1 /* $OpenBSD: acx.c,v 1.119 2016/09/02 09:04:56 tom Exp $ */ 2 3 /* 4 * Copyright (c) 2006 Jonathan Gray <jsg@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /* 20 * Copyright (c) 2006 The DragonFly Project. All rights reserved. 21 * 22 * This code is derived from software contributed to The DragonFly Project 23 * by Sepherosa Ziehau <sepherosa@gmail.com> 24 * 25 * Redistribution and use in source and binary forms, with or without 26 * modification, are permitted provided that the following conditions 27 * are met: 28 * 29 * 1. Redistributions of source code must retain the above copyright 30 * notice, this list of conditions and the following disclaimer. 31 * 2. Redistributions in binary form must reproduce the above copyright 32 * notice, this list of conditions and the following disclaimer in 33 * the documentation and/or other materials provided with the 34 * distribution. 35 * 3. Neither the name of The DragonFly Project nor the names of its 36 * contributors may be used to endorse or promote products derived 37 * from this software without specific, prior written permission. 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 40 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 41 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 42 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 43 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 44 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 45 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 47 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 48 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 49 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 */ 52 53 /* 54 * Copyright (c) 2003-2004 wlan.kewl.org Project 55 * All rights reserved. 56 * 57 * Redistribution and use in source and binary forms, with or without 58 * modification, are permitted provided that the following conditions 59 * are met: 60 * 61 * 1. Redistributions of source code must retain the above copyright 62 * notice, this list of conditions and the following disclaimer. 63 * 64 * 2. Redistributions in binary form must reproduce the above copyright 65 * notice, this list of conditions and the following disclaimer in the 66 * documentation and/or other materials provided with the distribution. 67 * 68 * 3. All advertising materials mentioning features or use of this software 69 * must display the following acknowledgement: 70 * 71 * This product includes software developed by the wlan.kewl.org Project. 72 * 73 * 4. Neither the name of the wlan.kewl.org Project nor the names of its 74 * contributors may be used to endorse or promote products derived from 75 * this software without specific prior written permission. 76 * 77 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, 78 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY 79 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 80 * THE wlan.kewl.org Project BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 81 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 82 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 83 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 84 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 85 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 86 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 87 */ 88 89 #include "bpfilter.h" 90 91 #include <sys/param.h> 92 #include <sys/systm.h> 93 #include <sys/kernel.h> 94 #include <sys/malloc.h> 95 #include <sys/mbuf.h> 96 #include <sys/socket.h> 97 #include <sys/sockio.h> 98 #include <sys/ioctl.h> 99 #include <sys/errno.h> 100 #include <sys/device.h> 101 #include <sys/endian.h> 102 103 #include <machine/bus.h> 104 #include <machine/intr.h> 105 106 #include <net/if.h> 107 #include <net/if_media.h> 108 109 #if NBPFILTER > 0 110 #include <net/bpf.h> 111 #endif 112 113 #include <netinet/in.h> 114 #include <netinet/if_ether.h> 115 116 #include <net80211/ieee80211_var.h> 117 #include <net80211/ieee80211_amrr.h> 118 #include <net80211/ieee80211_radiotap.h> 119 120 #include <dev/ic/acxvar.h> 121 #include <dev/ic/acxreg.h> 122 123 #ifdef ACX_DEBUG 124 int acxdebug = 0; 125 #endif 126 127 int acx_attach(struct acx_softc *); 128 int acx_detach(void *); 129 130 int acx_init(struct ifnet *); 131 int acx_stop(struct acx_softc *); 132 void acx_init_info_reg(struct acx_softc *); 133 int acx_config(struct acx_softc *); 134 int acx_read_config(struct acx_softc *, struct acx_config *); 135 int acx_write_config(struct acx_softc *, struct acx_config *); 136 int acx_rx_config(struct acx_softc *); 137 int acx_set_crypt_keys(struct acx_softc *); 138 void acx_next_scan(void *); 139 140 void acx_start(struct ifnet *); 141 void acx_watchdog(struct ifnet *); 142 143 int acx_ioctl(struct ifnet *, u_long, caddr_t); 144 145 int acx_intr(void *); 146 void acx_disable_intr(struct acx_softc *); 147 void acx_enable_intr(struct acx_softc *); 148 void acx_txeof(struct acx_softc *); 149 void acx_txerr(struct acx_softc *, uint8_t); 150 void acx_rxeof(struct acx_softc *); 151 152 int acx_dma_alloc(struct acx_softc *); 153 void acx_dma_free(struct acx_softc *); 154 void acx_init_tx_ring(struct acx_softc *); 155 int acx_init_rx_ring(struct acx_softc *); 156 int acx_newbuf(struct acx_softc *, struct acx_rxbuf *, int); 157 int acx_encap(struct acx_softc *, struct acx_txbuf *, 158 struct mbuf *, struct ieee80211_node *, int); 159 160 int acx_reset(struct acx_softc *); 161 162 int acx_set_null_tmplt(struct acx_softc *); 163 int acx_set_probe_req_tmplt(struct acx_softc *, const char *, int); 164 #ifndef IEEE80211_STA_ONLY 165 int acx_set_probe_resp_tmplt(struct acx_softc *, struct ieee80211_node *); 166 int acx_beacon_locate(struct mbuf *, u_int8_t); 167 int acx_set_beacon_tmplt(struct acx_softc *, struct ieee80211_node *); 168 #endif 169 170 int acx_read_eeprom(struct acx_softc *, uint32_t, uint8_t *); 171 int acx_read_phyreg(struct acx_softc *, uint32_t, uint8_t *); 172 const char * acx_get_rf(int); 173 int acx_get_maxrssi(int); 174 175 int acx_load_firmware(struct acx_softc *, uint32_t, 176 const uint8_t *, int); 177 int acx_load_radio_firmware(struct acx_softc *, const char *); 178 int acx_load_base_firmware(struct acx_softc *, const char *); 179 180 struct ieee80211_node 181 *acx_node_alloc(struct ieee80211com *); 182 int acx_newstate(struct ieee80211com *, enum ieee80211_state, int); 183 184 void acx_init_cmd_reg(struct acx_softc *); 185 int acx_join_bss(struct acx_softc *, uint8_t, struct ieee80211_node *); 186 int acx_set_channel(struct acx_softc *, uint8_t); 187 int acx_init_radio(struct acx_softc *, uint32_t, uint32_t); 188 189 void acx_iter_func(void *, struct ieee80211_node *); 190 void acx_amrr_timeout(void *); 191 void acx_newassoc(struct ieee80211com *, struct ieee80211_node *, int); 192 #ifndef IEEE80211_STA_ONLY 193 void acx_set_tim(struct ieee80211com *, int, int); 194 #endif 195 196 int acx_beacon_intvl = 100; /* 100 TU */ 197 198 /* 199 * Possible values for the second parameter of acx_join_bss() 200 */ 201 #define ACX_MODE_ADHOC 0 202 #define ACX_MODE_UNUSED 1 203 #define ACX_MODE_STA 2 204 #define ACX_MODE_AP 3 205 206 struct cfdriver acx_cd = { 207 NULL, "acx", DV_IFNET 208 }; 209 210 int 211 acx_attach(struct acx_softc *sc) 212 { 213 struct ieee80211com *ic = &sc->sc_ic; 214 struct ifnet *ifp = &sc->sc_ic.ic_if; 215 int i, error; 216 217 /* Initialize channel scanning timer */ 218 timeout_set(&sc->sc_chanscan_timer, acx_next_scan, sc); 219 220 /* Allocate busdma stuffs */ 221 error = acx_dma_alloc(sc); 222 if (error) { 223 printf("%s: attach failed, could not allocate DMA!\n", 224 sc->sc_dev.dv_xname); 225 return (error); 226 } 227 228 /* Reset Hardware */ 229 error = acx_reset(sc); 230 if (error) { 231 printf("%s: attach failed, could not reset device!\n", 232 sc->sc_dev.dv_xname); 233 return (error); 234 } 235 236 /* Disable interrupts before firmware is loaded */ 237 acx_disable_intr(sc); 238 239 /* Get radio type and form factor */ 240 #define EEINFO_RETRY_MAX 50 241 for (i = 0; i < EEINFO_RETRY_MAX; ++i) { 242 uint16_t ee_info; 243 244 ee_info = CSR_READ_2(sc, ACXREG_EEPROM_INFO); 245 if (ACX_EEINFO_HAS_RADIO_TYPE(ee_info)) { 246 sc->sc_form_factor = ACX_EEINFO_FORM_FACTOR(ee_info); 247 sc->sc_radio_type = ACX_EEINFO_RADIO_TYPE(ee_info); 248 break; 249 } 250 DELAY(10000); 251 } 252 if (i == EEINFO_RETRY_MAX) { 253 printf("%s: attach failed, could not get radio type!\n", 254 sc->sc_dev.dv_xname); 255 return (ENXIO); 256 } 257 #undef EEINFO_RETRY_MAX 258 259 #ifdef DUMP_EEPROM 260 for (i = 0; i < 0x40; ++i) { 261 uint8_t val; 262 263 error = acx_read_eeprom(sc, i, &val); 264 if (error) 265 return (error); 266 if (i % 10 == 0) 267 printf("\n"); 268 printf("%02x ", val); 269 } 270 printf("\n"); 271 #endif /* DUMP_EEPROM */ 272 273 /* Get EEPROM version */ 274 error = acx_read_eeprom(sc, ACX_EE_VERSION_OFS, &sc->sc_eeprom_ver); 275 if (error) { 276 printf("%s: attach failed, could not get EEPROM version!\n", 277 sc->sc_dev.dv_xname); 278 return (error); 279 } 280 281 ifp->if_softc = sc; 282 ifp->if_ioctl = acx_ioctl; 283 ifp->if_start = acx_start; 284 ifp->if_watchdog = acx_watchdog; 285 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST; 286 strlcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 287 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 288 289 /* Set channels */ 290 for (i = 1; i <= 14; ++i) { 291 ic->ic_channels[i].ic_freq = 292 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 293 ic->ic_channels[i].ic_flags = sc->chip_chan_flags; 294 } 295 296 ic->ic_opmode = IEEE80211_M_STA; 297 ic->ic_state = IEEE80211_S_INIT; 298 299 /* 300 * NOTE: Don't overwrite ic_caps set by chip specific code 301 */ 302 ic->ic_caps = 303 IEEE80211_C_WEP | /* WEP */ 304 IEEE80211_C_MONITOR | /* Monitor mode */ 305 #ifndef IEEE80211_STA_ONLY 306 IEEE80211_C_IBSS | /* IBSS mode */ 307 IEEE80211_C_HOSTAP | /* Access Point */ 308 IEEE80211_C_APPMGT | /* AP Power Mgmt */ 309 #endif 310 IEEE80211_C_SHPREAMBLE; /* Short preamble */ 311 312 /* Get station id */ 313 for (i = 0; i < IEEE80211_ADDR_LEN; ++i) { 314 error = acx_read_eeprom(sc, sc->chip_ee_eaddr_ofs - i, 315 &ic->ic_myaddr[i]); 316 if (error) { 317 printf("%s: attach failed, could not get station id\n", 318 sc->sc_dev.dv_xname); 319 return error; 320 } 321 } 322 323 printf("%s: %s, radio %s (0x%02x), EEPROM ver %u, address %s\n", 324 sc->sc_dev.dv_xname, 325 (sc->sc_flags & ACX_FLAG_ACX111) ? "ACX111" : "ACX100", 326 acx_get_rf(sc->sc_radio_type), sc->sc_radio_type, 327 sc->sc_eeprom_ver, ether_sprintf(ic->ic_myaddr)); 328 329 if_attach(ifp); 330 ieee80211_ifattach(ifp); 331 332 /* Override node alloc */ 333 ic->ic_node_alloc = acx_node_alloc; 334 ic->ic_newassoc = acx_newassoc; 335 336 #ifndef IEEE80211_STA_ONLY 337 /* Override set TIM */ 338 ic->ic_set_tim = acx_set_tim; 339 #endif 340 341 /* Override newstate */ 342 sc->sc_newstate = ic->ic_newstate; 343 ic->ic_newstate = acx_newstate; 344 345 /* Set maximal rssi */ 346 ic->ic_max_rssi = acx_get_maxrssi(sc->sc_radio_type); 347 348 ieee80211_media_init(ifp, ieee80211_media_change, 349 ieee80211_media_status); 350 351 /* AMRR rate control */ 352 sc->amrr.amrr_min_success_threshold = 1; 353 sc->amrr.amrr_max_success_threshold = 15; 354 timeout_set(&sc->amrr_ch, acx_amrr_timeout, sc); 355 356 sc->sc_long_retry_limit = 4; 357 sc->sc_short_retry_limit = 7; 358 sc->sc_msdu_lifetime = 4096; 359 360 #if NBPFILTER > 0 361 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 362 sizeof(struct ieee80211_frame) + 64); 363 364 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 365 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 366 sc->sc_rxtap.wr_ihdr.it_present = htole32(ACX_RX_RADIOTAP_PRESENT); 367 368 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 369 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 370 sc->sc_txtap.wt_ihdr.it_present = htole32(ACX_TX_RADIOTAP_PRESENT); 371 #endif 372 373 return (0); 374 } 375 376 int 377 acx_detach(void *xsc) 378 { 379 struct acx_softc *sc = xsc; 380 struct ieee80211com *ic = &sc->sc_ic; 381 struct ifnet *ifp = &ic->ic_if; 382 383 acx_stop(sc); 384 ieee80211_ifdetach(ifp); 385 if_detach(ifp); 386 387 acx_dma_free(sc); 388 389 return (0); 390 } 391 392 int 393 acx_init(struct ifnet *ifp) 394 { 395 struct acx_softc *sc = ifp->if_softc; 396 struct ieee80211com *ic = &sc->sc_ic; 397 char fname[] = "tiacx111c16"; 398 int error, combined = 0; 399 400 error = acx_stop(sc); 401 if (error) 402 return (EIO); 403 404 /* enable card if possible */ 405 if (sc->sc_enable != NULL) { 406 error = (*sc->sc_enable)(sc); 407 if (error) 408 return (EIO); 409 } 410 411 acx_init_tx_ring(sc); 412 413 error = acx_init_rx_ring(sc); 414 if (error) { 415 printf("%s: can't initialize RX ring\n", 416 sc->sc_dev.dv_xname); 417 goto back; 418 } 419 420 if (sc->sc_flags & ACX_FLAG_ACX111) { 421 snprintf(fname, sizeof(fname), "tiacx111c%02X", 422 sc->sc_radio_type); 423 error = acx_load_base_firmware(sc, fname); 424 425 if (!error) 426 combined = 1; 427 } 428 429 if (!combined) { 430 snprintf(fname, sizeof(fname), "tiacx%s", 431 (sc->sc_flags & ACX_FLAG_ACX111) ? "111" : "100"); 432 error = acx_load_base_firmware(sc, fname); 433 } 434 435 if (error) 436 goto back; 437 438 /* 439 * Initialize command and information registers 440 * NOTE: This should be done after base firmware is loaded 441 */ 442 acx_init_cmd_reg(sc); 443 acx_init_info_reg(sc); 444 445 sc->sc_flags |= ACX_FLAG_FW_LOADED; 446 447 if (!combined) { 448 snprintf(fname, sizeof(fname), "tiacx%sr%02X", 449 (sc->sc_flags & ACX_FLAG_ACX111) ? "111" : "100", 450 sc->sc_radio_type); 451 error = acx_load_radio_firmware(sc, fname); 452 453 if (error) 454 goto back; 455 } 456 457 error = sc->chip_init(sc); 458 if (error) 459 goto back; 460 461 /* Get and set device various configuration */ 462 error = acx_config(sc); 463 if (error) 464 goto back; 465 466 /* Setup crypto stuffs */ 467 if (sc->sc_ic.ic_flags & IEEE80211_F_WEPON) { 468 error = acx_set_crypt_keys(sc); 469 if (error) 470 goto back; 471 } 472 473 /* Turn on power led */ 474 CSR_CLRB_2(sc, ACXREG_GPIO_OUT, sc->chip_gpio_pled); 475 476 acx_enable_intr(sc); 477 478 ifp->if_flags |= IFF_RUNNING; 479 ifq_clr_oactive(&ifp->if_snd); 480 481 if (ic->ic_opmode != IEEE80211_M_MONITOR) 482 /* start background scanning */ 483 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 484 else 485 /* in monitor mode change directly into run state */ 486 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 487 488 return (0); 489 back: 490 acx_stop(sc); 491 return (error); 492 } 493 494 void 495 acx_init_info_reg(struct acx_softc *sc) 496 { 497 sc->sc_info = CSR_READ_4(sc, ACXREG_INFO_REG_OFFSET); 498 sc->sc_info_param = sc->sc_info + ACX_INFO_REG_SIZE; 499 } 500 501 int 502 acx_set_crypt_keys(struct acx_softc *sc) 503 { 504 struct ieee80211com *ic = &sc->sc_ic; 505 struct acx_conf_wep_txkey wep_txkey; 506 int i, error, got_wk = 0; 507 508 for (i = 0; i < IEEE80211_WEP_NKID; ++i) { 509 struct ieee80211_key *k = &ic->ic_nw_keys[i]; 510 511 if (k->k_len == 0) 512 continue; 513 514 if (sc->chip_hw_crypt) { 515 error = sc->chip_set_wepkey(sc, k, i); 516 if (error) 517 return (error); 518 got_wk = 1; 519 } 520 } 521 522 if (!got_wk) 523 return (0); 524 525 /* Set current WEP key index */ 526 wep_txkey.wep_txkey = ic->ic_wep_txkey; 527 if (acx_set_conf(sc, ACX_CONF_WEP_TXKEY, &wep_txkey, 528 sizeof(wep_txkey)) != 0) { 529 printf("%s: set WEP txkey failed\n", sc->sc_dev.dv_xname); 530 return (ENXIO); 531 } 532 533 return (0); 534 } 535 536 void 537 acx_next_scan(void *arg) 538 { 539 struct acx_softc *sc = arg; 540 struct ieee80211com *ic = &sc->sc_ic; 541 struct ifnet *ifp = &ic->ic_if; 542 543 if (ic->ic_state == IEEE80211_S_SCAN) 544 ieee80211_next_scan(ifp); 545 } 546 547 int 548 acx_stop(struct acx_softc *sc) 549 { 550 struct ieee80211com *ic = &sc->sc_ic; 551 struct ifnet *ifp = &ic->ic_if; 552 struct acx_buf_data *bd = &sc->sc_buf_data; 553 struct acx_ring_data *rd = &sc->sc_ring_data; 554 int i, error; 555 556 sc->sc_firmware_ver = 0; 557 sc->sc_hardware_id = 0; 558 559 /* Reset hardware */ 560 error = acx_reset(sc); 561 if (error) 562 return (error); 563 564 /* Firmware no longer functions after hardware reset */ 565 sc->sc_flags &= ~ACX_FLAG_FW_LOADED; 566 567 acx_disable_intr(sc); 568 569 /* Stop backgroud scanning */ 570 timeout_del(&sc->sc_chanscan_timer); 571 572 /* Turn off power led */ 573 CSR_SETB_2(sc, ACXREG_GPIO_OUT, sc->chip_gpio_pled); 574 575 /* Free TX mbuf */ 576 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 577 struct acx_txbuf *buf; 578 struct ieee80211_node *ni; 579 580 buf = &bd->tx_buf[i]; 581 582 if (buf->tb_mbuf != NULL) { 583 bus_dmamap_unload(sc->sc_dmat, buf->tb_mbuf_dmamap); 584 m_freem(buf->tb_mbuf); 585 buf->tb_mbuf = NULL; 586 } 587 588 ni = (struct ieee80211_node *)buf->tb_node; 589 if (ni != NULL) 590 ieee80211_release_node(ic, ni); 591 buf->tb_node = NULL; 592 } 593 594 /* Clear TX host descriptors */ 595 bzero(rd->tx_ring, ACX_TX_RING_SIZE); 596 597 /* Free RX mbuf */ 598 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 599 if (bd->rx_buf[i].rb_mbuf != NULL) { 600 bus_dmamap_unload(sc->sc_dmat, 601 bd->rx_buf[i].rb_mbuf_dmamap); 602 m_freem(bd->rx_buf[i].rb_mbuf); 603 bd->rx_buf[i].rb_mbuf = NULL; 604 } 605 } 606 607 /* Clear RX host descriptors */ 608 bzero(rd->rx_ring, ACX_RX_RING_SIZE); 609 610 sc->sc_txtimer = 0; 611 ifp->if_timer = 0; 612 ifp->if_flags &= ~IFF_RUNNING; 613 ifq_clr_oactive(&ifp->if_snd); 614 ieee80211_new_state(&sc->sc_ic, IEEE80211_S_INIT, -1); 615 616 /* disable card if possible */ 617 if (sc->sc_disable != NULL) 618 (*sc->sc_disable)(sc); 619 620 return (0); 621 } 622 623 int 624 acx_config(struct acx_softc *sc) 625 { 626 struct acx_config conf; 627 int error; 628 629 error = acx_read_config(sc, &conf); 630 if (error) 631 return (error); 632 633 error = acx_write_config(sc, &conf); 634 if (error) 635 return (error); 636 637 error = acx_rx_config(sc); 638 if (error) 639 return (error); 640 641 if (acx_set_probe_req_tmplt(sc, "", 0) != 0) { 642 printf("%s: can't set probe req template " 643 "(empty ssid)\n", sc->sc_dev.dv_xname); 644 return (ENXIO); 645 } 646 647 /* XXX for PM?? */ 648 if (acx_set_null_tmplt(sc) != 0) { 649 printf("%s: can't set null data template\n", 650 sc->sc_dev.dv_xname); 651 return (ENXIO); 652 } 653 654 return (0); 655 } 656 657 int 658 acx_read_config(struct acx_softc *sc, struct acx_config *conf) 659 { 660 struct acx_conf_regdom reg_dom; 661 struct acx_conf_antenna ant; 662 struct acx_conf_fwrev fw_rev; 663 uint32_t fw_rev_no; 664 uint8_t sen; 665 int error; 666 667 /* Get region domain */ 668 if (acx_get_conf(sc, ACX_CONF_REGDOM, ®_dom, sizeof(reg_dom)) != 0) { 669 printf("%s: can't get region domain\n", sc->sc_dev.dv_xname); 670 return (ENXIO); 671 } 672 conf->regdom = reg_dom.regdom; 673 DPRINTF(("%s: regdom %02x\n", sc->sc_dev.dv_xname, reg_dom.regdom)); 674 675 /* Get antenna */ 676 if (acx_get_conf(sc, ACX_CONF_ANTENNA, &ant, sizeof(ant)) != 0) { 677 printf("%s: can't get antenna\n", sc->sc_dev.dv_xname); 678 return (ENXIO); 679 } 680 conf->antenna = ant.antenna; 681 DPRINTF(("%s: antenna %02x\n", sc->sc_dev.dv_xname, ant.antenna)); 682 683 /* Get sensitivity XXX not used */ 684 if (sc->sc_radio_type == ACX_RADIO_TYPE_MAXIM || 685 sc->sc_radio_type == ACX_RADIO_TYPE_RFMD || 686 sc->sc_radio_type == ACX_RADIO_TYPE_RALINK) { 687 error = acx_read_phyreg(sc, ACXRV_PHYREG_SENSITIVITY, &sen); 688 if (error) { 689 printf("%s: can't get sensitivity\n", 690 sc->sc_dev.dv_xname); 691 return (error); 692 } 693 } else 694 sen = 0; 695 DPRINTF(("%s: sensitivity %02x\n", sc->sc_dev.dv_xname, sen)); 696 697 /* Get firmware revision */ 698 if (acx_get_conf(sc, ACX_CONF_FWREV, &fw_rev, sizeof(fw_rev)) != 0) { 699 printf("%s: can't get firmware revision\n", 700 sc->sc_dev.dv_xname); 701 return (ENXIO); 702 } 703 704 if (strncmp(fw_rev.fw_rev, "Rev ", 4) != 0) { 705 printf("%s: strange revision string -- %s\n", 706 sc->sc_dev.dv_xname, fw_rev.fw_rev); 707 fw_rev_no = 0x01090407; 708 } else { 709 /* 710 * 01234 711 * "Rev xx.xx.xx.xx" 712 * ^ Start from here 713 */ 714 fw_rev_no = fw_rev.fw_rev[0] << 24; 715 fw_rev_no |= fw_rev.fw_rev[1] << 16; 716 fw_rev_no |= fw_rev.fw_rev[2] << 8; 717 fw_rev_no |= fw_rev.fw_rev[3]; 718 } 719 sc->sc_firmware_ver = fw_rev_no; 720 sc->sc_hardware_id = letoh32(fw_rev.hw_id); 721 DPRINTF(("%s: fw rev %08x, hw id %08x\n", 722 sc->sc_dev.dv_xname, sc->sc_firmware_ver, sc->sc_hardware_id)); 723 724 if (sc->chip_read_config != NULL) { 725 error = sc->chip_read_config(sc, conf); 726 if (error) 727 return (error); 728 } 729 730 return (0); 731 } 732 733 int 734 acx_write_config(struct acx_softc *sc, struct acx_config *conf) 735 { 736 struct acx_conf_nretry_short sretry; 737 struct acx_conf_nretry_long lretry; 738 struct acx_conf_msdu_lifetime msdu_lifetime; 739 struct acx_conf_rate_fallback rate_fb; 740 struct acx_conf_antenna ant; 741 struct acx_conf_regdom reg_dom; 742 struct ifnet *ifp = &sc->sc_ic.ic_if; 743 int error; 744 745 /* Set number of long/short retry */ 746 sretry.nretry = sc->sc_short_retry_limit; 747 if (acx_set_conf(sc, ACX_CONF_NRETRY_SHORT, &sretry, 748 sizeof(sretry)) != 0) { 749 printf("%s: can't set short retry limit\n", ifp->if_xname); 750 return (ENXIO); 751 } 752 753 lretry.nretry = sc->sc_long_retry_limit; 754 if (acx_set_conf(sc, ACX_CONF_NRETRY_LONG, &lretry, 755 sizeof(lretry)) != 0) { 756 printf("%s: can't set long retry limit\n", ifp->if_xname); 757 return (ENXIO); 758 } 759 760 /* Set MSDU lifetime */ 761 msdu_lifetime.lifetime = htole32(sc->sc_msdu_lifetime); 762 if (acx_set_conf(sc, ACX_CONF_MSDU_LIFETIME, &msdu_lifetime, 763 sizeof(msdu_lifetime)) != 0) { 764 printf("%s: can't set MSDU lifetime\n", ifp->if_xname); 765 return (ENXIO); 766 } 767 768 /* Enable rate fallback */ 769 rate_fb.ratefb_enable = 1; 770 if (acx_set_conf(sc, ACX_CONF_RATE_FALLBACK, &rate_fb, 771 sizeof(rate_fb)) != 0) { 772 printf("%s: can't enable rate fallback\n", ifp->if_xname); 773 return (ENXIO); 774 } 775 776 /* Set antenna */ 777 ant.antenna = conf->antenna; 778 if (acx_set_conf(sc, ACX_CONF_ANTENNA, &ant, sizeof(ant)) != 0) { 779 printf("%s: can't set antenna\n", ifp->if_xname); 780 return (ENXIO); 781 } 782 783 /* Set region domain */ 784 reg_dom.regdom = conf->regdom; 785 if (acx_set_conf(sc, ACX_CONF_REGDOM, ®_dom, sizeof(reg_dom)) != 0) { 786 printf("%s: can't set region domain\n", ifp->if_xname); 787 return (ENXIO); 788 } 789 790 if (sc->chip_write_config != NULL) { 791 error = sc->chip_write_config(sc, conf); 792 if (error) 793 return (error); 794 } 795 796 return (0); 797 } 798 799 int 800 acx_rx_config(struct acx_softc *sc) 801 { 802 struct ieee80211com *ic = &sc->sc_ic; 803 struct acx_conf_rxopt rx_opt; 804 805 /* tell the RX receiver what frames we want to have */ 806 rx_opt.opt1 = htole16(RXOPT1_INCL_RXBUF_HDR); 807 rx_opt.opt2 = htole16( 808 RXOPT2_RECV_ASSOC_REQ | 809 RXOPT2_RECV_AUTH | 810 RXOPT2_RECV_BEACON | 811 RXOPT2_RECV_CF | 812 RXOPT2_RECV_CTRL | 813 RXOPT2_RECV_DATA | 814 RXOPT2_RECV_MGMT | 815 RXOPT2_RECV_PROBE_REQ | 816 RXOPT2_RECV_PROBE_RESP | 817 RXOPT2_RECV_OTHER); 818 819 /* in monitor mode go promiscuous */ 820 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 821 rx_opt.opt1 |= RXOPT1_PROMISC; 822 rx_opt.opt2 |= RXOPT2_RECV_BROKEN | RXOPT2_RECV_ACK; 823 } else 824 rx_opt.opt1 |= RXOPT1_FILT_FDEST; 825 826 /* finally set the RX options */ 827 if (acx_set_conf(sc, ACX_CONF_RXOPT, &rx_opt, sizeof(rx_opt)) != 0) { 828 printf("%s: can not set RX options!\n", sc->sc_dev.dv_xname); 829 return (ENXIO); 830 } 831 832 return (0); 833 } 834 835 int 836 acx_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 837 { 838 struct acx_softc *sc = ifp->if_softc; 839 struct ieee80211com *ic = &sc->sc_ic; 840 struct ifreq *ifr; 841 int s, error = 0; 842 uint8_t chan; 843 844 s = splnet(); 845 846 switch (cmd) { 847 case SIOCSIFADDR: 848 ifp->if_flags |= IFF_UP; 849 /* FALLTHROUGH */ 850 case SIOCSIFFLAGS: 851 if (ifp->if_flags & IFF_UP) { 852 if ((ifp->if_flags & IFF_RUNNING) == 0) 853 error = acx_init(ifp); 854 } else { 855 if (ifp->if_flags & IFF_RUNNING) 856 error = acx_stop(sc); 857 } 858 break; 859 case SIOCADDMULTI: 860 case SIOCDELMULTI: 861 ifr = (struct ifreq *)data; 862 error = (cmd == SIOCADDMULTI) ? 863 ether_addmulti(ifr, &ic->ic_ac) : 864 ether_delmulti(ifr, &ic->ic_ac); 865 866 if (error == ENETRESET) 867 error = 0; 868 break; 869 case SIOCS80211CHANNEL: 870 /* allow fast channel switching in monitor mode */ 871 error = ieee80211_ioctl(ifp, cmd, data); 872 if (error == ENETRESET && 873 ic->ic_opmode == IEEE80211_M_MONITOR) { 874 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 875 (IFF_UP | IFF_RUNNING)) { 876 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 877 chan = ieee80211_chan2ieee(ic, 878 ic->ic_bss->ni_chan); 879 (void)acx_set_channel(sc, chan); 880 } 881 error = 0; 882 } 883 break; 884 default: 885 error = ieee80211_ioctl(ifp, cmd, data); 886 break; 887 } 888 889 if (error == ENETRESET) { 890 if ((ifp->if_flags & (IFF_RUNNING | IFF_UP)) == 891 (IFF_RUNNING | IFF_UP)) 892 error = acx_init(ifp); 893 else 894 error = 0; 895 } 896 897 splx(s); 898 899 return (error); 900 } 901 902 void 903 acx_start(struct ifnet *ifp) 904 { 905 struct acx_softc *sc = ifp->if_softc; 906 struct ieee80211com *ic = &sc->sc_ic; 907 struct acx_buf_data *bd = &sc->sc_buf_data; 908 struct acx_txbuf *buf; 909 int trans, idx; 910 911 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0 || 912 (ifp->if_flags & IFF_RUNNING) == 0 || 913 ifq_is_oactive(&ifp->if_snd)) 914 return; 915 916 /* 917 * NOTE: 918 * We can't start from a random position that TX descriptor 919 * is free, since hardware will be confused by that. 920 * We have to follow the order of the TX ring. 921 */ 922 idx = bd->tx_free_start; 923 trans = 0; 924 for (buf = &bd->tx_buf[idx]; buf->tb_mbuf == NULL; 925 buf = &bd->tx_buf[idx]) { 926 struct ieee80211_frame *wh; 927 struct ieee80211_node *ni = NULL; 928 struct mbuf *m; 929 int rate; 930 931 m = mq_dequeue(&ic->ic_mgtq); 932 /* first dequeue management frames */ 933 if (m != NULL) { 934 ni = m->m_pkthdr.ph_cookie; 935 936 /* 937 * probe response mgmt frames are handled by the 938 * firmware already. So, don't send them twice. 939 */ 940 wh = mtod(m, struct ieee80211_frame *); 941 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 942 IEEE80211_FC0_SUBTYPE_PROBE_RESP) { 943 if (ni != NULL) 944 ieee80211_release_node(ic, ni); 945 m_freem(m); 946 continue; 947 } 948 949 /* 950 * mgmt frames are sent at the lowest available 951 * bit-rate. 952 */ 953 rate = ni->ni_rates.rs_rates[0]; 954 rate &= IEEE80211_RATE_VAL; 955 } else { 956 struct ether_header *eh; 957 958 /* then dequeue packets on the powersave queue */ 959 m = mq_dequeue(&ic->ic_pwrsaveq); 960 if (m != NULL) { 961 ni = m->m_pkthdr.ph_cookie; 962 goto encapped; 963 } else { 964 IFQ_DEQUEUE(&ifp->if_snd, m); 965 if (m == NULL) 966 break; 967 } 968 if (ic->ic_state != IEEE80211_S_RUN) { 969 DPRINTF(("%s: data packet dropped due to " 970 "not RUN. Current state %d\n", 971 ifp->if_xname, ic->ic_state)); 972 m_freem(m); 973 break; 974 } 975 976 if (m->m_len < sizeof(struct ether_header)) { 977 m = m_pullup(m, sizeof(struct ether_header)); 978 if (m == NULL) { 979 ifp->if_oerrors++; 980 continue; 981 } 982 } 983 eh = mtod(m, struct ether_header *); 984 985 /* TODO power save */ 986 987 #if NBPFILTER > 0 988 if (ifp->if_bpf != NULL) 989 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 990 #endif 991 992 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) { 993 ifp->if_oerrors++; 994 continue; 995 } 996 encapped: 997 if (ic->ic_fixed_rate != -1) { 998 rate = ic->ic_sup_rates[ic->ic_curmode]. 999 rs_rates[ic->ic_fixed_rate]; 1000 } else 1001 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1002 rate &= IEEE80211_RATE_VAL; 1003 } 1004 1005 #if NBPFILTER > 0 1006 if (ic->ic_rawbpf != NULL) 1007 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 1008 #endif 1009 1010 wh = mtod(m, struct ieee80211_frame *); 1011 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && !sc->chip_hw_crypt) { 1012 struct ieee80211_key *k; 1013 1014 k = ieee80211_get_txkey(ic, wh, ni); 1015 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) { 1016 ieee80211_release_node(ic, ni); 1017 ifp->if_oerrors++; 1018 continue; 1019 } 1020 } 1021 1022 #if NBPFILTER > 0 1023 if (sc->sc_drvbpf != NULL) { 1024 struct mbuf mb; 1025 struct acx_tx_radiotap_hdr *tap = &sc->sc_txtap; 1026 1027 tap->wt_flags = 0; 1028 tap->wt_rate = rate; 1029 tap->wt_chan_freq = 1030 htole16(ic->ic_bss->ni_chan->ic_freq); 1031 tap->wt_chan_flags = 1032 htole16(ic->ic_bss->ni_chan->ic_flags); 1033 1034 mb.m_data = (caddr_t)tap; 1035 mb.m_len = sc->sc_txtap_len; 1036 mb.m_next = m; 1037 mb.m_nextpkt = NULL; 1038 mb.m_type = 0; 1039 mb.m_flags = 0; 1040 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1041 } 1042 #endif 1043 1044 if (acx_encap(sc, buf, m, ni, rate) != 0) { 1045 /* 1046 * NOTE: `m' will be freed in acx_encap() 1047 * if we reach here. 1048 */ 1049 if (ni != NULL) 1050 ieee80211_release_node(ic, ni); 1051 ifp->if_oerrors++; 1052 continue; 1053 } 1054 1055 /* 1056 * NOTE: 1057 * 1) `m' should not be touched after acx_encap() 1058 * 2) `node' will be used to do TX rate control during 1059 * acx_txeof(), so it is not freed here. acx_txeof() 1060 * will free it for us 1061 */ 1062 trans++; 1063 bd->tx_used_count++; 1064 idx = (idx + 1) % ACX_TX_DESC_CNT; 1065 } 1066 bd->tx_free_start = idx; 1067 1068 if (bd->tx_used_count == ACX_TX_DESC_CNT) 1069 ifq_set_oactive(&ifp->if_snd); 1070 1071 if (trans && sc->sc_txtimer == 0) 1072 sc->sc_txtimer = 5; 1073 ifp->if_timer = 1; 1074 } 1075 1076 void 1077 acx_watchdog(struct ifnet *ifp) 1078 { 1079 struct acx_softc *sc = ifp->if_softc; 1080 1081 ifp->if_timer = 0; 1082 1083 if ((ifp->if_flags & IFF_RUNNING) == 0) 1084 return; 1085 1086 if (sc->sc_txtimer) { 1087 if (--sc->sc_txtimer == 0) { 1088 printf("%s: watchdog timeout\n", ifp->if_xname); 1089 acx_init(ifp); 1090 ifp->if_oerrors++; 1091 return; 1092 } else 1093 ifp->if_timer = 1; 1094 } 1095 1096 ieee80211_watchdog(ifp); 1097 } 1098 1099 int 1100 acx_intr(void *arg) 1101 { 1102 struct acx_softc *sc = arg; 1103 uint16_t intr_status; 1104 1105 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0) 1106 return (0); 1107 1108 intr_status = CSR_READ_2(sc, ACXREG_INTR_STATUS_CLR); 1109 if (intr_status == ACXRV_INTR_ALL) { 1110 /* not our interrupt */ 1111 return (0); 1112 } 1113 1114 /* Acknowledge all interrupts */ 1115 CSR_WRITE_2(sc, ACXREG_INTR_ACK, intr_status); 1116 1117 intr_status &= sc->chip_intr_enable; 1118 if (intr_status == 0) { 1119 /* not interrupts we care about */ 1120 return (1); 1121 } 1122 1123 #ifndef IEEE80211_STA_ONLY 1124 if (intr_status & ACXRV_INTR_DTIM) 1125 ieee80211_notify_dtim(&sc->sc_ic); 1126 #endif 1127 1128 if (intr_status & ACXRV_INTR_TX_FINI) 1129 acx_txeof(sc); 1130 1131 if (intr_status & ACXRV_INTR_RX_FINI) 1132 acx_rxeof(sc); 1133 1134 return (1); 1135 } 1136 1137 void 1138 acx_disable_intr(struct acx_softc *sc) 1139 { 1140 CSR_WRITE_2(sc, ACXREG_INTR_MASK, sc->chip_intr_disable); 1141 CSR_WRITE_2(sc, ACXREG_EVENT_MASK, 0); 1142 } 1143 1144 void 1145 acx_enable_intr(struct acx_softc *sc) 1146 { 1147 /* Mask out interrupts that are not in the enable set */ 1148 CSR_WRITE_2(sc, ACXREG_INTR_MASK, ~sc->chip_intr_enable); 1149 CSR_WRITE_2(sc, ACXREG_EVENT_MASK, ACXRV_EVENT_DISABLE); 1150 } 1151 1152 void 1153 acx_txeof(struct acx_softc *sc) 1154 { 1155 struct acx_buf_data *bd; 1156 struct acx_txbuf *buf; 1157 struct ifnet *ifp; 1158 int idx; 1159 1160 ifp = &sc->sc_ic.ic_if; 1161 1162 bd = &sc->sc_buf_data; 1163 idx = bd->tx_used_start; 1164 for (buf = &bd->tx_buf[idx]; buf->tb_mbuf != NULL; 1165 buf = &bd->tx_buf[idx]) { 1166 uint8_t ctrl, error; 1167 1168 ctrl = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_ctrl); 1169 if ((ctrl & (DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE)) != 1170 (DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE)) 1171 break; 1172 1173 bus_dmamap_unload(sc->sc_dmat, buf->tb_mbuf_dmamap); 1174 m_freem(buf->tb_mbuf); 1175 buf->tb_mbuf = NULL; 1176 1177 error = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_error); 1178 if (error) { 1179 acx_txerr(sc, error); 1180 ifp->if_oerrors++; 1181 } else 1182 ifp->if_opackets++; 1183 1184 /* Update rate control statistics for the node */ 1185 if (buf->tb_node != NULL) { 1186 struct ieee80211com *ic; 1187 struct ieee80211_node *ni; 1188 struct acx_node *wn; 1189 int ntries; 1190 1191 ic = &sc->sc_ic; 1192 ni = (struct ieee80211_node *)buf->tb_node; 1193 wn = (struct acx_node *)ni; 1194 ntries = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_rts_fail) + 1195 FW_TXDESC_GETFIELD_1(sc, buf, f_tx_ack_fail); 1196 1197 wn->amn.amn_txcnt++; 1198 if (ntries > 0) { 1199 DPRINTFN(2, ("%s: tx intr ntries %d\n", 1200 sc->sc_dev.dv_xname, ntries)); 1201 wn->amn.amn_retrycnt++; 1202 } 1203 1204 ieee80211_release_node(ic, ni); 1205 buf->tb_node = NULL; 1206 } 1207 1208 FW_TXDESC_SETFIELD_1(sc, buf, f_tx_ctrl, DESC_CTRL_HOSTOWN); 1209 1210 bd->tx_used_count--; 1211 1212 idx = (idx + 1) % ACX_TX_DESC_CNT; 1213 } 1214 bd->tx_used_start = idx; 1215 1216 sc->sc_txtimer = bd->tx_used_count == 0 ? 0 : 5; 1217 1218 if (bd->tx_used_count != ACX_TX_DESC_CNT) { 1219 ifq_clr_oactive(&ifp->if_snd); 1220 acx_start(ifp); 1221 } 1222 } 1223 1224 void 1225 acx_txerr(struct acx_softc *sc, uint8_t err) 1226 { 1227 struct ifnet *ifp = &sc->sc_ic.ic_if; 1228 struct acx_stats *stats = &sc->sc_stats; 1229 1230 if (err == DESC_ERR_EXCESSIVE_RETRY) { 1231 /* 1232 * This a common error (see comment below), 1233 * so print it using DPRINTF(). 1234 */ 1235 DPRINTF(("%s: TX failed -- excessive retry\n", 1236 sc->sc_dev.dv_xname)); 1237 } else 1238 printf("%s: TX failed -- ", ifp->if_xname); 1239 1240 /* 1241 * Although `err' looks like bitmask, it never 1242 * has multiple bits set. 1243 */ 1244 switch (err) { 1245 #if 0 1246 case DESC_ERR_OTHER_FRAG: 1247 /* XXX what's this */ 1248 printf("error in other fragment\n"); 1249 stats->err_oth_frag++; 1250 break; 1251 #endif 1252 case DESC_ERR_ABORT: 1253 printf("aborted\n"); 1254 stats->err_abort++; 1255 break; 1256 case DESC_ERR_PARAM: 1257 printf("wrong parameters in descriptor\n"); 1258 stats->err_param++; 1259 break; 1260 case DESC_ERR_NO_WEPKEY: 1261 printf("WEP key missing\n"); 1262 stats->err_no_wepkey++; 1263 break; 1264 case DESC_ERR_MSDU_TIMEOUT: 1265 printf("MSDU life timeout\n"); 1266 stats->err_msdu_timeout++; 1267 break; 1268 case DESC_ERR_EXCESSIVE_RETRY: 1269 /* 1270 * Possible causes: 1271 * 1) Distance is too long 1272 * 2) Transmit failed (e.g. no MAC level ACK) 1273 * 3) Chip overheated (this should be rare) 1274 */ 1275 stats->err_ex_retry++; 1276 break; 1277 case DESC_ERR_BUF_OVERFLOW: 1278 printf("buffer overflow\n"); 1279 stats->err_buf_oflow++; 1280 break; 1281 case DESC_ERR_DMA: 1282 printf("DMA error\n"); 1283 stats->err_dma++; 1284 break; 1285 default: 1286 printf("unknown error %d\n", err); 1287 stats->err_unkn++; 1288 break; 1289 } 1290 } 1291 1292 void 1293 acx_rxeof(struct acx_softc *sc) 1294 { 1295 struct ieee80211com *ic = &sc->sc_ic; 1296 struct acx_ring_data *rd = &sc->sc_ring_data; 1297 struct acx_buf_data *bd = &sc->sc_buf_data; 1298 struct ifnet *ifp = &ic->ic_if; 1299 int idx, ready; 1300 1301 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 1302 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 1303 1304 /* 1305 * Locate first "ready" rx buffer, 1306 * start from last stopped position. 1307 */ 1308 idx = bd->rx_scan_start; 1309 ready = 0; 1310 do { 1311 struct acx_rxbuf *buf; 1312 1313 buf = &bd->rx_buf[idx]; 1314 if ((buf->rb_desc->h_ctrl & htole16(DESC_CTRL_HOSTOWN)) && 1315 (buf->rb_desc->h_status & htole32(DESC_STATUS_FULL))) { 1316 ready = 1; 1317 break; 1318 } 1319 idx = (idx + 1) % ACX_RX_DESC_CNT; 1320 } while (idx != bd->rx_scan_start); 1321 1322 if (!ready) 1323 return; 1324 1325 /* 1326 * NOTE: don't mess up `idx' here, it will 1327 * be used in the following code. 1328 */ 1329 do { 1330 struct acx_rxbuf_hdr *head; 1331 struct acx_rxbuf *buf; 1332 struct mbuf *m; 1333 struct ieee80211_rxinfo rxi; 1334 uint32_t desc_status; 1335 uint16_t desc_ctrl; 1336 int len, error; 1337 1338 buf = &bd->rx_buf[idx]; 1339 1340 desc_ctrl = letoh16(buf->rb_desc->h_ctrl); 1341 desc_status = letoh32(buf->rb_desc->h_status); 1342 if (!(desc_ctrl & DESC_CTRL_HOSTOWN) || 1343 !(desc_status & DESC_STATUS_FULL)) 1344 break; 1345 1346 bus_dmamap_sync(sc->sc_dmat, buf->rb_mbuf_dmamap, 0, 1347 buf->rb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 1348 1349 m = buf->rb_mbuf; 1350 1351 error = acx_newbuf(sc, buf, 0); 1352 if (error) { 1353 ifp->if_ierrors++; 1354 goto next; 1355 } 1356 1357 head = mtod(m, struct acx_rxbuf_hdr *); 1358 1359 len = letoh16(head->rbh_len) & ACX_RXBUF_LEN_MASK; 1360 if (len >= sizeof(struct ieee80211_frame_min) && 1361 len < MCLBYTES) { 1362 struct ieee80211_frame *wh; 1363 struct ieee80211_node *ni; 1364 1365 m_adj(m, sizeof(struct acx_rxbuf_hdr) + 1366 sc->chip_rxbuf_exhdr); 1367 wh = mtod(m, struct ieee80211_frame *); 1368 1369 rxi.rxi_flags = 0; 1370 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1371 sc->chip_hw_crypt) { 1372 /* Short circuit software WEP */ 1373 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1374 1375 /* Do chip specific RX buffer processing */ 1376 if (sc->chip_proc_wep_rxbuf != NULL) { 1377 sc->chip_proc_wep_rxbuf(sc, m, &len); 1378 wh = mtod(m, struct ieee80211_frame *); 1379 } 1380 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1381 } 1382 1383 m->m_len = m->m_pkthdr.len = len; 1384 1385 #if NBPFILTER > 0 1386 if (sc->sc_drvbpf != NULL) { 1387 struct mbuf mb; 1388 struct acx_rx_radiotap_hdr *tap = &sc->sc_rxtap; 1389 1390 tap->wr_flags = 0; 1391 tap->wr_chan_freq = 1392 htole16(ic->ic_bss->ni_chan->ic_freq); 1393 tap->wr_chan_flags = 1394 htole16(ic->ic_bss->ni_chan->ic_flags); 1395 tap->wr_rssi = head->rbh_level; 1396 tap->wr_max_rssi = ic->ic_max_rssi; 1397 1398 mb.m_data = (caddr_t)tap; 1399 mb.m_len = sc->sc_rxtap_len; 1400 mb.m_next = m; 1401 mb.m_nextpkt = NULL; 1402 mb.m_type = 0; 1403 mb.m_flags = 0; 1404 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1405 } 1406 #endif 1407 1408 ni = ieee80211_find_rxnode(ic, wh); 1409 1410 rxi.rxi_rssi = head->rbh_level; 1411 rxi.rxi_tstamp = letoh32(head->rbh_time); 1412 ieee80211_input(ifp, m, ni, &rxi); 1413 1414 ieee80211_release_node(ic, ni); 1415 } else { 1416 m_freem(m); 1417 ifp->if_ierrors++; 1418 } 1419 1420 next: 1421 buf->rb_desc->h_ctrl = htole16(desc_ctrl & ~DESC_CTRL_HOSTOWN); 1422 buf->rb_desc->h_status = 0; 1423 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 1424 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 1425 1426 idx = (idx + 1) % ACX_RX_DESC_CNT; 1427 } while (idx != bd->rx_scan_start); 1428 1429 /* 1430 * Record the position so that next 1431 * time we can start from it. 1432 */ 1433 bd->rx_scan_start = idx; 1434 } 1435 1436 int 1437 acx_reset(struct acx_softc *sc) 1438 { 1439 uint16_t reg; 1440 1441 /* Halt ECPU */ 1442 CSR_SETB_2(sc, ACXREG_ECPU_CTRL, ACXRV_ECPU_HALT); 1443 1444 /* Software reset */ 1445 reg = CSR_READ_2(sc, ACXREG_SOFT_RESET); 1446 CSR_WRITE_2(sc, ACXREG_SOFT_RESET, reg | ACXRV_SOFT_RESET); 1447 DELAY(100); 1448 CSR_WRITE_2(sc, ACXREG_SOFT_RESET, reg); 1449 1450 /* Initialize EEPROM */ 1451 CSR_SETB_2(sc, ACXREG_EEPROM_INIT, ACXRV_EEPROM_INIT); 1452 DELAY(50000); 1453 1454 /* Test whether ECPU is stopped */ 1455 reg = CSR_READ_2(sc, ACXREG_ECPU_CTRL); 1456 if (!(reg & ACXRV_ECPU_HALT)) { 1457 printf("%s: can't halt ECPU\n", sc->sc_dev.dv_xname); 1458 return (ENXIO); 1459 } 1460 1461 return (0); 1462 } 1463 1464 int 1465 acx_read_eeprom(struct acx_softc *sc, uint32_t offset, uint8_t *val) 1466 { 1467 int i; 1468 1469 CSR_WRITE_4(sc, ACXREG_EEPROM_CONF, 0); 1470 CSR_WRITE_4(sc, ACXREG_EEPROM_ADDR, offset); 1471 CSR_WRITE_4(sc, ACXREG_EEPROM_CTRL, ACXRV_EEPROM_READ); 1472 1473 #define EE_READ_RETRY_MAX 100 1474 for (i = 0; i < EE_READ_RETRY_MAX; ++i) { 1475 if (CSR_READ_2(sc, ACXREG_EEPROM_CTRL) == 0) 1476 break; 1477 DELAY(10000); 1478 } 1479 if (i == EE_READ_RETRY_MAX) { 1480 printf("%s: can't read EEPROM offset %x (timeout)\n", 1481 sc->sc_dev.dv_xname, offset); 1482 return (ETIMEDOUT); 1483 } 1484 #undef EE_READ_RETRY_MAX 1485 1486 *val = CSR_READ_1(sc, ACXREG_EEPROM_DATA); 1487 1488 return (0); 1489 } 1490 1491 int 1492 acx_read_phyreg(struct acx_softc *sc, uint32_t reg, uint8_t *val) 1493 { 1494 struct ifnet *ifp = &sc->sc_ic.ic_if; 1495 int i; 1496 1497 CSR_WRITE_4(sc, ACXREG_PHY_ADDR, reg); 1498 CSR_WRITE_4(sc, ACXREG_PHY_CTRL, ACXRV_PHY_READ); 1499 1500 #define PHY_READ_RETRY_MAX 100 1501 for (i = 0; i < PHY_READ_RETRY_MAX; ++i) { 1502 if (CSR_READ_4(sc, ACXREG_PHY_CTRL) == 0) 1503 break; 1504 DELAY(10000); 1505 } 1506 if (i == PHY_READ_RETRY_MAX) { 1507 printf("%s: can't read phy reg %x (timeout)\n", 1508 ifp->if_xname, reg); 1509 return (ETIMEDOUT); 1510 } 1511 #undef PHY_READ_RETRY_MAX 1512 1513 *val = CSR_READ_1(sc, ACXREG_PHY_DATA); 1514 1515 return (0); 1516 } 1517 1518 void 1519 acx_write_phyreg(struct acx_softc *sc, uint32_t reg, uint8_t val) 1520 { 1521 CSR_WRITE_4(sc, ACXREG_PHY_DATA, val); 1522 CSR_WRITE_4(sc, ACXREG_PHY_ADDR, reg); 1523 CSR_WRITE_4(sc, ACXREG_PHY_CTRL, ACXRV_PHY_WRITE); 1524 } 1525 1526 int 1527 acx_load_base_firmware(struct acx_softc *sc, const char *name) 1528 { 1529 struct ifnet *ifp = &sc->sc_ic.ic_if; 1530 int i, error; 1531 uint8_t *ucode; 1532 size_t size; 1533 1534 error = loadfirmware(name, &ucode, &size); 1535 1536 if (error != 0) { 1537 printf("%s: error %d, could not read firmware %s\n", 1538 ifp->if_xname, error, name); 1539 return (EIO); 1540 } 1541 1542 /* Load base firmware */ 1543 error = acx_load_firmware(sc, 0, ucode, size); 1544 1545 free(ucode, M_DEVBUF, size); 1546 1547 if (error) { 1548 printf("%s: can't load base firmware\n", ifp->if_xname); 1549 return error; 1550 } 1551 DPRINTF(("%s: base firmware loaded\n", sc->sc_dev.dv_xname)); 1552 1553 /* Start ECPU */ 1554 CSR_WRITE_2(sc, ACXREG_ECPU_CTRL, ACXRV_ECPU_START); 1555 1556 /* Wait for ECPU to be up */ 1557 for (i = 0; i < 500; ++i) { 1558 uint16_t reg; 1559 1560 reg = CSR_READ_2(sc, ACXREG_INTR_STATUS); 1561 if (reg & ACXRV_INTR_FCS_THRESH) { 1562 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_FCS_THRESH); 1563 return (0); 1564 } 1565 DELAY(10000); 1566 } 1567 1568 printf("%s: can't initialize ECPU (timeout)\n", ifp->if_xname); 1569 1570 return (ENXIO); 1571 } 1572 1573 int 1574 acx_load_radio_firmware(struct acx_softc *sc, const char *name) 1575 { 1576 struct ifnet *ifp = &sc->sc_ic.ic_if; 1577 struct acx_conf_mmap mem_map; 1578 uint32_t radio_fw_ofs; 1579 int error; 1580 uint8_t *ucode; 1581 size_t size; 1582 1583 error = loadfirmware(name, &ucode, &size); 1584 1585 if (error != 0) { 1586 printf("%s: error %d, could not read firmware %s\n", 1587 ifp->if_xname, error, name); 1588 return (EIO); 1589 } 1590 1591 /* 1592 * Get the position, where base firmware is loaded, so that 1593 * radio firmware can be loaded after it. 1594 */ 1595 if (acx_get_conf(sc, ACX_CONF_MMAP, &mem_map, sizeof(mem_map)) != 0) { 1596 free(ucode, M_DEVBUF, size); 1597 return (ENXIO); 1598 } 1599 radio_fw_ofs = letoh32(mem_map.code_end); 1600 1601 /* Put ECPU into sleeping state, before loading radio firmware */ 1602 if (acx_exec_command(sc, ACXCMD_SLEEP, NULL, 0, NULL, 0) != 0) { 1603 free(ucode, M_DEVBUF, size); 1604 return (ENXIO); 1605 } 1606 1607 /* Load radio firmware */ 1608 error = acx_load_firmware(sc, radio_fw_ofs, ucode, size); 1609 1610 free(ucode, M_DEVBUF, size); 1611 1612 if (error) { 1613 printf("%s: can't load radio firmware\n", ifp->if_xname); 1614 return (ENXIO); 1615 } 1616 DPRINTF(("%s: radio firmware loaded\n", sc->sc_dev.dv_xname)); 1617 1618 /* Wake up sleeping ECPU, after radio firmware is loaded */ 1619 if (acx_exec_command(sc, ACXCMD_WAKEUP, NULL, 0, NULL, 0) != 0) 1620 return (ENXIO); 1621 1622 /* Initialize radio */ 1623 if (acx_init_radio(sc, radio_fw_ofs, size) != 0) 1624 return (ENXIO); 1625 1626 /* Verify radio firmware's loading position */ 1627 if (acx_get_conf(sc, ACX_CONF_MMAP, &mem_map, sizeof(mem_map)) != 0) 1628 return (ENXIO); 1629 1630 if (letoh32(mem_map.code_end) != radio_fw_ofs + size) { 1631 printf("%s: loaded radio firmware position mismatch\n", 1632 ifp->if_xname); 1633 return (ENXIO); 1634 } 1635 1636 DPRINTF(("%s: radio firmware initialized\n", sc->sc_dev.dv_xname)); 1637 1638 return (0); 1639 } 1640 1641 int 1642 acx_load_firmware(struct acx_softc *sc, uint32_t offset, const uint8_t *data, 1643 int data_len) 1644 { 1645 struct ifnet *ifp = &sc->sc_ic.ic_if; 1646 const uint32_t *fw; 1647 u_int32_t csum = 0; 1648 int i, fw_len; 1649 1650 for (i = 4; i < data_len; i++) 1651 csum += data[i]; 1652 1653 fw = (const uint32_t *)data; 1654 1655 if (*fw != htole32(csum)) { 1656 printf("%s: firmware checksum 0x%x does not match 0x%x!\n", 1657 ifp->if_xname, *fw, htole32(csum)); 1658 return (ENXIO); 1659 } 1660 1661 /* skip csum + length */ 1662 data += 8; 1663 data_len -= 8; 1664 1665 fw = (const uint32_t *)data; 1666 fw_len = data_len / sizeof(uint32_t); 1667 1668 /* 1669 * LOADFW_AUTO_INC only works with some older firmware: 1670 * 1) acx100's firmware 1671 * 2) acx111's firmware whose rev is 0x00010011 1672 */ 1673 1674 /* Load firmware */ 1675 CSR_WRITE_4(sc, ACXREG_FWMEM_START, ACXRV_FWMEM_START_OP); 1676 #ifndef LOADFW_AUTO_INC 1677 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, 0); 1678 #else 1679 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, ACXRV_FWMEM_ADDR_AUTOINC); 1680 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset); 1681 #endif 1682 1683 for (i = 0; i < fw_len; ++i) { 1684 #ifndef LOADFW_AUTO_INC 1685 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset + (i * 4)); 1686 #endif 1687 CSR_WRITE_4(sc, ACXREG_FWMEM_DATA, betoh32(fw[i])); 1688 } 1689 1690 /* Verify firmware */ 1691 CSR_WRITE_4(sc, ACXREG_FWMEM_START, ACXRV_FWMEM_START_OP); 1692 #ifndef LOADFW_AUTO_INC 1693 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, 0); 1694 #else 1695 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, ACXRV_FWMEM_ADDR_AUTOINC); 1696 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset); 1697 #endif 1698 1699 for (i = 0; i < fw_len; ++i) { 1700 uint32_t val; 1701 1702 #ifndef LOADFW_AUTO_INC 1703 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset + (i * 4)); 1704 #endif 1705 val = CSR_READ_4(sc, ACXREG_FWMEM_DATA); 1706 if (betoh32(fw[i]) != val) { 1707 printf("%s: firmware mismatch fw %08x loaded %08x\n", 1708 ifp->if_xname, fw[i], val); 1709 return (ENXIO); 1710 } 1711 } 1712 1713 return (0); 1714 } 1715 1716 struct ieee80211_node * 1717 acx_node_alloc(struct ieee80211com *ic) 1718 { 1719 struct acx_node *wn; 1720 1721 wn = malloc(sizeof(*wn), M_DEVBUF, M_NOWAIT | M_ZERO); 1722 if (wn == NULL) 1723 return (NULL); 1724 1725 return ((struct ieee80211_node *)wn); 1726 } 1727 1728 int 1729 acx_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1730 { 1731 struct acx_softc *sc = ic->ic_if.if_softc; 1732 struct ifnet *ifp = &ic->ic_if; 1733 int error = 0; 1734 1735 timeout_del(&sc->amrr_ch); 1736 1737 switch (nstate) { 1738 case IEEE80211_S_INIT: 1739 break; 1740 case IEEE80211_S_SCAN: { 1741 uint8_t chan; 1742 1743 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 1744 if (acx_set_channel(sc, chan) != 0) { 1745 error = 1; 1746 goto back; 1747 } 1748 1749 /* 200ms => 5 channels per second */ 1750 timeout_add_msec(&sc->sc_chanscan_timer, 200); 1751 } 1752 break; 1753 case IEEE80211_S_AUTH: 1754 if (ic->ic_opmode == IEEE80211_M_STA) { 1755 struct ieee80211_node *ni; 1756 #ifdef ACX_DEBUG 1757 int i; 1758 #endif 1759 1760 ni = ic->ic_bss; 1761 1762 if (acx_join_bss(sc, ACX_MODE_STA, ni) != 0) { 1763 printf("%s: join BSS failed\n", ifp->if_xname); 1764 error = 1; 1765 goto back; 1766 } 1767 1768 DPRINTF(("%s: join BSS\n", sc->sc_dev.dv_xname)); 1769 if (ic->ic_state == IEEE80211_S_ASSOC) { 1770 DPRINTF(("%s: change from assoc to run\n", 1771 sc->sc_dev.dv_xname)); 1772 ic->ic_state = IEEE80211_S_RUN; 1773 } 1774 1775 #ifdef ACX_DEBUG 1776 printf("%s: AP rates: ", sc->sc_dev.dv_xname); 1777 for (i = 0; i < ni->ni_rates.rs_nrates; ++i) 1778 printf("%d ", ni->ni_rates.rs_rates[i]); 1779 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 1780 printf(" %s\n", ether_sprintf(ni->ni_bssid)); 1781 #endif 1782 } 1783 break; 1784 case IEEE80211_S_RUN: 1785 #ifndef IEEE80211_STA_ONLY 1786 if (ic->ic_opmode == IEEE80211_M_IBSS || 1787 ic->ic_opmode == IEEE80211_M_HOSTAP) { 1788 struct ieee80211_node *ni; 1789 uint8_t chan; 1790 1791 ni = ic->ic_bss; 1792 chan = ieee80211_chan2ieee(ic, ni->ni_chan); 1793 1794 error = 1; 1795 1796 if (acx_set_channel(sc, chan) != 0) 1797 goto back; 1798 1799 if (acx_set_beacon_tmplt(sc, ni) != 0) { 1800 printf("%s: set beacon template failed\n", 1801 ifp->if_xname); 1802 goto back; 1803 } 1804 1805 if (acx_set_probe_resp_tmplt(sc, ni) != 0) { 1806 printf("%s: set probe response template " 1807 "failed\n", ifp->if_xname); 1808 goto back; 1809 } 1810 1811 if (ic->ic_opmode == IEEE80211_M_IBSS) { 1812 if (acx_join_bss(sc, ACX_MODE_ADHOC, ni) != 0) { 1813 printf("%s: join IBSS failed\n", 1814 ifp->if_xname); 1815 goto back; 1816 } 1817 } else { 1818 if (acx_join_bss(sc, ACX_MODE_AP, ni) != 0) { 1819 printf("%s: join HOSTAP failed\n", 1820 ifp->if_xname); 1821 goto back; 1822 } 1823 } 1824 1825 DPRINTF(("%s: join IBSS\n", sc->sc_dev.dv_xname)); 1826 error = 0; 1827 } 1828 #endif 1829 /* fake a join to init the tx rate */ 1830 if (ic->ic_opmode == IEEE80211_M_STA) 1831 acx_newassoc(ic, ic->ic_bss, 1); 1832 1833 /* start automatic rate control timer */ 1834 if (ic->ic_fixed_rate == -1) 1835 timeout_add_msec(&sc->amrr_ch, 500); 1836 break; 1837 default: 1838 break; 1839 } 1840 1841 back: 1842 if (error) { 1843 /* XXX */ 1844 nstate = IEEE80211_S_INIT; 1845 arg = -1; 1846 } 1847 1848 return (sc->sc_newstate(ic, nstate, arg)); 1849 } 1850 1851 int 1852 acx_init_tmplt_ordered(struct acx_softc *sc) 1853 { 1854 union { 1855 struct acx_tmplt_beacon beacon; 1856 struct acx_tmplt_null_data null; 1857 struct acx_tmplt_probe_req preq; 1858 struct acx_tmplt_probe_resp presp; 1859 struct acx_tmplt_tim tim; 1860 } data; 1861 1862 bzero(&data, sizeof(data)); 1863 /* 1864 * NOTE: 1865 * Order of templates initialization: 1866 * 1) Probe request 1867 * 2) NULL data 1868 * 3) Beacon 1869 * 4) TIM 1870 * 5) Probe response 1871 * Above order is critical to get a correct memory map. 1872 */ 1873 if (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_REQ, &data.preq, 1874 sizeof(data.preq)) != 0) 1875 return (1); 1876 1877 if (acx_set_tmplt(sc, ACXCMD_TMPLT_NULL_DATA, &data.null, 1878 sizeof(data.null)) != 0) 1879 return (1); 1880 1881 if (acx_set_tmplt(sc, ACXCMD_TMPLT_BEACON, &data.beacon, 1882 sizeof(data.beacon)) != 0) 1883 return (1); 1884 1885 if (acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &data.tim, 1886 sizeof(data.tim)) != 0) 1887 return (1); 1888 1889 if (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_RESP, &data.presp, 1890 sizeof(data.presp)) != 0) 1891 return (1); 1892 1893 return (0); 1894 } 1895 1896 int 1897 acx_dma_alloc(struct acx_softc *sc) 1898 { 1899 struct acx_ring_data *rd = &sc->sc_ring_data; 1900 struct acx_buf_data *bd = &sc->sc_buf_data; 1901 int i, error, nsegs; 1902 1903 /* Allocate DMA stuffs for RX descriptors */ 1904 error = bus_dmamap_create(sc->sc_dmat, ACX_RX_RING_SIZE, 1, 1905 ACX_RX_RING_SIZE, 0, BUS_DMA_NOWAIT, &rd->rx_ring_dmamap); 1906 1907 if (error) { 1908 printf("%s: can't create rx ring dma tag\n", 1909 sc->sc_dev.dv_xname); 1910 return (error); 1911 } 1912 1913 error = bus_dmamem_alloc(sc->sc_dmat, ACX_RX_RING_SIZE, PAGE_SIZE, 1914 0, &rd->rx_ring_seg, 1, &nsegs, BUS_DMA_NOWAIT); 1915 1916 if (error != 0) { 1917 printf("%s: can't allocate rx ring dma memory\n", 1918 sc->sc_dev.dv_xname); 1919 return (error); 1920 } 1921 1922 error = bus_dmamem_map(sc->sc_dmat, &rd->rx_ring_seg, nsegs, 1923 ACX_RX_RING_SIZE, (caddr_t *)&rd->rx_ring, 1924 BUS_DMA_NOWAIT); 1925 1926 if (error != 0) { 1927 printf("%s: can't map rx desc DMA memory\n", 1928 sc->sc_dev.dv_xname); 1929 return (error); 1930 } 1931 1932 error = bus_dmamap_load(sc->sc_dmat, rd->rx_ring_dmamap, 1933 rd->rx_ring, ACX_RX_RING_SIZE, NULL, BUS_DMA_WAITOK); 1934 1935 if (error) { 1936 printf("%s: can't get rx ring dma address\n", 1937 sc->sc_dev.dv_xname); 1938 bus_dmamem_free(sc->sc_dmat, &rd->rx_ring_seg, 1); 1939 return (error); 1940 } 1941 1942 rd->rx_ring_paddr = rd->rx_ring_dmamap->dm_segs[0].ds_addr; 1943 1944 /* Allocate DMA stuffs for TX descriptors */ 1945 error = bus_dmamap_create(sc->sc_dmat, ACX_TX_RING_SIZE, 1, 1946 ACX_TX_RING_SIZE, 0, BUS_DMA_NOWAIT, &rd->tx_ring_dmamap); 1947 1948 if (error) { 1949 printf("%s: can't create tx ring dma tag\n", 1950 sc->sc_dev.dv_xname); 1951 return (error); 1952 } 1953 1954 error = bus_dmamem_alloc(sc->sc_dmat, ACX_TX_RING_SIZE, PAGE_SIZE, 1955 0, &rd->tx_ring_seg, 1, &nsegs, BUS_DMA_NOWAIT); 1956 1957 if (error) { 1958 printf("%s: can't allocate tx ring dma memory\n", 1959 sc->sc_dev.dv_xname); 1960 return (error); 1961 } 1962 1963 error = bus_dmamem_map(sc->sc_dmat, &rd->tx_ring_seg, nsegs, 1964 ACX_TX_RING_SIZE, (caddr_t *)&rd->tx_ring, BUS_DMA_NOWAIT); 1965 1966 if (error != 0) { 1967 printf("%s: can't map tx desc DMA memory\n", 1968 sc->sc_dev.dv_xname); 1969 return (error); 1970 } 1971 1972 error = bus_dmamap_load(sc->sc_dmat, rd->tx_ring_dmamap, 1973 rd->tx_ring, ACX_TX_RING_SIZE, NULL, BUS_DMA_WAITOK); 1974 1975 if (error) { 1976 printf("%s: can't get tx ring dma address\n", 1977 sc->sc_dev.dv_xname); 1978 bus_dmamem_free(sc->sc_dmat, &rd->tx_ring_seg, 1); 1979 return (error); 1980 } 1981 1982 rd->tx_ring_paddr = rd->tx_ring_dmamap->dm_segs[0].ds_addr; 1983 1984 /* Create a spare RX DMA map */ 1985 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 1986 0, 0, &bd->mbuf_tmp_dmamap); 1987 1988 if (error) { 1989 printf("%s: can't create tmp mbuf dma map\n", 1990 sc->sc_dev.dv_xname); 1991 return (error); 1992 } 1993 1994 /* Create DMA map for RX mbufs */ 1995 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 1996 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 1997 MCLBYTES, 0, 0, &bd->rx_buf[i].rb_mbuf_dmamap); 1998 if (error) { 1999 printf("%s: can't create rx mbuf dma map (%d)\n", 2000 sc->sc_dev.dv_xname, i); 2001 return (error); 2002 } 2003 bd->rx_buf[i].rb_desc = &rd->rx_ring[i]; 2004 } 2005 2006 /* Create DMA map for TX mbufs */ 2007 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 2008 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 2009 MCLBYTES, 0, 0, &bd->tx_buf[i].tb_mbuf_dmamap); 2010 if (error) { 2011 printf("%s: can't create tx mbuf dma map (%d)\n", 2012 sc->sc_dev.dv_xname, i); 2013 return (error); 2014 } 2015 bd->tx_buf[i].tb_desc1 = &rd->tx_ring[i * 2]; 2016 bd->tx_buf[i].tb_desc2 = &rd->tx_ring[(i * 2) + 1]; 2017 } 2018 2019 return (0); 2020 } 2021 2022 void 2023 acx_dma_free(struct acx_softc *sc) 2024 { 2025 struct acx_ring_data *rd = &sc->sc_ring_data; 2026 struct acx_buf_data *bd = &sc->sc_buf_data; 2027 int i; 2028 2029 if (rd->rx_ring != NULL) { 2030 bus_dmamap_unload(sc->sc_dmat, rd->rx_ring_dmamap); 2031 bus_dmamem_free(sc->sc_dmat, &rd->rx_ring_seg, 1); 2032 } 2033 2034 if (rd->tx_ring != NULL) { 2035 bus_dmamap_unload(sc->sc_dmat, rd->tx_ring_dmamap); 2036 bus_dmamem_free(sc->sc_dmat, &rd->tx_ring_seg, 1); 2037 } 2038 2039 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 2040 if (bd->rx_buf[i].rb_desc != NULL) { 2041 if (bd->rx_buf[i].rb_mbuf != NULL) { 2042 bus_dmamap_unload(sc->sc_dmat, 2043 bd->rx_buf[i].rb_mbuf_dmamap); 2044 m_freem(bd->rx_buf[i].rb_mbuf); 2045 } 2046 bus_dmamap_destroy(sc->sc_dmat, 2047 bd->rx_buf[i].rb_mbuf_dmamap); 2048 } 2049 } 2050 2051 for (i = 0; i < ACX_TX_DESC_CNT; ++i) { 2052 if (bd->tx_buf[i].tb_desc1 != NULL) { 2053 if (bd->tx_buf[i].tb_mbuf != NULL) { 2054 bus_dmamap_unload(sc->sc_dmat, 2055 bd->tx_buf[i].tb_mbuf_dmamap); 2056 m_freem(bd->tx_buf[i].tb_mbuf); 2057 } 2058 bus_dmamap_destroy(sc->sc_dmat, 2059 bd->tx_buf[i].tb_mbuf_dmamap); 2060 } 2061 } 2062 2063 if (bd->mbuf_tmp_dmamap != NULL) 2064 bus_dmamap_destroy(sc->sc_dmat, bd->mbuf_tmp_dmamap); 2065 } 2066 2067 void 2068 acx_init_tx_ring(struct acx_softc *sc) 2069 { 2070 struct acx_ring_data *rd; 2071 struct acx_buf_data *bd; 2072 uint32_t paddr; 2073 int i; 2074 2075 rd = &sc->sc_ring_data; 2076 paddr = rd->tx_ring_paddr; 2077 for (i = 0; i < (ACX_TX_DESC_CNT * 2) - 1; ++i) { 2078 paddr += sizeof(struct acx_host_desc); 2079 2080 bzero(&rd->tx_ring[i], sizeof(struct acx_host_desc)); 2081 rd->tx_ring[i].h_ctrl = htole16(DESC_CTRL_HOSTOWN); 2082 2083 if (i == (ACX_TX_DESC_CNT * 2) - 1) 2084 rd->tx_ring[i].h_next_desc = htole32(rd->tx_ring_paddr); 2085 else 2086 rd->tx_ring[i].h_next_desc = htole32(paddr); 2087 } 2088 2089 bus_dmamap_sync(sc->sc_dmat, rd->tx_ring_dmamap, 0, 2090 rd->tx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2091 2092 bd = &sc->sc_buf_data; 2093 bd->tx_free_start = 0; 2094 bd->tx_used_start = 0; 2095 bd->tx_used_count = 0; 2096 } 2097 2098 int 2099 acx_init_rx_ring(struct acx_softc *sc) 2100 { 2101 struct acx_ring_data *rd; 2102 struct acx_buf_data *bd; 2103 uint32_t paddr; 2104 int i; 2105 2106 bd = &sc->sc_buf_data; 2107 rd = &sc->sc_ring_data; 2108 paddr = rd->rx_ring_paddr; 2109 2110 for (i = 0; i < ACX_RX_DESC_CNT; ++i) { 2111 int error; 2112 2113 paddr += sizeof(struct acx_host_desc); 2114 bzero(&rd->rx_ring[i], sizeof(struct acx_host_desc)); 2115 2116 error = acx_newbuf(sc, &bd->rx_buf[i], 1); 2117 if (error) 2118 return (error); 2119 2120 if (i == ACX_RX_DESC_CNT - 1) 2121 rd->rx_ring[i].h_next_desc = htole32(rd->rx_ring_paddr); 2122 else 2123 rd->rx_ring[i].h_next_desc = htole32(paddr); 2124 } 2125 2126 bus_dmamap_sync(sc->sc_dmat, rd->rx_ring_dmamap, 0, 2127 rd->rx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2128 2129 bd->rx_scan_start = 0; 2130 2131 return (0); 2132 } 2133 2134 int 2135 acx_newbuf(struct acx_softc *sc, struct acx_rxbuf *rb, int wait) 2136 { 2137 struct acx_buf_data *bd; 2138 struct mbuf *m; 2139 bus_dmamap_t map; 2140 uint32_t paddr; 2141 int error; 2142 2143 bd = &sc->sc_buf_data; 2144 2145 MGETHDR(m, wait ? M_WAITOK : M_DONTWAIT, MT_DATA); 2146 if (m == NULL) 2147 return (ENOBUFS); 2148 2149 MCLGET(m, wait ? M_WAITOK : M_DONTWAIT); 2150 if (!(m->m_flags & M_EXT)) { 2151 m_freem(m); 2152 return (ENOBUFS); 2153 } 2154 2155 m->m_len = m->m_pkthdr.len = MCLBYTES; 2156 2157 error = bus_dmamap_load_mbuf(sc->sc_dmat, bd->mbuf_tmp_dmamap, m, 2158 wait ? BUS_DMA_WAITOK : BUS_DMA_NOWAIT); 2159 if (error) { 2160 m_freem(m); 2161 printf("%s: can't map rx mbuf %d\n", 2162 sc->sc_dev.dv_xname, error); 2163 return (error); 2164 } 2165 2166 /* Unload originally mapped mbuf */ 2167 if (rb->rb_mbuf != NULL) 2168 bus_dmamap_unload(sc->sc_dmat, rb->rb_mbuf_dmamap); 2169 2170 /* Swap this dmamap with tmp dmamap */ 2171 map = rb->rb_mbuf_dmamap; 2172 rb->rb_mbuf_dmamap = bd->mbuf_tmp_dmamap; 2173 bd->mbuf_tmp_dmamap = map; 2174 paddr = rb->rb_mbuf_dmamap->dm_segs[0].ds_addr; 2175 2176 rb->rb_mbuf = m; 2177 rb->rb_desc->h_data_paddr = htole32(paddr); 2178 rb->rb_desc->h_data_len = htole16(m->m_len); 2179 2180 bus_dmamap_sync(sc->sc_dmat, rb->rb_mbuf_dmamap, 0, 2181 rb->rb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 2182 2183 return (0); 2184 } 2185 2186 int 2187 acx_encap(struct acx_softc *sc, struct acx_txbuf *txbuf, struct mbuf *m, 2188 struct ieee80211_node *ni, int rate) 2189 { 2190 struct acx_ring_data *rd = &sc->sc_ring_data; 2191 struct acx_node *node = (struct acx_node *)ni; 2192 struct ifnet *ifp = &sc->sc_ic.ic_if; 2193 uint32_t paddr; 2194 uint8_t ctrl; 2195 int error; 2196 2197 if (txbuf->tb_mbuf != NULL) 2198 panic("free TX buf has mbuf installed"); 2199 2200 if (m->m_pkthdr.len > MCLBYTES) { 2201 printf("%s: mbuf too big\n", ifp->if_xname); 2202 error = E2BIG; 2203 goto back; 2204 } else if (m->m_pkthdr.len < ACX_FRAME_HDRLEN) { 2205 printf("%s: mbuf too small\n", ifp->if_xname); 2206 error = EINVAL; 2207 goto back; 2208 } 2209 2210 error = bus_dmamap_load_mbuf(sc->sc_dmat, txbuf->tb_mbuf_dmamap, m, 2211 BUS_DMA_NOWAIT); 2212 2213 if (error && error != EFBIG) { 2214 printf("%s: can't map tx mbuf1 %d\n", 2215 sc->sc_dev.dv_xname, error); 2216 goto back; 2217 } 2218 2219 if (error) { /* error == EFBIG */ 2220 /* too many fragments, linearize */ 2221 if (m_defrag(m, M_DONTWAIT)) { 2222 printf("%s: can't defrag tx mbuf\n", ifp->if_xname); 2223 goto back; 2224 } 2225 error = bus_dmamap_load_mbuf(sc->sc_dmat, 2226 txbuf->tb_mbuf_dmamap, m, BUS_DMA_NOWAIT); 2227 if (error) { 2228 printf("%s: can't map tx mbuf2 %d\n", 2229 sc->sc_dev.dv_xname, error); 2230 goto back; 2231 } 2232 } 2233 2234 error = 0; 2235 2236 bus_dmamap_sync(sc->sc_dmat, txbuf->tb_mbuf_dmamap, 0, 2237 txbuf->tb_mbuf_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2238 2239 txbuf->tb_mbuf = m; 2240 txbuf->tb_node = node; 2241 txbuf->tb_rate = rate; 2242 2243 /* 2244 * TX buffers are accessed in following way: 2245 * acx_fw_txdesc -> acx_host_desc -> buffer 2246 * 2247 * It is quite strange that acx also queries acx_host_desc next to 2248 * the one we have assigned to acx_fw_txdesc even if first one's 2249 * acx_host_desc.h_data_len == acx_fw_txdesc.f_tx_len 2250 * 2251 * So we allocate two acx_host_desc for one acx_fw_txdesc and 2252 * assign the first acx_host_desc to acx_fw_txdesc 2253 * 2254 * For acx111 2255 * host_desc1.h_data_len = buffer_len 2256 * host_desc2.h_data_len = buffer_len - mac_header_len 2257 * 2258 * For acx100 2259 * host_desc1.h_data_len = mac_header_len 2260 * host_desc2.h_data_len = buffer_len - mac_header_len 2261 */ 2262 paddr = txbuf->tb_mbuf_dmamap->dm_segs[0].ds_addr; 2263 txbuf->tb_desc1->h_data_paddr = htole32(paddr); 2264 txbuf->tb_desc2->h_data_paddr = htole32(paddr + ACX_FRAME_HDRLEN); 2265 2266 txbuf->tb_desc1->h_data_len = 2267 htole16(sc->chip_txdesc1_len ? sc->chip_txdesc1_len 2268 : m->m_pkthdr.len); 2269 txbuf->tb_desc2->h_data_len = 2270 htole16(m->m_pkthdr.len - ACX_FRAME_HDRLEN); 2271 2272 /* 2273 * NOTE: 2274 * We can't simply assign f_tx_ctrl, we will first read it back 2275 * and change it bit by bit 2276 */ 2277 ctrl = FW_TXDESC_GETFIELD_1(sc, txbuf, f_tx_ctrl); 2278 ctrl |= sc->chip_fw_txdesc_ctrl; /* extra chip specific flags */ 2279 ctrl &= ~(DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE); 2280 2281 FW_TXDESC_SETFIELD_2(sc, txbuf, f_tx_len, m->m_pkthdr.len); 2282 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_error, 0); 2283 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ack_fail, 0); 2284 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_rts_fail, 0); 2285 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_rts_ok, 0); 2286 sc->chip_set_fw_txdesc_rate(sc, txbuf, rate); 2287 2288 txbuf->tb_desc1->h_ctrl = 0; 2289 txbuf->tb_desc2->h_ctrl = 0; 2290 bus_dmamap_sync(sc->sc_dmat, rd->tx_ring_dmamap, 0, 2291 rd->tx_ring_dmamap->dm_mapsize, BUS_DMASYNC_PREWRITE); 2292 2293 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ctrl2, 0); 2294 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ctrl, ctrl); 2295 2296 /* Tell chip to inform us about TX completion */ 2297 CSR_WRITE_2(sc, ACXREG_INTR_TRIG, ACXRV_TRIG_TX_FINI); 2298 back: 2299 if (error) 2300 m_freem(m); 2301 2302 return (error); 2303 } 2304 2305 int 2306 acx_set_null_tmplt(struct acx_softc *sc) 2307 { 2308 struct ieee80211com *ic = &sc->sc_ic; 2309 struct acx_tmplt_null_data n; 2310 struct ieee80211_frame *wh; 2311 2312 bzero(&n, sizeof(n)); 2313 2314 wh = &n.data; 2315 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_DATA | 2316 IEEE80211_FC0_SUBTYPE_NODATA; 2317 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2318 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2319 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2320 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2321 2322 return (acx_set_tmplt(sc, ACXCMD_TMPLT_NULL_DATA, &n, sizeof(n))); 2323 } 2324 2325 int 2326 acx_set_probe_req_tmplt(struct acx_softc *sc, const char *ssid, int ssid_len) 2327 { 2328 struct ieee80211com *ic = &sc->sc_ic; 2329 struct acx_tmplt_probe_req req; 2330 struct ieee80211_frame *wh; 2331 struct ieee80211_rateset *rs; 2332 uint8_t *frm; 2333 int len; 2334 2335 bzero(&req, sizeof(req)); 2336 2337 wh = &req.data.u_data.f; 2338 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2339 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 2340 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2341 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2342 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2343 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2344 2345 frm = req.data.u_data.var; 2346 frm = ieee80211_add_ssid(frm, ssid, ssid_len); 2347 rs = &ic->ic_sup_rates[sc->chip_phymode]; 2348 frm = ieee80211_add_rates(frm, rs); 2349 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 2350 frm = ieee80211_add_xrates(frm, rs); 2351 len = frm - req.data.u_data.var; 2352 2353 return (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_REQ, &req, 2354 ACX_TMPLT_PROBE_REQ_SIZ(len))); 2355 } 2356 2357 #ifndef IEEE80211_STA_ONLY 2358 struct mbuf *ieee80211_get_probe_resp(struct ieee80211com *, 2359 struct ieee80211_node *); 2360 2361 int 2362 acx_set_probe_resp_tmplt(struct acx_softc *sc, struct ieee80211_node *ni) 2363 { 2364 struct ieee80211com *ic = &sc->sc_ic; 2365 struct acx_tmplt_probe_resp resp; 2366 struct ieee80211_frame *wh; 2367 struct mbuf *m; 2368 int len; 2369 2370 bzero(&resp, sizeof(resp)); 2371 2372 m = ieee80211_get_probe_resp(ic, ni); 2373 if (m == NULL) 2374 return (1); 2375 M_PREPEND(m, sizeof(struct ieee80211_frame), M_DONTWAIT); 2376 if (m == NULL) 2377 return (1); 2378 wh = mtod(m, struct ieee80211_frame *); 2379 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2380 IEEE80211_FC0_SUBTYPE_PROBE_RESP; 2381 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2382 *(u_int16_t *)&wh->i_dur[0] = 0; 2383 IEEE80211_ADDR_COPY(wh->i_addr1, ni->ni_macaddr); 2384 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2385 IEEE80211_ADDR_COPY(wh->i_addr3, ni->ni_bssid); 2386 *(u_int16_t *)wh->i_seq = 0; 2387 2388 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&resp.data); 2389 len = m->m_pkthdr.len + sizeof(resp.size); 2390 m_freem(m); 2391 2392 return (acx_set_tmplt(sc, ACXCMD_TMPLT_PROBE_RESP, &resp, len)); 2393 } 2394 2395 int 2396 acx_beacon_locate(struct mbuf *m, u_int8_t type) 2397 { 2398 int off; 2399 u_int8_t *frm; 2400 /* 2401 * beacon frame format 2402 * [8] time stamp 2403 * [2] beacon interval 2404 * [2] cabability information 2405 * from here on [tlv] values 2406 */ 2407 2408 if (m->m_len != m->m_pkthdr.len) 2409 panic("beacon not in contiguous mbuf"); 2410 2411 off = sizeof(struct ieee80211_frame) + 8 + 2 + 2; 2412 frm = mtod(m, u_int8_t *); 2413 for (; off + 1 < m->m_len; off += frm[off + 1] + 2) { 2414 if (frm[off] == type) 2415 return (off); 2416 } 2417 return (-1); 2418 } 2419 2420 int 2421 acx_set_beacon_tmplt(struct acx_softc *sc, struct ieee80211_node *ni) 2422 { 2423 struct ieee80211com *ic = &sc->sc_ic; 2424 struct acx_tmplt_beacon beacon; 2425 struct acx_tmplt_tim tim; 2426 struct mbuf *m; 2427 int len, off; 2428 2429 bzero(&beacon, sizeof(beacon)); 2430 bzero(&tim, sizeof(tim)); 2431 2432 m = ieee80211_beacon_alloc(ic, ni); 2433 if (m == NULL) 2434 return (1); 2435 2436 off = acx_beacon_locate(m, IEEE80211_ELEMID_TIM); 2437 if (off < 0) { 2438 m_free(m); 2439 return (1); 2440 } 2441 2442 m_copydata(m, 0, off, (caddr_t)&beacon.data); 2443 len = off + sizeof(beacon.size); 2444 2445 if (acx_set_tmplt(sc, ACXCMD_TMPLT_BEACON, &beacon, len) != 0) { 2446 m_freem(m); 2447 return (1); 2448 } 2449 2450 len = m->m_pkthdr.len - off; 2451 if (len == 0) { 2452 /* no TIM field */ 2453 m_freem(m); 2454 return (0); 2455 } 2456 2457 m_copydata(m, off, len, (caddr_t)&tim.data); 2458 len += sizeof(beacon.size); 2459 m_freem(m); 2460 2461 return (acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &tim, len)); 2462 } 2463 #endif /* IEEE80211_STA_ONLY */ 2464 2465 void 2466 acx_init_cmd_reg(struct acx_softc *sc) 2467 { 2468 sc->sc_cmd = CSR_READ_4(sc, ACXREG_CMD_REG_OFFSET); 2469 sc->sc_cmd_param = sc->sc_cmd + ACX_CMD_REG_SIZE; 2470 2471 /* Clear command & status */ 2472 CMD_WRITE_4(sc, 0); 2473 } 2474 2475 int 2476 acx_join_bss(struct acx_softc *sc, uint8_t mode, struct ieee80211_node *node) 2477 { 2478 uint8_t bj_buf[BSS_JOIN_BUFLEN]; 2479 struct bss_join_hdr *bj; 2480 int i, dtim_intvl; 2481 2482 bzero(bj_buf, sizeof(bj_buf)); 2483 bj = (struct bss_join_hdr *)bj_buf; 2484 2485 for (i = 0; i < IEEE80211_ADDR_LEN; ++i) 2486 bj->bssid[i] = node->ni_bssid[IEEE80211_ADDR_LEN - i - 1]; 2487 2488 bj->beacon_intvl = htole16(acx_beacon_intvl); 2489 2490 /* TODO tunable */ 2491 #ifndef IEEE80211_STA_ONLY 2492 if (sc->sc_ic.ic_opmode == IEEE80211_M_IBSS) 2493 dtim_intvl = 1; 2494 else 2495 #endif 2496 dtim_intvl = 10; 2497 sc->chip_set_bss_join_param(sc, bj->chip_spec, dtim_intvl); 2498 2499 bj->ndata_txrate = ACX_NDATA_TXRATE_1; 2500 bj->ndata_txopt = 0; 2501 bj->mode = mode; 2502 bj->channel = ieee80211_chan2ieee(&sc->sc_ic, node->ni_chan); 2503 bj->esslen = node->ni_esslen; 2504 bcopy(node->ni_essid, bj->essid, node->ni_esslen); 2505 2506 DPRINTF(("%s: join BSS/IBSS on channel %d\n", sc->sc_dev.dv_xname, 2507 bj->channel)); 2508 return (acx_exec_command(sc, ACXCMD_JOIN_BSS, 2509 bj, BSS_JOIN_PARAM_SIZE(bj), NULL, 0)); 2510 } 2511 2512 int 2513 acx_set_channel(struct acx_softc *sc, uint8_t chan) 2514 { 2515 if (acx_exec_command(sc, ACXCMD_ENABLE_TXCHAN, &chan, sizeof(chan), 2516 NULL, 0) != 0) { 2517 DPRINTF(("%s: setting TX channel %d failed\n", 2518 sc->sc_dev.dv_xname, chan)); 2519 return (ENXIO); 2520 } 2521 2522 if (acx_exec_command(sc, ACXCMD_ENABLE_RXCHAN, &chan, sizeof(chan), 2523 NULL, 0) != 0) { 2524 DPRINTF(("%s: setting RX channel %d failed\n", 2525 sc->sc_dev.dv_xname, chan)); 2526 return (ENXIO); 2527 } 2528 2529 return (0); 2530 } 2531 2532 int 2533 acx_get_conf(struct acx_softc *sc, uint16_t conf_id, void *conf, 2534 uint16_t conf_len) 2535 { 2536 struct acx_conf *confcom; 2537 2538 if (conf_len < sizeof(*confcom)) { 2539 printf("%s: %s configure data is too short\n", 2540 sc->sc_dev.dv_xname, __func__); 2541 return (1); 2542 } 2543 2544 confcom = conf; 2545 confcom->conf_id = htole16(conf_id); 2546 confcom->conf_data_len = htole16(conf_len - sizeof(*confcom)); 2547 2548 return (acx_exec_command(sc, ACXCMD_GET_CONF, confcom, sizeof(*confcom), 2549 conf, conf_len)); 2550 } 2551 2552 int 2553 acx_set_conf(struct acx_softc *sc, uint16_t conf_id, void *conf, 2554 uint16_t conf_len) 2555 { 2556 struct acx_conf *confcom; 2557 2558 if (conf_len < sizeof(*confcom)) { 2559 printf("%s: %s configure data is too short\n", 2560 sc->sc_dev.dv_xname, __func__); 2561 return (1); 2562 } 2563 2564 confcom = conf; 2565 confcom->conf_id = htole16(conf_id); 2566 confcom->conf_data_len = htole16(conf_len - sizeof(*confcom)); 2567 2568 return (acx_exec_command(sc, ACXCMD_SET_CONF, conf, conf_len, NULL, 0)); 2569 } 2570 2571 int 2572 acx_set_tmplt(struct acx_softc *sc, uint16_t cmd, void *tmplt, 2573 uint16_t tmplt_len) 2574 { 2575 uint16_t *size; 2576 2577 if (tmplt_len < sizeof(*size)) { 2578 printf("%s: %s template is too short\n", 2579 sc->sc_dev.dv_xname, __func__); 2580 return (1); 2581 } 2582 2583 size = tmplt; 2584 *size = htole16(tmplt_len - sizeof(*size)); 2585 2586 return (acx_exec_command(sc, cmd, tmplt, tmplt_len, NULL, 0)); 2587 } 2588 2589 int 2590 acx_init_radio(struct acx_softc *sc, uint32_t radio_ofs, uint32_t radio_len) 2591 { 2592 struct radio_init r; 2593 2594 r.radio_ofs = htole32(radio_ofs); 2595 r.radio_len = htole32(radio_len); 2596 2597 return (acx_exec_command(sc, ACXCMD_INIT_RADIO, &r, sizeof(r), NULL, 2598 0)); 2599 } 2600 2601 int 2602 acx_exec_command(struct acx_softc *sc, uint16_t cmd, void *param, 2603 uint16_t param_len, void *result, uint16_t result_len) 2604 { 2605 uint16_t status; 2606 int i, ret; 2607 2608 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0) { 2609 printf("%s: cmd 0x%04x failed (base firmware not loaded)\n", 2610 sc->sc_dev.dv_xname, cmd); 2611 return (1); 2612 } 2613 2614 ret = 0; 2615 2616 if (param != NULL && param_len != 0) { 2617 /* Set command param */ 2618 CMDPRM_WRITE_REGION_1(sc, param, param_len); 2619 } 2620 2621 /* Set command */ 2622 CMD_WRITE_4(sc, cmd); 2623 2624 /* Exec command */ 2625 CSR_WRITE_2(sc, ACXREG_INTR_TRIG, ACXRV_TRIG_CMD_FINI); 2626 DELAY(50); 2627 2628 /* Wait for command to complete */ 2629 if (cmd == ACXCMD_INIT_RADIO) { 2630 /* radio initialization is extremely long */ 2631 tsleep(&cmd, 0, "rdinit", (300 * hz) / 1000); /* 300ms */ 2632 } 2633 2634 #define CMDWAIT_RETRY_MAX 1000 2635 for (i = 0; i < CMDWAIT_RETRY_MAX; ++i) { 2636 uint16_t reg; 2637 2638 reg = CSR_READ_2(sc, ACXREG_INTR_STATUS); 2639 if (reg & ACXRV_INTR_CMD_FINI) { 2640 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_CMD_FINI); 2641 break; 2642 } 2643 DELAY(50); 2644 } 2645 if (i == CMDWAIT_RETRY_MAX) { 2646 printf("%s: cmd %04x failed (timeout)\n", 2647 sc->sc_dev.dv_xname, cmd); 2648 ret = 1; 2649 goto back; 2650 } 2651 #undef CMDWAIT_RETRY_MAX 2652 2653 /* Get command exec status */ 2654 status = (CMD_READ_4(sc) >> ACX_CMD_STATUS_SHIFT); 2655 if (status != ACX_CMD_STATUS_OK) { 2656 DPRINTF(("%s: cmd %04x failed\n", sc->sc_dev.dv_xname, cmd)); 2657 ret = 1; 2658 goto back; 2659 } 2660 2661 if (result != NULL && result_len != 0) { 2662 /* Get command result */ 2663 CMDPRM_READ_REGION_1(sc, result, result_len); 2664 } 2665 2666 back: 2667 CMD_WRITE_4(sc, 0); 2668 2669 return (ret); 2670 } 2671 2672 const char * 2673 acx_get_rf(int rev) 2674 { 2675 switch (rev) { 2676 case ACX_RADIO_TYPE_MAXIM: return "MAX2820"; 2677 case ACX_RADIO_TYPE_RFMD: return "RFMD"; 2678 case ACX_RADIO_TYPE_RALINK: return "Ralink"; 2679 case ACX_RADIO_TYPE_RADIA: return "Radia"; 2680 default: return "unknown"; 2681 } 2682 } 2683 2684 int 2685 acx_get_maxrssi(int radio) 2686 { 2687 switch (radio) { 2688 case ACX_RADIO_TYPE_MAXIM: return ACX_RADIO_RSSI_MAXIM; 2689 case ACX_RADIO_TYPE_RFMD: return ACX_RADIO_RSSI_RFMD; 2690 case ACX_RADIO_TYPE_RALINK: return ACX_RADIO_RSSI_RALINK; 2691 case ACX_RADIO_TYPE_RADIA: return ACX_RADIO_RSSI_RADIA; 2692 default: return ACX_RADIO_RSSI_UNKN; 2693 } 2694 } 2695 2696 void 2697 acx_iter_func(void *arg, struct ieee80211_node *ni) 2698 { 2699 struct acx_softc *sc = arg; 2700 struct acx_node *wn = (struct acx_node *)ni; 2701 2702 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 2703 } 2704 2705 void 2706 acx_amrr_timeout(void *arg) 2707 { 2708 struct acx_softc *sc = arg; 2709 struct ieee80211com *ic = &sc->sc_ic; 2710 2711 if (ic->ic_opmode == IEEE80211_M_STA) 2712 acx_iter_func(sc, ic->ic_bss); 2713 else 2714 ieee80211_iterate_nodes(ic, acx_iter_func, sc); 2715 2716 timeout_add_msec(&sc->amrr_ch, 500); 2717 } 2718 2719 void 2720 acx_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 2721 { 2722 struct acx_softc *sc = ic->ic_if.if_softc; 2723 int i; 2724 2725 ieee80211_amrr_node_init(&sc->amrr, &((struct acx_node *)ni)->amn); 2726 2727 /* set rate to some reasonable initial value */ 2728 for (i = ni->ni_rates.rs_nrates - 1; 2729 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 2730 i--); 2731 ni->ni_txrate = i; 2732 } 2733 2734 #ifndef IEEE80211_STA_ONLY 2735 void 2736 acx_set_tim(struct ieee80211com *ic, int aid, int set) 2737 { 2738 struct acx_softc *sc = ic->ic_if.if_softc; 2739 struct acx_tmplt_tim tim; 2740 u_int8_t *ep; 2741 2742 ieee80211_set_tim(ic, aid, set); 2743 2744 bzero(&tim, sizeof(tim)); 2745 ep = ieee80211_add_tim(tim.data.u_mem, ic); 2746 2747 acx_set_tmplt(sc, ACXCMD_TMPLT_TIM, &tim, ep - (u_int8_t *)&tim); 2748 } 2749 #endif 2750