1 /* $NetBSD: if_iwn.c,v 1.40 2010/04/16 01:40:41 christos Exp $ */ 2 /* $OpenBSD: if_iwn.c,v 1.88 2010/04/10 08:37:36 damien Exp $ */ 3 4 /*- 5 * Copyright (c) 2007-2010 Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /* 21 * Driver for Intel WiFi Link 4965 and 1000/5000/6000 Series 802.11 network 22 * adapters. 23 */ 24 #include <sys/cdefs.h> 25 __KERNEL_RCSID(0, "$NetBSD: if_iwn.c,v 1.40 2010/04/16 01:40:41 christos Exp $"); 26 27 #define IWN_USE_RBUF /* Use local storage for RX */ 28 #undef IWN_HWCRYPTO /* XXX does not even compile yet */ 29 30 /* XXX Avoid sensor code (correct option for NetBSD too?) */ 31 #undef SMALL_KERNEL 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/sysctl.h> 36 #include <sys/mbuf.h> 37 #include <sys/kernel.h> 38 #include <sys/socket.h> 39 #include <sys/systm.h> 40 #include <sys/malloc.h> 41 #include <sys/mutex.h> 42 #include <sys/conf.h> 43 #include <sys/kauth.h> 44 #include <sys/callout.h> 45 46 #include <dev/sysmon/sysmonvar.h> 47 48 #include <machine/bus.h> 49 #include <machine/endian.h> 50 #include <machine/intr.h> 51 52 #include <dev/pci/pcireg.h> 53 #include <dev/pci/pcivar.h> 54 #include <dev/pci/pcidevs.h> 55 56 #include <net/bpf.h> 57 #include <net/if.h> 58 #include <net/if_arp.h> 59 #include <net/if_dl.h> 60 #include <net/if_media.h> 61 #include <net/if_types.h> 62 63 #include <netinet/in.h> 64 #include <netinet/in_systm.h> 65 #include <netinet/in_var.h> 66 #include <net/if_ether.h> 67 #include <netinet/ip.h> 68 69 #include <net80211/ieee80211_var.h> 70 #include <net80211/ieee80211_amrr.h> 71 #include <net80211/ieee80211_radiotap.h> 72 73 #include <dev/firmload.h> 74 75 #include <dev/pci/if_iwnreg.h> 76 #include <dev/pci/if_iwnvar.h> 77 78 static const pci_product_id_t iwn_devices[] = { 79 /* XXX From old NetBSD iwn driver (used by pcidevs) */ 80 PCI_PRODUCT_INTEL_PRO_WL_4965AGN_1, 81 PCI_PRODUCT_INTEL_PRO_WL_4965AGN_2, 82 PCI_PRODUCT_INTEL_PRO_WL_5100AGN_1, 83 PCI_PRODUCT_INTEL_PRO_WL_5100AGN_2, 84 PCI_PRODUCT_INTEL_PRO_WL_5300AGN_1, 85 PCI_PRODUCT_INTEL_PRO_WL_5300AGN_2, 86 PCI_PRODUCT_INTEL_PRO_WL_5350AGN_1, 87 PCI_PRODUCT_INTEL_PRO_WL_5350AGN_2, 88 #if 0 89 /* XXX From new OpenBSD iwn driver (not in pcidevs) */ 90 PCI_PRODUCT_INTEL_WIFI_LINK_4965_1, 91 PCI_PRODUCT_INTEL_WIFI_LINK_4965_2, 92 PCI_PRODUCT_INTEL_WIFI_LINK_5100_1, 93 PCI_PRODUCT_INTEL_WIFI_LINK_5100_2, 94 PCI_PRODUCT_INTEL_WIFI_LINK_5150_1, 95 PCI_PRODUCT_INTEL_WIFI_LINK_5150_2, 96 PCI_PRODUCT_INTEL_WIFI_LINK_5300_1, 97 PCI_PRODUCT_INTEL_WIFI_LINK_5300_2, 98 PCI_PRODUCT_INTEL_WIFI_LINK_5350_1, 99 PCI_PRODUCT_INTEL_WIFI_LINK_5350_2, 100 PCI_PRODUCT_INTEL_WIFI_LINK_1000_1, 101 PCI_PRODUCT_INTEL_WIFI_LINK_1000_2, 102 PCI_PRODUCT_INTEL_WIFI_LINK_6000_3X3_1, 103 PCI_PRODUCT_INTEL_WIFI_LINK_6000_3X3_2, 104 PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_1, 105 PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_2, 106 PCI_PRODUCT_INTEL_WIFI_LINK_6050_2X2_1, 107 PCI_PRODUCT_INTEL_WIFI_LINK_6050_2X2_2, 108 PCI_PRODUCT_INTEL_WIFI_LINK_6005_2X2_1, 109 PCI_PRODUCT_INTEL_WIFI_LINK_6005_2X2_2, 110 #endif 111 }; 112 113 /* 114 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 115 */ 116 static const struct ieee80211_rateset iwn_rateset_11a = 117 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 118 119 static const struct ieee80211_rateset iwn_rateset_11b = 120 { 4, { 2, 4, 11, 22 } }; 121 122 static const struct ieee80211_rateset iwn_rateset_11g = 123 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 124 125 static int iwn_match(device_t , struct cfdata *, void *); 126 static void iwn_attach(device_t , device_t , void *); 127 const struct iwn_hal *iwn_hal_attach(struct iwn_softc *, pci_product_id_t pid); 128 #ifndef SMALL_KERNEL 129 static void iwn_sensor_attach(struct iwn_softc *); 130 #endif 131 static void iwn_radiotap_attach(struct iwn_softc *); 132 static int iwn_detach(device_t , int); 133 #if 0 134 static void iwn_power(int, void *); 135 #endif 136 static bool iwn_resume(device_t, const pmf_qual_t *); 137 static int iwn_nic_lock(struct iwn_softc *); 138 static int iwn_eeprom_lock(struct iwn_softc *); 139 static int iwn_init_otprom(struct iwn_softc *); 140 static int iwn_read_prom_data(struct iwn_softc *, uint32_t, void *, int); 141 static int iwn_dma_contig_alloc(bus_dma_tag_t, struct iwn_dma_info *, 142 void **, bus_size_t, bus_size_t); 143 static void iwn_dma_contig_free(struct iwn_dma_info *); 144 static int iwn_alloc_sched(struct iwn_softc *); 145 static void iwn_free_sched(struct iwn_softc *); 146 static int iwn_alloc_kw(struct iwn_softc *); 147 static void iwn_free_kw(struct iwn_softc *); 148 static int iwn_alloc_ict(struct iwn_softc *); 149 static void iwn_free_ict(struct iwn_softc *); 150 static int iwn_alloc_fwmem(struct iwn_softc *); 151 static void iwn_free_fwmem(struct iwn_softc *); 152 static int iwn_alloc_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 153 static void iwn_reset_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 154 static void iwn_free_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 155 static int iwn_alloc_tx_ring(struct iwn_softc *, struct iwn_tx_ring *, 156 int); 157 static void iwn_reset_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 158 static void iwn_free_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 159 static void iwn5000_ict_reset(struct iwn_softc *); 160 static int iwn_read_eeprom(struct iwn_softc *); 161 static void iwn4965_read_eeprom(struct iwn_softc *); 162 #ifdef IWN_DEBUG 163 static void iwn4965_print_power_group(struct iwn_softc *, int); 164 #endif 165 static void iwn5000_read_eeprom(struct iwn_softc *); 166 static void iwn_read_eeprom_channels(struct iwn_softc *, int, uint32_t); 167 static void iwn_read_eeprom_enhinfo(struct iwn_softc *); 168 static struct ieee80211_node *iwn_node_alloc(struct ieee80211_node_table *); 169 static void iwn_newassoc(struct ieee80211_node *, int); 170 static int iwn_media_change(struct ifnet *); 171 static int iwn_newstate(struct ieee80211com *, enum ieee80211_state, int); 172 static void iwn_iter_func(void *, struct ieee80211_node *); 173 static void iwn_calib_timeout(void *); 174 static void iwn_rx_phy(struct iwn_softc *, struct iwn_rx_desc *, 175 struct iwn_rx_data *); 176 static void iwn_rx_done(struct iwn_softc *, struct iwn_rx_desc *, 177 struct iwn_rx_data *); 178 #ifndef IEEE80211_NO_HT 179 static void iwn_rx_compressed_ba(struct iwn_softc *, struct iwn_rx_desc *, 180 struct iwn_rx_data *); 181 #endif 182 static void iwn5000_rx_calib_results(struct iwn_softc *, 183 struct iwn_rx_desc *, struct iwn_rx_data *); 184 static void iwn_rx_statistics(struct iwn_softc *, struct iwn_rx_desc *, 185 struct iwn_rx_data *); 186 static void iwn4965_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 187 struct iwn_rx_data *); 188 static void iwn5000_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 189 struct iwn_rx_data *); 190 static void iwn_tx_done(struct iwn_softc *, struct iwn_rx_desc *, int, 191 uint8_t); 192 static void iwn_cmd_done(struct iwn_softc *, struct iwn_rx_desc *); 193 static void iwn_notif_intr(struct iwn_softc *); 194 static void iwn_wakeup_intr(struct iwn_softc *); 195 static void iwn_fatal_intr(struct iwn_softc *); 196 static int iwn_intr(void *); 197 static void iwn4965_update_sched(struct iwn_softc *, int, int, uint8_t, 198 uint16_t); 199 static void iwn5000_update_sched(struct iwn_softc *, int, int, uint8_t, 200 uint16_t); 201 #ifdef notyet 202 static void iwn5000_reset_sched(struct iwn_softc *, int, int); 203 #endif 204 static int iwn_tx(struct iwn_softc *, struct mbuf *, 205 struct ieee80211_node *, int); 206 static void iwn_start(struct ifnet *); 207 static void iwn_watchdog(struct ifnet *); 208 static int iwn_ioctl(struct ifnet *, u_long, void *); 209 static int iwn_cmd(struct iwn_softc *, int, const void *, int, int); 210 static int iwn4965_add_node(struct iwn_softc *, struct iwn_node_info *, 211 int); 212 static int iwn5000_add_node(struct iwn_softc *, struct iwn_node_info *, 213 int); 214 static int iwn_set_link_quality(struct iwn_softc *, 215 struct ieee80211_node *); 216 static int iwn_add_broadcast_node(struct iwn_softc *, int); 217 static void iwn_set_led(struct iwn_softc *, uint8_t, uint8_t, uint8_t); 218 static int iwn_set_critical_temp(struct iwn_softc *); 219 static int iwn_set_timing(struct iwn_softc *, struct ieee80211_node *); 220 static void iwn4965_power_calibration(struct iwn_softc *, int); 221 static int iwn4965_set_txpower(struct iwn_softc *, int); 222 static int iwn5000_set_txpower(struct iwn_softc *, int); 223 static int iwn4965_get_rssi(const struct iwn_rx_stat *); 224 static int iwn5000_get_rssi(const struct iwn_rx_stat *); 225 static int iwn_get_noise(const struct iwn_rx_general_stats *); 226 static int iwn4965_get_temperature(struct iwn_softc *); 227 static int iwn5000_get_temperature(struct iwn_softc *); 228 static int iwn_init_sensitivity(struct iwn_softc *); 229 static void iwn_collect_noise(struct iwn_softc *, 230 const struct iwn_rx_general_stats *); 231 static int iwn4965_init_gains(struct iwn_softc *); 232 static int iwn5000_init_gains(struct iwn_softc *); 233 static int iwn4965_set_gains(struct iwn_softc *); 234 static int iwn5000_set_gains(struct iwn_softc *); 235 static void iwn_tune_sensitivity(struct iwn_softc *, 236 const struct iwn_rx_stats *); 237 static int iwn_send_sensitivity(struct iwn_softc *); 238 static int iwn_set_pslevel(struct iwn_softc *, int, int, int); 239 static int iwn_config(struct iwn_softc *); 240 static int iwn_scan(struct iwn_softc *, uint16_t); 241 static int iwn_auth(struct iwn_softc *); 242 static int iwn_run(struct iwn_softc *); 243 #ifdef IWN_HWCRYPTO 244 static int iwn_set_key(struct ieee80211com *, struct ieee80211_node *, 245 struct ieee80211_key *); 246 static void iwn_delete_key(struct ieee80211com *, struct ieee80211_node *, 247 struct ieee80211_key *); 248 #endif 249 static int iwn_wme_update(struct ieee80211com *); 250 #ifndef IEEE80211_NO_HT 251 static int iwn_ampdu_rx_start(struct ieee80211com *, 252 struct ieee80211_node *, uint8_t); 253 static void iwn_ampdu_rx_stop(struct ieee80211com *, 254 struct ieee80211_node *, uint8_t); 255 static int iwn_ampdu_tx_start(struct ieee80211com *, 256 struct ieee80211_node *, uint8_t); 257 static void iwn_ampdu_tx_stop(struct ieee80211com *, 258 struct ieee80211_node *, uint8_t); 259 static void iwn4965_ampdu_tx_start(struct iwn_softc *, 260 struct ieee80211_node *, uint8_t, uint16_t); 261 static void iwn4965_ampdu_tx_stop(struct iwn_softc *, 262 uint8_t, uint16_t); 263 static void iwn5000_ampdu_tx_start(struct iwn_softc *, 264 struct ieee80211_node *, uint8_t, uint16_t); 265 static void iwn5000_ampdu_tx_stop(struct iwn_softc *, 266 uint8_t, uint16_t); 267 #endif 268 static int iwn5000_query_calibration(struct iwn_softc *); 269 static int iwn5000_send_calibration(struct iwn_softc *); 270 static int iwn5000_send_wimax_coex(struct iwn_softc *); 271 static int iwn4965_post_alive(struct iwn_softc *); 272 static int iwn5000_post_alive(struct iwn_softc *); 273 static int iwn4965_load_bootcode(struct iwn_softc *, const uint8_t *, 274 int); 275 static int iwn4965_load_firmware(struct iwn_softc *); 276 static int iwn5000_load_firmware_section(struct iwn_softc *, uint32_t, 277 const uint8_t *, int); 278 static int iwn5000_load_firmware(struct iwn_softc *); 279 static int iwn_read_firmware(struct iwn_softc *); 280 static int iwn_clock_wait(struct iwn_softc *); 281 static int iwn_apm_init(struct iwn_softc *); 282 static void iwn_apm_stop_master(struct iwn_softc *); 283 static void iwn_apm_stop(struct iwn_softc *); 284 static int iwn4965_nic_config(struct iwn_softc *); 285 static int iwn5000_nic_config(struct iwn_softc *); 286 static int iwn_hw_prepare(struct iwn_softc *); 287 static int iwn_hw_init(struct iwn_softc *); 288 static void iwn_hw_stop(struct iwn_softc *); 289 static int iwn_init(struct ifnet *); 290 static void iwn_stop(struct ifnet *, int); 291 292 /* XXX MCLGETI alternative */ 293 static struct mbuf *MCLGETIalt(struct iwn_softc *, int, 294 struct ifnet *, u_int); 295 #ifdef IWN_USE_RBUF 296 static struct iwn_rbuf *iwn_alloc_rbuf(struct iwn_softc *); 297 static void iwn_free_rbuf(struct mbuf *, void *, size_t, void *); 298 static int iwn_alloc_rpool(struct iwn_softc *); 299 static void iwn_free_rpool(struct iwn_softc *); 300 #endif 301 302 /* XXX needed by iwn_scan */ 303 static u_int8_t *ieee80211_add_ssid(u_int8_t *, const u_int8_t *, u_int); 304 static u_int8_t *ieee80211_add_rates(u_int8_t *, 305 const struct ieee80211_rateset *); 306 static u_int8_t *ieee80211_add_xrates(u_int8_t *, 307 const struct ieee80211_rateset *); 308 309 static void iwn_fix_channel(struct ieee80211com *, struct mbuf *); 310 311 #ifdef IWN_DEBUG 312 #define DPRINTF(x) do { if (iwn_debug > 0) printf x; } while (0) 313 #define DPRINTFN(n, x) do { if (iwn_debug >= (n)) printf x; } while (0) 314 int iwn_debug = 0; 315 #else 316 #define DPRINTF(x) 317 #define DPRINTFN(n, x) 318 #endif 319 320 static const struct iwn_hal iwn4965_hal = { 321 iwn4965_load_firmware, 322 iwn4965_read_eeprom, 323 iwn4965_post_alive, 324 iwn4965_nic_config, 325 iwn4965_update_sched, 326 iwn4965_get_temperature, 327 iwn4965_get_rssi, 328 iwn4965_set_txpower, 329 iwn4965_init_gains, 330 iwn4965_set_gains, 331 iwn4965_add_node, 332 iwn4965_tx_done, 333 #ifndef IEEE80211_NO_HT 334 iwn4965_ampdu_tx_start, 335 iwn4965_ampdu_tx_stop, 336 #endif 337 IWN4965_NTXQUEUES, 338 IWN4965_NDMACHNLS, 339 IWN4965_ID_BROADCAST, 340 IWN4965_RXONSZ, 341 IWN4965_SCHEDSZ, 342 IWN4965_FW_TEXT_MAXSZ, 343 IWN4965_FW_DATA_MAXSZ, 344 IWN4965_FWSZ, 345 IWN4965_SCHED_TXFACT 346 }; 347 348 static const struct iwn_hal iwn5000_hal = { 349 iwn5000_load_firmware, 350 iwn5000_read_eeprom, 351 iwn5000_post_alive, 352 iwn5000_nic_config, 353 iwn5000_update_sched, 354 iwn5000_get_temperature, 355 iwn5000_get_rssi, 356 iwn5000_set_txpower, 357 iwn5000_init_gains, 358 iwn5000_set_gains, 359 iwn5000_add_node, 360 iwn5000_tx_done, 361 #ifndef IEEE80211_NO_HT 362 iwn5000_ampdu_tx_start, 363 iwn5000_ampdu_tx_stop, 364 #endif 365 IWN5000_NTXQUEUES, 366 IWN5000_NDMACHNLS, 367 IWN5000_ID_BROADCAST, 368 IWN5000_RXONSZ, 369 IWN5000_SCHEDSZ, 370 IWN5000_FW_TEXT_MAXSZ, 371 IWN5000_FW_DATA_MAXSZ, 372 IWN5000_FWSZ, 373 IWN5000_SCHED_TXFACT 374 }; 375 376 CFATTACH_DECL_NEW(iwn, sizeof(struct iwn_softc), iwn_match, iwn_attach, 377 iwn_detach, NULL); 378 379 static int 380 iwn_match(device_t parent, cfdata_t match __unused, void *aux) 381 { 382 struct pci_attach_args *pa = aux; 383 size_t i; 384 385 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 386 return 0; 387 388 for (i = 0; i < __arraycount(iwn_devices); i++) 389 if (PCI_PRODUCT(pa->pa_id) == iwn_devices[i]) 390 return 1; 391 392 return 0; 393 } 394 395 static void 396 iwn_attach(device_t parent __unused, device_t self, void *aux) 397 { 398 struct iwn_softc *sc = device_private(self); 399 struct ieee80211com *ic = &sc->sc_ic; 400 struct ifnet *ifp = &sc->sc_ec.ec_if; 401 struct pci_attach_args *pa = aux; 402 const struct iwn_hal *hal; 403 const char *intrstr; 404 char devinfo[256]; 405 pci_intr_handle_t ih; 406 pcireg_t memtype, reg; 407 int i, error; 408 int revision; 409 410 sc->sc_dev = self; 411 sc->sc_pct = pa->pa_pc; 412 sc->sc_pcitag = pa->pa_tag; 413 sc->sc_dmat = pa->pa_dmat; 414 415 callout_init(&sc->calib_to, 0); 416 callout_setfunc(&sc->calib_to, iwn_calib_timeout, sc); 417 418 pci_devinfo(pa->pa_id, pa->pa_class, 0, devinfo, sizeof devinfo); 419 revision = PCI_REVISION(pa->pa_class); 420 aprint_normal(": %s (rev. 0x%02x)\n", devinfo, revision); 421 422 /* 423 * Get the offset of the PCI Express Capability Structure in PCI 424 * Configuration Space. 425 */ 426 error = pci_get_capability(sc->sc_pct, sc->sc_pcitag, 427 PCI_CAP_PCIEXPRESS, &sc->sc_cap_off, NULL); 428 if (error == 0) { 429 aprint_error(": PCIe capability structure not found!\n"); 430 return; 431 } 432 433 /* Clear device-specific "PCI retry timeout" register (41h). */ 434 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 435 reg &= ~0xff00; 436 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, reg); 437 438 /* Enable bus-mastering and hardware bug workaround. */ 439 /* XXX verify the bus-mastering is really needed (not in OpenBSD) */ 440 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 441 reg |= PCI_COMMAND_MASTER_ENABLE; 442 if (reg & PCI_COMMAND_INTERRUPT_DISABLE) { 443 DPRINTF(("PCIe INTx Disable set\n")); 444 reg &= ~PCI_COMMAND_INTERRUPT_DISABLE; 445 } 446 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, reg); 447 448 memtype = pci_mapreg_type(pa->pa_pc, pa->pa_tag, IWN_PCI_BAR0); 449 error = pci_mapreg_map(pa, IWN_PCI_BAR0, memtype, 0, &sc->sc_st, 450 &sc->sc_sh, NULL, &sc->sc_sz); 451 if (error != 0) { 452 aprint_error(": can't map mem space\n"); 453 return; 454 } 455 456 /* Install interrupt handler. */ 457 if (pci_intr_map(pa, &ih) != 0) { 458 aprint_error(": can't map interrupt\n"); 459 return; 460 } 461 intrstr = pci_intr_string(sc->sc_pct, ih); 462 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, iwn_intr, sc); 463 if (sc->sc_ih == NULL) { 464 aprint_error(": can't establish interrupt"); 465 if (intrstr != NULL) 466 aprint_error(" at %s", intrstr); 467 aprint_error("\n"); 468 return; 469 } 470 aprint_normal_dev(self, "interrupting at %s\n", intrstr); 471 472 /* Attach Hardware Abstraction Layer. */ 473 hal = iwn_hal_attach(sc, PCI_PRODUCT(pa->pa_id)); 474 if (hal == NULL) 475 return; 476 477 if ((error = iwn_hw_prepare(sc)) != 0) { 478 aprint_error(": hardware not ready\n"); 479 return; 480 } 481 482 /* Read MAC address, channels, etc from EEPROM. */ 483 if ((error = iwn_read_eeprom(sc)) != 0) { 484 aprint_error(": could not read EEPROM\n"); 485 return; 486 } 487 488 /* Allocate DMA memory for firmware transfers. */ 489 if ((error = iwn_alloc_fwmem(sc)) != 0) { 490 aprint_error(": could not allocate memory for firmware\n"); 491 return; 492 } 493 494 /* Allocate "Keep Warm" page. */ 495 if ((error = iwn_alloc_kw(sc)) != 0) { 496 aprint_error(": could not allocate keep warm page\n"); 497 goto fail1; 498 } 499 500 /* Allocate ICT table for 5000 Series. */ 501 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 502 (error = iwn_alloc_ict(sc)) != 0) { 503 aprint_error(": could not allocate ICT table\n"); 504 goto fail2; 505 } 506 507 /* Allocate TX scheduler "rings". */ 508 if ((error = iwn_alloc_sched(sc)) != 0) { 509 aprint_error(": could not allocate TX scheduler rings\n"); 510 goto fail3; 511 } 512 513 #ifdef IWN_USE_RBUF 514 /* Allocate RX buffers. */ 515 if ((error = iwn_alloc_rpool(sc)) != 0) { 516 aprint_error_dev(self, "could not allocate RX buffers\n"); 517 goto fail3; 518 } 519 #endif 520 521 /* Allocate TX rings (16 on 4965AGN, 20 on 5000.) */ 522 for (i = 0; i < hal->ntxqs; i++) { 523 if ((error = iwn_alloc_tx_ring(sc, &sc->txq[i], i)) != 0) { 524 aprint_error(": could not allocate TX ring %d\n", i); 525 goto fail4; 526 } 527 } 528 529 /* Allocate RX ring. */ 530 if ((error = iwn_alloc_rx_ring(sc, &sc->rxq)) != 0) { 531 aprint_error(": could not allocate RX ring\n"); 532 goto fail4; 533 } 534 535 /* Clear pending interrupts. */ 536 IWN_WRITE(sc, IWN_INT, 0xffffffff); 537 538 /* Count the number of available chains. */ 539 sc->ntxchains = 540 ((sc->txchainmask >> 2) & 1) + 541 ((sc->txchainmask >> 1) & 1) + 542 ((sc->txchainmask >> 0) & 1); 543 sc->nrxchains = 544 ((sc->rxchainmask >> 2) & 1) + 545 ((sc->rxchainmask >> 1) & 1) + 546 ((sc->rxchainmask >> 0) & 1); 547 aprint_normal_dev(self, "MIMO %dT%dR, %.4s, address %s\n", 548 sc->ntxchains, sc->nrxchains, sc->eeprom_domain, 549 ether_sprintf(ic->ic_myaddr)); 550 551 ic->ic_ifp = ifp; 552 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 553 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 554 ic->ic_state = IEEE80211_S_INIT; 555 556 /* Set device capabilities. */ 557 /* XXX OpenBSD has IEEE80211_C_WEP, IEEE80211_C_RSN, 558 * and IEEE80211_C_PMGT too. */ 559 ic->ic_caps = 560 IEEE80211_C_IBSS | /* IBSS mode support */ 561 IEEE80211_C_WPA | /* 802.11i */ 562 IEEE80211_C_MONITOR | /* monitor mode supported */ 563 IEEE80211_C_TXPMGT | /* tx power management */ 564 IEEE80211_C_SHSLOT | /* short slot time supported */ 565 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 566 IEEE80211_C_WME; /* 802.11e */ 567 568 #ifndef IEEE80211_NO_HT 569 /* Set HT capabilities. */ 570 ic->ic_htcaps = 571 #if IWN_RBUF_SIZE == 8192 572 IEEE80211_HTCAP_AMSDU7935 | 573 #endif 574 IEEE80211_HTCAP_CBW20_40 | 575 IEEE80211_HTCAP_SGI20 | 576 IEEE80211_HTCAP_SGI40; 577 if (sc->hw_type != IWN_HW_REV_TYPE_4965) 578 ic->ic_htcaps |= IEEE80211_HTCAP_GF; 579 if (sc->hw_type == IWN_HW_REV_TYPE_6050) 580 ic->ic_htcaps |= IEEE80211_HTCAP_SMPS_DYN; 581 else 582 ic->ic_htcaps |= IEEE80211_HTCAP_SMPS_DIS; 583 #endif /* !IEEE80211_NO_HT */ 584 585 /* Set supported legacy rates. */ 586 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwn_rateset_11b; 587 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwn_rateset_11g; 588 if (sc->sc_flags & IWN_FLAG_HAS_5GHZ) { 589 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwn_rateset_11a; 590 } 591 #ifndef IEEE80211_NO_HT 592 /* Set supported HT rates. */ 593 ic->ic_sup_mcs[0] = 0xff; 594 if (sc->nrxchains > 1) /* MCS 0-7 */ 595 ic->ic_sup_mcs[1] = 0xff; /* MCS 7-15 */ 596 if (sc->nrxchains > 2) 597 ic->ic_sup_mcs[2] = 0xff; /* MCS 16-23 */ 598 #endif 599 600 /* IBSS channel undefined for now. */ 601 ic->ic_ibss_chan = &ic->ic_channels[0]; 602 603 ifp->if_softc = sc; 604 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 605 ifp->if_init = iwn_init; 606 ifp->if_ioctl = iwn_ioctl; 607 ifp->if_start = iwn_start; 608 ifp->if_watchdog = iwn_watchdog; 609 IFQ_SET_READY(&ifp->if_snd); 610 memcpy(ifp->if_xname, device_xname(self), IFNAMSIZ); 611 612 if_attach(ifp); 613 ieee80211_ifattach(ic); 614 ic->ic_node_alloc = iwn_node_alloc; 615 ic->ic_newassoc = iwn_newassoc; 616 #ifdef IWN_HWCRYPTO 617 ic->ic_crypto.cs_key_set = iwn_set_key; 618 ic->ic_crypto.cs_key_delete = iwn_delete_key; 619 #endif 620 ic->ic_wme.wme_update = iwn_wme_update; 621 #ifndef IEEE80211_NO_HT 622 ic->ic_ampdu_rx_start = iwn_ampdu_rx_start; 623 ic->ic_ampdu_rx_stop = iwn_ampdu_rx_stop; 624 ic->ic_ampdu_tx_start = iwn_ampdu_tx_start; 625 ic->ic_ampdu_tx_stop = iwn_ampdu_tx_stop; 626 #endif 627 628 /* Override 802.11 state transition machine. */ 629 sc->sc_newstate = ic->ic_newstate; 630 ic->ic_newstate = iwn_newstate; 631 ieee80211_media_init(ic, iwn_media_change, ieee80211_media_status); 632 633 sc->amrr.amrr_min_success_threshold = 1; 634 sc->amrr.amrr_max_success_threshold = 15; 635 636 #ifndef SMALL_KERNEL 637 iwn_sensor_attach(sc); 638 #endif 639 iwn_radiotap_attach(sc); 640 641 /* timeout_set replaced by callout_init and callout_setfunc, above. */ 642 643 if (pmf_device_register(self, NULL, iwn_resume)) 644 pmf_class_network_register(self, ifp); 645 else 646 aprint_error_dev(self, "couldn't establish power handler\n"); 647 648 ieee80211_announce(ic); 649 650 return; 651 652 /* Free allocated memory if something failed during attachment. */ 653 fail4: while (--i >= 0) 654 iwn_free_tx_ring(sc, &sc->txq[i]); 655 #ifdef IWN_USE_RBUF 656 iwn_free_rpool(sc); 657 #endif 658 iwn_free_sched(sc); 659 fail3: if (sc->ict != NULL) 660 iwn_free_ict(sc); 661 fail2: iwn_free_kw(sc); 662 fail1: iwn_free_fwmem(sc); 663 } 664 665 const struct iwn_hal * 666 iwn_hal_attach(struct iwn_softc *sc, pci_product_id_t pid) 667 { 668 sc->hw_type = (IWN_READ(sc, IWN_HW_REV) >> 4) & 0xf; 669 670 switch (sc->hw_type) { 671 case IWN_HW_REV_TYPE_4965: 672 sc->sc_hal = &iwn4965_hal; 673 sc->limits = &iwn4965_sensitivity_limits; 674 sc->fwname = "iwlwifi-4965-2.ucode"; 675 sc->txchainmask = IWN_ANT_AB; 676 sc->rxchainmask = IWN_ANT_ABC; 677 break; 678 case IWN_HW_REV_TYPE_5100: 679 sc->sc_hal = &iwn5000_hal; 680 sc->limits = &iwn5000_sensitivity_limits; 681 sc->fwname = "iwlwifi-5000-2.ucode"; 682 sc->txchainmask = IWN_ANT_B; 683 sc->rxchainmask = IWN_ANT_AB; 684 break; 685 case IWN_HW_REV_TYPE_5150: 686 sc->sc_hal = &iwn5000_hal; 687 sc->limits = &iwn5150_sensitivity_limits; 688 sc->fwname = "iwlwifi-5150-2.ucode"; 689 sc->txchainmask = IWN_ANT_A; 690 sc->rxchainmask = IWN_ANT_AB; 691 break; 692 case IWN_HW_REV_TYPE_5300: 693 case IWN_HW_REV_TYPE_5350: 694 sc->sc_hal = &iwn5000_hal; 695 sc->limits = &iwn5000_sensitivity_limits; 696 sc->fwname = "iwlwifi-5000-2.ucode"; 697 sc->txchainmask = IWN_ANT_ABC; 698 sc->rxchainmask = IWN_ANT_ABC; 699 break; 700 case IWN_HW_REV_TYPE_1000: 701 sc->sc_hal = &iwn5000_hal; 702 sc->limits = &iwn1000_sensitivity_limits; 703 sc->fwname = "iwlwifi-1000-3.ucode"; 704 sc->txchainmask = IWN_ANT_A; 705 sc->rxchainmask = IWN_ANT_AB; 706 break; 707 case IWN_HW_REV_TYPE_6000: 708 sc->sc_hal = &iwn5000_hal; 709 sc->limits = &iwn6000_sensitivity_limits; 710 sc->fwname = "iwlwifi-6000-4.ucode"; 711 switch (pid) { 712 /* XXX not yet defined for NetBSD (not in pcidevs) */ 713 #ifdef PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_1 714 case PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_1: 715 case PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_2: 716 sc->sc_flags |= IWN_FLAG_INTERNAL_PA; 717 sc->txchainmask = IWN_ANT_BC; 718 sc->rxchainmask = IWN_ANT_BC; 719 break; 720 #endif 721 default: 722 sc->txchainmask = IWN_ANT_ABC; 723 sc->rxchainmask = IWN_ANT_ABC; 724 break; 725 } 726 break; 727 case IWN_HW_REV_TYPE_6050: 728 sc->sc_hal = &iwn5000_hal; 729 sc->limits = &iwn6000_sensitivity_limits; 730 sc->fwname = "iwlwifi-6050-2.ucode"; 731 sc->txchainmask = IWN_ANT_AB; 732 sc->rxchainmask = IWN_ANT_AB; 733 break; 734 case IWN_HW_REV_TYPE_6005: 735 sc->sc_hal = &iwn5000_hal; 736 sc->limits = &iwn6000_sensitivity_limits; 737 sc->fwname = "iwlwifi-6005-2.ucode"; 738 sc->txchainmask = IWN_ANT_AB; 739 sc->rxchainmask = IWN_ANT_AB; 740 break; 741 default: 742 aprint_normal(": adapter type %d not supported\n", sc->hw_type); 743 return NULL; 744 } 745 return sc->sc_hal; 746 } 747 748 #ifndef SMALL_KERNEL 749 /* 750 * Attach the adapter on-board thermal sensor to the sensors framework. 751 */ 752 static void 753 iwn_sensor_attach(struct iwn_softc *sc) 754 { 755 int error; 756 757 sc->sc_sensor.units = ENVSYS_STEMP; 758 #if 0 759 /* XXX something like this ought to work */ 760 sc->sc_sensor.flags = ENVSYS_FMONLIMITS | ENVSYS_FMONNOTSUPP; 761 sc->sc_sensor.limits.sel_critmax = IWN_CTOK(110); 762 #endif 763 strlcpy((sc->sc_sensor.desc), "TEMP", sizeof(sc->sc_sensor.desc)); 764 765 /* Temperature is not valid unless interface is up. */ 766 sc->sc_sensor.value_cur = 0; 767 sc->sc_sensor.state = ENVSYS_SINVALID; 768 769 sc->sc_sme = sysmon_envsys_create(); 770 771 /* Initialize sensor */ 772 if (sysmon_envsys_sensor_attach(sc->sc_sme, &sc->sc_sensor)) { 773 sysmon_envsys_destroy(sc->sc_sme); 774 return; 775 } 776 777 /* 778 * Hook into the System Monitor. 779 */ 780 sc->sc_sme->sme_name = device_xname(sc->sc_dev); 781 sc->sc_sme->sme_flags = SME_DISABLE_REFRESH; 782 783 if ((error = sysmon_envsys_register(sc->sc_sme)) != 0) { 784 aprint_error_dev(sc->sc_dev, 785 "unable to register with sysmon (%d)\n", error); 786 sysmon_envsys_destroy(sc->sc_sme); 787 return; 788 } 789 } 790 #endif 791 792 /* 793 * Attach the interface to 802.11 radiotap. 794 */ 795 static void 796 iwn_radiotap_attach(struct iwn_softc *sc) 797 { 798 struct ifnet *ifp = sc->sc_ic.ic_ifp; 799 800 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 801 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 802 &sc->sc_drvbpf); 803 804 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 805 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 806 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWN_RX_RADIOTAP_PRESENT); 807 808 sc->sc_txtap_len = sizeof sc->sc_txtapu; 809 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 810 sc->sc_txtap.wt_ihdr.it_present = htole32(IWN_TX_RADIOTAP_PRESENT); 811 } 812 813 static int 814 iwn_detach(device_t self, int flags __unused) 815 { 816 struct iwn_softc *sc = device_private(self); 817 struct ifnet *ifp = sc->sc_ic.ic_ifp; 818 int qid; 819 820 callout_stop(&sc->calib_to); 821 822 /* Uninstall interrupt handler. */ 823 if (sc->sc_ih != NULL) 824 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 825 826 /* Free DMA resources. */ 827 iwn_free_rx_ring(sc, &sc->rxq); 828 for (qid = 0; qid < sc->sc_hal->ntxqs; qid++) 829 iwn_free_tx_ring(sc, &sc->txq[qid]); 830 #ifdef IWN_USE_RBUF 831 iwn_free_rpool(sc); 832 #endif 833 iwn_free_sched(sc); 834 iwn_free_kw(sc); 835 if (sc->ict != NULL) 836 iwn_free_ict(sc); 837 iwn_free_fwmem(sc); 838 839 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 840 841 #ifndef SMALL_KERNEL 842 /* Detach the thermal sensor. */ 843 sysmon_envsys_sensor_detach(sc->sc_sme, &sc->sc_sensor); 844 sysmon_envsys_destroy(sc->sc_sme); 845 #endif 846 847 /* XXX verify that this is needed */ 848 if (ifp != NULL) 849 bpf_detach(ifp); 850 851 ieee80211_ifdetach(&sc->sc_ic); 852 if_detach(ifp); 853 854 return 0; 855 } 856 857 #if 0 858 /* 859 * XXX Investigate if clearing the PCI retry timeout could eliminate 860 * the repeated scan calls. Also the calls to if_init and if_start 861 * are similar to the effect of adding the call to ifioctl_common . 862 */ 863 static void 864 iwn_power(int why, void *arg) 865 { 866 struct iwn_softc *sc = arg; 867 struct ifnet *ifp; 868 pcireg_t reg; 869 int s; 870 871 if (why != PWR_RESUME) 872 return; 873 874 /* Clear device-specific "PCI retry timeout" register (41h). */ 875 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 876 reg &= ~0xff00; 877 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, reg); 878 879 s = splnet(); 880 ifp = &sc->sc_ic.ic_if; 881 if (ifp->if_flags & IFF_UP) { 882 ifp->if_init(ifp); 883 if (ifp->if_flags & IFF_RUNNING) 884 ifp->if_start(ifp); 885 } 886 splx(s); 887 } 888 #endif 889 890 static bool 891 iwn_resume(device_t dv, const pmf_qual_t *qual) 892 { 893 return true; 894 } 895 896 static int 897 iwn_nic_lock(struct iwn_softc *sc) 898 { 899 int ntries; 900 901 /* Request exclusive access to NIC. */ 902 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 903 904 /* Spin until we actually get the lock. */ 905 for (ntries = 0; ntries < 1000; ntries++) { 906 if ((IWN_READ(sc, IWN_GP_CNTRL) & 907 (IWN_GP_CNTRL_MAC_ACCESS_ENA | IWN_GP_CNTRL_SLEEP)) == 908 IWN_GP_CNTRL_MAC_ACCESS_ENA) 909 return 0; 910 DELAY(10); 911 } 912 return ETIMEDOUT; 913 } 914 915 static __inline void 916 iwn_nic_unlock(struct iwn_softc *sc) 917 { 918 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 919 } 920 921 static __inline uint32_t 922 iwn_prph_read(struct iwn_softc *sc, uint32_t addr) 923 { 924 IWN_WRITE(sc, IWN_PRPH_RADDR, IWN_PRPH_DWORD | addr); 925 IWN_BARRIER_READ_WRITE(sc); 926 return IWN_READ(sc, IWN_PRPH_RDATA); 927 } 928 929 static __inline void 930 iwn_prph_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 931 { 932 IWN_WRITE(sc, IWN_PRPH_WADDR, IWN_PRPH_DWORD | addr); 933 IWN_BARRIER_WRITE(sc); 934 IWN_WRITE(sc, IWN_PRPH_WDATA, data); 935 } 936 937 static __inline void 938 iwn_prph_setbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 939 { 940 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) | mask); 941 } 942 943 static __inline void 944 iwn_prph_clrbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 945 { 946 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) & ~mask); 947 } 948 949 static __inline void 950 iwn_prph_write_region_4(struct iwn_softc *sc, uint32_t addr, 951 const uint32_t *data, int count) 952 { 953 for (; count > 0; count--, data++, addr += 4) 954 iwn_prph_write(sc, addr, *data); 955 } 956 957 static __inline uint32_t 958 iwn_mem_read(struct iwn_softc *sc, uint32_t addr) 959 { 960 IWN_WRITE(sc, IWN_MEM_RADDR, addr); 961 IWN_BARRIER_READ_WRITE(sc); 962 return IWN_READ(sc, IWN_MEM_RDATA); 963 } 964 965 static __inline void 966 iwn_mem_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 967 { 968 IWN_WRITE(sc, IWN_MEM_WADDR, addr); 969 IWN_BARRIER_WRITE(sc); 970 IWN_WRITE(sc, IWN_MEM_WDATA, data); 971 } 972 973 static __inline void 974 iwn_mem_write_2(struct iwn_softc *sc, uint32_t addr, uint16_t data) 975 { 976 uint32_t tmp; 977 978 tmp = iwn_mem_read(sc, addr & ~3); 979 if (addr & 3) 980 tmp = (tmp & 0x0000ffff) | data << 16; 981 else 982 tmp = (tmp & 0xffff0000) | data; 983 iwn_mem_write(sc, addr & ~3, tmp); 984 } 985 986 static __inline void 987 iwn_mem_read_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t *data, 988 int count) 989 { 990 for (; count > 0; count--, addr += 4) 991 *data++ = iwn_mem_read(sc, addr); 992 } 993 994 static __inline void 995 iwn_mem_set_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t val, 996 int count) 997 { 998 for (; count > 0; count--, addr += 4) 999 iwn_mem_write(sc, addr, val); 1000 } 1001 1002 static int 1003 iwn_eeprom_lock(struct iwn_softc *sc) 1004 { 1005 int i, ntries; 1006 1007 for (i = 0; i < 100; i++) { 1008 /* Request exclusive access to EEPROM. */ 1009 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 1010 IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1011 1012 /* Spin until we actually get the lock. */ 1013 for (ntries = 0; ntries < 100; ntries++) { 1014 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 1015 IWN_HW_IF_CONFIG_EEPROM_LOCKED) 1016 return 0; 1017 DELAY(10); 1018 } 1019 } 1020 return ETIMEDOUT; 1021 } 1022 1023 static __inline void 1024 iwn_eeprom_unlock(struct iwn_softc *sc) 1025 { 1026 IWN_CLRBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1027 } 1028 1029 /* 1030 * Initialize access by host to One Time Programmable ROM. 1031 * NB: This kind of ROM can be found on 1000 or 6000 Series only. 1032 */ 1033 static int 1034 iwn_init_otprom(struct iwn_softc *sc) 1035 { 1036 uint16_t prev = 0, base, next; 1037 int count, error; 1038 1039 /* Wait for clock stabilization before accessing prph. */ 1040 if ((error = iwn_clock_wait(sc)) != 0) 1041 return error; 1042 1043 if ((error = iwn_nic_lock(sc)) != 0) 1044 return error; 1045 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1046 DELAY(5); 1047 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1048 iwn_nic_unlock(sc); 1049 1050 /* Set auto clock gate disable bit for HW with OTP shadow RAM. */ 1051 if (sc->hw_type != IWN_HW_REV_TYPE_1000) { 1052 IWN_SETBITS(sc, IWN_DBG_LINK_PWR_MGMT, 1053 IWN_RESET_LINK_PWR_MGMT_DIS); 1054 } 1055 IWN_CLRBITS(sc, IWN_EEPROM_GP, IWN_EEPROM_GP_IF_OWNER); 1056 /* Clear ECC status. */ 1057 IWN_SETBITS(sc, IWN_OTP_GP, 1058 IWN_OTP_GP_ECC_CORR_STTS | IWN_OTP_GP_ECC_UNCORR_STTS); 1059 1060 /* 1061 * Find the block before last block (contains the EEPROM image) 1062 * for HW without OTP shadow RAM. 1063 */ 1064 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 1065 /* Switch to absolute addressing mode. */ 1066 IWN_CLRBITS(sc, IWN_OTP_GP, IWN_OTP_GP_RELATIVE_ACCESS); 1067 base = 0; 1068 for (count = 0; count < IWN1000_OTP_NBLOCKS; count++) { 1069 error = iwn_read_prom_data(sc, base, &next, 2); 1070 if (error != 0) 1071 return error; 1072 if (next == 0) /* End of linked-list. */ 1073 break; 1074 prev = base; 1075 base = le16toh(next); 1076 } 1077 if (count == 0 || count == IWN1000_OTP_NBLOCKS) 1078 return EIO; 1079 /* Skip "next" word. */ 1080 sc->prom_base = prev + 1; 1081 } 1082 return 0; 1083 } 1084 1085 static int 1086 iwn_read_prom_data(struct iwn_softc *sc, uint32_t addr, void *data, int count) 1087 { 1088 uint8_t *out = data; 1089 uint32_t val, tmp; 1090 int ntries; 1091 1092 addr += sc->prom_base; 1093 for (; count > 0; count -= 2, addr++) { 1094 IWN_WRITE(sc, IWN_EEPROM, addr << 2); 1095 for (ntries = 0; ntries < 10; ntries++) { 1096 val = IWN_READ(sc, IWN_EEPROM); 1097 if (val & IWN_EEPROM_READ_VALID) 1098 break; 1099 DELAY(5); 1100 } 1101 if (ntries == 10) { 1102 aprint_error_dev(sc->sc_dev, 1103 "timeout reading ROM at 0x%x\n", addr); 1104 return ETIMEDOUT; 1105 } 1106 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 1107 /* OTPROM, check for ECC errors. */ 1108 tmp = IWN_READ(sc, IWN_OTP_GP); 1109 if (tmp & IWN_OTP_GP_ECC_UNCORR_STTS) { 1110 aprint_error_dev(sc->sc_dev, 1111 "OTPROM ECC error at 0x%x\n", addr); 1112 return EIO; 1113 } 1114 if (tmp & IWN_OTP_GP_ECC_CORR_STTS) { 1115 /* Correctable ECC error, clear bit. */ 1116 IWN_SETBITS(sc, IWN_OTP_GP, 1117 IWN_OTP_GP_ECC_CORR_STTS); 1118 } 1119 } 1120 *out++ = val >> 16; 1121 if (count > 1) 1122 *out++ = val >> 24; 1123 } 1124 return 0; 1125 } 1126 1127 static int 1128 iwn_dma_contig_alloc(bus_dma_tag_t tag, struct iwn_dma_info *dma, void **kvap, 1129 bus_size_t size, bus_size_t alignment) 1130 { 1131 int nsegs, error; 1132 1133 dma->tag = tag; 1134 dma->size = size; 1135 1136 error = bus_dmamap_create(tag, size, 1, size, 0, BUS_DMA_NOWAIT, 1137 &dma->map); 1138 if (error != 0) 1139 goto fail; 1140 1141 error = bus_dmamem_alloc(tag, size, alignment, 0, &dma->seg, 1, &nsegs, 1142 BUS_DMA_NOWAIT); /* XXX OpenBSD adds BUS_DMA_ZERO */ 1143 if (error != 0) 1144 goto fail; 1145 1146 error = bus_dmamem_map(tag, &dma->seg, 1, size, &dma->vaddr, 1147 BUS_DMA_NOWAIT); /* XXX OpenBSD adds BUS_DMA_COHERENT */ 1148 if (error != 0) 1149 goto fail; 1150 1151 error = bus_dmamap_load(tag, dma->map, dma->vaddr, size, NULL, 1152 BUS_DMA_NOWAIT); 1153 if (error != 0) 1154 goto fail; 1155 1156 memset(dma->vaddr, 0, size); 1157 bus_dmamap_sync(tag, dma->map, 0, size, BUS_DMASYNC_PREWRITE); 1158 1159 dma->paddr = dma->map->dm_segs[0].ds_addr; 1160 if (kvap != NULL) 1161 *kvap = dma->vaddr; 1162 1163 return 0; 1164 1165 fail: iwn_dma_contig_free(dma); 1166 return error; 1167 } 1168 1169 static void 1170 iwn_dma_contig_free(struct iwn_dma_info *dma) 1171 { 1172 if (dma->map != NULL) { 1173 if (dma->vaddr != NULL) { 1174 bus_dmamap_sync(dma->tag, dma->map, 0, dma->size, 1175 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 1176 bus_dmamap_unload(dma->tag, dma->map); 1177 bus_dmamem_unmap(dma->tag, dma->vaddr, dma->size); 1178 bus_dmamem_free(dma->tag, &dma->seg, 1); 1179 dma->vaddr = NULL; 1180 } 1181 bus_dmamap_destroy(dma->tag, dma->map); 1182 dma->map = NULL; 1183 } 1184 } 1185 1186 static int 1187 iwn_alloc_sched(struct iwn_softc *sc) 1188 { 1189 /* TX scheduler rings must be aligned on a 1KB boundary. */ 1190 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->sched_dma, 1191 (void **)&sc->sched, sc->sc_hal->schedsz, 1024); 1192 } 1193 1194 static void 1195 iwn_free_sched(struct iwn_softc *sc) 1196 { 1197 iwn_dma_contig_free(&sc->sched_dma); 1198 } 1199 1200 static int 1201 iwn_alloc_kw(struct iwn_softc *sc) 1202 { 1203 /* "Keep Warm" page must be aligned on a 4KB boundary. */ 1204 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->kw_dma, NULL, 4096, 1205 4096); 1206 } 1207 1208 static void 1209 iwn_free_kw(struct iwn_softc *sc) 1210 { 1211 iwn_dma_contig_free(&sc->kw_dma); 1212 } 1213 1214 static int 1215 iwn_alloc_ict(struct iwn_softc *sc) 1216 { 1217 /* ICT table must be aligned on a 4KB boundary. */ 1218 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->ict_dma, 1219 (void **)&sc->ict, IWN_ICT_SIZE, 4096); 1220 } 1221 1222 static void 1223 iwn_free_ict(struct iwn_softc *sc) 1224 { 1225 iwn_dma_contig_free(&sc->ict_dma); 1226 } 1227 1228 static int 1229 iwn_alloc_fwmem(struct iwn_softc *sc) 1230 { 1231 /* Must be aligned on a 16-byte boundary. */ 1232 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->fw_dma, NULL, 1233 sc->sc_hal->fwsz, 16); 1234 } 1235 1236 static void 1237 iwn_free_fwmem(struct iwn_softc *sc) 1238 { 1239 iwn_dma_contig_free(&sc->fw_dma); 1240 } 1241 1242 static int 1243 iwn_alloc_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1244 { 1245 bus_size_t size; 1246 int i, error; 1247 1248 ring->cur = 0; 1249 1250 /* Allocate RX descriptors (256-byte aligned.) */ 1251 size = IWN_RX_RING_COUNT * sizeof (uint32_t); 1252 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 1253 (void **)&ring->desc, size, 256); 1254 if (error != 0) { 1255 aprint_error_dev(sc->sc_dev, 1256 "could not allocate RX ring DMA memory\n"); 1257 goto fail; 1258 } 1259 1260 /* Allocate RX status area (16-byte aligned.) */ 1261 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->stat_dma, 1262 (void **)&ring->stat, sizeof (struct iwn_rx_status), 16); 1263 if (error != 0) { 1264 aprint_error_dev(sc->sc_dev, 1265 "could not allocate RX status DMA memory\n"); 1266 goto fail; 1267 } 1268 1269 /* 1270 * Allocate and map RX buffers. 1271 */ 1272 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1273 struct iwn_rx_data *data = &ring->data[i]; 1274 1275 error = bus_dmamap_create(sc->sc_dmat, IWN_RBUF_SIZE, 1, 1276 IWN_RBUF_SIZE, 0, BUS_DMA_NOWAIT | BUS_DMA_ALLOCNOW, 1277 &data->map); 1278 if (error != 0) { 1279 aprint_error_dev(sc->sc_dev, 1280 "could not create RX buf DMA map\n"); 1281 goto fail; 1282 } 1283 1284 data->m = MCLGETIalt(sc, M_DONTWAIT, NULL, IWN_RBUF_SIZE); 1285 if (data->m == NULL) { 1286 aprint_error_dev(sc->sc_dev, 1287 "could not allocate RX mbuf\n"); 1288 error = ENOBUFS; 1289 goto fail; 1290 } 1291 1292 error = bus_dmamap_load(sc->sc_dmat, data->map, 1293 mtod(data->m, void *), IWN_RBUF_SIZE, NULL, 1294 BUS_DMA_NOWAIT | BUS_DMA_READ); 1295 if (error != 0) { 1296 aprint_error_dev(sc->sc_dev, 1297 "can't not map mbuf (error %d)\n", error); 1298 goto fail; 1299 } 1300 1301 /* Set physical address of RX buffer (256-byte aligned.) */ 1302 ring->desc[i] = htole32(data->map->dm_segs[0].ds_addr >> 8); 1303 } 1304 1305 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 0, size, 1306 BUS_DMASYNC_PREWRITE); 1307 1308 return 0; 1309 1310 fail: iwn_free_rx_ring(sc, ring); 1311 return error; 1312 } 1313 1314 static void 1315 iwn_reset_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1316 { 1317 int ntries; 1318 1319 if (iwn_nic_lock(sc) == 0) { 1320 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 1321 for (ntries = 0; ntries < 1000; ntries++) { 1322 if (IWN_READ(sc, IWN_FH_RX_STATUS) & 1323 IWN_FH_RX_STATUS_IDLE) 1324 break; 1325 DELAY(10); 1326 } 1327 iwn_nic_unlock(sc); 1328 } 1329 ring->cur = 0; 1330 sc->last_rx_valid = 0; 1331 } 1332 1333 static void 1334 iwn_free_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1335 { 1336 int i; 1337 1338 iwn_dma_contig_free(&ring->desc_dma); 1339 iwn_dma_contig_free(&ring->stat_dma); 1340 1341 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1342 struct iwn_rx_data *data = &ring->data[i]; 1343 1344 if (data->m != NULL) { 1345 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1346 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1347 bus_dmamap_unload(sc->sc_dmat, data->map); 1348 m_freem(data->m); 1349 } 1350 if (data->map != NULL) 1351 bus_dmamap_destroy(sc->sc_dmat, data->map); 1352 } 1353 } 1354 1355 static int 1356 iwn_alloc_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring, int qid) 1357 { 1358 bus_addr_t paddr; 1359 bus_size_t size; 1360 int i, error; 1361 1362 ring->qid = qid; 1363 ring->queued = 0; 1364 ring->cur = 0; 1365 1366 /* Allocate TX descriptors (256-byte aligned.) */ 1367 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_desc); 1368 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 1369 (void **)&ring->desc, size, 256); 1370 if (error != 0) { 1371 aprint_error_dev(sc->sc_dev, 1372 "could not allocate TX ring DMA memory\n"); 1373 goto fail; 1374 } 1375 /* 1376 * We only use rings 0 through 4 (4 EDCA + cmd) so there is no need 1377 * to allocate commands space for other rings. 1378 * XXX Do we really need to allocate descriptors for other rings? 1379 */ 1380 if (qid > 4) 1381 return 0; 1382 1383 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_cmd); 1384 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->cmd_dma, 1385 (void **)&ring->cmd, size, 4); 1386 if (error != 0) { 1387 aprint_error_dev(sc->sc_dev, 1388 "could not allocate TX cmd DMA memory\n"); 1389 goto fail; 1390 } 1391 1392 paddr = ring->cmd_dma.paddr; 1393 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1394 struct iwn_tx_data *data = &ring->data[i]; 1395 1396 data->cmd_paddr = paddr; 1397 data->scratch_paddr = paddr + 12; 1398 paddr += sizeof (struct iwn_tx_cmd); 1399 1400 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1401 IWN_MAX_SCATTER - 1, MCLBYTES, 0, BUS_DMA_NOWAIT, 1402 &data->map); 1403 if (error != 0) { 1404 aprint_error_dev(sc->sc_dev, 1405 "could not create TX buf DMA map\n"); 1406 goto fail; 1407 } 1408 } 1409 return 0; 1410 1411 fail: iwn_free_tx_ring(sc, ring); 1412 return error; 1413 } 1414 1415 static void 1416 iwn_reset_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 1417 { 1418 int i; 1419 1420 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1421 struct iwn_tx_data *data = &ring->data[i]; 1422 1423 if (data->m != NULL) { 1424 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1425 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1426 bus_dmamap_unload(sc->sc_dmat, data->map); 1427 m_freem(data->m); 1428 data->m = NULL; 1429 } 1430 } 1431 /* Clear TX descriptors. */ 1432 memset(ring->desc, 0, ring->desc_dma.size); 1433 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 0, 1434 ring->desc_dma.size, BUS_DMASYNC_PREWRITE); 1435 sc->qfullmsk &= ~(1 << ring->qid); 1436 ring->queued = 0; 1437 ring->cur = 0; 1438 } 1439 1440 static void 1441 iwn_free_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 1442 { 1443 int i; 1444 1445 iwn_dma_contig_free(&ring->desc_dma); 1446 iwn_dma_contig_free(&ring->cmd_dma); 1447 1448 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1449 struct iwn_tx_data *data = &ring->data[i]; 1450 1451 if (data->m != NULL) { 1452 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1453 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1454 bus_dmamap_unload(sc->sc_dmat, data->map); 1455 m_freem(data->m); 1456 } 1457 if (data->map != NULL) 1458 bus_dmamap_destroy(sc->sc_dmat, data->map); 1459 } 1460 } 1461 1462 static void 1463 iwn5000_ict_reset(struct iwn_softc *sc) 1464 { 1465 /* Disable interrupts. */ 1466 IWN_WRITE(sc, IWN_INT_MASK, 0); 1467 1468 /* Reset ICT table. */ 1469 memset(sc->ict, 0, IWN_ICT_SIZE); 1470 sc->ict_cur = 0; 1471 1472 /* Set physical address of ICT table (4KB aligned.) */ 1473 DPRINTF(("enabling ICT\n")); 1474 IWN_WRITE(sc, IWN_DRAM_INT_TBL, IWN_DRAM_INT_TBL_ENABLE | 1475 IWN_DRAM_INT_TBL_WRAP_CHECK | sc->ict_dma.paddr >> 12); 1476 1477 /* Enable periodic RX interrupt. */ 1478 sc->int_mask |= IWN_INT_RX_PERIODIC; 1479 /* Switch to ICT interrupt mode in driver. */ 1480 sc->sc_flags |= IWN_FLAG_USE_ICT; 1481 1482 /* Re-enable interrupts. */ 1483 IWN_WRITE(sc, IWN_INT, 0xffffffff); 1484 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 1485 } 1486 1487 static int 1488 iwn_read_eeprom(struct iwn_softc *sc) 1489 { 1490 const struct iwn_hal *hal = sc->sc_hal; 1491 struct ieee80211com *ic = &sc->sc_ic; 1492 uint16_t val; 1493 int error; 1494 1495 /* Check whether adapter has an EEPROM or an OTPROM. */ 1496 if (sc->hw_type >= IWN_HW_REV_TYPE_1000 && 1497 (IWN_READ(sc, IWN_OTP_GP) & IWN_OTP_GP_DEV_SEL_OTP)) 1498 sc->sc_flags |= IWN_FLAG_HAS_OTPROM; 1499 DPRINTF(("%s found\n", (sc->sc_flags & IWN_FLAG_HAS_OTPROM) ? 1500 "OTPROM" : "EEPROM")); 1501 1502 /* Adapter has to be powered on for EEPROM access to work. */ 1503 if ((error = iwn_apm_init(sc)) != 0) { 1504 aprint_error_dev(sc->sc_dev, 1505 "could not power ON adapter\n"); 1506 return error; 1507 } 1508 1509 if ((IWN_READ(sc, IWN_EEPROM_GP) & 0x7) == 0) { 1510 aprint_error_dev(sc->sc_dev, 1511 "bad ROM signature\n"); 1512 return EIO; 1513 } 1514 if ((error = iwn_eeprom_lock(sc)) != 0) { 1515 aprint_error_dev(sc->sc_dev, 1516 "could not lock ROM (error=%d)\n", error); 1517 return error; 1518 } 1519 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 1520 if ((error = iwn_init_otprom(sc)) != 0) { 1521 aprint_error_dev(sc->sc_dev, 1522 "could not initialize OTPROM\n"); 1523 return error; 1524 } 1525 } 1526 1527 iwn_read_prom_data(sc, IWN_EEPROM_RFCFG, &val, 2); 1528 sc->rfcfg = le16toh(val); 1529 DPRINTF(("radio config=0x%04x\n", sc->rfcfg)); 1530 1531 /* Read MAC address. */ 1532 iwn_read_prom_data(sc, IWN_EEPROM_MAC, ic->ic_myaddr, 6); 1533 1534 /* Read adapter-specific information from EEPROM. */ 1535 hal->read_eeprom(sc); 1536 1537 iwn_apm_stop(sc); /* Power OFF adapter. */ 1538 1539 iwn_eeprom_unlock(sc); 1540 return 0; 1541 } 1542 1543 static void 1544 iwn4965_read_eeprom(struct iwn_softc *sc) 1545 { 1546 uint32_t addr; 1547 uint16_t val; 1548 int i; 1549 1550 /* Read regulatory domain (4 ASCII characters.) */ 1551 iwn_read_prom_data(sc, IWN4965_EEPROM_DOMAIN, sc->eeprom_domain, 4); 1552 1553 /* Read the list of authorized channels (20MHz ones only.) */ 1554 for (i = 0; i < 5; i++) { 1555 addr = iwn4965_regulatory_bands[i]; 1556 iwn_read_eeprom_channels(sc, i, addr); 1557 } 1558 1559 /* Read maximum allowed TX power for 2GHz and 5GHz bands. */ 1560 iwn_read_prom_data(sc, IWN4965_EEPROM_MAXPOW, &val, 2); 1561 sc->maxpwr2GHz = val & 0xff; 1562 sc->maxpwr5GHz = val >> 8; 1563 /* Check that EEPROM values are within valid range. */ 1564 if (sc->maxpwr5GHz < 20 || sc->maxpwr5GHz > 50) 1565 sc->maxpwr5GHz = 38; 1566 if (sc->maxpwr2GHz < 20 || sc->maxpwr2GHz > 50) 1567 sc->maxpwr2GHz = 38; 1568 DPRINTF(("maxpwr 2GHz=%d 5GHz=%d\n", sc->maxpwr2GHz, sc->maxpwr5GHz)); 1569 1570 /* Read samples for each TX power group. */ 1571 iwn_read_prom_data(sc, IWN4965_EEPROM_BANDS, sc->bands, 1572 sizeof sc->bands); 1573 1574 /* Read voltage at which samples were taken. */ 1575 iwn_read_prom_data(sc, IWN4965_EEPROM_VOLTAGE, &val, 2); 1576 sc->eeprom_voltage = (int16_t)le16toh(val); 1577 DPRINTF(("voltage=%d (in 0.3V)\n", sc->eeprom_voltage)); 1578 1579 #ifdef IWN_DEBUG 1580 /* Print samples. */ 1581 if (iwn_debug > 0) { 1582 for (i = 0; i < IWN_NBANDS; i++) 1583 iwn4965_print_power_group(sc, i); 1584 } 1585 #endif 1586 } 1587 1588 #ifdef IWN_DEBUG 1589 static void 1590 iwn4965_print_power_group(struct iwn_softc *sc, int i) 1591 { 1592 struct iwn4965_eeprom_band *band = &sc->bands[i]; 1593 struct iwn4965_eeprom_chan_samples *chans = band->chans; 1594 int j, c; 1595 1596 aprint_normal("===band %d===\n", i); 1597 aprint_normal("chan lo=%d, chan hi=%d\n", band->lo, band->hi); 1598 aprint_normal("chan1 num=%d\n", chans[0].num); 1599 for (c = 0; c < 2; c++) { 1600 for (j = 0; j < IWN_NSAMPLES; j++) { 1601 aprint_normal("chain %d, sample %d: temp=%d gain=%d " 1602 "power=%d pa_det=%d\n", c, j, 1603 chans[0].samples[c][j].temp, 1604 chans[0].samples[c][j].gain, 1605 chans[0].samples[c][j].power, 1606 chans[0].samples[c][j].pa_det); 1607 } 1608 } 1609 aprint_normal("chan2 num=%d\n", chans[1].num); 1610 for (c = 0; c < 2; c++) { 1611 for (j = 0; j < IWN_NSAMPLES; j++) { 1612 aprint_normal("chain %d, sample %d: temp=%d gain=%d " 1613 "power=%d pa_det=%d\n", c, j, 1614 chans[1].samples[c][j].temp, 1615 chans[1].samples[c][j].gain, 1616 chans[1].samples[c][j].power, 1617 chans[1].samples[c][j].pa_det); 1618 } 1619 } 1620 } 1621 #endif 1622 1623 static void 1624 iwn5000_read_eeprom(struct iwn_softc *sc) 1625 { 1626 struct iwn5000_eeprom_calib_hdr hdr; 1627 int32_t temp, volt; 1628 uint32_t base, addr; 1629 uint16_t val; 1630 int i; 1631 1632 /* Read regulatory domain (4 ASCII characters.) */ 1633 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 1634 base = le16toh(val); 1635 iwn_read_prom_data(sc, base + IWN5000_EEPROM_DOMAIN, 1636 sc->eeprom_domain, 4); 1637 1638 /* Read the list of authorized channels (20MHz ones only.) */ 1639 for (i = 0; i < 5; i++) { 1640 addr = base + iwn5000_regulatory_bands[i]; 1641 iwn_read_eeprom_channels(sc, i, addr); 1642 } 1643 1644 /* Read enhanced TX power information for 6000 Series. */ 1645 if (sc->hw_type >= IWN_HW_REV_TYPE_6000) 1646 iwn_read_eeprom_enhinfo(sc); 1647 1648 iwn_read_prom_data(sc, IWN5000_EEPROM_CAL, &val, 2); 1649 base = le16toh(val); 1650 iwn_read_prom_data(sc, base, &hdr, sizeof hdr); 1651 DPRINTF(("calib version=%u pa type=%u voltage=%u\n", 1652 hdr.version, hdr.pa_type, le16toh(hdr.volt))); 1653 sc->calib_ver = hdr.version; 1654 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 1655 /* Compute temperature offset. */ 1656 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 1657 temp = le16toh(val); 1658 iwn_read_prom_data(sc, base + IWN5000_EEPROM_VOLT, &val, 2); 1659 volt = le16toh(val); 1660 sc->temp_off = temp - (volt / -5); 1661 DPRINTF(("temp=%d volt=%d offset=%dK\n", 1662 temp, volt, sc->temp_off)); 1663 } else { 1664 /* Read crystal calibration. */ 1665 iwn_read_prom_data(sc, base + IWN5000_EEPROM_CRYSTAL, 1666 &sc->eeprom_crystal, sizeof (uint32_t)); 1667 DPRINTF(("crystal calibration 0x%08x\n", 1668 le32toh(sc->eeprom_crystal))); 1669 } 1670 } 1671 1672 static void 1673 iwn_read_eeprom_channels(struct iwn_softc *sc, int n, uint32_t addr) 1674 { 1675 struct ieee80211com *ic = &sc->sc_ic; 1676 const struct iwn_chan_band *band = &iwn_bands[n]; 1677 struct iwn_eeprom_chan channels[IWN_MAX_CHAN_PER_BAND]; 1678 uint8_t chan; 1679 int i; 1680 1681 iwn_read_prom_data(sc, addr, channels, 1682 band->nchan * sizeof (struct iwn_eeprom_chan)); 1683 1684 for (i = 0; i < band->nchan; i++) { 1685 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) 1686 continue; 1687 1688 chan = band->chan[i]; 1689 1690 if (n == 0) { /* 2GHz band */ 1691 ic->ic_channels[chan].ic_freq = 1692 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 1693 ic->ic_channels[chan].ic_flags = 1694 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 1695 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 1696 1697 } else { /* 5GHz band */ 1698 /* 1699 * Some adapters support channels 7, 8, 11 and 12 1700 * both in the 2GHz and 4.9GHz bands. 1701 * Because of limitations in our net80211 layer, 1702 * we don't support them in the 4.9GHz band. 1703 */ 1704 if (chan <= 14) 1705 continue; 1706 1707 ic->ic_channels[chan].ic_freq = 1708 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 1709 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 1710 /* We have at least one valid 5GHz channel. */ 1711 sc->sc_flags |= IWN_FLAG_HAS_5GHZ; 1712 } 1713 1714 /* Is active scan allowed on this channel? */ 1715 if (!(channels[i].flags & IWN_EEPROM_CHAN_ACTIVE)) { 1716 ic->ic_channels[chan].ic_flags |= 1717 IEEE80211_CHAN_PASSIVE; 1718 } 1719 1720 /* Save maximum allowed TX power for this channel. */ 1721 sc->maxpwr[chan] = channels[i].maxpwr; 1722 1723 DPRINTF(("adding chan %d flags=0x%x maxpwr=%d\n", 1724 chan, channels[i].flags, sc->maxpwr[chan])); 1725 } 1726 } 1727 1728 static void 1729 iwn_read_eeprom_enhinfo(struct iwn_softc *sc) 1730 { 1731 struct iwn_eeprom_enhinfo enhinfo[35]; 1732 uint16_t val, base; 1733 int8_t maxpwr; 1734 int i; 1735 1736 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 1737 base = le16toh(val); 1738 iwn_read_prom_data(sc, base + IWN6000_EEPROM_ENHINFO, 1739 enhinfo, sizeof enhinfo); 1740 1741 memset(sc->enh_maxpwr, 0, sizeof sc->enh_maxpwr); 1742 for (i = 0; i < __arraycount(enhinfo); i++) { 1743 if (enhinfo[i].chan == 0 || enhinfo[i].reserved != 0) 1744 continue; /* Skip invalid entries. */ 1745 1746 maxpwr = 0; 1747 if (sc->txchainmask & IWN_ANT_A) 1748 maxpwr = MAX(maxpwr, enhinfo[i].chain[0]); 1749 if (sc->txchainmask & IWN_ANT_B) 1750 maxpwr = MAX(maxpwr, enhinfo[i].chain[1]); 1751 if (sc->txchainmask & IWN_ANT_C) 1752 maxpwr = MAX(maxpwr, enhinfo[i].chain[2]); 1753 if (sc->ntxchains == 2) 1754 maxpwr = MAX(maxpwr, enhinfo[i].mimo2); 1755 else if (sc->ntxchains == 3) 1756 maxpwr = MAX(maxpwr, enhinfo[i].mimo3); 1757 maxpwr /= 2; /* Convert half-dBm to dBm. */ 1758 1759 DPRINTF(("enhinfo %d, maxpwr=%d\n", i, maxpwr)); 1760 sc->enh_maxpwr[i] = maxpwr; 1761 } 1762 } 1763 1764 static struct ieee80211_node * 1765 iwn_node_alloc(struct ieee80211_node_table *ic __unused) 1766 { 1767 return malloc(sizeof (struct iwn_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1768 } 1769 1770 static void 1771 iwn_newassoc(struct ieee80211_node *ni, int isnew) 1772 { 1773 struct iwn_softc *sc = ni->ni_ic->ic_ifp->if_softc; 1774 struct iwn_node *wn = (void *)ni; 1775 uint8_t rate; 1776 int ridx, i; 1777 1778 ieee80211_amrr_node_init(&sc->amrr, &wn->amn); 1779 /* Start at lowest available bit-rate, AMRR will raise. */ 1780 ni->ni_txrate = 0; 1781 1782 for (i = 0; i < ni->ni_rates.rs_nrates; i++) { 1783 rate = ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL; 1784 /* Map 802.11 rate to HW rate index. */ 1785 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) 1786 if (iwn_rates[ridx].rate == rate) 1787 break; 1788 wn->ridx[i] = ridx; 1789 } 1790 } 1791 1792 static int 1793 iwn_media_change(struct ifnet *ifp) 1794 { 1795 struct iwn_softc *sc = ifp->if_softc; 1796 struct ieee80211com *ic = &sc->sc_ic; 1797 uint8_t rate, ridx; 1798 int error; 1799 1800 error = ieee80211_media_change(ifp); 1801 if (error != ENETRESET) 1802 return error; 1803 1804 if (ic->ic_fixed_rate != -1) { 1805 rate = ic->ic_sup_rates[ic->ic_curmode]. 1806 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1807 /* Map 802.11 rate to HW rate index. */ 1808 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) 1809 if (iwn_rates[ridx].rate == rate) 1810 break; 1811 sc->fixed_ridx = ridx; 1812 } 1813 1814 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1815 (IFF_UP | IFF_RUNNING)) { 1816 iwn_stop(ifp, 0); 1817 error = iwn_init(ifp); 1818 } 1819 return error; 1820 } 1821 1822 static int 1823 iwn_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1824 { 1825 struct ifnet *ifp = ic->ic_ifp; 1826 struct iwn_softc *sc = ifp->if_softc; 1827 int error; 1828 1829 callout_stop(&sc->calib_to); 1830 1831 switch (nstate) { 1832 case IEEE80211_S_SCAN: 1833 if (sc->sc_flags & IWN_FLAG_SCANNING) { 1834 aprint_error_dev(sc->sc_dev, 1835 "scan request while scanning ignored\n"); 1836 break; 1837 } 1838 1839 ieee80211_node_table_reset(&ic->ic_scan); 1840 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1841 sc->sc_flags |= IWN_FLAG_SCANNING; 1842 1843 /* Make the link LED blink while we're scanning. */ 1844 iwn_set_led(sc, IWN_LED_LINK, 10, 10); 1845 1846 if ((error = iwn_scan(sc, IEEE80211_CHAN_2GHZ)) != 0) { 1847 aprint_error_dev(sc->sc_dev, 1848 "could not initiate scan\n"); 1849 return error; 1850 } 1851 ic->ic_state = nstate; 1852 return 0; 1853 1854 case IEEE80211_S_ASSOC: 1855 if (ic->ic_state != IEEE80211_S_RUN) 1856 break; 1857 /* FALLTHROUGH */ 1858 case IEEE80211_S_AUTH: 1859 /* Reset state to handle reassociations correctly. */ 1860 sc->rxon.associd = 0; 1861 sc->rxon.filter &= ~htole32(IWN_FILTER_BSS); 1862 sc->calib.state = IWN_CALIB_STATE_INIT; 1863 1864 if ((error = iwn_auth(sc)) != 0) { 1865 aprint_error_dev(sc->sc_dev, 1866 "could not move to auth state\n"); 1867 return error; 1868 } 1869 break; 1870 1871 case IEEE80211_S_RUN: 1872 if ((error = iwn_run(sc)) != 0) { 1873 aprint_error_dev(sc->sc_dev, 1874 "could not move to run state\n"); 1875 return error; 1876 } 1877 break; 1878 1879 case IEEE80211_S_INIT: 1880 sc->sc_flags &= ~IWN_FLAG_SCANNING; 1881 sc->calib.state = IWN_CALIB_STATE_INIT; 1882 break; 1883 } 1884 1885 return sc->sc_newstate(ic, nstate, arg); 1886 } 1887 1888 static void 1889 iwn_iter_func(void *arg, struct ieee80211_node *ni) 1890 { 1891 struct iwn_softc *sc = arg; 1892 struct iwn_node *wn = (struct iwn_node *)ni; 1893 1894 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 1895 } 1896 1897 static void 1898 iwn_calib_timeout(void *arg) 1899 { 1900 struct iwn_softc *sc = arg; 1901 struct ieee80211com *ic = &sc->sc_ic; 1902 int s; 1903 1904 s = splnet(); 1905 if (ic->ic_fixed_rate == -1) { 1906 if (ic->ic_opmode == IEEE80211_M_STA) 1907 iwn_iter_func(sc, ic->ic_bss); 1908 else 1909 ieee80211_iterate_nodes(&ic->ic_sta, iwn_iter_func, sc); 1910 } 1911 /* Force automatic TX power calibration every 60 secs. */ 1912 if (++sc->calib_cnt >= 120) { 1913 uint32_t flags = 0; 1914 1915 DPRINTF(("sending request for statistics\n")); 1916 (void)iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, 1917 sizeof flags, 1); 1918 sc->calib_cnt = 0; 1919 } 1920 splx(s); 1921 1922 /* Automatic rate control triggered every 500ms. */ 1923 callout_schedule(&sc->calib_to, hz/2); 1924 } 1925 1926 /* 1927 * Process an RX_PHY firmware notification. This is usually immediately 1928 * followed by an MPDU_RX_DONE notification. 1929 */ 1930 static void 1931 iwn_rx_phy(struct iwn_softc *sc, struct iwn_rx_desc *desc, 1932 struct iwn_rx_data *data) 1933 { 1934 struct iwn_rx_stat *stat = (struct iwn_rx_stat *)(desc + 1); 1935 1936 DPRINTFN(2, ("received PHY stats\n")); 1937 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 1938 sizeof (*stat), BUS_DMASYNC_POSTREAD); 1939 1940 /* Save RX statistics, they will be used on MPDU_RX_DONE. */ 1941 memcpy(&sc->last_rx_stat, stat, sizeof (*stat)); 1942 sc->last_rx_valid = 1; 1943 } 1944 1945 /* 1946 * Process an RX_DONE (4965AGN only) or MPDU_RX_DONE firmware notification. 1947 * Each MPDU_RX_DONE notification must be preceded by an RX_PHY one. 1948 */ 1949 static void 1950 iwn_rx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 1951 struct iwn_rx_data *data) 1952 { 1953 const struct iwn_hal *hal = sc->sc_hal; 1954 struct ieee80211com *ic = &sc->sc_ic; 1955 struct ifnet *ifp = ic->ic_ifp; 1956 struct iwn_rx_ring *ring = &sc->rxq; 1957 #if 0 1958 struct iwn_rbuf *rbuf; 1959 #endif 1960 struct ieee80211_frame *wh; 1961 struct ieee80211_node *ni; 1962 struct mbuf *m, *m1; 1963 struct iwn_rx_stat *stat; 1964 char *head; 1965 uint32_t flags; 1966 int error, len, rssi; 1967 1968 if (desc->type == IWN_MPDU_RX_DONE) { 1969 /* Check for prior RX_PHY notification. */ 1970 if (!sc->last_rx_valid) { 1971 DPRINTF(("missing RX_PHY\n")); 1972 ifp->if_ierrors++; 1973 return; 1974 } 1975 sc->last_rx_valid = 0; 1976 stat = &sc->last_rx_stat; 1977 } else 1978 stat = (struct iwn_rx_stat *)(desc + 1); 1979 1980 bus_dmamap_sync(sc->sc_dmat, data->map, 0, IWN_RBUF_SIZE, 1981 BUS_DMASYNC_POSTREAD); 1982 1983 if (stat->cfg_phy_len > IWN_STAT_MAXLEN) { 1984 aprint_error_dev(sc->sc_dev, 1985 "invalid RX statistic header\n"); 1986 ifp->if_ierrors++; 1987 return; 1988 } 1989 if (desc->type == IWN_MPDU_RX_DONE) { 1990 struct iwn_rx_mpdu *mpdu = (struct iwn_rx_mpdu *)(desc + 1); 1991 head = (char *)(mpdu + 1); 1992 len = le16toh(mpdu->len); 1993 } else { 1994 head = (char *)(stat + 1) + stat->cfg_phy_len; 1995 len = le16toh(stat->len); 1996 } 1997 1998 flags = le32toh(*(uint32_t *)(head + len)); 1999 2000 /* Discard frames with a bad FCS early. */ 2001 if ((flags & IWN_RX_NOERROR) != IWN_RX_NOERROR) { 2002 DPRINTFN(2, ("RX flags error %x\n", flags)); 2003 ifp->if_ierrors++; 2004 return; 2005 } 2006 /* Discard frames that are too short. */ 2007 if (len < sizeof (*wh)) { 2008 DPRINTF(("frame too short: %d\n", len)); 2009 ic->ic_stats.is_rx_tooshort++; 2010 ifp->if_ierrors++; 2011 return; 2012 } 2013 2014 m1 = MCLGETIalt(sc, M_DONTWAIT, NULL, IWN_RBUF_SIZE); 2015 if (m1 == NULL) { 2016 ic->ic_stats.is_rx_nobuf++; 2017 ifp->if_ierrors++; 2018 return; 2019 } 2020 bus_dmamap_unload(sc->sc_dmat, data->map); 2021 2022 error = bus_dmamap_load(sc->sc_dmat, data->map, mtod(m1, void *), 2023 IWN_RBUF_SIZE, NULL, BUS_DMA_NOWAIT | BUS_DMA_READ); 2024 if (error != 0) { 2025 m_freem(m1); 2026 2027 /* Try to reload the old mbuf. */ 2028 error = bus_dmamap_load(sc->sc_dmat, data->map, 2029 mtod(data->m, void *), IWN_RBUF_SIZE, NULL, 2030 BUS_DMA_NOWAIT | BUS_DMA_READ); 2031 if (error != 0) { 2032 panic("%s: could not load old RX mbuf", 2033 device_xname(sc->sc_dev)); 2034 } 2035 /* Physical address may have changed. */ 2036 ring->desc[ring->cur] = 2037 htole32(data->map->dm_segs[0].ds_addr >> 8); 2038 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 2039 ring->cur * sizeof (uint32_t), sizeof (uint32_t), 2040 BUS_DMASYNC_PREWRITE); 2041 ifp->if_ierrors++; 2042 return; 2043 } 2044 2045 m = data->m; 2046 data->m = m1; 2047 /* Update RX descriptor. */ 2048 ring->desc[ring->cur] = htole32(data->map->dm_segs[0].ds_addr >> 8); 2049 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 2050 ring->cur * sizeof (uint32_t), sizeof (uint32_t), 2051 BUS_DMASYNC_PREWRITE); 2052 2053 /* Finalize mbuf. */ 2054 m->m_pkthdr.rcvif = ifp; 2055 m->m_data = head; 2056 m->m_pkthdr.len = m->m_len = len; 2057 2058 /* Grab a reference to the source node. */ 2059 wh = mtod(m, struct ieee80211_frame *); 2060 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 2061 2062 rssi = hal->get_rssi(stat); 2063 2064 if (ic->ic_state == IEEE80211_S_SCAN) 2065 iwn_fix_channel(ic, m); 2066 2067 if (sc->sc_drvbpf != NULL) { 2068 struct iwn_rx_radiotap_header *tap = &sc->sc_rxtap; 2069 2070 tap->wr_flags = 0; 2071 if (stat->flags & htole16(IWN_STAT_FLAG_SHPREAMBLE)) 2072 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2073 tap->wr_chan_freq = 2074 htole16(ic->ic_channels[stat->chan].ic_freq); 2075 tap->wr_chan_flags = 2076 htole16(ic->ic_channels[stat->chan].ic_flags); 2077 tap->wr_dbm_antsignal = (int8_t)rssi; 2078 tap->wr_dbm_antnoise = (int8_t)sc->noise; 2079 tap->wr_tsft = stat->tstamp; 2080 switch (stat->rate) { 2081 /* CCK rates. */ 2082 case 10: tap->wr_rate = 2; break; 2083 case 20: tap->wr_rate = 4; break; 2084 case 55: tap->wr_rate = 11; break; 2085 case 110: tap->wr_rate = 22; break; 2086 /* OFDM rates. */ 2087 case 0xd: tap->wr_rate = 12; break; 2088 case 0xf: tap->wr_rate = 18; break; 2089 case 0x5: tap->wr_rate = 24; break; 2090 case 0x7: tap->wr_rate = 36; break; 2091 case 0x9: tap->wr_rate = 48; break; 2092 case 0xb: tap->wr_rate = 72; break; 2093 case 0x1: tap->wr_rate = 96; break; 2094 case 0x3: tap->wr_rate = 108; break; 2095 /* Unknown rate: should not happen. */ 2096 default: tap->wr_rate = 0; 2097 } 2098 2099 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 2100 } 2101 2102 /* Send the frame to the 802.11 layer. */ 2103 ieee80211_input(ic, m, ni, rssi, 0); 2104 2105 /* Node is no longer needed. */ 2106 ieee80211_free_node(ni); 2107 } 2108 2109 #ifndef IEEE80211_NO_HT 2110 /* Process an incoming Compressed BlockAck. */ 2111 static void 2112 iwn_rx_compressed_ba(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2113 struct iwn_rx_data *data) 2114 { 2115 struct iwn_compressed_ba *ba = (struct iwn_compressed_ba *)(desc + 1); 2116 struct iwn_tx_ring *txq; 2117 2118 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), sizeof (*ba), 2119 BUS_DMASYNC_POSTREAD); 2120 2121 txq = &sc->txq[le16toh(ba->qid)]; 2122 /* XXX TBD */ 2123 } 2124 #endif 2125 2126 /* 2127 * Process a CALIBRATION_RESULT notification sent by the initialization 2128 * firmware on response to a CMD_CALIB_CONFIG command (5000 only.) 2129 */ 2130 static void 2131 iwn5000_rx_calib_results(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2132 struct iwn_rx_data *data) 2133 { 2134 struct iwn_phy_calib *calib = (struct iwn_phy_calib *)(desc + 1); 2135 int len, idx = -1; 2136 2137 /* Runtime firmware should not send such a notification. */ 2138 if (sc->sc_flags & IWN_FLAG_CALIB_DONE) 2139 return; 2140 2141 len = (le32toh(desc->len) & 0x3fff) - 4; 2142 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), len, 2143 BUS_DMASYNC_POSTREAD); 2144 2145 switch (calib->code) { 2146 case IWN5000_PHY_CALIB_DC: 2147 if (sc->hw_type == IWN_HW_REV_TYPE_5150 || 2148 sc->hw_type == IWN_HW_REV_TYPE_6050) 2149 idx = 0; 2150 break; 2151 case IWN5000_PHY_CALIB_LO: 2152 idx = 1; 2153 break; 2154 case IWN5000_PHY_CALIB_TX_IQ: 2155 idx = 2; 2156 break; 2157 case IWN5000_PHY_CALIB_TX_IQ_PERIODIC: 2158 if (sc->hw_type < IWN_HW_REV_TYPE_6000 && 2159 sc->hw_type != IWN_HW_REV_TYPE_5150) 2160 idx = 3; 2161 break; 2162 case IWN5000_PHY_CALIB_BASE_BAND: 2163 idx = 4; 2164 break; 2165 } 2166 if (idx == -1) /* Ignore other results. */ 2167 return; 2168 2169 /* Save calibration result. */ 2170 if (sc->calibcmd[idx].buf != NULL) 2171 free(sc->calibcmd[idx].buf, M_DEVBUF); 2172 sc->calibcmd[idx].buf = malloc(len, M_DEVBUF, M_NOWAIT); 2173 if (sc->calibcmd[idx].buf == NULL) { 2174 DPRINTF(("not enough memory for calibration result %d\n", 2175 calib->code)); 2176 return; 2177 } 2178 DPRINTF(("saving calibration result code=%d len=%d\n", 2179 calib->code, len)); 2180 sc->calibcmd[idx].len = len; 2181 memcpy(sc->calibcmd[idx].buf, calib, len); 2182 } 2183 2184 /* 2185 * Process an RX_STATISTICS or BEACON_STATISTICS firmware notification. 2186 * The latter is sent by the firmware after each received beacon. 2187 */ 2188 static void 2189 iwn_rx_statistics(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2190 struct iwn_rx_data *data) 2191 { 2192 const struct iwn_hal *hal = sc->sc_hal; 2193 struct ieee80211com *ic = &sc->sc_ic; 2194 struct iwn_calib_state *calib = &sc->calib; 2195 struct iwn_stats *stats = (struct iwn_stats *)(desc + 1); 2196 int temp; 2197 2198 /* Ignore statistics received during a scan. */ 2199 if (ic->ic_state != IEEE80211_S_RUN) 2200 return; 2201 2202 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2203 sizeof (*stats), BUS_DMASYNC_POSTREAD); 2204 2205 DPRINTFN(3, ("received statistics (cmd=%d)\n", desc->type)); 2206 sc->calib_cnt = 0; /* Reset TX power calibration timeout. */ 2207 2208 /* Test if temperature has changed. */ 2209 if (stats->general.temp != sc->rawtemp) { 2210 /* Convert "raw" temperature to degC. */ 2211 sc->rawtemp = stats->general.temp; 2212 temp = hal->get_temperature(sc); 2213 DPRINTFN(2, ("temperature=%dC\n", temp)); 2214 2215 #ifndef SMALL_KERNEL 2216 /* Update temperature sensor. */ 2217 sc->sc_sensor.value_cur = IWN_CTOMUK(temp); 2218 sc->sc_sensor.state = ENVSYS_SVALID; 2219 #endif 2220 2221 /* Update TX power if need be (4965AGN only.) */ 2222 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 2223 iwn4965_power_calibration(sc, temp); 2224 } 2225 2226 if (desc->type != IWN_BEACON_STATISTICS) 2227 return; /* Reply to a statistics request. */ 2228 2229 sc->noise = iwn_get_noise(&stats->rx.general); 2230 2231 /* Test that RSSI and noise are present in stats report. */ 2232 if (le32toh(stats->rx.general.flags) != 1) { 2233 DPRINTF(("received statistics without RSSI\n")); 2234 return; 2235 } 2236 2237 if (calib->state == IWN_CALIB_STATE_ASSOC) 2238 iwn_collect_noise(sc, &stats->rx.general); 2239 else if (calib->state == IWN_CALIB_STATE_RUN) 2240 iwn_tune_sensitivity(sc, &stats->rx); 2241 } 2242 2243 /* 2244 * Process a TX_DONE firmware notification. Unfortunately, the 4965AGN 2245 * and 5000 adapters have different incompatible TX status formats. 2246 */ 2247 static void 2248 iwn4965_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2249 struct iwn_rx_data *data) 2250 { 2251 struct iwn4965_tx_stat *stat = (struct iwn4965_tx_stat *)(desc + 1); 2252 2253 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2254 sizeof (*stat), BUS_DMASYNC_POSTREAD); 2255 iwn_tx_done(sc, desc, stat->ackfailcnt, le32toh(stat->status) & 0xff); 2256 } 2257 2258 static void 2259 iwn5000_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2260 struct iwn_rx_data *data) 2261 { 2262 struct iwn5000_tx_stat *stat = (struct iwn5000_tx_stat *)(desc + 1); 2263 2264 #ifdef notyet 2265 /* Reset TX scheduler slot. */ 2266 iwn5000_reset_sched(sc, desc->qid & 0xf, desc->idx); 2267 #endif 2268 2269 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2270 sizeof (*stat), BUS_DMASYNC_POSTREAD); 2271 iwn_tx_done(sc, desc, stat->ackfailcnt, le16toh(stat->status) & 0xff); 2272 } 2273 2274 /* 2275 * Adapter-independent backend for TX_DONE firmware notifications. 2276 */ 2277 static void 2278 iwn_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, int ackfailcnt, 2279 uint8_t status) 2280 { 2281 struct ieee80211com *ic = &sc->sc_ic; 2282 struct ifnet *ifp = ic->ic_ifp; 2283 struct iwn_tx_ring *ring = &sc->txq[desc->qid & 0xf]; 2284 struct iwn_tx_data *data = &ring->data[desc->idx]; 2285 struct iwn_node *wn = (struct iwn_node *)data->ni; 2286 2287 /* Update rate control statistics. */ 2288 wn->amn.amn_txcnt++; 2289 if (ackfailcnt > 0) 2290 wn->amn.amn_retrycnt++; 2291 2292 if (status != 1 && status != 2) 2293 ifp->if_oerrors++; 2294 else 2295 ifp->if_opackets++; 2296 2297 /* Unmap and free mbuf. */ 2298 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 2299 BUS_DMASYNC_POSTWRITE); 2300 bus_dmamap_unload(sc->sc_dmat, data->map); 2301 m_freem(data->m); 2302 data->m = NULL; 2303 ieee80211_free_node(data->ni); 2304 data->ni = NULL; 2305 2306 sc->sc_tx_timer = 0; 2307 if (--ring->queued < IWN_TX_RING_LOMARK) { 2308 sc->qfullmsk &= ~(1 << ring->qid); 2309 if (sc->qfullmsk == 0 && (ifp->if_flags & IFF_OACTIVE)) { 2310 ifp->if_flags &= ~IFF_OACTIVE; 2311 (*ifp->if_start)(ifp); 2312 } 2313 } 2314 } 2315 2316 /* 2317 * Process a "command done" firmware notification. This is where we wakeup 2318 * processes waiting for a synchronous command completion. 2319 */ 2320 static void 2321 iwn_cmd_done(struct iwn_softc *sc, struct iwn_rx_desc *desc) 2322 { 2323 struct iwn_tx_ring *ring = &sc->txq[4]; 2324 struct iwn_tx_data *data; 2325 2326 if ((desc->qid & 0xf) != 4) 2327 return; /* Not a command ack. */ 2328 2329 data = &ring->data[desc->idx]; 2330 2331 /* If the command was mapped in an mbuf, free it. */ 2332 if (data->m != NULL) { 2333 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 2334 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 2335 bus_dmamap_unload(sc->sc_dmat, data->map); 2336 m_freem(data->m); 2337 data->m = NULL; 2338 } 2339 wakeup(&ring->desc[desc->idx]); 2340 } 2341 2342 /* 2343 * Process an INT_FH_RX or INT_SW_RX interrupt. 2344 */ 2345 static void 2346 iwn_notif_intr(struct iwn_softc *sc) 2347 { 2348 struct ieee80211com *ic = &sc->sc_ic; 2349 struct ifnet *ifp = ic->ic_ifp; 2350 uint16_t hw; 2351 2352 bus_dmamap_sync(sc->sc_dmat, sc->rxq.stat_dma.map, 2353 0, sc->rxq.stat_dma.size, BUS_DMASYNC_POSTREAD); 2354 2355 hw = le16toh(sc->rxq.stat->closed_count) & 0xfff; 2356 while (sc->rxq.cur != hw) { 2357 struct iwn_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 2358 struct iwn_rx_desc *desc; 2359 2360 bus_dmamap_sync(sc->sc_dmat, data->map, 0, sizeof (*desc), 2361 BUS_DMASYNC_POSTREAD); 2362 desc = mtod(data->m, struct iwn_rx_desc *); 2363 2364 DPRINTFN(4, ("notification qid=%d idx=%d flags=%x type=%d\n", 2365 desc->qid & 0xf, desc->idx, desc->flags, desc->type)); 2366 2367 if (!(desc->qid & 0x80)) /* Reply to a command. */ 2368 iwn_cmd_done(sc, desc); 2369 2370 switch (desc->type) { 2371 case IWN_RX_PHY: 2372 iwn_rx_phy(sc, desc, data); 2373 break; 2374 2375 case IWN_RX_DONE: /* 4965AGN only. */ 2376 case IWN_MPDU_RX_DONE: 2377 /* An 802.11 frame has been received. */ 2378 iwn_rx_done(sc, desc, data); 2379 break; 2380 #ifndef IEEE80211_NO_HT 2381 case IWN_RX_COMPRESSED_BA: 2382 /* A Compressed BlockAck has been received. */ 2383 iwn_rx_compressed_ba(sc, desc, data); 2384 break; 2385 #endif 2386 case IWN_TX_DONE: 2387 /* An 802.11 frame has been transmitted. */ 2388 sc->sc_hal->tx_done(sc, desc, data); 2389 break; 2390 2391 case IWN_RX_STATISTICS: 2392 case IWN_BEACON_STATISTICS: 2393 iwn_rx_statistics(sc, desc, data); 2394 break; 2395 2396 case IWN_BEACON_MISSED: 2397 { 2398 struct iwn_beacon_missed *miss = 2399 (struct iwn_beacon_missed *)(desc + 1); 2400 2401 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2402 sizeof (*miss), BUS_DMASYNC_POSTREAD); 2403 /* 2404 * If more than 5 consecutive beacons are missed, 2405 * reinitialize the sensitivity state machine. 2406 */ 2407 DPRINTF(("beacons missed %d/%d\n", 2408 le32toh(miss->consecutive), le32toh(miss->total))); 2409 if (ic->ic_state == IEEE80211_S_RUN && 2410 le32toh(miss->consecutive) > 5) 2411 (void)iwn_init_sensitivity(sc); 2412 break; 2413 } 2414 case IWN_UC_READY: 2415 { 2416 struct iwn_ucode_info *uc = 2417 (struct iwn_ucode_info *)(desc + 1); 2418 2419 /* The microcontroller is ready. */ 2420 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2421 sizeof (*uc), BUS_DMASYNC_POSTREAD); 2422 DPRINTF(("microcode alive notification version=%d.%d " 2423 "subtype=%x alive=%x\n", uc->major, uc->minor, 2424 uc->subtype, le32toh(uc->valid))); 2425 2426 if (le32toh(uc->valid) != 1) { 2427 aprint_error_dev(sc->sc_dev, 2428 "microcontroller initialization " 2429 "failed\n"); 2430 break; 2431 } 2432 if (uc->subtype == IWN_UCODE_INIT) { 2433 /* Save microcontroller report. */ 2434 memcpy(&sc->ucode_info, uc, sizeof (*uc)); 2435 } 2436 /* Save the address of the error log in SRAM. */ 2437 sc->errptr = le32toh(uc->errptr); 2438 break; 2439 } 2440 case IWN_STATE_CHANGED: 2441 { 2442 uint32_t *status = (uint32_t *)(desc + 1); 2443 2444 /* Enabled/disabled notification. */ 2445 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2446 sizeof (*status), BUS_DMASYNC_POSTREAD); 2447 DPRINTF(("state changed to %x\n", le32toh(*status))); 2448 2449 if (le32toh(*status) & 1) { 2450 /* The radio button has to be pushed. */ 2451 aprint_error_dev(sc->sc_dev, 2452 "Radio transmitter is off\n"); 2453 /* Turn the interface down. */ 2454 ifp->if_flags &= ~IFF_UP; 2455 iwn_stop(ifp, 1); 2456 return; /* No further processing. */ 2457 } 2458 break; 2459 } 2460 case IWN_START_SCAN: 2461 { 2462 struct iwn_start_scan *scan = 2463 (struct iwn_start_scan *)(desc + 1); 2464 2465 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2466 sizeof (*scan), BUS_DMASYNC_POSTREAD); 2467 DPRINTFN(2, ("scanning channel %d status %x\n", 2468 scan->chan, le32toh(scan->status))); 2469 2470 /* Fix current channel. */ 2471 ic->ic_bss->ni_chan = &ic->ic_channels[scan->chan]; 2472 break; 2473 } 2474 case IWN_STOP_SCAN: 2475 { 2476 struct iwn_stop_scan *scan = 2477 (struct iwn_stop_scan *)(desc + 1); 2478 2479 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2480 sizeof (*scan), BUS_DMASYNC_POSTREAD); 2481 DPRINTF(("scan finished nchan=%d status=%d chan=%d\n", 2482 scan->nchan, scan->status, scan->chan)); 2483 2484 if (scan->status == 1 && scan->chan <= 14 && 2485 (sc->sc_flags & IWN_FLAG_HAS_5GHZ)) { 2486 /* 2487 * We just finished scanning 2GHz channels, 2488 * start scanning 5GHz ones. 2489 */ 2490 if (iwn_scan(sc, IEEE80211_CHAN_5GHZ) == 0) 2491 break; 2492 } 2493 sc->sc_flags &= ~IWN_FLAG_SCANNING; 2494 ieee80211_end_scan(ic); 2495 break; 2496 } 2497 case IWN5000_CALIBRATION_RESULT: 2498 iwn5000_rx_calib_results(sc, desc, data); 2499 break; 2500 2501 case IWN5000_CALIBRATION_DONE: 2502 sc->sc_flags |= IWN_FLAG_CALIB_DONE; 2503 wakeup(sc); 2504 break; 2505 } 2506 2507 sc->rxq.cur = (sc->rxq.cur + 1) % IWN_RX_RING_COUNT; 2508 } 2509 2510 /* Tell the firmware what we have processed. */ 2511 hw = (hw == 0) ? IWN_RX_RING_COUNT - 1 : hw - 1; 2512 IWN_WRITE(sc, IWN_FH_RX_WPTR, hw & ~7); 2513 } 2514 2515 /* 2516 * Process an INT_WAKEUP interrupt raised when the microcontroller wakes up 2517 * from power-down sleep mode. 2518 */ 2519 static void 2520 iwn_wakeup_intr(struct iwn_softc *sc) 2521 { 2522 int qid; 2523 2524 DPRINTF(("ucode wakeup from power-down sleep\n")); 2525 2526 /* Wakeup RX and TX rings. */ 2527 IWN_WRITE(sc, IWN_FH_RX_WPTR, sc->rxq.cur & ~7); 2528 for (qid = 0; qid < sc->sc_hal->ntxqs; qid++) { 2529 struct iwn_tx_ring *ring = &sc->txq[qid]; 2530 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | ring->cur); 2531 } 2532 } 2533 2534 /* 2535 * Dump the error log of the firmware when a firmware panic occurs. Although 2536 * we can't debug the firmware because it is neither open source nor free, it 2537 * can help us to identify certain classes of problems. 2538 */ 2539 static void 2540 iwn_fatal_intr(struct iwn_softc *sc) 2541 { 2542 const struct iwn_hal *hal = sc->sc_hal; 2543 struct iwn_fw_dump dump; 2544 int i; 2545 2546 /* Force a complete recalibration on next init. */ 2547 sc->sc_flags &= ~IWN_FLAG_CALIB_DONE; 2548 2549 /* Check that the error log address is valid. */ 2550 if (sc->errptr < IWN_FW_DATA_BASE || 2551 sc->errptr + sizeof (dump) > 2552 IWN_FW_DATA_BASE + hal->fw_data_maxsz) { 2553 aprint_error_dev(sc->sc_dev, 2554 "bad firmware error log address 0x%08x\n", sc->errptr); 2555 return; 2556 } 2557 if (iwn_nic_lock(sc) != 0) { 2558 aprint_error_dev(sc->sc_dev, 2559 "could not read firmware error log\n"); 2560 return; 2561 } 2562 /* Read firmware error log from SRAM. */ 2563 iwn_mem_read_region_4(sc, sc->errptr, (uint32_t *)&dump, 2564 sizeof (dump) / sizeof (uint32_t)); 2565 iwn_nic_unlock(sc); 2566 2567 if (dump.valid == 0) { 2568 aprint_error_dev(sc->sc_dev, 2569 "firmware error log is empty\n"); 2570 return; 2571 } 2572 aprint_error("firmware error log:\n"); 2573 aprint_error(" error type = \"%s\" (0x%08X)\n", 2574 (dump.id < __arraycount(iwn_fw_errmsg)) ? 2575 iwn_fw_errmsg[dump.id] : "UNKNOWN", 2576 dump.id); 2577 aprint_error(" program counter = 0x%08X\n", dump.pc); 2578 aprint_error(" source line = 0x%08X\n", dump.src_line); 2579 aprint_error(" error data = 0x%08X%08X\n", 2580 dump.error_data[0], dump.error_data[1]); 2581 aprint_error(" branch link = 0x%08X%08X\n", 2582 dump.branch_link[0], dump.branch_link[1]); 2583 aprint_error(" interrupt link = 0x%08X%08X\n", 2584 dump.interrupt_link[0], dump.interrupt_link[1]); 2585 aprint_error(" time = %u\n", dump.time[0]); 2586 2587 /* Dump driver status (TX and RX rings) while we're here. */ 2588 aprint_error("driver status:\n"); 2589 for (i = 0; i < hal->ntxqs; i++) { 2590 struct iwn_tx_ring *ring = &sc->txq[i]; 2591 aprint_error(" tx ring %2d: qid=%-2d cur=%-3d queued=%-3d\n", 2592 i, ring->qid, ring->cur, ring->queued); 2593 } 2594 aprint_error(" rx ring: cur=%d\n", sc->rxq.cur); 2595 aprint_error(" 802.11 state %d\n", sc->sc_ic.ic_state); 2596 } 2597 2598 static int 2599 iwn_intr(void *arg) 2600 { 2601 struct iwn_softc *sc = arg; 2602 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2603 uint32_t r1, r2, tmp; 2604 2605 /* Disable interrupts. */ 2606 IWN_WRITE(sc, IWN_INT_MASK, 0); 2607 2608 /* Read interrupts from ICT (fast) or from registers (slow). */ 2609 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 2610 tmp = 0; 2611 while (sc->ict[sc->ict_cur] != 0) { 2612 tmp |= sc->ict[sc->ict_cur]; 2613 sc->ict[sc->ict_cur] = 0; /* Acknowledge. */ 2614 sc->ict_cur = (sc->ict_cur + 1) % IWN_ICT_COUNT; 2615 } 2616 tmp = le32toh(tmp); 2617 if (tmp == 0xffffffff) /* Shouldn't happen. */ 2618 tmp = 0; 2619 else if (tmp & 0xc0000) /* Workaround a HW bug. */ 2620 tmp |= 0x8000; 2621 r1 = (tmp & 0xff00) << 16 | (tmp & 0xff); 2622 r2 = 0; /* Unused. */ 2623 } else { 2624 r1 = IWN_READ(sc, IWN_INT); 2625 if (r1 == 0xffffffff || (r1 & 0xfffffff0) == 0xa5a5a5a0) 2626 return 0; /* Hardware gone! */ 2627 r2 = IWN_READ(sc, IWN_FH_INT); 2628 } 2629 if (r1 == 0 && r2 == 0) { 2630 if (ifp->if_flags & IFF_UP) 2631 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 2632 return 0; /* Interrupt not for us. */ 2633 } 2634 2635 /* Acknowledge interrupts. */ 2636 IWN_WRITE(sc, IWN_INT, r1); 2637 if (!(sc->sc_flags & IWN_FLAG_USE_ICT)) 2638 IWN_WRITE(sc, IWN_FH_INT, r2); 2639 2640 if (r1 & IWN_INT_RF_TOGGLED) { 2641 tmp = IWN_READ(sc, IWN_GP_CNTRL); 2642 aprint_error_dev(sc->sc_dev, 2643 "RF switch: radio %s\n", 2644 (tmp & IWN_GP_CNTRL_RFKILL) ? "enabled" : "disabled"); 2645 } 2646 if (r1 & IWN_INT_CT_REACHED) { 2647 aprint_error_dev(sc->sc_dev, 2648 "critical temperature reached!\n"); 2649 } 2650 if (r1 & (IWN_INT_SW_ERR | IWN_INT_HW_ERR)) { 2651 aprint_error_dev(sc->sc_dev, 2652 "fatal firmware error\n"); 2653 /* Dump firmware error log and stop. */ 2654 iwn_fatal_intr(sc); 2655 ifp->if_flags &= ~IFF_UP; 2656 iwn_stop(ifp, 1); 2657 return 1; 2658 } 2659 if ((r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX | IWN_INT_RX_PERIODIC)) || 2660 (r2 & IWN_FH_INT_RX)) { 2661 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 2662 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) 2663 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_RX); 2664 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 2665 IWN_INT_PERIODIC_DIS); 2666 iwn_notif_intr(sc); 2667 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) { 2668 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 2669 IWN_INT_PERIODIC_ENA); 2670 } 2671 } else 2672 iwn_notif_intr(sc); 2673 } 2674 2675 if ((r1 & IWN_INT_FH_TX) || (r2 & IWN_FH_INT_TX)) { 2676 if (sc->sc_flags & IWN_FLAG_USE_ICT) 2677 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_TX); 2678 wakeup(sc); /* FH DMA transfer completed. */ 2679 } 2680 2681 if (r1 & IWN_INT_ALIVE) 2682 wakeup(sc); /* Firmware is alive. */ 2683 2684 if (r1 & IWN_INT_WAKEUP) 2685 iwn_wakeup_intr(sc); 2686 2687 /* Re-enable interrupts. */ 2688 if (ifp->if_flags & IFF_UP) 2689 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 2690 2691 return 1; 2692 } 2693 2694 /* 2695 * Update TX scheduler ring when transmitting an 802.11 frame (4965AGN and 2696 * 5000 adapters use a slightly different format.) 2697 */ 2698 static void 2699 iwn4965_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 2700 uint16_t len) 2701 { 2702 uint16_t *w = &sc->sched[qid * IWN4965_SCHED_COUNT + idx]; 2703 2704 *w = htole16(len + 8); 2705 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2706 (char *)(void *)w - (char *)(void *)sc->sched_dma.vaddr, 2707 sizeof (uint16_t), 2708 BUS_DMASYNC_PREWRITE); 2709 if (idx < IWN_SCHED_WINSZ) { 2710 *(w + IWN_TX_RING_COUNT) = *w; 2711 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2712 (char *)(void *)(w + IWN_TX_RING_COUNT) - 2713 (char *)(void *)sc->sched_dma.vaddr, 2714 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2715 } 2716 } 2717 2718 static void 2719 iwn5000_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 2720 uint16_t len) 2721 { 2722 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 2723 2724 *w = htole16(id << 12 | (len + 8)); 2725 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2726 (char *)(void *)w - (char *)(void *)sc->sched_dma.vaddr, 2727 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2728 if (idx < IWN_SCHED_WINSZ) { 2729 *(w + IWN_TX_RING_COUNT) = *w; 2730 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2731 (char *)(void *)(w + IWN_TX_RING_COUNT) - 2732 (char *)(void *)sc->sched_dma.vaddr, 2733 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2734 } 2735 } 2736 2737 #ifdef notyet 2738 static void 2739 iwn5000_reset_sched(struct iwn_softc *sc, int qid, int idx) 2740 { 2741 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 2742 2743 *w = (*w & htole16(0xf000)) | htole16(1); 2744 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2745 (char *)(void *)w - (char *)(void *)sc->sched_dma.vaddr, 2746 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2747 if (idx < IWN_SCHED_WINSZ) { 2748 *(w + IWN_TX_RING_COUNT) = *w; 2749 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2750 (char *)(void *)(w + IWN_TX_RING_COUNT) - 2751 (char *)(void *)sc->sched_dma.vaddr, 2752 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2753 } 2754 } 2755 #endif 2756 2757 #if 0 2758 /* XXX figure out why this (new OpenBSD) version does not work (on NetBSD! */ 2759 static int 2760 iwn_tx(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni, int ac) 2761 { 2762 const struct iwn_hal *hal = sc->sc_hal; 2763 struct ieee80211com *ic = &sc->sc_ic; 2764 struct iwn_node *wn = (void *)ni; 2765 struct iwn_tx_ring *ring; 2766 struct iwn_tx_desc *desc; 2767 struct iwn_tx_data *data; 2768 struct iwn_tx_cmd *cmd; 2769 struct iwn_cmd_data *tx; 2770 const struct iwn_rate *rinfo; 2771 struct ieee80211_frame *wh; 2772 struct ieee80211_key *k = NULL; 2773 struct mbuf *m1; 2774 uint32_t flags; 2775 u_int hdrlen; 2776 bus_dma_segment_t *seg; 2777 uint8_t tid, ridx, txant, type; 2778 int i, totlen, error, pad; 2779 2780 const struct chanAccParams *cap; 2781 int noack; 2782 int hdrlen2; 2783 2784 wh = mtod(m, struct ieee80211_frame *); 2785 hdrlen2 = ieee80211_hdrsize(wh); 2786 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2787 2788 hdrlen = (IEEE80211_QOS_HAS_SEQ(wh)) ? 2789 sizeof (struct ieee80211_qosframe) : 2790 sizeof (struct ieee80211_frame); 2791 2792 if (hdrlen != hdrlen2) 2793 aprint_error_dev(sc->sc_dev, "hdrlen error (%d != %d)\n", 2794 hdrlen, hdrlen2); 2795 2796 tid = 0; 2797 2798 /* Encrypt the frame if need be. */ 2799 /* XXX Should this be after bpf_mtap2 call, below (see OpenBSD code)? */ 2800 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2801 k = ieee80211_crypto_encap(ic, ni, m); 2802 if (k == NULL) { 2803 m_freem(m); 2804 return ENOBUFS; 2805 } 2806 /* Packet header may have moved, reset our local pointer. */ 2807 wh = mtod(m, struct ieee80211_frame *); 2808 } 2809 2810 ring = &sc->txq[ac]; 2811 desc = &ring->desc[ring->cur]; 2812 data = &ring->data[ring->cur]; 2813 2814 /* Choose a TX rate index. */ 2815 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2816 type != IEEE80211_FC0_TYPE_DATA) { 2817 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2818 IWN_RIDX_OFDM6 : IWN_RIDX_CCK1; 2819 } else if (ic->ic_fixed_rate != -1) { 2820 ridx = sc->fixed_ridx; 2821 } else 2822 ridx = wn->ridx[ni->ni_txrate]; 2823 rinfo = &iwn_rates[ridx]; 2824 2825 if (sc->sc_drvbpf != NULL) { 2826 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 2827 2828 tap->wt_flags = 0; 2829 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 2830 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 2831 tap->wt_rate = rinfo->rate; 2832 tap->wt_hwqueue = ac; 2833 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 2834 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2835 2836 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m); 2837 } 2838 2839 totlen = m->m_pkthdr.len; 2840 2841 /* Prepare TX firmware command. */ 2842 cmd = &ring->cmd[ring->cur]; 2843 cmd->code = IWN_CMD_TX_DATA; 2844 cmd->flags = 0; 2845 cmd->qid = ring->qid; 2846 cmd->idx = ring->cur; 2847 2848 tx = (struct iwn_cmd_data *)cmd->data; 2849 /* NB: No need to clear tx, all fields are reinitialized here. */ 2850 tx->scratch = 0; /* clear "scratch" area */ 2851 2852 if (IEEE80211_QOS_HAS_SEQ(wh)) { 2853 cap = &ic->ic_wme.wme_chanParams; 2854 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 2855 } 2856 else 2857 noack = 0; 2858 2859 flags = 0; 2860 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 2861 /* Unicast frame with an ACK expected. */ 2862 flags |= IWN_TX_NEED_ACK; 2863 } 2864 2865 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) 2866 flags |= IWN_TX_MORE_FRAG; /* Cannot happen yet. */ 2867 2868 /* Check if frame must be protected using RTS/CTS or CTS-to-self. */ 2869 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 2870 /* NB: Group frames are sent using CCK in 802.11b/g. */ 2871 if (totlen + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) { 2872 flags |= IWN_TX_NEED_RTS; 2873 } else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 2874 ridx >= IWN_RIDX_OFDM6) { 2875 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 2876 flags |= IWN_TX_NEED_CTS; 2877 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 2878 flags |= IWN_TX_NEED_RTS; 2879 } 2880 if (flags & (IWN_TX_NEED_RTS | IWN_TX_NEED_CTS)) { 2881 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 2882 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 2883 flags &= ~(IWN_TX_NEED_RTS | IWN_TX_NEED_CTS); 2884 flags |= IWN_TX_NEED_PROTECTION; 2885 } else 2886 flags |= IWN_TX_FULL_TXOP; 2887 } 2888 } 2889 2890 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2891 type != IEEE80211_FC0_TYPE_DATA) 2892 tx->id = hal->broadcast_id; 2893 else 2894 tx->id = wn->id; 2895 2896 if (type == IEEE80211_FC0_TYPE_MGT) { 2897 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2898 2899 #ifndef IEEE80211_STA_ONLY 2900 /* Tell HW to set timestamp in probe responses. */ 2901 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 2902 flags |= IWN_TX_INSERT_TSTAMP; 2903 #endif 2904 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 2905 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 2906 tx->timeout = htole16(3); 2907 else 2908 tx->timeout = htole16(2); 2909 } else 2910 tx->timeout = htole16(0); 2911 2912 if (hdrlen & 3) { 2913 /* First segment length must be a multiple of 4. */ 2914 flags |= IWN_TX_NEED_PADDING; 2915 pad = 4 - (hdrlen & 3); 2916 } else 2917 pad = 0; 2918 2919 tx->len = htole16(totlen); 2920 tx->tid = tid; 2921 tx->rts_ntries = 60; 2922 tx->data_ntries = 15; 2923 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 2924 tx->plcp = rinfo->plcp; 2925 tx->rflags = rinfo->flags; 2926 if (tx->id == hal->broadcast_id) { 2927 /* Group or management frame. */ 2928 tx->linkq = 0; 2929 /* XXX Alternate between antenna A and B? */ 2930 txant = IWN_LSB(sc->txchainmask); 2931 tx->rflags |= IWN_RFLAG_ANT(txant); 2932 } else { 2933 tx->linkq = ni->ni_rates.rs_nrates - ni->ni_txrate - 1; 2934 flags |= IWN_TX_LINKQ; /* enable MRR */ 2935 } 2936 /* Set physical address of "scratch area". */ 2937 tx->loaddr = htole32(IWN_LOADDR(data->scratch_paddr)); 2938 tx->hiaddr = IWN_HIADDR(data->scratch_paddr); 2939 2940 /* Copy 802.11 header in TX command. */ 2941 memcpy((uint8_t *)(tx + 1), wh, hdrlen); 2942 2943 tx->flags = htole32(flags); 2944 2945 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 2946 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 2947 if (error != 0) { 2948 if (error != EFBIG) { 2949 aprint_error_dev(sc->sc_dev, 2950 "can't map mbuf (error %d)\n", error); 2951 m_freem(m); 2952 return error; 2953 } 2954 /* Too many DMA segments, linearize mbuf. */ 2955 MGETHDR(m1, M_DONTWAIT, MT_DATA); 2956 if (m1 == NULL) { 2957 m_freem(m); 2958 return ENOBUFS; 2959 } 2960 if (m->m_pkthdr.len > MHLEN) { 2961 MCLGET(m1, M_DONTWAIT); 2962 if (!(m1->m_flags & M_EXT)) { 2963 m_freem(m); 2964 m_freem(m1); 2965 return ENOBUFS; 2966 } 2967 } 2968 m_copydata(m, 0, m->m_pkthdr.len, mtod(m1, char *)); 2969 m1->m_pkthdr.len = m1->m_len = m->m_pkthdr.len; 2970 m_freem(m); 2971 m = m1; 2972 2973 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 2974 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 2975 if (error != 0) { 2976 aprint_error_dev(sc->sc_dev, 2977 "can't map mbuf (error %d)\n", error); 2978 m_freem(m); 2979 return error; 2980 } 2981 } 2982 2983 data->m = m; 2984 data->ni = ni; 2985 2986 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 2987 ring->qid, ring->cur, m->m_pkthdr.len, data->map->dm_nsegs)); 2988 2989 /* Fill TX descriptor. */ 2990 desc->nsegs = 1 + data->map->dm_nsegs; 2991 /* First DMA segment is used by the TX command. */ 2992 desc->segs[0].addr = htole32(IWN_LOADDR(data->cmd_paddr)); 2993 desc->segs[0].len = htole16(IWN_HIADDR(data->cmd_paddr) | 2994 (4 + sizeof (*tx) + hdrlen + pad) << 4); 2995 /* Other DMA segments are for data payload. */ 2996 seg = data->map->dm_segs; 2997 for (i = 1; i <= data->map->dm_nsegs; i++) { 2998 desc->segs[i].addr = htole32(IWN_LOADDR(seg->ds_addr)); 2999 desc->segs[i].len = htole16(IWN_HIADDR(seg->ds_addr) | 3000 seg->ds_len << 4); 3001 seg++; 3002 } 3003 3004 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 3005 BUS_DMASYNC_PREWRITE); 3006 bus_dmamap_sync(sc->sc_dmat, ring->cmd_dma.map, 3007 (char *)(void *)cmd - (char *)(void *)ring->cmd_dma.vaddr, 3008 sizeof (*cmd), BUS_DMASYNC_PREWRITE); 3009 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 3010 (char *)(void *)desc - (char *)(void *)ring->desc_dma.vaddr, 3011 sizeof (*desc), BUS_DMASYNC_PREWRITE); 3012 3013 #ifdef notyet 3014 /* Update TX scheduler. */ 3015 hal->update_sched(sc, ring->qid, ring->cur, tx->id, totlen); 3016 #endif 3017 3018 /* Kick TX ring. */ 3019 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 3020 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 3021 3022 /* Mark TX ring as full if we reach a certain threshold. */ 3023 if (++ring->queued > IWN_TX_RING_HIMARK) 3024 sc->qfullmsk |= 1 << ring->qid; 3025 3026 return 0; 3027 } 3028 #else 3029 /* This version is from the old NetBSD driver port */ 3030 static int 3031 iwn_tx(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni, int ac) 3032 { 3033 const struct iwn_hal *hal = sc->sc_hal; 3034 struct ieee80211com *ic = &sc->sc_ic; 3035 struct iwn_node *wn = (void *)ni; 3036 struct iwn_tx_ring *ring; 3037 struct iwn_tx_desc *desc; 3038 struct iwn_tx_data *data; 3039 struct iwn_tx_cmd *cmd; 3040 struct iwn_cmd_data *tx; 3041 const struct iwn_rate *rinfo; 3042 struct ieee80211_frame *wh; 3043 struct ieee80211_key *k = NULL; 3044 const struct chanAccParams *cap; 3045 struct mbuf *m1; 3046 uint32_t flags; 3047 u_int hdrlen; 3048 bus_dma_segment_t *seg; 3049 uint8_t ridx, txant, type; 3050 int i, totlen, error, pad, noack; 3051 3052 wh = mtod(m, struct ieee80211_frame *); 3053 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3054 3055 /* JAF XXX two lines above were not in wpi. check we don't duplicate this */ 3056 3057 if (IEEE80211_QOS_HAS_SEQ(wh)) { 3058 hdrlen = sizeof (struct ieee80211_qosframe); 3059 cap = &ic->ic_wme.wme_chanParams; 3060 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 3061 } else { 3062 hdrlen = sizeof (struct ieee80211_frame); 3063 noack = 0; 3064 } 3065 3066 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 3067 k = ieee80211_crypto_encap(ic, ni, m); 3068 if (k == NULL) { 3069 m_freem(m); 3070 return ENOBUFS; 3071 } 3072 /* packet header may have moved, reset our local pointer */ 3073 wh = mtod(m, struct ieee80211_frame *); 3074 } 3075 3076 ring = &sc->txq[ac]; 3077 desc = &ring->desc[ring->cur]; 3078 data = &ring->data[ring->cur]; 3079 3080 /* Choose a TX rate index. */ 3081 if (type == IEEE80211_FC0_TYPE_MGT) { 3082 /* mgmt frames are sent at the lowest available bit-rate */ 3083 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3084 IWN_RIDX_OFDM6 : IWN_RIDX_CCK1; 3085 } else { 3086 if (ic->ic_fixed_rate != -1) { 3087 ridx = sc->fixed_ridx; 3088 } else 3089 ridx = wn->ridx[ni->ni_txrate]; 3090 } 3091 rinfo = &iwn_rates[ridx]; 3092 3093 if (sc->sc_drvbpf != NULL) { 3094 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 3095 3096 tap->wt_flags = 0; 3097 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 3098 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 3099 tap->wt_rate = rinfo->rate; 3100 tap->wt_hwqueue = ac; 3101 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 3102 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 3103 3104 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m); 3105 } 3106 3107 totlen = m->m_pkthdr.len; 3108 3109 /* Encrypt the frame if need be. */ 3110 #ifdef IEEE80211_FC1_PROTECTED 3111 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 3112 /* Retrieve key for TX. */ 3113 k = ieee80211_get_txkey(ic, wh, ni); 3114 if (k->k_cipher != IEEE80211_CIPHER_CCMP) { 3115 /* Do software encryption. */ 3116 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) 3117 return ENOBUFS; 3118 /* 802.11 header may have moved. */ 3119 wh = mtod(m, struct ieee80211_frame *); 3120 totlen = m->m_pkthdr.len; 3121 3122 } else /* HW appends CCMP MIC. */ 3123 totlen += IEEE80211_CCMP_HDRLEN; 3124 } 3125 #endif 3126 3127 /* Prepare TX firmware command. */ 3128 cmd = &ring->cmd[ring->cur]; 3129 cmd->code = IWN_CMD_TX_DATA; 3130 cmd->flags = 0; 3131 cmd->qid = ring->qid; 3132 cmd->idx = ring->cur; 3133 3134 tx = (struct iwn_cmd_data *)cmd->data; 3135 /* NB: No need to clear tx, all fields are reinitialized here. */ 3136 tx->scratch = 0; /* clear "scratch" area */ 3137 3138 flags = 0; 3139 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3140 flags |= IWN_TX_NEED_ACK; 3141 } else if (m->m_pkthdr.len + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) 3142 flags |= IWN_TX_NEED_RTS | IWN_TX_FULL_TXOP; 3143 3144 #ifdef notyet 3145 if ((wh->i_fc[0] & 3146 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 3147 (IEEE80211_FC0_TYPE_CTL | IEEE80211_FC0_SUBTYPE_BAR)) 3148 flags |= IWN_TX_IMM_BA; /* Cannot happen yet. */ 3149 #endif 3150 3151 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) 3152 flags |= IWN_TX_MORE_FRAG; /* Cannot happen yet. */ 3153 3154 /* Check if frame must be protected using RTS/CTS or CTS-to-self. */ 3155 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3156 /* NB: Group frames are sent using CCK in 802.11b/g. */ 3157 if (totlen + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) { 3158 flags |= IWN_TX_NEED_RTS; 3159 } else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 3160 ridx >= IWN_RIDX_OFDM6) { 3161 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 3162 flags |= IWN_TX_NEED_CTS; 3163 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 3164 flags |= IWN_TX_NEED_RTS; 3165 } 3166 if (flags & (IWN_TX_NEED_RTS | IWN_TX_NEED_CTS)) { 3167 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 3168 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 3169 flags &= ~(IWN_TX_NEED_RTS | IWN_TX_NEED_CTS); 3170 flags |= IWN_TX_NEED_PROTECTION; 3171 } else 3172 flags |= IWN_TX_FULL_TXOP; 3173 } 3174 } 3175 3176 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 3177 type != IEEE80211_FC0_TYPE_DATA) 3178 tx->id = hal->broadcast_id; 3179 else 3180 tx->id = wn->id; 3181 3182 if (type == IEEE80211_FC0_TYPE_MGT) { 3183 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 3184 3185 #ifndef IEEE80211_STA_ONLY 3186 /* Tell HW to set timestamp in probe responses. */ 3187 if ((subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) || 3188 (subtype == IEEE80211_FC0_SUBTYPE_PROBE_REQ)) 3189 flags |= IWN_TX_INSERT_TSTAMP; 3190 #endif 3191 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 3192 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ || 3193 subtype == IEEE80211_FC0_SUBTYPE_AUTH || 3194 subtype == IEEE80211_FC0_SUBTYPE_DEAUTH) { 3195 flags &= ~IWN_TX_NEED_RTS; 3196 flags |= IWN_TX_NEED_CTS; 3197 tx->timeout = htole16(3); 3198 } else 3199 tx->timeout = htole16(2); 3200 } else 3201 tx->timeout = htole16(0); 3202 3203 if (hdrlen & 3) { 3204 /* First segment's length must be a multiple of 4. */ 3205 flags |= IWN_TX_NEED_PADDING; 3206 pad = 4 - (hdrlen & 3); 3207 } else 3208 pad = 0; 3209 3210 #if 0 3211 if (type == IEEE80211_FC0_TYPE_CTL) { 3212 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 3213 3214 /* tell h/w to set timestamp in probe responses */ 3215 if (subtype == 0x0080) /* linux says this is "back request" */ 3216 /* linux says (1 << 6) is IMM_BA_RSP_MASK */ 3217 flags |= (IWN_TX_NEED_ACK | (1 << 6)); 3218 } 3219 #endif 3220 3221 tx->len = htole16(totlen); 3222 tx->tid = 0/* tid */; 3223 tx->rts_ntries = 60; 3224 tx->data_ntries = 15; 3225 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 3226 tx->plcp = rinfo->plcp; 3227 tx->rflags = rinfo->flags; 3228 if (tx->id == hal->broadcast_id) { 3229 /* Group or management frame. */ 3230 tx->linkq = 0; 3231 /* XXX Alternate between antenna A and B? */ 3232 txant = IWN_LSB(sc->txchainmask); 3233 tx->rflags |= IWN_RFLAG_ANT(txant); 3234 } else { 3235 tx->linkq = ni->ni_rates.rs_nrates - ni->ni_txrate - 1; 3236 flags |= IWN_TX_LINKQ; /* enable MRR */ 3237 } 3238 /* Set physical address of "scratch area". */ 3239 tx->loaddr = htole32(IWN_LOADDR(data->scratch_paddr)); 3240 tx->hiaddr = IWN_HIADDR(data->scratch_paddr); 3241 3242 /* Copy 802.11 header in TX command. */ 3243 memcpy(((uint8_t *)tx) + sizeof(*tx), wh, hdrlen); 3244 3245 /* Trim 802.11 header. */ 3246 m_adj(m, hdrlen); 3247 tx->security = 0; 3248 3249 #ifdef notyet 3250 if (k != NULL && k->k_cipher == IEEE80211_CIPHER_CCMP) { 3251 /* Trim 802.11 header and prepend CCMP IV. */ 3252 m_adj(m, hdrlen - IEEE80211_CCMP_HDRLEN); 3253 ivp = mtod(m, uint8_t *); 3254 k->k_tsc++; 3255 ivp[0] = k->k_tsc; 3256 ivp[1] = k->k_tsc >> 8; 3257 ivp[2] = 0; 3258 ivp[3] = k->k_id << 6 | IEEE80211_WEP_EXTIV; 3259 ivp[4] = k->k_tsc >> 16; 3260 ivp[5] = k->k_tsc >> 24; 3261 ivp[6] = k->k_tsc >> 32; 3262 ivp[7] = k->k_tsc >> 40; 3263 3264 tx->security = IWN_CIPHER_CCMP; 3265 /* XXX flags |= IWN_TX_AMPDU_CCMP; */ 3266 memcpy(tx->key, k->k_key, k->k_len); 3267 3268 /* TX scheduler includes CCMP MIC len w/5000 Series. */ 3269 if (sc->hw_type != IWN_HW_REV_TYPE_4965) 3270 totlen += IEEE80211_CCMP_MICLEN; 3271 } else { 3272 /* Trim 802.11 header. */ 3273 m_adj(m, hdrlen); 3274 tx->security = 0; 3275 } 3276 #endif 3277 tx->flags = htole32(flags); 3278 3279 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 3280 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 3281 if (error != 0 && error != EFBIG) { 3282 aprint_error_dev(sc->sc_dev, 3283 "can't map mbuf (error %d)\n", error); 3284 m_freem(m); 3285 return error; 3286 } 3287 if (error != 0) { 3288 /* Too many DMA segments, linearize mbuf. */ 3289 MGETHDR(m1, M_DONTWAIT, MT_DATA); 3290 if (m1 == NULL) { 3291 m_freem(m); 3292 return ENOBUFS; 3293 } 3294 if (m->m_pkthdr.len > MHLEN) { 3295 MCLGET(m1, M_DONTWAIT); 3296 if (!(m1->m_flags & M_EXT)) { 3297 m_freem(m); 3298 m_freem(m1); 3299 return ENOBUFS; 3300 } 3301 } 3302 m_copydata(m, 0, m->m_pkthdr.len, mtod(m1, void *)); 3303 m1->m_pkthdr.len = m1->m_len = m->m_pkthdr.len; 3304 m_freem(m); 3305 m = m1; 3306 3307 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 3308 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 3309 if (error != 0) { 3310 aprint_error_dev(sc->sc_dev, 3311 "can't map mbuf (error %d)\n", error); 3312 m_freem(m); 3313 return error; 3314 } 3315 } 3316 3317 data->m = m; 3318 data->ni = ni; 3319 3320 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 3321 ring->qid, ring->cur, m->m_pkthdr.len, data->map->dm_nsegs)); 3322 3323 /* Fill TX descriptor. */ 3324 desc->nsegs = 1 + data->map->dm_nsegs; 3325 /* First DMA segment is used by the TX command. */ 3326 desc->segs[0].addr = htole32(IWN_LOADDR(data->cmd_paddr)); 3327 desc->segs[0].len = htole16(IWN_HIADDR(data->cmd_paddr) | 3328 (4 + sizeof (*tx) + hdrlen + pad) << 4); 3329 /* Other DMA segments are for data payload. */ 3330 seg = data->map->dm_segs; 3331 for (i = 1; i <= data->map->dm_nsegs; i++) { 3332 desc->segs[i].addr = htole32(IWN_LOADDR(seg->ds_addr)); 3333 desc->segs[i].len = htole16(IWN_HIADDR(seg->ds_addr) | 3334 seg->ds_len << 4); 3335 seg++; 3336 } 3337 3338 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 3339 BUS_DMASYNC_PREWRITE); 3340 bus_dmamap_sync(sc->sc_dmat, ring->cmd_dma.map, 3341 (char *)(void *)cmd - (char *)(void *)ring->cmd_dma.vaddr, 3342 sizeof (*cmd), BUS_DMASYNC_PREWRITE); 3343 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 3344 (char *)(void *)desc - (char *)(void *)ring->desc_dma.vaddr, 3345 sizeof (*desc), BUS_DMASYNC_PREWRITE); 3346 3347 #ifdef notyet 3348 /* Update TX scheduler. */ 3349 sc->sc_hal->update_sched(sc, ring->qid, ring->cur, tx->id, totlen); 3350 #endif 3351 3352 /* Kick TX ring. */ 3353 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 3354 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 3355 3356 /* Mark TX ring as full if we reach a certain threshold. */ 3357 if (++ring->queued > IWN_TX_RING_HIMARK) 3358 sc->qfullmsk |= 1 << ring->qid; 3359 3360 return 0; 3361 } 3362 #endif 3363 3364 static void 3365 iwn_start(struct ifnet *ifp) 3366 { 3367 struct iwn_softc *sc = ifp->if_softc; 3368 struct ieee80211com *ic = &sc->sc_ic; 3369 struct ieee80211_node *ni; 3370 struct ether_header *eh; 3371 struct mbuf *m; 3372 int ac; 3373 3374 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 3375 return; 3376 3377 for (;;) { 3378 if (sc->qfullmsk != 0) { 3379 ifp->if_flags |= IFF_OACTIVE; 3380 break; 3381 } 3382 /* Send pending management frames first. */ 3383 IF_DEQUEUE(&ic->ic_mgtq, m); 3384 if (m != NULL) { 3385 ni = (void *)m->m_pkthdr.rcvif; 3386 ac = 0; 3387 goto sendit; 3388 } 3389 if (ic->ic_state != IEEE80211_S_RUN) 3390 break; 3391 3392 /* Encapsulate and send data frames. */ 3393 IFQ_DEQUEUE(&ifp->if_snd, m); 3394 if (m == NULL) 3395 break; 3396 if (m->m_len < sizeof (*eh) && 3397 (m = m_pullup(m, sizeof (*eh))) == NULL) { 3398 ifp->if_oerrors++; 3399 continue; 3400 } 3401 eh = mtod(m, struct ether_header *); 3402 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 3403 if (ni == NULL) { 3404 m_freem(m); 3405 ifp->if_oerrors++; 3406 continue; 3407 } 3408 /* classify mbuf so we can find which tx ring to use */ 3409 if (ieee80211_classify(ic, m, ni) != 0) { 3410 m_freem(m); 3411 ieee80211_free_node(ni); 3412 ifp->if_oerrors++; 3413 continue; 3414 } 3415 3416 /* No QoS encapsulation for EAPOL frames. */ 3417 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 3418 M_WME_GETAC(m) : WME_AC_BE; 3419 3420 bpf_mtap(ifp, m); 3421 3422 if ((m = ieee80211_encap(ic, m, ni)) == NULL) { 3423 ieee80211_free_node(ni); 3424 ifp->if_oerrors++; 3425 continue; 3426 } 3427 sendit: 3428 bpf_mtap3(ic->ic_rawbpf, m); 3429 3430 if (iwn_tx(sc, m, ni, ac) != 0) { 3431 ieee80211_free_node(ni); 3432 ifp->if_oerrors++; 3433 continue; 3434 } 3435 3436 sc->sc_tx_timer = 5; 3437 ifp->if_timer = 1; 3438 } 3439 } 3440 3441 static void 3442 iwn_watchdog(struct ifnet *ifp) 3443 { 3444 struct iwn_softc *sc = ifp->if_softc; 3445 3446 ifp->if_timer = 0; 3447 3448 if (sc->sc_tx_timer > 0) { 3449 if (--sc->sc_tx_timer == 0) { 3450 aprint_error_dev(sc->sc_dev, 3451 "device timeout\n"); 3452 ifp->if_flags &= ~IFF_UP; 3453 iwn_stop(ifp, 1); 3454 ifp->if_oerrors++; 3455 return; 3456 } 3457 ifp->if_timer = 1; 3458 } 3459 3460 ieee80211_watchdog(&sc->sc_ic); 3461 } 3462 3463 static int 3464 iwn_ioctl(struct ifnet *ifp, u_long cmd, void *data) 3465 { 3466 struct iwn_softc *sc = ifp->if_softc; 3467 struct ieee80211com *ic = &sc->sc_ic; 3468 struct ifaddr *ifa; 3469 const struct sockaddr *sa; 3470 int s, error = 0; 3471 3472 s = splnet(); 3473 3474 switch (cmd) { 3475 case SIOCSIFADDR: 3476 ifa = (struct ifaddr *)data; 3477 ifp->if_flags |= IFF_UP; 3478 #ifdef INET 3479 if (ifa->ifa_addr->sa_family == AF_INET) 3480 arp_ifinit(&ic->ic_ac, ifa); 3481 #endif 3482 /* FALLTHROUGH */ 3483 case SIOCSIFFLAGS: 3484 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 3485 break; 3486 if (ifp->if_flags & IFF_UP) { 3487 if (!(ifp->if_flags & IFF_RUNNING)) 3488 error = iwn_init(ifp); 3489 } else { 3490 if (ifp->if_flags & IFF_RUNNING) 3491 iwn_stop(ifp, 1); 3492 } 3493 break; 3494 3495 case SIOCADDMULTI: 3496 case SIOCDELMULTI: 3497 sa = ifreq_getaddr(SIOCADDMULTI, (struct ifreq *)data); 3498 error = (cmd == SIOCADDMULTI) ? 3499 ether_addmulti(sa, &sc->sc_ec) : 3500 ether_delmulti(sa, &sc->sc_ec); 3501 3502 if (error == ENETRESET) 3503 error = 0; 3504 break; 3505 3506 default: 3507 error = ieee80211_ioctl(ic, cmd, data); 3508 } 3509 3510 if (error == ENETRESET) { 3511 error = 0; 3512 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 3513 (IFF_UP | IFF_RUNNING)) { 3514 iwn_stop(ifp, 0); 3515 error = iwn_init(ifp); 3516 } 3517 } 3518 splx(s); 3519 return error; 3520 } 3521 3522 /* 3523 * Send a command to the firmware. 3524 */ 3525 static int 3526 iwn_cmd(struct iwn_softc *sc, int code, const void *buf, int size, int async) 3527 { 3528 struct iwn_tx_ring *ring = &sc->txq[4]; 3529 struct iwn_tx_desc *desc; 3530 struct iwn_tx_data *data; 3531 struct iwn_tx_cmd *cmd; 3532 struct mbuf *m; 3533 bus_addr_t paddr; 3534 int totlen, error; 3535 3536 desc = &ring->desc[ring->cur]; 3537 data = &ring->data[ring->cur]; 3538 totlen = 4 + size; 3539 3540 if (size > sizeof cmd->data) { 3541 /* Command is too large to fit in a descriptor. */ 3542 if (totlen > MCLBYTES) 3543 return EINVAL; 3544 MGETHDR(m, M_DONTWAIT, MT_DATA); 3545 if (m == NULL) 3546 return ENOMEM; 3547 if (totlen > MHLEN) { 3548 MCLGET(m, M_DONTWAIT); 3549 if (!(m->m_flags & M_EXT)) { 3550 m_freem(m); 3551 return ENOMEM; 3552 } 3553 } 3554 cmd = mtod(m, struct iwn_tx_cmd *); 3555 error = bus_dmamap_load(sc->sc_dmat, data->map, cmd, totlen, 3556 NULL, BUS_DMA_NOWAIT | BUS_DMA_WRITE); 3557 if (error != 0) { 3558 m_freem(m); 3559 return error; 3560 } 3561 data->m = m; 3562 paddr = data->map->dm_segs[0].ds_addr; 3563 } else { 3564 cmd = &ring->cmd[ring->cur]; 3565 paddr = data->cmd_paddr; 3566 } 3567 3568 cmd->code = code; 3569 cmd->flags = 0; 3570 cmd->qid = ring->qid; 3571 cmd->idx = ring->cur; 3572 memcpy(cmd->data, buf, size); 3573 3574 desc->nsegs = 1; 3575 desc->segs[0].addr = htole32(IWN_LOADDR(paddr)); 3576 desc->segs[0].len = htole16(IWN_HIADDR(paddr) | totlen << 4); 3577 3578 if (size > sizeof cmd->data) { 3579 bus_dmamap_sync(sc->sc_dmat, data->map, 0, totlen, 3580 BUS_DMASYNC_PREWRITE); 3581 } else { 3582 bus_dmamap_sync(sc->sc_dmat, ring->cmd_dma.map, 3583 (char *)(void *)cmd - (char *)(void *)ring->cmd_dma.vaddr, 3584 totlen, BUS_DMASYNC_PREWRITE); 3585 } 3586 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 3587 (char *)(void *)desc - (char *)(void *)ring->desc_dma.vaddr, 3588 sizeof (*desc), BUS_DMASYNC_PREWRITE); 3589 3590 #ifdef notyet 3591 /* Update TX scheduler. */ 3592 sc->sc_hal->update_sched(sc, ring->qid, ring->cur, 0, 0); 3593 #endif 3594 DPRINTFN(4, ("iwn_cmd %d size=%d %s\n", code, size, async ? " (async)" : "")); 3595 3596 /* Kick command ring. */ 3597 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 3598 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 3599 3600 return async ? 0 : tsleep(desc, PCATCH, "iwncmd", hz); 3601 } 3602 3603 static int 3604 iwn4965_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 3605 { 3606 struct iwn4965_node_info hnode; 3607 char *src, *dst; 3608 3609 /* 3610 * We use the node structure for 5000 Series internally (it is 3611 * a superset of the one for 4965AGN). We thus copy the common 3612 * fields before sending the command. 3613 */ 3614 src = (char *)node; 3615 dst = (char *)&hnode; 3616 memcpy(dst, src, 48); 3617 /* Skip TSC, RX MIC and TX MIC fields from ``src''. */ 3618 memcpy(dst + 48, src + 72, 20); 3619 return iwn_cmd(sc, IWN_CMD_ADD_NODE, &hnode, sizeof hnode, async); 3620 } 3621 3622 static int 3623 iwn5000_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 3624 { 3625 /* Direct mapping. */ 3626 return iwn_cmd(sc, IWN_CMD_ADD_NODE, node, sizeof (*node), async); 3627 } 3628 3629 static int 3630 iwn_set_link_quality(struct iwn_softc *sc, struct ieee80211_node *ni) 3631 { 3632 struct iwn_node *wn = (void *)ni; 3633 struct ieee80211_rateset *rs = &ni->ni_rates; 3634 struct iwn_cmd_link_quality linkq; 3635 const struct iwn_rate *rinfo; 3636 uint8_t txant; 3637 int i, txrate; 3638 3639 /* Use the first valid TX antenna. */ 3640 txant = IWN_LSB(sc->txchainmask); 3641 3642 memset(&linkq, 0, sizeof linkq); 3643 linkq.id = wn->id; 3644 linkq.antmsk_1stream = txant; 3645 linkq.antmsk_2stream = IWN_ANT_AB; 3646 linkq.ampdu_max = 31; 3647 linkq.ampdu_threshold = 3; 3648 linkq.ampdu_limit = htole16(4000); /* 4ms */ 3649 3650 /* Start at highest available bit-rate. */ 3651 txrate = rs->rs_nrates - 1; 3652 for (i = 0; i < IWN_MAX_TX_RETRIES; i++) { 3653 rinfo = &iwn_rates[wn->ridx[txrate]]; 3654 linkq.retry[i].plcp = rinfo->plcp; 3655 linkq.retry[i].rflags = rinfo->flags; 3656 linkq.retry[i].rflags |= IWN_RFLAG_ANT(txant); 3657 /* Next retry at immediate lower bit-rate. */ 3658 if (txrate > 0) 3659 txrate--; 3660 } 3661 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, 1); 3662 } 3663 3664 /* 3665 * Broadcast node is used to send group-addressed and management frames. 3666 */ 3667 static int 3668 iwn_add_broadcast_node(struct iwn_softc *sc, int async) 3669 { 3670 const struct iwn_hal *hal = sc->sc_hal; 3671 struct iwn_node_info node; 3672 struct iwn_cmd_link_quality linkq; 3673 const struct iwn_rate *rinfo; 3674 uint8_t txant; 3675 int i, error; 3676 3677 memset(&node, 0, sizeof node); 3678 IEEE80211_ADDR_COPY(node.macaddr, etherbroadcastaddr); 3679 node.id = hal->broadcast_id; 3680 DPRINTF(("adding broadcast node\n")); 3681 if ((error = hal->add_node(sc, &node, async)) != 0) 3682 return error; 3683 3684 /* Use the first valid TX antenna. */ 3685 txant = IWN_LSB(sc->txchainmask); 3686 3687 memset(&linkq, 0, sizeof linkq); 3688 linkq.id = hal->broadcast_id; 3689 linkq.antmsk_1stream = txant; 3690 linkq.antmsk_2stream = IWN_ANT_AB; 3691 linkq.ampdu_max = 64; 3692 linkq.ampdu_threshold = 3; 3693 linkq.ampdu_limit = htole16(4000); /* 4ms */ 3694 3695 /* Use lowest mandatory bit-rate. */ 3696 rinfo = (sc->sc_ic.ic_curmode != IEEE80211_MODE_11A) ? 3697 &iwn_rates[IWN_RIDX_CCK1] : &iwn_rates[IWN_RIDX_OFDM6]; 3698 linkq.retry[0].plcp = rinfo->plcp; 3699 linkq.retry[0].rflags = rinfo->flags; 3700 linkq.retry[0].rflags |= IWN_RFLAG_ANT(txant); 3701 /* Use same bit-rate for all TX retries. */ 3702 for (i = 1; i < IWN_MAX_TX_RETRIES; i++) { 3703 linkq.retry[i].plcp = linkq.retry[0].plcp; 3704 linkq.retry[i].rflags = linkq.retry[0].rflags; 3705 } 3706 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, async); 3707 } 3708 3709 static void 3710 iwn_set_led(struct iwn_softc *sc, uint8_t which, uint8_t off, uint8_t on) 3711 { 3712 struct iwn_cmd_led led; 3713 3714 /* Clear microcode LED ownership. */ 3715 IWN_CLRBITS(sc, IWN_LED, IWN_LED_BSM_CTRL); 3716 3717 led.which = which; 3718 led.unit = htole32(10000); /* on/off in unit of 100ms */ 3719 led.off = off; 3720 led.on = on; 3721 (void)iwn_cmd(sc, IWN_CMD_SET_LED, &led, sizeof led, 1); 3722 } 3723 3724 /* 3725 * Set the critical temperature at which the firmware will stop the radio 3726 * and notify us. 3727 */ 3728 static int 3729 iwn_set_critical_temp(struct iwn_softc *sc) 3730 { 3731 struct iwn_critical_temp crit; 3732 int32_t temp; 3733 3734 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CTEMP_STOP_RF); 3735 3736 if (sc->hw_type == IWN_HW_REV_TYPE_5150) 3737 temp = (IWN_CTOK(110) - sc->temp_off) * -5; 3738 else if (sc->hw_type == IWN_HW_REV_TYPE_4965) 3739 temp = IWN_CTOK(110); 3740 else 3741 temp = 110; 3742 memset(&crit, 0, sizeof crit); 3743 crit.tempR = htole32(temp); 3744 DPRINTF(("setting critical temperature to %d\n", temp)); 3745 return iwn_cmd(sc, IWN_CMD_SET_CRITICAL_TEMP, &crit, sizeof crit, 0); 3746 } 3747 3748 static int 3749 iwn_set_timing(struct iwn_softc *sc, struct ieee80211_node *ni) 3750 { 3751 struct iwn_cmd_timing cmd; 3752 uint64_t val, mod; 3753 3754 memset(&cmd, 0, sizeof cmd); 3755 memcpy(&cmd.tstamp, ni->ni_tstamp.data, sizeof (uint64_t)); 3756 cmd.bintval = htole16(ni->ni_intval); 3757 cmd.lintval = htole16(10); 3758 3759 /* Compute remaining time until next beacon. */ 3760 val = (uint64_t)ni->ni_intval * 1024; /* msecs -> usecs */ 3761 mod = le64toh(cmd.tstamp) % val; 3762 cmd.binitval = htole32((uint32_t)(val - mod)); 3763 3764 DPRINTF(("timing bintval=%u, tstamp=%zu, init=%u\n", 3765 ni->ni_intval, le64toh(cmd.tstamp), (uint32_t)(val - mod))); 3766 3767 return iwn_cmd(sc, IWN_CMD_TIMING, &cmd, sizeof cmd, 1); 3768 } 3769 3770 static void 3771 iwn4965_power_calibration(struct iwn_softc *sc, int temp) 3772 { 3773 /* Adjust TX power if need be (delta >= 3 degC.) */ 3774 DPRINTF(("temperature %d->%d\n", sc->temp, temp)); 3775 if (abs(temp - sc->temp) >= 3) { 3776 /* Record temperature of last calibration. */ 3777 sc->temp = temp; 3778 (void)iwn4965_set_txpower(sc, 1); 3779 } 3780 } 3781 3782 /* 3783 * Set TX power for current channel (each rate has its own power settings). 3784 * This function takes into account the regulatory information from EEPROM, 3785 * the current temperature and the current voltage. 3786 */ 3787 static int 3788 iwn4965_set_txpower(struct iwn_softc *sc, int async) 3789 { 3790 /* Fixed-point arithmetic division using a n-bit fractional part. */ 3791 #define fdivround(a, b, n) \ 3792 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 3793 /* Linear interpolation. */ 3794 #define interpolate(x, x1, y1, x2, y2, n) \ 3795 ((y1) + fdivround(((int)(x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 3796 3797 static const int tdiv[IWN_NATTEN_GROUPS] = { 9, 8, 8, 8, 6 }; 3798 struct ieee80211com *ic = &sc->sc_ic; 3799 struct iwn_ucode_info *uc = &sc->ucode_info; 3800 struct ieee80211_channel *ch; 3801 struct iwn4965_cmd_txpower cmd; 3802 struct iwn4965_eeprom_chan_samples *chans; 3803 const uint8_t *rf_gain, *dsp_gain; 3804 int32_t vdiff, tdiff; 3805 int i, c, grp, maxpwr; 3806 uint8_t chan; 3807 3808 /* Retrieve current channel from last RXON. */ 3809 chan = sc->rxon.chan; 3810 DPRINTF(("setting TX power for channel %d\n", chan)); 3811 ch = &ic->ic_channels[chan]; 3812 3813 memset(&cmd, 0, sizeof cmd); 3814 cmd.band = IEEE80211_IS_CHAN_5GHZ(ch) ? 0 : 1; 3815 cmd.chan = chan; 3816 3817 if (IEEE80211_IS_CHAN_5GHZ(ch)) { 3818 maxpwr = sc->maxpwr5GHz; 3819 rf_gain = iwn4965_rf_gain_5ghz; 3820 dsp_gain = iwn4965_dsp_gain_5ghz; 3821 } else { 3822 maxpwr = sc->maxpwr2GHz; 3823 rf_gain = iwn4965_rf_gain_2ghz; 3824 dsp_gain = iwn4965_dsp_gain_2ghz; 3825 } 3826 3827 /* Compute voltage compensation. */ 3828 vdiff = ((int32_t)le32toh(uc->volt) - sc->eeprom_voltage) / 7; 3829 if (vdiff > 0) 3830 vdiff *= 2; 3831 if (abs(vdiff) > 2) 3832 vdiff = 0; 3833 DPRINTF(("voltage compensation=%d (UCODE=%d, EEPROM=%d)\n", 3834 vdiff, le32toh(uc->volt), sc->eeprom_voltage)); 3835 3836 /* Get channel attenuation group. */ 3837 if (chan <= 20) /* 1-20 */ 3838 grp = 4; 3839 else if (chan <= 43) /* 34-43 */ 3840 grp = 0; 3841 else if (chan <= 70) /* 44-70 */ 3842 grp = 1; 3843 else if (chan <= 124) /* 71-124 */ 3844 grp = 2; 3845 else /* 125-200 */ 3846 grp = 3; 3847 DPRINTF(("chan %d, attenuation group=%d\n", chan, grp)); 3848 3849 /* Get channel sub-band. */ 3850 for (i = 0; i < IWN_NBANDS; i++) 3851 if (sc->bands[i].lo != 0 && 3852 sc->bands[i].lo <= chan && chan <= sc->bands[i].hi) 3853 break; 3854 if (i == IWN_NBANDS) /* Can't happen in real-life. */ 3855 return EINVAL; 3856 chans = sc->bands[i].chans; 3857 DPRINTF(("chan %d sub-band=%d\n", chan, i)); 3858 3859 for (c = 0; c < 2; c++) { 3860 uint8_t power, gain, temp; 3861 int maxchpwr, pwr, ridx, idx; 3862 3863 power = interpolate(chan, 3864 chans[0].num, chans[0].samples[c][1].power, 3865 chans[1].num, chans[1].samples[c][1].power, 1); 3866 gain = interpolate(chan, 3867 chans[0].num, chans[0].samples[c][1].gain, 3868 chans[1].num, chans[1].samples[c][1].gain, 1); 3869 temp = interpolate(chan, 3870 chans[0].num, chans[0].samples[c][1].temp, 3871 chans[1].num, chans[1].samples[c][1].temp, 1); 3872 DPRINTF(("TX chain %d: power=%d gain=%d temp=%d\n", 3873 c, power, gain, temp)); 3874 3875 /* Compute temperature compensation. */ 3876 tdiff = ((sc->temp - temp) * 2) / tdiv[grp]; 3877 DPRINTF(("temperature compensation=%d (current=%d, " 3878 "EEPROM=%d)\n", tdiff, sc->temp, temp)); 3879 3880 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) { 3881 /* Convert dBm to half-dBm. */ 3882 maxchpwr = sc->maxpwr[chan] * 2; 3883 if ((ridx / 8) & 1) 3884 maxchpwr -= 6; /* MIMO 2T: -3dB */ 3885 3886 pwr = maxpwr; 3887 3888 /* Adjust TX power based on rate. */ 3889 if ((ridx % 8) == 5) 3890 pwr -= 15; /* OFDM48: -7.5dB */ 3891 else if ((ridx % 8) == 6) 3892 pwr -= 17; /* OFDM54: -8.5dB */ 3893 else if ((ridx % 8) == 7) 3894 pwr -= 20; /* OFDM60: -10dB */ 3895 else 3896 pwr -= 10; /* Others: -5dB */ 3897 3898 /* Do not exceed channel max TX power. */ 3899 if (pwr > maxchpwr) 3900 pwr = maxchpwr; 3901 3902 idx = gain - (pwr - power) - tdiff - vdiff; 3903 if ((ridx / 8) & 1) /* MIMO */ 3904 idx += (int32_t)le32toh(uc->atten[grp][c]); 3905 3906 if (cmd.band == 0) 3907 idx += 9; /* 5GHz */ 3908 if (ridx == IWN_RIDX_MAX) 3909 idx += 5; /* CCK */ 3910 3911 /* Make sure idx stays in a valid range. */ 3912 if (idx < 0) 3913 idx = 0; 3914 else if (idx > IWN4965_MAX_PWR_INDEX) 3915 idx = IWN4965_MAX_PWR_INDEX; 3916 3917 DPRINTF(("TX chain %d, rate idx %d: power=%d\n", 3918 c, ridx, idx)); 3919 cmd.power[ridx].rf_gain[c] = rf_gain[idx]; 3920 cmd.power[ridx].dsp_gain[c] = dsp_gain[idx]; 3921 } 3922 } 3923 3924 DPRINTF(("setting TX power for chan %d\n", chan)); 3925 return iwn_cmd(sc, IWN_CMD_TXPOWER, &cmd, sizeof cmd, async); 3926 3927 #undef interpolate 3928 #undef fdivround 3929 } 3930 3931 static int 3932 iwn5000_set_txpower(struct iwn_softc *sc, int async) 3933 { 3934 struct iwn5000_cmd_txpower cmd; 3935 3936 /* 3937 * TX power calibration is handled automatically by the firmware 3938 * for 5000 Series. 3939 */ 3940 memset(&cmd, 0, sizeof cmd); 3941 cmd.global_limit = 2 * IWN5000_TXPOWER_MAX_DBM; /* 16 dBm */ 3942 cmd.flags = IWN5000_TXPOWER_NO_CLOSED; 3943 cmd.srv_limit = IWN5000_TXPOWER_AUTO; 3944 DPRINTF(("setting TX power\n")); 3945 return iwn_cmd(sc, IWN_CMD_TXPOWER_DBM, &cmd, sizeof cmd, async); 3946 } 3947 3948 /* 3949 * Retrieve the maximum RSSI (in dBm) among receivers. 3950 */ 3951 static int 3952 iwn4965_get_rssi(const struct iwn_rx_stat *stat) 3953 { 3954 const struct iwn4965_rx_phystat *phy = (const void *)stat->phybuf; 3955 uint8_t mask, agc; 3956 int rssi; 3957 3958 mask = (le16toh(phy->antenna) >> 4) & IWN_ANT_ABC; 3959 agc = (le16toh(phy->agc) >> 7) & 0x7f; 3960 3961 rssi = 0; 3962 if (mask & IWN_ANT_A) 3963 rssi = MAX(rssi, phy->rssi[0]); 3964 if (mask & IWN_ANT_B) 3965 rssi = MAX(rssi, phy->rssi[2]); 3966 if (mask & IWN_ANT_C) 3967 rssi = MAX(rssi, phy->rssi[4]); 3968 3969 return rssi - agc - IWN_RSSI_TO_DBM; 3970 } 3971 3972 static int 3973 iwn5000_get_rssi(const struct iwn_rx_stat *stat) 3974 { 3975 const struct iwn5000_rx_phystat *phy = (const void *)stat->phybuf; 3976 uint8_t agc; 3977 int rssi; 3978 3979 agc = (le32toh(phy->agc) >> 9) & 0x7f; 3980 3981 rssi = MAX(le16toh(phy->rssi[0]) & 0xff, 3982 le16toh(phy->rssi[1]) & 0xff); 3983 rssi = MAX(le16toh(phy->rssi[2]) & 0xff, rssi); 3984 3985 return rssi - agc - IWN_RSSI_TO_DBM; 3986 } 3987 3988 /* 3989 * Retrieve the average noise (in dBm) among receivers. 3990 */ 3991 static int 3992 iwn_get_noise(const struct iwn_rx_general_stats *stats) 3993 { 3994 int i, total, nbant, noise; 3995 3996 total = nbant = 0; 3997 for (i = 0; i < 3; i++) { 3998 if ((noise = le32toh(stats->noise[i]) & 0xff) == 0) 3999 continue; 4000 total += noise; 4001 nbant++; 4002 } 4003 /* There should be at least one antenna but check anyway. */ 4004 return (nbant == 0) ? -127 : (total / nbant) - 107; 4005 } 4006 4007 /* 4008 * Compute temperature (in degC) from last received statistics. 4009 */ 4010 static int 4011 iwn4965_get_temperature(struct iwn_softc *sc) 4012 { 4013 struct iwn_ucode_info *uc = &sc->ucode_info; 4014 int32_t r1, r2, r3, r4, temp; 4015 4016 r1 = le32toh(uc->temp[0].chan20MHz); 4017 r2 = le32toh(uc->temp[1].chan20MHz); 4018 r3 = le32toh(uc->temp[2].chan20MHz); 4019 r4 = le32toh(sc->rawtemp); 4020 4021 if (r1 == r3) /* Prevents division by 0 (should not happen.) */ 4022 return 0; 4023 4024 /* Sign-extend 23-bit R4 value to 32-bit. */ 4025 r4 = (r4 << 8) >> 8; 4026 /* Compute temperature in Kelvin. */ 4027 temp = (259 * (r4 - r2)) / (r3 - r1); 4028 temp = (temp * 97) / 100 + 8; 4029 4030 DPRINTF(("temperature %dK/%dC\n", temp, IWN_KTOC(temp))); 4031 return IWN_KTOC(temp); 4032 } 4033 4034 static int 4035 iwn5000_get_temperature(struct iwn_softc *sc) 4036 { 4037 int32_t temp; 4038 4039 /* 4040 * Temperature is not used by the driver for 5000 Series because 4041 * TX power calibration is handled by firmware. We export it to 4042 * users through the sensor framework though. 4043 */ 4044 temp = le32toh(sc->rawtemp); 4045 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 4046 temp = (temp / -5) + sc->temp_off; 4047 temp = IWN_KTOC(temp); 4048 } 4049 return temp; 4050 } 4051 4052 /* 4053 * Initialize sensitivity calibration state machine. 4054 */ 4055 static int 4056 iwn_init_sensitivity(struct iwn_softc *sc) 4057 { 4058 const struct iwn_hal *hal = sc->sc_hal; 4059 struct iwn_calib_state *calib = &sc->calib; 4060 uint32_t flags; 4061 int error; 4062 4063 /* Reset calibration state machine. */ 4064 memset(calib, 0, sizeof (*calib)); 4065 calib->state = IWN_CALIB_STATE_INIT; 4066 calib->cck_state = IWN_CCK_STATE_HIFA; 4067 /* Set initial correlation values. */ 4068 calib->ofdm_x1 = sc->limits->min_ofdm_x1; 4069 calib->ofdm_mrc_x1 = sc->limits->min_ofdm_mrc_x1; 4070 calib->ofdm_x4 = sc->limits->min_ofdm_x4; 4071 calib->ofdm_mrc_x4 = sc->limits->min_ofdm_mrc_x4; 4072 calib->cck_x4 = 125; 4073 calib->cck_mrc_x4 = sc->limits->min_cck_mrc_x4; 4074 calib->energy_cck = sc->limits->energy_cck; 4075 4076 /* Write initial sensitivity. */ 4077 if ((error = iwn_send_sensitivity(sc)) != 0) 4078 return error; 4079 4080 /* Write initial gains. */ 4081 if ((error = hal->init_gains(sc)) != 0) 4082 return error; 4083 4084 /* Request statistics at each beacon interval. */ 4085 flags = 0; 4086 DPRINTF(("sending request for statistics\n")); 4087 return iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, sizeof flags, 1); 4088 } 4089 4090 /* 4091 * Collect noise and RSSI statistics for the first 20 beacons received 4092 * after association and use them to determine connected antennas and 4093 * to set differential gains. 4094 */ 4095 static void 4096 iwn_collect_noise(struct iwn_softc *sc, 4097 const struct iwn_rx_general_stats *stats) 4098 { 4099 const struct iwn_hal *hal = sc->sc_hal; 4100 struct iwn_calib_state *calib = &sc->calib; 4101 uint32_t val; 4102 int i; 4103 4104 /* Accumulate RSSI and noise for all 3 antennas. */ 4105 for (i = 0; i < 3; i++) { 4106 calib->rssi[i] += le32toh(stats->rssi[i]) & 0xff; 4107 calib->noise[i] += le32toh(stats->noise[i]) & 0xff; 4108 } 4109 /* NB: We update differential gains only once after 20 beacons. */ 4110 if (++calib->nbeacons < 20) 4111 return; 4112 4113 /* Determine highest average RSSI. */ 4114 val = MAX(calib->rssi[0], calib->rssi[1]); 4115 val = MAX(calib->rssi[2], val); 4116 4117 /* Determine which antennas are connected. */ 4118 sc->chainmask = sc->rxchainmask; 4119 for (i = 0; i < 3; i++) 4120 if (val - calib->rssi[i] > 15 * 20) 4121 sc->chainmask &= ~(1 << i); 4122 DPRINTF(("RX chains mask: theoretical=0x%x, actual=0x%x\n", 4123 sc->rxchainmask, sc->chainmask)); 4124 /* If none of the TX antennas are connected, keep at least one. */ 4125 if ((sc->chainmask & sc->txchainmask) == 0) 4126 sc->chainmask |= IWN_LSB(sc->txchainmask); 4127 4128 (void)hal->set_gains(sc); 4129 calib->state = IWN_CALIB_STATE_RUN; 4130 4131 #ifdef notyet 4132 /* XXX Disable RX chains with no antennas connected. */ 4133 sc->rxon.rxchain = htole16(IWN_RXCHAIN_SEL(sc->chainmask)); 4134 (void)iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, hal->rxonsz, 1); 4135 #endif 4136 4137 /* Enable power-saving mode if requested by user. */ 4138 if (sc->sc_ic.ic_flags & IEEE80211_F_PMGTON) 4139 (void)iwn_set_pslevel(sc, 0, 3, 1); 4140 } 4141 4142 static int 4143 iwn4965_init_gains(struct iwn_softc *sc) 4144 { 4145 struct iwn_phy_calib_gain cmd; 4146 4147 memset(&cmd, 0, sizeof cmd); 4148 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 4149 /* Differential gains initially set to 0 for all 3 antennas. */ 4150 DPRINTF(("setting initial differential gains\n")); 4151 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 4152 } 4153 4154 static int 4155 iwn5000_init_gains(struct iwn_softc *sc) 4156 { 4157 struct iwn_phy_calib cmd; 4158 4159 memset(&cmd, 0, sizeof cmd); 4160 cmd.code = IWN5000_PHY_CALIB_RESET_NOISE_GAIN; 4161 cmd.ngroups = 1; 4162 cmd.isvalid = 1; 4163 DPRINTF(("setting initial differential gains\n")); 4164 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 4165 } 4166 4167 static int 4168 iwn4965_set_gains(struct iwn_softc *sc) 4169 { 4170 struct iwn_calib_state *calib = &sc->calib; 4171 struct iwn_phy_calib_gain cmd; 4172 int i, delta, noise; 4173 4174 /* Get minimal noise among connected antennas. */ 4175 noise = INT_MAX; /* NB: There's at least one antenna. */ 4176 for (i = 0; i < 3; i++) 4177 if (sc->chainmask & (1 << i)) 4178 noise = MIN(calib->noise[i], noise); 4179 4180 memset(&cmd, 0, sizeof cmd); 4181 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 4182 /* Set differential gains for connected antennas. */ 4183 for (i = 0; i < 3; i++) { 4184 if (sc->chainmask & (1 << i)) { 4185 /* Compute attenuation (in unit of 1.5dB). */ 4186 delta = (noise - (int32_t)calib->noise[i]) / 30; 4187 /* NB: delta <= 0 */ 4188 /* Limit to [-4.5dB,0]. */ 4189 cmd.gain[i] = MIN(abs(delta), 3); 4190 if (delta < 0) 4191 cmd.gain[i] |= 1 << 2; /* sign bit */ 4192 } 4193 } 4194 DPRINTF(("setting differential gains Ant A/B/C: %x/%x/%x (%x)\n", 4195 cmd.gain[0], cmd.gain[1], cmd.gain[2], sc->chainmask)); 4196 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 4197 } 4198 4199 static int 4200 iwn5000_set_gains(struct iwn_softc *sc) 4201 { 4202 struct iwn_calib_state *calib = &sc->calib; 4203 struct iwn_phy_calib_gain cmd; 4204 int i, ant, div, delta; 4205 4206 /* We collected 20 beacons and !=6050 need a 1.5 factor. */ 4207 div = (sc->hw_type == IWN_HW_REV_TYPE_6050) ? 20 : 30; 4208 4209 memset(&cmd, 0, sizeof cmd); 4210 cmd.code = IWN5000_PHY_CALIB_NOISE_GAIN; 4211 cmd.ngroups = 1; 4212 cmd.isvalid = 1; 4213 /* Get first available RX antenna as referential. */ 4214 ant = IWN_LSB(sc->rxchainmask); 4215 /* Set differential gains for other antennas. */ 4216 for (i = ant + 1; i < 3; i++) { 4217 if (sc->chainmask & (1 << i)) { 4218 /* The delta is relative to antenna "ant". */ 4219 delta = ((int32_t)calib->noise[ant] - 4220 (int32_t)calib->noise[i]) / div; 4221 /* Limit to [-4.5dB,+4.5dB]. */ 4222 cmd.gain[i - 1] = MIN(abs(delta), 3); 4223 if (delta < 0) 4224 cmd.gain[i - 1] |= 1 << 2; /* sign bit */ 4225 } 4226 } 4227 DPRINTF(("setting differential gains: %x/%x (%x)\n", 4228 cmd.gain[0], cmd.gain[1], sc->chainmask)); 4229 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 4230 } 4231 4232 /* 4233 * Tune RF RX sensitivity based on the number of false alarms detected 4234 * during the last beacon period. 4235 */ 4236 static void 4237 iwn_tune_sensitivity(struct iwn_softc *sc, const struct iwn_rx_stats *stats) 4238 { 4239 #define inc(val, inc, max) \ 4240 if ((val) < (max)) { \ 4241 if ((val) < (max) - (inc)) \ 4242 (val) += (inc); \ 4243 else \ 4244 (val) = (max); \ 4245 needs_update = 1; \ 4246 } 4247 #define dec(val, dec, min) \ 4248 if ((val) > (min)) { \ 4249 if ((val) > (min) + (dec)) \ 4250 (val) -= (dec); \ 4251 else \ 4252 (val) = (min); \ 4253 needs_update = 1; \ 4254 } 4255 4256 const struct iwn_sensitivity_limits *limits = sc->limits; 4257 struct iwn_calib_state *calib = &sc->calib; 4258 uint32_t val, rxena, fa; 4259 uint32_t energy[3], energy_min; 4260 uint8_t noise[3], noise_ref; 4261 int i, needs_update = 0; 4262 4263 /* Check that we've been enabled long enough. */ 4264 if ((rxena = le32toh(stats->general.load)) == 0) 4265 return; 4266 4267 /* Compute number of false alarms since last call for OFDM. */ 4268 fa = le32toh(stats->ofdm.bad_plcp) - calib->bad_plcp_ofdm; 4269 fa += le32toh(stats->ofdm.fa) - calib->fa_ofdm; 4270 fa *= 200 * 1024; /* 200TU */ 4271 4272 /* Save counters values for next call. */ 4273 calib->bad_plcp_ofdm = le32toh(stats->ofdm.bad_plcp); 4274 calib->fa_ofdm = le32toh(stats->ofdm.fa); 4275 4276 if (fa > 50 * rxena) { 4277 /* High false alarm count, decrease sensitivity. */ 4278 DPRINTFN(2, ("OFDM high false alarm count: %u\n", fa)); 4279 inc(calib->ofdm_x1, 1, limits->max_ofdm_x1); 4280 inc(calib->ofdm_mrc_x1, 1, limits->max_ofdm_mrc_x1); 4281 inc(calib->ofdm_x4, 1, limits->max_ofdm_x4); 4282 inc(calib->ofdm_mrc_x4, 1, limits->max_ofdm_mrc_x4); 4283 4284 } else if (fa < 5 * rxena) { 4285 /* Low false alarm count, increase sensitivity. */ 4286 DPRINTFN(2, ("OFDM low false alarm count: %u\n", fa)); 4287 dec(calib->ofdm_x1, 1, limits->min_ofdm_x1); 4288 dec(calib->ofdm_mrc_x1, 1, limits->min_ofdm_mrc_x1); 4289 dec(calib->ofdm_x4, 1, limits->min_ofdm_x4); 4290 dec(calib->ofdm_mrc_x4, 1, limits->min_ofdm_mrc_x4); 4291 } 4292 4293 /* Compute maximum noise among 3 receivers. */ 4294 for (i = 0; i < 3; i++) 4295 noise[i] = (le32toh(stats->general.noise[i]) >> 8) & 0xff; 4296 val = MAX(noise[0], noise[1]); 4297 val = MAX(noise[2], val); 4298 /* Insert it into our samples table. */ 4299 calib->noise_samples[calib->cur_noise_sample] = val; 4300 calib->cur_noise_sample = (calib->cur_noise_sample + 1) % 20; 4301 4302 /* Compute maximum noise among last 20 samples. */ 4303 noise_ref = calib->noise_samples[0]; 4304 for (i = 1; i < 20; i++) 4305 noise_ref = MAX(noise_ref, calib->noise_samples[i]); 4306 4307 /* Compute maximum energy among 3 receivers. */ 4308 for (i = 0; i < 3; i++) 4309 energy[i] = le32toh(stats->general.energy[i]); 4310 val = MIN(energy[0], energy[1]); 4311 val = MIN(energy[2], val); 4312 /* Insert it into our samples table. */ 4313 calib->energy_samples[calib->cur_energy_sample] = val; 4314 calib->cur_energy_sample = (calib->cur_energy_sample + 1) % 10; 4315 4316 /* Compute minimum energy among last 10 samples. */ 4317 energy_min = calib->energy_samples[0]; 4318 for (i = 1; i < 10; i++) 4319 energy_min = MAX(energy_min, calib->energy_samples[i]); 4320 energy_min += 6; 4321 4322 /* Compute number of false alarms since last call for CCK. */ 4323 fa = le32toh(stats->cck.bad_plcp) - calib->bad_plcp_cck; 4324 fa += le32toh(stats->cck.fa) - calib->fa_cck; 4325 fa *= 200 * 1024; /* 200TU */ 4326 4327 /* Save counters values for next call. */ 4328 calib->bad_plcp_cck = le32toh(stats->cck.bad_plcp); 4329 calib->fa_cck = le32toh(stats->cck.fa); 4330 4331 if (fa > 50 * rxena) { 4332 /* High false alarm count, decrease sensitivity. */ 4333 DPRINTFN(2, ("CCK high false alarm count: %u\n", fa)); 4334 calib->cck_state = IWN_CCK_STATE_HIFA; 4335 calib->low_fa = 0; 4336 4337 if (calib->cck_x4 > 160) { 4338 calib->noise_ref = noise_ref; 4339 if (calib->energy_cck > 2) 4340 dec(calib->energy_cck, 2, energy_min); 4341 } 4342 if (calib->cck_x4 < 160) { 4343 calib->cck_x4 = 161; 4344 needs_update = 1; 4345 } else 4346 inc(calib->cck_x4, 3, limits->max_cck_x4); 4347 4348 inc(calib->cck_mrc_x4, 3, limits->max_cck_mrc_x4); 4349 4350 } else if (fa < 5 * rxena) { 4351 /* Low false alarm count, increase sensitivity. */ 4352 DPRINTFN(2, ("CCK low false alarm count: %u\n", fa)); 4353 calib->cck_state = IWN_CCK_STATE_LOFA; 4354 calib->low_fa++; 4355 4356 if (calib->cck_state != IWN_CCK_STATE_INIT && 4357 (((int32_t)calib->noise_ref - (int32_t)noise_ref) > 2 || 4358 calib->low_fa > 100)) { 4359 inc(calib->energy_cck, 2, limits->min_energy_cck); 4360 dec(calib->cck_x4, 3, limits->min_cck_x4); 4361 dec(calib->cck_mrc_x4, 3, limits->min_cck_mrc_x4); 4362 } 4363 } else { 4364 /* Not worth to increase or decrease sensitivity. */ 4365 DPRINTFN(2, ("CCK normal false alarm count: %u\n", fa)); 4366 calib->low_fa = 0; 4367 calib->noise_ref = noise_ref; 4368 4369 if (calib->cck_state == IWN_CCK_STATE_HIFA) { 4370 /* Previous interval had many false alarms. */ 4371 dec(calib->energy_cck, 8, energy_min); 4372 } 4373 calib->cck_state = IWN_CCK_STATE_INIT; 4374 } 4375 4376 if (needs_update) 4377 (void)iwn_send_sensitivity(sc); 4378 #undef dec 4379 #undef inc 4380 } 4381 4382 static int 4383 iwn_send_sensitivity(struct iwn_softc *sc) 4384 { 4385 struct iwn_calib_state *calib = &sc->calib; 4386 struct iwn_sensitivity_cmd cmd; 4387 4388 memset(&cmd, 0, sizeof cmd); 4389 cmd.which = IWN_SENSITIVITY_WORKTBL; 4390 /* OFDM modulation. */ 4391 cmd.corr_ofdm_x1 = htole16(calib->ofdm_x1); 4392 cmd.corr_ofdm_mrc_x1 = htole16(calib->ofdm_mrc_x1); 4393 cmd.corr_ofdm_x4 = htole16(calib->ofdm_x4); 4394 cmd.corr_ofdm_mrc_x4 = htole16(calib->ofdm_mrc_x4); 4395 cmd.energy_ofdm = htole16(sc->limits->energy_ofdm); 4396 cmd.energy_ofdm_th = htole16(62); 4397 /* CCK modulation. */ 4398 cmd.corr_cck_x4 = htole16(calib->cck_x4); 4399 cmd.corr_cck_mrc_x4 = htole16(calib->cck_mrc_x4); 4400 cmd.energy_cck = htole16(calib->energy_cck); 4401 /* Barker modulation: use default values. */ 4402 cmd.corr_barker = htole16(190); 4403 cmd.corr_barker_mrc = htole16(390); 4404 4405 DPRINTFN(2, ("setting sensitivity %d/%d/%d/%d/%d/%d/%d\n", 4406 calib->ofdm_x1, calib->ofdm_mrc_x1, calib->ofdm_x4, 4407 calib->ofdm_mrc_x4, calib->cck_x4, calib->cck_mrc_x4, 4408 calib->energy_cck)); 4409 return iwn_cmd(sc, IWN_CMD_SET_SENSITIVITY, &cmd, sizeof cmd, 1); 4410 } 4411 4412 /* 4413 * Set STA mode power saving level (between 0 and 5). 4414 * Level 0 is CAM (Continuously Aware Mode), 5 is for maximum power saving. 4415 */ 4416 static int 4417 iwn_set_pslevel(struct iwn_softc *sc, int dtim, int level, int async) 4418 { 4419 struct iwn_pmgt_cmd cmd; 4420 const struct iwn_pmgt *pmgt; 4421 uint32_t maxp, skip_dtim; 4422 pcireg_t reg; 4423 int i; 4424 4425 /* Select which PS parameters to use. */ 4426 if (dtim <= 2) 4427 pmgt = &iwn_pmgt[0][level]; 4428 else if (dtim <= 10) 4429 pmgt = &iwn_pmgt[1][level]; 4430 else 4431 pmgt = &iwn_pmgt[2][level]; 4432 4433 memset(&cmd, 0, sizeof cmd); 4434 if (level != 0) /* not CAM */ 4435 cmd.flags |= htole16(IWN_PS_ALLOW_SLEEP); 4436 if (level == 5) 4437 cmd.flags |= htole16(IWN_PS_FAST_PD); 4438 /* Retrieve PCIe Active State Power Management (ASPM). */ 4439 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 4440 sc->sc_cap_off + PCI_PCIE_LCSR); 4441 if (!(reg & PCI_PCIE_LCSR_ASPM_L0S)) /* L0s Entry disabled. */ 4442 cmd.flags |= htole16(IWN_PS_PCI_PMGT); 4443 cmd.rxtimeout = htole32(pmgt->rxtimeout * 1024); 4444 cmd.txtimeout = htole32(pmgt->txtimeout * 1024); 4445 4446 if (dtim == 0) { 4447 dtim = 1; 4448 skip_dtim = 0; 4449 } else 4450 skip_dtim = pmgt->skip_dtim; 4451 if (skip_dtim != 0) { 4452 cmd.flags |= htole16(IWN_PS_SLEEP_OVER_DTIM); 4453 maxp = pmgt->intval[4]; 4454 if (maxp == (uint32_t)-1) 4455 maxp = dtim * (skip_dtim + 1); 4456 else if (maxp > dtim) 4457 maxp = (maxp / dtim) * dtim; 4458 } else 4459 maxp = dtim; 4460 for (i = 0; i < 5; i++) 4461 cmd.intval[i] = htole32(MIN(maxp, pmgt->intval[i])); 4462 4463 DPRINTF(("setting power saving level to %d\n", level)); 4464 return iwn_cmd(sc, IWN_CMD_SET_POWER_MODE, &cmd, sizeof cmd, async); 4465 } 4466 4467 static int 4468 iwn_config(struct iwn_softc *sc) 4469 { 4470 const struct iwn_hal *hal = sc->sc_hal; 4471 struct ieee80211com *ic = &sc->sc_ic; 4472 struct ifnet *ifp = ic->ic_ifp; 4473 struct iwn_bluetooth bluetooth; 4474 uint32_t txmask; 4475 uint16_t rxchain; 4476 int error; 4477 4478 /* Configure valid TX chains for 5000 Series. */ 4479 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4480 txmask = htole32(sc->txchainmask); 4481 DPRINTF(("configuring valid TX chains 0x%x\n", txmask)); 4482 error = iwn_cmd(sc, IWN5000_CMD_TX_ANT_CONFIG, &txmask, 4483 sizeof txmask, 0); 4484 if (error != 0) { 4485 aprint_error_dev(sc->sc_dev, 4486 "could not configure valid TX chains\n"); 4487 return error; 4488 } 4489 } 4490 4491 /* Configure bluetooth coexistence. */ 4492 memset(&bluetooth, 0, sizeof bluetooth); 4493 bluetooth.flags = IWN_BT_COEX_CHAN_ANN | IWN_BT_COEX_BT_PRIO; 4494 bluetooth.lead_time = IWN_BT_LEAD_TIME_DEF; 4495 bluetooth.max_kill = IWN_BT_MAX_KILL_DEF; 4496 DPRINTF(("configuring bluetooth coexistence\n")); 4497 error = iwn_cmd(sc, IWN_CMD_BT_COEX, &bluetooth, sizeof bluetooth, 0); 4498 if (error != 0) { 4499 aprint_error_dev(sc->sc_dev, 4500 "could not configure bluetooth coexistence\n"); 4501 return error; 4502 } 4503 4504 /* Set mode, channel, RX filter and enable RX. */ 4505 memset(&sc->rxon, 0, sizeof (struct iwn_rxon)); 4506 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 4507 IEEE80211_ADDR_COPY(sc->rxon.myaddr, ic->ic_myaddr); 4508 IEEE80211_ADDR_COPY(sc->rxon.wlap, ic->ic_myaddr); 4509 sc->rxon.chan = ieee80211_chan2ieee(ic, ic->ic_ibss_chan); 4510 sc->rxon.flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 4511 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_ibss_chan)) 4512 sc->rxon.flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 4513 switch (ic->ic_opmode) { 4514 case IEEE80211_M_STA: 4515 sc->rxon.mode = IWN_MODE_STA; 4516 sc->rxon.filter = htole32(IWN_FILTER_MULTICAST); 4517 break; 4518 case IEEE80211_M_MONITOR: 4519 sc->rxon.mode = IWN_MODE_MONITOR; 4520 sc->rxon.filter = htole32(IWN_FILTER_MULTICAST | 4521 IWN_FILTER_CTL | IWN_FILTER_PROMISC); 4522 break; 4523 default: 4524 /* Should not get there. */ 4525 break; 4526 } 4527 sc->rxon.cck_mask = 0x0f; /* not yet negotiated */ 4528 sc->rxon.ofdm_mask = 0xff; /* not yet negotiated */ 4529 sc->rxon.ht_single_mask = 0xff; 4530 sc->rxon.ht_dual_mask = 0xff; 4531 sc->rxon.ht_triple_mask = 0xff; 4532 rxchain = 4533 IWN_RXCHAIN_VALID(sc->rxchainmask) | 4534 IWN_RXCHAIN_MIMO_COUNT(2) | 4535 IWN_RXCHAIN_IDLE_COUNT(2); 4536 sc->rxon.rxchain = htole16(rxchain); 4537 DPRINTF(("setting configuration\n")); 4538 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, hal->rxonsz, 0); 4539 if (error != 0) { 4540 aprint_error_dev(sc->sc_dev, 4541 "RXON command failed\n"); 4542 return error; 4543 } 4544 4545 if ((error = iwn_add_broadcast_node(sc, 0)) != 0) { 4546 aprint_error_dev(sc->sc_dev, 4547 "could not add broadcast node\n"); 4548 return error; 4549 } 4550 4551 /* Configuration has changed, set TX power accordingly. */ 4552 if ((error = hal->set_txpower(sc, 0)) != 0) { 4553 aprint_error_dev(sc->sc_dev, 4554 "could not set TX power\n"); 4555 return error; 4556 } 4557 4558 if ((error = iwn_set_critical_temp(sc)) != 0) { 4559 aprint_error_dev(sc->sc_dev, 4560 "could not set critical temperature\n"); 4561 return error; 4562 } 4563 4564 /* Set power saving level to CAM during initialization. */ 4565 if ((error = iwn_set_pslevel(sc, 0, 0, 0)) != 0) { 4566 aprint_error_dev(sc->sc_dev, 4567 "could not set power saving level\n"); 4568 return error; 4569 } 4570 return 0; 4571 } 4572 4573 static int 4574 iwn_scan(struct iwn_softc *sc, uint16_t flags) 4575 { 4576 struct ieee80211com *ic = &sc->sc_ic; 4577 struct iwn_scan_hdr *hdr; 4578 struct iwn_cmd_data *tx; 4579 struct iwn_scan_essid *essid; 4580 struct iwn_scan_chan *chan; 4581 struct ieee80211_frame *wh; 4582 struct ieee80211_rateset *rs; 4583 struct ieee80211_channel *c; 4584 uint8_t *buf, *frm; 4585 uint16_t rxchain; 4586 uint8_t txant; 4587 int buflen, error; 4588 4589 buf = malloc(IWN_SCAN_MAXSZ, M_DEVBUF, M_NOWAIT | M_ZERO); 4590 if (buf == NULL) { 4591 aprint_error_dev(sc->sc_dev, 4592 "could not allocate buffer for scan command\n"); 4593 return ENOMEM; 4594 } 4595 hdr = (struct iwn_scan_hdr *)buf; 4596 /* 4597 * Move to the next channel if no frames are received within 10ms 4598 * after sending the probe request. 4599 */ 4600 hdr->quiet_time = htole16(10); /* timeout in milliseconds */ 4601 hdr->quiet_threshold = htole16(1); /* min # of packets */ 4602 4603 /* Select antennas for scanning. */ 4604 rxchain = 4605 IWN_RXCHAIN_VALID(sc->rxchainmask) | 4606 IWN_RXCHAIN_FORCE_MIMO_SEL(sc->rxchainmask) | 4607 IWN_RXCHAIN_DRIVER_FORCE; 4608 if ((flags & IEEE80211_CHAN_5GHZ) && 4609 sc->hw_type == IWN_HW_REV_TYPE_4965) { 4610 /* Ant A must be avoided in 5GHz because of an HW bug. */ 4611 rxchain |= IWN_RXCHAIN_FORCE_SEL(IWN_ANT_BC); 4612 } else /* Use all available RX antennas. */ 4613 rxchain |= IWN_RXCHAIN_FORCE_SEL(sc->rxchainmask); 4614 hdr->rxchain = htole16(rxchain); 4615 hdr->filter = htole32(IWN_FILTER_MULTICAST | IWN_FILTER_BEACON); 4616 4617 tx = (struct iwn_cmd_data *)(hdr + 1); 4618 tx->flags = htole32(IWN_TX_AUTO_SEQ); 4619 tx->id = sc->sc_hal->broadcast_id; 4620 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 4621 4622 if (flags & IEEE80211_CHAN_5GHZ) { 4623 hdr->crc_threshold = htole16(1); 4624 /* Send probe requests at 6Mbps. */ 4625 tx->plcp = iwn_rates[IWN_RIDX_OFDM6].plcp; 4626 rs = &ic->ic_sup_rates[IEEE80211_MODE_11A]; 4627 } else { 4628 hdr->flags = htole32(IWN_RXON_24GHZ | IWN_RXON_AUTO); 4629 /* Send probe requests at 1Mbps. */ 4630 tx->plcp = iwn_rates[IWN_RIDX_CCK1].plcp; 4631 tx->rflags = IWN_RFLAG_CCK; 4632 rs = &ic->ic_sup_rates[IEEE80211_MODE_11G]; 4633 } 4634 /* Use the first valid TX antenna. */ 4635 txant = IWN_LSB(sc->txchainmask); 4636 tx->rflags |= IWN_RFLAG_ANT(txant); 4637 4638 essid = (struct iwn_scan_essid *)(tx + 1); 4639 if (ic->ic_des_esslen != 0) { 4640 essid[0].id = IEEE80211_ELEMID_SSID; 4641 essid[0].len = ic->ic_des_esslen; 4642 memcpy(essid[0].data, ic->ic_des_essid, ic->ic_des_esslen); 4643 } 4644 /* 4645 * Build a probe request frame. Most of the following code is a 4646 * copy & paste of what is done in net80211. 4647 */ 4648 wh = (struct ieee80211_frame *)(essid + 20); 4649 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 4650 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 4651 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 4652 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 4653 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 4654 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 4655 *(uint16_t *)&wh->i_dur[0] = 0; /* filled by HW */ 4656 *(uint16_t *)&wh->i_seq[0] = 0; /* filled by HW */ 4657 4658 frm = (uint8_t *)(wh + 1); 4659 frm = ieee80211_add_ssid(frm, NULL, 0); 4660 frm = ieee80211_add_rates(frm, rs); 4661 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 4662 frm = ieee80211_add_xrates(frm, rs); 4663 4664 /* Set length of probe request. */ 4665 tx->len = htole16(frm - (uint8_t *)wh); 4666 4667 chan = (struct iwn_scan_chan *)frm; 4668 for (c = &ic->ic_channels[1]; 4669 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 4670 if ((c->ic_flags & flags) != flags) 4671 continue; 4672 4673 chan->chan = htole16(ieee80211_chan2ieee(ic, c)); 4674 DPRINTFN(2, ("adding channel %d\n", chan->chan)); 4675 chan->flags = 0; 4676 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) 4677 chan->flags |= htole32(IWN_CHAN_ACTIVE); 4678 if (ic->ic_des_esslen != 0) 4679 chan->flags |= htole32(IWN_CHAN_NPBREQS(1)); 4680 chan->dsp_gain = 0x6e; 4681 if (IEEE80211_IS_CHAN_5GHZ(c)) { 4682 chan->rf_gain = 0x3b; 4683 chan->active = htole16(24); 4684 chan->passive = htole16(110); 4685 } else { 4686 chan->rf_gain = 0x28; 4687 chan->active = htole16(36); 4688 chan->passive = htole16(120); 4689 } 4690 hdr->nchan++; 4691 chan++; 4692 } 4693 4694 buflen = (uint8_t *)chan - buf; 4695 hdr->len = htole16(buflen); 4696 4697 DPRINTF(("sending scan command nchan=%d\n", hdr->nchan)); 4698 error = iwn_cmd(sc, IWN_CMD_SCAN, buf, buflen, 1); 4699 free(buf, M_DEVBUF); 4700 return error; 4701 } 4702 4703 static int 4704 iwn_auth(struct iwn_softc *sc) 4705 { 4706 const struct iwn_hal *hal = sc->sc_hal; 4707 struct ieee80211com *ic = &sc->sc_ic; 4708 struct ieee80211_node *ni = ic->ic_bss; 4709 int error; 4710 4711 /* Update adapter configuration. */ 4712 IEEE80211_ADDR_COPY(sc->rxon.bssid, ni->ni_bssid); 4713 sc->rxon.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 4714 sc->rxon.flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 4715 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 4716 sc->rxon.flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 4717 if (ic->ic_flags & IEEE80211_F_SHSLOT) 4718 sc->rxon.flags |= htole32(IWN_RXON_SHSLOT); 4719 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 4720 sc->rxon.flags |= htole32(IWN_RXON_SHPREAMBLE); 4721 switch (ic->ic_curmode) { 4722 case IEEE80211_MODE_11A: 4723 sc->rxon.cck_mask = 0; 4724 sc->rxon.ofdm_mask = 0x15; 4725 break; 4726 case IEEE80211_MODE_11B: 4727 sc->rxon.cck_mask = 0x03; 4728 sc->rxon.ofdm_mask = 0; 4729 break; 4730 default: /* Assume 802.11b/g. */ 4731 sc->rxon.cck_mask = 0x0f; 4732 sc->rxon.ofdm_mask = 0x15; 4733 } 4734 DPRINTF(("rxon chan %d flags %x cck %x ofdm %x\n", sc->rxon.chan, 4735 sc->rxon.flags, sc->rxon.cck_mask, sc->rxon.ofdm_mask)); 4736 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, hal->rxonsz, 1); 4737 if (error != 0) { 4738 aprint_error_dev(sc->sc_dev, 4739 "RXON command failed\n"); 4740 return error; 4741 } 4742 4743 /* Configuration has changed, set TX power accordingly. */ 4744 if ((error = hal->set_txpower(sc, 1)) != 0) { 4745 aprint_error_dev(sc->sc_dev, 4746 "could not set TX power\n"); 4747 return error; 4748 } 4749 /* 4750 * Reconfiguring RXON clears the firmware nodes table so we must 4751 * add the broadcast node again. 4752 */ 4753 if ((error = iwn_add_broadcast_node(sc, 1)) != 0) { 4754 aprint_error_dev(sc->sc_dev, 4755 "could not add broadcast node\n"); 4756 return error; 4757 } 4758 return 0; 4759 } 4760 4761 static int 4762 iwn_run(struct iwn_softc *sc) 4763 { 4764 const struct iwn_hal *hal = sc->sc_hal; 4765 struct ieee80211com *ic = &sc->sc_ic; 4766 struct ieee80211_node *ni = ic->ic_bss; 4767 struct iwn_node_info node; 4768 int error; 4769 4770 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 4771 /* Link LED blinks while monitoring. */ 4772 iwn_set_led(sc, IWN_LED_LINK, 5, 5); 4773 return 0; 4774 } 4775 if ((error = iwn_set_timing(sc, ni)) != 0) { 4776 aprint_error_dev(sc->sc_dev, 4777 "could not set timing\n"); 4778 return error; 4779 } 4780 4781 /* Update adapter configuration. */ 4782 sc->rxon.associd = htole16(IEEE80211_AID(ni->ni_associd)); 4783 /* Short preamble and slot time are negotiated when associating. */ 4784 sc->rxon.flags &= ~htole32(IWN_RXON_SHPREAMBLE | IWN_RXON_SHSLOT); 4785 if (ic->ic_flags & IEEE80211_F_SHSLOT) 4786 sc->rxon.flags |= htole32(IWN_RXON_SHSLOT); 4787 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 4788 sc->rxon.flags |= htole32(IWN_RXON_SHPREAMBLE); 4789 sc->rxon.filter |= htole32(IWN_FILTER_BSS); 4790 DPRINTF(("rxon chan %d flags %x\n", sc->rxon.chan, sc->rxon.flags)); 4791 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, hal->rxonsz, 1); 4792 if (error != 0) { 4793 aprint_error_dev(sc->sc_dev, 4794 "could not update configuration\n"); 4795 return error; 4796 } 4797 4798 /* Configuration has changed, set TX power accordingly. */ 4799 if ((error = hal->set_txpower(sc, 1)) != 0) { 4800 aprint_error_dev(sc->sc_dev, 4801 "could not set TX power\n"); 4802 return error; 4803 } 4804 4805 /* Fake a join to initialize the TX rate. */ 4806 ((struct iwn_node *)ni)->id = IWN_ID_BSS; 4807 iwn_newassoc(ni, 1); 4808 4809 /* Add BSS node. */ 4810 memset(&node, 0, sizeof node); 4811 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 4812 node.id = IWN_ID_BSS; 4813 #ifdef notyet 4814 node.htflags = htole32(IWN_AMDPU_SIZE_FACTOR(3) | 4815 IWN_AMDPU_DENSITY(5)); /* 2us */ 4816 #endif 4817 DPRINTF(("adding BSS node\n")); 4818 error = hal->add_node(sc, &node, 1); 4819 if (error != 0) { 4820 aprint_error_dev(sc->sc_dev, 4821 "could not add BSS node\n"); 4822 return error; 4823 } 4824 DPRINTF(("setting link quality for node %d\n", node.id)); 4825 if ((error = iwn_set_link_quality(sc, ni)) != 0) { 4826 aprint_error_dev(sc->sc_dev, 4827 "could not setup link quality for node %d\n", node.id); 4828 return error; 4829 } 4830 4831 if ((error = iwn_init_sensitivity(sc)) != 0) { 4832 aprint_error_dev(sc->sc_dev, 4833 "could not set sensitivity\n"); 4834 return error; 4835 } 4836 /* Start periodic calibration timer. */ 4837 sc->calib.state = IWN_CALIB_STATE_ASSOC; 4838 sc->calib_cnt = 0; 4839 callout_schedule(&sc->calib_to, hz/2); 4840 4841 /* Link LED always on while associated. */ 4842 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 4843 return 0; 4844 } 4845 4846 #ifdef IWN_HWCRYPTO 4847 /* 4848 * We support CCMP hardware encryption/decryption of unicast frames only. 4849 * HW support for TKIP really sucks. We should let TKIP die anyway. 4850 */ 4851 static int 4852 iwn_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 4853 struct ieee80211_key *k) 4854 { 4855 struct iwn_softc *sc = ic->ic_softc; 4856 const struct iwn_hal *hal = sc->sc_hal; 4857 struct iwn_node *wn = (void *)ni; 4858 struct iwn_node_info node; 4859 uint16_t kflags; 4860 4861 if ((k->k_flags & IEEE80211_KEY_GROUP) || 4862 k->k_cipher != IEEE80211_CIPHER_CCMP) 4863 return ieee80211_set_key(ic, ni, k); 4864 4865 kflags = IWN_KFLAG_CCMP | IWN_KFLAG_MAP | IWN_KFLAG_KID(k->k_id); 4866 if (k->k_flags & IEEE80211_KEY_GROUP) 4867 kflags |= IWN_KFLAG_GROUP; 4868 4869 memset(&node, 0, sizeof node); 4870 node.id = (k->k_flags & IEEE80211_KEY_GROUP) ? 4871 hal->broadcast_id : wn->id; 4872 node.control = IWN_NODE_UPDATE; 4873 node.flags = IWN_FLAG_SET_KEY; 4874 node.kflags = htole16(kflags); 4875 node.kid = k->k_id; 4876 memcpy(node.key, k->k_key, k->k_len); 4877 DPRINTF(("set key id=%d for node %d\n", k->k_id, node.id)); 4878 return hal->add_node(sc, &node, 1); 4879 } 4880 4881 static void 4882 iwn_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 4883 struct ieee80211_key *k) 4884 { 4885 struct iwn_softc *sc = ic->ic_softc; 4886 const struct iwn_hal *hal = sc->sc_hal; 4887 struct iwn_node *wn = (void *)ni; 4888 struct iwn_node_info node; 4889 4890 if ((k->k_flags & IEEE80211_KEY_GROUP) || 4891 k->k_cipher != IEEE80211_CIPHER_CCMP) { 4892 /* See comment about other ciphers above. */ 4893 ieee80211_delete_key(ic, ni, k); 4894 return; 4895 } 4896 if (ic->ic_state != IEEE80211_S_RUN) 4897 return; /* Nothing to do. */ 4898 memset(&node, 0, sizeof node); 4899 node.id = (k->k_flags & IEEE80211_KEY_GROUP) ? 4900 hal->broadcast_id : wn->id; 4901 node.control = IWN_NODE_UPDATE; 4902 node.flags = IWN_FLAG_SET_KEY; 4903 node.kflags = htole16(IWN_KFLAG_INVALID); 4904 node.kid = 0xff; 4905 DPRINTF(("delete keys for node %d\n", node.id)); 4906 (void)hal->add_node(sc, &node, 1); 4907 } 4908 #endif 4909 4910 /* XXX Added for NetBSD */ 4911 4912 static int 4913 iwn_wme_update(struct ieee80211com *ic) 4914 { 4915 #define IWN_EXP2(v) htole16((1 << (v)) - 1) 4916 #define IWN_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 4917 struct iwn_softc *sc = ic->ic_ifp->if_softc; 4918 const struct wmeParams *wmep; 4919 struct iwn_edca_params cmd; 4920 int ac; 4921 4922 /* don't override default WME values if WME is not actually enabled */ 4923 if (!(ic->ic_flags & IEEE80211_F_WME)) 4924 return 0; 4925 cmd.flags = 0; 4926 for (ac = 0; ac < WME_NUM_AC; ac++) { 4927 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 4928 cmd.ac[ac].aifsn = wmep->wmep_aifsn; 4929 cmd.ac[ac].cwmin = IWN_EXP2(wmep->wmep_logcwmin); 4930 cmd.ac[ac].cwmax = IWN_EXP2(wmep->wmep_logcwmax); 4931 cmd.ac[ac].txoplimit = IWN_USEC(wmep->wmep_txopLimit); 4932 4933 DPRINTF(("setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d " 4934 "txop=%d\n", ac, cmd.ac[ac].aifsn, 4935 cmd.ac[ac].cwmin, 4936 cmd.ac[ac].cwmax, cmd.ac[ac].txoplimit)); 4937 } 4938 return iwn_cmd(sc, IWN_CMD_EDCA_PARAMS, &cmd, sizeof cmd, 1); 4939 #undef IWN_USEC 4940 #undef IWN_EXP2 4941 } 4942 4943 #ifndef IEEE80211_NO_HT 4944 /* 4945 * This function is called by upper layer when an ADDBA request is received 4946 * from another STA and before the ADDBA response is sent. 4947 */ 4948 static int 4949 iwn_ampdu_rx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 4950 uint8_t tid) 4951 { 4952 struct ieee80211_rx_ba *ba = &ni->ni_rx_ba[tid]; 4953 struct iwn_softc *sc = ic->ic_softc; 4954 struct iwn_node *wn = (void *)ni; 4955 struct iwn_node_info node; 4956 4957 memset(&node, 0, sizeof node); 4958 node.id = wn->id; 4959 node.control = IWN_NODE_UPDATE; 4960 node.flags = IWN_FLAG_SET_ADDBA; 4961 node.addba_tid = tid; 4962 node.addba_ssn = htole16(ba->ba_winstart); 4963 DPRINTFN(2, ("ADDBA RA=%d TID=%d SSN=%d\n", wn->id, tid, 4964 ba->ba_winstart)); 4965 return sc->sc_hal->add_node(sc, &node, 1); 4966 } 4967 4968 /* 4969 * This function is called by upper layer on teardown of an HT-immediate 4970 * Block Ack agreement (eg. uppon receipt of a DELBA frame.) 4971 */ 4972 static void 4973 iwn_ampdu_rx_stop(struct ieee80211com *ic, struct ieee80211_node *ni, 4974 uint8_t tid) 4975 { 4976 struct iwn_softc *sc = ic->ic_softc; 4977 struct iwn_node *wn = (void *)ni; 4978 struct iwn_node_info node; 4979 4980 memset(&node, 0, sizeof node); 4981 node.id = wn->id; 4982 node.control = IWN_NODE_UPDATE; 4983 node.flags = IWN_FLAG_SET_DELBA; 4984 node.delba_tid = tid; 4985 DPRINTFN(2, ("DELBA RA=%d TID=%d\n", wn->id, tid)); 4986 (void)sc->sc_hal->add_node(sc, &node, 1); 4987 } 4988 4989 /* 4990 * This function is called by upper layer when an ADDBA response is received 4991 * from another STA. 4992 */ 4993 static int 4994 iwn_ampdu_tx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 4995 uint8_t tid) 4996 { 4997 struct ieee80211_tx_ba *ba = &ni->ni_tx_ba[tid]; 4998 struct iwn_softc *sc = ic->ic_softc; 4999 const struct iwn_hal *hal = sc->sc_hal; 5000 struct iwn_node *wn = (void *)ni; 5001 struct iwn_node_info node; 5002 int error; 5003 5004 /* Enable TX for the specified RA/TID. */ 5005 wn->disable_tid &= ~(1 << tid); 5006 memset(&node, 0, sizeof node); 5007 node.id = wn->id; 5008 node.control = IWN_NODE_UPDATE; 5009 node.flags = IWN_FLAG_SET_DISABLE_TID; 5010 node.disable_tid = htole16(wn->disable_tid); 5011 error = hal->add_node(sc, &node, 1); 5012 if (error != 0) 5013 return error; 5014 5015 if ((error = iwn_nic_lock(sc)) != 0) 5016 return error; 5017 hal->ampdu_tx_start(sc, ni, tid, ba->ba_winstart); 5018 iwn_nic_unlock(sc); 5019 return 0; 5020 } 5021 5022 static void 5023 iwn_ampdu_tx_stop(struct ieee80211com *ic, struct ieee80211_node *ni, 5024 uint8_t tid) 5025 { 5026 struct ieee80211_tx_ba *ba = &ni->ni_tx_ba[tid]; 5027 struct iwn_softc *sc = ic->ic_softc; 5028 5029 if (iwn_nic_lock(sc) != 0) 5030 return; 5031 sc->sc_hal->ampdu_tx_stop(sc, tid, ba->ba_winstart); 5032 iwn_nic_unlock(sc); 5033 } 5034 5035 static void 5036 iwn4965_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 5037 uint8_t tid, uint16_t ssn) 5038 { 5039 struct iwn_node *wn = (void *)ni; 5040 int qid = 7 + tid; 5041 5042 /* Stop TX scheduler while we're changing its configuration. */ 5043 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5044 IWN4965_TXQ_STATUS_CHGACT); 5045 5046 /* Assign RA/TID translation to the queue. */ 5047 iwn_mem_write_2(sc, sc->sched_base + IWN4965_SCHED_TRANS_TBL(qid), 5048 wn->id << 4 | tid); 5049 5050 /* Enable chain-building mode for the queue. */ 5051 iwn_prph_setbits(sc, IWN4965_SCHED_QCHAIN_SEL, 1 << qid); 5052 5053 /* Set starting sequence number from the ADDBA request. */ 5054 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5055 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 5056 5057 /* Set scheduler window size. */ 5058 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid), 5059 IWN_SCHED_WINSZ); 5060 /* Set scheduler frame limit. */ 5061 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 5062 IWN_SCHED_LIMIT << 16); 5063 5064 /* Enable interrupts for the queue. */ 5065 iwn_prph_setbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 5066 5067 /* Mark the queue as active. */ 5068 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5069 IWN4965_TXQ_STATUS_ACTIVE | IWN4965_TXQ_STATUS_AGGR_ENA | 5070 iwn_tid2fifo[tid] << 1); 5071 } 5072 5073 static void 5074 iwn4965_ampdu_tx_stop(struct iwn_softc *sc, uint8_t tid, uint16_t ssn) 5075 { 5076 int qid = 7 + tid; 5077 5078 /* Stop TX scheduler while we're changing its configuration. */ 5079 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5080 IWN4965_TXQ_STATUS_CHGACT); 5081 5082 /* Set starting sequence number from the ADDBA request. */ 5083 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5084 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 5085 5086 /* Disable interrupts for the queue. */ 5087 iwn_prph_clrbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 5088 5089 /* Mark the queue as inactive. */ 5090 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5091 IWN4965_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid] << 1); 5092 } 5093 5094 static void 5095 iwn5000_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 5096 uint8_t tid, uint16_t ssn) 5097 { 5098 struct iwn_node *wn = (void *)ni; 5099 int qid = 10 + tid; 5100 5101 /* Stop TX scheduler while we're changing its configuration. */ 5102 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5103 IWN5000_TXQ_STATUS_CHGACT); 5104 5105 /* Assign RA/TID translation to the queue. */ 5106 iwn_mem_write_2(sc, sc->sched_base + IWN5000_SCHED_TRANS_TBL(qid), 5107 wn->id << 4 | tid); 5108 5109 /* Enable chain-building mode for the queue. */ 5110 iwn_prph_setbits(sc, IWN5000_SCHED_QCHAIN_SEL, 1 << qid); 5111 5112 /* Enable aggregation for the queue. */ 5113 iwn_prph_setbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 5114 5115 /* Set starting sequence number from the ADDBA request. */ 5116 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5117 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 5118 5119 /* Set scheduler window size and frame limit. */ 5120 iwn_mem_write(sc, sc->sched_base + IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 5121 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 5122 5123 /* Enable interrupts for the queue. */ 5124 iwn_prph_setbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 5125 5126 /* Mark the queue as active. */ 5127 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5128 IWN5000_TXQ_STATUS_ACTIVE | iwn_tid2fifo[tid]); 5129 } 5130 5131 static void 5132 iwn5000_ampdu_tx_stop(struct iwn_softc *sc, uint8_t tid, uint16_t ssn) 5133 { 5134 int qid = 10 + tid; 5135 5136 /* Stop TX scheduler while we're changing its configuration. */ 5137 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5138 IWN5000_TXQ_STATUS_CHGACT); 5139 5140 /* Disable aggregation for the queue. */ 5141 iwn_prph_clrbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 5142 5143 /* Set starting sequence number from the ADDBA request. */ 5144 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5145 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 5146 5147 /* Disable interrupts for the queue. */ 5148 iwn_prph_clrbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 5149 5150 /* Mark the queue as inactive. */ 5151 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5152 IWN5000_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid]); 5153 } 5154 #endif /* !IEEE80211_NO_HT */ 5155 5156 /* 5157 * Query calibration tables from the initialization firmware. We do this 5158 * only once at first boot. Called from a process context. 5159 */ 5160 static int 5161 iwn5000_query_calibration(struct iwn_softc *sc) 5162 { 5163 struct iwn5000_calib_config cmd; 5164 int error; 5165 5166 memset(&cmd, 0, sizeof cmd); 5167 cmd.ucode.once.enable = 0xffffffff; 5168 cmd.ucode.once.start = 0xffffffff; 5169 cmd.ucode.once.send = 0xffffffff; 5170 cmd.ucode.flags = 0xffffffff; 5171 DPRINTF(("sending calibration query\n")); 5172 error = iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof cmd, 0); 5173 if (error != 0) 5174 return error; 5175 5176 /* Wait at most two seconds for calibration to complete. */ 5177 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) 5178 error = tsleep(sc, PCATCH, "iwncal", 2 * hz); 5179 return error; 5180 } 5181 5182 /* 5183 * Send calibration results to the runtime firmware. These results were 5184 * obtained on first boot from the initialization firmware. 5185 */ 5186 static int 5187 iwn5000_send_calibration(struct iwn_softc *sc) 5188 { 5189 int idx, error; 5190 5191 for (idx = 0; idx < 5; idx++) { 5192 if (sc->calibcmd[idx].buf == NULL) 5193 continue; /* No results available. */ 5194 DPRINTF(("send calibration result idx=%d len=%d\n", 5195 idx, sc->calibcmd[idx].len)); 5196 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, sc->calibcmd[idx].buf, 5197 sc->calibcmd[idx].len, 0); 5198 if (error != 0) { 5199 aprint_error_dev(sc->sc_dev, 5200 "could not send calibration result\n"); 5201 return error; 5202 } 5203 } 5204 return 0; 5205 } 5206 5207 static int 5208 iwn5000_send_wimax_coex(struct iwn_softc *sc) 5209 { 5210 struct iwn5000_wimax_coex wimax; 5211 5212 #ifdef notyet 5213 if (sc->hw_type == IWN_HW_REV_TYPE_6050) { 5214 /* Enable WiMAX coexistence for combo adapters. */ 5215 wimax.flags = 5216 IWN_WIMAX_COEX_ASSOC_WA_UNMASK | 5217 IWN_WIMAX_COEX_UNASSOC_WA_UNMASK | 5218 IWN_WIMAX_COEX_STA_TABLE_VALID | 5219 IWN_WIMAX_COEX_ENABLE; 5220 memcpy(wimax.events, iwn6050_wimax_events, 5221 sizeof iwn6050_wimax_events); 5222 } else 5223 #endif 5224 { 5225 /* Disable WiMAX coexistence. */ 5226 wimax.flags = 0; 5227 memset(wimax.events, 0, sizeof wimax.events); 5228 } 5229 DPRINTF(("Configuring WiMAX coexistence\n")); 5230 return iwn_cmd(sc, IWN5000_CMD_WIMAX_COEX, &wimax, sizeof wimax, 0); 5231 } 5232 5233 /* 5234 * This function is called after the runtime firmware notifies us of its 5235 * readiness (called in a process context.) 5236 */ 5237 static int 5238 iwn4965_post_alive(struct iwn_softc *sc) 5239 { 5240 int error, qid; 5241 5242 if ((error = iwn_nic_lock(sc)) != 0) 5243 return error; 5244 5245 /* Clear TX scheduler state in SRAM. */ 5246 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 5247 iwn_mem_set_region_4(sc, sc->sched_base + IWN4965_SCHED_CTX_OFF, 0, 5248 IWN4965_SCHED_CTX_LEN / sizeof (uint32_t)); 5249 5250 /* Set physical address of TX scheduler rings (1KB aligned.) */ 5251 iwn_prph_write(sc, IWN4965_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 5252 5253 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 5254 5255 /* Disable chain mode for all our 16 queues. */ 5256 iwn_prph_write(sc, IWN4965_SCHED_QCHAIN_SEL, 0); 5257 5258 for (qid = 0; qid < IWN4965_NTXQUEUES; qid++) { 5259 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), 0); 5260 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 5261 5262 /* Set scheduler window size. */ 5263 iwn_mem_write(sc, sc->sched_base + 5264 IWN4965_SCHED_QUEUE_OFFSET(qid), IWN_SCHED_WINSZ); 5265 /* Set scheduler frame limit. */ 5266 iwn_mem_write(sc, sc->sched_base + 5267 IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 5268 IWN_SCHED_LIMIT << 16); 5269 } 5270 5271 /* Enable interrupts for all our 16 queues. */ 5272 iwn_prph_write(sc, IWN4965_SCHED_INTR_MASK, 0xffff); 5273 /* Identify TX FIFO rings (0-7). */ 5274 iwn_prph_write(sc, IWN4965_SCHED_TXFACT, 0xff); 5275 5276 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 5277 for (qid = 0; qid < 7; qid++) { 5278 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 4, 5, 6 }; 5279 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5280 IWN4965_TXQ_STATUS_ACTIVE | qid2fifo[qid] << 1); 5281 } 5282 iwn_nic_unlock(sc); 5283 return 0; 5284 } 5285 5286 /* 5287 * This function is called after the initialization or runtime firmware 5288 * notifies us of its readiness (called in a process context.) 5289 */ 5290 static int 5291 iwn5000_post_alive(struct iwn_softc *sc) 5292 { 5293 int error, qid; 5294 5295 /* Switch to using ICT interrupt mode. */ 5296 iwn5000_ict_reset(sc); 5297 5298 if ((error = iwn_nic_lock(sc)) != 0) 5299 return error; 5300 5301 /* Clear TX scheduler state in SRAM. */ 5302 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 5303 iwn_mem_set_region_4(sc, sc->sched_base + IWN5000_SCHED_CTX_OFF, 0, 5304 IWN5000_SCHED_CTX_LEN / sizeof (uint32_t)); 5305 5306 /* Set physical address of TX scheduler rings (1KB aligned.) */ 5307 iwn_prph_write(sc, IWN5000_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 5308 5309 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 5310 5311 /* Enable chain mode for all queues, except command queue. */ 5312 iwn_prph_write(sc, IWN5000_SCHED_QCHAIN_SEL, 0xfffef); 5313 iwn_prph_write(sc, IWN5000_SCHED_AGGR_SEL, 0); 5314 5315 for (qid = 0; qid < IWN5000_NTXQUEUES; qid++) { 5316 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), 0); 5317 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 5318 5319 iwn_mem_write(sc, sc->sched_base + 5320 IWN5000_SCHED_QUEUE_OFFSET(qid), 0); 5321 /* Set scheduler window size and frame limit. */ 5322 iwn_mem_write(sc, sc->sched_base + 5323 IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 5324 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 5325 } 5326 5327 /* Enable interrupts for all our 20 queues. */ 5328 iwn_prph_write(sc, IWN5000_SCHED_INTR_MASK, 0xfffff); 5329 /* Identify TX FIFO rings (0-7). */ 5330 iwn_prph_write(sc, IWN5000_SCHED_TXFACT, 0xff); 5331 5332 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 5333 for (qid = 0; qid < 7; qid++) { 5334 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 7, 5, 6 }; 5335 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5336 IWN5000_TXQ_STATUS_ACTIVE | qid2fifo[qid]); 5337 } 5338 iwn_nic_unlock(sc); 5339 5340 /* Configure WiMAX coexistence for combo adapters. */ 5341 error = iwn5000_send_wimax_coex(sc); 5342 if (error != 0) { 5343 aprint_error_dev(sc->sc_dev, 5344 "could not configure WiMAX coexistence\n"); 5345 return error; 5346 } 5347 if (sc->hw_type != IWN_HW_REV_TYPE_5150) { 5348 struct iwn5000_phy_calib_crystal cmd; 5349 5350 /* Perform crystal calibration. */ 5351 memset(&cmd, 0, sizeof cmd); 5352 cmd.code = IWN5000_PHY_CALIB_CRYSTAL; 5353 cmd.ngroups = 1; 5354 cmd.isvalid = 1; 5355 cmd.cap_pin[0] = le32toh(sc->eeprom_crystal) & 0xff; 5356 cmd.cap_pin[1] = (le32toh(sc->eeprom_crystal) >> 16) & 0xff; 5357 DPRINTF(("sending crystal calibration %d, %d\n", 5358 cmd.cap_pin[0], cmd.cap_pin[1])); 5359 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 5360 if (error != 0) { 5361 aprint_error_dev(sc->sc_dev, 5362 "crystal calibration failed\n"); 5363 return error; 5364 } 5365 } 5366 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) { 5367 /* Query calibration from the initialization firmware. */ 5368 if ((error = iwn5000_query_calibration(sc)) != 0) { 5369 aprint_error_dev(sc->sc_dev, 5370 "could not query calibration\n"); 5371 return error; 5372 } 5373 /* 5374 * We have the calibration results now, reboot with the 5375 * runtime firmware (call ourselves recursively!) 5376 */ 5377 iwn_hw_stop(sc); 5378 error = iwn_hw_init(sc); 5379 } else { 5380 /* Send calibration results to runtime firmware. */ 5381 error = iwn5000_send_calibration(sc); 5382 } 5383 return error; 5384 } 5385 5386 /* 5387 * The firmware boot code is small and is intended to be copied directly into 5388 * the NIC internal memory (no DMA transfer.) 5389 */ 5390 static int 5391 iwn4965_load_bootcode(struct iwn_softc *sc, const uint8_t *ucode, int size) 5392 { 5393 int error, ntries; 5394 5395 size /= sizeof (uint32_t); 5396 5397 if ((error = iwn_nic_lock(sc)) != 0) 5398 return error; 5399 5400 /* Copy microcode image into NIC memory. */ 5401 iwn_prph_write_region_4(sc, IWN_BSM_SRAM_BASE, 5402 (const uint32_t *)ucode, size); 5403 5404 iwn_prph_write(sc, IWN_BSM_WR_MEM_SRC, 0); 5405 iwn_prph_write(sc, IWN_BSM_WR_MEM_DST, IWN_FW_TEXT_BASE); 5406 iwn_prph_write(sc, IWN_BSM_WR_DWCOUNT, size); 5407 5408 /* Start boot load now. */ 5409 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START); 5410 5411 /* Wait for transfer to complete. */ 5412 for (ntries = 0; ntries < 1000; ntries++) { 5413 if (!(iwn_prph_read(sc, IWN_BSM_WR_CTRL) & 5414 IWN_BSM_WR_CTRL_START)) 5415 break; 5416 DELAY(10); 5417 } 5418 if (ntries == 1000) { 5419 aprint_error_dev(sc->sc_dev, 5420 "could not load boot firmware\n"); 5421 iwn_nic_unlock(sc); 5422 return ETIMEDOUT; 5423 } 5424 5425 /* Enable boot after power up. */ 5426 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START_EN); 5427 5428 iwn_nic_unlock(sc); 5429 return 0; 5430 } 5431 5432 static int 5433 iwn4965_load_firmware(struct iwn_softc *sc) 5434 { 5435 struct iwn_fw_info *fw = &sc->fw; 5436 struct iwn_dma_info *dma = &sc->fw_dma; 5437 int error; 5438 5439 /* Copy initialization sections into pre-allocated DMA-safe memory. */ 5440 memcpy(dma->vaddr, fw->init.data, fw->init.datasz); 5441 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, fw->init.datasz, 5442 BUS_DMASYNC_PREWRITE); 5443 memcpy((char *)dma->vaddr + IWN4965_FW_DATA_MAXSZ, 5444 fw->init.text, fw->init.textsz); 5445 bus_dmamap_sync(sc->sc_dmat, dma->map, IWN4965_FW_DATA_MAXSZ, 5446 fw->init.textsz, BUS_DMASYNC_PREWRITE); 5447 5448 /* Tell adapter where to find initialization sections. */ 5449 if ((error = iwn_nic_lock(sc)) != 0) 5450 return error; 5451 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 5452 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->init.datasz); 5453 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 5454 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 5455 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, fw->init.textsz); 5456 iwn_nic_unlock(sc); 5457 5458 /* Load firmware boot code. */ 5459 error = iwn4965_load_bootcode(sc, fw->boot.text, fw->boot.textsz); 5460 if (error != 0) { 5461 aprint_error_dev(sc->sc_dev, 5462 "could not load boot firmware\n"); 5463 return error; 5464 } 5465 /* Now press "execute". */ 5466 IWN_WRITE(sc, IWN_RESET, 0); 5467 5468 /* Wait at most one second for first alive notification. */ 5469 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 5470 aprint_error_dev(sc->sc_dev, 5471 "timeout waiting for adapter to initialize\n"); 5472 return error; 5473 } 5474 5475 /* Retrieve current temperature for initial TX power calibration. */ 5476 sc->rawtemp = sc->ucode_info.temp[3].chan20MHz; 5477 sc->temp = iwn4965_get_temperature(sc); 5478 5479 /* Copy runtime sections into pre-allocated DMA-safe memory. */ 5480 memcpy(dma->vaddr, fw->main.data, fw->main.datasz); 5481 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, fw->main.datasz, 5482 BUS_DMASYNC_PREWRITE); 5483 memcpy((char *)dma->vaddr + IWN4965_FW_DATA_MAXSZ, 5484 fw->main.text, fw->main.textsz); 5485 bus_dmamap_sync(sc->sc_dmat, dma->map, IWN4965_FW_DATA_MAXSZ, 5486 fw->main.textsz, BUS_DMASYNC_PREWRITE); 5487 5488 /* Tell adapter where to find runtime sections. */ 5489 if ((error = iwn_nic_lock(sc)) != 0) 5490 return error; 5491 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 5492 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->main.datasz); 5493 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 5494 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 5495 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, 5496 IWN_FW_UPDATED | fw->main.textsz); 5497 iwn_nic_unlock(sc); 5498 5499 return 0; 5500 } 5501 5502 static int 5503 iwn5000_load_firmware_section(struct iwn_softc *sc, uint32_t dst, 5504 const uint8_t *section, int size) 5505 { 5506 struct iwn_dma_info *dma = &sc->fw_dma; 5507 int error; 5508 5509 /* Copy firmware section into pre-allocated DMA-safe memory. */ 5510 memcpy(dma->vaddr, section, size); 5511 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, size, BUS_DMASYNC_PREWRITE); 5512 5513 if ((error = iwn_nic_lock(sc)) != 0) 5514 return error; 5515 5516 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 5517 IWN_FH_TX_CONFIG_DMA_PAUSE); 5518 5519 IWN_WRITE(sc, IWN_FH_SRAM_ADDR(IWN_SRVC_DMACHNL), dst); 5520 IWN_WRITE(sc, IWN_FH_TFBD_CTRL0(IWN_SRVC_DMACHNL), 5521 IWN_LOADDR(dma->paddr)); 5522 IWN_WRITE(sc, IWN_FH_TFBD_CTRL1(IWN_SRVC_DMACHNL), 5523 IWN_HIADDR(dma->paddr) << 28 | size); 5524 IWN_WRITE(sc, IWN_FH_TXBUF_STATUS(IWN_SRVC_DMACHNL), 5525 IWN_FH_TXBUF_STATUS_TBNUM(1) | 5526 IWN_FH_TXBUF_STATUS_TBIDX(1) | 5527 IWN_FH_TXBUF_STATUS_TFBD_VALID); 5528 5529 /* Kick Flow Handler to start DMA transfer. */ 5530 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 5531 IWN_FH_TX_CONFIG_DMA_ENA | IWN_FH_TX_CONFIG_CIRQ_HOST_ENDTFD); 5532 5533 iwn_nic_unlock(sc); 5534 5535 /* Wait at most five seconds for FH DMA transfer to complete. */ 5536 return tsleep(sc, PCATCH, "iwninit", 5 * hz); 5537 } 5538 5539 static int 5540 iwn5000_load_firmware(struct iwn_softc *sc) 5541 { 5542 struct iwn_fw_part *fw; 5543 int error; 5544 5545 /* Load the initialization firmware on first boot only. */ 5546 fw = (sc->sc_flags & IWN_FLAG_CALIB_DONE) ? 5547 &sc->fw.main : &sc->fw.init; 5548 5549 error = iwn5000_load_firmware_section(sc, IWN_FW_TEXT_BASE, 5550 fw->text, fw->textsz); 5551 if (error != 0) { 5552 aprint_error_dev(sc->sc_dev, 5553 "could not load firmware %s section\n", ".text"); 5554 return error; 5555 } 5556 error = iwn5000_load_firmware_section(sc, IWN_FW_DATA_BASE, 5557 fw->data, fw->datasz); 5558 if (error != 0) { 5559 aprint_error_dev(sc->sc_dev, 5560 "could not load firmware %s section\n", ".data"); 5561 return error; 5562 } 5563 5564 /* Now press "execute". */ 5565 IWN_WRITE(sc, IWN_RESET, 0); 5566 return 0; 5567 } 5568 5569 static int 5570 iwn_read_firmware(struct iwn_softc *sc) 5571 { 5572 const struct iwn_hal *hal = sc->sc_hal; 5573 struct iwn_fw_info *fw = &sc->fw; 5574 firmware_handle_t fwh; 5575 const uint32_t *ptr; 5576 uint32_t rev; 5577 size_t size; 5578 int error; 5579 5580 /* Open firmware image. */ 5581 if ((error = firmware_open("if_iwn", sc->fwname, &fwh)) != 0) { 5582 aprint_error_dev(sc->sc_dev, 5583 "could not get firmware handle %s\n", sc->fwname); 5584 return error; 5585 } 5586 size = firmware_get_size(fwh); 5587 if (size < 28) { 5588 aprint_error_dev(sc->sc_dev, 5589 "truncated firmware header: %zu bytes\n", size); 5590 free(fw->data, M_DEVBUF); 5591 firmware_close(fwh); 5592 return EINVAL; 5593 } 5594 5595 /* Read the firmware. */ 5596 fw->data = firmware_malloc(size); 5597 if (fw->data == NULL) { 5598 aprint_error_dev(sc->sc_dev, 5599 "not enough memory to stock firmware %s\n", sc->fwname); 5600 firmware_close(fwh); 5601 return ENOMEM; 5602 } 5603 if ((error = firmware_read(fwh, 0, fw->data, size)) != 0) { 5604 aprint_error_dev(sc->sc_dev, 5605 "could not read firmware %s\n", sc->fwname); 5606 firmware_free(fw->data, size); 5607 firmware_close(fwh); 5608 return error; 5609 } 5610 5611 /* Process firmware header. */ 5612 ptr = (const uint32_t *)fw->data; 5613 rev = le32toh(*ptr++); 5614 /* Check firmware API version. */ 5615 if (IWN_FW_API(rev) <= 1) { 5616 aprint_error_dev(sc->sc_dev, 5617 "bad firmware, need API version >=2\n"); 5618 firmware_free(fw->data, size); 5619 firmware_close(fwh); 5620 return EINVAL; 5621 } 5622 if (IWN_FW_API(rev) >= 3) { 5623 /* Skip build number (version 2 header). */ 5624 size -= 4; 5625 ptr++; 5626 } 5627 fw->main.textsz = le32toh(*ptr++); 5628 fw->main.datasz = le32toh(*ptr++); 5629 fw->init.textsz = le32toh(*ptr++); 5630 fw->init.datasz = le32toh(*ptr++); 5631 fw->boot.textsz = le32toh(*ptr++); 5632 size -= 24; 5633 5634 /* Sanity-check firmware header. */ 5635 if (fw->main.textsz > hal->fw_text_maxsz || 5636 fw->main.datasz > hal->fw_data_maxsz || 5637 fw->init.textsz > hal->fw_text_maxsz || 5638 fw->init.datasz > hal->fw_data_maxsz || 5639 fw->boot.textsz > IWN_FW_BOOT_TEXT_MAXSZ || 5640 (fw->boot.textsz & 3) != 0) { 5641 aprint_error_dev(sc->sc_dev, 5642 "invalid firmware header\n"); 5643 firmware_free(fw->data, size); 5644 firmware_close(fwh); 5645 return EINVAL; 5646 } 5647 5648 /* Check that all firmware sections fit. */ 5649 if (fw->main.textsz + fw->main.datasz + fw->init.textsz + 5650 fw->init.datasz + fw->boot.textsz > size) { 5651 aprint_error_dev(sc->sc_dev, 5652 "firmware file too short: %zu bytes\n", size); 5653 firmware_free(fw->data, size); 5654 firmware_close(fwh); 5655 return EINVAL; 5656 } 5657 5658 /* Get pointers to firmware sections. */ 5659 fw->main.text = (const uint8_t *)ptr; 5660 fw->main.data = fw->main.text + fw->main.textsz; 5661 fw->init.text = fw->main.data + fw->main.datasz; 5662 fw->init.data = fw->init.text + fw->init.textsz; 5663 fw->boot.text = fw->init.data + fw->init.datasz; 5664 5665 return 0; 5666 } 5667 5668 static int 5669 iwn_clock_wait(struct iwn_softc *sc) 5670 { 5671 int ntries; 5672 5673 /* Set "initialization complete" bit. */ 5674 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 5675 5676 /* Wait for clock stabilization. */ 5677 for (ntries = 0; ntries < 2500; ntries++) { 5678 if (IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_MAC_CLOCK_READY) 5679 return 0; 5680 DELAY(10); 5681 } 5682 aprint_error_dev(sc->sc_dev, 5683 "timeout waiting for clock stabilization\n"); 5684 return ETIMEDOUT; 5685 } 5686 5687 static int 5688 iwn_apm_init(struct iwn_softc *sc) 5689 { 5690 pcireg_t reg; 5691 int error; 5692 5693 /* Disable L0s exit timer (NMI bug workaround.) */ 5694 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_DIS_L0S_TIMER); 5695 /* Don't wait for ICH L0s (ICH bug workaround.) */ 5696 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_L1A_NO_L0S_RX); 5697 5698 /* Set FH wait threshold to max (HW bug under stress workaround.) */ 5699 IWN_SETBITS(sc, IWN_DBG_HPET_MEM, 0xffff0000); 5700 5701 /* Enable HAP INTA to move adapter from L1a to L0s. */ 5702 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_HAP_WAKE_L1A); 5703 5704 /* Retrieve PCIe Active State Power Management (ASPM). */ 5705 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 5706 sc->sc_cap_off + PCI_PCIE_LCSR); 5707 /* Workaround for HW instability in PCIe L0->L0s->L1 transition. */ 5708 if (reg & PCI_PCIE_LCSR_ASPM_L1) /* L1 Entry enabled. */ 5709 IWN_SETBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 5710 else 5711 IWN_CLRBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 5712 5713 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 5714 sc->hw_type <= IWN_HW_REV_TYPE_1000) 5715 IWN_SETBITS(sc, IWN_ANA_PLL, IWN_ANA_PLL_INIT); 5716 5717 /* Wait for clock stabilization before accessing prph. */ 5718 if ((error = iwn_clock_wait(sc)) != 0) 5719 return error; 5720 5721 if ((error = iwn_nic_lock(sc)) != 0) 5722 return error; 5723 if (sc->hw_type == IWN_HW_REV_TYPE_4965) { 5724 /* Enable DMA and BSM (Bootstrap State Machine.) */ 5725 iwn_prph_write(sc, IWN_APMG_CLK_EN, 5726 IWN_APMG_CLK_CTRL_DMA_CLK_RQT | 5727 IWN_APMG_CLK_CTRL_BSM_CLK_RQT); 5728 } else { 5729 /* Enable DMA. */ 5730 iwn_prph_write(sc, IWN_APMG_CLK_EN, 5731 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 5732 } 5733 DELAY(20); 5734 /* Disable L1-Active. */ 5735 iwn_prph_setbits(sc, IWN_APMG_PCI_STT, IWN_APMG_PCI_STT_L1A_DIS); 5736 iwn_nic_unlock(sc); 5737 5738 return 0; 5739 } 5740 5741 static void 5742 iwn_apm_stop_master(struct iwn_softc *sc) 5743 { 5744 int ntries; 5745 5746 /* Stop busmaster DMA activity. */ 5747 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_STOP_MASTER); 5748 for (ntries = 0; ntries < 100; ntries++) { 5749 if (IWN_READ(sc, IWN_RESET) & IWN_RESET_MASTER_DISABLED) 5750 return; 5751 DELAY(10); 5752 } 5753 aprint_error_dev(sc->sc_dev, 5754 "timeout waiting for master\n"); 5755 } 5756 5757 static void 5758 iwn_apm_stop(struct iwn_softc *sc) 5759 { 5760 iwn_apm_stop_master(sc); 5761 5762 /* Reset the entire device. */ 5763 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_SW); 5764 DELAY(10); 5765 /* Clear "initialization complete" bit. */ 5766 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 5767 } 5768 5769 static int 5770 iwn4965_nic_config(struct iwn_softc *sc) 5771 { 5772 if (IWN_RFCFG_TYPE(sc->rfcfg) == 1) { 5773 /* 5774 * I don't believe this to be correct but this is what the 5775 * vendor driver is doing. Probably the bits should not be 5776 * shifted in IWN_RFCFG_*. 5777 */ 5778 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5779 IWN_RFCFG_TYPE(sc->rfcfg) | 5780 IWN_RFCFG_STEP(sc->rfcfg) | 5781 IWN_RFCFG_DASH(sc->rfcfg)); 5782 } 5783 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5784 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 5785 return 0; 5786 } 5787 5788 static int 5789 iwn5000_nic_config(struct iwn_softc *sc) 5790 { 5791 uint32_t tmp; 5792 int error; 5793 5794 if (IWN_RFCFG_TYPE(sc->rfcfg) < 3) { 5795 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5796 IWN_RFCFG_TYPE(sc->rfcfg) | 5797 IWN_RFCFG_STEP(sc->rfcfg) | 5798 IWN_RFCFG_DASH(sc->rfcfg)); 5799 } 5800 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5801 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 5802 5803 if ((error = iwn_nic_lock(sc)) != 0) 5804 return error; 5805 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_EARLY_PWROFF_DIS); 5806 5807 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 5808 /* 5809 * Select first Switching Voltage Regulator (1.32V) to 5810 * solve a stability issue related to noisy DC2DC line 5811 * in the silicon of 1000 Series. 5812 */ 5813 tmp = iwn_prph_read(sc, IWN_APMG_DIGITAL_SVR); 5814 tmp &= ~IWN_APMG_DIGITAL_SVR_VOLTAGE_MASK; 5815 tmp |= IWN_APMG_DIGITAL_SVR_VOLTAGE_1_32; 5816 iwn_prph_write(sc, IWN_APMG_DIGITAL_SVR, tmp); 5817 } 5818 iwn_nic_unlock(sc); 5819 5820 if (sc->sc_flags & IWN_FLAG_INTERNAL_PA) { 5821 /* Use internal power amplifier only. */ 5822 IWN_WRITE(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_RADIO_2X2_IPA); 5823 } 5824 if (sc->hw_type == IWN_HW_REV_TYPE_6050 && sc->calib_ver >= 6) { 5825 /* Indicate that ROM calibration version is >=6. */ 5826 IWN_SETBITS(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_CALIB_VER6); 5827 } 5828 return 0; 5829 } 5830 5831 /* 5832 * Take NIC ownership over Intel Active Management Technology (AMT). 5833 */ 5834 static int 5835 iwn_hw_prepare(struct iwn_softc *sc) 5836 { 5837 int ntries; 5838 5839 /* Check if hardware is ready. */ 5840 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 5841 for (ntries = 0; ntries < 5; ntries++) { 5842 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 5843 IWN_HW_IF_CONFIG_NIC_READY) 5844 return 0; 5845 DELAY(10); 5846 } 5847 5848 /* Hardware not ready, force into ready state. */ 5849 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_PREPARE); 5850 for (ntries = 0; ntries < 15000; ntries++) { 5851 if (!(IWN_READ(sc, IWN_HW_IF_CONFIG) & 5852 IWN_HW_IF_CONFIG_PREPARE_DONE)) 5853 break; 5854 DELAY(10); 5855 } 5856 if (ntries == 15000) 5857 return ETIMEDOUT; 5858 5859 /* Hardware should be ready now. */ 5860 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 5861 for (ntries = 0; ntries < 5; ntries++) { 5862 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 5863 IWN_HW_IF_CONFIG_NIC_READY) 5864 return 0; 5865 DELAY(10); 5866 } 5867 return ETIMEDOUT; 5868 } 5869 5870 static int 5871 iwn_hw_init(struct iwn_softc *sc) 5872 { 5873 const struct iwn_hal *hal = sc->sc_hal; 5874 int error, chnl, qid; 5875 5876 /* Clear pending interrupts. */ 5877 IWN_WRITE(sc, IWN_INT, 0xffffffff); 5878 5879 if ((error = iwn_apm_init(sc)) != 0) { 5880 aprint_error_dev(sc->sc_dev, 5881 "could not power ON adapter\n"); 5882 return error; 5883 } 5884 5885 /* Select VMAIN power source. */ 5886 if ((error = iwn_nic_lock(sc)) != 0) 5887 return error; 5888 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_PWR_SRC_MASK); 5889 iwn_nic_unlock(sc); 5890 5891 /* Perform adapter-specific initialization. */ 5892 if ((error = hal->nic_config(sc)) != 0) 5893 return error; 5894 5895 /* Initialize RX ring. */ 5896 if ((error = iwn_nic_lock(sc)) != 0) 5897 return error; 5898 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 5899 IWN_WRITE(sc, IWN_FH_RX_WPTR, 0); 5900 /* Set physical address of RX ring (256-byte aligned.) */ 5901 IWN_WRITE(sc, IWN_FH_RX_BASE, sc->rxq.desc_dma.paddr >> 8); 5902 /* Set physical address of RX status (16-byte aligned.) */ 5903 IWN_WRITE(sc, IWN_FH_STATUS_WPTR, sc->rxq.stat_dma.paddr >> 4); 5904 /* Enable RX. */ 5905 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 5906 IWN_FH_RX_CONFIG_ENA | 5907 IWN_FH_RX_CONFIG_IGN_RXF_EMPTY | /* HW bug workaround */ 5908 IWN_FH_RX_CONFIG_IRQ_DST_HOST | 5909 IWN_FH_RX_CONFIG_SINGLE_FRAME | 5910 IWN_FH_RX_CONFIG_RB_TIMEOUT(0) | 5911 IWN_FH_RX_CONFIG_NRBD(IWN_RX_RING_COUNT_LOG)); 5912 iwn_nic_unlock(sc); 5913 IWN_WRITE(sc, IWN_FH_RX_WPTR, (IWN_RX_RING_COUNT - 1) & ~7); 5914 5915 if ((error = iwn_nic_lock(sc)) != 0) 5916 return error; 5917 5918 /* Initialize TX scheduler. */ 5919 iwn_prph_write(sc, hal->sched_txfact_addr, 0); 5920 5921 /* Set physical address of "keep warm" page (16-byte aligned.) */ 5922 IWN_WRITE(sc, IWN_FH_KW_ADDR, sc->kw_dma.paddr >> 4); 5923 5924 /* Initialize TX rings. */ 5925 for (qid = 0; qid < hal->ntxqs; qid++) { 5926 struct iwn_tx_ring *txq = &sc->txq[qid]; 5927 5928 /* Set physical address of TX ring (256-byte aligned.) */ 5929 IWN_WRITE(sc, IWN_FH_CBBC_QUEUE(qid), 5930 txq->desc_dma.paddr >> 8); 5931 } 5932 iwn_nic_unlock(sc); 5933 5934 /* Enable DMA channels. */ 5935 for (chnl = 0; chnl < hal->ndmachnls; chnl++) { 5936 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 5937 IWN_FH_TX_CONFIG_DMA_ENA | 5938 IWN_FH_TX_CONFIG_DMA_CREDIT_ENA); 5939 } 5940 5941 /* Clear "radio off" and "commands blocked" bits. */ 5942 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 5943 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CMD_BLOCKED); 5944 5945 /* Clear pending interrupts. */ 5946 IWN_WRITE(sc, IWN_INT, 0xffffffff); 5947 /* Enable interrupt coalescing. */ 5948 IWN_WRITE(sc, IWN_INT_COALESCING, 512 / 8); 5949 /* Enable interrupts. */ 5950 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 5951 5952 /* _Really_ make sure "radio off" bit is cleared! */ 5953 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 5954 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 5955 5956 if ((error = hal->load_firmware(sc)) != 0) { 5957 aprint_error_dev(sc->sc_dev, 5958 "could not load firmware\n"); 5959 return error; 5960 } 5961 /* Wait at most one second for firmware alive notification. */ 5962 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 5963 aprint_error_dev(sc->sc_dev, 5964 "timeout waiting for adapter to initialize\n"); 5965 return error; 5966 } 5967 /* Do post-firmware initialization. */ 5968 return hal->post_alive(sc); 5969 } 5970 5971 static void 5972 iwn_hw_stop(struct iwn_softc *sc) 5973 { 5974 const struct iwn_hal *hal = sc->sc_hal; 5975 int chnl, qid, ntries; 5976 uint32_t tmp; 5977 5978 IWN_WRITE(sc, IWN_RESET, IWN_RESET_NEVO); 5979 5980 /* Disable interrupts. */ 5981 IWN_WRITE(sc, IWN_INT_MASK, 0); 5982 IWN_WRITE(sc, IWN_INT, 0xffffffff); 5983 IWN_WRITE(sc, IWN_FH_INT, 0xffffffff); 5984 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 5985 5986 /* Make sure we no longer hold the NIC lock. */ 5987 iwn_nic_unlock(sc); 5988 5989 /* Stop TX scheduler. */ 5990 iwn_prph_write(sc, hal->sched_txfact_addr, 0); 5991 5992 /* Stop all DMA channels. */ 5993 if (iwn_nic_lock(sc) == 0) { 5994 for (chnl = 0; chnl < hal->ndmachnls; chnl++) { 5995 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 0); 5996 for (ntries = 0; ntries < 200; ntries++) { 5997 tmp = IWN_READ(sc, IWN_FH_TX_STATUS); 5998 if ((tmp & IWN_FH_TX_STATUS_IDLE(chnl)) == 5999 IWN_FH_TX_STATUS_IDLE(chnl)) 6000 break; 6001 DELAY(10); 6002 } 6003 } 6004 iwn_nic_unlock(sc); 6005 } 6006 6007 /* Stop RX ring. */ 6008 iwn_reset_rx_ring(sc, &sc->rxq); 6009 6010 /* Reset all TX rings. */ 6011 for (qid = 0; qid < hal->ntxqs; qid++) 6012 iwn_reset_tx_ring(sc, &sc->txq[qid]); 6013 6014 if (iwn_nic_lock(sc) == 0) { 6015 iwn_prph_write(sc, IWN_APMG_CLK_DIS, 6016 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 6017 iwn_nic_unlock(sc); 6018 } 6019 DELAY(5); 6020 /* Power OFF adapter. */ 6021 iwn_apm_stop(sc); 6022 } 6023 6024 static int 6025 iwn_init(struct ifnet *ifp) 6026 { 6027 struct iwn_softc *sc = ifp->if_softc; 6028 struct ieee80211com *ic = &sc->sc_ic; 6029 int error; 6030 6031 if ((error = iwn_hw_prepare(sc)) != 0) { 6032 aprint_error_dev(sc->sc_dev, 6033 "hardware not ready\n"); 6034 goto fail; 6035 } 6036 6037 /* Check that the radio is not disabled by hardware switch. */ 6038 if (!(IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_RFKILL)) { 6039 aprint_error_dev(sc->sc_dev, 6040 "radio is disabled by hardware switch\n"); 6041 error = EPERM; /* :-) */ 6042 goto fail; 6043 } 6044 6045 /* Read firmware images from the filesystem. */ 6046 if ((error = iwn_read_firmware(sc)) != 0) { 6047 aprint_error_dev(sc->sc_dev, 6048 "could not read firmware\n"); 6049 goto fail; 6050 } 6051 6052 /* Initialize interrupt mask to default value. */ 6053 sc->int_mask = IWN_INT_MASK_DEF; 6054 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 6055 6056 /* Initialize hardware and upload firmware. */ 6057 error = iwn_hw_init(sc); 6058 free(sc->fw.data, M_DEVBUF); 6059 if (error != 0) { 6060 aprint_error_dev(sc->sc_dev, 6061 "could not initialize hardware\n"); 6062 goto fail; 6063 } 6064 6065 /* Configure adapter now that it is ready. */ 6066 if ((error = iwn_config(sc)) != 0) { 6067 aprint_error_dev(sc->sc_dev, 6068 "could not configure device\n"); 6069 goto fail; 6070 } 6071 6072 ifp->if_flags &= ~IFF_OACTIVE; 6073 ifp->if_flags |= IFF_RUNNING; 6074 6075 if (ic->ic_opmode != IEEE80211_M_MONITOR) 6076 ieee80211_begin_scan(ic, 0); 6077 else 6078 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 6079 6080 return 0; 6081 6082 fail: iwn_stop(ifp, 1); 6083 return error; 6084 } 6085 6086 static void 6087 iwn_stop(struct ifnet *ifp, int disable) 6088 { 6089 struct iwn_softc *sc = ifp->if_softc; 6090 struct ieee80211com *ic = &sc->sc_ic; 6091 6092 ifp->if_timer = sc->sc_tx_timer = 0; 6093 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 6094 6095 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 6096 6097 /* Power OFF hardware. */ 6098 iwn_hw_stop(sc); 6099 6100 #ifndef SMALL_KERNEL 6101 /* Temperature sensor is no longer valid. */ 6102 sc->sc_sensor.value_cur = 0; 6103 sc->sc_sensor.state = ENVSYS_SINVALID; 6104 #endif 6105 } 6106 6107 static struct mbuf * 6108 MCLGETIalt(struct iwn_softc *sc, int how, 6109 struct ifnet *ifp __unused, u_int size) 6110 { 6111 struct mbuf *m; 6112 #ifdef IWN_USE_RBUF 6113 struct iwn_rbuf *rbuf; 6114 #endif 6115 6116 MGETHDR(m, how, MT_DATA); 6117 if (m == NULL) 6118 return NULL; 6119 6120 #ifdef IWN_USE_RBUF 6121 if (sc->rxq.nb_free_entries > 0 && 6122 (rbuf = iwn_alloc_rbuf(sc)) != NULL) { 6123 /* Attach buffer to mbuf header. */ 6124 MEXTADD(m, rbuf->vaddr, size, 0, iwn_free_rbuf, rbuf); 6125 m->m_flags |= M_EXT_RW; 6126 } 6127 else { 6128 MEXTMALLOC(m, size, how); 6129 if ((m->m_flags & M_EXT) == 0) { 6130 m_freem(m); 6131 return NULL; 6132 } 6133 } 6134 6135 #else 6136 #ifdef MCLGET4K 6137 if (size == 4096) 6138 MCLGET4K(m, how); 6139 else 6140 panic("size must be 4k"); 6141 #else 6142 MEXTMALLOC(m, size, how); 6143 #endif 6144 if ((m->m_flags & M_EXT) == 0) { 6145 m_freem(m); 6146 return NULL; 6147 } 6148 #endif 6149 6150 return m; 6151 } 6152 6153 #ifdef IWN_USE_RBUF 6154 static struct iwn_rbuf * 6155 iwn_alloc_rbuf(struct iwn_softc *sc) 6156 { 6157 struct iwn_rbuf *rbuf; 6158 mutex_enter(&sc->rxq.freelist_mtx); 6159 6160 rbuf = SLIST_FIRST(&sc->rxq.freelist); 6161 if (rbuf != NULL) { 6162 SLIST_REMOVE_HEAD(&sc->rxq.freelist, next); 6163 sc->rxq.nb_free_entries --; 6164 } 6165 mutex_exit(&sc->rxq.freelist_mtx); 6166 return rbuf; 6167 } 6168 6169 /* 6170 * This is called automatically by the network stack when the mbuf to which 6171 * our RX buffer is attached is freed. 6172 */ 6173 static void 6174 iwn_free_rbuf(struct mbuf* m, void *buf, size_t size, void *arg) 6175 { 6176 struct iwn_rbuf *rbuf = arg; 6177 struct iwn_softc *sc = rbuf->sc; 6178 6179 /* Put the RX buffer back in the free list. */ 6180 mutex_enter(&sc->rxq.freelist_mtx); 6181 SLIST_INSERT_HEAD(&sc->rxq.freelist, rbuf, next); 6182 mutex_exit(&sc->rxq.freelist_mtx); 6183 6184 sc->rxq.nb_free_entries ++; 6185 if (__predict_true(m != NULL)) 6186 pool_cache_put(mb_cache, m); 6187 } 6188 6189 static int 6190 iwn_alloc_rpool(struct iwn_softc *sc) 6191 { 6192 struct iwn_rx_ring *ring = &sc->rxq; 6193 struct iwn_rbuf *rbuf; 6194 int i, error; 6195 6196 mutex_init(&ring->freelist_mtx, MUTEX_DEFAULT, IPL_NET); 6197 6198 /* Allocate a big chunk of DMA'able memory... */ 6199 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->buf_dma, NULL, 6200 IWN_RBUF_COUNT * IWN_RBUF_SIZE, PAGE_SIZE); 6201 if (error != 0) { 6202 aprint_error_dev(sc->sc_dev, 6203 "could not allocate RX buffers DMA memory\n"); 6204 return error; 6205 } 6206 /* ...and split it into chunks of IWN_RBUF_SIZE bytes. */ 6207 SLIST_INIT(&ring->freelist); 6208 for (i = 0; i < IWN_RBUF_COUNT; i++) { 6209 rbuf = &ring->rbuf[i]; 6210 6211 rbuf->sc = sc; /* Backpointer for callbacks. */ 6212 rbuf->vaddr = (void *)((vaddr_t)ring->buf_dma.vaddr + i * IWN_RBUF_SIZE); 6213 rbuf->paddr = ring->buf_dma.paddr + i * IWN_RBUF_SIZE; 6214 6215 SLIST_INSERT_HEAD(&ring->freelist, rbuf, next); 6216 } 6217 ring->nb_free_entries = IWN_RBUF_COUNT; 6218 return 0; 6219 } 6220 6221 static void 6222 iwn_free_rpool(struct iwn_softc *sc) 6223 { 6224 iwn_dma_contig_free(&sc->rxq.buf_dma); 6225 } 6226 #endif 6227 6228 /* 6229 * XXX code from OpenBSD src/sys/net80211/ieee80211_output.c 6230 * Copyright (c) 2001 Atsushi Onoe 6231 * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting 6232 * Copyright (c) 2007-2009 Damien Bergamini 6233 * All rights reserved. 6234 */ 6235 6236 /* 6237 * Add an SSID element to a frame (see 7.3.2.1). 6238 */ 6239 static u_int8_t * 6240 ieee80211_add_ssid(u_int8_t *frm, const u_int8_t *ssid, u_int len) 6241 { 6242 *frm++ = IEEE80211_ELEMID_SSID; 6243 *frm++ = len; 6244 memcpy(frm, ssid, len); 6245 return frm + len; 6246 } 6247 6248 /* 6249 * Add a supported rates element to a frame (see 7.3.2.2). 6250 */ 6251 static u_int8_t * 6252 ieee80211_add_rates(u_int8_t *frm, const struct ieee80211_rateset *rs) 6253 { 6254 int nrates; 6255 6256 *frm++ = IEEE80211_ELEMID_RATES; 6257 nrates = min(rs->rs_nrates, IEEE80211_RATE_SIZE); 6258 *frm++ = nrates; 6259 memcpy(frm, rs->rs_rates, nrates); 6260 return frm + nrates; 6261 } 6262 6263 /* 6264 * Add an extended supported rates element to a frame (see 7.3.2.14). 6265 */ 6266 static u_int8_t * 6267 ieee80211_add_xrates(u_int8_t *frm, const struct ieee80211_rateset *rs) 6268 { 6269 int nrates; 6270 6271 KASSERT(rs->rs_nrates > IEEE80211_RATE_SIZE); 6272 6273 *frm++ = IEEE80211_ELEMID_XRATES; 6274 nrates = rs->rs_nrates - IEEE80211_RATE_SIZE; 6275 *frm++ = nrates; 6276 memcpy(frm, rs->rs_rates + IEEE80211_RATE_SIZE, nrates); 6277 return frm + nrates; 6278 } 6279 6280 /* 6281 * XXX: Hack to set the current channel to the value advertised in beacons or 6282 * probe responses. Only used during AP detection. 6283 * XXX: Duplicated from if_iwi.c 6284 */ 6285 static void 6286 iwn_fix_channel(struct ieee80211com *ic, struct mbuf *m) 6287 { 6288 struct ieee80211_frame *wh; 6289 uint8_t subtype; 6290 uint8_t *frm, *efrm; 6291 6292 wh = mtod(m, struct ieee80211_frame *); 6293 6294 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 6295 return; 6296 6297 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 6298 6299 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 6300 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 6301 return; 6302 6303 frm = (uint8_t *)(wh + 1); 6304 efrm = mtod(m, uint8_t *) + m->m_len; 6305 6306 frm += 12; /* skip tstamp, bintval and capinfo fields */ 6307 while (frm < efrm) { 6308 if (*frm == IEEE80211_ELEMID_DSPARMS) 6309 #if IEEE80211_CHAN_MAX < 255 6310 if (frm[2] <= IEEE80211_CHAN_MAX) 6311 #endif 6312 ic->ic_curchan = &ic->ic_channels[frm[2]]; 6313 6314 frm += frm[1] + 2; 6315 } 6316 } 6317 6318