1 /* $NetBSD: if_iwn.c,v 1.16 2008/07/29 12:01:41 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 2007 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __KERNEL_RCSID(0, "$NetBSD: if_iwn.c,v 1.16 2008/07/29 12:01:41 christos Exp $"); 22 23 24 /* 25 * Driver for Intel Wireless WiFi Link 4965AGN 802.11 network adapters. 26 */ 27 28 #include "bpfilter.h" 29 30 #include <sys/param.h> 31 #include <sys/sockio.h> 32 #include <sys/sysctl.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/malloc.h> 38 #include <sys/conf.h> 39 #include <sys/kauth.h> 40 #include <sys/callout.h> 41 42 #include <machine/bus.h> 43 #include <machine/endian.h> 44 #include <machine/intr.h> 45 46 #include <dev/pci/pcireg.h> 47 #include <dev/pci/pcivar.h> 48 #include <dev/pci/pcidevs.h> 49 50 #if NBPFILTER > 0 51 #include <net/bpf.h> 52 #endif 53 #include <net/if.h> 54 #include <net/if_arp.h> 55 #include <net/if_dl.h> 56 #include <net/if_media.h> 57 #include <net/if_types.h> 58 59 #include <netinet/in.h> 60 #include <netinet/in_systm.h> 61 #include <netinet/in_var.h> 62 #include <net/if_ether.h> 63 #include <netinet/ip.h> 64 65 #include <net80211/ieee80211_var.h> 66 #include <net80211/ieee80211_amrr.h> 67 #include <net80211/ieee80211_radiotap.h> 68 69 #include <dev/firmload.h> 70 71 #include <dev/pci/if_iwnreg.h> 72 #include <dev/pci/if_iwnvar.h> 73 74 #if 0 75 static const struct pci_matchid iwn_devices[] = { 76 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_4965AGN_1 }, 77 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_4965AGN_2 } 78 }; 79 #endif 80 81 /* 82 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 83 */ 84 static const struct ieee80211_rateset iwn_rateset_11a = 85 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 86 87 static const struct ieee80211_rateset iwn_rateset_11b = 88 { 4, { 2, 4, 11, 22 } }; 89 90 static const struct ieee80211_rateset iwn_rateset_11g = 91 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 92 93 94 #define EDCA_NUM_AC 4 95 static int iwn_match(device_t , struct cfdata *, void *); 96 static void iwn_attach(device_t , device_t, void *); 97 static int iwn_detach(device_t, int); 98 99 static void iwn_radiotap_attach(struct iwn_softc *); 100 static int iwn_dma_contig_alloc(bus_dma_tag_t, struct iwn_dma_info *, 101 void **, bus_size_t, bus_size_t, int); 102 static void iwn_dma_contig_free(struct iwn_dma_info *); 103 static int iwn_alloc_shared(struct iwn_softc *); 104 static void iwn_free_shared(struct iwn_softc *); 105 static int iwn_alloc_kw(struct iwn_softc *); 106 static void iwn_free_kw(struct iwn_softc *); 107 static int iwn_alloc_fwmem(struct iwn_softc *); 108 static void iwn_free_fwmem(struct iwn_softc *); 109 static struct iwn_rbuf *iwn_alloc_rbuf(struct iwn_softc *); 110 static void iwn_free_rbuf(struct mbuf *, void *, size_t, void *); 111 static int iwn_alloc_rpool(struct iwn_softc *); 112 static void iwn_free_rpool(struct iwn_softc *); 113 static int iwn_alloc_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 114 static void iwn_reset_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 115 static void iwn_free_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 116 static int iwn_alloc_tx_ring(struct iwn_softc *, struct iwn_tx_ring *, 117 int, int); 118 static void iwn_reset_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 119 static void iwn_free_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 120 static struct ieee80211_node *iwn_node_alloc(struct ieee80211_node_table *); 121 static void iwn_newassoc(struct ieee80211_node *, int); 122 static int iwn_media_change(struct ifnet *); 123 static int iwn_newstate(struct ieee80211com *, enum ieee80211_state, int); 124 static void iwn_mem_lock(struct iwn_softc *); 125 static void iwn_mem_unlock(struct iwn_softc *); 126 static uint32_t iwn_mem_read(struct iwn_softc *, uint32_t); 127 static void iwn_mem_write(struct iwn_softc *, uint32_t, uint32_t); 128 static void iwn_mem_write_region_4(struct iwn_softc *, uint32_t, 129 const uint32_t *, int); 130 static int iwn_eeprom_lock(struct iwn_softc *); 131 static void iwn_eeprom_unlock(struct iwn_softc *); 132 static int iwn_read_prom_data(struct iwn_softc *, uint32_t, void *, int); 133 static int iwn_load_microcode(struct iwn_softc *, const uint8_t *, int); 134 static int iwn_load_firmware(struct iwn_softc *); 135 static void iwn_calib_timeout(void *); 136 static void iwn_iter_func(void *, struct ieee80211_node *); 137 static void iwn_ampdu_rx_start(struct iwn_softc *, struct iwn_rx_desc *); 138 static void iwn_rx_intr(struct iwn_softc *, struct iwn_rx_desc *, 139 struct iwn_rx_data *); 140 static void iwn_rx_statistics(struct iwn_softc *, struct iwn_rx_desc *); 141 static void iwn_tx_intr(struct iwn_softc *, struct iwn_rx_desc *); 142 static void iwn_cmd_intr(struct iwn_softc *, struct iwn_rx_desc *); 143 static void iwn_notif_intr(struct iwn_softc *); 144 static int iwn_intr(void *); 145 static void iwn_read_eeprom(struct iwn_softc *); 146 static void iwn_read_eeprom_channels(struct iwn_softc *, int); 147 static uint8_t iwn_plcp_signal(int); 148 static int iwn_tx_data(struct iwn_softc *, struct mbuf *, 149 struct ieee80211_node *, int); 150 static void iwn_start(struct ifnet *); 151 static void iwn_watchdog(struct ifnet *); 152 static int iwn_ioctl(struct ifnet *, u_long, void *); 153 static int iwn_cmd(struct iwn_softc *, int, const void *, int, int); 154 static int iwn_wme_update(struct ieee80211com *); 155 static int iwn_setup_node_mrr(struct iwn_softc *, uint8_t, int); 156 static void iwn_set_led(struct iwn_softc *, uint8_t, uint8_t, uint8_t); 157 static int iwn_set_critical_temp(struct iwn_softc *); 158 static void iwn_enable_tsf(struct iwn_softc *, struct ieee80211_node *); 159 static void iwn_power_calibration(struct iwn_softc *, int); 160 static int iwn_set_txpower(struct iwn_softc *, 161 struct ieee80211_channel *, int); 162 static int iwn_get_rssi(const struct iwn_rx_stat *); 163 static int iwn_get_noise(const struct iwn_rx_general_stats *); 164 static int iwn_get_temperature(struct iwn_softc *); 165 static int iwn_init_sensitivity(struct iwn_softc *); 166 static void iwn_compute_differential_gain(struct iwn_softc *, 167 const struct iwn_rx_general_stats *); 168 static void iwn_tune_sensitivity(struct iwn_softc *, 169 const struct iwn_rx_stats *); 170 static int iwn_send_sensitivity(struct iwn_softc *); 171 /*static int iwn_setup_beacon(struct iwn_softc *, struct ieee80211_node *);*/ 172 static int iwn_auth(struct iwn_softc *); 173 static int iwn_run(struct iwn_softc *); 174 static int iwn_scan(struct iwn_softc *, uint16_t); 175 static int iwn_config(struct iwn_softc *); 176 static void iwn_post_alive(struct iwn_softc *); 177 static void iwn_stop_master(struct iwn_softc *); 178 static int iwn_reset(struct iwn_softc *); 179 static void iwn_hw_config(struct iwn_softc *); 180 static int iwn_init(struct ifnet *); 181 static void iwn_stop(struct ifnet *, int); 182 static void iwn_fix_channel(struct ieee80211com *, struct mbuf *); 183 static bool iwn_resume(device_t PMF_FN_PROTO); 184 static int iwn_add_node(struct iwn_softc *sc, 185 struct ieee80211_node *ni, bool broadcast, bool async); 186 187 188 189 #define IWN_DEBUG 190 191 #ifdef IWN_DEBUG 192 #define DPRINTF(x) do { if (iwn_debug > 0) printf x; } while (0) 193 #define DPRINTFN(n, x) do { if (iwn_debug >= (n)) printf x; } while (0) 194 int iwn_debug = 0; 195 #else 196 #define DPRINTF(x) 197 #define DPRINTFN(n, x) 198 #endif 199 200 #ifdef IWN_DEBUG 201 static void iwn_print_power_group(struct iwn_softc *, int); 202 #endif 203 204 CFATTACH_DECL_NEW(iwn, sizeof(struct iwn_softc), iwn_match, iwn_attach, 205 iwn_detach, NULL); 206 207 static int 208 iwn_match(device_t parent, struct cfdata *match __unused, void *aux) 209 { 210 struct pci_attach_args *pa = aux; 211 212 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 213 return 0; 214 215 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_4965AGN_1 || 216 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_4965AGN_2) 217 return 1; 218 219 return 0; 220 } 221 222 /* Base Address Register */ 223 #define IWN_PCI_BAR0 0x10 224 225 static void 226 iwn_attach(device_t parent __unused, device_t self, void *aux) 227 { 228 struct iwn_softc *sc = device_private(self); 229 struct ieee80211com *ic = &sc->sc_ic; 230 struct ifnet *ifp = &sc->sc_ec.ec_if; 231 struct pci_attach_args *pa = aux; 232 const char *intrstr; 233 char devinfo[256]; 234 pci_intr_handle_t ih; 235 pcireg_t memtype, data; 236 int i, error, revision; 237 238 sc->sc_dev = self; 239 sc->sc_pct = pa->pa_pc; 240 sc->sc_pcitag = pa->pa_tag; 241 242 callout_init(&sc->calib_to, 0); 243 callout_setfunc(&sc->calib_to, iwn_calib_timeout, sc); 244 245 pci_devinfo(pa->pa_id, pa->pa_class, 0, devinfo, sizeof devinfo); 246 revision = PCI_REVISION(pa->pa_class); 247 aprint_normal(": %s (rev. 0x%2x)\n", devinfo, revision); 248 249 250 /* clear device specific PCI configuration register 0x41 */ 251 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 252 data &= ~0x0000ff00; 253 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 254 255 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 256 data |= PCI_COMMAND_MASTER_ENABLE; 257 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, data); 258 259 /* enable bus-mastering */ 260 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 261 data |= PCI_COMMAND_MASTER_ENABLE; 262 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, data); 263 264 /* map the register window */ 265 memtype = pci_mapreg_type(pa->pa_pc, pa->pa_tag, IWN_PCI_BAR0); 266 error = pci_mapreg_map(pa, IWN_PCI_BAR0, memtype, 0, &sc->sc_st, 267 &sc->sc_sh, NULL, &sc->sc_sz); 268 if (error != 0) { 269 aprint_error_dev(self, "could not map memory space\n"); 270 return; 271 } 272 273 sc->sc_dmat = pa->pa_dmat; 274 275 if (pci_intr_map(pa, &ih) != 0) { 276 aprint_error_dev(self, "could not map interrupt\n"); 277 return; 278 } 279 280 intrstr = pci_intr_string(sc->sc_pct, ih); 281 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, iwn_intr, sc); 282 283 if (sc->sc_ih == NULL) { 284 aprint_error_dev(self, "could not establish interrupt"); 285 if (intrstr != NULL) 286 aprint_error(" at %s", intrstr); 287 aprint_error("\n"); 288 return; 289 } 290 aprint_normal_dev(self, "interrupting at %s\n", intrstr); 291 292 if (iwn_reset(sc) != 0) { 293 aprint_error_dev(self, "could not reset adapter\n"); 294 return; 295 } 296 297 /* 298 * Allocate DMA memory for firmware transfers. 299 */ 300 if ((error = iwn_alloc_fwmem(sc)) != 0) { 301 aprint_error_dev(self, "could not allocate firmware memory\n"); 302 return; 303 } 304 305 /* 306 * Allocate a "keep warm" page. 307 */ 308 if ((error = iwn_alloc_kw(sc)) != 0) { 309 aprint_error_dev(self, "could not allocate keep warm page\n"); 310 goto fail1; 311 } 312 313 /* 314 * Allocate shared area (communication area). 315 */ 316 if ((error = iwn_alloc_shared(sc)) != 0) { 317 aprint_error_dev(self, "could not allocate shared area\n"); 318 goto fail2; 319 } 320 321 /* 322 * Allocate Rx buffers and Tx/Rx rings. 323 */ 324 if ((error = iwn_alloc_rpool(sc)) != 0) { 325 aprint_error_dev(self, "could not allocate Rx buffers\n"); 326 goto fail3; 327 } 328 329 for (i = 0; i < IWN_NTXQUEUES; i++) { 330 struct iwn_tx_ring *txq = &sc->txq[i]; 331 error = iwn_alloc_tx_ring(sc, txq, IWN_TX_RING_COUNT, i); 332 if (error != 0) { 333 aprint_error_dev(self, "could not allocate Tx ring %d\n", i); 334 goto fail4; 335 } 336 } 337 338 if (iwn_alloc_rx_ring(sc, &sc->rxq) != 0) { 339 aprint_error_dev(self, "could not allocate Rx ring\n"); 340 goto fail4; 341 } 342 343 344 ic->ic_ifp = ifp; 345 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 346 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 347 ic->ic_state = IEEE80211_S_INIT; 348 349 /* set device capabilities */ 350 ic->ic_caps = 351 IEEE80211_C_IBSS | /* IBSS mode support */ 352 IEEE80211_C_WPA | /* 802.11i */ 353 IEEE80211_C_MONITOR | /* monitor mode supported */ 354 IEEE80211_C_TXPMGT | /* tx power management */ 355 IEEE80211_C_SHSLOT | /* short slot time supported */ 356 IEEE80211_C_SHPREAMBLE| /* short preamble supported */ 357 IEEE80211_C_WME; /* 802.11e */ 358 359 /* read supported channels and MAC address from EEPROM */ 360 iwn_read_eeprom(sc); 361 362 /* set supported .11a, .11b and .11g rates */ 363 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwn_rateset_11a; 364 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwn_rateset_11b; 365 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwn_rateset_11g; 366 367 /* IBSS channel undefined for now */ 368 ic->ic_ibss_chan = &ic->ic_channels[0]; 369 370 ifp->if_softc = sc; 371 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 372 ifp->if_init = iwn_init; 373 ifp->if_stop = iwn_stop; 374 ifp->if_ioctl = iwn_ioctl; 375 ifp->if_start = iwn_start; 376 ifp->if_watchdog = iwn_watchdog; 377 IFQ_SET_READY(&ifp->if_snd); 378 memcpy(ifp->if_xname, device_xname(self), IFNAMSIZ); 379 380 if_attach(ifp); 381 ieee80211_ifattach(ic); 382 ic->ic_node_alloc = iwn_node_alloc; 383 ic->ic_newassoc = iwn_newassoc; 384 ic->ic_wme.wme_update = iwn_wme_update; 385 386 /* override state transition machine */ 387 sc->sc_newstate = ic->ic_newstate; 388 ic->ic_newstate = iwn_newstate; 389 ieee80211_media_init(ic, iwn_media_change, ieee80211_media_status); 390 391 sc->amrr.amrr_min_success_threshold = 1; 392 sc->amrr.amrr_max_success_threshold = 15; 393 394 if (!pmf_device_register(self, NULL, iwn_resume)) 395 aprint_error_dev(self, "couldn't establish power handler\n"); 396 else 397 pmf_class_network_register(self, ifp); 398 399 iwn_radiotap_attach(sc); 400 401 ieee80211_announce(ic); 402 403 return; 404 405 /* free allocated memory if something failed during attachment */ 406 fail4: while (--i >= 0) 407 iwn_free_tx_ring(sc, &sc->txq[i]); 408 iwn_free_rpool(sc); 409 fail3: iwn_free_shared(sc); 410 fail2: iwn_free_kw(sc); 411 fail1: iwn_free_fwmem(sc); 412 } 413 414 static int 415 iwn_detach(struct device* self, int flags __unused) 416 { 417 struct iwn_softc *sc = (struct iwn_softc *)self; 418 struct ifnet *ifp = sc->sc_ic.ic_ifp; 419 int ac; 420 421 iwn_stop(ifp, 1); 422 423 #if NBPFILTER > 0 424 if (ifp != NULL) 425 bpfdetach(ifp); 426 #endif 427 ieee80211_ifdetach(&sc->sc_ic); 428 if (ifp != NULL) 429 if_detach(ifp); 430 431 for (ac = 0; ac < IWN_NTXQUEUES; ac++) 432 iwn_free_tx_ring(sc, &sc->txq[ac]); 433 iwn_free_rx_ring(sc, &sc->rxq); 434 iwn_free_rpool(sc); 435 iwn_free_shared(sc); 436 437 if (sc->sc_ih != NULL) { 438 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 439 sc->sc_ih = NULL; 440 } 441 442 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 443 444 return 0; 445 } 446 447 /* 448 * Attach the interface to 802.11 radiotap. 449 */ 450 static void 451 iwn_radiotap_attach(struct iwn_softc *sc) 452 { 453 struct ifnet *ifp = sc->sc_ic.ic_ifp; 454 455 #if NBPFILTER > 0 456 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 457 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 458 &sc->sc_drvbpf); 459 460 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 461 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 462 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWN_RX_RADIOTAP_PRESENT); 463 464 sc->sc_txtap_len = sizeof sc->sc_txtapu; 465 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 466 sc->sc_txtap.wt_ihdr.it_present = htole32(IWN_TX_RADIOTAP_PRESENT); 467 #endif 468 } 469 470 471 /* 472 * Build a beacon frame that the firmware will broadcast periodically in 473 * IBSS or HostAP modes. 474 */ 475 static int 476 iwn_setup_beacon(struct iwn_softc *sc, struct ieee80211_node *ni) 477 { 478 struct ieee80211com *ic = &sc->sc_ic; 479 struct iwn_tx_ring *ring = &sc->txq[4]; 480 struct iwn_tx_desc *desc; 481 struct iwn_tx_data *data; 482 struct iwn_tx_cmd *cmd; 483 struct iwn_cmd_beacon *bcn; 484 struct ieee80211_beacon_offsets bo; 485 struct mbuf *m0; 486 bus_addr_t paddr; 487 int error; 488 489 desc = &ring->desc[ring->cur]; 490 data = &ring->data[ring->cur]; 491 492 m0 = ieee80211_beacon_alloc(ic, ni, &bo); 493 if (m0 == NULL) { 494 aprint_error_dev(sc->sc_dev, "could not allocate beacon frame\n"); 495 return ENOMEM; 496 } 497 498 cmd = &ring->cmd[ring->cur]; 499 cmd->code = IWN_CMD_SET_BEACON; 500 cmd->flags = 0; 501 cmd->qid = ring->qid; 502 cmd->idx = ring->cur; 503 504 bcn = (struct iwn_cmd_beacon *)cmd->data; 505 memset(bcn, 0, sizeof (struct iwn_cmd_beacon)); 506 bcn->id = IWN_ID_BROADCAST; 507 bcn->ofdm_mask = 0xff; 508 bcn->cck_mask = 0x0f; 509 bcn->lifetime = htole32(IWN_LIFETIME_INFINITE); 510 bcn->len = htole16(m0->m_pkthdr.len); 511 bcn->rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 512 iwn_plcp_signal(12) : iwn_plcp_signal(2); 513 bcn->flags = htole32(IWN_TX_AUTO_SEQ | IWN_TX_INSERT_TSTAMP); 514 515 /* save and trim IEEE802.11 header */ 516 m_copydata(m0, 0, sizeof (struct ieee80211_frame), (void *)&bcn->wh); 517 m_adj(m0, sizeof (struct ieee80211_frame)); 518 519 /* assume beacon frame is contiguous */ 520 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 521 BUS_DMA_READ | BUS_DMA_NOWAIT); 522 if (error) { 523 aprint_error_dev(sc->sc_dev, "could not map beacon\n"); 524 m_freem(m0); 525 return error; 526 } 527 528 data->m = m0; 529 530 /* first scatter/gather segment is used by the beacon command */ 531 paddr = ring->cmd_dma.paddr + ring->cur * sizeof (struct iwn_tx_cmd); 532 533 IWN_SET_DESC_NSEGS(desc, 2); 534 IWN_SET_DESC_SEG(desc, 0, paddr , 4 + sizeof(struct iwn_cmd_beacon)); 535 IWN_SET_DESC_SEG(desc, 1, data->map->dm_segs[0].ds_addr, 536 data->map->dm_segs[1].ds_len); 537 538 539 /* kick cmd ring */ 540 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 541 IWN_WRITE(sc, IWN_TX_WIDX, ring->qid << 8 | ring->cur); 542 543 return 0; 544 } 545 546 static int 547 iwn_dma_contig_alloc(bus_dma_tag_t tag, struct iwn_dma_info *dma, void **kvap, 548 bus_size_t size, bus_size_t alignment, int flags) 549 { 550 int nsegs, error; 551 552 dma->tag = tag; 553 dma->size = size; 554 555 error = bus_dmamap_create(tag, size, 1, size, 0, flags, &dma->map); 556 if (error != 0) 557 goto fail; 558 559 error = bus_dmamem_alloc(tag, size, alignment, 0, &dma->seg, 1, &nsegs, 560 flags); 561 if (error != 0) 562 goto fail; 563 564 error = bus_dmamem_map(tag, &dma->seg, 1, size, &dma->vaddr, flags); 565 if (error != 0) 566 goto fail; 567 568 error = bus_dmamap_load(tag, dma->map, dma->vaddr, size, NULL, flags); 569 if (error != 0) 570 goto fail; 571 572 memset(dma->vaddr, 0, size); 573 574 dma->paddr = dma->map->dm_segs[0].ds_addr; 575 if (kvap != NULL) 576 *kvap = dma->vaddr; 577 578 return 0; 579 580 fail: iwn_dma_contig_free(dma); 581 return error; 582 } 583 584 static void 585 iwn_dma_contig_free(struct iwn_dma_info *dma) 586 { 587 if (dma->map != NULL) { 588 if (dma->vaddr != NULL) { 589 bus_dmamap_unload(dma->tag, dma->map); 590 bus_dmamem_unmap(dma->tag, dma->vaddr, dma->size); 591 bus_dmamem_free(dma->tag, &dma->seg, 1); 592 dma->vaddr = NULL; 593 } 594 bus_dmamap_destroy(dma->tag, dma->map); 595 dma->map = NULL; 596 } 597 } 598 599 static int 600 iwn_alloc_shared(struct iwn_softc *sc) 601 { 602 int error; 603 void *p; 604 /* must be aligned on a 1KB boundary */ 605 error = iwn_dma_contig_alloc(sc->sc_dmat, &sc->shared_dma, 606 &p, sizeof (struct iwn_shared), 1024,BUS_DMA_NOWAIT); 607 sc->shared = p; 608 if (error != 0) 609 aprint_error_dev(sc->sc_dev, 610 "could not allocate shared area DMA memory\n"); 611 612 return error; 613 614 } 615 616 static void 617 iwn_free_shared(struct iwn_softc *sc) 618 { 619 iwn_dma_contig_free(&sc->shared_dma); 620 } 621 622 static int 623 iwn_alloc_kw(struct iwn_softc *sc) 624 { 625 /* must be aligned on a 16-byte boundary */ 626 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->kw_dma, NULL, 627 PAGE_SIZE, PAGE_SIZE, BUS_DMA_NOWAIT); 628 } 629 630 static void 631 iwn_free_kw(struct iwn_softc *sc) 632 { 633 iwn_dma_contig_free(&sc->kw_dma); 634 } 635 636 static int 637 iwn_alloc_fwmem(struct iwn_softc *sc) 638 { 639 int error; 640 /* allocate enough contiguous space to store text and data */ 641 error = iwn_dma_contig_alloc(sc->sc_dmat, &sc->fw_dma, NULL, 642 IWN_FW_MAIN_TEXT_MAXSZ + IWN_FW_MAIN_DATA_MAXSZ, 16, 643 BUS_DMA_NOWAIT); 644 645 if (error != 0){ 646 aprint_error_dev(sc->sc_dev, 647 "could not allocate firmware transfer area DMA memory\n" ); 648 649 } 650 return error; 651 } 652 653 static void 654 iwn_free_fwmem(struct iwn_softc *sc) 655 { 656 iwn_dma_contig_free(&sc->fw_dma); 657 } 658 659 static struct iwn_rbuf * 660 iwn_alloc_rbuf(struct iwn_softc *sc) 661 { 662 struct iwn_rbuf *rbuf; 663 664 rbuf = SLIST_FIRST(&sc->rxq.freelist); 665 if (rbuf == NULL) 666 return NULL; 667 SLIST_REMOVE_HEAD(&sc->rxq.freelist, next); 668 sc->rxq.nb_free_entries --; 669 return rbuf; 670 } 671 672 /* 673 * This is called automatically by the network stack when the mbuf to which 674 * our Rx buffer is attached is freed. 675 */ 676 static void 677 iwn_free_rbuf(struct mbuf* m, void *buf, size_t size, void *arg) 678 { 679 struct iwn_rbuf *rbuf = arg; 680 struct iwn_softc *sc = rbuf->sc; 681 682 /* put the buffer back in the free list */ 683 SLIST_INSERT_HEAD(&sc->rxq.freelist, rbuf, next); 684 685 sc->rxq.nb_free_entries ++; 686 687 if (__predict_true(m != NULL)) 688 pool_cache_put(mb_cache, m); 689 } 690 691 692 static int 693 iwn_alloc_rpool(struct iwn_softc *sc) 694 { 695 struct iwn_rx_ring *ring = &sc->rxq; 696 struct iwn_rbuf *rbuf; 697 int i, error; 698 699 /* allocate a big chunk of DMA'able memory.. */ 700 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->buf_dma, NULL, 701 IWN_RBUF_COUNT * IWN_RBUF_SIZE, IWN_BUF_ALIGN, BUS_DMA_NOWAIT); 702 if (error != 0) { 703 aprint_error_dev(sc->sc_dev, 704 "could not allocate Rx buffers DMA memory\n"); 705 return error; 706 } 707 708 /* ..and split it into chunks of "rbufsz" bytes */ 709 SLIST_INIT(&ring->freelist); 710 for (i = 0; i < IWN_RBUF_COUNT; i++) { 711 rbuf = &ring->rbuf[i]; 712 713 rbuf->sc = sc; /* backpointer for callbacks */ 714 rbuf->vaddr = (char *)ring->buf_dma.vaddr + i * IWN_RBUF_SIZE; 715 rbuf->paddr = ring->buf_dma.paddr + i * IWN_RBUF_SIZE; 716 717 SLIST_INSERT_HEAD(&ring->freelist, rbuf, next); 718 } 719 ring->nb_free_entries = IWN_RBUF_COUNT; 720 return 0; 721 } 722 723 static void 724 iwn_free_rpool(struct iwn_softc *sc) 725 { 726 iwn_dma_contig_free(&sc->rxq.buf_dma); 727 } 728 729 static int 730 iwn_alloc_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 731 { 732 struct iwn_rx_data *data; 733 struct iwn_rbuf *rbuf; 734 int i, error; 735 void *p; 736 737 ring->cur = 0; 738 739 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 740 &p, IWN_RX_RING_COUNT * sizeof (struct iwn_rx_desc), 741 IWN_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 742 if (error != 0) { 743 aprint_error_dev(sc->sc_dev, 744 "could not allocate rx ring DMA memory\n"); 745 goto fail; 746 } 747 ring->desc = p; 748 749 /* 750 * Setup Rx buffers. 751 */ 752 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 753 data = &ring->data[i]; 754 755 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 756 if (data->m == NULL) { 757 aprint_error_dev(sc->sc_dev, "could not allocate rx mbuf\n"); 758 error = ENOMEM; 759 goto fail; 760 } 761 if ((rbuf = iwn_alloc_rbuf(sc)) == NULL) { 762 m_freem(data->m); 763 data->m = NULL; 764 aprint_error_dev(sc->sc_dev, "could not allocate rx buffer\n"); 765 error = ENOMEM; 766 goto fail; 767 } 768 /* attach Rx buffer to mbuf */ 769 MEXTADD(data->m, rbuf->vaddr, IWN_RBUF_SIZE, 0, iwn_free_rbuf, 770 rbuf); 771 772 data->m->m_flags |= M_EXT_RW; 773 /* Rx buffers are aligned on a 256-byte boundary */ 774 ring->desc[i] = htole32(rbuf->paddr >> 8); 775 } 776 777 return 0; 778 779 fail: iwn_free_rx_ring(sc, ring); 780 return error; 781 } 782 783 static void 784 iwn_reset_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 785 { 786 int ntries; 787 788 iwn_mem_lock(sc); 789 790 IWN_WRITE(sc, IWN_RX_CONFIG, 0); 791 for (ntries = 0; ntries < 100; ntries++) { 792 if (IWN_READ(sc, IWN_RX_STATUS) & IWN_RX_IDLE) 793 break; 794 DELAY(10); 795 } 796 #ifdef IWN_DEBUG 797 if (ntries == 100 && iwn_debug > 0) 798 aprint_error_dev(sc->sc_dev, "timeout resetting Rx ring\n"); 799 #endif 800 iwn_mem_unlock(sc); 801 802 ring->cur = 0; 803 } 804 805 static void 806 iwn_free_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 807 { 808 int i; 809 810 iwn_dma_contig_free(&ring->desc_dma); 811 812 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 813 if (ring->data[i].m != NULL) 814 m_freem(ring->data[i].m); 815 } 816 } 817 818 static int 819 iwn_alloc_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring, int count, 820 int qid) 821 { 822 struct iwn_tx_data *data; 823 int i, error; 824 void *p; 825 826 ring->qid = qid; 827 ring->count = count; 828 ring->queued = 0; 829 ring->cur = 0; 830 831 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 832 &p, count * sizeof (struct iwn_tx_desc), 833 IWN_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 834 if (error != 0) { 835 aprint_error_dev(sc->sc_dev, "could not allocate tx ring DMA memory\n"); 836 goto fail; 837 } 838 ring->desc = p; 839 840 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->cmd_dma, 841 &p, count * sizeof (struct iwn_tx_cmd), 4, BUS_DMA_NOWAIT); 842 if (error != 0) { 843 aprint_error_dev(sc->sc_dev, "could not allocate tx cmd DMA memory\n"); 844 goto fail; 845 } 846 ring->cmd = p; 847 848 ring->data = malloc(count * sizeof (struct iwn_tx_data), M_DEVBUF, M_NOWAIT); 849 850 if (ring->data == NULL) { 851 aprint_error_dev(sc->sc_dev,"could not allocate tx data slots\n"); 852 goto fail; 853 } 854 855 memset(ring->data, 0, count * sizeof (struct iwn_tx_data)); 856 857 for (i = 0; i < count; i++) { 858 data = &ring->data[i]; 859 860 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 861 IWN_MAX_SCATTER - 1, MCLBYTES, 0, BUS_DMA_NOWAIT, 862 &data->map); 863 if (error != 0) { 864 aprint_error_dev(sc->sc_dev, "could not create tx buf DMA map\n"); 865 goto fail; 866 } 867 } 868 869 return 0; 870 871 fail: iwn_free_tx_ring(sc, ring); 872 return error; 873 } 874 875 static void 876 iwn_reset_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 877 { 878 struct iwn_tx_data *data; 879 uint32_t tmp; 880 int i, ntries; 881 882 iwn_mem_lock(sc); 883 884 IWN_WRITE(sc, IWN_TX_CONFIG(ring->qid), 0); 885 for (ntries = 0; ntries < 100; ntries++) { 886 tmp = IWN_READ(sc, IWN_TX_STATUS); 887 if ((tmp & IWN_TX_IDLE(ring->qid)) == IWN_TX_IDLE(ring->qid)) 888 break; 889 DELAY(10); 890 } 891 #ifdef IWN_DEBUG 892 if (ntries == 100 && iwn_debug > 1) { 893 aprint_error_dev(sc->sc_dev, "timeout resetting Tx ring %d\n", ring->qid); 894 } 895 #endif 896 iwn_mem_unlock(sc); 897 898 for (i = 0; i < ring->count; i++) { 899 data = &ring->data[i]; 900 901 if (data->m != NULL) { 902 bus_dmamap_unload(sc->sc_dmat, data->map); 903 m_freem(data->m); 904 data->m = NULL; 905 } 906 } 907 908 ring->queued = 0; 909 ring->cur = 0; 910 } 911 912 static void 913 iwn_free_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 914 { 915 struct iwn_tx_data *data; 916 int i; 917 918 iwn_dma_contig_free(&ring->desc_dma); 919 iwn_dma_contig_free(&ring->cmd_dma); 920 921 if (ring->data != NULL) { 922 for (i = 0; i < ring->count; i++) { 923 data = &ring->data[i]; 924 925 if (data->m != NULL) { 926 bus_dmamap_unload(sc->sc_dmat, data->map); 927 m_freem(data->m); 928 } 929 } 930 free(ring->data, M_DEVBUF); 931 } 932 } 933 934 /*ARGUSED*/ 935 struct ieee80211_node * 936 iwn_node_alloc(struct ieee80211_node_table *nt __unused) 937 { 938 struct iwn_node *wn; 939 940 wn = malloc(sizeof (struct iwn_node), M_DEVBUF, M_NOWAIT); 941 942 if (wn != NULL) 943 memset(wn, 0, sizeof (struct iwn_node)); 944 return (struct ieee80211_node *)wn; 945 946 } 947 948 static void 949 iwn_newassoc(struct ieee80211_node *ni, int isnew) 950 { 951 struct iwn_softc *sc = ni->ni_ic->ic_ifp->if_softc; 952 int i; 953 954 ieee80211_amrr_node_init(&sc->amrr, &((struct iwn_node *)ni)->amn); 955 956 /* set rate to some reasonable initial value */ 957 for (i = ni->ni_rates.rs_nrates - 1; 958 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 959 i--); 960 ni->ni_txrate = i; 961 } 962 963 static int 964 iwn_media_change(struct ifnet *ifp) 965 { 966 int error; 967 968 error = ieee80211_media_change(ifp); 969 if (error != ENETRESET) 970 return error; 971 972 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 973 iwn_init(ifp); 974 975 return 0; 976 } 977 978 static int 979 iwn_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 980 { 981 struct ifnet *ifp = ic->ic_ifp; 982 struct iwn_softc *sc = ifp->if_softc; 983 int error; 984 985 callout_stop(&sc->calib_to); 986 987 DPRINTF(("iwn_newstate: nstate = %d, ic->ic_state = %d\n", nstate, 988 ic->ic_state)); 989 990 switch (nstate) { 991 992 case IEEE80211_S_SCAN: 993 994 if (sc->is_scanning) 995 break; 996 997 sc->is_scanning = true; 998 ieee80211_node_table_reset(&ic->ic_scan); 999 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1000 1001 /* make the link LED blink while we're scanning */ 1002 iwn_set_led(sc, IWN_LED_LINK, 20, 2); 1003 1004 if ((error = iwn_scan(sc, IEEE80211_CHAN_G)) != 0) { 1005 aprint_error_dev(sc->sc_dev, "could not initiate scan\n"); 1006 ic->ic_flags &= ~(IEEE80211_F_SCAN | IEEE80211_F_ASCAN); 1007 return error; 1008 } 1009 ic->ic_state = nstate; 1010 return 0; 1011 1012 case IEEE80211_S_ASSOC: 1013 if (ic->ic_state != IEEE80211_S_RUN) 1014 break; 1015 /* FALLTHROUGH */ 1016 case IEEE80211_S_AUTH: 1017 /* reset state to handle reassociations correctly */ 1018 sc->config.associd = 0; 1019 sc->config.filter &= ~htole32(IWN_FILTER_BSS); 1020 /*sc->calib.state = IWN_CALIB_STATE_INIT;*/ 1021 1022 if ((error = iwn_auth(sc)) != 0) { 1023 aprint_error_dev(sc->sc_dev, "could not move to auth state\n"); 1024 return error; 1025 } 1026 break; 1027 1028 case IEEE80211_S_RUN: 1029 if ((error = iwn_run(sc)) != 0) { 1030 aprint_error_dev(sc->sc_dev, "could not move to run state\n"); 1031 return error; 1032 } 1033 break; 1034 1035 case IEEE80211_S_INIT: 1036 sc->is_scanning = false; 1037 break; 1038 } 1039 1040 return sc->sc_newstate(ic, nstate, arg); 1041 } 1042 1043 /* 1044 * Grab exclusive access to NIC memory. 1045 */ 1046 static void 1047 iwn_mem_lock(struct iwn_softc *sc) 1048 { 1049 uint32_t tmp; 1050 int ntries; 1051 1052 tmp = IWN_READ(sc, IWN_GPIO_CTL); 1053 IWN_WRITE(sc, IWN_GPIO_CTL, tmp | IWN_GPIO_MAC); 1054 1055 /* spin until we actually get the lock */ 1056 for (ntries = 0; ntries < 1000; ntries++) { 1057 if ((IWN_READ(sc, IWN_GPIO_CTL) & 1058 (IWN_GPIO_CLOCK | IWN_GPIO_SLEEP)) == IWN_GPIO_CLOCK) 1059 break; 1060 DELAY(10); 1061 } 1062 if (ntries == 1000) 1063 aprint_error_dev(sc->sc_dev, "could not lock memory\n"); 1064 } 1065 1066 /* 1067 * Release lock on NIC memory. 1068 */ 1069 static void 1070 iwn_mem_unlock(struct iwn_softc *sc) 1071 { 1072 uint32_t tmp = IWN_READ(sc, IWN_GPIO_CTL); 1073 IWN_WRITE(sc, IWN_GPIO_CTL, tmp & ~IWN_GPIO_MAC); 1074 } 1075 1076 static uint32_t 1077 iwn_mem_read(struct iwn_softc *sc, uint32_t addr) 1078 { 1079 IWN_WRITE(sc, IWN_READ_MEM_ADDR, IWN_MEM_4 | addr); 1080 return IWN_READ(sc, IWN_READ_MEM_DATA); 1081 } 1082 1083 static void 1084 iwn_mem_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 1085 { 1086 IWN_WRITE(sc, IWN_WRITE_MEM_ADDR, IWN_MEM_4 | addr); 1087 IWN_WRITE(sc, IWN_WRITE_MEM_DATA, data); 1088 } 1089 1090 static void 1091 iwn_mem_write_region_4(struct iwn_softc *sc, uint32_t addr, 1092 const uint32_t *data, int wlen) 1093 { 1094 for (; wlen > 0; wlen--, data++, addr += 4) 1095 iwn_mem_write(sc, addr, *data); 1096 } 1097 1098 static int 1099 iwn_eeprom_lock(struct iwn_softc *sc) 1100 { 1101 uint32_t tmp; 1102 int ntries; 1103 1104 tmp = IWN_READ(sc, IWN_HWCONFIG); 1105 IWN_WRITE(sc, IWN_HWCONFIG, tmp | IWN_HW_EEPROM_LOCKED); 1106 1107 /* spin until we actually get the lock */ 1108 for (ntries = 0; ntries < 100; ntries++) { 1109 if (IWN_READ(sc, IWN_HWCONFIG) & IWN_HW_EEPROM_LOCKED) 1110 return 0; 1111 DELAY(10); 1112 } 1113 return ETIMEDOUT; 1114 } 1115 1116 static void 1117 iwn_eeprom_unlock(struct iwn_softc *sc) 1118 { 1119 uint32_t tmp = IWN_READ(sc, IWN_HWCONFIG); 1120 IWN_WRITE(sc, IWN_HWCONFIG, tmp & ~IWN_HW_EEPROM_LOCKED); 1121 } 1122 1123 /* 1124 * Read `len' bytes from the EEPROM. We access the EEPROM through the MAC 1125 * instead of using the traditional bit-bang method. 1126 */ 1127 static int 1128 iwn_read_prom_data(struct iwn_softc *sc, uint32_t addr, void *data, int len) 1129 { 1130 uint8_t *out = data; 1131 uint32_t val; 1132 int ntries; 1133 1134 iwn_mem_lock(sc); 1135 for (; len > 0; len -= 2, addr++) { 1136 IWN_WRITE(sc, IWN_EEPROM_CTL, addr << 2); 1137 IWN_WRITE(sc, IWN_EEPROM_CTL, 1138 IWN_READ(sc, IWN_EEPROM_CTL) & ~IWN_EEPROM_CMD); 1139 1140 for (ntries = 0; ntries < 10; ntries++) { 1141 if ((val = IWN_READ(sc, IWN_EEPROM_CTL)) & 1142 IWN_EEPROM_READY) 1143 break; 1144 DELAY(5); 1145 } 1146 if (ntries == 10) { 1147 aprint_error_dev(sc->sc_dev, "could not read EEPROM\n"); 1148 return ETIMEDOUT; 1149 } 1150 *out++ = val >> 16; 1151 if (len > 1) 1152 *out++ = val >> 24; 1153 } 1154 iwn_mem_unlock(sc); 1155 1156 return 0; 1157 } 1158 1159 /* 1160 * The firmware boot code is small and is intended to be copied directly into 1161 * the NIC internal memory. 1162 */ 1163 static int 1164 iwn_load_microcode(struct iwn_softc *sc, const uint8_t *ucode, int size) 1165 { 1166 int ntries; 1167 1168 size /= sizeof (uint32_t); 1169 1170 iwn_mem_lock(sc); 1171 1172 /* copy microcode image into NIC memory */ 1173 iwn_mem_write_region_4(sc, IWN_MEM_UCODE_BASE, 1174 (const uint32_t *)ucode, size); 1175 1176 iwn_mem_write(sc, IWN_MEM_UCODE_SRC, 0); 1177 iwn_mem_write(sc, IWN_MEM_UCODE_DST, IWN_FW_TEXT); 1178 iwn_mem_write(sc, IWN_MEM_UCODE_SIZE, size); 1179 1180 /* run microcode */ 1181 iwn_mem_write(sc, IWN_MEM_UCODE_CTL, IWN_UC_RUN); 1182 1183 /* wait for transfer to complete */ 1184 for (ntries = 0; ntries < 1000; ntries++) { 1185 if (!(iwn_mem_read(sc, IWN_MEM_UCODE_CTL) & IWN_UC_RUN)) 1186 break; 1187 DELAY(10); 1188 } 1189 if (ntries == 1000) { 1190 iwn_mem_unlock(sc); 1191 aprint_error_dev(sc->sc_dev, "could not load boot firmware\n"); 1192 return ETIMEDOUT; 1193 } 1194 iwn_mem_write(sc, IWN_MEM_UCODE_CTL, IWN_UC_ENABLE); 1195 1196 iwn_mem_unlock(sc); 1197 1198 return 0; 1199 } 1200 1201 static int 1202 iwn_load_firmware(struct iwn_softc *sc) 1203 { 1204 struct iwn_dma_info *dma = &sc->fw_dma; 1205 struct iwn_firmware_hdr hdr; 1206 const uint8_t *init_text, *init_data, *main_text, *main_data; 1207 const uint8_t *boot_text; 1208 uint32_t init_textsz, init_datasz, main_textsz, main_datasz; 1209 uint32_t boot_textsz; 1210 firmware_handle_t fw; 1211 u_char *dfw; 1212 size_t size; 1213 int error; 1214 1215 /* load firmware image from disk */ 1216 if ((error = firmware_open("if_iwn","iwlwifi-4965.ucode", &fw)) != 0) { 1217 aprint_error_dev(sc->sc_dev, "could not read firmware file\n"); 1218 goto fail1; 1219 } 1220 1221 size = firmware_get_size(fw); 1222 1223 /* extract firmware header information */ 1224 if (size < sizeof (struct iwn_firmware_hdr)) { 1225 aprint_error_dev(sc->sc_dev, "truncated firmware header: %zu bytes\n", size); 1226 1227 error = EINVAL; 1228 goto fail2; 1229 } 1230 1231 1232 if ((error = firmware_read(fw, 0, &hdr, 1233 sizeof (struct iwn_firmware_hdr))) != 0) { 1234 aprint_error_dev(sc->sc_dev, "can't get firmware header\n"); 1235 goto fail2; 1236 } 1237 1238 main_textsz = le32toh(hdr.main_textsz); 1239 main_datasz = le32toh(hdr.main_datasz); 1240 init_textsz = le32toh(hdr.init_textsz); 1241 init_datasz = le32toh(hdr.init_datasz); 1242 boot_textsz = le32toh(hdr.boot_textsz); 1243 1244 /* sanity-check firmware segments sizes */ 1245 if (main_textsz > IWN_FW_MAIN_TEXT_MAXSZ || 1246 main_datasz > IWN_FW_MAIN_DATA_MAXSZ || 1247 init_textsz > IWN_FW_INIT_TEXT_MAXSZ || 1248 init_datasz > IWN_FW_INIT_DATA_MAXSZ || 1249 boot_textsz > IWN_FW_BOOT_TEXT_MAXSZ || 1250 (boot_textsz & 3) != 0) { 1251 aprint_error_dev(sc->sc_dev, "invalid firmware header\n"); 1252 error = EINVAL; 1253 goto fail2; 1254 } 1255 1256 /* check that all firmware segments are present */ 1257 if (size < sizeof (struct iwn_firmware_hdr) + main_textsz + 1258 main_datasz + init_textsz + init_datasz + boot_textsz) { 1259 aprint_error_dev(sc->sc_dev, "firmware file too short: %zu bytes\n", size); 1260 error = EINVAL; 1261 goto fail2; 1262 } 1263 1264 dfw = firmware_malloc(size); 1265 if (dfw == NULL) { 1266 aprint_error_dev(sc->sc_dev, "not enough memory to stock firmware\n"); 1267 error = ENOMEM; 1268 goto fail2; 1269 } 1270 1271 if ((error = firmware_read(fw, 0, dfw, size)) != 0) { 1272 aprint_error_dev(sc->sc_dev, "can't get firmware\n"); 1273 goto fail2; 1274 } 1275 1276 /* get pointers to firmware segments */ 1277 main_text = dfw + sizeof (struct iwn_firmware_hdr); 1278 main_data = main_text + main_textsz; 1279 init_text = main_data + main_datasz; 1280 init_data = init_text + init_textsz; 1281 boot_text = init_data + init_datasz; 1282 1283 /* copy initialization images into pre-allocated DMA-safe memory */ 1284 memcpy(dma->vaddr, init_data, init_datasz); 1285 memcpy((char *)dma->vaddr + IWN_FW_INIT_DATA_MAXSZ, init_text, init_textsz); 1286 1287 /* tell adapter where to find initialization images */ 1288 iwn_mem_lock(sc); 1289 iwn_mem_write(sc, IWN_MEM_DATA_BASE, dma->paddr >> 4); 1290 iwn_mem_write(sc, IWN_MEM_DATA_SIZE, init_datasz); 1291 iwn_mem_write(sc, IWN_MEM_TEXT_BASE, 1292 (dma->paddr + IWN_FW_INIT_DATA_MAXSZ) >> 4); 1293 iwn_mem_write(sc, IWN_MEM_TEXT_SIZE, init_textsz); 1294 iwn_mem_unlock(sc); 1295 1296 /* load firmware boot code */ 1297 if ((error = iwn_load_microcode(sc, boot_text, boot_textsz)) != 0) { 1298 aprint_error_dev(sc->sc_dev, "could not load boot firmware\n"); 1299 goto fail3; 1300 } 1301 1302 /* now press "execute" ;-) */ 1303 IWN_WRITE(sc, IWN_RESET, 0); 1304 1305 /* ..and wait at most one second for adapter to initialize */ 1306 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 1307 /* this isn't what was supposed to happen.. */ 1308 aprint_error_dev(sc->sc_dev, "timeout waiting for adapter to initialize\n"); 1309 } 1310 1311 /* copy runtime images into pre-allocated DMA-safe memory */ 1312 memcpy((char *)dma->vaddr, main_data, main_datasz); 1313 memcpy((char *)dma->vaddr + IWN_FW_MAIN_DATA_MAXSZ, main_text, main_textsz); 1314 1315 /* tell adapter where to find runtime images */ 1316 iwn_mem_lock(sc); 1317 iwn_mem_write(sc, IWN_MEM_DATA_BASE, dma->paddr >> 4); 1318 iwn_mem_write(sc, IWN_MEM_DATA_SIZE, main_datasz); 1319 iwn_mem_write(sc, IWN_MEM_TEXT_BASE, 1320 (dma->paddr + IWN_FW_MAIN_DATA_MAXSZ) >> 4); 1321 iwn_mem_write(sc, IWN_MEM_TEXT_SIZE, IWN_FW_UPDATED | main_textsz); 1322 iwn_mem_unlock(sc); 1323 1324 /* wait at most one second for second alive notification */ 1325 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 1326 /* this isn't what was supposed to happen.. */ 1327 aprint_error_dev(sc->sc_dev, "timeout waiting for adapter to initialize\n"); 1328 } 1329 1330 fail3: firmware_free(dfw,size); 1331 fail2: firmware_close(fw); 1332 fail1: return error; 1333 } 1334 1335 static void 1336 iwn_calib_timeout(void *arg) 1337 { 1338 struct iwn_softc *sc = arg; 1339 struct ieee80211com *ic = &sc->sc_ic; 1340 int s; 1341 1342 /* automatic rate control triggered every 500ms */ 1343 if (ic->ic_fixed_rate == -1) { 1344 s = splnet(); 1345 if (ic->ic_opmode == IEEE80211_M_STA) 1346 iwn_iter_func(sc, ic->ic_bss); 1347 else 1348 ieee80211_iterate_nodes(&ic->ic_sta, iwn_iter_func, sc); 1349 splx(s); 1350 } 1351 1352 /* automatic calibration every 60s */ 1353 if (++sc->calib_cnt >= 120) { 1354 DPRINTF(("sending request for statistics\n")); 1355 (void)iwn_cmd(sc, IWN_CMD_GET_STATISTICS, NULL, 0, 1); 1356 sc->calib_cnt = 0; 1357 } 1358 1359 callout_schedule(&sc->calib_to, hz/2); 1360 1361 } 1362 1363 static void 1364 iwn_iter_func(void *arg, struct ieee80211_node *ni) 1365 { 1366 struct iwn_softc *sc = arg; 1367 struct iwn_node *wn = (struct iwn_node *)ni; 1368 1369 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 1370 } 1371 1372 static void 1373 iwn_ampdu_rx_start(struct iwn_softc *sc, struct iwn_rx_desc *desc) 1374 { 1375 struct iwn_rx_stat *stat; 1376 1377 DPRINTFN(2, ("received AMPDU stats\n")); 1378 /* save Rx statistics, they will be used on IWN_AMPDU_RX_DONE */ 1379 stat = (struct iwn_rx_stat *)(desc + 1); 1380 memcpy(&sc->last_rx_stat, stat, sizeof (*stat)); 1381 sc->last_rx_valid = 1; 1382 } 1383 1384 void 1385 iwn_rx_intr(struct iwn_softc *sc, struct iwn_rx_desc *desc, 1386 struct iwn_rx_data *data) 1387 { 1388 struct ieee80211com *ic = &sc->sc_ic; 1389 struct ifnet *ifp = ic->ic_ifp; 1390 struct iwn_rx_ring *ring = &sc->rxq; 1391 struct iwn_rbuf *rbuf; 1392 struct ieee80211_frame *wh; 1393 struct ieee80211_node *ni; 1394 struct mbuf *m, *mnew; 1395 struct iwn_rx_stat *stat; 1396 char *head; 1397 uint32_t *tail; 1398 int len, rssi; 1399 1400 if (desc->type == IWN_AMPDU_RX_DONE) { 1401 /* check for prior AMPDU_RX_START */ 1402 if (!sc->last_rx_valid) { 1403 DPRINTF(("missing AMPDU_RX_START\n")); 1404 ifp->if_ierrors++; 1405 return; 1406 } 1407 sc->last_rx_valid = 0; 1408 stat = &sc->last_rx_stat; 1409 } else 1410 stat = (struct iwn_rx_stat *)(desc + 1); 1411 1412 if (stat->cfg_phy_len > IWN_STAT_MAXLEN) { 1413 aprint_error_dev(sc->sc_dev, "invalid rx statistic header\n"); 1414 ifp->if_ierrors++; 1415 return; 1416 } 1417 1418 if (desc->type == IWN_AMPDU_RX_DONE) { 1419 struct iwn_rx_ampdu *ampdu = 1420 (struct iwn_rx_ampdu *)(desc + 1); 1421 head = (char *)(ampdu + 1); 1422 len = le16toh(ampdu->len); 1423 } else { 1424 head = (char *)(stat + 1) + stat->cfg_phy_len; 1425 len = le16toh(stat->len); 1426 } 1427 1428 DPRINTF(("rx packet len %d\n", len)); 1429 /* discard Rx frames with bad CRC early */ 1430 tail = (uint32_t *)(head + len); 1431 if ((le32toh(*tail) & IWN_RX_NOERROR) != IWN_RX_NOERROR) { 1432 DPRINTFN(2, ("rx flags error %x\n", le32toh(*tail))); 1433 ifp->if_ierrors++; 1434 return; 1435 } 1436 /* XXX for ieee80211_find_rxnode() */ 1437 if (len < sizeof (struct ieee80211_frame)) { 1438 DPRINTF(("frame too short: %d\n", len)); 1439 ic->ic_stats.is_rx_tooshort++; 1440 ifp->if_ierrors++; 1441 return; 1442 } 1443 1444 m = data->m; 1445 1446 /* finalize mbuf */ 1447 m->m_pkthdr.rcvif = ifp; 1448 m->m_data = head; 1449 m->m_pkthdr.len = m->m_len = len; 1450 1451 if ((rbuf = SLIST_FIRST(&sc->rxq.freelist)) != NULL) { 1452 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1453 if (mnew == NULL) { 1454 ic->ic_stats.is_rx_nobuf++; 1455 ifp->if_ierrors++; 1456 return; 1457 } 1458 1459 /* attach Rx buffer to mbuf */ 1460 MEXTADD(mnew, rbuf->vaddr, IWN_RBUF_SIZE, 0, iwn_free_rbuf, 1461 rbuf); 1462 mnew->m_flags |= M_EXT_RW; 1463 SLIST_REMOVE_HEAD(&sc->rxq.freelist, next); 1464 1465 data->m = mnew; 1466 1467 /* update Rx descriptor */ 1468 ring->desc[ring->cur] = htole32(rbuf->paddr >> 8); 1469 } else { 1470 /* no free rbufs, copy frame */ 1471 m = m_dup(m, 0, M_COPYALL, M_DONTWAIT); 1472 if (m == NULL) { 1473 /* no free mbufs either, drop frame */ 1474 ic->ic_stats.is_rx_nobuf++; 1475 ifp->if_ierrors++; 1476 return; 1477 } 1478 } 1479 1480 rssi = iwn_get_rssi(stat); 1481 1482 if (ic->ic_state == IEEE80211_S_SCAN) 1483 iwn_fix_channel(ic, m); 1484 1485 #if NBPFILTER > 0 1486 if (sc->sc_drvbpf != NULL) { 1487 struct iwn_rx_radiotap_header *tap = &sc->sc_rxtap; 1488 1489 tap->wr_flags = 0; 1490 tap->wr_chan_freq = 1491 htole16(ic->ic_channels[stat->chan].ic_freq); 1492 tap->wr_chan_flags = 1493 htole16(ic->ic_channels[stat->chan].ic_flags); 1494 tap->wr_dbm_antsignal = (int8_t)rssi; 1495 tap->wr_dbm_antnoise = (int8_t)sc->noise; 1496 tap->wr_tsft = stat->tstamp; 1497 switch (stat->rate) { 1498 /* CCK rates */ 1499 case 10: tap->wr_rate = 2; break; 1500 case 20: tap->wr_rate = 4; break; 1501 case 55: tap->wr_rate = 11; break; 1502 case 110: tap->wr_rate = 22; break; 1503 /* OFDM rates */ 1504 case 0xd: tap->wr_rate = 12; break; 1505 case 0xf: tap->wr_rate = 18; break; 1506 case 0x5: tap->wr_rate = 24; break; 1507 case 0x7: tap->wr_rate = 36; break; 1508 case 0x9: tap->wr_rate = 48; break; 1509 case 0xb: tap->wr_rate = 72; break; 1510 case 0x1: tap->wr_rate = 96; break; 1511 case 0x3: tap->wr_rate = 108; break; 1512 /* unknown rate: should not happen */ 1513 default: tap->wr_rate = 0; 1514 } 1515 1516 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1517 } 1518 #endif 1519 1520 /* grab a reference to the source node */ 1521 wh = mtod(m, struct ieee80211_frame *); 1522 ni = ieee80211_find_rxnode(ic,(struct ieee80211_frame_min *)wh); 1523 1524 /* send the frame to the 802.11 layer */ 1525 ieee80211_input(ic, m, ni, rssi, 0); 1526 1527 /* node is no longer needed */ 1528 ieee80211_free_node(ni); 1529 } 1530 1531 1532 /* 1533 * XXX: Hack to set the current channel to the value advertised in beacons or 1534 * probe responses. Only used during AP detection. 1535 * XXX: Duplicated from if_iwi.c 1536 */ 1537 static void 1538 iwn_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1539 { 1540 struct ieee80211_frame *wh; 1541 uint8_t subtype; 1542 uint8_t *frm, *efrm; 1543 1544 wh = mtod(m, struct ieee80211_frame *); 1545 1546 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1547 return; 1548 1549 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1550 1551 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1552 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1553 return; 1554 1555 frm = (uint8_t *)(wh + 1); 1556 efrm = mtod(m, uint8_t *) + m->m_len; 1557 1558 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1559 while (frm < efrm) { 1560 if (*frm == IEEE80211_ELEMID_DSPARMS) 1561 #if IEEE80211_CHAN_MAX < 255 1562 if (frm[2] <= IEEE80211_CHAN_MAX) 1563 #endif 1564 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1565 1566 frm += frm[1] + 2; 1567 } 1568 } 1569 1570 static void 1571 iwn_rx_statistics(struct iwn_softc *sc, struct iwn_rx_desc *desc) 1572 { 1573 struct ieee80211com *ic = &sc->sc_ic; 1574 struct iwn_calib_state *calib = &sc->calib; 1575 struct iwn_stats *stats = (struct iwn_stats *)(desc + 1); 1576 1577 /* ignore beacon statistics received during a scan */ 1578 if (ic->ic_state != IEEE80211_S_RUN) 1579 return; 1580 1581 DPRINTFN(3, ("received statistics (cmd=%d)\n", desc->type)); 1582 sc->calib_cnt = 0; /* reset timeout */ 1583 1584 /* test if temperature has changed */ 1585 if (stats->general.temp != sc->rawtemp) { 1586 int temp; 1587 1588 sc->rawtemp = stats->general.temp; 1589 temp = iwn_get_temperature(sc); 1590 DPRINTFN(2, ("temperature=%d\n", temp)); 1591 1592 /* update Tx power if need be */ 1593 iwn_power_calibration(sc, temp); 1594 } 1595 1596 if (desc->type != IWN_BEACON_STATISTICS) 1597 return; /* reply to a statistics request */ 1598 1599 sc->noise = iwn_get_noise(&stats->rx.general); 1600 DPRINTFN(3, ("noise=%d\n", sc->noise)); 1601 1602 /* test that RSSI and noise are present in stats report */ 1603 if (le32toh(stats->rx.general.flags) != 1) { 1604 DPRINTF(("received statistics without RSSI\n")); 1605 return; 1606 } 1607 1608 if (calib->state == IWN_CALIB_STATE_ASSOC) 1609 iwn_compute_differential_gain(sc, &stats->rx.general); 1610 else if (calib->state == IWN_CALIB_STATE_RUN) 1611 iwn_tune_sensitivity(sc, &stats->rx); 1612 } 1613 1614 static void 1615 iwn_tx_intr(struct iwn_softc *sc, struct iwn_rx_desc *desc) 1616 { 1617 struct ifnet *ifp = sc->sc_ic.ic_ifp; 1618 struct iwn_tx_ring *ring = &sc->txq[desc->qid & 0xf]; 1619 struct iwn_tx_data *txdata = &ring->data[desc->idx]; 1620 struct iwn_tx_stat *stat = (struct iwn_tx_stat *)(desc + 1); 1621 struct iwn_node *wn = (struct iwn_node *)txdata->ni; 1622 uint32_t status; 1623 1624 DPRINTFN(4, ("tx done: qid=%d idx=%d retries=%d nkill=%d rate=%x " 1625 "duration=%d status=%x\n", desc->qid, desc->idx, stat->ntries, 1626 stat->nkill, stat->rate, le16toh(stat->duration), 1627 le32toh(stat->status))); 1628 1629 /* 1630 * Update rate control statistics for the node. 1631 */ 1632 wn->amn.amn_txcnt++; 1633 if (stat->ntries > 0) { 1634 DPRINTFN(3, ("tx intr ntries %d\n", stat->ntries)); 1635 wn->amn.amn_retrycnt++; 1636 } 1637 1638 status = le32toh(stat->status) & 0xff; 1639 if (status != 1 && status != 2) 1640 ifp->if_oerrors++; 1641 else 1642 ifp->if_opackets++; 1643 1644 bus_dmamap_unload(sc->sc_dmat, txdata->map); 1645 m_freem(txdata->m); 1646 txdata->m = NULL; 1647 ieee80211_free_node(txdata->ni); 1648 txdata->ni = NULL; 1649 1650 ring->queued--; 1651 1652 sc->sc_tx_timer = 0; 1653 ifp->if_flags &= ~IFF_OACTIVE; 1654 iwn_start(ifp); 1655 } 1656 1657 static void 1658 iwn_cmd_intr(struct iwn_softc *sc, struct iwn_rx_desc *desc) 1659 { 1660 struct iwn_tx_ring *ring = &sc->txq[4]; 1661 struct iwn_tx_data *data; 1662 1663 if ((desc->qid & 0xf) != 4) 1664 return; /* not a command ack */ 1665 1666 data = &ring->data[desc->idx]; 1667 1668 /* if the command was mapped in a mbuf, free it */ 1669 if (data->m != NULL) { 1670 bus_dmamap_unload(sc->sc_dmat, data->map); 1671 m_freem(data->m); 1672 data->m = NULL; 1673 } 1674 1675 wakeup(&ring->cmd[desc->idx]); 1676 } 1677 1678 static void 1679 iwn_notif_intr(struct iwn_softc *sc) 1680 { 1681 struct ieee80211com *ic = &sc->sc_ic; 1682 struct ifnet *ifp = ic->ic_ifp; 1683 uint16_t hw; 1684 1685 hw = le16toh(sc->shared->closed_count); 1686 while (sc->rxq.cur != hw) { 1687 struct iwn_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 1688 struct iwn_rx_desc *desc = (void *)data->m->m_ext.ext_buf; 1689 1690 DPRINTFN(4,("rx notification qid=%x idx=%d flags=%x type=%d " 1691 "len=%d\n", desc->qid, desc->idx, desc->flags, desc->type, 1692 le32toh(desc->len))); 1693 1694 if (!(desc->qid & 0x80)) /* reply to a command */ 1695 iwn_cmd_intr(sc, desc); 1696 1697 switch (desc->type) { 1698 case IWN_RX_DONE: 1699 case IWN_AMPDU_RX_DONE: 1700 iwn_rx_intr(sc, desc, data); 1701 break; 1702 1703 case IWN_AMPDU_RX_START: 1704 iwn_ampdu_rx_start(sc, desc); 1705 break; 1706 1707 case IWN_TX_DONE: 1708 /* a 802.11 frame has been transmitted */ 1709 iwn_tx_intr(sc, desc); 1710 break; 1711 1712 case IWN_RX_STATISTICS: 1713 case IWN_BEACON_STATISTICS: 1714 iwn_rx_statistics(sc, desc); 1715 break; 1716 1717 case IWN_BEACON_MISSED: 1718 { 1719 struct iwn_beacon_missed *miss = 1720 (struct iwn_beacon_missed *)(desc + 1); 1721 /* 1722 * If more than 5 consecutive beacons are missed, 1723 * reinitialize the sensitivity state machine. 1724 */ 1725 DPRINTFN(2, ("beacons missed %d/%d\n", 1726 le32toh(miss->consecutive), le32toh(miss->total))); 1727 if (ic->ic_state == IEEE80211_S_RUN && 1728 le32toh(miss->consecutive) > 5) 1729 (void)iwn_init_sensitivity(sc); 1730 break; 1731 } 1732 1733 case IWN_UC_READY: 1734 { 1735 struct iwn_ucode_info *uc = 1736 (struct iwn_ucode_info *)(desc + 1); 1737 1738 /* the microcontroller is ready */ 1739 DPRINTF(("microcode alive notification version=%d.%d " 1740 "subtype=%x alive=%x\n", uc->major, uc->minor, 1741 uc->subtype, le32toh(uc->valid))); 1742 1743 if (le32toh(uc->valid) != 1) { 1744 aprint_error_dev(sc->sc_dev, "microcontroller initialization " 1745 "failed\n"); 1746 break; 1747 } 1748 if (uc->subtype == IWN_UCODE_INIT) { 1749 /* save microcontroller's report */ 1750 memcpy(&sc->ucode_info, uc, sizeof (*uc)); 1751 } 1752 break; 1753 } 1754 case IWN_STATE_CHANGED: 1755 { 1756 uint32_t *status = (uint32_t *)(desc + 1); 1757 1758 /* enabled/disabled notification */ 1759 DPRINTF(("state changed to %x\n", le32toh(*status))); 1760 1761 if (le32toh(*status) & 1) { 1762 /* the radio button has to be pushed */ 1763 aprint_error_dev(sc->sc_dev, "Radio transmitter is off\n"); 1764 /* turn the interface down */ 1765 ifp->if_flags &= ~IFF_UP; 1766 iwn_stop(ifp, 1); 1767 return; /* no further processing */ 1768 } 1769 break; 1770 } 1771 case IWN_START_SCAN: 1772 { 1773 struct iwn_start_scan *scan = 1774 (struct iwn_start_scan *)(desc + 1); 1775 1776 DPRINTFN(2, ("scanning channel %d status %x\n", 1777 scan->chan, le32toh(scan->status))); 1778 1779 /* fix current channel */ 1780 ic->ic_bss->ni_chan = &ic->ic_channels[scan->chan]; 1781 break; 1782 } 1783 case IWN_STOP_SCAN: 1784 { 1785 struct iwn_stop_scan *scan = 1786 (struct iwn_stop_scan *)(desc + 1); 1787 1788 DPRINTF(("scan finished nchan=%d status=%d chan=%d\n", 1789 scan->nchan, scan->status, scan->chan)); 1790 1791 if (scan->status == 1 && scan->chan <= 14) { 1792 /* 1793 * We just finished scanning 802.11g channels, 1794 * start scanning 802.11a ones. 1795 */ 1796 if (iwn_scan(sc, IEEE80211_CHAN_A) == 0) 1797 break; 1798 } 1799 sc->is_scanning = false; 1800 ieee80211_end_scan(ic); 1801 break; 1802 } 1803 } 1804 1805 sc->rxq.cur = (sc->rxq.cur + 1) % IWN_RX_RING_COUNT; 1806 } 1807 1808 /* tell the firmware what we have processed */ 1809 hw = (hw == 0) ? IWN_RX_RING_COUNT - 1 : hw - 1; 1810 IWN_WRITE(sc, IWN_RX_WIDX, hw & ~7); 1811 } 1812 1813 static int 1814 iwn_intr(void *arg) 1815 { 1816 struct iwn_softc *sc = arg; 1817 struct ifnet *ifp = sc->sc_ic.ic_ifp; 1818 uint32_t r1, r2; 1819 1820 /* disable interrupts */ 1821 IWN_WRITE(sc, IWN_MASK, 0); 1822 1823 r1 = IWN_READ(sc, IWN_INTR); 1824 r2 = IWN_READ(sc, IWN_INTR_STATUS); 1825 1826 if (r1 == 0 && r2 == 0) { 1827 if (ifp->if_flags & IFF_UP) 1828 IWN_WRITE(sc, IWN_MASK, IWN_INTR_MASK); 1829 return 0; /* not for us */ 1830 } 1831 1832 if (r1 == 0xffffffff) 1833 return 0; /* hardware gone */ 1834 1835 /* ack interrupts */ 1836 IWN_WRITE(sc, IWN_INTR, r1); 1837 IWN_WRITE(sc, IWN_INTR_STATUS, r2); 1838 1839 DPRINTFN(5, ("interrupt reg1=%x reg2=%x\n", r1, r2)); 1840 1841 if (r1 & IWN_RF_TOGGLED) { 1842 uint32_t tmp = IWN_READ(sc, IWN_GPIO_CTL); 1843 aprint_error_dev(sc->sc_dev, "RF switch: radio %s\n", 1844 (tmp & IWN_GPIO_RF_ENABLED) ? "enabled" : "disabled"); 1845 } 1846 if (r1 & IWN_CT_REACHED) { 1847 aprint_error_dev(sc->sc_dev, "critical temperature reached!\n"); 1848 } 1849 if (r1 & (IWN_SW_ERROR | IWN_HW_ERROR)) { 1850 aprint_error_dev(sc->sc_dev, "fatal firmware error\n"); 1851 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1852 iwn_stop(sc->sc_ic.ic_ifp, 1); 1853 return 1; 1854 } 1855 1856 if ((r1 & (IWN_RX_INTR | IWN_SW_RX_INTR)) || 1857 (r2 & IWN_RX_STATUS_INTR)) 1858 iwn_notif_intr(sc); 1859 1860 if (r1 & IWN_ALIVE_INTR) 1861 wakeup(sc); 1862 1863 /* re-enable interrupts */ 1864 if (ifp->if_flags & IFF_UP) 1865 IWN_WRITE(sc, IWN_MASK, IWN_INTR_MASK); 1866 1867 return 1; 1868 } 1869 1870 static uint8_t 1871 iwn_plcp_signal(int rate) 1872 { 1873 switch (rate) { 1874 /* CCK rates (returned values are device-dependent) */ 1875 case 2: return 10; 1876 case 4: return 20; 1877 case 11: return 55; 1878 case 22: return 110; 1879 1880 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1881 /* R1-R4, (u)ral is R4-R1 */ 1882 case 12: return 0xd; 1883 case 18: return 0xf; 1884 case 24: return 0x5; 1885 case 36: return 0x7; 1886 case 48: return 0x9; 1887 case 72: return 0xb; 1888 case 96: return 0x1; 1889 case 108: return 0x3; 1890 case 120: return 0x3; 1891 } 1892 /* unknown rate (should not get there) */ 1893 return 0; 1894 } 1895 1896 /* determine if a given rate is CCK or OFDM */ 1897 #define IWN_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1898 1899 static int 1900 iwn_tx_data(struct iwn_softc *sc, struct mbuf *m0, struct ieee80211_node *ni, 1901 int ac) 1902 { 1903 struct ieee80211com *ic = &sc->sc_ic; 1904 struct iwn_tx_ring *ring = &sc->txq[ac]; 1905 struct iwn_tx_desc *desc; 1906 struct iwn_tx_data *data; 1907 struct iwn_tx_cmd *cmd; 1908 struct iwn_cmd_data *tx; 1909 struct ieee80211_frame *wh; 1910 struct ieee80211_key *k; 1911 const struct chanAccParams *cap; 1912 struct mbuf *mnew; 1913 bus_addr_t paddr; 1914 uint32_t flags; 1915 uint8_t type; 1916 int i, error, pad, rate, hdrlen, noack = 0; 1917 1918 DPRINTFN(5, ("iwn_tx_data entry\n")); 1919 1920 desc = &ring->desc[ring->cur]; 1921 data = &ring->data[ring->cur]; 1922 1923 wh = mtod(m0, struct ieee80211_frame *); 1924 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 1925 1926 if (IEEE80211_QOS_HAS_SEQ(wh)) { 1927 hdrlen = sizeof (struct ieee80211_qosframe); 1928 cap = &ic->ic_wme.wme_chanParams; 1929 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1930 } else 1931 hdrlen = sizeof (struct ieee80211_frame); 1932 1933 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1934 k = ieee80211_crypto_encap(ic, ni, m0); 1935 if (k == NULL) { 1936 m_freem(m0); 1937 return ENOBUFS; 1938 } 1939 /* packet header may have moved, reset our local pointer */ 1940 wh = mtod(m0, struct ieee80211_frame *); 1941 } 1942 1943 /* pickup a rate */ 1944 if (type == IEEE80211_FC0_TYPE_MGT) { 1945 /* mgmt frames are sent at the lowest available bit-rate */ 1946 rate = ni->ni_rates.rs_rates[0]; 1947 } else { 1948 if (ic->ic_fixed_rate != -1) { 1949 rate = ic->ic_sup_rates[ic->ic_curmode]. 1950 rs_rates[ic->ic_fixed_rate]; 1951 } else 1952 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1953 } 1954 rate &= IEEE80211_RATE_VAL; 1955 1956 #if NBPFILTER > 0 1957 if (sc->sc_drvbpf != NULL) { 1958 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 1959 1960 tap->wt_flags = 0; 1961 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 1962 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 1963 tap->wt_rate = rate; 1964 tap->wt_hwqueue = ac; 1965 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1966 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1967 1968 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1969 } 1970 #endif 1971 1972 cmd = &ring->cmd[ring->cur]; 1973 cmd->code = IWN_CMD_TX_DATA; 1974 cmd->flags = 0; 1975 cmd->qid = ring->qid; 1976 cmd->idx = ring->cur; 1977 1978 tx = (struct iwn_cmd_data *)cmd->data; 1979 1980 flags = IWN_TX_AUTO_SEQ; 1981 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)){ 1982 flags |= IWN_TX_NEED_ACK; 1983 }else if (m0->m_pkthdr.len + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) 1984 flags |= (IWN_TX_NEED_RTS | IWN_TX_FULL_TXOP); 1985 1986 tx->id = IEEE80211_IS_MULTICAST(wh->i_addr1) ? IWN_ID_BROADCAST : IWN_ID_BSS; 1987 1988 DPRINTFN(5, ("addr1: %x:%x:%x:%x:%x:%x, id = 0x%x\n", 1989 wh->i_addr1[0], wh->i_addr1[1], wh->i_addr1[2], 1990 wh->i_addr1[3], wh->i_addr1[4], wh->i_addr1[5], tx->id)); 1991 1992 if (type == IEEE80211_FC0_TYPE_MGT) { 1993 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1994 1995 /* tell h/w to set timestamp in probe responses */ 1996 if ((subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) || 1997 (subtype == IEEE80211_FC0_SUBTYPE_PROBE_REQ)) 1998 flags |= IWN_TX_INSERT_TSTAMP; 1999 2000 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 2001 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) { 2002 flags &= ~IWN_TX_NEED_RTS; 2003 flags |= IWN_TX_NEED_CTS; 2004 tx->timeout = htole16(3); 2005 } else 2006 tx->timeout = htole16(2); 2007 } else 2008 tx->timeout = htole16(0); 2009 2010 if (hdrlen & 3) { 2011 /* first segment's length must be a multiple of 4 */ 2012 flags |= IWN_TX_NEED_PADDING; 2013 pad = 4 - (hdrlen & 3); 2014 } else 2015 pad = 0; 2016 2017 if (type == IEEE80211_FC0_TYPE_CTL) { 2018 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2019 2020 /* tell h/w to set timestamp in probe responses */ 2021 if (subtype == 0x0080) /* linux says this is "back request" */ 2022 /* linux says (1 << 6) is IMM_BA_RSP_MASK */ 2023 flags |= (IWN_TX_NEED_ACK | (1 << 6)); 2024 } 2025 2026 2027 tx->flags = htole32(flags); 2028 tx->len = htole16(m0->m_pkthdr.len); 2029 tx->rate = iwn_plcp_signal(rate); 2030 tx->rts_ntries = 60; 2031 tx->data_ntries = 15; 2032 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 2033 2034 /* XXX alternate between Ant A and Ant B ? */ 2035 tx->rflags = IWN_RFLAG_ANT_B; 2036 if (tx->id == IWN_ID_BROADCAST) { 2037 tx->ridx = IWN_MAX_TX_RETRIES - 1; 2038 if (!IWN_RATE_IS_OFDM(rate)) 2039 tx->rflags |= IWN_RFLAG_CCK; 2040 } else { 2041 tx->ridx = 0; 2042 /* tell adapter to ignore rflags */ 2043 tx->flags |= htole32(IWN_TX_USE_NODE_RATE); 2044 } 2045 2046 /* copy and trim IEEE802.11 header */ 2047 memcpy((uint8_t *)(tx + 1), wh, hdrlen); 2048 m_adj(m0, hdrlen); 2049 2050 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 2051 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 2052 if (error != 0 && error != EFBIG) { 2053 aprint_error_dev(sc->sc_dev, "could not map mbuf (error %d)\n", error); 2054 m_freem(m0); 2055 return error; 2056 } 2057 if (error != 0) { 2058 /* too many fragments, linearize */ 2059 2060 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 2061 if (mnew == NULL) { 2062 m_freem(m0); 2063 return ENOMEM; 2064 } 2065 M_COPY_PKTHDR(mnew, m0); 2066 if (m0->m_pkthdr.len > MHLEN) { 2067 MCLGET(mnew, M_DONTWAIT); 2068 if (!(mnew->m_flags & M_EXT)) { 2069 m_freem(m0); 2070 m_freem(mnew); 2071 return ENOMEM; 2072 } 2073 } 2074 2075 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, void *)); 2076 m_freem(m0); 2077 mnew->m_len = mnew->m_pkthdr.len; 2078 m0 = mnew; 2079 2080 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 2081 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 2082 if (error != 0) { 2083 aprint_error_dev(sc->sc_dev, "could not map mbuf (error %d)\n", error); 2084 m_freem(m0); 2085 return error; 2086 } 2087 } 2088 2089 data->m = m0; 2090 data->ni = ni; 2091 2092 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 2093 ring->qid, ring->cur, m0->m_pkthdr.len, data->map->dm_nsegs)); 2094 2095 paddr = ring->cmd_dma.paddr + ring->cur * sizeof (struct iwn_tx_cmd); 2096 tx->loaddr = htole32(paddr + 4 + 2097 offsetof(struct iwn_cmd_data, ntries)); 2098 tx->hiaddr = 0; /* limit to 32-bit physical addresses */ 2099 2100 /* first scatter/gather segment is used by the tx data command */ 2101 IWN_SET_DESC_NSEGS(desc, 1 + data->map->dm_nsegs); 2102 IWN_SET_DESC_SEG(desc, 0, paddr, 4 + sizeof (*tx) + hdrlen + pad); 2103 for (i = 1; i <= data->map->dm_nsegs; i++) { 2104 IWN_SET_DESC_SEG(desc, i, data->map->dm_segs[i - 1].ds_addr, 2105 data->map->dm_segs[i - 1].ds_len); 2106 } 2107 sc->shared->len[ring->qid][ring->cur] = 2108 htole16(hdrlen + m0->m_pkthdr.len + 8); 2109 if (ring->cur < IWN_TX_WINDOW) { 2110 sc->shared->len[ring->qid][ring->cur + IWN_TX_RING_COUNT] = 2111 htole16(hdrlen + m0->m_pkthdr.len + 8); 2112 } 2113 2114 ring->queued++; 2115 2116 /* kick ring */ 2117 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 2118 IWN_WRITE(sc, IWN_TX_WIDX, ring->qid << 8 | ring->cur); 2119 2120 return 0; 2121 } 2122 2123 static void 2124 iwn_start(struct ifnet *ifp) 2125 { 2126 struct iwn_softc *sc = ifp->if_softc; 2127 struct ieee80211com *ic = &sc->sc_ic; 2128 struct ieee80211_node *ni; 2129 struct ether_header *eh; 2130 struct mbuf *m0; 2131 int ac; 2132 2133 DPRINTFN(5, ("iwn_start enter\n")); 2134 2135 /* 2136 * net80211 may still try to send management frames even if the 2137 * IFF_RUNNING flag is not set... 2138 */ 2139 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2140 return; 2141 2142 for (;;) { 2143 IF_DEQUEUE(&ic->ic_mgtq, m0); 2144 if (m0 != NULL) { 2145 /* management frames go into ring 0 */ 2146 2147 2148 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 2149 m0->m_pkthdr.rcvif = NULL; 2150 2151 /* management goes into ring 0 */ 2152 if (sc->txq[0].queued > sc->txq[0].count - 8) { 2153 ifp->if_oerrors++; 2154 continue; 2155 } 2156 2157 #if NBPFILTER > 0 2158 if (ic->ic_rawbpf != NULL) 2159 bpf_mtap(ic->ic_rawbpf, m0); 2160 #endif 2161 if (iwn_tx_data(sc, m0, ni, 0) != 0) { 2162 ifp->if_oerrors++; 2163 break; 2164 } 2165 } else { 2166 if (ic->ic_state != IEEE80211_S_RUN) 2167 break; 2168 IFQ_POLL(&ifp->if_snd, m0); 2169 if (m0 == NULL) 2170 break; 2171 2172 if (m0->m_len < sizeof (*eh) && 2173 (m0 = m_pullup(m0, sizeof (*eh))) == NULL) { 2174 ifp->if_oerrors++; 2175 continue; 2176 } 2177 eh = mtod(m0, struct ether_header *); 2178 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 2179 if (ni == NULL) { 2180 m_freem(m0); 2181 ifp->if_oerrors++; 2182 continue; 2183 } 2184 /* classify mbuf so we can find which tx ring to use */ 2185 if (ieee80211_classify(ic, m0, ni) != 0) { 2186 m_freem(m0); 2187 ieee80211_free_node(ni); 2188 ifp->if_oerrors++; 2189 continue; 2190 } 2191 2192 /* no QoS encapsulation for EAPOL frames */ 2193 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 2194 M_WME_GETAC(m0) : WME_AC_BE; 2195 2196 if (sc->txq[ac].queued > sc->txq[ac].count - 8) { 2197 2198 /* there is no place left in this ring */ 2199 ifp->if_flags |= IFF_OACTIVE; 2200 break; 2201 } 2202 IFQ_DEQUEUE(&ifp->if_snd, m0); 2203 #if NBPFILTER > 0 2204 if (ifp->if_bpf != NULL) 2205 bpf_mtap(ifp->if_bpf, m0); 2206 #endif 2207 m0 = ieee80211_encap(ic, m0, ni); 2208 if (m0 == NULL) { 2209 ieee80211_free_node(ni); 2210 ifp->if_oerrors++; 2211 continue; 2212 } 2213 #if NBPFILTER > 0 2214 if (ic->ic_rawbpf != NULL) 2215 bpf_mtap(ic->ic_rawbpf, m0); 2216 #endif 2217 if (iwn_tx_data(sc, m0, ni, ac) != 0) { 2218 ieee80211_free_node(ni); 2219 ifp->if_oerrors++; 2220 break; 2221 } 2222 } 2223 2224 sc->sc_tx_timer = 5; 2225 ifp->if_timer = 1; 2226 } 2227 } 2228 2229 static void 2230 iwn_watchdog(struct ifnet *ifp) 2231 { 2232 struct iwn_softc *sc = ifp->if_softc; 2233 2234 ifp->if_timer = 0; 2235 2236 if (sc->sc_tx_timer > 0) { 2237 if (--sc->sc_tx_timer == 0) { 2238 aprint_error_dev(sc->sc_dev, "device timeout\n"); 2239 ifp->if_flags &= ~IFF_UP; 2240 iwn_stop(ifp, 1); 2241 ifp->if_oerrors++; 2242 return; 2243 } 2244 ifp->if_timer = 1; 2245 } 2246 2247 ieee80211_watchdog(&sc->sc_ic); 2248 } 2249 2250 static int 2251 iwn_ioctl(struct ifnet *ifp, u_long cmd, void * data) 2252 { 2253 2254 #define IS_RUNNING(ifp) \ 2255 ((ifp->if_flags & IFF_UP) && (ifp->if_flags & IFF_RUNNING)) 2256 2257 struct iwn_softc *sc = ifp->if_softc; 2258 struct ieee80211com *ic = &sc->sc_ic; 2259 int s, error = 0; 2260 2261 s = splnet(); 2262 2263 switch (cmd) { 2264 case SIOCSIFFLAGS: 2265 if (ifp->if_flags & IFF_UP) { 2266 if (!(ifp->if_flags & IFF_RUNNING)) 2267 iwn_init(ifp); 2268 } else { 2269 if (ifp->if_flags & IFF_RUNNING) 2270 iwn_stop(ifp, 1); 2271 } 2272 break; 2273 2274 case SIOCADDMULTI: 2275 case SIOCDELMULTI: 2276 /* XXX no h/w multicast filter? --dyoung */ 2277 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 2278 /* setup multicast filter, etc */ 2279 error = 0; 2280 } 2281 break; 2282 2283 default: 2284 error = ieee80211_ioctl(ic, cmd, data); 2285 } 2286 2287 if (error == ENETRESET) { 2288 if (IS_RUNNING(ifp) && 2289 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 2290 iwn_init(ifp); 2291 error = 0; 2292 } 2293 2294 splx(s); 2295 return error; 2296 2297 #undef IS_RUNNING 2298 } 2299 2300 static void 2301 iwn_read_eeprom(struct iwn_softc *sc) 2302 { 2303 struct ieee80211com *ic = &sc->sc_ic; 2304 char domain[4]; 2305 uint16_t val; 2306 int i, error; 2307 2308 if ((error = iwn_eeprom_lock(sc)) != 0) { 2309 aprint_error_dev(sc->sc_dev, "could not lock EEPROM (error=%d)\n", error); 2310 return; 2311 } 2312 /* read and print regulatory domain */ 2313 iwn_read_prom_data(sc, IWN_EEPROM_DOMAIN, domain, 4); 2314 aprint_error_dev(sc->sc_dev, "%.4s", domain); 2315 2316 /* read and print MAC address */ 2317 iwn_read_prom_data(sc, IWN_EEPROM_MAC, ic->ic_myaddr, 6); 2318 aprint_error(", address %s\n", ether_sprintf(ic->ic_myaddr)); 2319 2320 /* read the list of authorized channels */ 2321 for (i = 0; i < IWN_CHAN_BANDS_COUNT; i++) 2322 iwn_read_eeprom_channels(sc, i); 2323 2324 /* read maximum allowed Tx power for 2GHz and 5GHz bands */ 2325 iwn_read_prom_data(sc, IWN_EEPROM_MAXPOW, &val, 2); 2326 sc->maxpwr2GHz = val & 0xff; 2327 sc->maxpwr5GHz = val >> 8; 2328 /* check that EEPROM values are correct */ 2329 if (sc->maxpwr5GHz < 20 || sc->maxpwr5GHz > 50) 2330 sc->maxpwr5GHz = 38; 2331 if (sc->maxpwr2GHz < 20 || sc->maxpwr2GHz > 50) 2332 sc->maxpwr2GHz = 38; 2333 DPRINTF(("maxpwr 2GHz=%d 5GHz=%d\n", sc->maxpwr2GHz, sc->maxpwr5GHz)); 2334 2335 /* read voltage at which samples were taken */ 2336 iwn_read_prom_data(sc, IWN_EEPROM_VOLTAGE, &val, 2); 2337 sc->eeprom_voltage = (int16_t)le16toh(val); 2338 DPRINTF(("voltage=%d (in 0.3V)\n", sc->eeprom_voltage)); 2339 2340 /* read power groups */ 2341 iwn_read_prom_data(sc, IWN_EEPROM_BANDS, sc->bands, sizeof sc->bands); 2342 #ifdef IWN_DEBUG 2343 if (iwn_debug > 0) { 2344 for (i = 0; i < IWN_NBANDS; i++) 2345 iwn_print_power_group(sc, i); 2346 } 2347 #endif 2348 iwn_eeprom_unlock(sc); 2349 } 2350 2351 static void 2352 iwn_read_eeprom_channels(struct iwn_softc *sc, int n) 2353 { 2354 struct ieee80211com *ic = &sc->sc_ic; 2355 const struct iwn_chan_band *band = &iwn_bands[n]; 2356 struct iwn_eeprom_chan channels[IWN_MAX_CHAN_PER_BAND]; 2357 int chan, i; 2358 2359 iwn_read_prom_data(sc, band->addr, channels, 2360 band->nchan * sizeof (struct iwn_eeprom_chan)); 2361 2362 for (i = 0; i < band->nchan; i++) { 2363 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) 2364 continue; 2365 2366 chan = band->chan[i]; 2367 2368 if (n == 0) { /* 2GHz band */ 2369 ic->ic_channels[chan].ic_freq = 2370 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 2371 ic->ic_channels[chan].ic_flags = 2372 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 2373 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 2374 2375 } else { /* 5GHz band */ 2376 /* 2377 * Some adapters support channels 7, 8, 11 and 12 2378 * both in the 2GHz *and* 5GHz bands. 2379 * Because of limitations in our net80211(9) stack, 2380 * we can't support these channels in 5GHz band. 2381 */ 2382 if (chan <= 14) 2383 continue; 2384 2385 ic->ic_channels[chan].ic_freq = 2386 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 2387 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 2388 } 2389 2390 /* is active scan allowed on this channel? */ 2391 if (!(channels[i].flags & IWN_EEPROM_CHAN_ACTIVE)) { 2392 ic->ic_channels[chan].ic_flags |= 2393 IEEE80211_CHAN_PASSIVE; 2394 } 2395 2396 /* save maximum allowed power for this channel */ 2397 sc->maxpwr[chan] = channels[i].maxpwr; 2398 2399 DPRINTF(("adding chan %d flags=0x%x maxpwr=%d\n", 2400 chan, channels[i].flags, sc->maxpwr[chan])); 2401 } 2402 } 2403 2404 #ifdef IWN_DEBUG 2405 static void 2406 iwn_print_power_group(struct iwn_softc *sc, int i) 2407 { 2408 struct iwn_eeprom_band *band = &sc->bands[i]; 2409 struct iwn_eeprom_chan_samples *chans = band->chans; 2410 int j, c; 2411 2412 DPRINTF(("===band %d===\n", i)); 2413 DPRINTF(("chan lo=%d, chan hi=%d\n", band->lo, band->hi)); 2414 DPRINTF(("chan1 num=%d\n", chans[0].num)); 2415 for (c = 0; c < IWN_NTXCHAINS; c++) { 2416 for (j = 0; j < IWN_NSAMPLES; j++) { 2417 DPRINTF(("chain %d, sample %d: temp=%d gain=%d " 2418 "power=%d pa_det=%d\n", c, j, 2419 chans[0].samples[c][j].temp, 2420 chans[0].samples[c][j].gain, 2421 chans[0].samples[c][j].power, 2422 chans[0].samples[c][j].pa_det)); 2423 } 2424 } 2425 DPRINTF(("chan2 num=%d\n", chans[1].num)); 2426 for (c = 0; c < IWN_NTXCHAINS; c++) { 2427 for (j = 0; j < IWN_NSAMPLES; j++) { 2428 DPRINTF(("chain %d, sample %d: temp=%d gain=%d " 2429 "power=%d pa_det=%d\n", c, j, 2430 chans[1].samples[c][j].temp, 2431 chans[1].samples[c][j].gain, 2432 chans[1].samples[c][j].power, 2433 chans[1].samples[c][j].pa_det)); 2434 } 2435 } 2436 } 2437 #endif 2438 2439 /* 2440 * Send a command to the firmware. 2441 */ 2442 static int 2443 iwn_cmd(struct iwn_softc *sc, int code, const void *buf, int size, int async) 2444 { 2445 struct iwn_tx_ring *ring = &sc->txq[4]; 2446 struct iwn_tx_desc *desc; 2447 struct iwn_tx_cmd *cmd; 2448 bus_addr_t paddr; 2449 2450 KASSERT(size <= sizeof cmd->data); 2451 2452 desc = &ring->desc[ring->cur]; 2453 cmd = &ring->cmd[ring->cur]; 2454 2455 cmd->code = code; 2456 cmd->flags = 0; 2457 cmd->qid = ring->qid; 2458 cmd->idx = ring->cur; 2459 memcpy(cmd->data, buf, size); 2460 2461 paddr = ring->cmd_dma.paddr + ring->cur * sizeof (struct iwn_tx_cmd); 2462 2463 IWN_SET_DESC_NSEGS(desc, 1); 2464 IWN_SET_DESC_SEG(desc, 0, paddr, 4 + size); 2465 sc->shared->len[ring->qid][ring->cur] = htole16(8); 2466 if (ring->cur < IWN_TX_WINDOW) { 2467 sc->shared->len[ring->qid][ring->cur + IWN_TX_RING_COUNT] = 2468 htole16(8); 2469 } 2470 2471 /* kick cmd ring */ 2472 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 2473 IWN_WRITE(sc, IWN_TX_WIDX, ring->qid << 8 | ring->cur); 2474 2475 return async ? 0 : tsleep(cmd, PCATCH, "iwncmd", hz); 2476 } 2477 2478 /* 2479 * Configure hardware multi-rate retries for one node. 2480 */ 2481 static int 2482 iwn_setup_node_mrr(struct iwn_softc *sc, uint8_t id, int async) 2483 { 2484 struct ieee80211com *ic = &sc->sc_ic; 2485 struct iwn_cmd_mrr mrr; 2486 int i, ridx; 2487 2488 memset(&mrr, 0, sizeof mrr); 2489 mrr.id = id; 2490 mrr.ssmask = 2; 2491 mrr.dsmask = 3; 2492 mrr.ampdu_disable = 3; 2493 mrr.ampdu_limit = htole16(4000); 2494 2495 if (id == IWN_ID_BSS) 2496 ridx = IWN_OFDM54; 2497 else if (ic->ic_curmode == IEEE80211_MODE_11A) 2498 ridx = IWN_OFDM6; 2499 else 2500 ridx = IWN_CCK1; 2501 for (i = 0; i < IWN_MAX_TX_RETRIES; i++) { 2502 mrr.table[i].rate = iwn_ridx_to_plcp[ridx]; 2503 mrr.table[i].rflags = IWN_RFLAG_ANT_B; 2504 if (ridx <= IWN_CCK11) 2505 mrr.table[i].rflags |= IWN_RFLAG_CCK; 2506 ridx = iwn_prev_ridx[ridx]; 2507 } 2508 return iwn_cmd(sc, IWN_CMD_NODE_MRR_SETUP, &mrr, sizeof mrr, async); 2509 } 2510 2511 static int 2512 iwn_wme_update(struct ieee80211com *ic) 2513 { 2514 #define IWN_EXP2(v) htole16((1 << (v)) - 1) 2515 #define IWN_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 2516 struct iwn_softc *sc = ic->ic_ifp->if_softc; 2517 const struct wmeParams *wmep; 2518 struct iwn_wme_setup wme; 2519 int ac; 2520 2521 /* don't override default WME values if WME is not actually enabled */ 2522 if (!(ic->ic_flags & IEEE80211_F_WME)) 2523 return 0; 2524 2525 wme.flags = 0; 2526 for (ac = 0; ac < WME_NUM_AC; ac++) { 2527 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 2528 wme.ac[ac].aifsn = wmep->wmep_aifsn; 2529 wme.ac[ac].cwmin = IWN_EXP2(wmep->wmep_logcwmin); 2530 wme.ac[ac].cwmax = IWN_EXP2(wmep->wmep_logcwmax); 2531 wme.ac[ac].txop = IWN_USEC(wmep->wmep_txopLimit); 2532 2533 DPRINTF(("setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d " 2534 "txop=%d\n", ac, wme.ac[ac].aifsn, wme.ac[ac].cwmin, 2535 wme.ac[ac].cwmax, wme.ac[ac].txop)); 2536 } 2537 2538 return iwn_cmd(sc, IWN_CMD_SET_WME, &wme, sizeof wme, 1); 2539 #undef IWN_USEC 2540 #undef IWN_EXP2 2541 } 2542 2543 2544 2545 static void 2546 iwn_set_led(struct iwn_softc *sc, uint8_t which, uint8_t off, uint8_t on) 2547 { 2548 struct iwn_cmd_led led; 2549 2550 led.which = which; 2551 led.unit = htole32(100000); /* on/off in unit of 100ms */ 2552 led.off = off; 2553 led.on = on; 2554 2555 (void)iwn_cmd(sc, IWN_CMD_SET_LED, &led, sizeof led, 1); 2556 } 2557 2558 /* 2559 * Set the critical temperature at which the firmware will automatically stop 2560 * the radio transmitter. 2561 */ 2562 static int 2563 iwn_set_critical_temp(struct iwn_softc *sc) 2564 { 2565 struct iwn_ucode_info *uc = &sc->ucode_info; 2566 struct iwn_critical_temp crit; 2567 uint32_t r1, r2, r3, temp; 2568 2569 IWN_WRITE(sc, IWN_UCODE_CLR, IWN_CTEMP_STOP_RF); 2570 2571 r1 = le32toh(uc->temp[0].chan20MHz); 2572 r2 = le32toh(uc->temp[1].chan20MHz); 2573 r3 = le32toh(uc->temp[2].chan20MHz); 2574 /* inverse function of iwn_get_temperature() */ 2575 2576 temp = r2 + ((IWN_CTOK(110) * (r3 - r1)) / 259); 2577 2578 memset(&crit, 0, sizeof crit); 2579 crit.tempR = htole32(temp); 2580 DPRINTF(("setting critical temperature to %u\n", temp)); 2581 return iwn_cmd(sc, IWN_CMD_SET_CRITICAL_TEMP, &crit, sizeof crit, 0); 2582 } 2583 2584 static void 2585 iwn_enable_tsf(struct iwn_softc *sc, struct ieee80211_node *ni) 2586 { 2587 struct iwn_cmd_tsf tsf; 2588 uint64_t val, mod; 2589 2590 memset(&tsf, 0, sizeof tsf); 2591 memcpy(&tsf.tstamp, ni->ni_tstamp.data, 8); 2592 tsf.bintval = htole16(ni->ni_intval); 2593 tsf.lintval = htole16(10); 2594 2595 /* compute remaining time until next beacon */ 2596 val = (uint64_t)ni->ni_intval * 1024; /* msecs -> usecs */ 2597 mod = le64toh(tsf.tstamp) % val; 2598 tsf.binitval = htole32((uint32_t)(val - mod)); 2599 2600 DPRINTF(("TSF bintval=%u tstamp=%" PRIu64 ", init=%" PRIu64 "\n", 2601 ni->ni_intval, le64toh(tsf.tstamp), val - mod)); 2602 2603 if (iwn_cmd(sc, IWN_CMD_TSF, &tsf, sizeof tsf, 1) != 0) 2604 aprint_error_dev(sc->sc_dev, "could not enable TSF\n"); 2605 } 2606 2607 static void 2608 iwn_power_calibration(struct iwn_softc *sc, int temp) 2609 { 2610 struct ieee80211com *ic = &sc->sc_ic; 2611 2612 DPRINTF(("temperature %d->%d\n", sc->temp, temp)); 2613 2614 /* adjust Tx power if need be (delta >= 3�C) */ 2615 if (abs(temp - sc->temp) < 3) 2616 return; 2617 2618 sc->temp = temp; 2619 2620 DPRINTF(("setting Tx power for channel %d\n", 2621 ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan))); 2622 if (iwn_set_txpower(sc, ic->ic_bss->ni_chan, 1) != 0) { 2623 /* just warn, too bad for the automatic calibration... */ 2624 aprint_error_dev(sc->sc_dev, "could not adjust Tx power\n"); 2625 } 2626 } 2627 2628 /* 2629 * Set Tx power for a given channel (each rate has its own power settings). 2630 * This function takes into account the regulatory information from EEPROM, 2631 * the current temperature and the current voltage. 2632 */ 2633 static int 2634 iwn_set_txpower(struct iwn_softc *sc, struct ieee80211_channel *ch, int async) 2635 { 2636 /* fixed-point arithmetic division using a n-bit fractional part */ 2637 #define fdivround(a, b, n) \ 2638 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 2639 /* linear interpolation */ 2640 #define interpolate(x, x1, y1, x2, y2, n) \ 2641 ((y1) + fdivround(((int)(x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 2642 2643 static const int tdiv[IWN_NATTEN_GROUPS] = { 9, 8, 8, 8, 6 }; 2644 struct ieee80211com *ic = &sc->sc_ic; 2645 struct iwn_ucode_info *uc = &sc->ucode_info; 2646 struct iwn_cmd_txpower cmd; 2647 struct iwn_eeprom_chan_samples *chans; 2648 const uint8_t *rf_gain, *dsp_gain; 2649 int32_t vdiff, tdiff; 2650 int i, c, grp, maxpwr; 2651 u_int chan; 2652 2653 /* get channel number */ 2654 chan = ieee80211_chan2ieee(ic, ch); 2655 2656 memset(&cmd, 0, sizeof cmd); 2657 cmd.band = IEEE80211_IS_CHAN_5GHZ(ch) ? 0 : 1; 2658 cmd.chan = chan; 2659 2660 if (IEEE80211_IS_CHAN_5GHZ(ch)) { 2661 maxpwr = sc->maxpwr5GHz; 2662 rf_gain = iwn_rf_gain_5ghz; 2663 dsp_gain = iwn_dsp_gain_5ghz; 2664 } else { 2665 maxpwr = sc->maxpwr2GHz; 2666 rf_gain = iwn_rf_gain_2ghz; 2667 dsp_gain = iwn_dsp_gain_2ghz; 2668 } 2669 2670 /* compute voltage compensation */ 2671 vdiff = ((int32_t)le32toh(uc->volt) - sc->eeprom_voltage) / 7; 2672 if (vdiff > 0) 2673 vdiff *= 2; 2674 if (abs(vdiff) > 2) 2675 vdiff = 0; 2676 DPRINTF(("voltage compensation=%d (UCODE=%d, EEPROM=%d)\n", 2677 vdiff, le32toh(uc->volt), sc->eeprom_voltage)); 2678 2679 /* get channel's attenuation group */ 2680 if (chan <= 20) /* 1-20 */ 2681 grp = 4; 2682 else if (chan <= 43) /* 34-43 */ 2683 grp = 0; 2684 else if (chan <= 70) /* 44-70 */ 2685 grp = 1; 2686 else if (chan <= 124) /* 71-124 */ 2687 grp = 2; 2688 else /* 125-200 */ 2689 grp = 3; 2690 DPRINTF(("chan %d, attenuation group=%d\n", chan, grp)); 2691 2692 /* get channel's sub-band */ 2693 for (i = 0; i < IWN_NBANDS; i++) 2694 if (sc->bands[i].lo != 0 && 2695 sc->bands[i].lo <= chan && chan <= sc->bands[i].hi) 2696 break; 2697 chans = sc->bands[i].chans; 2698 DPRINTF(("chan %d sub-band=%d\n", chan, i)); 2699 2700 for (c = 0; c < IWN_NTXCHAINS; c++) { 2701 uint8_t power, gain, temp; 2702 int maxchpwr, pwr, ridx, idx; 2703 2704 power = interpolate(chan, 2705 chans[0].num, chans[0].samples[c][1].power, 2706 chans[1].num, chans[1].samples[c][1].power, 1); 2707 gain = interpolate(chan, 2708 chans[0].num, chans[0].samples[c][1].gain, 2709 chans[1].num, chans[1].samples[c][1].gain, 1); 2710 temp = interpolate(chan, 2711 chans[0].num, chans[0].samples[c][1].temp, 2712 chans[1].num, chans[1].samples[c][1].temp, 1); 2713 DPRINTF(("Tx chain %d: power=%d gain=%d temp=%d\n", 2714 c, power, gain, temp)); 2715 2716 /* compute temperature compensation */ 2717 tdiff = ((sc->temp - temp) * 2) / tdiv[grp]; 2718 DPRINTF(("temperature compensation=%d (current=%d, " 2719 "EEPROM=%d)\n", tdiff, sc->temp, temp)); 2720 2721 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) { 2722 maxchpwr = sc->maxpwr[chan] * 2; 2723 if ((ridx / 8) & 1) { 2724 /* MIMO: decrease Tx power (-3dB) */ 2725 maxchpwr -= 6; 2726 } 2727 2728 pwr = maxpwr - 10; 2729 2730 /* decrease power for highest OFDM rates */ 2731 if ((ridx % 8) == 5) /* 48Mbit/s */ 2732 pwr -= 5; 2733 else if ((ridx % 8) == 6) /* 54Mbit/s */ 2734 pwr -= 7; 2735 else if ((ridx % 8) == 7) /* 60Mbit/s */ 2736 pwr -= 10; 2737 2738 if (pwr > maxchpwr) 2739 pwr = maxchpwr; 2740 2741 idx = gain - (pwr - power) - tdiff - vdiff; 2742 if ((ridx / 8) & 1) /* MIMO */ 2743 idx += (int32_t)le32toh(uc->atten[grp][c]); 2744 2745 if (cmd.band == 0) 2746 idx += 9; /* 5GHz */ 2747 if (ridx == IWN_RIDX_MAX) 2748 idx += 5; /* CCK */ 2749 2750 /* make sure idx stays in a valid range */ 2751 if (idx < 0) 2752 idx = 0; 2753 else if (idx > IWN_MAX_PWR_INDEX) 2754 idx = IWN_MAX_PWR_INDEX; 2755 2756 DPRINTF(("Tx chain %d, rate idx %d: power=%d\n", 2757 c, ridx, idx)); 2758 cmd.power[ridx].rf_gain[c] = rf_gain[idx]; 2759 cmd.power[ridx].dsp_gain[c] = dsp_gain[idx]; 2760 } 2761 } 2762 2763 DPRINTF(("setting tx power for chan %d\n", chan)); 2764 return iwn_cmd(sc, IWN_CMD_TXPOWER, &cmd, sizeof cmd, async); 2765 2766 #undef interpolate 2767 #undef fdivround 2768 } 2769 2770 /* 2771 * Get the best (maximum) RSSI among Rx antennas (in dBm). 2772 */ 2773 static int 2774 iwn_get_rssi(const struct iwn_rx_stat *stat) 2775 { 2776 uint8_t mask, agc; 2777 int rssi; 2778 2779 mask = (le16toh(stat->antenna) >> 4) & 0x7; 2780 agc = (le16toh(stat->agc) >> 7) & 0x7f; 2781 2782 rssi = 0; 2783 if (mask & (1 << 0)) /* Ant A */ 2784 rssi = max(rssi, stat->rssi[0]); 2785 if (mask & (1 << 1)) /* Ant B */ 2786 rssi = max(rssi, stat->rssi[2]); 2787 if (mask & (1 << 2)) /* Ant C */ 2788 rssi = max(rssi, stat->rssi[4]); 2789 2790 return rssi - agc - IWN_RSSI_TO_DBM; 2791 } 2792 2793 /* 2794 * Get the average noise among Rx antennas (in dBm). 2795 */ 2796 static int 2797 iwn_get_noise(const struct iwn_rx_general_stats *stats) 2798 { 2799 int i, total, nbant, noise; 2800 2801 total = nbant = 0; 2802 for (i = 0; i < 3; i++) { 2803 if ((noise = le32toh(stats->noise[i]) & 0xff) == 0) 2804 continue; 2805 total += noise; 2806 nbant++; 2807 } 2808 /* there should be at least one antenna but check anyway */ 2809 return (nbant == 0) ? -127 : (total / nbant) - 107; 2810 } 2811 2812 /* 2813 * Read temperature (in degC) from the on-board thermal sensor. 2814 */ 2815 static int 2816 iwn_get_temperature(struct iwn_softc *sc) 2817 { 2818 struct iwn_ucode_info *uc = &sc->ucode_info; 2819 int32_t r1, r2, r3, r4, temp; 2820 2821 r1 = le32toh(uc->temp[0].chan20MHz); 2822 r2 = le32toh(uc->temp[1].chan20MHz); 2823 r3 = le32toh(uc->temp[2].chan20MHz); 2824 r4 = le32toh(sc->rawtemp); 2825 2826 if (r1 == r3) /* prevents division by 0 (should not happen) */ 2827 return 0; 2828 2829 /* sign-extend 23-bit R4 value to 32-bit */ 2830 r4 = (r4 << 8) >> 8; 2831 /* compute temperature */ 2832 temp = (259 * (r4 - r2)) / (r3 - r1); 2833 temp = (temp * 97) / 100 + 8; 2834 2835 DPRINTF(("temperature %dK/%dC\n", temp, IWN_KTOC(temp))); 2836 return IWN_KTOC(temp); 2837 } 2838 2839 /* 2840 * Initialize sensitivity calibration state machine. 2841 */ 2842 static int 2843 iwn_init_sensitivity(struct iwn_softc *sc) 2844 { 2845 struct iwn_calib_state *calib = &sc->calib; 2846 struct iwn_phy_calib_cmd cmd; 2847 int error; 2848 2849 /* reset calibration state */ 2850 memset(calib, 0, sizeof (*calib)); 2851 calib->state = IWN_CALIB_STATE_INIT; 2852 calib->cck_state = IWN_CCK_STATE_HIFA; 2853 /* initial values taken from the reference driver */ 2854 calib->corr_ofdm_x1 = 105; 2855 calib->corr_ofdm_mrc_x1 = 220; 2856 calib->corr_ofdm_x4 = 90; 2857 calib->corr_ofdm_mrc_x4 = 170; 2858 calib->corr_cck_x4 = 125; 2859 calib->corr_cck_mrc_x4 = 200; 2860 calib->energy_cck = 100; 2861 2862 /* write initial sensitivity values */ 2863 if ((error = iwn_send_sensitivity(sc)) != 0) 2864 return error; 2865 2866 memset(&cmd, 0, sizeof cmd); 2867 cmd.code = IWN_SET_DIFF_GAIN; 2868 /* differential gains initially set to 0 for all 3 antennas */ 2869 DPRINTF(("setting differential gains\n")); 2870 return iwn_cmd(sc, IWN_PHY_CALIB, &cmd, sizeof cmd, 1); 2871 } 2872 2873 /* 2874 * Collect noise and RSSI statistics for the first 20 beacons received 2875 * after association and use them to determine connected antennas and 2876 * set differential gains. 2877 */ 2878 static void 2879 iwn_compute_differential_gain(struct iwn_softc *sc, 2880 const struct iwn_rx_general_stats *stats) 2881 { 2882 struct iwn_calib_state *calib = &sc->calib; 2883 struct iwn_phy_calib_cmd cmd; 2884 int i, val; 2885 2886 /* accumulate RSSI and noise for all 3 antennas */ 2887 for (i = 0; i < 3; i++) { 2888 calib->rssi[i] += le32toh(stats->rssi[i]) & 0xff; 2889 calib->noise[i] += le32toh(stats->noise[i]) & 0xff; 2890 } 2891 2892 /* we update differential gain only once after 20 beacons */ 2893 if (++calib->nbeacons < 20) 2894 return; 2895 2896 /* determine antenna with highest average RSSI */ 2897 val = max(calib->rssi[0], calib->rssi[1]); 2898 val = max(calib->rssi[2], val); 2899 2900 /* determine which antennas are connected */ 2901 sc->antmsk = 0; 2902 for (i = 0; i < 3; i++) 2903 if (val - calib->rssi[i] <= 15 * 20) 2904 sc->antmsk |= 1 << i; 2905 /* if neither Ant A and Ant B are connected.. */ 2906 if ((sc->antmsk & (1 << 0 | 1 << 1)) == 0) 2907 sc->antmsk |= 1 << 1; /* ..mark Ant B as connected! */ 2908 2909 /* get minimal noise among connected antennas */ 2910 val = INT_MAX; /* ok, there's at least one */ 2911 for (i = 0; i < 3; i++) 2912 if (sc->antmsk & (1 << i)) 2913 val = min(calib->noise[i], val); 2914 2915 memset(&cmd, 0, sizeof cmd); 2916 cmd.code = IWN_SET_DIFF_GAIN; 2917 /* set differential gains for connected antennas */ 2918 for (i = 0; i < 3; i++) { 2919 if (sc->antmsk & (1 << i)) { 2920 cmd.gain[i] = (calib->noise[i] - val) / 30; 2921 /* limit differential gain to 3 */ 2922 cmd.gain[i] = min(cmd.gain[i], 3); 2923 cmd.gain[i] |= IWN_GAIN_SET; 2924 } 2925 } 2926 DPRINTF(("setting differential gains Ant A/B/C: %x/%x/%x (%x)\n", 2927 cmd.gain[0], cmd.gain[1], cmd.gain[2], sc->antmsk)); 2928 if (iwn_cmd(sc, IWN_PHY_CALIB, &cmd, sizeof cmd, 1) == 0) 2929 calib->state = IWN_CALIB_STATE_RUN; 2930 } 2931 2932 /* 2933 * Tune RF Rx sensitivity based on the number of false alarms detected 2934 * during the last beacon period. 2935 */ 2936 static void 2937 iwn_tune_sensitivity(struct iwn_softc *sc, const struct iwn_rx_stats *stats) 2938 { 2939 #define inc_clip(val, inc, max) \ 2940 if ((val) < (max)) { \ 2941 if ((val) < (max) - (inc)) \ 2942 (val) += (inc); \ 2943 else \ 2944 (val) = (max); \ 2945 needs_update = 1; \ 2946 } 2947 #define dec_clip(val, dec, min) \ 2948 if ((val) > (min)) { \ 2949 if ((val) > (min) + (dec)) \ 2950 (val) -= (dec); \ 2951 else \ 2952 (val) = (min); \ 2953 needs_update = 1; \ 2954 } 2955 2956 struct iwn_calib_state *calib = &sc->calib; 2957 uint32_t val, rxena, fa; 2958 uint32_t energy[3], energy_min; 2959 uint8_t noise[3], noise_ref; 2960 int i, needs_update = 0; 2961 2962 /* check that we've been enabled long enough */ 2963 if ((rxena = le32toh(stats->general.load)) == 0) 2964 return; 2965 2966 /* compute number of false alarms since last call for OFDM */ 2967 fa = le32toh(stats->ofdm.bad_plcp) - calib->bad_plcp_ofdm; 2968 fa += le32toh(stats->ofdm.fa) - calib->fa_ofdm; 2969 fa *= 200 * 1024; /* 200TU */ 2970 2971 /* save counters values for next call */ 2972 calib->bad_plcp_ofdm = le32toh(stats->ofdm.bad_plcp); 2973 calib->fa_ofdm = le32toh(stats->ofdm.fa); 2974 2975 if (fa > 50 * rxena) { 2976 /* high false alarm count, decrease sensitivity */ 2977 DPRINTFN(2, ("OFDM high false alarm count: %u\n", fa)); 2978 inc_clip(calib->corr_ofdm_x1, 1, 140); 2979 inc_clip(calib->corr_ofdm_mrc_x1, 1, 270); 2980 inc_clip(calib->corr_ofdm_x4, 1, 120); 2981 inc_clip(calib->corr_ofdm_mrc_x4, 1, 210); 2982 2983 } else if (fa < 5 * rxena) { 2984 /* low false alarm count, increase sensitivity */ 2985 DPRINTFN(2, ("OFDM low false alarm count: %u\n", fa)); 2986 dec_clip(calib->corr_ofdm_x1, 1, 105); 2987 dec_clip(calib->corr_ofdm_mrc_x1, 1, 220); 2988 dec_clip(calib->corr_ofdm_x4, 1, 85); 2989 dec_clip(calib->corr_ofdm_mrc_x4, 1, 170); 2990 } 2991 2992 /* compute maximum noise among 3 antennas */ 2993 for (i = 0; i < 3; i++) 2994 noise[i] = (le32toh(stats->general.noise[i]) >> 8) & 0xff; 2995 val = max(noise[0], noise[1]); 2996 val = max(noise[2], val); 2997 /* insert it into our samples table */ 2998 calib->noise_samples[calib->cur_noise_sample] = val; 2999 calib->cur_noise_sample = (calib->cur_noise_sample + 1) % 20; 3000 3001 /* compute maximum noise among last 20 samples */ 3002 noise_ref = calib->noise_samples[0]; 3003 for (i = 1; i < 20; i++) 3004 noise_ref = max(noise_ref, calib->noise_samples[i]); 3005 3006 /* compute maximum energy among 3 antennas */ 3007 for (i = 0; i < 3; i++) 3008 energy[i] = le32toh(stats->general.energy[i]); 3009 val = min(energy[0], energy[1]); 3010 val = min(energy[2], val); 3011 /* insert it into our samples table */ 3012 calib->energy_samples[calib->cur_energy_sample] = val; 3013 calib->cur_energy_sample = (calib->cur_energy_sample + 1) % 10; 3014 3015 /* compute minimum energy among last 10 samples */ 3016 energy_min = calib->energy_samples[0]; 3017 for (i = 1; i < 10; i++) 3018 energy_min = max(energy_min, calib->energy_samples[i]); 3019 energy_min += 6; 3020 3021 /* compute number of false alarms since last call for CCK */ 3022 fa = le32toh(stats->cck.bad_plcp) - calib->bad_plcp_cck; 3023 fa += le32toh(stats->cck.fa) - calib->fa_cck; 3024 fa *= 200 * 1024; /* 200TU */ 3025 3026 /* save counters values for next call */ 3027 calib->bad_plcp_cck = le32toh(stats->cck.bad_plcp); 3028 calib->fa_cck = le32toh(stats->cck.fa); 3029 3030 if (fa > 50 * rxena) { 3031 /* high false alarm count, decrease sensitivity */ 3032 DPRINTFN(2, ("CCK high false alarm count: %u\n", fa)); 3033 calib->cck_state = IWN_CCK_STATE_HIFA; 3034 calib->low_fa = 0; 3035 3036 if (calib->corr_cck_x4 > 160) { 3037 calib->noise_ref = noise_ref; 3038 if (calib->energy_cck > 2) 3039 dec_clip(calib->energy_cck, 2, energy_min); 3040 } 3041 if (calib->corr_cck_x4 < 160) { 3042 calib->corr_cck_x4 = 161; 3043 needs_update = 1; 3044 } else 3045 inc_clip(calib->corr_cck_x4, 3, 200); 3046 3047 inc_clip(calib->corr_cck_mrc_x4, 3, 400); 3048 3049 } else if (fa < 5 * rxena) { 3050 /* low false alarm count, increase sensitivity */ 3051 DPRINTFN(2, ("CCK low false alarm count: %u\n", fa)); 3052 calib->cck_state = IWN_CCK_STATE_LOFA; 3053 calib->low_fa++; 3054 3055 if (calib->cck_state != 0 && 3056 ((calib->noise_ref - noise_ref) > 2 || 3057 calib->low_fa > 100)) { 3058 inc_clip(calib->energy_cck, 2, 97); 3059 dec_clip(calib->corr_cck_x4, 3, 125); 3060 dec_clip(calib->corr_cck_mrc_x4, 3, 200); 3061 } 3062 } else { 3063 /* not worth to increase or decrease sensitivity */ 3064 DPRINTFN(2, ("CCK normal false alarm count: %u\n", fa)); 3065 calib->low_fa = 0; 3066 calib->noise_ref = noise_ref; 3067 3068 if (calib->cck_state == IWN_CCK_STATE_HIFA) { 3069 /* previous interval had many false alarms */ 3070 dec_clip(calib->energy_cck, 8, energy_min); 3071 } 3072 calib->cck_state = IWN_CCK_STATE_INIT; 3073 } 3074 3075 if (needs_update) 3076 (void)iwn_send_sensitivity(sc); 3077 #undef dec_clip 3078 #undef inc_clip 3079 } 3080 3081 static int 3082 iwn_send_sensitivity(struct iwn_softc *sc) 3083 { 3084 struct iwn_calib_state *calib = &sc->calib; 3085 struct iwn_sensitivity_cmd cmd; 3086 3087 memset(&cmd, 0, sizeof cmd); 3088 cmd.which = IWN_SENSITIVITY_WORKTBL; 3089 /* OFDM modulation */ 3090 cmd.corr_ofdm_x1 = le16toh(calib->corr_ofdm_x1); 3091 cmd.corr_ofdm_mrc_x1 = le16toh(calib->corr_ofdm_mrc_x1); 3092 cmd.corr_ofdm_x4 = le16toh(calib->corr_ofdm_x4); 3093 cmd.corr_ofdm_mrc_x4 = le16toh(calib->corr_ofdm_mrc_x4); 3094 cmd.energy_ofdm = le16toh(100); 3095 cmd.energy_ofdm_th = le16toh(62); 3096 /* CCK modulation */ 3097 cmd.corr_cck_x4 = le16toh(calib->corr_cck_x4); 3098 cmd.corr_cck_mrc_x4 = le16toh(calib->corr_cck_mrc_x4); 3099 cmd.energy_cck = le16toh(calib->energy_cck); 3100 /* Barker modulation: use default values */ 3101 cmd.corr_barker = le16toh(190); 3102 cmd.corr_barker_mrc = le16toh(390); 3103 3104 DPRINTFN(2, ("setting sensitivity\n")); 3105 return iwn_cmd(sc, IWN_SENSITIVITY, &cmd, sizeof cmd, 1); 3106 } 3107 3108 static int 3109 iwn_add_node(struct iwn_softc *sc, struct ieee80211_node *ni, bool broadcast, 3110 bool async) 3111 { 3112 struct iwn_node_info node; 3113 int error; 3114 3115 error = 0; 3116 3117 memset(&node, 0, sizeof node); 3118 if (broadcast == true) { 3119 IEEE80211_ADDR_COPY(node.macaddr, etherbroadcastaddr); 3120 node.id = IWN_ID_BROADCAST; 3121 DPRINTF(("adding broadcast node\n")); 3122 } else { 3123 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 3124 node.id = IWN_ID_BSS; 3125 node.htflags = htole32(3 << IWN_AMDPU_SIZE_FACTOR_SHIFT | 3126 5 << IWN_AMDPU_DENSITY_SHIFT); 3127 DPRINTF(("adding BSS node\n")); 3128 } 3129 3130 error = iwn_cmd(sc, IWN_CMD_ADD_NODE, &node, sizeof node, async); 3131 if (error != 0) { 3132 aprint_error_dev(sc->sc_dev, "could not add %s node\n", 3133 (broadcast == 1)? "broadcast" : "BSS"); 3134 return error; 3135 } 3136 DPRINTF(("setting MRR for node %d\n", node.id)); 3137 if ((error = iwn_setup_node_mrr(sc, node.id, async)) != 0) { 3138 aprint_error_dev(sc->sc_dev, 3139 "could not setup MRR for %s node\n", 3140 (broadcast == 1)? "broadcast" : "BSS"); 3141 return error; 3142 } 3143 3144 return error; 3145 } 3146 3147 static int 3148 iwn_auth(struct iwn_softc *sc) 3149 { 3150 struct ieee80211com *ic = &sc->sc_ic; 3151 struct ieee80211_node *ni = ic->ic_bss; 3152 int error; 3153 3154 /* update adapter's configuration */ 3155 IEEE80211_ADDR_COPY(sc->config.bssid, ni->ni_bssid); 3156 sc->config.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 3157 sc->config.flags = htole32(IWN_CONFIG_TSF); 3158 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 3159 sc->config.flags |= htole32(IWN_CONFIG_AUTO | 3160 IWN_CONFIG_24GHZ); 3161 } 3162 switch (ic->ic_curmode) { 3163 case IEEE80211_MODE_11A: 3164 sc->config.cck_mask = 0; 3165 sc->config.ofdm_mask = 0x15; 3166 break; 3167 case IEEE80211_MODE_11B: 3168 sc->config.cck_mask = 0x03; 3169 sc->config.ofdm_mask = 0; 3170 break; 3171 default: /* assume 802.11b/g */ 3172 sc->config.cck_mask = 0xf; 3173 sc->config.ofdm_mask = 0x15; 3174 } 3175 DPRINTF(("config chan %d flags %x cck %x ofdm %x\n", sc->config.chan, 3176 sc->config.flags, sc->config.cck_mask, sc->config.ofdm_mask)); 3177 error = iwn_cmd(sc, IWN_CMD_CONFIGURE, &sc->config, 3178 sizeof (struct iwn_config), 1); 3179 if (error != 0) { 3180 aprint_error_dev(sc->sc_dev, "could not configure\n"); 3181 return error; 3182 } 3183 3184 /* configuration has changed, set Tx power accordingly */ 3185 if ((error = iwn_set_txpower(sc, ni->ni_chan, 1)) != 0) { 3186 aprint_error_dev(sc->sc_dev, "could not set Tx power\n"); 3187 return error; 3188 } 3189 3190 /* 3191 * Reconfiguring clears the adapter's nodes table so we must 3192 * add the broadcast node again. 3193 */ 3194 if ((error = iwn_add_node(sc, ni, true, true)) != 0) 3195 return error; 3196 3197 /* add BSS node */ 3198 if ((error = iwn_add_node(sc, ni, false, true)) != 0) 3199 return error; 3200 3201 if (ic->ic_opmode == IEEE80211_M_STA) { 3202 /* fake a join to init the tx rate */ 3203 iwn_newassoc(ni, 1); 3204 } 3205 3206 if ((error = iwn_init_sensitivity(sc)) != 0) { 3207 aprint_error_dev(sc->sc_dev, "could not set sensitivity\n"); 3208 return error; 3209 } 3210 3211 3212 return 0; 3213 } 3214 3215 /* 3216 * Configure the adapter for associated state. 3217 */ 3218 static int 3219 iwn_run(struct iwn_softc *sc) 3220 { 3221 struct ieee80211com *ic = &sc->sc_ic; 3222 struct ieee80211_node *ni = ic->ic_bss; 3223 int error; 3224 3225 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 3226 /* link LED blinks while monitoring */ 3227 iwn_set_led(sc, IWN_LED_LINK, 5, 5); 3228 return 0; 3229 } 3230 3231 iwn_enable_tsf(sc, ni); 3232 3233 /* update adapter's configuration */ 3234 sc->config.associd = htole16(ni->ni_associd & ~0xc000); 3235 /* short preamble/slot time are negotiated when associating */ 3236 sc->config.flags &= ~htole32(IWN_CONFIG_SHPREAMBLE | 3237 IWN_CONFIG_SHSLOT); 3238 if (ic->ic_flags & IEEE80211_F_SHSLOT) 3239 sc->config.flags |= htole32(IWN_CONFIG_SHSLOT); 3240 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3241 sc->config.flags |= htole32(IWN_CONFIG_SHPREAMBLE); 3242 sc->config.filter |= htole32(IWN_FILTER_BSS); 3243 3244 DPRINTF(("config chan %d flags %x\n", sc->config.chan, 3245 sc->config.flags)); 3246 error = iwn_cmd(sc, IWN_CMD_CONFIGURE, &sc->config, 3247 sizeof (struct iwn_config), 1); 3248 if (error != 0) { 3249 aprint_error_dev(sc->sc_dev, 3250 "could not update configuration\n"); 3251 return error; 3252 } 3253 3254 /* configuration has changed, set Tx power accordingly */ 3255 if ((error = iwn_set_txpower(sc, ni->ni_chan, 1)) != 0) { 3256 aprint_error_dev(sc->sc_dev, "could not set Tx power\n"); 3257 return error; 3258 } 3259 3260 /* add BSS node */ 3261 iwn_add_node(sc, ni, false, true); 3262 3263 if (ic->ic_opmode == IEEE80211_M_STA) { 3264 /* fake a join to init the tx rate */ 3265 iwn_newassoc(ni, 1); 3266 } 3267 3268 if ((error = iwn_init_sensitivity(sc)) != 0) { 3269 aprint_error_dev(sc->sc_dev, "could not set sensitivity\n"); 3270 return error; 3271 } 3272 3273 /* start periodic calibration timer */ 3274 sc->calib.state = IWN_CALIB_STATE_ASSOC; 3275 sc->calib_cnt = 0; 3276 callout_schedule(&sc->calib_to, hz / 2); 3277 3278 if (0 == 1) { /* XXX don't do the beacon - we get a firmware error 3279 XXX when we try. Something is wrong with the 3280 XXX setup of the frame. Just don't ever call 3281 XXX the function but reference it to keep gcc happy 3282 */ 3283 /* now we are associated set up the beacon frame */ 3284 if ((error = iwn_setup_beacon(sc, ni))) { 3285 aprint_error_dev(sc->sc_dev, 3286 "could not setup beacon frame\n"); 3287 return error; 3288 } 3289 } 3290 3291 3292 /* link LED always on while associated */ 3293 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 3294 3295 return 0; 3296 } 3297 3298 /* 3299 * Send a scan request to the firmware. Since this command is huge, we map it 3300 * into a mbuf instead of using the pre-allocated set of commands. 3301 */ 3302 static int 3303 iwn_scan(struct iwn_softc *sc, uint16_t flags) 3304 { 3305 struct ieee80211com *ic = &sc->sc_ic; 3306 struct iwn_tx_ring *ring = &sc->txq[4]; 3307 struct iwn_tx_desc *desc; 3308 struct iwn_tx_data *data; 3309 struct iwn_tx_cmd *cmd; 3310 struct iwn_cmd_data *tx; 3311 struct iwn_scan_hdr *hdr; 3312 struct iwn_scan_essid *essid; 3313 struct iwn_scan_chan *chan; 3314 struct ieee80211_frame *wh; 3315 struct ieee80211_rateset *rs; 3316 struct ieee80211_channel *c; 3317 enum ieee80211_phymode mode; 3318 uint8_t *frm; 3319 int pktlen, error, nrates; 3320 3321 desc = &ring->desc[ring->cur]; 3322 data = &ring->data[ring->cur]; 3323 3324 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 3325 if (data->m == NULL) { 3326 aprint_error_dev(sc->sc_dev, "could not allocate mbuf for scan command\n"); 3327 return ENOMEM; 3328 } 3329 MCLGET(data->m, M_DONTWAIT); 3330 if (!(data->m->m_flags & M_EXT)) { 3331 m_freem(data->m); 3332 data->m = NULL; 3333 aprint_error_dev(sc->sc_dev, "could not allocate mbuf for scan command\n"); 3334 return ENOMEM; 3335 } 3336 3337 cmd = mtod(data->m, struct iwn_tx_cmd *); 3338 cmd->code = IWN_CMD_SCAN; 3339 cmd->flags = 0; 3340 cmd->qid = ring->qid; 3341 cmd->idx = ring->cur; 3342 3343 hdr = (struct iwn_scan_hdr *)cmd->data; 3344 memset(hdr, 0, sizeof (struct iwn_scan_hdr)); 3345 /* 3346 * Move to the next channel if no packets are received within 5 msecs 3347 * after sending the probe request (this helps to reduce the duration 3348 * of active scans). 3349 */ 3350 hdr->quiet = htole16(5); /* timeout in milliseconds */ 3351 hdr->plcp_threshold = htole16(1); /* min # of packets */ 3352 3353 /* select Ant B and Ant C for scanning */ 3354 hdr->rxchain = htole16(0x3e1 | 7 << IWN_RXCHAIN_ANTMSK_SHIFT); 3355 3356 tx = (struct iwn_cmd_data *)(hdr + 1); 3357 memset(tx, 0, sizeof (struct iwn_cmd_data)); 3358 tx->flags = htole32(IWN_TX_AUTO_SEQ | 0x200); // XXX 3359 tx->id = IWN_ID_BROADCAST; 3360 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 3361 tx->rflags = IWN_RFLAG_ANT_B; 3362 3363 if (flags & IEEE80211_CHAN_A) { 3364 hdr->crc_threshold = htole16(1); 3365 /* send probe requests at 6Mbps */ 3366 tx->rate = iwn_ridx_to_plcp[IWN_OFDM6]; 3367 } else { 3368 hdr->flags = htole32(IWN_CONFIG_24GHZ | IWN_CONFIG_AUTO); 3369 /* send probe requests at 1Mbps */ 3370 tx->rate = iwn_ridx_to_plcp[IWN_CCK1]; 3371 tx->rflags |= IWN_RFLAG_CCK; 3372 } 3373 3374 essid = (struct iwn_scan_essid *)(tx + 1); 3375 memset(essid, 0, 4 * sizeof (struct iwn_scan_essid)); 3376 essid[0].id = IEEE80211_ELEMID_SSID; 3377 essid[0].len = ic->ic_des_esslen; 3378 memcpy(essid[0].data, ic->ic_des_essid, ic->ic_des_esslen); 3379 3380 /* 3381 * Build a probe request frame. Most of the following code is a 3382 * copy & paste of what is done in net80211. 3383 */ 3384 wh = (struct ieee80211_frame *)&essid[4]; 3385 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 3386 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 3387 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 3388 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 3389 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 3390 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 3391 *(u_int16_t *)&wh->i_dur[0] = 0; /* filled by h/w */ 3392 *(u_int16_t *)&wh->i_seq[0] = 0; /* filled by h/w */ 3393 3394 frm = (uint8_t *)(wh + 1); 3395 3396 /* add empty SSID IE (firmware generates it for directed scans) */ 3397 *frm++ = IEEE80211_ELEMID_SSID; 3398 *frm++ = 0; 3399 3400 mode = ieee80211_chan2mode(ic, ic->ic_ibss_chan); 3401 rs = &ic->ic_sup_rates[mode]; 3402 3403 /* add supported rates IE */ 3404 3405 *frm++ = IEEE80211_ELEMID_RATES; 3406 nrates = rs->rs_nrates; 3407 if (nrates > IEEE80211_RATE_SIZE) 3408 nrates = IEEE80211_RATE_SIZE; 3409 *frm++ = nrates; 3410 memcpy(frm, rs->rs_rates, nrates); 3411 frm += nrates; 3412 3413 /* add supported xrates IE */ 3414 3415 if (rs->rs_nrates > IEEE80211_RATE_SIZE) { 3416 nrates = rs->rs_nrates - IEEE80211_RATE_SIZE; 3417 *frm++ = IEEE80211_ELEMID_XRATES; 3418 *frm++ = nrates; 3419 memcpy(frm, rs->rs_rates + IEEE80211_RATE_SIZE, nrates); 3420 frm += nrates; 3421 } 3422 3423 /* setup length of probe request */ 3424 tx->len = htole16(frm - (uint8_t *)wh); 3425 3426 chan = (struct iwn_scan_chan *)frm; 3427 for (c = &ic->ic_channels[1]; 3428 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 3429 if ((c->ic_flags & flags) != flags) 3430 continue; 3431 3432 chan->chan = ieee80211_chan2ieee(ic, c); 3433 chan->flags = 0; 3434 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) { 3435 chan->flags |= IWN_CHAN_ACTIVE; 3436 if (ic->ic_des_esslen != 0) 3437 chan->flags |= IWN_CHAN_DIRECT; 3438 } 3439 chan->dsp_gain = 0x6e; 3440 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3441 chan->rf_gain = 0x3b; 3442 chan->active = htole16(10); 3443 chan->passive = htole16(110); 3444 } else { 3445 chan->rf_gain = 0x28; 3446 chan->active = htole16(20); 3447 chan->passive = htole16(120); 3448 } 3449 hdr->nchan++; 3450 chan++; 3451 3452 frm += sizeof (struct iwn_scan_chan); 3453 } 3454 3455 hdr->len = htole16(frm - (uint8_t *)hdr); 3456 pktlen = frm - (uint8_t *)cmd; 3457 3458 error = bus_dmamap_load(sc->sc_dmat, data->map, cmd, pktlen, NULL, 3459 BUS_DMA_NOWAIT); 3460 if (error) { 3461 aprint_error_dev(sc->sc_dev, "could not map scan command\n"); 3462 m_freem(data->m); 3463 data->m = NULL; 3464 return error; 3465 } 3466 3467 IWN_SET_DESC_NSEGS(desc, 1); 3468 IWN_SET_DESC_SEG(desc, 0, data->map->dm_segs[0].ds_addr, 3469 data->map->dm_segs[0].ds_len); 3470 sc->shared->len[ring->qid][ring->cur] = htole16(8); 3471 if (ring->cur < IWN_TX_WINDOW) { 3472 sc->shared->len[ring->qid][ring->cur + IWN_TX_RING_COUNT] = 3473 htole16(8); 3474 } 3475 3476 /* kick cmd ring */ 3477 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 3478 IWN_WRITE(sc, IWN_TX_WIDX, ring->qid << 8 | ring->cur); 3479 3480 return 0; /* will be notified async. of failure/success */ 3481 } 3482 3483 static int 3484 iwn_config(struct iwn_softc *sc) 3485 { 3486 struct ieee80211com *ic = &sc->sc_ic; 3487 struct ifnet *ifp = ic->ic_ifp; 3488 struct iwn_power power; 3489 struct iwn_bluetooth bluetooth; 3490 int error; 3491 3492 /* set power mode */ 3493 memset(&power, 0, sizeof power); 3494 power.flags = htole16(IWN_POWER_CAM | 0x8); 3495 DPRINTF(("setting power mode\n")); 3496 error = iwn_cmd(sc, IWN_CMD_SET_POWER_MODE, &power, sizeof power, 0); 3497 if (error != 0) { 3498 aprint_error_dev(sc->sc_dev, "could not set power mode\n"); 3499 return error; 3500 } 3501 3502 /* configure bluetooth coexistence */ 3503 memset(&bluetooth, 0, sizeof bluetooth); 3504 bluetooth.flags = 3; 3505 bluetooth.lead = 0xaa; 3506 bluetooth.kill = 1; 3507 DPRINTF(("configuring bluetooth coexistence\n")); 3508 error = iwn_cmd(sc, IWN_CMD_BLUETOOTH, &bluetooth, sizeof bluetooth, 3509 0); 3510 if (error != 0) { 3511 aprint_error_dev(sc->sc_dev, "could not configure bluetooth coexistence\n"); 3512 return error; 3513 } 3514 3515 /* configure adapter */ 3516 memset(&sc->config, 0, sizeof (struct iwn_config)); 3517 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 3518 IEEE80211_ADDR_COPY(sc->config.myaddr, ic->ic_myaddr); 3519 IEEE80211_ADDR_COPY(sc->config.wlap, ic->ic_myaddr); 3520 /* set default channel */ 3521 sc->config.chan = ieee80211_chan2ieee(ic, ic->ic_ibss_chan); 3522 sc->config.flags = htole32(IWN_CONFIG_TSF); 3523 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_ibss_chan)) { 3524 sc->config.flags |= htole32(IWN_CONFIG_AUTO | 3525 IWN_CONFIG_24GHZ); 3526 } 3527 sc->config.filter = 0; 3528 switch (ic->ic_opmode) { 3529 case IEEE80211_M_STA: 3530 sc->config.mode = IWN_MODE_STA; 3531 sc->config.filter |= htole32(IWN_FILTER_MULTICAST); 3532 break; 3533 case IEEE80211_M_IBSS: 3534 case IEEE80211_M_AHDEMO: 3535 sc->config.mode = IWN_MODE_IBSS; 3536 break; 3537 case IEEE80211_M_HOSTAP: 3538 sc->config.mode = IWN_MODE_HOSTAP; 3539 break; 3540 case IEEE80211_M_MONITOR: 3541 sc->config.mode = IWN_MODE_MONITOR; 3542 sc->config.filter |= htole32(IWN_FILTER_MULTICAST | 3543 IWN_FILTER_CTL | IWN_FILTER_PROMISC); 3544 break; 3545 } 3546 sc->config.cck_mask = 0x0f; /* not yet negotiated */ 3547 sc->config.ofdm_mask = 0xff; /* not yet negotiated */ 3548 sc->config.ht_single_mask = 0xff; 3549 sc->config.ht_dual_mask = 0xff; 3550 sc->config.rxchain = htole16(0x2800 | 7 << IWN_RXCHAIN_ANTMSK_SHIFT); 3551 DPRINTF(("setting configuration\n")); 3552 error = iwn_cmd(sc, IWN_CMD_CONFIGURE, &sc->config, 3553 sizeof (struct iwn_config), 0); 3554 if (error != 0) { 3555 aprint_error_dev(sc->sc_dev, "configure command failed\n"); 3556 return error; 3557 } 3558 3559 /* configuration has changed, set Tx power accordingly */ 3560 if ((error = iwn_set_txpower(sc, ic->ic_ibss_chan, 0)) != 0) { 3561 aprint_error_dev(sc->sc_dev, "could not set Tx power\n"); 3562 return error; 3563 } 3564 3565 /* add broadcast node */ 3566 if ((error = iwn_add_node(sc, NULL, true, false)) != 0) 3567 return error; 3568 3569 if ((error = iwn_set_critical_temp(sc)) != 0) { 3570 aprint_error_dev(sc->sc_dev, "could not set critical temperature\n"); 3571 return error; 3572 } 3573 3574 return 0; 3575 } 3576 3577 /* 3578 * Do post-alive initialization of the NIC (after firmware upload). 3579 */ 3580 static void 3581 iwn_post_alive(struct iwn_softc *sc) 3582 { 3583 uint32_t base; 3584 uint16_t offset; 3585 int qid; 3586 3587 iwn_mem_lock(sc); 3588 3589 /* clear SRAM */ 3590 base = iwn_mem_read(sc, IWN_SRAM_BASE); 3591 for (offset = 0x380; offset < 0x520; offset += 4) { 3592 IWN_WRITE(sc, IWN_MEM_WADDR, base + offset); 3593 IWN_WRITE(sc, IWN_MEM_WDATA, 0); 3594 } 3595 3596 /* shared area is aligned on a 1K boundary */ 3597 iwn_mem_write(sc, IWN_SRAM_BASE, sc->shared_dma.paddr >> 10); 3598 iwn_mem_write(sc, IWN_SELECT_QCHAIN, 0); 3599 3600 for (qid = 0; qid < IWN_NTXQUEUES; qid++) { 3601 iwn_mem_write(sc, IWN_QUEUE_RIDX(qid), 0); 3602 IWN_WRITE(sc, IWN_TX_WIDX, qid << 8 | 0); 3603 3604 /* set sched. window size */ 3605 IWN_WRITE(sc, IWN_MEM_WADDR, base + IWN_QUEUE_OFFSET(qid)); 3606 IWN_WRITE(sc, IWN_MEM_WDATA, 64); 3607 /* set sched. frame limit */ 3608 IWN_WRITE(sc, IWN_MEM_WADDR, base + IWN_QUEUE_OFFSET(qid) + 4); 3609 IWN_WRITE(sc, IWN_MEM_WDATA, 64 << 16); 3610 } 3611 3612 /* enable interrupts for all 16 queues */ 3613 iwn_mem_write(sc, IWN_QUEUE_INTR_MASK, 0xffff); 3614 3615 /* identify active Tx rings (0-7) */ 3616 iwn_mem_write(sc, IWN_TX_ACTIVE, 0xff); 3617 3618 /* mark Tx rings (4 EDCA + cmd + 2 HCCA) as active */ 3619 for (qid = 0; qid < 7; qid++) { 3620 iwn_mem_write(sc, IWN_TXQ_STATUS(qid), 3621 IWN_TXQ_STATUS_ACTIVE | qid << 1); 3622 } 3623 3624 iwn_mem_unlock(sc); 3625 } 3626 3627 static void 3628 iwn_stop_master(struct iwn_softc *sc) 3629 { 3630 uint32_t tmp; 3631 int ntries; 3632 3633 tmp = IWN_READ(sc, IWN_RESET); 3634 IWN_WRITE(sc, IWN_RESET, tmp | IWN_STOP_MASTER); 3635 3636 tmp = IWN_READ(sc, IWN_GPIO_CTL); 3637 if ((tmp & IWN_GPIO_PWR_STATUS) == IWN_GPIO_PWR_SLEEP) 3638 return; /* already asleep */ 3639 3640 for (ntries = 0; ntries < 100; ntries++) { 3641 if (IWN_READ(sc, IWN_RESET) & IWN_MASTER_DISABLED) 3642 break; 3643 DELAY(10); 3644 } 3645 if (ntries == 100) { 3646 aprint_error_dev(sc->sc_dev, "timeout waiting for master\n"); 3647 } 3648 } 3649 3650 static int 3651 iwn_reset(struct iwn_softc *sc) 3652 { 3653 uint32_t tmp; 3654 int ntries; 3655 3656 /* clear any pending interrupts */ 3657 IWN_WRITE(sc, IWN_INTR, 0xffffffff); 3658 3659 tmp = IWN_READ(sc, IWN_CHICKEN); 3660 IWN_WRITE(sc, IWN_CHICKEN, tmp | IWN_CHICKEN_DISLOS); 3661 3662 tmp = IWN_READ(sc, IWN_GPIO_CTL); 3663 IWN_WRITE(sc, IWN_GPIO_CTL, tmp | IWN_GPIO_INIT); 3664 3665 /* wait for clock stabilization */ 3666 for (ntries = 0; ntries < 1000; ntries++) { 3667 if (IWN_READ(sc, IWN_GPIO_CTL) & IWN_GPIO_CLOCK) 3668 break; 3669 DELAY(10); 3670 } 3671 if (ntries == 1000) { 3672 aprint_error_dev(sc->sc_dev, "timeout waiting for clock stabilization\n"); 3673 return ETIMEDOUT; 3674 } 3675 return 0; 3676 } 3677 3678 static void 3679 iwn_hw_config(struct iwn_softc *sc) 3680 { 3681 uint32_t tmp, hw; 3682 3683 /* enable interrupts mitigation */ 3684 IWN_WRITE(sc, IWN_INTR_MIT, 512 / 32); 3685 3686 /* voodoo from the reference driver */ 3687 tmp = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_CLASS_REG); 3688 tmp = PCI_REVISION(tmp); 3689 if ((tmp & 0x80) && (tmp & 0x7f) < 8) { 3690 /* enable "no snoop" field */ 3691 tmp = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0xe8); 3692 tmp &= ~IWN_DIS_NOSNOOP; 3693 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0xe8, tmp); 3694 } 3695 3696 /* disable L1 entry to work around a hardware bug */ 3697 tmp = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0xf0); 3698 tmp &= ~IWN_ENA_L1; 3699 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0xf0, tmp); 3700 3701 hw = IWN_READ(sc, IWN_HWCONFIG); 3702 IWN_WRITE(sc, IWN_HWCONFIG, hw | 0x310); 3703 3704 iwn_mem_lock(sc); 3705 tmp = iwn_mem_read(sc, IWN_MEM_POWER); 3706 iwn_mem_write(sc, IWN_MEM_POWER, tmp | IWN_POWER_RESET); 3707 DELAY(5); 3708 tmp = iwn_mem_read(sc, IWN_MEM_POWER); 3709 iwn_mem_write(sc, IWN_MEM_POWER, tmp & ~IWN_POWER_RESET); 3710 iwn_mem_unlock(sc); 3711 } 3712 3713 static int 3714 iwn_init(struct ifnet *ifp) 3715 { 3716 struct iwn_softc *sc = ifp->if_softc; 3717 struct ieee80211com *ic = &sc->sc_ic; 3718 uint32_t tmp; 3719 int error, qid; 3720 3721 iwn_stop(ifp, 1); 3722 if ((error = iwn_reset(sc)) != 0) { 3723 aprint_error_dev(sc->sc_dev, "could not reset adapter\n"); 3724 goto fail1; 3725 } 3726 3727 iwn_mem_lock(sc); 3728 iwn_mem_read(sc, IWN_CLOCK_CTL); 3729 iwn_mem_write(sc, IWN_CLOCK_CTL, 0xa00); 3730 iwn_mem_read(sc, IWN_CLOCK_CTL); 3731 iwn_mem_unlock(sc); 3732 3733 DELAY(20); 3734 3735 iwn_mem_lock(sc); 3736 tmp = iwn_mem_read(sc, IWN_MEM_PCIDEV); 3737 iwn_mem_write(sc, IWN_MEM_PCIDEV, tmp | 0x800); 3738 iwn_mem_unlock(sc); 3739 3740 iwn_mem_lock(sc); 3741 tmp = iwn_mem_read(sc, IWN_MEM_POWER); 3742 iwn_mem_write(sc, IWN_MEM_POWER, tmp & ~0x03000000); 3743 iwn_mem_unlock(sc); 3744 3745 iwn_hw_config(sc); 3746 3747 /* init Rx ring */ 3748 iwn_mem_lock(sc); 3749 IWN_WRITE(sc, IWN_RX_CONFIG, 0); 3750 IWN_WRITE(sc, IWN_RX_WIDX, 0); 3751 /* Rx ring is aligned on a 256-byte boundary */ 3752 IWN_WRITE(sc, IWN_RX_BASE, sc->rxq.desc_dma.paddr >> 8); 3753 /* shared area is aligned on a 16-byte boundary */ 3754 IWN_WRITE(sc, IWN_RW_WIDX_PTR, (sc->shared_dma.paddr + 3755 offsetof(struct iwn_shared, closed_count)) >> 4); 3756 IWN_WRITE(sc, IWN_RX_CONFIG, 0x80601000); 3757 iwn_mem_unlock(sc); 3758 3759 IWN_WRITE(sc, IWN_RX_WIDX, (IWN_RX_RING_COUNT - 1) & ~7); 3760 3761 iwn_mem_lock(sc); 3762 iwn_mem_write(sc, IWN_TX_ACTIVE, 0); 3763 3764 /* set physical address of "keep warm" page */ 3765 IWN_WRITE(sc, IWN_KW_BASE, sc->kw_dma.paddr >> 4); 3766 3767 /* init Tx rings */ 3768 for (qid = 0; qid < IWN_NTXQUEUES; qid++) { 3769 struct iwn_tx_ring *txq = &sc->txq[qid]; 3770 IWN_WRITE(sc, IWN_TX_BASE(qid), txq->desc_dma.paddr >> 8); 3771 IWN_WRITE(sc, IWN_TX_CONFIG(qid), 0x80000008); 3772 } 3773 iwn_mem_unlock(sc); 3774 3775 /* clear "radio off" and "disable command" bits (reversed logic) */ 3776 IWN_WRITE(sc, IWN_UCODE_CLR, IWN_RADIO_OFF); 3777 IWN_WRITE(sc, IWN_UCODE_CLR, IWN_DISABLE_CMD); 3778 3779 /* clear any pending interrupts */ 3780 IWN_WRITE(sc, IWN_INTR, 0xffffffff); 3781 /* enable interrupts */ 3782 IWN_WRITE(sc, IWN_MASK, IWN_INTR_MASK); 3783 3784 /* not sure why/if this is necessary... */ 3785 IWN_WRITE(sc, IWN_UCODE_CLR, IWN_RADIO_OFF); 3786 IWN_WRITE(sc, IWN_UCODE_CLR, IWN_RADIO_OFF); 3787 3788 /* check that the radio is not disabled by RF switch */ 3789 if (!(IWN_READ(sc, IWN_GPIO_CTL) & IWN_GPIO_RF_ENABLED)) { 3790 aprint_error_dev(sc->sc_dev, "radio is disabled by hardware switch\n"); 3791 error = EBUSY; /* XXX ;-) */ 3792 goto fail1; 3793 } 3794 3795 if ((error = iwn_load_firmware(sc)) != 0) { 3796 aprint_error_dev(sc->sc_dev, "could not load firmware\n"); 3797 goto fail1; 3798 } 3799 3800 /* firmware has notified us that it is alive.. */ 3801 iwn_post_alive(sc); /* ..do post alive initialization */ 3802 3803 sc->rawtemp = sc->ucode_info.temp[3].chan20MHz; 3804 sc->temp = iwn_get_temperature(sc); 3805 DPRINTF(("temperature=%d\n", sc->temp)); 3806 3807 if ((error = iwn_config(sc)) != 0) { 3808 aprint_error_dev(sc->sc_dev, "could not configure device\n"); 3809 goto fail1; 3810 } 3811 3812 DPRINTF(("iwn_config end\n")); 3813 3814 ifp->if_flags &= ~IFF_OACTIVE; 3815 ifp->if_flags |= IFF_RUNNING; 3816 3817 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 3818 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 3819 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3820 } 3821 else 3822 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3823 3824 DPRINTF(("iwn_init ok\n")); 3825 return 0; 3826 3827 fail1: 3828 DPRINTF(("iwn_init error\n")); 3829 iwn_stop(ifp, 1); 3830 return error; 3831 } 3832 3833 static void 3834 iwn_stop(struct ifnet *ifp, int disable) 3835 { 3836 struct iwn_softc *sc = ifp->if_softc; 3837 struct ieee80211com *ic = &sc->sc_ic; 3838 uint32_t tmp; 3839 int i; 3840 3841 ifp->if_timer = sc->sc_tx_timer = 0; 3842 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3843 3844 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3845 3846 IWN_WRITE(sc, IWN_RESET, IWN_NEVO_RESET); 3847 3848 /* disable interrupts */ 3849 IWN_WRITE(sc, IWN_MASK, 0); 3850 IWN_WRITE(sc, IWN_INTR, 0xffffffff); 3851 IWN_WRITE(sc, IWN_INTR_STATUS, 0xffffffff); 3852 3853 /* make sure we no longer hold the memory lock */ 3854 iwn_mem_unlock(sc); 3855 3856 /* reset all Tx rings */ 3857 for (i = 0; i < IWN_NTXQUEUES; i++) 3858 iwn_reset_tx_ring(sc, &sc->txq[i]); 3859 3860 /* reset Rx ring */ 3861 iwn_reset_rx_ring(sc, &sc->rxq); 3862 3863 iwn_mem_lock(sc); 3864 iwn_mem_write(sc, IWN_MEM_CLOCK2, 0x200); 3865 iwn_mem_unlock(sc); 3866 3867 DELAY(5); 3868 3869 iwn_stop_master(sc); 3870 tmp = IWN_READ(sc, IWN_RESET); 3871 IWN_WRITE(sc, IWN_RESET, tmp | IWN_SW_RESET); 3872 } 3873 3874 static bool 3875 iwn_resume(device_t dv PMF_FN_ARGS) 3876 { 3877 struct iwn_softc *sc = device_private(dv); 3878 3879 (void)iwn_reset(sc); 3880 3881 return true; 3882 } 3883