1 /* $OpenBSD: if_wpi.c,v 1.38 2007/01/03 18:19:06 claudio Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /* 21 * Driver for Intel PRO/Wireless 3945ABG 802.11 network adapters. 22 */ 23 24 #include "bpfilter.h" 25 26 #include <sys/param.h> 27 #include <sys/sockio.h> 28 #include <sys/sysctl.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/socket.h> 32 #include <sys/systm.h> 33 #include <sys/malloc.h> 34 #include <sys/conf.h> 35 #include <sys/device.h> 36 37 #include <machine/bus.h> 38 #include <machine/endian.h> 39 #include <machine/intr.h> 40 41 #include <dev/pci/pcireg.h> 42 #include <dev/pci/pcivar.h> 43 #include <dev/pci/pcidevs.h> 44 45 #if NBPFILTER > 0 46 #include <net/bpf.h> 47 #endif 48 #include <net/if.h> 49 #include <net/if_arp.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 54 #include <netinet/in.h> 55 #include <netinet/in_systm.h> 56 #include <netinet/in_var.h> 57 #include <netinet/if_ether.h> 58 #include <netinet/ip.h> 59 60 #include <net80211/ieee80211_var.h> 61 #include <net80211/ieee80211_amrr.h> 62 #include <net80211/ieee80211_radiotap.h> 63 64 #include <dev/pci/if_wpireg.h> 65 #include <dev/pci/if_wpivar.h> 66 67 const struct pci_matchid wpi_devices[] = { 68 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_3945ABG_1 }, 69 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_3945ABG_2 } 70 }; 71 72 static const uint8_t wpi_ridx_to_plcp[] = { 73 0xd, 0xf, 0x5, 0x7, 0x9, 0xb, 0x1, 0x3, /* OFDM R1-R4 */ 74 10, 20, 55, 110 /* CCK */ 75 }; 76 77 int wpi_match(struct device *, void *, void *); 78 void wpi_attach(struct device *, struct device *, void *); 79 void wpi_power(int, void *); 80 int wpi_dma_contig_alloc(bus_dma_tag_t, struct wpi_dma_info *, 81 void **, bus_size_t, bus_size_t, int); 82 void wpi_dma_contig_free(struct wpi_dma_info *); 83 int wpi_alloc_shared(struct wpi_softc *); 84 void wpi_free_shared(struct wpi_softc *); 85 struct wpi_rbuf *wpi_alloc_rbuf(struct wpi_softc *); 86 void wpi_free_rbuf(caddr_t, u_int, void *); 87 int wpi_alloc_rpool(struct wpi_softc *); 88 void wpi_free_rpool(struct wpi_softc *); 89 int wpi_alloc_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 90 void wpi_reset_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 91 void wpi_free_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 92 int wpi_alloc_tx_ring(struct wpi_softc *, struct wpi_tx_ring *, 93 int, int); 94 void wpi_reset_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 95 void wpi_free_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 96 struct ieee80211_node *wpi_node_alloc(struct ieee80211com *); 97 int wpi_media_change(struct ifnet *); 98 int wpi_newstate(struct ieee80211com *, enum ieee80211_state, int); 99 void wpi_mem_lock(struct wpi_softc *); 100 void wpi_mem_unlock(struct wpi_softc *); 101 uint32_t wpi_mem_read(struct wpi_softc *, uint16_t); 102 void wpi_mem_write(struct wpi_softc *, uint16_t, uint32_t); 103 void wpi_mem_write_region_4(struct wpi_softc *, uint16_t, 104 const uint32_t *, int); 105 uint16_t wpi_read_prom_word(struct wpi_softc *, uint32_t); 106 int wpi_load_microcode(struct wpi_softc *, const char *, int); 107 int wpi_load_firmware_block(struct wpi_softc *, uint32_t, 108 bus_dma_segment_t *); 109 int wpi_load_firmware(struct wpi_softc *, uint32_t, const char *, 110 int); 111 void wpi_rx_intr(struct wpi_softc *, struct wpi_rx_desc *, 112 struct wpi_rx_data *); 113 void wpi_tx_intr(struct wpi_softc *, struct wpi_rx_desc *); 114 void wpi_cmd_intr(struct wpi_softc *, struct wpi_rx_desc *); 115 void wpi_notif_intr(struct wpi_softc *); 116 int wpi_intr(void *); 117 void wpi_read_eeprom(struct wpi_softc *); 118 uint8_t wpi_plcp_signal(int); 119 int wpi_tx_data(struct wpi_softc *, struct mbuf *, 120 struct ieee80211_node *, int); 121 void wpi_start(struct ifnet *); 122 void wpi_watchdog(struct ifnet *); 123 int wpi_ioctl(struct ifnet *, u_long, caddr_t); 124 int wpi_cmd(struct wpi_softc *, int, const void *, int, int); 125 int wpi_mrr_setup(struct wpi_softc *); 126 void wpi_set_led(struct wpi_softc *, uint8_t, uint8_t, uint8_t); 127 void wpi_enable_tsf(struct wpi_softc *, struct ieee80211_node *); 128 int wpi_setup_beacon(struct wpi_softc *, struct ieee80211_node *); 129 int wpi_auth(struct wpi_softc *); 130 int wpi_scan(struct wpi_softc *, uint16_t); 131 int wpi_config(struct wpi_softc *); 132 void wpi_stop_master(struct wpi_softc *); 133 int wpi_power_up(struct wpi_softc *); 134 int wpi_reset(struct wpi_softc *); 135 void wpi_hw_config(struct wpi_softc *); 136 int wpi_init(struct ifnet *); 137 void wpi_stop(struct ifnet *, int); 138 void wpi_iter_func(void *, struct ieee80211_node *); 139 void wpi_amrr_timeout(void *); 140 void wpi_newassoc(struct ieee80211com *, struct ieee80211_node *, 141 int); 142 143 #ifdef WPI_DEBUG 144 #define DPRINTF(x) do { if (wpi_debug > 0) printf x; } while (0) 145 #define DPRINTFN(n, x) do { if (wpi_debug >= (n)) printf x; } while (0) 146 int wpi_debug = 1; 147 #else 148 #define DPRINTF(x) 149 #define DPRINTFN(n, x) 150 #endif 151 152 struct cfattach wpi_ca = { 153 sizeof (struct wpi_softc), wpi_match, wpi_attach 154 }; 155 156 int 157 wpi_match(struct device *parent, void *match, void *aux) 158 { 159 return pci_matchbyid((struct pci_attach_args *)aux, wpi_devices, 160 sizeof (wpi_devices) / sizeof (wpi_devices[0])); 161 } 162 163 /* Base Address Register */ 164 #define WPI_PCI_BAR0 0x10 165 166 void 167 wpi_attach(struct device *parent, struct device *self, void *aux) 168 { 169 struct wpi_softc *sc = (struct wpi_softc *)self; 170 struct ieee80211com *ic = &sc->sc_ic; 171 struct ifnet *ifp = &ic->ic_if; 172 struct pci_attach_args *pa = aux; 173 const char *intrstr; 174 bus_space_tag_t memt; 175 bus_space_handle_t memh; 176 pci_intr_handle_t ih; 177 pcireg_t data; 178 int i, ac, error; 179 180 sc->sc_pct = pa->pa_pc; 181 sc->sc_pcitag = pa->pa_tag; 182 183 /* clear device specific PCI configuration register 0x41 */ 184 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 185 data &= ~0x0000ff00; 186 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 187 188 /* map the register window */ 189 error = pci_mapreg_map(pa, WPI_PCI_BAR0, PCI_MAPREG_TYPE_MEM | 190 PCI_MAPREG_MEM_TYPE_32BIT, 0, &memt, &memh, NULL, &sc->sc_sz, 0); 191 if (error != 0) { 192 printf(": could not map memory space\n"); 193 return; 194 } 195 196 sc->sc_st = memt; 197 sc->sc_sh = memh; 198 sc->sc_dmat = pa->pa_dmat; 199 200 if (pci_intr_map(pa, &ih) != 0) { 201 printf(": could not map interrupt\n"); 202 return; 203 } 204 205 intrstr = pci_intr_string(sc->sc_pct, ih); 206 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, wpi_intr, sc, 207 sc->sc_dev.dv_xname); 208 if (sc->sc_ih == NULL) { 209 printf(": could not establish interrupt"); 210 if (intrstr != NULL) 211 printf(" at %s", intrstr); 212 printf("\n"); 213 return; 214 } 215 printf(": %s", intrstr); 216 217 /* 218 * Put adapter into a known state. 219 */ 220 if ((error = wpi_reset(sc)) != 0) { 221 printf(": could not reset adapter\n"); 222 return; 223 } 224 225 /* 226 * Allocate shared page and Tx/Rx rings. 227 */ 228 if ((error = wpi_alloc_shared(sc)) != 0) { 229 printf(": could not allocate shared area\n"); 230 return; 231 } 232 233 if ((error = wpi_alloc_rpool(sc)) != 0) { 234 printf(": could not allocate Rx buffers\n"); 235 goto fail1; 236 } 237 238 for (ac = 0; ac < 4; ac++) { 239 error = wpi_alloc_tx_ring(sc, &sc->txq[ac], WPI_TX_RING_COUNT, 240 ac); 241 if (error != 0) { 242 printf(": could not allocate Tx ring %d\n", ac); 243 goto fail2; 244 } 245 } 246 247 error = wpi_alloc_tx_ring(sc, &sc->cmdq, WPI_CMD_RING_COUNT, 4); 248 if (error != 0) { 249 printf(": could not allocate command ring\n"); 250 goto fail2; 251 } 252 253 error = wpi_alloc_tx_ring(sc, &sc->svcq, WPI_SVC_RING_COUNT, 5); 254 if (error != 0) { 255 printf(": could not allocate service ring\n"); 256 goto fail3; 257 } 258 259 error = wpi_alloc_rx_ring(sc, &sc->rxq); 260 if (error != 0) { 261 printf(": could not allocate Rx ring\n"); 262 goto fail4; 263 } 264 265 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 266 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 267 ic->ic_state = IEEE80211_S_INIT; 268 269 /* set device capabilities */ 270 ic->ic_caps = 271 IEEE80211_C_WEP | /* s/w WEP */ 272 IEEE80211_C_MONITOR | /* monitor mode supported */ 273 IEEE80211_C_TXPMGT | /* tx power management */ 274 IEEE80211_C_SHSLOT | /* short slot time supported */ 275 IEEE80211_C_SHPREAMBLE; /* short preamble supported */ 276 277 wpi_read_eeprom(sc); 278 printf(", address %s\n", ether_sprintf(ic->ic_myaddr)); 279 280 /* set supported .11a rates */ 281 ic->ic_sup_rates[IEEE80211_MODE_11A] = ieee80211_std_rateset_11a; 282 283 /* set supported .11a channels */ 284 for (i = 36; i <= 64; i += 4) { 285 ic->ic_channels[i].ic_freq = 286 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 287 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 288 } 289 for (i = 100; i <= 140; i += 4) { 290 ic->ic_channels[i].ic_freq = 291 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 292 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 293 } 294 for (i = 149; i <= 165; i += 4) { 295 ic->ic_channels[i].ic_freq = 296 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 297 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 298 } 299 300 /* set supported .11b and .11g rates */ 301 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 302 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 303 304 /* set supported .11b and .11g channels (1 through 14) */ 305 for (i = 1; i <= 14; i++) { 306 ic->ic_channels[i].ic_freq = 307 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 308 ic->ic_channels[i].ic_flags = 309 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 310 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 311 } 312 313 /* IBSS channel undefined for now */ 314 ic->ic_ibss_chan = &ic->ic_channels[0]; 315 316 ifp->if_softc = sc; 317 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 318 ifp->if_init = wpi_init; 319 ifp->if_ioctl = wpi_ioctl; 320 ifp->if_start = wpi_start; 321 ifp->if_watchdog = wpi_watchdog; 322 IFQ_SET_READY(&ifp->if_snd); 323 bcopy(sc->sc_dev.dv_xname, ifp->if_xname, IFNAMSIZ); 324 325 if_attach(ifp); 326 ieee80211_ifattach(ifp); 327 ic->ic_node_alloc = wpi_node_alloc; 328 ic->ic_newassoc = wpi_newassoc; 329 330 /* override state transition machine */ 331 sc->sc_newstate = ic->ic_newstate; 332 ic->ic_newstate = wpi_newstate; 333 ieee80211_media_init(ifp, wpi_media_change, ieee80211_media_status); 334 335 sc->amrr.amrr_min_success_threshold = 1; 336 sc->amrr.amrr_max_success_threshold = 15; 337 timeout_set(&sc->amrr_ch, wpi_amrr_timeout, sc); 338 339 sc->powerhook = powerhook_establish(wpi_power, sc); 340 341 #if NBPFILTER > 0 342 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 343 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 344 345 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 346 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 347 sc->sc_rxtap.wr_ihdr.it_present = htole32(WPI_RX_RADIOTAP_PRESENT); 348 349 sc->sc_txtap_len = sizeof sc->sc_txtapu; 350 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 351 sc->sc_txtap.wt_ihdr.it_present = htole32(WPI_TX_RADIOTAP_PRESENT); 352 #endif 353 354 return; 355 356 fail4: wpi_free_tx_ring(sc, &sc->svcq); 357 fail3: wpi_free_tx_ring(sc, &sc->cmdq); 358 fail2: while (--ac >= 0) 359 wpi_free_tx_ring(sc, &sc->txq[ac]); 360 wpi_free_rpool(sc); 361 fail1: wpi_free_shared(sc); 362 } 363 364 void 365 wpi_power(int why, void *arg) 366 { 367 struct wpi_softc *sc = arg; 368 struct ifnet *ifp; 369 pcireg_t data; 370 int s; 371 372 if (why != PWR_RESUME) 373 return; 374 375 /* clear device specific PCI configuration register 0x41 */ 376 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 377 data &= ~0x0000ff00; 378 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 379 380 s = splnet(); 381 ifp = &sc->sc_ic.ic_if; 382 if (ifp->if_flags & IFF_UP) { 383 ifp->if_init(ifp); 384 if (ifp->if_flags & IFF_RUNNING) 385 ifp->if_start(ifp); 386 } 387 splx(s); 388 } 389 390 int 391 wpi_dma_contig_alloc(bus_dma_tag_t tag, struct wpi_dma_info *dma, void **kvap, 392 bus_size_t size, bus_size_t alignment, int flags) 393 { 394 int nsegs, error; 395 396 dma->tag = tag; 397 dma->size = size; 398 399 error = bus_dmamap_create(tag, size, 1, size, 0, flags, &dma->map); 400 if (error != 0) 401 goto fail; 402 403 error = bus_dmamem_alloc(tag, size, alignment, 0, &dma->seg, 1, &nsegs, 404 flags); 405 if (error != 0) 406 goto fail; 407 408 error = bus_dmamem_map(tag, &dma->seg, 1, size, &dma->vaddr, flags); 409 if (error != 0) 410 goto fail; 411 412 error = bus_dmamap_load_raw(tag, dma->map, &dma->seg, 1, size, flags); 413 if (error != 0) 414 goto fail; 415 416 bzero(dma->vaddr, size); 417 418 dma->paddr = dma->map->dm_segs[0].ds_addr; 419 if (kvap != NULL) 420 *kvap = dma->vaddr; 421 422 return 0; 423 424 fail: wpi_dma_contig_free(dma); 425 return error; 426 } 427 428 void 429 wpi_dma_contig_free(struct wpi_dma_info *dma) 430 { 431 if (dma->map != NULL) { 432 if (dma->vaddr != NULL) { 433 bus_dmamap_unload(dma->tag, dma->map); 434 bus_dmamem_unmap(dma->tag, dma->vaddr, dma->size); 435 bus_dmamem_free(dma->tag, &dma->seg, 1); 436 dma->vaddr = NULL; 437 } 438 bus_dmamap_destroy(dma->tag, dma->map); 439 dma->map = NULL; 440 } 441 } 442 443 /* 444 * Allocate a shared page between host and NIC. 445 */ 446 int 447 wpi_alloc_shared(struct wpi_softc *sc) 448 { 449 int error; 450 451 /* must be aligned on a 4K-page boundary */ 452 error = wpi_dma_contig_alloc(sc->sc_dmat, &sc->shared_dma, 453 (void **)&sc->shared, sizeof (struct wpi_shared), PAGE_SIZE, 454 BUS_DMA_NOWAIT); 455 if (error != 0) { 456 printf("%s: could not allocate shared area DMA memory\n", 457 sc->sc_dev.dv_xname); 458 } 459 return error; 460 } 461 462 void 463 wpi_free_shared(struct wpi_softc *sc) 464 { 465 wpi_dma_contig_free(&sc->shared_dma); 466 } 467 468 struct wpi_rbuf * 469 wpi_alloc_rbuf(struct wpi_softc *sc) 470 { 471 struct wpi_rbuf *rbuf; 472 473 rbuf = SLIST_FIRST(&sc->rxq.freelist); 474 if (rbuf == NULL) 475 return NULL; 476 SLIST_REMOVE_HEAD(&sc->rxq.freelist, next); 477 return rbuf; 478 } 479 480 /* 481 * This is called automatically by the network stack when the mbuf to which our 482 * Rx buffer is attached is freed. 483 */ 484 void 485 wpi_free_rbuf(caddr_t buf, u_int size, void *arg) 486 { 487 struct wpi_rbuf *rbuf = arg; 488 struct wpi_softc *sc = rbuf->sc; 489 490 /* put the buffer back in the free list */ 491 SLIST_INSERT_HEAD(&sc->rxq.freelist, rbuf, next); 492 } 493 494 int 495 wpi_alloc_rpool(struct wpi_softc *sc) 496 { 497 struct wpi_rx_ring *ring = &sc->rxq; 498 int i, error; 499 500 /* allocate a big chunk of DMA'able memory.. */ 501 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->buf_dma, NULL, 502 WPI_RBUF_COUNT * WPI_RBUF_SIZE, PAGE_SIZE, BUS_DMA_NOWAIT); 503 if (error != 0) { 504 printf("%s: could not allocate Rx buffers DMA memory\n", 505 sc->sc_dev.dv_xname); 506 return error; 507 } 508 509 /* ..and split it into 3KB chunks */ 510 SLIST_INIT(&ring->freelist); 511 for (i = 0; i < WPI_RBUF_COUNT; i++) { 512 struct wpi_rbuf *rbuf = &ring->rbuf[i]; 513 514 rbuf->sc = sc; /* backpointer for callbacks */ 515 rbuf->vaddr = ring->buf_dma.vaddr + i * WPI_RBUF_SIZE; 516 rbuf->paddr = ring->buf_dma.paddr + i * WPI_RBUF_SIZE; 517 518 SLIST_INSERT_HEAD(&ring->freelist, rbuf, next); 519 } 520 return 0; 521 } 522 523 void 524 wpi_free_rpool(struct wpi_softc *sc) 525 { 526 wpi_dma_contig_free(&sc->rxq.buf_dma); 527 } 528 529 int 530 wpi_alloc_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 531 { 532 int i, error; 533 534 ring->cur = 0; 535 536 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 537 (void **)&ring->desc, 538 WPI_RX_RING_COUNT * sizeof (struct wpi_rx_desc), 539 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 540 if (error != 0) { 541 printf("%s: could not allocate rx ring DMA memory\n", 542 sc->sc_dev.dv_xname); 543 goto fail; 544 } 545 546 /* 547 * Setup Rx buffers. 548 */ 549 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 550 struct wpi_rx_data *data = &ring->data[i]; 551 struct wpi_rbuf *rbuf; 552 553 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 554 if (data->m == NULL) { 555 printf("%s: could not allocate rx mbuf\n", 556 sc->sc_dev.dv_xname); 557 error = ENOMEM; 558 goto fail; 559 } 560 if ((rbuf = wpi_alloc_rbuf(sc)) == NULL) { 561 m_freem(data->m); 562 data->m = NULL; 563 printf("%s: could not allocate rx buffer\n", 564 sc->sc_dev.dv_xname); 565 error = ENOMEM; 566 goto fail; 567 } 568 /* attach Rx buffer to mbuf */ 569 MEXTADD(data->m, rbuf->vaddr, WPI_RBUF_SIZE, 0, wpi_free_rbuf, 570 rbuf); 571 572 ring->desc[i] = htole32(rbuf->paddr); 573 } 574 575 return 0; 576 577 fail: wpi_free_rx_ring(sc, ring); 578 return error; 579 } 580 581 void 582 wpi_reset_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 583 { 584 int ntries; 585 586 wpi_mem_lock(sc); 587 588 WPI_WRITE(sc, WPI_RX_CONFIG, 0); 589 for (ntries = 0; ntries < 100; ntries++) { 590 if (WPI_READ(sc, WPI_RX_STATUS) & WPI_RX_IDLE) 591 break; 592 DELAY(10); 593 } 594 #ifdef WPI_DEBUG 595 if (ntries == 100 && wpi_debug > 0) 596 printf("%s: timeout resetting Rx ring\n", sc->sc_dev.dv_xname); 597 #endif 598 wpi_mem_unlock(sc); 599 600 ring->cur = 0; 601 } 602 603 void 604 wpi_free_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 605 { 606 int i; 607 608 wpi_dma_contig_free(&ring->desc_dma); 609 610 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 611 if (ring->data[i].m != NULL) 612 m_freem(ring->data[i].m); 613 } 614 } 615 616 int 617 wpi_alloc_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring, int count, 618 int qid) 619 { 620 int i, error; 621 622 ring->qid = qid; 623 ring->count = count; 624 ring->queued = 0; 625 ring->cur = 0; 626 627 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 628 (void **)&ring->desc, count * sizeof (struct wpi_tx_desc), 629 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 630 if (error != 0) { 631 printf("%s: could not allocate tx ring DMA memory\n", 632 sc->sc_dev.dv_xname); 633 goto fail; 634 } 635 636 /* update shared page with ring's base address */ 637 sc->shared->txbase[qid] = htole32(ring->desc_dma.paddr); 638 639 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->cmd_dma, 640 (void **)&ring->cmd, count * sizeof (struct wpi_tx_cmd), 4, 641 BUS_DMA_NOWAIT); 642 if (error != 0) { 643 printf("%s: could not allocate tx cmd DMA memory\n", 644 sc->sc_dev.dv_xname); 645 goto fail; 646 } 647 648 ring->data = malloc(count * sizeof (struct wpi_tx_data), M_DEVBUF, 649 M_NOWAIT); 650 if (ring->data == NULL) { 651 printf("%s: could not allocate tx data slots\n", 652 sc->sc_dev.dv_xname); 653 goto fail; 654 } 655 656 bzero(ring->data, count * sizeof (struct wpi_tx_data)); 657 658 for (i = 0; i < count; i++) { 659 struct wpi_tx_data *data = &ring->data[i]; 660 661 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 662 WPI_MAX_SCATTER - 1, MCLBYTES, 0, BUS_DMA_NOWAIT, 663 &data->map); 664 if (error != 0) { 665 printf("%s: could not create tx buf DMA map\n", 666 sc->sc_dev.dv_xname); 667 goto fail; 668 } 669 } 670 671 return 0; 672 673 fail: wpi_free_tx_ring(sc, ring); 674 return error; 675 } 676 677 void 678 wpi_reset_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 679 { 680 int i, ntries; 681 682 wpi_mem_lock(sc); 683 684 WPI_WRITE(sc, WPI_TX_CONFIG(ring->qid), 0); 685 for (ntries = 0; ntries < 100; ntries++) { 686 if (WPI_READ(sc, WPI_TX_STATUS) & WPI_TX_IDLE(ring->qid)) 687 break; 688 DELAY(10); 689 } 690 #ifdef WPI_DEBUG 691 if (ntries == 100 && wpi_debug > 0) { 692 printf("%s: timeout resetting Tx ring %d\n", 693 sc->sc_dev.dv_xname, ring->qid); 694 } 695 #endif 696 wpi_mem_unlock(sc); 697 698 for (i = 0; i < ring->count; i++) { 699 struct wpi_tx_data *data = &ring->data[i]; 700 701 if (data->m != NULL) { 702 bus_dmamap_unload(sc->sc_dmat, data->map); 703 m_freem(data->m); 704 data->m = NULL; 705 } 706 } 707 708 ring->queued = 0; 709 ring->cur = 0; 710 } 711 712 void 713 wpi_free_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 714 { 715 int i; 716 717 wpi_dma_contig_free(&ring->desc_dma); 718 wpi_dma_contig_free(&ring->cmd_dma); 719 720 if (ring->data != NULL) { 721 for (i = 0; i < ring->count; i++) { 722 struct wpi_tx_data *data = &ring->data[i]; 723 724 if (data->m != NULL) { 725 bus_dmamap_unload(sc->sc_dmat, data->map); 726 m_freem(data->m); 727 } 728 } 729 free(ring->data, M_DEVBUF); 730 } 731 } 732 733 struct ieee80211_node * 734 wpi_node_alloc(struct ieee80211com *ic) 735 { 736 struct wpi_node *wn; 737 738 wn = malloc(sizeof (struct wpi_node), M_DEVBUF, M_NOWAIT); 739 if (wn != NULL) 740 bzero(wn, sizeof (struct wpi_node)); 741 return (struct ieee80211_node *)wn; 742 } 743 744 int 745 wpi_media_change(struct ifnet *ifp) 746 { 747 int error; 748 749 error = ieee80211_media_change(ifp); 750 if (error != ENETRESET) 751 return error; 752 753 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 754 wpi_init(ifp); 755 756 return 0; 757 } 758 759 int 760 wpi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 761 { 762 struct ifnet *ifp = &ic->ic_if; 763 struct wpi_softc *sc = ifp->if_softc; 764 int error; 765 766 timeout_del(&sc->amrr_ch); 767 768 switch (nstate) { 769 case IEEE80211_S_SCAN: 770 /* make the link LED blink while we're scanning */ 771 wpi_set_led(sc, WPI_LED_LINK, 20, 2); 772 773 if ((error = wpi_scan(sc, IEEE80211_CHAN_G)) != 0) { 774 printf("%s: could not initiate scan\n", 775 sc->sc_dev.dv_xname); 776 return error; 777 } 778 ic->ic_state = nstate; 779 return 0; 780 781 case IEEE80211_S_ASSOC: 782 if (ic->ic_state != IEEE80211_S_RUN) 783 break; 784 /* FALLTHROUGH */ 785 case IEEE80211_S_AUTH: 786 /* reset state to handle reassociations correctly */ 787 sc->config.state = 0; 788 sc->config.filter &= ~htole32(WPI_FILTER_BSS); 789 790 if ((error = wpi_auth(sc)) != 0) { 791 printf("%s: could not send authentication request\n", 792 sc->sc_dev.dv_xname); 793 return error; 794 } 795 break; 796 797 case IEEE80211_S_RUN: 798 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 799 /* link LED blinks while monitoring */ 800 wpi_set_led(sc, WPI_LED_LINK, 5, 5); 801 break; 802 } 803 804 wpi_enable_tsf(sc, ic->ic_bss); 805 806 /* update adapter's configuration */ 807 sc->config.state = htole16(WPI_STATE_ASSOCIATED); 808 /* short preamble/slot time are negotiated when associating */ 809 sc->config.flags &= ~htole32(WPI_CONFIG_SHPREAMBLE | 810 WPI_CONFIG_SHSLOT); 811 if (ic->ic_flags & IEEE80211_F_SHSLOT) 812 sc->config.flags |= htole32(WPI_CONFIG_SHSLOT); 813 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 814 sc->config.flags |= htole32(WPI_CONFIG_SHPREAMBLE); 815 sc->config.filter |= htole32(WPI_FILTER_BSS); 816 817 DPRINTF(("config chan %d flags %x\n", sc->config.chan, 818 sc->config.flags)); 819 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 820 sizeof (struct wpi_config), 1); 821 if (error != 0) { 822 printf("%s: could not update configuration\n", 823 sc->sc_dev.dv_xname); 824 return error; 825 } 826 827 if (ic->ic_opmode == IEEE80211_M_STA) { 828 /* fake a join to init the tx rate */ 829 wpi_newassoc(ic, ic->ic_bss, 1); 830 } 831 832 /* start automatic rate control timer */ 833 if (ic->ic_fixed_rate == -1) 834 timeout_add(&sc->amrr_ch, hz / 2); 835 836 /* link LED always on while associated */ 837 wpi_set_led(sc, WPI_LED_LINK, 0, 1); 838 break; 839 840 case IEEE80211_S_INIT: 841 break; 842 } 843 844 return sc->sc_newstate(ic, nstate, arg); 845 } 846 847 /* 848 * Grab exclusive access to NIC memory. 849 */ 850 void 851 wpi_mem_lock(struct wpi_softc *sc) 852 { 853 uint32_t tmp; 854 int ntries; 855 856 tmp = WPI_READ(sc, WPI_GPIO_CTL); 857 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_MAC); 858 859 /* spin until we actually get the lock */ 860 for (ntries = 0; ntries < 1000; ntries++) { 861 if ((WPI_READ(sc, WPI_GPIO_CTL) & 862 (WPI_GPIO_CLOCK | WPI_GPIO_SLEEP)) == WPI_GPIO_CLOCK) 863 break; 864 DELAY(10); 865 } 866 if (ntries == 1000) 867 printf("%s: could not lock memory\n", sc->sc_dev.dv_xname); 868 } 869 870 /* 871 * Release lock on NIC memory. 872 */ 873 void 874 wpi_mem_unlock(struct wpi_softc *sc) 875 { 876 uint32_t tmp = WPI_READ(sc, WPI_GPIO_CTL); 877 WPI_WRITE(sc, WPI_GPIO_CTL, tmp & ~WPI_GPIO_MAC); 878 } 879 880 uint32_t 881 wpi_mem_read(struct wpi_softc *sc, uint16_t addr) 882 { 883 WPI_WRITE(sc, WPI_READ_MEM_ADDR, WPI_MEM_4 | addr); 884 return WPI_READ(sc, WPI_READ_MEM_DATA); 885 } 886 887 void 888 wpi_mem_write(struct wpi_softc *sc, uint16_t addr, uint32_t data) 889 { 890 WPI_WRITE(sc, WPI_WRITE_MEM_ADDR, WPI_MEM_4 | addr); 891 WPI_WRITE(sc, WPI_WRITE_MEM_DATA, data); 892 } 893 894 void 895 wpi_mem_write_region_4(struct wpi_softc *sc, uint16_t addr, 896 const uint32_t *data, int wlen) 897 { 898 for (; wlen > 0; wlen--, data++, addr += 4) 899 wpi_mem_write(sc, addr, *data); 900 } 901 902 /* 903 * Read 16 bits from the EEPROM. We access EEPROM through the MAC instead of 904 * using the traditional bit-bang method. 905 */ 906 uint16_t 907 wpi_read_prom_word(struct wpi_softc *sc, uint32_t addr) 908 { 909 int ntries; 910 uint32_t val; 911 912 WPI_WRITE(sc, WPI_EEPROM_CTL, addr << 2); 913 914 wpi_mem_lock(sc); 915 for (ntries = 0; ntries < 10; ntries++) { 916 if ((val = WPI_READ(sc, WPI_EEPROM_CTL)) & WPI_EEPROM_READY) 917 break; 918 DELAY(10); 919 } 920 wpi_mem_unlock(sc); 921 922 if (ntries == 10) { 923 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 924 return 0xdead; 925 } 926 return val >> 16; 927 } 928 929 /* 930 * The firmware boot code is small and is intended to be copied directly into 931 * the NIC internal memory. 932 */ 933 int 934 wpi_load_microcode(struct wpi_softc *sc, const char *ucode, int size) 935 { 936 /* check that microcode size is a multiple of 4 */ 937 if (size & 3) 938 return EINVAL; 939 940 size /= sizeof (uint32_t); 941 942 wpi_mem_lock(sc); 943 944 /* copy microcode image into NIC memory */ 945 wpi_mem_write_region_4(sc, WPI_MEM_UCODE_BASE, (const uint32_t *)ucode, 946 size); 947 948 wpi_mem_write(sc, WPI_MEM_UCODE_SRC, 0); 949 wpi_mem_write(sc, WPI_MEM_UCODE_DST, WPI_FW_TEXT); 950 wpi_mem_write(sc, WPI_MEM_UCODE_SIZE, size); 951 952 /* run microcode */ 953 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_RUN); 954 955 wpi_mem_unlock(sc); 956 957 return 0; 958 } 959 960 int 961 wpi_load_firmware_block(struct wpi_softc *sc, uint32_t target, 962 bus_dma_segment_t *seg) 963 { 964 struct wpi_tx_desc desc; 965 int ntries, error = 0; 966 967 DPRINTFN(2, ("loading firmware block target=%x addr=%x len=%d\n", 968 target, seg->ds_addr, seg->ds_len)); 969 970 bzero(&desc, sizeof desc); 971 desc.flags = htole32(WPI_PAD32(seg->ds_len) << 28 | 1 << 24); 972 desc.segs[0].addr = htole32(seg->ds_addr); 973 desc.segs[0].len = htole32(seg->ds_len); 974 975 /* tell adapter where to copy firmware block in its internal memory */ 976 WPI_WRITE(sc, WPI_FW_TARGET, target); 977 978 WPI_WRITE(sc, WPI_TX_CONFIG(6), 0); 979 980 /* copy firmware block descriptor into NIC memory */ 981 WPI_WRITE_REGION_4(sc, WPI_TX_DESC(6), (uint32_t *)&desc, 982 sizeof desc / sizeof (uint32_t)); 983 984 WPI_WRITE(sc, WPI_TX_CREDIT(6), 0xfffff); 985 WPI_WRITE(sc, WPI_TX_STATE(6), 0x4001); 986 WPI_WRITE(sc, WPI_TX_CONFIG(6), 0x80000001); 987 988 /* wait while the adapter is busy copying the firmware block */ 989 for (ntries = 0; ntries < 100; ntries++) { 990 if (WPI_READ(sc, WPI_TX_STATUS) & WPI_TX_IDLE(6)) 991 break; 992 DELAY(1000); 993 } 994 if (ntries == 100) { 995 printf("%s: timeout transferring firmware block\n", 996 sc->sc_dev.dv_xname); 997 error = ETIMEDOUT; 998 } 999 1000 WPI_WRITE(sc, WPI_TX_CREDIT(6), 0); 1001 1002 return error; 1003 } 1004 1005 /* 1006 * The firmware text and data segments are transferred to the NIC using DMA. 1007 * The driver just DMA-maps the firmware and tells the NIC where to find it. 1008 * Once the NIC has copied the firmware into its internal memory, we can free 1009 * our local copy in the driver. 1010 */ 1011 int 1012 wpi_load_firmware(struct wpi_softc *sc, uint32_t target, const char *fw, 1013 int size) 1014 { 1015 bus_dmamap_t map; 1016 int i, nsegs, error; 1017 1018 nsegs = 1 + ((size + PAGE_SIZE - 1) / PAGE_SIZE); 1019 1020 error = bus_dmamap_create(sc->sc_dmat, size, nsegs, WPI_MAX_SEG_LEN, 1021 0, BUS_DMA_NOWAIT, &map); 1022 if (error != 0) { 1023 printf("%s: could not create firmware DMA map (error=%d)\n", 1024 sc->sc_dev.dv_xname, error); 1025 goto fail1; 1026 } 1027 1028 /* XXX: we're discarding a const qualifier here! */ 1029 error = bus_dmamap_load(sc->sc_dmat, map, (void *)fw, size, NULL, 1030 BUS_DMA_NOWAIT | BUS_DMA_WRITE); 1031 if (error != 0) { 1032 printf("%s: could not load firmware DMA map (error=%d)\n", 1033 sc->sc_dev.dv_xname, error); 1034 goto fail2; 1035 } 1036 1037 DPRINTF(("load firmware target=%x size=%d nsegs=%d\n", target, size, 1038 map->dm_nsegs)); 1039 1040 /* make sure the adapter will get up-to-date values */ 1041 bus_dmamap_sync(sc->sc_dmat, map, 0, size, BUS_DMASYNC_PREWRITE); 1042 1043 wpi_mem_lock(sc); 1044 for (i = 0; i < map->dm_nsegs; i++) { 1045 error = wpi_load_firmware_block(sc, target, &map->dm_segs[i]); 1046 if (error != 0) 1047 break; 1048 target += map->dm_segs[i].ds_len; 1049 } 1050 wpi_mem_unlock(sc); 1051 1052 bus_dmamap_sync(sc->sc_dmat, map, 0, size, BUS_DMASYNC_POSTWRITE); 1053 bus_dmamap_unload(sc->sc_dmat, map); 1054 fail2: bus_dmamap_destroy(sc->sc_dmat, map); 1055 fail1: return error; 1056 } 1057 1058 void 1059 wpi_rx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc, 1060 struct wpi_rx_data *data) 1061 { 1062 struct ieee80211com *ic = &sc->sc_ic; 1063 struct ifnet *ifp = &ic->ic_if; 1064 struct wpi_rx_ring *ring = &sc->rxq; 1065 struct wpi_rx_stat *stat; 1066 struct wpi_rx_head *head; 1067 struct wpi_rx_tail *tail; 1068 struct wpi_rbuf *rbuf; 1069 struct ieee80211_frame *wh; 1070 struct ieee80211_node *ni; 1071 struct mbuf *m, *mnew; 1072 1073 stat = (struct wpi_rx_stat *)(desc + 1); 1074 1075 if (stat->len > WPI_STAT_MAXLEN) { 1076 printf("%s: invalid rx statistic header\n", 1077 sc->sc_dev.dv_xname); 1078 ifp->if_ierrors++; 1079 return; 1080 } 1081 1082 head = (struct wpi_rx_head *)((caddr_t)(stat + 1) + stat->len); 1083 tail = (struct wpi_rx_tail *)((caddr_t)(head + 1) + letoh16(head->len)); 1084 1085 DPRINTFN(4, ("rx intr: idx=%d len=%d stat len=%d rssi=%d rate=%x " 1086 "chan=%d tstamp=%llu\n", ring->cur, letoh32(desc->len), 1087 letoh16(head->len), (int8_t)stat->rssi, head->rate, head->chan, 1088 letoh64(tail->tstamp))); 1089 1090 /* 1091 * Discard Rx frames with bad CRC early (XXX we may want to pass them 1092 * to radiotap in monitor mode). 1093 */ 1094 if ((letoh32(tail->flags) & WPI_RX_NOERROR) != WPI_RX_NOERROR) { 1095 DPRINTFN(2, ("rx tail flags error %x\n", 1096 letoh32(tail->flags))); 1097 ifp->if_ierrors++; 1098 return; 1099 } 1100 1101 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1102 if (mnew == NULL) { 1103 ifp->if_ierrors++; 1104 return; 1105 } 1106 if ((rbuf = wpi_alloc_rbuf(sc)) == NULL) { 1107 m_freem(mnew); 1108 ifp->if_ierrors++; 1109 return; 1110 } 1111 /* attach Rx buffer to mbuf */ 1112 MEXTADD(mnew, rbuf->vaddr, WPI_RBUF_SIZE, 0, wpi_free_rbuf, rbuf); 1113 1114 m = data->m; 1115 data->m = mnew; 1116 1117 /* update Rx descriptor */ 1118 ring->desc[ring->cur] = htole32(rbuf->paddr); 1119 1120 /* finalize mbuf */ 1121 m->m_pkthdr.rcvif = ifp; 1122 m->m_data = (caddr_t)(head + 1); 1123 m->m_pkthdr.len = m->m_len = letoh16(head->len); 1124 1125 #if NBPFILTER > 0 1126 if (sc->sc_drvbpf != NULL) { 1127 struct mbuf mb; 1128 struct wpi_rx_radiotap_header *tap = &sc->sc_rxtap; 1129 1130 tap->wr_flags = 0; 1131 tap->wr_chan_freq = 1132 htole16(ic->ic_channels[head->chan].ic_freq); 1133 tap->wr_chan_flags = 1134 htole16(ic->ic_channels[head->chan].ic_flags); 1135 tap->wr_dbm_antsignal = (int8_t)(stat->rssi - WPI_RSSI_OFFSET); 1136 tap->wr_dbm_antnoise = (int8_t)letoh16(stat->noise); 1137 tap->wr_tsft = tail->tstamp; 1138 tap->wr_antenna = (letoh16(head->flags) >> 4) & 0xf; 1139 switch (head->rate) { 1140 /* CCK rates */ 1141 case 10: tap->wr_rate = 2; break; 1142 case 20: tap->wr_rate = 4; break; 1143 case 55: tap->wr_rate = 11; break; 1144 case 110: tap->wr_rate = 22; break; 1145 /* OFDM rates */ 1146 case 0xd: tap->wr_rate = 12; break; 1147 case 0xf: tap->wr_rate = 18; break; 1148 case 0x5: tap->wr_rate = 24; break; 1149 case 0x7: tap->wr_rate = 36; break; 1150 case 0x9: tap->wr_rate = 48; break; 1151 case 0xb: tap->wr_rate = 72; break; 1152 case 0x1: tap->wr_rate = 96; break; 1153 case 0x3: tap->wr_rate = 108; break; 1154 /* unknown rate: should not happen */ 1155 default: tap->wr_rate = 0; 1156 } 1157 if (letoh16(head->flags) & 0x4) 1158 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1159 1160 mb.m_data = (caddr_t)tap; 1161 mb.m_len = sc->sc_rxtap_len; 1162 mb.m_next = m; 1163 mb.m_nextpkt = NULL; 1164 mb.m_type = 0; 1165 mb.m_flags = 0; 1166 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1167 } 1168 #endif 1169 1170 /* grab a reference to the source node */ 1171 wh = mtod(m, struct ieee80211_frame *); 1172 ni = ieee80211_find_rxnode(ic, wh); 1173 1174 /* send the frame to the 802.11 layer */ 1175 ieee80211_input(ifp, m, ni, stat->rssi, 0); 1176 1177 /* node is no longer needed */ 1178 ieee80211_release_node(ic, ni); 1179 } 1180 1181 void 1182 wpi_tx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1183 { 1184 struct ieee80211com *ic = &sc->sc_ic; 1185 struct ifnet *ifp = &ic->ic_if; 1186 struct wpi_tx_ring *ring = &sc->txq[desc->qid & 0x3]; 1187 struct wpi_tx_data *data = &ring->data[desc->idx]; 1188 struct wpi_tx_stat *stat = (struct wpi_tx_stat *)(desc + 1); 1189 struct wpi_node *wn = (struct wpi_node *)data->ni; 1190 1191 DPRINTFN(4, ("tx done: qid=%d idx=%d retries=%d nkill=%d rate=%x " 1192 "duration=%d status=%x\n", desc->qid, desc->idx, stat->ntries, 1193 stat->nkill, stat->rate, letoh32(stat->duration), 1194 letoh32(stat->status))); 1195 1196 /* 1197 * Update rate control statistics for the node. 1198 * XXX we should not count mgmt frames since they're always sent at 1199 * the lowest available bit-rate. 1200 */ 1201 wn->amn.amn_txcnt++; 1202 if (stat->ntries > 0) { 1203 DPRINTFN(3, ("tx intr ntries %d\n", stat->ntries)); 1204 wn->amn.amn_retrycnt++; 1205 } 1206 1207 if ((letoh32(stat->status) & 0xff) != 1) 1208 ifp->if_oerrors++; 1209 else 1210 ifp->if_opackets++; 1211 1212 bus_dmamap_unload(sc->sc_dmat, data->map); 1213 m_freem(data->m); 1214 data->m = NULL; 1215 ieee80211_release_node(ic, data->ni); 1216 data->ni = NULL; 1217 1218 ring->queued--; 1219 1220 sc->sc_tx_timer = 0; 1221 ifp->if_flags &= ~IFF_OACTIVE; 1222 (*ifp->if_start)(ifp); 1223 } 1224 1225 void 1226 wpi_cmd_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1227 { 1228 struct wpi_tx_ring *ring = &sc->cmdq; 1229 struct wpi_tx_data *data; 1230 1231 if ((desc->qid & 7) != 4) 1232 return; /* not a command ack */ 1233 1234 data = &ring->data[desc->idx]; 1235 1236 /* if the command was mapped in a mbuf, free it */ 1237 if (data->m != NULL) { 1238 bus_dmamap_unload(sc->sc_dmat, data->map); 1239 m_freem(data->m); 1240 data->m = NULL; 1241 } 1242 1243 wakeup(&ring->cmd[desc->idx]); 1244 } 1245 1246 void 1247 wpi_notif_intr(struct wpi_softc *sc) 1248 { 1249 struct ieee80211com *ic = &sc->sc_ic; 1250 struct ifnet *ifp = &ic->ic_if; 1251 uint32_t hw; 1252 1253 hw = letoh32(sc->shared->next); 1254 while (sc->rxq.cur != hw) { 1255 struct wpi_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 1256 struct wpi_rx_desc *desc = mtod(data->m, struct wpi_rx_desc *); 1257 1258 DPRINTFN(4, ("rx notification qid=%x idx=%d flags=%x type=%d " 1259 "len=%d\n", desc->qid, desc->idx, desc->flags, desc->type, 1260 letoh32(desc->len))); 1261 1262 if (!(desc->qid & 0x80)) /* reply to a command */ 1263 wpi_cmd_intr(sc, desc); 1264 1265 switch (desc->type) { 1266 case WPI_RX_DONE: 1267 /* a 802.11 frame was received */ 1268 wpi_rx_intr(sc, desc, data); 1269 break; 1270 1271 case WPI_TX_DONE: 1272 /* a 802.11 frame has been transmitted */ 1273 wpi_tx_intr(sc, desc); 1274 break; 1275 1276 case WPI_UC_READY: 1277 { 1278 struct wpi_ucode_info *uc = 1279 (struct wpi_ucode_info *)(desc + 1); 1280 1281 /* the microcontroller is ready */ 1282 DPRINTF(("microcode alive notification version %x " 1283 "alive %x\n", letoh32(uc->version), 1284 letoh32(uc->valid))); 1285 1286 if (letoh32(uc->valid) != 1) { 1287 printf("%s: microcontroller initialization " 1288 "failed\n", sc->sc_dev.dv_xname); 1289 } 1290 break; 1291 } 1292 case WPI_STATE_CHANGED: 1293 { 1294 uint32_t *status = (uint32_t *)(desc + 1); 1295 1296 /* enabled/disabled notification */ 1297 DPRINTF(("state changed to %x\n", letoh32(*status))); 1298 1299 if (letoh32(*status) & 1) { 1300 /* the radio button has to be pushed */ 1301 printf("%s: Radio transmitter is off\n", 1302 sc->sc_dev.dv_xname); 1303 /* turn the interface down */ 1304 ifp->if_flags &= ~IFF_UP; 1305 wpi_stop(ifp, 1); 1306 return; /* no further processing */ 1307 } 1308 break; 1309 } 1310 case WPI_START_SCAN: 1311 { 1312 struct wpi_start_scan *scan = 1313 (struct wpi_start_scan *)(desc + 1); 1314 1315 DPRINTFN(2, ("scanning channel %d status %x\n", 1316 scan->chan, letoh32(scan->status))); 1317 1318 /* fix current channel */ 1319 ic->ic_bss->ni_chan = &ic->ic_channels[scan->chan]; 1320 break; 1321 } 1322 case WPI_STOP_SCAN: 1323 { 1324 struct wpi_stop_scan *scan = 1325 (struct wpi_stop_scan *)(desc + 1); 1326 1327 DPRINTF(("scan finished nchan=%d status=%d chan=%d\n", 1328 scan->nchan, scan->status, scan->chan)); 1329 1330 if (scan->status == 1 && scan->chan <= 14) { 1331 /* 1332 * We just finished scanning 802.11g channels, 1333 * start scanning 802.11a ones. 1334 */ 1335 if (wpi_scan(sc, IEEE80211_CHAN_A) == 0) 1336 break; 1337 } 1338 ieee80211_end_scan(ifp); 1339 break; 1340 } 1341 } 1342 1343 sc->rxq.cur = (sc->rxq.cur + 1) % WPI_RX_RING_COUNT; 1344 } 1345 1346 /* tell the firmware what we have processed */ 1347 hw = (hw == 0) ? WPI_RX_RING_COUNT - 1 : hw - 1; 1348 WPI_WRITE(sc, WPI_RX_WIDX, hw & ~7); 1349 } 1350 1351 int 1352 wpi_intr(void *arg) 1353 { 1354 struct wpi_softc *sc = arg; 1355 struct ifnet *ifp = &sc->sc_ic.ic_if; 1356 uint32_t r; 1357 1358 r = WPI_READ(sc, WPI_INTR); 1359 if (r == 0 || r == 0xffffffff) 1360 return 0; /* not for us */ 1361 1362 DPRINTFN(6, ("interrupt reg %x\n", r)); 1363 1364 /* disable interrupts */ 1365 WPI_WRITE(sc, WPI_MASK, 0); 1366 /* ack interrupts */ 1367 WPI_WRITE(sc, WPI_INTR, r); 1368 1369 if (r & (WPI_SW_ERROR | WPI_HW_ERROR)) { 1370 /* SYSTEM FAILURE, SYSTEM FAILURE */ 1371 printf("%s: fatal firmware error\n", sc->sc_dev.dv_xname); 1372 ifp->if_flags &= ~IFF_UP; 1373 wpi_stop(ifp, 1); 1374 return 1; 1375 } 1376 1377 if (r & WPI_RX_INTR) 1378 wpi_notif_intr(sc); 1379 1380 if (r & WPI_ALIVE_INTR) /* firmware initialized */ 1381 wakeup(sc); 1382 1383 /* re-enable interrupts */ 1384 if (ifp->if_flags & IFF_UP) 1385 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 1386 1387 return 1; 1388 } 1389 1390 uint8_t 1391 wpi_plcp_signal(int rate) 1392 { 1393 switch (rate) { 1394 /* CCK rates (returned values are device-dependent) */ 1395 case 2: return 10; 1396 case 4: return 20; 1397 case 11: return 55; 1398 case 22: return 110; 1399 1400 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1401 /* R1-R4, (u)ral is R4-R1 */ 1402 case 12: return 0xd; 1403 case 18: return 0xf; 1404 case 24: return 0x5; 1405 case 36: return 0x7; 1406 case 48: return 0x9; 1407 case 72: return 0xb; 1408 case 96: return 0x1; 1409 case 108: return 0x3; 1410 1411 /* unsupported rates (should not get there) */ 1412 default: return 0; 1413 } 1414 } 1415 1416 /* quickly determine if a given rate is CCK or OFDM */ 1417 #define WPI_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1418 1419 int 1420 wpi_tx_data(struct wpi_softc *sc, struct mbuf *m0, struct ieee80211_node *ni, 1421 int ac) 1422 { 1423 struct ieee80211com *ic = &sc->sc_ic; 1424 struct ifnet *ifp = &ic->ic_if; 1425 struct wpi_tx_ring *ring = &sc->txq[ac]; 1426 struct wpi_tx_desc *desc; 1427 struct wpi_tx_data *data; 1428 struct wpi_tx_cmd *cmd; 1429 struct wpi_cmd_data *tx; 1430 struct ieee80211_frame *wh; 1431 struct mbuf *mnew; 1432 int i, rate, error; 1433 1434 desc = &ring->desc[ring->cur]; 1435 data = &ring->data[ring->cur]; 1436 1437 wh = mtod(m0, struct ieee80211_frame *); 1438 1439 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1440 m0 = ieee80211_wep_crypt(ifp, m0, 1); 1441 if (m0 == NULL) 1442 return ENOBUFS; 1443 1444 /* packet header may have moved, reset our local pointer */ 1445 wh = mtod(m0, struct ieee80211_frame *); 1446 } 1447 1448 /* pickup a rate */ 1449 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 1450 ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 1451 IEEE80211_FC0_TYPE_MGT)) { 1452 /* mgmt/multicast frames are sent at the lowest avail. rate */ 1453 rate = ni->ni_rates.rs_rates[0]; 1454 } else if (ic->ic_fixed_rate != -1) { 1455 rate = ic->ic_sup_rates[ic->ic_curmode]. 1456 rs_rates[ic->ic_fixed_rate]; 1457 } else 1458 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1459 rate &= IEEE80211_RATE_VAL; 1460 1461 #if NBPFILTER > 0 1462 if (sc->sc_drvbpf != NULL) { 1463 struct mbuf mb; 1464 struct wpi_tx_radiotap_header *tap = &sc->sc_txtap; 1465 1466 tap->wt_flags = 0; 1467 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 1468 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 1469 tap->wt_rate = rate; 1470 tap->wt_hwqueue = ac; 1471 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1472 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1473 1474 mb.m_data = (caddr_t)tap; 1475 mb.m_len = sc->sc_txtap_len; 1476 mb.m_next = m0; 1477 mb.m_nextpkt = NULL; 1478 mb.m_type = 0; 1479 mb.m_flags = 0; 1480 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1481 } 1482 #endif 1483 1484 cmd = &ring->cmd[ring->cur]; 1485 cmd->code = WPI_CMD_TX_DATA; 1486 cmd->flags = 0; 1487 cmd->qid = ring->qid; 1488 cmd->idx = ring->cur; 1489 1490 tx = (struct wpi_cmd_data *)cmd->data; 1491 tx->flags = 0; 1492 1493 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1494 tx->id = WPI_ID_BSS; 1495 tx->flags |= htole32(WPI_TX_NEED_ACK); 1496 } else 1497 tx->id = WPI_ID_BROADCAST; 1498 1499 /* check if RTS/CTS or CTS-to-self protection must be used */ 1500 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1501 /* multicast frames are not sent at OFDM rates in 802.11b/g */ 1502 if (m0->m_pkthdr.len + IEEE80211_CRC_LEN > 1503 ic->ic_rtsthreshold) { 1504 tx->flags |= htole32(WPI_TX_NEED_RTS | 1505 WPI_TX_FULL_TXOP); 1506 } else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 1507 WPI_RATE_IS_OFDM(rate)) { 1508 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) { 1509 tx->flags |= htole32(WPI_TX_NEED_CTS | 1510 WPI_TX_FULL_TXOP); 1511 } else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) { 1512 tx->flags |= htole32(WPI_TX_NEED_RTS | 1513 WPI_TX_FULL_TXOP); 1514 } 1515 } 1516 } 1517 1518 tx->flags |= htole32(WPI_TX_AUTO_SEQ); 1519 1520 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 1521 IEEE80211_FC0_TYPE_MGT) { 1522 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1523 1524 /* tell h/w to set timestamp in probe responses */ 1525 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1526 tx->flags |= htole32(WPI_TX_INSERT_TSTAMP); 1527 1528 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 1529 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 1530 tx->timeout = htole16(3); 1531 else 1532 tx->timeout = htole16(2); 1533 } else 1534 tx->timeout = htole16(0); 1535 1536 tx->rate = wpi_plcp_signal(rate); 1537 1538 /* be very persistant at sending frames out */ 1539 tx->rts_ntries = 7; 1540 tx->data_ntries = 15; 1541 1542 tx->ofdm_mask = 0xff; 1543 tx->cck_mask = 0x0f; 1544 tx->lifetime = htole32(0xffffffff); 1545 1546 tx->len = htole16(m0->m_pkthdr.len); 1547 1548 /* save and trim IEEE802.11 header */ 1549 m_copydata(m0, 0, sizeof (struct ieee80211_frame), (caddr_t)&tx->wh); 1550 m_adj(m0, sizeof (struct ieee80211_frame)); 1551 1552 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1553 BUS_DMA_NOWAIT); 1554 if (error != 0 && error != EFBIG) { 1555 printf("%s: could not map mbuf (error %d)\n", 1556 sc->sc_dev.dv_xname, error); 1557 m_freem(m0); 1558 return error; 1559 } 1560 if (error != 0) { 1561 /* too many fragments, linearize */ 1562 1563 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1564 if (mnew == NULL) { 1565 m_freem(m0); 1566 return ENOMEM; 1567 } 1568 M_DUP_PKTHDR(mnew, m0); 1569 if (m0->m_pkthdr.len > MHLEN) { 1570 MCLGET(mnew, M_DONTWAIT); 1571 if (!(mnew->m_flags & M_EXT)) { 1572 m_freem(m0); 1573 m_freem(mnew); 1574 return ENOMEM; 1575 } 1576 } 1577 1578 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, caddr_t)); 1579 m_freem(m0); 1580 mnew->m_len = mnew->m_pkthdr.len; 1581 m0 = mnew; 1582 1583 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1584 BUS_DMA_NOWAIT); 1585 if (error != 0) { 1586 printf("%s: could not map mbuf (error %d)\n", 1587 sc->sc_dev.dv_xname, error); 1588 m_freem(m0); 1589 return error; 1590 } 1591 } 1592 1593 data->m = m0; 1594 data->ni = ni; 1595 1596 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 1597 ring->qid, ring->cur, m0->m_pkthdr.len, data->map->dm_nsegs)); 1598 1599 /* first scatter/gather segment is used by the tx data command */ 1600 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 1601 (1 + data->map->dm_nsegs) << 24); 1602 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 1603 ring->cur * sizeof (struct wpi_tx_cmd)); 1604 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_data)); 1605 for (i = 1; i <= data->map->dm_nsegs; i++) { 1606 desc->segs[i].addr = 1607 htole32(data->map->dm_segs[i - 1].ds_addr); 1608 desc->segs[i].len = 1609 htole32(data->map->dm_segs[i - 1].ds_len); 1610 } 1611 1612 ring->queued++; 1613 1614 /* kick ring */ 1615 ring->cur = (ring->cur + 1) % WPI_TX_RING_COUNT; 1616 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 1617 1618 return 0; 1619 } 1620 1621 void 1622 wpi_start(struct ifnet *ifp) 1623 { 1624 struct wpi_softc *sc = ifp->if_softc; 1625 struct ieee80211com *ic = &sc->sc_ic; 1626 struct ieee80211_node *ni; 1627 struct mbuf *m0; 1628 1629 /* 1630 * net80211 may still try to send management frames even if the 1631 * IFF_RUNNING flag is not set... 1632 */ 1633 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1634 return; 1635 1636 for (;;) { 1637 IF_POLL(&ic->ic_mgtq, m0); 1638 if (m0 != NULL) { 1639 /* management frames go into ring 0 */ 1640 if (sc->txq[0].queued >= sc->txq[0].count - 8) { 1641 ifp->if_flags |= IFF_OACTIVE; 1642 break; 1643 } 1644 IF_DEQUEUE(&ic->ic_mgtq, m0); 1645 1646 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1647 m0->m_pkthdr.rcvif = NULL; 1648 #if NBPFILTER > 0 1649 if (ic->ic_rawbpf != NULL) 1650 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1651 #endif 1652 if (wpi_tx_data(sc, m0, ni, 0) != 0) 1653 break; 1654 1655 } else { 1656 if (ic->ic_state != IEEE80211_S_RUN) 1657 break; 1658 IFQ_POLL(&ifp->if_snd, m0); 1659 if (m0 == NULL) 1660 break; 1661 if (sc->txq[0].queued >= sc->txq[0].count - 8) { 1662 /* there is no place left in this ring */ 1663 ifp->if_flags |= IFF_OACTIVE; 1664 break; 1665 } 1666 IFQ_DEQUEUE(&ifp->if_snd, m0); 1667 #if NBPFILTER > 0 1668 if (ifp->if_bpf != NULL) 1669 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1670 #endif 1671 m0 = ieee80211_encap(ifp, m0, &ni); 1672 if (m0 == NULL) 1673 continue; 1674 #if NBPFILTER > 0 1675 if (ic->ic_rawbpf != NULL) 1676 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1677 #endif 1678 if (wpi_tx_data(sc, m0, ni, 0) != 0) { 1679 if (ni != NULL) 1680 ieee80211_release_node(ic, ni); 1681 ifp->if_oerrors++; 1682 break; 1683 } 1684 } 1685 1686 sc->sc_tx_timer = 5; 1687 ifp->if_timer = 1; 1688 } 1689 } 1690 1691 void 1692 wpi_watchdog(struct ifnet *ifp) 1693 { 1694 struct wpi_softc *sc = ifp->if_softc; 1695 1696 ifp->if_timer = 0; 1697 1698 if (sc->sc_tx_timer > 0) { 1699 if (--sc->sc_tx_timer == 0) { 1700 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1701 ifp->if_flags &= ~IFF_UP; 1702 wpi_stop(ifp, 1); 1703 ifp->if_oerrors++; 1704 return; 1705 } 1706 ifp->if_timer = 1; 1707 } 1708 1709 ieee80211_watchdog(ifp); 1710 } 1711 1712 int 1713 wpi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1714 { 1715 struct wpi_softc *sc = ifp->if_softc; 1716 struct ieee80211com *ic = &sc->sc_ic; 1717 struct ifaddr *ifa; 1718 struct ifreq *ifr; 1719 int s, error = 0; 1720 1721 s = splnet(); 1722 1723 switch (cmd) { 1724 case SIOCSIFADDR: 1725 ifa = (struct ifaddr *)data; 1726 ifp->if_flags |= IFF_UP; 1727 #ifdef INET 1728 if (ifa->ifa_addr->sa_family == AF_INET) 1729 arp_ifinit(&ic->ic_ac, ifa); 1730 #endif 1731 /* FALLTHROUGH */ 1732 case SIOCSIFFLAGS: 1733 if (ifp->if_flags & IFF_UP) { 1734 if (!(ifp->if_flags & IFF_RUNNING)) 1735 wpi_init(ifp); 1736 } else { 1737 if (ifp->if_flags & IFF_RUNNING) 1738 wpi_stop(ifp, 1); 1739 } 1740 break; 1741 1742 case SIOCADDMULTI: 1743 case SIOCDELMULTI: 1744 ifr = (struct ifreq *)data; 1745 error = (cmd == SIOCADDMULTI) ? 1746 ether_addmulti(ifr, &ic->ic_ac) : 1747 ether_delmulti(ifr, &ic->ic_ac); 1748 1749 if (error == ENETRESET) 1750 error = 0; 1751 break; 1752 1753 default: 1754 error = ieee80211_ioctl(ifp, cmd, data); 1755 } 1756 1757 if (error == ENETRESET) { 1758 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1759 (IFF_UP | IFF_RUNNING)) 1760 wpi_init(ifp); 1761 error = 0; 1762 } 1763 1764 splx(s); 1765 return error; 1766 } 1767 1768 /* 1769 * Extract various information from EEPROM. 1770 */ 1771 void 1772 wpi_read_eeprom(struct wpi_softc *sc) 1773 { 1774 struct ieee80211com *ic = &sc->sc_ic; 1775 uint16_t val; 1776 int i; 1777 1778 /* read MAC address */ 1779 val = wpi_read_prom_word(sc, WPI_EEPROM_MAC + 0); 1780 ic->ic_myaddr[0] = val & 0xff; 1781 ic->ic_myaddr[1] = val >> 8; 1782 val = wpi_read_prom_word(sc, WPI_EEPROM_MAC + 1); 1783 ic->ic_myaddr[2] = val & 0xff; 1784 ic->ic_myaddr[3] = val >> 8; 1785 val = wpi_read_prom_word(sc, WPI_EEPROM_MAC + 2); 1786 ic->ic_myaddr[4] = val & 0xff; 1787 ic->ic_myaddr[5] = val >> 8; 1788 1789 /* read power settings for 2.4GHz channels */ 1790 for (i = 0; i < 14; i++) { 1791 sc->pwr1[i] = wpi_read_prom_word(sc, WPI_EEPROM_PWR1 + i); 1792 sc->pwr2[i] = wpi_read_prom_word(sc, WPI_EEPROM_PWR2 + i); 1793 DPRINTFN(2, ("channel %d pwr1 0x%04x pwr2 0x%04x\n", i + 1, 1794 sc->pwr1[i], sc->pwr2[i])); 1795 } 1796 } 1797 1798 /* 1799 * Send a command to the firmware. 1800 */ 1801 int 1802 wpi_cmd(struct wpi_softc *sc, int code, const void *buf, int size, int async) 1803 { 1804 struct wpi_tx_ring *ring = &sc->cmdq; 1805 struct wpi_tx_desc *desc; 1806 struct wpi_tx_cmd *cmd; 1807 1808 KASSERT(size <= sizeof cmd->data); 1809 1810 desc = &ring->desc[ring->cur]; 1811 cmd = &ring->cmd[ring->cur]; 1812 1813 cmd->code = code; 1814 cmd->flags = 0; 1815 cmd->qid = ring->qid; 1816 cmd->idx = ring->cur; 1817 bcopy(buf, cmd->data, size); 1818 1819 desc->flags = htole32(WPI_PAD32(size) << 28 | 1 << 24); 1820 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 1821 ring->cur * sizeof (struct wpi_tx_cmd)); 1822 desc->segs[0].len = htole32(4 + size); 1823 1824 /* kick cmd ring */ 1825 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 1826 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 1827 1828 return async ? 0 : tsleep(cmd, PCATCH, "wpicmd", hz); 1829 } 1830 1831 /* 1832 * Configure h/w multi-rate retries. 1833 */ 1834 int 1835 wpi_mrr_setup(struct wpi_softc *sc) 1836 { 1837 struct ieee80211com *ic = &sc->sc_ic; 1838 struct wpi_mrr_setup mrr; 1839 int i, error; 1840 1841 /* CCK rates (not used with 802.11a) */ 1842 for (i = WPI_CCK1; i <= WPI_CCK11; i++) { 1843 mrr.rates[i].flags = 0; 1844 mrr.rates[i].plcp = wpi_ridx_to_plcp[i]; 1845 /* fallback to the immediate lower CCK rate (if any) */ 1846 mrr.rates[i].next = (i == WPI_CCK1) ? WPI_CCK1 : i - 1; 1847 /* try one time at this rate before falling back to "next" */ 1848 mrr.rates[i].ntries = 1; 1849 } 1850 1851 /* OFDM rates (not used with 802.11b) */ 1852 for (i = WPI_OFDM6; i <= WPI_OFDM54; i++) { 1853 mrr.rates[i].flags = 0; 1854 mrr.rates[i].plcp = wpi_ridx_to_plcp[i]; 1855 /* fallback to the immediate lower rate (if any) */ 1856 /* we allow fallback from OFDM/6 to CCK/2 in 11b/g mode */ 1857 mrr.rates[i].next = (i == WPI_OFDM6) ? 1858 ((ic->ic_curmode == IEEE80211_MODE_11A) ? 1859 WPI_OFDM6 : WPI_CCK2) : 1860 i - 1; 1861 /* try one time at this rate before falling back to "next" */ 1862 mrr.rates[i].ntries = 1; 1863 } 1864 1865 /* setup MRR for control frames */ 1866 mrr.which = htole32(WPI_MRR_CTL); 1867 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 1); 1868 if (error != 0) { 1869 printf("%s: could not setup MRR for control frames\n", 1870 sc->sc_dev.dv_xname); 1871 return error; 1872 } 1873 1874 /* setup MRR for data frames */ 1875 mrr.which = htole32(WPI_MRR_DATA); 1876 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 1); 1877 if (error != 0) { 1878 printf("%s: could not setup MRR for data frames\n", 1879 sc->sc_dev.dv_xname); 1880 return error; 1881 } 1882 1883 return 0; 1884 } 1885 1886 void 1887 wpi_set_led(struct wpi_softc *sc, uint8_t which, uint8_t off, uint8_t on) 1888 { 1889 struct wpi_cmd_led led; 1890 1891 led.which = which; 1892 led.unit = htole32(100000); /* on/off in unit of 100ms */ 1893 led.off = off; 1894 led.on = on; 1895 1896 (void)wpi_cmd(sc, WPI_CMD_SET_LED, &led, sizeof led, 1); 1897 } 1898 1899 void 1900 wpi_enable_tsf(struct wpi_softc *sc, struct ieee80211_node *ni) 1901 { 1902 struct wpi_cmd_tsf tsf; 1903 uint64_t val, mod; 1904 1905 bzero(&tsf, sizeof tsf); 1906 bcopy(ni->ni_tstamp, &tsf.tstamp, sizeof (uint64_t)); 1907 tsf.bintval = htole16(ni->ni_intval); 1908 tsf.lintval = htole16(10); 1909 1910 /* compute remaining time until next beacon */ 1911 val = (uint64_t)ni->ni_intval * 1024; /* msecs -> usecs */ 1912 mod = letoh64(tsf.tstamp) % val; 1913 tsf.binitval = htole32((uint32_t)(val - mod)); 1914 1915 DPRINTF(("TSF bintval=%u tstamp=%llu, init=%u\n", 1916 ni->ni_intval, letoh64(tsf.tstamp), (uint32_t)(val - mod))); 1917 1918 if (wpi_cmd(sc, WPI_CMD_TSF, &tsf, sizeof tsf, 1) != 0) 1919 printf("%s: could not enable TSF\n", sc->sc_dev.dv_xname); 1920 } 1921 1922 /* 1923 * Build a beacon frame that the firmware will broadcast periodically in 1924 * IBSS or HostAP modes. 1925 */ 1926 int 1927 wpi_setup_beacon(struct wpi_softc *sc, struct ieee80211_node *ni) 1928 { 1929 struct ieee80211com *ic = &sc->sc_ic; 1930 struct wpi_tx_ring *ring = &sc->cmdq; 1931 struct wpi_tx_desc *desc; 1932 struct wpi_tx_data *data; 1933 struct wpi_tx_cmd *cmd; 1934 struct wpi_cmd_beacon *bcn; 1935 struct mbuf *m0; 1936 int error; 1937 1938 desc = &ring->desc[ring->cur]; 1939 data = &ring->data[ring->cur]; 1940 1941 m0 = ieee80211_beacon_alloc(ic, ni); 1942 if (m0 == NULL) { 1943 printf("%s: could not allocate beacon frame\n", 1944 sc->sc_dev.dv_xname); 1945 return ENOMEM; 1946 } 1947 1948 cmd = &ring->cmd[ring->cur]; 1949 cmd->code = WPI_CMD_SET_BEACON; 1950 cmd->flags = 0; 1951 cmd->qid = ring->qid; 1952 cmd->idx = ring->cur; 1953 1954 bcn = (struct wpi_cmd_beacon *)cmd->data; 1955 bzero(bcn, sizeof (struct wpi_cmd_beacon)); 1956 bcn->id = WPI_ID_BROADCAST; 1957 bcn->ofdm_mask = 0xff; 1958 bcn->cck_mask = 0x0f; 1959 bcn->lifetime = htole32(0xffffffff); 1960 bcn->len = htole16(m0->m_pkthdr.len); 1961 bcn->rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 1962 wpi_plcp_signal(12) : wpi_plcp_signal(2); 1963 bcn->flags = htole32(WPI_TX_AUTO_SEQ | WPI_TX_INSERT_TSTAMP); 1964 1965 /* save and trim IEEE802.11 header */ 1966 m_copydata(m0, 0, sizeof (struct ieee80211_frame), (caddr_t)&bcn->wh); 1967 m_adj(m0, sizeof (struct ieee80211_frame)); 1968 1969 /* assume beacon frame is contiguous */ 1970 error = bus_dmamap_load(sc->sc_dmat, data->map, mtod(m0, void *), 1971 m0->m_pkthdr.len, NULL, BUS_DMA_NOWAIT); 1972 if (error != 0) { 1973 printf("%s: could not map beacon\n", sc->sc_dev.dv_xname); 1974 m_freem(m0); 1975 return error; 1976 } 1977 1978 data->m = m0; 1979 1980 /* first scatter/gather segment is used by the beacon command */ 1981 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 2 << 24); 1982 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 1983 ring->cur * sizeof (struct wpi_tx_cmd)); 1984 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_beacon)); 1985 desc->segs[1].addr = htole32(data->map->dm_segs[0].ds_addr); 1986 desc->segs[1].len = htole32(data->map->dm_segs[0].ds_len); 1987 1988 /* kick cmd ring */ 1989 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 1990 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 1991 1992 return 0; 1993 } 1994 1995 int 1996 wpi_auth(struct wpi_softc *sc) 1997 { 1998 struct ieee80211com *ic = &sc->sc_ic; 1999 struct ieee80211_node *ni = ic->ic_bss; 2000 struct wpi_node_info node; 2001 int error; 2002 2003 /* update adapter's configuration */ 2004 IEEE80211_ADDR_COPY(sc->config.bssid, ni->ni_bssid); 2005 sc->config.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2006 sc->config.flags = htole32(WPI_CONFIG_TSF); 2007 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2008 sc->config.flags |= htole32(WPI_CONFIG_AUTO | 2009 WPI_CONFIG_24GHZ); 2010 } 2011 switch (ic->ic_curmode) { 2012 case IEEE80211_MODE_11A: 2013 sc->config.cck_mask = 0; 2014 sc->config.ofdm_mask = 0x15; 2015 break; 2016 case IEEE80211_MODE_11B: 2017 sc->config.cck_mask = 0x03; 2018 sc->config.ofdm_mask = 0; 2019 break; 2020 default: /* assume 802.11b/g */ 2021 sc->config.cck_mask = 0x0f; 2022 sc->config.ofdm_mask = 0x15; 2023 } 2024 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2025 sc->config.flags |= htole32(WPI_CONFIG_SHSLOT); 2026 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2027 sc->config.flags |= htole32(WPI_CONFIG_SHPREAMBLE); 2028 DPRINTF(("config chan %d flags %x cck %x ofdm %x\n", sc->config.chan, 2029 sc->config.flags, sc->config.cck_mask, sc->config.ofdm_mask)); 2030 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 2031 sizeof (struct wpi_config), 1); 2032 if (error != 0) { 2033 printf("%s: could not configure\n", sc->sc_dev.dv_xname); 2034 return error; 2035 } 2036 2037 /* add default node */ 2038 bzero(&node, sizeof node); 2039 IEEE80211_ADDR_COPY(node.bssid, ni->ni_bssid); 2040 node.id = WPI_ID_BSS; 2041 node.rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2042 wpi_plcp_signal(12) : wpi_plcp_signal(2); 2043 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 1); 2044 if (error != 0) { 2045 printf("%s: could not add BSS node\n", sc->sc_dev.dv_xname); 2046 return error; 2047 } 2048 2049 error = wpi_mrr_setup(sc); 2050 if (error != 0) { 2051 printf("%s: could not setup MRR\n", sc->sc_dev.dv_xname); 2052 return error; 2053 } 2054 2055 return 0; 2056 } 2057 2058 /* 2059 * Send a scan request to the firmware. Since this command is huge, we map it 2060 * into a mbuf instead of using the pre-allocated set of commands. 2061 */ 2062 int 2063 wpi_scan(struct wpi_softc *sc, uint16_t flags) 2064 { 2065 struct ieee80211com *ic = &sc->sc_ic; 2066 struct wpi_tx_ring *ring = &sc->cmdq; 2067 struct wpi_tx_desc *desc; 2068 struct wpi_tx_data *data; 2069 struct wpi_tx_cmd *cmd; 2070 struct wpi_scan_hdr *hdr; 2071 struct wpi_scan_chan *chan; 2072 struct ieee80211_frame *wh; 2073 struct ieee80211_rateset *rs; 2074 struct ieee80211_channel *c; 2075 enum ieee80211_phymode mode; 2076 uint8_t *frm; 2077 int pktlen, error; 2078 2079 desc = &ring->desc[ring->cur]; 2080 data = &ring->data[ring->cur]; 2081 2082 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 2083 if (data->m == NULL) { 2084 printf("%s: could not allocate mbuf for scan command\n", 2085 sc->sc_dev.dv_xname); 2086 return ENOMEM; 2087 } 2088 MCLGET(data->m, M_DONTWAIT); 2089 if (!(data->m->m_flags & M_EXT)) { 2090 m_freem(data->m); 2091 data->m = NULL; 2092 printf("%s: could not allocate mbuf for scan command\n", 2093 sc->sc_dev.dv_xname); 2094 return ENOMEM; 2095 } 2096 2097 cmd = mtod(data->m, struct wpi_tx_cmd *); 2098 cmd->code = WPI_CMD_SCAN; 2099 cmd->flags = 0; 2100 cmd->qid = ring->qid; 2101 cmd->idx = ring->cur; 2102 2103 hdr = (struct wpi_scan_hdr *)cmd->data; 2104 bzero(hdr, sizeof (struct wpi_scan_hdr)); 2105 hdr->first = 1; 2106 /* 2107 * Move to the next channel if no packets are received within 5 msecs 2108 * after sending the probe request (this helps to reduce the duration 2109 * of active scans). 2110 */ 2111 hdr->quiet = htole16(5); /* timeout in milliseconds */ 2112 hdr->threshold = htole16(1); /* min # of packets */ 2113 2114 if (flags & IEEE80211_CHAN_A) { 2115 hdr->band = htole16(WPI_SCAN_5GHZ); 2116 /* send probe requests at 6Mbps */ 2117 hdr->rate = wpi_plcp_signal(12); 2118 } else { 2119 hdr->flags = htole32(WPI_CONFIG_24GHZ | WPI_CONFIG_AUTO); 2120 /* send probe requests at 1Mbps */ 2121 hdr->rate = wpi_plcp_signal(2); 2122 } 2123 hdr->id = WPI_ID_BROADCAST; 2124 hdr->mask = htole32(0xffffffff); 2125 hdr->magic1 = htole32(1 << 13); 2126 2127 hdr->esslen = ic->ic_des_esslen; 2128 bcopy(ic->ic_des_essid, hdr->essid, ic->ic_des_esslen); 2129 2130 /* 2131 * Build a probe request frame. Most of the following code is a 2132 * copy & paste of what is done in net80211. 2133 */ 2134 wh = (struct ieee80211_frame *)(hdr + 1); 2135 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2136 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 2137 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2138 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2139 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2140 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2141 *(u_int16_t *)&wh->i_dur[0] = 0; /* filled by h/w */ 2142 *(u_int16_t *)&wh->i_seq[0] = 0; /* filled by h/w */ 2143 2144 frm = (uint8_t *)(wh + 1); 2145 2146 /* add essid IE */ 2147 frm = ieee80211_add_ssid(frm, ic->ic_des_essid, ic->ic_des_esslen); 2148 2149 mode = ieee80211_chan2mode(ic, ic->ic_ibss_chan); 2150 rs = &ic->ic_sup_rates[mode]; 2151 2152 /* add supported rates IE */ 2153 frm = ieee80211_add_rates(frm, rs); 2154 2155 /* add supported xrates IE */ 2156 frm = ieee80211_add_xrates(frm, rs); 2157 2158 /* setup length of probe request */ 2159 hdr->length = htole16(frm - (uint8_t *)wh); 2160 2161 chan = (struct wpi_scan_chan *)frm; 2162 for (c = &ic->ic_channels[1]; 2163 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 2164 if ((c->ic_flags & flags) != flags) 2165 continue; 2166 2167 chan->chan = ieee80211_chan2ieee(ic, c); 2168 chan->flags = (c->ic_flags & IEEE80211_CHAN_PASSIVE) ? 2169 0 : WPI_CHAN_ACTIVE; 2170 chan->magic = htole16(0x62ab); 2171 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2172 chan->active = htole16(10); 2173 chan->passive = htole16(110); 2174 } else { 2175 chan->active = htole16(20); 2176 chan->passive = htole16(120); 2177 } 2178 hdr->nchan++; 2179 chan++; 2180 2181 frm += sizeof (struct wpi_scan_chan); 2182 } 2183 2184 hdr->len = hdr->nchan * sizeof (struct wpi_scan_chan); 2185 pktlen = frm - mtod(data->m, uint8_t *); 2186 2187 error = bus_dmamap_load(sc->sc_dmat, data->map, cmd, pktlen, NULL, 2188 BUS_DMA_NOWAIT); 2189 if (error != 0) { 2190 printf("%s: could not map scan command\n", 2191 sc->sc_dev.dv_xname); 2192 m_freem(data->m); 2193 data->m = NULL; 2194 return error; 2195 } 2196 2197 desc->flags = htole32(WPI_PAD32(pktlen) << 28 | 1 << 24); 2198 desc->segs[0].addr = htole32(data->map->dm_segs[0].ds_addr); 2199 desc->segs[0].len = htole32(data->map->dm_segs[0].ds_len); 2200 2201 /* kick cmd ring */ 2202 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2203 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2204 2205 return 0; /* will be notified async. of failure/success */ 2206 } 2207 2208 int 2209 wpi_config(struct wpi_softc *sc) 2210 { 2211 struct ieee80211com *ic = &sc->sc_ic; 2212 struct ifnet *ifp = &ic->ic_if; 2213 struct wpi_txpower txpower; 2214 struct wpi_power power; 2215 struct wpi_bluetooth bluetooth; 2216 struct wpi_node_info node; 2217 int error; 2218 2219 /* set Tx power for 2.4GHz channels (values read from EEPROM) */ 2220 bzero(&txpower, sizeof txpower); 2221 bcopy(sc->pwr1, txpower.pwr1, 14 * sizeof (uint16_t)); 2222 bcopy(sc->pwr2, txpower.pwr2, 14 * sizeof (uint16_t)); 2223 error = wpi_cmd(sc, WPI_CMD_TXPOWER, &txpower, sizeof txpower, 0); 2224 if (error != 0) { 2225 printf("%s: could not set txpower\n", sc->sc_dev.dv_xname); 2226 return error; 2227 } 2228 2229 /* set power mode */ 2230 bzero(&power, sizeof power); 2231 power.flags = htole32(0x8); /* XXX */ 2232 error = wpi_cmd(sc, WPI_CMD_SET_POWER_MODE, &power, sizeof power, 0); 2233 if (error != 0) { 2234 printf("%s: could not set power mode\n", sc->sc_dev.dv_xname); 2235 return error; 2236 } 2237 2238 /* configure bluetooth coexistence */ 2239 bzero(&bluetooth, sizeof bluetooth); 2240 bluetooth.flags = 3; 2241 bluetooth.lead = 0xaa; 2242 bluetooth.kill = 1; 2243 error = wpi_cmd(sc, WPI_CMD_BLUETOOTH, &bluetooth, sizeof bluetooth, 2244 0); 2245 if (error != 0) { 2246 printf("%s: could not configure bluetooth coexistence\n", 2247 sc->sc_dev.dv_xname); 2248 return error; 2249 } 2250 2251 /* configure adapter */ 2252 bzero(&sc->config, sizeof (struct wpi_config)); 2253 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2254 IEEE80211_ADDR_COPY(sc->config.myaddr, ic->ic_myaddr); 2255 /* set default channel */ 2256 sc->config.chan = ieee80211_chan2ieee(ic, ic->ic_ibss_chan); 2257 sc->config.flags = htole32(WPI_CONFIG_TSF); 2258 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_ibss_chan)) { 2259 sc->config.flags |= htole32(WPI_CONFIG_AUTO | 2260 WPI_CONFIG_24GHZ); 2261 } 2262 sc->config.filter = 0; 2263 switch (ic->ic_opmode) { 2264 case IEEE80211_M_STA: 2265 sc->config.mode = WPI_MODE_STA; 2266 sc->config.filter |= htole32(WPI_FILTER_MULTICAST); 2267 break; 2268 case IEEE80211_M_IBSS: 2269 case IEEE80211_M_AHDEMO: 2270 sc->config.mode = WPI_MODE_IBSS; 2271 break; 2272 case IEEE80211_M_HOSTAP: 2273 sc->config.mode = WPI_MODE_HOSTAP; 2274 break; 2275 case IEEE80211_M_MONITOR: 2276 sc->config.mode = WPI_MODE_MONITOR; 2277 sc->config.filter |= htole32(WPI_FILTER_MULTICAST | 2278 WPI_FILTER_CTL | WPI_FILTER_PROMISC); 2279 break; 2280 } 2281 sc->config.cck_mask = 0x0f; /* not yet negotiated */ 2282 sc->config.ofdm_mask = 0xff; /* not yet negotiated */ 2283 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 2284 sizeof (struct wpi_config), 0); 2285 if (error != 0) { 2286 printf("%s: configure command failed\n", sc->sc_dev.dv_xname); 2287 return error; 2288 } 2289 2290 /* add broadcast node */ 2291 bzero(&node, sizeof node); 2292 IEEE80211_ADDR_COPY(node.bssid, etherbroadcastaddr); 2293 node.id = WPI_ID_BROADCAST; 2294 node.rate = wpi_plcp_signal(2); 2295 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 0); 2296 if (error != 0) { 2297 printf("%s: could not add broadcast node\n", 2298 sc->sc_dev.dv_xname); 2299 return error; 2300 } 2301 2302 return 0; 2303 } 2304 2305 void 2306 wpi_stop_master(struct wpi_softc *sc) 2307 { 2308 uint32_t tmp; 2309 int ntries; 2310 2311 tmp = WPI_READ(sc, WPI_RESET); 2312 WPI_WRITE(sc, WPI_RESET, tmp | WPI_STOP_MASTER); 2313 2314 tmp = WPI_READ(sc, WPI_GPIO_CTL); 2315 if ((tmp & WPI_GPIO_PWR_STATUS) == WPI_GPIO_PWR_SLEEP) 2316 return; /* already asleep */ 2317 2318 for (ntries = 0; ntries < 100; ntries++) { 2319 if (WPI_READ(sc, WPI_RESET) & WPI_MASTER_DISABLED) 2320 break; 2321 DELAY(10); 2322 } 2323 if (ntries == 100) { 2324 printf("%s: timeout waiting for master\n", 2325 sc->sc_dev.dv_xname); 2326 } 2327 } 2328 2329 int 2330 wpi_power_up(struct wpi_softc *sc) 2331 { 2332 uint32_t tmp; 2333 int ntries; 2334 2335 wpi_mem_lock(sc); 2336 tmp = wpi_mem_read(sc, WPI_MEM_POWER); 2337 wpi_mem_write(sc, WPI_MEM_POWER, tmp & ~0x03000000); 2338 wpi_mem_unlock(sc); 2339 2340 for (ntries = 0; ntries < 5000; ntries++) { 2341 if (WPI_READ(sc, WPI_GPIO_STATUS) & WPI_POWERED) 2342 break; 2343 DELAY(10); 2344 } 2345 if (ntries == 5000) { 2346 printf("%s: timeout waiting for NIC to power up\n", 2347 sc->sc_dev.dv_xname); 2348 return ETIMEDOUT; 2349 } 2350 return 0; 2351 } 2352 2353 int 2354 wpi_reset(struct wpi_softc *sc) 2355 { 2356 uint32_t tmp; 2357 int ntries; 2358 2359 /* clear any pending interrupts */ 2360 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 2361 2362 tmp = WPI_READ(sc, WPI_PLL_CTL); 2363 WPI_WRITE(sc, WPI_PLL_CTL, tmp | WPI_PLL_INIT); 2364 2365 tmp = WPI_READ(sc, WPI_CHICKEN); 2366 WPI_WRITE(sc, WPI_CHICKEN, tmp | WPI_CHICKEN_RXNOLOS); 2367 2368 tmp = WPI_READ(sc, WPI_GPIO_CTL); 2369 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_INIT); 2370 2371 /* wait for clock stabilization */ 2372 for (ntries = 0; ntries < 1000; ntries++) { 2373 if (WPI_READ(sc, WPI_GPIO_CTL) & WPI_GPIO_CLOCK) 2374 break; 2375 DELAY(10); 2376 } 2377 if (ntries == 1000) { 2378 printf("%s: timeout waiting for clock stabilization\n", 2379 sc->sc_dev.dv_xname); 2380 return ETIMEDOUT; 2381 } 2382 2383 /* initialize EEPROM */ 2384 tmp = WPI_READ(sc, WPI_EEPROM_STATUS); 2385 if ((tmp & WPI_EEPROM_VERSION) == 0) { 2386 printf("%s: EEPROM not found\n", sc->sc_dev.dv_xname); 2387 return EIO; 2388 } 2389 WPI_WRITE(sc, WPI_EEPROM_STATUS, tmp & ~WPI_EEPROM_LOCKED); 2390 2391 return 0; 2392 } 2393 2394 void 2395 wpi_hw_config(struct wpi_softc *sc) 2396 { 2397 uint16_t val; 2398 uint32_t rev, hw; 2399 2400 /* voodoo from the Linux "driver".. */ 2401 hw = WPI_READ(sc, WPI_HWCONFIG); 2402 2403 rev = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_CLASS_REG); 2404 rev = PCI_REVISION(rev); 2405 if ((rev & 0xc0) == 0x40) 2406 hw |= WPI_HW_ALM_MB; 2407 else if (!(rev & 0x80)) 2408 hw |= WPI_HW_ALM_MM; 2409 2410 val = wpi_read_prom_word(sc, WPI_EEPROM_CAPABILITIES); 2411 if ((val & 0xff) == 0x80) 2412 hw |= WPI_HW_SKU_MRC; 2413 2414 val = wpi_read_prom_word(sc, WPI_EEPROM_REVISION); 2415 hw &= ~WPI_HW_REV_D; 2416 if ((val & 0xf0) == 0xd0) 2417 hw |= WPI_HW_REV_D; 2418 2419 val = wpi_read_prom_word(sc, WPI_EEPROM_TYPE); 2420 if ((val & 0xff) > 1) 2421 hw |= WPI_HW_TYPE_B; 2422 2423 DPRINTF(("setting h/w config %x\n", hw)); 2424 WPI_WRITE(sc, WPI_HWCONFIG, hw); 2425 } 2426 2427 int 2428 wpi_init(struct ifnet *ifp) 2429 { 2430 struct wpi_softc *sc = ifp->if_softc; 2431 struct ieee80211com *ic = &sc->sc_ic; 2432 const struct wpi_firmware_hdr *hdr; 2433 const char *boot, *text, *data; 2434 u_char *fw; 2435 size_t size; 2436 uint32_t tmp; 2437 int qid, ntries, error; 2438 2439 (void)wpi_reset(sc); 2440 2441 wpi_mem_lock(sc); 2442 wpi_mem_write(sc, WPI_MEM_CLOCK1, 0xa00); 2443 DELAY(20); 2444 tmp = wpi_mem_read(sc, WPI_MEM_PCIDEV); 2445 wpi_mem_write(sc, WPI_MEM_PCIDEV, tmp | 0x800); 2446 wpi_mem_unlock(sc); 2447 2448 (void)wpi_power_up(sc); 2449 wpi_hw_config(sc); 2450 2451 /* init Rx ring */ 2452 wpi_mem_lock(sc); 2453 WPI_WRITE(sc, WPI_RX_BASE, sc->rxq.desc_dma.paddr); 2454 WPI_WRITE(sc, WPI_RX_RIDX_PTR, sc->shared_dma.paddr + 2455 offsetof(struct wpi_shared, next)); 2456 WPI_WRITE(sc, WPI_RX_WIDX, (WPI_RX_RING_COUNT - 1) & ~7); 2457 WPI_WRITE(sc, WPI_RX_CONFIG, 0xa9601010); 2458 wpi_mem_unlock(sc); 2459 2460 /* init Tx rings */ 2461 wpi_mem_lock(sc); 2462 wpi_mem_write(sc, WPI_MEM_MODE, 2); /* bypass mode */ 2463 wpi_mem_write(sc, WPI_MEM_RA, 1); /* enable RA0 */ 2464 wpi_mem_write(sc, WPI_MEM_TXCFG, 0x3f); /* enable all 6 Tx rings */ 2465 wpi_mem_write(sc, WPI_MEM_BYPASS1, 0x10000); 2466 wpi_mem_write(sc, WPI_MEM_BYPASS2, 0x30002); 2467 wpi_mem_write(sc, WPI_MEM_MAGIC4, 4); 2468 wpi_mem_write(sc, WPI_MEM_MAGIC5, 5); 2469 2470 WPI_WRITE(sc, WPI_TX_BASE_PTR, sc->shared_dma.paddr); 2471 WPI_WRITE(sc, WPI_MSG_CONFIG, 0xffff05a5); 2472 2473 for (qid = 0; qid < 6; qid++) { 2474 WPI_WRITE(sc, WPI_TX_CTL(qid), 0); 2475 WPI_WRITE(sc, WPI_TX_BASE(qid), 0); 2476 WPI_WRITE(sc, WPI_TX_CONFIG(qid), 0x80200008); 2477 } 2478 wpi_mem_unlock(sc); 2479 2480 /* clear "radio off" and "disable command" bits (reversed logic) */ 2481 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 2482 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_DISABLE_CMD); 2483 2484 /* clear any pending interrupts */ 2485 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 2486 /* enable interrupts */ 2487 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 2488 2489 if ((error = loadfirmware("wpi-ucode", &fw, &size)) != 0) { 2490 printf("%s: could not read firmware file\n", 2491 sc->sc_dev.dv_xname); 2492 goto fail1; 2493 } 2494 2495 if (size < sizeof (struct wpi_firmware_hdr)) { 2496 printf("%s: firmware file too short: %d bytes\n", 2497 sc->sc_dev.dv_xname, size); 2498 error = EINVAL; 2499 goto fail2; 2500 } 2501 2502 hdr = (const struct wpi_firmware_hdr *)fw; 2503 if (size < sizeof (struct wpi_firmware_hdr) + letoh32(hdr->textsz) + 2504 letoh32(hdr->datasz) + letoh32(hdr->bootsz)) { 2505 printf("%s: firmware file too short: %d bytes\n", 2506 sc->sc_dev.dv_xname, size); 2507 error = EINVAL; 2508 goto fail2; 2509 } 2510 2511 /* firmware image layout: |HDR|<--TEXT-->|<--DATA-->|<--BOOT-->| */ 2512 text = (const char *)(hdr + 1); 2513 data = text + letoh32(hdr->textsz); 2514 boot = data + letoh32(hdr->datasz); 2515 2516 /* load firmware boot code into NIC */ 2517 error = wpi_load_microcode(sc, boot, letoh32(hdr->bootsz)); 2518 if (error != 0) { 2519 printf("%s: could not load microcode\n", sc->sc_dev.dv_xname); 2520 goto fail2; 2521 } 2522 2523 /* load firmware .text segment into NIC */ 2524 error = wpi_load_firmware(sc, WPI_FW_TEXT, text, letoh32(hdr->textsz)); 2525 if (error != 0) { 2526 printf("%s: could not load firmware\n", sc->sc_dev.dv_xname); 2527 goto fail2; 2528 } 2529 2530 /* load firmware .data segment into NIC */ 2531 error = wpi_load_firmware(sc, WPI_FW_DATA, data, letoh32(hdr->datasz)); 2532 if (error != 0) { 2533 printf("%s: could not load firmware\n", sc->sc_dev.dv_xname); 2534 goto fail2; 2535 } 2536 2537 free(fw, M_DEVBUF); 2538 2539 /* now press "execute" ;-) */ 2540 tmp = WPI_READ(sc, WPI_RESET); 2541 tmp &= ~(WPI_MASTER_DISABLED | WPI_STOP_MASTER | WPI_NEVO_RESET); 2542 WPI_WRITE(sc, WPI_RESET, tmp); 2543 2544 /* ..and wait at most one second for adapter to initialize */ 2545 if ((error = tsleep(sc, PCATCH, "wpiinit", hz)) != 0) { 2546 /* this isn't what was supposed to happen.. */ 2547 printf("%s: timeout waiting for adapter to initialize\n", 2548 sc->sc_dev.dv_xname); 2549 goto fail1; 2550 } 2551 2552 /* wait for thermal sensors to calibrate */ 2553 for (ntries = 0; ntries < 1000; ntries++) { 2554 if (WPI_READ(sc, WPI_TEMPERATURE) != 0) 2555 break; 2556 DELAY(10); 2557 } 2558 if (ntries == 1000) { 2559 printf("%s: timeout waiting for thermal sensors calibration\n", 2560 sc->sc_dev.dv_xname); 2561 error = ETIMEDOUT; 2562 goto fail1; 2563 } 2564 DPRINTF(("temperature %d\n", (int)WPI_READ(sc, WPI_TEMPERATURE))); 2565 2566 if ((error = wpi_config(sc)) != 0) { 2567 printf("%s: could not configure device\n", 2568 sc->sc_dev.dv_xname); 2569 goto fail1; 2570 } 2571 2572 ifp->if_flags &= ~IFF_OACTIVE; 2573 ifp->if_flags |= IFF_RUNNING; 2574 2575 if (ic->ic_opmode != IEEE80211_M_MONITOR) 2576 ieee80211_begin_scan(ifp); 2577 else 2578 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2579 2580 return 0; 2581 2582 fail2: free(fw, M_DEVBUF); 2583 fail1: wpi_stop(ifp, 1); 2584 return error; 2585 } 2586 2587 void 2588 wpi_stop(struct ifnet *ifp, int disable) 2589 { 2590 struct wpi_softc *sc = ifp->if_softc; 2591 struct ieee80211com *ic = &sc->sc_ic; 2592 uint32_t tmp; 2593 int ac; 2594 2595 ifp->if_timer = sc->sc_tx_timer = 0; 2596 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2597 2598 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2599 2600 /* disable interrupts */ 2601 WPI_WRITE(sc, WPI_MASK, 0); 2602 WPI_WRITE(sc, WPI_INTR, WPI_INTR_MASK); 2603 WPI_WRITE(sc, WPI_INTR_STATUS, 0xff); 2604 WPI_WRITE(sc, WPI_INTR_STATUS, 0x00070000); 2605 2606 wpi_mem_lock(sc); 2607 wpi_mem_write(sc, WPI_MEM_MODE, 0); 2608 wpi_mem_unlock(sc); 2609 2610 /* reset all Tx rings */ 2611 for (ac = 0; ac < 4; ac++) 2612 wpi_reset_tx_ring(sc, &sc->txq[ac]); 2613 wpi_reset_tx_ring(sc, &sc->cmdq); 2614 wpi_reset_tx_ring(sc, &sc->svcq); 2615 2616 /* reset Rx ring */ 2617 wpi_reset_rx_ring(sc, &sc->rxq); 2618 2619 wpi_mem_lock(sc); 2620 wpi_mem_write(sc, WPI_MEM_CLOCK2, 0x200); 2621 wpi_mem_unlock(sc); 2622 2623 DELAY(5); 2624 2625 wpi_stop_master(sc); 2626 2627 tmp = WPI_READ(sc, WPI_RESET); 2628 WPI_WRITE(sc, WPI_RESET, tmp | WPI_SW_RESET); 2629 } 2630 2631 void 2632 wpi_iter_func(void *arg, struct ieee80211_node *ni) 2633 { 2634 struct wpi_softc *sc = arg; 2635 struct wpi_node *wn = (struct wpi_node *)ni; 2636 2637 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 2638 } 2639 2640 void 2641 wpi_amrr_timeout(void *arg) 2642 { 2643 struct wpi_softc *sc = arg; 2644 struct ieee80211com *ic = &sc->sc_ic; 2645 int s; 2646 2647 s = splnet(); 2648 if (ic->ic_opmode == IEEE80211_M_STA) 2649 wpi_iter_func(sc, ic->ic_bss); 2650 else 2651 ieee80211_iterate_nodes(ic, wpi_iter_func, sc); 2652 splx(s); 2653 2654 timeout_add(&sc->amrr_ch, hz / 2); 2655 } 2656 2657 void 2658 wpi_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 2659 { 2660 struct wpi_softc *sc = ic->ic_if.if_softc; 2661 int i; 2662 2663 ieee80211_amrr_node_init(&sc->amrr, &((struct wpi_node *)ni)->amn); 2664 2665 /* set rate to some reasonable initial value */ 2666 for (i = ni->ni_rates.rs_nrates - 1; 2667 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 2668 i--); 2669 ni->ni_txrate = i; 2670 } 2671 2672 struct cfdriver wpi_cd = { 2673 NULL, "wpi", DV_IFNET 2674 }; 2675