1 /* $OpenBSD: acx.c,v 1.93 2009/03/31 22:06:04 claudio Exp $ */ 2 3 /* 4 * Copyright (c) 2006 Jonathan Gray <jsg@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /* 20 * Copyright (c) 2006 The DragonFly Project. All rights reserved. 21 * 22 * This code is derived from software contributed to The DragonFly Project 23 * by Sepherosa Ziehau <sepherosa@gmail.com> 24 * 25 * Redistribution and use in source and binary forms, with or without 26 * modification, are permitted provided that the following conditions 27 * are met: 28 * 29 * 1. Redistributions of source code must retain the above copyright 30 * notice, this list of conditions and the following disclaimer. 31 * 2. Redistributions in binary form must reproduce the above copyright 32 * notice, this list of conditions and the following disclaimer in 33 * the documentation and/or other materials provided with the 34 * distribution. 35 * 3. Neither the name of The DragonFly Project nor the names of its 36 * contributors may be used to endorse or promote products derived 37 * from this software without specific, prior written permission. 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 40 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 41 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 42 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 43 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 44 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 45 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 47 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 48 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 49 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 */ 52 53 /* 54 * Copyright (c) 2003-2004 wlan.kewl.org Project 55 * All rights reserved. 56 * 57 * Redistribution and use in source and binary forms, with or without 58 * modification, are permitted provided that the following conditions 59 * are met: 60 * 61 * 1. Redistributions of source code must retain the above copyright 62 * notice, this list of conditions and the following disclaimer. 63 * 64 * 2. Redistributions in binary form must reproduce the above copyright 65 * notice, this list of conditions and the following disclaimer in the 66 * documentation and/or other materials provided with the distribution. 67 * 68 * 3. All advertising materials mentioning features or use of this software 69 * must display the following acknowledgement: 70 * 71 * This product includes software developed by the wlan.kewl.org Project. 72 * 73 * 4. Neither the name of the wlan.kewl.org Project nor the names of its 74 * contributors may be used to endorse or promote products derived from 75 * this software without specific prior written permission. 76 * 77 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, 78 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY 79 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 80 * THE wlan.kewl.org Project BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 81 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 82 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 83 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 84 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 85 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 86 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 87 */ 88 89 #include <sys/cdefs.h> 90 #include "bpfilter.h" 91 92 #include <sys/param.h> 93 #include <sys/systm.h> 94 #include <sys/kernel.h> 95 #include <sys/malloc.h> 96 #include <sys/mbuf.h> 97 #include <sys/proc.h> 98 #include <sys/socket.h> 99 #include <sys/sockio.h> 100 #include <sys/ioctl.h> 101 #include <sys/types.h> 102 103 #include <machine/bus.h> 104 #include <machine/endian.h> 105 #include <machine/intr.h> 106 107 #include <net/if.h> 108 #include <net/if_arp.h> 109 #include <net/if_dl.h> 110 #include <net/if_media.h> 111 #include <net/if_types.h> 112 113 #if NBPFILTER > 0 114 #include <net/bpf.h> 115 #endif 116 117 #ifdef INET 118 #include <netinet/in.h> 119 #include <netinet/in_systm.h> 120 #include <netinet/in_var.h> 121 #include <netinet/if_ether.h> 122 #include <netinet/ip.h> 123 #endif 124 125 #include <net80211/ieee80211_var.h> 126 #include <net80211/ieee80211_amrr.h> 127 #include <net80211/ieee80211_radiotap.h> 128 129 #include <dev/pci/pcireg.h> 130 #include <dev/pci/pcivar.h> 131 #include <dev/pci/pcidevs.h> 132 133 #include <dev/ic/acxvar.h> 134 #include <dev/ic/acxreg.h> 135 136 #ifdef ACX_DEBUG 137 int acxdebug = 0; 138 #endif 139 140 int acx_attach(struct acx_softc *); 141 int acx_detach(void *); 142 143 int acx_init(struct ifnet *); 144 int acx_stop(struct acx_softc *); 145 void acx_init_info_reg(struct acx_softc *); 146 int acx_config(struct acx_softc *); 147 int acx_read_config(struct acx_softc *, struct acx_config *); 148 int acx_write_config(struct acx_softc *, struct acx_config *); 149 int acx_rx_config(struct acx_softc *); 150 int acx_set_crypt_keys(struct acx_softc *); 151 void acx_next_scan(void *); 152 153 void acx_start(struct ifnet *); 154 void acx_watchdog(struct ifnet *); 155 156 int acx_ioctl(struct ifnet *, u_long, caddr_t); 157 158 int acx_intr(void *); 159 void acx_disable_intr(struct acx_softc *); 160 void acx_enable_intr(struct acx_softc *); 161 void acx_txeof(struct acx_softc *); 162 void acx_txerr(struct acx_softc *, uint8_t); 163 void acx_rxeof(struct acx_softc *); 164 165 int acx_dma_alloc(struct acx_softc *); 166 void acx_dma_free(struct acx_softc *); 167 void acx_init_tx_ring(struct acx_softc *); 168 int acx_init_rx_ring(struct acx_softc *); 169 int acx_newbuf(struct acx_softc *, struct acx_rxbuf *, int); 170 int acx_encap(struct acx_softc *, struct acx_txbuf *, 171 struct mbuf *, struct ieee80211_node *, int); 172 173 int acx_reset(struct acx_softc *); 174 175 int acx_set_null_tmplt(struct acx_softc *); 176 int acx_set_probe_req_tmplt(struct acx_softc *, const char *, int); 177 #ifndef IEEE80211_STA_ONLY 178 int acx_set_probe_resp_tmplt(struct acx_softc *, struct ieee80211_node *); 179 int acx_beacon_locate(struct mbuf *, u_int8_t); 180 int acx_set_beacon_tmplt(struct acx_softc *, struct ieee80211_node *); 181 #endif 182 183 int acx_read_eeprom(struct acx_softc *, uint32_t, uint8_t *); 184 int acx_read_phyreg(struct acx_softc *, uint32_t, uint8_t *); 185 const char * acx_get_rf(int); 186 int acx_get_maxrssi(int); 187 188 int acx_load_firmware(struct acx_softc *, uint32_t, 189 const uint8_t *, int); 190 int acx_load_radio_firmware(struct acx_softc *, const char *); 191 int acx_load_base_firmware(struct acx_softc *, const char *); 192 193 struct ieee80211_node 194 *acx_node_alloc(struct ieee80211com *); 195 int acx_newstate(struct ieee80211com *, enum ieee80211_state, int); 196 197 void acx_init_cmd_reg(struct acx_softc *); 198 int acx_join_bss(struct acx_softc *, uint8_t, struct ieee80211_node *); 199 int acx_set_channel(struct acx_softc *, uint8_t); 200 int acx_init_radio(struct acx_softc *, uint32_t, uint32_t); 201 202 void acx_iter_func(void *, struct ieee80211_node *); 203 void acx_amrr_timeout(void *); 204 void acx_newassoc(struct ieee80211com *, struct ieee80211_node *, int); 205 206 static int acx_chanscan_rate = 5; /* 5 channels per second */ 207 int acx_beacon_intvl = 100; /* 100 TU */ 208 209 /* 210 * Possible values for the second parameter of acx_join_bss() 211 */ 212 #define ACX_MODE_ADHOC 0 213 #define ACX_MODE_UNUSED 1 214 #define ACX_MODE_STA 2 215 #define ACX_MODE_AP 3 216 217 struct cfdriver acx_cd = { 218 NULL, "acx", DV_IFNET 219 }; 220 221 int 222 acx_attach(struct acx_softc *sc) 223 { 224 struct ieee80211com *ic = &sc->sc_ic; 225 struct ifnet *ifp = &sc->sc_ic.ic_if; 226 int i, error; 227 228 /* Initialize channel scanning timer */ 229 timeout_set(&sc->sc_chanscan_timer, acx_next_scan, sc); 230 231 /* Allocate busdma stuffs */ 232 error = acx_dma_alloc(sc); 233 if (error) { 234 printf("%s: attach failed, could not allocate DMA!\n", 235 sc->sc_dev.dv_xname); 236 return (error); 237 } 238 239 /* Reset Hardware */ 240 error = acx_reset(sc); 241 if (error) { 242 printf("%s: attach failed, could not reset device!\n", 243 sc->sc_dev.dv_xname); 244 return (error); 245 } 246 247 /* Disable interrupts before firmware is loaded */ 248 acx_disable_intr(sc); 249 250 /* Get radio type and form factor */ 251 #define EEINFO_RETRY_MAX 50 252 for (i = 0; i < EEINFO_RETRY_MAX; ++i) { 253 uint16_t ee_info; 254 255 ee_info = CSR_READ_2(sc, ACXREG_EEPROM_INFO); 256 if (ACX_EEINFO_HAS_RADIO_TYPE(ee_info)) { 257 sc->sc_form_factor = ACX_EEINFO_FORM_FACTOR(ee_info); 258 sc->sc_radio_type = ACX_EEINFO_RADIO_TYPE(ee_info); 259 break; 260 } 261 DELAY(10000); 262 } 263 if (i == EEINFO_RETRY_MAX) { 264 printf("%s: attach failed, could not get radio type!\n", 265 sc->sc_dev.dv_xname); 266 return (ENXIO); 267 } 268 #undef EEINFO_RETRY_MAX 269 270 #ifdef DUMP_EEPROM 271 for (i = 0; i < 0x40; ++i) { 272 uint8_t val; 273 274 error = acx_read_eeprom(sc, i, &val); 275 if (error) 276 return (error); 277 if (i % 10 == 0) 278 printf("\n"); 279 printf("%02x ", val); 280 } 281 printf("\n"); 282 #endif /* DUMP_EEPROM */ 283 284 /* Get EEPROM version */ 285 error = acx_read_eeprom(sc, ACX_EE_VERSION_OFS, &sc->sc_eeprom_ver); 286 if (error) { 287 printf("%s: attach failed, could not get EEPROM version!\n", 288 sc->sc_dev.dv_xname); 289 return (error); 290 } 291 292 ifp->if_softc = sc; 293 ifp->if_init = acx_init; 294 ifp->if_ioctl = acx_ioctl; 295 ifp->if_start = acx_start; 296 ifp->if_watchdog = acx_watchdog; 297 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST; 298 strlcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 299 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 300 IFQ_SET_READY(&ifp->if_snd); 301 302 /* Set channels */ 303 for (i = 1; i <= 14; ++i) { 304 ic->ic_channels[i].ic_freq = 305 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 306 ic->ic_channels[i].ic_flags = sc->chip_chan_flags; 307 } 308 309 ic->ic_opmode = IEEE80211_M_STA; 310 ic->ic_state = IEEE80211_S_INIT; 311 312 /* 313 * NOTE: Don't overwrite ic_caps set by chip specific code 314 */ 315 ic->ic_caps = 316 IEEE80211_C_WEP | /* WEP */ 317 IEEE80211_C_MONITOR | /* Monitor mode */ 318 #ifndef IEEE80211_STA_ONLY 319 IEEE80211_C_IBSS | /* IBSS mode */ 320 IEEE80211_C_HOSTAP | /* Access Point */ 321 #endif 322 IEEE80211_C_SHPREAMBLE; /* Short preamble */ 323 324 /* Get station id */ 325 for (i = 0; i < IEEE80211_ADDR_LEN; ++i) { 326 error = acx_read_eeprom(sc, sc->chip_ee_eaddr_ofs - i, 327 &ic->ic_myaddr[i]); 328 if (error) { 329 printf("%s: attach failed, could not get station id\n", 330 sc->sc_dev.dv_xname); 331 return error; 332 } 333 } 334 335 printf("%s: %s, radio %s (0x%02x), EEPROM ver %u, address %s\n", 336 sc->sc_dev.dv_xname, 337 (sc->sc_flags & ACX_FLAG_ACX111) ? "ACX111" : "ACX100", 338 acx_get_rf(sc->sc_radio_type), sc->sc_radio_type, 339 sc->sc_eeprom_ver, ether_sprintf(ic->ic_myaddr)); 340 341 if_attach(ifp); 342 ieee80211_ifattach(ifp); 343 344 /* Override node alloc */ 345 ic->ic_node_alloc = acx_node_alloc; 346 ic->ic_newassoc = acx_newassoc; 347 348 /* Override newstate */ 349 sc->sc_newstate = ic->ic_newstate; 350 ic->ic_newstate = acx_newstate; 351 352 /* Set maximal rssi */ 353 ic->ic_max_rssi = acx_get_maxrssi(sc->sc_radio_type); 354 355 ieee80211_media_init(ifp, ieee80211_media_change, 356 ieee80211_media_status); 357 358 /* AMRR rate control */ 359 sc->amrr.amrr_min_success_threshold = 1; 360 sc->amrr.amrr_max_success_threshold = 15; 361 timeout_set(&sc->amrr_ch, acx_amrr_timeout, sc); 362 363 sc->sc_long_retry_limit = 4; 364 sc->sc_short_retry_limit = 7; 365 sc->sc_msdu_lifetime = 4096; 366 367 #if NBPFILTER > 0 368 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 369 sizeof(struct ieee80211_frame) + 64); 370 371 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 372 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 373 sc->sc_rxtap.wr_ihdr.it_present = htole32(ACX_RX_RADIOTAP_PRESENT); 374 375 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 376 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 377 sc->sc_txtap.wt_ihdr.it_present = htole32(ACX_TX_RADIOTAP_PRESENT); 378 #endif 379 380 return (0); 381 } 382 383 int 384 acx_detach(void *xsc) 385 { 386 struct acx_softc *sc = xsc; 387 struct ieee80211com *ic = &sc->sc_ic; 388 struct ifnet *ifp = &ic->ic_if; 389 390 acx_stop(sc); 391 ieee80211_ifdetach(ifp); 392 if_detach(ifp); 393 394 acx_dma_free(sc); 395 396 return (0); 397 } 398 399 int 400 acx_init(struct ifnet *ifp) 401 { 402 struct acx_softc *sc = ifp->if_softc; 403 struct ieee80211com *ic = &sc->sc_ic; 404 char fname[] = "tiacx111c16"; 405 int error, combined = 0; 406 407 error = acx_stop(sc); 408 if (error) 409 return (EIO); 410 411 /* enable card if possible */ 412 if (sc->sc_enable != NULL) { 413 error = (*sc->sc_enable)(sc); 414 if (error) 415 return (EIO); 416 } 417 418 acx_init_tx_ring(sc); 419 420 error = acx_init_rx_ring(sc); 421 if (error) { 422 printf("%s: can't initialize RX ring\n", 423 sc->sc_dev.dv_xname); 424 goto back; 425 } 426 427 if (sc->sc_flags & ACX_FLAG_ACX111) { 428 snprintf(fname, sizeof(fname), "tiacx111c%02X", 429 sc->sc_radio_type); 430 error = acx_load_base_firmware(sc, fname); 431 432 if (!error) 433 combined = 1; 434 } 435 436 if (!combined) { 437 snprintf(fname, sizeof(fname), "tiacx%s", 438 (sc->sc_flags & ACX_FLAG_ACX111) ? "111" : "100"); 439 error = acx_load_base_firmware(sc, fname); 440 } 441 442 if (error) 443 goto back; 444 445 /* 446 * Initialize command and information registers 447 * NOTE: This should be done after base firmware is loaded 448 */ 449 acx_init_cmd_reg(sc); 450 acx_init_info_reg(sc); 451 452 sc->sc_flags |= ACX_FLAG_FW_LOADED; 453 454 if (!combined) { 455 snprintf(fname, sizeof(fname), "tiacx%sr%02X", 456 (sc->sc_flags & ACX_FLAG_ACX111) ? "111" : "100", 457 sc->sc_radio_type); 458 error = acx_load_radio_firmware(sc, fname); 459 460 if (error) 461 goto back; 462 } 463 464 error = sc->chip_init(sc); 465 if (error) 466 goto back; 467 468 /* Get and set device various configuration */ 469 error = acx_config(sc); 470 if (error) 471 goto back; 472 473 /* Setup crypto stuffs */ 474 if (sc->sc_ic.ic_flags & IEEE80211_F_WEPON) { 475 error = acx_set_crypt_keys(sc); 476 if (error) 477 goto back; 478 } 479 480 /* Turn on power led */ 481 CSR_CLRB_2(sc, ACXREG_GPIO_OUT, sc->chip_gpio_pled); 482 483 acx_enable_intr(sc); 484 485 ifp->if_flags |= IFF_RUNNING; 486 ifp->if_flags &= ~IFF_OACTIVE; 487 488 if (ic->ic_opmode != IEEE80211_M_MONITOR) 489 /* start background scanning */ 490 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 491 else 492 /* in monitor mode change directly into run state */ 493 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 494 495 return (0); 496 back: 497 acx_stop(sc); 498 return (error); 499 } 500 501 void 502 acx_init_info_reg(struct acx_softc *sc) 503 { 504 sc->sc_info = CSR_READ_4(sc, ACXREG_INFO_REG_OFFSET); 505 sc->sc_info_param = sc->sc_info + ACX_INFO_REG_SIZE; 506 } 507 508 int 509 acx_set_crypt_keys(struct acx_softc *sc) 510 { 511 struct ieee80211com *ic = &sc->sc_ic; 512 struct acx_conf_wep_txkey wep_txkey; 513 int i, error, got_wk = 0; 514 515 for (i = 0; i < IEEE80211_WEP_NKID; ++i) { 516 struct ieee80211_key *k = &ic->ic_nw_keys[i]; 517 518 if (k->k_len == 0) 519 continue; 520 521 if (sc->chip_hw_crypt) { 522 error = sc->chip_set_wepkey(sc, k, i); 523 if (error) 524 return (error); 525 got_wk = 1; 526 } 527 } 528 529 if (!got_wk) 530 return (0); 531 532 /* Set current WEP key index */ 533 wep_txkey.wep_txkey = ic->ic_wep_txkey; 534 if (acx_set_conf(sc, ACX_CONF_WEP_TXKEY, &wep_txkey, 535 sizeof(wep_txkey)) != 0) { 536 printf("%s: set WEP txkey failed\n", sc->sc_dev.dv_xname); 537 return (ENXIO); 538 } 539 540 return (0); 541 } 542 543 void 544 acx_next_scan(void *arg) 545 { 546 struct acx_softc *sc = arg; 547 struct ieee80211com *ic = &sc->sc_ic; 548 struct ifnet *ifp = &ic->ic_if; 549 550 if (ic->ic_state == IEEE80211_S_SCAN) 551 ieee80211_next_scan(ifp); 552 } 553 554 int 555 acx_stop(struct acx_softc *sc) 556 { 557 struct ieee80211com *ic = &sc->sc_ic; 558 struct ifnet *ifp = &ic->ic_if; 559 struct acx_buf_data *bd = &sc->sc_buf_data; 560 struct acx_ring_data *rd = &sc->sc_ring_data; 561 int i, error; 562 563 sc->sc_firmware_ver = 0; 564 sc->sc_hardware_id = 0; 565 566 /* Reset hardware */ 567 error = acx_reset(sc); 568 if (error) 569 return (error); 570 571 /* Firmware no longer functions after hardware reset */ 572 sc->sc_flags &= ~ACX_FLAG_FW_LOADED; 573 574 acx_disable_intr(sc); 575 576 /* Stop backgroud scanning */ 577 timeout_del(&sc->sc_chanscan_timer); 578 579 /* Turn off power led */ 580 CSR_SETB_2(sc, ACXREG_GPIO_OUT, sc->chip_gpio_pled); 581 582 /* Free TX mbuf */ 583 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 584 struct acx_txbuf *buf; 585 struct ieee80211_node *ni; 586 587 buf = &bd->tx_buf[i]; 588 589 if (buf->tb_mbuf != NULL) { 590 bus_dmamap_unload(sc->sc_dmat, buf->tb_mbuf_dmamap); 591 m_freem(buf->tb_mbuf); 592 buf->tb_mbuf = NULL; 593 } 594 595 ni = (struct ieee80211_node *)buf->tb_node; 596 if (ni != NULL) 597 ieee80211_release_node(ic, ni); 598 buf->tb_node = NULL; 599 } 600 601 /* Clear TX host descriptors */ 602 bzero(rd->tx_ring, ACX_TX_RING_SIZE); 603 604 /* Free RX mbuf */ 605 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 606 if (bd->rx_buf[i].rb_mbuf != NULL) { 607 bus_dmamap_unload(sc->sc_dmat, 608 bd->rx_buf[i].rb_mbuf_dmamap); 609 m_freem(bd->rx_buf[i].rb_mbuf); 610 bd->rx_buf[i].rb_mbuf = NULL; 611 } 612 } 613 614 /* Clear RX host descriptors */ 615 bzero(rd->rx_ring, ACX_RX_RING_SIZE); 616 617 sc->sc_txtimer = 0; 618 ifp->if_timer = 0; 619 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 620 ieee80211_new_state(&sc->sc_ic, IEEE80211_S_INIT, -1); 621 622 /* disable card if possible */ 623 if (sc->sc_disable != NULL) 624 (*sc->sc_disable)(sc); 625 626 return (0); 627 } 628 629 int 630 acx_config(struct acx_softc *sc) 631 { 632 struct acx_config conf; 633 int error; 634 635 error = acx_read_config(sc, &conf); 636 if (error) 637 return (error); 638 639 error = acx_write_config(sc, &conf); 640 if (error) 641 return (error); 642 643 error = acx_rx_config(sc); 644 if (error) 645 return (error); 646 647 if (acx_set_probe_req_tmplt(sc, "", 0) != 0) { 648 printf("%s: can't set probe req template " 649 "(empty ssid)\n", sc->sc_dev.dv_xname); 650 return (ENXIO); 651 } 652 653 /* XXX for PM?? */ 654 if (acx_set_null_tmplt(sc) != 0) { 655 printf("%s: can't set null data template\n", 656 sc->sc_dev.dv_xname); 657 return (ENXIO); 658 } 659 660 return (0); 661 } 662 663 int 664 acx_read_config(struct acx_softc *sc, struct acx_config *conf) 665 { 666 struct acx_conf_regdom reg_dom; 667 struct acx_conf_antenna ant; 668 struct acx_conf_fwrev fw_rev; 669 uint32_t fw_rev_no; 670 uint8_t sen; 671 int error; 672 673 /* Get region domain */ 674 if (acx_get_conf(sc, ACX_CONF_REGDOM, ®_dom, sizeof(reg_dom)) != 0) { 675 printf("%s: can't get region domain\n", sc->sc_dev.dv_xname); 676 return (ENXIO); 677 } 678 conf->regdom = reg_dom.regdom; 679 DPRINTF(("%s: regdom %02x\n", sc->sc_dev.dv_xname, reg_dom.regdom)); 680 681 /* Get antenna */ 682 if (acx_get_conf(sc, ACX_CONF_ANTENNA, &ant, sizeof(ant)) != 0) { 683 printf("%s: can't get antenna\n", sc->sc_dev.dv_xname); 684 return (ENXIO); 685 } 686 conf->antenna = ant.antenna; 687 DPRINTF(("%s: antenna %02x\n", sc->sc_dev.dv_xname, ant.antenna)); 688 689 /* Get sensitivity XXX not used */ 690 if (sc->sc_radio_type == ACX_RADIO_TYPE_MAXIM || 691 sc->sc_radio_type == ACX_RADIO_TYPE_RFMD || 692 sc->sc_radio_type == ACX_RADIO_TYPE_RALINK) { 693 error = acx_read_phyreg(sc, ACXRV_PHYREG_SENSITIVITY, &sen); 694 if (error) { 695 printf("%s: can't get sensitivity\n", 696 sc->sc_dev.dv_xname); 697 return (error); 698 } 699 } else 700 sen = 0; 701 DPRINTF(("%s: sensitivity %02x\n", sc->sc_dev.dv_xname, sen)); 702 703 /* Get firmware revision */ 704 if (acx_get_conf(sc, ACX_CONF_FWREV, &fw_rev, sizeof(fw_rev)) != 0) { 705 printf("%s: can't get firmware revision\n", 706 sc->sc_dev.dv_xname); 707 return (ENXIO); 708 } 709 710 if (strncmp(fw_rev.fw_rev, "Rev ", 4) != 0) { 711 printf("%s: strange revision string -- %s\n", 712 sc->sc_dev.dv_xname, fw_rev.fw_rev); 713 fw_rev_no = 0x01090407; 714 } else { 715 /* 716 * 01234 717 * "Rev xx.xx.xx.xx" 718 * ^ Start from here 719 */ 720 fw_rev_no = fw_rev.fw_rev[0] << 24; 721 fw_rev_no |= fw_rev.fw_rev[1] << 16; 722 fw_rev_no |= fw_rev.fw_rev[2] << 8; 723 fw_rev_no |= fw_rev.fw_rev[3]; 724 } 725 sc->sc_firmware_ver = fw_rev_no; 726 sc->sc_hardware_id = letoh32(fw_rev.hw_id); 727 DPRINTF(("%s: fw rev %08x, hw id %08x\n", 728 sc->sc_dev.dv_xname, sc->sc_firmware_ver, sc->sc_hardware_id)); 729 730 if (sc->chip_read_config != NULL) { 731 error = sc->chip_read_config(sc, conf); 732 if (error) 733 return (error); 734 } 735 736 return (0); 737 } 738 739 int 740 acx_write_config(struct acx_softc *sc, struct acx_config *conf) 741 { 742 struct acx_conf_nretry_short sretry; 743 struct acx_conf_nretry_long lretry; 744 struct acx_conf_msdu_lifetime msdu_lifetime; 745 struct acx_conf_rate_fallback rate_fb; 746 struct acx_conf_antenna ant; 747 struct acx_conf_regdom reg_dom; 748 struct ifnet *ifp = &sc->sc_ic.ic_if; 749 int error; 750 751 /* Set number of long/short retry */ 752 sretry.nretry = sc->sc_short_retry_limit; 753 if (acx_set_conf(sc, ACX_CONF_NRETRY_SHORT, &sretry, 754 sizeof(sretry)) != 0) { 755 printf("%s: can't set short retry limit\n", ifp->if_xname); 756 return (ENXIO); 757 } 758 759 lretry.nretry = sc->sc_long_retry_limit; 760 if (acx_set_conf(sc, ACX_CONF_NRETRY_LONG, &lretry, 761 sizeof(lretry)) != 0) { 762 printf("%s: can't set long retry limit\n", ifp->if_xname); 763 return (ENXIO); 764 } 765 766 /* Set MSDU lifetime */ 767 msdu_lifetime.lifetime = htole32(sc->sc_msdu_lifetime); 768 if (acx_set_conf(sc, ACX_CONF_MSDU_LIFETIME, &msdu_lifetime, 769 sizeof(msdu_lifetime)) != 0) { 770 printf("%s: can't set MSDU lifetime\n", ifp->if_xname); 771 return (ENXIO); 772 } 773 774 /* Enable rate fallback */ 775 rate_fb.ratefb_enable = 1; 776 if (acx_set_conf(sc, ACX_CONF_RATE_FALLBACK, &rate_fb, 777 sizeof(rate_fb)) != 0) { 778 printf("%s: can't enable rate fallback\n", ifp->if_xname); 779 return (ENXIO); 780 } 781 782 /* Set antenna */ 783 ant.antenna = conf->antenna; 784 if (acx_set_conf(sc, ACX_CONF_ANTENNA, &ant, sizeof(ant)) != 0) { 785 printf("%s: can't set antenna\n", ifp->if_xname); 786 return (ENXIO); 787 } 788 789 /* Set region domain */ 790 reg_dom.regdom = conf->regdom; 791 if (acx_set_conf(sc, ACX_CONF_REGDOM, ®_dom, sizeof(reg_dom)) != 0) { 792 printf("%s: can't set region domain\n", ifp->if_xname); 793 return (ENXIO); 794 } 795 796 if (sc->chip_write_config != NULL) { 797 error = sc->chip_write_config(sc, conf); 798 if (error) 799 return (error); 800 } 801 802 return (0); 803 } 804 805 int 806 acx_rx_config(struct acx_softc *sc) 807 { 808 struct ieee80211com *ic = &sc->sc_ic; 809 struct acx_conf_rxopt rx_opt; 810 811 /* tell the RX receiver what frames we want to have */ 812 rx_opt.opt1 = htole16(RXOPT1_INCL_RXBUF_HDR); 813 rx_opt.opt2 = htole16( 814 RXOPT2_RECV_ASSOC_REQ | 815 RXOPT2_RECV_AUTH | 816 RXOPT2_RECV_BEACON | 817 RXOPT2_RECV_CF | 818 RXOPT2_RECV_CTRL | 819 RXOPT2_RECV_DATA | 820 RXOPT2_RECV_MGMT | 821 RXOPT2_RECV_PROBE_REQ | 822 RXOPT2_RECV_PROBE_RESP | 823 RXOPT2_RECV_OTHER); 824 825 /* in monitor mode go promiscuous */ 826 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 827 rx_opt.opt1 |= RXOPT1_PROMISC; 828 rx_opt.opt2 |= RXOPT2_RECV_BROKEN | RXOPT2_RECV_ACK; 829 } else 830 rx_opt.opt1 |= RXOPT1_FILT_FDEST; 831 832 /* finally set the RX options */ 833 if (acx_set_conf(sc, ACX_CONF_RXOPT, &rx_opt, sizeof(rx_opt)) != 0) { 834 printf("%s: can not set RX options!\n", sc->sc_dev.dv_xname); 835 return (ENXIO); 836 } 837 838 return (0); 839 } 840 841 int 842 acx_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 843 { 844 struct acx_softc *sc = ifp->if_softc; 845 struct ieee80211com *ic = &sc->sc_ic; 846 struct ifaddr *ifa; 847 struct ifreq *ifr; 848 int s, error = 0; 849 uint8_t chan; 850 851 s = splnet(); 852 853 switch (cmd) { 854 case SIOCSIFADDR: 855 ifa = (struct ifaddr *)data; 856 ifp->if_flags |= IFF_UP; 857 #ifdef INET 858 if (ifa->ifa_addr->sa_family == AF_INET) 859 arp_ifinit(&ic->ic_ac, ifa); 860 #endif 861 /* FALLTHROUGH */ 862 case SIOCSIFFLAGS: 863 if (ifp->if_flags & IFF_UP) { 864 if ((ifp->if_flags & IFF_RUNNING) == 0) 865 error = acx_init(ifp); 866 } else { 867 if (ifp->if_flags & IFF_RUNNING) 868 error = acx_stop(sc); 869 } 870 break; 871 case SIOCADDMULTI: 872 case SIOCDELMULTI: 873 ifr = (struct ifreq *)data; 874 error = (cmd == SIOCADDMULTI) ? 875 ether_addmulti(ifr, &ic->ic_ac) : 876 ether_delmulti(ifr, &ic->ic_ac); 877 878 if (error == ENETRESET) 879 error = 0; 880 break; 881 case SIOCS80211CHANNEL: 882 /* allow fast channel switching in monitor mode */ 883 error = ieee80211_ioctl(ifp, cmd, data); 884 if (error == ENETRESET && 885 ic->ic_opmode == IEEE80211_M_MONITOR) { 886 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 887 (IFF_UP | IFF_RUNNING)) { 888 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 889 chan = ieee80211_chan2ieee(ic, 890 ic->ic_bss->ni_chan); 891 (void)acx_set_channel(sc, chan); 892 } 893 error = 0; 894 } 895 break; 896 default: 897 error = ieee80211_ioctl(ifp, cmd, data); 898 break; 899 } 900 901 if (error == ENETRESET) { 902 if ((ifp->if_flags & (IFF_RUNNING | IFF_UP)) == 903 (IFF_RUNNING | IFF_UP)) 904 error = acx_init(ifp); 905 else 906 error = 0; 907 } 908 909 splx(s); 910 911 return (error); 912 } 913 914 void 915 acx_start(struct ifnet *ifp) 916 { 917 struct acx_softc *sc = ifp->if_softc; 918 struct ieee80211com *ic = &sc->sc_ic; 919 struct acx_buf_data *bd = &sc->sc_buf_data; 920 struct acx_txbuf *buf; 921 int trans, idx; 922 923 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0 || 924 (ifp->if_flags & IFF_RUNNING) == 0 || 925 (ifp->if_flags & IFF_OACTIVE)) 926 return; 927 928 /* 929 * NOTE: 930 * We can't start from a random position that TX descriptor 931 * is free, since hardware will be confused by that. 932 * We have to follow the order of the TX ring. 933 */ 934 idx = bd->tx_free_start; 935 trans = 0; 936 for (buf = &bd->tx_buf[idx]; buf->tb_mbuf == NULL; 937 buf = &bd->tx_buf[idx]) { 938 struct ieee80211_frame *wh; 939 struct ieee80211_node *ni = NULL; 940 struct mbuf *m; 941 int rate; 942 943 IF_DEQUEUE(&ic->ic_mgtq, m); 944 if (m != NULL) { 945 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 946 m->m_pkthdr.rcvif = NULL; 947 948 /* 949 * probe response mgmt frames are handled by the 950 * firmware already. So, don't send them twice. 951 */ 952 wh = mtod(m, struct ieee80211_frame *); 953 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 954 IEEE80211_FC0_SUBTYPE_PROBE_RESP) { 955 if (ni != NULL) 956 ieee80211_release_node(ic, ni); 957 m_freem(m); 958 continue; 959 } 960 961 /* 962 * mgmt frames are sent at the lowest available 963 * bit-rate. 964 */ 965 rate = ni->ni_rates.rs_rates[0]; 966 rate &= IEEE80211_RATE_VAL; 967 } else if (!IFQ_IS_EMPTY(&ifp->if_snd)) { 968 struct ether_header *eh; 969 970 IFQ_DEQUEUE(&ifp->if_snd, m); 971 if (m == NULL) 972 break; 973 974 if (ic->ic_state != IEEE80211_S_RUN) { 975 DPRINTF(("%s: data packet dropped due to " 976 "not RUN. Current state %d\n", 977 ifp->if_xname, ic->ic_state)); 978 m_freem(m); 979 break; 980 } 981 982 if (m->m_len < sizeof(struct ether_header)) { 983 m = m_pullup(m, sizeof(struct ether_header)); 984 if (m == NULL) { 985 ifp->if_oerrors++; 986 continue; 987 } 988 } 989 eh = mtod(m, struct ether_header *); 990 991 /* TODO power save */ 992 993 #if NBPFILTER > 0 994 if (ifp->if_bpf != NULL) 995 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 996 #endif 997 998 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) { 999 ifp->if_oerrors++; 1000 continue; 1001 } 1002 1003 #if NBPFILTER > 0 1004 if (ic->ic_rawbpf != NULL) 1005 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 1006 #endif 1007 1008 if (ic->ic_fixed_rate != -1) { 1009 rate = ic->ic_sup_rates[ic->ic_curmode]. 1010 rs_rates[ic->ic_fixed_rate]; 1011 } else 1012 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1013 rate &= IEEE80211_RATE_VAL; 1014 } else 1015 break; 1016 1017 wh = mtod(m, struct ieee80211_frame *); 1018 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && !sc->chip_hw_crypt) { 1019 struct ieee80211_key *k; 1020 1021 k = ieee80211_get_txkey(ic, wh, ni); 1022 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) { 1023 ieee80211_release_node(ic, ni); 1024 ifp->if_oerrors++; 1025 continue; 1026 } 1027 } 1028 1029 #if NBPFILTER > 0 1030 if (sc->sc_drvbpf != NULL) { 1031 struct mbuf mb; 1032 struct acx_tx_radiotap_hdr *tap = &sc->sc_txtap; 1033 1034 tap->wt_flags = 0; 1035 tap->wt_rate = rate; 1036 tap->wt_chan_freq = 1037 htole16(ic->ic_bss->ni_chan->ic_freq); 1038 tap->wt_chan_flags = 1039 htole16(ic->ic_bss->ni_chan->ic_flags); 1040 1041 mb.m_data = (caddr_t)tap; 1042 mb.m_len = sc->sc_txtap_len; 1043 mb.m_next = m; 1044 mb.m_nextpkt = NULL; 1045 mb.m_type = 0; 1046 mb.m_flags = 0; 1047 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1048 } 1049 #endif 1050 1051 if (acx_encap(sc, buf, m, ni, rate) != 0) { 1052 /* 1053 * NOTE: `m' will be freed in acx_encap() 1054 * if we reach here. 1055 */ 1056 if (ni != NULL) 1057 ieee80211_release_node(ic, ni); 1058 ifp->if_oerrors++; 1059 continue; 1060 } 1061 1062 /* 1063 * NOTE: 1064 * 1) `m' should not be touched after acx_encap() 1065 * 2) `node' will be used to do TX rate control during 1066 * acx_txeof(), so it is not freed here. acx_txeof() 1067 * will free it for us 1068 */ 1069 trans = 1; 1070 bd->tx_used_count++; 1071 idx = (idx + 1) % ACX_TX_DESC_CNT; 1072 } 1073 bd->tx_free_start = idx; 1074 1075 if (bd->tx_used_count == ACX_TX_DESC_CNT) 1076 ifp->if_flags |= IFF_OACTIVE; 1077 1078 if (trans && sc->sc_txtimer == 0) 1079 sc->sc_txtimer = 5; 1080 ifp->if_timer = 1; 1081 } 1082 1083 void 1084 acx_watchdog(struct ifnet *ifp) 1085 { 1086 struct acx_softc *sc = ifp->if_softc; 1087 1088 ifp->if_timer = 0; 1089 1090 if ((ifp->if_flags & IFF_RUNNING) == 0) 1091 return; 1092 1093 if (sc->sc_txtimer) { 1094 if (--sc->sc_txtimer == 0) { 1095 printf("%s: watchdog timeout\n", ifp->if_xname); 1096 acx_init(ifp); 1097 ifp->if_oerrors++; 1098 return; 1099 } else 1100 ifp->if_timer = 1; 1101 } 1102 1103 ieee80211_watchdog(ifp); 1104 } 1105 1106 int 1107 acx_intr(void *arg) 1108 { 1109 struct acx_softc *sc = arg; 1110 uint16_t intr_status; 1111 1112 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0) 1113 return (0); 1114 1115 intr_status = CSR_READ_2(sc, ACXREG_INTR_STATUS_CLR); 1116 if (intr_status == ACXRV_INTR_ALL) { 1117 /* not our interrupt */ 1118 return (0); 1119 } 1120 1121 intr_status &= sc->chip_intr_enable; 1122 if (intr_status == 0) { 1123 /* not interrupts we care about */ 1124 return (1); 1125 } 1126 1127 /* Acknowledge all interrupts */ 1128 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_ALL); 1129 1130 if (intr_status & ACXRV_INTR_TX_FINI) 1131 acx_txeof(sc); 1132 1133 if (intr_status & ACXRV_INTR_RX_FINI) 1134 acx_rxeof(sc); 1135 1136 return (1); 1137 } 1138 1139 void 1140 acx_disable_intr(struct acx_softc *sc) 1141 { 1142 CSR_WRITE_2(sc, ACXREG_INTR_MASK, sc->chip_intr_disable); 1143 CSR_WRITE_2(sc, ACXREG_EVENT_MASK, 0); 1144 } 1145 1146 void 1147 acx_enable_intr(struct acx_softc *sc) 1148 { 1149 /* Mask out interrupts that are not in the enable set */ 1150 CSR_WRITE_2(sc, ACXREG_INTR_MASK, ~sc->chip_intr_enable); 1151 CSR_WRITE_2(sc, ACXREG_EVENT_MASK, ACXRV_EVENT_DISABLE); 1152 } 1153 1154 void 1155 acx_txeof(struct acx_softc *sc) 1156 { 1157 struct acx_buf_data *bd; 1158 struct acx_txbuf *buf; 1159 struct ifnet *ifp; 1160 int idx; 1161 1162 ifp = &sc->sc_ic.ic_if; 1163 1164 bd = &sc->sc_buf_data; 1165 idx = bd->tx_used_start; 1166 for (buf = &bd->tx_buf[idx]; buf->tb_mbuf != NULL; 1167 buf = &bd->tx_buf[idx]) { 1168 uint8_t ctrl, error; 1169 1170 ctrl = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_ctrl); 1171 if ((ctrl & (DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE)) != 1172 (DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE)) 1173 break; 1174 1175 bus_dmamap_unload(sc->sc_dmat, buf->tb_mbuf_dmamap); 1176 m_freem(buf->tb_mbuf); 1177 buf->tb_mbuf = NULL; 1178 1179 error = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_error); 1180 if (error) { 1181 acx_txerr(sc, error); 1182 ifp->if_oerrors++; 1183 } else 1184 ifp->if_opackets++; 1185 1186 /* Update rate control statistics for the node */ 1187 if (buf->tb_node != NULL) { 1188 struct ieee80211com *ic; 1189 struct ieee80211_node *ni; 1190 struct acx_node *wn; 1191 int ntries; 1192 1193 ic = &sc->sc_ic; 1194 ni = (struct ieee80211_node *)buf->tb_node; 1195 wn = (struct acx_node *)ni; 1196 ntries = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_rts_fail) + 1197 FW_TXDESC_GETFIELD_1(sc, buf, f_tx_ack_fail); 1198 1199 wn->amn.amn_txcnt++; 1200 if (ntries > 0) { 1201 DPRINTFN(2, ("%s: tx intr ntries %d\n", 1202 sc->sc_dev.dv_xname, ntries)); 1203 wn->amn.amn_retrycnt++; 1204 } 1205 1206 ieee80211_release_node(ic, ni); 1207 buf->tb_node = NULL; 1208 } 1209 1210 FW_TXDESC_SETFIELD_1(sc, buf, f_tx_ctrl, DESC_CTRL_HOSTOWN); 1211 1212 bd->tx_used_count--; 1213 1214 idx = (idx + 1) % ACX_TX_DESC_CNT; 1215 } 1216 bd->tx_used_start = idx; 1217 1218 sc->sc_txtimer = bd->tx_used_count == 0 ? 0 : 5; 1219 1220 if (bd->tx_used_count != ACX_TX_DESC_CNT) { 1221 ifp->if_flags &= ~IFF_OACTIVE; 1222 acx_start(ifp); 1223 } 1224 } 1225 1226 void 1227 acx_txerr(struct acx_softc *sc, uint8_t err) 1228 { 1229 struct ifnet *ifp = &sc->sc_ic.ic_if; 1230 struct acx_stats *stats = &sc->sc_stats; 1231 1232 if (err == DESC_ERR_EXCESSIVE_RETRY) { 1233 /* 1234 * This a common error (see comment below), 1235 * so print it using DPRINTF(). 1236 */ 1237 DPRINTF(("%s: TX failed -- excessive retry\n", 1238 sc->sc_dev.dv_xname)); 1239 } else 1240 printf("%s: TX failed -- ", ifp->if_xname); 1241 1242 /* 1243 * Although `err' looks like bitmask, it never 1244 * has multiple bits set. 1245 */ 1246 switch (err) { 1247 #if 0 1248 case DESC_ERR_OTHER_FRAG: 1249 /* XXX what's this */ 1250 printf("error in other fragment\n"); 1251 stats->err_oth_frag++; 1252 break; 1253 #endif 1254 case DESC_ERR_ABORT: 1255 printf("aborted\n"); 1256 stats->err_abort++; 1257 break; 1258 case DESC_ERR_PARAM: 1259 printf("wrong parameters in descriptor\n"); 1260 stats->err_param++; 1261 break; 1262 case DESC_ERR_NO_WEPKEY: 1263 printf("WEP key missing\n"); 1264 stats->err_no_wepkey++; 1265 break; 1266 case DESC_ERR_MSDU_TIMEOUT: 1267 printf("MSDU life timeout\n"); 1268 stats->err_msdu_timeout++; 1269 break; 1270 case DESC_ERR_EXCESSIVE_RETRY: 1271 /* 1272 * Possible causes: 1273 * 1) Distance is too long 1274 * 2) Transmit failed (e.g. no MAC level ACK) 1275 * 3) Chip overheated (this should be rare) 1276 */ 1277 stats->err_ex_retry++; 1278 break; 1279 case DESC_ERR_BUF_OVERFLOW: 1280 printf("buffer overflow\n"); 1281 stats->err_buf_oflow++; 1282 break; 1283 case DESC_ERR_DMA: 1284 printf("DMA error\n"); 1285 stats->err_dma++; 1286 break; 1287 default: 1288 printf("unknown error %d\n", err); 1289 stats->err_unkn++; 1290 break; 1291 } 1292 } 1293 1294 void 1295 acx_rxeof(struct acx_softc *sc) 1296 { 1297 struct ieee80211com *ic = &sc->sc_ic; 1298 struct acx_ring_data *rd = &sc->sc_ring_data; 1299 struct acx_buf_data *bd = &sc->sc_buf_data; 1300 struct ifnet *ifp = &ic->ic_if; 1301 int idx, ready; 1302 1303 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 1304 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 1305 1306 /* 1307 * Locate first "ready" rx buffer, 1308 * start from last stopped position. 1309 */ 1310 idx = bd->rx_scan_start; 1311 ready = 0; 1312 do { 1313 struct acx_rxbuf *buf; 1314 1315 buf = &bd->rx_buf[idx]; 1316 if ((buf->rb_desc->h_ctrl & htole16(DESC_CTRL_HOSTOWN)) && 1317 (buf->rb_desc->h_status & htole32(DESC_STATUS_FULL))) { 1318 ready = 1; 1319 break; 1320 } 1321 idx = (idx + 1) % ACX_RX_DESC_CNT; 1322 } while (idx != bd->rx_scan_start); 1323 1324 if (!ready) 1325 return; 1326 1327 /* 1328 * NOTE: don't mess up `idx' here, it will 1329 * be used in the following code. 1330 */ 1331 do { 1332 struct acx_rxbuf_hdr *head; 1333 struct acx_rxbuf *buf; 1334 struct mbuf *m; 1335 struct ieee80211_rxinfo rxi; 1336 uint32_t desc_status; 1337 uint16_t desc_ctrl; 1338 int len, error; 1339 1340 buf = &bd->rx_buf[idx]; 1341 1342 desc_ctrl = letoh16(buf->rb_desc->h_ctrl); 1343 desc_status = letoh32(buf->rb_desc->h_status); 1344 if (!(desc_ctrl & DESC_CTRL_HOSTOWN) || 1345 !(desc_status & DESC_STATUS_FULL)) 1346 break; 1347 1348 bus_dmamap_sync(sc->sc_dmat, buf->rb_mbuf_dmamap, 0, 1349 buf->rb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 1350 1351 m = buf->rb_mbuf; 1352 1353 error = acx_newbuf(sc, buf, 0); 1354 if (error) { 1355 ifp->if_ierrors++; 1356 goto next; 1357 } 1358 1359 head = mtod(m, struct acx_rxbuf_hdr *); 1360 1361 len = letoh16(head->rbh_len) & ACX_RXBUF_LEN_MASK; 1362 if (len >= sizeof(struct ieee80211_frame_min) && 1363 len < MCLBYTES) { 1364 struct ieee80211_frame *wh; 1365 struct ieee80211_node *ni; 1366 1367 m_adj(m, sizeof(struct acx_rxbuf_hdr) + 1368 sc->chip_rxbuf_exhdr); 1369 wh = mtod(m, struct ieee80211_frame *); 1370 1371 rxi.rxi_flags = 0; 1372 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1373 sc->chip_hw_crypt) { 1374 /* Short circuit software WEP */ 1375 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1376 1377 /* Do chip specific RX buffer processing */ 1378 if (sc->chip_proc_wep_rxbuf != NULL) { 1379 sc->chip_proc_wep_rxbuf(sc, m, &len); 1380 wh = mtod(m, struct ieee80211_frame *); 1381 } 1382 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1383 } 1384 1385 m->m_len = m->m_pkthdr.len = len; 1386 m->m_pkthdr.rcvif = &ic->ic_if; 1387 1388 #if NBPFILTER > 0 1389 if (sc->sc_drvbpf != NULL) { 1390 struct mbuf mb; 1391 struct acx_rx_radiotap_hdr *tap = &sc->sc_rxtap; 1392 1393 tap->wr_flags = 0; 1394 tap->wr_chan_freq = 1395 htole16(ic->ic_bss->ni_chan->ic_freq); 1396 tap->wr_chan_flags = 1397 htole16(ic->ic_bss->ni_chan->ic_flags); 1398 tap->wr_rssi = head->rbh_level; 1399 tap->wr_max_rssi = ic->ic_max_rssi; 1400 1401 mb.m_data = (caddr_t)tap; 1402 mb.m_len = sc->sc_rxtap_len; 1403 mb.m_next = m; 1404 mb.m_nextpkt = NULL; 1405 mb.m_type = 0; 1406 mb.m_flags = 0; 1407 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1408 } 1409 #endif 1410 1411 ni = ieee80211_find_rxnode(ic, wh); 1412 1413 rxi.rxi_rssi = head->rbh_level; 1414 rxi.rxi_tstamp = letoh32(head->rbh_time); 1415 ieee80211_input(ifp, m, ni, &rxi); 1416 1417 ieee80211_release_node(ic, ni); 1418 } else { 1419 m_freem(m); 1420 ifp->if_ierrors++; 1421 } 1422 1423 next: 1424 buf->rb_desc->h_ctrl = htole16(desc_ctrl & ~DESC_CTRL_HOSTOWN); 1425 buf->rb_desc->h_status = 0; 1426 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 1427 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 1428 1429 idx = (idx + 1) % ACX_RX_DESC_CNT; 1430 } while (idx != bd->rx_scan_start); 1431 1432 /* 1433 * Record the position so that next 1434 * time we can start from it. 1435 */ 1436 bd->rx_scan_start = idx; 1437 } 1438 1439 int 1440 acx_reset(struct acx_softc *sc) 1441 { 1442 uint16_t reg; 1443 1444 /* Halt ECPU */ 1445 CSR_SETB_2(sc, ACXREG_ECPU_CTRL, ACXRV_ECPU_HALT); 1446 1447 /* Software reset */ 1448 reg = CSR_READ_2(sc, ACXREG_SOFT_RESET); 1449 CSR_WRITE_2(sc, ACXREG_SOFT_RESET, reg | ACXRV_SOFT_RESET); 1450 DELAY(100); 1451 CSR_WRITE_2(sc, ACXREG_SOFT_RESET, reg); 1452 1453 /* Initialize EEPROM */ 1454 CSR_SETB_2(sc, ACXREG_EEPROM_INIT, ACXRV_EEPROM_INIT); 1455 DELAY(50000); 1456 1457 /* Test whether ECPU is stopped */ 1458 reg = CSR_READ_2(sc, ACXREG_ECPU_CTRL); 1459 if (!(reg & ACXRV_ECPU_HALT)) { 1460 printf("%s: can't halt ECPU\n", sc->sc_dev.dv_xname); 1461 return (ENXIO); 1462 } 1463 1464 return (0); 1465 } 1466 1467 int 1468 acx_read_eeprom(struct acx_softc *sc, uint32_t offset, uint8_t *val) 1469 { 1470 int i; 1471 1472 CSR_WRITE_4(sc, ACXREG_EEPROM_CONF, 0); 1473 CSR_WRITE_4(sc, ACXREG_EEPROM_ADDR, offset); 1474 CSR_WRITE_4(sc, ACXREG_EEPROM_CTRL, ACXRV_EEPROM_READ); 1475 1476 #define EE_READ_RETRY_MAX 100 1477 for (i = 0; i < EE_READ_RETRY_MAX; ++i) { 1478 if (CSR_READ_2(sc, ACXREG_EEPROM_CTRL) == 0) 1479 break; 1480 DELAY(10000); 1481 } 1482 if (i == EE_READ_RETRY_MAX) { 1483 printf("%s: can't read EEPROM offset %x (timeout)\n", 1484 sc->sc_dev.dv_xname, offset); 1485 return (ETIMEDOUT); 1486 } 1487 #undef EE_READ_RETRY_MAX 1488 1489 *val = CSR_READ_1(sc, ACXREG_EEPROM_DATA); 1490 1491 return (0); 1492 } 1493 1494 int 1495 acx_read_phyreg(struct acx_softc *sc, uint32_t reg, uint8_t *val) 1496 { 1497 struct ifnet *ifp = &sc->sc_ic.ic_if; 1498 int i; 1499 1500 CSR_WRITE_4(sc, ACXREG_PHY_ADDR, reg); 1501 CSR_WRITE_4(sc, ACXREG_PHY_CTRL, ACXRV_PHY_READ); 1502 1503 #define PHY_READ_RETRY_MAX 100 1504 for (i = 0; i < PHY_READ_RETRY_MAX; ++i) { 1505 if (CSR_READ_4(sc, ACXREG_PHY_CTRL) == 0) 1506 break; 1507 DELAY(10000); 1508 } 1509 if (i == PHY_READ_RETRY_MAX) { 1510 printf("%s: can't read phy reg %x (timeout)\n", 1511 ifp->if_xname, reg); 1512 return (ETIMEDOUT); 1513 } 1514 #undef PHY_READ_RETRY_MAX 1515 1516 *val = CSR_READ_1(sc, ACXREG_PHY_DATA); 1517 1518 return (0); 1519 } 1520 1521 void 1522 acx_write_phyreg(struct acx_softc *sc, uint32_t reg, uint8_t val) 1523 { 1524 CSR_WRITE_4(sc, ACXREG_PHY_DATA, val); 1525 CSR_WRITE_4(sc, ACXREG_PHY_ADDR, reg); 1526 CSR_WRITE_4(sc, ACXREG_PHY_CTRL, ACXRV_PHY_WRITE); 1527 } 1528 1529 int 1530 acx_load_base_firmware(struct acx_softc *sc, const char *name) 1531 { 1532 struct ifnet *ifp = &sc->sc_ic.ic_if; 1533 int i, error; 1534 uint8_t *ucode; 1535 size_t size; 1536 1537 error = loadfirmware(name, &ucode, &size); 1538 1539 if (error != 0) { 1540 printf("%s: error %d, could not read firmware %s\n", 1541 ifp->if_xname, error, name); 1542 return (EIO); 1543 } 1544 1545 /* Load base firmware */ 1546 error = acx_load_firmware(sc, 0, ucode, size); 1547 1548 free(ucode, M_DEVBUF); 1549 1550 if (error) { 1551 printf("%s: can't load base firmware\n", ifp->if_xname); 1552 return error; 1553 } 1554 DPRINTF(("%s: base firmware loaded\n", sc->sc_dev.dv_xname)); 1555 1556 /* Start ECPU */ 1557 CSR_WRITE_2(sc, ACXREG_ECPU_CTRL, ACXRV_ECPU_START); 1558 1559 /* Wait for ECPU to be up */ 1560 for (i = 0; i < 500; ++i) { 1561 uint16_t reg; 1562 1563 reg = CSR_READ_2(sc, ACXREG_INTR_STATUS); 1564 if (reg & ACXRV_INTR_FCS_THRESH) { 1565 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_FCS_THRESH); 1566 return (0); 1567 } 1568 DELAY(10000); 1569 } 1570 1571 printf("%s: can't initialize ECPU (timeout)\n", ifp->if_xname); 1572 1573 return (ENXIO); 1574 } 1575 1576 int 1577 acx_load_radio_firmware(struct acx_softc *sc, const char *name) 1578 { 1579 struct ifnet *ifp = &sc->sc_ic.ic_if; 1580 struct acx_conf_mmap mem_map; 1581 uint32_t radio_fw_ofs; 1582 int error; 1583 uint8_t *ucode; 1584 size_t size; 1585 1586 error = loadfirmware(name, &ucode, &size); 1587 1588 if (error != 0) { 1589 printf("%s: error %d, could not read firmware %s\n", 1590 ifp->if_xname, error, name); 1591 return (EIO); 1592 } 1593 1594 /* 1595 * Get the position, where base firmware is loaded, so that 1596 * radio firmware can be loaded after it. 1597 */ 1598 if (acx_get_conf(sc, ACX_CONF_MMAP, &mem_map, sizeof(mem_map)) != 0) { 1599 free(ucode, M_DEVBUF); 1600 return (ENXIO); 1601 } 1602 radio_fw_ofs = letoh32(mem_map.code_end); 1603 1604 /* Put ECPU into sleeping state, before loading radio firmware */ 1605 if (acx_exec_command(sc, ACXCMD_SLEEP, NULL, 0, NULL, 0) != 0) { 1606 free(ucode, M_DEVBUF); 1607 return (ENXIO); 1608 } 1609 1610 /* Load radio firmware */ 1611 error = acx_load_firmware(sc, radio_fw_ofs, ucode, size); 1612 1613 free(ucode, M_DEVBUF); 1614 1615 if (error) { 1616 printf("%s: can't load radio firmware\n", ifp->if_xname); 1617 return (ENXIO); 1618 } 1619 DPRINTF(("%s: radio firmware loaded\n", sc->sc_dev.dv_xname)); 1620 1621 /* Wake up sleeping ECPU, after radio firmware is loaded */ 1622 if (acx_exec_command(sc, ACXCMD_WAKEUP, NULL, 0, NULL, 0) != 0) 1623 return (ENXIO); 1624 1625 /* Initialize radio */ 1626 if (acx_init_radio(sc, radio_fw_ofs, size) != 0) 1627 return (ENXIO); 1628 1629 /* Verify radio firmware's loading position */ 1630 if (acx_get_conf(sc, ACX_CONF_MMAP, &mem_map, sizeof(mem_map)) != 0) 1631 return (ENXIO); 1632 1633 if (letoh32(mem_map.code_end) != radio_fw_ofs + size) { 1634 printf("%s: loaded radio firmware position mismatch\n", 1635 ifp->if_xname); 1636 return (ENXIO); 1637 } 1638 1639 DPRINTF(("%s: radio firmware initialized\n", sc->sc_dev.dv_xname)); 1640 1641 return (0); 1642 } 1643 1644 int 1645 acx_load_firmware(struct acx_softc *sc, uint32_t offset, const uint8_t *data, 1646 int data_len) 1647 { 1648 struct ifnet *ifp = &sc->sc_ic.ic_if; 1649 const uint32_t *fw; 1650 u_int32_t csum = 0; 1651 int i, fw_len; 1652 1653 for (i = 4; i < data_len; i++) 1654 csum += data[i]; 1655 1656 fw = (const uint32_t *)data; 1657 1658 if (*fw != htole32(csum)) { 1659 printf("%s: firmware checksum 0x%x does not match 0x%x!\n", 1660 ifp->if_xname, *fw, htole32(csum)); 1661 return (ENXIO); 1662 } 1663 1664 /* skip csum + length */ 1665 data += 8; 1666 data_len -= 8; 1667 1668 fw = (const uint32_t *)data; 1669 fw_len = data_len / sizeof(uint32_t); 1670 1671 /* 1672 * LOADFW_AUTO_INC only works with some older firmware: 1673 * 1) acx100's firmware 1674 * 2) acx111's firmware whose rev is 0x00010011 1675 */ 1676 1677 /* Load firmware */ 1678 CSR_WRITE_4(sc, ACXREG_FWMEM_START, ACXRV_FWMEM_START_OP); 1679 #ifndef LOADFW_AUTO_INC 1680 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, 0); 1681 #else 1682 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, ACXRV_FWMEM_ADDR_AUTOINC); 1683 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset); 1684 #endif 1685 1686 for (i = 0; i < fw_len; ++i) { 1687 #ifndef LOADFW_AUTO_INC 1688 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset + (i * 4)); 1689 #endif 1690 CSR_WRITE_4(sc, ACXREG_FWMEM_DATA, betoh32(fw[i])); 1691 } 1692 1693 /* Verify firmware */ 1694 CSR_WRITE_4(sc, ACXREG_FWMEM_START, ACXRV_FWMEM_START_OP); 1695 #ifndef LOADFW_AUTO_INC 1696 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, 0); 1697 #else 1698 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, ACXRV_FWMEM_ADDR_AUTOINC); 1699 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset); 1700 #endif 1701 1702 for (i = 0; i < fw_len; ++i) { 1703 uint32_t val; 1704 1705 #ifndef LOADFW_AUTO_INC 1706 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset + (i * 4)); 1707 #endif 1708 val = CSR_READ_4(sc, ACXREG_FWMEM_DATA); 1709 if (betoh32(fw[i]) != val) { 1710 printf("%s: firmware mismatch fw %08x loaded %08x\n", 1711 ifp->if_xname, fw[i], val); 1712 return (ENXIO); 1713 } 1714 } 1715 1716 return (0); 1717 } 1718 1719 struct ieee80211_node * 1720 acx_node_alloc(struct ieee80211com *ic) 1721 { 1722 struct acx_node *wn; 1723 1724 wn = malloc(sizeof(*wn), M_DEVBUF, M_NOWAIT | M_ZERO); 1725 if (wn == NULL) 1726 return (NULL); 1727 1728 return ((struct ieee80211_node *)wn); 1729 } 1730 1731 int 1732 acx_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1733 { 1734 struct acx_softc *sc = ic->ic_if.if_softc; 1735 struct ifnet *ifp = &ic->ic_if; 1736 int error = 0; 1737 1738 timeout_del(&sc->amrr_ch); 1739 1740 switch (nstate) { 1741 case IEEE80211_S_INIT: 1742 break; 1743 case IEEE80211_S_SCAN: { 1744 uint8_t chan; 1745 1746 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 1747 if (acx_set_channel(sc, chan) != 0) { 1748 error = 1; 1749 goto back; 1750 } 1751 1752 timeout_add(&sc->sc_chanscan_timer, 1753 hz / acx_chanscan_rate); 1754 } 1755 break; 1756 case IEEE80211_S_AUTH: 1757 if (ic->ic_opmode == IEEE80211_M_STA) { 1758 struct ieee80211_node *ni; 1759 #ifdef ACX_DEBUG 1760 int i; 1761 #endif 1762 1763 ni = ic->ic_bss; 1764 1765 if (acx_join_bss(sc, ACX_MODE_STA, ni) != 0) { 1766 printf("%s: join BSS failed\n", ifp->if_xname); 1767 error = 1; 1768 goto back; 1769 } 1770 1771 DPRINTF(("%s: join BSS\n", sc->sc_dev.dv_xname)); 1772 if (ic->ic_state == IEEE80211_S_ASSOC) { 1773 DPRINTF(("%s: change from assoc to run\n", 1774 sc->sc_dev.dv_xname)); 1775 ic->ic_state = IEEE80211_S_RUN; 1776 } 1777 1778 #ifdef ACX_DEBUG 1779 printf("%s: AP rates: ", sc->sc_dev.dv_xname); 1780 for (i = 0; i < ni->ni_rates.rs_nrates; ++i) 1781 printf("%d ", ni->ni_rates.rs_rates[i]); 1782 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 1783 printf(" %s\n", ether_sprintf(ni->ni_bssid)); 1784 #endif 1785 } 1786 break; 1787 case IEEE80211_S_RUN: 1788 #ifndef IEEE80211_STA_ONLY 1789 if (ic->ic_opmode == IEEE80211_M_IBSS || 1790 ic->ic_opmode == IEEE80211_M_HOSTAP) { 1791 struct ieee80211_node *ni; 1792 uint8_t chan; 1793 1794 ni = ic->ic_bss; 1795 chan = ieee80211_chan2ieee(ic, ni->ni_chan); 1796 1797 error = 1; 1798 1799 if (acx_set_channel(sc, chan) != 0) 1800 goto back; 1801 1802 if (acx_set_beacon_tmplt(sc, ni) != 0) { 1803 printf("%s: set beacon template failed\n", 1804 ifp->if_xname); 1805 goto back; 1806 } 1807 1808 if (acx_set_probe_resp_tmplt(sc, ni) != 0) { 1809 printf("%s: set probe response template " 1810 "failed\n", ifp->if_xname); 1811 goto back; 1812 } 1813 1814 if (ic->ic_opmode == IEEE80211_M_IBSS) { 1815 if (acx_join_bss(sc, ACX_MODE_ADHOC, ni) != 0) { 1816 printf("%s: join IBSS failed\n", 1817 ifp->if_xname); 1818 goto back; 1819 } 1820 } else { 1821 if (acx_join_bss(sc, ACX_MODE_AP, ni) != 0) { 1822 printf("%s: join HOSTAP failed\n", 1823 ifp->if_xname); 1824 goto back; 1825 } 1826 } 1827 1828 DPRINTF(("%s: join IBSS\n", sc->sc_dev.dv_xname)); 1829 error = 0; 1830 } 1831 #endif 1832 /* fake a join to init the tx rate */ 1833 if (ic->ic_opmode == IEEE80211_M_STA) 1834 acx_newassoc(ic, ic->ic_bss, 1); 1835 1836 /* start automatic rate control timer */ 1837 if (ic->ic_fixed_rate == -1) 1838 timeout_add(&sc->amrr_ch, hz / 2); 1839 break; 1840 default: 1841 break; 1842 } 1843 1844 back: 1845 if (error) { 1846 /* XXX */ 1847 nstate = IEEE80211_S_INIT; 1848 arg = -1; 1849 } 1850 1851 return (sc->sc_newstate(ic, nstate, arg)); 1852 } 1853 1854 int 1855 acx_init_tmplt_ordered(struct acx_softc *sc) 1856 { 1857 union { 1858 struct acx_tmplt_beacon beacon; 1859 struct acx_tmplt_null_data null; 1860 struct acx_tmplt_probe_req preq; 1861 struct acx_tmplt_probe_resp presp; 1862 struct acx_tmplt_tim tim; 1863 } data; 1864 1865 bzero(&data, sizeof(data)); 1866 /* 1867 * NOTE: 1868 * Order of templates initialization: 1869 * 1) Probe request 1870 * 2) NULL data 1871 * 3) Beacon 1872 * 4) TIM 1873 * 5) Probe response 1874 * Above order is critical to get a correct memory map. 1875 */ 1876 if (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_REQ, &data.preq, 1877 sizeof(data.preq)) != 0) 1878 return (1); 1879 1880 if (acx_set_tmplt(sc, ACXCMD_TMPLT_NULL_DATA, &data.null, 1881 sizeof(data.null)) != 0) 1882 return (1); 1883 1884 if (acx_set_tmplt(sc, ACXCMD_TMPLT_BEACON, &data.beacon, 1885 sizeof(data.beacon)) != 0) 1886 return (1); 1887 1888 if (acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &data.tim, 1889 sizeof(data.tim)) != 0) 1890 return (1); 1891 1892 if (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_RESP, &data.presp, 1893 sizeof(data.presp)) != 0) 1894 return (1); 1895 1896 return (0); 1897 } 1898 1899 int 1900 acx_dma_alloc(struct acx_softc *sc) 1901 { 1902 struct acx_ring_data *rd = &sc->sc_ring_data; 1903 struct acx_buf_data *bd = &sc->sc_buf_data; 1904 int i, error, nsegs; 1905 1906 /* Allocate DMA stuffs for RX descriptors */ 1907 error = bus_dmamap_create(sc->sc_dmat, ACX_RX_RING_SIZE, 1, 1908 ACX_RX_RING_SIZE, 0, BUS_DMA_NOWAIT, &rd->rx_ring_dmamap); 1909 1910 if (error) { 1911 printf("%s: can't create rx ring dma tag\n", 1912 sc->sc_dev.dv_xname); 1913 return (error); 1914 } 1915 1916 error = bus_dmamem_alloc(sc->sc_dmat, ACX_RX_RING_SIZE, PAGE_SIZE, 1917 0, &rd->rx_ring_seg, 1, &nsegs, BUS_DMA_NOWAIT); 1918 1919 if (error != 0) { 1920 printf("%s: can't allocate rx ring dma memory\n", 1921 sc->sc_dev.dv_xname); 1922 return (error); 1923 } 1924 1925 error = bus_dmamem_map(sc->sc_dmat, &rd->rx_ring_seg, nsegs, 1926 ACX_RX_RING_SIZE, (caddr_t *)&rd->rx_ring, 1927 BUS_DMA_NOWAIT); 1928 1929 if (error != 0) { 1930 printf("%s: can't map rx desc DMA memory\n", 1931 sc->sc_dev.dv_xname); 1932 return (error); 1933 } 1934 1935 error = bus_dmamap_load(sc->sc_dmat, rd->rx_ring_dmamap, 1936 rd->rx_ring, ACX_RX_RING_SIZE, NULL, BUS_DMA_WAITOK); 1937 1938 if (error) { 1939 printf("%s: can't get rx ring dma address\n", 1940 sc->sc_dev.dv_xname); 1941 bus_dmamem_free(sc->sc_dmat, &rd->rx_ring_seg, 1); 1942 return (error); 1943 } 1944 1945 rd->rx_ring_paddr = rd->rx_ring_dmamap->dm_segs[0].ds_addr; 1946 1947 /* Allocate DMA stuffs for TX descriptors */ 1948 error = bus_dmamap_create(sc->sc_dmat, ACX_TX_RING_SIZE, 1, 1949 ACX_TX_RING_SIZE, 0, BUS_DMA_NOWAIT, &rd->tx_ring_dmamap); 1950 1951 if (error) { 1952 printf("%s: can't create tx ring dma tag\n", 1953 sc->sc_dev.dv_xname); 1954 return (error); 1955 } 1956 1957 error = bus_dmamem_alloc(sc->sc_dmat, ACX_TX_RING_SIZE, PAGE_SIZE, 1958 0, &rd->tx_ring_seg, 1, &nsegs, BUS_DMA_NOWAIT); 1959 1960 if (error) { 1961 printf("%s: can't allocate tx ring dma memory\n", 1962 sc->sc_dev.dv_xname); 1963 return (error); 1964 } 1965 1966 error = bus_dmamem_map(sc->sc_dmat, &rd->tx_ring_seg, nsegs, 1967 ACX_TX_RING_SIZE, (caddr_t *)&rd->tx_ring, BUS_DMA_NOWAIT); 1968 1969 if (error != 0) { 1970 printf("%s: can't map tx desc DMA memory\n", 1971 sc->sc_dev.dv_xname); 1972 return (error); 1973 } 1974 1975 error = bus_dmamap_load(sc->sc_dmat, rd->tx_ring_dmamap, 1976 rd->tx_ring, ACX_TX_RING_SIZE, NULL, BUS_DMA_WAITOK); 1977 1978 if (error) { 1979 printf("%s: can't get tx ring dma address\n", 1980 sc->sc_dev.dv_xname); 1981 bus_dmamem_free(sc->sc_dmat, &rd->tx_ring_seg, 1); 1982 return (error); 1983 } 1984 1985 rd->tx_ring_paddr = rd->tx_ring_dmamap->dm_segs[0].ds_addr; 1986 1987 /* Create a spare RX DMA map */ 1988 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 1989 0, 0, &bd->mbuf_tmp_dmamap); 1990 1991 if (error) { 1992 printf("%s: can't create tmp mbuf dma map\n", 1993 sc->sc_dev.dv_xname); 1994 return (error); 1995 } 1996 1997 /* Create DMA map for RX mbufs */ 1998 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 1999 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 2000 MCLBYTES, 0, 0, &bd->rx_buf[i].rb_mbuf_dmamap); 2001 if (error) { 2002 printf("%s: can't create rx mbuf dma map (%d)\n", 2003 sc->sc_dev.dv_xname, i); 2004 return (error); 2005 } 2006 bd->rx_buf[i].rb_desc = &rd->rx_ring[i]; 2007 } 2008 2009 /* Create DMA map for TX mbufs */ 2010 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 2011 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 2012 MCLBYTES, 0, 0, &bd->tx_buf[i].tb_mbuf_dmamap); 2013 if (error) { 2014 printf("%s: can't create tx mbuf dma map (%d)\n", 2015 sc->sc_dev.dv_xname, i); 2016 return (error); 2017 } 2018 bd->tx_buf[i].tb_desc1 = &rd->tx_ring[i * 2]; 2019 bd->tx_buf[i].tb_desc2 = &rd->tx_ring[(i * 2) + 1]; 2020 } 2021 2022 return (0); 2023 } 2024 2025 void 2026 acx_dma_free(struct acx_softc *sc) 2027 { 2028 struct acx_ring_data *rd = &sc->sc_ring_data; 2029 struct acx_buf_data *bd = &sc->sc_buf_data; 2030 int i; 2031 2032 if (rd->rx_ring != NULL) { 2033 bus_dmamap_unload(sc->sc_dmat, rd->rx_ring_dmamap); 2034 bus_dmamem_free(sc->sc_dmat, &rd->rx_ring_seg, 1); 2035 } 2036 2037 if (rd->tx_ring != NULL) { 2038 bus_dmamap_unload(sc->sc_dmat, rd->tx_ring_dmamap); 2039 bus_dmamem_free(sc->sc_dmat, &rd->tx_ring_seg, 1); 2040 } 2041 2042 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 2043 if (bd->rx_buf[i].rb_desc != NULL) { 2044 if (bd->rx_buf[i].rb_mbuf != NULL) { 2045 bus_dmamap_unload(sc->sc_dmat, 2046 bd->rx_buf[i].rb_mbuf_dmamap); 2047 m_freem(bd->rx_buf[i].rb_mbuf); 2048 } 2049 bus_dmamap_destroy(sc->sc_dmat, 2050 bd->rx_buf[i].rb_mbuf_dmamap); 2051 } 2052 } 2053 2054 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 2055 if (bd->tx_buf[i].tb_desc1 != NULL) { 2056 if (bd->tx_buf[i].tb_mbuf != NULL) { 2057 bus_dmamap_unload(sc->sc_dmat, 2058 bd->tx_buf[i].tb_mbuf_dmamap); 2059 m_freem(bd->tx_buf[i].tb_mbuf); 2060 } 2061 bus_dmamap_destroy(sc->sc_dmat, 2062 bd->tx_buf[i].tb_mbuf_dmamap); 2063 } 2064 } 2065 2066 if (bd->mbuf_tmp_dmamap != NULL) 2067 bus_dmamap_destroy(sc->sc_dmat, bd->mbuf_tmp_dmamap); 2068 } 2069 2070 void 2071 acx_init_tx_ring(struct acx_softc *sc) 2072 { 2073 struct acx_ring_data *rd; 2074 struct acx_buf_data *bd; 2075 uint32_t paddr; 2076 int i; 2077 2078 rd = &sc->sc_ring_data; 2079 paddr = rd->tx_ring_paddr; 2080 for (i = 0; i < (ACX_TX_DESC_CNT * 2) - 1; ++i) { 2081 paddr += sizeof(struct acx_host_desc); 2082 2083 bzero(&rd->tx_ring[i], sizeof(struct acx_host_desc)); 2084 rd->tx_ring[i].h_ctrl = htole16(DESC_CTRL_HOSTOWN); 2085 2086 if (i == (ACX_TX_DESC_CNT * 2) - 1) 2087 rd->tx_ring[i].h_next_desc = htole32(rd->tx_ring_paddr); 2088 else 2089 rd->tx_ring[i].h_next_desc = htole32(paddr); 2090 } 2091 2092 bus_dmamap_sync(sc->sc_dmat, rd->tx_ring_dmamap, 0, 2093 rd->tx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2094 2095 bd = &sc->sc_buf_data; 2096 bd->tx_free_start = 0; 2097 bd->tx_used_start = 0; 2098 bd->tx_used_count = 0; 2099 } 2100 2101 int 2102 acx_init_rx_ring(struct acx_softc *sc) 2103 { 2104 struct acx_ring_data *rd; 2105 struct acx_buf_data *bd; 2106 uint32_t paddr; 2107 int i; 2108 2109 bd = &sc->sc_buf_data; 2110 rd = &sc->sc_ring_data; 2111 paddr = rd->rx_ring_paddr; 2112 2113 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 2114 int error; 2115 2116 paddr += sizeof(struct acx_host_desc); 2117 bzero(&rd->rx_ring[i], sizeof(struct acx_host_desc)); 2118 2119 error = acx_newbuf(sc, &bd->rx_buf[i], 1); 2120 if (error) 2121 return (error); 2122 2123 if (i == ACX_RX_DESC_CNT - 1) 2124 rd->rx_ring[i].h_next_desc = htole32(rd->rx_ring_paddr); 2125 else 2126 rd->rx_ring[i].h_next_desc = htole32(paddr); 2127 } 2128 2129 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 2130 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2131 2132 bd->rx_scan_start = 0; 2133 2134 return (0); 2135 } 2136 2137 int 2138 acx_newbuf(struct acx_softc *sc, struct acx_rxbuf *rb, int wait) 2139 { 2140 struct acx_buf_data *bd; 2141 struct mbuf *m; 2142 bus_dmamap_t map; 2143 uint32_t paddr; 2144 int error; 2145 2146 bd = &sc->sc_buf_data; 2147 2148 MGETHDR(m, wait ? M_WAITOK : M_DONTWAIT, MT_DATA); 2149 if (m == NULL) 2150 return (ENOBUFS); 2151 2152 MCLGET(m, wait ? M_WAITOK : M_DONTWAIT); 2153 if (!(m->m_flags & M_EXT)) { 2154 m_freem(m); 2155 return (ENOBUFS); 2156 } 2157 2158 m->m_len = m->m_pkthdr.len = MCLBYTES; 2159 2160 error = bus_dmamap_load_mbuf(sc->sc_dmat, bd->mbuf_tmp_dmamap, m, 2161 wait ? BUS_DMA_WAITOK : BUS_DMA_NOWAIT); 2162 if (error) { 2163 m_freem(m); 2164 printf("%s: can't map rx mbuf %d\n", 2165 sc->sc_dev.dv_xname, error); 2166 return (error); 2167 } 2168 2169 /* Unload originally mapped mbuf */ 2170 if (rb->rb_mbuf != NULL) 2171 bus_dmamap_unload(sc->sc_dmat, rb->rb_mbuf_dmamap); 2172 2173 /* Swap this dmamap with tmp dmamap */ 2174 map = rb->rb_mbuf_dmamap; 2175 rb->rb_mbuf_dmamap = bd->mbuf_tmp_dmamap; 2176 bd->mbuf_tmp_dmamap = map; 2177 paddr = rb->rb_mbuf_dmamap->dm_segs[0].ds_addr; 2178 2179 rb->rb_mbuf = m; 2180 rb->rb_desc->h_data_paddr = htole32(paddr); 2181 rb->rb_desc->h_data_len = htole16(m->m_len); 2182 2183 bus_dmamap_sync(sc->sc_dmat, rb->rb_mbuf_dmamap, 0, 2184 rb->rb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 2185 2186 return (0); 2187 } 2188 2189 int 2190 acx_encap(struct acx_softc *sc, struct acx_txbuf *txbuf, struct mbuf *m, 2191 struct ieee80211_node *ni, int rate) 2192 { 2193 struct acx_ring_data *rd = &sc->sc_ring_data; 2194 struct acx_node *node = (struct acx_node *)ni; 2195 struct ifnet *ifp = &sc->sc_ic.ic_if; 2196 uint32_t paddr; 2197 uint8_t ctrl; 2198 int error; 2199 2200 if (txbuf->tb_mbuf != NULL) 2201 panic("free TX buf has mbuf installed\n"); 2202 2203 error = 0; 2204 2205 if (m->m_pkthdr.len > MCLBYTES) { 2206 printf("%s: mbuf too big\n", ifp->if_xname); 2207 error = E2BIG; 2208 goto back; 2209 } else if (m->m_pkthdr.len < ACX_FRAME_HDRLEN) { 2210 printf("%s: mbuf too small\n", ifp->if_xname); 2211 error = EINVAL; 2212 goto back; 2213 } 2214 2215 error = bus_dmamap_load_mbuf(sc->sc_dmat, txbuf->tb_mbuf_dmamap, m, 2216 BUS_DMA_NOWAIT); 2217 2218 if (error && error != EFBIG) { 2219 printf("%s: can't map tx mbuf1 %d\n", 2220 sc->sc_dev.dv_xname, error); 2221 goto back; 2222 } 2223 2224 if (error) { /* error == EFBIG */ 2225 /* too many fragments, linearize */ 2226 struct mbuf *mnew; 2227 2228 error = 0; 2229 2230 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 2231 if (mnew == NULL) { 2232 m_freem(m); 2233 error = ENOBUFS; 2234 printf("%s: can't defrag tx mbuf\n", ifp->if_xname); 2235 goto back; 2236 } 2237 2238 M_DUP_PKTHDR(mnew, m); 2239 if (m->m_pkthdr.len > MHLEN) { 2240 MCLGET(mnew, M_DONTWAIT); 2241 if (!(mnew->m_flags & M_EXT)) { 2242 m_freem(m); 2243 m_freem(mnew); 2244 error = ENOBUFS; 2245 } 2246 } 2247 2248 if (error) { 2249 printf("%s: can't defrag tx mbuf\n", ifp->if_xname); 2250 goto back; 2251 } 2252 2253 m_copydata(m, 0, m->m_pkthdr.len, mtod(mnew, caddr_t)); 2254 m_freem(m); 2255 mnew->m_len = mnew->m_pkthdr.len; 2256 m = mnew; 2257 2258 error = bus_dmamap_load_mbuf(sc->sc_dmat, 2259 txbuf->tb_mbuf_dmamap, m, BUS_DMA_NOWAIT); 2260 if (error) { 2261 printf("%s: can't map tx mbuf2 %d\n", 2262 sc->sc_dev.dv_xname, error); 2263 goto back; 2264 } 2265 } 2266 2267 error = 0; 2268 2269 bus_dmamap_sync(sc->sc_dmat, txbuf->tb_mbuf_dmamap, 0, 2270 txbuf->tb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2271 2272 txbuf->tb_mbuf = m; 2273 txbuf->tb_node = node; 2274 txbuf->tb_rate = rate; 2275 2276 /* 2277 * TX buffers are accessed in following way: 2278 * acx_fw_txdesc -> acx_host_desc -> buffer 2279 * 2280 * It is quite strange that acx also queries acx_host_desc next to 2281 * the one we have assigned to acx_fw_txdesc even if first one's 2282 * acx_host_desc.h_data_len == acx_fw_txdesc.f_tx_len 2283 * 2284 * So we allocate two acx_host_desc for one acx_fw_txdesc and 2285 * assign the first acx_host_desc to acx_fw_txdesc 2286 * 2287 * For acx111 2288 * host_desc1.h_data_len = buffer_len 2289 * host_desc2.h_data_len = buffer_len - mac_header_len 2290 * 2291 * For acx100 2292 * host_desc1.h_data_len = mac_header_len 2293 * host_desc2.h_data_len = buffer_len - mac_header_len 2294 */ 2295 paddr = txbuf->tb_mbuf_dmamap->dm_segs[0].ds_addr; 2296 txbuf->tb_desc1->h_data_paddr = htole32(paddr); 2297 txbuf->tb_desc2->h_data_paddr = htole32(paddr + ACX_FRAME_HDRLEN); 2298 2299 txbuf->tb_desc1->h_data_len = 2300 htole16(sc->chip_txdesc1_len ? sc->chip_txdesc1_len 2301 : m->m_pkthdr.len); 2302 txbuf->tb_desc2->h_data_len = 2303 htole16(m->m_pkthdr.len - ACX_FRAME_HDRLEN); 2304 2305 /* 2306 * NOTE: 2307 * We can't simply assign f_tx_ctrl, we will first read it back 2308 * and change it bit by bit 2309 */ 2310 ctrl = FW_TXDESC_GETFIELD_1(sc, txbuf, f_tx_ctrl); 2311 ctrl |= sc->chip_fw_txdesc_ctrl; /* extra chip specific flags */ 2312 ctrl &= ~(DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE); 2313 2314 FW_TXDESC_SETFIELD_2(sc, txbuf, f_tx_len, m->m_pkthdr.len); 2315 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_error, 0); 2316 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ack_fail, 0); 2317 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_rts_fail, 0); 2318 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_rts_ok, 0); 2319 sc->chip_set_fw_txdesc_rate(sc, txbuf, rate); 2320 2321 txbuf->tb_desc1->h_ctrl = 0; 2322 txbuf->tb_desc2->h_ctrl = 0; 2323 bus_dmamap_sync(sc->sc_dmat, rd->tx_ring_dmamap, 0, 2324 rd->tx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2325 2326 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ctrl2, 0); 2327 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ctrl, ctrl); 2328 2329 /* Tell chip to inform us about TX completion */ 2330 CSR_WRITE_2(sc, ACXREG_INTR_TRIG, ACXRV_TRIG_TX_FINI); 2331 back: 2332 if (error) 2333 m_freem(m); 2334 2335 return (error); 2336 } 2337 2338 int 2339 acx_set_null_tmplt(struct acx_softc *sc) 2340 { 2341 struct ieee80211com *ic = &sc->sc_ic; 2342 struct acx_tmplt_null_data n; 2343 struct ieee80211_frame *wh; 2344 2345 bzero(&n, sizeof(n)); 2346 2347 wh = &n.data; 2348 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_DATA | 2349 IEEE80211_FC0_SUBTYPE_NODATA; 2350 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2351 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2352 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2353 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2354 2355 return (acx_set_tmplt(sc, ACXCMD_TMPLT_NULL_DATA, &n, sizeof(n))); 2356 } 2357 2358 int 2359 acx_set_probe_req_tmplt(struct acx_softc *sc, const char *ssid, int ssid_len) 2360 { 2361 struct ieee80211com *ic = &sc->sc_ic; 2362 struct acx_tmplt_probe_req req; 2363 struct ieee80211_frame *wh; 2364 struct ieee80211_rateset *rs; 2365 uint8_t *frm; 2366 int len; 2367 2368 bzero(&req, sizeof(req)); 2369 2370 wh = &req.data.u_data.f; 2371 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2372 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 2373 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2374 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2375 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2376 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2377 2378 frm = req.data.u_data.var; 2379 frm = ieee80211_add_ssid(frm, ssid, ssid_len); 2380 rs = &ic->ic_sup_rates[sc->chip_phymode]; 2381 frm = ieee80211_add_rates(frm, rs); 2382 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 2383 frm = ieee80211_add_xrates(frm, rs); 2384 len = frm - req.data.u_data.var; 2385 2386 return (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_REQ, &req, 2387 ACX_TMPLT_PROBE_REQ_SIZ(len))); 2388 } 2389 2390 #ifndef IEEE80211_STA_ONLY 2391 struct mbuf *ieee80211_get_probe_resp(struct ieee80211com *, 2392 struct ieee80211_node *); 2393 2394 int 2395 acx_set_probe_resp_tmplt(struct acx_softc *sc, struct ieee80211_node *ni) 2396 { 2397 struct ieee80211com *ic = &sc->sc_ic; 2398 struct acx_tmplt_probe_resp resp; 2399 struct ieee80211_frame *wh; 2400 struct mbuf *m; 2401 int len; 2402 2403 bzero(&resp, sizeof(resp)); 2404 2405 m = ieee80211_get_probe_resp(ic, ni); 2406 if (m == NULL) 2407 return (1); 2408 M_PREPEND(m, sizeof(struct ieee80211_frame), M_DONTWAIT); 2409 if (m == NULL) 2410 return (1); 2411 wh = mtod(m, struct ieee80211_frame *); 2412 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2413 IEEE80211_FC0_SUBTYPE_PROBE_RESP; 2414 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2415 *(u_int16_t *)&wh->i_dur[0] = 0; 2416 IEEE80211_ADDR_COPY(wh->i_addr1, ni->ni_macaddr); 2417 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2418 IEEE80211_ADDR_COPY(wh->i_addr3, ni->ni_bssid); 2419 *(u_int16_t *)wh->i_seq = 0; 2420 2421 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&resp.data); 2422 len = m->m_pkthdr.len + sizeof(resp.size); 2423 m_freem(m); 2424 2425 return (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_RESP, &resp, len)); 2426 } 2427 2428 int 2429 acx_beacon_locate(struct mbuf *m, u_int8_t type) 2430 { 2431 int off; 2432 u_int8_t *frm; 2433 /* 2434 * beacon frame format 2435 * [8] time stamp 2436 * [2] beacon interval 2437 * [2] cabability information 2438 * from here on [tlv] values 2439 */ 2440 2441 if (m->m_len != m->m_pkthdr.len) 2442 panic("beacon not in contiguous mbuf"); 2443 2444 off = sizeof(struct ieee80211_frame) + 8 + 2 + 2; 2445 frm = mtod(m, u_int8_t *); 2446 for (; off + 1 < m->m_len; off += frm[off + 1] + 2) { 2447 if (frm[off] == type) 2448 return (off); 2449 } 2450 return (-1); 2451 } 2452 2453 int 2454 acx_set_beacon_tmplt(struct acx_softc *sc, struct ieee80211_node *ni) 2455 { 2456 struct ieee80211com *ic = &sc->sc_ic; 2457 struct acx_tmplt_beacon beacon; 2458 struct acx_tmplt_tim tim; 2459 struct mbuf *m; 2460 int len, off; 2461 2462 bzero(&beacon, sizeof(beacon)); 2463 bzero(&tim, sizeof(tim)); 2464 2465 m = ieee80211_beacon_alloc(ic, ni); 2466 if (m == NULL) 2467 return (1); 2468 2469 off = acx_beacon_locate(m, IEEE80211_ELEMID_TIM); 2470 if (off < 0) { 2471 m_free(m); 2472 return (1); 2473 } 2474 2475 m_copydata(m, 0, off, (caddr_t)&beacon.data); 2476 len = off + sizeof(beacon.size); 2477 2478 if (acx_set_tmplt(sc, ACXCMD_TMPLT_BEACON, &beacon, len) != 0) { 2479 m_freem(m); 2480 return (1); 2481 } 2482 2483 len = m->m_pkthdr.len - off; 2484 if (len == 0) { 2485 /* no TIM field */ 2486 m_freem(m); 2487 return (0); 2488 } 2489 2490 m_copydata(m, off, len, (caddr_t)&tim.data); 2491 len += sizeof(beacon.size); 2492 m_freem(m); 2493 2494 return (acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &tim, len)); 2495 } 2496 #endif /* IEEE80211_STA_ONLY */ 2497 2498 void 2499 acx_init_cmd_reg(struct acx_softc *sc) 2500 { 2501 sc->sc_cmd = CSR_READ_4(sc, ACXREG_CMD_REG_OFFSET); 2502 sc->sc_cmd_param = sc->sc_cmd + ACX_CMD_REG_SIZE; 2503 2504 /* Clear command & status */ 2505 CMD_WRITE_4(sc, 0); 2506 } 2507 2508 int 2509 acx_join_bss(struct acx_softc *sc, uint8_t mode, struct ieee80211_node *node) 2510 { 2511 uint8_t bj_buf[BSS_JOIN_BUFLEN]; 2512 struct bss_join_hdr *bj; 2513 int i, dtim_intvl; 2514 2515 bzero(bj_buf, sizeof(bj_buf)); 2516 bj = (struct bss_join_hdr *)bj_buf; 2517 2518 for (i = 0; i < IEEE80211_ADDR_LEN; ++i) 2519 bj->bssid[i] = node->ni_bssid[IEEE80211_ADDR_LEN - i - 1]; 2520 2521 bj->beacon_intvl = htole16(acx_beacon_intvl); 2522 2523 /* TODO tunable */ 2524 #ifndef IEEE80211_STA_ONLY 2525 if (sc->sc_ic.ic_opmode == IEEE80211_M_IBSS) 2526 dtim_intvl = 1; 2527 else 2528 #endif 2529 dtim_intvl = 10; 2530 sc->chip_set_bss_join_param(sc, bj->chip_spec, dtim_intvl); 2531 2532 bj->ndata_txrate = ACX_NDATA_TXRATE_1; 2533 bj->ndata_txopt = 0; 2534 bj->mode = mode; 2535 bj->channel = ieee80211_chan2ieee(&sc->sc_ic, node->ni_chan); 2536 bj->esslen = node->ni_esslen; 2537 bcopy(node->ni_essid, bj->essid, node->ni_esslen); 2538 2539 DPRINTF(("%s: join BSS/IBSS on channel %d\n", sc->sc_dev.dv_xname, 2540 bj->channel)); 2541 return (acx_exec_command(sc, ACXCMD_JOIN_BSS, 2542 bj, BSS_JOIN_PARAM_SIZE(bj), NULL, 0)); 2543 } 2544 2545 int 2546 acx_set_channel(struct acx_softc *sc, uint8_t chan) 2547 { 2548 if (acx_exec_command(sc, ACXCMD_ENABLE_TXCHAN, &chan, sizeof(chan), 2549 NULL, 0) != 0) { 2550 DPRINTF(("%s: setting TX channel %d failed\n", 2551 sc->sc_dev.dv_xname, chan)); 2552 return (ENXIO); 2553 } 2554 2555 if (acx_exec_command(sc, ACXCMD_ENABLE_RXCHAN, &chan, sizeof(chan), 2556 NULL, 0) != 0) { 2557 DPRINTF(("%s: setting RX channel %d failed\n", 2558 sc->sc_dev.dv_xname, chan)); 2559 return (ENXIO); 2560 } 2561 2562 return (0); 2563 } 2564 2565 int 2566 acx_get_conf(struct acx_softc *sc, uint16_t conf_id, void *conf, 2567 uint16_t conf_len) 2568 { 2569 struct acx_conf *confcom; 2570 2571 if (conf_len < sizeof(*confcom)) { 2572 printf("%s: %s configure data is too short\n", 2573 sc->sc_dev.dv_xname, __func__); 2574 return (1); 2575 } 2576 2577 confcom = conf; 2578 confcom->conf_id = htole16(conf_id); 2579 confcom->conf_data_len = htole16(conf_len - sizeof(*confcom)); 2580 2581 return (acx_exec_command(sc, ACXCMD_GET_CONF, confcom, sizeof(*confcom), 2582 conf, conf_len)); 2583 } 2584 2585 int 2586 acx_set_conf(struct acx_softc *sc, uint16_t conf_id, void *conf, 2587 uint16_t conf_len) 2588 { 2589 struct acx_conf *confcom; 2590 2591 if (conf_len < sizeof(*confcom)) { 2592 printf("%s: %s configure data is too short\n", 2593 sc->sc_dev.dv_xname, __func__); 2594 return (1); 2595 } 2596 2597 confcom = conf; 2598 confcom->conf_id = htole16(conf_id); 2599 confcom->conf_data_len = htole16(conf_len - sizeof(*confcom)); 2600 2601 return (acx_exec_command(sc, ACXCMD_SET_CONF, conf, conf_len, NULL, 0)); 2602 } 2603 2604 int 2605 acx_set_tmplt(struct acx_softc *sc, uint16_t cmd, void *tmplt, 2606 uint16_t tmplt_len) 2607 { 2608 uint16_t *size; 2609 2610 if (tmplt_len < sizeof(*size)) { 2611 printf("%s: %s template is too short\n", 2612 sc->sc_dev.dv_xname, __func__); 2613 return (1); 2614 } 2615 2616 size = tmplt; 2617 *size = htole16(tmplt_len - sizeof(*size)); 2618 2619 return (acx_exec_command(sc, cmd, tmplt, tmplt_len, NULL, 0)); 2620 } 2621 2622 int 2623 acx_init_radio(struct acx_softc *sc, uint32_t radio_ofs, uint32_t radio_len) 2624 { 2625 struct radio_init r; 2626 2627 r.radio_ofs = htole32(radio_ofs); 2628 r.radio_len = htole32(radio_len); 2629 2630 return (acx_exec_command(sc, ACXCMD_INIT_RADIO, &r, sizeof(r), NULL, 2631 0)); 2632 } 2633 2634 int 2635 acx_exec_command(struct acx_softc *sc, uint16_t cmd, void *param, 2636 uint16_t param_len, void *result, uint16_t result_len) 2637 { 2638 uint16_t status; 2639 int i, ret; 2640 2641 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0) { 2642 printf("%s: cmd 0x%04x failed (base firmware not loaded)\n", 2643 sc->sc_dev.dv_xname, cmd); 2644 return (1); 2645 } 2646 2647 ret = 0; 2648 2649 if (param != NULL && param_len != 0) { 2650 /* Set command param */ 2651 CMDPRM_WRITE_REGION_1(sc, param, param_len); 2652 } 2653 2654 /* Set command */ 2655 CMD_WRITE_4(sc, cmd); 2656 2657 /* Exec command */ 2658 CSR_WRITE_2(sc, ACXREG_INTR_TRIG, ACXRV_TRIG_CMD_FINI); 2659 DELAY(50); 2660 2661 /* Wait for command to complete */ 2662 if (cmd == ACXCMD_INIT_RADIO) { 2663 /* radio initialization is extremely long */ 2664 tsleep(&cmd, 0, "rdinit", (300 * hz) / 1000); /* 300ms */ 2665 } 2666 2667 #define CMDWAIT_RETRY_MAX 1000 2668 for (i = 0; i < CMDWAIT_RETRY_MAX; ++i) { 2669 uint16_t reg; 2670 2671 reg = CSR_READ_2(sc, ACXREG_INTR_STATUS); 2672 if (reg & ACXRV_INTR_CMD_FINI) { 2673 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_CMD_FINI); 2674 break; 2675 } 2676 DELAY(50); 2677 } 2678 if (i == CMDWAIT_RETRY_MAX) { 2679 printf("%s: cmd %04x failed (timeout)\n", 2680 sc->sc_dev.dv_xname, cmd); 2681 ret = 1; 2682 goto back; 2683 } 2684 #undef CMDWAIT_RETRY_MAX 2685 2686 /* Get command exec status */ 2687 status = (CMD_READ_4(sc) >> ACX_CMD_STATUS_SHIFT); 2688 if (status != ACX_CMD_STATUS_OK) { 2689 DPRINTF(("%s: cmd %04x failed\n", sc->sc_dev.dv_xname, cmd)); 2690 ret = 1; 2691 goto back; 2692 } 2693 2694 if (result != NULL && result_len != 0) { 2695 /* Get command result */ 2696 CMDPRM_READ_REGION_1(sc, result, result_len); 2697 } 2698 2699 back: 2700 CMD_WRITE_4(sc, 0); 2701 2702 return (ret); 2703 } 2704 2705 const char * 2706 acx_get_rf(int rev) 2707 { 2708 switch (rev) { 2709 case ACX_RADIO_TYPE_MAXIM: return "MAX2820"; 2710 case ACX_RADIO_TYPE_RFMD: return "RFMD"; 2711 case ACX_RADIO_TYPE_RALINK: return "Ralink"; 2712 case ACX_RADIO_TYPE_RADIA: return "Radia"; 2713 default: return "unknown"; 2714 } 2715 } 2716 2717 int 2718 acx_get_maxrssi(int radio) 2719 { 2720 switch (radio) { 2721 case ACX_RADIO_TYPE_MAXIM: return ACX_RADIO_RSSI_MAXIM; 2722 case ACX_RADIO_TYPE_RFMD: return ACX_RADIO_RSSI_RFMD; 2723 case ACX_RADIO_TYPE_RALINK: return ACX_RADIO_RSSI_RALINK; 2724 case ACX_RADIO_TYPE_RADIA: return ACX_RADIO_RSSI_RADIA; 2725 default: return ACX_RADIO_RSSI_UNKN; 2726 } 2727 } 2728 2729 void 2730 acx_iter_func(void *arg, struct ieee80211_node *ni) 2731 { 2732 struct acx_softc *sc = arg; 2733 struct acx_node *wn = (struct acx_node *)ni; 2734 2735 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 2736 } 2737 2738 void 2739 acx_amrr_timeout(void *arg) 2740 { 2741 struct acx_softc *sc = arg; 2742 struct ieee80211com *ic = &sc->sc_ic; 2743 2744 if (ic->ic_opmode == IEEE80211_M_STA) 2745 acx_iter_func(sc, ic->ic_bss); 2746 else 2747 ieee80211_iterate_nodes(ic, acx_iter_func, sc); 2748 2749 timeout_add(&sc->amrr_ch, hz / 2); 2750 } 2751 2752 void 2753 acx_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 2754 { 2755 struct acx_softc *sc = ic->ic_if.if_softc; 2756 int i; 2757 2758 ieee80211_amrr_node_init(&sc->amrr, &((struct acx_node *)ni)->amn); 2759 2760 /* set rate to some reasonable initial value */ 2761 for (i = ni->ni_rates.rs_nrates - 1; 2762 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 2763 i--); 2764 ni->ni_txrate = i; 2765 } 2766