1 /* $OpenBSD: if_ipw.c,v 1.115 2016/04/13 10:34:32 mpi Exp $ */ 2 3 /*- 4 * Copyright (c) 2004-2008 5 * Damien Bergamini <damien.bergamini@free.fr>. All rights reserved. 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /* 21 * Driver for Intel PRO/Wireless 2100 802.11 network adapters. 22 */ 23 24 #include "bpfilter.h" 25 26 #include <sys/param.h> 27 #include <sys/sockio.h> 28 #include <sys/task.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/socket.h> 32 #include <sys/systm.h> 33 #include <sys/conf.h> 34 #include <sys/device.h> 35 #include <sys/endian.h> 36 37 #include <machine/bus.h> 38 #include <machine/intr.h> 39 40 #include <dev/pci/pcireg.h> 41 #include <dev/pci/pcivar.h> 42 #include <dev/pci/pcidevs.h> 43 44 #if NBPFILTER > 0 45 #include <net/bpf.h> 46 #endif 47 #include <net/if.h> 48 #include <net/if_dl.h> 49 #include <net/if_media.h> 50 51 #include <netinet/in.h> 52 #include <netinet/if_ether.h> 53 54 #include <net80211/ieee80211_var.h> 55 #include <net80211/ieee80211_radiotap.h> 56 57 #include <dev/pci/if_ipwreg.h> 58 #include <dev/pci/if_ipwvar.h> 59 60 int ipw_match(struct device *, void *, void *); 61 void ipw_attach(struct device *, struct device *, void *); 62 int ipw_activate(struct device *, int); 63 void ipw_wakeup(struct ipw_softc *); 64 int ipw_dma_alloc(struct ipw_softc *); 65 void ipw_release(struct ipw_softc *); 66 int ipw_media_change(struct ifnet *); 67 void ipw_media_status(struct ifnet *, struct ifmediareq *); 68 int ipw_newstate(struct ieee80211com *, enum ieee80211_state, int); 69 uint16_t ipw_read_prom_word(struct ipw_softc *, uint8_t); 70 void ipw_command_intr(struct ipw_softc *, struct ipw_soft_buf *); 71 void ipw_newstate_intr(struct ipw_softc *, struct ipw_soft_buf *); 72 void ipw_data_intr(struct ipw_softc *, struct ipw_status *, 73 struct ipw_soft_bd *, struct ipw_soft_buf *); 74 void ipw_notification_intr(struct ipw_softc *, 75 struct ipw_soft_buf *); 76 void ipw_rx_intr(struct ipw_softc *); 77 void ipw_release_sbd(struct ipw_softc *, struct ipw_soft_bd *); 78 void ipw_tx_intr(struct ipw_softc *); 79 int ipw_intr(void *); 80 int ipw_cmd(struct ipw_softc *, uint32_t, void *, uint32_t); 81 int ipw_send_mgmt(struct ieee80211com *, struct ieee80211_node *, 82 int, int, int); 83 int ipw_tx_start(struct ifnet *, struct mbuf *, 84 struct ieee80211_node *); 85 void ipw_start(struct ifnet *); 86 void ipw_watchdog(struct ifnet *); 87 int ipw_ioctl(struct ifnet *, u_long, caddr_t); 88 uint32_t ipw_read_table1(struct ipw_softc *, uint32_t); 89 void ipw_write_table1(struct ipw_softc *, uint32_t, uint32_t); 90 int ipw_read_table2(struct ipw_softc *, uint32_t, void *, 91 uint32_t *); 92 void ipw_stop_master(struct ipw_softc *); 93 int ipw_reset(struct ipw_softc *); 94 int ipw_load_ucode(struct ipw_softc *, u_char *, int); 95 int ipw_load_firmware(struct ipw_softc *, u_char *, int); 96 int ipw_read_firmware(struct ipw_softc *, struct ipw_firmware *); 97 void ipw_scan(void *); 98 void ipw_auth_and_assoc(void *); 99 int ipw_config(struct ipw_softc *); 100 int ipw_init(struct ifnet *); 101 void ipw_stop(struct ifnet *, int); 102 void ipw_read_mem_1(struct ipw_softc *, bus_size_t, uint8_t *, 103 bus_size_t); 104 void ipw_write_mem_1(struct ipw_softc *, bus_size_t, uint8_t *, 105 bus_size_t); 106 107 static __inline uint8_t 108 MEM_READ_1(struct ipw_softc *sc, uint32_t addr) 109 { 110 CSR_WRITE_4(sc, IPW_CSR_INDIRECT_ADDR, addr); 111 return CSR_READ_1(sc, IPW_CSR_INDIRECT_DATA); 112 } 113 114 static __inline uint32_t 115 MEM_READ_4(struct ipw_softc *sc, uint32_t addr) 116 { 117 CSR_WRITE_4(sc, IPW_CSR_INDIRECT_ADDR, addr); 118 return CSR_READ_4(sc, IPW_CSR_INDIRECT_DATA); 119 } 120 121 #ifdef IPW_DEBUG 122 #define DPRINTF(x) do { if (ipw_debug > 0) printf x; } while (0) 123 #define DPRINTFN(n, x) do { if (ipw_debug >= (n)) printf x; } while (0) 124 int ipw_debug = 0; 125 #else 126 #define DPRINTF(x) 127 #define DPRINTFN(n, x) 128 #endif 129 130 struct cfattach ipw_ca = { 131 sizeof (struct ipw_softc), ipw_match, ipw_attach, NULL, 132 ipw_activate 133 }; 134 135 int 136 ipw_match(struct device *parent, void *match, void *aux) 137 { 138 struct pci_attach_args *pa = aux; 139 140 if (PCI_VENDOR (pa->pa_id) == PCI_VENDOR_INTEL && 141 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_2100) 142 return 1; 143 144 return 0; 145 } 146 147 /* Base Address Register */ 148 #define IPW_PCI_BAR0 0x10 149 150 void 151 ipw_attach(struct device *parent, struct device *self, void *aux) 152 { 153 struct ipw_softc *sc = (struct ipw_softc *)self; 154 struct ieee80211com *ic = &sc->sc_ic; 155 struct ifnet *ifp = &ic->ic_if; 156 struct pci_attach_args *pa = aux; 157 const char *intrstr; 158 bus_space_tag_t memt; 159 bus_space_handle_t memh; 160 bus_addr_t base; 161 pci_intr_handle_t ih; 162 pcireg_t data; 163 uint16_t val; 164 int error, i; 165 166 sc->sc_pct = pa->pa_pc; 167 sc->sc_pcitag = pa->pa_tag, 168 169 /* clear device specific PCI configuration register 0x41 */ 170 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 171 data &= ~0x0000ff00; 172 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 173 174 /* map the register window */ 175 error = pci_mapreg_map(pa, IPW_PCI_BAR0, PCI_MAPREG_TYPE_MEM | 176 PCI_MAPREG_MEM_TYPE_32BIT, 0, &memt, &memh, &base, &sc->sc_sz, 0); 177 if (error != 0) { 178 printf(": can't map mem space\n"); 179 return; 180 } 181 182 sc->sc_st = memt; 183 sc->sc_sh = memh; 184 sc->sc_dmat = pa->pa_dmat; 185 186 /* disable interrupts */ 187 CSR_WRITE_4(sc, IPW_CSR_INTR_MASK, 0); 188 189 if (pci_intr_map(pa, &ih) != 0) { 190 printf(": can't map interrupt\n"); 191 return; 192 } 193 194 intrstr = pci_intr_string(sc->sc_pct, ih); 195 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, ipw_intr, sc, 196 sc->sc_dev.dv_xname); 197 if (sc->sc_ih == NULL) { 198 printf(": can't establish interrupt"); 199 if (intrstr != NULL) 200 printf(" at %s", intrstr); 201 printf("\n"); 202 return; 203 } 204 printf(": %s", intrstr); 205 206 task_set(&sc->sc_scantask, ipw_scan, sc); 207 task_set(&sc->sc_authandassoctask, ipw_auth_and_assoc, sc); 208 209 if (ipw_reset(sc) != 0) { 210 printf(": could not reset adapter\n"); 211 return; 212 } 213 214 if (ipw_dma_alloc(sc) != 0) { 215 printf(": failed to allocate DMA resources\n"); 216 return; 217 } 218 219 ic->ic_phytype = IEEE80211_T_DS; 220 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 221 ic->ic_state = IEEE80211_S_INIT; 222 223 /* set device capabilities */ 224 ic->ic_caps = 225 #ifndef IEEE80211_STA_ONLY 226 IEEE80211_C_IBSS | /* IBSS mode supported */ 227 #endif 228 IEEE80211_C_MONITOR | /* monitor mode supported */ 229 IEEE80211_C_TXPMGT | /* tx power management */ 230 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 231 IEEE80211_C_WEP | /* s/w WEP */ 232 IEEE80211_C_RSN | /* WPA/RSN */ 233 IEEE80211_C_SCANALL; /* h/w scanning */ 234 235 /* read MAC address from EEPROM */ 236 val = ipw_read_prom_word(sc, IPW_EEPROM_MAC + 0); 237 ic->ic_myaddr[0] = val >> 8; 238 ic->ic_myaddr[1] = val & 0xff; 239 val = ipw_read_prom_word(sc, IPW_EEPROM_MAC + 1); 240 ic->ic_myaddr[2] = val >> 8; 241 ic->ic_myaddr[3] = val & 0xff; 242 val = ipw_read_prom_word(sc, IPW_EEPROM_MAC + 2); 243 ic->ic_myaddr[4] = val >> 8; 244 ic->ic_myaddr[5] = val & 0xff; 245 246 printf(", address %s\n", ether_sprintf(ic->ic_myaddr)); 247 248 /* set supported .11b rates */ 249 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 250 251 /* set supported .11b channels (1 through 14) */ 252 for (i = 1; i <= 14; i++) { 253 ic->ic_channels[i].ic_freq = 254 ieee80211_ieee2mhz(i, IEEE80211_CHAN_B); 255 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_B; 256 } 257 258 /* IBSS channel undefined for now */ 259 ic->ic_ibss_chan = &ic->ic_channels[0]; 260 261 ifp->if_softc = sc; 262 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 263 ifp->if_ioctl = ipw_ioctl; 264 ifp->if_start = ipw_start; 265 ifp->if_watchdog = ipw_watchdog; 266 bcopy(sc->sc_dev.dv_xname, ifp->if_xname, IFNAMSIZ); 267 268 if_attach(ifp); 269 ieee80211_ifattach(ifp); 270 /* override state transition machine */ 271 sc->sc_newstate = ic->ic_newstate; 272 ic->ic_newstate = ipw_newstate; 273 ic->ic_send_mgmt = ipw_send_mgmt; 274 ieee80211_media_init(ifp, ipw_media_change, ipw_media_status); 275 276 #if NBPFILTER > 0 277 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 278 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 279 280 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 281 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 282 sc->sc_rxtap.wr_ihdr.it_present = htole32(IPW_RX_RADIOTAP_PRESENT); 283 284 sc->sc_txtap_len = sizeof sc->sc_txtapu; 285 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 286 sc->sc_txtap.wt_ihdr.it_present = htole32(IPW_TX_RADIOTAP_PRESENT); 287 #endif 288 } 289 290 int 291 ipw_activate(struct device *self, int act) 292 { 293 struct ipw_softc *sc = (struct ipw_softc *)self; 294 struct ifnet *ifp = &sc->sc_ic.ic_if; 295 296 switch (act) { 297 case DVACT_SUSPEND: 298 if (ifp->if_flags & IFF_RUNNING) 299 ipw_stop(ifp, 0); 300 break; 301 case DVACT_WAKEUP: 302 ipw_wakeup(sc); 303 break; 304 } 305 306 return 0; 307 } 308 309 void 310 ipw_wakeup(struct ipw_softc *sc) 311 { 312 struct ifnet *ifp = &sc->sc_ic.ic_if; 313 pcireg_t data; 314 int s; 315 316 /* clear device specific PCI configuration register 0x41 */ 317 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 318 data &= ~0x0000ff00; 319 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 320 321 s = splnet(); 322 while (sc->sc_flags & IPW_FLAG_BUSY) 323 tsleep(&sc->sc_flags, PZERO, "ipwpwr", 0); 324 sc->sc_flags |= IPW_FLAG_BUSY; 325 326 if (ifp->if_flags & IFF_UP) 327 ipw_init(ifp); 328 329 sc->sc_flags &= ~IPW_FLAG_BUSY; 330 wakeup(&sc->sc_flags); 331 splx(s); 332 } 333 334 int 335 ipw_dma_alloc(struct ipw_softc *sc) 336 { 337 struct ipw_soft_bd *sbd; 338 struct ipw_soft_hdr *shdr; 339 struct ipw_soft_buf *sbuf; 340 int i, nsegs, error; 341 342 /* 343 * Allocate and map tx ring. 344 */ 345 error = bus_dmamap_create(sc->sc_dmat, IPW_TBD_SZ, 1, IPW_TBD_SZ, 0, 346 BUS_DMA_NOWAIT, &sc->tbd_map); 347 if (error != 0) { 348 printf("%s: could not create tx ring DMA map\n", 349 sc->sc_dev.dv_xname); 350 goto fail; 351 } 352 353 error = bus_dmamem_alloc(sc->sc_dmat, IPW_TBD_SZ, PAGE_SIZE, 0, 354 &sc->tbd_seg, 1, &nsegs, BUS_DMA_NOWAIT); 355 if (error != 0) { 356 printf("%s: could not allocate tx ring DMA memory\n", 357 sc->sc_dev.dv_xname); 358 goto fail; 359 } 360 361 error = bus_dmamem_map(sc->sc_dmat, &sc->tbd_seg, nsegs, IPW_TBD_SZ, 362 (caddr_t *)&sc->tbd_list, BUS_DMA_NOWAIT); 363 if (error != 0) { 364 printf("%s: can't map tx ring DMA memory\n", 365 sc->sc_dev.dv_xname); 366 goto fail; 367 } 368 369 error = bus_dmamap_load(sc->sc_dmat, sc->tbd_map, sc->tbd_list, 370 IPW_TBD_SZ, NULL, BUS_DMA_NOWAIT); 371 if (error != 0) { 372 printf("%s: could not load tx ring DMA map\n", 373 sc->sc_dev.dv_xname); 374 goto fail; 375 } 376 377 /* 378 * Allocate and map rx ring. 379 */ 380 error = bus_dmamap_create(sc->sc_dmat, IPW_RBD_SZ, 1, IPW_RBD_SZ, 0, 381 BUS_DMA_NOWAIT, &sc->rbd_map); 382 if (error != 0) { 383 printf("%s: could not create rx ring DMA map\n", 384 sc->sc_dev.dv_xname); 385 goto fail; 386 } 387 388 error = bus_dmamem_alloc(sc->sc_dmat, IPW_RBD_SZ, PAGE_SIZE, 0, 389 &sc->rbd_seg, 1, &nsegs, BUS_DMA_NOWAIT); 390 if (error != 0) { 391 printf("%s: could not allocate rx ring DMA memory\n", 392 sc->sc_dev.dv_xname); 393 goto fail; 394 } 395 396 error = bus_dmamem_map(sc->sc_dmat, &sc->rbd_seg, nsegs, IPW_RBD_SZ, 397 (caddr_t *)&sc->rbd_list, BUS_DMA_NOWAIT); 398 if (error != 0) { 399 printf("%s: can't map rx ring DMA memory\n", 400 sc->sc_dev.dv_xname); 401 goto fail; 402 } 403 404 error = bus_dmamap_load(sc->sc_dmat, sc->rbd_map, sc->rbd_list, 405 IPW_RBD_SZ, NULL, BUS_DMA_NOWAIT); 406 if (error != 0) { 407 printf("%s: could not load tx ring DMA map\n", 408 sc->sc_dev.dv_xname); 409 goto fail; 410 } 411 412 /* 413 * Allocate and map status ring. 414 */ 415 error = bus_dmamap_create(sc->sc_dmat, IPW_STATUS_SZ, 1, IPW_STATUS_SZ, 416 0, BUS_DMA_NOWAIT, &sc->status_map); 417 if (error != 0) { 418 printf("%s: could not create status ring DMA map\n", 419 sc->sc_dev.dv_xname); 420 goto fail; 421 } 422 423 error = bus_dmamem_alloc(sc->sc_dmat, IPW_STATUS_SZ, PAGE_SIZE, 0, 424 &sc->status_seg, 1, &nsegs, BUS_DMA_NOWAIT); 425 if (error != 0) { 426 printf("%s: could not allocate status ring DMA memory\n", 427 sc->sc_dev.dv_xname); 428 goto fail; 429 } 430 431 error = bus_dmamem_map(sc->sc_dmat, &sc->status_seg, nsegs, 432 IPW_STATUS_SZ, (caddr_t *)&sc->status_list, BUS_DMA_NOWAIT); 433 if (error != 0) { 434 printf("%s: can't map status ring DMA memory\n", 435 sc->sc_dev.dv_xname); 436 goto fail; 437 } 438 439 error = bus_dmamap_load(sc->sc_dmat, sc->status_map, sc->status_list, 440 IPW_STATUS_SZ, NULL, BUS_DMA_NOWAIT); 441 if (error != 0) { 442 printf("%s: could not load status ring DMA map\n", 443 sc->sc_dev.dv_xname); 444 goto fail; 445 } 446 447 /* 448 * Allocate command DMA map. 449 */ 450 error = bus_dmamap_create(sc->sc_dmat, sizeof (struct ipw_cmd), 1, 451 sizeof (struct ipw_cmd), 0, BUS_DMA_NOWAIT, &sc->cmd_map); 452 if (error != 0) { 453 printf("%s: could not create command DMA map\n", 454 sc->sc_dev.dv_xname); 455 goto fail; 456 } 457 458 /* 459 * Allocate headers DMA maps. 460 */ 461 SLIST_INIT(&sc->free_shdr); 462 for (i = 0; i < IPW_NDATA; i++) { 463 shdr = &sc->shdr_list[i]; 464 error = bus_dmamap_create(sc->sc_dmat, sizeof (struct ipw_hdr), 465 1, sizeof (struct ipw_hdr), 0, BUS_DMA_NOWAIT, &shdr->map); 466 if (error != 0) { 467 printf("%s: could not create header DMA map\n", 468 sc->sc_dev.dv_xname); 469 goto fail; 470 } 471 SLIST_INSERT_HEAD(&sc->free_shdr, shdr, next); 472 } 473 474 /* 475 * Allocate tx buffers DMA maps. 476 */ 477 SLIST_INIT(&sc->free_sbuf); 478 for (i = 0; i < IPW_NDATA; i++) { 479 sbuf = &sc->tx_sbuf_list[i]; 480 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, IPW_MAX_NSEG, 481 MCLBYTES, 0, BUS_DMA_NOWAIT, &sbuf->map); 482 if (error != 0) { 483 printf("%s: could not create tx DMA map\n", 484 sc->sc_dev.dv_xname); 485 goto fail; 486 } 487 SLIST_INSERT_HEAD(&sc->free_sbuf, sbuf, next); 488 } 489 490 /* 491 * Initialize tx ring. 492 */ 493 for (i = 0; i < IPW_NTBD; i++) { 494 sbd = &sc->stbd_list[i]; 495 sbd->bd = &sc->tbd_list[i]; 496 sbd->type = IPW_SBD_TYPE_NOASSOC; 497 } 498 499 /* 500 * Pre-allocate rx buffers and DMA maps. 501 */ 502 for (i = 0; i < IPW_NRBD; i++) { 503 sbd = &sc->srbd_list[i]; 504 sbuf = &sc->rx_sbuf_list[i]; 505 sbd->bd = &sc->rbd_list[i]; 506 507 MGETHDR(sbuf->m, M_DONTWAIT, MT_DATA); 508 if (sbuf->m == NULL) { 509 printf("%s: could not allocate rx mbuf\n", 510 sc->sc_dev.dv_xname); 511 error = ENOMEM; 512 goto fail; 513 } 514 MCLGET(sbuf->m, M_DONTWAIT); 515 if (!(sbuf->m->m_flags & M_EXT)) { 516 m_freem(sbuf->m); 517 printf("%s: could not allocate rx mbuf cluster\n", 518 sc->sc_dev.dv_xname); 519 error = ENOMEM; 520 goto fail; 521 } 522 523 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 524 0, BUS_DMA_NOWAIT, &sbuf->map); 525 if (error != 0) { 526 printf("%s: could not create rx DMA map\n", 527 sc->sc_dev.dv_xname); 528 goto fail; 529 } 530 531 error = bus_dmamap_load(sc->sc_dmat, sbuf->map, 532 mtod(sbuf->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 533 if (error != 0) { 534 printf("%s: can't map rx DMA memory\n", 535 sc->sc_dev.dv_xname); 536 goto fail; 537 } 538 539 sbd->type = IPW_SBD_TYPE_DATA; 540 sbd->priv = sbuf; 541 sbd->bd->physaddr = htole32(sbuf->map->dm_segs[0].ds_addr); 542 sbd->bd->len = htole32(MCLBYTES); 543 } 544 545 bus_dmamap_sync(sc->sc_dmat, sc->rbd_map, 0, IPW_RBD_SZ, 546 BUS_DMASYNC_PREWRITE); 547 548 return 0; 549 550 fail: ipw_release(sc); 551 return error; 552 } 553 554 void 555 ipw_release(struct ipw_softc *sc) 556 { 557 struct ipw_soft_buf *sbuf; 558 int i; 559 560 if (sc->tbd_map != NULL) { 561 if (sc->tbd_list != NULL) { 562 bus_dmamap_unload(sc->sc_dmat, sc->tbd_map); 563 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->tbd_list, 564 IPW_TBD_SZ); 565 bus_dmamem_free(sc->sc_dmat, &sc->tbd_seg, 1); 566 } 567 bus_dmamap_destroy(sc->sc_dmat, sc->tbd_map); 568 } 569 570 if (sc->rbd_map != NULL) { 571 if (sc->rbd_list != NULL) { 572 bus_dmamap_unload(sc->sc_dmat, sc->rbd_map); 573 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->rbd_list, 574 IPW_RBD_SZ); 575 bus_dmamem_free(sc->sc_dmat, &sc->rbd_seg, 1); 576 } 577 bus_dmamap_destroy(sc->sc_dmat, sc->rbd_map); 578 } 579 580 if (sc->status_map != NULL) { 581 if (sc->status_list != NULL) { 582 bus_dmamap_unload(sc->sc_dmat, sc->status_map); 583 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->status_list, 584 IPW_RBD_SZ); 585 bus_dmamem_free(sc->sc_dmat, &sc->status_seg, 1); 586 } 587 bus_dmamap_destroy(sc->sc_dmat, sc->status_map); 588 } 589 590 if (sc->cmd_map != NULL) 591 bus_dmamap_destroy(sc->sc_dmat, sc->cmd_map); 592 593 for (i = 0; i < IPW_NDATA; i++) 594 bus_dmamap_destroy(sc->sc_dmat, sc->shdr_list[i].map); 595 596 for (i = 0; i < IPW_NDATA; i++) 597 bus_dmamap_destroy(sc->sc_dmat, sc->tx_sbuf_list[i].map); 598 599 for (i = 0; i < IPW_NRBD; i++) { 600 sbuf = &sc->rx_sbuf_list[i]; 601 if (sbuf->map != NULL) { 602 if (sbuf->m != NULL) { 603 bus_dmamap_unload(sc->sc_dmat, sbuf->map); 604 m_freem(sbuf->m); 605 } 606 bus_dmamap_destroy(sc->sc_dmat, sbuf->map); 607 } 608 } 609 610 task_del(systq, &sc->sc_scantask); 611 task_del(systq, &sc->sc_authandassoctask); 612 } 613 614 int 615 ipw_media_change(struct ifnet *ifp) 616 { 617 int error; 618 619 error = ieee80211_media_change(ifp); 620 if (error != ENETRESET) 621 return error; 622 623 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 624 ipw_init(ifp); 625 626 return 0; 627 } 628 629 void 630 ipw_media_status(struct ifnet *ifp, struct ifmediareq *imr) 631 { 632 struct ipw_softc *sc = ifp->if_softc; 633 struct ieee80211com *ic = &sc->sc_ic; 634 static const struct { 635 uint32_t val; 636 int rate; 637 } rates[] = { 638 { IPW_RATE_DS1, 2 }, 639 { IPW_RATE_DS2, 4 }, 640 { IPW_RATE_DS5, 11 }, 641 { IPW_RATE_DS11, 22 }, 642 }; 643 uint32_t val; 644 int rate, i; 645 646 imr->ifm_status = IFM_AVALID; 647 imr->ifm_active = IFM_IEEE80211; 648 if (ic->ic_state == IEEE80211_S_RUN) 649 imr->ifm_status |= IFM_ACTIVE; 650 651 /* read current transmission rate from adapter */ 652 val = ipw_read_table1(sc, IPW_INFO_CURRENT_TX_RATE); 653 val &= 0xf; 654 655 /* convert rate to 802.11 rate */ 656 for (i = 0; i < nitems(rates) && rates[i].val != val; i++); 657 rate = (i < nitems(rates)) ? rates[i].rate : 0; 658 659 imr->ifm_active |= IFM_IEEE80211_11B; 660 imr->ifm_active |= ieee80211_rate2media(ic, rate, IEEE80211_MODE_11B); 661 switch (ic->ic_opmode) { 662 case IEEE80211_M_STA: 663 break; 664 #ifndef IEEE80211_STA_ONLY 665 case IEEE80211_M_IBSS: 666 imr->ifm_active |= IFM_IEEE80211_IBSS; 667 break; 668 #endif 669 case IEEE80211_M_MONITOR: 670 imr->ifm_active |= IFM_IEEE80211_MONITOR; 671 break; 672 default: 673 /* should not get there */ 674 break; 675 } 676 } 677 678 int 679 ipw_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 680 { 681 struct ipw_softc *sc = ic->ic_softc; 682 683 switch (nstate) { 684 case IEEE80211_S_SCAN: 685 task_add(systq, &sc->sc_scantask); 686 break; 687 688 case IEEE80211_S_AUTH: 689 task_add(systq, &sc->sc_authandassoctask); 690 break; 691 692 case IEEE80211_S_RUN: 693 case IEEE80211_S_INIT: 694 case IEEE80211_S_ASSOC: 695 /* nothing to do */ 696 break; 697 } 698 699 ic->ic_state = nstate; 700 return 0; 701 } 702 703 /* 704 * Read 16 bits at address 'addr' from the Microwire EEPROM. 705 * DON'T PLAY WITH THIS CODE UNLESS YOU KNOW *EXACTLY* WHAT YOU'RE DOING! 706 */ 707 uint16_t 708 ipw_read_prom_word(struct ipw_softc *sc, uint8_t addr) 709 { 710 uint32_t tmp; 711 uint16_t val; 712 int n; 713 714 /* clock C once before the first command */ 715 IPW_EEPROM_CTL(sc, 0); 716 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 717 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_C); 718 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 719 720 /* write start bit (1) */ 721 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_D); 722 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_D | IPW_EEPROM_C); 723 724 /* write READ opcode (10) */ 725 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_D); 726 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_D | IPW_EEPROM_C); 727 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 728 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_C); 729 730 /* write address A7-A0 */ 731 for (n = 7; n >= 0; n--) { 732 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | 733 (((addr >> n) & 1) << IPW_EEPROM_SHIFT_D)); 734 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | 735 (((addr >> n) & 1) << IPW_EEPROM_SHIFT_D) | IPW_EEPROM_C); 736 } 737 738 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 739 740 /* read data Q15-Q0 */ 741 val = 0; 742 for (n = 15; n >= 0; n--) { 743 IPW_EEPROM_CTL(sc, IPW_EEPROM_S | IPW_EEPROM_C); 744 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 745 tmp = MEM_READ_4(sc, IPW_MEM_EEPROM_CTL); 746 val |= ((tmp & IPW_EEPROM_Q) >> IPW_EEPROM_SHIFT_Q) << n; 747 } 748 749 IPW_EEPROM_CTL(sc, 0); 750 751 /* clear Chip Select and clock C */ 752 IPW_EEPROM_CTL(sc, IPW_EEPROM_S); 753 IPW_EEPROM_CTL(sc, 0); 754 IPW_EEPROM_CTL(sc, IPW_EEPROM_C); 755 756 return val; 757 } 758 759 void 760 ipw_command_intr(struct ipw_softc *sc, struct ipw_soft_buf *sbuf) 761 { 762 struct ipw_cmd *cmd; 763 764 bus_dmamap_sync(sc->sc_dmat, sbuf->map, 0, sizeof (struct ipw_cmd), 765 BUS_DMASYNC_POSTREAD); 766 767 cmd = mtod(sbuf->m, struct ipw_cmd *); 768 769 DPRINTFN(2, ("received command ack type=%u,status=%u\n", 770 letoh32(cmd->type), letoh32(cmd->status))); 771 772 wakeup(&sc->cmd); 773 } 774 775 void 776 ipw_newstate_intr(struct ipw_softc *sc, struct ipw_soft_buf *sbuf) 777 { 778 struct ieee80211com *ic = &sc->sc_ic; 779 struct ifnet *ifp = &ic->ic_if; 780 uint32_t state; 781 782 bus_dmamap_sync(sc->sc_dmat, sbuf->map, 0, sizeof state, 783 BUS_DMASYNC_POSTREAD); 784 785 state = letoh32(*mtod(sbuf->m, uint32_t *)); 786 787 DPRINTFN(2, ("firmware state changed to 0x%x\n", state)); 788 789 switch (state) { 790 case IPW_STATE_ASSOCIATED: 791 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 792 break; 793 794 case IPW_STATE_SCANNING: 795 if (ic->ic_state == IEEE80211_S_RUN) 796 ieee80211_begin_scan(ifp); 797 break; 798 799 case IPW_STATE_SCAN_COMPLETE: 800 if (ic->ic_state == IEEE80211_S_SCAN) 801 ieee80211_end_scan(ifp); 802 break; 803 804 case IPW_STATE_ASSOCIATION_LOST: 805 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 806 break; 807 808 case IPW_STATE_DISABLED: 809 wakeup(sc); 810 break; 811 812 case IPW_STATE_RADIO_DISABLED: 813 ifp->if_flags &= ~IFF_UP; 814 ipw_stop(&ic->ic_if, 1); 815 break; 816 } 817 } 818 819 void 820 ipw_data_intr(struct ipw_softc *sc, struct ipw_status *status, 821 struct ipw_soft_bd *sbd, struct ipw_soft_buf *sbuf) 822 { 823 struct ieee80211com *ic = &sc->sc_ic; 824 struct ifnet *ifp = &ic->ic_if; 825 struct mbuf *mnew, *m; 826 struct ieee80211_frame *wh; 827 struct ieee80211_rxinfo rxi; 828 struct ieee80211_node *ni; 829 int error; 830 831 DPRINTFN(5, ("received data frame len=%u,rssi=%u\n", 832 letoh32(status->len), status->rssi)); 833 834 /* 835 * Try to allocate a new mbuf for this ring element and load it before 836 * processing the current mbuf. If the ring element cannot be loaded, 837 * drop the received packet and reuse the old mbuf. In the unlikely 838 * case that the old mbuf can't be reloaded either, explicitly panic. 839 */ 840 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 841 if (mnew == NULL) { 842 ifp->if_ierrors++; 843 return; 844 } 845 MCLGET(mnew, M_DONTWAIT); 846 if (!(mnew->m_flags & M_EXT)) { 847 m_freem(mnew); 848 ifp->if_ierrors++; 849 return; 850 } 851 852 bus_dmamap_sync(sc->sc_dmat, sbuf->map, 0, letoh32(status->len), 853 BUS_DMASYNC_POSTREAD); 854 bus_dmamap_unload(sc->sc_dmat, sbuf->map); 855 856 error = bus_dmamap_load(sc->sc_dmat, sbuf->map, mtod(mnew, void *), 857 MCLBYTES, NULL, BUS_DMA_NOWAIT); 858 if (error != 0) { 859 m_freem(mnew); 860 861 /* try to reload the old mbuf */ 862 error = bus_dmamap_load(sc->sc_dmat, sbuf->map, 863 mtod(sbuf->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 864 if (error != 0) { 865 /* very unlikely that it will fail... */ 866 panic("%s: could not load old rx mbuf", 867 sc->sc_dev.dv_xname); 868 } 869 sbd->bd->physaddr = htole32(sbuf->map->dm_segs[0].ds_addr); 870 ifp->if_ierrors++; 871 return; 872 } 873 874 m = sbuf->m; 875 sbuf->m = mnew; 876 sbd->bd->physaddr = htole32(sbuf->map->dm_segs[0].ds_addr); 877 878 /* finalize mbuf */ 879 m->m_pkthdr.len = m->m_len = letoh32(status->len); 880 881 #if NBPFILTER > 0 882 if (sc->sc_drvbpf != NULL) { 883 struct mbuf mb; 884 struct ipw_rx_radiotap_header *tap = &sc->sc_rxtap; 885 886 tap->wr_flags = 0; 887 tap->wr_antsignal = status->rssi; 888 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 889 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 890 891 mb.m_data = (caddr_t)tap; 892 mb.m_len = sc->sc_rxtap_len; 893 mb.m_next = m; 894 mb.m_nextpkt = NULL; 895 mb.m_type = 0; 896 mb.m_flags = 0; 897 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 898 } 899 #endif 900 901 wh = mtod(m, struct ieee80211_frame *); 902 ni = ieee80211_find_rxnode(ic, wh); 903 904 /* send the frame to the upper layer */ 905 rxi.rxi_flags = 0; 906 rxi.rxi_rssi = status->rssi; 907 rxi.rxi_tstamp = 0; /* unused */ 908 ieee80211_input(ifp, m, ni, &rxi); 909 910 ieee80211_release_node(ic, ni); 911 } 912 913 void 914 ipw_notification_intr(struct ipw_softc *sc, struct ipw_soft_buf *sbuf) 915 { 916 DPRINTFN(2, ("received notification\n")); 917 } 918 919 void 920 ipw_rx_intr(struct ipw_softc *sc) 921 { 922 struct ipw_status *status; 923 struct ipw_soft_bd *sbd; 924 struct ipw_soft_buf *sbuf; 925 uint32_t r, i; 926 927 r = CSR_READ_4(sc, IPW_CSR_RX_READ_INDEX); 928 929 for (i = (sc->rxcur + 1) % IPW_NRBD; i != r; i = (i + 1) % IPW_NRBD) { 930 931 bus_dmamap_sync(sc->sc_dmat, sc->rbd_map, 932 i * sizeof (struct ipw_bd), sizeof (struct ipw_bd), 933 BUS_DMASYNC_POSTREAD); 934 935 bus_dmamap_sync(sc->sc_dmat, sc->status_map, 936 i * sizeof (struct ipw_status), sizeof (struct ipw_status), 937 BUS_DMASYNC_POSTREAD); 938 939 status = &sc->status_list[i]; 940 sbd = &sc->srbd_list[i]; 941 sbuf = sbd->priv; 942 943 switch (letoh16(status->code) & 0xf) { 944 case IPW_STATUS_CODE_COMMAND: 945 ipw_command_intr(sc, sbuf); 946 break; 947 948 case IPW_STATUS_CODE_NEWSTATE: 949 ipw_newstate_intr(sc, sbuf); 950 break; 951 952 case IPW_STATUS_CODE_DATA_802_3: 953 case IPW_STATUS_CODE_DATA_802_11: 954 ipw_data_intr(sc, status, sbd, sbuf); 955 break; 956 957 case IPW_STATUS_CODE_NOTIFICATION: 958 ipw_notification_intr(sc, sbuf); 959 break; 960 961 default: 962 printf("%s: unknown status code %u\n", 963 sc->sc_dev.dv_xname, letoh16(status->code)); 964 } 965 sbd->bd->flags = 0; 966 967 bus_dmamap_sync(sc->sc_dmat, sc->rbd_map, 968 i * sizeof (struct ipw_bd), sizeof (struct ipw_bd), 969 BUS_DMASYNC_PREWRITE); 970 } 971 972 /* tell the firmware what we have processed */ 973 sc->rxcur = (r == 0) ? IPW_NRBD - 1 : r - 1; 974 CSR_WRITE_4(sc, IPW_CSR_RX_WRITE_INDEX, sc->rxcur); 975 } 976 977 void 978 ipw_release_sbd(struct ipw_softc *sc, struct ipw_soft_bd *sbd) 979 { 980 struct ieee80211com *ic = &sc->sc_ic; 981 struct ipw_soft_hdr *shdr; 982 struct ipw_soft_buf *sbuf; 983 984 switch (sbd->type) { 985 case IPW_SBD_TYPE_COMMAND: 986 bus_dmamap_unload(sc->sc_dmat, sc->cmd_map); 987 break; 988 989 case IPW_SBD_TYPE_HEADER: 990 shdr = sbd->priv; 991 bus_dmamap_unload(sc->sc_dmat, shdr->map); 992 SLIST_INSERT_HEAD(&sc->free_shdr, shdr, next); 993 break; 994 995 case IPW_SBD_TYPE_DATA: 996 sbuf = sbd->priv; 997 bus_dmamap_unload(sc->sc_dmat, sbuf->map); 998 SLIST_INSERT_HEAD(&sc->free_sbuf, sbuf, next); 999 1000 m_freem(sbuf->m); 1001 1002 if (sbuf->ni != NULL) 1003 ieee80211_release_node(ic, sbuf->ni); 1004 1005 /* kill watchdog timer */ 1006 sc->sc_tx_timer = 0; 1007 break; 1008 } 1009 sbd->type = IPW_SBD_TYPE_NOASSOC; 1010 } 1011 1012 void 1013 ipw_tx_intr(struct ipw_softc *sc) 1014 { 1015 struct ifnet *ifp = &sc->sc_ic.ic_if; 1016 struct ipw_soft_bd *sbd; 1017 uint32_t r, i; 1018 1019 r = CSR_READ_4(sc, IPW_CSR_TX_READ_INDEX); 1020 1021 for (i = (sc->txold + 1) % IPW_NTBD; i != r; i = (i + 1) % IPW_NTBD) { 1022 sbd = &sc->stbd_list[i]; 1023 1024 if (sbd->type == IPW_SBD_TYPE_DATA) 1025 ifp->if_opackets++; 1026 1027 ipw_release_sbd(sc, sbd); 1028 sc->txfree++; 1029 } 1030 1031 /* remember what the firmware has processed */ 1032 sc->txold = (r == 0) ? IPW_NTBD - 1 : r - 1; 1033 1034 /* call start() since some buffer descriptors have been released */ 1035 ifq_clr_oactive(&ifp->if_snd); 1036 (*ifp->if_start)(ifp); 1037 } 1038 1039 int 1040 ipw_intr(void *arg) 1041 { 1042 struct ipw_softc *sc = arg; 1043 struct ifnet *ifp = &sc->sc_ic.ic_if; 1044 uint32_t r; 1045 1046 if ((r = CSR_READ_4(sc, IPW_CSR_INTR)) == 0 || r == 0xffffffff) 1047 return 0; 1048 1049 /* disable interrupts */ 1050 CSR_WRITE_4(sc, IPW_CSR_INTR_MASK, 0); 1051 1052 if (r & (IPW_INTR_FATAL_ERROR | IPW_INTR_PARITY_ERROR)) { 1053 printf("%s: fatal firmware error\n", sc->sc_dev.dv_xname); 1054 ifp->if_flags &= ~IFF_UP; 1055 ipw_stop(ifp, 1); 1056 return 1; 1057 } 1058 1059 if (r & IPW_INTR_FW_INIT_DONE) 1060 wakeup(sc); 1061 1062 if (r & IPW_INTR_RX_TRANSFER) 1063 ipw_rx_intr(sc); 1064 1065 if (r & IPW_INTR_TX_TRANSFER) 1066 ipw_tx_intr(sc); 1067 1068 /* acknowledge interrupts */ 1069 CSR_WRITE_4(sc, IPW_CSR_INTR, r); 1070 1071 /* re-enable interrupts */ 1072 CSR_WRITE_4(sc, IPW_CSR_INTR_MASK, IPW_INTR_MASK); 1073 1074 return 1; 1075 } 1076 1077 int 1078 ipw_cmd(struct ipw_softc *sc, uint32_t type, void *data, uint32_t len) 1079 { 1080 struct ipw_soft_bd *sbd; 1081 int s, error; 1082 1083 s = splnet(); 1084 1085 sc->cmd.type = htole32(type); 1086 sc->cmd.subtype = htole32(0); 1087 sc->cmd.len = htole32(len); 1088 sc->cmd.seq = htole32(0); 1089 if (data != NULL) 1090 bcopy(data, sc->cmd.data, len); 1091 1092 error = bus_dmamap_load(sc->sc_dmat, sc->cmd_map, &sc->cmd, 1093 sizeof (struct ipw_cmd), NULL, BUS_DMA_NOWAIT); 1094 if (error != 0) { 1095 printf("%s: can't map command DMA memory\n", 1096 sc->sc_dev.dv_xname); 1097 splx(s); 1098 return error; 1099 } 1100 1101 sbd = &sc->stbd_list[sc->txcur]; 1102 sbd->type = IPW_SBD_TYPE_COMMAND; 1103 sbd->bd->physaddr = htole32(sc->cmd_map->dm_segs[0].ds_addr); 1104 sbd->bd->len = htole32(sizeof (struct ipw_cmd)); 1105 sbd->bd->nfrag = 1; 1106 sbd->bd->flags = IPW_BD_FLAG_TX_FRAME_COMMAND | 1107 IPW_BD_FLAG_TX_LAST_FRAGMENT; 1108 1109 bus_dmamap_sync(sc->sc_dmat, sc->cmd_map, 0, sizeof (struct ipw_cmd), 1110 BUS_DMASYNC_PREWRITE); 1111 bus_dmamap_sync(sc->sc_dmat, sc->tbd_map, 1112 sc->txcur * sizeof (struct ipw_bd), sizeof (struct ipw_bd), 1113 BUS_DMASYNC_PREWRITE); 1114 1115 sc->txcur = (sc->txcur + 1) % IPW_NTBD; 1116 sc->txfree--; 1117 CSR_WRITE_4(sc, IPW_CSR_TX_WRITE_INDEX, sc->txcur); 1118 1119 DPRINTFN(2, ("sending command type=%u,len=%u\n", type, len)); 1120 1121 /* wait at most one second for command to complete */ 1122 error = tsleep(&sc->cmd, 0, "ipwcmd", hz); 1123 splx(s); 1124 1125 return error; 1126 } 1127 1128 /* ARGSUSED */ 1129 int 1130 ipw_send_mgmt(struct ieee80211com *ic, struct ieee80211_node *ni, int type, 1131 int arg1, int arg2) 1132 { 1133 return EOPNOTSUPP; 1134 } 1135 1136 int 1137 ipw_tx_start(struct ifnet *ifp, struct mbuf *m, struct ieee80211_node *ni) 1138 { 1139 struct ipw_softc *sc = ifp->if_softc; 1140 struct ieee80211com *ic = &sc->sc_ic; 1141 struct ieee80211_frame *wh; 1142 struct ieee80211_key *k; 1143 struct ipw_soft_bd *sbd; 1144 struct ipw_soft_hdr *shdr; 1145 struct ipw_soft_buf *sbuf; 1146 int error, i; 1147 1148 wh = mtod(m, struct ieee80211_frame *); 1149 1150 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1151 k = ieee80211_get_txkey(ic, wh, ni); 1152 1153 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) 1154 return ENOBUFS; 1155 1156 /* packet header may have moved, reset our local pointer */ 1157 wh = mtod(m, struct ieee80211_frame *); 1158 } 1159 1160 #if NBPFILTER > 0 1161 if (sc->sc_drvbpf != NULL) { 1162 struct mbuf mb; 1163 struct ipw_tx_radiotap_header *tap = &sc->sc_txtap; 1164 1165 tap->wt_flags = 0; 1166 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1167 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1168 1169 mb.m_data = (caddr_t)tap; 1170 mb.m_len = sc->sc_txtap_len; 1171 mb.m_next = m; 1172 mb.m_nextpkt = NULL; 1173 mb.m_type = 0; 1174 mb.m_flags = 0; 1175 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1176 } 1177 #endif 1178 1179 shdr = SLIST_FIRST(&sc->free_shdr); 1180 sbuf = SLIST_FIRST(&sc->free_sbuf); 1181 1182 shdr->hdr.type = htole32(IPW_HDR_TYPE_SEND); 1183 shdr->hdr.subtype = htole32(0); 1184 shdr->hdr.encrypted = (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) ? 1 : 0; 1185 shdr->hdr.encrypt = 0; 1186 shdr->hdr.keyidx = 0; 1187 shdr->hdr.keysz = 0; 1188 shdr->hdr.fragmentsz = htole16(0); 1189 IEEE80211_ADDR_COPY(shdr->hdr.src_addr, wh->i_addr2); 1190 if (ic->ic_opmode == IEEE80211_M_STA) 1191 IEEE80211_ADDR_COPY(shdr->hdr.dst_addr, wh->i_addr3); 1192 else 1193 IEEE80211_ADDR_COPY(shdr->hdr.dst_addr, wh->i_addr1); 1194 1195 /* trim IEEE802.11 header */ 1196 m_adj(m, sizeof (struct ieee80211_frame)); 1197 1198 error = bus_dmamap_load_mbuf(sc->sc_dmat, sbuf->map, m, BUS_DMA_NOWAIT); 1199 if (error != 0 && error != EFBIG) { 1200 printf("%s: can't map mbuf (error %d)\n", 1201 sc->sc_dev.dv_xname, error); 1202 m_freem(m); 1203 return error; 1204 } 1205 if (error != 0) { 1206 /* too many fragments, linearize */ 1207 if (m_defrag(m, M_DONTWAIT)) { 1208 m_freem(m); 1209 return ENOBUFS; 1210 } 1211 error = bus_dmamap_load_mbuf(sc->sc_dmat, sbuf->map, m, 1212 BUS_DMA_NOWAIT); 1213 if (error != 0) { 1214 printf("%s: can't map mbuf (error %d)\n", 1215 sc->sc_dev.dv_xname, error); 1216 m_freem(m); 1217 return error; 1218 } 1219 } 1220 1221 error = bus_dmamap_load(sc->sc_dmat, shdr->map, &shdr->hdr, 1222 sizeof (struct ipw_hdr), NULL, BUS_DMA_NOWAIT); 1223 if (error != 0) { 1224 printf("%s: can't map header DMA memory (error %d)\n", 1225 sc->sc_dev.dv_xname, error); 1226 bus_dmamap_unload(sc->sc_dmat, sbuf->map); 1227 m_freem(m); 1228 return error; 1229 } 1230 1231 SLIST_REMOVE_HEAD(&sc->free_sbuf, next); 1232 SLIST_REMOVE_HEAD(&sc->free_shdr, next); 1233 1234 sbd = &sc->stbd_list[sc->txcur]; 1235 sbd->type = IPW_SBD_TYPE_HEADER; 1236 sbd->priv = shdr; 1237 sbd->bd->physaddr = htole32(shdr->map->dm_segs[0].ds_addr); 1238 sbd->bd->len = htole32(sizeof (struct ipw_hdr)); 1239 sbd->bd->nfrag = 1 + sbuf->map->dm_nsegs; 1240 sbd->bd->flags = IPW_BD_FLAG_TX_FRAME_802_3 | 1241 IPW_BD_FLAG_TX_NOT_LAST_FRAGMENT; 1242 1243 bus_dmamap_sync(sc->sc_dmat, sc->tbd_map, 1244 sc->txcur * sizeof (struct ipw_bd), 1245 sizeof (struct ipw_bd), BUS_DMASYNC_PREWRITE); 1246 1247 sc->txcur = (sc->txcur + 1) % IPW_NTBD; 1248 sc->txfree--; 1249 1250 sbuf->m = m; 1251 sbuf->ni = ni; 1252 1253 for (i = 0; i < sbuf->map->dm_nsegs; i++) { 1254 sbd = &sc->stbd_list[sc->txcur]; 1255 sbd->bd->physaddr = htole32(sbuf->map->dm_segs[i].ds_addr); 1256 sbd->bd->len = htole32(sbuf->map->dm_segs[i].ds_len); 1257 sbd->bd->nfrag = 0; /* used only in first bd */ 1258 sbd->bd->flags = IPW_BD_FLAG_TX_FRAME_802_3; 1259 if (i == sbuf->map->dm_nsegs - 1) { 1260 sbd->type = IPW_SBD_TYPE_DATA; 1261 sbd->priv = sbuf; 1262 sbd->bd->flags |= IPW_BD_FLAG_TX_LAST_FRAGMENT; 1263 } else { 1264 sbd->type = IPW_SBD_TYPE_NOASSOC; 1265 sbd->bd->flags |= IPW_BD_FLAG_TX_NOT_LAST_FRAGMENT; 1266 } 1267 1268 bus_dmamap_sync(sc->sc_dmat, sc->tbd_map, 1269 sc->txcur * sizeof (struct ipw_bd), 1270 sizeof (struct ipw_bd), BUS_DMASYNC_PREWRITE); 1271 1272 sc->txcur = (sc->txcur + 1) % IPW_NTBD; 1273 sc->txfree--; 1274 } 1275 1276 bus_dmamap_sync(sc->sc_dmat, sbuf->map, 0, sbuf->map->dm_mapsize, 1277 BUS_DMASYNC_PREWRITE); 1278 bus_dmamap_sync(sc->sc_dmat, shdr->map, 0, sizeof (struct ipw_hdr), 1279 BUS_DMASYNC_PREWRITE); 1280 1281 /* inform firmware about this new packet */ 1282 CSR_WRITE_4(sc, IPW_CSR_TX_WRITE_INDEX, sc->txcur); 1283 1284 return 0; 1285 } 1286 1287 void 1288 ipw_start(struct ifnet *ifp) 1289 { 1290 struct ipw_softc *sc = ifp->if_softc; 1291 struct ieee80211com *ic = &sc->sc_ic; 1292 struct ieee80211_node *ni; 1293 struct mbuf *m; 1294 1295 if (ic->ic_state != IEEE80211_S_RUN) 1296 return; 1297 1298 for (;;) { 1299 if (sc->txfree < 1 + IPW_MAX_NSEG) { 1300 ifq_set_oactive(&ifp->if_snd); 1301 break; 1302 } 1303 1304 IFQ_DEQUEUE(&ifp->if_snd, m); 1305 if (m == NULL) 1306 break; 1307 1308 #if NBPFILTER > 0 1309 if (ifp->if_bpf != NULL) 1310 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 1311 #endif 1312 1313 m = ieee80211_encap(ifp, m, &ni); 1314 if (m == NULL) 1315 continue; 1316 #if NBPFILTER > 0 1317 if (ic->ic_rawbpf != NULL) 1318 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 1319 #endif 1320 if (ipw_tx_start(ifp, m, ni) != 0) { 1321 if (ni != NULL) 1322 ieee80211_release_node(ic, ni); 1323 ifp->if_oerrors++; 1324 break; 1325 } 1326 1327 /* start watchdog timer */ 1328 sc->sc_tx_timer = 5; 1329 ifp->if_timer = 1; 1330 } 1331 } 1332 1333 void 1334 ipw_watchdog(struct ifnet *ifp) 1335 { 1336 struct ipw_softc *sc = ifp->if_softc; 1337 1338 ifp->if_timer = 0; 1339 1340 if (sc->sc_tx_timer > 0) { 1341 if (--sc->sc_tx_timer == 0) { 1342 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1343 ifp->if_flags &= ~IFF_UP; 1344 ipw_stop(ifp, 1); 1345 ifp->if_oerrors++; 1346 return; 1347 } 1348 ifp->if_timer = 1; 1349 } 1350 1351 ieee80211_watchdog(ifp); 1352 } 1353 1354 int 1355 ipw_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1356 { 1357 struct ipw_softc *sc = ifp->if_softc; 1358 struct ieee80211com *ic = &sc->sc_ic; 1359 struct ifreq *ifr; 1360 int s, error = 0; 1361 1362 s = splnet(); 1363 /* 1364 * Prevent processes from entering this function while another 1365 * process is tsleep'ing in it. 1366 */ 1367 while ((sc->sc_flags & IPW_FLAG_BUSY) && error == 0) 1368 error = tsleep(&sc->sc_flags, PCATCH, "ipwioc", 0); 1369 if (error != 0) { 1370 splx(s); 1371 return error; 1372 } 1373 sc->sc_flags |= IPW_FLAG_BUSY; 1374 1375 switch (cmd) { 1376 case SIOCSIFADDR: 1377 ifp->if_flags |= IFF_UP; 1378 /* FALLTHROUGH */ 1379 case SIOCSIFFLAGS: 1380 if (ifp->if_flags & IFF_UP) { 1381 if (!(ifp->if_flags & IFF_RUNNING)) 1382 ipw_init(ifp); 1383 } else { 1384 if (ifp->if_flags & IFF_RUNNING) 1385 ipw_stop(ifp, 1); 1386 } 1387 break; 1388 1389 case SIOCADDMULTI: 1390 case SIOCDELMULTI: 1391 ifr = (struct ifreq *)data; 1392 error = (cmd == SIOCADDMULTI) ? 1393 ether_addmulti(ifr, &ic->ic_ac) : 1394 ether_delmulti(ifr, &ic->ic_ac); 1395 1396 if (error == ENETRESET) 1397 error = 0; 1398 break; 1399 1400 case SIOCG80211TXPOWER: 1401 /* 1402 * If the hardware radio transmitter switch is off, report a 1403 * tx power of IEEE80211_TXPOWER_MIN to indicate that radio 1404 * transmitter is killed. 1405 */ 1406 ((struct ieee80211_txpower *)data)->i_val = 1407 (CSR_READ_4(sc, IPW_CSR_IO) & IPW_IO_RADIO_DISABLED) ? 1408 IEEE80211_TXPOWER_MIN : sc->sc_ic.ic_txpower; 1409 break; 1410 1411 default: 1412 error = ieee80211_ioctl(ifp, cmd, data); 1413 } 1414 1415 if (error == ENETRESET) { 1416 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1417 (IFF_UP | IFF_RUNNING)) 1418 ipw_init(ifp); 1419 error = 0; 1420 } 1421 1422 sc->sc_flags &= ~IPW_FLAG_BUSY; 1423 wakeup(&sc->sc_flags); 1424 splx(s); 1425 return error; 1426 } 1427 1428 uint32_t 1429 ipw_read_table1(struct ipw_softc *sc, uint32_t off) 1430 { 1431 return MEM_READ_4(sc, MEM_READ_4(sc, sc->table1_base + off)); 1432 } 1433 1434 void 1435 ipw_write_table1(struct ipw_softc *sc, uint32_t off, uint32_t info) 1436 { 1437 MEM_WRITE_4(sc, MEM_READ_4(sc, sc->table1_base + off), info); 1438 } 1439 1440 int 1441 ipw_read_table2(struct ipw_softc *sc, uint32_t off, void *buf, uint32_t *len) 1442 { 1443 uint32_t addr, info; 1444 uint16_t count, size; 1445 uint32_t total; 1446 1447 /* addr[4] + count[2] + size[2] */ 1448 addr = MEM_READ_4(sc, sc->table2_base + off); 1449 info = MEM_READ_4(sc, sc->table2_base + off + 4); 1450 1451 count = info >> 16; 1452 size = info & 0xffff; 1453 total = count * size; 1454 1455 if (total > *len) { 1456 *len = total; 1457 return EINVAL; 1458 } 1459 *len = total; 1460 ipw_read_mem_1(sc, addr, buf, total); 1461 1462 return 0; 1463 } 1464 1465 void 1466 ipw_stop_master(struct ipw_softc *sc) 1467 { 1468 uint32_t tmp; 1469 int ntries; 1470 1471 /* disable interrupts */ 1472 CSR_WRITE_4(sc, IPW_CSR_INTR_MASK, 0); 1473 1474 CSR_WRITE_4(sc, IPW_CSR_RST, IPW_RST_STOP_MASTER); 1475 for (ntries = 0; ntries < 50; ntries++) { 1476 if (CSR_READ_4(sc, IPW_CSR_RST) & IPW_RST_MASTER_DISABLED) 1477 break; 1478 DELAY(10); 1479 } 1480 if (ntries == 50) 1481 printf("%s: timeout waiting for master\n", 1482 sc->sc_dev.dv_xname); 1483 1484 tmp = CSR_READ_4(sc, IPW_CSR_RST); 1485 CSR_WRITE_4(sc, IPW_CSR_RST, tmp | IPW_RST_PRINCETON_RESET); 1486 1487 sc->sc_flags &= ~IPW_FLAG_FW_INITED; 1488 } 1489 1490 int 1491 ipw_reset(struct ipw_softc *sc) 1492 { 1493 uint32_t tmp; 1494 int ntries; 1495 1496 ipw_stop_master(sc); 1497 1498 /* move adapter to D0 state */ 1499 tmp = CSR_READ_4(sc, IPW_CSR_CTL); 1500 CSR_WRITE_4(sc, IPW_CSR_CTL, tmp | IPW_CTL_INIT); 1501 1502 /* wait for clock stabilization */ 1503 for (ntries = 0; ntries < 1000; ntries++) { 1504 if (CSR_READ_4(sc, IPW_CSR_CTL) & IPW_CTL_CLOCK_READY) 1505 break; 1506 DELAY(200); 1507 } 1508 if (ntries == 1000) 1509 return EIO; 1510 1511 tmp = CSR_READ_4(sc, IPW_CSR_RST); 1512 CSR_WRITE_4(sc, IPW_CSR_RST, tmp | IPW_RST_SW_RESET); 1513 1514 DELAY(10); 1515 1516 tmp = CSR_READ_4(sc, IPW_CSR_CTL); 1517 CSR_WRITE_4(sc, IPW_CSR_CTL, tmp | IPW_CTL_INIT); 1518 1519 return 0; 1520 } 1521 1522 int 1523 ipw_load_ucode(struct ipw_softc *sc, u_char *uc, int size) 1524 { 1525 int ntries; 1526 1527 /* voodoo from the Intel Linux driver */ 1528 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 1529 CSR_WRITE_4(sc, IPW_CSR_RST, 0); 1530 1531 MEM_WRITE_2(sc, 0x220000, 0x0703); 1532 MEM_WRITE_2(sc, 0x220000, 0x0707); 1533 1534 MEM_WRITE_1(sc, 0x210014, 0x72); 1535 MEM_WRITE_1(sc, 0x210014, 0x72); 1536 1537 MEM_WRITE_1(sc, 0x210000, 0x40); 1538 MEM_WRITE_1(sc, 0x210000, 0x00); 1539 MEM_WRITE_1(sc, 0x210000, 0x40); 1540 1541 MEM_WRITE_MULTI_1(sc, 0x210010, uc, size); 1542 1543 MEM_WRITE_1(sc, 0x210000, 0x00); 1544 MEM_WRITE_1(sc, 0x210000, 0x00); 1545 MEM_WRITE_1(sc, 0x210000, 0x80); 1546 1547 MEM_WRITE_2(sc, 0x220000, 0x0703); 1548 MEM_WRITE_2(sc, 0x220000, 0x0707); 1549 1550 MEM_WRITE_1(sc, 0x210014, 0x72); 1551 MEM_WRITE_1(sc, 0x210014, 0x72); 1552 1553 MEM_WRITE_1(sc, 0x210000, 0x00); 1554 MEM_WRITE_1(sc, 0x210000, 0x80); 1555 1556 for (ntries = 0; ntries < 100; ntries++) { 1557 if (MEM_READ_1(sc, 0x210000) & 1) 1558 break; 1559 DELAY(1000); 1560 } 1561 if (ntries == 100) { 1562 printf("%s: timeout waiting for ucode to initialize\n", 1563 sc->sc_dev.dv_xname); 1564 return EIO; 1565 } 1566 1567 MEM_WRITE_4(sc, 0x3000e0, 0); 1568 1569 return 0; 1570 } 1571 1572 /* set of macros to handle unaligned little endian data in firmware image */ 1573 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 1574 #define GETLE16(p) ((p)[0] | (p)[1] << 8) 1575 int 1576 ipw_load_firmware(struct ipw_softc *sc, u_char *fw, int size) 1577 { 1578 u_char *p, *end; 1579 uint32_t tmp, dst; 1580 uint16_t len; 1581 int error; 1582 1583 p = fw; 1584 end = fw + size; 1585 while (p < end) { 1586 if (p + 6 > end) 1587 return EINVAL; 1588 1589 dst = GETLE32(p); p += 4; 1590 len = GETLE16(p); p += 2; 1591 1592 if (p + len > end) 1593 return EINVAL; 1594 1595 ipw_write_mem_1(sc, dst, p, len); 1596 p += len; 1597 } 1598 1599 CSR_WRITE_4(sc, IPW_CSR_IO, IPW_IO_GPIO1_ENABLE | IPW_IO_GPIO3_MASK | 1600 IPW_IO_LED_OFF); 1601 1602 /* allow interrupts so we know when the firmware is inited */ 1603 CSR_WRITE_4(sc, IPW_CSR_INTR_MASK, IPW_INTR_MASK); 1604 1605 /* tell the adapter to initialize the firmware */ 1606 CSR_WRITE_4(sc, IPW_CSR_RST, 0); 1607 tmp = CSR_READ_4(sc, IPW_CSR_CTL); 1608 CSR_WRITE_4(sc, IPW_CSR_CTL, tmp | IPW_CTL_ALLOW_STANDBY); 1609 1610 /* wait at most one second for firmware initialization to complete */ 1611 if ((error = tsleep(sc, 0, "ipwinit", hz)) != 0) { 1612 printf("%s: timeout waiting for firmware initialization to " 1613 "complete\n", sc->sc_dev.dv_xname); 1614 return error; 1615 } 1616 1617 tmp = CSR_READ_4(sc, IPW_CSR_IO); 1618 CSR_WRITE_4(sc, IPW_CSR_IO, tmp | IPW_IO_GPIO1_MASK | 1619 IPW_IO_GPIO3_MASK); 1620 1621 return 0; 1622 } 1623 1624 int 1625 ipw_read_firmware(struct ipw_softc *sc, struct ipw_firmware *fw) 1626 { 1627 const struct ipw_firmware_hdr *hdr; 1628 const char *name; 1629 int error; 1630 1631 switch (sc->sc_ic.ic_opmode) { 1632 case IEEE80211_M_STA: 1633 name = "ipw-bss"; 1634 break; 1635 #ifndef IEEE80211_STA_ONLY 1636 case IEEE80211_M_IBSS: 1637 name = "ipw-ibss"; 1638 break; 1639 #endif 1640 case IEEE80211_M_MONITOR: 1641 name = "ipw-monitor"; 1642 break; 1643 default: 1644 /* should not get there */ 1645 return ENODEV; 1646 } 1647 if ((error = loadfirmware(name, &fw->data, &fw->size)) != 0) 1648 return error; 1649 1650 if (fw->size < sizeof (*hdr)) { 1651 error = EINVAL; 1652 goto fail; 1653 } 1654 hdr = (const struct ipw_firmware_hdr *)fw->data; 1655 fw->main_size = letoh32(hdr->main_size); 1656 fw->ucode_size = letoh32(hdr->ucode_size); 1657 1658 if (fw->size < sizeof (*hdr) + fw->main_size + fw->ucode_size) { 1659 error = EINVAL; 1660 goto fail; 1661 } 1662 fw->main = fw->data + sizeof (*hdr); 1663 fw->ucode = fw->main + fw->main_size; 1664 1665 return 0; 1666 1667 fail: free(fw->data, M_DEVBUF, fw->size); 1668 return error; 1669 } 1670 1671 void 1672 ipw_scan(void *arg1) 1673 { 1674 struct ipw_softc *sc = arg1; 1675 struct ifnet *ifp = &sc->sc_ic.ic_if; 1676 struct ipw_scan_options scan; 1677 uint8_t ssid[IEEE80211_NWID_LEN]; 1678 int error; 1679 1680 /* 1681 * Firmware has a bug and does not honour the ``do not associate 1682 * after scan'' bit in the scan command. To prevent the firmware 1683 * from associating after the scan, we set the ESSID to something 1684 * unlikely to be used by a real AP. 1685 * XXX would setting the desired BSSID to a multicast address work? 1686 */ 1687 memset(ssid, '\r', sizeof ssid); 1688 error = ipw_cmd(sc, IPW_CMD_SET_ESSID, ssid, sizeof ssid); 1689 if (error != 0) 1690 goto fail; 1691 1692 /* no mandatory BSSID */ 1693 DPRINTF(("Setting mandatory BSSID to null\n")); 1694 error = ipw_cmd(sc, IPW_CMD_SET_MANDATORY_BSSID, NULL, 0); 1695 if (error != 0) 1696 goto fail; 1697 1698 scan.flags = htole32(IPW_SCAN_DO_NOT_ASSOCIATE | IPW_SCAN_MIXED_CELL); 1699 scan.channels = htole32(0x3fff); /* scan channels 1-14 */ 1700 DPRINTF(("Setting scan options to 0x%x\n", letoh32(scan.flags))); 1701 error = ipw_cmd(sc, IPW_CMD_SET_SCAN_OPTIONS, &scan, sizeof scan); 1702 if (error != 0) 1703 goto fail; 1704 1705 /* start scanning */ 1706 DPRINTF(("Enabling adapter\n")); 1707 error = ipw_cmd(sc, IPW_CMD_ENABLE, NULL, 0); 1708 if (error != 0) 1709 goto fail; 1710 1711 return; 1712 fail: 1713 printf("%s: scan request failed (error=%d)\n", sc->sc_dev.dv_xname, 1714 error); 1715 ieee80211_end_scan(ifp); 1716 } 1717 1718 void 1719 ipw_auth_and_assoc(void *arg1) 1720 { 1721 struct ipw_softc *sc = arg1; 1722 struct ieee80211com *ic = &sc->sc_ic; 1723 struct ieee80211_node *ni = ic->ic_bss; 1724 struct ipw_scan_options scan; 1725 struct ipw_security security; 1726 struct ipw_assoc_req assoc; 1727 uint32_t data; 1728 uint8_t chan; 1729 int s, error; 1730 1731 DPRINTF(("Disabling adapter\n")); 1732 error = ipw_cmd(sc, IPW_CMD_DISABLE, NULL, 0); 1733 if (error != 0) 1734 goto fail; 1735 #if 1 1736 /* wait at most one second for card to be disabled */ 1737 s = splnet(); 1738 error = tsleep(sc, 0, "ipwdis", hz); 1739 splx(s); 1740 if (error != 0) { 1741 printf("%s: timeout waiting for disabled state\n", 1742 sc->sc_dev.dv_xname); 1743 goto fail; 1744 } 1745 #else 1746 /* Intel's Linux driver polls for the DISABLED state instead.. */ 1747 for (ntries = 0; ntries < 1000; ntries++) { 1748 if (ipw_read_table1(sc, IPW_INFO_CARD_DISABLED) == 1) 1749 break; 1750 DELAY(10); 1751 } 1752 if (ntries == 1000) { 1753 printf("%s: timeout waiting for disabled state\n", 1754 sc->sc_dev.dv_xname); 1755 goto fail; 1756 } 1757 #endif 1758 1759 bzero(&security, sizeof security); 1760 security.authmode = IPW_AUTH_OPEN; 1761 security.ciphers = htole32(IPW_CIPHER_NONE); 1762 DPRINTF(("Setting authmode to %u\n", security.authmode)); 1763 error = ipw_cmd(sc, IPW_CMD_SET_SECURITY_INFORMATION, &security, 1764 sizeof security); 1765 if (error != 0) 1766 goto fail; 1767 1768 #ifdef IPW_DEBUG 1769 if (ipw_debug > 0) { 1770 printf("Setting ESSID to "); 1771 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 1772 printf("\n"); 1773 } 1774 #endif 1775 error = ipw_cmd(sc, IPW_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen); 1776 if (error != 0) 1777 goto fail; 1778 1779 DPRINTF(("Setting BSSID to %s\n", ether_sprintf(ni->ni_bssid))); 1780 error = ipw_cmd(sc, IPW_CMD_SET_MANDATORY_BSSID, ni->ni_bssid, 1781 IEEE80211_ADDR_LEN); 1782 if (error != 0) 1783 goto fail; 1784 1785 data = htole32((ic->ic_flags & (IEEE80211_F_WEPON | 1786 IEEE80211_F_RSNON)) ? IPW_PRIVACYON : 0); 1787 DPRINTF(("Setting privacy flags to 0x%x\n", letoh32(data))); 1788 error = ipw_cmd(sc, IPW_CMD_SET_PRIVACY_FLAGS, &data, sizeof data); 1789 if (error != 0) 1790 goto fail; 1791 1792 /* let firmware set the capinfo, lintval, and bssid fixed fields */ 1793 bzero(&assoc, sizeof assoc); 1794 if (ic->ic_flags & IEEE80211_F_RSNON) { 1795 uint8_t *frm = assoc.optie; 1796 1797 /* tell firmware to add a WPA or RSN IE in (Re)Assoc req */ 1798 if (ni->ni_rsnprotos & IEEE80211_PROTO_RSN) 1799 frm = ieee80211_add_rsn(frm, ic, ni); 1800 else if (ni->ni_rsnprotos & IEEE80211_PROTO_WPA) 1801 frm = ieee80211_add_wpa(frm, ic, ni); 1802 assoc.optie_len = htole32(frm - assoc.optie); 1803 } 1804 DPRINTF(("Preparing assocation request (optional IE length=%d)\n", 1805 letoh32(assoc.optie_len))); 1806 error = ipw_cmd(sc, IPW_CMD_SET_ASSOC_REQ, &assoc, sizeof assoc); 1807 if (error != 0) 1808 goto fail; 1809 1810 scan.flags = htole32(IPW_SCAN_MIXED_CELL); 1811 chan = ieee80211_chan2ieee(ic, ni->ni_chan); 1812 scan.channels = htole32(1 << (chan - 1)); 1813 DPRINTF(("Setting scan options to 0x%x\n", letoh32(scan.flags))); 1814 error = ipw_cmd(sc, IPW_CMD_SET_SCAN_OPTIONS, &scan, sizeof scan); 1815 if (error != 0) 1816 goto fail; 1817 1818 /* trigger scan+association */ 1819 DPRINTF(("Enabling adapter\n")); 1820 error = ipw_cmd(sc, IPW_CMD_ENABLE, NULL, 0); 1821 if (error != 0) 1822 goto fail; 1823 1824 return; 1825 fail: 1826 printf("%s: association failed (error=%d)\n", sc->sc_dev.dv_xname, 1827 error); 1828 ieee80211_begin_scan(&ic->ic_if); 1829 } 1830 1831 int 1832 ipw_config(struct ipw_softc *sc) 1833 { 1834 struct ieee80211com *ic = &sc->sc_ic; 1835 struct ifnet *ifp = &ic->ic_if; 1836 struct ipw_configuration config; 1837 uint32_t data; 1838 int error; 1839 1840 switch (ic->ic_opmode) { 1841 case IEEE80211_M_STA: 1842 data = htole32(IPW_MODE_BSS); 1843 break; 1844 #ifndef IEEE80211_STA_ONLY 1845 case IEEE80211_M_IBSS: 1846 data = htole32(IPW_MODE_IBSS); 1847 break; 1848 #endif 1849 case IEEE80211_M_MONITOR: 1850 data = htole32(IPW_MODE_MONITOR); 1851 break; 1852 default: 1853 /* should not get there */ 1854 return ENODEV; 1855 } 1856 DPRINTF(("Setting mode to %u\n", letoh32(data))); 1857 error = ipw_cmd(sc, IPW_CMD_SET_MODE, &data, sizeof data); 1858 if (error != 0) 1859 return error; 1860 1861 if ( 1862 #ifndef IEEE80211_STA_ONLY 1863 ic->ic_opmode == IEEE80211_M_IBSS || 1864 #endif 1865 ic->ic_opmode == IEEE80211_M_MONITOR) { 1866 data = htole32(ieee80211_chan2ieee(ic, ic->ic_ibss_chan)); 1867 DPRINTF(("Setting channel to %u\n", letoh32(data))); 1868 error = ipw_cmd(sc, IPW_CMD_SET_CHANNEL, &data, sizeof data); 1869 if (error != 0) 1870 return error; 1871 } 1872 1873 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 1874 DPRINTF(("Enabling adapter\n")); 1875 return ipw_cmd(sc, IPW_CMD_ENABLE, NULL, 0); 1876 } 1877 1878 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1879 DPRINTF(("Setting MAC address to %s\n", ether_sprintf(ic->ic_myaddr))); 1880 error = ipw_cmd(sc, IPW_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 1881 IEEE80211_ADDR_LEN); 1882 if (error != 0) 1883 return error; 1884 1885 config.flags = htole32(IPW_CFG_BSS_MASK | IPW_CFG_IBSS_MASK | 1886 IPW_CFG_PREAMBLE_AUTO | IPW_CFG_802_1X_ENABLE); 1887 #ifndef IEEE80211_STA_ONLY 1888 if (ic->ic_opmode == IEEE80211_M_IBSS) 1889 config.flags |= htole32(IPW_CFG_IBSS_AUTO_START); 1890 #endif 1891 if (ifp->if_flags & IFF_PROMISC) 1892 config.flags |= htole32(IPW_CFG_PROMISCUOUS); 1893 config.bss_chan = htole32(0x3fff); /* channels 1-14 */ 1894 config.ibss_chan = htole32(0x7ff); /* channels 1-11 */ 1895 DPRINTF(("Setting configuration 0x%x\n", config.flags)); 1896 error = ipw_cmd(sc, IPW_CMD_SET_CONFIGURATION, &config, sizeof config); 1897 if (error != 0) 1898 return error; 1899 1900 data = htole32(ic->ic_rtsthreshold); 1901 DPRINTF(("Setting RTS threshold to %u\n", letoh32(data))); 1902 error = ipw_cmd(sc, IPW_CMD_SET_RTS_THRESHOLD, &data, sizeof data); 1903 if (error != 0) 1904 return error; 1905 1906 data = htole32(ic->ic_fragthreshold); 1907 DPRINTF(("Setting frag threshold to %u\n", letoh32(data))); 1908 error = ipw_cmd(sc, IPW_CMD_SET_FRAG_THRESHOLD, &data, sizeof data); 1909 if (error != 0) 1910 return error; 1911 1912 data = htole32(0x3); /* 1, 2 */ 1913 DPRINTF(("Setting basic tx rates to 0x%x\n", letoh32(data))); 1914 error = ipw_cmd(sc, IPW_CMD_SET_BASIC_TX_RATES, &data, sizeof data); 1915 if (error != 0) 1916 return error; 1917 1918 data = htole32(0xf); /* 1, 2, 5.5, 11 */ 1919 DPRINTF(("Setting tx rates to 0x%x\n", letoh32(data))); 1920 error = ipw_cmd(sc, IPW_CMD_SET_TX_RATES, &data, sizeof data); 1921 if (error != 0) 1922 return error; 1923 1924 data = htole32(0xf); /* 1, 2, 5.5, 11 */ 1925 DPRINTF(("Setting MSDU tx rates to 0x%x\n", letoh32(data))); 1926 error = ipw_cmd(sc, IPW_CMD_SET_MSDU_TX_RATES, &data, sizeof data); 1927 if (error != 0) 1928 return error; 1929 1930 data = htole32(IPW_POWER_MODE_CAM); 1931 DPRINTF(("Setting power mode to %u\n", letoh32(data))); 1932 error = ipw_cmd(sc, IPW_CMD_SET_POWER_MODE, &data, sizeof data); 1933 if (error != 0) 1934 return error; 1935 1936 #ifndef IEEE80211_STA_ONLY 1937 if (ic->ic_opmode == IEEE80211_M_IBSS) { 1938 data = htole32(32); /* default value */ 1939 DPRINTF(("Setting tx power index to %u\n", letoh32(data))); 1940 error = ipw_cmd(sc, IPW_CMD_SET_TX_POWER_INDEX, &data, 1941 sizeof data); 1942 if (error != 0) 1943 return error; 1944 1945 data = htole32(ic->ic_lintval); 1946 DPRINTF(("Setting beacon interval to %u\n", letoh32(data))); 1947 error = ipw_cmd(sc, IPW_CMD_SET_BEACON_INTERVAL, &data, 1948 sizeof data); 1949 if (error != 0) 1950 return error; 1951 } 1952 #endif 1953 return 0; 1954 } 1955 1956 int 1957 ipw_init(struct ifnet *ifp) 1958 { 1959 struct ipw_softc *sc = ifp->if_softc; 1960 struct ieee80211com *ic = &sc->sc_ic; 1961 struct ipw_firmware fw; 1962 int error; 1963 1964 ipw_stop(ifp, 0); 1965 1966 if ((error = ipw_reset(sc)) != 0) { 1967 printf("%s: could not reset adapter\n", sc->sc_dev.dv_xname); 1968 goto fail1; 1969 } 1970 1971 if ((error = ipw_read_firmware(sc, &fw)) != 0) { 1972 printf("%s: error %d, could not read firmware\n", 1973 sc->sc_dev.dv_xname, error); 1974 goto fail1; 1975 } 1976 if ((error = ipw_load_ucode(sc, fw.ucode, fw.ucode_size)) != 0) { 1977 printf("%s: could not load microcode\n", sc->sc_dev.dv_xname); 1978 goto fail2; 1979 } 1980 1981 ipw_stop_master(sc); 1982 1983 /* 1984 * Setup tx, rx and status rings. 1985 */ 1986 CSR_WRITE_4(sc, IPW_CSR_TX_BD_BASE, sc->tbd_map->dm_segs[0].ds_addr); 1987 CSR_WRITE_4(sc, IPW_CSR_TX_BD_SIZE, IPW_NTBD); 1988 CSR_WRITE_4(sc, IPW_CSR_TX_READ_INDEX, 0); 1989 CSR_WRITE_4(sc, IPW_CSR_TX_WRITE_INDEX, 0); 1990 sc->txold = IPW_NTBD - 1; /* latest bd index ack by firmware */ 1991 sc->txcur = 0; /* bd index to write to */ 1992 sc->txfree = IPW_NTBD - 2; 1993 1994 CSR_WRITE_4(sc, IPW_CSR_RX_BD_BASE, sc->rbd_map->dm_segs[0].ds_addr); 1995 CSR_WRITE_4(sc, IPW_CSR_RX_BD_SIZE, IPW_NRBD); 1996 CSR_WRITE_4(sc, IPW_CSR_RX_READ_INDEX, 0); 1997 CSR_WRITE_4(sc, IPW_CSR_RX_WRITE_INDEX, IPW_NRBD - 1); 1998 sc->rxcur = IPW_NRBD - 1; /* latest bd index I've read */ 1999 2000 CSR_WRITE_4(sc, IPW_CSR_RX_STATUS_BASE, 2001 sc->status_map->dm_segs[0].ds_addr); 2002 2003 if ((error = ipw_load_firmware(sc, fw.main, fw.main_size)) != 0) { 2004 printf("%s: could not load firmware\n", sc->sc_dev.dv_xname); 2005 goto fail2; 2006 } 2007 sc->sc_flags |= IPW_FLAG_FW_INITED; 2008 free(fw.data, M_DEVBUF, fw.size); 2009 fw.data = NULL; 2010 2011 /* retrieve information tables base addresses */ 2012 sc->table1_base = CSR_READ_4(sc, IPW_CSR_TABLE1_BASE); 2013 sc->table2_base = CSR_READ_4(sc, IPW_CSR_TABLE2_BASE); 2014 2015 ipw_write_table1(sc, IPW_INFO_LOCK, 0); 2016 2017 if ((error = ipw_config(sc)) != 0) { 2018 printf("%s: device configuration failed\n", 2019 sc->sc_dev.dv_xname); 2020 goto fail1; 2021 } 2022 2023 ifq_clr_oactive(&ifp->if_snd); 2024 ifp->if_flags |= IFF_RUNNING; 2025 2026 if (ic->ic_opmode != IEEE80211_M_MONITOR) 2027 ieee80211_begin_scan(ifp); 2028 else 2029 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2030 2031 return 0; 2032 2033 fail2: free(fw.data, M_DEVBUF, fw.size); 2034 fw.data = NULL; 2035 fail1: ipw_stop(ifp, 0); 2036 return error; 2037 } 2038 2039 void 2040 ipw_stop(struct ifnet *ifp, int disable) 2041 { 2042 struct ipw_softc *sc = ifp->if_softc; 2043 struct ieee80211com *ic = &sc->sc_ic; 2044 int i; 2045 2046 ipw_stop_master(sc); 2047 CSR_WRITE_4(sc, IPW_CSR_RST, IPW_RST_SW_RESET); 2048 2049 ifp->if_timer = 0; 2050 ifp->if_flags &= ~IFF_RUNNING; 2051 ifq_clr_oactive(&ifp->if_snd); 2052 2053 /* 2054 * Release tx buffers. 2055 */ 2056 for (i = 0; i < IPW_NTBD; i++) 2057 ipw_release_sbd(sc, &sc->stbd_list[i]); 2058 2059 /* in case we were scanning, release the scan "lock" */ 2060 ic->ic_scan_lock = IEEE80211_SCAN_UNLOCKED; 2061 2062 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2063 } 2064 2065 void 2066 ipw_read_mem_1(struct ipw_softc *sc, bus_size_t offset, uint8_t *datap, 2067 bus_size_t count) 2068 { 2069 for (; count > 0; offset++, datap++, count--) { 2070 CSR_WRITE_4(sc, IPW_CSR_INDIRECT_ADDR, offset & ~3); 2071 *datap = CSR_READ_1(sc, IPW_CSR_INDIRECT_DATA + (offset & 3)); 2072 } 2073 } 2074 2075 void 2076 ipw_write_mem_1(struct ipw_softc *sc, bus_size_t offset, uint8_t *datap, 2077 bus_size_t count) 2078 { 2079 for (; count > 0; offset++, datap++, count--) { 2080 CSR_WRITE_4(sc, IPW_CSR_INDIRECT_ADDR, offset & ~3); 2081 CSR_WRITE_1(sc, IPW_CSR_INDIRECT_DATA + (offset & 3), *datap); 2082 } 2083 } 2084 2085 struct cfdriver ipw_cd = { 2086 NULL, "ipw", DV_IFNET 2087 }; 2088