1 /* $OpenBSD: acx.c,v 1.103 2014/07/12 18:48:17 tedu Exp $ */ 2 3 /* 4 * Copyright (c) 2006 Jonathan Gray <jsg@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /* 20 * Copyright (c) 2006 The DragonFly Project. All rights reserved. 21 * 22 * This code is derived from software contributed to The DragonFly Project 23 * by Sepherosa Ziehau <sepherosa@gmail.com> 24 * 25 * Redistribution and use in source and binary forms, with or without 26 * modification, are permitted provided that the following conditions 27 * are met: 28 * 29 * 1. Redistributions of source code must retain the above copyright 30 * notice, this list of conditions and the following disclaimer. 31 * 2. Redistributions in binary form must reproduce the above copyright 32 * notice, this list of conditions and the following disclaimer in 33 * the documentation and/or other materials provided with the 34 * distribution. 35 * 3. Neither the name of The DragonFly Project nor the names of its 36 * contributors may be used to endorse or promote products derived 37 * from this software without specific, prior written permission. 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 40 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 41 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 42 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 43 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 44 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 45 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 47 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 48 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 49 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 */ 52 53 /* 54 * Copyright (c) 2003-2004 wlan.kewl.org Project 55 * All rights reserved. 56 * 57 * Redistribution and use in source and binary forms, with or without 58 * modification, are permitted provided that the following conditions 59 * are met: 60 * 61 * 1. Redistributions of source code must retain the above copyright 62 * notice, this list of conditions and the following disclaimer. 63 * 64 * 2. Redistributions in binary form must reproduce the above copyright 65 * notice, this list of conditions and the following disclaimer in the 66 * documentation and/or other materials provided with the distribution. 67 * 68 * 3. All advertising materials mentioning features or use of this software 69 * must display the following acknowledgement: 70 * 71 * This product includes software developed by the wlan.kewl.org Project. 72 * 73 * 4. Neither the name of the wlan.kewl.org Project nor the names of its 74 * contributors may be used to endorse or promote products derived from 75 * this software without specific prior written permission. 76 * 77 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, 78 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY 79 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 80 * THE wlan.kewl.org Project BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 81 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 82 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 83 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 84 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 85 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 86 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 87 */ 88 89 #include "bpfilter.h" 90 91 #include <sys/param.h> 92 #include <sys/systm.h> 93 #include <sys/kernel.h> 94 #include <sys/malloc.h> 95 #include <sys/mbuf.h> 96 #include <sys/proc.h> 97 #include <sys/socket.h> 98 #include <sys/sockio.h> 99 #include <sys/ioctl.h> 100 #include <sys/types.h> 101 102 #include <machine/bus.h> 103 #include <machine/endian.h> 104 #include <machine/intr.h> 105 106 #include <net/if.h> 107 #include <net/if_arp.h> 108 #include <net/if_dl.h> 109 #include <net/if_media.h> 110 #include <net/if_types.h> 111 112 #if NBPFILTER > 0 113 #include <net/bpf.h> 114 #endif 115 116 #ifdef INET 117 #include <netinet/in.h> 118 #include <netinet/in_systm.h> 119 #include <netinet/if_ether.h> 120 #include <netinet/ip.h> 121 #endif 122 123 #include <net80211/ieee80211_var.h> 124 #include <net80211/ieee80211_amrr.h> 125 #include <net80211/ieee80211_radiotap.h> 126 127 #include <dev/pci/pcireg.h> 128 #include <dev/pci/pcivar.h> 129 #include <dev/pci/pcidevs.h> 130 131 #include <dev/ic/acxvar.h> 132 #include <dev/ic/acxreg.h> 133 134 #ifdef ACX_DEBUG 135 int acxdebug = 0; 136 #endif 137 138 int acx_attach(struct acx_softc *); 139 int acx_detach(void *); 140 141 int acx_init(struct ifnet *); 142 int acx_stop(struct acx_softc *); 143 void acx_init_info_reg(struct acx_softc *); 144 int acx_config(struct acx_softc *); 145 int acx_read_config(struct acx_softc *, struct acx_config *); 146 int acx_write_config(struct acx_softc *, struct acx_config *); 147 int acx_rx_config(struct acx_softc *); 148 int acx_set_crypt_keys(struct acx_softc *); 149 void acx_next_scan(void *); 150 151 void acx_start(struct ifnet *); 152 void acx_watchdog(struct ifnet *); 153 154 int acx_ioctl(struct ifnet *, u_long, caddr_t); 155 156 int acx_intr(void *); 157 void acx_disable_intr(struct acx_softc *); 158 void acx_enable_intr(struct acx_softc *); 159 void acx_txeof(struct acx_softc *); 160 void acx_txerr(struct acx_softc *, uint8_t); 161 void acx_rxeof(struct acx_softc *); 162 163 int acx_dma_alloc(struct acx_softc *); 164 void acx_dma_free(struct acx_softc *); 165 void acx_init_tx_ring(struct acx_softc *); 166 int acx_init_rx_ring(struct acx_softc *); 167 int acx_newbuf(struct acx_softc *, struct acx_rxbuf *, int); 168 int acx_encap(struct acx_softc *, struct acx_txbuf *, 169 struct mbuf *, struct ieee80211_node *, int); 170 171 int acx_reset(struct acx_softc *); 172 173 int acx_set_null_tmplt(struct acx_softc *); 174 int acx_set_probe_req_tmplt(struct acx_softc *, const char *, int); 175 #ifndef IEEE80211_STA_ONLY 176 int acx_set_probe_resp_tmplt(struct acx_softc *, struct ieee80211_node *); 177 int acx_beacon_locate(struct mbuf *, u_int8_t); 178 int acx_set_beacon_tmplt(struct acx_softc *, struct ieee80211_node *); 179 #endif 180 181 int acx_read_eeprom(struct acx_softc *, uint32_t, uint8_t *); 182 int acx_read_phyreg(struct acx_softc *, uint32_t, uint8_t *); 183 const char * acx_get_rf(int); 184 int acx_get_maxrssi(int); 185 186 int acx_load_firmware(struct acx_softc *, uint32_t, 187 const uint8_t *, int); 188 int acx_load_radio_firmware(struct acx_softc *, const char *); 189 int acx_load_base_firmware(struct acx_softc *, const char *); 190 191 struct ieee80211_node 192 *acx_node_alloc(struct ieee80211com *); 193 int acx_newstate(struct ieee80211com *, enum ieee80211_state, int); 194 195 void acx_init_cmd_reg(struct acx_softc *); 196 int acx_join_bss(struct acx_softc *, uint8_t, struct ieee80211_node *); 197 int acx_set_channel(struct acx_softc *, uint8_t); 198 int acx_init_radio(struct acx_softc *, uint32_t, uint32_t); 199 200 void acx_iter_func(void *, struct ieee80211_node *); 201 void acx_amrr_timeout(void *); 202 void acx_newassoc(struct ieee80211com *, struct ieee80211_node *, int); 203 #ifndef IEEE80211_STA_ONLY 204 void acx_set_tim(struct ieee80211com *, int, int); 205 #endif 206 207 int acx_beacon_intvl = 100; /* 100 TU */ 208 209 /* 210 * Possible values for the second parameter of acx_join_bss() 211 */ 212 #define ACX_MODE_ADHOC 0 213 #define ACX_MODE_UNUSED 1 214 #define ACX_MODE_STA 2 215 #define ACX_MODE_AP 3 216 217 struct cfdriver acx_cd = { 218 NULL, "acx", DV_IFNET 219 }; 220 221 int 222 acx_attach(struct acx_softc *sc) 223 { 224 struct ieee80211com *ic = &sc->sc_ic; 225 struct ifnet *ifp = &sc->sc_ic.ic_if; 226 int i, error; 227 228 /* Initialize channel scanning timer */ 229 timeout_set(&sc->sc_chanscan_timer, acx_next_scan, sc); 230 231 /* Allocate busdma stuffs */ 232 error = acx_dma_alloc(sc); 233 if (error) { 234 printf("%s: attach failed, could not allocate DMA!\n", 235 sc->sc_dev.dv_xname); 236 return (error); 237 } 238 239 /* Reset Hardware */ 240 error = acx_reset(sc); 241 if (error) { 242 printf("%s: attach failed, could not reset device!\n", 243 sc->sc_dev.dv_xname); 244 return (error); 245 } 246 247 /* Disable interrupts before firmware is loaded */ 248 acx_disable_intr(sc); 249 250 /* Get radio type and form factor */ 251 #define EEINFO_RETRY_MAX 50 252 for (i = 0; i < EEINFO_RETRY_MAX; ++i) { 253 uint16_t ee_info; 254 255 ee_info = CSR_READ_2(sc, ACXREG_EEPROM_INFO); 256 if (ACX_EEINFO_HAS_RADIO_TYPE(ee_info)) { 257 sc->sc_form_factor = ACX_EEINFO_FORM_FACTOR(ee_info); 258 sc->sc_radio_type = ACX_EEINFO_RADIO_TYPE(ee_info); 259 break; 260 } 261 DELAY(10000); 262 } 263 if (i == EEINFO_RETRY_MAX) { 264 printf("%s: attach failed, could not get radio type!\n", 265 sc->sc_dev.dv_xname); 266 return (ENXIO); 267 } 268 #undef EEINFO_RETRY_MAX 269 270 #ifdef DUMP_EEPROM 271 for (i = 0; i < 0x40; ++i) { 272 uint8_t val; 273 274 error = acx_read_eeprom(sc, i, &val); 275 if (error) 276 return (error); 277 if (i % 10 == 0) 278 printf("\n"); 279 printf("%02x ", val); 280 } 281 printf("\n"); 282 #endif /* DUMP_EEPROM */ 283 284 /* Get EEPROM version */ 285 error = acx_read_eeprom(sc, ACX_EE_VERSION_OFS, &sc->sc_eeprom_ver); 286 if (error) { 287 printf("%s: attach failed, could not get EEPROM version!\n", 288 sc->sc_dev.dv_xname); 289 return (error); 290 } 291 292 ifp->if_softc = sc; 293 ifp->if_ioctl = acx_ioctl; 294 ifp->if_start = acx_start; 295 ifp->if_watchdog = acx_watchdog; 296 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST; 297 strlcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 298 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 299 IFQ_SET_READY(&ifp->if_snd); 300 301 /* Set channels */ 302 for (i = 1; i <= 14; ++i) { 303 ic->ic_channels[i].ic_freq = 304 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 305 ic->ic_channels[i].ic_flags = sc->chip_chan_flags; 306 } 307 308 ic->ic_opmode = IEEE80211_M_STA; 309 ic->ic_state = IEEE80211_S_INIT; 310 311 /* 312 * NOTE: Don't overwrite ic_caps set by chip specific code 313 */ 314 ic->ic_caps = 315 IEEE80211_C_WEP | /* WEP */ 316 IEEE80211_C_MONITOR | /* Monitor mode */ 317 #ifndef IEEE80211_STA_ONLY 318 IEEE80211_C_IBSS | /* IBSS mode */ 319 IEEE80211_C_HOSTAP | /* Access Point */ 320 IEEE80211_C_APPMGT | /* AP Power Mgmt */ 321 #endif 322 IEEE80211_C_SHPREAMBLE; /* Short preamble */ 323 324 /* Get station id */ 325 for (i = 0; i < IEEE80211_ADDR_LEN; ++i) { 326 error = acx_read_eeprom(sc, sc->chip_ee_eaddr_ofs - i, 327 &ic->ic_myaddr[i]); 328 if (error) { 329 printf("%s: attach failed, could not get station id\n", 330 sc->sc_dev.dv_xname); 331 return error; 332 } 333 } 334 335 printf("%s: %s, radio %s (0x%02x), EEPROM ver %u, address %s\n", 336 sc->sc_dev.dv_xname, 337 (sc->sc_flags & ACX_FLAG_ACX111) ? "ACX111" : "ACX100", 338 acx_get_rf(sc->sc_radio_type), sc->sc_radio_type, 339 sc->sc_eeprom_ver, ether_sprintf(ic->ic_myaddr)); 340 341 if_attach(ifp); 342 ieee80211_ifattach(ifp); 343 344 /* Override node alloc */ 345 ic->ic_node_alloc = acx_node_alloc; 346 ic->ic_newassoc = acx_newassoc; 347 348 #ifndef IEEE80211_STA_ONLY 349 /* Override set TIM */ 350 ic->ic_set_tim = acx_set_tim; 351 #endif 352 353 /* Override newstate */ 354 sc->sc_newstate = ic->ic_newstate; 355 ic->ic_newstate = acx_newstate; 356 357 /* Set maximal rssi */ 358 ic->ic_max_rssi = acx_get_maxrssi(sc->sc_radio_type); 359 360 ieee80211_media_init(ifp, ieee80211_media_change, 361 ieee80211_media_status); 362 363 /* AMRR rate control */ 364 sc->amrr.amrr_min_success_threshold = 1; 365 sc->amrr.amrr_max_success_threshold = 15; 366 timeout_set(&sc->amrr_ch, acx_amrr_timeout, sc); 367 368 sc->sc_long_retry_limit = 4; 369 sc->sc_short_retry_limit = 7; 370 sc->sc_msdu_lifetime = 4096; 371 372 #if NBPFILTER > 0 373 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 374 sizeof(struct ieee80211_frame) + 64); 375 376 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 377 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 378 sc->sc_rxtap.wr_ihdr.it_present = htole32(ACX_RX_RADIOTAP_PRESENT); 379 380 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 381 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 382 sc->sc_txtap.wt_ihdr.it_present = htole32(ACX_TX_RADIOTAP_PRESENT); 383 #endif 384 385 return (0); 386 } 387 388 int 389 acx_detach(void *xsc) 390 { 391 struct acx_softc *sc = xsc; 392 struct ieee80211com *ic = &sc->sc_ic; 393 struct ifnet *ifp = &ic->ic_if; 394 395 acx_stop(sc); 396 ieee80211_ifdetach(ifp); 397 if_detach(ifp); 398 399 acx_dma_free(sc); 400 401 return (0); 402 } 403 404 int 405 acx_init(struct ifnet *ifp) 406 { 407 struct acx_softc *sc = ifp->if_softc; 408 struct ieee80211com *ic = &sc->sc_ic; 409 char fname[] = "tiacx111c16"; 410 int error, combined = 0; 411 412 error = acx_stop(sc); 413 if (error) 414 return (EIO); 415 416 /* enable card if possible */ 417 if (sc->sc_enable != NULL) { 418 error = (*sc->sc_enable)(sc); 419 if (error) 420 return (EIO); 421 } 422 423 acx_init_tx_ring(sc); 424 425 error = acx_init_rx_ring(sc); 426 if (error) { 427 printf("%s: can't initialize RX ring\n", 428 sc->sc_dev.dv_xname); 429 goto back; 430 } 431 432 if (sc->sc_flags & ACX_FLAG_ACX111) { 433 snprintf(fname, sizeof(fname), "tiacx111c%02X", 434 sc->sc_radio_type); 435 error = acx_load_base_firmware(sc, fname); 436 437 if (!error) 438 combined = 1; 439 } 440 441 if (!combined) { 442 snprintf(fname, sizeof(fname), "tiacx%s", 443 (sc->sc_flags & ACX_FLAG_ACX111) ? "111" : "100"); 444 error = acx_load_base_firmware(sc, fname); 445 } 446 447 if (error) 448 goto back; 449 450 /* 451 * Initialize command and information registers 452 * NOTE: This should be done after base firmware is loaded 453 */ 454 acx_init_cmd_reg(sc); 455 acx_init_info_reg(sc); 456 457 sc->sc_flags |= ACX_FLAG_FW_LOADED; 458 459 if (!combined) { 460 snprintf(fname, sizeof(fname), "tiacx%sr%02X", 461 (sc->sc_flags & ACX_FLAG_ACX111) ? "111" : "100", 462 sc->sc_radio_type); 463 error = acx_load_radio_firmware(sc, fname); 464 465 if (error) 466 goto back; 467 } 468 469 error = sc->chip_init(sc); 470 if (error) 471 goto back; 472 473 /* Get and set device various configuration */ 474 error = acx_config(sc); 475 if (error) 476 goto back; 477 478 /* Setup crypto stuffs */ 479 if (sc->sc_ic.ic_flags & IEEE80211_F_WEPON) { 480 error = acx_set_crypt_keys(sc); 481 if (error) 482 goto back; 483 } 484 485 /* Turn on power led */ 486 CSR_CLRB_2(sc, ACXREG_GPIO_OUT, sc->chip_gpio_pled); 487 488 acx_enable_intr(sc); 489 490 ifp->if_flags |= IFF_RUNNING; 491 ifp->if_flags &= ~IFF_OACTIVE; 492 493 if (ic->ic_opmode != IEEE80211_M_MONITOR) 494 /* start background scanning */ 495 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 496 else 497 /* in monitor mode change directly into run state */ 498 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 499 500 return (0); 501 back: 502 acx_stop(sc); 503 return (error); 504 } 505 506 void 507 acx_init_info_reg(struct acx_softc *sc) 508 { 509 sc->sc_info = CSR_READ_4(sc, ACXREG_INFO_REG_OFFSET); 510 sc->sc_info_param = sc->sc_info + ACX_INFO_REG_SIZE; 511 } 512 513 int 514 acx_set_crypt_keys(struct acx_softc *sc) 515 { 516 struct ieee80211com *ic = &sc->sc_ic; 517 struct acx_conf_wep_txkey wep_txkey; 518 int i, error, got_wk = 0; 519 520 for (i = 0; i < IEEE80211_WEP_NKID; ++i) { 521 struct ieee80211_key *k = &ic->ic_nw_keys[i]; 522 523 if (k->k_len == 0) 524 continue; 525 526 if (sc->chip_hw_crypt) { 527 error = sc->chip_set_wepkey(sc, k, i); 528 if (error) 529 return (error); 530 got_wk = 1; 531 } 532 } 533 534 if (!got_wk) 535 return (0); 536 537 /* Set current WEP key index */ 538 wep_txkey.wep_txkey = ic->ic_wep_txkey; 539 if (acx_set_conf(sc, ACX_CONF_WEP_TXKEY, &wep_txkey, 540 sizeof(wep_txkey)) != 0) { 541 printf("%s: set WEP txkey failed\n", sc->sc_dev.dv_xname); 542 return (ENXIO); 543 } 544 545 return (0); 546 } 547 548 void 549 acx_next_scan(void *arg) 550 { 551 struct acx_softc *sc = arg; 552 struct ieee80211com *ic = &sc->sc_ic; 553 struct ifnet *ifp = &ic->ic_if; 554 555 if (ic->ic_state == IEEE80211_S_SCAN) 556 ieee80211_next_scan(ifp); 557 } 558 559 int 560 acx_stop(struct acx_softc *sc) 561 { 562 struct ieee80211com *ic = &sc->sc_ic; 563 struct ifnet *ifp = &ic->ic_if; 564 struct acx_buf_data *bd = &sc->sc_buf_data; 565 struct acx_ring_data *rd = &sc->sc_ring_data; 566 int i, error; 567 568 sc->sc_firmware_ver = 0; 569 sc->sc_hardware_id = 0; 570 571 /* Reset hardware */ 572 error = acx_reset(sc); 573 if (error) 574 return (error); 575 576 /* Firmware no longer functions after hardware reset */ 577 sc->sc_flags &= ~ACX_FLAG_FW_LOADED; 578 579 acx_disable_intr(sc); 580 581 /* Stop backgroud scanning */ 582 timeout_del(&sc->sc_chanscan_timer); 583 584 /* Turn off power led */ 585 CSR_SETB_2(sc, ACXREG_GPIO_OUT, sc->chip_gpio_pled); 586 587 /* Free TX mbuf */ 588 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 589 struct acx_txbuf *buf; 590 struct ieee80211_node *ni; 591 592 buf = &bd->tx_buf[i]; 593 594 if (buf->tb_mbuf != NULL) { 595 bus_dmamap_unload(sc->sc_dmat, buf->tb_mbuf_dmamap); 596 m_freem(buf->tb_mbuf); 597 buf->tb_mbuf = NULL; 598 } 599 600 ni = (struct ieee80211_node *)buf->tb_node; 601 if (ni != NULL) 602 ieee80211_release_node(ic, ni); 603 buf->tb_node = NULL; 604 } 605 606 /* Clear TX host descriptors */ 607 bzero(rd->tx_ring, ACX_TX_RING_SIZE); 608 609 /* Free RX mbuf */ 610 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 611 if (bd->rx_buf[i].rb_mbuf != NULL) { 612 bus_dmamap_unload(sc->sc_dmat, 613 bd->rx_buf[i].rb_mbuf_dmamap); 614 m_freem(bd->rx_buf[i].rb_mbuf); 615 bd->rx_buf[i].rb_mbuf = NULL; 616 } 617 } 618 619 /* Clear RX host descriptors */ 620 bzero(rd->rx_ring, ACX_RX_RING_SIZE); 621 622 sc->sc_txtimer = 0; 623 ifp->if_timer = 0; 624 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 625 ieee80211_new_state(&sc->sc_ic, IEEE80211_S_INIT, -1); 626 627 /* disable card if possible */ 628 if (sc->sc_disable != NULL) 629 (*sc->sc_disable)(sc); 630 631 return (0); 632 } 633 634 int 635 acx_config(struct acx_softc *sc) 636 { 637 struct acx_config conf; 638 int error; 639 640 error = acx_read_config(sc, &conf); 641 if (error) 642 return (error); 643 644 error = acx_write_config(sc, &conf); 645 if (error) 646 return (error); 647 648 error = acx_rx_config(sc); 649 if (error) 650 return (error); 651 652 if (acx_set_probe_req_tmplt(sc, "", 0) != 0) { 653 printf("%s: can't set probe req template " 654 "(empty ssid)\n", sc->sc_dev.dv_xname); 655 return (ENXIO); 656 } 657 658 /* XXX for PM?? */ 659 if (acx_set_null_tmplt(sc) != 0) { 660 printf("%s: can't set null data template\n", 661 sc->sc_dev.dv_xname); 662 return (ENXIO); 663 } 664 665 return (0); 666 } 667 668 int 669 acx_read_config(struct acx_softc *sc, struct acx_config *conf) 670 { 671 struct acx_conf_regdom reg_dom; 672 struct acx_conf_antenna ant; 673 struct acx_conf_fwrev fw_rev; 674 uint32_t fw_rev_no; 675 uint8_t sen; 676 int error; 677 678 /* Get region domain */ 679 if (acx_get_conf(sc, ACX_CONF_REGDOM, ®_dom, sizeof(reg_dom)) != 0) { 680 printf("%s: can't get region domain\n", sc->sc_dev.dv_xname); 681 return (ENXIO); 682 } 683 conf->regdom = reg_dom.regdom; 684 DPRINTF(("%s: regdom %02x\n", sc->sc_dev.dv_xname, reg_dom.regdom)); 685 686 /* Get antenna */ 687 if (acx_get_conf(sc, ACX_CONF_ANTENNA, &ant, sizeof(ant)) != 0) { 688 printf("%s: can't get antenna\n", sc->sc_dev.dv_xname); 689 return (ENXIO); 690 } 691 conf->antenna = ant.antenna; 692 DPRINTF(("%s: antenna %02x\n", sc->sc_dev.dv_xname, ant.antenna)); 693 694 /* Get sensitivity XXX not used */ 695 if (sc->sc_radio_type == ACX_RADIO_TYPE_MAXIM || 696 sc->sc_radio_type == ACX_RADIO_TYPE_RFMD || 697 sc->sc_radio_type == ACX_RADIO_TYPE_RALINK) { 698 error = acx_read_phyreg(sc, ACXRV_PHYREG_SENSITIVITY, &sen); 699 if (error) { 700 printf("%s: can't get sensitivity\n", 701 sc->sc_dev.dv_xname); 702 return (error); 703 } 704 } else 705 sen = 0; 706 DPRINTF(("%s: sensitivity %02x\n", sc->sc_dev.dv_xname, sen)); 707 708 /* Get firmware revision */ 709 if (acx_get_conf(sc, ACX_CONF_FWREV, &fw_rev, sizeof(fw_rev)) != 0) { 710 printf("%s: can't get firmware revision\n", 711 sc->sc_dev.dv_xname); 712 return (ENXIO); 713 } 714 715 if (strncmp(fw_rev.fw_rev, "Rev ", 4) != 0) { 716 printf("%s: strange revision string -- %s\n", 717 sc->sc_dev.dv_xname, fw_rev.fw_rev); 718 fw_rev_no = 0x01090407; 719 } else { 720 /* 721 * 01234 722 * "Rev xx.xx.xx.xx" 723 * ^ Start from here 724 */ 725 fw_rev_no = fw_rev.fw_rev[0] << 24; 726 fw_rev_no |= fw_rev.fw_rev[1] << 16; 727 fw_rev_no |= fw_rev.fw_rev[2] << 8; 728 fw_rev_no |= fw_rev.fw_rev[3]; 729 } 730 sc->sc_firmware_ver = fw_rev_no; 731 sc->sc_hardware_id = letoh32(fw_rev.hw_id); 732 DPRINTF(("%s: fw rev %08x, hw id %08x\n", 733 sc->sc_dev.dv_xname, sc->sc_firmware_ver, sc->sc_hardware_id)); 734 735 if (sc->chip_read_config != NULL) { 736 error = sc->chip_read_config(sc, conf); 737 if (error) 738 return (error); 739 } 740 741 return (0); 742 } 743 744 int 745 acx_write_config(struct acx_softc *sc, struct acx_config *conf) 746 { 747 struct acx_conf_nretry_short sretry; 748 struct acx_conf_nretry_long lretry; 749 struct acx_conf_msdu_lifetime msdu_lifetime; 750 struct acx_conf_rate_fallback rate_fb; 751 struct acx_conf_antenna ant; 752 struct acx_conf_regdom reg_dom; 753 struct ifnet *ifp = &sc->sc_ic.ic_if; 754 int error; 755 756 /* Set number of long/short retry */ 757 sretry.nretry = sc->sc_short_retry_limit; 758 if (acx_set_conf(sc, ACX_CONF_NRETRY_SHORT, &sretry, 759 sizeof(sretry)) != 0) { 760 printf("%s: can't set short retry limit\n", ifp->if_xname); 761 return (ENXIO); 762 } 763 764 lretry.nretry = sc->sc_long_retry_limit; 765 if (acx_set_conf(sc, ACX_CONF_NRETRY_LONG, &lretry, 766 sizeof(lretry)) != 0) { 767 printf("%s: can't set long retry limit\n", ifp->if_xname); 768 return (ENXIO); 769 } 770 771 /* Set MSDU lifetime */ 772 msdu_lifetime.lifetime = htole32(sc->sc_msdu_lifetime); 773 if (acx_set_conf(sc, ACX_CONF_MSDU_LIFETIME, &msdu_lifetime, 774 sizeof(msdu_lifetime)) != 0) { 775 printf("%s: can't set MSDU lifetime\n", ifp->if_xname); 776 return (ENXIO); 777 } 778 779 /* Enable rate fallback */ 780 rate_fb.ratefb_enable = 1; 781 if (acx_set_conf(sc, ACX_CONF_RATE_FALLBACK, &rate_fb, 782 sizeof(rate_fb)) != 0) { 783 printf("%s: can't enable rate fallback\n", ifp->if_xname); 784 return (ENXIO); 785 } 786 787 /* Set antenna */ 788 ant.antenna = conf->antenna; 789 if (acx_set_conf(sc, ACX_CONF_ANTENNA, &ant, sizeof(ant)) != 0) { 790 printf("%s: can't set antenna\n", ifp->if_xname); 791 return (ENXIO); 792 } 793 794 /* Set region domain */ 795 reg_dom.regdom = conf->regdom; 796 if (acx_set_conf(sc, ACX_CONF_REGDOM, ®_dom, sizeof(reg_dom)) != 0) { 797 printf("%s: can't set region domain\n", ifp->if_xname); 798 return (ENXIO); 799 } 800 801 if (sc->chip_write_config != NULL) { 802 error = sc->chip_write_config(sc, conf); 803 if (error) 804 return (error); 805 } 806 807 return (0); 808 } 809 810 int 811 acx_rx_config(struct acx_softc *sc) 812 { 813 struct ieee80211com *ic = &sc->sc_ic; 814 struct acx_conf_rxopt rx_opt; 815 816 /* tell the RX receiver what frames we want to have */ 817 rx_opt.opt1 = htole16(RXOPT1_INCL_RXBUF_HDR); 818 rx_opt.opt2 = htole16( 819 RXOPT2_RECV_ASSOC_REQ | 820 RXOPT2_RECV_AUTH | 821 RXOPT2_RECV_BEACON | 822 RXOPT2_RECV_CF | 823 RXOPT2_RECV_CTRL | 824 RXOPT2_RECV_DATA | 825 RXOPT2_RECV_MGMT | 826 RXOPT2_RECV_PROBE_REQ | 827 RXOPT2_RECV_PROBE_RESP | 828 RXOPT2_RECV_OTHER); 829 830 /* in monitor mode go promiscuous */ 831 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 832 rx_opt.opt1 |= RXOPT1_PROMISC; 833 rx_opt.opt2 |= RXOPT2_RECV_BROKEN | RXOPT2_RECV_ACK; 834 } else 835 rx_opt.opt1 |= RXOPT1_FILT_FDEST; 836 837 /* finally set the RX options */ 838 if (acx_set_conf(sc, ACX_CONF_RXOPT, &rx_opt, sizeof(rx_opt)) != 0) { 839 printf("%s: can not set RX options!\n", sc->sc_dev.dv_xname); 840 return (ENXIO); 841 } 842 843 return (0); 844 } 845 846 int 847 acx_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 848 { 849 struct acx_softc *sc = ifp->if_softc; 850 struct ieee80211com *ic = &sc->sc_ic; 851 struct ifaddr *ifa; 852 struct ifreq *ifr; 853 int s, error = 0; 854 uint8_t chan; 855 856 s = splnet(); 857 858 switch (cmd) { 859 case SIOCSIFADDR: 860 ifa = (struct ifaddr *)data; 861 ifp->if_flags |= IFF_UP; 862 #ifdef INET 863 if (ifa->ifa_addr->sa_family == AF_INET) 864 arp_ifinit(&ic->ic_ac, ifa); 865 #endif 866 /* FALLTHROUGH */ 867 case SIOCSIFFLAGS: 868 if (ifp->if_flags & IFF_UP) { 869 if ((ifp->if_flags & IFF_RUNNING) == 0) 870 error = acx_init(ifp); 871 } else { 872 if (ifp->if_flags & IFF_RUNNING) 873 error = acx_stop(sc); 874 } 875 break; 876 case SIOCADDMULTI: 877 case SIOCDELMULTI: 878 ifr = (struct ifreq *)data; 879 error = (cmd == SIOCADDMULTI) ? 880 ether_addmulti(ifr, &ic->ic_ac) : 881 ether_delmulti(ifr, &ic->ic_ac); 882 883 if (error == ENETRESET) 884 error = 0; 885 break; 886 case SIOCS80211CHANNEL: 887 /* allow fast channel switching in monitor mode */ 888 error = ieee80211_ioctl(ifp, cmd, data); 889 if (error == ENETRESET && 890 ic->ic_opmode == IEEE80211_M_MONITOR) { 891 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 892 (IFF_UP | IFF_RUNNING)) { 893 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 894 chan = ieee80211_chan2ieee(ic, 895 ic->ic_bss->ni_chan); 896 (void)acx_set_channel(sc, chan); 897 } 898 error = 0; 899 } 900 break; 901 default: 902 error = ieee80211_ioctl(ifp, cmd, data); 903 break; 904 } 905 906 if (error == ENETRESET) { 907 if ((ifp->if_flags & (IFF_RUNNING | IFF_UP)) == 908 (IFF_RUNNING | IFF_UP)) 909 error = acx_init(ifp); 910 else 911 error = 0; 912 } 913 914 splx(s); 915 916 return (error); 917 } 918 919 void 920 acx_start(struct ifnet *ifp) 921 { 922 struct acx_softc *sc = ifp->if_softc; 923 struct ieee80211com *ic = &sc->sc_ic; 924 struct acx_buf_data *bd = &sc->sc_buf_data; 925 struct acx_txbuf *buf; 926 int trans, idx; 927 928 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0 || 929 (ifp->if_flags & IFF_RUNNING) == 0 || 930 (ifp->if_flags & IFF_OACTIVE)) 931 return; 932 933 /* 934 * NOTE: 935 * We can't start from a random position that TX descriptor 936 * is free, since hardware will be confused by that. 937 * We have to follow the order of the TX ring. 938 */ 939 idx = bd->tx_free_start; 940 trans = 0; 941 for (buf = &bd->tx_buf[idx]; buf->tb_mbuf == NULL; 942 buf = &bd->tx_buf[idx]) { 943 struct ieee80211_frame *wh; 944 struct ieee80211_node *ni = NULL; 945 struct mbuf *m; 946 int rate; 947 948 IF_DEQUEUE(&ic->ic_mgtq, m); 949 /* first dequeue management frames */ 950 if (m != NULL) { 951 ni = m->m_pkthdr.ph_cookie; 952 953 /* 954 * probe response mgmt frames are handled by the 955 * firmware already. So, don't send them twice. 956 */ 957 wh = mtod(m, struct ieee80211_frame *); 958 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 959 IEEE80211_FC0_SUBTYPE_PROBE_RESP) { 960 if (ni != NULL) 961 ieee80211_release_node(ic, ni); 962 m_freem(m); 963 continue; 964 } 965 966 /* 967 * mgmt frames are sent at the lowest available 968 * bit-rate. 969 */ 970 rate = ni->ni_rates.rs_rates[0]; 971 rate &= IEEE80211_RATE_VAL; 972 } else { 973 struct ether_header *eh; 974 975 /* then dequeue packets on the powersave queue */ 976 IF_DEQUEUE(&ic->ic_pwrsaveq, m); 977 if (m != NULL) { 978 ni = m->m_pkthdr.ph_cookie; 979 goto encapped; 980 } else { 981 IFQ_DEQUEUE(&ifp->if_snd, m); 982 if (m == NULL) 983 break; 984 } 985 if (ic->ic_state != IEEE80211_S_RUN) { 986 DPRINTF(("%s: data packet dropped due to " 987 "not RUN. Current state %d\n", 988 ifp->if_xname, ic->ic_state)); 989 m_freem(m); 990 break; 991 } 992 993 if (m->m_len < sizeof(struct ether_header)) { 994 m = m_pullup(m, sizeof(struct ether_header)); 995 if (m == NULL) { 996 ifp->if_oerrors++; 997 continue; 998 } 999 } 1000 eh = mtod(m, struct ether_header *); 1001 1002 /* TODO power save */ 1003 1004 #if NBPFILTER > 0 1005 if (ifp->if_bpf != NULL) 1006 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 1007 #endif 1008 1009 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) { 1010 ifp->if_oerrors++; 1011 continue; 1012 } 1013 encapped: 1014 if (ic->ic_fixed_rate != -1) { 1015 rate = ic->ic_sup_rates[ic->ic_curmode]. 1016 rs_rates[ic->ic_fixed_rate]; 1017 } else 1018 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1019 rate &= IEEE80211_RATE_VAL; 1020 } 1021 1022 #if NBPFILTER > 0 1023 if (ic->ic_rawbpf != NULL) 1024 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 1025 #endif 1026 1027 wh = mtod(m, struct ieee80211_frame *); 1028 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && !sc->chip_hw_crypt) { 1029 struct ieee80211_key *k; 1030 1031 k = ieee80211_get_txkey(ic, wh, ni); 1032 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) { 1033 ieee80211_release_node(ic, ni); 1034 ifp->if_oerrors++; 1035 continue; 1036 } 1037 } 1038 1039 #if NBPFILTER > 0 1040 if (sc->sc_drvbpf != NULL) { 1041 struct mbuf mb; 1042 struct acx_tx_radiotap_hdr *tap = &sc->sc_txtap; 1043 1044 tap->wt_flags = 0; 1045 tap->wt_rate = rate; 1046 tap->wt_chan_freq = 1047 htole16(ic->ic_bss->ni_chan->ic_freq); 1048 tap->wt_chan_flags = 1049 htole16(ic->ic_bss->ni_chan->ic_flags); 1050 1051 mb.m_data = (caddr_t)tap; 1052 mb.m_len = sc->sc_txtap_len; 1053 mb.m_next = m; 1054 mb.m_nextpkt = NULL; 1055 mb.m_type = 0; 1056 mb.m_flags = 0; 1057 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1058 } 1059 #endif 1060 1061 if (acx_encap(sc, buf, m, ni, rate) != 0) { 1062 /* 1063 * NOTE: `m' will be freed in acx_encap() 1064 * if we reach here. 1065 */ 1066 if (ni != NULL) 1067 ieee80211_release_node(ic, ni); 1068 ifp->if_oerrors++; 1069 continue; 1070 } 1071 1072 /* 1073 * NOTE: 1074 * 1) `m' should not be touched after acx_encap() 1075 * 2) `node' will be used to do TX rate control during 1076 * acx_txeof(), so it is not freed here. acx_txeof() 1077 * will free it for us 1078 */ 1079 trans++; 1080 bd->tx_used_count++; 1081 idx = (idx + 1) % ACX_TX_DESC_CNT; 1082 } 1083 bd->tx_free_start = idx; 1084 1085 if (bd->tx_used_count == ACX_TX_DESC_CNT) 1086 ifp->if_flags |= IFF_OACTIVE; 1087 1088 if (trans && sc->sc_txtimer == 0) 1089 sc->sc_txtimer = 5; 1090 ifp->if_timer = 1; 1091 } 1092 1093 void 1094 acx_watchdog(struct ifnet *ifp) 1095 { 1096 struct acx_softc *sc = ifp->if_softc; 1097 1098 ifp->if_timer = 0; 1099 1100 if ((ifp->if_flags & IFF_RUNNING) == 0) 1101 return; 1102 1103 if (sc->sc_txtimer) { 1104 if (--sc->sc_txtimer == 0) { 1105 printf("%s: watchdog timeout\n", ifp->if_xname); 1106 acx_init(ifp); 1107 ifp->if_oerrors++; 1108 return; 1109 } else 1110 ifp->if_timer = 1; 1111 } 1112 1113 ieee80211_watchdog(ifp); 1114 } 1115 1116 int 1117 acx_intr(void *arg) 1118 { 1119 struct acx_softc *sc = arg; 1120 uint16_t intr_status; 1121 1122 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0) 1123 return (0); 1124 1125 intr_status = CSR_READ_2(sc, ACXREG_INTR_STATUS_CLR); 1126 if (intr_status == ACXRV_INTR_ALL) { 1127 /* not our interrupt */ 1128 return (0); 1129 } 1130 1131 /* Acknowledge all interrupts */ 1132 CSR_WRITE_2(sc, ACXREG_INTR_ACK, intr_status); 1133 1134 intr_status &= sc->chip_intr_enable; 1135 if (intr_status == 0) { 1136 /* not interrupts we care about */ 1137 return (1); 1138 } 1139 1140 #ifndef IEEE80211_STA_ONLY 1141 if (intr_status & ACXRV_INTR_DTIM) 1142 ieee80211_notify_dtim(&sc->sc_ic); 1143 #endif 1144 1145 if (intr_status & ACXRV_INTR_TX_FINI) 1146 acx_txeof(sc); 1147 1148 if (intr_status & ACXRV_INTR_RX_FINI) 1149 acx_rxeof(sc); 1150 1151 return (1); 1152 } 1153 1154 void 1155 acx_disable_intr(struct acx_softc *sc) 1156 { 1157 CSR_WRITE_2(sc, ACXREG_INTR_MASK, sc->chip_intr_disable); 1158 CSR_WRITE_2(sc, ACXREG_EVENT_MASK, 0); 1159 } 1160 1161 void 1162 acx_enable_intr(struct acx_softc *sc) 1163 { 1164 /* Mask out interrupts that are not in the enable set */ 1165 CSR_WRITE_2(sc, ACXREG_INTR_MASK, ~sc->chip_intr_enable); 1166 CSR_WRITE_2(sc, ACXREG_EVENT_MASK, ACXRV_EVENT_DISABLE); 1167 } 1168 1169 void 1170 acx_txeof(struct acx_softc *sc) 1171 { 1172 struct acx_buf_data *bd; 1173 struct acx_txbuf *buf; 1174 struct ifnet *ifp; 1175 int idx; 1176 1177 ifp = &sc->sc_ic.ic_if; 1178 1179 bd = &sc->sc_buf_data; 1180 idx = bd->tx_used_start; 1181 for (buf = &bd->tx_buf[idx]; buf->tb_mbuf != NULL; 1182 buf = &bd->tx_buf[idx]) { 1183 uint8_t ctrl, error; 1184 1185 ctrl = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_ctrl); 1186 if ((ctrl & (DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE)) != 1187 (DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE)) 1188 break; 1189 1190 bus_dmamap_unload(sc->sc_dmat, buf->tb_mbuf_dmamap); 1191 m_freem(buf->tb_mbuf); 1192 buf->tb_mbuf = NULL; 1193 1194 error = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_error); 1195 if (error) { 1196 acx_txerr(sc, error); 1197 ifp->if_oerrors++; 1198 } else 1199 ifp->if_opackets++; 1200 1201 /* Update rate control statistics for the node */ 1202 if (buf->tb_node != NULL) { 1203 struct ieee80211com *ic; 1204 struct ieee80211_node *ni; 1205 struct acx_node *wn; 1206 int ntries; 1207 1208 ic = &sc->sc_ic; 1209 ni = (struct ieee80211_node *)buf->tb_node; 1210 wn = (struct acx_node *)ni; 1211 ntries = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_rts_fail) + 1212 FW_TXDESC_GETFIELD_1(sc, buf, f_tx_ack_fail); 1213 1214 wn->amn.amn_txcnt++; 1215 if (ntries > 0) { 1216 DPRINTFN(2, ("%s: tx intr ntries %d\n", 1217 sc->sc_dev.dv_xname, ntries)); 1218 wn->amn.amn_retrycnt++; 1219 } 1220 1221 ieee80211_release_node(ic, ni); 1222 buf->tb_node = NULL; 1223 } 1224 1225 FW_TXDESC_SETFIELD_1(sc, buf, f_tx_ctrl, DESC_CTRL_HOSTOWN); 1226 1227 bd->tx_used_count--; 1228 1229 idx = (idx + 1) % ACX_TX_DESC_CNT; 1230 } 1231 bd->tx_used_start = idx; 1232 1233 sc->sc_txtimer = bd->tx_used_count == 0 ? 0 : 5; 1234 1235 if (bd->tx_used_count != ACX_TX_DESC_CNT) { 1236 ifp->if_flags &= ~IFF_OACTIVE; 1237 acx_start(ifp); 1238 } 1239 } 1240 1241 void 1242 acx_txerr(struct acx_softc *sc, uint8_t err) 1243 { 1244 struct ifnet *ifp = &sc->sc_ic.ic_if; 1245 struct acx_stats *stats = &sc->sc_stats; 1246 1247 if (err == DESC_ERR_EXCESSIVE_RETRY) { 1248 /* 1249 * This a common error (see comment below), 1250 * so print it using DPRINTF(). 1251 */ 1252 DPRINTF(("%s: TX failed -- excessive retry\n", 1253 sc->sc_dev.dv_xname)); 1254 } else 1255 printf("%s: TX failed -- ", ifp->if_xname); 1256 1257 /* 1258 * Although `err' looks like bitmask, it never 1259 * has multiple bits set. 1260 */ 1261 switch (err) { 1262 #if 0 1263 case DESC_ERR_OTHER_FRAG: 1264 /* XXX what's this */ 1265 printf("error in other fragment\n"); 1266 stats->err_oth_frag++; 1267 break; 1268 #endif 1269 case DESC_ERR_ABORT: 1270 printf("aborted\n"); 1271 stats->err_abort++; 1272 break; 1273 case DESC_ERR_PARAM: 1274 printf("wrong parameters in descriptor\n"); 1275 stats->err_param++; 1276 break; 1277 case DESC_ERR_NO_WEPKEY: 1278 printf("WEP key missing\n"); 1279 stats->err_no_wepkey++; 1280 break; 1281 case DESC_ERR_MSDU_TIMEOUT: 1282 printf("MSDU life timeout\n"); 1283 stats->err_msdu_timeout++; 1284 break; 1285 case DESC_ERR_EXCESSIVE_RETRY: 1286 /* 1287 * Possible causes: 1288 * 1) Distance is too long 1289 * 2) Transmit failed (e.g. no MAC level ACK) 1290 * 3) Chip overheated (this should be rare) 1291 */ 1292 stats->err_ex_retry++; 1293 break; 1294 case DESC_ERR_BUF_OVERFLOW: 1295 printf("buffer overflow\n"); 1296 stats->err_buf_oflow++; 1297 break; 1298 case DESC_ERR_DMA: 1299 printf("DMA error\n"); 1300 stats->err_dma++; 1301 break; 1302 default: 1303 printf("unknown error %d\n", err); 1304 stats->err_unkn++; 1305 break; 1306 } 1307 } 1308 1309 void 1310 acx_rxeof(struct acx_softc *sc) 1311 { 1312 struct ieee80211com *ic = &sc->sc_ic; 1313 struct acx_ring_data *rd = &sc->sc_ring_data; 1314 struct acx_buf_data *bd = &sc->sc_buf_data; 1315 struct ifnet *ifp = &ic->ic_if; 1316 int idx, ready; 1317 1318 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 1319 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 1320 1321 /* 1322 * Locate first "ready" rx buffer, 1323 * start from last stopped position. 1324 */ 1325 idx = bd->rx_scan_start; 1326 ready = 0; 1327 do { 1328 struct acx_rxbuf *buf; 1329 1330 buf = &bd->rx_buf[idx]; 1331 if ((buf->rb_desc->h_ctrl & htole16(DESC_CTRL_HOSTOWN)) && 1332 (buf->rb_desc->h_status & htole32(DESC_STATUS_FULL))) { 1333 ready = 1; 1334 break; 1335 } 1336 idx = (idx + 1) % ACX_RX_DESC_CNT; 1337 } while (idx != bd->rx_scan_start); 1338 1339 if (!ready) 1340 return; 1341 1342 /* 1343 * NOTE: don't mess up `idx' here, it will 1344 * be used in the following code. 1345 */ 1346 do { 1347 struct acx_rxbuf_hdr *head; 1348 struct acx_rxbuf *buf; 1349 struct mbuf *m; 1350 struct ieee80211_rxinfo rxi; 1351 uint32_t desc_status; 1352 uint16_t desc_ctrl; 1353 int len, error; 1354 1355 buf = &bd->rx_buf[idx]; 1356 1357 desc_ctrl = letoh16(buf->rb_desc->h_ctrl); 1358 desc_status = letoh32(buf->rb_desc->h_status); 1359 if (!(desc_ctrl & DESC_CTRL_HOSTOWN) || 1360 !(desc_status & DESC_STATUS_FULL)) 1361 break; 1362 1363 bus_dmamap_sync(sc->sc_dmat, buf->rb_mbuf_dmamap, 0, 1364 buf->rb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 1365 1366 m = buf->rb_mbuf; 1367 1368 error = acx_newbuf(sc, buf, 0); 1369 if (error) { 1370 ifp->if_ierrors++; 1371 goto next; 1372 } 1373 1374 head = mtod(m, struct acx_rxbuf_hdr *); 1375 1376 len = letoh16(head->rbh_len) & ACX_RXBUF_LEN_MASK; 1377 if (len >= sizeof(struct ieee80211_frame_min) && 1378 len < MCLBYTES) { 1379 struct ieee80211_frame *wh; 1380 struct ieee80211_node *ni; 1381 1382 m_adj(m, sizeof(struct acx_rxbuf_hdr) + 1383 sc->chip_rxbuf_exhdr); 1384 wh = mtod(m, struct ieee80211_frame *); 1385 1386 rxi.rxi_flags = 0; 1387 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1388 sc->chip_hw_crypt) { 1389 /* Short circuit software WEP */ 1390 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1391 1392 /* Do chip specific RX buffer processing */ 1393 if (sc->chip_proc_wep_rxbuf != NULL) { 1394 sc->chip_proc_wep_rxbuf(sc, m, &len); 1395 wh = mtod(m, struct ieee80211_frame *); 1396 } 1397 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1398 } 1399 1400 m->m_len = m->m_pkthdr.len = len; 1401 m->m_pkthdr.rcvif = &ic->ic_if; 1402 1403 #if NBPFILTER > 0 1404 if (sc->sc_drvbpf != NULL) { 1405 struct mbuf mb; 1406 struct acx_rx_radiotap_hdr *tap = &sc->sc_rxtap; 1407 1408 tap->wr_flags = 0; 1409 tap->wr_chan_freq = 1410 htole16(ic->ic_bss->ni_chan->ic_freq); 1411 tap->wr_chan_flags = 1412 htole16(ic->ic_bss->ni_chan->ic_flags); 1413 tap->wr_rssi = head->rbh_level; 1414 tap->wr_max_rssi = ic->ic_max_rssi; 1415 1416 mb.m_data = (caddr_t)tap; 1417 mb.m_len = sc->sc_rxtap_len; 1418 mb.m_next = m; 1419 mb.m_nextpkt = NULL; 1420 mb.m_type = 0; 1421 mb.m_flags = 0; 1422 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1423 } 1424 #endif 1425 1426 ni = ieee80211_find_rxnode(ic, wh); 1427 1428 rxi.rxi_rssi = head->rbh_level; 1429 rxi.rxi_tstamp = letoh32(head->rbh_time); 1430 ieee80211_input(ifp, m, ni, &rxi); 1431 1432 ieee80211_release_node(ic, ni); 1433 } else { 1434 m_freem(m); 1435 ifp->if_ierrors++; 1436 } 1437 1438 next: 1439 buf->rb_desc->h_ctrl = htole16(desc_ctrl & ~DESC_CTRL_HOSTOWN); 1440 buf->rb_desc->h_status = 0; 1441 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 1442 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 1443 1444 idx = (idx + 1) % ACX_RX_DESC_CNT; 1445 } while (idx != bd->rx_scan_start); 1446 1447 /* 1448 * Record the position so that next 1449 * time we can start from it. 1450 */ 1451 bd->rx_scan_start = idx; 1452 } 1453 1454 int 1455 acx_reset(struct acx_softc *sc) 1456 { 1457 uint16_t reg; 1458 1459 /* Halt ECPU */ 1460 CSR_SETB_2(sc, ACXREG_ECPU_CTRL, ACXRV_ECPU_HALT); 1461 1462 /* Software reset */ 1463 reg = CSR_READ_2(sc, ACXREG_SOFT_RESET); 1464 CSR_WRITE_2(sc, ACXREG_SOFT_RESET, reg | ACXRV_SOFT_RESET); 1465 DELAY(100); 1466 CSR_WRITE_2(sc, ACXREG_SOFT_RESET, reg); 1467 1468 /* Initialize EEPROM */ 1469 CSR_SETB_2(sc, ACXREG_EEPROM_INIT, ACXRV_EEPROM_INIT); 1470 DELAY(50000); 1471 1472 /* Test whether ECPU is stopped */ 1473 reg = CSR_READ_2(sc, ACXREG_ECPU_CTRL); 1474 if (!(reg & ACXRV_ECPU_HALT)) { 1475 printf("%s: can't halt ECPU\n", sc->sc_dev.dv_xname); 1476 return (ENXIO); 1477 } 1478 1479 return (0); 1480 } 1481 1482 int 1483 acx_read_eeprom(struct acx_softc *sc, uint32_t offset, uint8_t *val) 1484 { 1485 int i; 1486 1487 CSR_WRITE_4(sc, ACXREG_EEPROM_CONF, 0); 1488 CSR_WRITE_4(sc, ACXREG_EEPROM_ADDR, offset); 1489 CSR_WRITE_4(sc, ACXREG_EEPROM_CTRL, ACXRV_EEPROM_READ); 1490 1491 #define EE_READ_RETRY_MAX 100 1492 for (i = 0; i < EE_READ_RETRY_MAX; ++i) { 1493 if (CSR_READ_2(sc, ACXREG_EEPROM_CTRL) == 0) 1494 break; 1495 DELAY(10000); 1496 } 1497 if (i == EE_READ_RETRY_MAX) { 1498 printf("%s: can't read EEPROM offset %x (timeout)\n", 1499 sc->sc_dev.dv_xname, offset); 1500 return (ETIMEDOUT); 1501 } 1502 #undef EE_READ_RETRY_MAX 1503 1504 *val = CSR_READ_1(sc, ACXREG_EEPROM_DATA); 1505 1506 return (0); 1507 } 1508 1509 int 1510 acx_read_phyreg(struct acx_softc *sc, uint32_t reg, uint8_t *val) 1511 { 1512 struct ifnet *ifp = &sc->sc_ic.ic_if; 1513 int i; 1514 1515 CSR_WRITE_4(sc, ACXREG_PHY_ADDR, reg); 1516 CSR_WRITE_4(sc, ACXREG_PHY_CTRL, ACXRV_PHY_READ); 1517 1518 #define PHY_READ_RETRY_MAX 100 1519 for (i = 0; i < PHY_READ_RETRY_MAX; ++i) { 1520 if (CSR_READ_4(sc, ACXREG_PHY_CTRL) == 0) 1521 break; 1522 DELAY(10000); 1523 } 1524 if (i == PHY_READ_RETRY_MAX) { 1525 printf("%s: can't read phy reg %x (timeout)\n", 1526 ifp->if_xname, reg); 1527 return (ETIMEDOUT); 1528 } 1529 #undef PHY_READ_RETRY_MAX 1530 1531 *val = CSR_READ_1(sc, ACXREG_PHY_DATA); 1532 1533 return (0); 1534 } 1535 1536 void 1537 acx_write_phyreg(struct acx_softc *sc, uint32_t reg, uint8_t val) 1538 { 1539 CSR_WRITE_4(sc, ACXREG_PHY_DATA, val); 1540 CSR_WRITE_4(sc, ACXREG_PHY_ADDR, reg); 1541 CSR_WRITE_4(sc, ACXREG_PHY_CTRL, ACXRV_PHY_WRITE); 1542 } 1543 1544 int 1545 acx_load_base_firmware(struct acx_softc *sc, const char *name) 1546 { 1547 struct ifnet *ifp = &sc->sc_ic.ic_if; 1548 int i, error; 1549 uint8_t *ucode; 1550 size_t size; 1551 1552 error = loadfirmware(name, &ucode, &size); 1553 1554 if (error != 0) { 1555 printf("%s: error %d, could not read firmware %s\n", 1556 ifp->if_xname, error, name); 1557 return (EIO); 1558 } 1559 1560 /* Load base firmware */ 1561 error = acx_load_firmware(sc, 0, ucode, size); 1562 1563 free(ucode, M_DEVBUF, 0); 1564 1565 if (error) { 1566 printf("%s: can't load base firmware\n", ifp->if_xname); 1567 return error; 1568 } 1569 DPRINTF(("%s: base firmware loaded\n", sc->sc_dev.dv_xname)); 1570 1571 /* Start ECPU */ 1572 CSR_WRITE_2(sc, ACXREG_ECPU_CTRL, ACXRV_ECPU_START); 1573 1574 /* Wait for ECPU to be up */ 1575 for (i = 0; i < 500; ++i) { 1576 uint16_t reg; 1577 1578 reg = CSR_READ_2(sc, ACXREG_INTR_STATUS); 1579 if (reg & ACXRV_INTR_FCS_THRESH) { 1580 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_FCS_THRESH); 1581 return (0); 1582 } 1583 DELAY(10000); 1584 } 1585 1586 printf("%s: can't initialize ECPU (timeout)\n", ifp->if_xname); 1587 1588 return (ENXIO); 1589 } 1590 1591 int 1592 acx_load_radio_firmware(struct acx_softc *sc, const char *name) 1593 { 1594 struct ifnet *ifp = &sc->sc_ic.ic_if; 1595 struct acx_conf_mmap mem_map; 1596 uint32_t radio_fw_ofs; 1597 int error; 1598 uint8_t *ucode; 1599 size_t size; 1600 1601 error = loadfirmware(name, &ucode, &size); 1602 1603 if (error != 0) { 1604 printf("%s: error %d, could not read firmware %s\n", 1605 ifp->if_xname, error, name); 1606 return (EIO); 1607 } 1608 1609 /* 1610 * Get the position, where base firmware is loaded, so that 1611 * radio firmware can be loaded after it. 1612 */ 1613 if (acx_get_conf(sc, ACX_CONF_MMAP, &mem_map, sizeof(mem_map)) != 0) { 1614 free(ucode, M_DEVBUF, 0); 1615 return (ENXIO); 1616 } 1617 radio_fw_ofs = letoh32(mem_map.code_end); 1618 1619 /* Put ECPU into sleeping state, before loading radio firmware */ 1620 if (acx_exec_command(sc, ACXCMD_SLEEP, NULL, 0, NULL, 0) != 0) { 1621 free(ucode, M_DEVBUF, 0); 1622 return (ENXIO); 1623 } 1624 1625 /* Load radio firmware */ 1626 error = acx_load_firmware(sc, radio_fw_ofs, ucode, size); 1627 1628 free(ucode, M_DEVBUF, 0); 1629 1630 if (error) { 1631 printf("%s: can't load radio firmware\n", ifp->if_xname); 1632 return (ENXIO); 1633 } 1634 DPRINTF(("%s: radio firmware loaded\n", sc->sc_dev.dv_xname)); 1635 1636 /* Wake up sleeping ECPU, after radio firmware is loaded */ 1637 if (acx_exec_command(sc, ACXCMD_WAKEUP, NULL, 0, NULL, 0) != 0) 1638 return (ENXIO); 1639 1640 /* Initialize radio */ 1641 if (acx_init_radio(sc, radio_fw_ofs, size) != 0) 1642 return (ENXIO); 1643 1644 /* Verify radio firmware's loading position */ 1645 if (acx_get_conf(sc, ACX_CONF_MMAP, &mem_map, sizeof(mem_map)) != 0) 1646 return (ENXIO); 1647 1648 if (letoh32(mem_map.code_end) != radio_fw_ofs + size) { 1649 printf("%s: loaded radio firmware position mismatch\n", 1650 ifp->if_xname); 1651 return (ENXIO); 1652 } 1653 1654 DPRINTF(("%s: radio firmware initialized\n", sc->sc_dev.dv_xname)); 1655 1656 return (0); 1657 } 1658 1659 int 1660 acx_load_firmware(struct acx_softc *sc, uint32_t offset, const uint8_t *data, 1661 int data_len) 1662 { 1663 struct ifnet *ifp = &sc->sc_ic.ic_if; 1664 const uint32_t *fw; 1665 u_int32_t csum = 0; 1666 int i, fw_len; 1667 1668 for (i = 4; i < data_len; i++) 1669 csum += data[i]; 1670 1671 fw = (const uint32_t *)data; 1672 1673 if (*fw != htole32(csum)) { 1674 printf("%s: firmware checksum 0x%x does not match 0x%x!\n", 1675 ifp->if_xname, *fw, htole32(csum)); 1676 return (ENXIO); 1677 } 1678 1679 /* skip csum + length */ 1680 data += 8; 1681 data_len -= 8; 1682 1683 fw = (const uint32_t *)data; 1684 fw_len = data_len / sizeof(uint32_t); 1685 1686 /* 1687 * LOADFW_AUTO_INC only works with some older firmware: 1688 * 1) acx100's firmware 1689 * 2) acx111's firmware whose rev is 0x00010011 1690 */ 1691 1692 /* Load firmware */ 1693 CSR_WRITE_4(sc, ACXREG_FWMEM_START, ACXRV_FWMEM_START_OP); 1694 #ifndef LOADFW_AUTO_INC 1695 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, 0); 1696 #else 1697 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, ACXRV_FWMEM_ADDR_AUTOINC); 1698 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset); 1699 #endif 1700 1701 for (i = 0; i < fw_len; ++i) { 1702 #ifndef LOADFW_AUTO_INC 1703 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset + (i * 4)); 1704 #endif 1705 CSR_WRITE_4(sc, ACXREG_FWMEM_DATA, betoh32(fw[i])); 1706 } 1707 1708 /* Verify firmware */ 1709 CSR_WRITE_4(sc, ACXREG_FWMEM_START, ACXRV_FWMEM_START_OP); 1710 #ifndef LOADFW_AUTO_INC 1711 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, 0); 1712 #else 1713 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, ACXRV_FWMEM_ADDR_AUTOINC); 1714 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset); 1715 #endif 1716 1717 for (i = 0; i < fw_len; ++i) { 1718 uint32_t val; 1719 1720 #ifndef LOADFW_AUTO_INC 1721 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset + (i * 4)); 1722 #endif 1723 val = CSR_READ_4(sc, ACXREG_FWMEM_DATA); 1724 if (betoh32(fw[i]) != val) { 1725 printf("%s: firmware mismatch fw %08x loaded %08x\n", 1726 ifp->if_xname, fw[i], val); 1727 return (ENXIO); 1728 } 1729 } 1730 1731 return (0); 1732 } 1733 1734 struct ieee80211_node * 1735 acx_node_alloc(struct ieee80211com *ic) 1736 { 1737 struct acx_node *wn; 1738 1739 wn = malloc(sizeof(*wn), M_DEVBUF, M_NOWAIT | M_ZERO); 1740 if (wn == NULL) 1741 return (NULL); 1742 1743 return ((struct ieee80211_node *)wn); 1744 } 1745 1746 int 1747 acx_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1748 { 1749 struct acx_softc *sc = ic->ic_if.if_softc; 1750 struct ifnet *ifp = &ic->ic_if; 1751 int error = 0; 1752 1753 timeout_del(&sc->amrr_ch); 1754 1755 switch (nstate) { 1756 case IEEE80211_S_INIT: 1757 break; 1758 case IEEE80211_S_SCAN: { 1759 uint8_t chan; 1760 1761 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 1762 if (acx_set_channel(sc, chan) != 0) { 1763 error = 1; 1764 goto back; 1765 } 1766 1767 /* 200ms => 5 channels per second */ 1768 timeout_add_msec(&sc->sc_chanscan_timer, 200); 1769 } 1770 break; 1771 case IEEE80211_S_AUTH: 1772 if (ic->ic_opmode == IEEE80211_M_STA) { 1773 struct ieee80211_node *ni; 1774 #ifdef ACX_DEBUG 1775 int i; 1776 #endif 1777 1778 ni = ic->ic_bss; 1779 1780 if (acx_join_bss(sc, ACX_MODE_STA, ni) != 0) { 1781 printf("%s: join BSS failed\n", ifp->if_xname); 1782 error = 1; 1783 goto back; 1784 } 1785 1786 DPRINTF(("%s: join BSS\n", sc->sc_dev.dv_xname)); 1787 if (ic->ic_state == IEEE80211_S_ASSOC) { 1788 DPRINTF(("%s: change from assoc to run\n", 1789 sc->sc_dev.dv_xname)); 1790 ic->ic_state = IEEE80211_S_RUN; 1791 } 1792 1793 #ifdef ACX_DEBUG 1794 printf("%s: AP rates: ", sc->sc_dev.dv_xname); 1795 for (i = 0; i < ni->ni_rates.rs_nrates; ++i) 1796 printf("%d ", ni->ni_rates.rs_rates[i]); 1797 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 1798 printf(" %s\n", ether_sprintf(ni->ni_bssid)); 1799 #endif 1800 } 1801 break; 1802 case IEEE80211_S_RUN: 1803 #ifndef IEEE80211_STA_ONLY 1804 if (ic->ic_opmode == IEEE80211_M_IBSS || 1805 ic->ic_opmode == IEEE80211_M_HOSTAP) { 1806 struct ieee80211_node *ni; 1807 uint8_t chan; 1808 1809 ni = ic->ic_bss; 1810 chan = ieee80211_chan2ieee(ic, ni->ni_chan); 1811 1812 error = 1; 1813 1814 if (acx_set_channel(sc, chan) != 0) 1815 goto back; 1816 1817 if (acx_set_beacon_tmplt(sc, ni) != 0) { 1818 printf("%s: set beacon template failed\n", 1819 ifp->if_xname); 1820 goto back; 1821 } 1822 1823 if (acx_set_probe_resp_tmplt(sc, ni) != 0) { 1824 printf("%s: set probe response template " 1825 "failed\n", ifp->if_xname); 1826 goto back; 1827 } 1828 1829 if (ic->ic_opmode == IEEE80211_M_IBSS) { 1830 if (acx_join_bss(sc, ACX_MODE_ADHOC, ni) != 0) { 1831 printf("%s: join IBSS failed\n", 1832 ifp->if_xname); 1833 goto back; 1834 } 1835 } else { 1836 if (acx_join_bss(sc, ACX_MODE_AP, ni) != 0) { 1837 printf("%s: join HOSTAP failed\n", 1838 ifp->if_xname); 1839 goto back; 1840 } 1841 } 1842 1843 DPRINTF(("%s: join IBSS\n", sc->sc_dev.dv_xname)); 1844 error = 0; 1845 } 1846 #endif 1847 /* fake a join to init the tx rate */ 1848 if (ic->ic_opmode == IEEE80211_M_STA) 1849 acx_newassoc(ic, ic->ic_bss, 1); 1850 1851 /* start automatic rate control timer */ 1852 if (ic->ic_fixed_rate == -1) 1853 timeout_add_msec(&sc->amrr_ch, 500); 1854 break; 1855 default: 1856 break; 1857 } 1858 1859 back: 1860 if (error) { 1861 /* XXX */ 1862 nstate = IEEE80211_S_INIT; 1863 arg = -1; 1864 } 1865 1866 return (sc->sc_newstate(ic, nstate, arg)); 1867 } 1868 1869 int 1870 acx_init_tmplt_ordered(struct acx_softc *sc) 1871 { 1872 union { 1873 struct acx_tmplt_beacon beacon; 1874 struct acx_tmplt_null_data null; 1875 struct acx_tmplt_probe_req preq; 1876 struct acx_tmplt_probe_resp presp; 1877 struct acx_tmplt_tim tim; 1878 } data; 1879 1880 bzero(&data, sizeof(data)); 1881 /* 1882 * NOTE: 1883 * Order of templates initialization: 1884 * 1) Probe request 1885 * 2) NULL data 1886 * 3) Beacon 1887 * 4) TIM 1888 * 5) Probe response 1889 * Above order is critical to get a correct memory map. 1890 */ 1891 if (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_REQ, &data.preq, 1892 sizeof(data.preq)) != 0) 1893 return (1); 1894 1895 if (acx_set_tmplt(sc, ACXCMD_TMPLT_NULL_DATA, &data.null, 1896 sizeof(data.null)) != 0) 1897 return (1); 1898 1899 if (acx_set_tmplt(sc, ACXCMD_TMPLT_BEACON, &data.beacon, 1900 sizeof(data.beacon)) != 0) 1901 return (1); 1902 1903 if (acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &data.tim, 1904 sizeof(data.tim)) != 0) 1905 return (1); 1906 1907 if (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_RESP, &data.presp, 1908 sizeof(data.presp)) != 0) 1909 return (1); 1910 1911 return (0); 1912 } 1913 1914 int 1915 acx_dma_alloc(struct acx_softc *sc) 1916 { 1917 struct acx_ring_data *rd = &sc->sc_ring_data; 1918 struct acx_buf_data *bd = &sc->sc_buf_data; 1919 int i, error, nsegs; 1920 1921 /* Allocate DMA stuffs for RX descriptors */ 1922 error = bus_dmamap_create(sc->sc_dmat, ACX_RX_RING_SIZE, 1, 1923 ACX_RX_RING_SIZE, 0, BUS_DMA_NOWAIT, &rd->rx_ring_dmamap); 1924 1925 if (error) { 1926 printf("%s: can't create rx ring dma tag\n", 1927 sc->sc_dev.dv_xname); 1928 return (error); 1929 } 1930 1931 error = bus_dmamem_alloc(sc->sc_dmat, ACX_RX_RING_SIZE, PAGE_SIZE, 1932 0, &rd->rx_ring_seg, 1, &nsegs, BUS_DMA_NOWAIT); 1933 1934 if (error != 0) { 1935 printf("%s: can't allocate rx ring dma memory\n", 1936 sc->sc_dev.dv_xname); 1937 return (error); 1938 } 1939 1940 error = bus_dmamem_map(sc->sc_dmat, &rd->rx_ring_seg, nsegs, 1941 ACX_RX_RING_SIZE, (caddr_t *)&rd->rx_ring, 1942 BUS_DMA_NOWAIT); 1943 1944 if (error != 0) { 1945 printf("%s: can't map rx desc DMA memory\n", 1946 sc->sc_dev.dv_xname); 1947 return (error); 1948 } 1949 1950 error = bus_dmamap_load(sc->sc_dmat, rd->rx_ring_dmamap, 1951 rd->rx_ring, ACX_RX_RING_SIZE, NULL, BUS_DMA_WAITOK); 1952 1953 if (error) { 1954 printf("%s: can't get rx ring dma address\n", 1955 sc->sc_dev.dv_xname); 1956 bus_dmamem_free(sc->sc_dmat, &rd->rx_ring_seg, 1); 1957 return (error); 1958 } 1959 1960 rd->rx_ring_paddr = rd->rx_ring_dmamap->dm_segs[0].ds_addr; 1961 1962 /* Allocate DMA stuffs for TX descriptors */ 1963 error = bus_dmamap_create(sc->sc_dmat, ACX_TX_RING_SIZE, 1, 1964 ACX_TX_RING_SIZE, 0, BUS_DMA_NOWAIT, &rd->tx_ring_dmamap); 1965 1966 if (error) { 1967 printf("%s: can't create tx ring dma tag\n", 1968 sc->sc_dev.dv_xname); 1969 return (error); 1970 } 1971 1972 error = bus_dmamem_alloc(sc->sc_dmat, ACX_TX_RING_SIZE, PAGE_SIZE, 1973 0, &rd->tx_ring_seg, 1, &nsegs, BUS_DMA_NOWAIT); 1974 1975 if (error) { 1976 printf("%s: can't allocate tx ring dma memory\n", 1977 sc->sc_dev.dv_xname); 1978 return (error); 1979 } 1980 1981 error = bus_dmamem_map(sc->sc_dmat, &rd->tx_ring_seg, nsegs, 1982 ACX_TX_RING_SIZE, (caddr_t *)&rd->tx_ring, BUS_DMA_NOWAIT); 1983 1984 if (error != 0) { 1985 printf("%s: can't map tx desc DMA memory\n", 1986 sc->sc_dev.dv_xname); 1987 return (error); 1988 } 1989 1990 error = bus_dmamap_load(sc->sc_dmat, rd->tx_ring_dmamap, 1991 rd->tx_ring, ACX_TX_RING_SIZE, NULL, BUS_DMA_WAITOK); 1992 1993 if (error) { 1994 printf("%s: can't get tx ring dma address\n", 1995 sc->sc_dev.dv_xname); 1996 bus_dmamem_free(sc->sc_dmat, &rd->tx_ring_seg, 1); 1997 return (error); 1998 } 1999 2000 rd->tx_ring_paddr = rd->tx_ring_dmamap->dm_segs[0].ds_addr; 2001 2002 /* Create a spare RX DMA map */ 2003 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 2004 0, 0, &bd->mbuf_tmp_dmamap); 2005 2006 if (error) { 2007 printf("%s: can't create tmp mbuf dma map\n", 2008 sc->sc_dev.dv_xname); 2009 return (error); 2010 } 2011 2012 /* Create DMA map for RX mbufs */ 2013 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 2014 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 2015 MCLBYTES, 0, 0, &bd->rx_buf[i].rb_mbuf_dmamap); 2016 if (error) { 2017 printf("%s: can't create rx mbuf dma map (%d)\n", 2018 sc->sc_dev.dv_xname, i); 2019 return (error); 2020 } 2021 bd->rx_buf[i].rb_desc = &rd->rx_ring[i]; 2022 } 2023 2024 /* Create DMA map for TX mbufs */ 2025 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 2026 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 2027 MCLBYTES, 0, 0, &bd->tx_buf[i].tb_mbuf_dmamap); 2028 if (error) { 2029 printf("%s: can't create tx mbuf dma map (%d)\n", 2030 sc->sc_dev.dv_xname, i); 2031 return (error); 2032 } 2033 bd->tx_buf[i].tb_desc1 = &rd->tx_ring[i * 2]; 2034 bd->tx_buf[i].tb_desc2 = &rd->tx_ring[(i * 2) + 1]; 2035 } 2036 2037 return (0); 2038 } 2039 2040 void 2041 acx_dma_free(struct acx_softc *sc) 2042 { 2043 struct acx_ring_data *rd = &sc->sc_ring_data; 2044 struct acx_buf_data *bd = &sc->sc_buf_data; 2045 int i; 2046 2047 if (rd->rx_ring != NULL) { 2048 bus_dmamap_unload(sc->sc_dmat, rd->rx_ring_dmamap); 2049 bus_dmamem_free(sc->sc_dmat, &rd->rx_ring_seg, 1); 2050 } 2051 2052 if (rd->tx_ring != NULL) { 2053 bus_dmamap_unload(sc->sc_dmat, rd->tx_ring_dmamap); 2054 bus_dmamem_free(sc->sc_dmat, &rd->tx_ring_seg, 1); 2055 } 2056 2057 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 2058 if (bd->rx_buf[i].rb_desc != NULL) { 2059 if (bd->rx_buf[i].rb_mbuf != NULL) { 2060 bus_dmamap_unload(sc->sc_dmat, 2061 bd->rx_buf[i].rb_mbuf_dmamap); 2062 m_freem(bd->rx_buf[i].rb_mbuf); 2063 } 2064 bus_dmamap_destroy(sc->sc_dmat, 2065 bd->rx_buf[i].rb_mbuf_dmamap); 2066 } 2067 } 2068 2069 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 2070 if (bd->tx_buf[i].tb_desc1 != NULL) { 2071 if (bd->tx_buf[i].tb_mbuf != NULL) { 2072 bus_dmamap_unload(sc->sc_dmat, 2073 bd->tx_buf[i].tb_mbuf_dmamap); 2074 m_freem(bd->tx_buf[i].tb_mbuf); 2075 } 2076 bus_dmamap_destroy(sc->sc_dmat, 2077 bd->tx_buf[i].tb_mbuf_dmamap); 2078 } 2079 } 2080 2081 if (bd->mbuf_tmp_dmamap != NULL) 2082 bus_dmamap_destroy(sc->sc_dmat, bd->mbuf_tmp_dmamap); 2083 } 2084 2085 void 2086 acx_init_tx_ring(struct acx_softc *sc) 2087 { 2088 struct acx_ring_data *rd; 2089 struct acx_buf_data *bd; 2090 uint32_t paddr; 2091 int i; 2092 2093 rd = &sc->sc_ring_data; 2094 paddr = rd->tx_ring_paddr; 2095 for (i = 0; i < (ACX_TX_DESC_CNT * 2) - 1; ++i) { 2096 paddr += sizeof(struct acx_host_desc); 2097 2098 bzero(&rd->tx_ring[i], sizeof(struct acx_host_desc)); 2099 rd->tx_ring[i].h_ctrl = htole16(DESC_CTRL_HOSTOWN); 2100 2101 if (i == (ACX_TX_DESC_CNT * 2) - 1) 2102 rd->tx_ring[i].h_next_desc = htole32(rd->tx_ring_paddr); 2103 else 2104 rd->tx_ring[i].h_next_desc = htole32(paddr); 2105 } 2106 2107 bus_dmamap_sync(sc->sc_dmat, rd->tx_ring_dmamap, 0, 2108 rd->tx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2109 2110 bd = &sc->sc_buf_data; 2111 bd->tx_free_start = 0; 2112 bd->tx_used_start = 0; 2113 bd->tx_used_count = 0; 2114 } 2115 2116 int 2117 acx_init_rx_ring(struct acx_softc *sc) 2118 { 2119 struct acx_ring_data *rd; 2120 struct acx_buf_data *bd; 2121 uint32_t paddr; 2122 int i; 2123 2124 bd = &sc->sc_buf_data; 2125 rd = &sc->sc_ring_data; 2126 paddr = rd->rx_ring_paddr; 2127 2128 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 2129 int error; 2130 2131 paddr += sizeof(struct acx_host_desc); 2132 bzero(&rd->rx_ring[i], sizeof(struct acx_host_desc)); 2133 2134 error = acx_newbuf(sc, &bd->rx_buf[i], 1); 2135 if (error) 2136 return (error); 2137 2138 if (i == ACX_RX_DESC_CNT - 1) 2139 rd->rx_ring[i].h_next_desc = htole32(rd->rx_ring_paddr); 2140 else 2141 rd->rx_ring[i].h_next_desc = htole32(paddr); 2142 } 2143 2144 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 2145 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2146 2147 bd->rx_scan_start = 0; 2148 2149 return (0); 2150 } 2151 2152 int 2153 acx_newbuf(struct acx_softc *sc, struct acx_rxbuf *rb, int wait) 2154 { 2155 struct acx_buf_data *bd; 2156 struct mbuf *m; 2157 bus_dmamap_t map; 2158 uint32_t paddr; 2159 int error; 2160 2161 bd = &sc->sc_buf_data; 2162 2163 MGETHDR(m, wait ? M_WAITOK : M_DONTWAIT, MT_DATA); 2164 if (m == NULL) 2165 return (ENOBUFS); 2166 2167 MCLGET(m, wait ? M_WAITOK : M_DONTWAIT); 2168 if (!(m->m_flags & M_EXT)) { 2169 m_freem(m); 2170 return (ENOBUFS); 2171 } 2172 2173 m->m_len = m->m_pkthdr.len = MCLBYTES; 2174 2175 error = bus_dmamap_load_mbuf(sc->sc_dmat, bd->mbuf_tmp_dmamap, m, 2176 wait ? BUS_DMA_WAITOK : BUS_DMA_NOWAIT); 2177 if (error) { 2178 m_freem(m); 2179 printf("%s: can't map rx mbuf %d\n", 2180 sc->sc_dev.dv_xname, error); 2181 return (error); 2182 } 2183 2184 /* Unload originally mapped mbuf */ 2185 if (rb->rb_mbuf != NULL) 2186 bus_dmamap_unload(sc->sc_dmat, rb->rb_mbuf_dmamap); 2187 2188 /* Swap this dmamap with tmp dmamap */ 2189 map = rb->rb_mbuf_dmamap; 2190 rb->rb_mbuf_dmamap = bd->mbuf_tmp_dmamap; 2191 bd->mbuf_tmp_dmamap = map; 2192 paddr = rb->rb_mbuf_dmamap->dm_segs[0].ds_addr; 2193 2194 rb->rb_mbuf = m; 2195 rb->rb_desc->h_data_paddr = htole32(paddr); 2196 rb->rb_desc->h_data_len = htole16(m->m_len); 2197 2198 bus_dmamap_sync(sc->sc_dmat, rb->rb_mbuf_dmamap, 0, 2199 rb->rb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 2200 2201 return (0); 2202 } 2203 2204 int 2205 acx_encap(struct acx_softc *sc, struct acx_txbuf *txbuf, struct mbuf *m, 2206 struct ieee80211_node *ni, int rate) 2207 { 2208 struct acx_ring_data *rd = &sc->sc_ring_data; 2209 struct acx_node *node = (struct acx_node *)ni; 2210 struct ifnet *ifp = &sc->sc_ic.ic_if; 2211 uint32_t paddr; 2212 uint8_t ctrl; 2213 int error; 2214 2215 if (txbuf->tb_mbuf != NULL) 2216 panic("free TX buf has mbuf installed"); 2217 2218 error = 0; 2219 2220 if (m->m_pkthdr.len > MCLBYTES) { 2221 printf("%s: mbuf too big\n", ifp->if_xname); 2222 error = E2BIG; 2223 goto back; 2224 } else if (m->m_pkthdr.len < ACX_FRAME_HDRLEN) { 2225 printf("%s: mbuf too small\n", ifp->if_xname); 2226 error = EINVAL; 2227 goto back; 2228 } 2229 2230 error = bus_dmamap_load_mbuf(sc->sc_dmat, txbuf->tb_mbuf_dmamap, m, 2231 BUS_DMA_NOWAIT); 2232 2233 if (error && error != EFBIG) { 2234 printf("%s: can't map tx mbuf1 %d\n", 2235 sc->sc_dev.dv_xname, error); 2236 goto back; 2237 } 2238 2239 if (error) { /* error == EFBIG */ 2240 /* too many fragments, linearize */ 2241 if (m_defrag(m, M_DONTWAIT)) { 2242 printf("%s: can't defrag tx mbuf\n", ifp->if_xname); 2243 goto back; 2244 } 2245 error = bus_dmamap_load_mbuf(sc->sc_dmat, 2246 txbuf->tb_mbuf_dmamap, m, BUS_DMA_NOWAIT); 2247 if (error) { 2248 printf("%s: can't map tx mbuf2 %d\n", 2249 sc->sc_dev.dv_xname, error); 2250 goto back; 2251 } 2252 } 2253 2254 error = 0; 2255 2256 bus_dmamap_sync(sc->sc_dmat, txbuf->tb_mbuf_dmamap, 0, 2257 txbuf->tb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2258 2259 txbuf->tb_mbuf = m; 2260 txbuf->tb_node = node; 2261 txbuf->tb_rate = rate; 2262 2263 /* 2264 * TX buffers are accessed in following way: 2265 * acx_fw_txdesc -> acx_host_desc -> buffer 2266 * 2267 * It is quite strange that acx also queries acx_host_desc next to 2268 * the one we have assigned to acx_fw_txdesc even if first one's 2269 * acx_host_desc.h_data_len == acx_fw_txdesc.f_tx_len 2270 * 2271 * So we allocate two acx_host_desc for one acx_fw_txdesc and 2272 * assign the first acx_host_desc to acx_fw_txdesc 2273 * 2274 * For acx111 2275 * host_desc1.h_data_len = buffer_len 2276 * host_desc2.h_data_len = buffer_len - mac_header_len 2277 * 2278 * For acx100 2279 * host_desc1.h_data_len = mac_header_len 2280 * host_desc2.h_data_len = buffer_len - mac_header_len 2281 */ 2282 paddr = txbuf->tb_mbuf_dmamap->dm_segs[0].ds_addr; 2283 txbuf->tb_desc1->h_data_paddr = htole32(paddr); 2284 txbuf->tb_desc2->h_data_paddr = htole32(paddr + ACX_FRAME_HDRLEN); 2285 2286 txbuf->tb_desc1->h_data_len = 2287 htole16(sc->chip_txdesc1_len ? sc->chip_txdesc1_len 2288 : m->m_pkthdr.len); 2289 txbuf->tb_desc2->h_data_len = 2290 htole16(m->m_pkthdr.len - ACX_FRAME_HDRLEN); 2291 2292 /* 2293 * NOTE: 2294 * We can't simply assign f_tx_ctrl, we will first read it back 2295 * and change it bit by bit 2296 */ 2297 ctrl = FW_TXDESC_GETFIELD_1(sc, txbuf, f_tx_ctrl); 2298 ctrl |= sc->chip_fw_txdesc_ctrl; /* extra chip specific flags */ 2299 ctrl &= ~(DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE); 2300 2301 FW_TXDESC_SETFIELD_2(sc, txbuf, f_tx_len, m->m_pkthdr.len); 2302 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_error, 0); 2303 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ack_fail, 0); 2304 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_rts_fail, 0); 2305 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_rts_ok, 0); 2306 sc->chip_set_fw_txdesc_rate(sc, txbuf, rate); 2307 2308 txbuf->tb_desc1->h_ctrl = 0; 2309 txbuf->tb_desc2->h_ctrl = 0; 2310 bus_dmamap_sync(sc->sc_dmat, rd->tx_ring_dmamap, 0, 2311 rd->tx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2312 2313 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ctrl2, 0); 2314 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ctrl, ctrl); 2315 2316 /* Tell chip to inform us about TX completion */ 2317 CSR_WRITE_2(sc, ACXREG_INTR_TRIG, ACXRV_TRIG_TX_FINI); 2318 back: 2319 if (error) 2320 m_freem(m); 2321 2322 return (error); 2323 } 2324 2325 int 2326 acx_set_null_tmplt(struct acx_softc *sc) 2327 { 2328 struct ieee80211com *ic = &sc->sc_ic; 2329 struct acx_tmplt_null_data n; 2330 struct ieee80211_frame *wh; 2331 2332 bzero(&n, sizeof(n)); 2333 2334 wh = &n.data; 2335 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_DATA | 2336 IEEE80211_FC0_SUBTYPE_NODATA; 2337 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2338 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2339 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2340 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2341 2342 return (acx_set_tmplt(sc, ACXCMD_TMPLT_NULL_DATA, &n, sizeof(n))); 2343 } 2344 2345 int 2346 acx_set_probe_req_tmplt(struct acx_softc *sc, const char *ssid, int ssid_len) 2347 { 2348 struct ieee80211com *ic = &sc->sc_ic; 2349 struct acx_tmplt_probe_req req; 2350 struct ieee80211_frame *wh; 2351 struct ieee80211_rateset *rs; 2352 uint8_t *frm; 2353 int len; 2354 2355 bzero(&req, sizeof(req)); 2356 2357 wh = &req.data.u_data.f; 2358 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2359 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 2360 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2361 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2362 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2363 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2364 2365 frm = req.data.u_data.var; 2366 frm = ieee80211_add_ssid(frm, ssid, ssid_len); 2367 rs = &ic->ic_sup_rates[sc->chip_phymode]; 2368 frm = ieee80211_add_rates(frm, rs); 2369 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 2370 frm = ieee80211_add_xrates(frm, rs); 2371 len = frm - req.data.u_data.var; 2372 2373 return (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_REQ, &req, 2374 ACX_TMPLT_PROBE_REQ_SIZ(len))); 2375 } 2376 2377 #ifndef IEEE80211_STA_ONLY 2378 struct mbuf *ieee80211_get_probe_resp(struct ieee80211com *, 2379 struct ieee80211_node *); 2380 2381 int 2382 acx_set_probe_resp_tmplt(struct acx_softc *sc, struct ieee80211_node *ni) 2383 { 2384 struct ieee80211com *ic = &sc->sc_ic; 2385 struct acx_tmplt_probe_resp resp; 2386 struct ieee80211_frame *wh; 2387 struct mbuf *m; 2388 int len; 2389 2390 bzero(&resp, sizeof(resp)); 2391 2392 m = ieee80211_get_probe_resp(ic, ni); 2393 if (m == NULL) 2394 return (1); 2395 M_PREPEND(m, sizeof(struct ieee80211_frame), M_DONTWAIT); 2396 if (m == NULL) 2397 return (1); 2398 wh = mtod(m, struct ieee80211_frame *); 2399 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2400 IEEE80211_FC0_SUBTYPE_PROBE_RESP; 2401 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2402 *(u_int16_t *)&wh->i_dur[0] = 0; 2403 IEEE80211_ADDR_COPY(wh->i_addr1, ni->ni_macaddr); 2404 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2405 IEEE80211_ADDR_COPY(wh->i_addr3, ni->ni_bssid); 2406 *(u_int16_t *)wh->i_seq = 0; 2407 2408 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&resp.data); 2409 len = m->m_pkthdr.len + sizeof(resp.size); 2410 m_freem(m); 2411 2412 return (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_RESP, &resp, len)); 2413 } 2414 2415 int 2416 acx_beacon_locate(struct mbuf *m, u_int8_t type) 2417 { 2418 int off; 2419 u_int8_t *frm; 2420 /* 2421 * beacon frame format 2422 * [8] time stamp 2423 * [2] beacon interval 2424 * [2] cabability information 2425 * from here on [tlv] values 2426 */ 2427 2428 if (m->m_len != m->m_pkthdr.len) 2429 panic("beacon not in contiguous mbuf"); 2430 2431 off = sizeof(struct ieee80211_frame) + 8 + 2 + 2; 2432 frm = mtod(m, u_int8_t *); 2433 for (; off + 1 < m->m_len; off += frm[off + 1] + 2) { 2434 if (frm[off] == type) 2435 return (off); 2436 } 2437 return (-1); 2438 } 2439 2440 int 2441 acx_set_beacon_tmplt(struct acx_softc *sc, struct ieee80211_node *ni) 2442 { 2443 struct ieee80211com *ic = &sc->sc_ic; 2444 struct acx_tmplt_beacon beacon; 2445 struct acx_tmplt_tim tim; 2446 struct mbuf *m; 2447 int len, off; 2448 2449 bzero(&beacon, sizeof(beacon)); 2450 bzero(&tim, sizeof(tim)); 2451 2452 m = ieee80211_beacon_alloc(ic, ni); 2453 if (m == NULL) 2454 return (1); 2455 2456 off = acx_beacon_locate(m, IEEE80211_ELEMID_TIM); 2457 if (off < 0) { 2458 m_free(m); 2459 return (1); 2460 } 2461 2462 m_copydata(m, 0, off, (caddr_t)&beacon.data); 2463 len = off + sizeof(beacon.size); 2464 2465 if (acx_set_tmplt(sc, ACXCMD_TMPLT_BEACON, &beacon, len) != 0) { 2466 m_freem(m); 2467 return (1); 2468 } 2469 2470 len = m->m_pkthdr.len - off; 2471 if (len == 0) { 2472 /* no TIM field */ 2473 m_freem(m); 2474 return (0); 2475 } 2476 2477 m_copydata(m, off, len, (caddr_t)&tim.data); 2478 len += sizeof(beacon.size); 2479 m_freem(m); 2480 2481 return (acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &tim, len)); 2482 } 2483 #endif /* IEEE80211_STA_ONLY */ 2484 2485 void 2486 acx_init_cmd_reg(struct acx_softc *sc) 2487 { 2488 sc->sc_cmd = CSR_READ_4(sc, ACXREG_CMD_REG_OFFSET); 2489 sc->sc_cmd_param = sc->sc_cmd + ACX_CMD_REG_SIZE; 2490 2491 /* Clear command & status */ 2492 CMD_WRITE_4(sc, 0); 2493 } 2494 2495 int 2496 acx_join_bss(struct acx_softc *sc, uint8_t mode, struct ieee80211_node *node) 2497 { 2498 uint8_t bj_buf[BSS_JOIN_BUFLEN]; 2499 struct bss_join_hdr *bj; 2500 int i, dtim_intvl; 2501 2502 bzero(bj_buf, sizeof(bj_buf)); 2503 bj = (struct bss_join_hdr *)bj_buf; 2504 2505 for (i = 0; i < IEEE80211_ADDR_LEN; ++i) 2506 bj->bssid[i] = node->ni_bssid[IEEE80211_ADDR_LEN - i - 1]; 2507 2508 bj->beacon_intvl = htole16(acx_beacon_intvl); 2509 2510 /* TODO tunable */ 2511 #ifndef IEEE80211_STA_ONLY 2512 if (sc->sc_ic.ic_opmode == IEEE80211_M_IBSS) 2513 dtim_intvl = 1; 2514 else 2515 #endif 2516 dtim_intvl = 10; 2517 sc->chip_set_bss_join_param(sc, bj->chip_spec, dtim_intvl); 2518 2519 bj->ndata_txrate = ACX_NDATA_TXRATE_1; 2520 bj->ndata_txopt = 0; 2521 bj->mode = mode; 2522 bj->channel = ieee80211_chan2ieee(&sc->sc_ic, node->ni_chan); 2523 bj->esslen = node->ni_esslen; 2524 bcopy(node->ni_essid, bj->essid, node->ni_esslen); 2525 2526 DPRINTF(("%s: join BSS/IBSS on channel %d\n", sc->sc_dev.dv_xname, 2527 bj->channel)); 2528 return (acx_exec_command(sc, ACXCMD_JOIN_BSS, 2529 bj, BSS_JOIN_PARAM_SIZE(bj), NULL, 0)); 2530 } 2531 2532 int 2533 acx_set_channel(struct acx_softc *sc, uint8_t chan) 2534 { 2535 if (acx_exec_command(sc, ACXCMD_ENABLE_TXCHAN, &chan, sizeof(chan), 2536 NULL, 0) != 0) { 2537 DPRINTF(("%s: setting TX channel %d failed\n", 2538 sc->sc_dev.dv_xname, chan)); 2539 return (ENXIO); 2540 } 2541 2542 if (acx_exec_command(sc, ACXCMD_ENABLE_RXCHAN, &chan, sizeof(chan), 2543 NULL, 0) != 0) { 2544 DPRINTF(("%s: setting RX channel %d failed\n", 2545 sc->sc_dev.dv_xname, chan)); 2546 return (ENXIO); 2547 } 2548 2549 return (0); 2550 } 2551 2552 int 2553 acx_get_conf(struct acx_softc *sc, uint16_t conf_id, void *conf, 2554 uint16_t conf_len) 2555 { 2556 struct acx_conf *confcom; 2557 2558 if (conf_len < sizeof(*confcom)) { 2559 printf("%s: %s configure data is too short\n", 2560 sc->sc_dev.dv_xname, __func__); 2561 return (1); 2562 } 2563 2564 confcom = conf; 2565 confcom->conf_id = htole16(conf_id); 2566 confcom->conf_data_len = htole16(conf_len - sizeof(*confcom)); 2567 2568 return (acx_exec_command(sc, ACXCMD_GET_CONF, confcom, sizeof(*confcom), 2569 conf, conf_len)); 2570 } 2571 2572 int 2573 acx_set_conf(struct acx_softc *sc, uint16_t conf_id, void *conf, 2574 uint16_t conf_len) 2575 { 2576 struct acx_conf *confcom; 2577 2578 if (conf_len < sizeof(*confcom)) { 2579 printf("%s: %s configure data is too short\n", 2580 sc->sc_dev.dv_xname, __func__); 2581 return (1); 2582 } 2583 2584 confcom = conf; 2585 confcom->conf_id = htole16(conf_id); 2586 confcom->conf_data_len = htole16(conf_len - sizeof(*confcom)); 2587 2588 return (acx_exec_command(sc, ACXCMD_SET_CONF, conf, conf_len, NULL, 0)); 2589 } 2590 2591 int 2592 acx_set_tmplt(struct acx_softc *sc, uint16_t cmd, void *tmplt, 2593 uint16_t tmplt_len) 2594 { 2595 uint16_t *size; 2596 2597 if (tmplt_len < sizeof(*size)) { 2598 printf("%s: %s template is too short\n", 2599 sc->sc_dev.dv_xname, __func__); 2600 return (1); 2601 } 2602 2603 size = tmplt; 2604 *size = htole16(tmplt_len - sizeof(*size)); 2605 2606 return (acx_exec_command(sc, cmd, tmplt, tmplt_len, NULL, 0)); 2607 } 2608 2609 int 2610 acx_init_radio(struct acx_softc *sc, uint32_t radio_ofs, uint32_t radio_len) 2611 { 2612 struct radio_init r; 2613 2614 r.radio_ofs = htole32(radio_ofs); 2615 r.radio_len = htole32(radio_len); 2616 2617 return (acx_exec_command(sc, ACXCMD_INIT_RADIO, &r, sizeof(r), NULL, 2618 0)); 2619 } 2620 2621 int 2622 acx_exec_command(struct acx_softc *sc, uint16_t cmd, void *param, 2623 uint16_t param_len, void *result, uint16_t result_len) 2624 { 2625 uint16_t status; 2626 int i, ret; 2627 2628 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0) { 2629 printf("%s: cmd 0x%04x failed (base firmware not loaded)\n", 2630 sc->sc_dev.dv_xname, cmd); 2631 return (1); 2632 } 2633 2634 ret = 0; 2635 2636 if (param != NULL && param_len != 0) { 2637 /* Set command param */ 2638 CMDPRM_WRITE_REGION_1(sc, param, param_len); 2639 } 2640 2641 /* Set command */ 2642 CMD_WRITE_4(sc, cmd); 2643 2644 /* Exec command */ 2645 CSR_WRITE_2(sc, ACXREG_INTR_TRIG, ACXRV_TRIG_CMD_FINI); 2646 DELAY(50); 2647 2648 /* Wait for command to complete */ 2649 if (cmd == ACXCMD_INIT_RADIO) { 2650 /* radio initialization is extremely long */ 2651 tsleep(&cmd, 0, "rdinit", (300 * hz) / 1000); /* 300ms */ 2652 } 2653 2654 #define CMDWAIT_RETRY_MAX 1000 2655 for (i = 0; i < CMDWAIT_RETRY_MAX; ++i) { 2656 uint16_t reg; 2657 2658 reg = CSR_READ_2(sc, ACXREG_INTR_STATUS); 2659 if (reg & ACXRV_INTR_CMD_FINI) { 2660 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_CMD_FINI); 2661 break; 2662 } 2663 DELAY(50); 2664 } 2665 if (i == CMDWAIT_RETRY_MAX) { 2666 printf("%s: cmd %04x failed (timeout)\n", 2667 sc->sc_dev.dv_xname, cmd); 2668 ret = 1; 2669 goto back; 2670 } 2671 #undef CMDWAIT_RETRY_MAX 2672 2673 /* Get command exec status */ 2674 status = (CMD_READ_4(sc) >> ACX_CMD_STATUS_SHIFT); 2675 if (status != ACX_CMD_STATUS_OK) { 2676 DPRINTF(("%s: cmd %04x failed\n", sc->sc_dev.dv_xname, cmd)); 2677 ret = 1; 2678 goto back; 2679 } 2680 2681 if (result != NULL && result_len != 0) { 2682 /* Get command result */ 2683 CMDPRM_READ_REGION_1(sc, result, result_len); 2684 } 2685 2686 back: 2687 CMD_WRITE_4(sc, 0); 2688 2689 return (ret); 2690 } 2691 2692 const char * 2693 acx_get_rf(int rev) 2694 { 2695 switch (rev) { 2696 case ACX_RADIO_TYPE_MAXIM: return "MAX2820"; 2697 case ACX_RADIO_TYPE_RFMD: return "RFMD"; 2698 case ACX_RADIO_TYPE_RALINK: return "Ralink"; 2699 case ACX_RADIO_TYPE_RADIA: return "Radia"; 2700 default: return "unknown"; 2701 } 2702 } 2703 2704 int 2705 acx_get_maxrssi(int radio) 2706 { 2707 switch (radio) { 2708 case ACX_RADIO_TYPE_MAXIM: return ACX_RADIO_RSSI_MAXIM; 2709 case ACX_RADIO_TYPE_RFMD: return ACX_RADIO_RSSI_RFMD; 2710 case ACX_RADIO_TYPE_RALINK: return ACX_RADIO_RSSI_RALINK; 2711 case ACX_RADIO_TYPE_RADIA: return ACX_RADIO_RSSI_RADIA; 2712 default: return ACX_RADIO_RSSI_UNKN; 2713 } 2714 } 2715 2716 void 2717 acx_iter_func(void *arg, struct ieee80211_node *ni) 2718 { 2719 struct acx_softc *sc = arg; 2720 struct acx_node *wn = (struct acx_node *)ni; 2721 2722 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 2723 } 2724 2725 void 2726 acx_amrr_timeout(void *arg) 2727 { 2728 struct acx_softc *sc = arg; 2729 struct ieee80211com *ic = &sc->sc_ic; 2730 2731 if (ic->ic_opmode == IEEE80211_M_STA) 2732 acx_iter_func(sc, ic->ic_bss); 2733 else 2734 ieee80211_iterate_nodes(ic, acx_iter_func, sc); 2735 2736 timeout_add_msec(&sc->amrr_ch, 500); 2737 } 2738 2739 void 2740 acx_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 2741 { 2742 struct acx_softc *sc = ic->ic_if.if_softc; 2743 int i; 2744 2745 ieee80211_amrr_node_init(&sc->amrr, &((struct acx_node *)ni)->amn); 2746 2747 /* set rate to some reasonable initial value */ 2748 for (i = ni->ni_rates.rs_nrates - 1; 2749 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 2750 i--); 2751 ni->ni_txrate = i; 2752 } 2753 2754 #ifndef IEEE80211_STA_ONLY 2755 void 2756 acx_set_tim(struct ieee80211com *ic, int aid, int set) 2757 { 2758 struct acx_softc *sc = ic->ic_if.if_softc; 2759 struct acx_tmplt_tim tim; 2760 u_int8_t *ep; 2761 2762 ieee80211_set_tim(ic, aid, set); 2763 2764 bzero(&tim, sizeof(tim)); 2765 ep = ieee80211_add_tim(tim.data.u_mem, ic); 2766 2767 acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &tim, ep - (u_int8_t *)&tim); 2768 } 2769 #endif 2770