1 /* $OpenBSD: if_otus.c,v 1.53 2016/04/13 11:03:37 mpi Exp $ */ 2 3 /*- 4 * Copyright (c) 2009 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /* 20 * Driver for Atheros AR9001U chipset. 21 */ 22 23 #include "bpfilter.h" 24 25 #include <sys/param.h> 26 #include <sys/sockio.h> 27 #include <sys/mbuf.h> 28 #include <sys/kernel.h> 29 #include <sys/socket.h> 30 #include <sys/systm.h> 31 #include <sys/timeout.h> 32 #include <sys/conf.h> 33 #include <sys/device.h> 34 #include <sys/endian.h> 35 36 #include <machine/intr.h> 37 38 #if NBPFILTER > 0 39 #include <net/bpf.h> 40 #endif 41 #include <net/if.h> 42 #include <net/if_dl.h> 43 #include <net/if_media.h> 44 45 #include <netinet/in.h> 46 #include <netinet/if_ether.h> 47 48 #include <net80211/ieee80211_var.h> 49 #include <net80211/ieee80211_amrr.h> 50 #include <net80211/ieee80211_radiotap.h> 51 52 #include <dev/usb/usb.h> 53 #include <dev/usb/usbdi.h> 54 #include <dev/usb/usbdi_util.h> 55 #include <dev/usb/usbdevs.h> 56 57 #include <dev/usb/if_otusreg.h> 58 59 #ifdef OTUS_DEBUG 60 #define DPRINTF(x) do { if (otus_debug) printf x; } while (0) 61 #define DPRINTFN(n, x) do { if (otus_debug >= (n)) printf x; } while (0) 62 int otus_debug = 1; 63 #else 64 #define DPRINTF(x) 65 #define DPRINTFN(n, x) 66 #endif 67 68 static const struct usb_devno otus_devs[] = { 69 { USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_WN7512 }, 70 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_3CRUSBN275 }, 71 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_TG121N }, 72 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_AR9170 }, 73 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_WN612 }, 74 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_WN821NV2 }, 75 { USB_VENDOR_AVM, USB_PRODUCT_AVM_FRITZWLAN }, 76 { USB_VENDOR_CACE, USB_PRODUCT_CACE_AIRPCAPNX }, 77 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA130D1 }, 78 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA160A1 }, 79 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA160A2 }, 80 { USB_VENDOR_IODATA, USB_PRODUCT_IODATA_WNGDNUS2 }, 81 { USB_VENDOR_NEC, USB_PRODUCT_NEC_WL300NUG }, 82 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WN111V2 }, 83 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNA1000 }, 84 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNDA3100 }, 85 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GW_US300 }, 86 { USB_VENDOR_WISTRONNEWEB, USB_PRODUCT_WISTRONNEWEB_O8494 }, 87 { USB_VENDOR_WISTRONNEWEB, USB_PRODUCT_WISTRONNEWEB_WNC0600 }, 88 { USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_UB81 }, 89 { USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_UB82 }, 90 { USB_VENDOR_ZYDAS, USB_PRODUCT_ZYDAS_ZD1221 }, 91 { USB_VENDOR_ZYXEL, USB_PRODUCT_ZYXEL_NWD271N } 92 }; 93 94 int otus_match(struct device *, void *, void *); 95 void otus_attach(struct device *, struct device *, void *); 96 int otus_detach(struct device *, int); 97 void otus_attachhook(struct device *); 98 void otus_get_chanlist(struct otus_softc *); 99 int otus_load_firmware(struct otus_softc *, const char *, 100 uint32_t); 101 int otus_open_pipes(struct otus_softc *); 102 void otus_close_pipes(struct otus_softc *); 103 int otus_alloc_tx_cmd(struct otus_softc *); 104 void otus_free_tx_cmd(struct otus_softc *); 105 int otus_alloc_tx_data_list(struct otus_softc *); 106 void otus_free_tx_data_list(struct otus_softc *); 107 int otus_alloc_rx_data_list(struct otus_softc *); 108 void otus_free_rx_data_list(struct otus_softc *); 109 void otus_next_scan(void *); 110 void otus_task(void *); 111 void otus_do_async(struct otus_softc *, 112 void (*)(struct otus_softc *, void *), void *, int); 113 int otus_newstate(struct ieee80211com *, enum ieee80211_state, 114 int); 115 void otus_newstate_cb(struct otus_softc *, void *); 116 int otus_cmd(struct otus_softc *, uint8_t, const void *, int, 117 void *); 118 void otus_write(struct otus_softc *, uint32_t, uint32_t); 119 int otus_write_barrier(struct otus_softc *); 120 struct ieee80211_node *otus_node_alloc(struct ieee80211com *); 121 int otus_media_change(struct ifnet *); 122 int otus_read_eeprom(struct otus_softc *); 123 void otus_newassoc(struct ieee80211com *, struct ieee80211_node *, 124 int); 125 void otus_intr(struct usbd_xfer *, void *, usbd_status); 126 void otus_cmd_rxeof(struct otus_softc *, uint8_t *, int); 127 void otus_sub_rxeof(struct otus_softc *, uint8_t *, int); 128 void otus_rxeof(struct usbd_xfer *, void *, usbd_status); 129 void otus_txeof(struct usbd_xfer *, void *, usbd_status); 130 int otus_tx(struct otus_softc *, struct mbuf *, 131 struct ieee80211_node *); 132 void otus_start(struct ifnet *); 133 void otus_watchdog(struct ifnet *); 134 int otus_ioctl(struct ifnet *, u_long, caddr_t); 135 int otus_set_multi(struct otus_softc *); 136 void otus_updateedca(struct ieee80211com *); 137 void otus_updateedca_cb(struct otus_softc *, void *); 138 void otus_updateslot(struct ieee80211com *); 139 void otus_updateslot_cb(struct otus_softc *, void *); 140 int otus_init_mac(struct otus_softc *); 141 uint32_t otus_phy_get_def(struct otus_softc *, uint32_t); 142 int otus_set_board_values(struct otus_softc *, 143 struct ieee80211_channel *); 144 int otus_program_phy(struct otus_softc *, 145 struct ieee80211_channel *); 146 int otus_set_rf_bank4(struct otus_softc *, 147 struct ieee80211_channel *); 148 void otus_get_delta_slope(uint32_t, uint32_t *, uint32_t *); 149 int otus_set_chan(struct otus_softc *, struct ieee80211_channel *, 150 int); 151 int otus_set_key(struct ieee80211com *, struct ieee80211_node *, 152 struct ieee80211_key *); 153 void otus_set_key_cb(struct otus_softc *, void *); 154 void otus_delete_key(struct ieee80211com *, struct ieee80211_node *, 155 struct ieee80211_key *); 156 void otus_delete_key_cb(struct otus_softc *, void *); 157 void otus_calibrate_to(void *); 158 int otus_set_bssid(struct otus_softc *, const uint8_t *); 159 int otus_set_macaddr(struct otus_softc *, const uint8_t *); 160 void otus_led_newstate_type1(struct otus_softc *); 161 void otus_led_newstate_type2(struct otus_softc *); 162 void otus_led_newstate_type3(struct otus_softc *); 163 int otus_init(struct ifnet *); 164 void otus_stop(struct ifnet *); 165 166 struct cfdriver otus_cd = { 167 NULL, "otus", DV_IFNET 168 }; 169 170 const struct cfattach otus_ca = { 171 sizeof (struct otus_softc), otus_match, otus_attach, otus_detach 172 }; 173 174 int 175 otus_match(struct device *parent, void *match, void *aux) 176 { 177 struct usb_attach_arg *uaa = aux; 178 179 if (uaa->iface != NULL) 180 return UMATCH_NONE; 181 182 return (usb_lookup(otus_devs, uaa->vendor, uaa->product) != NULL) ? 183 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 184 } 185 186 void 187 otus_attach(struct device *parent, struct device *self, void *aux) 188 { 189 struct otus_softc *sc = (struct otus_softc *)self; 190 struct usb_attach_arg *uaa = aux; 191 int error; 192 193 sc->sc_udev = uaa->device; 194 195 usb_init_task(&sc->sc_task, otus_task, sc, USB_TASK_TYPE_GENERIC); 196 timeout_set(&sc->scan_to, otus_next_scan, sc); 197 timeout_set(&sc->calib_to, otus_calibrate_to, sc); 198 199 sc->amrr.amrr_min_success_threshold = 1; 200 sc->amrr.amrr_max_success_threshold = 10; 201 202 if (usbd_set_config_no(sc->sc_udev, 1, 0) != 0) { 203 printf("%s: could not set configuration no\n", 204 sc->sc_dev.dv_xname); 205 return; 206 } 207 208 /* Get the first interface handle. */ 209 error = usbd_device2interface_handle(sc->sc_udev, 0, &sc->sc_iface); 210 if (error != 0) { 211 printf("%s: could not get interface handle\n", 212 sc->sc_dev.dv_xname); 213 return; 214 } 215 216 if ((error = otus_open_pipes(sc)) != 0) { 217 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 218 return; 219 } 220 221 config_mountroot(self, otus_attachhook); 222 } 223 224 int 225 otus_detach(struct device *self, int flags) 226 { 227 struct otus_softc *sc = (struct otus_softc *)self; 228 struct ifnet *ifp = &sc->sc_ic.ic_if; 229 int s; 230 231 s = splusb(); 232 233 if (timeout_initialized(&sc->scan_to)) 234 timeout_del(&sc->scan_to); 235 if (timeout_initialized(&sc->calib_to)) 236 timeout_del(&sc->calib_to); 237 238 /* Wait for all queued asynchronous commands to complete. */ 239 usb_rem_wait_task(sc->sc_udev, &sc->sc_task); 240 241 usbd_ref_wait(sc->sc_udev); 242 243 if (ifp->if_softc != NULL) { 244 ifp->if_flags &= ~IFF_RUNNING; 245 ifq_clr_oactive(&ifp->if_snd); 246 ieee80211_ifdetach(ifp); 247 if_detach(ifp); 248 } 249 250 otus_close_pipes(sc); 251 252 splx(s); 253 254 return 0; 255 } 256 257 void 258 otus_attachhook(struct device *self) 259 { 260 struct otus_softc *sc = (struct otus_softc *)self; 261 struct ieee80211com *ic = &sc->sc_ic; 262 struct ifnet *ifp = &ic->ic_if; 263 usb_device_request_t req; 264 uint32_t in, out; 265 int error; 266 267 error = otus_load_firmware(sc, "otus-init", AR_FW_INIT_ADDR); 268 if (error != 0) { 269 printf("%s: could not load %s firmware\n", 270 sc->sc_dev.dv_xname, "init"); 271 return; 272 } 273 274 usbd_delay_ms(sc->sc_udev, 1000); 275 276 error = otus_load_firmware(sc, "otus-main", AR_FW_MAIN_ADDR); 277 if (error != 0) { 278 printf("%s: could not load %s firmware\n", 279 sc->sc_dev.dv_xname, "main"); 280 return; 281 } 282 283 /* Tell device that firmware transfer is complete. */ 284 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 285 req.bRequest = AR_FW_DOWNLOAD_COMPLETE; 286 USETW(req.wValue, 0); 287 USETW(req.wIndex, 0); 288 USETW(req.wLength, 0); 289 if (usbd_do_request(sc->sc_udev, &req, NULL) != 0) { 290 printf("%s: firmware initialization failed\n", 291 sc->sc_dev.dv_xname); 292 return; 293 } 294 295 /* Send an ECHO command to check that everything is settled. */ 296 in = 0xbadc0ffe; 297 if (otus_cmd(sc, AR_CMD_ECHO, &in, sizeof in, &out) != 0) { 298 printf("%s: echo command failed\n", sc->sc_dev.dv_xname); 299 return; 300 } 301 if (in != out) { 302 printf("%s: echo reply mismatch: 0x%08x!=0x%08x\n", 303 sc->sc_dev.dv_xname, in, out); 304 return; 305 } 306 307 /* Read entire EEPROM. */ 308 if (otus_read_eeprom(sc) != 0) { 309 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 310 return; 311 } 312 313 sc->txmask = sc->eeprom.baseEepHeader.txMask; 314 sc->rxmask = sc->eeprom.baseEepHeader.rxMask; 315 sc->capflags = sc->eeprom.baseEepHeader.opCapFlags; 316 IEEE80211_ADDR_COPY(ic->ic_myaddr, sc->eeprom.baseEepHeader.macAddr); 317 sc->sc_led_newstate = otus_led_newstate_type3; /* XXX */ 318 319 printf("%s: MAC/BBP AR9170, RF AR%X, MIMO %dT%dR, address %s\n", 320 sc->sc_dev.dv_xname, (sc->capflags & AR5416_OPFLAGS_11A) ? 321 0x9104 : ((sc->txmask == 0x5) ? 0x9102 : 0x9101), 322 (sc->txmask == 0x5) ? 2 : 1, (sc->rxmask == 0x5) ? 2 : 1, 323 ether_sprintf(ic->ic_myaddr)); 324 325 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 326 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 327 ic->ic_state = IEEE80211_S_INIT; 328 329 /* Set device capabilities. */ 330 ic->ic_caps = 331 IEEE80211_C_MONITOR | /* monitor mode supported */ 332 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 333 IEEE80211_C_SHSLOT | /* short slot time supported */ 334 IEEE80211_C_WEP | /* WEP */ 335 IEEE80211_C_RSN; /* WPA/RSN */ 336 337 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 338 /* Set supported .11b and .11g rates. */ 339 ic->ic_sup_rates[IEEE80211_MODE_11B] = 340 ieee80211_std_rateset_11b; 341 ic->ic_sup_rates[IEEE80211_MODE_11G] = 342 ieee80211_std_rateset_11g; 343 } 344 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 345 /* Set supported .11a rates. */ 346 ic->ic_sup_rates[IEEE80211_MODE_11A] = 347 ieee80211_std_rateset_11a; 348 } 349 350 /* Build the list of supported channels. */ 351 otus_get_chanlist(sc); 352 353 ifp->if_softc = sc; 354 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 355 ifp->if_ioctl = otus_ioctl; 356 ifp->if_start = otus_start; 357 ifp->if_watchdog = otus_watchdog; 358 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 359 360 if_attach(ifp); 361 ieee80211_ifattach(ifp); 362 ic->ic_node_alloc = otus_node_alloc; 363 ic->ic_newassoc = otus_newassoc; 364 ic->ic_updateslot = otus_updateslot; 365 ic->ic_updateedca = otus_updateedca; 366 #ifdef notyet 367 ic->ic_set_key = otus_set_key; 368 ic->ic_delete_key = otus_delete_key; 369 #endif 370 /* Override state transition machine. */ 371 sc->sc_newstate = ic->ic_newstate; 372 ic->ic_newstate = otus_newstate; 373 ieee80211_media_init(ifp, otus_media_change, ieee80211_media_status); 374 375 #if NBPFILTER > 0 376 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 377 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 378 379 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 380 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 381 sc->sc_rxtap.wr_ihdr.it_present = htole32(OTUS_RX_RADIOTAP_PRESENT); 382 383 sc->sc_txtap_len = sizeof sc->sc_txtapu; 384 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 385 sc->sc_txtap.wt_ihdr.it_present = htole32(OTUS_TX_RADIOTAP_PRESENT); 386 #endif 387 } 388 389 void 390 otus_get_chanlist(struct otus_softc *sc) 391 { 392 struct ieee80211com *ic = &sc->sc_ic; 393 uint16_t domain; 394 uint8_t chan; 395 int i; 396 397 /* XXX regulatory domain. */ 398 domain = letoh16(sc->eeprom.baseEepHeader.regDmn[0]); 399 DPRINTF(("regdomain=0x%04x\n", domain)); 400 401 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 402 for (i = 0; i < 14; i++) { 403 chan = ar_chans[i]; 404 ic->ic_channels[chan].ic_freq = 405 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 406 ic->ic_channels[chan].ic_flags = 407 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 408 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 409 } 410 } 411 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 412 for (i = 14; i < nitems(ar_chans); i++) { 413 chan = ar_chans[i]; 414 ic->ic_channels[chan].ic_freq = 415 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 416 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 417 } 418 } 419 } 420 421 int 422 otus_load_firmware(struct otus_softc *sc, const char *name, uint32_t addr) 423 { 424 usb_device_request_t req; 425 size_t size; 426 u_char *fw, *ptr; 427 int mlen, error; 428 429 /* Read firmware image from the filesystem. */ 430 if ((error = loadfirmware(name, &fw, &size)) != 0) { 431 printf("%s: failed loadfirmware of file %s (error %d)\n", 432 sc->sc_dev.dv_xname, name, error); 433 return error; 434 } 435 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 436 req.bRequest = AR_FW_DOWNLOAD; 437 USETW(req.wIndex, 0); 438 439 ptr = fw; 440 addr >>= 8; 441 while (size > 0) { 442 mlen = MIN(size, 4096); 443 444 USETW(req.wValue, addr); 445 USETW(req.wLength, mlen); 446 if (usbd_do_request(sc->sc_udev, &req, ptr) != 0) { 447 error = EIO; 448 break; 449 } 450 addr += mlen >> 8; 451 ptr += mlen; 452 size -= mlen; 453 } 454 free(fw, M_DEVBUF, 0); 455 return error; 456 } 457 458 int 459 otus_open_pipes(struct otus_softc *sc) 460 { 461 usb_endpoint_descriptor_t *ed; 462 int i, isize, error; 463 464 error = usbd_open_pipe(sc->sc_iface, AR_EPT_BULK_RX_NO, 0, 465 &sc->data_rx_pipe); 466 if (error != 0) { 467 printf("%s: could not open Rx bulk pipe\n", 468 sc->sc_dev.dv_xname); 469 goto fail; 470 } 471 472 ed = usbd_get_endpoint_descriptor(sc->sc_iface, AR_EPT_INTR_RX_NO); 473 if (ed == NULL) { 474 printf("%s: could not retrieve Rx intr pipe descriptor\n", 475 sc->sc_dev.dv_xname); 476 goto fail; 477 } 478 isize = UGETW(ed->wMaxPacketSize); 479 if (isize == 0) { 480 printf("%s: invalid Rx intr pipe descriptor\n", 481 sc->sc_dev.dv_xname); 482 goto fail; 483 } 484 sc->ibuf = malloc(isize, M_USBDEV, M_NOWAIT); 485 if (sc->ibuf == NULL) { 486 printf("%s: could not allocate Rx intr buffer\n", 487 sc->sc_dev.dv_xname); 488 goto fail; 489 } 490 error = usbd_open_pipe_intr(sc->sc_iface, AR_EPT_INTR_RX_NO, 491 USBD_SHORT_XFER_OK, &sc->cmd_rx_pipe, sc, sc->ibuf, isize, 492 otus_intr, USBD_DEFAULT_INTERVAL); 493 if (error != 0) { 494 printf("%s: could not open Rx intr pipe\n", 495 sc->sc_dev.dv_xname); 496 goto fail; 497 } 498 499 error = usbd_open_pipe(sc->sc_iface, AR_EPT_BULK_TX_NO, 0, 500 &sc->data_tx_pipe); 501 if (error != 0) { 502 printf("%s: could not open Tx bulk pipe\n", 503 sc->sc_dev.dv_xname); 504 goto fail; 505 } 506 507 error = usbd_open_pipe(sc->sc_iface, AR_EPT_INTR_TX_NO, 0, 508 &sc->cmd_tx_pipe); 509 if (error != 0) { 510 printf("%s: could not open Tx intr pipe\n", 511 sc->sc_dev.dv_xname); 512 goto fail; 513 } 514 515 if (otus_alloc_tx_cmd(sc) != 0) { 516 printf("%s: could not allocate command xfer\n", 517 sc->sc_dev.dv_xname); 518 goto fail; 519 } 520 521 if (otus_alloc_tx_data_list(sc) != 0) { 522 printf("%s: could not allocate Tx xfers\n", 523 sc->sc_dev.dv_xname); 524 goto fail; 525 } 526 527 if (otus_alloc_rx_data_list(sc) != 0) { 528 printf("%s: could not allocate Rx xfers\n", 529 sc->sc_dev.dv_xname); 530 goto fail; 531 } 532 533 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) { 534 struct otus_rx_data *data = &sc->rx_data[i]; 535 536 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 537 OTUS_RXBUFSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 538 USBD_NO_TIMEOUT, otus_rxeof); 539 error = usbd_transfer(data->xfer); 540 if (error != USBD_IN_PROGRESS && error != 0) { 541 printf("%s: could not queue Rx xfer\n", 542 sc->sc_dev.dv_xname); 543 goto fail; 544 } 545 } 546 return 0; 547 548 fail: otus_close_pipes(sc); 549 return error; 550 } 551 552 void 553 otus_close_pipes(struct otus_softc *sc) 554 { 555 otus_free_tx_cmd(sc); 556 otus_free_tx_data_list(sc); 557 otus_free_rx_data_list(sc); 558 559 if (sc->data_rx_pipe != NULL) 560 usbd_close_pipe(sc->data_rx_pipe); 561 if (sc->cmd_rx_pipe != NULL) { 562 usbd_abort_pipe(sc->cmd_rx_pipe); 563 usbd_close_pipe(sc->cmd_rx_pipe); 564 } 565 if (sc->ibuf != NULL) 566 free(sc->ibuf, M_USBDEV, 0); 567 if (sc->data_tx_pipe != NULL) 568 usbd_close_pipe(sc->data_tx_pipe); 569 if (sc->cmd_tx_pipe != NULL) 570 usbd_close_pipe(sc->cmd_tx_pipe); 571 } 572 573 int 574 otus_alloc_tx_cmd(struct otus_softc *sc) 575 { 576 struct otus_tx_cmd *cmd = &sc->tx_cmd; 577 578 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 579 if (cmd->xfer == NULL) { 580 printf("%s: could not allocate xfer\n", 581 sc->sc_dev.dv_xname); 582 return ENOMEM; 583 } 584 cmd->buf = usbd_alloc_buffer(cmd->xfer, OTUS_MAX_TXCMDSZ); 585 if (cmd->buf == NULL) { 586 printf("%s: could not allocate xfer buffer\n", 587 sc->sc_dev.dv_xname); 588 usbd_free_xfer(cmd->xfer); 589 return ENOMEM; 590 } 591 return 0; 592 } 593 594 void 595 otus_free_tx_cmd(struct otus_softc *sc) 596 { 597 /* Make sure no transfers are pending. */ 598 usbd_abort_pipe(sc->cmd_tx_pipe); 599 600 if (sc->tx_cmd.xfer != NULL) 601 usbd_free_xfer(sc->tx_cmd.xfer); 602 } 603 604 int 605 otus_alloc_tx_data_list(struct otus_softc *sc) 606 { 607 struct otus_tx_data *data; 608 int i, error; 609 610 for (i = 0; i < OTUS_TX_DATA_LIST_COUNT; i++) { 611 data = &sc->tx_data[i]; 612 613 data->sc = sc; /* Backpointer for callbacks. */ 614 615 data->xfer = usbd_alloc_xfer(sc->sc_udev); 616 if (data->xfer == NULL) { 617 printf("%s: could not allocate xfer\n", 618 sc->sc_dev.dv_xname); 619 error = ENOMEM; 620 goto fail; 621 } 622 data->buf = usbd_alloc_buffer(data->xfer, OTUS_TXBUFSZ); 623 if (data->buf == NULL) { 624 printf("%s: could not allocate xfer buffer\n", 625 sc->sc_dev.dv_xname); 626 error = ENOMEM; 627 goto fail; 628 } 629 } 630 return 0; 631 632 fail: otus_free_tx_data_list(sc); 633 return error; 634 } 635 636 void 637 otus_free_tx_data_list(struct otus_softc *sc) 638 { 639 int i; 640 641 /* Make sure no transfers are pending. */ 642 usbd_abort_pipe(sc->data_tx_pipe); 643 644 for (i = 0; i < OTUS_TX_DATA_LIST_COUNT; i++) 645 if (sc->tx_data[i].xfer != NULL) 646 usbd_free_xfer(sc->tx_data[i].xfer); 647 } 648 649 int 650 otus_alloc_rx_data_list(struct otus_softc *sc) 651 { 652 struct otus_rx_data *data; 653 int i, error; 654 655 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) { 656 data = &sc->rx_data[i]; 657 658 data->sc = sc; /* Backpointer for callbacks. */ 659 660 data->xfer = usbd_alloc_xfer(sc->sc_udev); 661 if (data->xfer == NULL) { 662 printf("%s: could not allocate xfer\n", 663 sc->sc_dev.dv_xname); 664 error = ENOMEM; 665 goto fail; 666 } 667 data->buf = usbd_alloc_buffer(data->xfer, OTUS_RXBUFSZ); 668 if (data->buf == NULL) { 669 printf("%s: could not allocate xfer buffer\n", 670 sc->sc_dev.dv_xname); 671 error = ENOMEM; 672 goto fail; 673 } 674 } 675 return 0; 676 677 fail: otus_free_rx_data_list(sc); 678 return error; 679 } 680 681 void 682 otus_free_rx_data_list(struct otus_softc *sc) 683 { 684 int i; 685 686 /* Make sure no transfers are pending. */ 687 usbd_abort_pipe(sc->data_rx_pipe); 688 689 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) 690 if (sc->rx_data[i].xfer != NULL) 691 usbd_free_xfer(sc->rx_data[i].xfer); 692 } 693 694 void 695 otus_next_scan(void *arg) 696 { 697 struct otus_softc *sc = arg; 698 699 if (usbd_is_dying(sc->sc_udev)) 700 return; 701 702 usbd_ref_incr(sc->sc_udev); 703 704 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 705 ieee80211_next_scan(&sc->sc_ic.ic_if); 706 707 usbd_ref_decr(sc->sc_udev); 708 } 709 710 void 711 otus_task(void *arg) 712 { 713 struct otus_softc *sc = arg; 714 struct otus_host_cmd_ring *ring = &sc->cmdq; 715 struct otus_host_cmd *cmd; 716 int s; 717 718 /* Process host commands. */ 719 s = splusb(); 720 while (ring->next != ring->cur) { 721 cmd = &ring->cmd[ring->next]; 722 splx(s); 723 /* Callback. */ 724 cmd->cb(sc, cmd->data); 725 s = splusb(); 726 ring->queued--; 727 ring->next = (ring->next + 1) % OTUS_HOST_CMD_RING_COUNT; 728 } 729 splx(s); 730 } 731 732 void 733 otus_do_async(struct otus_softc *sc, void (*cb)(struct otus_softc *, void *), 734 void *arg, int len) 735 { 736 struct otus_host_cmd_ring *ring = &sc->cmdq; 737 struct otus_host_cmd *cmd; 738 int s; 739 740 s = splusb(); 741 cmd = &ring->cmd[ring->cur]; 742 cmd->cb = cb; 743 KASSERT(len <= sizeof (cmd->data)); 744 memcpy(cmd->data, arg, len); 745 ring->cur = (ring->cur + 1) % OTUS_HOST_CMD_RING_COUNT; 746 747 /* If there is no pending command already, schedule a task. */ 748 if (++ring->queued == 1) 749 usb_add_task(sc->sc_udev, &sc->sc_task); 750 splx(s); 751 } 752 753 int 754 otus_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 755 { 756 struct otus_softc *sc = ic->ic_softc; 757 struct otus_cmd_newstate cmd; 758 759 /* Do it in a process context. */ 760 cmd.state = nstate; 761 cmd.arg = arg; 762 otus_do_async(sc, otus_newstate_cb, &cmd, sizeof cmd); 763 return 0; 764 } 765 766 void 767 otus_newstate_cb(struct otus_softc *sc, void *arg) 768 { 769 struct otus_cmd_newstate *cmd = arg; 770 struct ieee80211com *ic = &sc->sc_ic; 771 struct ieee80211_node *ni; 772 int s; 773 774 s = splnet(); 775 776 switch (cmd->state) { 777 case IEEE80211_S_INIT: 778 break; 779 780 case IEEE80211_S_SCAN: 781 (void)otus_set_chan(sc, ic->ic_bss->ni_chan, 0); 782 if (!usbd_is_dying(sc->sc_udev)) 783 timeout_add_msec(&sc->scan_to, 200); 784 break; 785 786 case IEEE80211_S_AUTH: 787 case IEEE80211_S_ASSOC: 788 (void)otus_set_chan(sc, ic->ic_bss->ni_chan, 0); 789 break; 790 791 case IEEE80211_S_RUN: 792 (void)otus_set_chan(sc, ic->ic_bss->ni_chan, 1); 793 794 ni = ic->ic_bss; 795 796 if (ic->ic_opmode == IEEE80211_M_STA) { 797 otus_updateslot(ic); 798 otus_set_bssid(sc, ni->ni_bssid); 799 800 /* Fake a join to init the Tx rate. */ 801 otus_newassoc(ic, ni, 1); 802 803 /* Start calibration timer. */ 804 if (!usbd_is_dying(sc->sc_udev)) 805 timeout_add_sec(&sc->calib_to, 1); 806 } 807 break; 808 } 809 810 sc->sc_led_newstate(sc); 811 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 812 813 splx(s); 814 } 815 816 int 817 otus_cmd(struct otus_softc *sc, uint8_t code, const void *idata, int ilen, 818 void *odata) 819 { 820 struct otus_tx_cmd *cmd = &sc->tx_cmd; 821 struct ar_cmd_hdr *hdr; 822 int s, xferlen, error; 823 824 /* Always bulk-out a multiple of 4 bytes. */ 825 xferlen = (sizeof (*hdr) + ilen + 3) & ~3; 826 827 hdr = (struct ar_cmd_hdr *)cmd->buf; 828 hdr->code = code; 829 hdr->len = ilen; 830 hdr->token = ++cmd->token; /* Don't care about endianness. */ 831 memcpy((uint8_t *)&hdr[1], idata, ilen); 832 833 DPRINTFN(2, ("sending command code=0x%02x len=%d token=%d\n", 834 code, ilen, hdr->token)); 835 836 s = splusb(); 837 cmd->odata = odata; 838 cmd->done = 0; 839 840 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 841 USBD_FORCE_SHORT_XFER | USBD_NO_COPY | USBD_SYNCHRONOUS, 842 OTUS_CMD_TIMEOUT, NULL); 843 error = usbd_transfer(cmd->xfer); 844 if (error != 0) { 845 splx(s); 846 printf("%s: could not send command 0x%x (error=%s)\n", 847 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 848 return EIO; 849 } 850 if (!cmd->done) 851 error = tsleep(cmd, PCATCH, "otuscmd", hz); 852 cmd->odata = NULL; /* In case answer is received too late. */ 853 splx(s); 854 if (error != 0) { 855 printf("%s: timeout waiting for command 0x%02x reply\n", 856 sc->sc_dev.dv_xname, code); 857 } 858 return error; 859 } 860 861 void 862 otus_write(struct otus_softc *sc, uint32_t reg, uint32_t val) 863 { 864 sc->write_buf[sc->write_idx].reg = htole32(reg); 865 sc->write_buf[sc->write_idx].val = htole32(val); 866 867 if (++sc->write_idx > AR_MAX_WRITE_IDX) 868 (void)otus_write_barrier(sc); 869 } 870 871 int 872 otus_write_barrier(struct otus_softc *sc) 873 { 874 int error; 875 876 if (sc->write_idx == 0) 877 return 0; /* Nothing to flush. */ 878 879 error = otus_cmd(sc, AR_CMD_WREG, sc->write_buf, 880 sizeof (sc->write_buf[0]) * sc->write_idx, NULL); 881 sc->write_idx = 0; 882 return error; 883 } 884 885 struct ieee80211_node * 886 otus_node_alloc(struct ieee80211com *ic) 887 { 888 return malloc(sizeof (struct otus_node), M_DEVBUF, M_NOWAIT | M_ZERO); 889 } 890 891 int 892 otus_media_change(struct ifnet *ifp) 893 { 894 struct otus_softc *sc = ifp->if_softc; 895 struct ieee80211com *ic = &sc->sc_ic; 896 uint8_t rate, ridx; 897 int error; 898 899 error = ieee80211_media_change(ifp); 900 if (error != ENETRESET) 901 return error; 902 903 if (ic->ic_fixed_rate != -1) { 904 rate = ic->ic_sup_rates[ic->ic_curmode]. 905 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 906 for (ridx = 0; ridx <= OTUS_RIDX_MAX; ridx++) 907 if (otus_rates[ridx].rate == rate) 908 break; 909 sc->fixed_ridx = ridx; 910 } 911 912 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 913 error = otus_init(ifp); 914 915 return error; 916 } 917 918 int 919 otus_read_eeprom(struct otus_softc *sc) 920 { 921 uint32_t regs[8], reg; 922 uint8_t *eep; 923 int i, j, error; 924 925 /* Read EEPROM by blocks of 32 bytes. */ 926 eep = (uint8_t *)&sc->eeprom; 927 reg = AR_EEPROM_OFFSET; 928 for (i = 0; i < sizeof (sc->eeprom) / 32; i++) { 929 for (j = 0; j < 8; j++, reg += 4) 930 regs[j] = htole32(reg); 931 error = otus_cmd(sc, AR_CMD_RREG, regs, sizeof regs, eep); 932 if (error != 0) 933 break; 934 eep += 32; 935 } 936 return error; 937 } 938 939 void 940 otus_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 941 { 942 struct otus_softc *sc = ic->ic_softc; 943 struct otus_node *on = (void *)ni; 944 struct ieee80211_rateset *rs = &ni->ni_rates; 945 uint8_t rate; 946 int ridx, i; 947 948 DPRINTF(("new assoc isnew=%d addr=%s\n", 949 isnew, ether_sprintf(ni->ni_macaddr))); 950 951 ieee80211_amrr_node_init(&sc->amrr, &on->amn); 952 /* Start at lowest available bit-rate, AMRR will raise. */ 953 ni->ni_txrate = 0; 954 955 for (i = 0; i < rs->rs_nrates; i++) { 956 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 957 /* Convert 802.11 rate to hardware rate index. */ 958 for (ridx = 0; ridx <= OTUS_RIDX_MAX; ridx++) 959 if (otus_rates[ridx].rate == rate) 960 break; 961 on->ridx[i] = ridx; 962 DPRINTF(("rate=0x%02x ridx=%d\n", 963 rs->rs_rates[i], on->ridx[i])); 964 } 965 } 966 967 /* ARGSUSED */ 968 void 969 otus_intr(struct usbd_xfer *xfer, void *priv, usbd_status status) 970 { 971 #if 0 972 struct otus_softc *sc = priv; 973 int len; 974 975 /* 976 * The Rx intr pipe is unused with current firmware. Notifications 977 * and replies to commands are sent through the Rx bulk pipe instead 978 * (with a magic PLCP header.) 979 */ 980 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 981 DPRINTF(("intr status=%d\n", status)); 982 if (status == USBD_STALLED) 983 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 984 return; 985 } 986 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 987 988 otus_cmd_rxeof(sc, sc->ibuf, len); 989 #endif 990 } 991 992 void 993 otus_cmd_rxeof(struct otus_softc *sc, uint8_t *buf, int len) 994 { 995 struct ieee80211com *ic = &sc->sc_ic; 996 struct otus_tx_cmd *cmd; 997 struct ar_cmd_hdr *hdr; 998 int s; 999 1000 if (__predict_false(len < sizeof (*hdr))) { 1001 DPRINTF(("cmd too small %d\n", len)); 1002 return; 1003 } 1004 hdr = (struct ar_cmd_hdr *)buf; 1005 if (__predict_false(sizeof (*hdr) + hdr->len > len || 1006 sizeof (*hdr) + hdr->len > 64)) { 1007 DPRINTF(("cmd too large %d\n", hdr->len)); 1008 return; 1009 } 1010 1011 if ((hdr->code & 0xc0) != 0xc0) { 1012 DPRINTFN(2, ("received reply code=0x%02x len=%d token=%d\n", 1013 hdr->code, hdr->len, hdr->token)); 1014 cmd = &sc->tx_cmd; 1015 if (__predict_false(hdr->token != cmd->token)) 1016 return; 1017 /* Copy answer into caller's supplied buffer. */ 1018 if (cmd->odata != NULL) 1019 memcpy(cmd->odata, &hdr[1], hdr->len); 1020 cmd->done = 1; 1021 wakeup(cmd); 1022 return; 1023 } 1024 1025 /* Received unsolicited notification. */ 1026 DPRINTF(("received notification code=0x%02x len=%d\n", 1027 hdr->code, hdr->len)); 1028 switch (hdr->code & 0x3f) { 1029 case AR_EVT_BEACON: 1030 break; 1031 case AR_EVT_TX_COMP: 1032 { 1033 struct ar_evt_tx_comp *tx = (struct ar_evt_tx_comp *)&hdr[1]; 1034 struct ieee80211_node *ni; 1035 struct otus_node *on; 1036 1037 DPRINTF(("tx completed %s status=%d phy=0x%x\n", 1038 ether_sprintf(tx->macaddr), letoh16(tx->status), 1039 letoh32(tx->phy))); 1040 s = splnet(); 1041 #ifdef notyet 1042 #ifndef IEEE80211_STA_ONLY 1043 if (ic->ic_opmode != IEEE80211_M_STA) { 1044 ni = ieee80211_find_node(ic, tx->macaddr); 1045 if (__predict_false(ni == NULL)) { 1046 splx(s); 1047 break; 1048 } 1049 } else 1050 #endif 1051 #endif 1052 ni = ic->ic_bss; 1053 /* Update rate control statistics. */ 1054 on = (void *)ni; 1055 /* NB: we do not set the TX_MAC_RATE_PROBING flag. */ 1056 if (__predict_true(tx->status != 0)) 1057 on->amn.amn_retrycnt++; 1058 splx(s); 1059 break; 1060 } 1061 case AR_EVT_TBTT: 1062 break; 1063 } 1064 } 1065 1066 void 1067 otus_sub_rxeof(struct otus_softc *sc, uint8_t *buf, int len) 1068 { 1069 struct ieee80211com *ic = &sc->sc_ic; 1070 struct ifnet *ifp = &ic->ic_if; 1071 struct ieee80211_rxinfo rxi; 1072 struct ieee80211_node *ni; 1073 struct ar_rx_tail *tail; 1074 struct ieee80211_frame *wh; 1075 struct mbuf *m; 1076 uint8_t *plcp; 1077 int s, mlen, align; 1078 1079 if (__predict_false(len < AR_PLCP_HDR_LEN)) { 1080 DPRINTF(("sub-xfer too short %d\n", len)); 1081 return; 1082 } 1083 plcp = buf; 1084 1085 /* All bits in the PLCP header are set to 1 for non-MPDU. */ 1086 if (memcmp(plcp, AR_PLCP_HDR_INTR, AR_PLCP_HDR_LEN) == 0) { 1087 otus_cmd_rxeof(sc, plcp + AR_PLCP_HDR_LEN, 1088 len - AR_PLCP_HDR_LEN); 1089 return; 1090 } 1091 1092 /* Received MPDU. */ 1093 if (__predict_false(len < AR_PLCP_HDR_LEN + sizeof (*tail))) { 1094 DPRINTF(("MPDU too short %d\n", len)); 1095 ifp->if_ierrors++; 1096 return; 1097 } 1098 tail = (struct ar_rx_tail *)(plcp + len - sizeof (*tail)); 1099 1100 /* Discard error frames. */ 1101 if (__predict_false(tail->error != 0)) { 1102 DPRINTF(("error frame 0x%02x\n", tail->error)); 1103 if (tail->error & AR_RX_ERROR_FCS) { 1104 DPRINTFN(3, ("bad FCS\n")); 1105 } else if (tail->error & AR_RX_ERROR_MMIC) { 1106 /* Report Michael MIC failures to net80211. */ 1107 ic->ic_stats.is_rx_locmicfail++; 1108 ieee80211_michael_mic_failure(ic, 0); 1109 } 1110 ifp->if_ierrors++; 1111 return; 1112 } 1113 /* Compute MPDU's length. */ 1114 mlen = len - AR_PLCP_HDR_LEN - sizeof (*tail); 1115 /* Make sure there's room for an 802.11 header + FCS. */ 1116 if (__predict_false(mlen < IEEE80211_MIN_LEN)) { 1117 ifp->if_ierrors++; 1118 return; 1119 } 1120 mlen -= IEEE80211_CRC_LEN; /* strip 802.11 FCS */ 1121 1122 wh = (struct ieee80211_frame *)(plcp + AR_PLCP_HDR_LEN); 1123 /* Provide a 32-bit aligned protocol header to the stack. */ 1124 align = (ieee80211_has_qos(wh) ^ ieee80211_has_addr4(wh)) ? 2 : 0; 1125 1126 MGETHDR(m, M_DONTWAIT, MT_DATA); 1127 if (__predict_false(m == NULL)) { 1128 ifp->if_ierrors++; 1129 return; 1130 } 1131 if (align + mlen > MHLEN) { 1132 MCLGET(m, M_DONTWAIT); 1133 if (__predict_false(!(m->m_flags & M_EXT))) { 1134 ifp->if_ierrors++; 1135 m_freem(m); 1136 return; 1137 } 1138 } 1139 /* Finalize mbuf. */ 1140 m->m_data += align; 1141 memcpy(mtod(m, caddr_t), wh, mlen); 1142 m->m_pkthdr.len = m->m_len = mlen; 1143 1144 #if NBPFILTER > 0 1145 if (__predict_false(sc->sc_drvbpf != NULL)) { 1146 struct otus_rx_radiotap_header *tap = &sc->sc_rxtap; 1147 struct mbuf mb; 1148 1149 tap->wr_flags = 0; 1150 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1151 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1152 tap->wr_antsignal = tail->rssi; 1153 tap->wr_rate = 2; /* In case it can't be found below. */ 1154 switch (tail->status & AR_RX_STATUS_MT_MASK) { 1155 case AR_RX_STATUS_MT_CCK: 1156 switch (plcp[0]) { 1157 case 10: tap->wr_rate = 2; break; 1158 case 20: tap->wr_rate = 4; break; 1159 case 55: tap->wr_rate = 11; break; 1160 case 110: tap->wr_rate = 22; break; 1161 } 1162 if (tail->status & AR_RX_STATUS_SHPREAMBLE) 1163 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1164 break; 1165 case AR_RX_STATUS_MT_OFDM: 1166 switch (plcp[0] & 0xf) { 1167 case 0xb: tap->wr_rate = 12; break; 1168 case 0xf: tap->wr_rate = 18; break; 1169 case 0xa: tap->wr_rate = 24; break; 1170 case 0xe: tap->wr_rate = 36; break; 1171 case 0x9: tap->wr_rate = 48; break; 1172 case 0xd: tap->wr_rate = 72; break; 1173 case 0x8: tap->wr_rate = 96; break; 1174 case 0xc: tap->wr_rate = 108; break; 1175 } 1176 break; 1177 } 1178 mb.m_data = (caddr_t)tap; 1179 mb.m_len = sc->sc_rxtap_len; 1180 mb.m_next = m; 1181 mb.m_nextpkt = NULL; 1182 mb.m_type = 0; 1183 mb.m_flags = 0; 1184 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1185 } 1186 #endif 1187 1188 s = splnet(); 1189 ni = ieee80211_find_rxnode(ic, wh); 1190 rxi.rxi_flags = 0; 1191 rxi.rxi_rssi = tail->rssi; 1192 rxi.rxi_tstamp = 0; /* unused */ 1193 ieee80211_input(ifp, m, ni, &rxi); 1194 1195 /* Node is no longer needed. */ 1196 ieee80211_release_node(ic, ni); 1197 splx(s); 1198 } 1199 1200 void 1201 otus_rxeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 1202 { 1203 struct otus_rx_data *data = priv; 1204 struct otus_softc *sc = data->sc; 1205 caddr_t buf = data->buf; 1206 struct ar_rx_head *head; 1207 uint16_t hlen; 1208 int len; 1209 1210 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 1211 DPRINTF(("RX status=%d\n", status)); 1212 if (status == USBD_STALLED) 1213 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1214 if (status != USBD_CANCELLED) 1215 goto resubmit; 1216 return; 1217 } 1218 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1219 1220 while (len >= sizeof (*head)) { 1221 head = (struct ar_rx_head *)buf; 1222 if (__predict_false(head->tag != htole16(AR_RX_HEAD_TAG))) { 1223 DPRINTF(("tag not valid 0x%x\n", letoh16(head->tag))); 1224 break; 1225 } 1226 hlen = letoh16(head->len); 1227 if (__predict_false(sizeof (*head) + hlen > len)) { 1228 DPRINTF(("xfer too short %d/%d\n", len, hlen)); 1229 break; 1230 } 1231 /* Process sub-xfer. */ 1232 otus_sub_rxeof(sc, (uint8_t *)&head[1], hlen); 1233 1234 /* Next sub-xfer is aligned on a 32-bit boundary. */ 1235 hlen = (sizeof (*head) + hlen + 3) & ~3; 1236 buf += hlen; 1237 len -= hlen; 1238 } 1239 1240 resubmit: 1241 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, OTUS_RXBUFSZ, 1242 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, otus_rxeof); 1243 (void)usbd_transfer(data->xfer); 1244 } 1245 1246 void 1247 otus_txeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 1248 { 1249 struct otus_tx_data *data = priv; 1250 struct otus_softc *sc = data->sc; 1251 struct ieee80211com *ic = &sc->sc_ic; 1252 struct ifnet *ifp = &ic->ic_if; 1253 int s; 1254 1255 s = splnet(); 1256 sc->tx_queued--; 1257 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 1258 DPRINTF(("TX status=%d\n", status)); 1259 if (status == USBD_STALLED) 1260 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1261 ifp->if_oerrors++; 1262 splx(s); 1263 return; 1264 } 1265 sc->sc_tx_timer = 0; 1266 ifp->if_opackets++; 1267 ifq_clr_oactive(&ifp->if_snd); 1268 otus_start(ifp); 1269 splx(s); 1270 } 1271 1272 int 1273 otus_tx(struct otus_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 1274 { 1275 struct ieee80211com *ic = &sc->sc_ic; 1276 struct otus_node *on = (void *)ni; 1277 struct otus_tx_data *data; 1278 struct ieee80211_frame *wh; 1279 struct ieee80211_key *k; 1280 struct ar_tx_head *head; 1281 uint32_t phyctl; 1282 uint16_t macctl, qos; 1283 uint8_t tid, qid; 1284 int error, ridx, hasqos, xferlen; 1285 1286 wh = mtod(m, struct ieee80211_frame *); 1287 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1288 k = ieee80211_get_txkey(ic, wh, ni); 1289 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) 1290 return ENOBUFS; 1291 wh = mtod(m, struct ieee80211_frame *); 1292 } 1293 1294 if ((hasqos = ieee80211_has_qos(wh))) { 1295 qos = ieee80211_get_qos(wh); 1296 tid = qos & IEEE80211_QOS_TID; 1297 qid = ieee80211_up_to_ac(ic, tid); 1298 } else { 1299 qos = 0; 1300 qid = EDCA_AC_BE; 1301 } 1302 1303 /* Pickup a rate index. */ 1304 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 1305 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_DATA) 1306 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 1307 OTUS_RIDX_OFDM6 : OTUS_RIDX_CCK1; 1308 else if (ic->ic_fixed_rate != -1) 1309 ridx = sc->fixed_ridx; 1310 else 1311 ridx = on->ridx[ni->ni_txrate]; 1312 1313 phyctl = 0; 1314 macctl = AR_TX_MAC_BACKOFF | AR_TX_MAC_HW_DUR | AR_TX_MAC_QID(qid); 1315 1316 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 1317 (hasqos && ((qos & IEEE80211_QOS_ACK_POLICY_MASK) == 1318 IEEE80211_QOS_ACK_POLICY_NOACK))) 1319 macctl |= AR_TX_MAC_NOACK; 1320 1321 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1322 if (m->m_pkthdr.len + IEEE80211_CRC_LEN >= ic->ic_rtsthreshold) 1323 macctl |= AR_TX_MAC_RTS; 1324 else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 1325 ridx >= OTUS_RIDX_OFDM6) { 1326 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 1327 macctl |= AR_TX_MAC_CTS; 1328 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 1329 macctl |= AR_TX_MAC_RTS; 1330 } 1331 } 1332 1333 phyctl |= AR_TX_PHY_MCS(otus_rates[ridx].mcs); 1334 if (ridx >= OTUS_RIDX_OFDM6) { 1335 phyctl |= AR_TX_PHY_MT_OFDM; 1336 if (ridx <= OTUS_RIDX_OFDM24) 1337 phyctl |= AR_TX_PHY_ANTMSK(sc->txmask); 1338 else 1339 phyctl |= AR_TX_PHY_ANTMSK(1); 1340 } else { /* CCK */ 1341 phyctl |= AR_TX_PHY_MT_CCK; 1342 phyctl |= AR_TX_PHY_ANTMSK(sc->txmask); 1343 } 1344 1345 /* Update rate control stats for frames that are ACK'ed. */ 1346 if (!(macctl & AR_TX_MAC_NOACK)) 1347 ((struct otus_node *)ni)->amn.amn_txcnt++; 1348 1349 data = &sc->tx_data[sc->tx_cur]; 1350 /* Fill Tx descriptor. */ 1351 head = (struct ar_tx_head *)data->buf; 1352 head->len = htole16(m->m_pkthdr.len + IEEE80211_CRC_LEN); 1353 head->macctl = htole16(macctl); 1354 head->phyctl = htole32(phyctl); 1355 1356 #if NBPFILTER > 0 1357 if (__predict_false(sc->sc_drvbpf != NULL)) { 1358 struct otus_tx_radiotap_header *tap = &sc->sc_txtap; 1359 struct mbuf mb; 1360 1361 tap->wt_flags = 0; 1362 tap->wt_rate = otus_rates[ridx].rate; 1363 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1364 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1365 1366 mb.m_data = (caddr_t)tap; 1367 mb.m_len = sc->sc_txtap_len; 1368 mb.m_next = m; 1369 mb.m_nextpkt = NULL; 1370 mb.m_type = 0; 1371 mb.m_flags = 0; 1372 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1373 } 1374 #endif 1375 1376 xferlen = sizeof (*head) + m->m_pkthdr.len; 1377 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&head[1]); 1378 m_freem(m); 1379 1380 DPRINTFN(5, ("tx queued=%d len=%d mac=0x%04x phy=0x%08x rate=%d\n", 1381 sc->tx_queued, head->len, head->macctl, head->phyctl, 1382 otus_rates[ridx].rate)); 1383 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1384 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, OTUS_TX_TIMEOUT, otus_txeof); 1385 error = usbd_transfer(data->xfer); 1386 if (__predict_false(error != USBD_IN_PROGRESS && error != 0)) 1387 return error; 1388 1389 ieee80211_release_node(ic, ni); 1390 1391 sc->tx_queued++; 1392 sc->tx_cur = (sc->tx_cur + 1) % OTUS_TX_DATA_LIST_COUNT; 1393 1394 return 0; 1395 } 1396 1397 void 1398 otus_start(struct ifnet *ifp) 1399 { 1400 struct otus_softc *sc = ifp->if_softc; 1401 struct ieee80211com *ic = &sc->sc_ic; 1402 struct ieee80211_node *ni; 1403 struct mbuf *m; 1404 1405 if (!(ifp->if_flags & IFF_RUNNING) || ifq_is_oactive(&ifp->if_snd)) 1406 return; 1407 1408 for (;;) { 1409 if (sc->tx_queued >= OTUS_TX_DATA_LIST_COUNT) { 1410 ifq_set_oactive(&ifp->if_snd); 1411 break; 1412 } 1413 /* Send pending management frames first. */ 1414 m = mq_dequeue(&ic->ic_mgtq); 1415 if (m != NULL) { 1416 ni = m->m_pkthdr.ph_cookie; 1417 goto sendit; 1418 } 1419 if (ic->ic_state != IEEE80211_S_RUN) 1420 break; 1421 1422 /* Encapsulate and send data frames. */ 1423 IFQ_DEQUEUE(&ifp->if_snd, m); 1424 if (m == NULL) 1425 break; 1426 #if NBPFILTER > 0 1427 if (ifp->if_bpf != NULL) 1428 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 1429 #endif 1430 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) 1431 continue; 1432 sendit: 1433 #if NBPFILTER > 0 1434 if (ic->ic_rawbpf != NULL) 1435 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 1436 #endif 1437 if (otus_tx(sc, m, ni) != 0) { 1438 ieee80211_release_node(ic, ni); 1439 ifp->if_oerrors++; 1440 continue; 1441 } 1442 1443 sc->sc_tx_timer = 5; 1444 ifp->if_timer = 1; 1445 } 1446 } 1447 1448 void 1449 otus_watchdog(struct ifnet *ifp) 1450 { 1451 struct otus_softc *sc = ifp->if_softc; 1452 1453 ifp->if_timer = 0; 1454 1455 if (sc->sc_tx_timer > 0) { 1456 if (--sc->sc_tx_timer == 0) { 1457 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1458 /* otus_init(ifp); XXX needs a process context! */ 1459 ifp->if_oerrors++; 1460 return; 1461 } 1462 ifp->if_timer = 1; 1463 } 1464 ieee80211_watchdog(ifp); 1465 } 1466 1467 int 1468 otus_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1469 { 1470 struct otus_softc *sc = ifp->if_softc; 1471 struct ieee80211com *ic = &sc->sc_ic; 1472 struct ifreq *ifr; 1473 int s, error = 0; 1474 1475 if (usbd_is_dying(sc->sc_udev)) 1476 return ENXIO; 1477 1478 usbd_ref_incr(sc->sc_udev); 1479 1480 s = splnet(); 1481 1482 switch (cmd) { 1483 case SIOCSIFADDR: 1484 ifp->if_flags |= IFF_UP; 1485 /* FALLTHROUGH */ 1486 case SIOCSIFFLAGS: 1487 if (ifp->if_flags & IFF_UP) { 1488 if ((ifp->if_flags & IFF_RUNNING) && 1489 ((ifp->if_flags ^ sc->sc_if_flags) & 1490 (IFF_ALLMULTI | IFF_PROMISC)) != 0) { 1491 otus_set_multi(sc); 1492 } else if (!(ifp->if_flags & IFF_RUNNING)) 1493 otus_init(ifp); 1494 1495 } else if (ifp->if_flags & IFF_RUNNING) 1496 otus_stop(ifp); 1497 1498 sc->sc_if_flags = ifp->if_flags; 1499 break; 1500 case SIOCADDMULTI: 1501 case SIOCDELMULTI: 1502 ifr = (struct ifreq *)data; 1503 error = (cmd == SIOCADDMULTI) ? 1504 ether_addmulti(ifr, &ic->ic_ac) : 1505 ether_delmulti(ifr, &ic->ic_ac); 1506 if (error == ENETRESET) 1507 error = 0; 1508 break; 1509 case SIOCS80211CHANNEL: 1510 error = ieee80211_ioctl(ifp, cmd, data); 1511 if (error == ENETRESET && 1512 ic->ic_opmode == IEEE80211_M_MONITOR) { 1513 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1514 (IFF_UP | IFF_RUNNING)) 1515 otus_set_chan(sc, ic->ic_ibss_chan, 0); 1516 error = 0; 1517 } 1518 break; 1519 default: 1520 error = ieee80211_ioctl(ifp, cmd, data); 1521 } 1522 1523 if (error == ENETRESET) { 1524 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1525 (IFF_UP | IFF_RUNNING)) 1526 otus_init(ifp); 1527 error = 0; 1528 } 1529 1530 splx(s); 1531 1532 usbd_ref_decr(sc->sc_udev); 1533 1534 return error; 1535 } 1536 1537 int 1538 otus_set_multi(struct otus_softc *sc) 1539 { 1540 struct arpcom *ac = &sc->sc_ic.ic_ac; 1541 struct ifnet *ifp = &ac->ac_if; 1542 struct ether_multi *enm; 1543 struct ether_multistep step; 1544 uint32_t lo, hi; 1545 uint8_t bit; 1546 1547 if (ac->ac_multirangecnt > 0) 1548 ifp->if_flags |= IFF_ALLMULTI; 1549 1550 if ((ifp->if_flags & (IFF_ALLMULTI | IFF_PROMISC)) != 0) { 1551 lo = hi = 0xffffffff; 1552 goto done; 1553 } 1554 lo = hi = 0; 1555 ETHER_FIRST_MULTI(step, ac, enm); 1556 while (enm != NULL) { 1557 bit = enm->enm_addrlo[5] >> 2; 1558 if (bit < 32) 1559 lo |= 1 << bit; 1560 else 1561 hi |= 1 << (bit - 32); 1562 ETHER_NEXT_MULTI(step, enm); 1563 } 1564 done: 1565 hi |= 1U << 31; /* Make sure the broadcast bit is set. */ 1566 otus_write(sc, AR_MAC_REG_GROUP_HASH_TBL_L, lo); 1567 otus_write(sc, AR_MAC_REG_GROUP_HASH_TBL_H, hi); 1568 return otus_write_barrier(sc); 1569 } 1570 1571 void 1572 otus_updateedca(struct ieee80211com *ic) 1573 { 1574 /* Do it in a process context. */ 1575 otus_do_async(ic->ic_softc, otus_updateedca_cb, NULL, 0); 1576 } 1577 1578 /* ARGSUSED */ 1579 void 1580 otus_updateedca_cb(struct otus_softc *sc, void *arg) 1581 { 1582 #define EXP2(val) ((1 << (val)) - 1) 1583 #define AIFS(val) ((val) * 9 + 10) 1584 struct ieee80211com *ic = &sc->sc_ic; 1585 const struct ieee80211_edca_ac_params *edca; 1586 int s; 1587 1588 s = splnet(); 1589 1590 edca = (ic->ic_flags & IEEE80211_F_QOS) ? 1591 ic->ic_edca_ac : otus_edca_def; 1592 1593 /* Set CWmin/CWmax values. */ 1594 otus_write(sc, AR_MAC_REG_AC0_CW, 1595 EXP2(edca[EDCA_AC_BE].ac_ecwmax) << 16 | 1596 EXP2(edca[EDCA_AC_BE].ac_ecwmin)); 1597 otus_write(sc, AR_MAC_REG_AC1_CW, 1598 EXP2(edca[EDCA_AC_BK].ac_ecwmax) << 16 | 1599 EXP2(edca[EDCA_AC_BK].ac_ecwmin)); 1600 otus_write(sc, AR_MAC_REG_AC2_CW, 1601 EXP2(edca[EDCA_AC_VI].ac_ecwmax) << 16 | 1602 EXP2(edca[EDCA_AC_VI].ac_ecwmin)); 1603 otus_write(sc, AR_MAC_REG_AC3_CW, 1604 EXP2(edca[EDCA_AC_VO].ac_ecwmax) << 16 | 1605 EXP2(edca[EDCA_AC_VO].ac_ecwmin)); 1606 otus_write(sc, AR_MAC_REG_AC4_CW, /* Special TXQ. */ 1607 EXP2(edca[EDCA_AC_VO].ac_ecwmax) << 16 | 1608 EXP2(edca[EDCA_AC_VO].ac_ecwmin)); 1609 1610 /* Set AIFSN values. */ 1611 otus_write(sc, AR_MAC_REG_AC1_AC0_AIFS, 1612 AIFS(edca[EDCA_AC_VI].ac_aifsn) << 24 | 1613 AIFS(edca[EDCA_AC_BK].ac_aifsn) << 12 | 1614 AIFS(edca[EDCA_AC_BE].ac_aifsn)); 1615 otus_write(sc, AR_MAC_REG_AC3_AC2_AIFS, 1616 AIFS(edca[EDCA_AC_VO].ac_aifsn) << 16 | /* Special TXQ. */ 1617 AIFS(edca[EDCA_AC_VO].ac_aifsn) << 4 | 1618 AIFS(edca[EDCA_AC_VI].ac_aifsn) >> 8); 1619 1620 /* Set TXOP limit. */ 1621 otus_write(sc, AR_MAC_REG_AC1_AC0_TXOP, 1622 edca[EDCA_AC_BK].ac_txoplimit << 16 | 1623 edca[EDCA_AC_BE].ac_txoplimit); 1624 otus_write(sc, AR_MAC_REG_AC3_AC2_TXOP, 1625 edca[EDCA_AC_VO].ac_txoplimit << 16 | 1626 edca[EDCA_AC_VI].ac_txoplimit); 1627 1628 splx(s); 1629 1630 (void)otus_write_barrier(sc); 1631 #undef AIFS 1632 #undef EXP2 1633 } 1634 1635 void 1636 otus_updateslot(struct ieee80211com *ic) 1637 { 1638 /* Do it in a process context. */ 1639 otus_do_async(ic->ic_softc, otus_updateslot_cb, NULL, 0); 1640 } 1641 1642 /* ARGSUSED */ 1643 void 1644 otus_updateslot_cb(struct otus_softc *sc, void *arg) 1645 { 1646 uint32_t slottime; 1647 1648 slottime = (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 1649 otus_write(sc, AR_MAC_REG_SLOT_TIME, slottime << 10); 1650 (void)otus_write_barrier(sc); 1651 } 1652 1653 int 1654 otus_init_mac(struct otus_softc *sc) 1655 { 1656 int error; 1657 1658 otus_write(sc, AR_MAC_REG_ACK_EXTENSION, 0x40); 1659 otus_write(sc, AR_MAC_REG_RETRY_MAX, 0); 1660 otus_write(sc, AR_MAC_REG_SNIFFER, 0x2000000); 1661 otus_write(sc, AR_MAC_REG_RX_THRESHOLD, 0xc1f80); 1662 otus_write(sc, AR_MAC_REG_RX_PE_DELAY, 0x70); 1663 otus_write(sc, AR_MAC_REG_EIFS_AND_SIFS, 0xa144000); 1664 otus_write(sc, AR_MAC_REG_SLOT_TIME, 9 << 10); 1665 otus_write(sc, 0x1c3b2c, 0x19000000); 1666 /* NAV protects ACK only (in TXOP). */ 1667 otus_write(sc, 0x1c3b38, 0x201); 1668 /* Set beacon Tx power to 0x7. */ 1669 otus_write(sc, AR_MAC_REG_BCN_HT1, 0x8000170); 1670 otus_write(sc, AR_MAC_REG_BACKOFF_PROTECT, 0x105); 1671 otus_write(sc, 0x1c3b9c, 0x10000a); 1672 /* Filter any control frames, BAR is bit 24. */ 1673 otus_write(sc, 0x1c368c, 0x0500ffff); 1674 otus_write(sc, 0x1c3c40, 0x1); 1675 otus_write(sc, AR_MAC_REG_BASIC_RATE, 0x150f); 1676 otus_write(sc, AR_MAC_REG_MANDATORY_RATE, 0x150f); 1677 otus_write(sc, AR_MAC_REG_RTS_CTS_RATE, 0x10b01bb); 1678 otus_write(sc, 0x1c3694, 0x4003c1e); 1679 /* Enable LED0 and LED1. */ 1680 otus_write(sc, 0x1d0100, 0x3); 1681 otus_write(sc, 0x1d0104, 0x3); 1682 /* Switch MAC to OTUS interface. */ 1683 otus_write(sc, 0x1c3600, 0x3); 1684 otus_write(sc, 0x1c3c50, 0xffff); 1685 otus_write(sc, 0x1c3680, 0xf00008); 1686 /* Disable Rx timeout (workaround). */ 1687 otus_write(sc, 0x1c362c, 0); 1688 1689 /* Set USB Rx stream mode maximum frame number to 2. */ 1690 otus_write(sc, 0x1e1110, 0x4); 1691 /* Set USB Rx stream mode timeout to 10us. */ 1692 otus_write(sc, 0x1e1114, 0x80); 1693 1694 /* Set clock frequency to 88/80MHz. */ 1695 otus_write(sc, 0x1d4008, 0x73); 1696 /* Set WLAN DMA interrupt mode: generate intr per packet. */ 1697 otus_write(sc, 0x1c3d7c, 0x110011); 1698 otus_write(sc, 0x1c3bb0, 0x4); 1699 otus_write(sc, AR_MAC_REG_TXOP_NOT_ENOUGH_INDICATION, 0x141e0f48); 1700 1701 /* Disable HW decryption for now. */ 1702 otus_write(sc, 0x1c3678, 0x78); 1703 1704 if ((error = otus_write_barrier(sc)) != 0) 1705 return error; 1706 1707 /* Set default EDCA parameters. */ 1708 otus_updateedca_cb(sc, NULL); 1709 1710 return 0; 1711 } 1712 1713 /* 1714 * Return default value for PHY register based on current operating mode. 1715 */ 1716 uint32_t 1717 otus_phy_get_def(struct otus_softc *sc, uint32_t reg) 1718 { 1719 int i; 1720 1721 for (i = 0; i < nitems(ar5416_phy_regs); i++) 1722 if (AR_PHY(ar5416_phy_regs[i]) == reg) 1723 return sc->phy_vals[i]; 1724 return 0; /* Register not found. */ 1725 } 1726 1727 /* 1728 * Update PHY's programming based on vendor-specific data stored in EEPROM. 1729 * This is for FEM-type devices only. 1730 */ 1731 int 1732 otus_set_board_values(struct otus_softc *sc, struct ieee80211_channel *c) 1733 { 1734 const struct ModalEepHeader *eep; 1735 uint32_t tmp, offset; 1736 1737 if (IEEE80211_IS_CHAN_5GHZ(c)) 1738 eep = &sc->eeprom.modalHeader[0]; 1739 else 1740 eep = &sc->eeprom.modalHeader[1]; 1741 1742 /* Offset of chain 2. */ 1743 offset = 2 * 0x1000; 1744 1745 tmp = letoh32(eep->antCtrlCommon); 1746 otus_write(sc, AR_PHY_SWITCH_COM, tmp); 1747 1748 tmp = letoh32(eep->antCtrlChain[0]); 1749 otus_write(sc, AR_PHY_SWITCH_CHAIN_0, tmp); 1750 1751 tmp = letoh32(eep->antCtrlChain[1]); 1752 otus_write(sc, AR_PHY_SWITCH_CHAIN_0 + offset, tmp); 1753 1754 if (1 /* sc->sc_sco == AR_SCO_SCN */) { 1755 tmp = otus_phy_get_def(sc, AR_PHY_SETTLING); 1756 tmp &= ~(0x7f << 7); 1757 tmp |= (eep->switchSettling & 0x7f) << 7; 1758 otus_write(sc, AR_PHY_SETTLING, tmp); 1759 } 1760 1761 tmp = otus_phy_get_def(sc, AR_PHY_DESIRED_SZ); 1762 tmp &= ~0xffff; 1763 tmp |= eep->pgaDesiredSize << 8 | eep->adcDesiredSize; 1764 otus_write(sc, AR_PHY_DESIRED_SZ, tmp); 1765 1766 tmp = eep->txEndToXpaOff << 24 | eep->txEndToXpaOff << 16 | 1767 eep->txFrameToXpaOn << 8 | eep->txFrameToXpaOn; 1768 otus_write(sc, AR_PHY_RF_CTL4, tmp); 1769 1770 tmp = otus_phy_get_def(sc, AR_PHY_RF_CTL3); 1771 tmp &= ~(0xff << 16); 1772 tmp |= eep->txEndToRxOn << 16; 1773 otus_write(sc, AR_PHY_RF_CTL3, tmp); 1774 1775 tmp = otus_phy_get_def(sc, AR_PHY_CCA); 1776 tmp &= ~(0x7f << 12); 1777 tmp |= (eep->thresh62 & 0x7f) << 12; 1778 otus_write(sc, AR_PHY_CCA, tmp); 1779 1780 tmp = otus_phy_get_def(sc, AR_PHY_RXGAIN); 1781 tmp &= ~(0x3f << 12); 1782 tmp |= (eep->txRxAttenCh[0] & 0x3f) << 12; 1783 otus_write(sc, AR_PHY_RXGAIN, tmp); 1784 1785 tmp = otus_phy_get_def(sc, AR_PHY_RXGAIN + offset); 1786 tmp &= ~(0x3f << 12); 1787 tmp |= (eep->txRxAttenCh[1] & 0x3f) << 12; 1788 otus_write(sc, AR_PHY_RXGAIN + offset, tmp); 1789 1790 tmp = otus_phy_get_def(sc, AR_PHY_GAIN_2GHZ); 1791 tmp &= ~(0x3f << 18); 1792 tmp |= (eep->rxTxMarginCh[0] & 0x3f) << 18; 1793 if (IEEE80211_IS_CHAN_5GHZ(c)) { 1794 tmp &= ~(0xf << 10); 1795 tmp |= (eep->bswMargin[0] & 0xf) << 10; 1796 } 1797 otus_write(sc, AR_PHY_GAIN_2GHZ, tmp); 1798 1799 tmp = otus_phy_get_def(sc, AR_PHY_GAIN_2GHZ + offset); 1800 tmp &= ~(0x3f << 18); 1801 tmp |= (eep->rxTxMarginCh[1] & 0x3f) << 18; 1802 otus_write(sc, AR_PHY_GAIN_2GHZ + offset, tmp); 1803 1804 tmp = otus_phy_get_def(sc, AR_PHY_TIMING_CTRL4); 1805 tmp &= ~(0x3f << 5 | 0x1f); 1806 tmp |= (eep->iqCalICh[0] & 0x3f) << 5 | (eep->iqCalQCh[0] & 0x1f); 1807 otus_write(sc, AR_PHY_TIMING_CTRL4, tmp); 1808 1809 tmp = otus_phy_get_def(sc, AR_PHY_TIMING_CTRL4 + offset); 1810 tmp &= ~(0x3f << 5 | 0x1f); 1811 tmp |= (eep->iqCalICh[1] & 0x3f) << 5 | (eep->iqCalQCh[1] & 0x1f); 1812 otus_write(sc, AR_PHY_TIMING_CTRL4 + offset, tmp); 1813 1814 tmp = otus_phy_get_def(sc, AR_PHY_TPCRG1); 1815 tmp &= ~(0xf << 16); 1816 tmp |= (eep->xpd & 0xf) << 16; 1817 otus_write(sc, AR_PHY_TPCRG1, tmp); 1818 1819 return otus_write_barrier(sc); 1820 } 1821 1822 int 1823 otus_program_phy(struct otus_softc *sc, struct ieee80211_channel *c) 1824 { 1825 const uint32_t *vals; 1826 int error, i; 1827 1828 /* Select PHY programming based on band and bandwidth. */ 1829 if (IEEE80211_IS_CHAN_2GHZ(c)) 1830 vals = ar5416_phy_vals_2ghz_20mhz; 1831 else 1832 vals = ar5416_phy_vals_5ghz_20mhz; 1833 for (i = 0; i < nitems(ar5416_phy_regs); i++) 1834 otus_write(sc, AR_PHY(ar5416_phy_regs[i]), vals[i]); 1835 sc->phy_vals = vals; 1836 1837 if (sc->eeprom.baseEepHeader.deviceType == 0x80) /* FEM */ 1838 if ((error = otus_set_board_values(sc, c)) != 0) 1839 return error; 1840 1841 /* Initial Tx power settings. */ 1842 otus_write(sc, AR_PHY_POWER_TX_RATE_MAX, 0x7f); 1843 otus_write(sc, AR_PHY_POWER_TX_RATE1, 0x3f3f3f3f); 1844 otus_write(sc, AR_PHY_POWER_TX_RATE2, 0x3f3f3f3f); 1845 otus_write(sc, AR_PHY_POWER_TX_RATE3, 0x3f3f3f3f); 1846 otus_write(sc, AR_PHY_POWER_TX_RATE4, 0x3f3f3f3f); 1847 otus_write(sc, AR_PHY_POWER_TX_RATE5, 0x3f3f3f3f); 1848 otus_write(sc, AR_PHY_POWER_TX_RATE6, 0x3f3f3f3f); 1849 otus_write(sc, AR_PHY_POWER_TX_RATE7, 0x3f3f3f3f); 1850 otus_write(sc, AR_PHY_POWER_TX_RATE8, 0x3f3f3f3f); 1851 otus_write(sc, AR_PHY_POWER_TX_RATE9, 0x3f3f3f3f); 1852 1853 if (IEEE80211_IS_CHAN_2GHZ(c)) 1854 otus_write(sc, 0x1d4014, 0x5163); 1855 else 1856 otus_write(sc, 0x1d4014, 0x5143); 1857 1858 return otus_write_barrier(sc); 1859 } 1860 1861 static __inline uint8_t 1862 otus_reverse_bits(uint8_t v) 1863 { 1864 v = ((v >> 1) & 0x55) | ((v & 0x55) << 1); 1865 v = ((v >> 2) & 0x33) | ((v & 0x33) << 2); 1866 v = ((v >> 4) & 0x0f) | ((v & 0x0f) << 4); 1867 return v; 1868 } 1869 1870 int 1871 otus_set_rf_bank4(struct otus_softc *sc, struct ieee80211_channel *c) 1872 { 1873 uint8_t chansel, d0, d1; 1874 uint16_t data; 1875 int error; 1876 1877 d0 = 0; 1878 if (IEEE80211_IS_CHAN_5GHZ(c)) { 1879 chansel = (c->ic_freq - 4800) / 5; 1880 if (chansel & 1) 1881 d0 |= AR_BANK4_AMODE_REFSEL(2); 1882 else 1883 d0 |= AR_BANK4_AMODE_REFSEL(1); 1884 } else { 1885 d0 |= AR_BANK4_AMODE_REFSEL(2); 1886 if (c->ic_freq == 2484) { /* CH 14 */ 1887 d0 |= AR_BANK4_BMODE_LF_SYNTH_FREQ; 1888 chansel = 10 + (c->ic_freq - 2274) / 5; 1889 } else 1890 chansel = 16 + (c->ic_freq - 2272) / 5; 1891 chansel <<= 2; 1892 } 1893 d0 |= AR_BANK4_ADDR(1) | AR_BANK4_CHUP; 1894 d1 = otus_reverse_bits(chansel); 1895 1896 /* Write bits 0-4 of d0 and d1. */ 1897 data = (d1 & 0x1f) << 5 | (d0 & 0x1f); 1898 otus_write(sc, AR_PHY(44), data); 1899 /* Write bits 5-7 of d0 and d1. */ 1900 data = (d1 >> 5) << 5 | (d0 >> 5); 1901 otus_write(sc, AR_PHY(58), data); 1902 1903 if ((error = otus_write_barrier(sc)) == 0) 1904 usbd_delay_ms(sc->sc_udev, 10); 1905 return error; 1906 } 1907 1908 void 1909 otus_get_delta_slope(uint32_t coeff, uint32_t *exponent, uint32_t *mantissa) 1910 { 1911 #define COEFF_SCALE_SHIFT 24 1912 uint32_t exp, man; 1913 1914 /* exponent = 14 - floor(log2(coeff)) */ 1915 for (exp = 31; exp > 0; exp--) 1916 if (coeff & (1 << exp)) 1917 break; 1918 KASSERT(exp != 0); 1919 exp = 14 - (exp - COEFF_SCALE_SHIFT); 1920 1921 /* mantissa = floor(coeff * 2^exponent + 0.5) */ 1922 man = coeff + (1 << (COEFF_SCALE_SHIFT - exp - 1)); 1923 1924 *mantissa = man >> (COEFF_SCALE_SHIFT - exp); 1925 *exponent = exp - 16; 1926 #undef COEFF_SCALE_SHIFT 1927 } 1928 1929 int 1930 otus_set_chan(struct otus_softc *sc, struct ieee80211_channel *c, int assoc) 1931 { 1932 struct ieee80211com *ic = &sc->sc_ic; 1933 struct ar_cmd_frequency cmd; 1934 struct ar_rsp_frequency rsp; 1935 const uint32_t *vals; 1936 uint32_t coeff, exp, man, tmp; 1937 uint8_t code; 1938 int error, chan, i; 1939 1940 chan = ieee80211_chan2ieee(ic, c); 1941 DPRINTF(("setting channel %d (%dMHz)\n", chan, c->ic_freq)); 1942 1943 tmp = IEEE80211_IS_CHAN_2GHZ(c) ? 0x105 : 0x104; 1944 otus_write(sc, AR_MAC_REG_DYNAMIC_SIFS_ACK, tmp); 1945 if ((error = otus_write_barrier(sc)) != 0) 1946 return error; 1947 1948 /* Disable BB Heavy Clip. */ 1949 otus_write(sc, AR_PHY_HEAVY_CLIP_ENABLE, 0x200); 1950 if ((error = otus_write_barrier(sc)) != 0) 1951 return error; 1952 1953 /* XXX Is that FREQ_START ? */ 1954 error = otus_cmd(sc, AR_CMD_FREQ_STRAT, NULL, 0, NULL); 1955 if (error != 0) 1956 return error; 1957 1958 /* Reprogram PHY and RF on channel band or bandwidth changes. */ 1959 if (sc->bb_reset || c->ic_flags != sc->sc_curchan->ic_flags) { 1960 DPRINTF(("band switch\n")); 1961 1962 /* Cold/Warm reset BB/ADDA. */ 1963 otus_write(sc, 0x1d4004, sc->bb_reset ? 0x800 : 0x400); 1964 if ((error = otus_write_barrier(sc)) != 0) 1965 return error; 1966 otus_write(sc, 0x1d4004, 0); 1967 if ((error = otus_write_barrier(sc)) != 0) 1968 return error; 1969 sc->bb_reset = 0; 1970 1971 if ((error = otus_program_phy(sc, c)) != 0) { 1972 printf("%s: could not program PHY\n", 1973 sc->sc_dev.dv_xname); 1974 return error; 1975 } 1976 1977 /* Select RF programming based on band. */ 1978 if (IEEE80211_IS_CHAN_5GHZ(c)) 1979 vals = ar5416_banks_vals_5ghz; 1980 else 1981 vals = ar5416_banks_vals_2ghz; 1982 for (i = 0; i < nitems(ar5416_banks_regs); i++) 1983 otus_write(sc, AR_PHY(ar5416_banks_regs[i]), vals[i]); 1984 if ((error = otus_write_barrier(sc)) != 0) { 1985 printf("%s: could not program RF\n", 1986 sc->sc_dev.dv_xname); 1987 return error; 1988 } 1989 code = AR_CMD_RF_INIT; 1990 } else { 1991 code = AR_CMD_FREQUENCY; 1992 } 1993 1994 if ((error = otus_set_rf_bank4(sc, c)) != 0) 1995 return error; 1996 1997 tmp = (sc->txmask == 0x5) ? 0x340 : 0x240; 1998 otus_write(sc, AR_PHY_TURBO, tmp); 1999 if ((error = otus_write_barrier(sc)) != 0) 2000 return error; 2001 2002 /* Send firmware command to set channel. */ 2003 cmd.freq = htole32((uint32_t)c->ic_freq * 1000); 2004 cmd.dynht2040 = htole32(0); 2005 cmd.htena = htole32(1); 2006 /* Set Delta Slope (exponent and mantissa). */ 2007 coeff = (100 << 24) / c->ic_freq; 2008 otus_get_delta_slope(coeff, &exp, &man); 2009 cmd.dsc_exp = htole32(exp); 2010 cmd.dsc_man = htole32(man); 2011 DPRINTF(("ds coeff=%u exp=%u man=%u\n", coeff, exp, man)); 2012 /* For Short GI, coeff is 9/10 that of normal coeff. */ 2013 coeff = (9 * coeff) / 10; 2014 otus_get_delta_slope(coeff, &exp, &man); 2015 cmd.dsc_shgi_exp = htole32(exp); 2016 cmd.dsc_shgi_man = htole32(man); 2017 DPRINTF(("ds shgi coeff=%u exp=%u man=%u\n", coeff, exp, man)); 2018 /* Set wait time for AGC and noise calibration (100 or 200ms). */ 2019 cmd.check_loop_count = assoc ? htole32(2000) : htole32(1000); 2020 DPRINTF(("%s\n", (code == AR_CMD_RF_INIT) ? "RF_INIT" : "FREQUENCY")); 2021 error = otus_cmd(sc, code, &cmd, sizeof cmd, &rsp); 2022 if (error != 0) 2023 return error; 2024 if ((rsp.status & htole32(AR_CAL_ERR_AGC | AR_CAL_ERR_NF_VAL)) != 0) { 2025 DPRINTF(("status=0x%x\n", letoh32(rsp.status))); 2026 /* Force cold reset on next channel. */ 2027 sc->bb_reset = 1; 2028 } 2029 #ifdef OTUS_DEBUG 2030 if (otus_debug) { 2031 printf("calibration status=0x%x\n", letoh32(rsp.status)); 2032 for (i = 0; i < 2; i++) { /* 2 Rx chains */ 2033 /* Sign-extend 9-bit NF values. */ 2034 printf("noisefloor chain %d=%d\n", i, 2035 (((int32_t)letoh32(rsp.nf[i])) << 4) >> 23); 2036 printf("noisefloor ext chain %d=%d\n", i, 2037 ((int32_t)letoh32(rsp.nf_ext[i])) >> 23); 2038 } 2039 } 2040 #endif 2041 sc->sc_curchan = c; 2042 return 0; 2043 } 2044 2045 #ifdef notyet 2046 int 2047 otus_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2048 struct ieee80211_key *k) 2049 { 2050 struct otus_softc *sc = ic->ic_softc; 2051 struct otus_cmd_key cmd; 2052 2053 /* Defer setting of WEP keys until interface is brought up. */ 2054 if ((ic->ic_if.if_flags & (IFF_UP | IFF_RUNNING)) != 2055 (IFF_UP | IFF_RUNNING)) 2056 return 0; 2057 2058 /* Do it in a process context. */ 2059 cmd.key = *k; 2060 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 2061 otus_do_async(sc, otus_set_key_cb, &cmd, sizeof cmd); 2062 return 0; 2063 } 2064 2065 void 2066 otus_set_key_cb(struct otus_softc *sc, void *arg) 2067 { 2068 struct otus_cmd_key *cmd = arg; 2069 struct ieee80211_key *k = &cmd->key; 2070 struct ar_cmd_ekey key; 2071 uint16_t cipher; 2072 int error; 2073 2074 memset(&key, 0, sizeof key); 2075 if (k->k_flags & IEEE80211_KEY_GROUP) { 2076 key.uid = htole16(k->k_id); 2077 IEEE80211_ADDR_COPY(key.macaddr, sc->sc_ic.ic_myaddr); 2078 key.macaddr[0] |= 0x80; 2079 } else { 2080 key.uid = htole16(OTUS_UID(cmd->associd)); 2081 IEEE80211_ADDR_COPY(key.macaddr, ni->ni_macaddr); 2082 } 2083 key.kix = htole16(0); 2084 /* Map net80211 cipher to hardware. */ 2085 switch (k->k_cipher) { 2086 case IEEE80211_CIPHER_WEP40: 2087 cipher = AR_CIPHER_WEP64; 2088 break; 2089 case IEEE80211_CIPHER_WEP104: 2090 cipher = AR_CIPHER_WEP128; 2091 break; 2092 case IEEE80211_CIPHER_TKIP: 2093 cipher = AR_CIPHER_TKIP; 2094 break; 2095 case IEEE80211_CIPHER_CCMP: 2096 cipher = AR_CIPHER_AES; 2097 break; 2098 default: 2099 return; 2100 } 2101 key.cipher = htole16(cipher); 2102 memcpy(key.key, k->k_key, MIN(k->k_len, 16)); 2103 error = otus_cmd(sc, AR_CMD_EKEY, &key, sizeof key, NULL); 2104 if (error != 0 || k->k_cipher != IEEE80211_CIPHER_TKIP) 2105 return; 2106 2107 /* TKIP: set Tx/Rx MIC Key. */ 2108 key.kix = htole16(1); 2109 memcpy(key.key, k->k_key + 16, 16); 2110 (void)otus_cmd(sc, AR_CMD_EKEY, &key, sizeof key, NULL); 2111 } 2112 2113 void 2114 otus_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2115 struct ieee80211_key *k) 2116 { 2117 struct otus_softc *sc = ic->ic_softc; 2118 struct otus_cmd_key cmd; 2119 2120 if (!(ic->ic_if.if_flags & IFF_RUNNING) || 2121 ic->ic_state != IEEE80211_S_RUN) 2122 return; /* Nothing to do. */ 2123 2124 /* Do it in a process context. */ 2125 cmd.key = *k; 2126 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 2127 otus_do_async(sc, otus_delete_key_cb, &cmd, sizeof cmd); 2128 } 2129 2130 void 2131 otus_delete_key_cb(struct otus_softc *sc, void *arg) 2132 { 2133 struct otus_cmd_key *cmd = arg; 2134 struct ieee80211_key *k = &cmd->key; 2135 uint32_t uid; 2136 2137 if (k->k_flags & IEEE80211_KEY_GROUP) 2138 uid = htole32(k->k_id); 2139 else 2140 uid = htole32(OTUS_UID(cmd->associd)); 2141 (void)otus_cmd(sc, AR_CMD_DKEY, &uid, sizeof uid, NULL); 2142 } 2143 #endif 2144 2145 void 2146 otus_calibrate_to(void *arg) 2147 { 2148 struct otus_softc *sc = arg; 2149 struct ieee80211com *ic = &sc->sc_ic; 2150 struct ieee80211_node *ni; 2151 int s; 2152 2153 if (usbd_is_dying(sc->sc_udev)) 2154 return; 2155 2156 usbd_ref_incr(sc->sc_udev); 2157 2158 s = splnet(); 2159 ni = ic->ic_bss; 2160 ieee80211_amrr_choose(&sc->amrr, ni, &((struct otus_node *)ni)->amn); 2161 splx(s); 2162 2163 if (!usbd_is_dying(sc->sc_udev)) 2164 timeout_add_sec(&sc->calib_to, 1); 2165 2166 usbd_ref_decr(sc->sc_udev); 2167 } 2168 2169 int 2170 otus_set_bssid(struct otus_softc *sc, const uint8_t *bssid) 2171 { 2172 otus_write(sc, AR_MAC_REG_BSSID_L, 2173 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 2174 otus_write(sc, AR_MAC_REG_BSSID_H, 2175 bssid[4] | bssid[5] << 8); 2176 return otus_write_barrier(sc); 2177 } 2178 2179 int 2180 otus_set_macaddr(struct otus_softc *sc, const uint8_t *addr) 2181 { 2182 otus_write(sc, AR_MAC_REG_MAC_ADDR_L, 2183 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 2184 otus_write(sc, AR_MAC_REG_MAC_ADDR_H, 2185 addr[4] | addr[5] << 8); 2186 return otus_write_barrier(sc); 2187 } 2188 2189 /* Default single-LED. */ 2190 void 2191 otus_led_newstate_type1(struct otus_softc *sc) 2192 { 2193 /* TBD */ 2194 } 2195 2196 /* NETGEAR, dual-LED. */ 2197 void 2198 otus_led_newstate_type2(struct otus_softc *sc) 2199 { 2200 /* TBD */ 2201 } 2202 2203 /* NETGEAR, single-LED/3 colors (blue, red, purple.) */ 2204 void 2205 otus_led_newstate_type3(struct otus_softc *sc) 2206 { 2207 struct ieee80211com *ic = &sc->sc_ic; 2208 uint32_t state = sc->led_state; 2209 2210 if (ic->ic_state == IEEE80211_S_INIT) { 2211 state = 0; /* LED off. */ 2212 } else if (ic->ic_state == IEEE80211_S_RUN) { 2213 /* Associated, LED always on. */ 2214 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) 2215 state = AR_LED0_ON; /* 2GHz=>Red. */ 2216 else 2217 state = AR_LED1_ON; /* 5GHz=>Blue. */ 2218 } else { 2219 /* Scanning, blink LED. */ 2220 state ^= AR_LED0_ON | AR_LED1_ON; 2221 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) 2222 state &= ~AR_LED1_ON; 2223 else 2224 state &= ~AR_LED0_ON; 2225 } 2226 if (state != sc->led_state) { 2227 otus_write(sc, 0x1d0104, state); 2228 if (otus_write_barrier(sc) == 0) 2229 sc->led_state = state; 2230 } 2231 } 2232 2233 int 2234 otus_init(struct ifnet *ifp) 2235 { 2236 struct otus_softc *sc = ifp->if_softc; 2237 struct ieee80211com *ic = &sc->sc_ic; 2238 int error; 2239 2240 /* Init host command ring. */ 2241 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 2242 2243 if ((error = otus_init_mac(sc)) != 0) { 2244 printf("%s: could not initialize MAC\n", sc->sc_dev.dv_xname); 2245 return error; 2246 } 2247 2248 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2249 (void)otus_set_macaddr(sc, ic->ic_myaddr); 2250 2251 switch (ic->ic_opmode) { 2252 #ifdef notyet 2253 #ifndef IEEE80211_STA_ONLY 2254 case IEEE80211_M_HOSTAP: 2255 otus_write(sc, 0x1c3700, 0x0f0000a1); 2256 otus_write(sc, 0x1c3c40, 0x1); 2257 break; 2258 case IEEE80211_M_IBSS: 2259 otus_write(sc, 0x1c3700, 0x0f000000); 2260 otus_write(sc, 0x1c3c40, 0x1); 2261 break; 2262 #endif 2263 #endif 2264 case IEEE80211_M_STA: 2265 otus_write(sc, 0x1c3700, 0x0f000002); 2266 otus_write(sc, 0x1c3c40, 0x1); 2267 break; 2268 default: 2269 break; 2270 } 2271 otus_write(sc, AR_MAC_REG_SNIFFER, 2272 (ic->ic_opmode == IEEE80211_M_MONITOR) ? 0x2000001 : 0x2000000); 2273 (void)otus_write_barrier(sc); 2274 2275 sc->bb_reset = 1; /* Force cold reset. */ 2276 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 2277 if ((error = otus_set_chan(sc, ic->ic_ibss_chan, 0)) != 0) { 2278 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 2279 return error; 2280 } 2281 2282 /* Start Rx. */ 2283 otus_write(sc, 0x1c3d30, 0x100); 2284 (void)otus_write_barrier(sc); 2285 2286 ifp->if_flags |= IFF_RUNNING; 2287 ifq_clr_oactive(&ifp->if_snd); 2288 2289 if (ic->ic_opmode == IEEE80211_M_MONITOR) 2290 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2291 else 2292 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2293 2294 return 0; 2295 } 2296 2297 void 2298 otus_stop(struct ifnet *ifp) 2299 { 2300 struct otus_softc *sc = ifp->if_softc; 2301 struct ieee80211com *ic = &sc->sc_ic; 2302 int s; 2303 2304 sc->sc_tx_timer = 0; 2305 ifp->if_timer = 0; 2306 ifp->if_flags &= ~IFF_RUNNING; 2307 ifq_clr_oactive(&ifp->if_snd); 2308 2309 timeout_del(&sc->scan_to); 2310 timeout_del(&sc->calib_to); 2311 2312 s = splusb(); 2313 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2314 /* Wait for all queued asynchronous commands to complete. */ 2315 usb_wait_task(sc->sc_udev, &sc->sc_task); 2316 splx(s); 2317 2318 /* Stop Rx. */ 2319 otus_write(sc, 0x1c3d30, 0); 2320 (void)otus_write_barrier(sc); 2321 2322 sc->tx_queued = 0; 2323 } 2324