1 /* $NetBSD: if_iwn.c,v 1.84 2017/02/02 10:05:35 nonaka Exp $ */ 2 /* $OpenBSD: if_iwn.c,v 1.135 2014/09/10 07:22:09 dcoppa Exp $ */ 3 4 /*- 5 * Copyright (c) 2007-2010 Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /* 21 * Driver for Intel WiFi Link 4965 and 1000/5000/6000 Series 802.11 network 22 * adapters. 23 */ 24 #include <sys/cdefs.h> 25 __KERNEL_RCSID(0, "$NetBSD: if_iwn.c,v 1.84 2017/02/02 10:05:35 nonaka Exp $"); 26 27 #define IWN_USE_RBUF /* Use local storage for RX */ 28 #undef IWN_HWCRYPTO /* XXX does not even compile yet */ 29 30 #include <sys/param.h> 31 #include <sys/sockio.h> 32 #include <sys/proc.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/malloc.h> 38 #ifdef notyetMODULE 39 #include <sys/module.h> 40 #endif 41 #include <sys/mutex.h> 42 #include <sys/conf.h> 43 #include <sys/kauth.h> 44 #include <sys/callout.h> 45 46 #include <dev/sysmon/sysmonvar.h> 47 48 #include <sys/bus.h> 49 #include <machine/endian.h> 50 #include <sys/intr.h> 51 52 #include <dev/pci/pcireg.h> 53 #include <dev/pci/pcivar.h> 54 #include <dev/pci/pcidevs.h> 55 56 #include <net/bpf.h> 57 #include <net/if.h> 58 #include <net/if_arp.h> 59 #include <net/if_dl.h> 60 #include <net/if_media.h> 61 #include <net/if_types.h> 62 63 #include <netinet/in.h> 64 #include <netinet/in_systm.h> 65 #include <netinet/in_var.h> 66 #include <net/if_ether.h> 67 #include <netinet/ip.h> 68 69 #include <net80211/ieee80211_var.h> 70 #include <net80211/ieee80211_amrr.h> 71 #include <net80211/ieee80211_radiotap.h> 72 73 #include <dev/firmload.h> 74 75 #include <dev/pci/if_iwnreg.h> 76 #include <dev/pci/if_iwnvar.h> 77 78 static const pci_product_id_t iwn_devices[] = { 79 PCI_PRODUCT_INTEL_WIFI_LINK_1030_1, 80 PCI_PRODUCT_INTEL_WIFI_LINK_1030_2, 81 PCI_PRODUCT_INTEL_WIFI_LINK_4965_1, 82 PCI_PRODUCT_INTEL_WIFI_LINK_4965_2, 83 PCI_PRODUCT_INTEL_WIFI_LINK_4965_3, 84 PCI_PRODUCT_INTEL_WIFI_LINK_4965_4, 85 PCI_PRODUCT_INTEL_WIFI_LINK_5100_1, 86 PCI_PRODUCT_INTEL_WIFI_LINK_5100_2, 87 PCI_PRODUCT_INTEL_WIFI_LINK_5150_1, 88 PCI_PRODUCT_INTEL_WIFI_LINK_5150_2, 89 PCI_PRODUCT_INTEL_WIFI_LINK_5300_1, 90 PCI_PRODUCT_INTEL_WIFI_LINK_5300_2, 91 PCI_PRODUCT_INTEL_WIFI_LINK_5350_1, 92 PCI_PRODUCT_INTEL_WIFI_LINK_5350_2, 93 PCI_PRODUCT_INTEL_WIFI_LINK_1000_1, 94 PCI_PRODUCT_INTEL_WIFI_LINK_1000_2, 95 PCI_PRODUCT_INTEL_WIFI_LINK_6000_3X3_1, 96 PCI_PRODUCT_INTEL_WIFI_LINK_6000_3X3_2, 97 PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_1, 98 PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_2, 99 PCI_PRODUCT_INTEL_WIFI_LINK_6050_2X2_1, 100 PCI_PRODUCT_INTEL_WIFI_LINK_6050_2X2_2, 101 PCI_PRODUCT_INTEL_WIFI_LINK_6005_2X2_1, 102 PCI_PRODUCT_INTEL_WIFI_LINK_6005_2X2_2, 103 PCI_PRODUCT_INTEL_WIFI_LINK_6230_1, 104 PCI_PRODUCT_INTEL_WIFI_LINK_6230_2, 105 PCI_PRODUCT_INTEL_WIFI_LINK_6235, 106 PCI_PRODUCT_INTEL_WIFI_LINK_6235_2, 107 PCI_PRODUCT_INTEL_WIFI_LINK_100_1, 108 PCI_PRODUCT_INTEL_WIFI_LINK_100_2, 109 PCI_PRODUCT_INTEL_WIFI_LINK_130_1, 110 PCI_PRODUCT_INTEL_WIFI_LINK_130_2, 111 PCI_PRODUCT_INTEL_WIFI_LINK_2230_1, 112 PCI_PRODUCT_INTEL_WIFI_LINK_2230_2, 113 PCI_PRODUCT_INTEL_WIFI_LINK_2200_1, 114 PCI_PRODUCT_INTEL_WIFI_LINK_2200_2, 115 PCI_PRODUCT_INTEL_WIFI_LINK_135_1, 116 PCI_PRODUCT_INTEL_WIFI_LINK_135_2, 117 PCI_PRODUCT_INTEL_WIFI_LINK_105_1, 118 PCI_PRODUCT_INTEL_WIFI_LINK_105_2, 119 }; 120 121 /* 122 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 123 */ 124 static const struct ieee80211_rateset iwn_rateset_11a = 125 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 126 127 static const struct ieee80211_rateset iwn_rateset_11b = 128 { 4, { 2, 4, 11, 22 } }; 129 130 static const struct ieee80211_rateset iwn_rateset_11g = 131 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 132 133 static int iwn_match(device_t , struct cfdata *, void *); 134 static void iwn_attach(device_t , device_t , void *); 135 static int iwn4965_attach(struct iwn_softc *, pci_product_id_t); 136 static int iwn5000_attach(struct iwn_softc *, pci_product_id_t); 137 static void iwn_radiotap_attach(struct iwn_softc *); 138 static int iwn_detach(device_t , int); 139 #if 0 140 static void iwn_power(int, void *); 141 #endif 142 static bool iwn_resume(device_t, const pmf_qual_t *); 143 static int iwn_nic_lock(struct iwn_softc *); 144 static int iwn_eeprom_lock(struct iwn_softc *); 145 static int iwn_init_otprom(struct iwn_softc *); 146 static int iwn_read_prom_data(struct iwn_softc *, uint32_t, void *, int); 147 static int iwn_dma_contig_alloc(bus_dma_tag_t, struct iwn_dma_info *, 148 void **, bus_size_t, bus_size_t); 149 static void iwn_dma_contig_free(struct iwn_dma_info *); 150 static int iwn_alloc_sched(struct iwn_softc *); 151 static void iwn_free_sched(struct iwn_softc *); 152 static int iwn_alloc_kw(struct iwn_softc *); 153 static void iwn_free_kw(struct iwn_softc *); 154 static int iwn_alloc_ict(struct iwn_softc *); 155 static void iwn_free_ict(struct iwn_softc *); 156 static int iwn_alloc_fwmem(struct iwn_softc *); 157 static void iwn_free_fwmem(struct iwn_softc *); 158 static int iwn_alloc_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 159 static void iwn_reset_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 160 static void iwn_free_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 161 static int iwn_alloc_tx_ring(struct iwn_softc *, struct iwn_tx_ring *, 162 int); 163 static void iwn_reset_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 164 static void iwn_free_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 165 static void iwn5000_ict_reset(struct iwn_softc *); 166 static int iwn_read_eeprom(struct iwn_softc *); 167 static void iwn4965_read_eeprom(struct iwn_softc *); 168 169 #ifdef IWN_DEBUG 170 static void iwn4965_print_power_group(struct iwn_softc *, int); 171 #endif 172 static void iwn5000_read_eeprom(struct iwn_softc *); 173 static void iwn_read_eeprom_channels(struct iwn_softc *, int, uint32_t); 174 static void iwn_read_eeprom_enhinfo(struct iwn_softc *); 175 static struct ieee80211_node *iwn_node_alloc(struct ieee80211_node_table *); 176 static void iwn_newassoc(struct ieee80211_node *, int); 177 static int iwn_media_change(struct ifnet *); 178 static int iwn_newstate(struct ieee80211com *, enum ieee80211_state, int); 179 static void iwn_iter_func(void *, struct ieee80211_node *); 180 static void iwn_calib_timeout(void *); 181 static void iwn_rx_phy(struct iwn_softc *, struct iwn_rx_desc *, 182 struct iwn_rx_data *); 183 static void iwn_rx_done(struct iwn_softc *, struct iwn_rx_desc *, 184 struct iwn_rx_data *); 185 #ifndef IEEE80211_NO_HT 186 static void iwn_rx_compressed_ba(struct iwn_softc *, struct iwn_rx_desc *, 187 struct iwn_rx_data *); 188 #endif 189 static void iwn5000_rx_calib_results(struct iwn_softc *, 190 struct iwn_rx_desc *, struct iwn_rx_data *); 191 static void iwn_rx_statistics(struct iwn_softc *, struct iwn_rx_desc *, 192 struct iwn_rx_data *); 193 static void iwn4965_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 194 struct iwn_rx_data *); 195 static void iwn5000_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 196 struct iwn_rx_data *); 197 static void iwn_tx_done(struct iwn_softc *, struct iwn_rx_desc *, int, 198 uint8_t); 199 static void iwn_cmd_done(struct iwn_softc *, struct iwn_rx_desc *); 200 static void iwn_notif_intr(struct iwn_softc *); 201 static void iwn_wakeup_intr(struct iwn_softc *); 202 static void iwn_fatal_intr(struct iwn_softc *); 203 static int iwn_intr(void *); 204 static void iwn_softintr(void *); 205 static void iwn4965_update_sched(struct iwn_softc *, int, int, uint8_t, 206 uint16_t); 207 static void iwn5000_update_sched(struct iwn_softc *, int, int, uint8_t, 208 uint16_t); 209 #ifdef notyet 210 static void iwn5000_reset_sched(struct iwn_softc *, int, int); 211 #endif 212 static int iwn_tx(struct iwn_softc *, struct mbuf *, 213 struct ieee80211_node *, int); 214 static void iwn_start(struct ifnet *); 215 static void iwn_watchdog(struct ifnet *); 216 static int iwn_ioctl(struct ifnet *, u_long, void *); 217 static int iwn_cmd(struct iwn_softc *, int, const void *, int, int); 218 static int iwn4965_add_node(struct iwn_softc *, struct iwn_node_info *, 219 int); 220 static int iwn5000_add_node(struct iwn_softc *, struct iwn_node_info *, 221 int); 222 static int iwn_set_link_quality(struct iwn_softc *, 223 struct ieee80211_node *); 224 static int iwn_add_broadcast_node(struct iwn_softc *, int); 225 static void iwn_set_led(struct iwn_softc *, uint8_t, uint8_t, uint8_t); 226 static int iwn_set_critical_temp(struct iwn_softc *); 227 static int iwn_set_timing(struct iwn_softc *, struct ieee80211_node *); 228 static void iwn4965_power_calibration(struct iwn_softc *, int); 229 static int iwn4965_set_txpower(struct iwn_softc *, int); 230 static int iwn5000_set_txpower(struct iwn_softc *, int); 231 static int iwn4965_get_rssi(const struct iwn_rx_stat *); 232 static int iwn5000_get_rssi(const struct iwn_rx_stat *); 233 static int iwn_get_noise(const struct iwn_rx_general_stats *); 234 static int iwn4965_get_temperature(struct iwn_softc *); 235 static int iwn5000_get_temperature(struct iwn_softc *); 236 static int iwn_init_sensitivity(struct iwn_softc *); 237 static void iwn_collect_noise(struct iwn_softc *, 238 const struct iwn_rx_general_stats *); 239 static int iwn4965_init_gains(struct iwn_softc *); 240 static int iwn5000_init_gains(struct iwn_softc *); 241 static int iwn4965_set_gains(struct iwn_softc *); 242 static int iwn5000_set_gains(struct iwn_softc *); 243 static void iwn_tune_sensitivity(struct iwn_softc *, 244 const struct iwn_rx_stats *); 245 static int iwn_send_sensitivity(struct iwn_softc *); 246 static int iwn_set_pslevel(struct iwn_softc *, int, int, int); 247 static int iwn5000_runtime_calib(struct iwn_softc *); 248 249 static int iwn_config_bt_coex_bluetooth(struct iwn_softc *); 250 static int iwn_config_bt_coex_prio_table(struct iwn_softc *); 251 static int iwn_config_bt_coex_adv1(struct iwn_softc *); 252 static int iwn_config_bt_coex_adv2(struct iwn_softc *); 253 254 static int iwn_config(struct iwn_softc *); 255 static uint16_t iwn_get_active_dwell_time(struct iwn_softc *, uint16_t, 256 uint8_t); 257 static uint16_t iwn_limit_dwell(struct iwn_softc *, uint16_t); 258 static uint16_t iwn_get_passive_dwell_time(struct iwn_softc *, uint16_t); 259 static int iwn_scan(struct iwn_softc *, uint16_t); 260 static int iwn_auth(struct iwn_softc *); 261 static int iwn_run(struct iwn_softc *); 262 #ifdef IWN_HWCRYPTO 263 static int iwn_set_key(struct ieee80211com *, struct ieee80211_node *, 264 struct ieee80211_key *); 265 static void iwn_delete_key(struct ieee80211com *, struct ieee80211_node *, 266 struct ieee80211_key *); 267 #endif 268 static int iwn_wme_update(struct ieee80211com *); 269 #ifndef IEEE80211_NO_HT 270 static int iwn_ampdu_rx_start(struct ieee80211com *, 271 struct ieee80211_node *, uint8_t); 272 static void iwn_ampdu_rx_stop(struct ieee80211com *, 273 struct ieee80211_node *, uint8_t); 274 static int iwn_ampdu_tx_start(struct ieee80211com *, 275 struct ieee80211_node *, uint8_t); 276 static void iwn_ampdu_tx_stop(struct ieee80211com *, 277 struct ieee80211_node *, uint8_t); 278 static void iwn4965_ampdu_tx_start(struct iwn_softc *, 279 struct ieee80211_node *, uint8_t, uint16_t); 280 static void iwn4965_ampdu_tx_stop(struct iwn_softc *, 281 uint8_t, uint16_t); 282 static void iwn5000_ampdu_tx_start(struct iwn_softc *, 283 struct ieee80211_node *, uint8_t, uint16_t); 284 static void iwn5000_ampdu_tx_stop(struct iwn_softc *, 285 uint8_t, uint16_t); 286 #endif 287 static int iwn5000_query_calibration(struct iwn_softc *); 288 static int iwn5000_send_calibration(struct iwn_softc *); 289 static int iwn5000_send_wimax_coex(struct iwn_softc *); 290 static int iwn6000_temp_offset_calib(struct iwn_softc *); 291 static int iwn2000_temp_offset_calib(struct iwn_softc *); 292 static int iwn4965_post_alive(struct iwn_softc *); 293 static int iwn5000_post_alive(struct iwn_softc *); 294 static int iwn4965_load_bootcode(struct iwn_softc *, const uint8_t *, 295 int); 296 static int iwn4965_load_firmware(struct iwn_softc *); 297 static int iwn5000_load_firmware_section(struct iwn_softc *, uint32_t, 298 const uint8_t *, int); 299 static int iwn5000_load_firmware(struct iwn_softc *); 300 static int iwn_read_firmware_leg(struct iwn_softc *, 301 struct iwn_fw_info *); 302 static int iwn_read_firmware_tlv(struct iwn_softc *, 303 struct iwn_fw_info *, uint16_t); 304 static int iwn_read_firmware(struct iwn_softc *); 305 static int iwn_clock_wait(struct iwn_softc *); 306 static int iwn_apm_init(struct iwn_softc *); 307 static void iwn_apm_stop_master(struct iwn_softc *); 308 static void iwn_apm_stop(struct iwn_softc *); 309 static int iwn4965_nic_config(struct iwn_softc *); 310 static int iwn5000_nic_config(struct iwn_softc *); 311 static int iwn_hw_prepare(struct iwn_softc *); 312 static int iwn_hw_init(struct iwn_softc *); 313 static void iwn_hw_stop(struct iwn_softc *); 314 static int iwn_init(struct ifnet *); 315 static void iwn_stop(struct ifnet *, int); 316 317 /* XXX MCLGETI alternative */ 318 static struct mbuf *MCLGETIalt(struct iwn_softc *, int, 319 struct ifnet *, u_int); 320 #ifdef IWN_USE_RBUF 321 static struct iwn_rbuf *iwn_alloc_rbuf(struct iwn_softc *); 322 static void iwn_free_rbuf(struct mbuf *, void *, size_t, void *); 323 static int iwn_alloc_rpool(struct iwn_softc *); 324 static void iwn_free_rpool(struct iwn_softc *); 325 #endif 326 327 static void iwn_fix_channel(struct ieee80211com *, struct mbuf *, 328 struct iwn_rx_stat *); 329 330 #ifdef IWN_DEBUG 331 #define DPRINTF(x) do { if (iwn_debug > 0) printf x; } while (0) 332 #define DPRINTFN(n, x) do { if (iwn_debug >= (n)) printf x; } while (0) 333 int iwn_debug = 0; 334 #else 335 #define DPRINTF(x) 336 #define DPRINTFN(n, x) 337 #endif 338 339 CFATTACH_DECL_NEW(iwn, sizeof(struct iwn_softc), iwn_match, iwn_attach, 340 iwn_detach, NULL); 341 342 static int 343 iwn_match(device_t parent, cfdata_t match __unused, void *aux) 344 { 345 struct pci_attach_args *pa = aux; 346 size_t i; 347 348 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 349 return 0; 350 351 for (i = 0; i < __arraycount(iwn_devices); i++) 352 if (PCI_PRODUCT(pa->pa_id) == iwn_devices[i]) 353 return 1; 354 355 return 0; 356 } 357 358 static void 359 iwn_attach(device_t parent __unused, device_t self, void *aux) 360 { 361 struct iwn_softc *sc = device_private(self); 362 struct ieee80211com *ic = &sc->sc_ic; 363 struct ifnet *ifp = &sc->sc_ec.ec_if; 364 struct pci_attach_args *pa = aux; 365 const char *intrstr; 366 pcireg_t memtype, reg; 367 int i, error; 368 char intrbuf[PCI_INTRSTR_LEN]; 369 370 sc->sc_dev = self; 371 sc->sc_pct = pa->pa_pc; 372 sc->sc_pcitag = pa->pa_tag; 373 sc->sc_dmat = pa->pa_dmat; 374 mutex_init(&sc->sc_mtx, MUTEX_DEFAULT, IPL_NONE); 375 376 callout_init(&sc->calib_to, 0); 377 callout_setfunc(&sc->calib_to, iwn_calib_timeout, sc); 378 379 pci_aprint_devinfo(pa, NULL); 380 381 /* 382 * Get the offset of the PCI Express Capability Structure in PCI 383 * Configuration Space. 384 */ 385 error = pci_get_capability(sc->sc_pct, sc->sc_pcitag, 386 PCI_CAP_PCIEXPRESS, &sc->sc_cap_off, NULL); 387 if (error == 0) { 388 aprint_error_dev(self, 389 "PCIe capability structure not found!\n"); 390 return; 391 } 392 393 /* Clear device-specific "PCI retry timeout" register (41h). */ 394 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 395 if (reg & 0xff00) 396 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, reg & ~0xff00); 397 398 /* Enable bus-mastering. */ 399 /* XXX verify the bus-mastering is really needed (not in OpenBSD) */ 400 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 401 reg |= PCI_COMMAND_MASTER_ENABLE; 402 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, reg); 403 404 memtype = pci_mapreg_type(pa->pa_pc, pa->pa_tag, IWN_PCI_BAR0); 405 error = pci_mapreg_map(pa, IWN_PCI_BAR0, memtype, 0, &sc->sc_st, 406 &sc->sc_sh, NULL, &sc->sc_sz); 407 if (error != 0) { 408 aprint_error_dev(self, "can't map mem space\n"); 409 return; 410 } 411 412 sc->sc_soft_ih = softint_establish(SOFTINT_NET, iwn_softintr, sc); 413 if (sc->sc_soft_ih == NULL) { 414 aprint_error_dev(self, "can't establish soft interrupt\n"); 415 goto unmap; 416 } 417 418 /* Install interrupt handler. */ 419 error = pci_intr_alloc(pa, &sc->sc_pihp, NULL, 0); 420 if (error) { 421 aprint_error_dev(self, "can't allocate interrupt\n"); 422 goto failsi; 423 } 424 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 425 if (pci_intr_type(sc->sc_pct, sc->sc_pihp[0]) == PCI_INTR_TYPE_INTX) 426 CLR(reg, PCI_COMMAND_INTERRUPT_DISABLE); 427 else 428 SET(reg, PCI_COMMAND_INTERRUPT_DISABLE); 429 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, reg); 430 intrstr = pci_intr_string(sc->sc_pct, sc->sc_pihp[0], intrbuf, 431 sizeof(intrbuf)); 432 sc->sc_ih = pci_intr_establish_xname(sc->sc_pct, sc->sc_pihp[0], 433 IPL_NET, iwn_intr, sc, device_xname(self)); 434 if (sc->sc_ih == NULL) { 435 aprint_error_dev(self, "can't establish interrupt"); 436 if (intrstr != NULL) 437 aprint_error(" at %s", intrstr); 438 aprint_error("\n"); 439 goto failia; 440 } 441 aprint_normal_dev(self, "interrupting at %s\n", intrstr); 442 443 /* Read hardware revision and attach. */ 444 sc->hw_type = 445 (IWN_READ(sc, IWN_HW_REV) & IWN_HW_REV_TYPE_MASK) 446 >> IWN_HW_REV_TYPE_SHIFT; 447 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 448 error = iwn4965_attach(sc, PCI_PRODUCT(pa->pa_id)); 449 else 450 error = iwn5000_attach(sc, PCI_PRODUCT(pa->pa_id)); 451 if (error != 0) { 452 aprint_error_dev(self, "could not attach device\n"); 453 goto failih; 454 } 455 456 if ((error = iwn_hw_prepare(sc)) != 0) { 457 aprint_error_dev(self, "hardware not ready\n"); 458 goto failih; 459 } 460 461 /* Read MAC address, channels, etc from EEPROM. */ 462 if ((error = iwn_read_eeprom(sc)) != 0) { 463 aprint_error_dev(self, "could not read EEPROM\n"); 464 goto failih; 465 } 466 467 /* Allocate DMA memory for firmware transfers. */ 468 if ((error = iwn_alloc_fwmem(sc)) != 0) { 469 aprint_error_dev(self, 470 "could not allocate memory for firmware\n"); 471 goto failih; 472 } 473 474 /* Allocate "Keep Warm" page. */ 475 if ((error = iwn_alloc_kw(sc)) != 0) { 476 aprint_error_dev(self, "could not allocate keep warm page\n"); 477 goto fail1; 478 } 479 480 /* Allocate ICT table for 5000 Series. */ 481 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 482 (error = iwn_alloc_ict(sc)) != 0) { 483 aprint_error_dev(self, "could not allocate ICT table\n"); 484 goto fail2; 485 } 486 487 /* Allocate TX scheduler "rings". */ 488 if ((error = iwn_alloc_sched(sc)) != 0) { 489 aprint_error_dev(self, 490 "could not allocate TX scheduler rings\n"); 491 goto fail3; 492 } 493 494 #ifdef IWN_USE_RBUF 495 /* Allocate RX buffers. */ 496 if ((error = iwn_alloc_rpool(sc)) != 0) { 497 aprint_error_dev(self, "could not allocate RX buffers\n"); 498 goto fail3; 499 } 500 #endif 501 502 /* Allocate TX rings (16 on 4965AGN, 20 on >=5000). */ 503 for (i = 0; i < sc->ntxqs; i++) { 504 if ((error = iwn_alloc_tx_ring(sc, &sc->txq[i], i)) != 0) { 505 aprint_error_dev(self, 506 "could not allocate TX ring %d\n", i); 507 goto fail4; 508 } 509 } 510 511 /* Allocate RX ring. */ 512 if ((error = iwn_alloc_rx_ring(sc, &sc->rxq)) != 0) { 513 aprint_error_dev(self, "could not allocate RX ring\n"); 514 goto fail4; 515 } 516 517 /* Clear pending interrupts. */ 518 IWN_WRITE(sc, IWN_INT, 0xffffffff); 519 520 /* Count the number of available chains. */ 521 sc->ntxchains = 522 ((sc->txchainmask >> 2) & 1) + 523 ((sc->txchainmask >> 1) & 1) + 524 ((sc->txchainmask >> 0) & 1); 525 sc->nrxchains = 526 ((sc->rxchainmask >> 2) & 1) + 527 ((sc->rxchainmask >> 1) & 1) + 528 ((sc->rxchainmask >> 0) & 1); 529 aprint_normal_dev(self, "MIMO %dT%dR, %.4s, address %s\n", 530 sc->ntxchains, sc->nrxchains, sc->eeprom_domain, 531 ether_sprintf(ic->ic_myaddr)); 532 533 ic->ic_ifp = ifp; 534 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 535 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 536 ic->ic_state = IEEE80211_S_INIT; 537 538 /* Set device capabilities. */ 539 /* XXX OpenBSD has IEEE80211_C_WEP, IEEE80211_C_RSN, 540 * and IEEE80211_C_PMGT too. */ 541 ic->ic_caps = 542 IEEE80211_C_IBSS | /* IBSS mode support */ 543 IEEE80211_C_WPA | /* 802.11i */ 544 IEEE80211_C_MONITOR | /* monitor mode supported */ 545 IEEE80211_C_TXPMGT | /* tx power management */ 546 IEEE80211_C_SHSLOT | /* short slot time supported */ 547 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 548 IEEE80211_C_WME; /* 802.11e */ 549 550 #ifndef IEEE80211_NO_HT 551 if (sc->sc_flags & IWN_FLAG_HAS_11N) { 552 /* Set HT capabilities. */ 553 ic->ic_htcaps = 554 #if IWN_RBUF_SIZE == 8192 555 IEEE80211_HTCAP_AMSDU7935 | 556 #endif 557 IEEE80211_HTCAP_CBW20_40 | 558 IEEE80211_HTCAP_SGI20 | 559 IEEE80211_HTCAP_SGI40; 560 if (sc->hw_type != IWN_HW_REV_TYPE_4965) 561 ic->ic_htcaps |= IEEE80211_HTCAP_GF; 562 if (sc->hw_type == IWN_HW_REV_TYPE_6050) 563 ic->ic_htcaps |= IEEE80211_HTCAP_SMPS_DYN; 564 else 565 ic->ic_htcaps |= IEEE80211_HTCAP_SMPS_DIS; 566 } 567 #endif /* !IEEE80211_NO_HT */ 568 569 /* Set supported legacy rates. */ 570 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwn_rateset_11b; 571 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwn_rateset_11g; 572 if (sc->sc_flags & IWN_FLAG_HAS_5GHZ) { 573 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwn_rateset_11a; 574 } 575 #ifndef IEEE80211_NO_HT 576 if (sc->sc_flags & IWN_FLAG_HAS_11N) { 577 /* Set supported HT rates. */ 578 ic->ic_sup_mcs[0] = 0xff; /* MCS 0-7 */ 579 if (sc->nrxchains > 1) 580 ic->ic_sup_mcs[1] = 0xff; /* MCS 7-15 */ 581 if (sc->nrxchains > 2) 582 ic->ic_sup_mcs[2] = 0xff; /* MCS 16-23 */ 583 } 584 #endif 585 586 /* IBSS channel undefined for now. */ 587 ic->ic_ibss_chan = &ic->ic_channels[0]; 588 589 ifp->if_softc = sc; 590 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 591 ifp->if_init = iwn_init; 592 ifp->if_ioctl = iwn_ioctl; 593 ifp->if_start = iwn_start; 594 ifp->if_stop = iwn_stop; 595 ifp->if_watchdog = iwn_watchdog; 596 IFQ_SET_READY(&ifp->if_snd); 597 memcpy(ifp->if_xname, device_xname(self), IFNAMSIZ); 598 599 if_initialize(ifp); 600 ieee80211_ifattach(ic); 601 /* Use common softint-based if_input */ 602 ifp->if_percpuq = if_percpuq_create(ifp); 603 if_register(ifp); 604 605 ic->ic_node_alloc = iwn_node_alloc; 606 ic->ic_newassoc = iwn_newassoc; 607 #ifdef IWN_HWCRYPTO 608 ic->ic_crypto.cs_key_set = iwn_set_key; 609 ic->ic_crypto.cs_key_delete = iwn_delete_key; 610 #endif 611 ic->ic_wme.wme_update = iwn_wme_update; 612 #ifndef IEEE80211_NO_HT 613 ic->ic_ampdu_rx_start = iwn_ampdu_rx_start; 614 ic->ic_ampdu_rx_stop = iwn_ampdu_rx_stop; 615 ic->ic_ampdu_tx_start = iwn_ampdu_tx_start; 616 ic->ic_ampdu_tx_stop = iwn_ampdu_tx_stop; 617 #endif 618 619 /* Override 802.11 state transition machine. */ 620 sc->sc_newstate = ic->ic_newstate; 621 ic->ic_newstate = iwn_newstate; 622 ieee80211_media_init(ic, iwn_media_change, ieee80211_media_status); 623 624 sc->amrr.amrr_min_success_threshold = 1; 625 sc->amrr.amrr_max_success_threshold = 15; 626 627 iwn_radiotap_attach(sc); 628 629 /* 630 * XXX for NetBSD, OpenBSD timeout_set replaced by 631 * callout_init and callout_setfunc, above. 632 */ 633 634 if (pmf_device_register(self, NULL, iwn_resume)) 635 pmf_class_network_register(self, ifp); 636 else 637 aprint_error_dev(self, "couldn't establish power handler\n"); 638 639 /* XXX NetBSD add call to ieee80211_announce for dmesg. */ 640 ieee80211_announce(ic); 641 642 sc->sc_flags |= IWN_FLAG_ATTACHED; 643 return; 644 645 /* Free allocated memory if something failed during attachment. */ 646 fail4: while (--i >= 0) 647 iwn_free_tx_ring(sc, &sc->txq[i]); 648 #ifdef IWN_USE_RBUF 649 iwn_free_rpool(sc); 650 #endif 651 iwn_free_sched(sc); 652 fail3: if (sc->ict != NULL) 653 iwn_free_ict(sc); 654 fail2: iwn_free_kw(sc); 655 fail1: iwn_free_fwmem(sc); 656 failih: pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 657 sc->sc_ih = NULL; 658 failia: pci_intr_release(sc->sc_pct, sc->sc_pihp, 1); 659 sc->sc_pihp = NULL; 660 failsi: softint_disestablish(sc->sc_soft_ih); 661 sc->sc_soft_ih = NULL; 662 unmap: bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 663 } 664 665 int 666 iwn4965_attach(struct iwn_softc *sc, pci_product_id_t pid) 667 { 668 struct iwn_ops *ops = &sc->ops; 669 670 ops->load_firmware = iwn4965_load_firmware; 671 ops->read_eeprom = iwn4965_read_eeprom; 672 ops->post_alive = iwn4965_post_alive; 673 ops->nic_config = iwn4965_nic_config; 674 ops->config_bt_coex = iwn_config_bt_coex_bluetooth; 675 ops->update_sched = iwn4965_update_sched; 676 ops->get_temperature = iwn4965_get_temperature; 677 ops->get_rssi = iwn4965_get_rssi; 678 ops->set_txpower = iwn4965_set_txpower; 679 ops->init_gains = iwn4965_init_gains; 680 ops->set_gains = iwn4965_set_gains; 681 ops->add_node = iwn4965_add_node; 682 ops->tx_done = iwn4965_tx_done; 683 #ifndef IEEE80211_NO_HT 684 ops->ampdu_tx_start = iwn4965_ampdu_tx_start; 685 ops->ampdu_tx_stop = iwn4965_ampdu_tx_stop; 686 #endif 687 sc->ntxqs = IWN4965_NTXQUEUES; 688 sc->ndmachnls = IWN4965_NDMACHNLS; 689 sc->broadcast_id = IWN4965_ID_BROADCAST; 690 sc->rxonsz = IWN4965_RXONSZ; 691 sc->schedsz = IWN4965_SCHEDSZ; 692 sc->fw_text_maxsz = IWN4965_FW_TEXT_MAXSZ; 693 sc->fw_data_maxsz = IWN4965_FW_DATA_MAXSZ; 694 sc->fwsz = IWN4965_FWSZ; 695 sc->sched_txfact_addr = IWN4965_SCHED_TXFACT; 696 sc->limits = &iwn4965_sensitivity_limits; 697 sc->fwname = "iwlwifi-4965-2.ucode"; 698 /* Override chains masks, ROM is known to be broken. */ 699 sc->txchainmask = IWN_ANT_AB; 700 sc->rxchainmask = IWN_ANT_ABC; 701 702 return 0; 703 } 704 705 int 706 iwn5000_attach(struct iwn_softc *sc, pci_product_id_t pid) 707 { 708 struct iwn_ops *ops = &sc->ops; 709 710 ops->load_firmware = iwn5000_load_firmware; 711 ops->read_eeprom = iwn5000_read_eeprom; 712 ops->post_alive = iwn5000_post_alive; 713 ops->nic_config = iwn5000_nic_config; 714 ops->config_bt_coex = iwn_config_bt_coex_bluetooth; 715 ops->update_sched = iwn5000_update_sched; 716 ops->get_temperature = iwn5000_get_temperature; 717 ops->get_rssi = iwn5000_get_rssi; 718 ops->set_txpower = iwn5000_set_txpower; 719 ops->init_gains = iwn5000_init_gains; 720 ops->set_gains = iwn5000_set_gains; 721 ops->add_node = iwn5000_add_node; 722 ops->tx_done = iwn5000_tx_done; 723 #ifndef IEEE80211_NO_HT 724 ops->ampdu_tx_start = iwn5000_ampdu_tx_start; 725 ops->ampdu_tx_stop = iwn5000_ampdu_tx_stop; 726 #endif 727 sc->ntxqs = IWN5000_NTXQUEUES; 728 sc->ndmachnls = IWN5000_NDMACHNLS; 729 sc->broadcast_id = IWN5000_ID_BROADCAST; 730 sc->rxonsz = IWN5000_RXONSZ; 731 sc->schedsz = IWN5000_SCHEDSZ; 732 sc->fw_text_maxsz = IWN5000_FW_TEXT_MAXSZ; 733 sc->fw_data_maxsz = IWN5000_FW_DATA_MAXSZ; 734 sc->fwsz = IWN5000_FWSZ; 735 sc->sched_txfact_addr = IWN5000_SCHED_TXFACT; 736 737 switch (sc->hw_type) { 738 case IWN_HW_REV_TYPE_5100: 739 sc->limits = &iwn5000_sensitivity_limits; 740 sc->fwname = "iwlwifi-5000-2.ucode"; 741 /* Override chains masks, ROM is known to be broken. */ 742 sc->txchainmask = IWN_ANT_B; 743 sc->rxchainmask = IWN_ANT_AB; 744 break; 745 case IWN_HW_REV_TYPE_5150: 746 sc->limits = &iwn5150_sensitivity_limits; 747 sc->fwname = "iwlwifi-5150-2.ucode"; 748 break; 749 case IWN_HW_REV_TYPE_5300: 750 case IWN_HW_REV_TYPE_5350: 751 sc->limits = &iwn5000_sensitivity_limits; 752 sc->fwname = "iwlwifi-5000-2.ucode"; 753 break; 754 case IWN_HW_REV_TYPE_1000: 755 sc->limits = &iwn1000_sensitivity_limits; 756 if (pid == PCI_PRODUCT_INTEL_WIFI_LINK_100_1 || 757 pid == PCI_PRODUCT_INTEL_WIFI_LINK_100_2) 758 sc->fwname = "iwlwifi-100-5.ucode"; 759 else 760 sc->fwname = "iwlwifi-1000-3.ucode"; 761 break; 762 case IWN_HW_REV_TYPE_6000: 763 sc->limits = &iwn6000_sensitivity_limits; 764 sc->fwname = "iwlwifi-6000-4.ucode"; 765 if (pid == PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_1 || 766 pid == PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_2) { 767 sc->sc_flags |= IWN_FLAG_INTERNAL_PA; 768 /* Override chains masks, ROM is known to be broken. */ 769 sc->txchainmask = IWN_ANT_BC; 770 sc->rxchainmask = IWN_ANT_BC; 771 } 772 break; 773 case IWN_HW_REV_TYPE_6050: 774 sc->limits = &iwn6000_sensitivity_limits; 775 sc->fwname = "iwlwifi-6050-5.ucode"; 776 break; 777 case IWN_HW_REV_TYPE_6005: 778 sc->limits = &iwn6000_sensitivity_limits; 779 /* Type 6030 cards return IWN_HW_REV_TYPE_6005 */ 780 if (pid == PCI_PRODUCT_INTEL_WIFI_LINK_1030_1 || 781 pid == PCI_PRODUCT_INTEL_WIFI_LINK_1030_2 || 782 pid == PCI_PRODUCT_INTEL_WIFI_LINK_6230_1 || 783 pid == PCI_PRODUCT_INTEL_WIFI_LINK_6230_2 || 784 pid == PCI_PRODUCT_INTEL_WIFI_LINK_6235 || 785 pid == PCI_PRODUCT_INTEL_WIFI_LINK_6235_2) { 786 sc->fwname = "iwlwifi-6000g2b-6.ucode"; 787 ops->config_bt_coex = iwn_config_bt_coex_adv1; 788 } 789 else 790 sc->fwname = "iwlwifi-6000g2a-5.ucode"; 791 break; 792 case IWN_HW_REV_TYPE_2030: 793 sc->limits = &iwn2000_sensitivity_limits; 794 sc->fwname = "iwlwifi-2030-6.ucode"; 795 ops->config_bt_coex = iwn_config_bt_coex_adv2; 796 break; 797 case IWN_HW_REV_TYPE_2000: 798 sc->limits = &iwn2000_sensitivity_limits; 799 sc->fwname = "iwlwifi-2000-6.ucode"; 800 break; 801 case IWN_HW_REV_TYPE_135: 802 sc->limits = &iwn2000_sensitivity_limits; 803 sc->fwname = "iwlwifi-135-6.ucode"; 804 ops->config_bt_coex = iwn_config_bt_coex_adv2; 805 break; 806 case IWN_HW_REV_TYPE_105: 807 sc->limits = &iwn2000_sensitivity_limits; 808 sc->fwname = "iwlwifi-105-6.ucode"; 809 break; 810 default: 811 aprint_normal(": adapter type %d not supported\n", sc->hw_type); 812 return ENOTSUP; 813 } 814 return 0; 815 } 816 817 /* 818 * Attach the interface to 802.11 radiotap. 819 */ 820 static void 821 iwn_radiotap_attach(struct iwn_softc *sc) 822 { 823 struct ifnet *ifp = sc->sc_ic.ic_ifp; 824 825 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 826 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 827 &sc->sc_drvbpf); 828 829 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 830 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 831 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWN_RX_RADIOTAP_PRESENT); 832 833 sc->sc_txtap_len = sizeof sc->sc_txtapu; 834 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 835 sc->sc_txtap.wt_ihdr.it_present = htole32(IWN_TX_RADIOTAP_PRESENT); 836 } 837 838 static int 839 iwn_detach(device_t self, int flags __unused) 840 { 841 struct iwn_softc *sc = device_private(self); 842 struct ifnet *ifp = sc->sc_ic.ic_ifp; 843 int qid; 844 845 if (!(sc->sc_flags & IWN_FLAG_ATTACHED)) 846 return 0; 847 848 callout_stop(&sc->calib_to); 849 850 /* Uninstall interrupt handler. */ 851 if (sc->sc_ih != NULL) 852 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 853 if (sc->sc_pihp != NULL) 854 pci_intr_release(sc->sc_pct, sc->sc_pihp, 1); 855 if (sc->sc_soft_ih != NULL) 856 softint_disestablish(sc->sc_soft_ih); 857 858 /* Free DMA resources. */ 859 iwn_free_rx_ring(sc, &sc->rxq); 860 for (qid = 0; qid < sc->ntxqs; qid++) 861 iwn_free_tx_ring(sc, &sc->txq[qid]); 862 #ifdef IWN_USE_RBUF 863 iwn_free_rpool(sc); 864 #endif 865 iwn_free_sched(sc); 866 iwn_free_kw(sc); 867 if (sc->ict != NULL) 868 iwn_free_ict(sc); 869 iwn_free_fwmem(sc); 870 871 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 872 873 ieee80211_ifdetach(&sc->sc_ic); 874 if_detach(ifp); 875 876 return 0; 877 } 878 879 #if 0 880 /* 881 * XXX Investigate if clearing the PCI retry timeout could eliminate 882 * the repeated scan calls. Also the calls to if_init and if_start 883 * are similar to the effect of adding the call to ifioctl_common . 884 */ 885 static void 886 iwn_power(int why, void *arg) 887 { 888 struct iwn_softc *sc = arg; 889 struct ifnet *ifp; 890 pcireg_t reg; 891 int s; 892 893 if (why != PWR_RESUME) 894 return; 895 896 /* Clear device-specific "PCI retry timeout" register (41h). */ 897 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 898 if (reg & 0xff00) 899 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, reg & ~0xff00); 900 901 s = splnet(); 902 ifp = &sc->sc_ic.ic_if; 903 if (ifp->if_flags & IFF_UP) { 904 ifp->if_init(ifp); 905 if (ifp->if_flags & IFF_RUNNING) 906 ifp->if_start(ifp); 907 } 908 splx(s); 909 } 910 #endif 911 912 static bool 913 iwn_resume(device_t dv, const pmf_qual_t *qual) 914 { 915 return true; 916 } 917 918 static int 919 iwn_nic_lock(struct iwn_softc *sc) 920 { 921 int ntries; 922 923 /* Request exclusive access to NIC. */ 924 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 925 926 /* Spin until we actually get the lock. */ 927 for (ntries = 0; ntries < 1000; ntries++) { 928 if ((IWN_READ(sc, IWN_GP_CNTRL) & 929 (IWN_GP_CNTRL_MAC_ACCESS_ENA | IWN_GP_CNTRL_SLEEP)) == 930 IWN_GP_CNTRL_MAC_ACCESS_ENA) 931 return 0; 932 DELAY(10); 933 } 934 return ETIMEDOUT; 935 } 936 937 static __inline void 938 iwn_nic_unlock(struct iwn_softc *sc) 939 { 940 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 941 } 942 943 static __inline uint32_t 944 iwn_prph_read(struct iwn_softc *sc, uint32_t addr) 945 { 946 IWN_WRITE(sc, IWN_PRPH_RADDR, IWN_PRPH_DWORD | addr); 947 IWN_BARRIER_READ_WRITE(sc); 948 return IWN_READ(sc, IWN_PRPH_RDATA); 949 } 950 951 static __inline void 952 iwn_prph_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 953 { 954 IWN_WRITE(sc, IWN_PRPH_WADDR, IWN_PRPH_DWORD | addr); 955 IWN_BARRIER_WRITE(sc); 956 IWN_WRITE(sc, IWN_PRPH_WDATA, data); 957 } 958 959 static __inline void 960 iwn_prph_setbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 961 { 962 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) | mask); 963 } 964 965 static __inline void 966 iwn_prph_clrbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 967 { 968 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) & ~mask); 969 } 970 971 static __inline void 972 iwn_prph_write_region_4(struct iwn_softc *sc, uint32_t addr, 973 const uint32_t *data, int count) 974 { 975 for (; count > 0; count--, data++, addr += 4) 976 iwn_prph_write(sc, addr, *data); 977 } 978 979 static __inline uint32_t 980 iwn_mem_read(struct iwn_softc *sc, uint32_t addr) 981 { 982 IWN_WRITE(sc, IWN_MEM_RADDR, addr); 983 IWN_BARRIER_READ_WRITE(sc); 984 return IWN_READ(sc, IWN_MEM_RDATA); 985 } 986 987 static __inline void 988 iwn_mem_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 989 { 990 IWN_WRITE(sc, IWN_MEM_WADDR, addr); 991 IWN_BARRIER_WRITE(sc); 992 IWN_WRITE(sc, IWN_MEM_WDATA, data); 993 } 994 995 #ifndef IEEE80211_NO_HT 996 static __inline void 997 iwn_mem_write_2(struct iwn_softc *sc, uint32_t addr, uint16_t data) 998 { 999 uint32_t tmp; 1000 1001 tmp = iwn_mem_read(sc, addr & ~3); 1002 if (addr & 3) 1003 tmp = (tmp & 0x0000ffff) | data << 16; 1004 else 1005 tmp = (tmp & 0xffff0000) | data; 1006 iwn_mem_write(sc, addr & ~3, tmp); 1007 } 1008 #endif 1009 1010 static __inline void 1011 iwn_mem_read_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t *data, 1012 int count) 1013 { 1014 for (; count > 0; count--, addr += 4) 1015 *data++ = iwn_mem_read(sc, addr); 1016 } 1017 1018 static __inline void 1019 iwn_mem_set_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t val, 1020 int count) 1021 { 1022 for (; count > 0; count--, addr += 4) 1023 iwn_mem_write(sc, addr, val); 1024 } 1025 1026 static int 1027 iwn_eeprom_lock(struct iwn_softc *sc) 1028 { 1029 int i, ntries; 1030 1031 for (i = 0; i < 100; i++) { 1032 /* Request exclusive access to EEPROM. */ 1033 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 1034 IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1035 1036 /* Spin until we actually get the lock. */ 1037 for (ntries = 0; ntries < 100; ntries++) { 1038 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 1039 IWN_HW_IF_CONFIG_EEPROM_LOCKED) 1040 return 0; 1041 DELAY(10); 1042 } 1043 } 1044 return ETIMEDOUT; 1045 } 1046 1047 static __inline void 1048 iwn_eeprom_unlock(struct iwn_softc *sc) 1049 { 1050 IWN_CLRBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1051 } 1052 1053 /* 1054 * Initialize access by host to One Time Programmable ROM. 1055 * NB: This kind of ROM can be found on 1000 or 6000 Series only. 1056 */ 1057 static int 1058 iwn_init_otprom(struct iwn_softc *sc) 1059 { 1060 uint16_t prev = 0, base, next; 1061 int count, error; 1062 1063 /* Wait for clock stabilization before accessing prph. */ 1064 if ((error = iwn_clock_wait(sc)) != 0) 1065 return error; 1066 1067 if ((error = iwn_nic_lock(sc)) != 0) 1068 return error; 1069 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1070 DELAY(5); 1071 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1072 iwn_nic_unlock(sc); 1073 1074 /* Set auto clock gate disable bit for HW with OTP shadow RAM. */ 1075 if (sc->hw_type != IWN_HW_REV_TYPE_1000) { 1076 IWN_SETBITS(sc, IWN_DBG_LINK_PWR_MGMT, 1077 IWN_RESET_LINK_PWR_MGMT_DIS); 1078 } 1079 IWN_CLRBITS(sc, IWN_EEPROM_GP, IWN_EEPROM_GP_IF_OWNER); 1080 /* Clear ECC status. */ 1081 IWN_SETBITS(sc, IWN_OTP_GP, 1082 IWN_OTP_GP_ECC_CORR_STTS | IWN_OTP_GP_ECC_UNCORR_STTS); 1083 1084 /* 1085 * Find the block before last block (contains the EEPROM image) 1086 * for HW without OTP shadow RAM. 1087 */ 1088 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 1089 /* Switch to absolute addressing mode. */ 1090 IWN_CLRBITS(sc, IWN_OTP_GP, IWN_OTP_GP_RELATIVE_ACCESS); 1091 base = 0; 1092 for (count = 0; count < IWN1000_OTP_NBLOCKS; count++) { 1093 error = iwn_read_prom_data(sc, base, &next, 2); 1094 if (error != 0) 1095 return error; 1096 if (next == 0) /* End of linked-list. */ 1097 break; 1098 prev = base; 1099 base = le16toh(next); 1100 } 1101 if (count == 0 || count == IWN1000_OTP_NBLOCKS) 1102 return EIO; 1103 /* Skip "next" word. */ 1104 sc->prom_base = prev + 1; 1105 } 1106 return 0; 1107 } 1108 1109 static int 1110 iwn_read_prom_data(struct iwn_softc *sc, uint32_t addr, void *data, int count) 1111 { 1112 uint8_t *out = data; 1113 uint32_t val, tmp; 1114 int ntries; 1115 1116 addr += sc->prom_base; 1117 for (; count > 0; count -= 2, addr++) { 1118 IWN_WRITE(sc, IWN_EEPROM, addr << 2); 1119 for (ntries = 0; ntries < 10; ntries++) { 1120 val = IWN_READ(sc, IWN_EEPROM); 1121 if (val & IWN_EEPROM_READ_VALID) 1122 break; 1123 DELAY(5); 1124 } 1125 if (ntries == 10) { 1126 aprint_error_dev(sc->sc_dev, 1127 "timeout reading ROM at 0x%x\n", addr); 1128 return ETIMEDOUT; 1129 } 1130 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 1131 /* OTPROM, check for ECC errors. */ 1132 tmp = IWN_READ(sc, IWN_OTP_GP); 1133 if (tmp & IWN_OTP_GP_ECC_UNCORR_STTS) { 1134 aprint_error_dev(sc->sc_dev, 1135 "OTPROM ECC error at 0x%x\n", addr); 1136 return EIO; 1137 } 1138 if (tmp & IWN_OTP_GP_ECC_CORR_STTS) { 1139 /* Correctable ECC error, clear bit. */ 1140 IWN_SETBITS(sc, IWN_OTP_GP, 1141 IWN_OTP_GP_ECC_CORR_STTS); 1142 } 1143 } 1144 *out++ = val >> 16; 1145 if (count > 1) 1146 *out++ = val >> 24; 1147 } 1148 return 0; 1149 } 1150 1151 static int 1152 iwn_dma_contig_alloc(bus_dma_tag_t tag, struct iwn_dma_info *dma, void **kvap, 1153 bus_size_t size, bus_size_t alignment) 1154 { 1155 int nsegs, error; 1156 1157 dma->tag = tag; 1158 dma->size = size; 1159 1160 error = bus_dmamap_create(tag, size, 1, size, 0, BUS_DMA_NOWAIT, 1161 &dma->map); 1162 if (error != 0) 1163 goto fail; 1164 1165 error = bus_dmamem_alloc(tag, size, alignment, 0, &dma->seg, 1, &nsegs, 1166 BUS_DMA_NOWAIT); /* XXX OpenBSD adds BUS_DMA_ZERO */ 1167 if (error != 0) 1168 goto fail; 1169 1170 error = bus_dmamem_map(tag, &dma->seg, 1, size, &dma->vaddr, 1171 BUS_DMA_NOWAIT); /* XXX OpenBSD adds BUS_DMA_COHERENT */ 1172 if (error != 0) 1173 goto fail; 1174 1175 error = bus_dmamap_load(tag, dma->map, dma->vaddr, size, NULL, 1176 BUS_DMA_NOWAIT); 1177 if (error != 0) 1178 goto fail; 1179 1180 /* XXX Presumably needed because of missing BUS_DMA_ZERO, above. */ 1181 memset(dma->vaddr, 0, size); 1182 bus_dmamap_sync(tag, dma->map, 0, size, BUS_DMASYNC_PREWRITE); 1183 1184 dma->paddr = dma->map->dm_segs[0].ds_addr; 1185 if (kvap != NULL) 1186 *kvap = dma->vaddr; 1187 1188 return 0; 1189 1190 fail: iwn_dma_contig_free(dma); 1191 return error; 1192 } 1193 1194 static void 1195 iwn_dma_contig_free(struct iwn_dma_info *dma) 1196 { 1197 if (dma->map != NULL) { 1198 if (dma->vaddr != NULL) { 1199 bus_dmamap_sync(dma->tag, dma->map, 0, dma->size, 1200 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 1201 bus_dmamap_unload(dma->tag, dma->map); 1202 bus_dmamem_unmap(dma->tag, dma->vaddr, dma->size); 1203 bus_dmamem_free(dma->tag, &dma->seg, 1); 1204 dma->vaddr = NULL; 1205 } 1206 bus_dmamap_destroy(dma->tag, dma->map); 1207 dma->map = NULL; 1208 } 1209 } 1210 1211 static int 1212 iwn_alloc_sched(struct iwn_softc *sc) 1213 { 1214 /* TX scheduler rings must be aligned on a 1KB boundary. */ 1215 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->sched_dma, 1216 (void **)&sc->sched, sc->schedsz, 1024); 1217 } 1218 1219 static void 1220 iwn_free_sched(struct iwn_softc *sc) 1221 { 1222 iwn_dma_contig_free(&sc->sched_dma); 1223 } 1224 1225 static int 1226 iwn_alloc_kw(struct iwn_softc *sc) 1227 { 1228 /* "Keep Warm" page must be aligned on a 4KB boundary. */ 1229 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->kw_dma, NULL, 4096, 1230 4096); 1231 } 1232 1233 static void 1234 iwn_free_kw(struct iwn_softc *sc) 1235 { 1236 iwn_dma_contig_free(&sc->kw_dma); 1237 } 1238 1239 static int 1240 iwn_alloc_ict(struct iwn_softc *sc) 1241 { 1242 /* ICT table must be aligned on a 4KB boundary. */ 1243 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->ict_dma, 1244 (void **)&sc->ict, IWN_ICT_SIZE, 4096); 1245 } 1246 1247 static void 1248 iwn_free_ict(struct iwn_softc *sc) 1249 { 1250 iwn_dma_contig_free(&sc->ict_dma); 1251 } 1252 1253 static int 1254 iwn_alloc_fwmem(struct iwn_softc *sc) 1255 { 1256 /* Must be aligned on a 16-byte boundary. */ 1257 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->fw_dma, NULL, 1258 sc->fwsz, 16); 1259 } 1260 1261 static void 1262 iwn_free_fwmem(struct iwn_softc *sc) 1263 { 1264 iwn_dma_contig_free(&sc->fw_dma); 1265 } 1266 1267 static int 1268 iwn_alloc_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1269 { 1270 bus_size_t size; 1271 int i, error; 1272 1273 ring->cur = 0; 1274 1275 /* Allocate RX descriptors (256-byte aligned). */ 1276 size = IWN_RX_RING_COUNT * sizeof (uint32_t); 1277 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 1278 (void **)&ring->desc, size, 256); 1279 if (error != 0) { 1280 aprint_error_dev(sc->sc_dev, 1281 "could not allocate RX ring DMA memory\n"); 1282 goto fail; 1283 } 1284 1285 /* Allocate RX status area (16-byte aligned). */ 1286 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->stat_dma, 1287 (void **)&ring->stat, sizeof (struct iwn_rx_status), 16); 1288 if (error != 0) { 1289 aprint_error_dev(sc->sc_dev, 1290 "could not allocate RX status DMA memory\n"); 1291 goto fail; 1292 } 1293 1294 /* 1295 * Allocate and map RX buffers. 1296 */ 1297 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1298 struct iwn_rx_data *data = &ring->data[i]; 1299 1300 error = bus_dmamap_create(sc->sc_dmat, IWN_RBUF_SIZE, 1, 1301 IWN_RBUF_SIZE, 0, BUS_DMA_NOWAIT | BUS_DMA_ALLOCNOW, 1302 &data->map); 1303 if (error != 0) { 1304 aprint_error_dev(sc->sc_dev, 1305 "could not create RX buf DMA map\n"); 1306 goto fail; 1307 } 1308 1309 data->m = MCLGETIalt(sc, M_DONTWAIT, NULL, IWN_RBUF_SIZE); 1310 if (data->m == NULL) { 1311 aprint_error_dev(sc->sc_dev, 1312 "could not allocate RX mbuf\n"); 1313 error = ENOBUFS; 1314 goto fail; 1315 } 1316 1317 error = bus_dmamap_load(sc->sc_dmat, data->map, 1318 mtod(data->m, void *), IWN_RBUF_SIZE, NULL, 1319 BUS_DMA_NOWAIT | BUS_DMA_READ); 1320 if (error != 0) { 1321 aprint_error_dev(sc->sc_dev, 1322 "can't not map mbuf (error %d)\n", error); 1323 goto fail; 1324 } 1325 1326 /* Set physical address of RX buffer (256-byte aligned). */ 1327 ring->desc[i] = htole32(data->map->dm_segs[0].ds_addr >> 8); 1328 } 1329 1330 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 0, size, 1331 BUS_DMASYNC_PREWRITE); 1332 1333 return 0; 1334 1335 fail: iwn_free_rx_ring(sc, ring); 1336 return error; 1337 } 1338 1339 static void 1340 iwn_reset_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1341 { 1342 int ntries; 1343 1344 if (iwn_nic_lock(sc) == 0) { 1345 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 1346 for (ntries = 0; ntries < 1000; ntries++) { 1347 if (IWN_READ(sc, IWN_FH_RX_STATUS) & 1348 IWN_FH_RX_STATUS_IDLE) 1349 break; 1350 DELAY(10); 1351 } 1352 iwn_nic_unlock(sc); 1353 } 1354 ring->cur = 0; 1355 sc->last_rx_valid = 0; 1356 } 1357 1358 static void 1359 iwn_free_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1360 { 1361 int i; 1362 1363 iwn_dma_contig_free(&ring->desc_dma); 1364 iwn_dma_contig_free(&ring->stat_dma); 1365 1366 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1367 struct iwn_rx_data *data = &ring->data[i]; 1368 1369 if (data->m != NULL) { 1370 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1371 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1372 bus_dmamap_unload(sc->sc_dmat, data->map); 1373 m_freem(data->m); 1374 } 1375 if (data->map != NULL) 1376 bus_dmamap_destroy(sc->sc_dmat, data->map); 1377 } 1378 } 1379 1380 static int 1381 iwn_alloc_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring, int qid) 1382 { 1383 bus_addr_t paddr; 1384 bus_size_t size; 1385 int i, error; 1386 1387 ring->qid = qid; 1388 ring->queued = 0; 1389 ring->cur = 0; 1390 1391 /* Allocate TX descriptors (256-byte aligned). */ 1392 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_desc); 1393 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 1394 (void **)&ring->desc, size, 256); 1395 if (error != 0) { 1396 aprint_error_dev(sc->sc_dev, 1397 "could not allocate TX ring DMA memory\n"); 1398 goto fail; 1399 } 1400 /* 1401 * We only use rings 0 through 4 (4 EDCA + cmd) so there is no need 1402 * to allocate commands space for other rings. 1403 * XXX Do we really need to allocate descriptors for other rings? 1404 */ 1405 if (qid > 4) 1406 return 0; 1407 1408 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_cmd); 1409 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->cmd_dma, 1410 (void **)&ring->cmd, size, 4); 1411 if (error != 0) { 1412 aprint_error_dev(sc->sc_dev, 1413 "could not allocate TX cmd DMA memory\n"); 1414 goto fail; 1415 } 1416 1417 paddr = ring->cmd_dma.paddr; 1418 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1419 struct iwn_tx_data *data = &ring->data[i]; 1420 1421 data->cmd_paddr = paddr; 1422 data->scratch_paddr = paddr + 12; 1423 paddr += sizeof (struct iwn_tx_cmd); 1424 1425 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1426 IWN_MAX_SCATTER - 1, MCLBYTES, 0, BUS_DMA_NOWAIT, 1427 &data->map); 1428 if (error != 0) { 1429 aprint_error_dev(sc->sc_dev, 1430 "could not create TX buf DMA map\n"); 1431 goto fail; 1432 } 1433 } 1434 return 0; 1435 1436 fail: iwn_free_tx_ring(sc, ring); 1437 return error; 1438 } 1439 1440 static void 1441 iwn_reset_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 1442 { 1443 int i; 1444 1445 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1446 struct iwn_tx_data *data = &ring->data[i]; 1447 1448 if (data->m != NULL) { 1449 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1450 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1451 bus_dmamap_unload(sc->sc_dmat, data->map); 1452 m_freem(data->m); 1453 data->m = NULL; 1454 } 1455 } 1456 /* Clear TX descriptors. */ 1457 memset(ring->desc, 0, ring->desc_dma.size); 1458 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 0, 1459 ring->desc_dma.size, BUS_DMASYNC_PREWRITE); 1460 sc->qfullmsk &= ~(1 << ring->qid); 1461 ring->queued = 0; 1462 ring->cur = 0; 1463 } 1464 1465 static void 1466 iwn_free_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 1467 { 1468 int i; 1469 1470 iwn_dma_contig_free(&ring->desc_dma); 1471 iwn_dma_contig_free(&ring->cmd_dma); 1472 1473 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1474 struct iwn_tx_data *data = &ring->data[i]; 1475 1476 if (data->m != NULL) { 1477 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1478 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1479 bus_dmamap_unload(sc->sc_dmat, data->map); 1480 m_freem(data->m); 1481 } 1482 if (data->map != NULL) 1483 bus_dmamap_destroy(sc->sc_dmat, data->map); 1484 } 1485 } 1486 1487 static void 1488 iwn5000_ict_reset(struct iwn_softc *sc) 1489 { 1490 /* Disable interrupts. */ 1491 IWN_WRITE(sc, IWN_INT_MASK, 0); 1492 1493 /* Reset ICT table. */ 1494 memset(sc->ict, 0, IWN_ICT_SIZE); 1495 bus_dmamap_sync(sc->sc_dmat, sc->ict_dma.map, 0, IWN_ICT_SIZE, 1496 BUS_DMASYNC_PREWRITE); 1497 sc->ict_cur = 0; 1498 1499 /* Set physical address of ICT table (4KB aligned). */ 1500 DPRINTF(("enabling ICT\n")); 1501 IWN_WRITE(sc, IWN_DRAM_INT_TBL, IWN_DRAM_INT_TBL_ENABLE | 1502 IWN_DRAM_INT_TBL_WRAP_CHECK | sc->ict_dma.paddr >> 12); 1503 1504 /* Enable periodic RX interrupt. */ 1505 sc->int_mask |= IWN_INT_RX_PERIODIC; 1506 /* Switch to ICT interrupt mode in driver. */ 1507 sc->sc_flags |= IWN_FLAG_USE_ICT; 1508 1509 /* Re-enable interrupts. */ 1510 IWN_WRITE(sc, IWN_INT, 0xffffffff); 1511 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 1512 } 1513 1514 static int 1515 iwn_read_eeprom(struct iwn_softc *sc) 1516 { 1517 struct iwn_ops *ops = &sc->ops; 1518 struct ieee80211com *ic = &sc->sc_ic; 1519 uint16_t val; 1520 int error; 1521 1522 /* Check whether adapter has an EEPROM or an OTPROM. */ 1523 if (sc->hw_type >= IWN_HW_REV_TYPE_1000 && 1524 (IWN_READ(sc, IWN_OTP_GP) & IWN_OTP_GP_DEV_SEL_OTP)) 1525 sc->sc_flags |= IWN_FLAG_HAS_OTPROM; 1526 DPRINTF(("%s found\n", (sc->sc_flags & IWN_FLAG_HAS_OTPROM) ? 1527 "OTPROM" : "EEPROM")); 1528 1529 /* Adapter has to be powered on for EEPROM access to work. */ 1530 if ((error = iwn_apm_init(sc)) != 0) { 1531 aprint_error_dev(sc->sc_dev, 1532 "could not power ON adapter\n"); 1533 return error; 1534 } 1535 1536 if ((IWN_READ(sc, IWN_EEPROM_GP) & 0x7) == 0) { 1537 aprint_error_dev(sc->sc_dev, 1538 "bad ROM signature\n"); 1539 return EIO; 1540 } 1541 if ((error = iwn_eeprom_lock(sc)) != 0) { 1542 aprint_error_dev(sc->sc_dev, 1543 "could not lock ROM (error=%d)\n", error); 1544 return error; 1545 } 1546 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 1547 if ((error = iwn_init_otprom(sc)) != 0) { 1548 aprint_error_dev(sc->sc_dev, 1549 "could not initialize OTPROM\n"); 1550 return error; 1551 } 1552 } 1553 1554 iwn_read_prom_data(sc, IWN_EEPROM_SKU_CAP, &val, 2); 1555 DPRINTF(("SKU capabilities=0x%04x\n", le16toh(val))); 1556 /* Check if HT support is bonded out. */ 1557 if (val & htole16(IWN_EEPROM_SKU_CAP_11N)) 1558 sc->sc_flags |= IWN_FLAG_HAS_11N; 1559 1560 iwn_read_prom_data(sc, IWN_EEPROM_RFCFG, &val, 2); 1561 sc->rfcfg = le16toh(val); 1562 DPRINTF(("radio config=0x%04x\n", sc->rfcfg)); 1563 /* Read Tx/Rx chains from ROM unless it's known to be broken. */ 1564 if (sc->txchainmask == 0) 1565 sc->txchainmask = IWN_RFCFG_TXANTMSK(sc->rfcfg); 1566 if (sc->rxchainmask == 0) 1567 sc->rxchainmask = IWN_RFCFG_RXANTMSK(sc->rfcfg); 1568 1569 /* Read MAC address. */ 1570 iwn_read_prom_data(sc, IWN_EEPROM_MAC, ic->ic_myaddr, 6); 1571 1572 /* Read adapter-specific information from EEPROM. */ 1573 ops->read_eeprom(sc); 1574 1575 iwn_apm_stop(sc); /* Power OFF adapter. */ 1576 1577 iwn_eeprom_unlock(sc); 1578 return 0; 1579 } 1580 1581 static void 1582 iwn4965_read_eeprom(struct iwn_softc *sc) 1583 { 1584 uint32_t addr; 1585 uint16_t val; 1586 int i; 1587 1588 /* Read regulatory domain (4 ASCII characters). */ 1589 iwn_read_prom_data(sc, IWN4965_EEPROM_DOMAIN, sc->eeprom_domain, 4); 1590 1591 /* Read the list of authorized channels (20MHz ones only). */ 1592 for (i = 0; i < 5; i++) { 1593 addr = iwn4965_regulatory_bands[i]; 1594 iwn_read_eeprom_channels(sc, i, addr); 1595 } 1596 1597 /* Read maximum allowed TX power for 2GHz and 5GHz bands. */ 1598 iwn_read_prom_data(sc, IWN4965_EEPROM_MAXPOW, &val, 2); 1599 sc->maxpwr2GHz = val & 0xff; 1600 sc->maxpwr5GHz = val >> 8; 1601 /* Check that EEPROM values are within valid range. */ 1602 if (sc->maxpwr5GHz < 20 || sc->maxpwr5GHz > 50) 1603 sc->maxpwr5GHz = 38; 1604 if (sc->maxpwr2GHz < 20 || sc->maxpwr2GHz > 50) 1605 sc->maxpwr2GHz = 38; 1606 DPRINTF(("maxpwr 2GHz=%d 5GHz=%d\n", sc->maxpwr2GHz, sc->maxpwr5GHz)); 1607 1608 /* Read samples for each TX power group. */ 1609 iwn_read_prom_data(sc, IWN4965_EEPROM_BANDS, sc->bands, 1610 sizeof sc->bands); 1611 1612 /* Read voltage at which samples were taken. */ 1613 iwn_read_prom_data(sc, IWN4965_EEPROM_VOLTAGE, &val, 2); 1614 sc->eeprom_voltage = (int16_t)le16toh(val); 1615 DPRINTF(("voltage=%d (in 0.3V)\n", sc->eeprom_voltage)); 1616 1617 #ifdef IWN_DEBUG 1618 /* Print samples. */ 1619 if (iwn_debug > 0) { 1620 for (i = 0; i < IWN_NBANDS; i++) 1621 iwn4965_print_power_group(sc, i); 1622 } 1623 #endif 1624 } 1625 1626 #ifdef IWN_DEBUG 1627 static void 1628 iwn4965_print_power_group(struct iwn_softc *sc, int i) 1629 { 1630 struct iwn4965_eeprom_band *band = &sc->bands[i]; 1631 struct iwn4965_eeprom_chan_samples *chans = band->chans; 1632 int j, c; 1633 1634 aprint_normal("===band %d===\n", i); 1635 aprint_normal("chan lo=%d, chan hi=%d\n", band->lo, band->hi); 1636 aprint_normal("chan1 num=%d\n", chans[0].num); 1637 for (c = 0; c < 2; c++) { 1638 for (j = 0; j < IWN_NSAMPLES; j++) { 1639 aprint_normal("chain %d, sample %d: temp=%d gain=%d " 1640 "power=%d pa_det=%d\n", c, j, 1641 chans[0].samples[c][j].temp, 1642 chans[0].samples[c][j].gain, 1643 chans[0].samples[c][j].power, 1644 chans[0].samples[c][j].pa_det); 1645 } 1646 } 1647 aprint_normal("chan2 num=%d\n", chans[1].num); 1648 for (c = 0; c < 2; c++) { 1649 for (j = 0; j < IWN_NSAMPLES; j++) { 1650 aprint_normal("chain %d, sample %d: temp=%d gain=%d " 1651 "power=%d pa_det=%d\n", c, j, 1652 chans[1].samples[c][j].temp, 1653 chans[1].samples[c][j].gain, 1654 chans[1].samples[c][j].power, 1655 chans[1].samples[c][j].pa_det); 1656 } 1657 } 1658 } 1659 #endif 1660 1661 static void 1662 iwn5000_read_eeprom(struct iwn_softc *sc) 1663 { 1664 struct iwn5000_eeprom_calib_hdr hdr; 1665 int32_t volt; 1666 uint32_t base, addr; 1667 uint16_t val; 1668 int i; 1669 1670 /* Read regulatory domain (4 ASCII characters). */ 1671 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 1672 base = le16toh(val); 1673 iwn_read_prom_data(sc, base + IWN5000_EEPROM_DOMAIN, 1674 sc->eeprom_domain, 4); 1675 1676 /* Read the list of authorized channels (20MHz ones only). */ 1677 for (i = 0; i < 5; i++) { 1678 addr = base + iwn5000_regulatory_bands[i]; 1679 iwn_read_eeprom_channels(sc, i, addr); 1680 } 1681 1682 /* Read enhanced TX power information for 6000 Series. */ 1683 if (sc->hw_type >= IWN_HW_REV_TYPE_6000) 1684 iwn_read_eeprom_enhinfo(sc); 1685 1686 iwn_read_prom_data(sc, IWN5000_EEPROM_CAL, &val, 2); 1687 base = le16toh(val); 1688 iwn_read_prom_data(sc, base, &hdr, sizeof hdr); 1689 DPRINTF(("calib version=%u pa type=%u voltage=%u\n", 1690 hdr.version, hdr.pa_type, le16toh(hdr.volt))); 1691 sc->calib_ver = hdr.version; 1692 1693 if (sc->hw_type == IWN_HW_REV_TYPE_2030 || 1694 sc->hw_type == IWN_HW_REV_TYPE_2000 || 1695 sc->hw_type == IWN_HW_REV_TYPE_135 || 1696 sc->hw_type == IWN_HW_REV_TYPE_105) { 1697 sc->eeprom_voltage = le16toh(hdr.volt); 1698 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 1699 sc->eeprom_temp = le16toh(val); 1700 iwn_read_prom_data(sc, base + IWN2000_EEPROM_RAWTEMP, &val, 2); 1701 sc->eeprom_rawtemp = le16toh(val); 1702 } 1703 1704 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 1705 /* Compute temperature offset. */ 1706 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 1707 sc->eeprom_temp = le16toh(val); 1708 iwn_read_prom_data(sc, base + IWN5000_EEPROM_VOLT, &val, 2); 1709 volt = le16toh(val); 1710 sc->temp_off = sc->eeprom_temp - (volt / -5); 1711 DPRINTF(("temp=%d volt=%d offset=%dK\n", 1712 sc->eeprom_temp, volt, sc->temp_off)); 1713 } else { 1714 /* Read crystal calibration. */ 1715 iwn_read_prom_data(sc, base + IWN5000_EEPROM_CRYSTAL, 1716 &sc->eeprom_crystal, sizeof (uint32_t)); 1717 DPRINTF(("crystal calibration 0x%08x\n", 1718 le32toh(sc->eeprom_crystal))); 1719 } 1720 } 1721 1722 static void 1723 iwn_read_eeprom_channels(struct iwn_softc *sc, int n, uint32_t addr) 1724 { 1725 struct ieee80211com *ic = &sc->sc_ic; 1726 const struct iwn_chan_band *band = &iwn_bands[n]; 1727 struct iwn_eeprom_chan channels[IWN_MAX_CHAN_PER_BAND]; 1728 uint8_t chan; 1729 int i; 1730 1731 iwn_read_prom_data(sc, addr, channels, 1732 band->nchan * sizeof (struct iwn_eeprom_chan)); 1733 1734 for (i = 0; i < band->nchan; i++) { 1735 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) 1736 continue; 1737 1738 chan = band->chan[i]; 1739 1740 if (n == 0) { /* 2GHz band */ 1741 ic->ic_channels[chan].ic_freq = 1742 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 1743 ic->ic_channels[chan].ic_flags = 1744 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 1745 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 1746 1747 } else { /* 5GHz band */ 1748 /* 1749 * Some adapters support channels 7, 8, 11 and 12 1750 * both in the 2GHz and 4.9GHz bands. 1751 * Because of limitations in our net80211 layer, 1752 * we don't support them in the 4.9GHz band. 1753 */ 1754 if (chan <= 14) 1755 continue; 1756 1757 ic->ic_channels[chan].ic_freq = 1758 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 1759 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 1760 /* We have at least one valid 5GHz channel. */ 1761 sc->sc_flags |= IWN_FLAG_HAS_5GHZ; 1762 } 1763 1764 /* Is active scan allowed on this channel? */ 1765 if (!(channels[i].flags & IWN_EEPROM_CHAN_ACTIVE)) { 1766 ic->ic_channels[chan].ic_flags |= 1767 IEEE80211_CHAN_PASSIVE; 1768 } 1769 1770 /* Save maximum allowed TX power for this channel. */ 1771 sc->maxpwr[chan] = channels[i].maxpwr; 1772 1773 DPRINTF(("adding chan %d flags=0x%x maxpwr=%d\n", 1774 chan, channels[i].flags, sc->maxpwr[chan])); 1775 } 1776 } 1777 1778 static void 1779 iwn_read_eeprom_enhinfo(struct iwn_softc *sc) 1780 { 1781 struct iwn_eeprom_enhinfo enhinfo[35]; 1782 uint16_t val, base; 1783 int8_t maxpwr; 1784 int i; 1785 1786 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 1787 base = le16toh(val); 1788 iwn_read_prom_data(sc, base + IWN6000_EEPROM_ENHINFO, 1789 enhinfo, sizeof enhinfo); 1790 1791 memset(sc->enh_maxpwr, 0, sizeof sc->enh_maxpwr); 1792 for (i = 0; i < __arraycount(enhinfo); i++) { 1793 if (enhinfo[i].chan == 0 || enhinfo[i].reserved != 0) 1794 continue; /* Skip invalid entries. */ 1795 1796 maxpwr = 0; 1797 if (sc->txchainmask & IWN_ANT_A) 1798 maxpwr = MAX(maxpwr, enhinfo[i].chain[0]); 1799 if (sc->txchainmask & IWN_ANT_B) 1800 maxpwr = MAX(maxpwr, enhinfo[i].chain[1]); 1801 if (sc->txchainmask & IWN_ANT_C) 1802 maxpwr = MAX(maxpwr, enhinfo[i].chain[2]); 1803 if (sc->ntxchains == 2) 1804 maxpwr = MAX(maxpwr, enhinfo[i].mimo2); 1805 else if (sc->ntxchains == 3) 1806 maxpwr = MAX(maxpwr, enhinfo[i].mimo3); 1807 maxpwr /= 2; /* Convert half-dBm to dBm. */ 1808 1809 DPRINTF(("enhinfo %d, maxpwr=%d\n", i, maxpwr)); 1810 sc->enh_maxpwr[i] = maxpwr; 1811 } 1812 } 1813 1814 static struct ieee80211_node * 1815 iwn_node_alloc(struct ieee80211_node_table *ic __unused) 1816 { 1817 return malloc(sizeof (struct iwn_node), M_80211_NODE, M_NOWAIT | M_ZERO); 1818 } 1819 1820 static void 1821 iwn_newassoc(struct ieee80211_node *ni, int isnew) 1822 { 1823 struct iwn_softc *sc = ni->ni_ic->ic_ifp->if_softc; 1824 struct iwn_node *wn = (void *)ni; 1825 uint8_t rate; 1826 int ridx, i; 1827 1828 ieee80211_amrr_node_init(&sc->amrr, &wn->amn); 1829 /* Start at lowest available bit-rate, AMRR will raise. */ 1830 ni->ni_txrate = 0; 1831 1832 for (i = 0; i < ni->ni_rates.rs_nrates; i++) { 1833 rate = ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL; 1834 /* Map 802.11 rate to HW rate index. */ 1835 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) 1836 if (iwn_rates[ridx].rate == rate) 1837 break; 1838 wn->ridx[i] = ridx; 1839 } 1840 } 1841 1842 static int 1843 iwn_media_change(struct ifnet *ifp) 1844 { 1845 struct iwn_softc *sc = ifp->if_softc; 1846 struct ieee80211com *ic = &sc->sc_ic; 1847 uint8_t rate, ridx; 1848 int error; 1849 1850 error = ieee80211_media_change(ifp); 1851 if (error != ENETRESET) 1852 return error; 1853 1854 if (ic->ic_fixed_rate != -1) { 1855 rate = ic->ic_sup_rates[ic->ic_curmode]. 1856 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1857 /* Map 802.11 rate to HW rate index. */ 1858 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) 1859 if (iwn_rates[ridx].rate == rate) 1860 break; 1861 sc->fixed_ridx = ridx; 1862 } 1863 1864 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1865 (IFF_UP | IFF_RUNNING)) { 1866 iwn_stop(ifp, 0); 1867 error = iwn_init(ifp); 1868 } 1869 return error; 1870 } 1871 1872 static int 1873 iwn_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1874 { 1875 struct ifnet *ifp = ic->ic_ifp; 1876 struct iwn_softc *sc = ifp->if_softc; 1877 int error; 1878 1879 callout_stop(&sc->calib_to); 1880 1881 switch (nstate) { 1882 case IEEE80211_S_SCAN: 1883 /* XXX Do not abort a running scan. */ 1884 if (sc->sc_flags & IWN_FLAG_SCANNING) { 1885 if (ic->ic_state != nstate) 1886 aprint_debug_dev(sc->sc_dev, "scan request(%d) " 1887 "while scanning(%d) ignored\n", nstate, 1888 ic->ic_state); 1889 break; 1890 } 1891 1892 /* XXX Not sure if call and flags are needed. */ 1893 ieee80211_node_table_reset(&ic->ic_scan); 1894 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1895 sc->sc_flags |= IWN_FLAG_SCANNING_2GHZ; 1896 1897 /* Make the link LED blink while we're scanning. */ 1898 iwn_set_led(sc, IWN_LED_LINK, 10, 10); 1899 1900 if ((error = iwn_scan(sc, IEEE80211_CHAN_2GHZ)) != 0) { 1901 aprint_error_dev(sc->sc_dev, 1902 "could not initiate scan\n"); 1903 return error; 1904 } 1905 ic->ic_state = nstate; 1906 return 0; 1907 1908 case IEEE80211_S_ASSOC: 1909 if (ic->ic_state != IEEE80211_S_RUN) 1910 break; 1911 /* FALLTHROUGH */ 1912 case IEEE80211_S_AUTH: 1913 /* Reset state to handle reassociations correctly. */ 1914 sc->rxon.associd = 0; 1915 sc->rxon.filter &= ~htole32(IWN_FILTER_BSS); 1916 sc->calib.state = IWN_CALIB_STATE_INIT; 1917 1918 if ((error = iwn_auth(sc)) != 0) { 1919 aprint_error_dev(sc->sc_dev, 1920 "could not move to auth state\n"); 1921 return error; 1922 } 1923 break; 1924 1925 case IEEE80211_S_RUN: 1926 if ((error = iwn_run(sc)) != 0) { 1927 aprint_error_dev(sc->sc_dev, 1928 "could not move to run state\n"); 1929 return error; 1930 } 1931 break; 1932 1933 case IEEE80211_S_INIT: 1934 sc->sc_flags &= ~IWN_FLAG_SCANNING; 1935 sc->calib.state = IWN_CALIB_STATE_INIT; 1936 break; 1937 } 1938 1939 return sc->sc_newstate(ic, nstate, arg); 1940 } 1941 1942 static void 1943 iwn_iter_func(void *arg, struct ieee80211_node *ni) 1944 { 1945 struct iwn_softc *sc = arg; 1946 struct iwn_node *wn = (struct iwn_node *)ni; 1947 1948 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 1949 } 1950 1951 static void 1952 iwn_calib_timeout(void *arg) 1953 { 1954 struct iwn_softc *sc = arg; 1955 struct ieee80211com *ic = &sc->sc_ic; 1956 int s; 1957 1958 s = splnet(); 1959 if (ic->ic_fixed_rate == -1) { 1960 if (ic->ic_opmode == IEEE80211_M_STA) 1961 iwn_iter_func(sc, ic->ic_bss); 1962 else 1963 ieee80211_iterate_nodes(&ic->ic_sta, iwn_iter_func, sc); 1964 } 1965 /* Force automatic TX power calibration every 60 secs. */ 1966 if (++sc->calib_cnt >= 120) { 1967 uint32_t flags = 0; 1968 1969 DPRINTF(("sending request for statistics\n")); 1970 (void)iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, 1971 sizeof flags, 1); 1972 sc->calib_cnt = 0; 1973 } 1974 splx(s); 1975 1976 /* Automatic rate control triggered every 500ms. */ 1977 callout_schedule(&sc->calib_to, mstohz(500)); 1978 } 1979 1980 /* 1981 * Process an RX_PHY firmware notification. This is usually immediately 1982 * followed by an MPDU_RX_DONE notification. 1983 */ 1984 static void 1985 iwn_rx_phy(struct iwn_softc *sc, struct iwn_rx_desc *desc, 1986 struct iwn_rx_data *data) 1987 { 1988 struct iwn_rx_stat *stat = (struct iwn_rx_stat *)(desc + 1); 1989 1990 DPRINTFN(2, ("received PHY stats\n")); 1991 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 1992 sizeof (*stat), BUS_DMASYNC_POSTREAD); 1993 1994 /* Save RX statistics, they will be used on MPDU_RX_DONE. */ 1995 memcpy(&sc->last_rx_stat, stat, sizeof (*stat)); 1996 sc->last_rx_valid = 1; 1997 } 1998 1999 /* 2000 * Process an RX_DONE (4965AGN only) or MPDU_RX_DONE firmware notification. 2001 * Each MPDU_RX_DONE notification must be preceded by an RX_PHY one. 2002 */ 2003 static void 2004 iwn_rx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2005 struct iwn_rx_data *data) 2006 { 2007 struct iwn_ops *ops = &sc->ops; 2008 struct ieee80211com *ic = &sc->sc_ic; 2009 struct ifnet *ifp = ic->ic_ifp; 2010 struct iwn_rx_ring *ring = &sc->rxq; 2011 struct ieee80211_frame *wh; 2012 struct ieee80211_node *ni; 2013 struct mbuf *m, *m1; 2014 struct iwn_rx_stat *stat; 2015 char *head; 2016 uint32_t flags; 2017 int error, len, rssi, s; 2018 2019 if (desc->type == IWN_MPDU_RX_DONE) { 2020 /* Check for prior RX_PHY notification. */ 2021 if (!sc->last_rx_valid) { 2022 DPRINTF(("missing RX_PHY\n")); 2023 return; 2024 } 2025 sc->last_rx_valid = 0; 2026 stat = &sc->last_rx_stat; 2027 } else 2028 stat = (struct iwn_rx_stat *)(desc + 1); 2029 2030 bus_dmamap_sync(sc->sc_dmat, data->map, 0, IWN_RBUF_SIZE, 2031 BUS_DMASYNC_POSTREAD); 2032 2033 if (stat->cfg_phy_len > IWN_STAT_MAXLEN) { 2034 aprint_error_dev(sc->sc_dev, 2035 "invalid RX statistic header\n"); 2036 return; 2037 } 2038 if (desc->type == IWN_MPDU_RX_DONE) { 2039 struct iwn_rx_mpdu *mpdu = (struct iwn_rx_mpdu *)(desc + 1); 2040 head = (char *)(mpdu + 1); 2041 len = le16toh(mpdu->len); 2042 } else { 2043 head = (char *)(stat + 1) + stat->cfg_phy_len; 2044 len = le16toh(stat->len); 2045 } 2046 2047 flags = le32toh(*(uint32_t *)(head + len)); 2048 2049 /* Discard frames with a bad FCS early. */ 2050 if ((flags & IWN_RX_NOERROR) != IWN_RX_NOERROR) { 2051 DPRINTFN(2, ("RX flags error %x\n", flags)); 2052 ifp->if_ierrors++; 2053 return; 2054 } 2055 /* Discard frames that are too short. */ 2056 if (len < sizeof (*wh)) { 2057 DPRINTF(("frame too short: %d\n", len)); 2058 ic->ic_stats.is_rx_tooshort++; 2059 ifp->if_ierrors++; 2060 return; 2061 } 2062 2063 m1 = MCLGETIalt(sc, M_DONTWAIT, NULL, IWN_RBUF_SIZE); 2064 if (m1 == NULL) { 2065 ic->ic_stats.is_rx_nobuf++; 2066 ifp->if_ierrors++; 2067 return; 2068 } 2069 bus_dmamap_unload(sc->sc_dmat, data->map); 2070 2071 error = bus_dmamap_load(sc->sc_dmat, data->map, mtod(m1, void *), 2072 IWN_RBUF_SIZE, NULL, BUS_DMA_NOWAIT | BUS_DMA_READ); 2073 if (error != 0) { 2074 m_freem(m1); 2075 2076 /* Try to reload the old mbuf. */ 2077 error = bus_dmamap_load(sc->sc_dmat, data->map, 2078 mtod(data->m, void *), IWN_RBUF_SIZE, NULL, 2079 BUS_DMA_NOWAIT | BUS_DMA_READ); 2080 if (error != 0) { 2081 panic("%s: could not load old RX mbuf", 2082 device_xname(sc->sc_dev)); 2083 } 2084 /* Physical address may have changed. */ 2085 ring->desc[ring->cur] = 2086 htole32(data->map->dm_segs[0].ds_addr >> 8); 2087 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 2088 ring->cur * sizeof (uint32_t), sizeof (uint32_t), 2089 BUS_DMASYNC_PREWRITE); 2090 ifp->if_ierrors++; 2091 return; 2092 } 2093 2094 m = data->m; 2095 data->m = m1; 2096 /* Update RX descriptor. */ 2097 ring->desc[ring->cur] = htole32(data->map->dm_segs[0].ds_addr >> 8); 2098 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 2099 ring->cur * sizeof (uint32_t), sizeof (uint32_t), 2100 BUS_DMASYNC_PREWRITE); 2101 2102 /* Finalize mbuf. */ 2103 m_set_rcvif(m, ifp); 2104 m->m_data = head; 2105 m->m_pkthdr.len = m->m_len = len; 2106 2107 s = splnet(); 2108 2109 /* Grab a reference to the source node. */ 2110 wh = mtod(m, struct ieee80211_frame *); 2111 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 2112 2113 /* XXX OpenBSD adds decryption here (see also comments in iwn_tx). */ 2114 /* NetBSD does decryption in ieee80211_input. */ 2115 2116 rssi = ops->get_rssi(stat); 2117 2118 /* XXX Added for NetBSD: scans never stop without it */ 2119 if (ic->ic_state == IEEE80211_S_SCAN) 2120 iwn_fix_channel(ic, m, stat); 2121 2122 if (sc->sc_drvbpf != NULL) { 2123 struct iwn_rx_radiotap_header *tap = &sc->sc_rxtap; 2124 2125 tap->wr_flags = 0; 2126 if (stat->flags & htole16(IWN_STAT_FLAG_SHPREAMBLE)) 2127 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2128 tap->wr_chan_freq = 2129 htole16(ic->ic_channels[stat->chan].ic_freq); 2130 tap->wr_chan_flags = 2131 htole16(ic->ic_channels[stat->chan].ic_flags); 2132 tap->wr_dbm_antsignal = (int8_t)rssi; 2133 tap->wr_dbm_antnoise = (int8_t)sc->noise; 2134 tap->wr_tsft = stat->tstamp; 2135 switch (stat->rate) { 2136 /* CCK rates. */ 2137 case 10: tap->wr_rate = 2; break; 2138 case 20: tap->wr_rate = 4; break; 2139 case 55: tap->wr_rate = 11; break; 2140 case 110: tap->wr_rate = 22; break; 2141 /* OFDM rates. */ 2142 case 0xd: tap->wr_rate = 12; break; 2143 case 0xf: tap->wr_rate = 18; break; 2144 case 0x5: tap->wr_rate = 24; break; 2145 case 0x7: tap->wr_rate = 36; break; 2146 case 0x9: tap->wr_rate = 48; break; 2147 case 0xb: tap->wr_rate = 72; break; 2148 case 0x1: tap->wr_rate = 96; break; 2149 case 0x3: tap->wr_rate = 108; break; 2150 /* Unknown rate: should not happen. */ 2151 default: tap->wr_rate = 0; 2152 } 2153 2154 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 2155 } 2156 2157 /* Send the frame to the 802.11 layer. */ 2158 ieee80211_input(ic, m, ni, rssi, 0); 2159 2160 /* Node is no longer needed. */ 2161 ieee80211_free_node(ni); 2162 2163 splx(s); 2164 } 2165 2166 #ifndef IEEE80211_NO_HT 2167 /* Process an incoming Compressed BlockAck. */ 2168 static void 2169 iwn_rx_compressed_ba(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2170 struct iwn_rx_data *data) 2171 { 2172 struct iwn_compressed_ba *ba = (struct iwn_compressed_ba *)(desc + 1); 2173 struct iwn_tx_ring *txq; 2174 2175 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), sizeof (*ba), 2176 BUS_DMASYNC_POSTREAD); 2177 2178 txq = &sc->txq[le16toh(ba->qid)]; 2179 /* XXX TBD */ 2180 } 2181 #endif 2182 2183 /* 2184 * Process a CALIBRATION_RESULT notification sent by the initialization 2185 * firmware on response to a CMD_CALIB_CONFIG command (5000 only). 2186 */ 2187 static void 2188 iwn5000_rx_calib_results(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2189 struct iwn_rx_data *data) 2190 { 2191 struct iwn_phy_calib *calib = (struct iwn_phy_calib *)(desc + 1); 2192 int len, idx = -1; 2193 2194 /* Runtime firmware should not send such a notification. */ 2195 if (sc->sc_flags & IWN_FLAG_CALIB_DONE) 2196 return; 2197 2198 len = (le32toh(desc->len) & 0x3fff) - 4; 2199 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), len, 2200 BUS_DMASYNC_POSTREAD); 2201 2202 switch (calib->code) { 2203 case IWN5000_PHY_CALIB_DC: 2204 if (sc->hw_type == IWN_HW_REV_TYPE_5150 || 2205 sc->hw_type == IWN_HW_REV_TYPE_2030 || 2206 sc->hw_type == IWN_HW_REV_TYPE_2000 || 2207 sc->hw_type == IWN_HW_REV_TYPE_135 || 2208 sc->hw_type == IWN_HW_REV_TYPE_105) 2209 idx = 0; 2210 break; 2211 case IWN5000_PHY_CALIB_LO: 2212 idx = 1; 2213 break; 2214 case IWN5000_PHY_CALIB_TX_IQ: 2215 idx = 2; 2216 break; 2217 case IWN5000_PHY_CALIB_TX_IQ_PERIODIC: 2218 if (sc->hw_type < IWN_HW_REV_TYPE_6000 && 2219 sc->hw_type != IWN_HW_REV_TYPE_5150) 2220 idx = 3; 2221 break; 2222 case IWN5000_PHY_CALIB_BASE_BAND: 2223 idx = 4; 2224 break; 2225 } 2226 if (idx == -1) /* Ignore other results. */ 2227 return; 2228 2229 /* Save calibration result. */ 2230 if (sc->calibcmd[idx].buf != NULL) 2231 free(sc->calibcmd[idx].buf, M_DEVBUF); 2232 sc->calibcmd[idx].buf = malloc(len, M_DEVBUF, M_NOWAIT); 2233 if (sc->calibcmd[idx].buf == NULL) { 2234 DPRINTF(("not enough memory for calibration result %d\n", 2235 calib->code)); 2236 return; 2237 } 2238 DPRINTF(("saving calibration result code=%d len=%d\n", 2239 calib->code, len)); 2240 sc->calibcmd[idx].len = len; 2241 memcpy(sc->calibcmd[idx].buf, calib, len); 2242 } 2243 2244 /* 2245 * Process an RX_STATISTICS or BEACON_STATISTICS firmware notification. 2246 * The latter is sent by the firmware after each received beacon. 2247 */ 2248 static void 2249 iwn_rx_statistics(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2250 struct iwn_rx_data *data) 2251 { 2252 struct iwn_ops *ops = &sc->ops; 2253 struct ieee80211com *ic = &sc->sc_ic; 2254 struct iwn_calib_state *calib = &sc->calib; 2255 struct iwn_stats *stats = (struct iwn_stats *)(desc + 1); 2256 int temp; 2257 2258 /* Ignore statistics received during a scan. */ 2259 if (ic->ic_state != IEEE80211_S_RUN) 2260 return; 2261 2262 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2263 sizeof (*stats), BUS_DMASYNC_POSTREAD); 2264 2265 DPRINTFN(3, ("received statistics (cmd=%d)\n", desc->type)); 2266 sc->calib_cnt = 0; /* Reset TX power calibration timeout. */ 2267 2268 /* Test if temperature has changed. */ 2269 if (stats->general.temp != sc->rawtemp) { 2270 /* Convert "raw" temperature to degC. */ 2271 sc->rawtemp = stats->general.temp; 2272 temp = ops->get_temperature(sc); 2273 DPRINTFN(2, ("temperature=%dC\n", temp)); 2274 2275 /* Update TX power if need be (4965AGN only). */ 2276 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 2277 iwn4965_power_calibration(sc, temp); 2278 } 2279 2280 if (desc->type != IWN_BEACON_STATISTICS) 2281 return; /* Reply to a statistics request. */ 2282 2283 sc->noise = iwn_get_noise(&stats->rx.general); 2284 2285 /* Test that RSSI and noise are present in stats report. */ 2286 if (le32toh(stats->rx.general.flags) != 1) { 2287 DPRINTF(("received statistics without RSSI\n")); 2288 return; 2289 } 2290 2291 /* 2292 * XXX Differential gain calibration makes the 6005 firmware 2293 * crap out, so skip it for now. This effectively disables 2294 * sensitivity tuning as well. 2295 */ 2296 if (sc->hw_type == IWN_HW_REV_TYPE_6005) 2297 return; 2298 2299 if (calib->state == IWN_CALIB_STATE_ASSOC) 2300 iwn_collect_noise(sc, &stats->rx.general); 2301 else if (calib->state == IWN_CALIB_STATE_RUN) 2302 iwn_tune_sensitivity(sc, &stats->rx); 2303 } 2304 2305 /* 2306 * Process a TX_DONE firmware notification. Unfortunately, the 4965AGN 2307 * and 5000 adapters have different incompatible TX status formats. 2308 */ 2309 static void 2310 iwn4965_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2311 struct iwn_rx_data *data) 2312 { 2313 struct iwn4965_tx_stat *stat = (struct iwn4965_tx_stat *)(desc + 1); 2314 2315 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2316 sizeof (*stat), BUS_DMASYNC_POSTREAD); 2317 iwn_tx_done(sc, desc, stat->ackfailcnt, le32toh(stat->status) & 0xff); 2318 } 2319 2320 static void 2321 iwn5000_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2322 struct iwn_rx_data *data) 2323 { 2324 struct iwn5000_tx_stat *stat = (struct iwn5000_tx_stat *)(desc + 1); 2325 2326 #ifdef notyet 2327 /* Reset TX scheduler slot. */ 2328 iwn5000_reset_sched(sc, desc->qid & 0xf, desc->idx); 2329 #endif 2330 2331 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2332 sizeof (*stat), BUS_DMASYNC_POSTREAD); 2333 iwn_tx_done(sc, desc, stat->ackfailcnt, le16toh(stat->status) & 0xff); 2334 } 2335 2336 /* 2337 * Adapter-independent backend for TX_DONE firmware notifications. 2338 */ 2339 static void 2340 iwn_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, int ackfailcnt, 2341 uint8_t status) 2342 { 2343 struct ieee80211com *ic = &sc->sc_ic; 2344 struct ifnet *ifp = ic->ic_ifp; 2345 struct iwn_tx_ring *ring = &sc->txq[desc->qid & 0xf]; 2346 struct iwn_tx_data *data = &ring->data[desc->idx]; 2347 struct iwn_node *wn = (struct iwn_node *)data->ni; 2348 int s; 2349 2350 s = splnet(); 2351 2352 /* Update rate control statistics. */ 2353 wn->amn.amn_txcnt++; 2354 if (ackfailcnt > 0) 2355 wn->amn.amn_retrycnt++; 2356 2357 if (status != 1 && status != 2) 2358 ifp->if_oerrors++; 2359 else 2360 ifp->if_opackets++; 2361 2362 /* Unmap and free mbuf. */ 2363 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 2364 BUS_DMASYNC_POSTWRITE); 2365 bus_dmamap_unload(sc->sc_dmat, data->map); 2366 m_freem(data->m); 2367 data->m = NULL; 2368 ieee80211_free_node(data->ni); 2369 data->ni = NULL; 2370 2371 sc->sc_tx_timer = 0; 2372 if (--ring->queued < IWN_TX_RING_LOMARK) { 2373 sc->qfullmsk &= ~(1 << ring->qid); 2374 if (sc->qfullmsk == 0 && (ifp->if_flags & IFF_OACTIVE)) { 2375 ifp->if_flags &= ~IFF_OACTIVE; 2376 iwn_start(ifp); 2377 } 2378 } 2379 2380 splx(s); 2381 } 2382 2383 /* 2384 * Process a "command done" firmware notification. This is where we wakeup 2385 * processes waiting for a synchronous command completion. 2386 */ 2387 static void 2388 iwn_cmd_done(struct iwn_softc *sc, struct iwn_rx_desc *desc) 2389 { 2390 struct iwn_tx_ring *ring = &sc->txq[4]; 2391 struct iwn_tx_data *data; 2392 2393 if ((desc->qid & 0xf) != 4) 2394 return; /* Not a command ack. */ 2395 2396 data = &ring->data[desc->idx]; 2397 2398 /* If the command was mapped in an mbuf, free it. */ 2399 if (data->m != NULL) { 2400 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 2401 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 2402 bus_dmamap_unload(sc->sc_dmat, data->map); 2403 m_freem(data->m); 2404 data->m = NULL; 2405 } 2406 wakeup(&ring->desc[desc->idx]); 2407 } 2408 2409 /* 2410 * Process an INT_FH_RX or INT_SW_RX interrupt. 2411 */ 2412 static void 2413 iwn_notif_intr(struct iwn_softc *sc) 2414 { 2415 struct iwn_ops *ops = &sc->ops; 2416 struct ieee80211com *ic = &sc->sc_ic; 2417 struct ifnet *ifp = ic->ic_ifp; 2418 uint16_t hw; 2419 int s; 2420 2421 bus_dmamap_sync(sc->sc_dmat, sc->rxq.stat_dma.map, 2422 0, sc->rxq.stat_dma.size, BUS_DMASYNC_POSTREAD); 2423 2424 hw = le16toh(sc->rxq.stat->closed_count) & 0xfff; 2425 while (sc->rxq.cur != hw) { 2426 struct iwn_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 2427 struct iwn_rx_desc *desc; 2428 2429 bus_dmamap_sync(sc->sc_dmat, data->map, 0, sizeof (*desc), 2430 BUS_DMASYNC_POSTREAD); 2431 desc = mtod(data->m, struct iwn_rx_desc *); 2432 2433 DPRINTFN(4, ("notification qid=%d idx=%d flags=%x type=%d\n", 2434 desc->qid & 0xf, desc->idx, desc->flags, desc->type)); 2435 2436 if (!(desc->qid & 0x80)) /* Reply to a command. */ 2437 iwn_cmd_done(sc, desc); 2438 2439 switch (desc->type) { 2440 case IWN_RX_PHY: 2441 iwn_rx_phy(sc, desc, data); 2442 break; 2443 2444 case IWN_RX_DONE: /* 4965AGN only. */ 2445 case IWN_MPDU_RX_DONE: 2446 /* An 802.11 frame has been received. */ 2447 iwn_rx_done(sc, desc, data); 2448 break; 2449 #ifndef IEEE80211_NO_HT 2450 case IWN_RX_COMPRESSED_BA: 2451 /* A Compressed BlockAck has been received. */ 2452 iwn_rx_compressed_ba(sc, desc, data); 2453 break; 2454 #endif 2455 case IWN_TX_DONE: 2456 /* An 802.11 frame has been transmitted. */ 2457 ops->tx_done(sc, desc, data); 2458 break; 2459 2460 case IWN_RX_STATISTICS: 2461 case IWN_BEACON_STATISTICS: 2462 iwn_rx_statistics(sc, desc, data); 2463 break; 2464 2465 case IWN_BEACON_MISSED: 2466 { 2467 struct iwn_beacon_missed *miss = 2468 (struct iwn_beacon_missed *)(desc + 1); 2469 2470 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2471 sizeof (*miss), BUS_DMASYNC_POSTREAD); 2472 /* 2473 * If more than 5 consecutive beacons are missed, 2474 * reinitialize the sensitivity state machine. 2475 */ 2476 DPRINTF(("beacons missed %d/%d\n", 2477 le32toh(miss->consecutive), le32toh(miss->total))); 2478 if (ic->ic_state == IEEE80211_S_RUN && 2479 le32toh(miss->consecutive) > 5) 2480 (void)iwn_init_sensitivity(sc); 2481 break; 2482 } 2483 case IWN_UC_READY: 2484 { 2485 struct iwn_ucode_info *uc = 2486 (struct iwn_ucode_info *)(desc + 1); 2487 2488 /* The microcontroller is ready. */ 2489 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2490 sizeof (*uc), BUS_DMASYNC_POSTREAD); 2491 DPRINTF(("microcode alive notification version=%d.%d " 2492 "subtype=%x alive=%x\n", uc->major, uc->minor, 2493 uc->subtype, le32toh(uc->valid))); 2494 2495 if (le32toh(uc->valid) != 1) { 2496 aprint_error_dev(sc->sc_dev, 2497 "microcontroller initialization " 2498 "failed\n"); 2499 break; 2500 } 2501 if (uc->subtype == IWN_UCODE_INIT) { 2502 /* Save microcontroller report. */ 2503 memcpy(&sc->ucode_info, uc, sizeof (*uc)); 2504 } 2505 /* Save the address of the error log in SRAM. */ 2506 sc->errptr = le32toh(uc->errptr); 2507 break; 2508 } 2509 case IWN_STATE_CHANGED: 2510 { 2511 uint32_t *status = (uint32_t *)(desc + 1); 2512 2513 /* Enabled/disabled notification. */ 2514 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2515 sizeof (*status), BUS_DMASYNC_POSTREAD); 2516 DPRINTF(("state changed to %x\n", le32toh(*status))); 2517 2518 if (le32toh(*status) & 1) { 2519 /* The radio button has to be pushed. */ 2520 aprint_error_dev(sc->sc_dev, 2521 "Radio transmitter is off\n"); 2522 /* Turn the interface down. */ 2523 s = splnet(); 2524 ifp->if_flags &= ~IFF_UP; 2525 iwn_stop(ifp, 1); 2526 splx(s); 2527 return; /* No further processing. */ 2528 } 2529 break; 2530 } 2531 case IWN_START_SCAN: 2532 { 2533 struct iwn_start_scan *scan = 2534 (struct iwn_start_scan *)(desc + 1); 2535 2536 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2537 sizeof (*scan), BUS_DMASYNC_POSTREAD); 2538 DPRINTFN(2, ("scanning channel %d status %x\n", 2539 scan->chan, le32toh(scan->status))); 2540 2541 /* Fix current channel. */ 2542 ic->ic_bss->ni_chan = &ic->ic_channels[scan->chan]; 2543 break; 2544 } 2545 case IWN_STOP_SCAN: 2546 { 2547 struct iwn_stop_scan *scan = 2548 (struct iwn_stop_scan *)(desc + 1); 2549 2550 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2551 sizeof (*scan), BUS_DMASYNC_POSTREAD); 2552 DPRINTF(("scan finished nchan=%d status=%d chan=%d\n", 2553 scan->nchan, scan->status, scan->chan)); 2554 2555 if (scan->status == 1 && scan->chan <= 14 && 2556 (sc->sc_flags & IWN_FLAG_HAS_5GHZ)) { 2557 /* 2558 * We just finished scanning 2GHz channels, 2559 * start scanning 5GHz ones. 2560 */ 2561 sc->sc_flags &= ~IWN_FLAG_SCANNING_2GHZ; 2562 sc->sc_flags |= IWN_FLAG_SCANNING_5GHZ; 2563 if (iwn_scan(sc, IEEE80211_CHAN_5GHZ) == 0) 2564 break; 2565 } 2566 sc->sc_flags &= ~IWN_FLAG_SCANNING; 2567 ieee80211_end_scan(ic); 2568 break; 2569 } 2570 case IWN5000_CALIBRATION_RESULT: 2571 iwn5000_rx_calib_results(sc, desc, data); 2572 break; 2573 2574 case IWN5000_CALIBRATION_DONE: 2575 sc->sc_flags |= IWN_FLAG_CALIB_DONE; 2576 wakeup(sc); 2577 break; 2578 } 2579 2580 sc->rxq.cur = (sc->rxq.cur + 1) % IWN_RX_RING_COUNT; 2581 } 2582 2583 /* Tell the firmware what we have processed. */ 2584 hw = (hw == 0) ? IWN_RX_RING_COUNT - 1 : hw - 1; 2585 IWN_WRITE(sc, IWN_FH_RX_WPTR, hw & ~7); 2586 } 2587 2588 /* 2589 * Process an INT_WAKEUP interrupt raised when the microcontroller wakes up 2590 * from power-down sleep mode. 2591 */ 2592 static void 2593 iwn_wakeup_intr(struct iwn_softc *sc) 2594 { 2595 int qid; 2596 2597 DPRINTF(("ucode wakeup from power-down sleep\n")); 2598 2599 /* Wakeup RX and TX rings. */ 2600 IWN_WRITE(sc, IWN_FH_RX_WPTR, sc->rxq.cur & ~7); 2601 for (qid = 0; qid < sc->ntxqs; qid++) { 2602 struct iwn_tx_ring *ring = &sc->txq[qid]; 2603 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | ring->cur); 2604 } 2605 } 2606 2607 /* 2608 * Dump the error log of the firmware when a firmware panic occurs. Although 2609 * we can't debug the firmware because it is neither open source nor free, it 2610 * can help us to identify certain classes of problems. 2611 */ 2612 static void 2613 iwn_fatal_intr(struct iwn_softc *sc) 2614 { 2615 struct iwn_fw_dump dump; 2616 int i; 2617 2618 /* Force a complete recalibration on next init. */ 2619 sc->sc_flags &= ~IWN_FLAG_CALIB_DONE; 2620 2621 /* Check that the error log address is valid. */ 2622 if (sc->errptr < IWN_FW_DATA_BASE || 2623 sc->errptr + sizeof (dump) > 2624 IWN_FW_DATA_BASE + sc->fw_data_maxsz) { 2625 aprint_error_dev(sc->sc_dev, 2626 "bad firmware error log address 0x%08x\n", sc->errptr); 2627 return; 2628 } 2629 if (iwn_nic_lock(sc) != 0) { 2630 aprint_error_dev(sc->sc_dev, 2631 "could not read firmware error log\n"); 2632 return; 2633 } 2634 /* Read firmware error log from SRAM. */ 2635 iwn_mem_read_region_4(sc, sc->errptr, (uint32_t *)&dump, 2636 sizeof (dump) / sizeof (uint32_t)); 2637 iwn_nic_unlock(sc); 2638 2639 if (dump.valid == 0) { 2640 aprint_error_dev(sc->sc_dev, 2641 "firmware error log is empty\n"); 2642 return; 2643 } 2644 aprint_error("firmware error log:\n"); 2645 aprint_error(" error type = \"%s\" (0x%08X)\n", 2646 (dump.id < __arraycount(iwn_fw_errmsg)) ? 2647 iwn_fw_errmsg[dump.id] : "UNKNOWN", 2648 dump.id); 2649 aprint_error(" program counter = 0x%08X\n", dump.pc); 2650 aprint_error(" source line = 0x%08X\n", dump.src_line); 2651 aprint_error(" error data = 0x%08X%08X\n", 2652 dump.error_data[0], dump.error_data[1]); 2653 aprint_error(" branch link = 0x%08X%08X\n", 2654 dump.branch_link[0], dump.branch_link[1]); 2655 aprint_error(" interrupt link = 0x%08X%08X\n", 2656 dump.interrupt_link[0], dump.interrupt_link[1]); 2657 aprint_error(" time = %u\n", dump.time[0]); 2658 2659 /* Dump driver status (TX and RX rings) while we're here. */ 2660 aprint_error("driver status:\n"); 2661 for (i = 0; i < sc->ntxqs; i++) { 2662 struct iwn_tx_ring *ring = &sc->txq[i]; 2663 aprint_error(" tx ring %2d: qid=%-2d cur=%-3d queued=%-3d\n", 2664 i, ring->qid, ring->cur, ring->queued); 2665 } 2666 aprint_error(" rx ring: cur=%d\n", sc->rxq.cur); 2667 aprint_error(" 802.11 state %d\n", sc->sc_ic.ic_state); 2668 } 2669 2670 static int 2671 iwn_intr(void *arg) 2672 { 2673 struct iwn_softc *sc = arg; 2674 2675 /* Disable interrupts. */ 2676 IWN_WRITE(sc, IWN_INT_MASK, 0); 2677 2678 softint_schedule(sc->sc_soft_ih); 2679 return 1; 2680 } 2681 2682 static void 2683 iwn_softintr(void *arg) 2684 { 2685 struct iwn_softc *sc = arg; 2686 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2687 uint32_t r1, r2, tmp; 2688 int s; 2689 2690 /* Read interrupts from ICT (fast) or from registers (slow). */ 2691 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 2692 bus_dmamap_sync(sc->sc_dmat, sc->ict_dma.map, 0, 2693 IWN_ICT_SIZE, BUS_DMASYNC_POSTREAD); 2694 tmp = 0; 2695 while (sc->ict[sc->ict_cur] != 0) { 2696 tmp |= sc->ict[sc->ict_cur]; 2697 sc->ict[sc->ict_cur] = 0; /* Acknowledge. */ 2698 sc->ict_cur = (sc->ict_cur + 1) % IWN_ICT_COUNT; 2699 } 2700 bus_dmamap_sync(sc->sc_dmat, sc->ict_dma.map, 0, 2701 IWN_ICT_SIZE, BUS_DMASYNC_PREWRITE); 2702 tmp = le32toh(tmp); 2703 if (tmp == 0xffffffff) /* Shouldn't happen. */ 2704 tmp = 0; 2705 else if (tmp & 0xc0000) /* Workaround a HW bug. */ 2706 tmp |= 0x8000; 2707 r1 = (tmp & 0xff00) << 16 | (tmp & 0xff); 2708 r2 = 0; /* Unused. */ 2709 } else { 2710 r1 = IWN_READ(sc, IWN_INT); 2711 if (r1 == 0xffffffff || (r1 & 0xfffffff0) == 0xa5a5a5a0) 2712 return; /* Hardware gone! */ 2713 r2 = IWN_READ(sc, IWN_FH_INT); 2714 } 2715 if (r1 == 0 && r2 == 0) { 2716 goto out; /* Interrupt not for us. */ 2717 } 2718 2719 /* Acknowledge interrupts. */ 2720 IWN_WRITE(sc, IWN_INT, r1); 2721 if (!(sc->sc_flags & IWN_FLAG_USE_ICT)) 2722 IWN_WRITE(sc, IWN_FH_INT, r2); 2723 2724 if (r1 & IWN_INT_RF_TOGGLED) { 2725 tmp = IWN_READ(sc, IWN_GP_CNTRL); 2726 aprint_error_dev(sc->sc_dev, 2727 "RF switch: radio %s\n", 2728 (tmp & IWN_GP_CNTRL_RFKILL) ? "enabled" : "disabled"); 2729 } 2730 if (r1 & IWN_INT_CT_REACHED) { 2731 aprint_error_dev(sc->sc_dev, 2732 "critical temperature reached!\n"); 2733 } 2734 if (r1 & (IWN_INT_SW_ERR | IWN_INT_HW_ERR)) { 2735 aprint_error_dev(sc->sc_dev, 2736 "fatal firmware error\n"); 2737 /* Dump firmware error log and stop. */ 2738 iwn_fatal_intr(sc); 2739 s = splnet(); 2740 ifp->if_flags &= ~IFF_UP; 2741 iwn_stop(ifp, 1); 2742 splx(s); 2743 return; 2744 } 2745 if ((r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX | IWN_INT_RX_PERIODIC)) || 2746 (r2 & IWN_FH_INT_RX)) { 2747 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 2748 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) 2749 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_RX); 2750 IWN_WRITE_1(sc, IWN_INT_PERIODIC, IWN_INT_PERIODIC_DIS); 2751 iwn_notif_intr(sc); 2752 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) { 2753 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 2754 IWN_INT_PERIODIC_ENA); 2755 } 2756 } else 2757 iwn_notif_intr(sc); 2758 } 2759 2760 if ((r1 & IWN_INT_FH_TX) || (r2 & IWN_FH_INT_TX)) { 2761 if (sc->sc_flags & IWN_FLAG_USE_ICT) 2762 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_TX); 2763 wakeup(sc); /* FH DMA transfer completed. */ 2764 } 2765 2766 if (r1 & IWN_INT_ALIVE) 2767 wakeup(sc); /* Firmware is alive. */ 2768 2769 if (r1 & IWN_INT_WAKEUP) 2770 iwn_wakeup_intr(sc); 2771 2772 out: 2773 /* Re-enable interrupts. */ 2774 if (ifp->if_flags & IFF_UP) 2775 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 2776 } 2777 2778 /* 2779 * Update TX scheduler ring when transmitting an 802.11 frame (4965AGN and 2780 * 5000 adapters use a slightly different format). 2781 */ 2782 static void 2783 iwn4965_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 2784 uint16_t len) 2785 { 2786 uint16_t *w = &sc->sched[qid * IWN4965_SCHED_COUNT + idx]; 2787 2788 *w = htole16(len + 8); 2789 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2790 (char *)(void *)w - (char *)(void *)sc->sched_dma.vaddr, 2791 sizeof (uint16_t), 2792 BUS_DMASYNC_PREWRITE); 2793 if (idx < IWN_SCHED_WINSZ) { 2794 *(w + IWN_TX_RING_COUNT) = *w; 2795 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2796 (char *)(void *)(w + IWN_TX_RING_COUNT) - 2797 (char *)(void *)sc->sched_dma.vaddr, 2798 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2799 } 2800 } 2801 2802 static void 2803 iwn5000_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 2804 uint16_t len) 2805 { 2806 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 2807 2808 *w = htole16(id << 12 | (len + 8)); 2809 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2810 (char *)(void *)w - (char *)(void *)sc->sched_dma.vaddr, 2811 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2812 if (idx < IWN_SCHED_WINSZ) { 2813 *(w + IWN_TX_RING_COUNT) = *w; 2814 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2815 (char *)(void *)(w + IWN_TX_RING_COUNT) - 2816 (char *)(void *)sc->sched_dma.vaddr, 2817 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2818 } 2819 } 2820 2821 #ifdef notyet 2822 static void 2823 iwn5000_reset_sched(struct iwn_softc *sc, int qid, int idx) 2824 { 2825 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 2826 2827 *w = (*w & htole16(0xf000)) | htole16(1); 2828 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2829 (char *)(void *)w - (char *)(void *)sc->sched_dma.vaddr, 2830 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2831 if (idx < IWN_SCHED_WINSZ) { 2832 *(w + IWN_TX_RING_COUNT) = *w; 2833 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2834 (char *)(void *)(w + IWN_TX_RING_COUNT) - 2835 (char *)(void *)sc->sched_dma.vaddr, 2836 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2837 } 2838 } 2839 #endif 2840 2841 static int 2842 iwn_tx(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni, int ac) 2843 { 2844 struct ieee80211com *ic = &sc->sc_ic; 2845 struct iwn_node *wn = (void *)ni; 2846 struct iwn_tx_ring *ring; 2847 struct iwn_tx_desc *desc; 2848 struct iwn_tx_data *data; 2849 struct iwn_tx_cmd *cmd; 2850 struct iwn_cmd_data *tx; 2851 const struct iwn_rate *rinfo; 2852 struct ieee80211_frame *wh; 2853 struct ieee80211_key *k = NULL; 2854 struct mbuf *m1; 2855 uint32_t flags; 2856 u_int hdrlen; 2857 bus_dma_segment_t *seg; 2858 uint8_t tid, ridx, txant, type; 2859 int i, totlen, error, pad; 2860 2861 const struct chanAccParams *cap; 2862 int noack; 2863 int hdrlen2; 2864 2865 wh = mtod(m, struct ieee80211_frame *); 2866 hdrlen = ieee80211_anyhdrsize(wh); 2867 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2868 2869 hdrlen2 = (ieee80211_has_qos(wh)) ? 2870 sizeof (struct ieee80211_qosframe) : 2871 sizeof (struct ieee80211_frame); 2872 2873 if (hdrlen != hdrlen2) 2874 aprint_error_dev(sc->sc_dev, "hdrlen error (%d != %d)\n", 2875 hdrlen, hdrlen2); 2876 2877 /* XXX OpenBSD sets a different tid when using QOS */ 2878 tid = 0; 2879 if (ieee80211_has_qos(wh)) { 2880 cap = &ic->ic_wme.wme_chanParams; 2881 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 2882 } 2883 else 2884 noack = 0; 2885 2886 ring = &sc->txq[ac]; 2887 desc = &ring->desc[ring->cur]; 2888 data = &ring->data[ring->cur]; 2889 2890 /* Choose a TX rate index. */ 2891 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2892 type != IEEE80211_FC0_TYPE_DATA) { 2893 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2894 IWN_RIDX_OFDM6 : IWN_RIDX_CCK1; 2895 } else if (ic->ic_fixed_rate != -1) { 2896 ridx = sc->fixed_ridx; 2897 } else 2898 ridx = wn->ridx[ni->ni_txrate]; 2899 rinfo = &iwn_rates[ridx]; 2900 2901 /* Encrypt the frame if need be. */ 2902 /* 2903 * XXX For now, NetBSD swaps the encryption and bpf sections 2904 * in order to match old code and other drivers. Tests with 2905 * tcpdump indicates that the order is irrelevant, however, 2906 * as bpf produces unencrypted data for both ordering choices. 2907 */ 2908 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2909 k = ieee80211_crypto_encap(ic, ni, m); 2910 if (k == NULL) { 2911 m_freem(m); 2912 return ENOBUFS; 2913 } 2914 /* Packet header may have moved, reset our local pointer. */ 2915 wh = mtod(m, struct ieee80211_frame *); 2916 } 2917 totlen = m->m_pkthdr.len; 2918 2919 if (sc->sc_drvbpf != NULL) { 2920 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 2921 2922 tap->wt_flags = 0; 2923 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 2924 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 2925 tap->wt_rate = rinfo->rate; 2926 tap->wt_hwqueue = ac; 2927 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 2928 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2929 2930 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m); 2931 } 2932 2933 /* Prepare TX firmware command. */ 2934 cmd = &ring->cmd[ring->cur]; 2935 cmd->code = IWN_CMD_TX_DATA; 2936 cmd->flags = 0; 2937 cmd->qid = ring->qid; 2938 cmd->idx = ring->cur; 2939 2940 tx = (struct iwn_cmd_data *)cmd->data; 2941 /* NB: No need to clear tx, all fields are reinitialized here. */ 2942 tx->scratch = 0; /* clear "scratch" area */ 2943 2944 flags = 0; 2945 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 2946 /* Unicast frame, check if an ACK is expected. */ 2947 if (!noack) 2948 flags |= IWN_TX_NEED_ACK; 2949 } 2950 2951 #ifdef notyet 2952 /* XXX NetBSD does not define IEEE80211_FC0_SUBTYPE_BAR */ 2953 if ((wh->i_fc[0] & 2954 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 2955 (IEEE80211_FC0_TYPE_CTL | IEEE80211_FC0_SUBTYPE_BAR)) 2956 flags |= IWN_TX_IMM_BA; /* Cannot happen yet. */ 2957 #endif 2958 2959 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) 2960 flags |= IWN_TX_MORE_FRAG; /* Cannot happen yet. */ 2961 2962 /* Check if frame must be protected using RTS/CTS or CTS-to-self. */ 2963 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 2964 /* NB: Group frames are sent using CCK in 802.11b/g. */ 2965 if (totlen + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) { 2966 flags |= IWN_TX_NEED_RTS; 2967 } else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 2968 ridx >= IWN_RIDX_OFDM6) { 2969 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 2970 flags |= IWN_TX_NEED_CTS; 2971 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 2972 flags |= IWN_TX_NEED_RTS; 2973 } 2974 if (flags & (IWN_TX_NEED_RTS | IWN_TX_NEED_CTS)) { 2975 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 2976 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 2977 flags &= ~(IWN_TX_NEED_RTS | IWN_TX_NEED_CTS); 2978 flags |= IWN_TX_NEED_PROTECTION; 2979 } else 2980 flags |= IWN_TX_FULL_TXOP; 2981 } 2982 } 2983 2984 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2985 type != IEEE80211_FC0_TYPE_DATA) 2986 tx->id = sc->broadcast_id; 2987 else 2988 tx->id = wn->id; 2989 2990 if (type == IEEE80211_FC0_TYPE_MGT) { 2991 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2992 2993 #ifndef IEEE80211_STA_ONLY 2994 /* Tell HW to set timestamp in probe responses. */ 2995 /* XXX NetBSD rev 1.11 added probe requests here but */ 2996 /* probe requests do not take timestamps (from Bergamini). */ 2997 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 2998 flags |= IWN_TX_INSERT_TSTAMP; 2999 #endif 3000 /* XXX NetBSD rev 1.11 and 1.20 added AUTH/DAUTH and RTS/CTS */ 3001 /* changes here. These are not needed (from Bergamini). */ 3002 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 3003 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 3004 tx->timeout = htole16(3); 3005 else 3006 tx->timeout = htole16(2); 3007 } else 3008 tx->timeout = htole16(0); 3009 3010 if (hdrlen & 3) { 3011 /* First segment length must be a multiple of 4. */ 3012 flags |= IWN_TX_NEED_PADDING; 3013 pad = 4 - (hdrlen & 3); 3014 } else 3015 pad = 0; 3016 3017 tx->len = htole16(totlen); 3018 tx->tid = tid; 3019 tx->rts_ntries = 60; 3020 tx->data_ntries = 15; 3021 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 3022 tx->plcp = rinfo->plcp; 3023 tx->rflags = rinfo->flags; 3024 if (tx->id == sc->broadcast_id) { 3025 /* Group or management frame. */ 3026 tx->linkq = 0; 3027 /* XXX Alternate between antenna A and B? */ 3028 txant = IWN_LSB(sc->txchainmask); 3029 tx->rflags |= IWN_RFLAG_ANT(txant); 3030 } else { 3031 tx->linkq = ni->ni_rates.rs_nrates - ni->ni_txrate - 1; 3032 flags |= IWN_TX_LINKQ; /* enable MRR */ 3033 } 3034 /* Set physical address of "scratch area". */ 3035 tx->loaddr = htole32(IWN_LOADDR(data->scratch_paddr)); 3036 tx->hiaddr = IWN_HIADDR(data->scratch_paddr); 3037 3038 /* Copy 802.11 header in TX command. */ 3039 /* XXX NetBSD changed this in rev 1.20 */ 3040 memcpy(((uint8_t *)tx) + sizeof(*tx), wh, hdrlen); 3041 3042 /* Trim 802.11 header. */ 3043 m_adj(m, hdrlen); 3044 tx->security = 0; 3045 tx->flags = htole32(flags); 3046 3047 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 3048 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 3049 if (error != 0) { 3050 if (error != EFBIG) { 3051 aprint_error_dev(sc->sc_dev, 3052 "can't map mbuf (error %d)\n", error); 3053 m_freem(m); 3054 return error; 3055 } 3056 /* Too many DMA segments, linearize mbuf. */ 3057 MGETHDR(m1, M_DONTWAIT, MT_DATA); 3058 if (m1 == NULL) { 3059 m_freem(m); 3060 return ENOBUFS; 3061 } 3062 if (m->m_pkthdr.len > MHLEN) { 3063 MCLGET(m1, M_DONTWAIT); 3064 if (!(m1->m_flags & M_EXT)) { 3065 m_freem(m); 3066 m_freem(m1); 3067 return ENOBUFS; 3068 } 3069 } 3070 m_copydata(m, 0, m->m_pkthdr.len, mtod(m1, void *)); 3071 m1->m_pkthdr.len = m1->m_len = m->m_pkthdr.len; 3072 m_freem(m); 3073 m = m1; 3074 3075 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 3076 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 3077 if (error != 0) { 3078 aprint_error_dev(sc->sc_dev, 3079 "can't map mbuf (error %d)\n", error); 3080 m_freem(m); 3081 return error; 3082 } 3083 } 3084 3085 data->m = m; 3086 data->ni = ni; 3087 3088 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 3089 ring->qid, ring->cur, m->m_pkthdr.len, data->map->dm_nsegs)); 3090 3091 /* Fill TX descriptor. */ 3092 desc->nsegs = 1 + data->map->dm_nsegs; 3093 /* First DMA segment is used by the TX command. */ 3094 desc->segs[0].addr = htole32(IWN_LOADDR(data->cmd_paddr)); 3095 desc->segs[0].len = htole16(IWN_HIADDR(data->cmd_paddr) | 3096 (4 + sizeof (*tx) + hdrlen + pad) << 4); 3097 /* Other DMA segments are for data payload. */ 3098 seg = data->map->dm_segs; 3099 for (i = 1; i <= data->map->dm_nsegs; i++) { 3100 desc->segs[i].addr = htole32(IWN_LOADDR(seg->ds_addr)); 3101 desc->segs[i].len = htole16(IWN_HIADDR(seg->ds_addr) | 3102 seg->ds_len << 4); 3103 seg++; 3104 } 3105 3106 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 3107 BUS_DMASYNC_PREWRITE); 3108 bus_dmamap_sync(sc->sc_dmat, ring->cmd_dma.map, 3109 (char *)(void *)cmd - (char *)(void *)ring->cmd_dma.vaddr, 3110 sizeof (*cmd), BUS_DMASYNC_PREWRITE); 3111 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 3112 (char *)(void *)desc - (char *)(void *)ring->desc_dma.vaddr, 3113 sizeof (*desc), BUS_DMASYNC_PREWRITE); 3114 3115 #ifdef notyet 3116 /* Update TX scheduler. */ 3117 ops->update_sched(sc, ring->qid, ring->cur, tx->id, totlen); 3118 #endif 3119 3120 /* Kick TX ring. */ 3121 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 3122 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 3123 3124 /* Mark TX ring as full if we reach a certain threshold. */ 3125 if (++ring->queued > IWN_TX_RING_HIMARK) 3126 sc->qfullmsk |= 1 << ring->qid; 3127 3128 return 0; 3129 } 3130 3131 static void 3132 iwn_start(struct ifnet *ifp) 3133 { 3134 struct iwn_softc *sc = ifp->if_softc; 3135 struct ieee80211com *ic = &sc->sc_ic; 3136 struct ieee80211_node *ni; 3137 struct ether_header *eh; 3138 struct mbuf *m; 3139 int ac; 3140 3141 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 3142 return; 3143 3144 for (;;) { 3145 if (sc->qfullmsk != 0) { 3146 ifp->if_flags |= IFF_OACTIVE; 3147 break; 3148 } 3149 /* Send pending management frames first. */ 3150 IF_DEQUEUE(&ic->ic_mgtq, m); 3151 if (m != NULL) { 3152 ni = M_GETCTX(m, struct ieee80211_node *); 3153 ac = 0; 3154 goto sendit; 3155 } 3156 if (ic->ic_state != IEEE80211_S_RUN) 3157 break; 3158 3159 /* Encapsulate and send data frames. */ 3160 IFQ_DEQUEUE(&ifp->if_snd, m); 3161 if (m == NULL) 3162 break; 3163 if (m->m_len < sizeof (*eh) && 3164 (m = m_pullup(m, sizeof (*eh))) == NULL) { 3165 ifp->if_oerrors++; 3166 continue; 3167 } 3168 eh = mtod(m, struct ether_header *); 3169 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 3170 if (ni == NULL) { 3171 m_freem(m); 3172 ifp->if_oerrors++; 3173 continue; 3174 } 3175 /* classify mbuf so we can find which tx ring to use */ 3176 if (ieee80211_classify(ic, m, ni) != 0) { 3177 m_freem(m); 3178 ieee80211_free_node(ni); 3179 ifp->if_oerrors++; 3180 continue; 3181 } 3182 3183 /* No QoS encapsulation for EAPOL frames. */ 3184 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 3185 M_WME_GETAC(m) : WME_AC_BE; 3186 3187 bpf_mtap(ifp, m); 3188 3189 if ((m = ieee80211_encap(ic, m, ni)) == NULL) { 3190 ieee80211_free_node(ni); 3191 ifp->if_oerrors++; 3192 continue; 3193 } 3194 sendit: 3195 bpf_mtap3(ic->ic_rawbpf, m); 3196 3197 if (iwn_tx(sc, m, ni, ac) != 0) { 3198 ieee80211_free_node(ni); 3199 ifp->if_oerrors++; 3200 continue; 3201 } 3202 3203 sc->sc_tx_timer = 5; 3204 ifp->if_timer = 1; 3205 } 3206 } 3207 3208 static void 3209 iwn_watchdog(struct ifnet *ifp) 3210 { 3211 struct iwn_softc *sc = ifp->if_softc; 3212 3213 ifp->if_timer = 0; 3214 3215 if (sc->sc_tx_timer > 0) { 3216 if (--sc->sc_tx_timer == 0) { 3217 aprint_error_dev(sc->sc_dev, 3218 "device timeout\n"); 3219 ifp->if_flags &= ~IFF_UP; 3220 iwn_stop(ifp, 1); 3221 ifp->if_oerrors++; 3222 return; 3223 } 3224 ifp->if_timer = 1; 3225 } 3226 3227 ieee80211_watchdog(&sc->sc_ic); 3228 } 3229 3230 static int 3231 iwn_ioctl(struct ifnet *ifp, u_long cmd, void *data) 3232 { 3233 struct iwn_softc *sc = ifp->if_softc; 3234 struct ieee80211com *ic = &sc->sc_ic; 3235 const struct sockaddr *sa; 3236 int s, error = 0; 3237 3238 s = splnet(); 3239 3240 switch (cmd) { 3241 case SIOCSIFADDR: 3242 ifp->if_flags |= IFF_UP; 3243 /* FALLTHROUGH */ 3244 case SIOCSIFFLAGS: 3245 /* XXX Added as it is in every NetBSD driver */ 3246 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 3247 break; 3248 if (ifp->if_flags & IFF_UP) { 3249 if (!(ifp->if_flags & IFF_RUNNING)) 3250 error = iwn_init(ifp); 3251 } else { 3252 if (ifp->if_flags & IFF_RUNNING) 3253 iwn_stop(ifp, 1); 3254 } 3255 break; 3256 3257 case SIOCADDMULTI: 3258 case SIOCDELMULTI: 3259 sa = ifreq_getaddr(SIOCADDMULTI, (struct ifreq *)data); 3260 error = (cmd == SIOCADDMULTI) ? 3261 ether_addmulti(sa, &sc->sc_ec) : 3262 ether_delmulti(sa, &sc->sc_ec); 3263 3264 if (error == ENETRESET) 3265 error = 0; 3266 break; 3267 3268 default: 3269 error = ieee80211_ioctl(ic, cmd, data); 3270 } 3271 3272 if (error == ENETRESET) { 3273 error = 0; 3274 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 3275 (IFF_UP | IFF_RUNNING)) { 3276 iwn_stop(ifp, 0); 3277 error = iwn_init(ifp); 3278 } 3279 } 3280 3281 splx(s); 3282 return error; 3283 } 3284 3285 /* 3286 * Send a command to the firmware. 3287 */ 3288 static int 3289 iwn_cmd(struct iwn_softc *sc, int code, const void *buf, int size, int async) 3290 { 3291 struct iwn_tx_ring *ring = &sc->txq[4]; 3292 struct iwn_tx_desc *desc; 3293 struct iwn_tx_data *data; 3294 struct iwn_tx_cmd *cmd; 3295 struct mbuf *m; 3296 bus_addr_t paddr; 3297 int totlen, error; 3298 3299 desc = &ring->desc[ring->cur]; 3300 data = &ring->data[ring->cur]; 3301 totlen = 4 + size; 3302 3303 if (size > sizeof cmd->data) { 3304 /* Command is too large to fit in a descriptor. */ 3305 if (totlen > MCLBYTES) 3306 return EINVAL; 3307 MGETHDR(m, M_DONTWAIT, MT_DATA); 3308 if (m == NULL) 3309 return ENOMEM; 3310 if (totlen > MHLEN) { 3311 MCLGET(m, M_DONTWAIT); 3312 if (!(m->m_flags & M_EXT)) { 3313 m_freem(m); 3314 return ENOMEM; 3315 } 3316 } 3317 cmd = mtod(m, struct iwn_tx_cmd *); 3318 error = bus_dmamap_load(sc->sc_dmat, data->map, cmd, totlen, 3319 NULL, BUS_DMA_NOWAIT | BUS_DMA_WRITE); 3320 if (error != 0) { 3321 m_freem(m); 3322 return error; 3323 } 3324 data->m = m; 3325 paddr = data->map->dm_segs[0].ds_addr; 3326 } else { 3327 cmd = &ring->cmd[ring->cur]; 3328 paddr = data->cmd_paddr; 3329 } 3330 3331 cmd->code = code; 3332 cmd->flags = 0; 3333 cmd->qid = ring->qid; 3334 cmd->idx = ring->cur; 3335 memcpy(cmd->data, buf, size); 3336 3337 desc->nsegs = 1; 3338 desc->segs[0].addr = htole32(IWN_LOADDR(paddr)); 3339 desc->segs[0].len = htole16(IWN_HIADDR(paddr) | totlen << 4); 3340 3341 if (size > sizeof cmd->data) { 3342 bus_dmamap_sync(sc->sc_dmat, data->map, 0, totlen, 3343 BUS_DMASYNC_PREWRITE); 3344 } else { 3345 bus_dmamap_sync(sc->sc_dmat, ring->cmd_dma.map, 3346 (char *)(void *)cmd - (char *)(void *)ring->cmd_dma.vaddr, 3347 totlen, BUS_DMASYNC_PREWRITE); 3348 } 3349 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 3350 (char *)(void *)desc - (char *)(void *)ring->desc_dma.vaddr, 3351 sizeof (*desc), BUS_DMASYNC_PREWRITE); 3352 3353 #ifdef notyet 3354 /* Update TX scheduler. */ 3355 ops->update_sched(sc, ring->qid, ring->cur, 0, 0); 3356 #endif 3357 DPRINTFN(4, ("iwn_cmd %d size=%d %s\n", code, size, async ? " (async)" : "")); 3358 3359 /* Kick command ring. */ 3360 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 3361 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 3362 3363 return async ? 0 : tsleep(desc, PCATCH, "iwncmd", hz); 3364 } 3365 3366 static int 3367 iwn4965_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 3368 { 3369 struct iwn4965_node_info hnode; 3370 char *src, *dst; 3371 3372 /* 3373 * We use the node structure for 5000 Series internally (it is 3374 * a superset of the one for 4965AGN). We thus copy the common 3375 * fields before sending the command. 3376 */ 3377 src = (char *)node; 3378 dst = (char *)&hnode; 3379 memcpy(dst, src, 48); 3380 /* Skip TSC, RX MIC and TX MIC fields from ``src''. */ 3381 memcpy(dst + 48, src + 72, 20); 3382 return iwn_cmd(sc, IWN_CMD_ADD_NODE, &hnode, sizeof hnode, async); 3383 } 3384 3385 static int 3386 iwn5000_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 3387 { 3388 /* Direct mapping. */ 3389 return iwn_cmd(sc, IWN_CMD_ADD_NODE, node, sizeof (*node), async); 3390 } 3391 3392 static int 3393 iwn_set_link_quality(struct iwn_softc *sc, struct ieee80211_node *ni) 3394 { 3395 struct iwn_node *wn = (void *)ni; 3396 struct ieee80211_rateset *rs = &ni->ni_rates; 3397 struct iwn_cmd_link_quality linkq; 3398 const struct iwn_rate *rinfo; 3399 uint8_t txant; 3400 int i, txrate; 3401 3402 /* Use the first valid TX antenna. */ 3403 txant = IWN_LSB(sc->txchainmask); 3404 3405 memset(&linkq, 0, sizeof linkq); 3406 linkq.id = wn->id; 3407 linkq.antmsk_1stream = txant; 3408 linkq.antmsk_2stream = IWN_ANT_AB; 3409 linkq.ampdu_max = 31; 3410 linkq.ampdu_threshold = 3; 3411 linkq.ampdu_limit = htole16(4000); /* 4ms */ 3412 3413 /* Start at highest available bit-rate. */ 3414 txrate = rs->rs_nrates - 1; 3415 for (i = 0; i < IWN_MAX_TX_RETRIES; i++) { 3416 rinfo = &iwn_rates[wn->ridx[txrate]]; 3417 linkq.retry[i].plcp = rinfo->plcp; 3418 linkq.retry[i].rflags = rinfo->flags; 3419 linkq.retry[i].rflags |= IWN_RFLAG_ANT(txant); 3420 /* Next retry at immediate lower bit-rate. */ 3421 if (txrate > 0) 3422 txrate--; 3423 } 3424 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, 1); 3425 } 3426 3427 /* 3428 * Broadcast node is used to send group-addressed and management frames. 3429 */ 3430 static int 3431 iwn_add_broadcast_node(struct iwn_softc *sc, int async) 3432 { 3433 struct iwn_ops *ops = &sc->ops; 3434 struct iwn_node_info node; 3435 struct iwn_cmd_link_quality linkq; 3436 const struct iwn_rate *rinfo; 3437 uint8_t txant; 3438 int i, error; 3439 3440 memset(&node, 0, sizeof node); 3441 IEEE80211_ADDR_COPY(node.macaddr, etherbroadcastaddr); 3442 node.id = sc->broadcast_id; 3443 DPRINTF(("adding broadcast node\n")); 3444 if ((error = ops->add_node(sc, &node, async)) != 0) 3445 return error; 3446 3447 /* Use the first valid TX antenna. */ 3448 txant = IWN_LSB(sc->txchainmask); 3449 3450 memset(&linkq, 0, sizeof linkq); 3451 linkq.id = sc->broadcast_id; 3452 linkq.antmsk_1stream = txant; 3453 linkq.antmsk_2stream = IWN_ANT_AB; 3454 linkq.ampdu_max = 64; 3455 linkq.ampdu_threshold = 3; 3456 linkq.ampdu_limit = htole16(4000); /* 4ms */ 3457 3458 /* Use lowest mandatory bit-rate. */ 3459 rinfo = (sc->sc_ic.ic_curmode != IEEE80211_MODE_11A) ? 3460 &iwn_rates[IWN_RIDX_CCK1] : &iwn_rates[IWN_RIDX_OFDM6]; 3461 linkq.retry[0].plcp = rinfo->plcp; 3462 linkq.retry[0].rflags = rinfo->flags; 3463 linkq.retry[0].rflags |= IWN_RFLAG_ANT(txant); 3464 /* Use same bit-rate for all TX retries. */ 3465 for (i = 1; i < IWN_MAX_TX_RETRIES; i++) { 3466 linkq.retry[i].plcp = linkq.retry[0].plcp; 3467 linkq.retry[i].rflags = linkq.retry[0].rflags; 3468 } 3469 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, async); 3470 } 3471 3472 static void 3473 iwn_set_led(struct iwn_softc *sc, uint8_t which, uint8_t off, uint8_t on) 3474 { 3475 struct iwn_cmd_led led; 3476 3477 /* Clear microcode LED ownership. */ 3478 IWN_CLRBITS(sc, IWN_LED, IWN_LED_BSM_CTRL); 3479 3480 led.which = which; 3481 led.unit = htole32(10000); /* on/off in unit of 100ms */ 3482 led.off = off; 3483 led.on = on; 3484 (void)iwn_cmd(sc, IWN_CMD_SET_LED, &led, sizeof led, 1); 3485 } 3486 3487 /* 3488 * Set the critical temperature at which the firmware will stop the radio 3489 * and notify us. 3490 */ 3491 static int 3492 iwn_set_critical_temp(struct iwn_softc *sc) 3493 { 3494 struct iwn_critical_temp crit; 3495 int32_t temp; 3496 3497 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CTEMP_STOP_RF); 3498 3499 if (sc->hw_type == IWN_HW_REV_TYPE_5150) 3500 temp = (IWN_CTOK(110) - sc->temp_off) * -5; 3501 else if (sc->hw_type == IWN_HW_REV_TYPE_4965) 3502 temp = IWN_CTOK(110); 3503 else 3504 temp = 110; 3505 memset(&crit, 0, sizeof crit); 3506 crit.tempR = htole32(temp); 3507 DPRINTF(("setting critical temperature to %d\n", temp)); 3508 return iwn_cmd(sc, IWN_CMD_SET_CRITICAL_TEMP, &crit, sizeof crit, 0); 3509 } 3510 3511 static int 3512 iwn_set_timing(struct iwn_softc *sc, struct ieee80211_node *ni) 3513 { 3514 struct iwn_cmd_timing cmd; 3515 uint64_t val, mod; 3516 3517 memset(&cmd, 0, sizeof cmd); 3518 memcpy(&cmd.tstamp, ni->ni_tstamp.data, sizeof (uint64_t)); 3519 cmd.bintval = htole16(ni->ni_intval); 3520 cmd.lintval = htole16(10); 3521 3522 /* Compute remaining time until next beacon. */ 3523 val = (uint64_t)ni->ni_intval * 1024; /* msecs -> usecs */ 3524 mod = le64toh(cmd.tstamp) % val; 3525 cmd.binitval = htole32((uint32_t)(val - mod)); 3526 3527 DPRINTF(("timing bintval=%u, tstamp=%" PRIu64 ", init=%" PRIu32 "\n", 3528 ni->ni_intval, le64toh(cmd.tstamp), (uint32_t)(val - mod))); 3529 3530 return iwn_cmd(sc, IWN_CMD_TIMING, &cmd, sizeof cmd, 1); 3531 } 3532 3533 static void 3534 iwn4965_power_calibration(struct iwn_softc *sc, int temp) 3535 { 3536 /* Adjust TX power if need be (delta >= 3 degC). */ 3537 DPRINTF(("temperature %d->%d\n", sc->temp, temp)); 3538 if (abs(temp - sc->temp) >= 3) { 3539 /* Record temperature of last calibration. */ 3540 sc->temp = temp; 3541 (void)iwn4965_set_txpower(sc, 1); 3542 } 3543 } 3544 3545 /* 3546 * Set TX power for current channel (each rate has its own power settings). 3547 * This function takes into account the regulatory information from EEPROM, 3548 * the current temperature and the current voltage. 3549 */ 3550 static int 3551 iwn4965_set_txpower(struct iwn_softc *sc, int async) 3552 { 3553 /* Fixed-point arithmetic division using a n-bit fractional part. */ 3554 #define fdivround(a, b, n) \ 3555 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 3556 /* Linear interpolation. */ 3557 #define interpolate(x, x1, y1, x2, y2, n) \ 3558 ((y1) + fdivround(((int)(x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 3559 3560 static const int tdiv[IWN_NATTEN_GROUPS] = { 9, 8, 8, 8, 6 }; 3561 struct ieee80211com *ic = &sc->sc_ic; 3562 struct iwn_ucode_info *uc = &sc->ucode_info; 3563 struct ieee80211_channel *ch; 3564 struct iwn4965_cmd_txpower cmd; 3565 struct iwn4965_eeprom_chan_samples *chans; 3566 const uint8_t *rf_gain, *dsp_gain; 3567 int32_t vdiff, tdiff; 3568 int i, c, grp, maxpwr; 3569 uint8_t chan; 3570 3571 /* Retrieve current channel from last RXON. */ 3572 chan = sc->rxon.chan; 3573 DPRINTF(("setting TX power for channel %d\n", chan)); 3574 ch = &ic->ic_channels[chan]; 3575 3576 memset(&cmd, 0, sizeof cmd); 3577 cmd.band = IEEE80211_IS_CHAN_5GHZ(ch) ? 0 : 1; 3578 cmd.chan = chan; 3579 3580 if (IEEE80211_IS_CHAN_5GHZ(ch)) { 3581 maxpwr = sc->maxpwr5GHz; 3582 rf_gain = iwn4965_rf_gain_5ghz; 3583 dsp_gain = iwn4965_dsp_gain_5ghz; 3584 } else { 3585 maxpwr = sc->maxpwr2GHz; 3586 rf_gain = iwn4965_rf_gain_2ghz; 3587 dsp_gain = iwn4965_dsp_gain_2ghz; 3588 } 3589 3590 /* Compute voltage compensation. */ 3591 vdiff = ((int32_t)le32toh(uc->volt) - sc->eeprom_voltage) / 7; 3592 if (vdiff > 0) 3593 vdiff *= 2; 3594 if (abs(vdiff) > 2) 3595 vdiff = 0; 3596 DPRINTF(("voltage compensation=%d (UCODE=%d, EEPROM=%d)\n", 3597 vdiff, le32toh(uc->volt), sc->eeprom_voltage)); 3598 3599 /* Get channel attenuation group. */ 3600 if (chan <= 20) /* 1-20 */ 3601 grp = 4; 3602 else if (chan <= 43) /* 34-43 */ 3603 grp = 0; 3604 else if (chan <= 70) /* 44-70 */ 3605 grp = 1; 3606 else if (chan <= 124) /* 71-124 */ 3607 grp = 2; 3608 else /* 125-200 */ 3609 grp = 3; 3610 DPRINTF(("chan %d, attenuation group=%d\n", chan, grp)); 3611 3612 /* Get channel sub-band. */ 3613 for (i = 0; i < IWN_NBANDS; i++) 3614 if (sc->bands[i].lo != 0 && 3615 sc->bands[i].lo <= chan && chan <= sc->bands[i].hi) 3616 break; 3617 if (i == IWN_NBANDS) /* Can't happen in real-life. */ 3618 return EINVAL; 3619 chans = sc->bands[i].chans; 3620 DPRINTF(("chan %d sub-band=%d\n", chan, i)); 3621 3622 for (c = 0; c < 2; c++) { 3623 uint8_t power, gain, temp; 3624 int maxchpwr, pwr, ridx, idx; 3625 3626 power = interpolate(chan, 3627 chans[0].num, chans[0].samples[c][1].power, 3628 chans[1].num, chans[1].samples[c][1].power, 1); 3629 gain = interpolate(chan, 3630 chans[0].num, chans[0].samples[c][1].gain, 3631 chans[1].num, chans[1].samples[c][1].gain, 1); 3632 temp = interpolate(chan, 3633 chans[0].num, chans[0].samples[c][1].temp, 3634 chans[1].num, chans[1].samples[c][1].temp, 1); 3635 DPRINTF(("TX chain %d: power=%d gain=%d temp=%d\n", 3636 c, power, gain, temp)); 3637 3638 /* Compute temperature compensation. */ 3639 tdiff = ((sc->temp - temp) * 2) / tdiv[grp]; 3640 DPRINTF(("temperature compensation=%d (current=%d, " 3641 "EEPROM=%d)\n", tdiff, sc->temp, temp)); 3642 3643 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) { 3644 /* Convert dBm to half-dBm. */ 3645 maxchpwr = sc->maxpwr[chan] * 2; 3646 if ((ridx / 8) & 1) 3647 maxchpwr -= 6; /* MIMO 2T: -3dB */ 3648 3649 pwr = maxpwr; 3650 3651 /* Adjust TX power based on rate. */ 3652 if ((ridx % 8) == 5) 3653 pwr -= 15; /* OFDM48: -7.5dB */ 3654 else if ((ridx % 8) == 6) 3655 pwr -= 17; /* OFDM54: -8.5dB */ 3656 else if ((ridx % 8) == 7) 3657 pwr -= 20; /* OFDM60: -10dB */ 3658 else 3659 pwr -= 10; /* Others: -5dB */ 3660 3661 /* Do not exceed channel max TX power. */ 3662 if (pwr > maxchpwr) 3663 pwr = maxchpwr; 3664 3665 idx = gain - (pwr - power) - tdiff - vdiff; 3666 if ((ridx / 8) & 1) /* MIMO */ 3667 idx += (int32_t)le32toh(uc->atten[grp][c]); 3668 3669 if (cmd.band == 0) 3670 idx += 9; /* 5GHz */ 3671 if (ridx == IWN_RIDX_MAX) 3672 idx += 5; /* CCK */ 3673 3674 /* Make sure idx stays in a valid range. */ 3675 if (idx < 0) 3676 idx = 0; 3677 else if (idx > IWN4965_MAX_PWR_INDEX) 3678 idx = IWN4965_MAX_PWR_INDEX; 3679 3680 DPRINTF(("TX chain %d, rate idx %d: power=%d\n", 3681 c, ridx, idx)); 3682 cmd.power[ridx].rf_gain[c] = rf_gain[idx]; 3683 cmd.power[ridx].dsp_gain[c] = dsp_gain[idx]; 3684 } 3685 } 3686 3687 DPRINTF(("setting TX power for chan %d\n", chan)); 3688 return iwn_cmd(sc, IWN_CMD_TXPOWER, &cmd, sizeof cmd, async); 3689 3690 #undef interpolate 3691 #undef fdivround 3692 } 3693 3694 static int 3695 iwn5000_set_txpower(struct iwn_softc *sc, int async) 3696 { 3697 struct iwn5000_cmd_txpower cmd; 3698 3699 /* 3700 * TX power calibration is handled automatically by the firmware 3701 * for 5000 Series. 3702 */ 3703 memset(&cmd, 0, sizeof cmd); 3704 cmd.global_limit = 2 * IWN5000_TXPOWER_MAX_DBM; /* 16 dBm */ 3705 cmd.flags = IWN5000_TXPOWER_NO_CLOSED; 3706 cmd.srv_limit = IWN5000_TXPOWER_AUTO; 3707 DPRINTF(("setting TX power\n")); 3708 return iwn_cmd(sc, IWN_CMD_TXPOWER_DBM, &cmd, sizeof cmd, async); 3709 } 3710 3711 /* 3712 * Retrieve the maximum RSSI (in dBm) among receivers. 3713 */ 3714 static int 3715 iwn4965_get_rssi(const struct iwn_rx_stat *stat) 3716 { 3717 const struct iwn4965_rx_phystat *phy = (const void *)stat->phybuf; 3718 uint8_t mask, agc; 3719 int rssi; 3720 3721 mask = (le16toh(phy->antenna) >> 4) & IWN_ANT_ABC; 3722 agc = (le16toh(phy->agc) >> 7) & 0x7f; 3723 3724 rssi = 0; 3725 if (mask & IWN_ANT_A) 3726 rssi = MAX(rssi, phy->rssi[0]); 3727 if (mask & IWN_ANT_B) 3728 rssi = MAX(rssi, phy->rssi[2]); 3729 if (mask & IWN_ANT_C) 3730 rssi = MAX(rssi, phy->rssi[4]); 3731 3732 return rssi - agc - IWN_RSSI_TO_DBM; 3733 } 3734 3735 static int 3736 iwn5000_get_rssi(const struct iwn_rx_stat *stat) 3737 { 3738 const struct iwn5000_rx_phystat *phy = (const void *)stat->phybuf; 3739 uint8_t agc; 3740 int rssi; 3741 3742 agc = (le32toh(phy->agc) >> 9) & 0x7f; 3743 3744 rssi = MAX(le16toh(phy->rssi[0]) & 0xff, 3745 le16toh(phy->rssi[1]) & 0xff); 3746 rssi = MAX(le16toh(phy->rssi[2]) & 0xff, rssi); 3747 3748 return rssi - agc - IWN_RSSI_TO_DBM; 3749 } 3750 3751 /* 3752 * Retrieve the average noise (in dBm) among receivers. 3753 */ 3754 static int 3755 iwn_get_noise(const struct iwn_rx_general_stats *stats) 3756 { 3757 int i, total, nbant, noise; 3758 3759 total = nbant = 0; 3760 for (i = 0; i < 3; i++) { 3761 if ((noise = le32toh(stats->noise[i]) & 0xff) == 0) 3762 continue; 3763 total += noise; 3764 nbant++; 3765 } 3766 /* There should be at least one antenna but check anyway. */ 3767 return (nbant == 0) ? -127 : (total / nbant) - 107; 3768 } 3769 3770 /* 3771 * Compute temperature (in degC) from last received statistics. 3772 */ 3773 static int 3774 iwn4965_get_temperature(struct iwn_softc *sc) 3775 { 3776 struct iwn_ucode_info *uc = &sc->ucode_info; 3777 int32_t r1, r2, r3, r4, temp; 3778 3779 r1 = le32toh(uc->temp[0].chan20MHz); 3780 r2 = le32toh(uc->temp[1].chan20MHz); 3781 r3 = le32toh(uc->temp[2].chan20MHz); 3782 r4 = le32toh(sc->rawtemp); 3783 3784 if (r1 == r3) /* Prevents division by 0 (should not happen). */ 3785 return 0; 3786 3787 /* Sign-extend 23-bit R4 value to 32-bit. */ 3788 r4 = ((r4 & 0xffffff) ^ 0x800000) - 0x800000; 3789 /* Compute temperature in Kelvin. */ 3790 temp = (259 * (r4 - r2)) / (r3 - r1); 3791 temp = (temp * 97) / 100 + 8; 3792 3793 DPRINTF(("temperature %dK/%dC\n", temp, IWN_KTOC(temp))); 3794 return IWN_KTOC(temp); 3795 } 3796 3797 static int 3798 iwn5000_get_temperature(struct iwn_softc *sc) 3799 { 3800 int32_t temp; 3801 3802 /* 3803 * Temperature is not used by the driver for 5000 Series because 3804 * TX power calibration is handled by firmware. We export it to 3805 * users through the sensor framework though. 3806 */ 3807 temp = le32toh(sc->rawtemp); 3808 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 3809 temp = (temp / -5) + sc->temp_off; 3810 temp = IWN_KTOC(temp); 3811 } 3812 return temp; 3813 } 3814 3815 /* 3816 * Initialize sensitivity calibration state machine. 3817 */ 3818 static int 3819 iwn_init_sensitivity(struct iwn_softc *sc) 3820 { 3821 struct iwn_ops *ops = &sc->ops; 3822 struct iwn_calib_state *calib = &sc->calib; 3823 uint32_t flags; 3824 int error; 3825 3826 /* Reset calibration state machine. */ 3827 memset(calib, 0, sizeof (*calib)); 3828 calib->state = IWN_CALIB_STATE_INIT; 3829 calib->cck_state = IWN_CCK_STATE_HIFA; 3830 /* Set initial correlation values. */ 3831 calib->ofdm_x1 = sc->limits->min_ofdm_x1; 3832 calib->ofdm_mrc_x1 = sc->limits->min_ofdm_mrc_x1; 3833 calib->ofdm_x4 = sc->limits->min_ofdm_x4; 3834 calib->ofdm_mrc_x4 = sc->limits->min_ofdm_mrc_x4; 3835 calib->cck_x4 = 125; 3836 calib->cck_mrc_x4 = sc->limits->min_cck_mrc_x4; 3837 calib->energy_cck = sc->limits->energy_cck; 3838 3839 /* Write initial sensitivity. */ 3840 if ((error = iwn_send_sensitivity(sc)) != 0) 3841 return error; 3842 3843 /* Write initial gains. */ 3844 if ((error = ops->init_gains(sc)) != 0) 3845 return error; 3846 3847 /* Request statistics at each beacon interval. */ 3848 flags = 0; 3849 DPRINTF(("sending request for statistics\n")); 3850 return iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, sizeof flags, 1); 3851 } 3852 3853 /* 3854 * Collect noise and RSSI statistics for the first 20 beacons received 3855 * after association and use them to determine connected antennas and 3856 * to set differential gains. 3857 */ 3858 static void 3859 iwn_collect_noise(struct iwn_softc *sc, 3860 const struct iwn_rx_general_stats *stats) 3861 { 3862 struct iwn_ops *ops = &sc->ops; 3863 struct iwn_calib_state *calib = &sc->calib; 3864 uint32_t val; 3865 int i; 3866 3867 /* Accumulate RSSI and noise for all 3 antennas. */ 3868 for (i = 0; i < 3; i++) { 3869 calib->rssi[i] += le32toh(stats->rssi[i]) & 0xff; 3870 calib->noise[i] += le32toh(stats->noise[i]) & 0xff; 3871 } 3872 /* NB: We update differential gains only once after 20 beacons. */ 3873 if (++calib->nbeacons < 20) 3874 return; 3875 3876 /* Determine highest average RSSI. */ 3877 val = MAX(calib->rssi[0], calib->rssi[1]); 3878 val = MAX(calib->rssi[2], val); 3879 3880 /* Determine which antennas are connected. */ 3881 sc->chainmask = sc->rxchainmask; 3882 for (i = 0; i < 3; i++) 3883 if (val - calib->rssi[i] > 15 * 20) 3884 sc->chainmask &= ~(1 << i); 3885 DPRINTF(("RX chains mask: theoretical=0x%x, actual=0x%x\n", 3886 sc->rxchainmask, sc->chainmask)); 3887 3888 /* If none of the TX antennas are connected, keep at least one. */ 3889 if ((sc->chainmask & sc->txchainmask) == 0) 3890 sc->chainmask |= IWN_LSB(sc->txchainmask); 3891 3892 (void)ops->set_gains(sc); 3893 calib->state = IWN_CALIB_STATE_RUN; 3894 3895 #ifdef notyet 3896 /* XXX Disable RX chains with no antennas connected. */ 3897 sc->rxon.rxchain = htole16(IWN_RXCHAIN_SEL(sc->chainmask)); 3898 (void)iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, sc->rxonsz, 1); 3899 #endif 3900 3901 /* Enable power-saving mode if requested by user. */ 3902 if (sc->sc_ic.ic_flags & IEEE80211_F_PMGTON) 3903 (void)iwn_set_pslevel(sc, 0, 3, 1); 3904 } 3905 3906 static int 3907 iwn4965_init_gains(struct iwn_softc *sc) 3908 { 3909 struct iwn_phy_calib_gain cmd; 3910 3911 memset(&cmd, 0, sizeof cmd); 3912 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 3913 /* Differential gains initially set to 0 for all 3 antennas. */ 3914 DPRINTF(("setting initial differential gains\n")); 3915 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3916 } 3917 3918 static int 3919 iwn5000_init_gains(struct iwn_softc *sc) 3920 { 3921 struct iwn_phy_calib cmd; 3922 3923 memset(&cmd, 0, sizeof cmd); 3924 cmd.code = sc->reset_noise_gain; 3925 cmd.ngroups = 1; 3926 cmd.isvalid = 1; 3927 DPRINTF(("setting initial differential gains\n")); 3928 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3929 } 3930 3931 static int 3932 iwn4965_set_gains(struct iwn_softc *sc) 3933 { 3934 struct iwn_calib_state *calib = &sc->calib; 3935 struct iwn_phy_calib_gain cmd; 3936 int i, delta, noise; 3937 3938 /* Get minimal noise among connected antennas. */ 3939 noise = INT_MAX; /* NB: There's at least one antenna. */ 3940 for (i = 0; i < 3; i++) 3941 if (sc->chainmask & (1 << i)) 3942 noise = MIN(calib->noise[i], noise); 3943 3944 memset(&cmd, 0, sizeof cmd); 3945 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 3946 /* Set differential gains for connected antennas. */ 3947 for (i = 0; i < 3; i++) { 3948 if (sc->chainmask & (1 << i)) { 3949 /* Compute attenuation (in unit of 1.5dB). */ 3950 delta = (noise - (int32_t)calib->noise[i]) / 30; 3951 /* NB: delta <= 0 */ 3952 /* Limit to [-4.5dB,0]. */ 3953 cmd.gain[i] = MIN(abs(delta), 3); 3954 if (delta < 0) 3955 cmd.gain[i] |= 1 << 2; /* sign bit */ 3956 } 3957 } 3958 DPRINTF(("setting differential gains Ant A/B/C: %x/%x/%x (%x)\n", 3959 cmd.gain[0], cmd.gain[1], cmd.gain[2], sc->chainmask)); 3960 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3961 } 3962 3963 static int 3964 iwn5000_set_gains(struct iwn_softc *sc) 3965 { 3966 struct iwn_calib_state *calib = &sc->calib; 3967 struct iwn_phy_calib_gain cmd; 3968 int i, ant, div, delta; 3969 3970 /* We collected 20 beacons and !=6050 need a 1.5 factor. */ 3971 div = (sc->hw_type == IWN_HW_REV_TYPE_6050) ? 20 : 30; 3972 3973 memset(&cmd, 0, sizeof cmd); 3974 cmd.code = sc->noise_gain; 3975 cmd.ngroups = 1; 3976 cmd.isvalid = 1; 3977 /* Get first available RX antenna as referential. */ 3978 ant = IWN_LSB(sc->rxchainmask); 3979 /* Set differential gains for other antennas. */ 3980 for (i = ant + 1; i < 3; i++) { 3981 if (sc->chainmask & (1 << i)) { 3982 /* The delta is relative to antenna "ant". */ 3983 delta = ((int32_t)calib->noise[ant] - 3984 (int32_t)calib->noise[i]) / div; 3985 /* Limit to [-4.5dB,+4.5dB]. */ 3986 cmd.gain[i - 1] = MIN(abs(delta), 3); 3987 if (delta < 0) 3988 cmd.gain[i - 1] |= 1 << 2; /* sign bit */ 3989 } 3990 } 3991 DPRINTF(("setting differential gains: %x/%x (%x)\n", 3992 cmd.gain[0], cmd.gain[1], sc->chainmask)); 3993 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3994 } 3995 3996 /* 3997 * Tune RF RX sensitivity based on the number of false alarms detected 3998 * during the last beacon period. 3999 */ 4000 static void 4001 iwn_tune_sensitivity(struct iwn_softc *sc, const struct iwn_rx_stats *stats) 4002 { 4003 #define inc(val, inc, max) \ 4004 if ((val) < (max)) { \ 4005 if ((val) < (max) - (inc)) \ 4006 (val) += (inc); \ 4007 else \ 4008 (val) = (max); \ 4009 needs_update = 1; \ 4010 } 4011 #define dec(val, dec, min) \ 4012 if ((val) > (min)) { \ 4013 if ((val) > (min) + (dec)) \ 4014 (val) -= (dec); \ 4015 else \ 4016 (val) = (min); \ 4017 needs_update = 1; \ 4018 } 4019 4020 const struct iwn_sensitivity_limits *limits = sc->limits; 4021 struct iwn_calib_state *calib = &sc->calib; 4022 uint32_t val, rxena, fa; 4023 uint32_t energy[3], energy_min; 4024 uint8_t noise[3], noise_ref; 4025 int i, needs_update = 0; 4026 4027 /* Check that we've been enabled long enough. */ 4028 if ((rxena = le32toh(stats->general.load)) == 0) 4029 return; 4030 4031 /* Compute number of false alarms since last call for OFDM. */ 4032 fa = le32toh(stats->ofdm.bad_plcp) - calib->bad_plcp_ofdm; 4033 fa += le32toh(stats->ofdm.fa) - calib->fa_ofdm; 4034 fa *= 200 * 1024; /* 200TU */ 4035 4036 /* Save counters values for next call. */ 4037 calib->bad_plcp_ofdm = le32toh(stats->ofdm.bad_plcp); 4038 calib->fa_ofdm = le32toh(stats->ofdm.fa); 4039 4040 if (fa > 50 * rxena) { 4041 /* High false alarm count, decrease sensitivity. */ 4042 DPRINTFN(2, ("OFDM high false alarm count: %u\n", fa)); 4043 inc(calib->ofdm_x1, 1, limits->max_ofdm_x1); 4044 inc(calib->ofdm_mrc_x1, 1, limits->max_ofdm_mrc_x1); 4045 inc(calib->ofdm_x4, 1, limits->max_ofdm_x4); 4046 inc(calib->ofdm_mrc_x4, 1, limits->max_ofdm_mrc_x4); 4047 4048 } else if (fa < 5 * rxena) { 4049 /* Low false alarm count, increase sensitivity. */ 4050 DPRINTFN(2, ("OFDM low false alarm count: %u\n", fa)); 4051 dec(calib->ofdm_x1, 1, limits->min_ofdm_x1); 4052 dec(calib->ofdm_mrc_x1, 1, limits->min_ofdm_mrc_x1); 4053 dec(calib->ofdm_x4, 1, limits->min_ofdm_x4); 4054 dec(calib->ofdm_mrc_x4, 1, limits->min_ofdm_mrc_x4); 4055 } 4056 4057 /* Compute maximum noise among 3 receivers. */ 4058 for (i = 0; i < 3; i++) 4059 noise[i] = (le32toh(stats->general.noise[i]) >> 8) & 0xff; 4060 val = MAX(noise[0], noise[1]); 4061 val = MAX(noise[2], val); 4062 /* Insert it into our samples table. */ 4063 calib->noise_samples[calib->cur_noise_sample] = val; 4064 calib->cur_noise_sample = (calib->cur_noise_sample + 1) % 20; 4065 4066 /* Compute maximum noise among last 20 samples. */ 4067 noise_ref = calib->noise_samples[0]; 4068 for (i = 1; i < 20; i++) 4069 noise_ref = MAX(noise_ref, calib->noise_samples[i]); 4070 4071 /* Compute maximum energy among 3 receivers. */ 4072 for (i = 0; i < 3; i++) 4073 energy[i] = le32toh(stats->general.energy[i]); 4074 val = MIN(energy[0], energy[1]); 4075 val = MIN(energy[2], val); 4076 /* Insert it into our samples table. */ 4077 calib->energy_samples[calib->cur_energy_sample] = val; 4078 calib->cur_energy_sample = (calib->cur_energy_sample + 1) % 10; 4079 4080 /* Compute minimum energy among last 10 samples. */ 4081 energy_min = calib->energy_samples[0]; 4082 for (i = 1; i < 10; i++) 4083 energy_min = MAX(energy_min, calib->energy_samples[i]); 4084 energy_min += 6; 4085 4086 /* Compute number of false alarms since last call for CCK. */ 4087 fa = le32toh(stats->cck.bad_plcp) - calib->bad_plcp_cck; 4088 fa += le32toh(stats->cck.fa) - calib->fa_cck; 4089 fa *= 200 * 1024; /* 200TU */ 4090 4091 /* Save counters values for next call. */ 4092 calib->bad_plcp_cck = le32toh(stats->cck.bad_plcp); 4093 calib->fa_cck = le32toh(stats->cck.fa); 4094 4095 if (fa > 50 * rxena) { 4096 /* High false alarm count, decrease sensitivity. */ 4097 DPRINTFN(2, ("CCK high false alarm count: %u\n", fa)); 4098 calib->cck_state = IWN_CCK_STATE_HIFA; 4099 calib->low_fa = 0; 4100 4101 if (calib->cck_x4 > 160) { 4102 calib->noise_ref = noise_ref; 4103 if (calib->energy_cck > 2) 4104 dec(calib->energy_cck, 2, energy_min); 4105 } 4106 if (calib->cck_x4 < 160) { 4107 calib->cck_x4 = 161; 4108 needs_update = 1; 4109 } else 4110 inc(calib->cck_x4, 3, limits->max_cck_x4); 4111 4112 inc(calib->cck_mrc_x4, 3, limits->max_cck_mrc_x4); 4113 4114 } else if (fa < 5 * rxena) { 4115 /* Low false alarm count, increase sensitivity. */ 4116 DPRINTFN(2, ("CCK low false alarm count: %u\n", fa)); 4117 calib->cck_state = IWN_CCK_STATE_LOFA; 4118 calib->low_fa++; 4119 4120 if (calib->cck_state != IWN_CCK_STATE_INIT && 4121 (((int32_t)calib->noise_ref - (int32_t)noise_ref) > 2 || 4122 calib->low_fa > 100)) { 4123 inc(calib->energy_cck, 2, limits->min_energy_cck); 4124 dec(calib->cck_x4, 3, limits->min_cck_x4); 4125 dec(calib->cck_mrc_x4, 3, limits->min_cck_mrc_x4); 4126 } 4127 } else { 4128 /* Not worth to increase or decrease sensitivity. */ 4129 DPRINTFN(2, ("CCK normal false alarm count: %u\n", fa)); 4130 calib->low_fa = 0; 4131 calib->noise_ref = noise_ref; 4132 4133 if (calib->cck_state == IWN_CCK_STATE_HIFA) { 4134 /* Previous interval had many false alarms. */ 4135 dec(calib->energy_cck, 8, energy_min); 4136 } 4137 calib->cck_state = IWN_CCK_STATE_INIT; 4138 } 4139 4140 if (needs_update) 4141 (void)iwn_send_sensitivity(sc); 4142 #undef dec 4143 #undef inc 4144 } 4145 4146 static int 4147 iwn_send_sensitivity(struct iwn_softc *sc) 4148 { 4149 struct iwn_calib_state *calib = &sc->calib; 4150 struct iwn_enhanced_sensitivity_cmd cmd; 4151 int len; 4152 4153 memset(&cmd, 0, sizeof cmd); 4154 len = sizeof (struct iwn_sensitivity_cmd); 4155 cmd.which = IWN_SENSITIVITY_WORKTBL; 4156 /* OFDM modulation. */ 4157 cmd.corr_ofdm_x1 = htole16(calib->ofdm_x1); 4158 cmd.corr_ofdm_mrc_x1 = htole16(calib->ofdm_mrc_x1); 4159 cmd.corr_ofdm_x4 = htole16(calib->ofdm_x4); 4160 cmd.corr_ofdm_mrc_x4 = htole16(calib->ofdm_mrc_x4); 4161 cmd.energy_ofdm = htole16(sc->limits->energy_ofdm); 4162 cmd.energy_ofdm_th = htole16(62); 4163 /* CCK modulation. */ 4164 cmd.corr_cck_x4 = htole16(calib->cck_x4); 4165 cmd.corr_cck_mrc_x4 = htole16(calib->cck_mrc_x4); 4166 cmd.energy_cck = htole16(calib->energy_cck); 4167 /* Barker modulation: use default values. */ 4168 cmd.corr_barker = htole16(190); 4169 cmd.corr_barker_mrc = htole16(390); 4170 if (!(sc->sc_flags & IWN_FLAG_ENH_SENS)) 4171 goto send; 4172 /* Enhanced sensitivity settings. */ 4173 len = sizeof (struct iwn_enhanced_sensitivity_cmd); 4174 cmd.ofdm_det_slope_mrc = htole16(668); 4175 cmd.ofdm_det_icept_mrc = htole16(4); 4176 cmd.ofdm_det_slope = htole16(486); 4177 cmd.ofdm_det_icept = htole16(37); 4178 cmd.cck_det_slope_mrc = htole16(853); 4179 cmd.cck_det_icept_mrc = htole16(4); 4180 cmd.cck_det_slope = htole16(476); 4181 cmd.cck_det_icept = htole16(99); 4182 send: 4183 DPRINTFN(2, ("setting sensitivity %d/%d/%d/%d/%d/%d/%d\n", 4184 calib->ofdm_x1, calib->ofdm_mrc_x1, calib->ofdm_x4, 4185 calib->ofdm_mrc_x4, calib->cck_x4, calib->cck_mrc_x4, 4186 calib->energy_cck)); 4187 return iwn_cmd(sc, IWN_CMD_SET_SENSITIVITY, &cmd, len, 1); 4188 } 4189 4190 /* 4191 * Set STA mode power saving level (between 0 and 5). 4192 * Level 0 is CAM (Continuously Aware Mode), 5 is for maximum power saving. 4193 */ 4194 static int 4195 iwn_set_pslevel(struct iwn_softc *sc, int dtim, int level, int async) 4196 { 4197 struct iwn_pmgt_cmd cmd; 4198 const struct iwn_pmgt *pmgt; 4199 uint32_t maxp, skip_dtim; 4200 pcireg_t reg; 4201 int i; 4202 4203 /* Select which PS parameters to use. */ 4204 if (dtim <= 2) 4205 pmgt = &iwn_pmgt[0][level]; 4206 else if (dtim <= 10) 4207 pmgt = &iwn_pmgt[1][level]; 4208 else 4209 pmgt = &iwn_pmgt[2][level]; 4210 4211 memset(&cmd, 0, sizeof cmd); 4212 if (level != 0) /* not CAM */ 4213 cmd.flags |= htole16(IWN_PS_ALLOW_SLEEP); 4214 if (level == 5) 4215 cmd.flags |= htole16(IWN_PS_FAST_PD); 4216 /* Retrieve PCIe Active State Power Management (ASPM). */ 4217 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 4218 sc->sc_cap_off + PCIE_LCSR); 4219 if (!(reg & PCIE_LCSR_ASPM_L0S)) /* L0s Entry disabled. */ 4220 cmd.flags |= htole16(IWN_PS_PCI_PMGT); 4221 cmd.rxtimeout = htole32(pmgt->rxtimeout * 1024); 4222 cmd.txtimeout = htole32(pmgt->txtimeout * 1024); 4223 4224 if (dtim == 0) { 4225 dtim = 1; 4226 skip_dtim = 0; 4227 } else 4228 skip_dtim = pmgt->skip_dtim; 4229 if (skip_dtim != 0) { 4230 cmd.flags |= htole16(IWN_PS_SLEEP_OVER_DTIM); 4231 maxp = pmgt->intval[4]; 4232 if (maxp == (uint32_t)-1) 4233 maxp = dtim * (skip_dtim + 1); 4234 else if (maxp > dtim) 4235 maxp = (maxp / dtim) * dtim; 4236 } else 4237 maxp = dtim; 4238 for (i = 0; i < 5; i++) 4239 cmd.intval[i] = htole32(MIN(maxp, pmgt->intval[i])); 4240 4241 DPRINTF(("setting power saving level to %d\n", level)); 4242 return iwn_cmd(sc, IWN_CMD_SET_POWER_MODE, &cmd, sizeof cmd, async); 4243 } 4244 4245 int 4246 iwn5000_runtime_calib(struct iwn_softc *sc) 4247 { 4248 struct iwn5000_calib_config cmd; 4249 4250 memset(&cmd, 0, sizeof cmd); 4251 cmd.ucode.once.enable = 0xffffffff; 4252 cmd.ucode.once.start = IWN5000_CALIB_DC; 4253 DPRINTF(("configuring runtime calibration\n")); 4254 return iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof(cmd), 0); 4255 } 4256 4257 static int 4258 iwn_config_bt_coex_bluetooth(struct iwn_softc *sc) 4259 { 4260 struct iwn_bluetooth bluetooth; 4261 4262 memset(&bluetooth, 0, sizeof bluetooth); 4263 bluetooth.flags = IWN_BT_COEX_ENABLE; 4264 bluetooth.lead_time = IWN_BT_LEAD_TIME_DEF; 4265 bluetooth.max_kill = IWN_BT_MAX_KILL_DEF; 4266 4267 DPRINTF(("configuring bluetooth coexistence\n")); 4268 return iwn_cmd(sc, IWN_CMD_BT_COEX, &bluetooth, sizeof bluetooth, 0); 4269 } 4270 4271 static int 4272 iwn_config_bt_coex_prio_table(struct iwn_softc *sc) 4273 { 4274 uint8_t prio_table[16]; 4275 4276 memset(&prio_table, 0, sizeof prio_table); 4277 prio_table[ 0] = 6; /* init calibration 1 */ 4278 prio_table[ 1] = 7; /* init calibration 2 */ 4279 prio_table[ 2] = 2; /* periodic calib low 1 */ 4280 prio_table[ 3] = 3; /* periodic calib low 2 */ 4281 prio_table[ 4] = 4; /* periodic calib high 1 */ 4282 prio_table[ 5] = 5; /* periodic calib high 2 */ 4283 prio_table[ 6] = 6; /* dtim */ 4284 prio_table[ 7] = 8; /* scan52 */ 4285 prio_table[ 8] = 10; /* scan24 */ 4286 4287 DPRINTF(("sending priority lookup table\n")); 4288 return iwn_cmd(sc, IWN_CMD_BT_COEX_PRIO_TABLE, 4289 &prio_table, sizeof prio_table, 0); 4290 } 4291 4292 static int 4293 iwn_config_bt_coex_adv_config(struct iwn_softc *sc, struct iwn_bt_basic *basic, 4294 size_t len) 4295 { 4296 struct iwn_btcoex_prot btprot; 4297 int error; 4298 4299 basic->bt.flags = IWN_BT_COEX_ENABLE; 4300 basic->bt.lead_time = IWN_BT_LEAD_TIME_DEF; 4301 basic->bt.max_kill = IWN_BT_MAX_KILL_DEF; 4302 basic->bt.bt3_timer_t7_value = IWN_BT_BT3_T7_DEF; 4303 basic->bt.kill_ack_mask = IWN_BT_KILL_ACK_MASK_DEF; 4304 basic->bt.kill_cts_mask = IWN_BT_KILL_CTS_MASK_DEF; 4305 basic->bt3_prio_sample_time = IWN_BT_BT3_PRIO_SAMPLE_DEF; 4306 basic->bt3_timer_t2_value = IWN_BT_BT3_T2_DEF; 4307 basic->bt3_lookup_table[ 0] = htole32(0xaaaaaaaa); /* Normal */ 4308 basic->bt3_lookup_table[ 1] = htole32(0xaaaaaaaa); 4309 basic->bt3_lookup_table[ 2] = htole32(0xaeaaaaaa); 4310 basic->bt3_lookup_table[ 3] = htole32(0xaaaaaaaa); 4311 basic->bt3_lookup_table[ 4] = htole32(0xcc00ff28); 4312 basic->bt3_lookup_table[ 5] = htole32(0x0000aaaa); 4313 basic->bt3_lookup_table[ 6] = htole32(0xcc00aaaa); 4314 basic->bt3_lookup_table[ 7] = htole32(0x0000aaaa); 4315 basic->bt3_lookup_table[ 8] = htole32(0xc0004000); 4316 basic->bt3_lookup_table[ 9] = htole32(0x00004000); 4317 basic->bt3_lookup_table[10] = htole32(0xf0005000); 4318 basic->bt3_lookup_table[11] = htole32(0xf0005000); 4319 basic->reduce_txpower = 0; /* as not implemented */ 4320 basic->valid = IWN_BT_ALL_VALID_MASK; 4321 4322 DPRINTF(("configuring advanced bluetooth coexistence v1\n")); 4323 error = iwn_cmd(sc, IWN_CMD_BT_COEX, basic, len, 0); 4324 if (error != 0) { 4325 aprint_error_dev(sc->sc_dev, 4326 "could not configure advanced bluetooth coexistence\n"); 4327 return error; 4328 } 4329 4330 error = iwn_config_bt_coex_prio_table(sc); 4331 if (error != 0) { 4332 aprint_error_dev(sc->sc_dev, 4333 "could not configure send BT priority table\n"); 4334 return error; 4335 } 4336 4337 /* Force BT state machine change */ 4338 memset(&btprot, 0, sizeof btprot); 4339 btprot.open = 1; 4340 btprot.type = 1; 4341 error = iwn_cmd(sc, IWN_CMD_BT_COEX_PROT, &btprot, sizeof btprot, 1); 4342 if (error != 0) { 4343 aprint_error_dev(sc->sc_dev, "could not open BT protcol\n"); 4344 return error; 4345 } 4346 4347 btprot.open = 0; 4348 error = iwn_cmd(sc, IWN_CMD_BT_COEX_PROT, &btprot, sizeof btprot, 1); 4349 if (error != 0) { 4350 aprint_error_dev(sc->sc_dev, "could not close BT protcol\n"); 4351 return error; 4352 } 4353 return 0; 4354 } 4355 4356 static int 4357 iwn_config_bt_coex_adv1(struct iwn_softc *sc) 4358 { 4359 struct iwn_bt_adv1 d; 4360 4361 memset(&d, 0, sizeof d); 4362 d.prio_boost = IWN_BT_PRIO_BOOST_DEF; 4363 d.tx_prio_boost = 0; 4364 d.rx_prio_boost = 0; 4365 return iwn_config_bt_coex_adv_config(sc, &d.basic, sizeof d); 4366 } 4367 4368 static int 4369 iwn_config_bt_coex_adv2(struct iwn_softc *sc) 4370 { 4371 struct iwn_bt_adv2 d; 4372 4373 memset(&d, 0, sizeof d); 4374 d.prio_boost = IWN_BT_PRIO_BOOST_DEF; 4375 d.tx_prio_boost = 0; 4376 d.rx_prio_boost = 0; 4377 return iwn_config_bt_coex_adv_config(sc, &d.basic, sizeof d); 4378 } 4379 4380 static int 4381 iwn_config(struct iwn_softc *sc) 4382 { 4383 struct iwn_ops *ops = &sc->ops; 4384 struct ieee80211com *ic = &sc->sc_ic; 4385 struct ifnet *ifp = ic->ic_ifp; 4386 uint32_t txmask; 4387 uint16_t rxchain; 4388 int error; 4389 4390 error = ops->config_bt_coex(sc); 4391 if (error != 0) { 4392 aprint_error_dev(sc->sc_dev, 4393 "could not configure bluetooth coexistence\n"); 4394 return error; 4395 } 4396 4397 /* Set radio temperature sensor offset. */ 4398 if (sc->hw_type == IWN_HW_REV_TYPE_6005) { 4399 error = iwn6000_temp_offset_calib(sc); 4400 if (error != 0) { 4401 aprint_error_dev(sc->sc_dev, 4402 "could not set temperature offset\n"); 4403 return error; 4404 } 4405 } 4406 4407 if (sc->hw_type == IWN_HW_REV_TYPE_2030 || 4408 sc->hw_type == IWN_HW_REV_TYPE_2000 || 4409 sc->hw_type == IWN_HW_REV_TYPE_135 || 4410 sc->hw_type == IWN_HW_REV_TYPE_105) { 4411 error = iwn2000_temp_offset_calib(sc); 4412 if (error != 0) { 4413 aprint_error_dev(sc->sc_dev, 4414 "could not set temperature offset\n"); 4415 return error; 4416 } 4417 } 4418 4419 if (sc->hw_type == IWN_HW_REV_TYPE_6050 || 4420 sc->hw_type == IWN_HW_REV_TYPE_6005) { 4421 /* Configure runtime DC calibration. */ 4422 error = iwn5000_runtime_calib(sc); 4423 if (error != 0) { 4424 aprint_error_dev(sc->sc_dev, 4425 "could not configure runtime calibration\n"); 4426 return error; 4427 } 4428 } 4429 4430 /* Configure valid TX chains for 5000 Series. */ 4431 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4432 txmask = htole32(sc->txchainmask); 4433 DPRINTF(("configuring valid TX chains 0x%x\n", txmask)); 4434 error = iwn_cmd(sc, IWN5000_CMD_TX_ANT_CONFIG, &txmask, 4435 sizeof txmask, 0); 4436 if (error != 0) { 4437 aprint_error_dev(sc->sc_dev, 4438 "could not configure valid TX chains\n"); 4439 return error; 4440 } 4441 } 4442 4443 /* Set mode, channel, RX filter and enable RX. */ 4444 memset(&sc->rxon, 0, sizeof (struct iwn_rxon)); 4445 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 4446 IEEE80211_ADDR_COPY(sc->rxon.myaddr, ic->ic_myaddr); 4447 IEEE80211_ADDR_COPY(sc->rxon.wlap, ic->ic_myaddr); 4448 sc->rxon.chan = ieee80211_chan2ieee(ic, ic->ic_ibss_chan); 4449 sc->rxon.flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 4450 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_ibss_chan)) 4451 sc->rxon.flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 4452 switch (ic->ic_opmode) { 4453 case IEEE80211_M_STA: 4454 sc->rxon.mode = IWN_MODE_STA; 4455 sc->rxon.filter = htole32(IWN_FILTER_MULTICAST); 4456 break; 4457 case IEEE80211_M_MONITOR: 4458 sc->rxon.mode = IWN_MODE_MONITOR; 4459 sc->rxon.filter = htole32(IWN_FILTER_MULTICAST | 4460 IWN_FILTER_CTL | IWN_FILTER_PROMISC); 4461 break; 4462 default: 4463 /* Should not get there. */ 4464 break; 4465 } 4466 sc->rxon.cck_mask = 0x0f; /* not yet negotiated */ 4467 sc->rxon.ofdm_mask = 0xff; /* not yet negotiated */ 4468 sc->rxon.ht_single_mask = 0xff; 4469 sc->rxon.ht_dual_mask = 0xff; 4470 sc->rxon.ht_triple_mask = 0xff; 4471 rxchain = 4472 IWN_RXCHAIN_VALID(sc->rxchainmask) | 4473 IWN_RXCHAIN_MIMO_COUNT(2) | 4474 IWN_RXCHAIN_IDLE_COUNT(2); 4475 sc->rxon.rxchain = htole16(rxchain); 4476 DPRINTF(("setting configuration\n")); 4477 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, sc->rxonsz, 0); 4478 if (error != 0) { 4479 aprint_error_dev(sc->sc_dev, 4480 "RXON command failed\n"); 4481 return error; 4482 } 4483 4484 if ((error = iwn_add_broadcast_node(sc, 0)) != 0) { 4485 aprint_error_dev(sc->sc_dev, 4486 "could not add broadcast node\n"); 4487 return error; 4488 } 4489 4490 /* Configuration has changed, set TX power accordingly. */ 4491 if ((error = ops->set_txpower(sc, 0)) != 0) { 4492 aprint_error_dev(sc->sc_dev, 4493 "could not set TX power\n"); 4494 return error; 4495 } 4496 4497 if ((error = iwn_set_critical_temp(sc)) != 0) { 4498 aprint_error_dev(sc->sc_dev, 4499 "could not set critical temperature\n"); 4500 return error; 4501 } 4502 4503 /* Set power saving level to CAM during initialization. */ 4504 if ((error = iwn_set_pslevel(sc, 0, 0, 0)) != 0) { 4505 aprint_error_dev(sc->sc_dev, 4506 "could not set power saving level\n"); 4507 return error; 4508 } 4509 return 0; 4510 } 4511 4512 static uint16_t 4513 iwn_get_active_dwell_time(struct iwn_softc *sc, uint16_t flags, 4514 uint8_t n_probes) 4515 { 4516 /* No channel? Default to 2GHz settings */ 4517 if (flags & IEEE80211_CHAN_2GHZ) 4518 return IWN_ACTIVE_DWELL_TIME_2GHZ + 4519 IWN_ACTIVE_DWELL_FACTOR_2GHZ * (n_probes + 1); 4520 4521 /* 5GHz dwell time */ 4522 return IWN_ACTIVE_DWELL_TIME_5GHZ + 4523 IWN_ACTIVE_DWELL_FACTOR_5GHZ * (n_probes + 1); 4524 } 4525 4526 /* 4527 * Limit the total dwell time to 85% of the beacon interval. 4528 * 4529 * Returns the dwell time in milliseconds. 4530 */ 4531 static uint16_t 4532 iwn_limit_dwell(struct iwn_softc *sc, uint16_t dwell_time) 4533 { 4534 struct ieee80211com *ic = &sc->sc_ic; 4535 struct ieee80211_node *ni = ic->ic_bss; 4536 int bintval = 0; 4537 4538 /* bintval is in TU (1.024mS) */ 4539 if (ni != NULL) 4540 bintval = ni->ni_intval; 4541 4542 /* 4543 * If it's non-zero, we should calculate the minimum of 4544 * it and the DWELL_BASE. 4545 * 4546 * XXX Yes, the math should take into account that bintval 4547 * is 1.024mS, not 1mS.. 4548 */ 4549 if (bintval > 0) 4550 return MIN(IWN_PASSIVE_DWELL_BASE, ((bintval * 85) / 100)); 4551 4552 /* No association context? Default */ 4553 return IWN_PASSIVE_DWELL_BASE; 4554 } 4555 4556 static uint16_t 4557 iwn_get_passive_dwell_time(struct iwn_softc *sc, uint16_t flags) 4558 { 4559 uint16_t passive; 4560 if (flags & IEEE80211_CHAN_2GHZ) 4561 passive = IWN_PASSIVE_DWELL_BASE + IWN_PASSIVE_DWELL_TIME_2GHZ; 4562 else 4563 passive = IWN_PASSIVE_DWELL_BASE + IWN_PASSIVE_DWELL_TIME_5GHZ; 4564 4565 /* Clamp to the beacon interval if we're associated */ 4566 return iwn_limit_dwell(sc, passive); 4567 } 4568 4569 static int 4570 iwn_scan(struct iwn_softc *sc, uint16_t flags) 4571 { 4572 struct ieee80211com *ic = &sc->sc_ic; 4573 struct iwn_scan_hdr *hdr; 4574 struct iwn_cmd_data *tx; 4575 struct iwn_scan_essid *essid; 4576 struct iwn_scan_chan *chan; 4577 struct ieee80211_frame *wh; 4578 struct ieee80211_rateset *rs; 4579 struct ieee80211_channel *c; 4580 uint8_t *buf, *frm; 4581 uint16_t rxchain, dwell_active, dwell_passive; 4582 uint8_t txant; 4583 int buflen, error, is_active; 4584 4585 buf = malloc(IWN_SCAN_MAXSZ, M_DEVBUF, M_NOWAIT | M_ZERO); 4586 if (buf == NULL) { 4587 aprint_error_dev(sc->sc_dev, 4588 "could not allocate buffer for scan command\n"); 4589 return ENOMEM; 4590 } 4591 hdr = (struct iwn_scan_hdr *)buf; 4592 /* 4593 * Move to the next channel if no frames are received within 10ms 4594 * after sending the probe request. 4595 */ 4596 hdr->quiet_time = htole16(10); /* timeout in milliseconds */ 4597 hdr->quiet_threshold = htole16(1); /* min # of packets */ 4598 4599 /* Select antennas for scanning. */ 4600 rxchain = 4601 IWN_RXCHAIN_VALID(sc->rxchainmask) | 4602 IWN_RXCHAIN_FORCE_MIMO_SEL(sc->rxchainmask) | 4603 IWN_RXCHAIN_DRIVER_FORCE; 4604 if ((flags & IEEE80211_CHAN_5GHZ) && 4605 sc->hw_type == IWN_HW_REV_TYPE_4965) { 4606 /* Ant A must be avoided in 5GHz because of an HW bug. */ 4607 rxchain |= IWN_RXCHAIN_FORCE_SEL(IWN_ANT_BC); 4608 } else /* Use all available RX antennas. */ 4609 rxchain |= IWN_RXCHAIN_FORCE_SEL(sc->rxchainmask); 4610 hdr->rxchain = htole16(rxchain); 4611 hdr->filter = htole32(IWN_FILTER_MULTICAST | IWN_FILTER_BEACON); 4612 4613 tx = (struct iwn_cmd_data *)(hdr + 1); 4614 tx->flags = htole32(IWN_TX_AUTO_SEQ); 4615 tx->id = sc->broadcast_id; 4616 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 4617 4618 if (flags & IEEE80211_CHAN_5GHZ) { 4619 hdr->crc_threshold = 0xffff; 4620 /* Send probe requests at 6Mbps. */ 4621 tx->plcp = iwn_rates[IWN_RIDX_OFDM6].plcp; 4622 rs = &ic->ic_sup_rates[IEEE80211_MODE_11A]; 4623 } else { 4624 hdr->flags = htole32(IWN_RXON_24GHZ | IWN_RXON_AUTO); 4625 /* Send probe requests at 1Mbps. */ 4626 tx->plcp = iwn_rates[IWN_RIDX_CCK1].plcp; 4627 tx->rflags = IWN_RFLAG_CCK; 4628 rs = &ic->ic_sup_rates[IEEE80211_MODE_11G]; 4629 } 4630 /* Use the first valid TX antenna. */ 4631 txant = IWN_LSB(sc->txchainmask); 4632 tx->rflags |= IWN_RFLAG_ANT(txant); 4633 4634 /* 4635 * Only do active scanning if we're announcing a probe request 4636 * for a given SSID (or more, if we ever add it to the driver.) 4637 */ 4638 is_active = 0; 4639 4640 essid = (struct iwn_scan_essid *)(tx + 1); 4641 if (ic->ic_des_esslen != 0) { 4642 essid[0].id = IEEE80211_ELEMID_SSID; 4643 essid[0].len = ic->ic_des_esslen; 4644 memcpy(essid[0].data, ic->ic_des_essid, ic->ic_des_esslen); 4645 4646 is_active = 1; 4647 } 4648 /* 4649 * Build a probe request frame. Most of the following code is a 4650 * copy & paste of what is done in net80211. 4651 */ 4652 wh = (struct ieee80211_frame *)(essid + 20); 4653 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 4654 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 4655 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 4656 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 4657 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 4658 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 4659 *(uint16_t *)&wh->i_dur[0] = 0; /* filled by HW */ 4660 *(uint16_t *)&wh->i_seq[0] = 0; /* filled by HW */ 4661 4662 frm = (uint8_t *)(wh + 1); 4663 frm = ieee80211_add_ssid(frm, NULL, 0); 4664 frm = ieee80211_add_rates(frm, rs); 4665 #ifndef IEEE80211_NO_HT 4666 if (ic->ic_flags & IEEE80211_F_HTON) 4667 frm = ieee80211_add_htcaps(frm, ic); 4668 #endif 4669 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 4670 frm = ieee80211_add_xrates(frm, rs); 4671 4672 /* Set length of probe request. */ 4673 tx->len = htole16(frm - (uint8_t *)wh); 4674 4675 4676 /* 4677 * If active scanning is requested but a certain channel is 4678 * marked passive, we can do active scanning if we detect 4679 * transmissions. 4680 * 4681 * There is an issue with some firmware versions that triggers 4682 * a sysassert on a "good CRC threshold" of zero (== disabled), 4683 * on a radar channel even though this means that we should NOT 4684 * send probes. 4685 * 4686 * The "good CRC threshold" is the number of frames that we 4687 * need to receive during our dwell time on a channel before 4688 * sending out probes -- setting this to a huge value will 4689 * mean we never reach it, but at the same time work around 4690 * the aforementioned issue. Thus use IWN_GOOD_CRC_TH_NEVER 4691 * here instead of IWN_GOOD_CRC_TH_DISABLED. 4692 * 4693 * This was fixed in later versions along with some other 4694 * scan changes, and the threshold behaves as a flag in those 4695 * versions. 4696 */ 4697 4698 /* 4699 * If we're doing active scanning, set the crc_threshold 4700 * to a suitable value. This is different to active veruss 4701 * passive scanning depending upon the channel flags; the 4702 * firmware will obey that particular check for us. 4703 */ 4704 if (sc->tlv_feature_flags & IWN_UCODE_TLV_FLAGS_NEWSCAN) 4705 hdr->crc_threshold = is_active ? 4706 IWN_GOOD_CRC_TH_DEFAULT : IWN_GOOD_CRC_TH_DISABLED; 4707 else 4708 hdr->crc_threshold = is_active ? 4709 IWN_GOOD_CRC_TH_DEFAULT : IWN_GOOD_CRC_TH_NEVER; 4710 4711 chan = (struct iwn_scan_chan *)frm; 4712 for (c = &ic->ic_channels[1]; 4713 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 4714 if ((c->ic_flags & flags) != flags) 4715 continue; 4716 4717 chan->chan = htole16(ieee80211_chan2ieee(ic, c)); 4718 DPRINTFN(2, ("adding channel %d\n", chan->chan)); 4719 chan->flags = 0; 4720 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) 4721 chan->flags |= htole32(IWN_CHAN_ACTIVE); 4722 if (ic->ic_des_esslen != 0) 4723 chan->flags |= htole32(IWN_CHAN_NPBREQS(1)); 4724 4725 /* 4726 * Calculate the active/passive dwell times. 4727 */ 4728 4729 dwell_active = iwn_get_active_dwell_time(sc, flags, is_active); 4730 dwell_passive = iwn_get_passive_dwell_time(sc, flags); 4731 4732 /* Make sure they're valid */ 4733 if (dwell_passive <= dwell_active) 4734 dwell_passive = dwell_active + 1; 4735 4736 chan->active = htole16(dwell_active); 4737 chan->passive = htole16(dwell_passive); 4738 4739 chan->dsp_gain = 0x6e; 4740 if (IEEE80211_IS_CHAN_5GHZ(c)) { 4741 chan->rf_gain = 0x3b; 4742 } else { 4743 chan->rf_gain = 0x28; 4744 } 4745 hdr->nchan++; 4746 chan++; 4747 } 4748 4749 buflen = (uint8_t *)chan - buf; 4750 hdr->len = htole16(buflen); 4751 4752 DPRINTF(("sending scan command nchan=%d\n", hdr->nchan)); 4753 error = iwn_cmd(sc, IWN_CMD_SCAN, buf, buflen, 1); 4754 free(buf, M_DEVBUF); 4755 return error; 4756 } 4757 4758 static int 4759 iwn_auth(struct iwn_softc *sc) 4760 { 4761 struct iwn_ops *ops = &sc->ops; 4762 struct ieee80211com *ic = &sc->sc_ic; 4763 struct ieee80211_node *ni = ic->ic_bss; 4764 int error; 4765 4766 /* Update adapter configuration. */ 4767 IEEE80211_ADDR_COPY(sc->rxon.bssid, ni->ni_bssid); 4768 sc->rxon.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 4769 sc->rxon.flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 4770 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 4771 sc->rxon.flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 4772 if (ic->ic_flags & IEEE80211_F_SHSLOT) 4773 sc->rxon.flags |= htole32(IWN_RXON_SHSLOT); 4774 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 4775 sc->rxon.flags |= htole32(IWN_RXON_SHPREAMBLE); 4776 switch (ic->ic_curmode) { 4777 case IEEE80211_MODE_11A: 4778 sc->rxon.cck_mask = 0; 4779 sc->rxon.ofdm_mask = 0x15; 4780 break; 4781 case IEEE80211_MODE_11B: 4782 sc->rxon.cck_mask = 0x03; 4783 sc->rxon.ofdm_mask = 0; 4784 break; 4785 default: /* Assume 802.11b/g. */ 4786 sc->rxon.cck_mask = 0x0f; 4787 sc->rxon.ofdm_mask = 0x15; 4788 } 4789 DPRINTF(("rxon chan %d flags %x cck %x ofdm %x\n", sc->rxon.chan, 4790 sc->rxon.flags, sc->rxon.cck_mask, sc->rxon.ofdm_mask)); 4791 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, sc->rxonsz, 1); 4792 if (error != 0) { 4793 aprint_error_dev(sc->sc_dev, 4794 "RXON command failed\n"); 4795 return error; 4796 } 4797 4798 /* Configuration has changed, set TX power accordingly. */ 4799 if ((error = ops->set_txpower(sc, 1)) != 0) { 4800 aprint_error_dev(sc->sc_dev, 4801 "could not set TX power\n"); 4802 return error; 4803 } 4804 /* 4805 * Reconfiguring RXON clears the firmware nodes table so we must 4806 * add the broadcast node again. 4807 */ 4808 if ((error = iwn_add_broadcast_node(sc, 1)) != 0) { 4809 aprint_error_dev(sc->sc_dev, 4810 "could not add broadcast node\n"); 4811 return error; 4812 } 4813 return 0; 4814 } 4815 4816 static int 4817 iwn_run(struct iwn_softc *sc) 4818 { 4819 struct iwn_ops *ops = &sc->ops; 4820 struct ieee80211com *ic = &sc->sc_ic; 4821 struct ieee80211_node *ni = ic->ic_bss; 4822 struct iwn_node_info node; 4823 int error; 4824 4825 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 4826 /* Link LED blinks while monitoring. */ 4827 iwn_set_led(sc, IWN_LED_LINK, 5, 5); 4828 return 0; 4829 } 4830 if ((error = iwn_set_timing(sc, ni)) != 0) { 4831 aprint_error_dev(sc->sc_dev, 4832 "could not set timing\n"); 4833 return error; 4834 } 4835 4836 /* Update adapter configuration. */ 4837 sc->rxon.associd = htole16(IEEE80211_AID(ni->ni_associd)); 4838 /* Short preamble and slot time are negotiated when associating. */ 4839 sc->rxon.flags &= ~htole32(IWN_RXON_SHPREAMBLE | IWN_RXON_SHSLOT); 4840 if (ic->ic_flags & IEEE80211_F_SHSLOT) 4841 sc->rxon.flags |= htole32(IWN_RXON_SHSLOT); 4842 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 4843 sc->rxon.flags |= htole32(IWN_RXON_SHPREAMBLE); 4844 sc->rxon.filter |= htole32(IWN_FILTER_BSS); 4845 DPRINTF(("rxon chan %d flags %x\n", sc->rxon.chan, sc->rxon.flags)); 4846 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, sc->rxonsz, 1); 4847 if (error != 0) { 4848 aprint_error_dev(sc->sc_dev, 4849 "could not update configuration\n"); 4850 return error; 4851 } 4852 4853 /* Configuration has changed, set TX power accordingly. */ 4854 if ((error = ops->set_txpower(sc, 1)) != 0) { 4855 aprint_error_dev(sc->sc_dev, 4856 "could not set TX power\n"); 4857 return error; 4858 } 4859 4860 /* Fake a join to initialize the TX rate. */ 4861 ((struct iwn_node *)ni)->id = IWN_ID_BSS; 4862 iwn_newassoc(ni, 1); 4863 4864 /* Add BSS node. */ 4865 memset(&node, 0, sizeof node); 4866 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 4867 node.id = IWN_ID_BSS; 4868 #ifdef notyet 4869 node.htflags = htole32(IWN_AMDPU_SIZE_FACTOR(3) | 4870 IWN_AMDPU_DENSITY(5)); /* 2us */ 4871 #endif 4872 DPRINTF(("adding BSS node\n")); 4873 error = ops->add_node(sc, &node, 1); 4874 if (error != 0) { 4875 aprint_error_dev(sc->sc_dev, 4876 "could not add BSS node\n"); 4877 return error; 4878 } 4879 DPRINTF(("setting link quality for node %d\n", node.id)); 4880 if ((error = iwn_set_link_quality(sc, ni)) != 0) { 4881 aprint_error_dev(sc->sc_dev, 4882 "could not setup link quality for node %d\n", node.id); 4883 return error; 4884 } 4885 4886 if ((error = iwn_init_sensitivity(sc)) != 0) { 4887 aprint_error_dev(sc->sc_dev, 4888 "could not set sensitivity\n"); 4889 return error; 4890 } 4891 /* Start periodic calibration timer. */ 4892 sc->calib.state = IWN_CALIB_STATE_ASSOC; 4893 sc->calib_cnt = 0; 4894 callout_schedule(&sc->calib_to, hz/2); 4895 4896 /* Link LED always on while associated. */ 4897 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 4898 return 0; 4899 } 4900 4901 #ifdef IWN_HWCRYPTO 4902 /* 4903 * We support CCMP hardware encryption/decryption of unicast frames only. 4904 * HW support for TKIP really sucks. We should let TKIP die anyway. 4905 */ 4906 static int 4907 iwn_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 4908 struct ieee80211_key *k) 4909 { 4910 struct iwn_softc *sc = ic->ic_softc; 4911 struct iwn_ops *ops = &sc->ops; 4912 struct iwn_node *wn = (void *)ni; 4913 struct iwn_node_info node; 4914 uint16_t kflags; 4915 4916 if ((k->k_flags & IEEE80211_KEY_GROUP) || 4917 k->k_cipher != IEEE80211_CIPHER_CCMP) 4918 return ieee80211_set_key(ic, ni, k); 4919 4920 kflags = IWN_KFLAG_CCMP | IWN_KFLAG_MAP | IWN_KFLAG_KID(k->k_id); 4921 if (k->k_flags & IEEE80211_KEY_GROUP) 4922 kflags |= IWN_KFLAG_GROUP; 4923 4924 memset(&node, 0, sizeof node); 4925 node.id = (k->k_flags & IEEE80211_KEY_GROUP) ? 4926 sc->broadcast_id : wn->id; 4927 node.control = IWN_NODE_UPDATE; 4928 node.flags = IWN_FLAG_SET_KEY; 4929 node.kflags = htole16(kflags); 4930 node.kid = k->k_id; 4931 memcpy(node.key, k->k_key, k->k_len); 4932 DPRINTF(("set key id=%d for node %d\n", k->k_id, node.id)); 4933 return ops->add_node(sc, &node, 1); 4934 } 4935 4936 static void 4937 iwn_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 4938 struct ieee80211_key *k) 4939 { 4940 struct iwn_softc *sc = ic->ic_softc; 4941 struct iwn_ops *ops = &sc->ops; 4942 struct iwn_node *wn = (void *)ni; 4943 struct iwn_node_info node; 4944 4945 if ((k->k_flags & IEEE80211_KEY_GROUP) || 4946 k->k_cipher != IEEE80211_CIPHER_CCMP) { 4947 /* See comment about other ciphers above. */ 4948 ieee80211_delete_key(ic, ni, k); 4949 return; 4950 } 4951 if (ic->ic_state != IEEE80211_S_RUN) 4952 return; /* Nothing to do. */ 4953 memset(&node, 0, sizeof node); 4954 node.id = (k->k_flags & IEEE80211_KEY_GROUP) ? 4955 sc->broadcast_id : wn->id; 4956 node.control = IWN_NODE_UPDATE; 4957 node.flags = IWN_FLAG_SET_KEY; 4958 node.kflags = htole16(IWN_KFLAG_INVALID); 4959 node.kid = 0xff; 4960 DPRINTF(("delete keys for node %d\n", node.id)); 4961 (void)ops->add_node(sc, &node, 1); 4962 } 4963 #endif 4964 4965 /* XXX Added for NetBSD (copied from rev 1.39). */ 4966 4967 static int 4968 iwn_wme_update(struct ieee80211com *ic) 4969 { 4970 #define IWN_EXP2(v) htole16((1 << (v)) - 1) 4971 #define IWN_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 4972 struct iwn_softc *sc = ic->ic_ifp->if_softc; 4973 const struct wmeParams *wmep; 4974 struct iwn_edca_params cmd; 4975 int ac; 4976 4977 /* don't override default WME values if WME is not actually enabled */ 4978 if (!(ic->ic_flags & IEEE80211_F_WME)) 4979 return 0; 4980 cmd.flags = 0; 4981 for (ac = 0; ac < WME_NUM_AC; ac++) { 4982 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 4983 cmd.ac[ac].aifsn = wmep->wmep_aifsn; 4984 cmd.ac[ac].cwmin = IWN_EXP2(wmep->wmep_logcwmin); 4985 cmd.ac[ac].cwmax = IWN_EXP2(wmep->wmep_logcwmax); 4986 cmd.ac[ac].txoplimit = IWN_USEC(wmep->wmep_txopLimit); 4987 4988 DPRINTF(("setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d " 4989 "txop=%d\n", ac, cmd.ac[ac].aifsn, 4990 cmd.ac[ac].cwmin, 4991 cmd.ac[ac].cwmax, cmd.ac[ac].txoplimit)); 4992 } 4993 return iwn_cmd(sc, IWN_CMD_EDCA_PARAMS, &cmd, sizeof cmd, 1); 4994 #undef IWN_USEC 4995 #undef IWN_EXP2 4996 } 4997 4998 #ifndef IEEE80211_NO_HT 4999 /* 5000 * This function is called by upper layer when an ADDBA request is received 5001 * from another STA and before the ADDBA response is sent. 5002 */ 5003 static int 5004 iwn_ampdu_rx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 5005 uint8_t tid) 5006 { 5007 struct ieee80211_rx_ba *ba = &ni->ni_rx_ba[tid]; 5008 struct iwn_softc *sc = ic->ic_softc; 5009 struct iwn_ops *ops = &sc->ops; 5010 struct iwn_node *wn = (void *)ni; 5011 struct iwn_node_info node; 5012 5013 memset(&node, 0, sizeof node); 5014 node.id = wn->id; 5015 node.control = IWN_NODE_UPDATE; 5016 node.flags = IWN_FLAG_SET_ADDBA; 5017 node.addba_tid = tid; 5018 node.addba_ssn = htole16(ba->ba_winstart); 5019 DPRINTFN(2, ("ADDBA RA=%d TID=%d SSN=%d\n", wn->id, tid, 5020 ba->ba_winstart)); 5021 return ops->add_node(sc, &node, 1); 5022 } 5023 5024 /* 5025 * This function is called by upper layer on teardown of an HT-immediate 5026 * Block Ack agreement (eg. uppon receipt of a DELBA frame). 5027 */ 5028 static void 5029 iwn_ampdu_rx_stop(struct ieee80211com *ic, struct ieee80211_node *ni, 5030 uint8_t tid) 5031 { 5032 struct iwn_softc *sc = ic->ic_softc; 5033 struct iwn_ops *ops = &sc->ops; 5034 struct iwn_node *wn = (void *)ni; 5035 struct iwn_node_info node; 5036 5037 memset(&node, 0, sizeof node); 5038 node.id = wn->id; 5039 node.control = IWN_NODE_UPDATE; 5040 node.flags = IWN_FLAG_SET_DELBA; 5041 node.delba_tid = tid; 5042 DPRINTFN(2, ("DELBA RA=%d TID=%d\n", wn->id, tid)); 5043 (void)ops->add_node(sc, &node, 1); 5044 } 5045 5046 /* 5047 * This function is called by upper layer when an ADDBA response is received 5048 * from another STA. 5049 */ 5050 static int 5051 iwn_ampdu_tx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 5052 uint8_t tid) 5053 { 5054 struct ieee80211_tx_ba *ba = &ni->ni_tx_ba[tid]; 5055 struct iwn_softc *sc = ic->ic_softc; 5056 struct iwn_ops *ops = &sc->ops; 5057 struct iwn_node *wn = (void *)ni; 5058 struct iwn_node_info node; 5059 int error; 5060 5061 /* Enable TX for the specified RA/TID. */ 5062 wn->disable_tid &= ~(1 << tid); 5063 memset(&node, 0, sizeof node); 5064 node.id = wn->id; 5065 node.control = IWN_NODE_UPDATE; 5066 node.flags = IWN_FLAG_SET_DISABLE_TID; 5067 node.disable_tid = htole16(wn->disable_tid); 5068 error = ops->add_node(sc, &node, 1); 5069 if (error != 0) 5070 return error; 5071 5072 if ((error = iwn_nic_lock(sc)) != 0) 5073 return error; 5074 ops->ampdu_tx_start(sc, ni, tid, ba->ba_winstart); 5075 iwn_nic_unlock(sc); 5076 return 0; 5077 } 5078 5079 static void 5080 iwn_ampdu_tx_stop(struct ieee80211com *ic, struct ieee80211_node *ni, 5081 uint8_t tid) 5082 { 5083 struct ieee80211_tx_ba *ba = &ni->ni_tx_ba[tid]; 5084 struct iwn_softc *sc = ic->ic_softc; 5085 struct iwn_ops *ops = &sc->ops; 5086 5087 if (iwn_nic_lock(sc) != 0) 5088 return; 5089 ops->ampdu_tx_stop(sc, tid, ba->ba_winstart); 5090 iwn_nic_unlock(sc); 5091 } 5092 5093 static void 5094 iwn4965_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 5095 uint8_t tid, uint16_t ssn) 5096 { 5097 struct iwn_node *wn = (void *)ni; 5098 int qid = 7 + tid; 5099 5100 /* Stop TX scheduler while we're changing its configuration. */ 5101 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5102 IWN4965_TXQ_STATUS_CHGACT); 5103 5104 /* Assign RA/TID translation to the queue. */ 5105 iwn_mem_write_2(sc, sc->sched_base + IWN4965_SCHED_TRANS_TBL(qid), 5106 wn->id << 4 | tid); 5107 5108 /* Enable chain-building mode for the queue. */ 5109 iwn_prph_setbits(sc, IWN4965_SCHED_QCHAIN_SEL, 1 << qid); 5110 5111 /* Set starting sequence number from the ADDBA request. */ 5112 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5113 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 5114 5115 /* Set scheduler window size. */ 5116 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid), 5117 IWN_SCHED_WINSZ); 5118 /* Set scheduler frame limit. */ 5119 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 5120 IWN_SCHED_LIMIT << 16); 5121 5122 /* Enable interrupts for the queue. */ 5123 iwn_prph_setbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 5124 5125 /* Mark the queue as active. */ 5126 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5127 IWN4965_TXQ_STATUS_ACTIVE | IWN4965_TXQ_STATUS_AGGR_ENA | 5128 iwn_tid2fifo[tid] << 1); 5129 } 5130 5131 static void 5132 iwn4965_ampdu_tx_stop(struct iwn_softc *sc, uint8_t tid, uint16_t ssn) 5133 { 5134 int qid = 7 + tid; 5135 5136 /* Stop TX scheduler while we're changing its configuration. */ 5137 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5138 IWN4965_TXQ_STATUS_CHGACT); 5139 5140 /* Set starting sequence number from the ADDBA request. */ 5141 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5142 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 5143 5144 /* Disable interrupts for the queue. */ 5145 iwn_prph_clrbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 5146 5147 /* Mark the queue as inactive. */ 5148 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5149 IWN4965_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid] << 1); 5150 } 5151 5152 static void 5153 iwn5000_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 5154 uint8_t tid, uint16_t ssn) 5155 { 5156 struct iwn_node *wn = (void *)ni; 5157 int qid = 10 + tid; 5158 5159 /* Stop TX scheduler while we're changing its configuration. */ 5160 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5161 IWN5000_TXQ_STATUS_CHGACT); 5162 5163 /* Assign RA/TID translation to the queue. */ 5164 iwn_mem_write_2(sc, sc->sched_base + IWN5000_SCHED_TRANS_TBL(qid), 5165 wn->id << 4 | tid); 5166 5167 /* Enable chain-building mode for the queue. */ 5168 iwn_prph_setbits(sc, IWN5000_SCHED_QCHAIN_SEL, 1 << qid); 5169 5170 /* Enable aggregation for the queue. */ 5171 iwn_prph_setbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 5172 5173 /* Set starting sequence number from the ADDBA request. */ 5174 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5175 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 5176 5177 /* Set scheduler window size and frame limit. */ 5178 iwn_mem_write(sc, sc->sched_base + IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 5179 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 5180 5181 /* Enable interrupts for the queue. */ 5182 iwn_prph_setbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 5183 5184 /* Mark the queue as active. */ 5185 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5186 IWN5000_TXQ_STATUS_ACTIVE | iwn_tid2fifo[tid]); 5187 } 5188 5189 static void 5190 iwn5000_ampdu_tx_stop(struct iwn_softc *sc, uint8_t tid, uint16_t ssn) 5191 { 5192 int qid = 10 + tid; 5193 5194 /* Stop TX scheduler while we're changing its configuration. */ 5195 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5196 IWN5000_TXQ_STATUS_CHGACT); 5197 5198 /* Disable aggregation for the queue. */ 5199 iwn_prph_clrbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 5200 5201 /* Set starting sequence number from the ADDBA request. */ 5202 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 5203 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 5204 5205 /* Disable interrupts for the queue. */ 5206 iwn_prph_clrbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 5207 5208 /* Mark the queue as inactive. */ 5209 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5210 IWN5000_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid]); 5211 } 5212 #endif /* !IEEE80211_NO_HT */ 5213 5214 /* 5215 * Query calibration tables from the initialization firmware. We do this 5216 * only once at first boot. Called from a process context. 5217 */ 5218 static int 5219 iwn5000_query_calibration(struct iwn_softc *sc) 5220 { 5221 struct iwn5000_calib_config cmd; 5222 int error; 5223 5224 memset(&cmd, 0, sizeof cmd); 5225 cmd.ucode.once.enable = 0xffffffff; 5226 cmd.ucode.once.start = 0xffffffff; 5227 cmd.ucode.once.send = 0xffffffff; 5228 cmd.ucode.flags = 0xffffffff; 5229 DPRINTF(("sending calibration query\n")); 5230 error = iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof cmd, 0); 5231 if (error != 0) 5232 return error; 5233 5234 /* Wait at most two seconds for calibration to complete. */ 5235 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) 5236 error = tsleep(sc, PCATCH, "iwncal", 2 * hz); 5237 return error; 5238 } 5239 5240 /* 5241 * Send calibration results to the runtime firmware. These results were 5242 * obtained on first boot from the initialization firmware. 5243 */ 5244 static int 5245 iwn5000_send_calibration(struct iwn_softc *sc) 5246 { 5247 int idx, error; 5248 5249 for (idx = 0; idx < 5; idx++) { 5250 if (sc->calibcmd[idx].buf == NULL) 5251 continue; /* No results available. */ 5252 DPRINTF(("send calibration result idx=%d len=%d\n", 5253 idx, sc->calibcmd[idx].len)); 5254 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, sc->calibcmd[idx].buf, 5255 sc->calibcmd[idx].len, 0); 5256 if (error != 0) { 5257 aprint_error_dev(sc->sc_dev, 5258 "could not send calibration result\n"); 5259 return error; 5260 } 5261 } 5262 return 0; 5263 } 5264 5265 static int 5266 iwn5000_send_wimax_coex(struct iwn_softc *sc) 5267 { 5268 struct iwn5000_wimax_coex wimax; 5269 5270 #ifdef notyet 5271 if (sc->hw_type == IWN_HW_REV_TYPE_6050) { 5272 /* Enable WiMAX coexistence for combo adapters. */ 5273 wimax.flags = 5274 IWN_WIMAX_COEX_ASSOC_WA_UNMASK | 5275 IWN_WIMAX_COEX_UNASSOC_WA_UNMASK | 5276 IWN_WIMAX_COEX_STA_TABLE_VALID | 5277 IWN_WIMAX_COEX_ENABLE; 5278 memcpy(wimax.events, iwn6050_wimax_events, 5279 sizeof iwn6050_wimax_events); 5280 } else 5281 #endif 5282 { 5283 /* Disable WiMAX coexistence. */ 5284 wimax.flags = 0; 5285 memset(wimax.events, 0, sizeof wimax.events); 5286 } 5287 DPRINTF(("Configuring WiMAX coexistence\n")); 5288 return iwn_cmd(sc, IWN5000_CMD_WIMAX_COEX, &wimax, sizeof wimax, 0); 5289 } 5290 5291 static int 5292 iwn6000_temp_offset_calib(struct iwn_softc *sc) 5293 { 5294 struct iwn6000_phy_calib_temp_offset cmd; 5295 5296 memset(&cmd, 0, sizeof cmd); 5297 cmd.code = IWN6000_PHY_CALIB_TEMP_OFFSET; 5298 cmd.ngroups = 1; 5299 cmd.isvalid = 1; 5300 if (sc->eeprom_temp != 0) 5301 cmd.offset = htole16(sc->eeprom_temp); 5302 else 5303 cmd.offset = htole16(IWN_DEFAULT_TEMP_OFFSET); 5304 DPRINTF(("setting radio sensor offset to %d\n", le16toh(cmd.offset))); 5305 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 5306 } 5307 5308 static int 5309 iwn2000_temp_offset_calib(struct iwn_softc *sc) 5310 { 5311 struct iwn2000_phy_calib_temp_offset cmd; 5312 5313 memset(&cmd, 0, sizeof cmd); 5314 cmd.code = IWN2000_PHY_CALIB_TEMP_OFFSET; 5315 cmd.ngroups = 1; 5316 cmd.isvalid = 1; 5317 if (sc->eeprom_rawtemp != 0) { 5318 cmd.offset_low = htole16(sc->eeprom_rawtemp); 5319 cmd.offset_high = htole16(sc->eeprom_temp); 5320 } else { 5321 cmd.offset_low = htole16(IWN_DEFAULT_TEMP_OFFSET); 5322 cmd.offset_high = htole16(IWN_DEFAULT_TEMP_OFFSET); 5323 } 5324 cmd.burnt_voltage_ref = htole16(sc->eeprom_voltage); 5325 DPRINTF(("setting radio sensor offset to %d:%d, voltage to %d\n", 5326 le16toh(cmd.offset_low), le16toh(cmd.offset_high), 5327 le16toh(cmd.burnt_voltage_ref))); 5328 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 5329 } 5330 5331 /* 5332 * This function is called after the runtime firmware notifies us of its 5333 * readiness (called in a process context). 5334 */ 5335 static int 5336 iwn4965_post_alive(struct iwn_softc *sc) 5337 { 5338 int error, qid; 5339 5340 if ((error = iwn_nic_lock(sc)) != 0) 5341 return error; 5342 5343 /* Clear TX scheduler state in SRAM. */ 5344 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 5345 iwn_mem_set_region_4(sc, sc->sched_base + IWN4965_SCHED_CTX_OFF, 0, 5346 IWN4965_SCHED_CTX_LEN / sizeof (uint32_t)); 5347 5348 /* Set physical address of TX scheduler rings (1KB aligned). */ 5349 iwn_prph_write(sc, IWN4965_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 5350 5351 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 5352 5353 /* Disable chain mode for all our 16 queues. */ 5354 iwn_prph_write(sc, IWN4965_SCHED_QCHAIN_SEL, 0); 5355 5356 for (qid = 0; qid < IWN4965_NTXQUEUES; qid++) { 5357 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), 0); 5358 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 5359 5360 /* Set scheduler window size. */ 5361 iwn_mem_write(sc, sc->sched_base + 5362 IWN4965_SCHED_QUEUE_OFFSET(qid), IWN_SCHED_WINSZ); 5363 /* Set scheduler frame limit. */ 5364 iwn_mem_write(sc, sc->sched_base + 5365 IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 5366 IWN_SCHED_LIMIT << 16); 5367 } 5368 5369 /* Enable interrupts for all our 16 queues. */ 5370 iwn_prph_write(sc, IWN4965_SCHED_INTR_MASK, 0xffff); 5371 /* Identify TX FIFO rings (0-7). */ 5372 iwn_prph_write(sc, IWN4965_SCHED_TXFACT, 0xff); 5373 5374 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 5375 for (qid = 0; qid < 7; qid++) { 5376 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 4, 5, 6 }; 5377 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 5378 IWN4965_TXQ_STATUS_ACTIVE | qid2fifo[qid] << 1); 5379 } 5380 iwn_nic_unlock(sc); 5381 return 0; 5382 } 5383 5384 /* 5385 * This function is called after the initialization or runtime firmware 5386 * notifies us of its readiness (called in a process context). 5387 */ 5388 static int 5389 iwn5000_post_alive(struct iwn_softc *sc) 5390 { 5391 int error, qid; 5392 5393 /* Switch to using ICT interrupt mode. */ 5394 iwn5000_ict_reset(sc); 5395 5396 if ((error = iwn_nic_lock(sc)) != 0) 5397 return error; 5398 5399 /* Clear TX scheduler state in SRAM. */ 5400 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 5401 iwn_mem_set_region_4(sc, sc->sched_base + IWN5000_SCHED_CTX_OFF, 0, 5402 IWN5000_SCHED_CTX_LEN / sizeof (uint32_t)); 5403 5404 /* Set physical address of TX scheduler rings (1KB aligned). */ 5405 iwn_prph_write(sc, IWN5000_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 5406 5407 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 5408 5409 /* Enable chain mode for all queues, except command queue. */ 5410 iwn_prph_write(sc, IWN5000_SCHED_QCHAIN_SEL, 0xfffef); 5411 iwn_prph_write(sc, IWN5000_SCHED_AGGR_SEL, 0); 5412 5413 for (qid = 0; qid < IWN5000_NTXQUEUES; qid++) { 5414 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), 0); 5415 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 5416 5417 iwn_mem_write(sc, sc->sched_base + 5418 IWN5000_SCHED_QUEUE_OFFSET(qid), 0); 5419 /* Set scheduler window size and frame limit. */ 5420 iwn_mem_write(sc, sc->sched_base + 5421 IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 5422 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 5423 } 5424 5425 /* Enable interrupts for all our 20 queues. */ 5426 iwn_prph_write(sc, IWN5000_SCHED_INTR_MASK, 0xfffff); 5427 /* Identify TX FIFO rings (0-7). */ 5428 iwn_prph_write(sc, IWN5000_SCHED_TXFACT, 0xff); 5429 5430 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 5431 for (qid = 0; qid < 7; qid++) { 5432 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 7, 5, 6 }; 5433 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 5434 IWN5000_TXQ_STATUS_ACTIVE | qid2fifo[qid]); 5435 } 5436 iwn_nic_unlock(sc); 5437 5438 /* Configure WiMAX coexistence for combo adapters. */ 5439 error = iwn5000_send_wimax_coex(sc); 5440 if (error != 0) { 5441 aprint_error_dev(sc->sc_dev, 5442 "could not configure WiMAX coexistence\n"); 5443 return error; 5444 } 5445 if (sc->hw_type != IWN_HW_REV_TYPE_5150) { 5446 struct iwn5000_phy_calib_crystal cmd; 5447 5448 /* Perform crystal calibration. */ 5449 memset(&cmd, 0, sizeof cmd); 5450 cmd.code = IWN5000_PHY_CALIB_CRYSTAL; 5451 cmd.ngroups = 1; 5452 cmd.isvalid = 1; 5453 cmd.cap_pin[0] = le32toh(sc->eeprom_crystal) & 0xff; 5454 cmd.cap_pin[1] = (le32toh(sc->eeprom_crystal) >> 16) & 0xff; 5455 DPRINTF(("sending crystal calibration %d, %d\n", 5456 cmd.cap_pin[0], cmd.cap_pin[1])); 5457 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 5458 if (error != 0) { 5459 aprint_error_dev(sc->sc_dev, 5460 "crystal calibration failed\n"); 5461 return error; 5462 } 5463 } 5464 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) { 5465 /* Query calibration from the initialization firmware. */ 5466 if ((error = iwn5000_query_calibration(sc)) != 0) { 5467 aprint_error_dev(sc->sc_dev, 5468 "could not query calibration\n"); 5469 return error; 5470 } 5471 /* 5472 * We have the calibration results now, reboot with the 5473 * runtime firmware (call ourselves recursively!) 5474 */ 5475 iwn_hw_stop(sc); 5476 error = iwn_hw_init(sc); 5477 } else { 5478 /* Send calibration results to runtime firmware. */ 5479 error = iwn5000_send_calibration(sc); 5480 } 5481 return error; 5482 } 5483 5484 /* 5485 * The firmware boot code is small and is intended to be copied directly into 5486 * the NIC internal memory (no DMA transfer). 5487 */ 5488 static int 5489 iwn4965_load_bootcode(struct iwn_softc *sc, const uint8_t *ucode, int size) 5490 { 5491 int error, ntries; 5492 5493 size /= sizeof (uint32_t); 5494 5495 if ((error = iwn_nic_lock(sc)) != 0) 5496 return error; 5497 5498 /* Copy microcode image into NIC memory. */ 5499 iwn_prph_write_region_4(sc, IWN_BSM_SRAM_BASE, 5500 (const uint32_t *)ucode, size); 5501 5502 iwn_prph_write(sc, IWN_BSM_WR_MEM_SRC, 0); 5503 iwn_prph_write(sc, IWN_BSM_WR_MEM_DST, IWN_FW_TEXT_BASE); 5504 iwn_prph_write(sc, IWN_BSM_WR_DWCOUNT, size); 5505 5506 /* Start boot load now. */ 5507 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START); 5508 5509 /* Wait for transfer to complete. */ 5510 for (ntries = 0; ntries < 1000; ntries++) { 5511 if (!(iwn_prph_read(sc, IWN_BSM_WR_CTRL) & 5512 IWN_BSM_WR_CTRL_START)) 5513 break; 5514 DELAY(10); 5515 } 5516 if (ntries == 1000) { 5517 aprint_error_dev(sc->sc_dev, 5518 "could not load boot firmware\n"); 5519 iwn_nic_unlock(sc); 5520 return ETIMEDOUT; 5521 } 5522 5523 /* Enable boot after power up. */ 5524 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START_EN); 5525 5526 iwn_nic_unlock(sc); 5527 return 0; 5528 } 5529 5530 static int 5531 iwn4965_load_firmware(struct iwn_softc *sc) 5532 { 5533 struct iwn_fw_info *fw = &sc->fw; 5534 struct iwn_dma_info *dma = &sc->fw_dma; 5535 int error; 5536 5537 /* Copy initialization sections into pre-allocated DMA-safe memory. */ 5538 memcpy(dma->vaddr, fw->init.data, fw->init.datasz); 5539 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, fw->init.datasz, 5540 BUS_DMASYNC_PREWRITE); 5541 memcpy((char *)dma->vaddr + IWN4965_FW_DATA_MAXSZ, 5542 fw->init.text, fw->init.textsz); 5543 bus_dmamap_sync(sc->sc_dmat, dma->map, IWN4965_FW_DATA_MAXSZ, 5544 fw->init.textsz, BUS_DMASYNC_PREWRITE); 5545 5546 /* Tell adapter where to find initialization sections. */ 5547 if ((error = iwn_nic_lock(sc)) != 0) 5548 return error; 5549 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 5550 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->init.datasz); 5551 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 5552 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 5553 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, fw->init.textsz); 5554 iwn_nic_unlock(sc); 5555 5556 /* Load firmware boot code. */ 5557 error = iwn4965_load_bootcode(sc, fw->boot.text, fw->boot.textsz); 5558 if (error != 0) { 5559 aprint_error_dev(sc->sc_dev, 5560 "could not load boot firmware\n"); 5561 return error; 5562 } 5563 /* Now press "execute". */ 5564 IWN_WRITE(sc, IWN_RESET, 0); 5565 5566 /* Wait at most one second for first alive notification. */ 5567 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 5568 aprint_error_dev(sc->sc_dev, 5569 "timeout waiting for adapter to initialize\n"); 5570 return error; 5571 } 5572 5573 /* Retrieve current temperature for initial TX power calibration. */ 5574 sc->rawtemp = sc->ucode_info.temp[3].chan20MHz; 5575 sc->temp = iwn4965_get_temperature(sc); 5576 5577 /* Copy runtime sections into pre-allocated DMA-safe memory. */ 5578 memcpy(dma->vaddr, fw->main.data, fw->main.datasz); 5579 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, fw->main.datasz, 5580 BUS_DMASYNC_PREWRITE); 5581 memcpy((char *)dma->vaddr + IWN4965_FW_DATA_MAXSZ, 5582 fw->main.text, fw->main.textsz); 5583 bus_dmamap_sync(sc->sc_dmat, dma->map, IWN4965_FW_DATA_MAXSZ, 5584 fw->main.textsz, BUS_DMASYNC_PREWRITE); 5585 5586 /* Tell adapter where to find runtime sections. */ 5587 if ((error = iwn_nic_lock(sc)) != 0) 5588 return error; 5589 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 5590 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->main.datasz); 5591 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 5592 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 5593 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, 5594 IWN_FW_UPDATED | fw->main.textsz); 5595 iwn_nic_unlock(sc); 5596 5597 return 0; 5598 } 5599 5600 static int 5601 iwn5000_load_firmware_section(struct iwn_softc *sc, uint32_t dst, 5602 const uint8_t *section, int size) 5603 { 5604 struct iwn_dma_info *dma = &sc->fw_dma; 5605 int error; 5606 5607 /* Copy firmware section into pre-allocated DMA-safe memory. */ 5608 memcpy(dma->vaddr, section, size); 5609 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, size, BUS_DMASYNC_PREWRITE); 5610 5611 if ((error = iwn_nic_lock(sc)) != 0) 5612 return error; 5613 5614 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 5615 IWN_FH_TX_CONFIG_DMA_PAUSE); 5616 5617 IWN_WRITE(sc, IWN_FH_SRAM_ADDR(IWN_SRVC_DMACHNL), dst); 5618 IWN_WRITE(sc, IWN_FH_TFBD_CTRL0(IWN_SRVC_DMACHNL), 5619 IWN_LOADDR(dma->paddr)); 5620 IWN_WRITE(sc, IWN_FH_TFBD_CTRL1(IWN_SRVC_DMACHNL), 5621 IWN_HIADDR(dma->paddr) << 28 | size); 5622 IWN_WRITE(sc, IWN_FH_TXBUF_STATUS(IWN_SRVC_DMACHNL), 5623 IWN_FH_TXBUF_STATUS_TBNUM(1) | 5624 IWN_FH_TXBUF_STATUS_TBIDX(1) | 5625 IWN_FH_TXBUF_STATUS_TFBD_VALID); 5626 5627 /* Kick Flow Handler to start DMA transfer. */ 5628 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 5629 IWN_FH_TX_CONFIG_DMA_ENA | IWN_FH_TX_CONFIG_CIRQ_HOST_ENDTFD); 5630 5631 iwn_nic_unlock(sc); 5632 5633 /* Wait at most five seconds for FH DMA transfer to complete. */ 5634 return tsleep(sc, PCATCH, "iwninit", 5 * hz); 5635 } 5636 5637 static int 5638 iwn5000_load_firmware(struct iwn_softc *sc) 5639 { 5640 struct iwn_fw_part *fw; 5641 int error; 5642 5643 /* Load the initialization firmware on first boot only. */ 5644 fw = (sc->sc_flags & IWN_FLAG_CALIB_DONE) ? 5645 &sc->fw.main : &sc->fw.init; 5646 5647 error = iwn5000_load_firmware_section(sc, IWN_FW_TEXT_BASE, 5648 fw->text, fw->textsz); 5649 if (error != 0) { 5650 aprint_error_dev(sc->sc_dev, 5651 "could not load firmware %s section\n", ".text"); 5652 return error; 5653 } 5654 error = iwn5000_load_firmware_section(sc, IWN_FW_DATA_BASE, 5655 fw->data, fw->datasz); 5656 if (error != 0) { 5657 aprint_error_dev(sc->sc_dev, 5658 "could not load firmware %s section\n", ".data"); 5659 return error; 5660 } 5661 5662 /* Now press "execute". */ 5663 IWN_WRITE(sc, IWN_RESET, 0); 5664 return 0; 5665 } 5666 5667 /* 5668 * Extract text and data sections from a legacy firmware image. 5669 */ 5670 static int 5671 iwn_read_firmware_leg(struct iwn_softc *sc, struct iwn_fw_info *fw) 5672 { 5673 const uint32_t *ptr; 5674 size_t hdrlen = 24; 5675 uint32_t rev; 5676 5677 ptr = (const uint32_t *)fw->data; 5678 rev = le32toh(*ptr++); 5679 5680 /* Check firmware API version. */ 5681 if (IWN_FW_API(rev) <= 1) { 5682 aprint_error_dev(sc->sc_dev, 5683 "bad firmware, need API version >=2\n"); 5684 return EINVAL; 5685 } 5686 if (IWN_FW_API(rev) >= 3) { 5687 /* Skip build number (version 2 header). */ 5688 hdrlen += 4; 5689 ptr++; 5690 } 5691 if (fw->size < hdrlen) { 5692 aprint_error_dev(sc->sc_dev, 5693 "firmware too short: %zd bytes\n", fw->size); 5694 return EINVAL; 5695 } 5696 fw->main.textsz = le32toh(*ptr++); 5697 fw->main.datasz = le32toh(*ptr++); 5698 fw->init.textsz = le32toh(*ptr++); 5699 fw->init.datasz = le32toh(*ptr++); 5700 fw->boot.textsz = le32toh(*ptr++); 5701 5702 /* Check that all firmware sections fit. */ 5703 if (fw->size < hdrlen + fw->main.textsz + fw->main.datasz + 5704 fw->init.textsz + fw->init.datasz + fw->boot.textsz) { 5705 aprint_error_dev(sc->sc_dev, 5706 "firmware too short: %zd bytes\n", fw->size); 5707 return EINVAL; 5708 } 5709 5710 /* Get pointers to firmware sections. */ 5711 fw->main.text = (const uint8_t *)ptr; 5712 fw->main.data = fw->main.text + fw->main.textsz; 5713 fw->init.text = fw->main.data + fw->main.datasz; 5714 fw->init.data = fw->init.text + fw->init.textsz; 5715 fw->boot.text = fw->init.data + fw->init.datasz; 5716 return 0; 5717 } 5718 5719 /* 5720 * Extract text and data sections from a TLV firmware image. 5721 */ 5722 static int 5723 iwn_read_firmware_tlv(struct iwn_softc *sc, struct iwn_fw_info *fw, 5724 uint16_t alt) 5725 { 5726 const struct iwn_fw_tlv_hdr *hdr; 5727 const struct iwn_fw_tlv *tlv; 5728 const uint8_t *ptr, *end; 5729 uint64_t altmask; 5730 uint32_t len; 5731 5732 if (fw->size < sizeof (*hdr)) { 5733 aprint_error_dev(sc->sc_dev, 5734 "firmware too short: %zd bytes\n", fw->size); 5735 return EINVAL; 5736 } 5737 hdr = (const struct iwn_fw_tlv_hdr *)fw->data; 5738 if (hdr->signature != htole32(IWN_FW_SIGNATURE)) { 5739 aprint_error_dev(sc->sc_dev, 5740 "bad firmware signature 0x%08x\n", le32toh(hdr->signature)); 5741 return EINVAL; 5742 } 5743 DPRINTF(("FW: \"%.64s\", build 0x%x\n", hdr->descr, 5744 le32toh(hdr->build))); 5745 5746 /* 5747 * Select the closest supported alternative that is less than 5748 * or equal to the specified one. 5749 */ 5750 altmask = le64toh(hdr->altmask); 5751 while (alt > 0 && !(altmask & (1ULL << alt))) 5752 alt--; /* Downgrade. */ 5753 DPRINTF(("using alternative %d\n", alt)); 5754 5755 ptr = (const uint8_t *)(hdr + 1); 5756 end = (const uint8_t *)(fw->data + fw->size); 5757 5758 /* Parse type-length-value fields. */ 5759 while (ptr + sizeof (*tlv) <= end) { 5760 tlv = (const struct iwn_fw_tlv *)ptr; 5761 len = le32toh(tlv->len); 5762 5763 ptr += sizeof (*tlv); 5764 if (ptr + len > end) { 5765 aprint_error_dev(sc->sc_dev, 5766 "firmware too short: %zd bytes\n", fw->size); 5767 return EINVAL; 5768 } 5769 /* Skip other alternatives. */ 5770 if (tlv->alt != 0 && tlv->alt != htole16(alt)) 5771 goto next; 5772 5773 switch (le16toh(tlv->type)) { 5774 case IWN_FW_TLV_MAIN_TEXT: 5775 fw->main.text = ptr; 5776 fw->main.textsz = len; 5777 break; 5778 case IWN_FW_TLV_MAIN_DATA: 5779 fw->main.data = ptr; 5780 fw->main.datasz = len; 5781 break; 5782 case IWN_FW_TLV_INIT_TEXT: 5783 fw->init.text = ptr; 5784 fw->init.textsz = len; 5785 break; 5786 case IWN_FW_TLV_INIT_DATA: 5787 fw->init.data = ptr; 5788 fw->init.datasz = len; 5789 break; 5790 case IWN_FW_TLV_BOOT_TEXT: 5791 fw->boot.text = ptr; 5792 fw->boot.textsz = len; 5793 break; 5794 case IWN_FW_TLV_ENH_SENS: 5795 if (len != 0) { 5796 aprint_error_dev(sc->sc_dev, 5797 "TLV type %d has invalid size %u\n", 5798 le16toh(tlv->type), len); 5799 goto next; 5800 } 5801 sc->sc_flags |= IWN_FLAG_ENH_SENS; 5802 break; 5803 case IWN_FW_TLV_PHY_CALIB: 5804 if (len != sizeof(uint32_t)) { 5805 aprint_error_dev(sc->sc_dev, 5806 "TLV type %d has invalid size %u\n", 5807 le16toh(tlv->type), len); 5808 goto next; 5809 } 5810 if (le32toh(*ptr) <= IWN5000_PHY_CALIB_MAX) { 5811 sc->reset_noise_gain = le32toh(*ptr); 5812 sc->noise_gain = le32toh(*ptr) + 1; 5813 } 5814 break; 5815 case IWN_FW_TLV_FLAGS: 5816 if (len < sizeof(uint32_t)) 5817 break; 5818 if (len % sizeof(uint32_t)) 5819 break; 5820 sc->tlv_feature_flags = le32toh(*ptr); 5821 DPRINTF(("feature: 0x%08x\n", sc->tlv_feature_flags)); 5822 break; 5823 default: 5824 DPRINTF(("TLV type %d not handled\n", 5825 le16toh(tlv->type))); 5826 break; 5827 } 5828 next: /* TLV fields are 32-bit aligned. */ 5829 ptr += (len + 3) & ~3; 5830 } 5831 return 0; 5832 } 5833 5834 static int 5835 iwn_read_firmware(struct iwn_softc *sc) 5836 { 5837 struct iwn_fw_info *fw = &sc->fw; 5838 firmware_handle_t fwh; 5839 int error; 5840 5841 /* 5842 * Some PHY calibration commands are firmware-dependent; these 5843 * are the default values that will be overridden if 5844 * necessary. 5845 */ 5846 sc->reset_noise_gain = IWN5000_PHY_CALIB_RESET_NOISE_GAIN; 5847 sc->noise_gain = IWN5000_PHY_CALIB_NOISE_GAIN; 5848 5849 /* Initialize for error returns */ 5850 fw->data = NULL; 5851 fw->size = 0; 5852 5853 /* Open firmware image. */ 5854 if ((error = firmware_open("if_iwn", sc->fwname, &fwh)) != 0) { 5855 aprint_error_dev(sc->sc_dev, 5856 "could not get firmware handle %s\n", sc->fwname); 5857 return error; 5858 } 5859 fw->size = firmware_get_size(fwh); 5860 if (fw->size < sizeof (uint32_t)) { 5861 aprint_error_dev(sc->sc_dev, 5862 "firmware too short: %zd bytes\n", fw->size); 5863 firmware_close(fwh); 5864 return EINVAL; 5865 } 5866 5867 /* Read the firmware. */ 5868 fw->data = firmware_malloc(fw->size); 5869 if (fw->data == NULL) { 5870 aprint_error_dev(sc->sc_dev, 5871 "not enough memory to stock firmware %s\n", sc->fwname); 5872 firmware_close(fwh); 5873 return ENOMEM; 5874 } 5875 error = firmware_read(fwh, 0, fw->data, fw->size); 5876 firmware_close(fwh); 5877 if (error != 0) { 5878 aprint_error_dev(sc->sc_dev, 5879 "could not read firmware %s\n", sc->fwname); 5880 goto out; 5881 } 5882 5883 /* Retrieve text and data sections. */ 5884 if (*(const uint32_t *)fw->data != 0) /* Legacy image. */ 5885 error = iwn_read_firmware_leg(sc, fw); 5886 else 5887 error = iwn_read_firmware_tlv(sc, fw, 1); 5888 if (error != 0) { 5889 aprint_error_dev(sc->sc_dev, 5890 "could not read firmware sections\n"); 5891 goto out; 5892 } 5893 5894 /* Make sure text and data sections fit in hardware memory. */ 5895 if (fw->main.textsz > sc->fw_text_maxsz || 5896 fw->main.datasz > sc->fw_data_maxsz || 5897 fw->init.textsz > sc->fw_text_maxsz || 5898 fw->init.datasz > sc->fw_data_maxsz || 5899 fw->boot.textsz > IWN_FW_BOOT_TEXT_MAXSZ || 5900 (fw->boot.textsz & 3) != 0) { 5901 aprint_error_dev(sc->sc_dev, 5902 "firmware sections too large\n"); 5903 goto out; 5904 } 5905 5906 /* We can proceed with loading the firmware. */ 5907 return 0; 5908 out: 5909 firmware_free(fw->data, fw->size); 5910 fw->data = NULL; 5911 fw->size = 0; 5912 return error ? error : EINVAL; 5913 } 5914 5915 static int 5916 iwn_clock_wait(struct iwn_softc *sc) 5917 { 5918 int ntries; 5919 5920 /* Set "initialization complete" bit. */ 5921 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 5922 5923 /* Wait for clock stabilization. */ 5924 for (ntries = 0; ntries < 2500; ntries++) { 5925 if (IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_MAC_CLOCK_READY) 5926 return 0; 5927 DELAY(10); 5928 } 5929 aprint_error_dev(sc->sc_dev, 5930 "timeout waiting for clock stabilization\n"); 5931 return ETIMEDOUT; 5932 } 5933 5934 static int 5935 iwn_apm_init(struct iwn_softc *sc) 5936 { 5937 pcireg_t reg; 5938 int error; 5939 5940 /* Disable L0s exit timer (NMI bug workaround). */ 5941 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_DIS_L0S_TIMER); 5942 /* Don't wait for ICH L0s (ICH bug workaround). */ 5943 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_L1A_NO_L0S_RX); 5944 5945 /* Set FH wait threshold to max (HW bug under stress workaround). */ 5946 IWN_SETBITS(sc, IWN_DBG_HPET_MEM, 0xffff0000); 5947 5948 /* Enable HAP INTA to move adapter from L1a to L0s. */ 5949 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_HAP_WAKE_L1A); 5950 5951 /* Retrieve PCIe Active State Power Management (ASPM). */ 5952 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 5953 sc->sc_cap_off + PCIE_LCSR); 5954 /* Workaround for HW instability in PCIe L0->L0s->L1 transition. */ 5955 if (reg & PCIE_LCSR_ASPM_L1) /* L1 Entry enabled. */ 5956 IWN_SETBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 5957 else 5958 IWN_CLRBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 5959 5960 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 5961 sc->hw_type <= IWN_HW_REV_TYPE_1000) 5962 IWN_SETBITS(sc, IWN_ANA_PLL, IWN_ANA_PLL_INIT); 5963 5964 /* Wait for clock stabilization before accessing prph. */ 5965 if ((error = iwn_clock_wait(sc)) != 0) 5966 return error; 5967 5968 if ((error = iwn_nic_lock(sc)) != 0) 5969 return error; 5970 if (sc->hw_type == IWN_HW_REV_TYPE_4965) { 5971 /* Enable DMA and BSM (Bootstrap State Machine). */ 5972 iwn_prph_write(sc, IWN_APMG_CLK_EN, 5973 IWN_APMG_CLK_CTRL_DMA_CLK_RQT | 5974 IWN_APMG_CLK_CTRL_BSM_CLK_RQT); 5975 } else { 5976 /* Enable DMA. */ 5977 iwn_prph_write(sc, IWN_APMG_CLK_EN, 5978 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 5979 } 5980 DELAY(20); 5981 /* Disable L1-Active. */ 5982 iwn_prph_setbits(sc, IWN_APMG_PCI_STT, IWN_APMG_PCI_STT_L1A_DIS); 5983 iwn_nic_unlock(sc); 5984 5985 return 0; 5986 } 5987 5988 static void 5989 iwn_apm_stop_master(struct iwn_softc *sc) 5990 { 5991 int ntries; 5992 5993 /* Stop busmaster DMA activity. */ 5994 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_STOP_MASTER); 5995 for (ntries = 0; ntries < 100; ntries++) { 5996 if (IWN_READ(sc, IWN_RESET) & IWN_RESET_MASTER_DISABLED) 5997 return; 5998 DELAY(10); 5999 } 6000 aprint_error_dev(sc->sc_dev, "timeout waiting for master\n"); 6001 } 6002 6003 static void 6004 iwn_apm_stop(struct iwn_softc *sc) 6005 { 6006 iwn_apm_stop_master(sc); 6007 6008 /* Reset the entire device. */ 6009 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_SW); 6010 DELAY(10); 6011 /* Clear "initialization complete" bit. */ 6012 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 6013 } 6014 6015 static int 6016 iwn4965_nic_config(struct iwn_softc *sc) 6017 { 6018 if (IWN_RFCFG_TYPE(sc->rfcfg) == 1) { 6019 /* 6020 * I don't believe this to be correct but this is what the 6021 * vendor driver is doing. Probably the bits should not be 6022 * shifted in IWN_RFCFG_*. 6023 */ 6024 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 6025 IWN_RFCFG_TYPE(sc->rfcfg) | 6026 IWN_RFCFG_STEP(sc->rfcfg) | 6027 IWN_RFCFG_DASH(sc->rfcfg)); 6028 } 6029 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 6030 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 6031 return 0; 6032 } 6033 6034 static int 6035 iwn5000_nic_config(struct iwn_softc *sc) 6036 { 6037 uint32_t tmp; 6038 int error; 6039 6040 if (IWN_RFCFG_TYPE(sc->rfcfg) < 3) { 6041 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 6042 IWN_RFCFG_TYPE(sc->rfcfg) | 6043 IWN_RFCFG_STEP(sc->rfcfg) | 6044 IWN_RFCFG_DASH(sc->rfcfg)); 6045 } 6046 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 6047 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 6048 6049 if ((error = iwn_nic_lock(sc)) != 0) 6050 return error; 6051 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_EARLY_PWROFF_DIS); 6052 6053 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 6054 /* 6055 * Select first Switching Voltage Regulator (1.32V) to 6056 * solve a stability issue related to noisy DC2DC line 6057 * in the silicon of 1000 Series. 6058 */ 6059 tmp = iwn_prph_read(sc, IWN_APMG_DIGITAL_SVR); 6060 tmp &= ~IWN_APMG_DIGITAL_SVR_VOLTAGE_MASK; 6061 tmp |= IWN_APMG_DIGITAL_SVR_VOLTAGE_1_32; 6062 iwn_prph_write(sc, IWN_APMG_DIGITAL_SVR, tmp); 6063 } 6064 iwn_nic_unlock(sc); 6065 6066 if (sc->sc_flags & IWN_FLAG_INTERNAL_PA) { 6067 /* Use internal power amplifier only. */ 6068 IWN_WRITE(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_RADIO_2X2_IPA); 6069 } 6070 if ((sc->hw_type == IWN_HW_REV_TYPE_6050 || 6071 sc->hw_type == IWN_HW_REV_TYPE_6005) && sc->calib_ver >= 6) { 6072 /* Indicate that ROM calibration version is >=6. */ 6073 IWN_SETBITS(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_CALIB_VER6); 6074 } 6075 if (sc->hw_type == IWN_HW_REV_TYPE_6005) 6076 IWN_SETBITS(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_6050_1X2); 6077 if (sc->hw_type == IWN_HW_REV_TYPE_2030 || 6078 sc->hw_type == IWN_HW_REV_TYPE_2000 || 6079 sc->hw_type == IWN_HW_REV_TYPE_135 || 6080 sc->hw_type == IWN_HW_REV_TYPE_105) 6081 IWN_SETBITS(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_RADIO_IQ_INVERT); 6082 return 0; 6083 } 6084 6085 /* 6086 * Take NIC ownership over Intel Active Management Technology (AMT). 6087 */ 6088 static int 6089 iwn_hw_prepare(struct iwn_softc *sc) 6090 { 6091 int ntries; 6092 6093 /* Check if hardware is ready. */ 6094 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 6095 for (ntries = 0; ntries < 5; ntries++) { 6096 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 6097 IWN_HW_IF_CONFIG_NIC_READY) 6098 return 0; 6099 DELAY(10); 6100 } 6101 6102 /* Hardware not ready, force into ready state. */ 6103 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_PREPARE); 6104 for (ntries = 0; ntries < 15000; ntries++) { 6105 if (!(IWN_READ(sc, IWN_HW_IF_CONFIG) & 6106 IWN_HW_IF_CONFIG_PREPARE_DONE)) 6107 break; 6108 DELAY(10); 6109 } 6110 if (ntries == 15000) 6111 return ETIMEDOUT; 6112 6113 /* Hardware should be ready now. */ 6114 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 6115 for (ntries = 0; ntries < 5; ntries++) { 6116 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 6117 IWN_HW_IF_CONFIG_NIC_READY) 6118 return 0; 6119 DELAY(10); 6120 } 6121 return ETIMEDOUT; 6122 } 6123 6124 static int 6125 iwn_hw_init(struct iwn_softc *sc) 6126 { 6127 struct iwn_ops *ops = &sc->ops; 6128 int error, chnl, qid; 6129 6130 /* Clear pending interrupts. */ 6131 IWN_WRITE(sc, IWN_INT, 0xffffffff); 6132 6133 if ((error = iwn_apm_init(sc)) != 0) { 6134 aprint_error_dev(sc->sc_dev, 6135 "could not power ON adapter\n"); 6136 return error; 6137 } 6138 6139 /* Select VMAIN power source. */ 6140 if ((error = iwn_nic_lock(sc)) != 0) 6141 return error; 6142 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_PWR_SRC_MASK); 6143 iwn_nic_unlock(sc); 6144 6145 /* Perform adapter-specific initialization. */ 6146 if ((error = ops->nic_config(sc)) != 0) 6147 return error; 6148 6149 /* Initialize RX ring. */ 6150 if ((error = iwn_nic_lock(sc)) != 0) 6151 return error; 6152 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 6153 IWN_WRITE(sc, IWN_FH_RX_WPTR, 0); 6154 /* Set physical address of RX ring (256-byte aligned). */ 6155 IWN_WRITE(sc, IWN_FH_RX_BASE, sc->rxq.desc_dma.paddr >> 8); 6156 /* Set physical address of RX status (16-byte aligned). */ 6157 IWN_WRITE(sc, IWN_FH_STATUS_WPTR, sc->rxq.stat_dma.paddr >> 4); 6158 /* Enable RX. */ 6159 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 6160 IWN_FH_RX_CONFIG_ENA | 6161 IWN_FH_RX_CONFIG_IGN_RXF_EMPTY | /* HW bug workaround */ 6162 IWN_FH_RX_CONFIG_IRQ_DST_HOST | 6163 IWN_FH_RX_CONFIG_SINGLE_FRAME | 6164 IWN_FH_RX_CONFIG_RB_TIMEOUT(0) | 6165 IWN_FH_RX_CONFIG_NRBD(IWN_RX_RING_COUNT_LOG)); 6166 iwn_nic_unlock(sc); 6167 IWN_WRITE(sc, IWN_FH_RX_WPTR, (IWN_RX_RING_COUNT - 1) & ~7); 6168 6169 if ((error = iwn_nic_lock(sc)) != 0) 6170 return error; 6171 6172 /* Initialize TX scheduler. */ 6173 iwn_prph_write(sc, sc->sched_txfact_addr, 0); 6174 6175 /* Set physical address of "keep warm" page (16-byte aligned). */ 6176 IWN_WRITE(sc, IWN_FH_KW_ADDR, sc->kw_dma.paddr >> 4); 6177 6178 /* Initialize TX rings. */ 6179 for (qid = 0; qid < sc->ntxqs; qid++) { 6180 struct iwn_tx_ring *txq = &sc->txq[qid]; 6181 6182 /* Set physical address of TX ring (256-byte aligned). */ 6183 IWN_WRITE(sc, IWN_FH_CBBC_QUEUE(qid), 6184 txq->desc_dma.paddr >> 8); 6185 } 6186 iwn_nic_unlock(sc); 6187 6188 /* Enable DMA channels. */ 6189 for (chnl = 0; chnl < sc->ndmachnls; chnl++) { 6190 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 6191 IWN_FH_TX_CONFIG_DMA_ENA | 6192 IWN_FH_TX_CONFIG_DMA_CREDIT_ENA); 6193 } 6194 6195 /* Clear "radio off" and "commands blocked" bits. */ 6196 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 6197 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CMD_BLOCKED); 6198 6199 /* Clear pending interrupts. */ 6200 IWN_WRITE(sc, IWN_INT, 0xffffffff); 6201 /* Enable interrupt coalescing. */ 6202 IWN_WRITE(sc, IWN_INT_COALESCING, 512 / 8); 6203 /* Enable interrupts. */ 6204 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 6205 6206 /* _Really_ make sure "radio off" bit is cleared! */ 6207 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 6208 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 6209 6210 /* Enable shadow registers. */ 6211 if (sc->hw_type >= IWN_HW_REV_TYPE_6000) 6212 IWN_SETBITS(sc, IWN_SHADOW_REG_CTRL, 0x800fffff); 6213 6214 if ((error = ops->load_firmware(sc)) != 0) { 6215 aprint_error_dev(sc->sc_dev, 6216 "could not load firmware\n"); 6217 return error; 6218 } 6219 /* Wait at most one second for firmware alive notification. */ 6220 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 6221 aprint_error_dev(sc->sc_dev, 6222 "timeout waiting for adapter to initialize\n"); 6223 return error; 6224 } 6225 /* Do post-firmware initialization. */ 6226 return ops->post_alive(sc); 6227 } 6228 6229 static void 6230 iwn_hw_stop(struct iwn_softc *sc) 6231 { 6232 int chnl, qid, ntries; 6233 6234 IWN_WRITE(sc, IWN_RESET, IWN_RESET_NEVO); 6235 6236 /* Disable interrupts. */ 6237 IWN_WRITE(sc, IWN_INT_MASK, 0); 6238 IWN_WRITE(sc, IWN_INT, 0xffffffff); 6239 IWN_WRITE(sc, IWN_FH_INT, 0xffffffff); 6240 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 6241 6242 /* Make sure we no longer hold the NIC lock. */ 6243 iwn_nic_unlock(sc); 6244 6245 /* Stop TX scheduler. */ 6246 iwn_prph_write(sc, sc->sched_txfact_addr, 0); 6247 6248 /* Stop all DMA channels. */ 6249 if (iwn_nic_lock(sc) == 0) { 6250 for (chnl = 0; chnl < sc->ndmachnls; chnl++) { 6251 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 0); 6252 for (ntries = 0; ntries < 200; ntries++) { 6253 if (IWN_READ(sc, IWN_FH_TX_STATUS) & 6254 IWN_FH_TX_STATUS_IDLE(chnl)) 6255 break; 6256 DELAY(10); 6257 } 6258 } 6259 iwn_nic_unlock(sc); 6260 } 6261 6262 /* Stop RX ring. */ 6263 iwn_reset_rx_ring(sc, &sc->rxq); 6264 6265 /* Reset all TX rings. */ 6266 for (qid = 0; qid < sc->ntxqs; qid++) 6267 iwn_reset_tx_ring(sc, &sc->txq[qid]); 6268 6269 if (iwn_nic_lock(sc) == 0) { 6270 iwn_prph_write(sc, IWN_APMG_CLK_DIS, 6271 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 6272 iwn_nic_unlock(sc); 6273 } 6274 DELAY(5); 6275 /* Power OFF adapter. */ 6276 iwn_apm_stop(sc); 6277 } 6278 6279 static int 6280 iwn_init(struct ifnet *ifp) 6281 { 6282 struct iwn_softc *sc = ifp->if_softc; 6283 struct ieee80211com *ic = &sc->sc_ic; 6284 int error; 6285 6286 mutex_enter(&sc->sc_mtx); 6287 if (sc->sc_flags & IWN_FLAG_HW_INITED) 6288 goto out; 6289 if ((error = iwn_hw_prepare(sc)) != 0) { 6290 aprint_error_dev(sc->sc_dev, 6291 "hardware not ready\n"); 6292 goto fail; 6293 } 6294 6295 /* Check that the radio is not disabled by hardware switch. */ 6296 if (!(IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_RFKILL)) { 6297 aprint_error_dev(sc->sc_dev, 6298 "radio is disabled by hardware switch\n"); 6299 error = EPERM; /* :-) */ 6300 goto fail; 6301 } 6302 6303 /* Read firmware images from the filesystem. */ 6304 if ((error = iwn_read_firmware(sc)) != 0) { 6305 aprint_error_dev(sc->sc_dev, 6306 "could not read firmware\n"); 6307 goto fail; 6308 } 6309 6310 /* Initialize interrupt mask to default value. */ 6311 sc->int_mask = IWN_INT_MASK_DEF; 6312 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 6313 6314 /* Initialize hardware and upload firmware. */ 6315 KASSERT(sc->fw.data != NULL && sc->fw.size > 0); 6316 error = iwn_hw_init(sc); 6317 firmware_free(sc->fw.data, sc->fw.size); 6318 sc->fw.data = NULL; 6319 sc->fw.size = 0; 6320 if (error != 0) { 6321 aprint_error_dev(sc->sc_dev, 6322 "could not initialize hardware\n"); 6323 goto fail; 6324 } 6325 6326 /* Configure adapter now that it is ready. */ 6327 if ((error = iwn_config(sc)) != 0) { 6328 aprint_error_dev(sc->sc_dev, 6329 "could not configure device\n"); 6330 goto fail; 6331 } 6332 6333 ifp->if_flags &= ~IFF_OACTIVE; 6334 ifp->if_flags |= IFF_RUNNING; 6335 6336 if (ic->ic_opmode != IEEE80211_M_MONITOR) 6337 ieee80211_begin_scan(ic, 0); 6338 else 6339 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 6340 6341 sc->sc_flags |= IWN_FLAG_HW_INITED; 6342 out: 6343 mutex_exit(&sc->sc_mtx); 6344 return 0; 6345 6346 fail: mutex_exit(&sc->sc_mtx); 6347 iwn_stop(ifp, 1); 6348 return error; 6349 } 6350 6351 static void 6352 iwn_stop(struct ifnet *ifp, int disable) 6353 { 6354 struct iwn_softc *sc = ifp->if_softc; 6355 struct ieee80211com *ic = &sc->sc_ic; 6356 6357 if (!disable) 6358 mutex_enter(&sc->sc_mtx); 6359 sc->sc_flags &= ~IWN_FLAG_HW_INITED; 6360 ifp->if_timer = sc->sc_tx_timer = 0; 6361 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 6362 6363 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 6364 6365 /* Power OFF hardware. */ 6366 iwn_hw_stop(sc); 6367 6368 if (!disable) 6369 mutex_exit(&sc->sc_mtx); 6370 } 6371 6372 /* 6373 * XXX MCLGETI alternative 6374 * 6375 * With IWN_USE_RBUF defined it uses the rbuf cache for receive buffers 6376 * as long as there are available free buffers then it uses MEXTMALLOC., 6377 * Without IWN_USE_RBUF defined it uses MEXTMALLOC exclusively. 6378 * The MCLGET4K code is used for testing an alternative mbuf cache. 6379 */ 6380 6381 static struct mbuf * 6382 MCLGETIalt(struct iwn_softc *sc, int how, 6383 struct ifnet *ifp __unused, u_int size) 6384 { 6385 struct mbuf *m; 6386 #ifdef IWN_USE_RBUF 6387 struct iwn_rbuf *rbuf; 6388 #endif 6389 6390 MGETHDR(m, how, MT_DATA); 6391 if (m == NULL) 6392 return NULL; 6393 6394 #ifdef IWN_USE_RBUF 6395 if (sc->rxq.nb_free_entries > 0 && 6396 (rbuf = iwn_alloc_rbuf(sc)) != NULL) { 6397 /* Attach buffer to mbuf header. */ 6398 MEXTADD(m, rbuf->vaddr, size, 0, iwn_free_rbuf, rbuf); 6399 m->m_flags |= M_EXT_RW; 6400 } 6401 else { 6402 MEXTMALLOC(m, size, how); 6403 if ((m->m_flags & M_EXT) == 0) { 6404 m_freem(m); 6405 return NULL; 6406 } 6407 } 6408 6409 #else 6410 #ifdef MCLGET4K 6411 if (size == 4096) 6412 MCLGET4K(m, how); 6413 else 6414 panic("size must be 4k"); 6415 #else 6416 MEXTMALLOC(m, size, how); 6417 #endif 6418 if ((m->m_flags & M_EXT) == 0) { 6419 m_freem(m); 6420 return NULL; 6421 } 6422 #endif 6423 6424 return m; 6425 } 6426 6427 #ifdef IWN_USE_RBUF 6428 static struct iwn_rbuf * 6429 iwn_alloc_rbuf(struct iwn_softc *sc) 6430 { 6431 struct iwn_rbuf *rbuf; 6432 mutex_enter(&sc->rxq.freelist_mtx); 6433 6434 rbuf = SLIST_FIRST(&sc->rxq.freelist); 6435 if (rbuf != NULL) { 6436 SLIST_REMOVE_HEAD(&sc->rxq.freelist, next); 6437 sc->rxq.nb_free_entries --; 6438 } 6439 mutex_exit(&sc->rxq.freelist_mtx); 6440 return rbuf; 6441 } 6442 6443 /* 6444 * This is called automatically by the network stack when the mbuf to which 6445 * our RX buffer is attached is freed. 6446 */ 6447 static void 6448 iwn_free_rbuf(struct mbuf* m, void *buf, size_t size, void *arg) 6449 { 6450 struct iwn_rbuf *rbuf = arg; 6451 struct iwn_softc *sc = rbuf->sc; 6452 6453 /* Put the RX buffer back in the free list. */ 6454 mutex_enter(&sc->rxq.freelist_mtx); 6455 SLIST_INSERT_HEAD(&sc->rxq.freelist, rbuf, next); 6456 mutex_exit(&sc->rxq.freelist_mtx); 6457 6458 sc->rxq.nb_free_entries ++; 6459 if (__predict_true(m != NULL)) 6460 pool_cache_put(mb_cache, m); 6461 } 6462 6463 static int 6464 iwn_alloc_rpool(struct iwn_softc *sc) 6465 { 6466 struct iwn_rx_ring *ring = &sc->rxq; 6467 struct iwn_rbuf *rbuf; 6468 int i, error; 6469 6470 mutex_init(&ring->freelist_mtx, MUTEX_DEFAULT, IPL_NET); 6471 6472 /* Allocate a big chunk of DMA'able memory... */ 6473 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->buf_dma, NULL, 6474 IWN_RBUF_COUNT * IWN_RBUF_SIZE, PAGE_SIZE); 6475 if (error != 0) { 6476 aprint_error_dev(sc->sc_dev, 6477 "could not allocate RX buffers DMA memory\n"); 6478 return error; 6479 } 6480 /* ...and split it into chunks of IWN_RBUF_SIZE bytes. */ 6481 SLIST_INIT(&ring->freelist); 6482 for (i = 0; i < IWN_RBUF_COUNT; i++) { 6483 rbuf = &ring->rbuf[i]; 6484 6485 rbuf->sc = sc; /* Backpointer for callbacks. */ 6486 rbuf->vaddr = (void *)((vaddr_t)ring->buf_dma.vaddr + i * IWN_RBUF_SIZE); 6487 rbuf->paddr = ring->buf_dma.paddr + i * IWN_RBUF_SIZE; 6488 6489 SLIST_INSERT_HEAD(&ring->freelist, rbuf, next); 6490 } 6491 ring->nb_free_entries = IWN_RBUF_COUNT; 6492 return 0; 6493 } 6494 6495 static void 6496 iwn_free_rpool(struct iwn_softc *sc) 6497 { 6498 iwn_dma_contig_free(&sc->rxq.buf_dma); 6499 } 6500 #endif 6501 6502 /* 6503 * XXX: Hack to set the current channel to the value advertised in beacons or 6504 * probe responses. Only used during AP detection. 6505 * XXX: Duplicated from if_iwi.c 6506 */ 6507 static void 6508 iwn_fix_channel(struct ieee80211com *ic, struct mbuf *m, 6509 struct iwn_rx_stat *stat) 6510 { 6511 struct iwn_softc *sc = ic->ic_ifp->if_softc; 6512 struct ieee80211_frame *wh; 6513 uint8_t subtype; 6514 uint8_t *frm, *efrm; 6515 6516 wh = mtod(m, struct ieee80211_frame *); 6517 6518 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 6519 return; 6520 6521 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 6522 6523 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 6524 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 6525 return; 6526 6527 if (sc->sc_flags & IWN_FLAG_SCANNING_5GHZ) { 6528 int chan = le16toh(stat->chan); 6529 if (chan < __arraycount(ic->ic_channels)) 6530 ic->ic_curchan = &ic->ic_channels[chan]; 6531 return; 6532 } 6533 6534 frm = (uint8_t *)(wh + 1); 6535 efrm = mtod(m, uint8_t *) + m->m_len; 6536 6537 frm += 12; /* skip tstamp, bintval and capinfo fields */ 6538 while (frm < efrm) { 6539 if (*frm == IEEE80211_ELEMID_DSPARMS) 6540 #if IEEE80211_CHAN_MAX < 255 6541 if (frm[2] <= IEEE80211_CHAN_MAX) 6542 #endif 6543 ic->ic_curchan = &ic->ic_channels[frm[2]]; 6544 6545 frm += frm[1] + 2; 6546 } 6547 } 6548 6549 #ifdef notyetMODULE 6550 6551 MODULE(MODULE_CLASS_DRIVER, if_iwn, "pci"); 6552 6553 #ifdef _MODULE 6554 #include "ioconf.c" 6555 #endif 6556 6557 static int 6558 if_iwn_modcmd(modcmd_t cmd, void *data) 6559 { 6560 int error = 0; 6561 6562 switch (cmd) { 6563 case MODULE_CMD_INIT: 6564 #ifdef _MODULE 6565 error = config_init_component(cfdriver_ioconf_if_iwn, 6566 cfattach_ioconf_if_iwn, cfdata_ioconf_if_iwn); 6567 #endif 6568 return error; 6569 case MODULE_CMD_FINI: 6570 #ifdef _MODULE 6571 error = config_fini_component(cfdriver_ioconf_if_iwn, 6572 cfattach_ioconf_if_iwn, cfdata_ioconf_if_iwn); 6573 #endif 6574 return error; 6575 case MODULE_CMD_AUTOUNLOAD: 6576 #ifdef _MODULE 6577 /* XXX This is not optional! */ 6578 #endif 6579 return error; 6580 default: 6581 return ENOTTY; 6582 } 6583 } 6584 #endif 6585