1 /* $OpenBSD: if_iwn.c,v 1.78 2009/11/08 11:54:48 damien Exp $ */ 2 3 /*- 4 * Copyright (c) 2007-2009 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /* 20 * Driver for Intel WiFi Link 4965 and 1000/5000/6000 Series 802.11 network 21 * adapters. 22 */ 23 24 #include "bpfilter.h" 25 26 #include <sys/param.h> 27 #include <sys/sockio.h> 28 #include <sys/sysctl.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/socket.h> 32 #include <sys/systm.h> 33 #include <sys/malloc.h> 34 #include <sys/conf.h> 35 #include <sys/device.h> 36 #include <sys/sensors.h> 37 38 #include <machine/bus.h> 39 #include <machine/endian.h> 40 #include <machine/intr.h> 41 42 #include <dev/pci/pcireg.h> 43 #include <dev/pci/pcivar.h> 44 #include <dev/pci/pcidevs.h> 45 46 #if NBPFILTER > 0 47 #include <net/bpf.h> 48 #endif 49 #include <net/if.h> 50 #include <net/if_arp.h> 51 #include <net/if_dl.h> 52 #include <net/if_media.h> 53 #include <net/if_types.h> 54 55 #include <netinet/in.h> 56 #include <netinet/in_systm.h> 57 #include <netinet/in_var.h> 58 #include <netinet/if_ether.h> 59 #include <netinet/ip.h> 60 61 #include <net80211/ieee80211_var.h> 62 #include <net80211/ieee80211_amrr.h> 63 #include <net80211/ieee80211_radiotap.h> 64 65 #include <dev/pci/if_iwnreg.h> 66 #include <dev/pci/if_iwnvar.h> 67 68 static const struct pci_matchid iwn_devices[] = { 69 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_4965_1 }, 70 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_4965_2 }, 71 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_5100_1 }, 72 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_5100_2 }, 73 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_5150_1 }, 74 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_5150_2 }, 75 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_5300_1 }, 76 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_5300_2 }, 77 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_5350_1 }, 78 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_5350_2 }, 79 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_1000_1 }, 80 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_1000_2 }, 81 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_6000_3X3_1 }, 82 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_6000_3X3_2 }, 83 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_1 }, 84 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_2 }, 85 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_6050_2X2_1 }, 86 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_WIFI_LINK_6050_2X2_2 } 87 }; 88 89 int iwn_match(struct device *, void *, void *); 90 void iwn_attach(struct device *, struct device *, void *); 91 const struct iwn_hal *iwn_hal_attach(struct iwn_softc *, pci_product_id_t); 92 #ifndef SMALL_KERNEL 93 void iwn_sensor_attach(struct iwn_softc *); 94 #endif 95 #if NBPFILTER > 0 96 void iwn_radiotap_attach(struct iwn_softc *); 97 #endif 98 int iwn_detach(struct device *, int); 99 void iwn_power(int, void *); 100 int iwn_nic_lock(struct iwn_softc *); 101 int iwn_eeprom_lock(struct iwn_softc *); 102 int iwn_init_otprom(struct iwn_softc *); 103 int iwn_read_prom_data(struct iwn_softc *, uint32_t, void *, int); 104 int iwn_dma_contig_alloc(bus_dma_tag_t, struct iwn_dma_info *, 105 void **, bus_size_t, bus_size_t); 106 void iwn_dma_contig_free(struct iwn_dma_info *); 107 int iwn_alloc_sched(struct iwn_softc *); 108 void iwn_free_sched(struct iwn_softc *); 109 int iwn_alloc_kw(struct iwn_softc *); 110 void iwn_free_kw(struct iwn_softc *); 111 int iwn_alloc_ict(struct iwn_softc *); 112 void iwn_free_ict(struct iwn_softc *); 113 int iwn_alloc_fwmem(struct iwn_softc *); 114 void iwn_free_fwmem(struct iwn_softc *); 115 int iwn_alloc_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 116 void iwn_reset_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 117 void iwn_free_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 118 int iwn_alloc_tx_ring(struct iwn_softc *, struct iwn_tx_ring *, 119 int); 120 void iwn_reset_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 121 void iwn_free_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 122 void iwn5000_ict_reset(struct iwn_softc *); 123 int iwn_read_eeprom(struct iwn_softc *); 124 void iwn4965_read_eeprom(struct iwn_softc *); 125 void iwn4965_print_power_group(struct iwn_softc *, int); 126 void iwn5000_read_eeprom(struct iwn_softc *); 127 void iwn_read_eeprom_channels(struct iwn_softc *, int, uint32_t); 128 void iwn_read_eeprom_enhinfo(struct iwn_softc *); 129 struct ieee80211_node *iwn_node_alloc(struct ieee80211com *); 130 void iwn_newassoc(struct ieee80211com *, struct ieee80211_node *, 131 int); 132 int iwn_media_change(struct ifnet *); 133 int iwn_newstate(struct ieee80211com *, enum ieee80211_state, int); 134 void iwn_iter_func(void *, struct ieee80211_node *); 135 void iwn_calib_timeout(void *); 136 int iwn_ccmp_decap(struct iwn_softc *, struct mbuf *, 137 struct ieee80211_key *); 138 void iwn_rx_phy(struct iwn_softc *, struct iwn_rx_desc *, 139 struct iwn_rx_data *); 140 void iwn_rx_done(struct iwn_softc *, struct iwn_rx_desc *, 141 struct iwn_rx_data *); 142 #ifndef IEEE80211_NO_HT 143 void iwn_rx_compressed_ba(struct iwn_softc *, struct iwn_rx_desc *, 144 struct iwn_rx_data *); 145 #endif 146 void iwn5000_rx_calib_results(struct iwn_softc *, 147 struct iwn_rx_desc *, struct iwn_rx_data *); 148 void iwn_rx_statistics(struct iwn_softc *, struct iwn_rx_desc *, 149 struct iwn_rx_data *); 150 void iwn4965_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 151 struct iwn_rx_data *); 152 void iwn5000_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 153 struct iwn_rx_data *); 154 void iwn_tx_done(struct iwn_softc *, struct iwn_rx_desc *, int, 155 uint8_t); 156 void iwn_cmd_done(struct iwn_softc *, struct iwn_rx_desc *); 157 void iwn_notif_intr(struct iwn_softc *); 158 void iwn_wakeup_intr(struct iwn_softc *); 159 void iwn_fatal_intr(struct iwn_softc *); 160 int iwn_intr(void *); 161 void iwn4965_update_sched(struct iwn_softc *, int, int, uint8_t, 162 uint16_t); 163 void iwn5000_update_sched(struct iwn_softc *, int, int, uint8_t, 164 uint16_t); 165 void iwn5000_reset_sched(struct iwn_softc *, int, int); 166 int iwn_tx(struct iwn_softc *, struct mbuf *, 167 struct ieee80211_node *); 168 void iwn_start(struct ifnet *); 169 void iwn_watchdog(struct ifnet *); 170 int iwn_ioctl(struct ifnet *, u_long, caddr_t); 171 int iwn_cmd(struct iwn_softc *, int, const void *, int, int); 172 int iwn4965_add_node(struct iwn_softc *, struct iwn_node_info *, 173 int); 174 int iwn5000_add_node(struct iwn_softc *, struct iwn_node_info *, 175 int); 176 int iwn_set_link_quality(struct iwn_softc *, 177 struct ieee80211_node *); 178 int iwn_add_broadcast_node(struct iwn_softc *, int); 179 void iwn_updateedca(struct ieee80211com *); 180 void iwn_set_led(struct iwn_softc *, uint8_t, uint8_t, uint8_t); 181 int iwn_set_critical_temp(struct iwn_softc *); 182 int iwn_set_timing(struct iwn_softc *, struct ieee80211_node *); 183 void iwn4965_power_calibration(struct iwn_softc *, int); 184 int iwn4965_set_txpower(struct iwn_softc *, int); 185 int iwn5000_set_txpower(struct iwn_softc *, int); 186 int iwn4965_get_rssi(const struct iwn_rx_stat *); 187 int iwn5000_get_rssi(const struct iwn_rx_stat *); 188 int iwn_get_noise(const struct iwn_rx_general_stats *); 189 int iwn4965_get_temperature(struct iwn_softc *); 190 int iwn5000_get_temperature(struct iwn_softc *); 191 int iwn_init_sensitivity(struct iwn_softc *); 192 void iwn_collect_noise(struct iwn_softc *, 193 const struct iwn_rx_general_stats *); 194 int iwn4965_init_gains(struct iwn_softc *); 195 int iwn5000_init_gains(struct iwn_softc *); 196 int iwn4965_set_gains(struct iwn_softc *); 197 int iwn5000_set_gains(struct iwn_softc *); 198 void iwn_tune_sensitivity(struct iwn_softc *, 199 const struct iwn_rx_stats *); 200 int iwn_send_sensitivity(struct iwn_softc *); 201 int iwn_set_pslevel(struct iwn_softc *, int, int, int); 202 int iwn_config(struct iwn_softc *); 203 int iwn_scan(struct iwn_softc *, uint16_t); 204 int iwn_auth(struct iwn_softc *); 205 int iwn_run(struct iwn_softc *); 206 int iwn_set_key(struct ieee80211com *, struct ieee80211_node *, 207 struct ieee80211_key *); 208 void iwn_delete_key(struct ieee80211com *, struct ieee80211_node *, 209 struct ieee80211_key *); 210 #ifndef IEEE80211_NO_HT 211 int iwn_ampdu_rx_start(struct ieee80211com *, 212 struct ieee80211_node *, uint8_t); 213 void iwn_ampdu_rx_stop(struct ieee80211com *, 214 struct ieee80211_node *, uint8_t); 215 int iwn_ampdu_tx_start(struct ieee80211com *, 216 struct ieee80211_node *, uint8_t); 217 void iwn_ampdu_tx_stop(struct ieee80211com *, 218 struct ieee80211_node *, uint8_t); 219 void iwn4965_ampdu_tx_start(struct iwn_softc *, 220 struct ieee80211_node *, uint8_t, uint16_t); 221 void iwn4965_ampdu_tx_stop(struct iwn_softc *, 222 uint8_t, uint16_t); 223 void iwn5000_ampdu_tx_start(struct iwn_softc *, 224 struct ieee80211_node *, uint8_t, uint16_t); 225 void iwn5000_ampdu_tx_stop(struct iwn_softc *, 226 uint8_t, uint16_t); 227 #endif 228 int iwn5000_query_calibration(struct iwn_softc *); 229 int iwn5000_send_calibration(struct iwn_softc *); 230 int iwn5000_send_wimax_coex(struct iwn_softc *); 231 int iwn4965_post_alive(struct iwn_softc *); 232 int iwn5000_post_alive(struct iwn_softc *); 233 int iwn4965_load_bootcode(struct iwn_softc *, const uint8_t *, 234 int); 235 int iwn4965_load_firmware(struct iwn_softc *); 236 int iwn5000_load_firmware_section(struct iwn_softc *, uint32_t, 237 const uint8_t *, int); 238 int iwn5000_load_firmware(struct iwn_softc *); 239 int iwn_read_firmware(struct iwn_softc *); 240 int iwn_clock_wait(struct iwn_softc *); 241 int iwn_apm_init(struct iwn_softc *); 242 void iwn_apm_stop_master(struct iwn_softc *); 243 void iwn_apm_stop(struct iwn_softc *); 244 int iwn4965_nic_config(struct iwn_softc *); 245 int iwn5000_nic_config(struct iwn_softc *); 246 int iwn_hw_prepare(struct iwn_softc *); 247 int iwn_hw_init(struct iwn_softc *); 248 void iwn_hw_stop(struct iwn_softc *); 249 int iwn_init(struct ifnet *); 250 void iwn_stop(struct ifnet *, int); 251 252 #ifdef IWN_DEBUG 253 #define DPRINTF(x) do { if (iwn_debug > 0) printf x; } while (0) 254 #define DPRINTFN(n, x) do { if (iwn_debug >= (n)) printf x; } while (0) 255 int iwn_debug = 0; 256 #else 257 #define DPRINTF(x) 258 #define DPRINTFN(n, x) 259 #endif 260 261 static const struct iwn_hal iwn4965_hal = { 262 iwn4965_load_firmware, 263 iwn4965_read_eeprom, 264 iwn4965_post_alive, 265 iwn4965_nic_config, 266 iwn4965_update_sched, 267 iwn4965_get_temperature, 268 iwn4965_get_rssi, 269 iwn4965_set_txpower, 270 iwn4965_init_gains, 271 iwn4965_set_gains, 272 iwn4965_add_node, 273 iwn4965_tx_done, 274 #ifndef IEEE80211_NO_HT 275 iwn4965_ampdu_tx_start, 276 iwn4965_ampdu_tx_stop, 277 #endif 278 IWN4965_NTXQUEUES, 279 IWN4965_NDMACHNLS, 280 IWN4965_ID_BROADCAST, 281 IWN4965_RXONSZ, 282 IWN4965_SCHEDSZ, 283 IWN4965_FW_TEXT_MAXSZ, 284 IWN4965_FW_DATA_MAXSZ, 285 IWN4965_FWSZ, 286 IWN4965_SCHED_TXFACT 287 }; 288 289 static const struct iwn_hal iwn5000_hal = { 290 iwn5000_load_firmware, 291 iwn5000_read_eeprom, 292 iwn5000_post_alive, 293 iwn5000_nic_config, 294 iwn5000_update_sched, 295 iwn5000_get_temperature, 296 iwn5000_get_rssi, 297 iwn5000_set_txpower, 298 iwn5000_init_gains, 299 iwn5000_set_gains, 300 iwn5000_add_node, 301 iwn5000_tx_done, 302 #ifndef IEEE80211_NO_HT 303 iwn5000_ampdu_tx_start, 304 iwn5000_ampdu_tx_stop, 305 #endif 306 IWN5000_NTXQUEUES, 307 IWN5000_NDMACHNLS, 308 IWN5000_ID_BROADCAST, 309 IWN5000_RXONSZ, 310 IWN5000_SCHEDSZ, 311 IWN5000_FW_TEXT_MAXSZ, 312 IWN5000_FW_DATA_MAXSZ, 313 IWN5000_FWSZ, 314 IWN5000_SCHED_TXFACT 315 }; 316 317 struct cfdriver iwn_cd = { 318 NULL, "iwn", DV_IFNET 319 }; 320 321 struct cfattach iwn_ca = { 322 sizeof (struct iwn_softc), iwn_match, iwn_attach, iwn_detach 323 }; 324 325 int 326 iwn_match(struct device *parent, void *match, void *aux) 327 { 328 return pci_matchbyid((struct pci_attach_args *)aux, iwn_devices, 329 nitems(iwn_devices)); 330 } 331 332 void 333 iwn_attach(struct device *parent, struct device *self, void *aux) 334 { 335 struct iwn_softc *sc = (struct iwn_softc *)self; 336 struct ieee80211com *ic = &sc->sc_ic; 337 struct ifnet *ifp = &ic->ic_if; 338 struct pci_attach_args *pa = aux; 339 const struct iwn_hal *hal; 340 const char *intrstr; 341 pci_intr_handle_t ih; 342 pcireg_t memtype, reg; 343 int i, error; 344 345 sc->sc_pct = pa->pa_pc; 346 sc->sc_pcitag = pa->pa_tag; 347 sc->sc_dmat = pa->pa_dmat; 348 349 /* 350 * Get the offset of the PCI Express Capability Structure in PCI 351 * Configuration Space. 352 */ 353 error = pci_get_capability(sc->sc_pct, sc->sc_pcitag, 354 PCI_CAP_PCIEXPRESS, &sc->sc_cap_off, NULL); 355 if (error == 0) { 356 printf(": PCIe capability structure not found!\n"); 357 return; 358 } 359 360 /* Clear device-specific "PCI retry timeout" register (41h). */ 361 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 362 reg &= ~0xff00; 363 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, reg); 364 365 /* Hardware bug workaround. */ 366 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 367 if (reg & PCI_COMMAND_INTERRUPT_DISABLE) { 368 DPRINTF(("PCIe INTx Disable set\n")); 369 reg &= ~PCI_COMMAND_INTERRUPT_DISABLE; 370 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 371 PCI_COMMAND_STATUS_REG, reg); 372 } 373 374 memtype = pci_mapreg_type(pa->pa_pc, pa->pa_tag, IWN_PCI_BAR0); 375 error = pci_mapreg_map(pa, IWN_PCI_BAR0, memtype, 0, &sc->sc_st, 376 &sc->sc_sh, NULL, &sc->sc_sz, 0); 377 if (error != 0) { 378 printf(": can't map mem space\n"); 379 return; 380 } 381 382 /* Install interrupt handler. */ 383 if (pci_intr_map(pa, &ih) != 0) { 384 printf(": can't map interrupt\n"); 385 return; 386 } 387 intrstr = pci_intr_string(sc->sc_pct, ih); 388 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, iwn_intr, sc, 389 sc->sc_dev.dv_xname); 390 if (sc->sc_ih == NULL) { 391 printf(": can't establish interrupt"); 392 if (intrstr != NULL) 393 printf(" at %s", intrstr); 394 printf("\n"); 395 return; 396 } 397 printf(": %s", intrstr); 398 399 /* Attach Hardware Abstraction Layer. */ 400 hal = iwn_hal_attach(sc, PCI_PRODUCT(pa->pa_id)); 401 if (hal == NULL) 402 return; 403 404 if ((error = iwn_hw_prepare(sc)) != 0) { 405 printf(": hardware not ready\n"); 406 return; 407 } 408 409 /* Read MAC address, channels, etc from EEPROM. */ 410 if ((error = iwn_read_eeprom(sc)) != 0) { 411 printf(": could not read EEPROM\n"); 412 return; 413 } 414 415 /* Allocate DMA memory for firmware transfers. */ 416 if ((error = iwn_alloc_fwmem(sc)) != 0) { 417 printf(": could not allocate memory for firmware\n"); 418 return; 419 } 420 421 /* Allocate "Keep Warm" page. */ 422 if ((error = iwn_alloc_kw(sc)) != 0) { 423 printf(": could not allocate keep warm page\n"); 424 goto fail1; 425 } 426 427 /* Allocate ICT table for 5000 Series. */ 428 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 429 (error = iwn_alloc_ict(sc)) != 0) { 430 printf(": could not allocate ICT table\n"); 431 goto fail2; 432 } 433 434 /* Allocate TX scheduler "rings". */ 435 if ((error = iwn_alloc_sched(sc)) != 0) { 436 printf(": could not allocate TX scheduler rings\n"); 437 goto fail3; 438 } 439 440 /* Allocate TX rings (16 on 4965AGN, 20 on 5000.) */ 441 for (i = 0; i < hal->ntxqs; i++) { 442 if ((error = iwn_alloc_tx_ring(sc, &sc->txq[i], i)) != 0) { 443 printf(": could not allocate TX ring %d\n", i); 444 goto fail4; 445 } 446 } 447 448 /* Allocate RX ring. */ 449 if ((error = iwn_alloc_rx_ring(sc, &sc->rxq)) != 0) { 450 printf(": could not allocate RX ring\n"); 451 goto fail4; 452 } 453 454 /* Clear pending interrupts. */ 455 IWN_WRITE(sc, IWN_INT, 0xffffffff); 456 457 /* Count the number of available chains. */ 458 sc->ntxchains = 459 ((sc->txchainmask >> 2) & 1) + 460 ((sc->txchainmask >> 1) & 1) + 461 ((sc->txchainmask >> 0) & 1); 462 sc->nrxchains = 463 ((sc->rxchainmask >> 2) & 1) + 464 ((sc->rxchainmask >> 1) & 1) + 465 ((sc->rxchainmask >> 0) & 1); 466 printf(", MIMO %dT%dR, %.4s, address %s\n", sc->ntxchains, 467 sc->nrxchains, sc->eeprom_domain, ether_sprintf(ic->ic_myaddr)); 468 469 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 470 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 471 ic->ic_state = IEEE80211_S_INIT; 472 473 /* Set device capabilities. */ 474 ic->ic_caps = 475 IEEE80211_C_WEP | /* WEP */ 476 IEEE80211_C_RSN | /* WPA/RSN */ 477 IEEE80211_C_MONITOR | /* monitor mode supported */ 478 IEEE80211_C_SHSLOT | /* short slot time supported */ 479 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 480 IEEE80211_C_PMGT; /* power saving supported */ 481 482 #ifndef IEEE80211_NO_HT 483 /* Set HT capabilities. */ 484 ic->ic_htcaps = 485 #if IWN_RBUF_SIZE == 8192 486 IEEE80211_HTCAP_AMSDU7935 | 487 #endif 488 IEEE80211_HTCAP_SMPS_DIS | 489 IEEE80211_HTCAP_CBW20_40 | 490 IEEE80211_HTCAP_SGI20 | 491 IEEE80211_HTCAP_SGI40; 492 if (sc->hw_type != IWN_HW_REV_TYPE_4965) 493 ic->ic_htcaps |= IEEE80211_HTCAP_GF; 494 #endif /* !IEEE80211_NO_HT */ 495 496 /* Set supported legacy rates. */ 497 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 498 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 499 if (sc->sc_flags & IWN_FLAG_HAS_5GHZ) { 500 ic->ic_sup_rates[IEEE80211_MODE_11A] = 501 ieee80211_std_rateset_11a; 502 } 503 #ifndef IEEE80211_NO_HT 504 /* Set supported HT rates. */ 505 ic->ic_sup_mcs[0] = 0xff; 506 if (sc->nrxchains > 1) 507 ic->ic_sup_mcs[1] = 0xff; 508 if (sc->nrxchains > 2) 509 ic->ic_sup_mcs[2] = 0xff; 510 #endif 511 512 /* IBSS channel undefined for now. */ 513 ic->ic_ibss_chan = &ic->ic_channels[0]; 514 515 ifp->if_softc = sc; 516 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 517 ifp->if_init = iwn_init; 518 ifp->if_ioctl = iwn_ioctl; 519 ifp->if_start = iwn_start; 520 ifp->if_watchdog = iwn_watchdog; 521 IFQ_SET_READY(&ifp->if_snd); 522 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 523 524 if_attach(ifp); 525 ieee80211_ifattach(ifp); 526 ic->ic_node_alloc = iwn_node_alloc; 527 ic->ic_newassoc = iwn_newassoc; 528 ic->ic_updateedca = iwn_updateedca; 529 ic->ic_set_key = iwn_set_key; 530 ic->ic_delete_key = iwn_delete_key; 531 #ifndef IEEE80211_NO_HT 532 ic->ic_ampdu_rx_start = iwn_ampdu_rx_start; 533 ic->ic_ampdu_rx_stop = iwn_ampdu_rx_stop; 534 ic->ic_ampdu_tx_start = iwn_ampdu_tx_start; 535 ic->ic_ampdu_tx_stop = iwn_ampdu_tx_stop; 536 #endif 537 538 /* Override 802.11 state transition machine. */ 539 sc->sc_newstate = ic->ic_newstate; 540 ic->ic_newstate = iwn_newstate; 541 ieee80211_media_init(ifp, iwn_media_change, ieee80211_media_status); 542 543 sc->amrr.amrr_min_success_threshold = 1; 544 sc->amrr.amrr_max_success_threshold = 15; 545 546 #ifndef SMALL_KERNEL 547 iwn_sensor_attach(sc); 548 #endif 549 #if NBPFILTER > 0 550 iwn_radiotap_attach(sc); 551 #endif 552 timeout_set(&sc->calib_to, iwn_calib_timeout, sc); 553 554 sc->powerhook = powerhook_establish(iwn_power, sc); 555 556 return; 557 558 /* Free allocated memory if something failed during attachment. */ 559 fail4: while (--i >= 0) 560 iwn_free_tx_ring(sc, &sc->txq[i]); 561 iwn_free_sched(sc); 562 fail3: if (sc->ict != NULL) 563 iwn_free_ict(sc); 564 fail2: iwn_free_kw(sc); 565 fail1: iwn_free_fwmem(sc); 566 } 567 568 const struct iwn_hal * 569 iwn_hal_attach(struct iwn_softc *sc, pci_product_id_t pid) 570 { 571 sc->hw_type = (IWN_READ(sc, IWN_HW_REV) >> 4) & 0xf; 572 573 switch (sc->hw_type) { 574 case IWN_HW_REV_TYPE_4965: 575 sc->sc_hal = &iwn4965_hal; 576 sc->limits = &iwn4965_sensitivity_limits; 577 sc->fwname = "iwn-4965"; 578 sc->txchainmask = IWN_ANT_AB; 579 sc->rxchainmask = IWN_ANT_ABC; 580 break; 581 case IWN_HW_REV_TYPE_5100: 582 sc->sc_hal = &iwn5000_hal; 583 sc->limits = &iwn5000_sensitivity_limits; 584 sc->fwname = "iwn-5000"; 585 sc->txchainmask = IWN_ANT_B; 586 sc->rxchainmask = IWN_ANT_AB; 587 break; 588 case IWN_HW_REV_TYPE_5150: 589 sc->sc_hal = &iwn5000_hal; 590 sc->limits = &iwn5150_sensitivity_limits; 591 sc->fwname = "iwn-5150"; 592 sc->txchainmask = IWN_ANT_A; 593 sc->rxchainmask = IWN_ANT_AB; 594 break; 595 case IWN_HW_REV_TYPE_5300: 596 case IWN_HW_REV_TYPE_5350: 597 sc->sc_hal = &iwn5000_hal; 598 sc->limits = &iwn5000_sensitivity_limits; 599 sc->fwname = "iwn-5000"; 600 sc->txchainmask = IWN_ANT_ABC; 601 sc->rxchainmask = IWN_ANT_ABC; 602 break; 603 case IWN_HW_REV_TYPE_1000: 604 sc->sc_hal = &iwn5000_hal; 605 sc->limits = &iwn5000_sensitivity_limits; 606 sc->fwname = "iwn-1000"; 607 sc->txchainmask = IWN_ANT_A; 608 sc->rxchainmask = IWN_ANT_AB; 609 break; 610 case IWN_HW_REV_TYPE_6000: 611 sc->sc_hal = &iwn5000_hal; 612 sc->limits = &iwn6000_sensitivity_limits; 613 sc->fwname = "iwn-6000"; 614 switch (pid) { 615 case PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_1: 616 case PCI_PRODUCT_INTEL_WIFI_LINK_6000_IPA_2: 617 sc->sc_flags |= IWN_FLAG_INTERNAL_PA; 618 sc->txchainmask = IWN_ANT_BC; 619 sc->rxchainmask = IWN_ANT_BC; 620 break; 621 default: 622 sc->txchainmask = IWN_ANT_ABC; 623 sc->rxchainmask = IWN_ANT_ABC; 624 break; 625 } 626 break; 627 case IWN_HW_REV_TYPE_6050: 628 sc->sc_hal = &iwn5000_hal; 629 sc->limits = &iwn6000_sensitivity_limits; 630 sc->fwname = "iwn-6000"; 631 sc->txchainmask = IWN_ANT_AB; 632 sc->rxchainmask = IWN_ANT_AB; 633 break; 634 default: 635 printf(": adapter type %d not supported\n", sc->hw_type); 636 return NULL; 637 } 638 return sc->sc_hal; 639 } 640 641 #ifndef SMALL_KERNEL 642 /* 643 * Attach the adapter on-board thermal sensor to the sensors framework. 644 */ 645 void 646 iwn_sensor_attach(struct iwn_softc *sc) 647 { 648 strlcpy(sc->sensordev.xname, sc->sc_dev.dv_xname, 649 sizeof sc->sensordev.xname); 650 sc->sensor.type = SENSOR_TEMP; 651 /* Temperature is not valid unless interface is up. */ 652 sc->sensor.flags = SENSOR_FINVALID; 653 sensor_attach(&sc->sensordev, &sc->sensor); 654 sensordev_install(&sc->sensordev); 655 } 656 #endif 657 658 #if NBPFILTER > 0 659 /* 660 * Attach the interface to 802.11 radiotap. 661 */ 662 void 663 iwn_radiotap_attach(struct iwn_softc *sc) 664 { 665 bpfattach(&sc->sc_drvbpf, &sc->sc_ic.ic_if, DLT_IEEE802_11_RADIO, 666 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 667 668 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 669 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 670 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWN_RX_RADIOTAP_PRESENT); 671 672 sc->sc_txtap_len = sizeof sc->sc_txtapu; 673 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 674 sc->sc_txtap.wt_ihdr.it_present = htole32(IWN_TX_RADIOTAP_PRESENT); 675 } 676 #endif 677 678 int 679 iwn_detach(struct device *self, int flags) 680 { 681 struct iwn_softc *sc = (struct iwn_softc *)self; 682 struct ifnet *ifp = &sc->sc_ic.ic_if; 683 int qid; 684 685 timeout_del(&sc->calib_to); 686 687 /* Uninstall interrupt handler. */ 688 if (sc->sc_ih != NULL) 689 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 690 691 if (sc->powerhook != NULL) 692 powerhook_disestablish(sc->powerhook); 693 694 /* Free DMA resources. */ 695 iwn_free_rx_ring(sc, &sc->rxq); 696 for (qid = 0; qid < sc->sc_hal->ntxqs; qid++) 697 iwn_free_tx_ring(sc, &sc->txq[qid]); 698 iwn_free_sched(sc); 699 iwn_free_kw(sc); 700 if (sc->ict != NULL) 701 iwn_free_ict(sc); 702 iwn_free_fwmem(sc); 703 704 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 705 706 #ifndef SMALL_KERNEL 707 /* Detach the thermal sensor. */ 708 sensor_detach(&sc->sensordev, &sc->sensor); 709 sensordev_deinstall(&sc->sensordev); 710 #endif 711 712 ieee80211_ifdetach(ifp); 713 if_detach(ifp); 714 715 return 0; 716 } 717 718 void 719 iwn_power(int why, void *arg) 720 { 721 struct iwn_softc *sc = arg; 722 struct ifnet *ifp; 723 pcireg_t reg; 724 int s; 725 726 if (why != PWR_RESUME) 727 return; 728 729 /* Clear device-specific "PCI retry timeout" register (41h). */ 730 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 731 reg &= ~0xff00; 732 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, reg); 733 734 s = splnet(); 735 ifp = &sc->sc_ic.ic_if; 736 if (ifp->if_flags & IFF_UP) { 737 ifp->if_init(ifp); 738 if (ifp->if_flags & IFF_RUNNING) 739 ifp->if_start(ifp); 740 } 741 splx(s); 742 } 743 744 int 745 iwn_nic_lock(struct iwn_softc *sc) 746 { 747 int ntries; 748 749 /* Request exclusive access to NIC. */ 750 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 751 752 /* Spin until we actually get the lock. */ 753 for (ntries = 0; ntries < 1000; ntries++) { 754 if ((IWN_READ(sc, IWN_GP_CNTRL) & 755 (IWN_GP_CNTRL_MAC_ACCESS_ENA | IWN_GP_CNTRL_SLEEP)) == 756 IWN_GP_CNTRL_MAC_ACCESS_ENA) 757 return 0; 758 DELAY(10); 759 } 760 return ETIMEDOUT; 761 } 762 763 static __inline void 764 iwn_nic_unlock(struct iwn_softc *sc) 765 { 766 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 767 } 768 769 static __inline uint32_t 770 iwn_prph_read(struct iwn_softc *sc, uint32_t addr) 771 { 772 IWN_WRITE(sc, IWN_PRPH_RADDR, IWN_PRPH_DWORD | addr); 773 IWN_BARRIER_READ_WRITE(sc); 774 return IWN_READ(sc, IWN_PRPH_RDATA); 775 } 776 777 static __inline void 778 iwn_prph_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 779 { 780 IWN_WRITE(sc, IWN_PRPH_WADDR, IWN_PRPH_DWORD | addr); 781 IWN_BARRIER_WRITE(sc); 782 IWN_WRITE(sc, IWN_PRPH_WDATA, data); 783 } 784 785 static __inline void 786 iwn_prph_setbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 787 { 788 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) | mask); 789 } 790 791 static __inline void 792 iwn_prph_clrbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 793 { 794 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) & ~mask); 795 } 796 797 static __inline void 798 iwn_prph_write_region_4(struct iwn_softc *sc, uint32_t addr, 799 const uint32_t *data, int count) 800 { 801 for (; count > 0; count--, data++, addr += 4) 802 iwn_prph_write(sc, addr, *data); 803 } 804 805 static __inline uint32_t 806 iwn_mem_read(struct iwn_softc *sc, uint32_t addr) 807 { 808 IWN_WRITE(sc, IWN_MEM_RADDR, addr); 809 IWN_BARRIER_READ_WRITE(sc); 810 return IWN_READ(sc, IWN_MEM_RDATA); 811 } 812 813 static __inline void 814 iwn_mem_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 815 { 816 IWN_WRITE(sc, IWN_MEM_WADDR, addr); 817 IWN_BARRIER_WRITE(sc); 818 IWN_WRITE(sc, IWN_MEM_WDATA, data); 819 } 820 821 static __inline void 822 iwn_mem_write_2(struct iwn_softc *sc, uint32_t addr, uint16_t data) 823 { 824 uint32_t tmp; 825 826 tmp = iwn_mem_read(sc, addr & ~3); 827 if (addr & 3) 828 tmp = (tmp & 0x0000ffff) | data << 16; 829 else 830 tmp = (tmp & 0xffff0000) | data; 831 iwn_mem_write(sc, addr & ~3, tmp); 832 } 833 834 static __inline void 835 iwn_mem_read_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t *data, 836 int count) 837 { 838 for (; count > 0; count--, addr += 4) 839 *data++ = iwn_mem_read(sc, addr); 840 } 841 842 static __inline void 843 iwn_mem_set_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t val, 844 int count) 845 { 846 for (; count > 0; count--, addr += 4) 847 iwn_mem_write(sc, addr, val); 848 } 849 850 int 851 iwn_eeprom_lock(struct iwn_softc *sc) 852 { 853 int i, ntries; 854 855 for (i = 0; i < 100; i++) { 856 /* Request exclusive access to EEPROM. */ 857 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 858 IWN_HW_IF_CONFIG_EEPROM_LOCKED); 859 860 /* Spin until we actually get the lock. */ 861 for (ntries = 0; ntries < 100; ntries++) { 862 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 863 IWN_HW_IF_CONFIG_EEPROM_LOCKED) 864 return 0; 865 DELAY(10); 866 } 867 } 868 return ETIMEDOUT; 869 } 870 871 static __inline void 872 iwn_eeprom_unlock(struct iwn_softc *sc) 873 { 874 IWN_CLRBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_EEPROM_LOCKED); 875 } 876 877 /* 878 * Initialize access by host to One Time Programmable ROM. 879 * NB: This kind of ROM can be found on 1000 or 6000 Series only. 880 */ 881 int 882 iwn_init_otprom(struct iwn_softc *sc) 883 { 884 uint32_t base; 885 uint16_t next; 886 int count, error; 887 888 /* Wait for clock stabilization before accessing prph. */ 889 if ((error = iwn_clock_wait(sc)) != 0) 890 return error; 891 892 if ((error = iwn_nic_lock(sc)) != 0) 893 return error; 894 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 895 DELAY(5); 896 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 897 iwn_nic_unlock(sc); 898 899 /* Set auto clock gate disable bit for HW with OTP shadow RAM. */ 900 if (sc->hw_type != IWN_HW_REV_TYPE_1000) { 901 IWN_SETBITS(sc, IWN_DBG_LINK_PWR_MGMT, 902 IWN_RESET_LINK_PWR_MGMT_DIS); 903 } 904 IWN_CLRBITS(sc, IWN_EEPROM_GP, IWN_EEPROM_GP_IF_OWNER); 905 /* Clear ECC status. */ 906 IWN_SETBITS(sc, IWN_OTP_GP, 907 IWN_OTP_GP_ECC_CORR_STTS | IWN_OTP_GP_ECC_UNCORR_STTS); 908 909 /* 910 * Find last valid OTP block (contains the EEPROM image) for HW 911 * without OTP shadow RAM. 912 */ 913 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 914 /* Switch to absolute addressing mode. */ 915 IWN_CLRBITS(sc, IWN_OTP_GP, IWN_OTP_GP_RELATIVE_ACCESS); 916 base = 0; 917 for (count = 0; count < IWN1000_OTP_NBLOCKS; count++) { 918 error = iwn_read_prom_data(sc, base, &next, 2); 919 if (error != 0) 920 return error; 921 if (next == 0) /* End of linked-list. */ 922 break; 923 base = letoh16(next); 924 } 925 if (base == 0 || count == IWN1000_OTP_NBLOCKS) 926 return EIO; 927 /* Skip "next" word. */ 928 sc->prom_base = base + 1; 929 } 930 return 0; 931 } 932 933 int 934 iwn_read_prom_data(struct iwn_softc *sc, uint32_t addr, void *data, int count) 935 { 936 uint8_t *out = data; 937 uint32_t val, tmp; 938 int ntries; 939 940 addr += sc->prom_base; 941 for (; count > 0; count -= 2, addr++) { 942 IWN_WRITE(sc, IWN_EEPROM, addr << 2); 943 for (ntries = 0; ntries < 10; ntries++) { 944 val = IWN_READ(sc, IWN_EEPROM); 945 if (val & IWN_EEPROM_READ_VALID) 946 break; 947 DELAY(5); 948 } 949 if (ntries == 10) { 950 printf("%s: timeout reading ROM at 0x%x\n", 951 sc->sc_dev.dv_xname, addr); 952 return ETIMEDOUT; 953 } 954 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 955 /* OTPROM, check for ECC errors. */ 956 tmp = IWN_READ(sc, IWN_OTP_GP); 957 if (tmp & IWN_OTP_GP_ECC_UNCORR_STTS) { 958 printf("%s: OTPROM ECC error at 0x%x\n", 959 sc->sc_dev.dv_xname, addr); 960 return EIO; 961 } 962 if (tmp & IWN_OTP_GP_ECC_CORR_STTS) { 963 /* Correctable ECC error, clear bit. */ 964 IWN_SETBITS(sc, IWN_OTP_GP, 965 IWN_OTP_GP_ECC_CORR_STTS); 966 } 967 } 968 *out++ = val >> 16; 969 if (count > 1) 970 *out++ = val >> 24; 971 } 972 return 0; 973 } 974 975 int 976 iwn_dma_contig_alloc(bus_dma_tag_t tag, struct iwn_dma_info *dma, void **kvap, 977 bus_size_t size, bus_size_t alignment) 978 { 979 int nsegs, error; 980 981 dma->tag = tag; 982 dma->size = size; 983 984 error = bus_dmamap_create(tag, size, 1, size, 0, BUS_DMA_NOWAIT, 985 &dma->map); 986 if (error != 0) 987 goto fail; 988 989 error = bus_dmamem_alloc(tag, size, alignment, 0, &dma->seg, 1, &nsegs, 990 BUS_DMA_NOWAIT | BUS_DMA_ZERO); 991 if (error != 0) 992 goto fail; 993 994 error = bus_dmamem_map(tag, &dma->seg, 1, size, &dma->vaddr, 995 BUS_DMA_NOWAIT | BUS_DMA_COHERENT); 996 if (error != 0) 997 goto fail; 998 999 error = bus_dmamap_load_raw(tag, dma->map, &dma->seg, 1, size, 1000 BUS_DMA_NOWAIT); 1001 if (error != 0) 1002 goto fail; 1003 1004 bus_dmamap_sync(tag, dma->map, 0, size, BUS_DMASYNC_PREWRITE); 1005 1006 dma->paddr = dma->map->dm_segs[0].ds_addr; 1007 if (kvap != NULL) 1008 *kvap = dma->vaddr; 1009 1010 return 0; 1011 1012 fail: iwn_dma_contig_free(dma); 1013 return error; 1014 } 1015 1016 void 1017 iwn_dma_contig_free(struct iwn_dma_info *dma) 1018 { 1019 if (dma->map != NULL) { 1020 if (dma->vaddr != NULL) { 1021 bus_dmamap_sync(dma->tag, dma->map, 0, dma->size, 1022 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 1023 bus_dmamap_unload(dma->tag, dma->map); 1024 bus_dmamem_unmap(dma->tag, dma->vaddr, dma->size); 1025 bus_dmamem_free(dma->tag, &dma->seg, 1); 1026 dma->vaddr = NULL; 1027 } 1028 bus_dmamap_destroy(dma->tag, dma->map); 1029 dma->map = NULL; 1030 } 1031 } 1032 1033 int 1034 iwn_alloc_sched(struct iwn_softc *sc) 1035 { 1036 /* TX scheduler rings must be aligned on a 1KB boundary. */ 1037 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->sched_dma, 1038 (void **)&sc->sched, sc->sc_hal->schedsz, 1024); 1039 } 1040 1041 void 1042 iwn_free_sched(struct iwn_softc *sc) 1043 { 1044 iwn_dma_contig_free(&sc->sched_dma); 1045 } 1046 1047 int 1048 iwn_alloc_kw(struct iwn_softc *sc) 1049 { 1050 /* "Keep Warm" page must be aligned on a 4KB boundary. */ 1051 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->kw_dma, NULL, 4096, 1052 4096); 1053 } 1054 1055 void 1056 iwn_free_kw(struct iwn_softc *sc) 1057 { 1058 iwn_dma_contig_free(&sc->kw_dma); 1059 } 1060 1061 int 1062 iwn_alloc_ict(struct iwn_softc *sc) 1063 { 1064 /* ICT table must be aligned on a 4KB boundary. */ 1065 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->ict_dma, 1066 (void **)&sc->ict, IWN_ICT_SIZE, 4096); 1067 } 1068 1069 void 1070 iwn_free_ict(struct iwn_softc *sc) 1071 { 1072 iwn_dma_contig_free(&sc->ict_dma); 1073 } 1074 1075 int 1076 iwn_alloc_fwmem(struct iwn_softc *sc) 1077 { 1078 /* Must be aligned on a 16-byte boundary. */ 1079 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->fw_dma, NULL, 1080 sc->sc_hal->fwsz, 16); 1081 } 1082 1083 void 1084 iwn_free_fwmem(struct iwn_softc *sc) 1085 { 1086 iwn_dma_contig_free(&sc->fw_dma); 1087 } 1088 1089 int 1090 iwn_alloc_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1091 { 1092 bus_size_t size; 1093 int i, error; 1094 1095 ring->cur = 0; 1096 1097 /* Allocate RX descriptors (256-byte aligned.) */ 1098 size = IWN_RX_RING_COUNT * sizeof (uint32_t); 1099 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 1100 (void **)&ring->desc, size, 256); 1101 if (error != 0) { 1102 printf("%s: could not allocate RX ring DMA memory\n", 1103 sc->sc_dev.dv_xname); 1104 goto fail; 1105 } 1106 1107 /* Allocate RX status area (16-byte aligned.) */ 1108 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->stat_dma, 1109 (void **)&ring->stat, sizeof (struct iwn_rx_status), 16); 1110 if (error != 0) { 1111 printf("%s: could not allocate RX status DMA memory\n", 1112 sc->sc_dev.dv_xname); 1113 goto fail; 1114 } 1115 1116 /* 1117 * Allocate and map RX buffers. 1118 */ 1119 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1120 struct iwn_rx_data *data = &ring->data[i]; 1121 1122 error = bus_dmamap_create(sc->sc_dmat, IWN_RBUF_SIZE, 1, 1123 IWN_RBUF_SIZE, 0, BUS_DMA_NOWAIT | BUS_DMA_ALLOCNOW, 1124 &data->map); 1125 if (error != 0) { 1126 printf("%s: could not create RX buf DMA map\n", 1127 sc->sc_dev.dv_xname); 1128 goto fail; 1129 } 1130 1131 data->m = MCLGETI(NULL, M_DONTWAIT, NULL, IWN_RBUF_SIZE); 1132 if (data->m == NULL) { 1133 printf("%s: could not allocate RX mbuf\n", 1134 sc->sc_dev.dv_xname); 1135 error = ENOBUFS; 1136 goto fail; 1137 } 1138 1139 error = bus_dmamap_load(sc->sc_dmat, data->map, 1140 mtod(data->m, void *), IWN_RBUF_SIZE, NULL, 1141 BUS_DMA_NOWAIT | BUS_DMA_READ); 1142 if (error != 0) { 1143 printf("%s: can't not map mbuf (error %d)\n", 1144 sc->sc_dev.dv_xname, error); 1145 goto fail; 1146 } 1147 1148 /* Set physical address of RX buffer (256-byte aligned.) */ 1149 ring->desc[i] = htole32(data->map->dm_segs[0].ds_addr >> 8); 1150 } 1151 1152 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 0, size, 1153 BUS_DMASYNC_PREWRITE); 1154 1155 return 0; 1156 1157 fail: iwn_free_rx_ring(sc, ring); 1158 return error; 1159 } 1160 1161 void 1162 iwn_reset_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1163 { 1164 int ntries; 1165 1166 if (iwn_nic_lock(sc) == 0) { 1167 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 1168 for (ntries = 0; ntries < 1000; ntries++) { 1169 if (IWN_READ(sc, IWN_FH_RX_STATUS) & 1170 IWN_FH_RX_STATUS_IDLE) 1171 break; 1172 DELAY(10); 1173 } 1174 iwn_nic_unlock(sc); 1175 } 1176 ring->cur = 0; 1177 sc->last_rx_valid = 0; 1178 } 1179 1180 void 1181 iwn_free_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1182 { 1183 int i; 1184 1185 iwn_dma_contig_free(&ring->desc_dma); 1186 iwn_dma_contig_free(&ring->stat_dma); 1187 1188 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1189 struct iwn_rx_data *data = &ring->data[i]; 1190 1191 if (data->m != NULL) { 1192 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1193 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1194 bus_dmamap_unload(sc->sc_dmat, data->map); 1195 m_freem(data->m); 1196 } 1197 if (data->map != NULL) 1198 bus_dmamap_destroy(sc->sc_dmat, data->map); 1199 } 1200 } 1201 1202 int 1203 iwn_alloc_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring, int qid) 1204 { 1205 bus_addr_t paddr; 1206 bus_size_t size; 1207 int i, error; 1208 1209 ring->qid = qid; 1210 ring->queued = 0; 1211 ring->cur = 0; 1212 1213 /* Allocate TX descriptors (256-byte aligned.) */ 1214 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_desc); 1215 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 1216 (void **)&ring->desc, size, 256); 1217 if (error != 0) { 1218 printf("%s: could not allocate TX ring DMA memory\n", 1219 sc->sc_dev.dv_xname); 1220 goto fail; 1221 } 1222 /* 1223 * We only use rings 0 through 4 (4 EDCA + cmd) so there is no need 1224 * to allocate commands space for other rings. 1225 * XXX Do we really need to allocate descriptors for other rings? 1226 */ 1227 if (qid > 4) 1228 return 0; 1229 1230 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_cmd); 1231 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->cmd_dma, 1232 (void **)&ring->cmd, size, 4); 1233 if (error != 0) { 1234 printf("%s: could not allocate TX cmd DMA memory\n", 1235 sc->sc_dev.dv_xname); 1236 goto fail; 1237 } 1238 1239 paddr = ring->cmd_dma.paddr; 1240 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1241 struct iwn_tx_data *data = &ring->data[i]; 1242 1243 data->cmd_paddr = paddr; 1244 data->scratch_paddr = paddr + 12; 1245 paddr += sizeof (struct iwn_tx_cmd); 1246 1247 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1248 IWN_MAX_SCATTER - 1, MCLBYTES, 0, BUS_DMA_NOWAIT, 1249 &data->map); 1250 if (error != 0) { 1251 printf("%s: could not create TX buf DMA map\n", 1252 sc->sc_dev.dv_xname); 1253 goto fail; 1254 } 1255 } 1256 return 0; 1257 1258 fail: iwn_free_tx_ring(sc, ring); 1259 return error; 1260 } 1261 1262 void 1263 iwn_reset_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 1264 { 1265 int i; 1266 1267 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1268 struct iwn_tx_data *data = &ring->data[i]; 1269 1270 if (data->m != NULL) { 1271 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1272 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1273 bus_dmamap_unload(sc->sc_dmat, data->map); 1274 m_freem(data->m); 1275 data->m = NULL; 1276 } 1277 } 1278 /* Clear TX descriptors. */ 1279 memset(ring->desc, 0, ring->desc_dma.size); 1280 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 0, 1281 ring->desc_dma.size, BUS_DMASYNC_PREWRITE); 1282 sc->qfullmsk &= ~(1 << ring->qid); 1283 ring->queued = 0; 1284 ring->cur = 0; 1285 } 1286 1287 void 1288 iwn_free_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 1289 { 1290 int i; 1291 1292 iwn_dma_contig_free(&ring->desc_dma); 1293 iwn_dma_contig_free(&ring->cmd_dma); 1294 1295 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 1296 struct iwn_tx_data *data = &ring->data[i]; 1297 1298 if (data->m != NULL) { 1299 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1300 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1301 bus_dmamap_unload(sc->sc_dmat, data->map); 1302 m_freem(data->m); 1303 } 1304 if (data->map != NULL) 1305 bus_dmamap_destroy(sc->sc_dmat, data->map); 1306 } 1307 } 1308 1309 void 1310 iwn5000_ict_reset(struct iwn_softc *sc) 1311 { 1312 /* Disable interrupts. */ 1313 IWN_WRITE(sc, IWN_INT_MASK, 0); 1314 1315 /* Reset ICT table. */ 1316 memset(sc->ict, 0, IWN_ICT_SIZE); 1317 sc->ict_cur = 0; 1318 1319 /* Set physical address of ICT table (4KB aligned.) */ 1320 DPRINTF(("enabling ICT\n")); 1321 IWN_WRITE(sc, IWN_DRAM_INT_TBL, IWN_DRAM_INT_TBL_ENABLE | 1322 IWN_DRAM_INT_TBL_WRAP_CHECK | sc->ict_dma.paddr >> 12); 1323 1324 /* Enable periodic RX interrupt. */ 1325 sc->int_mask |= IWN_INT_RX_PERIODIC; 1326 /* Switch to ICT interrupt mode in driver. */ 1327 sc->sc_flags |= IWN_FLAG_USE_ICT; 1328 1329 /* Re-enable interrupts. */ 1330 IWN_WRITE(sc, IWN_INT, 0xffffffff); 1331 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 1332 } 1333 1334 int 1335 iwn_read_eeprom(struct iwn_softc *sc) 1336 { 1337 const struct iwn_hal *hal = sc->sc_hal; 1338 struct ieee80211com *ic = &sc->sc_ic; 1339 uint16_t val; 1340 int error; 1341 1342 /* Check whether adapter has an EEPROM or an OTPROM. */ 1343 if (sc->hw_type >= IWN_HW_REV_TYPE_1000 && 1344 (IWN_READ(sc, IWN_OTP_GP) & IWN_OTP_GP_DEV_SEL_OTP)) 1345 sc->sc_flags |= IWN_FLAG_HAS_OTPROM; 1346 DPRINTF(("%s found\n", (sc->sc_flags & IWN_FLAG_HAS_OTPROM) ? 1347 "OTPROM" : "EEPROM")); 1348 1349 /* Adapter has to be powered on for EEPROM access to work. */ 1350 if ((error = iwn_apm_init(sc)) != 0) { 1351 printf("%s: could not power ON adapter\n", 1352 sc->sc_dev.dv_xname); 1353 return error; 1354 } 1355 1356 if ((IWN_READ(sc, IWN_EEPROM_GP) & 0x7) == 0) { 1357 printf("%s: bad ROM signature\n", sc->sc_dev.dv_xname); 1358 return EIO; 1359 } 1360 if ((error = iwn_eeprom_lock(sc)) != 0) { 1361 printf("%s: could not lock ROM (error=%d)\n", 1362 sc->sc_dev.dv_xname, error); 1363 return error; 1364 } 1365 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 1366 if ((error = iwn_init_otprom(sc)) != 0) { 1367 printf("%s: could not initialize OTPROM\n", 1368 sc->sc_dev.dv_xname); 1369 return error; 1370 } 1371 } 1372 1373 iwn_read_prom_data(sc, IWN_EEPROM_RFCFG, &val, 2); 1374 sc->rfcfg = letoh16(val); 1375 DPRINTF(("radio config=0x%04x\n", sc->rfcfg)); 1376 1377 /* Read MAC address. */ 1378 iwn_read_prom_data(sc, IWN_EEPROM_MAC, ic->ic_myaddr, 6); 1379 1380 /* Read adapter-specific information from EEPROM. */ 1381 hal->read_eeprom(sc); 1382 1383 iwn_apm_stop(sc); /* Power OFF adapter. */ 1384 1385 iwn_eeprom_unlock(sc); 1386 return 0; 1387 } 1388 1389 void 1390 iwn4965_read_eeprom(struct iwn_softc *sc) 1391 { 1392 uint32_t addr; 1393 uint16_t val; 1394 int i; 1395 1396 /* Read regulatory domain (4 ASCII characters.) */ 1397 iwn_read_prom_data(sc, IWN4965_EEPROM_DOMAIN, sc->eeprom_domain, 4); 1398 1399 /* Read the list of authorized channels (20MHz ones only.) */ 1400 for (i = 0; i < 5; i++) { 1401 addr = iwn4965_regulatory_bands[i]; 1402 iwn_read_eeprom_channels(sc, i, addr); 1403 } 1404 1405 /* Read maximum allowed TX power for 2GHz and 5GHz bands. */ 1406 iwn_read_prom_data(sc, IWN4965_EEPROM_MAXPOW, &val, 2); 1407 sc->maxpwr2GHz = val & 0xff; 1408 sc->maxpwr5GHz = val >> 8; 1409 /* Check that EEPROM values are within valid range. */ 1410 if (sc->maxpwr5GHz < 20 || sc->maxpwr5GHz > 50) 1411 sc->maxpwr5GHz = 38; 1412 if (sc->maxpwr2GHz < 20 || sc->maxpwr2GHz > 50) 1413 sc->maxpwr2GHz = 38; 1414 DPRINTF(("maxpwr 2GHz=%d 5GHz=%d\n", sc->maxpwr2GHz, sc->maxpwr5GHz)); 1415 1416 /* Read samples for each TX power group. */ 1417 iwn_read_prom_data(sc, IWN4965_EEPROM_BANDS, sc->bands, 1418 sizeof sc->bands); 1419 1420 /* Read voltage at which samples were taken. */ 1421 iwn_read_prom_data(sc, IWN4965_EEPROM_VOLTAGE, &val, 2); 1422 sc->eeprom_voltage = (int16_t)letoh16(val); 1423 DPRINTF(("voltage=%d (in 0.3V)\n", sc->eeprom_voltage)); 1424 1425 #ifdef IWN_DEBUG 1426 /* Print samples. */ 1427 if (iwn_debug > 0) { 1428 for (i = 0; i < IWN_NBANDS; i++) 1429 iwn4965_print_power_group(sc, i); 1430 } 1431 #endif 1432 } 1433 1434 #ifdef IWN_DEBUG 1435 void 1436 iwn4965_print_power_group(struct iwn_softc *sc, int i) 1437 { 1438 struct iwn4965_eeprom_band *band = &sc->bands[i]; 1439 struct iwn4965_eeprom_chan_samples *chans = band->chans; 1440 int j, c; 1441 1442 printf("===band %d===\n", i); 1443 printf("chan lo=%d, chan hi=%d\n", band->lo, band->hi); 1444 printf("chan1 num=%d\n", chans[0].num); 1445 for (c = 0; c < 2; c++) { 1446 for (j = 0; j < IWN_NSAMPLES; j++) { 1447 printf("chain %d, sample %d: temp=%d gain=%d " 1448 "power=%d pa_det=%d\n", c, j, 1449 chans[0].samples[c][j].temp, 1450 chans[0].samples[c][j].gain, 1451 chans[0].samples[c][j].power, 1452 chans[0].samples[c][j].pa_det); 1453 } 1454 } 1455 printf("chan2 num=%d\n", chans[1].num); 1456 for (c = 0; c < 2; c++) { 1457 for (j = 0; j < IWN_NSAMPLES; j++) { 1458 printf("chain %d, sample %d: temp=%d gain=%d " 1459 "power=%d pa_det=%d\n", c, j, 1460 chans[1].samples[c][j].temp, 1461 chans[1].samples[c][j].gain, 1462 chans[1].samples[c][j].power, 1463 chans[1].samples[c][j].pa_det); 1464 } 1465 } 1466 } 1467 #endif 1468 1469 void 1470 iwn5000_read_eeprom(struct iwn_softc *sc) 1471 { 1472 int32_t temp, volt; 1473 uint32_t base, addr; 1474 uint16_t val; 1475 int i; 1476 1477 /* Read regulatory domain (4 ASCII characters.) */ 1478 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 1479 base = letoh16(val); 1480 iwn_read_prom_data(sc, base + IWN5000_EEPROM_DOMAIN, 1481 sc->eeprom_domain, 4); 1482 1483 /* Read the list of authorized channels (20MHz ones only.) */ 1484 for (i = 0; i < 5; i++) { 1485 addr = base + iwn5000_regulatory_bands[i]; 1486 iwn_read_eeprom_channels(sc, i, addr); 1487 } 1488 1489 /* Read enhanced TX power information for 6000 Series. */ 1490 if (sc->hw_type >= IWN_HW_REV_TYPE_6000) 1491 iwn_read_eeprom_enhinfo(sc); 1492 1493 iwn_read_prom_data(sc, IWN5000_EEPROM_CAL, &val, 2); 1494 base = letoh16(val); 1495 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 1496 /* Compute temperature offset. */ 1497 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 1498 temp = letoh16(val); 1499 iwn_read_prom_data(sc, base + IWN5000_EEPROM_VOLT, &val, 2); 1500 volt = letoh16(val); 1501 sc->temp_off = temp - (volt / -5); 1502 DPRINTF(("temp=%d volt=%d offset=%dK\n", 1503 temp, volt, sc->temp_off)); 1504 } else { 1505 /* Read crystal calibration. */ 1506 iwn_read_prom_data(sc, base + IWN5000_EEPROM_CRYSTAL, 1507 &sc->eeprom_crystal, sizeof (uint32_t)); 1508 DPRINTF(("crystal calibration 0x%08x\n", 1509 letoh32(sc->eeprom_crystal))); 1510 } 1511 } 1512 1513 void 1514 iwn_read_eeprom_channels(struct iwn_softc *sc, int n, uint32_t addr) 1515 { 1516 struct ieee80211com *ic = &sc->sc_ic; 1517 const struct iwn_chan_band *band = &iwn_bands[n]; 1518 struct iwn_eeprom_chan channels[IWN_MAX_CHAN_PER_BAND]; 1519 uint8_t chan; 1520 int i; 1521 1522 iwn_read_prom_data(sc, addr, channels, 1523 band->nchan * sizeof (struct iwn_eeprom_chan)); 1524 1525 for (i = 0; i < band->nchan; i++) { 1526 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) 1527 continue; 1528 1529 chan = band->chan[i]; 1530 1531 if (n == 0) { /* 2GHz band */ 1532 ic->ic_channels[chan].ic_freq = 1533 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 1534 ic->ic_channels[chan].ic_flags = 1535 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 1536 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 1537 1538 } else { /* 5GHz band */ 1539 /* 1540 * Some adapters support channels 7, 8, 11 and 12 1541 * both in the 2GHz and 4.9GHz bands. 1542 * Because of limitations in our net80211 layer, 1543 * we don't support them in the 4.9GHz band. 1544 */ 1545 if (chan <= 14) 1546 continue; 1547 1548 ic->ic_channels[chan].ic_freq = 1549 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 1550 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 1551 /* We have at least one valid 5GHz channel. */ 1552 sc->sc_flags |= IWN_FLAG_HAS_5GHZ; 1553 } 1554 1555 /* Is active scan allowed on this channel? */ 1556 if (!(channels[i].flags & IWN_EEPROM_CHAN_ACTIVE)) { 1557 ic->ic_channels[chan].ic_flags |= 1558 IEEE80211_CHAN_PASSIVE; 1559 } 1560 1561 /* Save maximum allowed TX power for this channel. */ 1562 sc->maxpwr[chan] = channels[i].maxpwr; 1563 1564 DPRINTF(("adding chan %d flags=0x%x maxpwr=%d\n", 1565 chan, channels[i].flags, sc->maxpwr[chan])); 1566 } 1567 } 1568 1569 void 1570 iwn_read_eeprom_enhinfo(struct iwn_softc *sc) 1571 { 1572 struct iwn_eeprom_enhinfo enhinfo[35]; 1573 uint16_t val, base; 1574 int8_t maxpwr; 1575 int i; 1576 1577 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 1578 base = letoh16(val); 1579 iwn_read_prom_data(sc, base + IWN6000_EEPROM_ENHINFO, 1580 enhinfo, sizeof enhinfo); 1581 1582 memset(sc->enh_maxpwr, 0, sizeof sc->enh_maxpwr); 1583 for (i = 0; i < nitems(enhinfo); i++) { 1584 if (enhinfo[i].chan == 0 || enhinfo[i].reserved != 0) 1585 continue; /* Skip invalid entries. */ 1586 1587 maxpwr = 0; 1588 if (sc->txchainmask & IWN_ANT_A) 1589 maxpwr = MAX(maxpwr, enhinfo[i].chain[0]); 1590 if (sc->txchainmask & IWN_ANT_B) 1591 maxpwr = MAX(maxpwr, enhinfo[i].chain[1]); 1592 if (sc->txchainmask & IWN_ANT_C) 1593 maxpwr = MAX(maxpwr, enhinfo[i].chain[2]); 1594 if (sc->ntxchains == 2) 1595 maxpwr = MAX(maxpwr, enhinfo[i].mimo2); 1596 else if (sc->ntxchains == 3) 1597 maxpwr = MAX(maxpwr, enhinfo[i].mimo3); 1598 maxpwr /= 2; /* Convert half-dBm to dBm. */ 1599 1600 DPRINTF(("enhinfo %d, maxpwr=%d\n", i, maxpwr)); 1601 sc->enh_maxpwr[i] = maxpwr; 1602 } 1603 } 1604 1605 struct ieee80211_node * 1606 iwn_node_alloc(struct ieee80211com *ic) 1607 { 1608 return malloc(sizeof (struct iwn_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1609 } 1610 1611 void 1612 iwn_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 1613 { 1614 struct iwn_softc *sc = ic->ic_if.if_softc; 1615 struct iwn_node *wn = (void *)ni; 1616 uint8_t rate; 1617 int ridx, i; 1618 1619 ieee80211_amrr_node_init(&sc->amrr, &wn->amn); 1620 /* Start at lowest available bit-rate, AMRR will raise. */ 1621 ni->ni_txrate = 0; 1622 1623 for (i = 0; i < ni->ni_rates.rs_nrates; i++) { 1624 rate = ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL; 1625 /* Map 802.11 rate to HW rate index. */ 1626 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) 1627 if (iwn_rates[ridx].rate == rate) 1628 break; 1629 wn->ridx[i] = ridx; 1630 } 1631 } 1632 1633 int 1634 iwn_media_change(struct ifnet *ifp) 1635 { 1636 struct iwn_softc *sc = ifp->if_softc; 1637 struct ieee80211com *ic = &sc->sc_ic; 1638 uint8_t rate, ridx; 1639 int error; 1640 1641 error = ieee80211_media_change(ifp); 1642 if (error != ENETRESET) 1643 return error; 1644 1645 if (ic->ic_fixed_rate != -1) { 1646 rate = ic->ic_sup_rates[ic->ic_curmode]. 1647 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1648 /* Map 802.11 rate to HW rate index. */ 1649 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) 1650 if (iwn_rates[ridx].rate == rate) 1651 break; 1652 sc->fixed_ridx = ridx; 1653 } 1654 1655 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1656 (IFF_UP | IFF_RUNNING)) { 1657 iwn_stop(ifp, 0); 1658 error = iwn_init(ifp); 1659 } 1660 return error; 1661 } 1662 1663 int 1664 iwn_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1665 { 1666 struct ifnet *ifp = &ic->ic_if; 1667 struct iwn_softc *sc = ifp->if_softc; 1668 int error; 1669 1670 timeout_del(&sc->calib_to); 1671 1672 switch (nstate) { 1673 case IEEE80211_S_SCAN: 1674 /* Make the link LED blink while we're scanning. */ 1675 iwn_set_led(sc, IWN_LED_LINK, 10, 10); 1676 1677 if ((error = iwn_scan(sc, IEEE80211_CHAN_2GHZ)) != 0) { 1678 printf("%s: could not initiate scan\n", 1679 sc->sc_dev.dv_xname); 1680 return error; 1681 } 1682 ic->ic_state = nstate; 1683 return 0; 1684 1685 case IEEE80211_S_ASSOC: 1686 if (ic->ic_state != IEEE80211_S_RUN) 1687 break; 1688 /* FALLTHROUGH */ 1689 case IEEE80211_S_AUTH: 1690 /* Reset state to handle reassociations correctly. */ 1691 sc->rxon.associd = 0; 1692 sc->rxon.filter &= ~htole32(IWN_FILTER_BSS); 1693 sc->calib.state = IWN_CALIB_STATE_INIT; 1694 1695 if ((error = iwn_auth(sc)) != 0) { 1696 printf("%s: could not move to auth state\n", 1697 sc->sc_dev.dv_xname); 1698 return error; 1699 } 1700 break; 1701 1702 case IEEE80211_S_RUN: 1703 if ((error = iwn_run(sc)) != 0) { 1704 printf("%s: could not move to run state\n", 1705 sc->sc_dev.dv_xname); 1706 return error; 1707 } 1708 break; 1709 1710 case IEEE80211_S_INIT: 1711 sc->calib.state = IWN_CALIB_STATE_INIT; 1712 break; 1713 } 1714 1715 return sc->sc_newstate(ic, nstate, arg); 1716 } 1717 1718 void 1719 iwn_iter_func(void *arg, struct ieee80211_node *ni) 1720 { 1721 struct iwn_softc *sc = arg; 1722 struct iwn_node *wn = (struct iwn_node *)ni; 1723 1724 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 1725 } 1726 1727 void 1728 iwn_calib_timeout(void *arg) 1729 { 1730 struct iwn_softc *sc = arg; 1731 struct ieee80211com *ic = &sc->sc_ic; 1732 int s; 1733 1734 s = splnet(); 1735 if (ic->ic_fixed_rate == -1) { 1736 if (ic->ic_opmode == IEEE80211_M_STA) 1737 iwn_iter_func(sc, ic->ic_bss); 1738 else 1739 ieee80211_iterate_nodes(ic, iwn_iter_func, sc); 1740 } 1741 /* Force automatic TX power calibration every 60 secs. */ 1742 if (++sc->calib_cnt >= 120) { 1743 uint32_t flags = 0; 1744 1745 DPRINTF(("sending request for statistics\n")); 1746 (void)iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, 1747 sizeof flags, 1); 1748 sc->calib_cnt = 0; 1749 } 1750 splx(s); 1751 1752 /* Automatic rate control triggered every 500ms. */ 1753 timeout_add_msec(&sc->calib_to, 500); 1754 } 1755 1756 int 1757 iwn_ccmp_decap(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_key *k) 1758 { 1759 struct ieee80211_frame *wh; 1760 uint64_t pn, *prsc; 1761 uint8_t *ivp; 1762 uint8_t tid; 1763 int hdrlen; 1764 1765 wh = mtod(m, struct ieee80211_frame *); 1766 hdrlen = ieee80211_get_hdrlen(wh); 1767 ivp = (uint8_t *)wh + hdrlen; 1768 1769 /* Check that ExtIV bit is be set. */ 1770 if (!(ivp[3] & IEEE80211_WEP_EXTIV)) { 1771 DPRINTF(("CCMP decap ExtIV not set\n")); 1772 return 1; 1773 } 1774 tid = ieee80211_has_qos(wh) ? 1775 ieee80211_get_qos(wh) & IEEE80211_QOS_TID : 0; 1776 prsc = &k->k_rsc[tid]; 1777 1778 /* Extract the 48-bit PN from the CCMP header. */ 1779 pn = (uint64_t)ivp[0] | 1780 (uint64_t)ivp[1] << 8 | 1781 (uint64_t)ivp[4] << 16 | 1782 (uint64_t)ivp[5] << 24 | 1783 (uint64_t)ivp[6] << 32 | 1784 (uint64_t)ivp[7] << 40; 1785 if (pn <= *prsc) { 1786 /* 1787 * Not necessarily a replayed frame since we did not check 1788 * the sequence number of the 802.11 header yet. 1789 */ 1790 DPRINTF(("CCMP replayed\n")); 1791 return 1; 1792 } 1793 /* Update last seen packet number. */ 1794 *prsc = pn; 1795 1796 /* Clear Protected bit and strip IV. */ 1797 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 1798 ovbcopy(wh, mtod(m, caddr_t) + IEEE80211_CCMP_HDRLEN, hdrlen); 1799 m_adj(m, IEEE80211_CCMP_HDRLEN); 1800 /* Strip MIC. */ 1801 m_adj(m, -IEEE80211_CCMP_MICLEN); 1802 return 0; 1803 } 1804 1805 /* 1806 * Process an RX_PHY firmware notification. This is usually immediately 1807 * followed by an MPDU_RX_DONE notification. 1808 */ 1809 void 1810 iwn_rx_phy(struct iwn_softc *sc, struct iwn_rx_desc *desc, 1811 struct iwn_rx_data *data) 1812 { 1813 struct iwn_rx_stat *stat = (struct iwn_rx_stat *)(desc + 1); 1814 1815 DPRINTFN(2, ("received PHY stats\n")); 1816 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 1817 sizeof (*stat), BUS_DMASYNC_POSTREAD); 1818 1819 /* Save RX statistics, they will be used on MPDU_RX_DONE. */ 1820 memcpy(&sc->last_rx_stat, stat, sizeof (*stat)); 1821 sc->last_rx_valid = 1; 1822 } 1823 1824 /* 1825 * Process an RX_DONE (4965AGN only) or MPDU_RX_DONE firmware notification. 1826 * Each MPDU_RX_DONE notification must be preceded by an RX_PHY one. 1827 */ 1828 void 1829 iwn_rx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 1830 struct iwn_rx_data *data) 1831 { 1832 const struct iwn_hal *hal = sc->sc_hal; 1833 struct ieee80211com *ic = &sc->sc_ic; 1834 struct ifnet *ifp = &ic->ic_if; 1835 struct iwn_rx_ring *ring = &sc->rxq; 1836 struct ieee80211_frame *wh; 1837 struct ieee80211_rxinfo rxi; 1838 struct ieee80211_node *ni; 1839 struct mbuf *m, *m1; 1840 struct iwn_rx_stat *stat; 1841 caddr_t head; 1842 uint32_t flags; 1843 int error, len, rssi; 1844 1845 if (desc->type == IWN_MPDU_RX_DONE) { 1846 /* Check for prior RX_PHY notification. */ 1847 if (!sc->last_rx_valid) { 1848 DPRINTF(("missing RX_PHY\n")); 1849 ifp->if_ierrors++; 1850 return; 1851 } 1852 sc->last_rx_valid = 0; 1853 stat = &sc->last_rx_stat; 1854 } else 1855 stat = (struct iwn_rx_stat *)(desc + 1); 1856 1857 bus_dmamap_sync(sc->sc_dmat, data->map, 0, IWN_RBUF_SIZE, 1858 BUS_DMASYNC_POSTREAD); 1859 1860 if (stat->cfg_phy_len > IWN_STAT_MAXLEN) { 1861 printf("%s: invalid RX statistic header\n", 1862 sc->sc_dev.dv_xname); 1863 ifp->if_ierrors++; 1864 return; 1865 } 1866 if (desc->type == IWN_MPDU_RX_DONE) { 1867 struct iwn_rx_mpdu *mpdu = (struct iwn_rx_mpdu *)(desc + 1); 1868 head = (caddr_t)(mpdu + 1); 1869 len = letoh16(mpdu->len); 1870 } else { 1871 head = (caddr_t)(stat + 1) + stat->cfg_phy_len; 1872 len = letoh16(stat->len); 1873 } 1874 1875 flags = letoh32(*(uint32_t *)(head + len)); 1876 1877 /* Discard frames with a bad FCS early. */ 1878 if ((flags & IWN_RX_NOERROR) != IWN_RX_NOERROR) { 1879 DPRINTFN(2, ("RX flags error %x\n", flags)); 1880 ifp->if_ierrors++; 1881 return; 1882 } 1883 /* Discard frames that are too short. */ 1884 if (len < sizeof (*wh)) { 1885 DPRINTF(("frame too short: %d\n", len)); 1886 ic->ic_stats.is_rx_tooshort++; 1887 ifp->if_ierrors++; 1888 return; 1889 } 1890 1891 m1 = MCLGETI(NULL, M_DONTWAIT, NULL, IWN_RBUF_SIZE); 1892 if (m1 == NULL) { 1893 ic->ic_stats.is_rx_nombuf++; 1894 ifp->if_ierrors++; 1895 return; 1896 } 1897 bus_dmamap_unload(sc->sc_dmat, data->map); 1898 1899 error = bus_dmamap_load(sc->sc_dmat, data->map, mtod(m1, void *), 1900 IWN_RBUF_SIZE, NULL, BUS_DMA_NOWAIT | BUS_DMA_READ); 1901 if (error != 0) { 1902 m_freem(m1); 1903 1904 /* Try to reload the old mbuf. */ 1905 error = bus_dmamap_load(sc->sc_dmat, data->map, 1906 mtod(data->m, void *), IWN_RBUF_SIZE, NULL, 1907 BUS_DMA_NOWAIT | BUS_DMA_READ); 1908 if (error != 0) { 1909 panic("%s: could not load old RX mbuf", 1910 sc->sc_dev.dv_xname); 1911 } 1912 /* Physical address may have changed. */ 1913 ring->desc[ring->cur] = 1914 htole32(data->map->dm_segs[0].ds_addr >> 8); 1915 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 1916 ring->cur * sizeof (uint32_t), sizeof (uint32_t), 1917 BUS_DMASYNC_PREWRITE); 1918 ifp->if_ierrors++; 1919 return; 1920 } 1921 1922 m = data->m; 1923 data->m = m1; 1924 /* Update RX descriptor. */ 1925 ring->desc[ring->cur] = htole32(data->map->dm_segs[0].ds_addr >> 8); 1926 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 1927 ring->cur * sizeof (uint32_t), sizeof (uint32_t), 1928 BUS_DMASYNC_PREWRITE); 1929 1930 /* Finalize mbuf. */ 1931 m->m_pkthdr.rcvif = ifp; 1932 m->m_data = head; 1933 m->m_pkthdr.len = m->m_len = len; 1934 1935 /* Grab a reference to the source node. */ 1936 wh = mtod(m, struct ieee80211_frame *); 1937 ni = ieee80211_find_rxnode(ic, wh); 1938 1939 rxi.rxi_flags = 0; 1940 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) && 1941 !IEEE80211_IS_MULTICAST(wh->i_addr1) && 1942 (ni->ni_flags & IEEE80211_NODE_RXPROT) && 1943 ni->ni_pairwise_key.k_cipher == IEEE80211_CIPHER_CCMP) { 1944 if ((flags & IWN_RX_CIPHER_MASK) != IWN_RX_CIPHER_CCMP) { 1945 ic->ic_stats.is_ccmp_dec_errs++; 1946 ifp->if_ierrors++; 1947 m_freem(m); 1948 return; 1949 } 1950 /* Check whether decryption was successful or not. */ 1951 if ((desc->type == IWN_MPDU_RX_DONE && 1952 (flags & (IWN_RX_MPDU_DEC | IWN_RX_MPDU_MIC_OK)) != 1953 (IWN_RX_MPDU_DEC | IWN_RX_MPDU_MIC_OK)) || 1954 (desc->type != IWN_MPDU_RX_DONE && 1955 (flags & IWN_RX_DECRYPT_MASK) != IWN_RX_DECRYPT_OK)) { 1956 DPRINTF(("CCMP decryption failed 0x%x\n", flags)); 1957 ic->ic_stats.is_ccmp_dec_errs++; 1958 ifp->if_ierrors++; 1959 m_freem(m); 1960 return; 1961 } 1962 if (iwn_ccmp_decap(sc, m, &ni->ni_pairwise_key) != 0) { 1963 ifp->if_ierrors++; 1964 m_freem(m); 1965 return; 1966 } 1967 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1968 } 1969 1970 rssi = hal->get_rssi(stat); 1971 1972 #if NBPFILTER > 0 1973 if (sc->sc_drvbpf != NULL) { 1974 struct mbuf mb; 1975 struct iwn_rx_radiotap_header *tap = &sc->sc_rxtap; 1976 1977 tap->wr_flags = 0; 1978 if (stat->flags & htole16(IWN_STAT_FLAG_SHPREAMBLE)) 1979 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1980 tap->wr_chan_freq = 1981 htole16(ic->ic_channels[stat->chan].ic_freq); 1982 tap->wr_chan_flags = 1983 htole16(ic->ic_channels[stat->chan].ic_flags); 1984 tap->wr_dbm_antsignal = (int8_t)rssi; 1985 tap->wr_dbm_antnoise = (int8_t)sc->noise; 1986 tap->wr_tsft = stat->tstamp; 1987 switch (stat->rate) { 1988 /* CCK rates. */ 1989 case 10: tap->wr_rate = 2; break; 1990 case 20: tap->wr_rate = 4; break; 1991 case 55: tap->wr_rate = 11; break; 1992 case 110: tap->wr_rate = 22; break; 1993 /* OFDM rates. */ 1994 case 0xd: tap->wr_rate = 12; break; 1995 case 0xf: tap->wr_rate = 18; break; 1996 case 0x5: tap->wr_rate = 24; break; 1997 case 0x7: tap->wr_rate = 36; break; 1998 case 0x9: tap->wr_rate = 48; break; 1999 case 0xb: tap->wr_rate = 72; break; 2000 case 0x1: tap->wr_rate = 96; break; 2001 case 0x3: tap->wr_rate = 108; break; 2002 /* Unknown rate: should not happen. */ 2003 default: tap->wr_rate = 0; 2004 } 2005 2006 mb.m_data = (caddr_t)tap; 2007 mb.m_len = sc->sc_rxtap_len; 2008 mb.m_next = m; 2009 mb.m_nextpkt = NULL; 2010 mb.m_type = 0; 2011 mb.m_flags = 0; 2012 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 2013 } 2014 #endif 2015 2016 /* Send the frame to the 802.11 layer. */ 2017 rxi.rxi_rssi = rssi; 2018 rxi.rxi_tstamp = 0; /* unused */ 2019 ieee80211_input(ifp, m, ni, &rxi); 2020 2021 /* Node is no longer needed. */ 2022 ieee80211_release_node(ic, ni); 2023 } 2024 2025 #ifndef IEEE80211_NO_HT 2026 /* Process an incoming Compressed BlockAck. */ 2027 void 2028 iwn_rx_compressed_ba(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2029 struct iwn_rx_data *data) 2030 { 2031 struct iwn_compressed_ba *ba = (struct iwn_compressed_ba *)(desc + 1); 2032 struct iwn_tx_ring *txq; 2033 2034 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), sizeof (*ba), 2035 BUS_DMASYNC_POSTREAD); 2036 2037 txq = &sc->txq[letoh16(ba->qid)]; 2038 /* XXX TBD */ 2039 } 2040 #endif 2041 2042 /* 2043 * Process a CALIBRATION_RESULT notification sent by the initialization 2044 * firmware on response to a CMD_CALIB_CONFIG command (5000 only.) 2045 */ 2046 void 2047 iwn5000_rx_calib_results(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2048 struct iwn_rx_data *data) 2049 { 2050 struct iwn_phy_calib *calib = (struct iwn_phy_calib *)(desc + 1); 2051 int len, idx = -1; 2052 2053 /* Runtime firmware should not send such a notification. */ 2054 if (sc->sc_flags & IWN_FLAG_CALIB_DONE) 2055 return; 2056 2057 len = (letoh32(desc->len) & 0x3fff) - 4; 2058 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), len, 2059 BUS_DMASYNC_POSTREAD); 2060 2061 switch (calib->code) { 2062 case IWN5000_PHY_CALIB_DC: 2063 if (sc->hw_type == IWN_HW_REV_TYPE_5150) 2064 idx = 0; 2065 break; 2066 case IWN5000_PHY_CALIB_LO: 2067 idx = 1; 2068 break; 2069 case IWN5000_PHY_CALIB_TX_IQ: 2070 idx = 2; 2071 break; 2072 case IWN5000_PHY_CALIB_TX_IQ_PERIODIC: 2073 if (sc->hw_type < IWN_HW_REV_TYPE_6000 && 2074 sc->hw_type != IWN_HW_REV_TYPE_5150) 2075 idx = 3; 2076 break; 2077 case IWN5000_PHY_CALIB_BASE_BAND: 2078 idx = 4; 2079 break; 2080 } 2081 if (idx == -1) /* Ignore other results. */ 2082 return; 2083 2084 /* Save calibration result. */ 2085 if (sc->calibcmd[idx].buf != NULL) 2086 free(sc->calibcmd[idx].buf, M_DEVBUF); 2087 sc->calibcmd[idx].buf = malloc(len, M_DEVBUF, M_NOWAIT); 2088 if (sc->calibcmd[idx].buf == NULL) { 2089 DPRINTF(("not enough memory for calibration result %d\n", 2090 calib->code)); 2091 return; 2092 } 2093 DPRINTF(("saving calibration result code=%d len=%d\n", 2094 calib->code, len)); 2095 sc->calibcmd[idx].len = len; 2096 memcpy(sc->calibcmd[idx].buf, calib, len); 2097 } 2098 2099 /* 2100 * Process an RX_STATISTICS or BEACON_STATISTICS firmware notification. 2101 * The latter is sent by the firmware after each received beacon. 2102 */ 2103 void 2104 iwn_rx_statistics(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2105 struct iwn_rx_data *data) 2106 { 2107 const struct iwn_hal *hal = sc->sc_hal; 2108 struct ieee80211com *ic = &sc->sc_ic; 2109 struct iwn_calib_state *calib = &sc->calib; 2110 struct iwn_stats *stats = (struct iwn_stats *)(desc + 1); 2111 int temp; 2112 2113 /* Ignore statistics received during a scan. */ 2114 if (ic->ic_state != IEEE80211_S_RUN) 2115 return; 2116 2117 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2118 sizeof (*stats), BUS_DMASYNC_POSTREAD); 2119 2120 DPRINTFN(3, ("received statistics (cmd=%d)\n", desc->type)); 2121 sc->calib_cnt = 0; /* Reset TX power calibration timeout. */ 2122 2123 /* Test if temperature has changed. */ 2124 if (stats->general.temp != sc->rawtemp) { 2125 /* Convert "raw" temperature to degC. */ 2126 sc->rawtemp = stats->general.temp; 2127 temp = hal->get_temperature(sc); 2128 DPRINTFN(2, ("temperature=%dC\n", temp)); 2129 2130 /* Update temperature sensor. */ 2131 sc->sensor.value = IWN_CTOMUK(temp); 2132 sc->sensor.flags &= ~SENSOR_FINVALID; 2133 2134 /* Update TX power if need be (4965AGN only.) */ 2135 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 2136 iwn4965_power_calibration(sc, temp); 2137 } 2138 2139 if (desc->type != IWN_BEACON_STATISTICS) 2140 return; /* Reply to a statistics request. */ 2141 2142 sc->noise = iwn_get_noise(&stats->rx.general); 2143 2144 /* Test that RSSI and noise are present in stats report. */ 2145 if (letoh32(stats->rx.general.flags) != 1) { 2146 DPRINTF(("received statistics without RSSI\n")); 2147 return; 2148 } 2149 2150 if (calib->state == IWN_CALIB_STATE_ASSOC) 2151 iwn_collect_noise(sc, &stats->rx.general); 2152 else if (calib->state == IWN_CALIB_STATE_RUN) 2153 iwn_tune_sensitivity(sc, &stats->rx); 2154 } 2155 2156 /* 2157 * Process a TX_DONE firmware notification. Unfortunately, the 4965AGN 2158 * and 5000 adapters have different incompatible TX status formats. 2159 */ 2160 void 2161 iwn4965_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2162 struct iwn_rx_data *data) 2163 { 2164 struct iwn4965_tx_stat *stat = (struct iwn4965_tx_stat *)(desc + 1); 2165 2166 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2167 sizeof (*stat), BUS_DMASYNC_POSTREAD); 2168 iwn_tx_done(sc, desc, stat->ackfailcnt, letoh32(stat->status) & 0xff); 2169 } 2170 2171 void 2172 iwn5000_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2173 struct iwn_rx_data *data) 2174 { 2175 struct iwn5000_tx_stat *stat = (struct iwn5000_tx_stat *)(desc + 1); 2176 2177 #ifdef notyet 2178 /* Reset TX scheduler slot. */ 2179 iwn5000_reset_sched(sc, desc->qid & 0xf, desc->idx); 2180 #endif 2181 2182 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2183 sizeof (*stat), BUS_DMASYNC_POSTREAD); 2184 iwn_tx_done(sc, desc, stat->ackfailcnt, letoh16(stat->status) & 0xff); 2185 } 2186 2187 /* 2188 * Adapter-independent backend for TX_DONE firmware notifications. 2189 */ 2190 void 2191 iwn_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, int ackfailcnt, 2192 uint8_t status) 2193 { 2194 struct ieee80211com *ic = &sc->sc_ic; 2195 struct ifnet *ifp = &ic->ic_if; 2196 struct iwn_tx_ring *ring = &sc->txq[desc->qid & 0xf]; 2197 struct iwn_tx_data *data = &ring->data[desc->idx]; 2198 struct iwn_node *wn = (struct iwn_node *)data->ni; 2199 2200 /* Update rate control statistics. */ 2201 wn->amn.amn_txcnt++; 2202 if (ackfailcnt > 0) 2203 wn->amn.amn_retrycnt++; 2204 2205 if (status != 1 && status != 2) 2206 ifp->if_oerrors++; 2207 else 2208 ifp->if_opackets++; 2209 2210 /* Unmap and free mbuf. */ 2211 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 2212 BUS_DMASYNC_POSTWRITE); 2213 bus_dmamap_unload(sc->sc_dmat, data->map); 2214 m_freem(data->m); 2215 data->m = NULL; 2216 ieee80211_release_node(ic, data->ni); 2217 data->ni = NULL; 2218 2219 sc->sc_tx_timer = 0; 2220 if (--ring->queued < IWN_TX_RING_LOMARK) { 2221 sc->qfullmsk &= ~(1 << ring->qid); 2222 if (sc->qfullmsk == 0 && (ifp->if_flags & IFF_OACTIVE)) { 2223 ifp->if_flags &= ~IFF_OACTIVE; 2224 (*ifp->if_start)(ifp); 2225 } 2226 } 2227 } 2228 2229 /* 2230 * Process a "command done" firmware notification. This is where we wakeup 2231 * processes waiting for a synchronous command completion. 2232 */ 2233 void 2234 iwn_cmd_done(struct iwn_softc *sc, struct iwn_rx_desc *desc) 2235 { 2236 struct iwn_tx_ring *ring = &sc->txq[4]; 2237 struct iwn_tx_data *data; 2238 2239 if ((desc->qid & 0xf) != 4) 2240 return; /* Not a command ack. */ 2241 2242 data = &ring->data[desc->idx]; 2243 2244 /* If the command was mapped in an mbuf, free it. */ 2245 if (data->m != NULL) { 2246 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 2247 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 2248 bus_dmamap_unload(sc->sc_dmat, data->map); 2249 m_freem(data->m); 2250 data->m = NULL; 2251 } 2252 wakeup(&ring->desc[desc->idx]); 2253 } 2254 2255 /* 2256 * Process an INT_FH_RX or INT_SW_RX interrupt. 2257 */ 2258 void 2259 iwn_notif_intr(struct iwn_softc *sc) 2260 { 2261 struct ieee80211com *ic = &sc->sc_ic; 2262 struct ifnet *ifp = &ic->ic_if; 2263 uint16_t hw; 2264 2265 bus_dmamap_sync(sc->sc_dmat, sc->rxq.stat_dma.map, 2266 0, sc->rxq.stat_dma.size, BUS_DMASYNC_POSTREAD); 2267 2268 hw = letoh16(sc->rxq.stat->closed_count) & 0xfff; 2269 while (sc->rxq.cur != hw) { 2270 struct iwn_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 2271 struct iwn_rx_desc *desc; 2272 2273 bus_dmamap_sync(sc->sc_dmat, data->map, 0, sizeof (*desc), 2274 BUS_DMASYNC_POSTREAD); 2275 desc = mtod(data->m, struct iwn_rx_desc *); 2276 2277 DPRINTFN(4, ("notification qid=%d idx=%d flags=%x type=%d\n", 2278 desc->qid & 0xf, desc->idx, desc->flags, desc->type)); 2279 2280 if (!(desc->qid & 0x80)) /* Reply to a command. */ 2281 iwn_cmd_done(sc, desc); 2282 2283 switch (desc->type) { 2284 case IWN_RX_PHY: 2285 iwn_rx_phy(sc, desc, data); 2286 break; 2287 2288 case IWN_RX_DONE: /* 4965AGN only. */ 2289 case IWN_MPDU_RX_DONE: 2290 /* An 802.11 frame has been received. */ 2291 iwn_rx_done(sc, desc, data); 2292 break; 2293 #ifndef IEEE80211_NO_HT 2294 case IWN_RX_COMPRESSED_BA: 2295 /* A Compressed BlockAck has been received. */ 2296 iwn_rx_compressed_ba(sc, desc, data); 2297 break; 2298 #endif 2299 case IWN_TX_DONE: 2300 /* An 802.11 frame has been transmitted. */ 2301 sc->sc_hal->tx_done(sc, desc, data); 2302 break; 2303 2304 case IWN_RX_STATISTICS: 2305 case IWN_BEACON_STATISTICS: 2306 iwn_rx_statistics(sc, desc, data); 2307 break; 2308 2309 case IWN_BEACON_MISSED: 2310 { 2311 struct iwn_beacon_missed *miss = 2312 (struct iwn_beacon_missed *)(desc + 1); 2313 2314 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2315 sizeof (*miss), BUS_DMASYNC_POSTREAD); 2316 /* 2317 * If more than 5 consecutive beacons are missed, 2318 * reinitialize the sensitivity state machine. 2319 */ 2320 DPRINTF(("beacons missed %d/%d\n", 2321 letoh32(miss->consecutive), letoh32(miss->total))); 2322 if (ic->ic_state == IEEE80211_S_RUN && 2323 letoh32(miss->consecutive) > 5) 2324 (void)iwn_init_sensitivity(sc); 2325 break; 2326 } 2327 case IWN_UC_READY: 2328 { 2329 struct iwn_ucode_info *uc = 2330 (struct iwn_ucode_info *)(desc + 1); 2331 2332 /* The microcontroller is ready. */ 2333 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2334 sizeof (*uc), BUS_DMASYNC_POSTREAD); 2335 DPRINTF(("microcode alive notification version=%d.%d " 2336 "subtype=%x alive=%x\n", uc->major, uc->minor, 2337 uc->subtype, letoh32(uc->valid))); 2338 2339 if (letoh32(uc->valid) != 1) { 2340 printf("%s: microcontroller initialization " 2341 "failed\n", sc->sc_dev.dv_xname); 2342 break; 2343 } 2344 if (uc->subtype == IWN_UCODE_INIT) { 2345 /* Save microcontroller report. */ 2346 memcpy(&sc->ucode_info, uc, sizeof (*uc)); 2347 } 2348 /* Save the address of the error log in SRAM. */ 2349 sc->errptr = letoh32(uc->errptr); 2350 break; 2351 } 2352 case IWN_STATE_CHANGED: 2353 { 2354 uint32_t *status = (uint32_t *)(desc + 1); 2355 2356 /* Enabled/disabled notification. */ 2357 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2358 sizeof (*status), BUS_DMASYNC_POSTREAD); 2359 DPRINTF(("state changed to %x\n", letoh32(*status))); 2360 2361 if (letoh32(*status) & 1) { 2362 /* The radio button has to be pushed. */ 2363 printf("%s: Radio transmitter is off\n", 2364 sc->sc_dev.dv_xname); 2365 /* Turn the interface down. */ 2366 ifp->if_flags &= ~IFF_UP; 2367 iwn_stop(ifp, 1); 2368 return; /* No further processing. */ 2369 } 2370 break; 2371 } 2372 case IWN_START_SCAN: 2373 { 2374 struct iwn_start_scan *scan = 2375 (struct iwn_start_scan *)(desc + 1); 2376 2377 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2378 sizeof (*scan), BUS_DMASYNC_POSTREAD); 2379 DPRINTFN(2, ("scanning channel %d status %x\n", 2380 scan->chan, letoh32(scan->status))); 2381 2382 /* Fix current channel. */ 2383 ic->ic_bss->ni_chan = &ic->ic_channels[scan->chan]; 2384 break; 2385 } 2386 case IWN_STOP_SCAN: 2387 { 2388 struct iwn_stop_scan *scan = 2389 (struct iwn_stop_scan *)(desc + 1); 2390 2391 bus_dmamap_sync(sc->sc_dmat, data->map, sizeof (*desc), 2392 sizeof (*scan), BUS_DMASYNC_POSTREAD); 2393 DPRINTF(("scan finished nchan=%d status=%d chan=%d\n", 2394 scan->nchan, scan->status, scan->chan)); 2395 2396 if (scan->status == 1 && scan->chan <= 14 && 2397 (sc->sc_flags & IWN_FLAG_HAS_5GHZ)) { 2398 /* 2399 * We just finished scanning 2GHz channels, 2400 * start scanning 5GHz ones. 2401 */ 2402 if (iwn_scan(sc, IEEE80211_CHAN_5GHZ) == 0) 2403 break; 2404 } 2405 ieee80211_end_scan(ifp); 2406 break; 2407 } 2408 case IWN5000_CALIBRATION_RESULT: 2409 iwn5000_rx_calib_results(sc, desc, data); 2410 break; 2411 2412 case IWN5000_CALIBRATION_DONE: 2413 sc->sc_flags |= IWN_FLAG_CALIB_DONE; 2414 wakeup(sc); 2415 break; 2416 } 2417 2418 sc->rxq.cur = (sc->rxq.cur + 1) % IWN_RX_RING_COUNT; 2419 } 2420 2421 /* Tell the firmware what we have processed. */ 2422 hw = (hw == 0) ? IWN_RX_RING_COUNT - 1 : hw - 1; 2423 IWN_WRITE(sc, IWN_FH_RX_WPTR, hw & ~7); 2424 } 2425 2426 /* 2427 * Process an INT_WAKEUP interrupt raised when the microcontroller wakes up 2428 * from power-down sleep mode. 2429 */ 2430 void 2431 iwn_wakeup_intr(struct iwn_softc *sc) 2432 { 2433 int qid; 2434 2435 DPRINTF(("ucode wakeup from power-down sleep\n")); 2436 2437 /* Wakeup RX and TX rings. */ 2438 IWN_WRITE(sc, IWN_FH_RX_WPTR, sc->rxq.cur & ~7); 2439 for (qid = 0; qid < sc->sc_hal->ntxqs; qid++) { 2440 struct iwn_tx_ring *ring = &sc->txq[qid]; 2441 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | ring->cur); 2442 } 2443 } 2444 2445 /* 2446 * Dump the error log of the firmware when a firmware panic occurs. Although 2447 * we can't debug the firmware because it is neither open source nor free, it 2448 * can help us to identify certain classes of problems. 2449 */ 2450 void 2451 iwn_fatal_intr(struct iwn_softc *sc) 2452 { 2453 const struct iwn_hal *hal = sc->sc_hal; 2454 struct iwn_fw_dump dump; 2455 int i; 2456 2457 /* Force a complete recalibration on next init. */ 2458 sc->sc_flags &= ~IWN_FLAG_CALIB_DONE; 2459 2460 /* Check that the error log address is valid. */ 2461 if (sc->errptr < IWN_FW_DATA_BASE || 2462 sc->errptr + sizeof (dump) > 2463 IWN_FW_DATA_BASE + hal->fw_data_maxsz) { 2464 printf("%s: bad firmware error log address 0x%08x\n", 2465 sc->sc_dev.dv_xname, sc->errptr); 2466 return; 2467 } 2468 if (iwn_nic_lock(sc) != 0) { 2469 printf("%s: could not read firmware error log\n", 2470 sc->sc_dev.dv_xname); 2471 return; 2472 } 2473 /* Read firmware error log from SRAM. */ 2474 iwn_mem_read_region_4(sc, sc->errptr, (uint32_t *)&dump, 2475 sizeof (dump) / sizeof (uint32_t)); 2476 iwn_nic_unlock(sc); 2477 2478 if (dump.valid == 0) { 2479 printf("%s: firmware error log is empty\n", 2480 sc->sc_dev.dv_xname); 2481 return; 2482 } 2483 printf("firmware error log:\n"); 2484 printf(" error type = \"%s\" (0x%08X)\n", 2485 (dump.id < nitems(iwn_fw_errmsg)) ? 2486 iwn_fw_errmsg[dump.id] : "UNKNOWN", 2487 dump.id); 2488 printf(" program counter = 0x%08X\n", dump.pc); 2489 printf(" source line = 0x%08X\n", dump.src_line); 2490 printf(" error data = 0x%08X%08X\n", 2491 dump.error_data[0], dump.error_data[1]); 2492 printf(" branch link = 0x%08X%08X\n", 2493 dump.branch_link[0], dump.branch_link[1]); 2494 printf(" interrupt link = 0x%08X%08X\n", 2495 dump.interrupt_link[0], dump.interrupt_link[1]); 2496 printf(" time = %u\n", dump.time[0]); 2497 2498 /* Dump driver status (TX and RX rings) while we're here. */ 2499 printf("driver status:\n"); 2500 for (i = 0; i < hal->ntxqs; i++) { 2501 struct iwn_tx_ring *ring = &sc->txq[i]; 2502 printf(" tx ring %2d: qid=%-2d cur=%-3d queued=%-3d\n", 2503 i, ring->qid, ring->cur, ring->queued); 2504 } 2505 printf(" rx ring: cur=%d\n", sc->rxq.cur); 2506 printf(" 802.11 state %d\n", sc->sc_ic.ic_state); 2507 } 2508 2509 int 2510 iwn_intr(void *arg) 2511 { 2512 struct iwn_softc *sc = arg; 2513 struct ifnet *ifp = &sc->sc_ic.ic_if; 2514 uint32_t r1, r2, tmp; 2515 2516 /* Disable interrupts. */ 2517 IWN_WRITE(sc, IWN_INT_MASK, 0); 2518 2519 /* Read interrupts from ICT (fast) or from registers (slow). */ 2520 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 2521 tmp = 0; 2522 while (sc->ict[sc->ict_cur] != 0) { 2523 tmp |= sc->ict[sc->ict_cur]; 2524 sc->ict[sc->ict_cur] = 0; /* Acknowledge. */ 2525 sc->ict_cur = (sc->ict_cur + 1) % IWN_ICT_COUNT; 2526 } 2527 tmp = letoh32(tmp); 2528 if (tmp == 0xffffffff) 2529 tmp = 0; /* Shouldn't happen. */ 2530 r1 = (tmp & 0xff00) << 16 | (tmp & 0xff); 2531 r2 = 0; /* Unused. */ 2532 } else { 2533 r1 = IWN_READ(sc, IWN_INT); 2534 if (r1 == 0xffffffff || (r1 & 0xfffffff0) == 0xa5a5a5a0) 2535 return 0; /* Hardware gone! */ 2536 r2 = IWN_READ(sc, IWN_FH_INT); 2537 } 2538 if (r1 == 0 && r2 == 0) { 2539 if (ifp->if_flags & IFF_UP) 2540 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 2541 return 0; /* Interrupt not for us. */ 2542 } 2543 2544 /* Acknowledge interrupts. */ 2545 IWN_WRITE(sc, IWN_INT, r1); 2546 if (!(sc->sc_flags & IWN_FLAG_USE_ICT)) 2547 IWN_WRITE(sc, IWN_FH_INT, r2); 2548 2549 if (r1 & IWN_INT_RF_TOGGLED) { 2550 tmp = IWN_READ(sc, IWN_GP_CNTRL); 2551 printf("%s: RF switch: radio %s\n", sc->sc_dev.dv_xname, 2552 (tmp & IWN_GP_CNTRL_RFKILL) ? "enabled" : "disabled"); 2553 } 2554 if (r1 & IWN_INT_CT_REACHED) { 2555 printf("%s: critical temperature reached!\n", 2556 sc->sc_dev.dv_xname); 2557 } 2558 if (r1 & (IWN_INT_SW_ERR | IWN_INT_HW_ERR)) { 2559 printf("%s: fatal firmware error\n", sc->sc_dev.dv_xname); 2560 /* Dump firmware error log and stop. */ 2561 iwn_fatal_intr(sc); 2562 ifp->if_flags &= ~IFF_UP; 2563 iwn_stop(ifp, 1); 2564 return 1; 2565 } 2566 if ((r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX | IWN_INT_RX_PERIODIC)) || 2567 (r2 & IWN_FH_INT_RX)) { 2568 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 2569 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) 2570 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_RX); 2571 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 2572 IWN_INT_PERIODIC_DIS); 2573 iwn_notif_intr(sc); 2574 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) { 2575 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 2576 IWN_INT_PERIODIC_ENA); 2577 } 2578 } else 2579 iwn_notif_intr(sc); 2580 } 2581 2582 if ((r1 & IWN_INT_FH_TX) || (r2 & IWN_FH_INT_TX)) { 2583 if (sc->sc_flags & IWN_FLAG_USE_ICT) 2584 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_TX); 2585 wakeup(sc); /* FH DMA transfer completed. */ 2586 } 2587 2588 if (r1 & IWN_INT_ALIVE) 2589 wakeup(sc); /* Firmware is alive. */ 2590 2591 if (r1 & IWN_INT_WAKEUP) 2592 iwn_wakeup_intr(sc); 2593 2594 /* Re-enable interrupts. */ 2595 if (ifp->if_flags & IFF_UP) 2596 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 2597 2598 return 1; 2599 } 2600 2601 /* 2602 * Update TX scheduler ring when transmitting an 802.11 frame (4965AGN and 2603 * 5000 adapters use a slightly different format.) 2604 */ 2605 void 2606 iwn4965_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 2607 uint16_t len) 2608 { 2609 uint16_t *w = &sc->sched[qid * IWN4965_SCHED_COUNT + idx]; 2610 2611 *w = htole16(len + 8); 2612 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2613 (caddr_t)w - sc->sched_dma.vaddr, sizeof (uint16_t), 2614 BUS_DMASYNC_PREWRITE); 2615 if (idx < IWN_SCHED_WINSZ) { 2616 *(w + IWN_TX_RING_COUNT) = *w; 2617 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2618 (caddr_t)(w + IWN_TX_RING_COUNT) - sc->sched_dma.vaddr, 2619 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2620 } 2621 } 2622 2623 void 2624 iwn5000_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 2625 uint16_t len) 2626 { 2627 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 2628 2629 *w = htole16(id << 12 | (len + 8)); 2630 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2631 (caddr_t)w - sc->sched_dma.vaddr, sizeof (uint16_t), 2632 BUS_DMASYNC_PREWRITE); 2633 if (idx < IWN_SCHED_WINSZ) { 2634 *(w + IWN_TX_RING_COUNT) = *w; 2635 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2636 (caddr_t)(w + IWN_TX_RING_COUNT) - sc->sched_dma.vaddr, 2637 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2638 } 2639 } 2640 2641 void 2642 iwn5000_reset_sched(struct iwn_softc *sc, int qid, int idx) 2643 { 2644 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 2645 2646 *w = (*w & htole16(0xf000)) | htole16(1); 2647 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2648 (caddr_t)w - sc->sched_dma.vaddr, sizeof (uint16_t), 2649 BUS_DMASYNC_PREWRITE); 2650 if (idx < IWN_SCHED_WINSZ) { 2651 *(w + IWN_TX_RING_COUNT) = *w; 2652 bus_dmamap_sync(sc->sc_dmat, sc->sched_dma.map, 2653 (caddr_t)(w + IWN_TX_RING_COUNT) - sc->sched_dma.vaddr, 2654 sizeof (uint16_t), BUS_DMASYNC_PREWRITE); 2655 } 2656 } 2657 2658 int 2659 iwn_tx(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2660 { 2661 const struct iwn_hal *hal = sc->sc_hal; 2662 struct ieee80211com *ic = &sc->sc_ic; 2663 struct iwn_node *wn = (void *)ni; 2664 struct iwn_tx_ring *ring; 2665 struct iwn_tx_desc *desc; 2666 struct iwn_tx_data *data; 2667 struct iwn_tx_cmd *cmd; 2668 struct iwn_cmd_data *tx; 2669 const struct iwn_rate *rinfo; 2670 struct ieee80211_frame *wh; 2671 struct ieee80211_key *k = NULL; 2672 struct mbuf *m1; 2673 enum ieee80211_edca_ac ac; 2674 uint32_t flags; 2675 uint16_t qos; 2676 u_int hdrlen; 2677 bus_dma_segment_t *seg; 2678 uint8_t *ivp, tid, ridx, txant, type; 2679 int i, totlen, hasqos, error, pad; 2680 2681 wh = mtod(m, struct ieee80211_frame *); 2682 hdrlen = ieee80211_get_hdrlen(wh); 2683 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2684 2685 /* Select EDCA Access Category and TX ring for this frame. */ 2686 if ((hasqos = ieee80211_has_qos(wh))) { 2687 qos = ieee80211_get_qos(wh); 2688 tid = qos & IEEE80211_QOS_TID; 2689 ac = ieee80211_up_to_ac(ic, tid); 2690 } else { 2691 tid = 0; 2692 ac = EDCA_AC_BE; 2693 } 2694 2695 ring = &sc->txq[ac]; 2696 desc = &ring->desc[ring->cur]; 2697 data = &ring->data[ring->cur]; 2698 2699 /* Choose a TX rate index. */ 2700 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2701 type != IEEE80211_FC0_TYPE_DATA) { 2702 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2703 IWN_RIDX_OFDM6 : IWN_RIDX_CCK1; 2704 } else if (ic->ic_fixed_rate != -1) { 2705 ridx = sc->fixed_ridx; 2706 } else 2707 ridx = wn->ridx[ni->ni_txrate]; 2708 rinfo = &iwn_rates[ridx]; 2709 2710 #if NBPFILTER > 0 2711 if (sc->sc_drvbpf != NULL) { 2712 struct mbuf mb; 2713 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 2714 2715 tap->wt_flags = 0; 2716 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 2717 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 2718 tap->wt_rate = rinfo->rate; 2719 tap->wt_hwqueue = ac; 2720 if ((ic->ic_flags & IEEE80211_F_WEPON) && 2721 (wh->i_fc[1] & IEEE80211_FC1_PROTECTED)) 2722 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2723 2724 mb.m_data = (caddr_t)tap; 2725 mb.m_len = sc->sc_txtap_len; 2726 mb.m_next = m; 2727 mb.m_nextpkt = NULL; 2728 mb.m_type = 0; 2729 mb.m_flags = 0; 2730 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 2731 } 2732 #endif 2733 2734 totlen = m->m_pkthdr.len; 2735 2736 /* Encrypt the frame if need be. */ 2737 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2738 /* Retrieve key for TX. */ 2739 k = ieee80211_get_txkey(ic, wh, ni); 2740 if (k->k_cipher != IEEE80211_CIPHER_CCMP) { 2741 /* Do software encryption. */ 2742 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) 2743 return ENOBUFS; 2744 /* 802.11 header may have moved. */ 2745 wh = mtod(m, struct ieee80211_frame *); 2746 totlen = m->m_pkthdr.len; 2747 2748 } else /* HW appends CCMP MIC. */ 2749 totlen += IEEE80211_CCMP_HDRLEN; 2750 } 2751 2752 /* Prepare TX firmware command. */ 2753 cmd = &ring->cmd[ring->cur]; 2754 cmd->code = IWN_CMD_TX_DATA; 2755 cmd->flags = 0; 2756 cmd->qid = ring->qid; 2757 cmd->idx = ring->cur; 2758 2759 tx = (struct iwn_cmd_data *)cmd->data; 2760 /* NB: No need to clear tx, all fields are reinitialized here. */ 2761 tx->scratch = 0; /* clear "scratch" area */ 2762 2763 flags = 0; 2764 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 2765 /* Unicast frame, check if an ACK is expected. */ 2766 if (!hasqos || (qos & IEEE80211_QOS_ACK_POLICY_MASK) != 2767 IEEE80211_QOS_ACK_POLICY_NOACK) 2768 flags |= IWN_TX_NEED_ACK; 2769 } 2770 if ((wh->i_fc[0] & 2771 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 2772 (IEEE80211_FC0_TYPE_CTL | IEEE80211_FC0_SUBTYPE_BAR)) 2773 flags |= IWN_TX_IMM_BA; /* Cannot happen yet. */ 2774 2775 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) 2776 flags |= IWN_TX_MORE_FRAG; /* Cannot happen yet. */ 2777 2778 /* Check if frame must be protected using RTS/CTS or CTS-to-self. */ 2779 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 2780 /* NB: Group frames are sent using CCK in 802.11b/g. */ 2781 if (totlen + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) { 2782 flags |= IWN_TX_NEED_RTS; 2783 } else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 2784 ridx >= IWN_RIDX_OFDM6) { 2785 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 2786 flags |= IWN_TX_NEED_CTS; 2787 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 2788 flags |= IWN_TX_NEED_RTS; 2789 } 2790 if (flags & (IWN_TX_NEED_RTS | IWN_TX_NEED_CTS)) { 2791 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 2792 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 2793 flags &= ~(IWN_TX_NEED_RTS | IWN_TX_NEED_CTS); 2794 flags |= IWN_TX_NEED_PROTECTION; 2795 } else 2796 flags |= IWN_TX_FULL_TXOP; 2797 } 2798 } 2799 2800 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2801 type != IEEE80211_FC0_TYPE_DATA) 2802 tx->id = hal->broadcast_id; 2803 else 2804 tx->id = wn->id; 2805 2806 if (type == IEEE80211_FC0_TYPE_MGT) { 2807 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2808 2809 #ifndef IEEE80211_STA_ONLY 2810 /* Tell HW to set timestamp in probe responses. */ 2811 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 2812 flags |= IWN_TX_INSERT_TSTAMP; 2813 #endif 2814 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 2815 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 2816 tx->timeout = htole16(3); 2817 else 2818 tx->timeout = htole16(2); 2819 } else 2820 tx->timeout = htole16(0); 2821 2822 if (hdrlen & 3) { 2823 /* First segment length must be a multiple of 4. */ 2824 flags |= IWN_TX_NEED_PADDING; 2825 pad = 4 - (hdrlen & 3); 2826 } else 2827 pad = 0; 2828 2829 tx->len = htole16(totlen); 2830 tx->tid = tid; 2831 tx->rts_ntries = 60; 2832 tx->data_ntries = 15; 2833 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 2834 tx->plcp = rinfo->plcp; 2835 tx->rflags = rinfo->flags; 2836 if (tx->id == hal->broadcast_id) { 2837 /* Group or management frame. */ 2838 tx->linkq = 0; 2839 /* XXX Alternate between antenna A and B? */ 2840 txant = IWN_LSB(sc->txchainmask); 2841 tx->rflags |= IWN_RFLAG_ANT(txant); 2842 } else { 2843 tx->linkq = ni->ni_rates.rs_nrates - ni->ni_txrate - 1; 2844 flags |= IWN_TX_LINKQ; /* enable MRR */ 2845 } 2846 /* Set physical address of "scratch area". */ 2847 tx->loaddr = htole32(IWN_LOADDR(data->scratch_paddr)); 2848 tx->hiaddr = IWN_HIADDR(data->scratch_paddr); 2849 2850 /* Copy 802.11 header in TX command. */ 2851 memcpy((uint8_t *)(tx + 1), wh, hdrlen); 2852 2853 if (k != NULL && k->k_cipher == IEEE80211_CIPHER_CCMP) { 2854 /* Trim 802.11 header and prepend CCMP IV. */ 2855 m_adj(m, hdrlen - IEEE80211_CCMP_HDRLEN); 2856 ivp = mtod(m, uint8_t *); 2857 k->k_tsc++; 2858 ivp[0] = k->k_tsc; 2859 ivp[1] = k->k_tsc >> 8; 2860 ivp[2] = 0; 2861 ivp[3] = k->k_id << 6 | IEEE80211_WEP_EXTIV; 2862 ivp[4] = k->k_tsc >> 16; 2863 ivp[5] = k->k_tsc >> 24; 2864 ivp[6] = k->k_tsc >> 32; 2865 ivp[7] = k->k_tsc >> 40; 2866 2867 tx->security = IWN_CIPHER_CCMP; 2868 /* XXX flags |= IWN_TX_AMPDU_CCMP; */ 2869 memcpy(tx->key, k->k_key, k->k_len); 2870 2871 /* TX scheduler includes CCMP MIC len w/5000 Series. */ 2872 if (sc->hw_type != IWN_HW_REV_TYPE_4965) 2873 totlen += IEEE80211_CCMP_MICLEN; 2874 } else { 2875 /* Trim 802.11 header. */ 2876 m_adj(m, hdrlen); 2877 tx->security = 0; 2878 } 2879 tx->flags = htole32(flags); 2880 2881 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 2882 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 2883 if (error != 0) { 2884 if (error != EFBIG) { 2885 printf("%s: can't map mbuf (error %d)\n", 2886 sc->sc_dev.dv_xname, error); 2887 m_freem(m); 2888 return error; 2889 } 2890 /* Too many DMA segments, linearize mbuf. */ 2891 MGETHDR(m1, M_DONTWAIT, MT_DATA); 2892 if (m1 == NULL) { 2893 m_freem(m); 2894 return ENOBUFS; 2895 } 2896 if (m->m_pkthdr.len > MHLEN) { 2897 MCLGET(m1, M_DONTWAIT); 2898 if (!(m1->m_flags & M_EXT)) { 2899 m_freem(m); 2900 m_freem(m1); 2901 return ENOBUFS; 2902 } 2903 } 2904 m_copydata(m, 0, m->m_pkthdr.len, mtod(m1, caddr_t)); 2905 m1->m_pkthdr.len = m1->m_len = m->m_pkthdr.len; 2906 m_freem(m); 2907 m = m1; 2908 2909 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 2910 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 2911 if (error != 0) { 2912 printf("%s: can't map mbuf (error %d)\n", 2913 sc->sc_dev.dv_xname, error); 2914 m_freem(m); 2915 return error; 2916 } 2917 } 2918 2919 data->m = m; 2920 data->ni = ni; 2921 2922 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 2923 ring->qid, ring->cur, m->m_pkthdr.len, data->map->dm_nsegs)); 2924 2925 /* Fill TX descriptor. */ 2926 desc->nsegs = 1 + data->map->dm_nsegs; 2927 /* First DMA segment is used by the TX command. */ 2928 desc->segs[0].addr = htole32(IWN_LOADDR(data->cmd_paddr)); 2929 desc->segs[0].len = htole16(IWN_HIADDR(data->cmd_paddr) | 2930 (4 + sizeof (*tx) + hdrlen + pad) << 4); 2931 /* Other DMA segments are for data payload. */ 2932 seg = data->map->dm_segs; 2933 for (i = 1; i <= data->map->dm_nsegs; i++) { 2934 desc->segs[i].addr = htole32(IWN_LOADDR(seg->ds_addr)); 2935 desc->segs[i].len = htole16(IWN_HIADDR(seg->ds_addr) | 2936 seg->ds_len << 4); 2937 seg++; 2938 } 2939 2940 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 2941 BUS_DMASYNC_PREWRITE); 2942 bus_dmamap_sync(sc->sc_dmat, ring->cmd_dma.map, 2943 (caddr_t)cmd - ring->cmd_dma.vaddr, sizeof (*cmd), 2944 BUS_DMASYNC_PREWRITE); 2945 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 2946 (caddr_t)desc - ring->desc_dma.vaddr, sizeof (*desc), 2947 BUS_DMASYNC_PREWRITE); 2948 2949 #ifdef notyet 2950 /* Update TX scheduler. */ 2951 hal->update_sched(sc, ring->qid, ring->cur, tx->id, totlen); 2952 #endif 2953 2954 /* Kick TX ring. */ 2955 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 2956 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 2957 2958 /* Mark TX ring as full if we reach a certain threshold. */ 2959 if (++ring->queued > IWN_TX_RING_HIMARK) 2960 sc->qfullmsk |= 1 << ring->qid; 2961 2962 return 0; 2963 } 2964 2965 void 2966 iwn_start(struct ifnet *ifp) 2967 { 2968 struct iwn_softc *sc = ifp->if_softc; 2969 struct ieee80211com *ic = &sc->sc_ic; 2970 struct ieee80211_node *ni; 2971 struct mbuf *m; 2972 2973 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2974 return; 2975 2976 for (;;) { 2977 if (sc->qfullmsk != 0) { 2978 ifp->if_flags |= IFF_OACTIVE; 2979 break; 2980 } 2981 /* Send pending management frames first. */ 2982 IF_DEQUEUE(&ic->ic_mgtq, m); 2983 if (m != NULL) { 2984 ni = (void *)m->m_pkthdr.rcvif; 2985 goto sendit; 2986 } 2987 if (ic->ic_state != IEEE80211_S_RUN) 2988 break; 2989 2990 /* Encapsulate and send data frames. */ 2991 IFQ_DEQUEUE(&ifp->if_snd, m); 2992 if (m == NULL) 2993 break; 2994 #if NBPFILTER > 0 2995 if (ifp->if_bpf != NULL) 2996 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 2997 #endif 2998 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) 2999 continue; 3000 sendit: 3001 #if NBPFILTER > 0 3002 if (ic->ic_rawbpf != NULL) 3003 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 3004 #endif 3005 if (iwn_tx(sc, m, ni) != 0) { 3006 ieee80211_release_node(ic, ni); 3007 ifp->if_oerrors++; 3008 continue; 3009 } 3010 3011 sc->sc_tx_timer = 5; 3012 ifp->if_timer = 1; 3013 } 3014 } 3015 3016 void 3017 iwn_watchdog(struct ifnet *ifp) 3018 { 3019 struct iwn_softc *sc = ifp->if_softc; 3020 3021 ifp->if_timer = 0; 3022 3023 if (sc->sc_tx_timer > 0) { 3024 if (--sc->sc_tx_timer == 0) { 3025 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 3026 ifp->if_flags &= ~IFF_UP; 3027 iwn_stop(ifp, 1); 3028 ifp->if_oerrors++; 3029 return; 3030 } 3031 ifp->if_timer = 1; 3032 } 3033 3034 ieee80211_watchdog(ifp); 3035 } 3036 3037 int 3038 iwn_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3039 { 3040 struct iwn_softc *sc = ifp->if_softc; 3041 struct ieee80211com *ic = &sc->sc_ic; 3042 struct ifaddr *ifa; 3043 struct ifreq *ifr; 3044 int s, error = 0; 3045 3046 s = splnet(); 3047 3048 switch (cmd) { 3049 case SIOCSIFADDR: 3050 ifa = (struct ifaddr *)data; 3051 ifp->if_flags |= IFF_UP; 3052 #ifdef INET 3053 if (ifa->ifa_addr->sa_family == AF_INET) 3054 arp_ifinit(&ic->ic_ac, ifa); 3055 #endif 3056 /* FALLTHROUGH */ 3057 case SIOCSIFFLAGS: 3058 if (ifp->if_flags & IFF_UP) { 3059 if (!(ifp->if_flags & IFF_RUNNING)) 3060 error = iwn_init(ifp); 3061 } else { 3062 if (ifp->if_flags & IFF_RUNNING) 3063 iwn_stop(ifp, 1); 3064 } 3065 break; 3066 3067 case SIOCADDMULTI: 3068 case SIOCDELMULTI: 3069 ifr = (struct ifreq *)data; 3070 error = (cmd == SIOCADDMULTI) ? 3071 ether_addmulti(ifr, &ic->ic_ac) : 3072 ether_delmulti(ifr, &ic->ic_ac); 3073 3074 if (error == ENETRESET) 3075 error = 0; 3076 break; 3077 3078 case SIOCS80211POWER: 3079 error = ieee80211_ioctl(ifp, cmd, data); 3080 if (error != ENETRESET) 3081 break; 3082 if (ic->ic_state == IEEE80211_S_RUN && 3083 sc->calib.state == IWN_CALIB_STATE_RUN) { 3084 if (ic->ic_flags & IEEE80211_F_PMGTON) 3085 error = iwn_set_pslevel(sc, 0, 3, 0); 3086 else /* back to CAM */ 3087 error = iwn_set_pslevel(sc, 0, 0, 0); 3088 } else { 3089 /* Defer until transition to IWN_CALIB_STATE_RUN. */ 3090 error = 0; 3091 } 3092 break; 3093 3094 default: 3095 error = ieee80211_ioctl(ifp, cmd, data); 3096 } 3097 3098 if (error == ENETRESET) { 3099 error = 0; 3100 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 3101 (IFF_UP | IFF_RUNNING)) { 3102 iwn_stop(ifp, 0); 3103 error = iwn_init(ifp); 3104 } 3105 } 3106 splx(s); 3107 return error; 3108 } 3109 3110 /* 3111 * Send a command to the firmware. 3112 */ 3113 int 3114 iwn_cmd(struct iwn_softc *sc, int code, const void *buf, int size, int async) 3115 { 3116 struct iwn_tx_ring *ring = &sc->txq[4]; 3117 struct iwn_tx_desc *desc; 3118 struct iwn_tx_data *data; 3119 struct iwn_tx_cmd *cmd; 3120 struct mbuf *m; 3121 bus_addr_t paddr; 3122 int totlen, error; 3123 3124 desc = &ring->desc[ring->cur]; 3125 data = &ring->data[ring->cur]; 3126 totlen = 4 + size; 3127 3128 if (size > sizeof cmd->data) { 3129 /* Command is too large to fit in a descriptor. */ 3130 if (totlen > MCLBYTES) 3131 return EINVAL; 3132 MGETHDR(m, M_DONTWAIT, MT_DATA); 3133 if (m == NULL) 3134 return ENOMEM; 3135 if (totlen > MHLEN) { 3136 MCLGET(m, M_DONTWAIT); 3137 if (!(m->m_flags & M_EXT)) { 3138 m_freem(m); 3139 return ENOMEM; 3140 } 3141 } 3142 cmd = mtod(m, struct iwn_tx_cmd *); 3143 error = bus_dmamap_load(sc->sc_dmat, data->map, cmd, totlen, 3144 NULL, BUS_DMA_NOWAIT | BUS_DMA_WRITE); 3145 if (error != 0) { 3146 m_freem(m); 3147 return error; 3148 } 3149 data->m = m; 3150 paddr = data->map->dm_segs[0].ds_addr; 3151 } else { 3152 cmd = &ring->cmd[ring->cur]; 3153 paddr = data->cmd_paddr; 3154 } 3155 3156 cmd->code = code; 3157 cmd->flags = 0; 3158 cmd->qid = ring->qid; 3159 cmd->idx = ring->cur; 3160 memcpy(cmd->data, buf, size); 3161 3162 desc->nsegs = 1; 3163 desc->segs[0].addr = htole32(IWN_LOADDR(paddr)); 3164 desc->segs[0].len = htole16(IWN_HIADDR(paddr) | totlen << 4); 3165 3166 if (size > sizeof cmd->data) { 3167 bus_dmamap_sync(sc->sc_dmat, data->map, 0, totlen, 3168 BUS_DMASYNC_PREWRITE); 3169 } else { 3170 bus_dmamap_sync(sc->sc_dmat, ring->cmd_dma.map, 3171 (caddr_t)cmd - ring->cmd_dma.vaddr, totlen, 3172 BUS_DMASYNC_PREWRITE); 3173 } 3174 bus_dmamap_sync(sc->sc_dmat, ring->desc_dma.map, 3175 (caddr_t)desc - ring->desc_dma.vaddr, sizeof (*desc), 3176 BUS_DMASYNC_PREWRITE); 3177 3178 #ifdef notyet 3179 /* Update TX scheduler. */ 3180 sc->sc_hal->update_sched(sc, ring->qid, ring->cur, 0, 0); 3181 #endif 3182 3183 /* Kick command ring. */ 3184 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 3185 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 3186 3187 return async ? 0 : tsleep(desc, PCATCH, "iwncmd", hz); 3188 } 3189 3190 int 3191 iwn4965_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 3192 { 3193 struct iwn4965_node_info hnode; 3194 caddr_t src, dst; 3195 3196 /* 3197 * We use the node structure for 5000 Series internally (it is 3198 * a superset of the one for 4965AGN). We thus copy the common 3199 * fields before sending the command. 3200 */ 3201 src = (caddr_t)node; 3202 dst = (caddr_t)&hnode; 3203 memcpy(dst, src, 48); 3204 /* Skip TSC, RX MIC and TX MIC fields from ``src''. */ 3205 memcpy(dst + 48, src + 72, 20); 3206 return iwn_cmd(sc, IWN_CMD_ADD_NODE, &hnode, sizeof hnode, async); 3207 } 3208 3209 int 3210 iwn5000_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 3211 { 3212 /* Direct mapping. */ 3213 return iwn_cmd(sc, IWN_CMD_ADD_NODE, node, sizeof (*node), async); 3214 } 3215 3216 int 3217 iwn_set_link_quality(struct iwn_softc *sc, struct ieee80211_node *ni) 3218 { 3219 struct iwn_node *wn = (void *)ni; 3220 struct ieee80211_rateset *rs = &ni->ni_rates; 3221 struct iwn_cmd_link_quality linkq; 3222 const struct iwn_rate *rinfo; 3223 uint8_t txant; 3224 int i, txrate; 3225 3226 /* Use the first valid TX antenna. */ 3227 txant = IWN_LSB(sc->txchainmask); 3228 3229 memset(&linkq, 0, sizeof linkq); 3230 linkq.id = wn->id; 3231 linkq.antmsk_1stream = txant; 3232 linkq.antmsk_2stream = IWN_ANT_AB; 3233 linkq.ampdu_max = 31; 3234 linkq.ampdu_threshold = 3; 3235 linkq.ampdu_limit = htole16(4000); /* 4ms */ 3236 3237 /* Start at highest available bit-rate. */ 3238 txrate = rs->rs_nrates - 1; 3239 for (i = 0; i < IWN_MAX_TX_RETRIES; i++) { 3240 rinfo = &iwn_rates[wn->ridx[txrate]]; 3241 linkq.retry[i].plcp = rinfo->plcp; 3242 linkq.retry[i].rflags = rinfo->flags; 3243 linkq.retry[i].rflags |= IWN_RFLAG_ANT(txant); 3244 /* Next retry at immediate lower bit-rate. */ 3245 if (txrate > 0) 3246 txrate--; 3247 } 3248 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, 1); 3249 } 3250 3251 /* 3252 * Broadcast node is used to send group-addressed and management frames. 3253 */ 3254 int 3255 iwn_add_broadcast_node(struct iwn_softc *sc, int async) 3256 { 3257 const struct iwn_hal *hal = sc->sc_hal; 3258 struct iwn_node_info node; 3259 struct iwn_cmd_link_quality linkq; 3260 const struct iwn_rate *rinfo; 3261 uint8_t txant; 3262 int i, error; 3263 3264 memset(&node, 0, sizeof node); 3265 IEEE80211_ADDR_COPY(node.macaddr, etherbroadcastaddr); 3266 node.id = hal->broadcast_id; 3267 DPRINTF(("adding broadcast node\n")); 3268 if ((error = hal->add_node(sc, &node, async)) != 0) 3269 return error; 3270 3271 /* Use the first valid TX antenna. */ 3272 txant = IWN_LSB(sc->txchainmask); 3273 3274 memset(&linkq, 0, sizeof linkq); 3275 linkq.id = hal->broadcast_id; 3276 linkq.antmsk_1stream = txant; 3277 linkq.antmsk_2stream = IWN_ANT_AB; 3278 linkq.ampdu_max = 64; 3279 linkq.ampdu_threshold = 3; 3280 linkq.ampdu_limit = htole16(4000); /* 4ms */ 3281 3282 /* Use lowest mandatory bit-rate. */ 3283 rinfo = (sc->sc_ic.ic_curmode != IEEE80211_MODE_11A) ? 3284 &iwn_rates[IWN_RIDX_CCK1] : &iwn_rates[IWN_RIDX_OFDM6]; 3285 linkq.retry[0].plcp = rinfo->plcp; 3286 linkq.retry[0].rflags = rinfo->flags; 3287 linkq.retry[0].rflags |= IWN_RFLAG_ANT(txant); 3288 /* Use same bit-rate for all TX retries. */ 3289 for (i = 1; i < IWN_MAX_TX_RETRIES; i++) { 3290 linkq.retry[i].plcp = linkq.retry[0].plcp; 3291 linkq.retry[i].rflags = linkq.retry[0].rflags; 3292 } 3293 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, async); 3294 } 3295 3296 void 3297 iwn_updateedca(struct ieee80211com *ic) 3298 { 3299 #define IWN_EXP2(x) ((1 << (x)) - 1) /* CWmin = 2^ECWmin - 1 */ 3300 struct iwn_softc *sc = ic->ic_softc; 3301 struct iwn_edca_params cmd; 3302 int aci; 3303 3304 memset(&cmd, 0, sizeof cmd); 3305 cmd.flags = htole32(IWN_EDCA_UPDATE); 3306 for (aci = 0; aci < EDCA_NUM_AC; aci++) { 3307 const struct ieee80211_edca_ac_params *ac = 3308 &ic->ic_edca_ac[aci]; 3309 cmd.ac[aci].aifsn = ac->ac_aifsn; 3310 cmd.ac[aci].cwmin = htole16(IWN_EXP2(ac->ac_ecwmin)); 3311 cmd.ac[aci].cwmax = htole16(IWN_EXP2(ac->ac_ecwmax)); 3312 cmd.ac[aci].txoplimit = 3313 htole16(IEEE80211_TXOP_TO_US(ac->ac_txoplimit)); 3314 } 3315 (void)iwn_cmd(sc, IWN_CMD_EDCA_PARAMS, &cmd, sizeof cmd, 1); 3316 #undef IWN_EXP2 3317 } 3318 3319 void 3320 iwn_set_led(struct iwn_softc *sc, uint8_t which, uint8_t off, uint8_t on) 3321 { 3322 struct iwn_cmd_led led; 3323 3324 /* Clear microcode LED ownership. */ 3325 IWN_CLRBITS(sc, IWN_LED, IWN_LED_BSM_CTRL); 3326 3327 led.which = which; 3328 led.unit = htole32(10000); /* on/off in unit of 100ms */ 3329 led.off = off; 3330 led.on = on; 3331 (void)iwn_cmd(sc, IWN_CMD_SET_LED, &led, sizeof led, 1); 3332 } 3333 3334 /* 3335 * Set the critical temperature at which the firmware will stop the radio 3336 * and notify us. 3337 */ 3338 int 3339 iwn_set_critical_temp(struct iwn_softc *sc) 3340 { 3341 struct iwn_critical_temp crit; 3342 int32_t temp; 3343 3344 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CTEMP_STOP_RF); 3345 3346 if (sc->hw_type == IWN_HW_REV_TYPE_5150) 3347 temp = (IWN_CTOK(110) - sc->temp_off) * -5; 3348 else if (sc->hw_type == IWN_HW_REV_TYPE_4965) 3349 temp = IWN_CTOK(110); 3350 else 3351 temp = 110; 3352 memset(&crit, 0, sizeof crit); 3353 crit.tempR = htole32(temp); 3354 DPRINTF(("setting critical temperature to %d\n", temp)); 3355 return iwn_cmd(sc, IWN_CMD_SET_CRITICAL_TEMP, &crit, sizeof crit, 0); 3356 } 3357 3358 int 3359 iwn_set_timing(struct iwn_softc *sc, struct ieee80211_node *ni) 3360 { 3361 struct iwn_cmd_timing cmd; 3362 uint64_t val, mod; 3363 3364 memset(&cmd, 0, sizeof cmd); 3365 memcpy(&cmd.tstamp, ni->ni_tstamp, sizeof (uint64_t)); 3366 cmd.bintval = htole16(ni->ni_intval); 3367 cmd.lintval = htole16(10); 3368 3369 /* Compute remaining time until next beacon. */ 3370 val = (uint64_t)ni->ni_intval * 1024; /* msecs -> usecs */ 3371 mod = letoh64(cmd.tstamp) % val; 3372 cmd.binitval = htole32((uint32_t)(val - mod)); 3373 3374 DPRINTF(("timing bintval=%u, tstamp=%llu, init=%u\n", 3375 ni->ni_intval, letoh64(cmd.tstamp), (uint32_t)(val - mod))); 3376 3377 return iwn_cmd(sc, IWN_CMD_TIMING, &cmd, sizeof cmd, 1); 3378 } 3379 3380 void 3381 iwn4965_power_calibration(struct iwn_softc *sc, int temp) 3382 { 3383 /* Adjust TX power if need be (delta >= 3 degC.) */ 3384 DPRINTF(("temperature %d->%d\n", sc->temp, temp)); 3385 if (abs(temp - sc->temp) >= 3) { 3386 /* Record temperature of last calibration. */ 3387 sc->temp = temp; 3388 (void)iwn4965_set_txpower(sc, 1); 3389 } 3390 } 3391 3392 /* 3393 * Set TX power for current channel (each rate has its own power settings). 3394 * This function takes into account the regulatory information from EEPROM, 3395 * the current temperature and the current voltage. 3396 */ 3397 int 3398 iwn4965_set_txpower(struct iwn_softc *sc, int async) 3399 { 3400 /* Fixed-point arithmetic division using a n-bit fractional part. */ 3401 #define fdivround(a, b, n) \ 3402 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 3403 /* Linear interpolation. */ 3404 #define interpolate(x, x1, y1, x2, y2, n) \ 3405 ((y1) + fdivround(((int)(x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 3406 3407 static const int tdiv[IWN_NATTEN_GROUPS] = { 9, 8, 8, 8, 6 }; 3408 struct ieee80211com *ic = &sc->sc_ic; 3409 struct iwn_ucode_info *uc = &sc->ucode_info; 3410 struct ieee80211_channel *ch; 3411 struct iwn4965_cmd_txpower cmd; 3412 struct iwn4965_eeprom_chan_samples *chans; 3413 const uint8_t *rf_gain, *dsp_gain; 3414 int32_t vdiff, tdiff; 3415 int i, c, grp, maxpwr; 3416 uint8_t chan; 3417 3418 /* Retrieve current channel from last RXON. */ 3419 chan = sc->rxon.chan; 3420 DPRINTF(("setting TX power for channel %d\n", chan)); 3421 ch = &ic->ic_channels[chan]; 3422 3423 memset(&cmd, 0, sizeof cmd); 3424 cmd.band = IEEE80211_IS_CHAN_5GHZ(ch) ? 0 : 1; 3425 cmd.chan = chan; 3426 3427 if (IEEE80211_IS_CHAN_5GHZ(ch)) { 3428 maxpwr = sc->maxpwr5GHz; 3429 rf_gain = iwn4965_rf_gain_5ghz; 3430 dsp_gain = iwn4965_dsp_gain_5ghz; 3431 } else { 3432 maxpwr = sc->maxpwr2GHz; 3433 rf_gain = iwn4965_rf_gain_2ghz; 3434 dsp_gain = iwn4965_dsp_gain_2ghz; 3435 } 3436 3437 /* Compute voltage compensation. */ 3438 vdiff = ((int32_t)letoh32(uc->volt) - sc->eeprom_voltage) / 7; 3439 if (vdiff > 0) 3440 vdiff *= 2; 3441 if (abs(vdiff) > 2) 3442 vdiff = 0; 3443 DPRINTF(("voltage compensation=%d (UCODE=%d, EEPROM=%d)\n", 3444 vdiff, letoh32(uc->volt), sc->eeprom_voltage)); 3445 3446 /* Get channel attenuation group. */ 3447 if (chan <= 20) /* 1-20 */ 3448 grp = 4; 3449 else if (chan <= 43) /* 34-43 */ 3450 grp = 0; 3451 else if (chan <= 70) /* 44-70 */ 3452 grp = 1; 3453 else if (chan <= 124) /* 71-124 */ 3454 grp = 2; 3455 else /* 125-200 */ 3456 grp = 3; 3457 DPRINTF(("chan %d, attenuation group=%d\n", chan, grp)); 3458 3459 /* Get channel sub-band. */ 3460 for (i = 0; i < IWN_NBANDS; i++) 3461 if (sc->bands[i].lo != 0 && 3462 sc->bands[i].lo <= chan && chan <= sc->bands[i].hi) 3463 break; 3464 if (i == IWN_NBANDS) /* Can't happen in real-life. */ 3465 return EINVAL; 3466 chans = sc->bands[i].chans; 3467 DPRINTF(("chan %d sub-band=%d\n", chan, i)); 3468 3469 for (c = 0; c < 2; c++) { 3470 uint8_t power, gain, temp; 3471 int maxchpwr, pwr, ridx, idx; 3472 3473 power = interpolate(chan, 3474 chans[0].num, chans[0].samples[c][1].power, 3475 chans[1].num, chans[1].samples[c][1].power, 1); 3476 gain = interpolate(chan, 3477 chans[0].num, chans[0].samples[c][1].gain, 3478 chans[1].num, chans[1].samples[c][1].gain, 1); 3479 temp = interpolate(chan, 3480 chans[0].num, chans[0].samples[c][1].temp, 3481 chans[1].num, chans[1].samples[c][1].temp, 1); 3482 DPRINTF(("TX chain %d: power=%d gain=%d temp=%d\n", 3483 c, power, gain, temp)); 3484 3485 /* Compute temperature compensation. */ 3486 tdiff = ((sc->temp - temp) * 2) / tdiv[grp]; 3487 DPRINTF(("temperature compensation=%d (current=%d, " 3488 "EEPROM=%d)\n", tdiff, sc->temp, temp)); 3489 3490 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) { 3491 /* Convert dBm to half-dBm. */ 3492 maxchpwr = sc->maxpwr[chan] * 2; 3493 if ((ridx / 8) & 1) 3494 maxchpwr -= 6; /* MIMO 2T: -3dB */ 3495 3496 pwr = maxpwr; 3497 3498 /* Adjust TX power based on rate. */ 3499 if ((ridx % 8) == 5) 3500 pwr -= 15; /* OFDM48: -7.5dB */ 3501 else if ((ridx % 8) == 6) 3502 pwr -= 17; /* OFDM54: -8.5dB */ 3503 else if ((ridx % 8) == 7) 3504 pwr -= 20; /* OFDM60: -10dB */ 3505 else 3506 pwr -= 10; /* Others: -5dB */ 3507 3508 /* Do not exceed channel max TX power. */ 3509 if (pwr > maxchpwr) 3510 pwr = maxchpwr; 3511 3512 idx = gain - (pwr - power) - tdiff - vdiff; 3513 if ((ridx / 8) & 1) /* MIMO */ 3514 idx += (int32_t)letoh32(uc->atten[grp][c]); 3515 3516 if (cmd.band == 0) 3517 idx += 9; /* 5GHz */ 3518 if (ridx == IWN_RIDX_MAX) 3519 idx += 5; /* CCK */ 3520 3521 /* Make sure idx stays in a valid range. */ 3522 if (idx < 0) 3523 idx = 0; 3524 else if (idx > IWN4965_MAX_PWR_INDEX) 3525 idx = IWN4965_MAX_PWR_INDEX; 3526 3527 DPRINTF(("TX chain %d, rate idx %d: power=%d\n", 3528 c, ridx, idx)); 3529 cmd.power[ridx].rf_gain[c] = rf_gain[idx]; 3530 cmd.power[ridx].dsp_gain[c] = dsp_gain[idx]; 3531 } 3532 } 3533 3534 DPRINTF(("setting TX power for chan %d\n", chan)); 3535 return iwn_cmd(sc, IWN_CMD_TXPOWER, &cmd, sizeof cmd, async); 3536 3537 #undef interpolate 3538 #undef fdivround 3539 } 3540 3541 int 3542 iwn5000_set_txpower(struct iwn_softc *sc, int async) 3543 { 3544 struct iwn5000_cmd_txpower cmd; 3545 3546 /* 3547 * TX power calibration is handled automatically by the firmware 3548 * for 5000 Series. 3549 */ 3550 memset(&cmd, 0, sizeof cmd); 3551 cmd.global_limit = 2 * IWN5000_TXPOWER_MAX_DBM; /* 16 dBm */ 3552 cmd.flags = IWN5000_TXPOWER_NO_CLOSED; 3553 cmd.srv_limit = IWN5000_TXPOWER_AUTO; 3554 DPRINTF(("setting TX power\n")); 3555 return iwn_cmd(sc, IWN_CMD_TXPOWER_DBM, &cmd, sizeof cmd, async); 3556 } 3557 3558 /* 3559 * Retrieve the maximum RSSI (in dBm) among receivers. 3560 */ 3561 int 3562 iwn4965_get_rssi(const struct iwn_rx_stat *stat) 3563 { 3564 struct iwn4965_rx_phystat *phy = (void *)stat->phybuf; 3565 uint8_t mask, agc; 3566 int rssi; 3567 3568 mask = (letoh16(phy->antenna) >> 4) & IWN_ANT_ABC; 3569 agc = (letoh16(phy->agc) >> 7) & 0x7f; 3570 3571 rssi = 0; 3572 if (mask & IWN_ANT_A) 3573 rssi = MAX(rssi, phy->rssi[0]); 3574 if (mask & IWN_ANT_B) 3575 rssi = MAX(rssi, phy->rssi[2]); 3576 if (mask & IWN_ANT_C) 3577 rssi = MAX(rssi, phy->rssi[4]); 3578 3579 return rssi - agc - IWN_RSSI_TO_DBM; 3580 } 3581 3582 int 3583 iwn5000_get_rssi(const struct iwn_rx_stat *stat) 3584 { 3585 struct iwn5000_rx_phystat *phy = (void *)stat->phybuf; 3586 uint8_t agc; 3587 int rssi; 3588 3589 agc = (letoh32(phy->agc) >> 9) & 0x7f; 3590 3591 rssi = MAX(letoh16(phy->rssi[0]) & 0xff, 3592 letoh16(phy->rssi[1]) & 0xff); 3593 rssi = MAX(letoh16(phy->rssi[2]) & 0xff, rssi); 3594 3595 return rssi - agc - IWN_RSSI_TO_DBM; 3596 } 3597 3598 /* 3599 * Retrieve the average noise (in dBm) among receivers. 3600 */ 3601 int 3602 iwn_get_noise(const struct iwn_rx_general_stats *stats) 3603 { 3604 int i, total, nbant, noise; 3605 3606 total = nbant = 0; 3607 for (i = 0; i < 3; i++) { 3608 if ((noise = letoh32(stats->noise[i]) & 0xff) == 0) 3609 continue; 3610 total += noise; 3611 nbant++; 3612 } 3613 /* There should be at least one antenna but check anyway. */ 3614 return (nbant == 0) ? -127 : (total / nbant) - 107; 3615 } 3616 3617 /* 3618 * Compute temperature (in degC) from last received statistics. 3619 */ 3620 int 3621 iwn4965_get_temperature(struct iwn_softc *sc) 3622 { 3623 struct iwn_ucode_info *uc = &sc->ucode_info; 3624 int32_t r1, r2, r3, r4, temp; 3625 3626 r1 = letoh32(uc->temp[0].chan20MHz); 3627 r2 = letoh32(uc->temp[1].chan20MHz); 3628 r3 = letoh32(uc->temp[2].chan20MHz); 3629 r4 = letoh32(sc->rawtemp); 3630 3631 if (r1 == r3) /* Prevents division by 0 (should not happen.) */ 3632 return 0; 3633 3634 /* Sign-extend 23-bit R4 value to 32-bit. */ 3635 r4 = (r4 << 8) >> 8; 3636 /* Compute temperature in Kelvin. */ 3637 temp = (259 * (r4 - r2)) / (r3 - r1); 3638 temp = (temp * 97) / 100 + 8; 3639 3640 DPRINTF(("temperature %dK/%dC\n", temp, IWN_KTOC(temp))); 3641 return IWN_KTOC(temp); 3642 } 3643 3644 int 3645 iwn5000_get_temperature(struct iwn_softc *sc) 3646 { 3647 int32_t temp; 3648 3649 /* 3650 * Temperature is not used by the driver for 5000 Series because 3651 * TX power calibration is handled by firmware. We export it to 3652 * users through the sensor framework though. 3653 */ 3654 temp = letoh32(sc->rawtemp); 3655 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 3656 temp = (temp / -5) + sc->temp_off; 3657 temp = IWN_KTOC(temp); 3658 } 3659 return temp; 3660 } 3661 3662 /* 3663 * Initialize sensitivity calibration state machine. 3664 */ 3665 int 3666 iwn_init_sensitivity(struct iwn_softc *sc) 3667 { 3668 const struct iwn_hal *hal = sc->sc_hal; 3669 struct iwn_calib_state *calib = &sc->calib; 3670 uint32_t flags; 3671 int error; 3672 3673 /* Reset calibration state machine. */ 3674 memset(calib, 0, sizeof (*calib)); 3675 calib->state = IWN_CALIB_STATE_INIT; 3676 calib->cck_state = IWN_CCK_STATE_HIFA; 3677 /* Set initial correlation values. */ 3678 calib->ofdm_x1 = sc->limits->min_ofdm_x1; 3679 calib->ofdm_mrc_x1 = sc->limits->min_ofdm_mrc_x1; 3680 calib->ofdm_x4 = 90; 3681 calib->ofdm_mrc_x4 = sc->limits->min_ofdm_mrc_x4; 3682 calib->cck_x4 = 125; 3683 calib->cck_mrc_x4 = sc->limits->min_cck_mrc_x4; 3684 calib->energy_cck = sc->limits->energy_cck; 3685 3686 /* Write initial sensitivity. */ 3687 if ((error = iwn_send_sensitivity(sc)) != 0) 3688 return error; 3689 3690 /* Write initial gains. */ 3691 if ((error = hal->init_gains(sc)) != 0) 3692 return error; 3693 3694 /* Request statistics at each beacon interval. */ 3695 flags = 0; 3696 DPRINTF(("sending request for statistics\n")); 3697 return iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, sizeof flags, 1); 3698 } 3699 3700 /* 3701 * Collect noise and RSSI statistics for the first 20 beacons received 3702 * after association and use them to determine connected antennas and 3703 * to set differential gains. 3704 */ 3705 void 3706 iwn_collect_noise(struct iwn_softc *sc, 3707 const struct iwn_rx_general_stats *stats) 3708 { 3709 const struct iwn_hal *hal = sc->sc_hal; 3710 struct iwn_calib_state *calib = &sc->calib; 3711 uint32_t val; 3712 int i; 3713 3714 /* Accumulate RSSI and noise for all 3 antennas. */ 3715 for (i = 0; i < 3; i++) { 3716 calib->rssi[i] += letoh32(stats->rssi[i]) & 0xff; 3717 calib->noise[i] += letoh32(stats->noise[i]) & 0xff; 3718 } 3719 /* NB: We update differential gains only once after 20 beacons. */ 3720 if (++calib->nbeacons < 20) 3721 return; 3722 3723 /* Determine highest average RSSI. */ 3724 val = MAX(calib->rssi[0], calib->rssi[1]); 3725 val = MAX(calib->rssi[2], val); 3726 3727 /* Determine which antennas are connected. */ 3728 sc->chainmask = 0; 3729 for (i = 0; i < 3; i++) 3730 if (val - calib->rssi[i] <= 15 * 20) 3731 sc->chainmask |= 1 << i; 3732 /* If none of the TX antennas are connected, keep at least one. */ 3733 if ((sc->chainmask & sc->txchainmask) == 0) 3734 sc->chainmask |= IWN_LSB(sc->txchainmask); 3735 3736 (void)hal->set_gains(sc); 3737 calib->state = IWN_CALIB_STATE_RUN; 3738 3739 #ifdef notyet 3740 /* XXX Disable RX chains with no antennas connected. */ 3741 sc->rxon.rxchain = htole16(IWN_RXCHAIN_SEL(sc->chainmask)); 3742 (void)iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, hal->rxonsz, 1); 3743 #endif 3744 3745 /* Enable power-saving mode if requested by user. */ 3746 if (sc->sc_ic.ic_flags & IEEE80211_F_PMGTON) 3747 (void)iwn_set_pslevel(sc, 0, 3, 1); 3748 } 3749 3750 int 3751 iwn4965_init_gains(struct iwn_softc *sc) 3752 { 3753 struct iwn_phy_calib_gain cmd; 3754 3755 memset(&cmd, 0, sizeof cmd); 3756 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 3757 /* Differential gains initially set to 0 for all 3 antennas. */ 3758 DPRINTF(("setting initial differential gains\n")); 3759 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3760 } 3761 3762 int 3763 iwn5000_init_gains(struct iwn_softc *sc) 3764 { 3765 struct iwn_phy_calib cmd; 3766 3767 if (sc->hw_type == IWN_HW_REV_TYPE_6050) 3768 return 0; 3769 3770 memset(&cmd, 0, sizeof cmd); 3771 cmd.code = IWN5000_PHY_CALIB_RESET_NOISE_GAIN; 3772 cmd.ngroups = 1; 3773 cmd.isvalid = 1; 3774 DPRINTF(("setting initial differential gains\n")); 3775 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3776 } 3777 3778 int 3779 iwn4965_set_gains(struct iwn_softc *sc) 3780 { 3781 struct iwn_calib_state *calib = &sc->calib; 3782 struct iwn_phy_calib_gain cmd; 3783 int i, delta, noise; 3784 3785 /* Get minimal noise among connected antennas. */ 3786 noise = INT_MAX; /* NB: There's at least one antenna. */ 3787 for (i = 0; i < 3; i++) 3788 if (sc->chainmask & (1 << i)) 3789 noise = MIN(calib->noise[i], noise); 3790 3791 memset(&cmd, 0, sizeof cmd); 3792 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 3793 /* Set differential gains for connected antennas. */ 3794 for (i = 0; i < 3; i++) { 3795 if (sc->chainmask & (1 << i)) { 3796 /* Compute attenuation (in unit of 1.5dB). */ 3797 delta = (noise - (int32_t)calib->noise[i]) / 30; 3798 /* NB: delta <= 0 */ 3799 /* Limit to [-4.5dB,0]. */ 3800 cmd.gain[i] = MIN(abs(delta), 3); 3801 if (delta < 0) 3802 cmd.gain[i] |= 1 << 2; /* sign bit */ 3803 } 3804 } 3805 DPRINTF(("setting differential gains Ant A/B/C: %x/%x/%x (%x)\n", 3806 cmd.gain[0], cmd.gain[1], cmd.gain[2], sc->chainmask)); 3807 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3808 } 3809 3810 int 3811 iwn5000_set_gains(struct iwn_softc *sc) 3812 { 3813 struct iwn_calib_state *calib = &sc->calib; 3814 struct iwn_phy_calib_gain cmd; 3815 int i, ant, delta; 3816 3817 if (sc->hw_type == IWN_HW_REV_TYPE_6050) 3818 return 0; 3819 3820 memset(&cmd, 0, sizeof cmd); 3821 cmd.code = IWN5000_PHY_CALIB_NOISE_GAIN; 3822 cmd.ngroups = 1; 3823 cmd.isvalid = 1; 3824 /* Get first available RX antenna as referential. */ 3825 ant = IWN_LSB(sc->rxchainmask); 3826 /* Set differential gains for other antennas. */ 3827 for (i = ant + 1; i < 3; i++) { 3828 if (sc->chainmask & (1 << i)) { 3829 /* The delta is relative to antenna "ant". */ 3830 delta = ((int32_t)calib->noise[ant] - 3831 (int32_t)calib->noise[i]) / 30; 3832 /* Limit to [-4.5dB,+4.5dB]. */ 3833 cmd.gain[i - 1] = MIN(abs(delta), 3); 3834 if (delta < 0) 3835 cmd.gain[i - 1] |= 1 << 2; /* sign bit */ 3836 } 3837 } 3838 DPRINTF(("setting differential gains: %x/%x (%x)\n", 3839 cmd.gain[0], cmd.gain[1], sc->chainmask)); 3840 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 3841 } 3842 3843 /* 3844 * Tune RF RX sensitivity based on the number of false alarms detected 3845 * during the last beacon period. 3846 */ 3847 void 3848 iwn_tune_sensitivity(struct iwn_softc *sc, const struct iwn_rx_stats *stats) 3849 { 3850 #define inc(val, inc, max) \ 3851 if ((val) < (max)) { \ 3852 if ((val) < (max) - (inc)) \ 3853 (val) += (inc); \ 3854 else \ 3855 (val) = (max); \ 3856 needs_update = 1; \ 3857 } 3858 #define dec(val, dec, min) \ 3859 if ((val) > (min)) { \ 3860 if ((val) > (min) + (dec)) \ 3861 (val) -= (dec); \ 3862 else \ 3863 (val) = (min); \ 3864 needs_update = 1; \ 3865 } 3866 3867 const struct iwn_sensitivity_limits *limits = sc->limits; 3868 struct iwn_calib_state *calib = &sc->calib; 3869 uint32_t val, rxena, fa; 3870 uint32_t energy[3], energy_min; 3871 uint8_t noise[3], noise_ref; 3872 int i, needs_update = 0; 3873 3874 /* Check that we've been enabled long enough. */ 3875 if ((rxena = letoh32(stats->general.load)) == 0) 3876 return; 3877 3878 /* Compute number of false alarms since last call for OFDM. */ 3879 fa = letoh32(stats->ofdm.bad_plcp) - calib->bad_plcp_ofdm; 3880 fa += letoh32(stats->ofdm.fa) - calib->fa_ofdm; 3881 fa *= 200 * 1024; /* 200TU */ 3882 3883 /* Save counters values for next call. */ 3884 calib->bad_plcp_ofdm = letoh32(stats->ofdm.bad_plcp); 3885 calib->fa_ofdm = letoh32(stats->ofdm.fa); 3886 3887 if (fa > 50 * rxena) { 3888 /* High false alarm count, decrease sensitivity. */ 3889 DPRINTFN(2, ("OFDM high false alarm count: %u\n", fa)); 3890 inc(calib->ofdm_x1, 1, limits->max_ofdm_x1); 3891 inc(calib->ofdm_mrc_x1, 1, limits->max_ofdm_mrc_x1); 3892 inc(calib->ofdm_x4, 1, limits->max_ofdm_x4); 3893 inc(calib->ofdm_mrc_x4, 1, limits->max_ofdm_mrc_x4); 3894 3895 } else if (fa < 5 * rxena) { 3896 /* Low false alarm count, increase sensitivity. */ 3897 DPRINTFN(2, ("OFDM low false alarm count: %u\n", fa)); 3898 dec(calib->ofdm_x1, 1, limits->min_ofdm_x1); 3899 dec(calib->ofdm_mrc_x1, 1, limits->min_ofdm_mrc_x1); 3900 dec(calib->ofdm_x4, 1, limits->min_ofdm_x4); 3901 dec(calib->ofdm_mrc_x4, 1, limits->min_ofdm_mrc_x4); 3902 } 3903 3904 /* Compute maximum noise among 3 receivers. */ 3905 for (i = 0; i < 3; i++) 3906 noise[i] = (letoh32(stats->general.noise[i]) >> 8) & 0xff; 3907 val = MAX(noise[0], noise[1]); 3908 val = MAX(noise[2], val); 3909 /* Insert it into our samples table. */ 3910 calib->noise_samples[calib->cur_noise_sample] = val; 3911 calib->cur_noise_sample = (calib->cur_noise_sample + 1) % 20; 3912 3913 /* Compute maximum noise among last 20 samples. */ 3914 noise_ref = calib->noise_samples[0]; 3915 for (i = 1; i < 20; i++) 3916 noise_ref = MAX(noise_ref, calib->noise_samples[i]); 3917 3918 /* Compute maximum energy among 3 receivers. */ 3919 for (i = 0; i < 3; i++) 3920 energy[i] = letoh32(stats->general.energy[i]); 3921 val = MIN(energy[0], energy[1]); 3922 val = MIN(energy[2], val); 3923 /* Insert it into our samples table. */ 3924 calib->energy_samples[calib->cur_energy_sample] = val; 3925 calib->cur_energy_sample = (calib->cur_energy_sample + 1) % 10; 3926 3927 /* Compute minimum energy among last 10 samples. */ 3928 energy_min = calib->energy_samples[0]; 3929 for (i = 1; i < 10; i++) 3930 energy_min = MAX(energy_min, calib->energy_samples[i]); 3931 energy_min += 6; 3932 3933 /* Compute number of false alarms since last call for CCK. */ 3934 fa = letoh32(stats->cck.bad_plcp) - calib->bad_plcp_cck; 3935 fa += letoh32(stats->cck.fa) - calib->fa_cck; 3936 fa *= 200 * 1024; /* 200TU */ 3937 3938 /* Save counters values for next call. */ 3939 calib->bad_plcp_cck = letoh32(stats->cck.bad_plcp); 3940 calib->fa_cck = letoh32(stats->cck.fa); 3941 3942 if (fa > 50 * rxena) { 3943 /* High false alarm count, decrease sensitivity. */ 3944 DPRINTFN(2, ("CCK high false alarm count: %u\n", fa)); 3945 calib->cck_state = IWN_CCK_STATE_HIFA; 3946 calib->low_fa = 0; 3947 3948 if (calib->cck_x4 > 160) { 3949 calib->noise_ref = noise_ref; 3950 if (calib->energy_cck > 2) 3951 dec(calib->energy_cck, 2, energy_min); 3952 } 3953 if (calib->cck_x4 < 160) { 3954 calib->cck_x4 = 161; 3955 needs_update = 1; 3956 } else 3957 inc(calib->cck_x4, 3, limits->max_cck_x4); 3958 3959 inc(calib->cck_mrc_x4, 3, limits->max_cck_mrc_x4); 3960 3961 } else if (fa < 5 * rxena) { 3962 /* Low false alarm count, increase sensitivity. */ 3963 DPRINTFN(2, ("CCK low false alarm count: %u\n", fa)); 3964 calib->cck_state = IWN_CCK_STATE_LOFA; 3965 calib->low_fa++; 3966 3967 if (calib->cck_state != IWN_CCK_STATE_INIT && 3968 (((int32_t)calib->noise_ref - (int32_t)noise_ref) > 2 || 3969 calib->low_fa > 100)) { 3970 inc(calib->energy_cck, 2, limits->min_energy_cck); 3971 dec(calib->cck_x4, 3, limits->min_cck_x4); 3972 dec(calib->cck_mrc_x4, 3, limits->min_cck_mrc_x4); 3973 } 3974 } else { 3975 /* Not worth to increase or decrease sensitivity. */ 3976 DPRINTFN(2, ("CCK normal false alarm count: %u\n", fa)); 3977 calib->low_fa = 0; 3978 calib->noise_ref = noise_ref; 3979 3980 if (calib->cck_state == IWN_CCK_STATE_HIFA) { 3981 /* Previous interval had many false alarms. */ 3982 dec(calib->energy_cck, 8, energy_min); 3983 } 3984 calib->cck_state = IWN_CCK_STATE_INIT; 3985 } 3986 3987 if (needs_update) 3988 (void)iwn_send_sensitivity(sc); 3989 #undef dec 3990 #undef inc 3991 } 3992 3993 int 3994 iwn_send_sensitivity(struct iwn_softc *sc) 3995 { 3996 struct iwn_calib_state *calib = &sc->calib; 3997 struct iwn_sensitivity_cmd cmd; 3998 3999 memset(&cmd, 0, sizeof cmd); 4000 cmd.which = IWN_SENSITIVITY_WORKTBL; 4001 /* OFDM modulation. */ 4002 cmd.corr_ofdm_x1 = htole16(calib->ofdm_x1); 4003 cmd.corr_ofdm_mrc_x1 = htole16(calib->ofdm_mrc_x1); 4004 cmd.corr_ofdm_x4 = htole16(calib->ofdm_x4); 4005 cmd.corr_ofdm_mrc_x4 = htole16(calib->ofdm_mrc_x4); 4006 cmd.energy_ofdm = htole16(sc->limits->energy_ofdm); 4007 cmd.energy_ofdm_th = htole16(62); 4008 /* CCK modulation. */ 4009 cmd.corr_cck_x4 = htole16(calib->cck_x4); 4010 cmd.corr_cck_mrc_x4 = htole16(calib->cck_mrc_x4); 4011 cmd.energy_cck = htole16(calib->energy_cck); 4012 /* Barker modulation: use default values. */ 4013 cmd.corr_barker = htole16(190); 4014 cmd.corr_barker_mrc = htole16(390); 4015 4016 DPRINTFN(2, ("setting sensitivity %d/%d/%d/%d/%d/%d/%d\n", 4017 calib->ofdm_x1, calib->ofdm_mrc_x1, calib->ofdm_x4, 4018 calib->ofdm_mrc_x4, calib->cck_x4, calib->cck_mrc_x4, 4019 calib->energy_cck)); 4020 return iwn_cmd(sc, IWN_CMD_SET_SENSITIVITY, &cmd, sizeof cmd, 1); 4021 } 4022 4023 /* 4024 * Set STA mode power saving level (between 0 and 5). 4025 * Level 0 is CAM (Continuously Aware Mode), 5 is for maximum power saving. 4026 */ 4027 int 4028 iwn_set_pslevel(struct iwn_softc *sc, int dtim, int level, int async) 4029 { 4030 struct iwn_pmgt_cmd cmd; 4031 const struct iwn_pmgt *pmgt; 4032 uint32_t max, skip_dtim; 4033 pcireg_t reg; 4034 int i; 4035 4036 /* Select which PS parameters to use. */ 4037 if (dtim <= 2) 4038 pmgt = &iwn_pmgt[0][level]; 4039 else if (dtim <= 10) 4040 pmgt = &iwn_pmgt[1][level]; 4041 else 4042 pmgt = &iwn_pmgt[2][level]; 4043 4044 memset(&cmd, 0, sizeof cmd); 4045 if (level != 0) /* not CAM */ 4046 cmd.flags |= htole16(IWN_PS_ALLOW_SLEEP); 4047 if (level == 5) 4048 cmd.flags |= htole16(IWN_PS_FAST_PD); 4049 /* Retrieve PCIe Active State Power Management (ASPM). */ 4050 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 4051 sc->sc_cap_off + PCI_PCIE_LCSR); 4052 if (!(reg & PCI_PCIE_LCSR_ASPM_L0S)) /* L0s Entry disabled. */ 4053 cmd.flags |= htole16(IWN_PS_PCI_PMGT); 4054 cmd.rxtimeout = htole32(pmgt->rxtimeout * 1024); 4055 cmd.txtimeout = htole32(pmgt->txtimeout * 1024); 4056 4057 if (dtim == 0) { 4058 dtim = 1; 4059 skip_dtim = 0; 4060 } else 4061 skip_dtim = pmgt->skip_dtim; 4062 if (skip_dtim != 0) { 4063 cmd.flags |= htole16(IWN_PS_SLEEP_OVER_DTIM); 4064 max = pmgt->intval[4]; 4065 if (max == (uint32_t)-1) 4066 max = dtim * (skip_dtim + 1); 4067 else if (max > dtim) 4068 max = (max / dtim) * dtim; 4069 } else 4070 max = dtim; 4071 for (i = 0; i < 5; i++) 4072 cmd.intval[i] = htole32(MIN(max, pmgt->intval[i])); 4073 4074 DPRINTF(("setting power saving level to %d\n", level)); 4075 return iwn_cmd(sc, IWN_CMD_SET_POWER_MODE, &cmd, sizeof cmd, async); 4076 } 4077 4078 int 4079 iwn_config(struct iwn_softc *sc) 4080 { 4081 const struct iwn_hal *hal = sc->sc_hal; 4082 struct ieee80211com *ic = &sc->sc_ic; 4083 struct ifnet *ifp = &ic->ic_if; 4084 struct iwn_bluetooth bluetooth; 4085 uint32_t txmask; 4086 uint16_t rxchain; 4087 int error; 4088 4089 /* Configure valid TX chains for 5000 Series. */ 4090 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4091 txmask = htole32(sc->txchainmask); 4092 DPRINTF(("configuring valid TX chains 0x%x\n", txmask)); 4093 error = iwn_cmd(sc, IWN5000_CMD_TX_ANT_CONFIG, &txmask, 4094 sizeof txmask, 0); 4095 if (error != 0) { 4096 printf("%s: could not configure valid TX chains\n", 4097 sc->sc_dev.dv_xname); 4098 return error; 4099 } 4100 } 4101 4102 /* Configure bluetooth coexistence. */ 4103 memset(&bluetooth, 0, sizeof bluetooth); 4104 bluetooth.flags = IWN_BT_COEX_MODE_4WIRE; 4105 bluetooth.lead_time = IWN_BT_LEAD_TIME_DEF; 4106 bluetooth.max_kill = IWN_BT_MAX_KILL_DEF; 4107 DPRINTF(("configuring bluetooth coexistence\n")); 4108 error = iwn_cmd(sc, IWN_CMD_BT_COEX, &bluetooth, sizeof bluetooth, 0); 4109 if (error != 0) { 4110 printf("%s: could not configure bluetooth coexistence\n", 4111 sc->sc_dev.dv_xname); 4112 return error; 4113 } 4114 4115 /* Set mode, channel, RX filter and enable RX. */ 4116 memset(&sc->rxon, 0, sizeof (struct iwn_rxon)); 4117 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 4118 IEEE80211_ADDR_COPY(sc->rxon.myaddr, ic->ic_myaddr); 4119 IEEE80211_ADDR_COPY(sc->rxon.wlap, ic->ic_myaddr); 4120 sc->rxon.chan = ieee80211_chan2ieee(ic, ic->ic_ibss_chan); 4121 sc->rxon.flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 4122 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_ibss_chan)) 4123 sc->rxon.flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 4124 switch (ic->ic_opmode) { 4125 case IEEE80211_M_STA: 4126 sc->rxon.mode = IWN_MODE_STA; 4127 sc->rxon.filter = htole32(IWN_FILTER_MULTICAST); 4128 break; 4129 case IEEE80211_M_MONITOR: 4130 sc->rxon.mode = IWN_MODE_MONITOR; 4131 sc->rxon.filter = htole32(IWN_FILTER_MULTICAST | 4132 IWN_FILTER_CTL | IWN_FILTER_PROMISC); 4133 break; 4134 default: 4135 /* Should not get there. */ 4136 break; 4137 } 4138 sc->rxon.cck_mask = 0x0f; /* not yet negotiated */ 4139 sc->rxon.ofdm_mask = 0xff; /* not yet negotiated */ 4140 sc->rxon.ht_single_mask = 0xff; 4141 sc->rxon.ht_dual_mask = 0xff; 4142 sc->rxon.ht_triple_mask = 0xff; 4143 rxchain = 4144 IWN_RXCHAIN_VALID(sc->rxchainmask) | 4145 IWN_RXCHAIN_MIMO_COUNT(2) | 4146 IWN_RXCHAIN_IDLE_COUNT(2); 4147 sc->rxon.rxchain = htole16(rxchain); 4148 DPRINTF(("setting configuration\n")); 4149 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, hal->rxonsz, 0); 4150 if (error != 0) { 4151 printf("%s: RXON command failed\n", sc->sc_dev.dv_xname); 4152 return error; 4153 } 4154 4155 if ((error = iwn_add_broadcast_node(sc, 0)) != 0) { 4156 printf("%s: could not add broadcast node\n", 4157 sc->sc_dev.dv_xname); 4158 return error; 4159 } 4160 4161 /* Configuration has changed, set TX power accordingly. */ 4162 if ((error = hal->set_txpower(sc, 0)) != 0) { 4163 printf("%s: could not set TX power\n", sc->sc_dev.dv_xname); 4164 return error; 4165 } 4166 4167 if ((error = iwn_set_critical_temp(sc)) != 0) { 4168 printf("%s: could not set critical temperature\n", 4169 sc->sc_dev.dv_xname); 4170 return error; 4171 } 4172 4173 /* Set power saving level to CAM during initialization. */ 4174 if ((error = iwn_set_pslevel(sc, 0, 0, 0)) != 0) { 4175 printf("%s: could not set power saving level\n", 4176 sc->sc_dev.dv_xname); 4177 return error; 4178 } 4179 return 0; 4180 } 4181 4182 int 4183 iwn_scan(struct iwn_softc *sc, uint16_t flags) 4184 { 4185 struct ieee80211com *ic = &sc->sc_ic; 4186 struct iwn_scan_hdr *hdr; 4187 struct iwn_cmd_data *tx; 4188 struct iwn_scan_essid *essid; 4189 struct iwn_scan_chan *chan; 4190 struct ieee80211_frame *wh; 4191 struct ieee80211_rateset *rs; 4192 struct ieee80211_channel *c; 4193 uint8_t *buf, *frm; 4194 uint16_t rxchain; 4195 uint8_t txant; 4196 int buflen, error; 4197 4198 buf = malloc(IWN_SCAN_MAXSZ, M_DEVBUF, M_NOWAIT | M_ZERO); 4199 if (buf == NULL) { 4200 printf("%s: could not allocate buffer for scan command\n", 4201 sc->sc_dev.dv_xname); 4202 return ENOMEM; 4203 } 4204 hdr = (struct iwn_scan_hdr *)buf; 4205 /* 4206 * Move to the next channel if no frames are received within 10ms 4207 * after sending the probe request. 4208 */ 4209 hdr->quiet_time = htole16(10); /* timeout in milliseconds */ 4210 hdr->quiet_threshold = htole16(1); /* min # of packets */ 4211 4212 /* Select antennas for scanning. */ 4213 rxchain = 4214 IWN_RXCHAIN_VALID(sc->rxchainmask) | 4215 IWN_RXCHAIN_FORCE_MIMO_SEL(sc->rxchainmask) | 4216 IWN_RXCHAIN_DRIVER_FORCE; 4217 if ((flags & IEEE80211_CHAN_5GHZ) && 4218 sc->hw_type == IWN_HW_REV_TYPE_4965) { 4219 /* Ant A must be avoided in 5GHz because of an HW bug. */ 4220 rxchain |= IWN_RXCHAIN_FORCE_SEL(IWN_ANT_BC); 4221 } else /* Use all available RX antennas. */ 4222 rxchain |= IWN_RXCHAIN_FORCE_SEL(sc->rxchainmask); 4223 hdr->rxchain = htole16(rxchain); 4224 hdr->filter = htole32(IWN_FILTER_MULTICAST | IWN_FILTER_BEACON); 4225 4226 tx = (struct iwn_cmd_data *)(hdr + 1); 4227 tx->flags = htole32(IWN_TX_AUTO_SEQ); 4228 tx->id = sc->sc_hal->broadcast_id; 4229 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 4230 4231 if (flags & IEEE80211_CHAN_5GHZ) { 4232 hdr->crc_threshold = htole16(1); 4233 /* Send probe requests at 6Mbps. */ 4234 tx->plcp = iwn_rates[IWN_RIDX_OFDM6].plcp; 4235 rs = &ic->ic_sup_rates[IEEE80211_MODE_11A]; 4236 } else { 4237 hdr->flags = htole32(IWN_RXON_24GHZ | IWN_RXON_AUTO); 4238 /* Send probe requests at 1Mbps. */ 4239 tx->plcp = iwn_rates[IWN_RIDX_CCK1].plcp; 4240 tx->rflags = IWN_RFLAG_CCK; 4241 rs = &ic->ic_sup_rates[IEEE80211_MODE_11G]; 4242 } 4243 /* Use the first valid TX antenna. */ 4244 txant = IWN_LSB(sc->txchainmask); 4245 tx->rflags |= IWN_RFLAG_ANT(txant); 4246 4247 essid = (struct iwn_scan_essid *)(tx + 1); 4248 if (ic->ic_des_esslen != 0) { 4249 essid[0].id = IEEE80211_ELEMID_SSID; 4250 essid[0].len = ic->ic_des_esslen; 4251 memcpy(essid[0].data, ic->ic_des_essid, ic->ic_des_esslen); 4252 } 4253 /* 4254 * Build a probe request frame. Most of the following code is a 4255 * copy & paste of what is done in net80211. 4256 */ 4257 wh = (struct ieee80211_frame *)(essid + 20); 4258 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 4259 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 4260 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 4261 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 4262 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 4263 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 4264 *(uint16_t *)&wh->i_dur[0] = 0; /* filled by HW */ 4265 *(uint16_t *)&wh->i_seq[0] = 0; /* filled by HW */ 4266 4267 frm = (uint8_t *)(wh + 1); 4268 frm = ieee80211_add_ssid(frm, NULL, 0); 4269 frm = ieee80211_add_rates(frm, rs); 4270 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 4271 frm = ieee80211_add_xrates(frm, rs); 4272 4273 /* Set length of probe request. */ 4274 tx->len = htole16(frm - (uint8_t *)wh); 4275 4276 chan = (struct iwn_scan_chan *)frm; 4277 for (c = &ic->ic_channels[1]; 4278 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 4279 if ((c->ic_flags & flags) != flags) 4280 continue; 4281 4282 chan->chan = htole16(ieee80211_chan2ieee(ic, c)); 4283 DPRINTFN(2, ("adding channel %d\n", chan->chan)); 4284 chan->flags = 0; 4285 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) 4286 chan->flags |= htole32(IWN_CHAN_ACTIVE); 4287 if (ic->ic_des_esslen != 0) 4288 chan->flags |= htole32(IWN_CHAN_NPBREQS(1)); 4289 chan->dsp_gain = 0x6e; 4290 if (IEEE80211_IS_CHAN_5GHZ(c)) { 4291 chan->rf_gain = 0x3b; 4292 chan->active = htole16(24); 4293 chan->passive = htole16(110); 4294 } else { 4295 chan->rf_gain = 0x28; 4296 chan->active = htole16(36); 4297 chan->passive = htole16(120); 4298 } 4299 hdr->nchan++; 4300 chan++; 4301 } 4302 4303 buflen = (uint8_t *)chan - buf; 4304 hdr->len = htole16(buflen); 4305 4306 DPRINTF(("sending scan command nchan=%d\n", hdr->nchan)); 4307 error = iwn_cmd(sc, IWN_CMD_SCAN, buf, buflen, 1); 4308 free(buf, M_DEVBUF); 4309 return error; 4310 } 4311 4312 int 4313 iwn_auth(struct iwn_softc *sc) 4314 { 4315 const struct iwn_hal *hal = sc->sc_hal; 4316 struct ieee80211com *ic = &sc->sc_ic; 4317 struct ieee80211_node *ni = ic->ic_bss; 4318 int error; 4319 4320 /* Update adapter configuration. */ 4321 IEEE80211_ADDR_COPY(sc->rxon.bssid, ni->ni_bssid); 4322 sc->rxon.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 4323 sc->rxon.flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 4324 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 4325 sc->rxon.flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 4326 if (ic->ic_flags & IEEE80211_F_SHSLOT) 4327 sc->rxon.flags |= htole32(IWN_RXON_SHSLOT); 4328 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 4329 sc->rxon.flags |= htole32(IWN_RXON_SHPREAMBLE); 4330 switch (ic->ic_curmode) { 4331 case IEEE80211_MODE_11A: 4332 sc->rxon.cck_mask = 0; 4333 sc->rxon.ofdm_mask = 0x15; 4334 break; 4335 case IEEE80211_MODE_11B: 4336 sc->rxon.cck_mask = 0x03; 4337 sc->rxon.ofdm_mask = 0; 4338 break; 4339 default: /* Assume 802.11b/g. */ 4340 sc->rxon.cck_mask = 0x0f; 4341 sc->rxon.ofdm_mask = 0x15; 4342 } 4343 DPRINTF(("rxon chan %d flags %x cck %x ofdm %x\n", sc->rxon.chan, 4344 sc->rxon.flags, sc->rxon.cck_mask, sc->rxon.ofdm_mask)); 4345 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, hal->rxonsz, 1); 4346 if (error != 0) { 4347 printf("%s: RXON command failed\n", sc->sc_dev.dv_xname); 4348 return error; 4349 } 4350 4351 /* Configuration has changed, set TX power accordingly. */ 4352 if ((error = hal->set_txpower(sc, 1)) != 0) { 4353 printf("%s: could not set TX power\n", sc->sc_dev.dv_xname); 4354 return error; 4355 } 4356 /* 4357 * Reconfiguring RXON clears the firmware nodes table so we must 4358 * add the broadcast node again. 4359 */ 4360 if ((error = iwn_add_broadcast_node(sc, 1)) != 0) { 4361 printf("%s: could not add broadcast node\n", 4362 sc->sc_dev.dv_xname); 4363 return error; 4364 } 4365 return 0; 4366 } 4367 4368 int 4369 iwn_run(struct iwn_softc *sc) 4370 { 4371 const struct iwn_hal *hal = sc->sc_hal; 4372 struct ieee80211com *ic = &sc->sc_ic; 4373 struct ieee80211_node *ni = ic->ic_bss; 4374 struct iwn_node_info node; 4375 int error; 4376 4377 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 4378 /* Link LED blinks while monitoring. */ 4379 iwn_set_led(sc, IWN_LED_LINK, 5, 5); 4380 return 0; 4381 } 4382 if ((error = iwn_set_timing(sc, ni)) != 0) { 4383 printf("%s: could not set timing\n", sc->sc_dev.dv_xname); 4384 return error; 4385 } 4386 4387 /* Update adapter configuration. */ 4388 sc->rxon.associd = htole16(IEEE80211_AID(ni->ni_associd)); 4389 /* Short preamble and slot time are negotiated when associating. */ 4390 sc->rxon.flags &= ~htole32(IWN_RXON_SHPREAMBLE | IWN_RXON_SHSLOT); 4391 if (ic->ic_flags & IEEE80211_F_SHSLOT) 4392 sc->rxon.flags |= htole32(IWN_RXON_SHSLOT); 4393 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 4394 sc->rxon.flags |= htole32(IWN_RXON_SHPREAMBLE); 4395 sc->rxon.filter |= htole32(IWN_FILTER_BSS); 4396 DPRINTF(("rxon chan %d flags %x\n", sc->rxon.chan, sc->rxon.flags)); 4397 error = iwn_cmd(sc, IWN_CMD_RXON, &sc->rxon, hal->rxonsz, 1); 4398 if (error != 0) { 4399 printf("%s: could not update configuration\n", 4400 sc->sc_dev.dv_xname); 4401 return error; 4402 } 4403 4404 /* Configuration has changed, set TX power accordingly. */ 4405 if ((error = hal->set_txpower(sc, 1)) != 0) { 4406 printf("%s: could not set TX power\n", sc->sc_dev.dv_xname); 4407 return error; 4408 } 4409 4410 /* Fake a join to initialize the TX rate. */ 4411 ((struct iwn_node *)ni)->id = IWN_ID_BSS; 4412 iwn_newassoc(ic, ni, 1); 4413 4414 /* Add BSS node. */ 4415 memset(&node, 0, sizeof node); 4416 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 4417 node.id = IWN_ID_BSS; 4418 #ifdef notyet 4419 node.htflags = htole32(IWN_AMDPU_SIZE_FACTOR(3) | 4420 IWN_AMDPU_DENSITY(5)); /* 2us */ 4421 #endif 4422 DPRINTF(("adding BSS node\n")); 4423 error = hal->add_node(sc, &node, 1); 4424 if (error != 0) { 4425 printf("%s: could not add BSS node\n", sc->sc_dev.dv_xname); 4426 return error; 4427 } 4428 DPRINTF(("setting link quality for node %d\n", node.id)); 4429 if ((error = iwn_set_link_quality(sc, ni)) != 0) { 4430 printf("%s: could not setup link quality for node %d\n", 4431 sc->sc_dev.dv_xname, node.id); 4432 return error; 4433 } 4434 4435 if ((error = iwn_init_sensitivity(sc)) != 0) { 4436 printf("%s: could not set sensitivity\n", 4437 sc->sc_dev.dv_xname); 4438 return error; 4439 } 4440 /* Start periodic calibration timer. */ 4441 sc->calib.state = IWN_CALIB_STATE_ASSOC; 4442 sc->calib_cnt = 0; 4443 timeout_add_msec(&sc->calib_to, 500); 4444 4445 /* Link LED always on while associated. */ 4446 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 4447 return 0; 4448 } 4449 4450 /* 4451 * We support CCMP hardware encryption/decryption of unicast frames only. 4452 * HW support for TKIP really sucks. We should let TKIP die anyway. 4453 */ 4454 int 4455 iwn_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 4456 struct ieee80211_key *k) 4457 { 4458 struct iwn_softc *sc = ic->ic_softc; 4459 const struct iwn_hal *hal = sc->sc_hal; 4460 struct iwn_node *wn = (void *)ni; 4461 struct iwn_node_info node; 4462 uint16_t kflags; 4463 4464 if ((k->k_flags & IEEE80211_KEY_GROUP) || 4465 k->k_cipher != IEEE80211_CIPHER_CCMP) 4466 return ieee80211_set_key(ic, ni, k); 4467 4468 kflags = IWN_KFLAG_CCMP | IWN_KFLAG_MAP | IWN_KFLAG_KID(k->k_id); 4469 if (k->k_flags & IEEE80211_KEY_GROUP) 4470 kflags |= IWN_KFLAG_GROUP; 4471 4472 memset(&node, 0, sizeof node); 4473 node.id = (k->k_flags & IEEE80211_KEY_GROUP) ? 4474 hal->broadcast_id : wn->id; 4475 node.control = IWN_NODE_UPDATE; 4476 node.flags = IWN_FLAG_SET_KEY; 4477 node.kflags = htole16(kflags); 4478 node.kid = k->k_id; 4479 memcpy(node.key, k->k_key, k->k_len); 4480 DPRINTF(("set key id=%d for node %d\n", k->k_id, node.id)); 4481 return hal->add_node(sc, &node, 1); 4482 } 4483 4484 void 4485 iwn_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 4486 struct ieee80211_key *k) 4487 { 4488 struct iwn_softc *sc = ic->ic_softc; 4489 const struct iwn_hal *hal = sc->sc_hal; 4490 struct iwn_node *wn = (void *)ni; 4491 struct iwn_node_info node; 4492 4493 if ((k->k_flags & IEEE80211_KEY_GROUP) || 4494 k->k_cipher != IEEE80211_CIPHER_CCMP) { 4495 /* See comment about other ciphers above. */ 4496 ieee80211_delete_key(ic, ni, k); 4497 return; 4498 } 4499 if (ic->ic_state != IEEE80211_S_RUN) 4500 return; /* Nothing to do. */ 4501 memset(&node, 0, sizeof node); 4502 node.id = (k->k_flags & IEEE80211_KEY_GROUP) ? 4503 hal->broadcast_id : wn->id; 4504 node.control = IWN_NODE_UPDATE; 4505 node.flags = IWN_FLAG_SET_KEY; 4506 node.kflags = htole16(IWN_KFLAG_INVALID); 4507 node.kid = 0xff; 4508 DPRINTF(("delete keys for node %d\n", node.id)); 4509 (void)hal->add_node(sc, &node, 1); 4510 } 4511 4512 #ifndef IEEE80211_NO_HT 4513 /* 4514 * This function is called by upper layer when an ADDBA request is received 4515 * from another STA and before the ADDBA response is sent. 4516 */ 4517 int 4518 iwn_ampdu_rx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 4519 uint8_t tid) 4520 { 4521 struct ieee80211_rx_ba *ba = &ni->ni_rx_ba[tid]; 4522 struct iwn_softc *sc = ic->ic_softc; 4523 struct iwn_node *wn = (void *)ni; 4524 struct iwn_node_info node; 4525 4526 memset(&node, 0, sizeof node); 4527 node.id = wn->id; 4528 node.control = IWN_NODE_UPDATE; 4529 node.flags = IWN_FLAG_SET_ADDBA; 4530 node.addba_tid = tid; 4531 node.addba_ssn = htole16(ba->ba_winstart); 4532 DPRINTFN(2, ("ADDBA RA=%d TID=%d SSN=%d\n", wn->id, tid, 4533 ba->ba_winstart)); 4534 return sc->sc_hal->add_node(sc, &node, 1); 4535 } 4536 4537 /* 4538 * This function is called by upper layer on teardown of an HT-immediate 4539 * Block Ack agreement (eg. uppon receipt of a DELBA frame.) 4540 */ 4541 void 4542 iwn_ampdu_rx_stop(struct ieee80211com *ic, struct ieee80211_node *ni, 4543 uint8_t tid) 4544 { 4545 struct iwn_softc *sc = ic->ic_softc; 4546 struct iwn_node *wn = (void *)ni; 4547 struct iwn_node_info node; 4548 4549 memset(&node, 0, sizeof node); 4550 node.id = wn->id; 4551 node.control = IWN_NODE_UPDATE; 4552 node.flags = IWN_FLAG_SET_DELBA; 4553 node.delba_tid = tid; 4554 DPRINTFN(2, ("DELBA RA=%d TID=%d\n", wn->id, tid)); 4555 (void)sc->sc_hal->add_node(sc, &node, 1); 4556 } 4557 4558 /* 4559 * This function is called by upper layer when an ADDBA response is received 4560 * from another STA. 4561 */ 4562 int 4563 iwn_ampdu_tx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 4564 uint8_t tid) 4565 { 4566 struct ieee80211_tx_ba *ba = &ni->ni_tx_ba[tid]; 4567 struct iwn_softc *sc = ic->ic_softc; 4568 const struct iwn_hal *hal = sc->sc_hal; 4569 struct iwn_node *wn = (void *)ni; 4570 struct iwn_node_info node; 4571 int error; 4572 4573 /* Enable TX for the specified RA/TID. */ 4574 wn->disable_tid &= ~(1 << tid); 4575 memset(&node, 0, sizeof node); 4576 node.id = wn->id; 4577 node.control = IWN_NODE_UPDATE; 4578 node.flags = IWN_FLAG_SET_DISABLE_TID; 4579 node.disable_tid = htole16(wn->disable_tid); 4580 error = hal->add_node(sc, &node, 1); 4581 if (error != 0) 4582 return error; 4583 4584 if ((error = iwn_nic_lock(sc)) != 0) 4585 return error; 4586 hal->ampdu_tx_start(sc, ni, tid, ba->ba_winstart); 4587 iwn_nic_unlock(sc); 4588 return 0; 4589 } 4590 4591 void 4592 iwn_ampdu_tx_stop(struct ieee80211com *ic, struct ieee80211_node *ni, 4593 uint8_t tid) 4594 { 4595 struct ieee80211_tx_ba *ba = &ni->ni_tx_ba[tid]; 4596 struct iwn_softc *sc = ic->ic_softc; 4597 4598 if (iwn_nic_lock(sc) != 0) 4599 return; 4600 sc->sc_hal->ampdu_tx_stop(sc, tid, ba->ba_winstart); 4601 iwn_nic_unlock(sc); 4602 } 4603 4604 void 4605 iwn4965_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 4606 uint8_t tid, uint16_t ssn) 4607 { 4608 struct iwn_node *wn = (void *)ni; 4609 int qid = 7 + tid; 4610 4611 /* Stop TX scheduler while we're changing its configuration. */ 4612 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 4613 IWN4965_TXQ_STATUS_CHGACT); 4614 4615 /* Assign RA/TID translation to the queue. */ 4616 iwn_mem_write_2(sc, sc->sched_base + IWN4965_SCHED_TRANS_TBL(qid), 4617 wn->id << 4 | tid); 4618 4619 /* Enable chain-building mode for the queue. */ 4620 iwn_prph_setbits(sc, IWN4965_SCHED_QCHAIN_SEL, 1 << qid); 4621 4622 /* Set starting sequence number from the ADDBA request. */ 4623 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 4624 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 4625 4626 /* Set scheduler window size. */ 4627 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid), 4628 IWN_SCHED_WINSZ); 4629 /* Set scheduler frame limit. */ 4630 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 4631 IWN_SCHED_LIMIT << 16); 4632 4633 /* Enable interrupts for the queue. */ 4634 iwn_prph_setbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 4635 4636 /* Mark the queue as active. */ 4637 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 4638 IWN4965_TXQ_STATUS_ACTIVE | IWN4965_TXQ_STATUS_AGGR_ENA | 4639 iwn_tid2fifo[tid] << 1); 4640 } 4641 4642 void 4643 iwn4965_ampdu_tx_stop(struct iwn_softc *sc, uint8_t tid, uint16_t ssn) 4644 { 4645 int qid = 7 + tid; 4646 4647 /* Stop TX scheduler while we're changing its configuration. */ 4648 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 4649 IWN4965_TXQ_STATUS_CHGACT); 4650 4651 /* Set starting sequence number from the ADDBA request. */ 4652 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 4653 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 4654 4655 /* Disable interrupts for the queue. */ 4656 iwn_prph_clrbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 4657 4658 /* Mark the queue as inactive. */ 4659 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 4660 IWN4965_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid] << 1); 4661 } 4662 4663 void 4664 iwn5000_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 4665 uint8_t tid, uint16_t ssn) 4666 { 4667 struct iwn_node *wn = (void *)ni; 4668 int qid = 10 + tid; 4669 4670 /* Stop TX scheduler while we're changing its configuration. */ 4671 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 4672 IWN5000_TXQ_STATUS_CHGACT); 4673 4674 /* Assign RA/TID translation to the queue. */ 4675 iwn_mem_write_2(sc, sc->sched_base + IWN5000_SCHED_TRANS_TBL(qid), 4676 wn->id << 4 | tid); 4677 4678 /* Enable chain-building mode for the queue. */ 4679 iwn_prph_setbits(sc, IWN5000_SCHED_QCHAIN_SEL, 1 << qid); 4680 4681 /* Enable aggregation for the queue. */ 4682 iwn_prph_setbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 4683 4684 /* Set starting sequence number from the ADDBA request. */ 4685 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 4686 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 4687 4688 /* Set scheduler window size and frame limit. */ 4689 iwn_mem_write(sc, sc->sched_base + IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 4690 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 4691 4692 /* Enable interrupts for the queue. */ 4693 iwn_prph_setbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 4694 4695 /* Mark the queue as active. */ 4696 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 4697 IWN5000_TXQ_STATUS_ACTIVE | iwn_tid2fifo[tid]); 4698 } 4699 4700 void 4701 iwn5000_ampdu_tx_stop(struct iwn_softc *sc, uint8_t tid, uint16_t ssn) 4702 { 4703 int qid = 10 + tid; 4704 4705 /* Stop TX scheduler while we're changing its configuration. */ 4706 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 4707 IWN5000_TXQ_STATUS_CHGACT); 4708 4709 /* Disable aggregation for the queue. */ 4710 iwn_prph_clrbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 4711 4712 /* Set starting sequence number from the ADDBA request. */ 4713 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 4714 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 4715 4716 /* Disable interrupts for the queue. */ 4717 iwn_prph_clrbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 4718 4719 /* Mark the queue as inactive. */ 4720 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 4721 IWN5000_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid]); 4722 } 4723 #endif /* !IEEE80211_NO_HT */ 4724 4725 /* 4726 * Query calibration tables from the initialization firmware. We do this 4727 * only once at first boot. Called from a process context. 4728 */ 4729 int 4730 iwn5000_query_calibration(struct iwn_softc *sc) 4731 { 4732 struct iwn5000_calib_config cmd; 4733 int error; 4734 4735 memset(&cmd, 0, sizeof cmd); 4736 cmd.ucode.once.enable = 0xffffffff; 4737 cmd.ucode.once.start = 0xffffffff; 4738 cmd.ucode.once.send = 0xffffffff; 4739 cmd.ucode.flags = 0xffffffff; 4740 DPRINTF(("sending calibration query\n")); 4741 error = iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof cmd, 0); 4742 if (error != 0) 4743 return error; 4744 4745 /* Wait at most two seconds for calibration to complete. */ 4746 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) 4747 error = tsleep(sc, PCATCH, "iwncal", 2 * hz); 4748 return error; 4749 } 4750 4751 /* 4752 * Send calibration results to the runtime firmware. These results were 4753 * obtained on first boot from the initialization firmware. 4754 */ 4755 int 4756 iwn5000_send_calibration(struct iwn_softc *sc) 4757 { 4758 int idx, error; 4759 4760 for (idx = 0; idx < 5; idx++) { 4761 if (sc->calibcmd[idx].buf == NULL) 4762 continue; /* No results available. */ 4763 DPRINTF(("send calibration result idx=%d len=%d\n", 4764 idx, sc->calibcmd[idx].len)); 4765 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, sc->calibcmd[idx].buf, 4766 sc->calibcmd[idx].len, 0); 4767 if (error != 0) { 4768 printf("%s: could not send calibration result\n", 4769 sc->sc_dev.dv_xname); 4770 return error; 4771 } 4772 } 4773 return 0; 4774 } 4775 4776 int 4777 iwn5000_send_wimax_coex(struct iwn_softc *sc) 4778 { 4779 struct iwn5000_wimax_coex wimax; 4780 4781 #ifdef notyet 4782 if (sc->hw_type == IWN_HW_REV_TYPE_6050) { 4783 /* Enable WiMAX coexistence for combo adapters. */ 4784 wimax.flags = 4785 IWN_WIMAX_COEX_ASSOC_WA_UNMASK | 4786 IWN_WIMAX_COEX_UNASSOC_WA_UNMASK | 4787 IWN_WIMAX_COEX_STA_TABLE_VALID | 4788 IWN_WIMAX_COEX_ENABLE; 4789 memcpy(wimax.events, iwn6050_wimax_events, 4790 sizeof iwn6050_wimax_events); 4791 } else 4792 #endif 4793 { 4794 /* Disable WiMAX coexistence. */ 4795 wimax.flags = 0; 4796 memset(wimax.events, 0, sizeof wimax.events); 4797 } 4798 DPRINTF(("Configuring WiMAX coexistence\n")); 4799 return iwn_cmd(sc, IWN5000_CMD_WIMAX_COEX, &wimax, sizeof wimax, 0); 4800 } 4801 4802 /* 4803 * This function is called after the runtime firmware notifies us of its 4804 * readiness (called in a process context.) 4805 */ 4806 int 4807 iwn4965_post_alive(struct iwn_softc *sc) 4808 { 4809 int error, qid; 4810 4811 if ((error = iwn_nic_lock(sc)) != 0) 4812 return error; 4813 4814 /* Clear TX scheduler state in SRAM. */ 4815 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 4816 iwn_mem_set_region_4(sc, sc->sched_base + IWN4965_SCHED_CTX_OFF, 0, 4817 IWN4965_SCHED_CTX_LEN / sizeof (uint32_t)); 4818 4819 /* Set physical address of TX scheduler rings (1KB aligned.) */ 4820 iwn_prph_write(sc, IWN4965_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 4821 4822 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 4823 4824 /* Disable chain mode for all our 16 queues. */ 4825 iwn_prph_write(sc, IWN4965_SCHED_QCHAIN_SEL, 0); 4826 4827 for (qid = 0; qid < IWN4965_NTXQUEUES; qid++) { 4828 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), 0); 4829 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 4830 4831 /* Set scheduler window size. */ 4832 iwn_mem_write(sc, sc->sched_base + 4833 IWN4965_SCHED_QUEUE_OFFSET(qid), IWN_SCHED_WINSZ); 4834 /* Set scheduler frame limit. */ 4835 iwn_mem_write(sc, sc->sched_base + 4836 IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 4837 IWN_SCHED_LIMIT << 16); 4838 } 4839 4840 /* Enable interrupts for all our 16 queues. */ 4841 iwn_prph_write(sc, IWN4965_SCHED_INTR_MASK, 0xffff); 4842 /* Identify TX FIFO rings (0-7). */ 4843 iwn_prph_write(sc, IWN4965_SCHED_TXFACT, 0xff); 4844 4845 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 4846 for (qid = 0; qid < 7; qid++) { 4847 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 4, 5, 6 }; 4848 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 4849 IWN4965_TXQ_STATUS_ACTIVE | qid2fifo[qid] << 1); 4850 } 4851 iwn_nic_unlock(sc); 4852 return 0; 4853 } 4854 4855 /* 4856 * This function is called after the initialization or runtime firmware 4857 * notifies us of its readiness (called in a process context.) 4858 */ 4859 int 4860 iwn5000_post_alive(struct iwn_softc *sc) 4861 { 4862 int error, qid; 4863 4864 /* Switch to using ICT interrupt mode. */ 4865 iwn5000_ict_reset(sc); 4866 4867 if ((error = iwn_nic_lock(sc)) != 0) 4868 return error; 4869 4870 /* Clear TX scheduler state in SRAM. */ 4871 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 4872 iwn_mem_set_region_4(sc, sc->sched_base + IWN5000_SCHED_CTX_OFF, 0, 4873 IWN5000_SCHED_CTX_LEN / sizeof (uint32_t)); 4874 4875 /* Set physical address of TX scheduler rings (1KB aligned.) */ 4876 iwn_prph_write(sc, IWN5000_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 4877 4878 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 4879 4880 /* Enable chain mode for all queues, except command queue. */ 4881 iwn_prph_write(sc, IWN5000_SCHED_QCHAIN_SEL, 0xfffef); 4882 iwn_prph_write(sc, IWN5000_SCHED_AGGR_SEL, 0); 4883 4884 for (qid = 0; qid < IWN5000_NTXQUEUES; qid++) { 4885 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), 0); 4886 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 4887 4888 iwn_mem_write(sc, sc->sched_base + 4889 IWN5000_SCHED_QUEUE_OFFSET(qid), 0); 4890 /* Set scheduler window size and frame limit. */ 4891 iwn_mem_write(sc, sc->sched_base + 4892 IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 4893 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 4894 } 4895 4896 /* Enable interrupts for all our 20 queues. */ 4897 iwn_prph_write(sc, IWN5000_SCHED_INTR_MASK, 0xfffff); 4898 /* Identify TX FIFO rings (0-7). */ 4899 iwn_prph_write(sc, IWN5000_SCHED_TXFACT, 0xff); 4900 4901 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 4902 for (qid = 0; qid < 7; qid++) { 4903 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 7, 5, 6 }; 4904 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 4905 IWN5000_TXQ_STATUS_ACTIVE | qid2fifo[qid]); 4906 } 4907 iwn_nic_unlock(sc); 4908 4909 /* Configure WiMAX coexistence for combo adapters. */ 4910 error = iwn5000_send_wimax_coex(sc); 4911 if (error != 0) { 4912 printf("%s: could not configure WiMAX coexistence\n", 4913 sc->sc_dev.dv_xname); 4914 return error; 4915 } 4916 if (sc->hw_type != IWN_HW_REV_TYPE_5150) { 4917 struct iwn5000_phy_calib_crystal cmd; 4918 4919 /* Perform crystal calibration. */ 4920 memset(&cmd, 0, sizeof cmd); 4921 cmd.code = IWN5000_PHY_CALIB_CRYSTAL; 4922 cmd.ngroups = 1; 4923 cmd.isvalid = 1; 4924 cmd.cap_pin[0] = letoh32(sc->eeprom_crystal) & 0xff; 4925 cmd.cap_pin[1] = (letoh32(sc->eeprom_crystal) >> 16) & 0xff; 4926 DPRINTF(("sending crystal calibration %d, %d\n", 4927 cmd.cap_pin[0], cmd.cap_pin[1])); 4928 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 4929 if (error != 0) { 4930 printf("%s: crystal calibration failed\n", 4931 sc->sc_dev.dv_xname); 4932 return error; 4933 } 4934 } 4935 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) { 4936 /* Query calibration from the initialization firmware. */ 4937 if ((error = iwn5000_query_calibration(sc)) != 0) { 4938 printf("%s: could not query calibration\n", 4939 sc->sc_dev.dv_xname); 4940 return error; 4941 } 4942 /* 4943 * We have the calibration results now, reboot with the 4944 * runtime firmware (call ourselves recursively!) 4945 */ 4946 iwn_hw_stop(sc); 4947 error = iwn_hw_init(sc); 4948 } else { 4949 /* Send calibration results to runtime firmware. */ 4950 error = iwn5000_send_calibration(sc); 4951 } 4952 return error; 4953 } 4954 4955 /* 4956 * The firmware boot code is small and is intended to be copied directly into 4957 * the NIC internal memory (no DMA transfer.) 4958 */ 4959 int 4960 iwn4965_load_bootcode(struct iwn_softc *sc, const uint8_t *ucode, int size) 4961 { 4962 int error, ntries; 4963 4964 size /= sizeof (uint32_t); 4965 4966 if ((error = iwn_nic_lock(sc)) != 0) 4967 return error; 4968 4969 /* Copy microcode image into NIC memory. */ 4970 iwn_prph_write_region_4(sc, IWN_BSM_SRAM_BASE, 4971 (const uint32_t *)ucode, size); 4972 4973 iwn_prph_write(sc, IWN_BSM_WR_MEM_SRC, 0); 4974 iwn_prph_write(sc, IWN_BSM_WR_MEM_DST, IWN_FW_TEXT_BASE); 4975 iwn_prph_write(sc, IWN_BSM_WR_DWCOUNT, size); 4976 4977 /* Start boot load now. */ 4978 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START); 4979 4980 /* Wait for transfer to complete. */ 4981 for (ntries = 0; ntries < 1000; ntries++) { 4982 if (!(iwn_prph_read(sc, IWN_BSM_WR_CTRL) & 4983 IWN_BSM_WR_CTRL_START)) 4984 break; 4985 DELAY(10); 4986 } 4987 if (ntries == 1000) { 4988 printf("%s: could not load boot firmware\n", 4989 sc->sc_dev.dv_xname); 4990 iwn_nic_unlock(sc); 4991 return ETIMEDOUT; 4992 } 4993 4994 /* Enable boot after power up. */ 4995 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START_EN); 4996 4997 iwn_nic_unlock(sc); 4998 return 0; 4999 } 5000 5001 int 5002 iwn4965_load_firmware(struct iwn_softc *sc) 5003 { 5004 struct iwn_fw_info *fw = &sc->fw; 5005 struct iwn_dma_info *dma = &sc->fw_dma; 5006 int error; 5007 5008 /* Copy initialization sections into pre-allocated DMA-safe memory. */ 5009 memcpy(dma->vaddr, fw->init.data, fw->init.datasz); 5010 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, fw->init.datasz, 5011 BUS_DMASYNC_PREWRITE); 5012 memcpy(dma->vaddr + IWN4965_FW_DATA_MAXSZ, 5013 fw->init.text, fw->init.textsz); 5014 bus_dmamap_sync(sc->sc_dmat, dma->map, IWN4965_FW_DATA_MAXSZ, 5015 fw->init.textsz, BUS_DMASYNC_PREWRITE); 5016 5017 /* Tell adapter where to find initialization sections. */ 5018 if ((error = iwn_nic_lock(sc)) != 0) 5019 return error; 5020 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 5021 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->init.datasz); 5022 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 5023 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 5024 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, fw->init.textsz); 5025 iwn_nic_unlock(sc); 5026 5027 /* Load firmware boot code. */ 5028 error = iwn4965_load_bootcode(sc, fw->boot.text, fw->boot.textsz); 5029 if (error != 0) { 5030 printf("%s: could not load boot firmware\n", 5031 sc->sc_dev.dv_xname); 5032 return error; 5033 } 5034 /* Now press "execute". */ 5035 IWN_WRITE(sc, IWN_RESET, 0); 5036 5037 /* Wait at most one second for first alive notification. */ 5038 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 5039 printf("%s: timeout waiting for adapter to initialize\n", 5040 sc->sc_dev.dv_xname); 5041 return error; 5042 } 5043 5044 /* Retrieve current temperature for initial TX power calibration. */ 5045 sc->rawtemp = sc->ucode_info.temp[3].chan20MHz; 5046 sc->temp = iwn4965_get_temperature(sc); 5047 5048 /* Copy runtime sections into pre-allocated DMA-safe memory. */ 5049 memcpy(dma->vaddr, fw->main.data, fw->main.datasz); 5050 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, fw->main.datasz, 5051 BUS_DMASYNC_PREWRITE); 5052 memcpy(dma->vaddr + IWN4965_FW_DATA_MAXSZ, 5053 fw->main.text, fw->main.textsz); 5054 bus_dmamap_sync(sc->sc_dmat, dma->map, IWN4965_FW_DATA_MAXSZ, 5055 fw->main.textsz, BUS_DMASYNC_PREWRITE); 5056 5057 /* Tell adapter where to find runtime sections. */ 5058 if ((error = iwn_nic_lock(sc)) != 0) 5059 return error; 5060 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 5061 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->main.datasz); 5062 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 5063 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 5064 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, 5065 IWN_FW_UPDATED | fw->main.textsz); 5066 iwn_nic_unlock(sc); 5067 5068 return 0; 5069 } 5070 5071 int 5072 iwn5000_load_firmware_section(struct iwn_softc *sc, uint32_t dst, 5073 const uint8_t *section, int size) 5074 { 5075 struct iwn_dma_info *dma = &sc->fw_dma; 5076 int error; 5077 5078 /* Copy firmware section into pre-allocated DMA-safe memory. */ 5079 memcpy(dma->vaddr, section, size); 5080 bus_dmamap_sync(sc->sc_dmat, dma->map, 0, size, BUS_DMASYNC_PREWRITE); 5081 5082 if ((error = iwn_nic_lock(sc)) != 0) 5083 return error; 5084 5085 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 5086 IWN_FH_TX_CONFIG_DMA_PAUSE); 5087 5088 IWN_WRITE(sc, IWN_FH_SRAM_ADDR(IWN_SRVC_DMACHNL), dst); 5089 IWN_WRITE(sc, IWN_FH_TFBD_CTRL0(IWN_SRVC_DMACHNL), 5090 IWN_LOADDR(dma->paddr)); 5091 IWN_WRITE(sc, IWN_FH_TFBD_CTRL1(IWN_SRVC_DMACHNL), 5092 IWN_HIADDR(dma->paddr) << 28 | size); 5093 IWN_WRITE(sc, IWN_FH_TXBUF_STATUS(IWN_SRVC_DMACHNL), 5094 IWN_FH_TXBUF_STATUS_TBNUM(1) | 5095 IWN_FH_TXBUF_STATUS_TBIDX(1) | 5096 IWN_FH_TXBUF_STATUS_TFBD_VALID); 5097 5098 /* Kick Flow Handler to start DMA transfer. */ 5099 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 5100 IWN_FH_TX_CONFIG_DMA_ENA | IWN_FH_TX_CONFIG_CIRQ_HOST_ENDTFD); 5101 5102 iwn_nic_unlock(sc); 5103 5104 /* Wait at most five seconds for FH DMA transfer to complete. */ 5105 return tsleep(sc, PCATCH, "iwninit", 5 * hz); 5106 } 5107 5108 int 5109 iwn5000_load_firmware(struct iwn_softc *sc) 5110 { 5111 struct iwn_fw_part *fw; 5112 int error; 5113 5114 /* Load the initialization firmware on first boot only. */ 5115 fw = (sc->sc_flags & IWN_FLAG_CALIB_DONE) ? 5116 &sc->fw.main : &sc->fw.init; 5117 5118 error = iwn5000_load_firmware_section(sc, IWN_FW_TEXT_BASE, 5119 fw->text, fw->textsz); 5120 if (error != 0) { 5121 printf("%s: could not load firmware %s section\n", 5122 sc->sc_dev.dv_xname, ".text"); 5123 return error; 5124 } 5125 error = iwn5000_load_firmware_section(sc, IWN_FW_DATA_BASE, 5126 fw->data, fw->datasz); 5127 if (error != 0) { 5128 printf("%s: could not load firmware %s section\n", 5129 sc->sc_dev.dv_xname, ".data"); 5130 return error; 5131 } 5132 5133 /* Now press "execute". */ 5134 IWN_WRITE(sc, IWN_RESET, 0); 5135 return 0; 5136 } 5137 5138 int 5139 iwn_read_firmware(struct iwn_softc *sc) 5140 { 5141 const struct iwn_hal *hal = sc->sc_hal; 5142 struct iwn_fw_info *fw = &sc->fw; 5143 const uint32_t *ptr; 5144 uint32_t rev; 5145 size_t size; 5146 int error; 5147 5148 /* Read firmware image from filesystem. */ 5149 if ((error = loadfirmware(sc->fwname, &fw->data, &size)) != 0) { 5150 printf("%s: error, %d, could not read firmware %s\n", 5151 sc->sc_dev.dv_xname, error, sc->fwname); 5152 return error; 5153 } 5154 if (size < 28) { 5155 printf("%s: truncated firmware header: %d bytes\n", 5156 sc->sc_dev.dv_xname, size); 5157 free(fw->data, M_DEVBUF); 5158 return EINVAL; 5159 } 5160 5161 /* Process firmware header. */ 5162 ptr = (const uint32_t *)fw->data; 5163 rev = letoh32(*ptr++); 5164 /* Check firmware API version. */ 5165 if (IWN_FW_API(rev) <= 1) { 5166 printf("%s: bad firmware, need API version >=2\n", 5167 sc->sc_dev.dv_xname); 5168 free(fw->data, M_DEVBUF); 5169 return EINVAL; 5170 } 5171 if (IWN_FW_API(rev) >= 3) { 5172 /* Skip build number (version 2 header). */ 5173 size -= 4; 5174 ptr++; 5175 } 5176 fw->main.textsz = letoh32(*ptr++); 5177 fw->main.datasz = letoh32(*ptr++); 5178 fw->init.textsz = letoh32(*ptr++); 5179 fw->init.datasz = letoh32(*ptr++); 5180 fw->boot.textsz = letoh32(*ptr++); 5181 size -= 24; 5182 5183 /* Sanity-check firmware header. */ 5184 if (fw->main.textsz > hal->fw_text_maxsz || 5185 fw->main.datasz > hal->fw_data_maxsz || 5186 fw->init.textsz > hal->fw_text_maxsz || 5187 fw->init.datasz > hal->fw_data_maxsz || 5188 fw->boot.textsz > IWN_FW_BOOT_TEXT_MAXSZ || 5189 (fw->boot.textsz & 3) != 0) { 5190 printf("%s: invalid firmware header\n", sc->sc_dev.dv_xname); 5191 free(fw->data, M_DEVBUF); 5192 return EINVAL; 5193 } 5194 5195 /* Check that all firmware sections fit. */ 5196 if (fw->main.textsz + fw->main.datasz + fw->init.textsz + 5197 fw->init.datasz + fw->boot.textsz > size) { 5198 printf("%s: firmware file too short: %d bytes\n", 5199 sc->sc_dev.dv_xname, size); 5200 free(fw->data, M_DEVBUF); 5201 return EINVAL; 5202 } 5203 5204 /* Get pointers to firmware sections. */ 5205 fw->main.text = (const uint8_t *)ptr; 5206 fw->main.data = fw->main.text + fw->main.textsz; 5207 fw->init.text = fw->main.data + fw->main.datasz; 5208 fw->init.data = fw->init.text + fw->init.textsz; 5209 fw->boot.text = fw->init.data + fw->init.datasz; 5210 5211 return 0; 5212 } 5213 5214 int 5215 iwn_clock_wait(struct iwn_softc *sc) 5216 { 5217 int ntries; 5218 5219 /* Set "initialization complete" bit. */ 5220 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 5221 5222 /* Wait for clock stabilization. */ 5223 for (ntries = 0; ntries < 2500; ntries++) { 5224 if (IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_MAC_CLOCK_READY) 5225 return 0; 5226 DELAY(10); 5227 } 5228 printf("%s: timeout waiting for clock stabilization\n", 5229 sc->sc_dev.dv_xname); 5230 return ETIMEDOUT; 5231 } 5232 5233 int 5234 iwn_apm_init(struct iwn_softc *sc) 5235 { 5236 pcireg_t reg; 5237 int error; 5238 5239 /* Disable L0s exit timer (NMI bug workaround.) */ 5240 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_DIS_L0S_TIMER); 5241 /* Don't wait for ICH L0s (ICH bug workaround.) */ 5242 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_L1A_NO_L0S_RX); 5243 5244 /* Set FH wait threshold to max (HW bug under stress workaround.) */ 5245 IWN_SETBITS(sc, IWN_DBG_HPET_MEM, 0xffff0000); 5246 5247 /* Enable HAP INTA to move adapter from L1a to L0s. */ 5248 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_HAP_WAKE_L1A); 5249 5250 /* Retrieve PCIe Active State Power Management (ASPM). */ 5251 reg = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 5252 sc->sc_cap_off + PCI_PCIE_LCSR); 5253 /* Workaround for HW instability in PCIe L0->L0s->L1 transition. */ 5254 if (reg & PCI_PCIE_LCSR_ASPM_L1) /* L1 Entry enabled. */ 5255 IWN_SETBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 5256 else 5257 IWN_CLRBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 5258 5259 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 5260 sc->hw_type != IWN_HW_REV_TYPE_6000 && 5261 sc->hw_type != IWN_HW_REV_TYPE_6050) 5262 IWN_SETBITS(sc, IWN_ANA_PLL, IWN_ANA_PLL_INIT); 5263 5264 /* Wait for clock stabilization before accessing prph. */ 5265 if ((error = iwn_clock_wait(sc)) != 0) 5266 return error; 5267 5268 if ((error = iwn_nic_lock(sc)) != 0) 5269 return error; 5270 if (sc->hw_type == IWN_HW_REV_TYPE_4965) { 5271 /* Enable DMA and BSM (Bootstrap State Machine.) */ 5272 iwn_prph_write(sc, IWN_APMG_CLK_EN, 5273 IWN_APMG_CLK_CTRL_DMA_CLK_RQT | 5274 IWN_APMG_CLK_CTRL_BSM_CLK_RQT); 5275 } else { 5276 /* Enable DMA. */ 5277 iwn_prph_write(sc, IWN_APMG_CLK_EN, 5278 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 5279 } 5280 DELAY(20); 5281 /* Disable L1-Active. */ 5282 iwn_prph_setbits(sc, IWN_APMG_PCI_STT, IWN_APMG_PCI_STT_L1A_DIS); 5283 iwn_nic_unlock(sc); 5284 5285 return 0; 5286 } 5287 5288 void 5289 iwn_apm_stop_master(struct iwn_softc *sc) 5290 { 5291 int ntries; 5292 5293 /* Stop busmaster DMA activity. */ 5294 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_STOP_MASTER); 5295 for (ntries = 0; ntries < 100; ntries++) { 5296 if (IWN_READ(sc, IWN_RESET) & IWN_RESET_MASTER_DISABLED) 5297 return; 5298 DELAY(10); 5299 } 5300 printf("%s: timeout waiting for master\n", sc->sc_dev.dv_xname); 5301 } 5302 5303 void 5304 iwn_apm_stop(struct iwn_softc *sc) 5305 { 5306 iwn_apm_stop_master(sc); 5307 5308 /* Reset the entire device. */ 5309 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_SW); 5310 DELAY(10); 5311 /* Clear "initialization complete" bit. */ 5312 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 5313 } 5314 5315 int 5316 iwn4965_nic_config(struct iwn_softc *sc) 5317 { 5318 if (IWN_RFCFG_TYPE(sc->rfcfg) == 1) { 5319 /* 5320 * I don't believe this to be correct but this is what the 5321 * vendor driver is doing. Probably the bits should not be 5322 * shifted in IWN_RFCFG_*. 5323 */ 5324 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5325 IWN_RFCFG_TYPE(sc->rfcfg) | 5326 IWN_RFCFG_STEP(sc->rfcfg) | 5327 IWN_RFCFG_DASH(sc->rfcfg)); 5328 } 5329 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5330 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 5331 return 0; 5332 } 5333 5334 int 5335 iwn5000_nic_config(struct iwn_softc *sc) 5336 { 5337 uint32_t tmp; 5338 int error; 5339 5340 if (IWN_RFCFG_TYPE(sc->rfcfg) < 3) { 5341 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5342 IWN_RFCFG_TYPE(sc->rfcfg) | 5343 IWN_RFCFG_STEP(sc->rfcfg) | 5344 IWN_RFCFG_DASH(sc->rfcfg)); 5345 } 5346 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 5347 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 5348 5349 if ((error = iwn_nic_lock(sc)) != 0) 5350 return error; 5351 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_EARLY_PWROFF_DIS); 5352 5353 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 5354 /* 5355 * Select first Switching Voltage Regulator (1.32V) to 5356 * solve a stability issue related to noisy DC2DC line 5357 * in the silicon of 1000 Series. 5358 */ 5359 tmp = iwn_prph_read(sc, IWN_APMG_DIGITAL_SVR); 5360 tmp &= ~IWN_APMG_DIGITAL_SVR_VOLTAGE_MASK; 5361 tmp |= IWN_APMG_DIGITAL_SVR_VOLTAGE_1_32; 5362 iwn_prph_write(sc, IWN_APMG_DIGITAL_SVR, tmp); 5363 } 5364 iwn_nic_unlock(sc); 5365 5366 if (sc->sc_flags & IWN_FLAG_INTERNAL_PA) { 5367 /* Use internal power amplifier only. */ 5368 IWN_WRITE(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_RADIO_2X2_IPA); 5369 } 5370 return 0; 5371 } 5372 5373 /* 5374 * Take NIC ownership over Intel Active Management Technology (AMT). 5375 */ 5376 int 5377 iwn_hw_prepare(struct iwn_softc *sc) 5378 { 5379 int ntries; 5380 5381 /* Check if hardware is ready. */ 5382 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 5383 for (ntries = 0; ntries < 5; ntries++) { 5384 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 5385 IWN_HW_IF_CONFIG_NIC_READY) 5386 return 0; 5387 DELAY(10); 5388 } 5389 5390 /* Hardware not ready, force into ready state. */ 5391 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_PREPARE); 5392 for (ntries = 0; ntries < 15000; ntries++) { 5393 if (!(IWN_READ(sc, IWN_HW_IF_CONFIG) & 5394 IWN_HW_IF_CONFIG_PREPARE_DONE)) 5395 break; 5396 DELAY(10); 5397 } 5398 if (ntries == 15000) 5399 return ETIMEDOUT; 5400 5401 /* Hardware should be ready now. */ 5402 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 5403 for (ntries = 0; ntries < 5; ntries++) { 5404 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 5405 IWN_HW_IF_CONFIG_NIC_READY) 5406 return 0; 5407 DELAY(10); 5408 } 5409 return ETIMEDOUT; 5410 } 5411 5412 int 5413 iwn_hw_init(struct iwn_softc *sc) 5414 { 5415 const struct iwn_hal *hal = sc->sc_hal; 5416 int error, chnl, qid; 5417 5418 /* Clear pending interrupts. */ 5419 IWN_WRITE(sc, IWN_INT, 0xffffffff); 5420 5421 if ((error = iwn_apm_init(sc)) != 0) { 5422 printf("%s: could not power ON adapter\n", 5423 sc->sc_dev.dv_xname); 5424 return error; 5425 } 5426 5427 /* Select VMAIN power source. */ 5428 if ((error = iwn_nic_lock(sc)) != 0) 5429 return error; 5430 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_PWR_SRC_MASK); 5431 iwn_nic_unlock(sc); 5432 5433 /* Perform adapter-specific initialization. */ 5434 if ((error = hal->nic_config(sc)) != 0) 5435 return error; 5436 5437 /* Initialize RX ring. */ 5438 if ((error = iwn_nic_lock(sc)) != 0) 5439 return error; 5440 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 5441 IWN_WRITE(sc, IWN_FH_RX_WPTR, 0); 5442 /* Set physical address of RX ring (256-byte aligned.) */ 5443 IWN_WRITE(sc, IWN_FH_RX_BASE, sc->rxq.desc_dma.paddr >> 8); 5444 /* Set physical address of RX status (16-byte aligned.) */ 5445 IWN_WRITE(sc, IWN_FH_STATUS_WPTR, sc->rxq.stat_dma.paddr >> 4); 5446 /* Enable RX. */ 5447 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 5448 IWN_FH_RX_CONFIG_ENA | 5449 IWN_FH_RX_CONFIG_IGN_RXF_EMPTY | /* HW bug workaround */ 5450 IWN_FH_RX_CONFIG_IRQ_DST_HOST | 5451 IWN_FH_RX_CONFIG_SINGLE_FRAME | 5452 IWN_FH_RX_CONFIG_RB_TIMEOUT(0) | 5453 IWN_FH_RX_CONFIG_NRBD(IWN_RX_RING_COUNT_LOG)); 5454 iwn_nic_unlock(sc); 5455 IWN_WRITE(sc, IWN_FH_RX_WPTR, (IWN_RX_RING_COUNT - 1) & ~7); 5456 5457 if ((error = iwn_nic_lock(sc)) != 0) 5458 return error; 5459 5460 /* Initialize TX scheduler. */ 5461 iwn_prph_write(sc, hal->sched_txfact_addr, 0); 5462 5463 /* Set physical address of "keep warm" page (16-byte aligned.) */ 5464 IWN_WRITE(sc, IWN_FH_KW_ADDR, sc->kw_dma.paddr >> 4); 5465 5466 /* Initialize TX rings. */ 5467 for (qid = 0; qid < hal->ntxqs; qid++) { 5468 struct iwn_tx_ring *txq = &sc->txq[qid]; 5469 5470 /* Set physical address of TX ring (256-byte aligned.) */ 5471 IWN_WRITE(sc, IWN_FH_CBBC_QUEUE(qid), 5472 txq->desc_dma.paddr >> 8); 5473 } 5474 iwn_nic_unlock(sc); 5475 5476 /* Enable DMA channels. */ 5477 for (chnl = 0; chnl < hal->ndmachnls; chnl++) { 5478 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 5479 IWN_FH_TX_CONFIG_DMA_ENA | 5480 IWN_FH_TX_CONFIG_DMA_CREDIT_ENA); 5481 } 5482 5483 /* Clear "radio off" and "commands blocked" bits. */ 5484 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 5485 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CMD_BLOCKED); 5486 5487 /* Clear pending interrupts. */ 5488 IWN_WRITE(sc, IWN_INT, 0xffffffff); 5489 /* Enable interrupt coalescing. */ 5490 IWN_WRITE(sc, IWN_INT_COALESCING, 512 / 8); 5491 /* Enable interrupts. */ 5492 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 5493 5494 /* _Really_ make sure "radio off" bit is cleared! */ 5495 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 5496 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 5497 5498 if ((error = hal->load_firmware(sc)) != 0) { 5499 printf("%s: could not load firmware\n", sc->sc_dev.dv_xname); 5500 return error; 5501 } 5502 /* Wait at most one second for firmware alive notification. */ 5503 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 5504 printf("%s: timeout waiting for adapter to initialize\n", 5505 sc->sc_dev.dv_xname); 5506 return error; 5507 } 5508 /* Do post-firmware initialization. */ 5509 return hal->post_alive(sc); 5510 } 5511 5512 void 5513 iwn_hw_stop(struct iwn_softc *sc) 5514 { 5515 const struct iwn_hal *hal = sc->sc_hal; 5516 int chnl, qid, ntries; 5517 uint32_t tmp; 5518 5519 IWN_WRITE(sc, IWN_RESET, IWN_RESET_NEVO); 5520 5521 /* Disable interrupts. */ 5522 IWN_WRITE(sc, IWN_INT_MASK, 0); 5523 IWN_WRITE(sc, IWN_INT, 0xffffffff); 5524 IWN_WRITE(sc, IWN_FH_INT, 0xffffffff); 5525 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 5526 5527 /* Make sure we no longer hold the NIC lock. */ 5528 iwn_nic_unlock(sc); 5529 5530 /* Stop TX scheduler. */ 5531 iwn_prph_write(sc, hal->sched_txfact_addr, 0); 5532 5533 /* Stop all DMA channels. */ 5534 if (iwn_nic_lock(sc) == 0) { 5535 for (chnl = 0; chnl < hal->ndmachnls; chnl++) { 5536 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 0); 5537 for (ntries = 0; ntries < 200; ntries++) { 5538 tmp = IWN_READ(sc, IWN_FH_TX_STATUS); 5539 if ((tmp & IWN_FH_TX_STATUS_IDLE(chnl)) == 5540 IWN_FH_TX_STATUS_IDLE(chnl)) 5541 break; 5542 DELAY(10); 5543 } 5544 } 5545 iwn_nic_unlock(sc); 5546 } 5547 5548 /* Stop RX ring. */ 5549 iwn_reset_rx_ring(sc, &sc->rxq); 5550 5551 /* Reset all TX rings. */ 5552 for (qid = 0; qid < hal->ntxqs; qid++) 5553 iwn_reset_tx_ring(sc, &sc->txq[qid]); 5554 5555 if (iwn_nic_lock(sc) == 0) { 5556 iwn_prph_write(sc, IWN_APMG_CLK_DIS, 5557 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 5558 iwn_nic_unlock(sc); 5559 } 5560 DELAY(5); 5561 /* Power OFF adapter. */ 5562 iwn_apm_stop(sc); 5563 } 5564 5565 int 5566 iwn_init(struct ifnet *ifp) 5567 { 5568 struct iwn_softc *sc = ifp->if_softc; 5569 struct ieee80211com *ic = &sc->sc_ic; 5570 int error; 5571 5572 if ((error = iwn_hw_prepare(sc)) != 0) { 5573 printf("%s: hardware not ready\n", sc->sc_dev.dv_xname); 5574 goto fail; 5575 } 5576 5577 /* Check that the radio is not disabled by hardware switch. */ 5578 if (!(IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_RFKILL)) { 5579 printf("%s: radio is disabled by hardware switch\n", 5580 sc->sc_dev.dv_xname); 5581 error = EPERM; /* :-) */ 5582 goto fail; 5583 } 5584 5585 /* Read firmware images from the filesystem. */ 5586 if ((error = iwn_read_firmware(sc)) != 0) { 5587 printf("%s: could not read firmware\n", sc->sc_dev.dv_xname); 5588 goto fail; 5589 } 5590 5591 /* Initialize interrupt mask to default value. */ 5592 sc->int_mask = IWN_INT_MASK_DEF; 5593 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 5594 5595 /* Initialize hardware and upload firmware. */ 5596 error = iwn_hw_init(sc); 5597 free(sc->fw.data, M_DEVBUF); 5598 if (error != 0) { 5599 printf("%s: could not initialize hardware\n", 5600 sc->sc_dev.dv_xname); 5601 goto fail; 5602 } 5603 5604 /* Configure adapter now that it is ready. */ 5605 if ((error = iwn_config(sc)) != 0) { 5606 printf("%s: could not configure device\n", 5607 sc->sc_dev.dv_xname); 5608 goto fail; 5609 } 5610 5611 ifp->if_flags &= ~IFF_OACTIVE; 5612 ifp->if_flags |= IFF_RUNNING; 5613 5614 if (ic->ic_opmode != IEEE80211_M_MONITOR) 5615 ieee80211_begin_scan(ifp); 5616 else 5617 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 5618 5619 return 0; 5620 5621 fail: iwn_stop(ifp, 1); 5622 return error; 5623 } 5624 5625 void 5626 iwn_stop(struct ifnet *ifp, int disable) 5627 { 5628 struct iwn_softc *sc = ifp->if_softc; 5629 struct ieee80211com *ic = &sc->sc_ic; 5630 5631 ifp->if_timer = sc->sc_tx_timer = 0; 5632 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 5633 5634 /* In case we were scanning, release the scan "lock". */ 5635 ic->ic_scan_lock = IEEE80211_SCAN_UNLOCKED; 5636 5637 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 5638 5639 /* Power OFF hardware. */ 5640 iwn_hw_stop(sc); 5641 5642 /* Temperature sensor is no longer valid. */ 5643 sc->sensor.value = 0; 5644 sc->sensor.flags |= SENSOR_FINVALID; 5645 } 5646