dwell_passive = iwn_get_passive_dwell_time(sc, flags); 4680 4681 /* Make sure they're valid */ 4682 if (dwell_passive <= dwell_active) 4683 dwell_passive = dwell_active + 1; 4684 4685 chan->active = htole16(dwell_active); 4686 chan->passive = htole16(dwell_passive); 4687 4688 chan->dsp_gain = 0x6e; 4689 if (IEEE80211_IS_CHAN_5GHZ(c)) { 4690 chan->rf_gain = 0x3b; 4691 } else { 4692 chan->rf_gain = 0x28; 4693 } 4694 hdr->nchan++; 4695 chan++; 4696 } 4697 4698 buflen = (uint8_t *)chan - buf; 4699 hdr->len = htole16(buflen); 4700 4701 DPRINTF(("sending scan command nchan=%d\n", hdr->nchan)); 4702 error = iwn_cmd(sc, IWN_CMD_SCAN, buf, buflen, 1); 4703 free(buf, M_DEVBUF); 4704 return error; 4705 } 4706 4707 static int 4708 iwn_auth(struct iwn_softc *sc) 4709 { 4710 struct iwn_ops *ops = &sc->ops; 4711 struct ieee80211com *ic = &sc->sc_ic; 4712 struct ieee80211_node *ni = ic->ic_bss; 4713 int error; 4714 4715 /* Update adapter configuration. */ 4716 IEEE80211_ADDR_COPY(sc->rxon.bssid, ni->ni_bssid); 4717 sc->rxon.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 4718 sc->rxon.flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 4719 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 4720 sc->rxon.flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 4721 if (ic->ic_flags & IEEE80211_F_SHSLOT) 4722 sc->rxon.flags |= htole32(IWN_RXON_SHSLOT); 4723 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 4724 sc->rxon.flags |= htole32(IWN_RXON_SHPREAMBLE); 4725 switch (ic->ic_curmode) { 4726 case IEEE80211_MODE_11A: 4727 sc->rxon.cck_mask = 0; 4728 sc->rxon.ofdm_mask = 0x15; 4729 break; 4730 case IEEE80211_MODE_11B: 4731 sc->rxon.cck_mask = 0x03; 4732 sc->rxon.ofdm_mask = 0; 4733 break; 4734 default: /* Assume 802.11b/g. */ 4735 sc->rxon.cck_mask = 0x0f; 4736 sc->rxon.ofdm_mask = 0x15; 4737 } 4738 DPRINTF(("rxon chan %d flags %x cck %x ofdm %x\n", sc->rxon.chan, 4739 sc->rxon.flags, sc->rxon.cck_mask, sc->rxon.ofdm_mask)); 4740 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, sc->rxonsz, 1); 4741 if (error != 0) { 4742 aprint_error_dev(sc->sc_dev, 4743 "RXON command failed\n"); 4744 return error; 4745 } 4746 4747 /* Configuration has changed, set TX power accordingly. */ 4748 if ((error = ops->set_txpower(sc, 1)) != 0) { 4749 aprint_error_dev(sc->sc_dev, 4750 "could not set TX power\n"); 4751 return error; 4752 } 4753 /* 4754 * Reconfiguring RXON clears the firmware nodes table so we must 4755 * add the broadcast node again. 4756 */ 4757 if ((error = iwn_add_broadcast_node(sc, 1)) != 0) { 4758 aprint_error_dev(sc->sc_dev, 4759 "could not add broadcast node\n"); 4760 return error; 4761 } 4762 return 0; 4763 } 4764 4765 static int 4766 iwn_run(struct iwn_softc *sc) 4767 { 4768 struct iwn_ops *ops = &sc->ops; 4769 struct ieee80211com *ic = &sc->sc_ic; 4770 struct ieee80211_node *ni = ic->ic_bss; 4771 struct iwn_node_info node; 4772 int error; 4773 4774 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 4775 /* Link LED blinks while monitoring. */ 4776 iwn_set_led(sc, IWN_LED_LINK, 5, 5); 4777 return 0; 4778 } 4779 if ((error = iwn_set_timing(sc, ni)) != 0) { 4780 aprint_error_dev(sc->sc_dev, 4781 "could not set timing\n"); 4782 return error; 4783 } 4784 4785 /* Update adapter configuration. */ 4786 sc->rxon.associd = htole16(IEEE80211_AID(ni->ni_associd)); 4787 /* Short preamble and slot time are negotiated when associating. */ 4788 sc->rxon.flags &= ~htole32(IWN_RXON_SHPREAMBLE | IWN_RXON_SHSLOT); 4789 if (ic->ic_flags & IEEE80211_F_SHSLOT) 4790 sc->rxon.flags |= htole32(IWN_RXON_SHSLOT); 4791 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 4792 sc->rxon.flags |= htole32(IWN_RXON_SHPREAMBLE); 4793 sc->rxon.filter |= htole32(IWN_FILTER_BSS); 4794 DPRINTF(("rxon chan %d flags %x\n", sc->rxon.chan, sc->rxon.flags)); 4795 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, sc->rxonsz, 1); 4796 if (error != 0) { 4797 aprint_error_dev(sc->sc_dev, 4798 "could not update configuration\n"); 4799 return error; 4800 } 4801 4802 /* Configuration has changed, set TX power accordingly. */ 4803 if ((error = ops->set_txpower(sc, 1)) != 0) { 4804 aprint_error_dev(sc->sc_dev, 4805 "could not set TX power\n"); 4806 return error; 4807 } 4808 4809 /* Fake a join to initialize the TX rate. */ 4810 ((struct iwn_node *)ni)->id = IWN_ID_BSS; 4811 iwn_newassoc(ni, 1); 4812 4813 /* Add BSS node. */ 4814 memset(&node, 0, sizeof node); 4815 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 4816 node.id = IWN_ID_BSS; 4817 #ifdef notyet 4818 node.htflags = htole32(IWN_AMDPU_SIZE_FACTOR(3) | 4819 IWN_AMDPU_DENSITY(5)); /* 2us */ 4820 #endif 4821 DPRINTF(("adding BSS node\n")); 4822 error = ops->add_node(sc, &node, 1); 4823 if (error != 0) { 4824 aprint_error_dev(sc->sc_dev, 4825 "could not add BSS node\n"); 4826 return error; 4827 } 4828 DPRINTF(("setting link quality for node %d\n", node.id)); 4829 if ((error = iwn_set_link_quality(sc, ni)) != 0) { 4830 aprint_error_dev(sc->sc_dev, 4831 "could not setup link quality for node %d\n", node.id); 4832 return error; 4833 } 4834 4835 if ((error = iwn_init_sensitivity(sc)) != 0) { 4836 aprint_error_dev(sc->sc_dev, 4837 "could not set sensitivity\n"); 4838 return error; 4839 } 4840 /* Start periodic calibration timer. */ 4841 sc->calib.state = IWN_CALIB_STATE_ASSOC; 4842 sc->calib_cnt = 0; 4843 callout_schedule(&sc->calib_to, hz/2); 4844 4845 /* Link LED always on while associated. */ 4846 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 4847 return 0; 4848 } 4849 4850 #ifdef IWN_HWCRYPTO 4851 /* 4852 * We support CCMP hardware encryption/decryption of unicast frames only. 4853 * HW support for TKIP really sucks. We should let TKIP die anyway. 4854 */ 4855 static int 4856 iwn_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 4857 struct ieee80211_key *k) 4858 { 4859 struct iwn_softc *sc = ic->ic_softc; 4860 struct iwn_ops *ops = &sc->ops; 4861 struct iwn_node *wn = (void *)ni; 4862 struct iwn_node_info node; 4863 uint16_t kflags; 4864 4865 if ((k->k_flags & IEEE80211_KEY_GROUP) || 4866 k->k_cipher != IEEE80211_CIPHER_CCMP) 4867 return ieee80211_set_key(ic, ni, k); 4868 4869 kflags = IWN_KFLAG_CCMP | IWN_KFLAG_MAP | IWN_KFLAG_KID(k->k_id); 4870 if (k->k_flags & IEEE80211_KEY_GROUP) 4871 kflags |= IWN_KFLAG_GROUP; 4872 4873 memset(&node, 0, sizeof node); 4874 node.id = (k->k_flags & IEEE80211_KEY_GROUP) ? 4875 sc->broadcast_id : wn->id; 4876 node.control = IWN_NODE_UPDATE; 4877 node.flags = IWN_FLAG_SET_KEY; 4878 node.kflags = htole16(kflags); 4879 node.kid = k->k_id; 4880 memcpy(node.key, k->k_key, k->k_len); 4881 DPRINTF(("set key id=%d for node %d\n", k->k_id, node.id)); 4882 return ops->add_node(sc, &node, 1); 4883 } 4884 4885 static void 4886 iwn_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 4887 struct ieee80211_key *k) 4888 { 4889 struct iwn_softc *sc = ic->ic_softc; 4890 struct iwn_ops *ops = &sc->ops; 4891 struct iwn_node *wn = (void *)ni; 4892 struct iwn_node_info node; 4893 4894 if ((k->k_flags & IEEE80211_KEY_GROUP) || 4895 k->k_cipher != IEEE80211_CIPHER_CCMP) { 4896 /* See comment about other ciphers above. */ 4897 ieee80211_delete_key(ic, ni, k); 4898 return; 4899 } 4900 if (ic->ic_state != IEEE80211_S_RUN) 4901 return; /* Nothing to do. */ 4902 memset(&node, 0, sizeof node); 4903 node.id = (k->k_flags & IEEE80211_KEY_GROUP) ? 4904 sc->broadcast_id : wn->id; 4905 node.control = IWN_NODE_UPDATE; 4906 node.flags = IWN_FLAG_SET_KEY; 4907 node.kflags = htole16(IWN_KFLAG_INVALID); 4908 node.kid = 0xff; 4909 DPRINTF(("delete keys for node %d\n", node.id)); 4910 (void)ops->add_node(sc, &node, 1); 4911 } 4912 #endif 4913 4914 /* XXX Added for NetBSD (copied from rev 1.39). */ 4915 4916 static int 4917 iwn_wme_update(struct ieee80211com *ic) 4918 { 4919 #define IWN_EXP2(v) htole16((1 << (v)) - 1) 4920 #define IWN_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 4921 struct iwn_softc *sc = ic->ic_ifp->if_softc; 4922 const struct wmeParams *wmep; 4923 struct iwn_edca_params cmd; 4924 int ac; 4925 4926 /* don't override default WME values if WME is not actually enabled */ 4927 if (!(ic->ic_flags & IEEE80211_F_WME)) 4928 return 0; 4929 cmd.flags = 0; 4930 for (ac = 0; ac < WME_NUM_AC; ac++) { 4931 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 4932 cmd.ac[ac].aifsn = wmep->wmep_aifsn; 4933 cmd.ac[ac].cwmin = IWN_EXP2(wmep->wmep_logcwmin); 4934 cmd.ac[ac].cwmax = IWN_EXP2(wmep->wmep_logcwmax); 4935 cmd.ac[ac].txoplimit = IWN_USEC(wmep->wmep_txopLimit); 4936 4937 DPRINTF(("setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d " 4938 "txop=%d\n", ac, cmd.ac[ac].aifsn, 4939 cmd.ac[ac].cwmin, 4940 cmd.ac[ac].cwmax, cmd.ac[ac].txoplimit)); 4941 } 4942 return iwn_cmd(sc, IWN_CMD_EDCA_PARAMS, &cmd, sizeof cmd, 1); 4943 #undef IWN_USEC 4944 #undef IWN_EXP2 4945 } 4946 4947 #ifndef IEEE80211_NO_HT 4948 /* 4949 * This function is called by upper layer when an ADDBA request is received 4950 * from another STA and before the ADDBA response is sent. 4951 */ 4952 static int 4953 iwn_ampdu_rx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 4954 uint8_t tid) 4955 { 4956 struct ieee80211_rx_ba *ba = &ni->ni_rx_ba[tid]; 4957 struct iwn_softc *sc = ic->ic_softc; 4958 struct iwn_ops *ops = &sc->ops; 4959 struct iwn_node *wn = (void *)ni; 4960 struct iwn_node_info node; 4961 4962 memset(&node, 0, sizeof node); 4963 node.id = wn->id; 4964 node.control = IWN_NODE_UPDATE; 4965 node.flags = IWN_FLAG_SET_ADDBA; 4966 node.addba_tid = tid; 4967 node.addba_ssn = htole16(ba->ba_winstart); 4968 DPRINTFN(2, ("ADDBA RA=%d TID=%d SSN=%d\n", wn->id, tid, 4969 ba->ba_winstart)); 4970 return ops->add_node(sc, &node, 1); 4971 } 4972 4973 /* 4974 * This function is called by upper layer on teardown of an HT-immediate 4975 * Block Ack agreement (eg. uppon receipt of a DELBA frame). 4976 */ 4977 static void 4978 iwn_ampdu_rx_stop(struct ieee80211com *ic, struct ieee80211_node *ni, 4979 uint8_t tid) 4980 { 4981 struct iwn_softc *sc = ic->ic_softc; 4982 struct iwn_ops *ops = &sc->ops; 4983 struct iwn_node *wn = (void *)ni; 4984 struct iwn_node_info node; 4985 4986 memset(&node, 0, sizeof node); 4987 node.id = wn->id; 4988 node.control = IWN_NODE_UPDATE; 4989 node.flags = IWN_FLAG_SET_DELBA; 4990 node.delba_tid = tid; 4991 DPRINTFN(2, ("DELBA RA=%d TID=%d\n", wn->id, tid)); 4992 (void)ops->add_node(sc, &node, 1); 4993 } 4994 4995 /* 4996 * This function is called by upper layer when an ADDBA response is received 4997 * from another STA. 4998 */ 4999 static int 5000 iwn_ampdu_tx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 5001 uint8_t tid) 5002 { 5003 struct ieee80211_tx_ba *ba = &ni->ni_tx_ba[tid]; 5004 struct iwn_softc *sc = ic->ic_softc; 5005 struct iwn_ops *ops = &sc->ops; 5006 struct iwn_node *wn = (void *)ni; 5007 struct iwn_node_info node; 5008 int error; 5009 5010 /* Enable TX for the specified RA/TID. */ 5011 wn->disable_tid &= ~(1 << tid); 5012 memset(&node, 0, sizeof node); 5013 node.id = wn->id; 5014 node.control = IWN_NODE_UPDATE; 5015 node.flags = IWN_FLAG_SET_DISABLE_TID; 5016 node.disable_tid = htole16(wn->disable_tid); 5017 error = ops->add_node(sc, &node, 1); 5018 if (error != 0) 5019 return error; 5020 5021 if ((error = iwn_nic_lock(sc)) != 0) 5022 return error; 5023 ops->ampdu_tx_start(sc, ni, tid, ba->ba_winstart); 5024 iwn_nic_unlock(sc); 5025 return 0; 5026 } 5027 5028 static void 5029 iwn_ampdu_tx_stop(struct ieee80211com *ic, struct ieee80211_node *ni, 5030 uint8_t tid) 5031 { 5032 struct ieee80211_tx_ba *ba = &ni->ni_tx_ba[tid]; 5033 struct iwn_softc *sc = ic->ic_softc; 5034 struct iwn_ops *ops = &sc->ops; 5035 5036 if (iwn_nic_lock(sc) != 0) 5037 return; 5038 ops->ampdu_tx_stop(sc, tid, ba->ba_winstart); 5039 iwn_nic_unlock(sc); 5040 } 5041 5042 static void 5043 iwn4965_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 5044 uint8_t tid, uint16_t ssn) 5045 { 5046 struct iwn_node *wn = (void *)ni; 5047 int qid = 7 + tid; 5048 5049 /* Stop TX scheduler while we're changing its configuration. */ 5050 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5051 IWN4965_TXQ_STATUS_CHGACT); 5052 5053 /* Assign RA/TID translation to the queue. */ 5054 iwn_mem_write_2(sc, sc->sched_base + IWN4965_SCHED_TRANS_TBL(qid), 5055 wn->id << 4 | tid); 5056 5057 /* Enable chain-building mode for the queue. */ 5058 iwn_prph_setbits(sc, IWN4965_SCHED_QCHAIN_SEL, 1 << qid); 5059 5060 /* Set starting sequence number from the ADDBA request. */ 5061 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5062 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 5063 5064 /* Set scheduler window size. */ 5065 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid), 5066 IWN_SCHED_WINSZ); 5067 /* Set scheduler frame limit. */ 5068 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 5069 IWN_SCHED_LIMIT << 16); 5070 5071 /* Enable interrupts for the queue. */ 5072 iwn_prph_setbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 5073 5074 /* Mark the queue as active. */ 5075 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5076 IWN4965_TXQ_STATUS_ACTIVE | IWN4965_TXQ_STATUS_AGGR_ENA | 5077 iwn_tid2fifo[tid] << 1); 5078 } 5079 5080 static void 5081 iwn4965_ampdu_tx_stop(struct iwn_softc *sc, uint8_t tid, uint16_t ssn) 5082 { 5083 int qid = 7 + tid; 5084 5085 /* Stop TX scheduler while we're changing its configuration. */ 5086 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5087 IWN4965_TXQ_STATUS_CHGACT); 5088 5089 /* Set starting sequence number from the ADDBA request. */ 5090 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5091 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 5092 5093 /* Disable interrupts for the queue. */ 5094 iwn_prph_clrbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 5095 5096 /* Mark the queue as inactive. */ 5097 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5098 IWN4965_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid] << 1); 5099 } 5100 5101 static void 5102 iwn5000_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 5103 uint8_t tid, uint16_t ssn) 5104 { 5105 struct iwn_node *wn = (void *)ni; 5106 int qid = 10 + tid; 5107 5108 /* Stop TX scheduler while we're changing its configuration. */ 5109 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5110 IWN5000_TXQ_STATUS_CHGACT); 5111 5112 /* Assign RA/TID translation to the queue. */ 5113 iwn_mem_write_2(sc, sc->sched_base + IWN5000_SCHED_TRANS_TBL(qid), 5114 wn->id << 4 | tid); 5115 5116 /* Enable chain-building mode for the queue. */ 5117 iwn_prph_setbits(sc, IWN5000_SCHED_QCHAIN_SEL, 1 << qid); 5118 5119 /* Enable aggregation for the queue. */ 5120 iwn_prph_setbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 5121 5122 /* Set starting sequence number from the ADDBA request. */ 5123 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5124 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 5125 5126 /* Set scheduler window size and frame limit. */ 5127 iwn_mem_write(sc, sc->sched_base + IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 5128 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 5129 5130 /* Enable interrupts for the queue. */ 5131 iwn_prph_setbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 5132 5133 /* Mark the queue as active. */ 5134 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5135 IWN5000_TXQ_STATUS_ACTIVE | iwn_tid2fifo[tid]); 5136 } 5137 5138 static void 5139 iwn5000_ampdu_tx_stop(struct iwn_softc *sc, uint8_t tid, uint16_t ssn) 5140 { 5141 int qid = 10 + tid; 5142 5143 /* Stop TX scheduler while we're changing its configuration. */ 5144 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5145 IWN5000_TXQ_STATUS_CHGACT); 5146 5147 /* Disable aggregation for the queue. */ 5148 iwn_prph_clrbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 5149 5150 /* Set starting sequence number from the ADDBA request. */ 5151 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5152 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 5153 5154 /* Disable interrupts for the queue. */ 5155 iwn_prph_clrbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 5156 5157 /* Mark the queue as inactive. */ 5158 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5159 IWN5000_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid]); 5160 } 5161 #endif /* !IEEE80211_NO_HT */ 5162 5163 /* 5164 * Query calibration tables from the initialization firmware. We do this 5165 * only once at first boot. Called from a process context. 5166 */ 5167 static int 5168 iwn5000_query_calibration(struct iwn_softc *sc) 5169 { 5170 struct iwn5000_calib_config cmd; 5171 int error; 5172 5173 memset(&cmd, 0, sizeof cmd); 5174 cmd.ucode.once.enable = 0xffffffff; 5175 cmd.ucode.once.start = 0xffffffff; 5176 cmd.ucode.once.send = 0xffffffff; 5177 cmd.ucode.flags = 0xffffffff; 5178 DPRINTF(("sending calibration query\n")); 5179 error = iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof cmd, 0); 5180 if (error != 0) 5181 return error; 5182 5183 /* Wait at most two seconds for calibration to complete. */ 5184 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) 5185 error = tsleep(sc, PCATCH, "iwncal", 2 * hz); 5186 return error; 5187 } 5188 5189 /* 5190 * Send calibration results to the runtime firmware. These results were 5191 * obtained on first boot from the initialization firmware. 5192 */ 5193 static int 5194 iwn5000_send_calibration(struct iwn_softc *sc) 5195 { 5196 int idx, error; 5197 5198 for (idx = 0; idx < 5; idx++) { 5199 if (sc->calibcmd[idx].buf == NULL) 5200 continue; /* No results available. */ 5201 DPRINTF(("send calibration result idx=%d len=%d\n", 5202 idx, sc->calibcmd[idx].len)); 5203 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, sc->calibcmd[idx].buf, 5204 sc->calibcmd[idx].len, 0); 5205 if (error != 0) { 5206 aprint_error_dev(sc->sc_dev, 5207 "could not send calibration result\n"); 5208 return error; 5209 } 5210 } 5211 return 0; 5212 } 5213 5214 static int 5215 iwn5000_send_wimax_coex(struct iwn_softc *sc) 5216 { 5217 struct iwn5000_wimax_coex wimax; 5218 5219 #ifdef notyet 5220 if (sc->hw_type == IWN_HW_REV_TYPE_6050) { 5221 /* Enable WiMAX coexistence for combo adapters. */ 5222 wimax.flags = 5223 IWN_WIMAX_COEX_ASSOC_WA_UNMASK | 5224 IWN_WIMAX_COEX_UNASSOC_WA_UNMASK | 5225 IWN_WIMAX_COEX_STA_TABLE_VALID | 5226 IWN_WIMAX_COEX_ENABLE; 5227 memcpy(wimax.events, iwn6050_wimax_events, 5228 sizeof iwn6050_wimax_events); 5229 } else 5230 #endif 5231 { 5232 /* Disable WiMAX coexistence. */ 5233 wimax.flags = 0; 5234 memset(wimax.events, 0, sizeof wimax.events); 5235 } 5236 DPRINTF(("Configuring WiMAX coexistence\n")); 5237 return iwn_cmd(sc, IWN5000_CMD_WIMAX_COEX, &wimax, sizeof wimax, 0); 5238 } 5239 5240 static int 5241 iwn6000_temp_offset_calib(struct iwn_softc *sc) 5242 { 5243 struct iwn6000_phy_calib_temp_offset cmd; 5244 5245 memset(&cmd, 0, sizeof cmd); 5246 cmd.code = IWN6000_PHY_CALIB_TEMP_OFFSET; 5247 cmd.ngroups = 1; 5248 cmd.isvalid = 1; 5249 if (sc->eeprom_temp != 0) 5250 cmd.offset = htole16(sc->eeprom_temp); 5251 else 5252 cmd.offset = htole16(IWN_DEFAULT_TEMP_OFFSET); 5253 DPRINTF(("setting radio sensor offset to %d\n", le16toh(cmd.offset))); 5254 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 5255 } 5256 5257 static int 5258 iwn2000_temp_offset_calib(struct iwn_softc *sc) 5259 { 5260 struct iwn2000_phy_calib_temp_offset cmd; 5261 5262 memset(&cmd, 0, sizeof cmd); 5263 cmd.code = IWN2000_PHY_CALIB_TEMP_OFFSET; 5264 cmd.ngroups = 1; 5265 cmd.isvalid = 1; 5266 if (sc->eeprom_rawtemp != 0) { 5267 cmd.offset_low = htole16(sc->eeprom_rawtemp); 5268 cmd.offset_high = htole16(sc->eeprom_temp); 5269 } else { 5270 cmd.offset_low = htole16(IWN_DEFAULT_TEMP_OFFSET); 5271 cmd.offset_high = htole16(IWN_DEFAULT_TEMP_OFFSET); 5272 } 5273 cmd.burnt_voltage_ref = htole16(sc->eeprom_voltage); 5274 DPRINTF(("setting radio sensor offset to %d:%d, voltage to %d\n", 5275 le16toh(cmd.offset_low), le16toh(cmd.offset_high), 5276 le16toh(cmd.burnt_voltage_ref))); 5277 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 5278 } 5279 5280 /* 5281 * This function is called after the runtime firmware notifies us of its 5282 * readiness (called in a process context). 5283 */ 5284 static int 5285 iwn4965_post_alive(struct iwn_softc *sc) 5286 { 5287 int error, qid; 5288 5289 if ((error = iwn_nic_lock(sc)) != 0) 5290 return error; 5291 5292 /* Clear TX scheduler state in SRAM. */ 5293 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 5294 iwn_mem_set_region_4(sc, sc->sched_base + IWN4965_SCHED_CTX_OFF, 0, 5295 IWN4965_SCHED_CTX_LEN / sizeof (uint32_t)); 5296 5297 /* Set physical address of TX scheduler rings (1KB aligned). */ 5298 iwn_prph_write(sc, IWN4965_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 5299 5300 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 5301 5302 /* Disable chain mode for all our 16 queues. */ 5303 iwn_prph_write(sc, IWN4965_SCHED_QCHAIN_SEL, 0); 5304 5305 for (qid = 0; qid < IWN4965_NTXQUEUES; qid++) { 5306 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), 0); 5307 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 5308 5309 /* Set scheduler window size. */ 5310 iwn_mem_write(sc, sc->sched_base + 5311 IWN4965_SCHED_QUEUE_OFFSET(qid), IWN_SCHED_WINSZ); 5312 /* Set scheduler frame limit. */ 5313 iwn_mem_write(sc, sc->sched_base + 5314 IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 5315 IWN_SCHED_LIMIT << 16); 5316 } 5317 5318 /* Enable interrupts for all our 16 queues. */ 5319 iwn_prph_write(sc, IWN4965_SCHED_INTR_MASK, 0xffff); 5320 /* Identify TX FIFO rings (0-7). */ 5321 iwn_prph_write(sc, IWN4965_SCHED_TXFACT, 0xff); 5322 5323 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 5324 for (qid = 0; qid < 7; qid++) { 5325 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 4, 5, 6 }; 5326 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5327 IWN4965_TXQ_STATUS_ACTIVE | qid2fifo[qid] << 1); 5328 } 5329 iwn_nic_unlock(sc); 5330 return 0; 5331 } 5332 5333 /* 5334 * This function is called after the initialization or runtime firmware 5335 * notifies us of its readiness (called in a process context). 5336 */ 5337 static int 5338 iwn5000_post_alive(struct iwn_softc *sc) 5339 { 5340 int error, qid; 5341 5342 /* Switch to using ICT interrupt mode. */ 5343 iwn5000_ict_reset(sc); 5344 5345 if ((error = iwn_nic_lock(sc)) != 0) 5346 return error; 5347 5348 /* Clear TX scheduler state in SRAM. */ 5349 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 5350 iwn_mem_set_region_4(sc, sc->sched_base + IWN5000_SCHED_CTX_OFF, 0, 5351 IWN5000_SCHED_CTX_LEN / sizeof (uint32_t)); 5352 5353 /* Set physical address of TX scheduler rings (1KB aligned). */ 5354 iwn_prph_write(sc, IWN5000_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 5355 5356 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 5357 5358 /* Enable chain mode for all queues, except command queue. */ 5359 iwn_prph_write(sc, IWN5000_SCHED_QCHAIN_SEL, 0xfffef); 5360 iwn_prph_write(sc, IWN5000_SCHED_AGGR_SEL, 0); 5361 5362 for (qid = 0; qid < IWN5000_NTXQUEUES; qid++) { 5363 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), 0); 5364 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 5365 5366 iwn_mem_write(sc, sc->sched_base + 5367 IWN5000_SCHED_QUEUE_OFFSET(qid), 0); 5368 /* Set scheduler window size and frame limit. */ 5369 iwn_mem_write(sc, sc->sched_base + 5370 IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 5371 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 5372 } 5373 5374 /* Enable interrupts for all our 20 queues. */ 5375 iwn_prph_write(sc, IWN5000_SCHED_INTR_MASK, 0xfffff); 5376 /* Identify TX FIFO rings (0-7). */ 5377 iwn_prph_write(sc, IWN5000_SCHED_TXFACT, 0xff); 5378 5379 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 5380 for (qid = 0; qid < 7; qid++) { 5381 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 7, 5, 6 }; 5382 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5383 IWN5000_TXQ_STATUS_ACTIVE | qid2fifo[qid]); 5384 } 5385 iwn_nic_unlock(sc); 5386 5387 /* Configure WiMAX coexistence for combo adapters. */ 5388 error = iwn5000_send_wimax_coex(sc); 5389 if (error != 0) { 5390 aprint_error_dev(sc->sc_dev, 5391 "could not configure WiMAX coexistence\n"); 5392 return error; 5393 } 5394 if (sc->hw_type != IWN_HW_REV_TYPE_5150) { 5395 struct iwn5000_phy_calib_crystal cmd; 5396 5397 /* Perform crystal calibration. */ 5398 memset(&cmd, 0, sizeof cmd); 5399 cmd.code = IWN5000_PHY_CALIB_CRYSTAL; 5400 cmd.ngroups = 1; 5401 cmd.isvalid = 1; 5402 cmd.cap_pin[0] = le32toh(sc->eeprom_crystal) & 0xff; 5403 cmd.cap_pin[1] = (le32toh(sc->eeprom_crystal) >> 16) & 0xff; 5404 DPRINTF(("sending crystal calibration %d, %d\n", 5405 cmd.cap_pin[0], cmd.cap_pin[1])); 5406 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 5407 if (error != 0) { 5408 aprint_error_dev(sc->sc_dev, 5409 "crystal calibration failed\n"); 5410 return error; 5411 } 5412 } 5413 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) { 5414 /* Query calibration from the initialization firmware. */ 5415 if ((error = iwn5000_query_calibration(sc)) != 0) { 5416 aprint_error_dev(sc->sc_dev, 5417 "could not query calibration\n"); 5418 return error; 5419 } 5420 /* 5421 * We have the calibration results now, reboot with the 5422 * runtime firmware (call ourselves recursively!) 5423 */ 5424 iwn_hw_stop(sc); 5425 error = iwn_hw_init(sc); 5426 } else { 5427 /* Send calibration results to runtime firmware. */ 5428 error = iwn5000_send_calibration(sc); 5429 } 5430 return error; 5431 } 5432 5433 /* 5434 * The firmware boot code is small and is intended to be copied directly into 5435 * the NIC internal memory (no DMA transfer). 5436 */ 5437 static int 5438 iwn4965_load_bootcode(struct iwn_softc *sc, const uint8_t *ucode, int size) 5439 { 5440 int error, ntries; 5441 5442 size /= sizeof (uint32_t); 5443 5444 if ((error = iwn_nic_lock(sc)) != 0) 5445 return error; 5446 5447 /* Copy microcode image into NIC memory. */ 5448 iwn_prph_write_region_4(sc, IWN_BSM_SRAM_BASE, 5449 (const uint32_t *)ucode, size); 5450 5451 iwn_prph_write(sc, IWN_BSM_WR_MEM_SRC, 0); 5452 iwn_prph_write(sc, IWN_BSM_WR_MEM_DST, IWN_FW_TEXT_BASE); 5453 iwn_prph_write(sc, IWN_BSM_WR_DWCOUNT, size); 5454 5455 /* Start boot load now. */ 5456 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START); 5457 5458 /* Wait for transfer to complete. */ 5459 for (ntries = 0; ntries < 1000; ntries++) { 5460 if (!(iwn_prph_read(sc, IWN_BSM_WR_CTRL) & 5461 IWN_BSM_WR_CTRL_START)) 5462 break; 5463 DELAY(10); 5464 } 5465 if (ntries == 1000) { 5466 aprint_error_dev(sc->sc_dev, 5467 "could not load boot firmware\n"); 5468 iwn_nic_unlock(sc); 5469 return ETIMEDOUT; 5470 } 5471 5472 /* Enable boot after power up. */ 5473 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START_EN); 5474 5475 iwn_nic_unlock(sc); 5476 return 0; 5477 } 5478 5479 static int 5480 iwn4965_load_firmware(struct iwn_softc *sc) 5481 { 5482 struct iwn_fw_info *fw = &sc->fw; 5483 struct iwn_dma_info *dma = &sc->fw_dma; 5484 int error; 5485 5486 /* Copy initialization sections into pre-allocated DMA-safe memory. */ 5487 memcpy(dma->vaddr, fw->init.data, fw->init.datasz); 5488 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, fw->init.datasz, 5489 BUS_DMASYNC_PREWRITE); 5490 memcpy((char *)dma->vaddr + IWN4965_FW_DATA_MAXSZ, 5491 fw->init.text, fw->init.textsz); 5492 bus_dmamap_sync(sc->sc_dmat, dma->map, IWN4965_FW_DATA_MAXSZ, 5493 fw->init.textsz, BUS_DMASYNC_PREWRITE); 5494 5495 /* Tell adapter where to find initialization sections. */ 5496 if ((error = iwn_nic_lock(sc)) != 0) 5497 return error; 5498 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 5499 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->init.datasz); 5500 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 5501 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 5502 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, fw->init.textsz); 5503 iwn_nic_unlock(sc); 5504 5505 /* Load firmware boot code. */ 5506 error = iwn4965_load_bootcode(sc, fw->boot.text, fw->boot.textsz); 5507 if (error != 0) { 5508 aprint_error_dev(sc->sc_dev, 5509 "could not load boot firmware\n"); 5510 return error; 5511 } 5512 /* Now press "execute". */ 5513 IWN_WRITE(sc, IWN_RESET, 0); 5514 5515 /* Wait at most one second for first alive notification. */ 5516 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 5517 aprint_error_dev(sc->sc_dev, 5518 "timeout waiting for adapter to initialize\n"); 5519 return error; 5520 } 5521 5522 /* Retrieve current temperature for initial TX power calibration. */ 5523 sc->rawtemp = sc->ucode_info.temp[3].chan20MHz; 5524 sc->temp = iwn4965_get_temperature(sc); 5525 5526 /* Copy runtime sections into pre-allocated DMA-safe memory. */ 5527 memcpy(dma->vaddr, fw->main.data, fw->main.datasz); 5528 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, fw->main.datasz, 5529 BUS_DMASYNC_PREWRITE); 5530 memcpy((char *)dma->vaddr + IWN4965_FW_DATA_MAXSZ, 5531 fw->main.text, fw->main.textsz); 5532 bus_dmamap_sync(sc->sc_dmat, dma->map, IWN4965_FW_DATA_MAXSZ, 5533 fw->main.textsz, BUS_DMASYNC_PREWRITE); 5534 5535 /* Tell adapter where to find runtime sections. */ 5536 if ((error = iwn_nic_lock(sc)) != 0) 5537 return error; 5538 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 5539 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->main.datasz); 5540 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 5541 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 5542 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, 5543 IWN_FW_UPDATED | fw->main.textsz); 5544 iwn_nic_unlock(sc); 5545 5546 return 0; 5547 } 5548 5549 static int 5550 iwn5000_load_firmware_section(struct iwn_softc *sc, uint32_t dst, 5551 const uint8_t *section, int size) 5552 { 5553 struct iwn_dma_info *dma = &sc->fw_dma; 5554 int error; 5555 5556 /* Copy firmware section into pre-allocated DMA-safe memory. */ 5557 memcpy(dma->vaddr, section, size); 5558 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, size, BUS_DMASYNC_PREWRITE); 5559 5560 if ((error = iwn_nic_lock(sc)) != 0) 5561 return error; 5562 5563 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 5564 IWN_FH_TX_CONFIG_DMA_PAUSE); 5565 5566 IWN_WRITE(sc, IWN_FH_SRAM_ADDR(IWN_SRVC_DMACHNL), dst); 5567 IWN_WRITE(sc, IWN_FH_TFBD_CTRL0(IWN_SRVC_DMACHNL), 5568 IWN_LOADDR(dma->paddr)); 5569 IWN_WRITE(sc, IWN_FH_TFBD_CTRL1(IWN_SRVC_DMACHNL), 5570 IWN_HIADDR(dma->paddr) << 28 | size); 5571 IWN_WRITE(sc, IWN_FH_TXBUF_STATUS(IWN_SRVC_DMACHNL), 5572 IWN_FH_TXBUF_STATUS_TBNUM(1) | 5573 IWN_FH_TXBUF_STATUS_TBIDX(1) | 5574 IWN_FH_TXBUF_STATUS_TFBD_VALID); 5575 5576 /* Kick Flow Handler to start DMA transfer. */ 5577 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 5578 IWN_FH_TX_CONFIG_DMA_ENA | IWN_FH_TX_CONFIG_CIRQ_HOST_ENDTFD); 5579 5580 iwn_nic_unlock(sc); 5581 5582 /* Wait at most five seconds for FH DMA transfer to complete. */ 5583 return tsleep(sc, PCATCH, "iwninit", 5 * hz); 5584 } 5585 5586 static int 5587 iwn5000_load_firmware(struct iwn_softc *sc) 5588 { 5589 struct iwn_fw_part *fw; 5590 int error; 5591 5592 /* Load the initialization firmware on first boot only. */ 5593 fw = (sc->sc_flags & IWN_FLAG_CALIB_DONE) ? 5594 &sc->fw.main : &sc->fw.init; 5595 5596 error = iwn5000_load_firmware_section(sc, IWN_FW_TEXT_BASE, 5597 fw->text, fw->textsz); 5598 if (error != 0) { 5599 aprint_error_dev(sc->sc_dev, 5600 "could not load firmware %s section\n", ".text"); 5601 return error; 5602 } 5603 error = iwn5000_load_firmware_section(sc, IWN_FW_DATA_BASE, 5604 fw->data, fw->datasz); 5605 if (error != 0) { 5606 aprint_error_dev(sc->sc_dev, 5607 "could not load firmware %s section\n", ".data"); 5608 return error; 5609 } 5610 5611 /* Now press "execute". */ 5612 IWN_WRITE(sc, IWN_RESET, 0); 5613 return 0; 5614 } 5615 5616 /* 5617 * Extract text and data sections from a legacy firmware image. 5618 */ 5619 static int 5620 iwn_read_firmware_leg(struct iwn_softc *sc, struct iwn_fw_info *fw) 5621 { 5622 const uint32_t *ptr; 5623 size_t hdrlen = 24; 5624 uint32_t rev; 5625 5626 ptr = (const uint32_t *)fw->data; 5627 rev = le32toh(*ptr++); 5628 5629 /* Check firmware API version. */ 5630 if (IWN_FW_API(rev) <= 1) { 5631 aprint_error_dev(sc->sc_dev, 5632 "bad firmware, need API version >=2\n"); 5633 return EINVAL; 5634 } 5635 if (IWN_FW_API(rev) >= 3) { 5636 /* Skip build number (version 2 header). */ 5637 hdrlen += 4; 5638 ptr++; 5639 } 5640 if (fw->size < hdrlen) { 5641 aprint_error_dev(sc->sc_dev, 5642 "firmware too short: %zd bytes\n", fw->size); 5643 return EINVAL; 5644 } 5645 fw->main.textsz = le32toh(*ptr++); 5646 fw->main.datasz = le32toh(*ptr++); 5647 fw->init.textsz = le32toh(*ptr++); 5648 fw->init.datasz = le32toh(*ptr++); 5649 fw->boot.textsz = le32toh(*ptr++); 5650 5651 /* Check that all firmware sections fit. */ 5652 if (fw->size < hdrlen + fw->main.textsz + fw->main.datasz + 5653 fw->init.textsz + fw->init.datasz + fw->boot.textsz) { 5654 aprint_error_dev(sc->sc_dev, 5655 "firmware too short: %zd bytes\n", fw->size); 5656 return EINVAL; 5657 } 5658 5659 /* Get pointers to firmware sections. */ 5660 fw->main.text = (const uint8_t *)ptr; 5661 fw->main.data = fw->main.text + fw->main.textsz; 5662 fw->init.text = fw->main.data + fw->main.datasz; 5663 fw->init.data = fw->init.text + fw->init.textsz; 5664 fw->boot.text = fw->init.data + fw->init.datasz; 5665 return 0; 5666 } 5667 5668 /* 5669 * Extract text and data sections from a TLV firmware image. 5670 */ 5671 static int 5672 iwn_read_firmware_tlv(struct iwn_softc *sc, struct iwn_fw_info *fw, 5673 uint16_t alt) 5674 { 5675 const struct iwn_fw_tlv_hdr *hdr; 5676 const struct iwn_fw_tlv *tlv; 5677 const uint8_t *ptr, *end; 5678 uint64_t altmask; 5679 uint32_t len; 5680 5681 if (fw->size < sizeof (*hdr)) { 5682 aprint_error_dev(sc->sc_dev, 5683 "firmware too short: %zd bytes\n", fw->size); 5684 return EINVAL; 5685 } 5686 hdr = (const struct iwn_fw_tlv_hdr *)fw->data; 5687 if (hdr->signature != htole32(IWN_FW_SIGNATURE)) { 5688 aprint_error_dev(sc->sc_dev, 5689 "bad firmware signature 0x%08x\n", le32toh(hdr->signature)); 5690 return EINVAL; 5691 } 5692 DPRINTF(("FW: \"%.64s\", build 0x%x\n", hdr->descr, 5693 le32toh(hdr->build))); 5694 5695 /* 5696 * Select the closest supported alternative that is less than 5697 * or equal to the specified one. 5698 */ 5699 altmask = le64toh(hdr->altmask); 5700 while (alt > 0 && !(altmask & (1ULL << alt))) 5701 alt--; /* Downgrade. */ 5702 DPRINTF(("using alternative %d\n", alt)); 5703 5704 ptr = (const uint8_t *)(hdr + 1); 5705 end = (const uint8_t *)(fw->data + fw->size); 5706 5707 /* Parse type-length-value fields. */ 5708 while (ptr + sizeof (*tlv) <= end) { 5709 tlv = (const struct iwn_fw_tlv *)ptr; 5710 len = le32toh(tlv->len); 5711 5712 ptr += sizeof (*tlv); 5713 if (ptr + len > end) { 5714 aprint_error_dev(sc->sc_dev, 5715 "firmware too short: %zd bytes\n", fw->size); 5716 return EINVAL; 5717 } 5718 /* Skip other alternatives. */ 5719 if (tlv->alt != 0 && tlv->alt != htole16(alt)) 5720 goto next; 5721 5722 switch (le16toh(tlv->type)) { 5723 case IWN_FW_TLV_MAIN_TEXT: 5724 fw->main.text = ptr; 5725 fw->main.textsz = len; 5726 break; 5727 case IWN_FW_TLV_MAIN_DATA: 5728 fw->main.data = ptr; 5729 fw->main.datasz = len; 5730 break; 5731 case IWN_FW_TLV_INIT_TEXT: 5732 fw->init.text = ptr; 5733 fw->init.textsz = len; 5734 break; 5735 case IWN_FW_TLV_INIT_DATA: 5736 fw->init.data = ptr; 5737 fw->init.datasz = len; 5738 break; 5739 case IWN_FW_TLV_BOOT_TEXT: 5740 fw->boot.text = ptr; 5741 fw->boot.textsz = len; 5742 break; 5743 case IWN_FW_TLV_ENH_SENS: 5744 if (len != 0) { 5745 aprint_error_dev(sc->sc_dev, 5746 "TLV type %d has invalid size %u\n", 5747 le16toh(tlv->type), len); 5748 goto next; 5749 } 5750 sc->sc_flags |= IWN_FLAG_ENH_SENS; 5751 break; 5752 case IWN_FW_TLV_PHY_CALIB: 5753 if (len != sizeof(uint32_t)) { 5754 aprint_error_dev(sc->sc_dev, 5755 "TLV type %d has invalid size %u\n", 5756 le16toh(tlv->type), len); 5757 goto next; 5758 } 5759 if (le32toh(*ptr) <= IWN5000_PHY_CALIB_MAX) { 5760 sc->reset_noise_gain = le32toh(*ptr); 5761 sc->noise_gain = le32toh(*ptr) + 1; 5762 } 5763 break; 5764 case IWN_FW_TLV_FLAGS: 5765 if (len < sizeof(uint32_t)) 5766 break; 5767 if (len % sizeof(uint32_t)) 5768 break; 5769 sc->tlv_feature_flags = le32toh(*ptr); 5770 DPRINTF(("feature: 0x%08x\n", sc->tlv_feature_flags)); 5771 break; 5772 default: 5773 DPRINTF(("TLV type %d not handled\n", 5774 le16toh(tlv->type))); 5775 break; 5776 } 5777 next: /* TLV fields are 32-bit aligned. */ 5778 ptr += (len + 3) & ~3; 5779 } 5780 return 0; 5781 } 5782 5783 static int 5784 iwn_read_firmware(struct iwn_softc *sc) 5785 { 5786 struct iwn_fw_info *fw = &sc->fw; 5787 firmware_handle_t fwh; 5788 int error; 5789 5790 /* 5791 * Some PHY calibration commands are firmware-dependent; these 5792 * are the default values that will be overridden if 5793 * necessary. 5794 */ 5795 sc->reset_noise_gain = IWN5000_PHY_CALIB_RESET_NOISE_GAIN; 5796 sc->noise_gain = IWN5000_PHY_CALIB_NOISE_GAIN; 5797 5798 /* Initialize for error returns */ 5799 fw->data = NULL; 5800 fw->size = 0; 5801 5802 /* Open firmware image. */ 5803 if ((error = firmware_open("if_iwn", sc->fwname, &fwh)) != 0) { 5804 aprint_error_dev(sc->sc_dev, 5805 "could not get firmware handle %s\n", sc->fwname); 5806 return error; 5807 } 5808 fw->size = firmware_get_size(fwh); 5809 if (fw->size < sizeof (uint32_t)) { 5810 aprint_error_dev(sc->sc_dev, 5811 "firmware too short: %zd bytes\n", fw->size); 5812 firmware_close(fwh); 5813 return EINVAL; 5814 } 5815 5816 /* Read the firmware. */ 5817 fw->data = firmware_malloc(fw->size); 5818 if (fw->data == NULL) { 5819 aprint_error_dev(sc->sc_dev, 5820 "not enough memory to stock firmware %s\n", sc->fwname); 5821 firmware_close(fwh); 5822 return ENOMEM; 5823 } 5824 error = firmware_read(fwh, 0, fw->data, fw->size); 5825 firmware_close(fwh); 5826 if (error != 0) { 5827 aprint_error_dev(sc->sc_dev, 5828 "could not read firmware %s\n", sc->fwname); 5829 goto out; 5830 } 5831 5832 /* Retrieve text and data sections. */ 5833 if (*(const uint32_t *)fw->data != 0) /* Legacy image. */ 5834 error = iwn_read_firmware_leg(sc, fw); 5835 else 5836 error = iwn_read_firmware_tlv(sc, fw, 1); 5837 if (error != 0) { 5838 aprint_error_dev(sc->sc_dev, 5839 "could not read firmware sections\n"); 5840 goto out; 5841 } 5842 5843 /* Make sure text and data sections fit in hardware memory. */ 5844 if (fw->main.textsz > sc->fw_text_maxsz || 5845 fw->main.datasz > sc->fw_data_maxsz || 5846 fw->init.textsz > sc->fw_text_maxsz || 5847 fw->init.datasz > sc->fw_data_maxsz || 5848 fw->boot.textsz > IWN_FW_BOOT_TEXT_MAXSZ || 5849 (fw->boot.textsz & 3) != 0) { 5850 aprint_error_dev(sc->sc_dev, 5851 "firmware sections too large\n"); 5852 goto out; 5853 } 5854 5855 /* We can proceed with loading the firmware. */ 5856 return 0; 5857 out: 5858 firmware_free(fw->data, fw->size); 5859 fw->data = NULL; 5860 fw->size = 0; 5861 return error ? error : EINVAL; 5862 } 5863 5864 static int 5865 iwn_clock_wait(struct iwn_softc *sc) 5866 { 5867 int ntries; 5868 5869 /* Set "initialization complete" bit. */ 5870 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 5871 5872 /* Wait for clock stabilization. */ 5873 for (ntries = 0; ntries < 2500; ntries++) { 5874 if (IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_MAC_CLOCK_READY) 5875 return 0; 5876 DELAY(10); 5877 } 5878 aprint_error_dev(sc->sc_dev, 5879 "timeout waiting for clock stabilization\n"); 5880 return ETIMEDOUT; 5881 } 5882 5883 static int 5884 iwn_apm_init(struct iwn_softc *sc) 5885 { 5886 pcireg_t reg; 5887 int error; 5888 5889 /* Disable L0s exit timer (NMI bug workaround). */ 5890 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_DIS_L0S_TIMER); 5891 /* Don't wait for ICH L0s (ICH bug workaround). */ 5892 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_L1A_NO_L0S_RX); 5893 5894 /* Set FH wait threshold to max (HW bug under stress workaround). */ 5895 IWN_SETBITS(sc, IWN_DBG_HPET_MEM, 0xffff0000); 5896 5897 /* Enable HAP INTA to move adapter from L1a to L0s. */ 5898 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_HAP_WAKE_L1A); 5899 5900 /* Retrieve PCIe Active State Power Management (ASPM). */ 5901 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 5902 sc->sc_cap_off + PCIE_LCSR); 5903 /* Workaround for HW instability in PCIe L0->L0s->L1 transition. */ 5904 if (reg & PCIE_LCSR_ASPM_L1) /* L1 Entry enabled. */ 5905 IWN_SETBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 5906 else 5907 IWN_CLRBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 5908 5909 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 5910 sc->hw_type <= IWN_HW_REV_TYPE_1000) 5911 IWN_SETBITS(sc, IWN_ANA_PLL, IWN_ANA_PLL_INIT); 5912 5913 /* Wait for clock stabilization before accessing prph. */ 5914 if ((error = iwn_clock_wait(sc)) != 0) 5915 return error; 5916 5917 if ((error = iwn_nic_lock(sc)) != 0) 5918 return error; 5919 if (sc->hw_type == IWN_HW_REV_TYPE_4965) { 5920 /* Enable DMA and BSM (Bootstrap State Machine). */ 5921 iwn_prph_write(sc, IWN_APMG_CLK_EN, 5922 IWN_APMG_CLK_CTRL_DMA_CLK_RQT | 5923 IWN_APMG_CLK_CTRL_BSM_CLK_RQT); 5924 } else { 5925 /* Enable DMA. */ 5926 iwn_prph_write(sc, IWN_APMG_CLK_EN, 5927 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 5928 } 5929 DELAY(20); 5930 /* Disable L1-Active. */ 5931 iwn_prph_setbits(sc, IWN_APMG_PCI_STT, IWN_APMG_PCI_STT_L1A_DIS); 5932 iwn_nic_unlock(sc); 5933 5934 return 0; 5935 } 5936 5937 static void 5938 iwn_apm_stop_master(struct iwn_softc *sc) 5939 { 5940 int ntries; 5941 5942 /* Stop busmaster DMA activity. */ 5943 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_STOP_MASTER); 5944 for (ntries = 0; ntries < 100; ntries++) { 5945 if (IWN_READ(sc, IWN_RESET) & IWN_RESET_MASTER_DISABLED) 5946 return; 5947 DELAY(10); 5948 } 5949 aprint_error_dev(sc->sc_dev, 5950 "timeout waiting for master\n"); 5951 } 5952 5953 static void 5954 iwn_apm_stop(struct iwn_softc *sc) 5955 { 5956 iwn_apm_stop_master(sc); 5957 5958 /* Reset the entire device. */ 5959 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_SW); 5960 DELAY(10); 5961 /* Clear "initialization complete" bit. */ 5962 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 5963 } 5964 5965 static int 5966 iwn4965_nic_config(struct iwn_softc *sc) 5967 { 5968 if (IWN_RFCFG_TYPE(sc->rfcfg) == 1) { 5969 /* 5970 * I don't believe this to be correct but this is what the 5971 * vendor driver is doing. Probably the bits should not be 5972 * shifted in IWN_RFCFG_*. 5973 */ 5974 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5975 IWN_RFCFG_TYPE(sc->rfcfg) | 5976 IWN_RFCFG_STEP(sc->rfcfg) | 5977 IWN_RFCFG_DASH(sc->rfcfg)); 5978 } 5979 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5980 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 5981 return 0; 5982 } 5983 5984 static int 5985 iwn5000_nic_config(struct iwn_softc *sc) 5986 { 5987 uint32_t tmp; 5988 int error; 5989 5990 if (IWN_RFCFG_TYPE(sc->rfcfg) < 3) { 5991 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5992 IWN_RFCFG_TYPE(sc->rfcfg) | 5993 IWN_RFCFG_STEP(sc->rfcfg) | 5994 IWN_RFCFG_DASH(sc->rfcfg)); 5995 } 5996 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5997 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 5998 5999 if ((error = iwn_nic_lock(sc)) != 0) 6000 return error; 6001 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_EARLY_PWROFF_DIS); 6002 6003 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 6004 /* 6005 * Select first Switching Voltage Regulator (1.32V) to 6006 * solve a stability issue related to noisy DC2DC line 6007 * in the silicon of 1000 Series. 6008 */ 6009 tmp = iwn_prph_read(sc, IWN_APMG_DIGITAL_SVR); 6010 tmp &= ~IWN_APMG_DIGITAL_SVR_VOLTAGE_MASK; 6011 tmp |= IWN_APMG_DIGITAL_SVR_VOLTAGE_1_32; 6012 iwn_prph_write(sc, IWN_APMG_DIGITAL_SVR, tmp); 6013 } 6014 iwn_nic_unlock(sc); 6015 6016 if (sc->sc_flags & IWN_FLAG_INTERNAL_PA) { 6017 /* Use internal power amplifier only. */ 6018 IWN_WRITE(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_RADIO_2X2_IPA); 6019 } 6020 if ((sc->hw_type == IWN_HW_REV_TYPE_6050 || 6021 sc->hw_type == IWN_HW_REV_TYPE_6005) && sc->calib_ver >= 6) { 6022 /* Indicate that ROM calibration version is >=6. */ 6023 IWN_SETBITS(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_CALIB_VER6); 6024 } 6025 if (sc->hw_type == IWN_HW_REV_TYPE_6005) 6026 IWN_SETBITS(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_6050_1X2); 6027 if (sc->hw_type == IWN_HW_REV_TYPE_2030 || 6028 sc->hw_type == IWN_HW_REV_TYPE_2000 || 6029 sc->hw_type == IWN_HW_REV_TYPE_135 || 6030 sc->hw_type == IWN_HW_REV_TYPE_105) 6031 IWN_SETBITS(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_RADIO_IQ_INVERT); 6032 return 0; 6033 } 6034 6035 /* 6036 * Take NIC ownership over Intel Active Management Technology (AMT). 6037 */ 6038 static int 6039 iwn_hw_prepare(struct iwn_softc *sc) 6040 { 6041 int ntries; 6042 6043 /* Check if hardware is ready. */ 6044 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 6045 for (ntries = 0; ntries < 5; ntries++) { 6046 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 6047 IWN_HW_IF_CONFIG_NIC_READY) 6048 return 0; 6049 DELAY(10); 6050 } 6051 6052 /* Hardware not ready, force into ready state. */ 6053 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_PREPARE); 6054 for (ntries = 0; ntries < 15000; ntries++) { 6055 if (!(IWN_READ(sc, IWN_HW_IF_CONFIG) & 6056 IWN_HW_IF_CONFIG_PREPARE_DONE)) 6057 break; 6058 DELAY(10); 6059 } 6060 if (ntries == 15000) 6061 return ETIMEDOUT; 6062 6063 /* Hardware should be ready now. */ 6064 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 6065 for (ntries = 0; ntries < 5; ntries++) { 6066 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 6067 IWN_HW_IF_CONFIG_NIC_READY) 6068 return 0; 6069 DELAY(10); 6070 } 6071 return ETIMEDOUT; 6072 } 6073 6074 static int 6075 iwn_hw_init(struct iwn_softc *sc) 6076 { 6077 struct iwn_ops *ops = &sc->ops; 6078 int error, chnl, qid; 6079 6080 /* Clear pending interrupts. */ 6081 IWN_WRITE(sc, IWN_INT, 0xffffffff); 6082 6083 if ((error = iwn_apm_init(sc)) != 0) { 6084 aprint_error_dev(sc->sc_dev, 6085 "could not power ON adapter\n"); 6086 return error; 6087 } 6088 6089 /* Select VMAIN power source. */ 6090 if ((error = iwn_nic_lock(sc)) != 0) 6091 return error; 6092 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_PWR_SRC_MASK); 6093 iwn_nic_unlock(sc); 6094 6095 /* Perform adapter-specific initialization. */ 6096 if ((error = ops->nic_config(sc)) != 0) 6097 return error; 6098 6099 /* Initialize RX ring. */ 6100 if ((error = iwn_nic_lock(sc)) != 0) 6101 return error; 6102 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 6103 IWN_WRITE(sc, IWN_FH_RX_WPTR, 0); 6104 /* Set physical address of RX ring (256-byte aligned). */ 6105 IWN_WRITE(sc, IWN_FH_RX_BASE, sc->rxq.desc_dma.paddr >> 8); 6106 /* Set physical address of RX status (16-byte aligned). */ 6107 IWN_WRITE(sc, IWN_FH_STATUS_WPTR, sc->rxq.stat_dma.paddr >> 4); 6108 /* Enable RX. */ 6109 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 6110 IWN_FH_RX_CONFIG_ENA | 6111 IWN_FH_RX_CONFIG_IGN_RXF_EMPTY | /* HW bug workaround */ 6112 IWN_FH_RX_CONFIG_IRQ_DST_HOST | 6113 IWN_FH_RX_CONFIG_SINGLE_FRAME | 6114 IWN_FH_RX_CONFIG_RB_TIMEOUT(0) | 6115 IWN_FH_RX_CONFIG_NRBD(IWN_RX_RING_COUNT_LOG)); 6116 iwn_nic_unlock(sc); 6117 IWN_WRITE(sc, IWN_FH_RX_WPTR, (IWN_RX_RING_COUNT - 1) & ~7); 6118 6119 if ((error = iwn_nic_lock(sc)) != 0) 6120 return error; 6121 6122 /* Initialize TX scheduler. */ 6123 iwn_prph_write(sc, sc->sched_txfact_addr, 0); 6124 6125 /* Set physical address of "keep warm" page (16-byte aligned). */ 6126 IWN_WRITE(sc, IWN_FH_KW_ADDR, sc->kw_dma.paddr >> 4); 6127 6128 /* Initialize TX rings. */ 6129 for (qid = 0; qid < sc->ntxqs; qid++) { 6130 struct iwn_tx_ring *txq = &sc->txq[qid]; 6131 6132 /* Set physical address of TX ring (256-byte aligned). */ 6133 IWN_WRITE(sc, IWN_FH_CBBC_QUEUE(qid), 6134 txq->desc_dma.paddr >> 8); 6135 } 6136 iwn_nic_unlock(sc); 6137 6138 /* Enable DMA channels. */ 6139 for (chnl = 0; chnl < sc->ndmachnls; chnl++) { 6140 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 6141 IWN_FH_TX_CONFIG_DMA_ENA | 6142 IWN_FH_TX_CONFIG_DMA_CREDIT_ENA); 6143 } 6144 6145 /* Clear "radio off" and "commands blocked" bits. */ 6146 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 6147 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CMD_BLOCKED); 6148 6149 /* Clear pending interrupts. */ 6150 IWN_WRITE(sc, IWN_INT, 0xffffffff); 6151 /* Enable interrupt coalescing. */ 6152 IWN_WRITE(sc, IWN_INT_COALESCING, 512 / 8); 6153 /* Enable interrupts. */ 6154 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 6155 6156 /* _Really_ make sure "radio off" bit is cleared! */ 6157 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 6158 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 6159 6160 /* Enable shadow registers. */ 6161 if (sc->hw_type >= IWN_HW_REV_TYPE_6000) 6162 IWN_SETBITS(sc, IWN_SHADOW_REG_CTRL, 0x800fffff); 6163 6164 if ((error = ops->load_firmware(sc)) != 0) { 6165 aprint_error_dev(sc->sc_dev, 6166 "could not load firmware\n"); 6167 return error; 6168 } 6169 /* Wait at most one second for firmware alive notification. */ 6170 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 6171 aprint_error_dev(sc->sc_dev, 6172 "timeout waiting for adapter to initialize\n"); 6173 return error; 6174 } 6175 /* Do post-firmware initialization. */ 6176 return ops->post_alive(sc); 6177 } 6178 6179 static void 6180 iwn_hw_stop(struct iwn_softc *sc) 6181 { 6182 int chnl, qid, ntries; 6183 6184 IWN_WRITE(sc, IWN_RESET, IWN_RESET_NEVO); 6185 6186 /* Disable interrupts. */ 6187 IWN_WRITE(sc, IWN_INT_MASK, 0); 6188 IWN_WRITE(sc, IWN_INT, 0xffffffff); 6189 IWN_WRITE(sc, IWN_FH_INT, 0xffffffff); 6190 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 6191 6192 /* Make sure we no longer hold the NIC lock. */ 6193 iwn_nic_unlock(sc); 6194 6195 /* Stop TX scheduler. */ 6196 iwn_prph_write(sc, sc->sched_txfact_addr, 0); 6197 6198 /* Stop all DMA channels. */ 6199 if (iwn_nic_lock(sc) == 0) { 6200 for (chnl = 0; chnl < sc->ndmachnls; chnl++) { 6201 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 0); 6202 for (ntries = 0; ntries < 200; ntries++) { 6203 if (IWN_READ(sc, IWN_FH_TX_STATUS) & 6204 IWN_FH_TX_STATUS_IDLE(chnl)) 6205 break; 6206 DELAY(10); 6207 } 6208 } 6209 iwn_nic_unlock(sc); 6210 } 6211 6212 /* Stop RX ring. */ 6213 iwn_reset_rx_ring(sc, &sc->rxq); 6214 6215 /* Reset all TX rings. */ 6216 for (qid = 0; qid < sc->ntxqs; qid++) 6217 iwn_reset_tx_ring(sc, &sc->txq[qid]); 6218 6219 if (iwn_nic_lock(sc) == 0) { 6220 iwn_prph_write(sc, IWN_APMG_CLK_DIS, 6221 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 6222 iwn_nic_unlock(sc); 6223 } 6224 DELAY(5); 6225 /* Power OFF adapter. */ 6226 iwn_apm_stop(sc); 6227 } 6228 6229 static int 6230 iwn_init(struct ifnet *ifp) 6231 { 6232 struct iwn_softc *sc = ifp->if_softc; 6233 struct ieee80211com *ic = &sc->sc_ic; 6234 int error; 6235 6236 mutex_enter(&sc->sc_mtx); 6237 if (sc->sc_flags & IWN_FLAG_HW_INITED) 6238 goto out; 6239 if ((error = iwn_hw_prepare(sc)) != 0) { 6240 aprint_error_dev(sc->sc_dev, 6241 "hardware not ready\n"); 6242 goto fail; 6243 } 6244 6245 /* Check that the radio is not disabled by hardware switch. */ 6246 if (!(IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_RFKILL)) { 6247 aprint_error_dev(sc->sc_dev, 6248 "radio is disabled by hardware switch\n"); 6249 error = EPERM; /* :-) */ 6250 goto fail; 6251 } 6252 6253 /* Read firmware images from the filesystem. */ 6254 if ((error = iwn_read_firmware(sc)) != 0) { 6255 aprint_error_dev(sc->sc_dev, 6256 "could not read firmware\n"); 6257 goto fail; 6258 } 6259 6260 /* Initialize interrupt mask to default value. */ 6261 sc->int_mask = IWN_INT_MASK_DEF; 6262 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 6263 6264 /* Initialize hardware and upload firmware. */ 6265 KASSERT(sc->fw.data != NULL && sc->fw.size > 0); 6266 error = iwn_hw_init(sc); 6267 firmware_free(sc->fw.data, sc->fw.size); 6268 sc->fw.data = NULL; 6269 sc->fw.size = 0; 6270 if (error != 0) { 6271 aprint_error_dev(sc->sc_dev, 6272 "could not initialize hardware\n"); 6273 goto fail; 6274 } 6275 6276 /* Configure adapter now that it is ready. */ 6277 if ((error = iwn_config(sc)) != 0) { 6278 aprint_error_dev(sc->sc_dev, 6279 "could not configure device\n"); 6280 goto fail; 6281 } 6282 6283 ifp->if_flags &= ~IFF_OACTIVE; 6284 ifp->if_flags |= IFF_RUNNING; 6285 6286 if (ic->ic_opmode != IEEE80211_M_MONITOR) 6287 ieee80211_begin_scan(ic, 0); 6288 else 6289 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 6290 6291 sc->sc_flags |= IWN_FLAG_HW_INITED; 6292 out: 6293 mutex_exit(&sc->sc_mtx); 6294 return 0; 6295 6296 fail: mutex_exit(&sc->sc_mtx); 6297 iwn_stop(ifp, 1); 6298 return error; 6299 } 6300 6301 static void 6302 iwn_stop(struct ifnet *ifp, int disable) 6303 { 6304 struct iwn_softc *sc = ifp->if_softc; 6305 struct ieee80211com *ic = &sc->sc_ic; 6306 6307 if (!disable) 6308 mutex_enter(&sc->sc_mtx); 6309 sc->sc_flags &= ~IWN_FLAG_HW_INITED; 6310 ifp->if_timer = sc->sc_tx_timer = 0; 6311 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 6312 6313 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 6314 6315 /* Power OFF hardware. */ 6316 iwn_hw_stop(sc); 6317 6318 if (!disable) 6319 mutex_exit(&sc->sc_mtx); 6320 } 6321 6322 /* 6323 * XXX MCLGETI alternative 6324 * 6325 * With IWN_USE_RBUF defined it uses the rbuf cache for receive buffers 6326 * as long as there are available free buffers then it uses MEXTMALLOC., 6327 * Without IWN_USE_RBUF defined it uses MEXTMALLOC exclusively. 6328 * The MCLGET4K code is used for testing an alternative mbuf cache. 6329 */ 6330 6331 static struct mbuf * 6332 MCLGETIalt(struct iwn_softc *sc, int how, 6333 struct ifnet *ifp __unused, u_int size) 6334 { 6335 struct mbuf *m; 6336 #ifdef IWN_USE_RBUF 6337 struct iwn_rbuf *rbuf; 6338 #endif 6339 6340 MGETHDR(m, how, MT_DATA); 6341 if (m == NULL) 6342 return NULL; 6343 6344 #ifdef IWN_USE_RBUF 6345 if (sc->rxq.nb_free_entries > 0 && 6346 (rbuf = iwn_alloc_rbuf(sc)) != NULL) { 6347 /* Attach buffer to mbuf header. */ 6348 MEXTADD(m, rbuf->vaddr, size, 0, iwn_free_rbuf, rbuf); 6349 m->m_flags |= M_EXT_RW; 6350 } 6351 else { 6352 MEXTMALLOC(m, size, how); 6353 if ((m->m_flags & M_EXT) == 0) { 6354 m_freem(m); 6355 return NULL; 6356 } 6357 } 6358 6359 #else 6360 #ifdef MCLGET4K 6361 if (size == 4096) 6362 MCLGET4K(m, how); 6363 else 6364 panic("size must be 4k"); 6365 #else 6366 MEXTMALLOC(m, size, how); 6367 #endif 6368 if ((m->m_flags & M_EXT) == 0) { 6369 m_freem(m); 6370 return NULL; 6371 } 6372 #endif 6373 6374 return m; 6375 } 6376 6377 #ifdef IWN_USE_RBUF 6378 static struct iwn_rbuf * 6379 iwn_alloc_rbuf(struct iwn_softc *sc) 6380 { 6381 struct iwn_rbuf *rbuf; 6382 mutex_enter(&sc->rxq.freelist_mtx); 6383 6384 rbuf = SLIST_FIRST(&sc->rxq.freelist); 6385 if (rbuf != NULL) { 6386 SLIST_REMOVE_HEAD(&sc->rxq.freelist, next); 6387 sc->rxq.nb_free_entries --; 6388 } 6389 mutex_exit(&sc->rxq.freelist_mtx); 6390 return rbuf; 6391 } 6392 6393 /* 6394 * This is called automatically by the network stack when the mbuf to which 6395 * our RX buffer is attached is freed. 6396 */ 6397 static void 6398 iwn_free_rbuf(struct mbuf* m, void *buf, size_t size, void *arg) 6399 { 6400 struct iwn_rbuf *rbuf = arg; 6401 struct iwn_softc *sc = rbuf->sc; 6402 6403 /* Put the RX buffer back in the free list. */ 6404 mutex_enter(&sc->rxq.freelist_mtx); 6405 SLIST_INSERT_HEAD(&sc->rxq.freelist, rbuf, next); 6406 mutex_exit(&sc->rxq.freelist_mtx); 6407 6408 sc->rxq.nb_free_entries ++; 6409 if (__predict_true(m != NULL)) 6410 pool_cache_put(mb_cache, m); 6411 } 6412 6413 static int 6414 iwn_alloc_rpool(struct iwn_softc *sc) 6415 { 6416 struct iwn_rx_ring *ring = &sc->rxq; 6417 struct iwn_rbuf *rbuf; 6418 int i, error; 6419 6420 mutex_init(&ring->freelist_mtx, MUTEX_DEFAULT, IPL_NET); 6421 6422 /* Allocate a big chunk of DMA'able memory... */ 6423 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->buf_dma, NULL, 6424 IWN_RBUF_COUNT * IWN_RBUF_SIZE, PAGE_SIZE); 6425 if (error != 0) { 6426 aprint_error_dev(sc->sc_dev, 6427 "could not allocate RX buffers DMA memory\n"); 6428 return error; 6429 } 6430 /* ...and split it into chunks of IWN_RBUF_SIZE bytes. */ 6431 SLIST_INIT(&ring->freelist); 6432 for (i = 0; i < IWN_RBUF_COUNT; i++) { 6433 rbuf = &ring->rbuf[i]; 6434 6435 rbuf->sc = sc; /* Backpointer for callbacks. */ 6436 rbuf->vaddr = (void *)((vaddr_t)ring->buf_dma.vaddr + i * IWN_RBUF_SIZE); 6437 rbuf->paddr = ring->buf_dma.paddr + i * IWN_RBUF_SIZE; 6438 6439 SLIST_INSERT_HEAD(&ring->freelist, rbuf, next); 6440 } 6441 ring->nb_free_entries = IWN_RBUF_COUNT; 6442 return 0; 6443 } 6444 6445 static void 6446 iwn_free_rpool(struct iwn_softc *sc) 6447 { 6448 iwn_dma_contig_free(&sc->rxq.buf_dma); 6449 } 6450 #endif 6451 6452 /* 6453 * XXX: Hack to set the current channel to the value advertised in beacons or 6454 * probe responses. Only used during AP detection. 6455 * XXX: Duplicated from if_iwi.c 6456 */ 6457 static void 6458 iwn_fix_channel(struct ieee80211com *ic, struct mbuf *m, 6459 struct iwn_rx_stat *stat) 6460 { 6461 struct iwn_softc *sc = ic->ic_ifp->if_softc; 6462 struct ieee80211_frame *wh; 6463 uint8_t subtype; 6464 uint8_t *frm, *efrm; 6465 6466 wh = mtod(m, struct ieee80211_frame *); 6467 6468 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 6469 return; 6470 6471 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 6472 6473 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 6474 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 6475 return; 6476 6477 if (sc->sc_flags & IWN_FLAG_SCANNING_5GHZ) { 6478 int chan = le16toh(stat->chan); 6479 if (chan < __arraycount(ic->ic_channels)) 6480 ic->ic_curchan = &ic->ic_channels[chan]; 6481 return; 6482 } 6483 6484 frm = (uint8_t *)(wh + 1); 6485 efrm = mtod(m, uint8_t *) + m->m_len; 6486 6487 frm += 12; /* skip tstamp, bintval and capinfo fields */ 6488 while (frm < efrm) { 6489 if (*frm == IEEE80211_ELEMID_DSPARMS) 6490 #if IEEE80211_CHAN_MAX < 255 6491 if (frm[2] <= IEEE80211_CHAN_MAX) 6492 #endif 6493 ic->ic_curchan = &ic->ic_channels[frm[2]]; 6494 6495 frm += frm[1] + 2; 6496 } 6497 } 6498 6499 #ifdef notyetMODULE 6500 6501 MODULE(MODULE_CLASS_DRIVER, if_iwn, "pci"); 6502 6503 #ifdef _MODULE 6504 #include "ioconf.c" 6505 #endif 6506 6507 static int 6508 if_iwn_modcmd(modcmd_t cmd, void *data) 6509 { 6510 int error = 0; 6511 6512 switch (cmd) { 6513 case MODULE_CMD_INIT: 6514 #ifdef _MODULE 6515 error = config_init_component(cfdriver_ioconf_if_iwn, 6516 cfattach_ioconf_if_iwn, cfdata_ioconf_if_iwn); 6517 #endif 6518 return error; 6519 case MODULE_CMD_FINI: 6520 #ifdef _MODULE 6521 error = config_fini_component(cfdriver_ioconf_if_iwn, 6522 cfattach_ioconf_if_iwn, cfdata_ioconf_if_iwn); 6523 #endif 6524 return error; 6525 case MODULE_CMD_AUTOUNLOAD: 6526 #ifdef _MODULE 6527 /* XXX This is not optional! */ 6528 #endif 6529 return error; 6530 default: 6531 return ENOTTY; 6532 } 6533 } 6534 #endif 6535