1 /* $OpenBSD: acx.c,v 1.120 2017/01/22 10:17:37 dlg Exp $ */ 2 3 /* 4 * Copyright (c) 2006 Jonathan Gray <jsg@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /* 20 * Copyright (c) 2006 The DragonFly Project. All rights reserved. 21 * 22 * This code is derived from software contributed to The DragonFly Project 23 * by Sepherosa Ziehau <sepherosa@gmail.com> 24 * 25 * Redistribution and use in source and binary forms, with or without 26 * modification, are permitted provided that the following conditions 27 * are met: 28 * 29 * 1. Redistributions of source code must retain the above copyright 30 * notice, this list of conditions and the following disclaimer. 31 * 2. Redistributions in binary form must reproduce the above copyright 32 * notice, this list of conditions and the following disclaimer in 33 * the documentation and/or other materials provided with the 34 * distribution. 35 * 3. Neither the name of The DragonFly Project nor the names of its 36 * contributors may be used to endorse or promote products derived 37 * from this software without specific, prior written permission. 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 40 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 41 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 42 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 43 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 44 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 45 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 47 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 48 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 49 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 */ 52 53 /* 54 * Copyright (c) 2003-2004 wlan.kewl.org Project 55 * All rights reserved. 56 * 57 * Redistribution and use in source and binary forms, with or without 58 * modification, are permitted provided that the following conditions 59 * are met: 60 * 61 * 1. Redistributions of source code must retain the above copyright 62 * notice, this list of conditions and the following disclaimer. 63 * 64 * 2. Redistributions in binary form must reproduce the above copyright 65 * notice, this list of conditions and the following disclaimer in the 66 * documentation and/or other materials provided with the distribution. 67 * 68 * 3. All advertising materials mentioning features or use of this software 69 * must display the following acknowledgement: 70 * 71 * This product includes software developed by the wlan.kewl.org Project. 72 * 73 * 4. Neither the name of the wlan.kewl.org Project nor the names of its 74 * contributors may be used to endorse or promote products derived from 75 * this software without specific prior written permission. 76 * 77 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, 78 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY 79 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 80 * THE wlan.kewl.org Project BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 81 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 82 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 83 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 84 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 85 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 86 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 87 */ 88 89 #include "bpfilter.h" 90 91 #include <sys/param.h> 92 #include <sys/systm.h> 93 #include <sys/kernel.h> 94 #include <sys/malloc.h> 95 #include <sys/mbuf.h> 96 #include <sys/socket.h> 97 #include <sys/sockio.h> 98 #include <sys/ioctl.h> 99 #include <sys/errno.h> 100 #include <sys/device.h> 101 #include <sys/endian.h> 102 103 #include <machine/bus.h> 104 #include <machine/intr.h> 105 106 #include <net/if.h> 107 #include <net/if_media.h> 108 109 #if NBPFILTER > 0 110 #include <net/bpf.h> 111 #endif 112 113 #include <netinet/in.h> 114 #include <netinet/if_ether.h> 115 116 #include <net80211/ieee80211_var.h> 117 #include <net80211/ieee80211_amrr.h> 118 #include <net80211/ieee80211_radiotap.h> 119 120 #include <dev/ic/acxvar.h> 121 #include <dev/ic/acxreg.h> 122 123 #ifdef ACX_DEBUG 124 int acxdebug = 0; 125 #endif 126 127 int acx_attach(struct acx_softc *); 128 int acx_detach(void *); 129 130 int acx_init(struct ifnet *); 131 int acx_stop(struct acx_softc *); 132 void acx_init_info_reg(struct acx_softc *); 133 int acx_config(struct acx_softc *); 134 int acx_read_config(struct acx_softc *, struct acx_config *); 135 int acx_write_config(struct acx_softc *, struct acx_config *); 136 int acx_rx_config(struct acx_softc *); 137 int acx_set_crypt_keys(struct acx_softc *); 138 void acx_next_scan(void *); 139 140 void acx_start(struct ifnet *); 141 void acx_watchdog(struct ifnet *); 142 143 int acx_ioctl(struct ifnet *, u_long, caddr_t); 144 145 int acx_intr(void *); 146 void acx_disable_intr(struct acx_softc *); 147 void acx_enable_intr(struct acx_softc *); 148 void acx_txeof(struct acx_softc *); 149 void acx_txerr(struct acx_softc *, uint8_t); 150 void acx_rxeof(struct acx_softc *); 151 152 int acx_dma_alloc(struct acx_softc *); 153 void acx_dma_free(struct acx_softc *); 154 void acx_init_tx_ring(struct acx_softc *); 155 int acx_init_rx_ring(struct acx_softc *); 156 int acx_newbuf(struct acx_softc *, struct acx_rxbuf *, int); 157 int acx_encap(struct acx_softc *, struct acx_txbuf *, 158 struct mbuf *, struct ieee80211_node *, int); 159 160 int acx_reset(struct acx_softc *); 161 162 int acx_set_null_tmplt(struct acx_softc *); 163 int acx_set_probe_req_tmplt(struct acx_softc *, const char *, int); 164 #ifndef IEEE80211_STA_ONLY 165 int acx_set_probe_resp_tmplt(struct acx_softc *, struct ieee80211_node *); 166 int acx_beacon_locate(struct mbuf *, u_int8_t); 167 int acx_set_beacon_tmplt(struct acx_softc *, struct ieee80211_node *); 168 #endif 169 170 int acx_read_eeprom(struct acx_softc *, uint32_t, uint8_t *); 171 int acx_read_phyreg(struct acx_softc *, uint32_t, uint8_t *); 172 const char * acx_get_rf(int); 173 int acx_get_maxrssi(int); 174 175 int acx_load_firmware(struct acx_softc *, uint32_t, 176 const uint8_t *, int); 177 int acx_load_radio_firmware(struct acx_softc *, const char *); 178 int acx_load_base_firmware(struct acx_softc *, const char *); 179 180 struct ieee80211_node 181 *acx_node_alloc(struct ieee80211com *); 182 int acx_newstate(struct ieee80211com *, enum ieee80211_state, int); 183 184 void acx_init_cmd_reg(struct acx_softc *); 185 int acx_join_bss(struct acx_softc *, uint8_t, struct ieee80211_node *); 186 int acx_set_channel(struct acx_softc *, uint8_t); 187 int acx_init_radio(struct acx_softc *, uint32_t, uint32_t); 188 189 void acx_iter_func(void *, struct ieee80211_node *); 190 void acx_amrr_timeout(void *); 191 void acx_newassoc(struct ieee80211com *, struct ieee80211_node *, int); 192 #ifndef IEEE80211_STA_ONLY 193 void acx_set_tim(struct ieee80211com *, int, int); 194 #endif 195 196 int acx_beacon_intvl = 100; /* 100 TU */ 197 198 /* 199 * Possible values for the second parameter of acx_join_bss() 200 */ 201 #define ACX_MODE_ADHOC 0 202 #define ACX_MODE_UNUSED 1 203 #define ACX_MODE_STA 2 204 #define ACX_MODE_AP 3 205 206 struct cfdriver acx_cd = { 207 NULL, "acx", DV_IFNET 208 }; 209 210 int 211 acx_attach(struct acx_softc *sc) 212 { 213 struct ieee80211com *ic = &sc->sc_ic; 214 struct ifnet *ifp = &sc->sc_ic.ic_if; 215 int i, error; 216 217 /* Initialize channel scanning timer */ 218 timeout_set(&sc->sc_chanscan_timer, acx_next_scan, sc); 219 220 /* Allocate busdma stuffs */ 221 error = acx_dma_alloc(sc); 222 if (error) { 223 printf("%s: attach failed, could not allocate DMA!\n", 224 sc->sc_dev.dv_xname); 225 return (error); 226 } 227 228 /* Reset Hardware */ 229 error = acx_reset(sc); 230 if (error) { 231 printf("%s: attach failed, could not reset device!\n", 232 sc->sc_dev.dv_xname); 233 return (error); 234 } 235 236 /* Disable interrupts before firmware is loaded */ 237 acx_disable_intr(sc); 238 239 /* Get radio type and form factor */ 240 #define EEINFO_RETRY_MAX 50 241 for (i = 0; i < EEINFO_RETRY_MAX; ++i) { 242 uint16_t ee_info; 243 244 ee_info = CSR_READ_2(sc, ACXREG_EEPROM_INFO); 245 if (ACX_EEINFO_HAS_RADIO_TYPE(ee_info)) { 246 sc->sc_form_factor = ACX_EEINFO_FORM_FACTOR(ee_info); 247 sc->sc_radio_type = ACX_EEINFO_RADIO_TYPE(ee_info); 248 break; 249 } 250 DELAY(10000); 251 } 252 if (i == EEINFO_RETRY_MAX) { 253 printf("%s: attach failed, could not get radio type!\n", 254 sc->sc_dev.dv_xname); 255 return (ENXIO); 256 } 257 #undef EEINFO_RETRY_MAX 258 259 #ifdef DUMP_EEPROM 260 for (i = 0; i < 0x40; ++i) { 261 uint8_t val; 262 263 error = acx_read_eeprom(sc, i, &val); 264 if (error) 265 return (error); 266 if (i % 10 == 0) 267 printf("\n"); 268 printf("%02x ", val); 269 } 270 printf("\n"); 271 #endif /* DUMP_EEPROM */ 272 273 /* Get EEPROM version */ 274 error = acx_read_eeprom(sc, ACX_EE_VERSION_OFS, &sc->sc_eeprom_ver); 275 if (error) { 276 printf("%s: attach failed, could not get EEPROM version!\n", 277 sc->sc_dev.dv_xname); 278 return (error); 279 } 280 281 ifp->if_softc = sc; 282 ifp->if_ioctl = acx_ioctl; 283 ifp->if_start = acx_start; 284 ifp->if_watchdog = acx_watchdog; 285 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST; 286 strlcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 287 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 288 289 /* Set channels */ 290 for (i = 1; i <= 14; ++i) { 291 ic->ic_channels[i].ic_freq = 292 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 293 ic->ic_channels[i].ic_flags = sc->chip_chan_flags; 294 } 295 296 ic->ic_opmode = IEEE80211_M_STA; 297 ic->ic_state = IEEE80211_S_INIT; 298 299 /* 300 * NOTE: Don't overwrite ic_caps set by chip specific code 301 */ 302 ic->ic_caps = 303 IEEE80211_C_WEP | /* WEP */ 304 IEEE80211_C_MONITOR | /* Monitor mode */ 305 #ifndef IEEE80211_STA_ONLY 306 IEEE80211_C_IBSS | /* IBSS mode */ 307 IEEE80211_C_HOSTAP | /* Access Point */ 308 IEEE80211_C_APPMGT | /* AP Power Mgmt */ 309 #endif 310 IEEE80211_C_SHPREAMBLE; /* Short preamble */ 311 312 /* Get station id */ 313 for (i = 0; i < IEEE80211_ADDR_LEN; ++i) { 314 error = acx_read_eeprom(sc, sc->chip_ee_eaddr_ofs - i, 315 &ic->ic_myaddr[i]); 316 if (error) { 317 printf("%s: attach failed, could not get station id\n", 318 sc->sc_dev.dv_xname); 319 return error; 320 } 321 } 322 323 printf("%s: %s, radio %s (0x%02x), EEPROM ver %u, address %s\n", 324 sc->sc_dev.dv_xname, 325 (sc->sc_flags & ACX_FLAG_ACX111) ? "ACX111" : "ACX100", 326 acx_get_rf(sc->sc_radio_type), sc->sc_radio_type, 327 sc->sc_eeprom_ver, ether_sprintf(ic->ic_myaddr)); 328 329 if_attach(ifp); 330 ieee80211_ifattach(ifp); 331 332 /* Override node alloc */ 333 ic->ic_node_alloc = acx_node_alloc; 334 ic->ic_newassoc = acx_newassoc; 335 336 #ifndef IEEE80211_STA_ONLY 337 /* Override set TIM */ 338 ic->ic_set_tim = acx_set_tim; 339 #endif 340 341 /* Override newstate */ 342 sc->sc_newstate = ic->ic_newstate; 343 ic->ic_newstate = acx_newstate; 344 345 /* Set maximal rssi */ 346 ic->ic_max_rssi = acx_get_maxrssi(sc->sc_radio_type); 347 348 ieee80211_media_init(ifp, ieee80211_media_change, 349 ieee80211_media_status); 350 351 /* AMRR rate control */ 352 sc->amrr.amrr_min_success_threshold = 1; 353 sc->amrr.amrr_max_success_threshold = 15; 354 timeout_set(&sc->amrr_ch, acx_amrr_timeout, sc); 355 356 sc->sc_long_retry_limit = 4; 357 sc->sc_short_retry_limit = 7; 358 sc->sc_msdu_lifetime = 4096; 359 360 #if NBPFILTER > 0 361 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 362 sizeof(struct ieee80211_frame) + 64); 363 364 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 365 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 366 sc->sc_rxtap.wr_ihdr.it_present = htole32(ACX_RX_RADIOTAP_PRESENT); 367 368 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 369 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 370 sc->sc_txtap.wt_ihdr.it_present = htole32(ACX_TX_RADIOTAP_PRESENT); 371 #endif 372 373 return (0); 374 } 375 376 int 377 acx_detach(void *xsc) 378 { 379 struct acx_softc *sc = xsc; 380 struct ieee80211com *ic = &sc->sc_ic; 381 struct ifnet *ifp = &ic->ic_if; 382 383 acx_stop(sc); 384 ieee80211_ifdetach(ifp); 385 if_detach(ifp); 386 387 acx_dma_free(sc); 388 389 return (0); 390 } 391 392 int 393 acx_init(struct ifnet *ifp) 394 { 395 struct acx_softc *sc = ifp->if_softc; 396 struct ieee80211com *ic = &sc->sc_ic; 397 char fname[] = "tiacx111c16"; 398 int error, combined = 0; 399 400 error = acx_stop(sc); 401 if (error) 402 return (EIO); 403 404 /* enable card if possible */ 405 if (sc->sc_enable != NULL) { 406 error = (*sc->sc_enable)(sc); 407 if (error) 408 return (EIO); 409 } 410 411 acx_init_tx_ring(sc); 412 413 error = acx_init_rx_ring(sc); 414 if (error) { 415 printf("%s: can't initialize RX ring\n", 416 sc->sc_dev.dv_xname); 417 goto back; 418 } 419 420 if (sc->sc_flags & ACX_FLAG_ACX111) { 421 snprintf(fname, sizeof(fname), "tiacx111c%02X", 422 sc->sc_radio_type); 423 error = acx_load_base_firmware(sc, fname); 424 425 if (!error) 426 combined = 1; 427 } 428 429 if (!combined) { 430 snprintf(fname, sizeof(fname), "tiacx%s", 431 (sc->sc_flags & ACX_FLAG_ACX111) ? "111" : "100"); 432 error = acx_load_base_firmware(sc, fname); 433 } 434 435 if (error) 436 goto back; 437 438 /* 439 * Initialize command and information registers 440 * NOTE: This should be done after base firmware is loaded 441 */ 442 acx_init_cmd_reg(sc); 443 acx_init_info_reg(sc); 444 445 sc->sc_flags |= ACX_FLAG_FW_LOADED; 446 447 if (!combined) { 448 snprintf(fname, sizeof(fname), "tiacx%sr%02X", 449 (sc->sc_flags & ACX_FLAG_ACX111) ? "111" : "100", 450 sc->sc_radio_type); 451 error = acx_load_radio_firmware(sc, fname); 452 453 if (error) 454 goto back; 455 } 456 457 error = sc->chip_init(sc); 458 if (error) 459 goto back; 460 461 /* Get and set device various configuration */ 462 error = acx_config(sc); 463 if (error) 464 goto back; 465 466 /* Setup crypto stuffs */ 467 if (sc->sc_ic.ic_flags & IEEE80211_F_WEPON) { 468 error = acx_set_crypt_keys(sc); 469 if (error) 470 goto back; 471 } 472 473 /* Turn on power led */ 474 CSR_CLRB_2(sc, ACXREG_GPIO_OUT, sc->chip_gpio_pled); 475 476 acx_enable_intr(sc); 477 478 ifp->if_flags |= IFF_RUNNING; 479 ifq_clr_oactive(&ifp->if_snd); 480 481 if (ic->ic_opmode != IEEE80211_M_MONITOR) 482 /* start background scanning */ 483 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 484 else 485 /* in monitor mode change directly into run state */ 486 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 487 488 return (0); 489 back: 490 acx_stop(sc); 491 return (error); 492 } 493 494 void 495 acx_init_info_reg(struct acx_softc *sc) 496 { 497 sc->sc_info = CSR_READ_4(sc, ACXREG_INFO_REG_OFFSET); 498 sc->sc_info_param = sc->sc_info + ACX_INFO_REG_SIZE; 499 } 500 501 int 502 acx_set_crypt_keys(struct acx_softc *sc) 503 { 504 struct ieee80211com *ic = &sc->sc_ic; 505 struct acx_conf_wep_txkey wep_txkey; 506 int i, error, got_wk = 0; 507 508 for (i = 0; i < IEEE80211_WEP_NKID; ++i) { 509 struct ieee80211_key *k = &ic->ic_nw_keys[i]; 510 511 if (k->k_len == 0) 512 continue; 513 514 if (sc->chip_hw_crypt) { 515 error = sc->chip_set_wepkey(sc, k, i); 516 if (error) 517 return (error); 518 got_wk = 1; 519 } 520 } 521 522 if (!got_wk) 523 return (0); 524 525 /* Set current WEP key index */ 526 wep_txkey.wep_txkey = ic->ic_wep_txkey; 527 if (acx_set_conf(sc, ACX_CONF_WEP_TXKEY, &wep_txkey, 528 sizeof(wep_txkey)) != 0) { 529 printf("%s: set WEP txkey failed\n", sc->sc_dev.dv_xname); 530 return (ENXIO); 531 } 532 533 return (0); 534 } 535 536 void 537 acx_next_scan(void *arg) 538 { 539 struct acx_softc *sc = arg; 540 struct ieee80211com *ic = &sc->sc_ic; 541 struct ifnet *ifp = &ic->ic_if; 542 543 if (ic->ic_state == IEEE80211_S_SCAN) 544 ieee80211_next_scan(ifp); 545 } 546 547 int 548 acx_stop(struct acx_softc *sc) 549 { 550 struct ieee80211com *ic = &sc->sc_ic; 551 struct ifnet *ifp = &ic->ic_if; 552 struct acx_buf_data *bd = &sc->sc_buf_data; 553 struct acx_ring_data *rd = &sc->sc_ring_data; 554 int i, error; 555 556 sc->sc_firmware_ver = 0; 557 sc->sc_hardware_id = 0; 558 559 /* Reset hardware */ 560 error = acx_reset(sc); 561 if (error) 562 return (error); 563 564 /* Firmware no longer functions after hardware reset */ 565 sc->sc_flags &= ~ACX_FLAG_FW_LOADED; 566 567 acx_disable_intr(sc); 568 569 /* Stop backgroud scanning */ 570 timeout_del(&sc->sc_chanscan_timer); 571 572 /* Turn off power led */ 573 CSR_SETB_2(sc, ACXREG_GPIO_OUT, sc->chip_gpio_pled); 574 575 /* Free TX mbuf */ 576 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 577 struct acx_txbuf *buf; 578 struct ieee80211_node *ni; 579 580 buf = &bd->tx_buf[i]; 581 582 if (buf->tb_mbuf != NULL) { 583 bus_dmamap_unload(sc->sc_dmat, buf->tb_mbuf_dmamap); 584 m_freem(buf->tb_mbuf); 585 buf->tb_mbuf = NULL; 586 } 587 588 ni = (struct ieee80211_node *)buf->tb_node; 589 if (ni != NULL) 590 ieee80211_release_node(ic, ni); 591 buf->tb_node = NULL; 592 } 593 594 /* Clear TX host descriptors */ 595 bzero(rd->tx_ring, ACX_TX_RING_SIZE); 596 597 /* Free RX mbuf */ 598 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 599 if (bd->rx_buf[i].rb_mbuf != NULL) { 600 bus_dmamap_unload(sc->sc_dmat, 601 bd->rx_buf[i].rb_mbuf_dmamap); 602 m_freem(bd->rx_buf[i].rb_mbuf); 603 bd->rx_buf[i].rb_mbuf = NULL; 604 } 605 } 606 607 /* Clear RX host descriptors */ 608 bzero(rd->rx_ring, ACX_RX_RING_SIZE); 609 610 sc->sc_txtimer = 0; 611 ifp->if_timer = 0; 612 ifp->if_flags &= ~IFF_RUNNING; 613 ifq_clr_oactive(&ifp->if_snd); 614 ieee80211_new_state(&sc->sc_ic, IEEE80211_S_INIT, -1); 615 616 /* disable card if possible */ 617 if (sc->sc_disable != NULL) 618 (*sc->sc_disable)(sc); 619 620 return (0); 621 } 622 623 int 624 acx_config(struct acx_softc *sc) 625 { 626 struct acx_config conf; 627 int error; 628 629 error = acx_read_config(sc, &conf); 630 if (error) 631 return (error); 632 633 error = acx_write_config(sc, &conf); 634 if (error) 635 return (error); 636 637 error = acx_rx_config(sc); 638 if (error) 639 return (error); 640 641 if (acx_set_probe_req_tmplt(sc, "", 0) != 0) { 642 printf("%s: can't set probe req template " 643 "(empty ssid)\n", sc->sc_dev.dv_xname); 644 return (ENXIO); 645 } 646 647 /* XXX for PM?? */ 648 if (acx_set_null_tmplt(sc) != 0) { 649 printf("%s: can't set null data template\n", 650 sc->sc_dev.dv_xname); 651 return (ENXIO); 652 } 653 654 return (0); 655 } 656 657 int 658 acx_read_config(struct acx_softc *sc, struct acx_config *conf) 659 { 660 struct acx_conf_regdom reg_dom; 661 struct acx_conf_antenna ant; 662 struct acx_conf_fwrev fw_rev; 663 uint32_t fw_rev_no; 664 uint8_t sen; 665 int error; 666 667 /* Get region domain */ 668 if (acx_get_conf(sc, ACX_CONF_REGDOM, ®_dom, sizeof(reg_dom)) != 0) { 669 printf("%s: can't get region domain\n", sc->sc_dev.dv_xname); 670 return (ENXIO); 671 } 672 conf->regdom = reg_dom.regdom; 673 DPRINTF(("%s: regdom %02x\n", sc->sc_dev.dv_xname, reg_dom.regdom)); 674 675 /* Get antenna */ 676 if (acx_get_conf(sc, ACX_CONF_ANTENNA, &ant, sizeof(ant)) != 0) { 677 printf("%s: can't get antenna\n", sc->sc_dev.dv_xname); 678 return (ENXIO); 679 } 680 conf->antenna = ant.antenna; 681 DPRINTF(("%s: antenna %02x\n", sc->sc_dev.dv_xname, ant.antenna)); 682 683 /* Get sensitivity XXX not used */ 684 if (sc->sc_radio_type == ACX_RADIO_TYPE_MAXIM || 685 sc->sc_radio_type == ACX_RADIO_TYPE_RFMD || 686 sc->sc_radio_type == ACX_RADIO_TYPE_RALINK) { 687 error = acx_read_phyreg(sc, ACXRV_PHYREG_SENSITIVITY, &sen); 688 if (error) { 689 printf("%s: can't get sensitivity\n", 690 sc->sc_dev.dv_xname); 691 return (error); 692 } 693 } else 694 sen = 0; 695 DPRINTF(("%s: sensitivity %02x\n", sc->sc_dev.dv_xname, sen)); 696 697 /* Get firmware revision */ 698 if (acx_get_conf(sc, ACX_CONF_FWREV, &fw_rev, sizeof(fw_rev)) != 0) { 699 printf("%s: can't get firmware revision\n", 700 sc->sc_dev.dv_xname); 701 return (ENXIO); 702 } 703 704 if (strncmp(fw_rev.fw_rev, "Rev ", 4) != 0) { 705 printf("%s: strange revision string -- %s\n", 706 sc->sc_dev.dv_xname, fw_rev.fw_rev); 707 fw_rev_no = 0x01090407; 708 } else { 709 /* 710 * 01234 711 * "Rev xx.xx.xx.xx" 712 * ^ Start from here 713 */ 714 fw_rev_no = fw_rev.fw_rev[0] << 24; 715 fw_rev_no |= fw_rev.fw_rev[1] << 16; 716 fw_rev_no |= fw_rev.fw_rev[2] << 8; 717 fw_rev_no |= fw_rev.fw_rev[3]; 718 } 719 sc->sc_firmware_ver = fw_rev_no; 720 sc->sc_hardware_id = letoh32(fw_rev.hw_id); 721 DPRINTF(("%s: fw rev %08x, hw id %08x\n", 722 sc->sc_dev.dv_xname, sc->sc_firmware_ver, sc->sc_hardware_id)); 723 724 if (sc->chip_read_config != NULL) { 725 error = sc->chip_read_config(sc, conf); 726 if (error) 727 return (error); 728 } 729 730 return (0); 731 } 732 733 int 734 acx_write_config(struct acx_softc *sc, struct acx_config *conf) 735 { 736 struct acx_conf_nretry_short sretry; 737 struct acx_conf_nretry_long lretry; 738 struct acx_conf_msdu_lifetime msdu_lifetime; 739 struct acx_conf_rate_fallback rate_fb; 740 struct acx_conf_antenna ant; 741 struct acx_conf_regdom reg_dom; 742 struct ifnet *ifp = &sc->sc_ic.ic_if; 743 int error; 744 745 /* Set number of long/short retry */ 746 sretry.nretry = sc->sc_short_retry_limit; 747 if (acx_set_conf(sc, ACX_CONF_NRETRY_SHORT, &sretry, 748 sizeof(sretry)) != 0) { 749 printf("%s: can't set short retry limit\n", ifp->if_xname); 750 return (ENXIO); 751 } 752 753 lretry.nretry = sc->sc_long_retry_limit; 754 if (acx_set_conf(sc, ACX_CONF_NRETRY_LONG, &lretry, 755 sizeof(lretry)) != 0) { 756 printf("%s: can't set long retry limit\n", ifp->if_xname); 757 return (ENXIO); 758 } 759 760 /* Set MSDU lifetime */ 761 msdu_lifetime.lifetime = htole32(sc->sc_msdu_lifetime); 762 if (acx_set_conf(sc, ACX_CONF_MSDU_LIFETIME, &msdu_lifetime, 763 sizeof(msdu_lifetime)) != 0) { 764 printf("%s: can't set MSDU lifetime\n", ifp->if_xname); 765 return (ENXIO); 766 } 767 768 /* Enable rate fallback */ 769 rate_fb.ratefb_enable = 1; 770 if (acx_set_conf(sc, ACX_CONF_RATE_FALLBACK, &rate_fb, 771 sizeof(rate_fb)) != 0) { 772 printf("%s: can't enable rate fallback\n", ifp->if_xname); 773 return (ENXIO); 774 } 775 776 /* Set antenna */ 777 ant.antenna = conf->antenna; 778 if (acx_set_conf(sc, ACX_CONF_ANTENNA, &ant, sizeof(ant)) != 0) { 779 printf("%s: can't set antenna\n", ifp->if_xname); 780 return (ENXIO); 781 } 782 783 /* Set region domain */ 784 reg_dom.regdom = conf->regdom; 785 if (acx_set_conf(sc, ACX_CONF_REGDOM, ®_dom, sizeof(reg_dom)) != 0) { 786 printf("%s: can't set region domain\n", ifp->if_xname); 787 return (ENXIO); 788 } 789 790 if (sc->chip_write_config != NULL) { 791 error = sc->chip_write_config(sc, conf); 792 if (error) 793 return (error); 794 } 795 796 return (0); 797 } 798 799 int 800 acx_rx_config(struct acx_softc *sc) 801 { 802 struct ieee80211com *ic = &sc->sc_ic; 803 struct acx_conf_rxopt rx_opt; 804 805 /* tell the RX receiver what frames we want to have */ 806 rx_opt.opt1 = htole16(RXOPT1_INCL_RXBUF_HDR); 807 rx_opt.opt2 = htole16( 808 RXOPT2_RECV_ASSOC_REQ | 809 RXOPT2_RECV_AUTH | 810 RXOPT2_RECV_BEACON | 811 RXOPT2_RECV_CF | 812 RXOPT2_RECV_CTRL | 813 RXOPT2_RECV_DATA | 814 RXOPT2_RECV_MGMT | 815 RXOPT2_RECV_PROBE_REQ | 816 RXOPT2_RECV_PROBE_RESP | 817 RXOPT2_RECV_OTHER); 818 819 /* in monitor mode go promiscuous */ 820 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 821 rx_opt.opt1 |= RXOPT1_PROMISC; 822 rx_opt.opt2 |= RXOPT2_RECV_BROKEN | RXOPT2_RECV_ACK; 823 } else 824 rx_opt.opt1 |= RXOPT1_FILT_FDEST; 825 826 /* finally set the RX options */ 827 if (acx_set_conf(sc, ACX_CONF_RXOPT, &rx_opt, sizeof(rx_opt)) != 0) { 828 printf("%s: can not set RX options!\n", sc->sc_dev.dv_xname); 829 return (ENXIO); 830 } 831 832 return (0); 833 } 834 835 int 836 acx_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 837 { 838 struct acx_softc *sc = ifp->if_softc; 839 struct ieee80211com *ic = &sc->sc_ic; 840 struct ifreq *ifr; 841 int s, error = 0; 842 uint8_t chan; 843 844 s = splnet(); 845 846 switch (cmd) { 847 case SIOCSIFADDR: 848 ifp->if_flags |= IFF_UP; 849 /* FALLTHROUGH */ 850 case SIOCSIFFLAGS: 851 if (ifp->if_flags & IFF_UP) { 852 if ((ifp->if_flags & IFF_RUNNING) == 0) 853 error = acx_init(ifp); 854 } else { 855 if (ifp->if_flags & IFF_RUNNING) 856 error = acx_stop(sc); 857 } 858 break; 859 case SIOCADDMULTI: 860 case SIOCDELMULTI: 861 ifr = (struct ifreq *)data; 862 error = (cmd == SIOCADDMULTI) ? 863 ether_addmulti(ifr, &ic->ic_ac) : 864 ether_delmulti(ifr, &ic->ic_ac); 865 866 if (error == ENETRESET) 867 error = 0; 868 break; 869 case SIOCS80211CHANNEL: 870 /* allow fast channel switching in monitor mode */ 871 error = ieee80211_ioctl(ifp, cmd, data); 872 if (error == ENETRESET && 873 ic->ic_opmode == IEEE80211_M_MONITOR) { 874 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 875 (IFF_UP | IFF_RUNNING)) { 876 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 877 chan = ieee80211_chan2ieee(ic, 878 ic->ic_bss->ni_chan); 879 (void)acx_set_channel(sc, chan); 880 } 881 error = 0; 882 } 883 break; 884 default: 885 error = ieee80211_ioctl(ifp, cmd, data); 886 break; 887 } 888 889 if (error == ENETRESET) { 890 if ((ifp->if_flags & (IFF_RUNNING | IFF_UP)) == 891 (IFF_RUNNING | IFF_UP)) 892 error = acx_init(ifp); 893 else 894 error = 0; 895 } 896 897 splx(s); 898 899 return (error); 900 } 901 902 void 903 acx_start(struct ifnet *ifp) 904 { 905 struct acx_softc *sc = ifp->if_softc; 906 struct ieee80211com *ic = &sc->sc_ic; 907 struct acx_buf_data *bd = &sc->sc_buf_data; 908 struct acx_txbuf *buf; 909 int trans, idx; 910 911 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0 || 912 (ifp->if_flags & IFF_RUNNING) == 0 || 913 ifq_is_oactive(&ifp->if_snd)) 914 return; 915 916 /* 917 * NOTE: 918 * We can't start from a random position that TX descriptor 919 * is free, since hardware will be confused by that. 920 * We have to follow the order of the TX ring. 921 */ 922 idx = bd->tx_free_start; 923 trans = 0; 924 for (buf = &bd->tx_buf[idx]; buf->tb_mbuf == NULL; 925 buf = &bd->tx_buf[idx]) { 926 struct ieee80211_frame *wh; 927 struct ieee80211_node *ni = NULL; 928 struct mbuf *m; 929 int rate; 930 931 m = mq_dequeue(&ic->ic_mgtq); 932 /* first dequeue management frames */ 933 if (m != NULL) { 934 ni = m->m_pkthdr.ph_cookie; 935 936 /* 937 * probe response mgmt frames are handled by the 938 * firmware already. So, don't send them twice. 939 */ 940 wh = mtod(m, struct ieee80211_frame *); 941 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 942 IEEE80211_FC0_SUBTYPE_PROBE_RESP) { 943 if (ni != NULL) 944 ieee80211_release_node(ic, ni); 945 m_freem(m); 946 continue; 947 } 948 949 /* 950 * mgmt frames are sent at the lowest available 951 * bit-rate. 952 */ 953 rate = ni->ni_rates.rs_rates[0]; 954 rate &= IEEE80211_RATE_VAL; 955 } else { 956 struct ether_header *eh; 957 958 /* then dequeue packets on the powersave queue */ 959 m = mq_dequeue(&ic->ic_pwrsaveq); 960 if (m != NULL) { 961 ni = m->m_pkthdr.ph_cookie; 962 goto encapped; 963 } else { 964 IFQ_DEQUEUE(&ifp->if_snd, m); 965 if (m == NULL) 966 break; 967 } 968 if (ic->ic_state != IEEE80211_S_RUN) { 969 DPRINTF(("%s: data packet dropped due to " 970 "not RUN. Current state %d\n", 971 ifp->if_xname, ic->ic_state)); 972 m_freem(m); 973 break; 974 } 975 976 if (m->m_len < sizeof(struct ether_header)) { 977 m = m_pullup(m, sizeof(struct ether_header)); 978 if (m == NULL) { 979 ifp->if_oerrors++; 980 continue; 981 } 982 } 983 eh = mtod(m, struct ether_header *); 984 985 /* TODO power save */ 986 987 #if NBPFILTER > 0 988 if (ifp->if_bpf != NULL) 989 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 990 #endif 991 992 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) { 993 ifp->if_oerrors++; 994 continue; 995 } 996 encapped: 997 if (ic->ic_fixed_rate != -1) { 998 rate = ic->ic_sup_rates[ic->ic_curmode]. 999 rs_rates[ic->ic_fixed_rate]; 1000 } else 1001 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1002 rate &= IEEE80211_RATE_VAL; 1003 } 1004 1005 #if NBPFILTER > 0 1006 if (ic->ic_rawbpf != NULL) 1007 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 1008 #endif 1009 1010 wh = mtod(m, struct ieee80211_frame *); 1011 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && !sc->chip_hw_crypt) { 1012 struct ieee80211_key *k; 1013 1014 k = ieee80211_get_txkey(ic, wh, ni); 1015 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) { 1016 ieee80211_release_node(ic, ni); 1017 ifp->if_oerrors++; 1018 continue; 1019 } 1020 } 1021 1022 #if NBPFILTER > 0 1023 if (sc->sc_drvbpf != NULL) { 1024 struct mbuf mb; 1025 struct acx_tx_radiotap_hdr *tap = &sc->sc_txtap; 1026 1027 tap->wt_flags = 0; 1028 tap->wt_rate = rate; 1029 tap->wt_chan_freq = 1030 htole16(ic->ic_bss->ni_chan->ic_freq); 1031 tap->wt_chan_flags = 1032 htole16(ic->ic_bss->ni_chan->ic_flags); 1033 1034 mb.m_data = (caddr_t)tap; 1035 mb.m_len = sc->sc_txtap_len; 1036 mb.m_next = m; 1037 mb.m_nextpkt = NULL; 1038 mb.m_type = 0; 1039 mb.m_flags = 0; 1040 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1041 } 1042 #endif 1043 1044 if (acx_encap(sc, buf, m, ni, rate) != 0) { 1045 /* 1046 * NOTE: `m' will be freed in acx_encap() 1047 * if we reach here. 1048 */ 1049 if (ni != NULL) 1050 ieee80211_release_node(ic, ni); 1051 ifp->if_oerrors++; 1052 continue; 1053 } 1054 1055 /* 1056 * NOTE: 1057 * 1) `m' should not be touched after acx_encap() 1058 * 2) `node' will be used to do TX rate control during 1059 * acx_txeof(), so it is not freed here. acx_txeof() 1060 * will free it for us 1061 */ 1062 trans++; 1063 bd->tx_used_count++; 1064 idx = (idx + 1) % ACX_TX_DESC_CNT; 1065 } 1066 bd->tx_free_start = idx; 1067 1068 if (bd->tx_used_count == ACX_TX_DESC_CNT) 1069 ifq_set_oactive(&ifp->if_snd); 1070 1071 if (trans && sc->sc_txtimer == 0) 1072 sc->sc_txtimer = 5; 1073 ifp->if_timer = 1; 1074 } 1075 1076 void 1077 acx_watchdog(struct ifnet *ifp) 1078 { 1079 struct acx_softc *sc = ifp->if_softc; 1080 1081 ifp->if_timer = 0; 1082 1083 if ((ifp->if_flags & IFF_RUNNING) == 0) 1084 return; 1085 1086 if (sc->sc_txtimer) { 1087 if (--sc->sc_txtimer == 0) { 1088 printf("%s: watchdog timeout\n", ifp->if_xname); 1089 acx_init(ifp); 1090 ifp->if_oerrors++; 1091 return; 1092 } else 1093 ifp->if_timer = 1; 1094 } 1095 1096 ieee80211_watchdog(ifp); 1097 } 1098 1099 int 1100 acx_intr(void *arg) 1101 { 1102 struct acx_softc *sc = arg; 1103 uint16_t intr_status; 1104 1105 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0) 1106 return (0); 1107 1108 intr_status = CSR_READ_2(sc, ACXREG_INTR_STATUS_CLR); 1109 if (intr_status == ACXRV_INTR_ALL) { 1110 /* not our interrupt */ 1111 return (0); 1112 } 1113 1114 /* Acknowledge all interrupts */ 1115 CSR_WRITE_2(sc, ACXREG_INTR_ACK, intr_status); 1116 1117 intr_status &= sc->chip_intr_enable; 1118 if (intr_status == 0) { 1119 /* not interrupts we care about */ 1120 return (1); 1121 } 1122 1123 #ifndef IEEE80211_STA_ONLY 1124 if (intr_status & ACXRV_INTR_DTIM) 1125 ieee80211_notify_dtim(&sc->sc_ic); 1126 #endif 1127 1128 if (intr_status & ACXRV_INTR_TX_FINI) 1129 acx_txeof(sc); 1130 1131 if (intr_status & ACXRV_INTR_RX_FINI) 1132 acx_rxeof(sc); 1133 1134 return (1); 1135 } 1136 1137 void 1138 acx_disable_intr(struct acx_softc *sc) 1139 { 1140 CSR_WRITE_2(sc, ACXREG_INTR_MASK, sc->chip_intr_disable); 1141 CSR_WRITE_2(sc, ACXREG_EVENT_MASK, 0); 1142 } 1143 1144 void 1145 acx_enable_intr(struct acx_softc *sc) 1146 { 1147 /* Mask out interrupts that are not in the enable set */ 1148 CSR_WRITE_2(sc, ACXREG_INTR_MASK, ~sc->chip_intr_enable); 1149 CSR_WRITE_2(sc, ACXREG_EVENT_MASK, ACXRV_EVENT_DISABLE); 1150 } 1151 1152 void 1153 acx_txeof(struct acx_softc *sc) 1154 { 1155 struct acx_buf_data *bd; 1156 struct acx_txbuf *buf; 1157 struct ifnet *ifp; 1158 int idx; 1159 1160 ifp = &sc->sc_ic.ic_if; 1161 1162 bd = &sc->sc_buf_data; 1163 idx = bd->tx_used_start; 1164 for (buf = &bd->tx_buf[idx]; buf->tb_mbuf != NULL; 1165 buf = &bd->tx_buf[idx]) { 1166 uint8_t ctrl, error; 1167 1168 ctrl = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_ctrl); 1169 if ((ctrl & (DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE)) != 1170 (DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE)) 1171 break; 1172 1173 bus_dmamap_unload(sc->sc_dmat, buf->tb_mbuf_dmamap); 1174 m_freem(buf->tb_mbuf); 1175 buf->tb_mbuf = NULL; 1176 1177 error = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_error); 1178 if (error) { 1179 acx_txerr(sc, error); 1180 ifp->if_oerrors++; 1181 } 1182 1183 /* Update rate control statistics for the node */ 1184 if (buf->tb_node != NULL) { 1185 struct ieee80211com *ic; 1186 struct ieee80211_node *ni; 1187 struct acx_node *wn; 1188 int ntries; 1189 1190 ic = &sc->sc_ic; 1191 ni = (struct ieee80211_node *)buf->tb_node; 1192 wn = (struct acx_node *)ni; 1193 ntries = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_rts_fail) + 1194 FW_TXDESC_GETFIELD_1(sc, buf, f_tx_ack_fail); 1195 1196 wn->amn.amn_txcnt++; 1197 if (ntries > 0) { 1198 DPRINTFN(2, ("%s: tx intr ntries %d\n", 1199 sc->sc_dev.dv_xname, ntries)); 1200 wn->amn.amn_retrycnt++; 1201 } 1202 1203 ieee80211_release_node(ic, ni); 1204 buf->tb_node = NULL; 1205 } 1206 1207 FW_TXDESC_SETFIELD_1(sc, buf, f_tx_ctrl, DESC_CTRL_HOSTOWN); 1208 1209 bd->tx_used_count--; 1210 1211 idx = (idx + 1) % ACX_TX_DESC_CNT; 1212 } 1213 bd->tx_used_start = idx; 1214 1215 sc->sc_txtimer = bd->tx_used_count == 0 ? 0 : 5; 1216 1217 if (bd->tx_used_count != ACX_TX_DESC_CNT) { 1218 ifq_clr_oactive(&ifp->if_snd); 1219 acx_start(ifp); 1220 } 1221 } 1222 1223 void 1224 acx_txerr(struct acx_softc *sc, uint8_t err) 1225 { 1226 struct ifnet *ifp = &sc->sc_ic.ic_if; 1227 struct acx_stats *stats = &sc->sc_stats; 1228 1229 if (err == DESC_ERR_EXCESSIVE_RETRY) { 1230 /* 1231 * This a common error (see comment below), 1232 * so print it using DPRINTF(). 1233 */ 1234 DPRINTF(("%s: TX failed -- excessive retry\n", 1235 sc->sc_dev.dv_xname)); 1236 } else 1237 printf("%s: TX failed -- ", ifp->if_xname); 1238 1239 /* 1240 * Although `err' looks like bitmask, it never 1241 * has multiple bits set. 1242 */ 1243 switch (err) { 1244 #if 0 1245 case DESC_ERR_OTHER_FRAG: 1246 /* XXX what's this */ 1247 printf("error in other fragment\n"); 1248 stats->err_oth_frag++; 1249 break; 1250 #endif 1251 case DESC_ERR_ABORT: 1252 printf("aborted\n"); 1253 stats->err_abort++; 1254 break; 1255 case DESC_ERR_PARAM: 1256 printf("wrong parameters in descriptor\n"); 1257 stats->err_param++; 1258 break; 1259 case DESC_ERR_NO_WEPKEY: 1260 printf("WEP key missing\n"); 1261 stats->err_no_wepkey++; 1262 break; 1263 case DESC_ERR_MSDU_TIMEOUT: 1264 printf("MSDU life timeout\n"); 1265 stats->err_msdu_timeout++; 1266 break; 1267 case DESC_ERR_EXCESSIVE_RETRY: 1268 /* 1269 * Possible causes: 1270 * 1) Distance is too long 1271 * 2) Transmit failed (e.g. no MAC level ACK) 1272 * 3) Chip overheated (this should be rare) 1273 */ 1274 stats->err_ex_retry++; 1275 break; 1276 case DESC_ERR_BUF_OVERFLOW: 1277 printf("buffer overflow\n"); 1278 stats->err_buf_oflow++; 1279 break; 1280 case DESC_ERR_DMA: 1281 printf("DMA error\n"); 1282 stats->err_dma++; 1283 break; 1284 default: 1285 printf("unknown error %d\n", err); 1286 stats->err_unkn++; 1287 break; 1288 } 1289 } 1290 1291 void 1292 acx_rxeof(struct acx_softc *sc) 1293 { 1294 struct ieee80211com *ic = &sc->sc_ic; 1295 struct acx_ring_data *rd = &sc->sc_ring_data; 1296 struct acx_buf_data *bd = &sc->sc_buf_data; 1297 struct ifnet *ifp = &ic->ic_if; 1298 int idx, ready; 1299 1300 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 1301 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 1302 1303 /* 1304 * Locate first "ready" rx buffer, 1305 * start from last stopped position. 1306 */ 1307 idx = bd->rx_scan_start; 1308 ready = 0; 1309 do { 1310 struct acx_rxbuf *buf; 1311 1312 buf = &bd->rx_buf[idx]; 1313 if ((buf->rb_desc->h_ctrl & htole16(DESC_CTRL_HOSTOWN)) && 1314 (buf->rb_desc->h_status & htole32(DESC_STATUS_FULL))) { 1315 ready = 1; 1316 break; 1317 } 1318 idx = (idx + 1) % ACX_RX_DESC_CNT; 1319 } while (idx != bd->rx_scan_start); 1320 1321 if (!ready) 1322 return; 1323 1324 /* 1325 * NOTE: don't mess up `idx' here, it will 1326 * be used in the following code. 1327 */ 1328 do { 1329 struct acx_rxbuf_hdr *head; 1330 struct acx_rxbuf *buf; 1331 struct mbuf *m; 1332 struct ieee80211_rxinfo rxi; 1333 uint32_t desc_status; 1334 uint16_t desc_ctrl; 1335 int len, error; 1336 1337 buf = &bd->rx_buf[idx]; 1338 1339 desc_ctrl = letoh16(buf->rb_desc->h_ctrl); 1340 desc_status = letoh32(buf->rb_desc->h_status); 1341 if (!(desc_ctrl & DESC_CTRL_HOSTOWN) || 1342 !(desc_status & DESC_STATUS_FULL)) 1343 break; 1344 1345 bus_dmamap_sync(sc->sc_dmat, buf->rb_mbuf_dmamap, 0, 1346 buf->rb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 1347 1348 m = buf->rb_mbuf; 1349 1350 error = acx_newbuf(sc, buf, 0); 1351 if (error) { 1352 ifp->if_ierrors++; 1353 goto next; 1354 } 1355 1356 head = mtod(m, struct acx_rxbuf_hdr *); 1357 1358 len = letoh16(head->rbh_len) & ACX_RXBUF_LEN_MASK; 1359 if (len >= sizeof(struct ieee80211_frame_min) && 1360 len < MCLBYTES) { 1361 struct ieee80211_frame *wh; 1362 struct ieee80211_node *ni; 1363 1364 m_adj(m, sizeof(struct acx_rxbuf_hdr) + 1365 sc->chip_rxbuf_exhdr); 1366 wh = mtod(m, struct ieee80211_frame *); 1367 1368 rxi.rxi_flags = 0; 1369 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1370 sc->chip_hw_crypt) { 1371 /* Short circuit software WEP */ 1372 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1373 1374 /* Do chip specific RX buffer processing */ 1375 if (sc->chip_proc_wep_rxbuf != NULL) { 1376 sc->chip_proc_wep_rxbuf(sc, m, &len); 1377 wh = mtod(m, struct ieee80211_frame *); 1378 } 1379 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1380 } 1381 1382 m->m_len = m->m_pkthdr.len = len; 1383 1384 #if NBPFILTER > 0 1385 if (sc->sc_drvbpf != NULL) { 1386 struct mbuf mb; 1387 struct acx_rx_radiotap_hdr *tap = &sc->sc_rxtap; 1388 1389 tap->wr_flags = 0; 1390 tap->wr_chan_freq = 1391 htole16(ic->ic_bss->ni_chan->ic_freq); 1392 tap->wr_chan_flags = 1393 htole16(ic->ic_bss->ni_chan->ic_flags); 1394 tap->wr_rssi = head->rbh_level; 1395 tap->wr_max_rssi = ic->ic_max_rssi; 1396 1397 mb.m_data = (caddr_t)tap; 1398 mb.m_len = sc->sc_rxtap_len; 1399 mb.m_next = m; 1400 mb.m_nextpkt = NULL; 1401 mb.m_type = 0; 1402 mb.m_flags = 0; 1403 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1404 } 1405 #endif 1406 1407 ni = ieee80211_find_rxnode(ic, wh); 1408 1409 rxi.rxi_rssi = head->rbh_level; 1410 rxi.rxi_tstamp = letoh32(head->rbh_time); 1411 ieee80211_input(ifp, m, ni, &rxi); 1412 1413 ieee80211_release_node(ic, ni); 1414 } else { 1415 m_freem(m); 1416 ifp->if_ierrors++; 1417 } 1418 1419 next: 1420 buf->rb_desc->h_ctrl = htole16(desc_ctrl & ~DESC_CTRL_HOSTOWN); 1421 buf->rb_desc->h_status = 0; 1422 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 1423 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 1424 1425 idx = (idx + 1) % ACX_RX_DESC_CNT; 1426 } while (idx != bd->rx_scan_start); 1427 1428 /* 1429 * Record the position so that next 1430 * time we can start from it. 1431 */ 1432 bd->rx_scan_start = idx; 1433 } 1434 1435 int 1436 acx_reset(struct acx_softc *sc) 1437 { 1438 uint16_t reg; 1439 1440 /* Halt ECPU */ 1441 CSR_SETB_2(sc, ACXREG_ECPU_CTRL, ACXRV_ECPU_HALT); 1442 1443 /* Software reset */ 1444 reg = CSR_READ_2(sc, ACXREG_SOFT_RESET); 1445 CSR_WRITE_2(sc, ACXREG_SOFT_RESET, reg | ACXRV_SOFT_RESET); 1446 DELAY(100); 1447 CSR_WRITE_2(sc, ACXREG_SOFT_RESET, reg); 1448 1449 /* Initialize EEPROM */ 1450 CSR_SETB_2(sc, ACXREG_EEPROM_INIT, ACXRV_EEPROM_INIT); 1451 DELAY(50000); 1452 1453 /* Test whether ECPU is stopped */ 1454 reg = CSR_READ_2(sc, ACXREG_ECPU_CTRL); 1455 if (!(reg & ACXRV_ECPU_HALT)) { 1456 printf("%s: can't halt ECPU\n", sc->sc_dev.dv_xname); 1457 return (ENXIO); 1458 } 1459 1460 return (0); 1461 } 1462 1463 int 1464 acx_read_eeprom(struct acx_softc *sc, uint32_t offset, uint8_t *val) 1465 { 1466 int i; 1467 1468 CSR_WRITE_4(sc, ACXREG_EEPROM_CONF, 0); 1469 CSR_WRITE_4(sc, ACXREG_EEPROM_ADDR, offset); 1470 CSR_WRITE_4(sc, ACXREG_EEPROM_CTRL, ACXRV_EEPROM_READ); 1471 1472 #define EE_READ_RETRY_MAX 100 1473 for (i = 0; i < EE_READ_RETRY_MAX; ++i) { 1474 if (CSR_READ_2(sc, ACXREG_EEPROM_CTRL) == 0) 1475 break; 1476 DELAY(10000); 1477 } 1478 if (i == EE_READ_RETRY_MAX) { 1479 printf("%s: can't read EEPROM offset %x (timeout)\n", 1480 sc->sc_dev.dv_xname, offset); 1481 return (ETIMEDOUT); 1482 } 1483 #undef EE_READ_RETRY_MAX 1484 1485 *val = CSR_READ_1(sc, ACXREG_EEPROM_DATA); 1486 1487 return (0); 1488 } 1489 1490 int 1491 acx_read_phyreg(struct acx_softc *sc, uint32_t reg, uint8_t *val) 1492 { 1493 struct ifnet *ifp = &sc->sc_ic.ic_if; 1494 int i; 1495 1496 CSR_WRITE_4(sc, ACXREG_PHY_ADDR, reg); 1497 CSR_WRITE_4(sc, ACXREG_PHY_CTRL, ACXRV_PHY_READ); 1498 1499 #define PHY_READ_RETRY_MAX 100 1500 for (i = 0; i < PHY_READ_RETRY_MAX; ++i) { 1501 if (CSR_READ_4(sc, ACXREG_PHY_CTRL) == 0) 1502 break; 1503 DELAY(10000); 1504 } 1505 if (i == PHY_READ_RETRY_MAX) { 1506 printf("%s: can't read phy reg %x (timeout)\n", 1507 ifp->if_xname, reg); 1508 return (ETIMEDOUT); 1509 } 1510 #undef PHY_READ_RETRY_MAX 1511 1512 *val = CSR_READ_1(sc, ACXREG_PHY_DATA); 1513 1514 return (0); 1515 } 1516 1517 void 1518 acx_write_phyreg(struct acx_softc *sc, uint32_t reg, uint8_t val) 1519 { 1520 CSR_WRITE_4(sc, ACXREG_PHY_DATA, val); 1521 CSR_WRITE_4(sc, ACXREG_PHY_ADDR, reg); 1522 CSR_WRITE_4(sc, ACXREG_PHY_CTRL, ACXRV_PHY_WRITE); 1523 } 1524 1525 int 1526 acx_load_base_firmware(struct acx_softc *sc, const char *name) 1527 { 1528 struct ifnet *ifp = &sc->sc_ic.ic_if; 1529 int i, error; 1530 uint8_t *ucode; 1531 size_t size; 1532 1533 error = loadfirmware(name, &ucode, &size); 1534 1535 if (error != 0) { 1536 printf("%s: error %d, could not read firmware %s\n", 1537 ifp->if_xname, error, name); 1538 return (EIO); 1539 } 1540 1541 /* Load base firmware */ 1542 error = acx_load_firmware(sc, 0, ucode, size); 1543 1544 free(ucode, M_DEVBUF, size); 1545 1546 if (error) { 1547 printf("%s: can't load base firmware\n", ifp->if_xname); 1548 return error; 1549 } 1550 DPRINTF(("%s: base firmware loaded\n", sc->sc_dev.dv_xname)); 1551 1552 /* Start ECPU */ 1553 CSR_WRITE_2(sc, ACXREG_ECPU_CTRL, ACXRV_ECPU_START); 1554 1555 /* Wait for ECPU to be up */ 1556 for (i = 0; i < 500; ++i) { 1557 uint16_t reg; 1558 1559 reg = CSR_READ_2(sc, ACXREG_INTR_STATUS); 1560 if (reg & ACXRV_INTR_FCS_THRESH) { 1561 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_FCS_THRESH); 1562 return (0); 1563 } 1564 DELAY(10000); 1565 } 1566 1567 printf("%s: can't initialize ECPU (timeout)\n", ifp->if_xname); 1568 1569 return (ENXIO); 1570 } 1571 1572 int 1573 acx_load_radio_firmware(struct acx_softc *sc, const char *name) 1574 { 1575 struct ifnet *ifp = &sc->sc_ic.ic_if; 1576 struct acx_conf_mmap mem_map; 1577 uint32_t radio_fw_ofs; 1578 int error; 1579 uint8_t *ucode; 1580 size_t size; 1581 1582 error = loadfirmware(name, &ucode, &size); 1583 1584 if (error != 0) { 1585 printf("%s: error %d, could not read firmware %s\n", 1586 ifp->if_xname, error, name); 1587 return (EIO); 1588 } 1589 1590 /* 1591 * Get the position, where base firmware is loaded, so that 1592 * radio firmware can be loaded after it. 1593 */ 1594 if (acx_get_conf(sc, ACX_CONF_MMAP, &mem_map, sizeof(mem_map)) != 0) { 1595 free(ucode, M_DEVBUF, size); 1596 return (ENXIO); 1597 } 1598 radio_fw_ofs = letoh32(mem_map.code_end); 1599 1600 /* Put ECPU into sleeping state, before loading radio firmware */ 1601 if (acx_exec_command(sc, ACXCMD_SLEEP, NULL, 0, NULL, 0) != 0) { 1602 free(ucode, M_DEVBUF, size); 1603 return (ENXIO); 1604 } 1605 1606 /* Load radio firmware */ 1607 error = acx_load_firmware(sc, radio_fw_ofs, ucode, size); 1608 1609 free(ucode, M_DEVBUF, size); 1610 1611 if (error) { 1612 printf("%s: can't load radio firmware\n", ifp->if_xname); 1613 return (ENXIO); 1614 } 1615 DPRINTF(("%s: radio firmware loaded\n", sc->sc_dev.dv_xname)); 1616 1617 /* Wake up sleeping ECPU, after radio firmware is loaded */ 1618 if (acx_exec_command(sc, ACXCMD_WAKEUP, NULL, 0, NULL, 0) != 0) 1619 return (ENXIO); 1620 1621 /* Initialize radio */ 1622 if (acx_init_radio(sc, radio_fw_ofs, size) != 0) 1623 return (ENXIO); 1624 1625 /* Verify radio firmware's loading position */ 1626 if (acx_get_conf(sc, ACX_CONF_MMAP, &mem_map, sizeof(mem_map)) != 0) 1627 return (ENXIO); 1628 1629 if (letoh32(mem_map.code_end) != radio_fw_ofs + size) { 1630 printf("%s: loaded radio firmware position mismatch\n", 1631 ifp->if_xname); 1632 return (ENXIO); 1633 } 1634 1635 DPRINTF(("%s: radio firmware initialized\n", sc->sc_dev.dv_xname)); 1636 1637 return (0); 1638 } 1639 1640 int 1641 acx_load_firmware(struct acx_softc *sc, uint32_t offset, const uint8_t *data, 1642 int data_len) 1643 { 1644 struct ifnet *ifp = &sc->sc_ic.ic_if; 1645 const uint32_t *fw; 1646 u_int32_t csum = 0; 1647 int i, fw_len; 1648 1649 for (i = 4; i < data_len; i++) 1650 csum += data[i]; 1651 1652 fw = (const uint32_t *)data; 1653 1654 if (*fw != htole32(csum)) { 1655 printf("%s: firmware checksum 0x%x does not match 0x%x!\n", 1656 ifp->if_xname, *fw, htole32(csum)); 1657 return (ENXIO); 1658 } 1659 1660 /* skip csum + length */ 1661 data += 8; 1662 data_len -= 8; 1663 1664 fw = (const uint32_t *)data; 1665 fw_len = data_len / sizeof(uint32_t); 1666 1667 /* 1668 * LOADFW_AUTO_INC only works with some older firmware: 1669 * 1) acx100's firmware 1670 * 2) acx111's firmware whose rev is 0x00010011 1671 */ 1672 1673 /* Load firmware */ 1674 CSR_WRITE_4(sc, ACXREG_FWMEM_START, ACXRV_FWMEM_START_OP); 1675 #ifndef LOADFW_AUTO_INC 1676 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, 0); 1677 #else 1678 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, ACXRV_FWMEM_ADDR_AUTOINC); 1679 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset); 1680 #endif 1681 1682 for (i = 0; i < fw_len; ++i) { 1683 #ifndef LOADFW_AUTO_INC 1684 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset + (i * 4)); 1685 #endif 1686 CSR_WRITE_4(sc, ACXREG_FWMEM_DATA, betoh32(fw[i])); 1687 } 1688 1689 /* Verify firmware */ 1690 CSR_WRITE_4(sc, ACXREG_FWMEM_START, ACXRV_FWMEM_START_OP); 1691 #ifndef LOADFW_AUTO_INC 1692 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, 0); 1693 #else 1694 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, ACXRV_FWMEM_ADDR_AUTOINC); 1695 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset); 1696 #endif 1697 1698 for (i = 0; i < fw_len; ++i) { 1699 uint32_t val; 1700 1701 #ifndef LOADFW_AUTO_INC 1702 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset + (i * 4)); 1703 #endif 1704 val = CSR_READ_4(sc, ACXREG_FWMEM_DATA); 1705 if (betoh32(fw[i]) != val) { 1706 printf("%s: firmware mismatch fw %08x loaded %08x\n", 1707 ifp->if_xname, fw[i], val); 1708 return (ENXIO); 1709 } 1710 } 1711 1712 return (0); 1713 } 1714 1715 struct ieee80211_node * 1716 acx_node_alloc(struct ieee80211com *ic) 1717 { 1718 struct acx_node *wn; 1719 1720 wn = malloc(sizeof(*wn), M_DEVBUF, M_NOWAIT | M_ZERO); 1721 if (wn == NULL) 1722 return (NULL); 1723 1724 return ((struct ieee80211_node *)wn); 1725 } 1726 1727 int 1728 acx_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1729 { 1730 struct acx_softc *sc = ic->ic_if.if_softc; 1731 struct ifnet *ifp = &ic->ic_if; 1732 int error = 0; 1733 1734 timeout_del(&sc->amrr_ch); 1735 1736 switch (nstate) { 1737 case IEEE80211_S_INIT: 1738 break; 1739 case IEEE80211_S_SCAN: { 1740 uint8_t chan; 1741 1742 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 1743 if (acx_set_channel(sc, chan) != 0) { 1744 error = 1; 1745 goto back; 1746 } 1747 1748 /* 200ms => 5 channels per second */ 1749 timeout_add_msec(&sc->sc_chanscan_timer, 200); 1750 } 1751 break; 1752 case IEEE80211_S_AUTH: 1753 if (ic->ic_opmode == IEEE80211_M_STA) { 1754 struct ieee80211_node *ni; 1755 #ifdef ACX_DEBUG 1756 int i; 1757 #endif 1758 1759 ni = ic->ic_bss; 1760 1761 if (acx_join_bss(sc, ACX_MODE_STA, ni) != 0) { 1762 printf("%s: join BSS failed\n", ifp->if_xname); 1763 error = 1; 1764 goto back; 1765 } 1766 1767 DPRINTF(("%s: join BSS\n", sc->sc_dev.dv_xname)); 1768 if (ic->ic_state == IEEE80211_S_ASSOC) { 1769 DPRINTF(("%s: change from assoc to run\n", 1770 sc->sc_dev.dv_xname)); 1771 ic->ic_state = IEEE80211_S_RUN; 1772 } 1773 1774 #ifdef ACX_DEBUG 1775 printf("%s: AP rates: ", sc->sc_dev.dv_xname); 1776 for (i = 0; i < ni->ni_rates.rs_nrates; ++i) 1777 printf("%d ", ni->ni_rates.rs_rates[i]); 1778 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 1779 printf(" %s\n", ether_sprintf(ni->ni_bssid)); 1780 #endif 1781 } 1782 break; 1783 case IEEE80211_S_RUN: 1784 #ifndef IEEE80211_STA_ONLY 1785 if (ic->ic_opmode == IEEE80211_M_IBSS || 1786 ic->ic_opmode == IEEE80211_M_HOSTAP) { 1787 struct ieee80211_node *ni; 1788 uint8_t chan; 1789 1790 ni = ic->ic_bss; 1791 chan = ieee80211_chan2ieee(ic, ni->ni_chan); 1792 1793 error = 1; 1794 1795 if (acx_set_channel(sc, chan) != 0) 1796 goto back; 1797 1798 if (acx_set_beacon_tmplt(sc, ni) != 0) { 1799 printf("%s: set beacon template failed\n", 1800 ifp->if_xname); 1801 goto back; 1802 } 1803 1804 if (acx_set_probe_resp_tmplt(sc, ni) != 0) { 1805 printf("%s: set probe response template " 1806 "failed\n", ifp->if_xname); 1807 goto back; 1808 } 1809 1810 if (ic->ic_opmode == IEEE80211_M_IBSS) { 1811 if (acx_join_bss(sc, ACX_MODE_ADHOC, ni) != 0) { 1812 printf("%s: join IBSS failed\n", 1813 ifp->if_xname); 1814 goto back; 1815 } 1816 } else { 1817 if (acx_join_bss(sc, ACX_MODE_AP, ni) != 0) { 1818 printf("%s: join HOSTAP failed\n", 1819 ifp->if_xname); 1820 goto back; 1821 } 1822 } 1823 1824 DPRINTF(("%s: join IBSS\n", sc->sc_dev.dv_xname)); 1825 error = 0; 1826 } 1827 #endif 1828 /* fake a join to init the tx rate */ 1829 if (ic->ic_opmode == IEEE80211_M_STA) 1830 acx_newassoc(ic, ic->ic_bss, 1); 1831 1832 /* start automatic rate control timer */ 1833 if (ic->ic_fixed_rate == -1) 1834 timeout_add_msec(&sc->amrr_ch, 500); 1835 break; 1836 default: 1837 break; 1838 } 1839 1840 back: 1841 if (error) { 1842 /* XXX */ 1843 nstate = IEEE80211_S_INIT; 1844 arg = -1; 1845 } 1846 1847 return (sc->sc_newstate(ic, nstate, arg)); 1848 } 1849 1850 int 1851 acx_init_tmplt_ordered(struct acx_softc *sc) 1852 { 1853 union { 1854 struct acx_tmplt_beacon beacon; 1855 struct acx_tmplt_null_data null; 1856 struct acx_tmplt_probe_req preq; 1857 struct acx_tmplt_probe_resp presp; 1858 struct acx_tmplt_tim tim; 1859 } data; 1860 1861 bzero(&data, sizeof(data)); 1862 /* 1863 * NOTE: 1864 * Order of templates initialization: 1865 * 1) Probe request 1866 * 2) NULL data 1867 * 3) Beacon 1868 * 4) TIM 1869 * 5) Probe response 1870 * Above order is critical to get a correct memory map. 1871 */ 1872 if (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_REQ, &data.preq, 1873 sizeof(data.preq)) != 0) 1874 return (1); 1875 1876 if (acx_set_tmplt(sc, ACXCMD_TMPLT_NULL_DATA, &data.null, 1877 sizeof(data.null)) != 0) 1878 return (1); 1879 1880 if (acx_set_tmplt(sc, ACXCMD_TMPLT_BEACON, &data.beacon, 1881 sizeof(data.beacon)) != 0) 1882 return (1); 1883 1884 if (acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &data.tim, 1885 sizeof(data.tim)) != 0) 1886 return (1); 1887 1888 if (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_RESP, &data.presp, 1889 sizeof(data.presp)) != 0) 1890 return (1); 1891 1892 return (0); 1893 } 1894 1895 int 1896 acx_dma_alloc(struct acx_softc *sc) 1897 { 1898 struct acx_ring_data *rd = &sc->sc_ring_data; 1899 struct acx_buf_data *bd = &sc->sc_buf_data; 1900 int i, error, nsegs; 1901 1902 /* Allocate DMA stuffs for RX descriptors */ 1903 error = bus_dmamap_create(sc->sc_dmat, ACX_RX_RING_SIZE, 1, 1904 ACX_RX_RING_SIZE, 0, BUS_DMA_NOWAIT, &rd->rx_ring_dmamap); 1905 1906 if (error) { 1907 printf("%s: can't create rx ring dma tag\n", 1908 sc->sc_dev.dv_xname); 1909 return (error); 1910 } 1911 1912 error = bus_dmamem_alloc(sc->sc_dmat, ACX_RX_RING_SIZE, PAGE_SIZE, 1913 0, &rd->rx_ring_seg, 1, &nsegs, BUS_DMA_NOWAIT); 1914 1915 if (error != 0) { 1916 printf("%s: can't allocate rx ring dma memory\n", 1917 sc->sc_dev.dv_xname); 1918 return (error); 1919 } 1920 1921 error = bus_dmamem_map(sc->sc_dmat, &rd->rx_ring_seg, nsegs, 1922 ACX_RX_RING_SIZE, (caddr_t *)&rd->rx_ring, 1923 BUS_DMA_NOWAIT); 1924 1925 if (error != 0) { 1926 printf("%s: can't map rx desc DMA memory\n", 1927 sc->sc_dev.dv_xname); 1928 return (error); 1929 } 1930 1931 error = bus_dmamap_load(sc->sc_dmat, rd->rx_ring_dmamap, 1932 rd->rx_ring, ACX_RX_RING_SIZE, NULL, BUS_DMA_WAITOK); 1933 1934 if (error) { 1935 printf("%s: can't get rx ring dma address\n", 1936 sc->sc_dev.dv_xname); 1937 bus_dmamem_free(sc->sc_dmat, &rd->rx_ring_seg, 1); 1938 return (error); 1939 } 1940 1941 rd->rx_ring_paddr = rd->rx_ring_dmamap->dm_segs[0].ds_addr; 1942 1943 /* Allocate DMA stuffs for TX descriptors */ 1944 error = bus_dmamap_create(sc->sc_dmat, ACX_TX_RING_SIZE, 1, 1945 ACX_TX_RING_SIZE, 0, BUS_DMA_NOWAIT, &rd->tx_ring_dmamap); 1946 1947 if (error) { 1948 printf("%s: can't create tx ring dma tag\n", 1949 sc->sc_dev.dv_xname); 1950 return (error); 1951 } 1952 1953 error = bus_dmamem_alloc(sc->sc_dmat, ACX_TX_RING_SIZE, PAGE_SIZE, 1954 0, &rd->tx_ring_seg, 1, &nsegs, BUS_DMA_NOWAIT); 1955 1956 if (error) { 1957 printf("%s: can't allocate tx ring dma memory\n", 1958 sc->sc_dev.dv_xname); 1959 return (error); 1960 } 1961 1962 error = bus_dmamem_map(sc->sc_dmat, &rd->tx_ring_seg, nsegs, 1963 ACX_TX_RING_SIZE, (caddr_t *)&rd->tx_ring, BUS_DMA_NOWAIT); 1964 1965 if (error != 0) { 1966 printf("%s: can't map tx desc DMA memory\n", 1967 sc->sc_dev.dv_xname); 1968 return (error); 1969 } 1970 1971 error = bus_dmamap_load(sc->sc_dmat, rd->tx_ring_dmamap, 1972 rd->tx_ring, ACX_TX_RING_SIZE, NULL, BUS_DMA_WAITOK); 1973 1974 if (error) { 1975 printf("%s: can't get tx ring dma address\n", 1976 sc->sc_dev.dv_xname); 1977 bus_dmamem_free(sc->sc_dmat, &rd->tx_ring_seg, 1); 1978 return (error); 1979 } 1980 1981 rd->tx_ring_paddr = rd->tx_ring_dmamap->dm_segs[0].ds_addr; 1982 1983 /* Create a spare RX DMA map */ 1984 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 1985 0, 0, &bd->mbuf_tmp_dmamap); 1986 1987 if (error) { 1988 printf("%s: can't create tmp mbuf dma map\n", 1989 sc->sc_dev.dv_xname); 1990 return (error); 1991 } 1992 1993 /* Create DMA map for RX mbufs */ 1994 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 1995 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 1996 MCLBYTES, 0, 0, &bd->rx_buf[i].rb_mbuf_dmamap); 1997 if (error) { 1998 printf("%s: can't create rx mbuf dma map (%d)\n", 1999 sc->sc_dev.dv_xname, i); 2000 return (error); 2001 } 2002 bd->rx_buf[i].rb_desc = &rd->rx_ring[i]; 2003 } 2004 2005 /* Create DMA map for TX mbufs */ 2006 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 2007 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 2008 MCLBYTES, 0, 0, &bd->tx_buf[i].tb_mbuf_dmamap); 2009 if (error) { 2010 printf("%s: can't create tx mbuf dma map (%d)\n", 2011 sc->sc_dev.dv_xname, i); 2012 return (error); 2013 } 2014 bd->tx_buf[i].tb_desc1 = &rd->tx_ring[i * 2]; 2015 bd->tx_buf[i].tb_desc2 = &rd->tx_ring[(i * 2) + 1]; 2016 } 2017 2018 return (0); 2019 } 2020 2021 void 2022 acx_dma_free(struct acx_softc *sc) 2023 { 2024 struct acx_ring_data *rd = &sc->sc_ring_data; 2025 struct acx_buf_data *bd = &sc->sc_buf_data; 2026 int i; 2027 2028 if (rd->rx_ring != NULL) { 2029 bus_dmamap_unload(sc->sc_dmat, rd->rx_ring_dmamap); 2030 bus_dmamem_free(sc->sc_dmat, &rd->rx_ring_seg, 1); 2031 } 2032 2033 if (rd->tx_ring != NULL) { 2034 bus_dmamap_unload(sc->sc_dmat, rd->tx_ring_dmamap); 2035 bus_dmamem_free(sc->sc_dmat, &rd->tx_ring_seg, 1); 2036 } 2037 2038 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 2039 if (bd->rx_buf[i].rb_desc != NULL) { 2040 if (bd->rx_buf[i].rb_mbuf != NULL) { 2041 bus_dmamap_unload(sc->sc_dmat, 2042 bd->rx_buf[i].rb_mbuf_dmamap); 2043 m_freem(bd->rx_buf[i].rb_mbuf); 2044 } 2045 bus_dmamap_destroy(sc->sc_dmat, 2046 bd->rx_buf[i].rb_mbuf_dmamap); 2047 } 2048 } 2049 2050 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 2051 if (bd->tx_buf[i].tb_desc1 != NULL) { 2052 if (bd->tx_buf[i].tb_mbuf != NULL) { 2053 bus_dmamap_unload(sc->sc_dmat, 2054 bd->tx_buf[i].tb_mbuf_dmamap); 2055 m_freem(bd->tx_buf[i].tb_mbuf); 2056 } 2057 bus_dmamap_destroy(sc->sc_dmat, 2058 bd->tx_buf[i].tb_mbuf_dmamap); 2059 } 2060 } 2061 2062 if (bd->mbuf_tmp_dmamap != NULL) 2063 bus_dmamap_destroy(sc->sc_dmat, bd->mbuf_tmp_dmamap); 2064 } 2065 2066 void 2067 acx_init_tx_ring(struct acx_softc *sc) 2068 { 2069 struct acx_ring_data *rd; 2070 struct acx_buf_data *bd; 2071 uint32_t paddr; 2072 int i; 2073 2074 rd = &sc->sc_ring_data; 2075 paddr = rd->tx_ring_paddr; 2076 for (i = 0; i < (ACX_TX_DESC_CNT * 2) - 1; ++i) { 2077 paddr += sizeof(struct acx_host_desc); 2078 2079 bzero(&rd->tx_ring[i], sizeof(struct acx_host_desc)); 2080 rd->tx_ring[i].h_ctrl = htole16(DESC_CTRL_HOSTOWN); 2081 2082 if (i == (ACX_TX_DESC_CNT * 2) - 1) 2083 rd->tx_ring[i].h_next_desc = htole32(rd->tx_ring_paddr); 2084 else 2085 rd->tx_ring[i].h_next_desc = htole32(paddr); 2086 } 2087 2088 bus_dmamap_sync(sc->sc_dmat, rd->tx_ring_dmamap, 0, 2089 rd->tx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2090 2091 bd = &sc->sc_buf_data; 2092 bd->tx_free_start = 0; 2093 bd->tx_used_start = 0; 2094 bd->tx_used_count = 0; 2095 } 2096 2097 int 2098 acx_init_rx_ring(struct acx_softc *sc) 2099 { 2100 struct acx_ring_data *rd; 2101 struct acx_buf_data *bd; 2102 uint32_t paddr; 2103 int i; 2104 2105 bd = &sc->sc_buf_data; 2106 rd = &sc->sc_ring_data; 2107 paddr = rd->rx_ring_paddr; 2108 2109 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 2110 int error; 2111 2112 paddr += sizeof(struct acx_host_desc); 2113 bzero(&rd->rx_ring[i], sizeof(struct acx_host_desc)); 2114 2115 error = acx_newbuf(sc, &bd->rx_buf[i], 1); 2116 if (error) 2117 return (error); 2118 2119 if (i == ACX_RX_DESC_CNT - 1) 2120 rd->rx_ring[i].h_next_desc = htole32(rd->rx_ring_paddr); 2121 else 2122 rd->rx_ring[i].h_next_desc = htole32(paddr); 2123 } 2124 2125 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 2126 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2127 2128 bd->rx_scan_start = 0; 2129 2130 return (0); 2131 } 2132 2133 int 2134 acx_newbuf(struct acx_softc *sc, struct acx_rxbuf *rb, int wait) 2135 { 2136 struct acx_buf_data *bd; 2137 struct mbuf *m; 2138 bus_dmamap_t map; 2139 uint32_t paddr; 2140 int error; 2141 2142 bd = &sc->sc_buf_data; 2143 2144 MGETHDR(m, wait ? M_WAITOK : M_DONTWAIT, MT_DATA); 2145 if (m == NULL) 2146 return (ENOBUFS); 2147 2148 MCLGET(m, wait ? M_WAITOK : M_DONTWAIT); 2149 if (!(m->m_flags & M_EXT)) { 2150 m_freem(m); 2151 return (ENOBUFS); 2152 } 2153 2154 m->m_len = m->m_pkthdr.len = MCLBYTES; 2155 2156 error = bus_dmamap_load_mbuf(sc->sc_dmat, bd->mbuf_tmp_dmamap, m, 2157 wait ? BUS_DMA_WAITOK : BUS_DMA_NOWAIT); 2158 if (error) { 2159 m_freem(m); 2160 printf("%s: can't map rx mbuf %d\n", 2161 sc->sc_dev.dv_xname, error); 2162 return (error); 2163 } 2164 2165 /* Unload originally mapped mbuf */ 2166 if (rb->rb_mbuf != NULL) 2167 bus_dmamap_unload(sc->sc_dmat, rb->rb_mbuf_dmamap); 2168 2169 /* Swap this dmamap with tmp dmamap */ 2170 map = rb->rb_mbuf_dmamap; 2171 rb->rb_mbuf_dmamap = bd->mbuf_tmp_dmamap; 2172 bd->mbuf_tmp_dmamap = map; 2173 paddr = rb->rb_mbuf_dmamap->dm_segs[0].ds_addr; 2174 2175 rb->rb_mbuf = m; 2176 rb->rb_desc->h_data_paddr = htole32(paddr); 2177 rb->rb_desc->h_data_len = htole16(m->m_len); 2178 2179 bus_dmamap_sync(sc->sc_dmat, rb->rb_mbuf_dmamap, 0, 2180 rb->rb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 2181 2182 return (0); 2183 } 2184 2185 int 2186 acx_encap(struct acx_softc *sc, struct acx_txbuf *txbuf, struct mbuf *m, 2187 struct ieee80211_node *ni, int rate) 2188 { 2189 struct acx_ring_data *rd = &sc->sc_ring_data; 2190 struct acx_node *node = (struct acx_node *)ni; 2191 struct ifnet *ifp = &sc->sc_ic.ic_if; 2192 uint32_t paddr; 2193 uint8_t ctrl; 2194 int error; 2195 2196 if (txbuf->tb_mbuf != NULL) 2197 panic("free TX buf has mbuf installed"); 2198 2199 if (m->m_pkthdr.len > MCLBYTES) { 2200 printf("%s: mbuf too big\n", ifp->if_xname); 2201 error = E2BIG; 2202 goto back; 2203 } else if (m->m_pkthdr.len < ACX_FRAME_HDRLEN) { 2204 printf("%s: mbuf too small\n", ifp->if_xname); 2205 error = EINVAL; 2206 goto back; 2207 } 2208 2209 error = bus_dmamap_load_mbuf(sc->sc_dmat, txbuf->tb_mbuf_dmamap, m, 2210 BUS_DMA_NOWAIT); 2211 2212 if (error && error != EFBIG) { 2213 printf("%s: can't map tx mbuf1 %d\n", 2214 sc->sc_dev.dv_xname, error); 2215 goto back; 2216 } 2217 2218 if (error) { /* error == EFBIG */ 2219 /* too many fragments, linearize */ 2220 if (m_defrag(m, M_DONTWAIT)) { 2221 printf("%s: can't defrag tx mbuf\n", ifp->if_xname); 2222 goto back; 2223 } 2224 error = bus_dmamap_load_mbuf(sc->sc_dmat, 2225 txbuf->tb_mbuf_dmamap, m, BUS_DMA_NOWAIT); 2226 if (error) { 2227 printf("%s: can't map tx mbuf2 %d\n", 2228 sc->sc_dev.dv_xname, error); 2229 goto back; 2230 } 2231 } 2232 2233 error = 0; 2234 2235 bus_dmamap_sync(sc->sc_dmat, txbuf->tb_mbuf_dmamap, 0, 2236 txbuf->tb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2237 2238 txbuf->tb_mbuf = m; 2239 txbuf->tb_node = node; 2240 txbuf->tb_rate = rate; 2241 2242 /* 2243 * TX buffers are accessed in following way: 2244 * acx_fw_txdesc -> acx_host_desc -> buffer 2245 * 2246 * It is quite strange that acx also queries acx_host_desc next to 2247 * the one we have assigned to acx_fw_txdesc even if first one's 2248 * acx_host_desc.h_data_len == acx_fw_txdesc.f_tx_len 2249 * 2250 * So we allocate two acx_host_desc for one acx_fw_txdesc and 2251 * assign the first acx_host_desc to acx_fw_txdesc 2252 * 2253 * For acx111 2254 * host_desc1.h_data_len = buffer_len 2255 * host_desc2.h_data_len = buffer_len - mac_header_len 2256 * 2257 * For acx100 2258 * host_desc1.h_data_len = mac_header_len 2259 * host_desc2.h_data_len = buffer_len - mac_header_len 2260 */ 2261 paddr = txbuf->tb_mbuf_dmamap->dm_segs[0].ds_addr; 2262 txbuf->tb_desc1->h_data_paddr = htole32(paddr); 2263 txbuf->tb_desc2->h_data_paddr = htole32(paddr + ACX_FRAME_HDRLEN); 2264 2265 txbuf->tb_desc1->h_data_len = 2266 htole16(sc->chip_txdesc1_len ? sc->chip_txdesc1_len 2267 : m->m_pkthdr.len); 2268 txbuf->tb_desc2->h_data_len = 2269 htole16(m->m_pkthdr.len - ACX_FRAME_HDRLEN); 2270 2271 /* 2272 * NOTE: 2273 * We can't simply assign f_tx_ctrl, we will first read it back 2274 * and change it bit by bit 2275 */ 2276 ctrl = FW_TXDESC_GETFIELD_1(sc, txbuf, f_tx_ctrl); 2277 ctrl |= sc->chip_fw_txdesc_ctrl; /* extra chip specific flags */ 2278 ctrl &= ~(DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE); 2279 2280 FW_TXDESC_SETFIELD_2(sc, txbuf, f_tx_len, m->m_pkthdr.len); 2281 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_error, 0); 2282 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ack_fail, 0); 2283 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_rts_fail, 0); 2284 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_rts_ok, 0); 2285 sc->chip_set_fw_txdesc_rate(sc, txbuf, rate); 2286 2287 txbuf->tb_desc1->h_ctrl = 0; 2288 txbuf->tb_desc2->h_ctrl = 0; 2289 bus_dmamap_sync(sc->sc_dmat, rd->tx_ring_dmamap, 0, 2290 rd->tx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2291 2292 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ctrl2, 0); 2293 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ctrl, ctrl); 2294 2295 /* Tell chip to inform us about TX completion */ 2296 CSR_WRITE_2(sc, ACXREG_INTR_TRIG, ACXRV_TRIG_TX_FINI); 2297 back: 2298 if (error) 2299 m_freem(m); 2300 2301 return (error); 2302 } 2303 2304 int 2305 acx_set_null_tmplt(struct acx_softc *sc) 2306 { 2307 struct ieee80211com *ic = &sc->sc_ic; 2308 struct acx_tmplt_null_data n; 2309 struct ieee80211_frame *wh; 2310 2311 bzero(&n, sizeof(n)); 2312 2313 wh = &n.data; 2314 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_DATA | 2315 IEEE80211_FC0_SUBTYPE_NODATA; 2316 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2317 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2318 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2319 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2320 2321 return (acx_set_tmplt(sc, ACXCMD_TMPLT_NULL_DATA, &n, sizeof(n))); 2322 } 2323 2324 int 2325 acx_set_probe_req_tmplt(struct acx_softc *sc, const char *ssid, int ssid_len) 2326 { 2327 struct ieee80211com *ic = &sc->sc_ic; 2328 struct acx_tmplt_probe_req req; 2329 struct ieee80211_frame *wh; 2330 struct ieee80211_rateset *rs; 2331 uint8_t *frm; 2332 int len; 2333 2334 bzero(&req, sizeof(req)); 2335 2336 wh = &req.data.u_data.f; 2337 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2338 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 2339 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2340 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2341 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2342 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2343 2344 frm = req.data.u_data.var; 2345 frm = ieee80211_add_ssid(frm, ssid, ssid_len); 2346 rs = &ic->ic_sup_rates[sc->chip_phymode]; 2347 frm = ieee80211_add_rates(frm, rs); 2348 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 2349 frm = ieee80211_add_xrates(frm, rs); 2350 len = frm - req.data.u_data.var; 2351 2352 return (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_REQ, &req, 2353 ACX_TMPLT_PROBE_REQ_SIZ(len))); 2354 } 2355 2356 #ifndef IEEE80211_STA_ONLY 2357 struct mbuf *ieee80211_get_probe_resp(struct ieee80211com *, 2358 struct ieee80211_node *); 2359 2360 int 2361 acx_set_probe_resp_tmplt(struct acx_softc *sc, struct ieee80211_node *ni) 2362 { 2363 struct ieee80211com *ic = &sc->sc_ic; 2364 struct acx_tmplt_probe_resp resp; 2365 struct ieee80211_frame *wh; 2366 struct mbuf *m; 2367 int len; 2368 2369 bzero(&resp, sizeof(resp)); 2370 2371 m = ieee80211_get_probe_resp(ic, ni); 2372 if (m == NULL) 2373 return (1); 2374 M_PREPEND(m, sizeof(struct ieee80211_frame), M_DONTWAIT); 2375 if (m == NULL) 2376 return (1); 2377 wh = mtod(m, struct ieee80211_frame *); 2378 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2379 IEEE80211_FC0_SUBTYPE_PROBE_RESP; 2380 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2381 *(u_int16_t *)&wh->i_dur[0] = 0; 2382 IEEE80211_ADDR_COPY(wh->i_addr1, ni->ni_macaddr); 2383 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2384 IEEE80211_ADDR_COPY(wh->i_addr3, ni->ni_bssid); 2385 *(u_int16_t *)wh->i_seq = 0; 2386 2387 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&resp.data); 2388 len = m->m_pkthdr.len + sizeof(resp.size); 2389 m_freem(m); 2390 2391 return (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_RESP, &resp, len)); 2392 } 2393 2394 int 2395 acx_beacon_locate(struct mbuf *m, u_int8_t type) 2396 { 2397 int off; 2398 u_int8_t *frm; 2399 /* 2400 * beacon frame format 2401 * [8] time stamp 2402 * [2] beacon interval 2403 * [2] cabability information 2404 * from here on [tlv] values 2405 */ 2406 2407 if (m->m_len != m->m_pkthdr.len) 2408 panic("beacon not in contiguous mbuf"); 2409 2410 off = sizeof(struct ieee80211_frame) + 8 + 2 + 2; 2411 frm = mtod(m, u_int8_t *); 2412 for (; off + 1 < m->m_len; off += frm[off + 1] + 2) { 2413 if (frm[off] == type) 2414 return (off); 2415 } 2416 return (-1); 2417 } 2418 2419 int 2420 acx_set_beacon_tmplt(struct acx_softc *sc, struct ieee80211_node *ni) 2421 { 2422 struct ieee80211com *ic = &sc->sc_ic; 2423 struct acx_tmplt_beacon beacon; 2424 struct acx_tmplt_tim tim; 2425 struct mbuf *m; 2426 int len, off; 2427 2428 bzero(&beacon, sizeof(beacon)); 2429 bzero(&tim, sizeof(tim)); 2430 2431 m = ieee80211_beacon_alloc(ic, ni); 2432 if (m == NULL) 2433 return (1); 2434 2435 off = acx_beacon_locate(m, IEEE80211_ELEMID_TIM); 2436 if (off < 0) { 2437 m_free(m); 2438 return (1); 2439 } 2440 2441 m_copydata(m, 0, off, (caddr_t)&beacon.data); 2442 len = off + sizeof(beacon.size); 2443 2444 if (acx_set_tmplt(sc, ACXCMD_TMPLT_BEACON, &beacon, len) != 0) { 2445 m_freem(m); 2446 return (1); 2447 } 2448 2449 len = m->m_pkthdr.len - off; 2450 if (len == 0) { 2451 /* no TIM field */ 2452 m_freem(m); 2453 return (0); 2454 } 2455 2456 m_copydata(m, off, len, (caddr_t)&tim.data); 2457 len += sizeof(beacon.size); 2458 m_freem(m); 2459 2460 return (acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &tim, len)); 2461 } 2462 #endif /* IEEE80211_STA_ONLY */ 2463 2464 void 2465 acx_init_cmd_reg(struct acx_softc *sc) 2466 { 2467 sc->sc_cmd = CSR_READ_4(sc, ACXREG_CMD_REG_OFFSET); 2468 sc->sc_cmd_param = sc->sc_cmd + ACX_CMD_REG_SIZE; 2469 2470 /* Clear command & status */ 2471 CMD_WRITE_4(sc, 0); 2472 } 2473 2474 int 2475 acx_join_bss(struct acx_softc *sc, uint8_t mode, struct ieee80211_node *node) 2476 { 2477 uint8_t bj_buf[BSS_JOIN_BUFLEN]; 2478 struct bss_join_hdr *bj; 2479 int i, dtim_intvl; 2480 2481 bzero(bj_buf, sizeof(bj_buf)); 2482 bj = (struct bss_join_hdr *)bj_buf; 2483 2484 for (i = 0; i < IEEE80211_ADDR_LEN; ++i) 2485 bj->bssid[i] = node->ni_bssid[IEEE80211_ADDR_LEN - i - 1]; 2486 2487 bj->beacon_intvl = htole16(acx_beacon_intvl); 2488 2489 /* TODO tunable */ 2490 #ifndef IEEE80211_STA_ONLY 2491 if (sc->sc_ic.ic_opmode == IEEE80211_M_IBSS) 2492 dtim_intvl = 1; 2493 else 2494 #endif 2495 dtim_intvl = 10; 2496 sc->chip_set_bss_join_param(sc, bj->chip_spec, dtim_intvl); 2497 2498 bj->ndata_txrate = ACX_NDATA_TXRATE_1; 2499 bj->ndata_txopt = 0; 2500 bj->mode = mode; 2501 bj->channel = ieee80211_chan2ieee(&sc->sc_ic, node->ni_chan); 2502 bj->esslen = node->ni_esslen; 2503 bcopy(node->ni_essid, bj->essid, node->ni_esslen); 2504 2505 DPRINTF(("%s: join BSS/IBSS on channel %d\n", sc->sc_dev.dv_xname, 2506 bj->channel)); 2507 return (acx_exec_command(sc, ACXCMD_JOIN_BSS, 2508 bj, BSS_JOIN_PARAM_SIZE(bj), NULL, 0)); 2509 } 2510 2511 int 2512 acx_set_channel(struct acx_softc *sc, uint8_t chan) 2513 { 2514 if (acx_exec_command(sc, ACXCMD_ENABLE_TXCHAN, &chan, sizeof(chan), 2515 NULL, 0) != 0) { 2516 DPRINTF(("%s: setting TX channel %d failed\n", 2517 sc->sc_dev.dv_xname, chan)); 2518 return (ENXIO); 2519 } 2520 2521 if (acx_exec_command(sc, ACXCMD_ENABLE_RXCHAN, &chan, sizeof(chan), 2522 NULL, 0) != 0) { 2523 DPRINTF(("%s: setting RX channel %d failed\n", 2524 sc->sc_dev.dv_xname, chan)); 2525 return (ENXIO); 2526 } 2527 2528 return (0); 2529 } 2530 2531 int 2532 acx_get_conf(struct acx_softc *sc, uint16_t conf_id, void *conf, 2533 uint16_t conf_len) 2534 { 2535 struct acx_conf *confcom; 2536 2537 if (conf_len < sizeof(*confcom)) { 2538 printf("%s: %s configure data is too short\n", 2539 sc->sc_dev.dv_xname, __func__); 2540 return (1); 2541 } 2542 2543 confcom = conf; 2544 confcom->conf_id = htole16(conf_id); 2545 confcom->conf_data_len = htole16(conf_len - sizeof(*confcom)); 2546 2547 return (acx_exec_command(sc, ACXCMD_GET_CONF, confcom, sizeof(*confcom), 2548 conf, conf_len)); 2549 } 2550 2551 int 2552 acx_set_conf(struct acx_softc *sc, uint16_t conf_id, void *conf, 2553 uint16_t conf_len) 2554 { 2555 struct acx_conf *confcom; 2556 2557 if (conf_len < sizeof(*confcom)) { 2558 printf("%s: %s configure data is too short\n", 2559 sc->sc_dev.dv_xname, __func__); 2560 return (1); 2561 } 2562 2563 confcom = conf; 2564 confcom->conf_id = htole16(conf_id); 2565 confcom->conf_data_len = htole16(conf_len - sizeof(*confcom)); 2566 2567 return (acx_exec_command(sc, ACXCMD_SET_CONF, conf, conf_len, NULL, 0)); 2568 } 2569 2570 int 2571 acx_set_tmplt(struct acx_softc *sc, uint16_t cmd, void *tmplt, 2572 uint16_t tmplt_len) 2573 { 2574 uint16_t *size; 2575 2576 if (tmplt_len < sizeof(*size)) { 2577 printf("%s: %s template is too short\n", 2578 sc->sc_dev.dv_xname, __func__); 2579 return (1); 2580 } 2581 2582 size = tmplt; 2583 *size = htole16(tmplt_len - sizeof(*size)); 2584 2585 return (acx_exec_command(sc, cmd, tmplt, tmplt_len, NULL, 0)); 2586 } 2587 2588 int 2589 acx_init_radio(struct acx_softc *sc, uint32_t radio_ofs, uint32_t radio_len) 2590 { 2591 struct radio_init r; 2592 2593 r.radio_ofs = htole32(radio_ofs); 2594 r.radio_len = htole32(radio_len); 2595 2596 return (acx_exec_command(sc, ACXCMD_INIT_RADIO, &r, sizeof(r), NULL, 2597 0)); 2598 } 2599 2600 int 2601 acx_exec_command(struct acx_softc *sc, uint16_t cmd, void *param, 2602 uint16_t param_len, void *result, uint16_t result_len) 2603 { 2604 uint16_t status; 2605 int i, ret; 2606 2607 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0) { 2608 printf("%s: cmd 0x%04x failed (base firmware not loaded)\n", 2609 sc->sc_dev.dv_xname, cmd); 2610 return (1); 2611 } 2612 2613 ret = 0; 2614 2615 if (param != NULL && param_len != 0) { 2616 /* Set command param */ 2617 CMDPRM_WRITE_REGION_1(sc, param, param_len); 2618 } 2619 2620 /* Set command */ 2621 CMD_WRITE_4(sc, cmd); 2622 2623 /* Exec command */ 2624 CSR_WRITE_2(sc, ACXREG_INTR_TRIG, ACXRV_TRIG_CMD_FINI); 2625 DELAY(50); 2626 2627 /* Wait for command to complete */ 2628 if (cmd == ACXCMD_INIT_RADIO) { 2629 /* radio initialization is extremely long */ 2630 tsleep(&cmd, 0, "rdinit", (300 * hz) / 1000); /* 300ms */ 2631 } 2632 2633 #define CMDWAIT_RETRY_MAX 1000 2634 for (i = 0; i < CMDWAIT_RETRY_MAX; ++i) { 2635 uint16_t reg; 2636 2637 reg = CSR_READ_2(sc, ACXREG_INTR_STATUS); 2638 if (reg & ACXRV_INTR_CMD_FINI) { 2639 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_CMD_FINI); 2640 break; 2641 } 2642 DELAY(50); 2643 } 2644 if (i == CMDWAIT_RETRY_MAX) { 2645 printf("%s: cmd %04x failed (timeout)\n", 2646 sc->sc_dev.dv_xname, cmd); 2647 ret = 1; 2648 goto back; 2649 } 2650 #undef CMDWAIT_RETRY_MAX 2651 2652 /* Get command exec status */ 2653 status = (CMD_READ_4(sc) >> ACX_CMD_STATUS_SHIFT); 2654 if (status != ACX_CMD_STATUS_OK) { 2655 DPRINTF(("%s: cmd %04x failed\n", sc->sc_dev.dv_xname, cmd)); 2656 ret = 1; 2657 goto back; 2658 } 2659 2660 if (result != NULL && result_len != 0) { 2661 /* Get command result */ 2662 CMDPRM_READ_REGION_1(sc, result, result_len); 2663 } 2664 2665 back: 2666 CMD_WRITE_4(sc, 0); 2667 2668 return (ret); 2669 } 2670 2671 const char * 2672 acx_get_rf(int rev) 2673 { 2674 switch (rev) { 2675 case ACX_RADIO_TYPE_MAXIM: return "MAX2820"; 2676 case ACX_RADIO_TYPE_RFMD: return "RFMD"; 2677 case ACX_RADIO_TYPE_RALINK: return "Ralink"; 2678 case ACX_RADIO_TYPE_RADIA: return "Radia"; 2679 default: return "unknown"; 2680 } 2681 } 2682 2683 int 2684 acx_get_maxrssi(int radio) 2685 { 2686 switch (radio) { 2687 case ACX_RADIO_TYPE_MAXIM: return ACX_RADIO_RSSI_MAXIM; 2688 case ACX_RADIO_TYPE_RFMD: return ACX_RADIO_RSSI_RFMD; 2689 case ACX_RADIO_TYPE_RALINK: return ACX_RADIO_RSSI_RALINK; 2690 case ACX_RADIO_TYPE_RADIA: return ACX_RADIO_RSSI_RADIA; 2691 default: return ACX_RADIO_RSSI_UNKN; 2692 } 2693 } 2694 2695 void 2696 acx_iter_func(void *arg, struct ieee80211_node *ni) 2697 { 2698 struct acx_softc *sc = arg; 2699 struct acx_node *wn = (struct acx_node *)ni; 2700 2701 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 2702 } 2703 2704 void 2705 acx_amrr_timeout(void *arg) 2706 { 2707 struct acx_softc *sc = arg; 2708 struct ieee80211com *ic = &sc->sc_ic; 2709 2710 if (ic->ic_opmode == IEEE80211_M_STA) 2711 acx_iter_func(sc, ic->ic_bss); 2712 else 2713 ieee80211_iterate_nodes(ic, acx_iter_func, sc); 2714 2715 timeout_add_msec(&sc->amrr_ch, 500); 2716 } 2717 2718 void 2719 acx_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 2720 { 2721 struct acx_softc *sc = ic->ic_if.if_softc; 2722 int i; 2723 2724 ieee80211_amrr_node_init(&sc->amrr, &((struct acx_node *)ni)->amn); 2725 2726 /* set rate to some reasonable initial value */ 2727 for (i = ni->ni_rates.rs_nrates - 1; 2728 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 2729 i--); 2730 ni->ni_txrate = i; 2731 } 2732 2733 #ifndef IEEE80211_STA_ONLY 2734 void 2735 acx_set_tim(struct ieee80211com *ic, int aid, int set) 2736 { 2737 struct acx_softc *sc = ic->ic_if.if_softc; 2738 struct acx_tmplt_tim tim; 2739 u_int8_t *ep; 2740 2741 ieee80211_set_tim(ic, aid, set); 2742 2743 bzero(&tim, sizeof(tim)); 2744 ep = ieee80211_add_tim(tim.data.u_mem, ic); 2745 2746 acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &tim, ep - (u_int8_t *)&tim); 2747 } 2748 #endif 2749