1 /* $OpenBSD: if_otus.c,v 1.7 2009/04/06 18:17:01 damien Exp $ */ 2 3 /*- 4 * Copyright (c) 2009 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /*- 20 * Driver for Atheros AR9001U chipset. 21 * http://www.atheros.com/pt/bulletins/AR9001USBBulletin.pdf 22 */ 23 24 #include "bpfilter.h" 25 26 #include <sys/param.h> 27 #include <sys/sockio.h> 28 #include <sys/sysctl.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/socket.h> 32 #include <sys/systm.h> 33 #include <sys/timeout.h> 34 #include <sys/conf.h> 35 #include <sys/device.h> 36 37 #include <machine/bus.h> 38 #include <machine/endian.h> 39 #include <machine/intr.h> 40 41 #if NBPFILTER > 0 42 #include <net/bpf.h> 43 #endif 44 #include <net/if.h> 45 #include <net/if_arp.h> 46 #include <net/if_dl.h> 47 #include <net/if_media.h> 48 #include <net/if_types.h> 49 50 #include <netinet/in.h> 51 #include <netinet/in_systm.h> 52 #include <netinet/in_var.h> 53 #include <netinet/if_ether.h> 54 #include <netinet/ip.h> 55 56 #include <net80211/ieee80211_var.h> 57 #include <net80211/ieee80211_amrr.h> 58 #include <net80211/ieee80211_radiotap.h> 59 60 #include <dev/usb/usb.h> 61 #include <dev/usb/usbdi.h> 62 #include <dev/usb/usbdi_util.h> 63 #include <dev/usb/usbdevs.h> 64 65 #include <dev/usb/if_otusreg.h> 66 67 #ifdef USB_DEBUG 68 #define OTUS_DEBUG 69 #endif 70 71 #define OTUS_DEBUG 72 73 #ifdef OTUS_DEBUG 74 #define DPRINTF(x) do { if (otus_debug) printf x; } while (0) 75 #define DPRINTFN(n, x) do { if (otus_debug >= (n)) printf x; } while (0) 76 int otus_debug = 1; 77 #else 78 #define DPRINTF(x) 79 #define DPRINTFN(n, x) 80 #endif 81 82 static const struct usb_devno otus_devs[] = { 83 { USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_WN7512 }, 84 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_TG121N }, 85 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_AR9170 }, 86 { USB_VENDOR_CACE, USB_PRODUCT_CACE_AIRPCAPNX }, 87 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA160A }, 88 { USB_VENDOR_IODATA, USB_PRODUCT_IODATA_WNGDNUS2 }, 89 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WN111V2 }, 90 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNDA3100 }, 91 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GW_US300 }, 92 { USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_UB81 }, 93 { USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_UB82 }, 94 { USB_VENDOR_ZYDAS, USB_PRODUCT_ZYDAS_ZD1221 } 95 }; 96 97 int otus_match(struct device *, void *, void *); 98 void otus_attach(struct device *, struct device *, void *); 99 int otus_detach(struct device *, int); 100 void otus_attachhook(void *); 101 void otus_get_chanlist(struct otus_softc *); 102 int otus_load_firmware(struct otus_softc *, const char *, 103 uint32_t); 104 int otus_open_pipes(struct otus_softc *); 105 void otus_close_pipes(struct otus_softc *); 106 int otus_alloc_tx_cmd(struct otus_softc *); 107 void otus_free_tx_cmd(struct otus_softc *); 108 int otus_alloc_tx_data_list(struct otus_softc *); 109 void otus_free_tx_data_list(struct otus_softc *); 110 int otus_alloc_rx_data_list(struct otus_softc *); 111 void otus_free_rx_data_list(struct otus_softc *); 112 void otus_next_scan(void *); 113 void otus_task(void *); 114 void otus_do_async(struct otus_softc *, 115 void (*)(struct otus_softc *, void *), void *, int); 116 int otus_newstate(struct ieee80211com *, enum ieee80211_state, 117 int); 118 void otus_newstate_cb(struct otus_softc *, void *); 119 int otus_cmd(struct otus_softc *, uint8_t, const void *, int, 120 void *); 121 void otus_write(struct otus_softc *, uint32_t, uint32_t); 122 int otus_write_barrier(struct otus_softc *); 123 struct ieee80211_node *otus_node_alloc(struct ieee80211com *); 124 int otus_media_change(struct ifnet *); 125 int otus_read_eeprom(struct otus_softc *); 126 void otus_newassoc(struct ieee80211com *, struct ieee80211_node *, 127 int); 128 void otus_intr(usbd_xfer_handle, usbd_private_handle, usbd_status); 129 void otus_cmd_rxeof(struct otus_softc *, uint8_t *, int); 130 void otus_sub_rxeof(struct otus_softc *, uint8_t *, int); 131 void otus_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 132 void otus_txeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 133 int otus_tx(struct otus_softc *, struct mbuf *, 134 struct ieee80211_node *); 135 void otus_start(struct ifnet *); 136 void otus_watchdog(struct ifnet *); 137 int otus_ioctl(struct ifnet *, u_long, caddr_t); 138 int otus_set_multi(struct otus_softc *); 139 void otus_updateedca(struct ieee80211com *); 140 void otus_updateedca_cb(struct otus_softc *, void *); 141 void otus_updateslot(struct ieee80211com *); 142 void otus_updateslot_cb(struct otus_softc *, void *); 143 int otus_init_mac(struct otus_softc *); 144 uint32_t otus_phy_get_def(struct otus_softc *, uint32_t); 145 int otus_set_board_values(struct otus_softc *, 146 struct ieee80211_channel *); 147 int otus_program_phy(struct otus_softc *, 148 struct ieee80211_channel *); 149 void otus_get_delta_slope(uint32_t, uint32_t *, uint32_t *); 150 int otus_set_chan(struct otus_softc *, struct ieee80211_channel *); 151 int otus_set_key(struct ieee80211com *, struct ieee80211_node *, 152 struct ieee80211_key *); 153 void otus_set_key_cb(struct otus_softc *, void *); 154 void otus_delete_key(struct ieee80211com *, struct ieee80211_node *, 155 struct ieee80211_key *); 156 void otus_delete_key_cb(struct otus_softc *, void *); 157 void otus_calibrate_to(void *); 158 int otus_set_bssid(struct otus_softc *, const uint8_t *); 159 int otus_set_macaddr(struct otus_softc *, const uint8_t *); 160 void otus_led_newstate_type1(struct otus_softc *); 161 void otus_led_newstate_type2(struct otus_softc *); 162 void otus_led_newstate_type3(struct otus_softc *); 163 int otus_init(struct ifnet *); 164 void otus_stop(struct ifnet *); 165 166 struct cfdriver otus_cd = { 167 NULL, "otus", DV_IFNET 168 }; 169 170 const struct cfattach otus_ca = { 171 sizeof (struct otus_softc), otus_match, otus_attach, otus_detach 172 }; 173 174 int 175 otus_match(struct device *parent, void *match, void *aux) 176 { 177 struct usb_attach_arg *uaa = aux; 178 179 if (uaa->iface != NULL) 180 return UMATCH_NONE; 181 182 return (usb_lookup(otus_devs, uaa->vendor, uaa->product) != NULL) ? 183 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 184 } 185 186 void 187 otus_attach(struct device *parent, struct device *self, void *aux) 188 { 189 struct otus_softc *sc = (struct otus_softc *)self; 190 struct usb_attach_arg *uaa = aux; 191 int error; 192 193 sc->sc_udev = uaa->device; 194 195 usb_init_task(&sc->sc_task, otus_task, sc); 196 timeout_set(&sc->scan_to, otus_next_scan, sc); 197 timeout_set(&sc->calib_to, otus_calibrate_to, sc); 198 199 sc->amrr.amrr_min_success_threshold = 1; 200 sc->amrr.amrr_max_success_threshold = 10; 201 202 if (usbd_set_config_no(sc->sc_udev, 1, 0) != 0) { 203 printf("%s: could not set configuration no\n", 204 sc->sc_dev.dv_xname); 205 return; 206 } 207 208 /* Get the first interface handle. */ 209 error = usbd_device2interface_handle(sc->sc_udev, 0, &sc->sc_iface); 210 if (error != 0) { 211 printf("%s: could not get interface handle\n", 212 sc->sc_dev.dv_xname); 213 return; 214 } 215 216 if ((error = otus_open_pipes(sc)) != 0) { 217 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 218 return; 219 } 220 221 if (rootvp == NULL) 222 mountroothook_establish(otus_attachhook, sc); 223 else 224 otus_attachhook(sc); 225 226 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, &sc->sc_dev); 227 } 228 229 int 230 otus_detach(struct device *self, int flags) 231 { 232 struct otus_softc *sc = (struct otus_softc *)self; 233 struct ifnet *ifp = &sc->sc_ic.ic_if; 234 int s; 235 236 s = splnet(); 237 238 /* Wait for all queued asynchronous commands to complete. */ 239 while (sc->cmdq.queued > 0) 240 tsleep(&sc->cmdq, 0, "cmdq", 0); 241 242 timeout_del(&sc->scan_to); 243 timeout_del(&sc->calib_to); 244 245 if (ifp->if_flags != 0) { /* if_attach() has been called. */ 246 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 247 ieee80211_ifdetach(ifp); 248 if_detach(ifp); 249 } 250 251 otus_close_pipes(sc); 252 253 splx(s); 254 255 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, &sc->sc_dev); 256 257 return 0; 258 } 259 260 void 261 otus_attachhook(void *xsc) 262 { 263 struct otus_softc *sc = xsc; 264 struct ieee80211com *ic = &sc->sc_ic; 265 struct ifnet *ifp = &ic->ic_if; 266 usb_device_request_t req; 267 uint32_t in, out; 268 int error; 269 270 error = otus_load_firmware(sc, "otus-init", AR_FW_INIT_ADDR); 271 if (error != 0) { 272 printf("%s: could not load %s firmware\n", 273 sc->sc_dev.dv_xname, "init"); 274 return; 275 } 276 277 usbd_delay_ms(sc->sc_udev, 1000); 278 279 error = otus_load_firmware(sc, "otus-main", AR_FW_MAIN_ADDR); 280 if (error != 0) { 281 printf("%s: could not load %s firmware\n", 282 sc->sc_dev.dv_xname, "main"); 283 return; 284 } 285 286 /* Tell device that firmware transfer is complete. */ 287 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 288 req.bRequest = AR_FW_DOWNLOAD_COMPLETE; 289 USETW(req.wValue, 0); 290 USETW(req.wIndex, 0); 291 USETW(req.wLength, 0); 292 if (usbd_do_request(sc->sc_udev, &req, NULL) != 0) { 293 printf("%s: firmware initialization failed\n", 294 sc->sc_dev.dv_xname); 295 return; 296 } 297 298 /* Send an ECHO command to check that everything is settled. */ 299 in = 0xbadc0ffe; 300 if (otus_cmd(sc, AR_CMD_ECHO, &in, sizeof in, &out) != 0) { 301 printf("%s: echo command failed\n", sc->sc_dev.dv_xname); 302 return; 303 } 304 if (in != out) { 305 printf("%s: echo reply mismatch: 0x%08x!=0x%08x\n", 306 sc->sc_dev.dv_xname, in, out); 307 return; 308 } 309 310 /* Read entire EEPROM. */ 311 if (otus_read_eeprom(sc) != 0) { 312 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 313 return; 314 } 315 316 sc->txmask = sc->eeprom.baseEepHeader.txMask; 317 sc->rxmask = sc->eeprom.baseEepHeader.rxMask; 318 IEEE80211_ADDR_COPY(ic->ic_myaddr, sc->eeprom.baseEepHeader.macAddr); 319 sc->sc_led_newstate = otus_led_newstate_type3; /* XXX */ 320 321 printf("%s: MIMO %dT%dR, address %s\n", sc->sc_dev.dv_xname, 322 (sc->txmask == 1) ? 1 : 2, (sc->rxmask == 1) ? 1 : 2, 323 ether_sprintf(ic->ic_myaddr)); 324 325 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 326 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 327 ic->ic_state = IEEE80211_S_INIT; 328 329 /* Set device capabilities. */ 330 ic->ic_caps = 331 IEEE80211_C_MONITOR | /* monitor mode supported */ 332 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 333 IEEE80211_C_SHSLOT | /* short slot time supported */ 334 IEEE80211_C_WEP | /* WEP */ 335 IEEE80211_C_RSN; /* WPA/RSN */ 336 337 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 338 /* Set supported .11b and .11g rates. */ 339 ic->ic_sup_rates[IEEE80211_MODE_11B] = 340 ieee80211_std_rateset_11b; 341 ic->ic_sup_rates[IEEE80211_MODE_11G] = 342 ieee80211_std_rateset_11g; 343 } 344 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 345 /* Set supported .11a rates. */ 346 ic->ic_sup_rates[IEEE80211_MODE_11A] = 347 ieee80211_std_rateset_11a; 348 } 349 350 /* Build the list of supported channels. */ 351 otus_get_chanlist(sc); 352 353 ifp->if_softc = sc; 354 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 355 ifp->if_init = otus_init; 356 ifp->if_ioctl = otus_ioctl; 357 ifp->if_start = otus_start; 358 ifp->if_watchdog = otus_watchdog; 359 IFQ_SET_READY(&ifp->if_snd); 360 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 361 362 if_attach(ifp); 363 ieee80211_ifattach(ifp); 364 ic->ic_node_alloc = otus_node_alloc; 365 ic->ic_newassoc = otus_newassoc; 366 ic->ic_updateslot = otus_updateslot; 367 ic->ic_updateedca = otus_updateedca; 368 #ifdef notyet 369 ic->ic_set_key = otus_set_key; 370 ic->ic_delete_key = otus_delete_key; 371 #endif 372 /* Override state transition machine. */ 373 sc->sc_newstate = ic->ic_newstate; 374 ic->ic_newstate = otus_newstate; 375 ieee80211_media_init(ifp, otus_media_change, ieee80211_media_status); 376 377 #if NBPFILTER > 0 378 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 379 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 380 381 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 382 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 383 sc->sc_rxtap.wr_ihdr.it_present = htole32(OTUS_RX_RADIOTAP_PRESENT); 384 385 sc->sc_txtap_len = sizeof sc->sc_txtapu; 386 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 387 sc->sc_txtap.wt_ihdr.it_present = htole32(OTUS_TX_RADIOTAP_PRESENT); 388 #endif 389 } 390 391 void 392 otus_get_chanlist(struct otus_softc *sc) 393 { 394 struct ieee80211com *ic = &sc->sc_ic; 395 uint16_t domain; 396 uint8_t chan; 397 int i; 398 399 /* XXX regulatory domain. */ 400 domain = letoh16(sc->eeprom.baseEepHeader.regDmn[0]); 401 DPRINTF(("regdomain=0x%04x\n", domain)); 402 403 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 404 for (i = 0; i < 14; i++) { 405 chan = ar_chans[i]; 406 ic->ic_channels[chan].ic_freq = 407 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 408 ic->ic_channels[chan].ic_flags = 409 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 410 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 411 } 412 } 413 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 414 for (i = 14; i < nitems(ar_chans); i++) { 415 chan = ar_chans[i]; 416 ic->ic_channels[chan].ic_freq = 417 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 418 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 419 } 420 } 421 } 422 423 int 424 otus_load_firmware(struct otus_softc *sc, const char *name, uint32_t addr) 425 { 426 usb_device_request_t req; 427 size_t size; 428 u_char *fw, *ptr; 429 int mlen, error; 430 431 /* Read firmware image from the filesystem. */ 432 if ((error = loadfirmware(name, &fw, &size)) != 0) { 433 printf("%s: failed loadfirmware of file %s (error %d)\n", 434 sc->sc_dev.dv_xname, name, error); 435 return error; 436 } 437 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 438 req.bRequest = AR_FW_DOWNLOAD; 439 USETW(req.wIndex, 0); 440 441 ptr = fw; 442 addr >>= 8; 443 while (size > 0) { 444 mlen = MIN(size, 4096); 445 446 USETW(req.wValue, addr); 447 USETW(req.wLength, mlen); 448 if (usbd_do_request(sc->sc_udev, &req, ptr) != 0) { 449 error = EIO; 450 break; 451 } 452 addr += mlen >> 8; 453 ptr += mlen; 454 size -= mlen; 455 } 456 free(fw, M_DEVBUF); 457 return error; 458 } 459 460 int 461 otus_open_pipes(struct otus_softc *sc) 462 { 463 usb_endpoint_descriptor_t *ed; 464 int i, isize, error; 465 466 error = usbd_open_pipe(sc->sc_iface, AR_EPT_BULK_RX_NO, 0, 467 &sc->data_rx_pipe); 468 if (error != 0) { 469 printf("%s: could not open Rx bulk pipe\n", 470 sc->sc_dev.dv_xname); 471 goto fail; 472 } 473 474 ed = usbd_get_endpoint_descriptor(sc->sc_iface, AR_EPT_INTR_RX_NO); 475 if (ed == NULL) { 476 printf("%s: could not retrieve Rx intr pipe descriptor\n", 477 sc->sc_dev.dv_xname); 478 goto fail; 479 } 480 isize = UGETW(ed->wMaxPacketSize); 481 if (isize == 0) { 482 printf("%s: invalid Rx intr pipe descriptor\n", 483 sc->sc_dev.dv_xname); 484 goto fail; 485 } 486 sc->ibuf = malloc(isize, M_USBDEV, M_NOWAIT); 487 if (sc->ibuf == NULL) { 488 printf("%s: could not allocate Rx intr buffer\n", 489 sc->sc_dev.dv_xname); 490 goto fail; 491 } 492 error = usbd_open_pipe_intr(sc->sc_iface, AR_EPT_INTR_RX_NO, 493 USBD_SHORT_XFER_OK, &sc->cmd_rx_pipe, sc, sc->ibuf, isize, 494 otus_intr, USBD_DEFAULT_INTERVAL); 495 if (error != 0) { 496 printf("%s: could not open Rx intr pipe\n", 497 sc->sc_dev.dv_xname); 498 goto fail; 499 } 500 501 error = usbd_open_pipe(sc->sc_iface, AR_EPT_BULK_TX_NO, 0, 502 &sc->data_tx_pipe); 503 if (error != 0) { 504 printf("%s: could not open Tx bulk pipe\n", 505 sc->sc_dev.dv_xname); 506 goto fail; 507 } 508 509 error = usbd_open_pipe(sc->sc_iface, AR_EPT_INTR_TX_NO, 0, 510 &sc->cmd_tx_pipe); 511 if (error != 0) { 512 printf("%s: could not open Tx intr pipe\n", 513 sc->sc_dev.dv_xname); 514 goto fail; 515 } 516 517 if (otus_alloc_tx_cmd(sc) != 0) { 518 printf("%s: could not allocate command xfer\n", 519 sc->sc_dev.dv_xname); 520 goto fail; 521 } 522 523 if (otus_alloc_tx_data_list(sc) != 0) { 524 printf("%s: could not allocate Tx xfers\n", 525 sc->sc_dev.dv_xname); 526 goto fail; 527 } 528 529 if (otus_alloc_rx_data_list(sc) != 0) { 530 printf("%s: could not allocate Rx xfers\n", 531 sc->sc_dev.dv_xname); 532 goto fail; 533 } 534 535 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) { 536 struct otus_rx_data *data = &sc->rx_data[i]; 537 538 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 539 OTUS_RXBUFSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 540 USBD_NO_TIMEOUT, otus_rxeof); 541 error = usbd_transfer(data->xfer); 542 if (error != USBD_IN_PROGRESS && error != 0) { 543 printf("%s: could not queue Rx xfer\n", 544 sc->sc_dev.dv_xname); 545 goto fail; 546 } 547 } 548 return 0; 549 550 fail: otus_close_pipes(sc); 551 return error; 552 } 553 554 void 555 otus_close_pipes(struct otus_softc *sc) 556 { 557 otus_free_tx_cmd(sc); 558 otus_free_tx_data_list(sc); 559 otus_free_rx_data_list(sc); 560 561 if (sc->data_rx_pipe != NULL) 562 usbd_close_pipe(sc->data_rx_pipe); 563 if (sc->cmd_rx_pipe != NULL) { 564 usbd_abort_pipe(sc->cmd_rx_pipe); 565 usbd_close_pipe(sc->cmd_rx_pipe); 566 } 567 if (sc->ibuf != NULL) 568 free(sc->ibuf, M_USBDEV); 569 if (sc->data_tx_pipe != NULL) 570 usbd_close_pipe(sc->data_tx_pipe); 571 if (sc->cmd_tx_pipe != NULL) 572 usbd_close_pipe(sc->cmd_tx_pipe); 573 } 574 575 int 576 otus_alloc_tx_cmd(struct otus_softc *sc) 577 { 578 struct otus_tx_cmd *cmd = &sc->tx_cmd; 579 580 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 581 if (cmd->xfer == NULL) { 582 printf("%s: could not allocate xfer\n", 583 sc->sc_dev.dv_xname); 584 return ENOMEM; 585 } 586 cmd->buf = usbd_alloc_buffer(cmd->xfer, OTUS_MAX_TXCMDSZ); 587 if (cmd->buf == NULL) { 588 printf("%s: could not allocate xfer buffer\n", 589 sc->sc_dev.dv_xname); 590 usbd_free_xfer(cmd->xfer); 591 return ENOMEM; 592 } 593 return 0; 594 } 595 596 void 597 otus_free_tx_cmd(struct otus_softc *sc) 598 { 599 /* Make sure no transfers are pending. */ 600 usbd_abort_pipe(sc->cmd_tx_pipe); 601 602 if (sc->tx_cmd.xfer != NULL) 603 usbd_free_xfer(sc->tx_cmd.xfer); 604 } 605 606 int 607 otus_alloc_tx_data_list(struct otus_softc *sc) 608 { 609 struct otus_tx_data *data; 610 int i, error; 611 612 for (i = 0; i < OTUS_TX_DATA_LIST_COUNT; i++) { 613 data = &sc->tx_data[i]; 614 615 data->sc = sc; /* Backpointer for callbacks. */ 616 617 data->xfer = usbd_alloc_xfer(sc->sc_udev); 618 if (data->xfer == NULL) { 619 printf("%s: could not allocate xfer\n", 620 sc->sc_dev.dv_xname); 621 error = ENOMEM; 622 goto fail; 623 } 624 data->buf = usbd_alloc_buffer(data->xfer, OTUS_TXBUFSZ); 625 if (data->buf == NULL) { 626 printf("%s: could not allocate xfer buffer\n", 627 sc->sc_dev.dv_xname); 628 error = ENOMEM; 629 goto fail; 630 } 631 } 632 return 0; 633 634 fail: otus_free_tx_data_list(sc); 635 return error; 636 } 637 638 void 639 otus_free_tx_data_list(struct otus_softc *sc) 640 { 641 int i; 642 643 /* Make sure no transfers are pending. */ 644 usbd_abort_pipe(sc->data_tx_pipe); 645 646 for (i = 0; i < OTUS_TX_DATA_LIST_COUNT; i++) 647 if (sc->tx_data[i].xfer != NULL) 648 usbd_free_xfer(sc->tx_data[i].xfer); 649 } 650 651 int 652 otus_alloc_rx_data_list(struct otus_softc *sc) 653 { 654 struct otus_rx_data *data; 655 int i, error; 656 657 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) { 658 data = &sc->rx_data[i]; 659 660 data->sc = sc; /* Backpointer for callbacks. */ 661 662 data->xfer = usbd_alloc_xfer(sc->sc_udev); 663 if (data->xfer == NULL) { 664 printf("%s: could not allocate xfer\n", 665 sc->sc_dev.dv_xname); 666 error = ENOMEM; 667 goto fail; 668 } 669 data->buf = usbd_alloc_buffer(data->xfer, OTUS_RXBUFSZ); 670 if (data->buf == NULL) { 671 printf("%s: could not allocate xfer buffer\n", 672 sc->sc_dev.dv_xname); 673 error = ENOMEM; 674 goto fail; 675 } 676 } 677 return 0; 678 679 fail: otus_free_rx_data_list(sc); 680 return error; 681 } 682 683 void 684 otus_free_rx_data_list(struct otus_softc *sc) 685 { 686 int i; 687 688 /* Make sure no transfers are pending. */ 689 usbd_abort_pipe(sc->data_rx_pipe); 690 691 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) 692 if (sc->rx_data[i].xfer != NULL) 693 usbd_free_xfer(sc->rx_data[i].xfer); 694 } 695 696 void 697 otus_next_scan(void *arg) 698 { 699 struct otus_softc *sc = arg; 700 701 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 702 ieee80211_next_scan(&sc->sc_ic.ic_if); 703 } 704 705 void 706 otus_task(void *arg) 707 { 708 struct otus_softc *sc = arg; 709 struct otus_host_cmd_ring *ring = &sc->cmdq; 710 struct otus_host_cmd *cmd; 711 int s; 712 713 /* Process host commands. */ 714 s = splusb(); 715 while (ring->next != ring->cur) { 716 cmd = &ring->cmd[ring->next]; 717 splx(s); 718 /* Callback. */ 719 cmd->cb(sc, cmd->data); 720 s = splusb(); 721 ring->queued--; 722 ring->next = (ring->next + 1) % OTUS_HOST_CMD_RING_COUNT; 723 } 724 wakeup(ring); 725 splx(s); 726 } 727 728 void 729 otus_do_async(struct otus_softc *sc, void (*cb)(struct otus_softc *, void *), 730 void *arg, int len) 731 { 732 struct otus_host_cmd_ring *ring = &sc->cmdq; 733 struct otus_host_cmd *cmd; 734 int s; 735 736 s = splusb(); 737 cmd = &ring->cmd[ring->cur]; 738 cmd->cb = cb; 739 KASSERT(len <= sizeof (cmd->data)); 740 memcpy(cmd->data, arg, len); 741 ring->cur = (ring->cur + 1) % OTUS_HOST_CMD_RING_COUNT; 742 743 /* If there is no pending command already, schedule a task. */ 744 if (++ring->queued == 1) 745 usb_add_task(sc->sc_udev, &sc->sc_task); 746 splx(s); 747 } 748 749 int 750 otus_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 751 { 752 struct otus_softc *sc = ic->ic_softc; 753 struct otus_cmd_newstate cmd; 754 755 /* Do it in a process context. */ 756 cmd.state = nstate; 757 cmd.arg = arg; 758 otus_do_async(sc, otus_newstate_cb, &cmd, sizeof cmd); 759 return 0; 760 } 761 762 void 763 otus_newstate_cb(struct otus_softc *sc, void *arg) 764 { 765 struct otus_cmd_newstate *cmd = arg; 766 struct ieee80211com *ic = &sc->sc_ic; 767 struct ieee80211_node *ni; 768 int s; 769 770 s = splnet(); 771 772 switch (cmd->state) { 773 case IEEE80211_S_INIT: 774 break; 775 776 case IEEE80211_S_SCAN: 777 (void)otus_set_chan(sc, ic->ic_bss->ni_chan); 778 timeout_add_msec(&sc->scan_to, 200); 779 break; 780 781 case IEEE80211_S_AUTH: 782 case IEEE80211_S_ASSOC: 783 (void)otus_set_chan(sc, ic->ic_bss->ni_chan); 784 break; 785 786 case IEEE80211_S_RUN: 787 (void)otus_set_chan(sc, ic->ic_bss->ni_chan); 788 789 ni = ic->ic_bss; 790 791 if (ic->ic_opmode == IEEE80211_M_STA) { 792 otus_updateslot(ic); 793 otus_set_bssid(sc, ni->ni_bssid); 794 795 /* Fake a join to init the Tx rate. */ 796 otus_newassoc(ic, ni, 1); 797 798 /* Start calibration timer. */ 799 timeout_add_sec(&sc->calib_to, 1); 800 } 801 break; 802 } 803 804 sc->sc_led_newstate(sc); 805 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 806 807 splx(s); 808 } 809 810 int 811 otus_cmd(struct otus_softc *sc, uint8_t code, const void *idata, int ilen, 812 void *odata) 813 { 814 struct otus_tx_cmd *cmd = &sc->tx_cmd; 815 struct ar_cmd_hdr *hdr; 816 int s, xferlen, error; 817 818 /* Always bulk-out a multiple of 4 bytes. */ 819 xferlen = (sizeof (*hdr) + ilen + 3) & ~3; 820 821 hdr = (struct ar_cmd_hdr *)cmd->buf; 822 hdr->code = code; 823 hdr->len = ilen; 824 hdr->token = ++cmd->token; /* Don't care about endianness. */ 825 memcpy((uint8_t *)&hdr[1], idata, ilen); 826 827 DPRINTFN(2, ("sending command code=0x%02x len=%d token=%d\n", 828 code, ilen, hdr->token)); 829 830 s = splusb(); 831 cmd->odata = odata; 832 cmd->done = 0; 833 834 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 835 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, OTUS_CMD_TIMEOUT, NULL); 836 error = usbd_sync_transfer(cmd->xfer); 837 if (error != 0) { 838 splx(s); 839 printf("%s: could not send command 0x%x (error=%s)\n", 840 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 841 return EIO; 842 } 843 if (!cmd->done) 844 error = tsleep(cmd, PCATCH, "otuscmd", hz); 845 cmd->odata = NULL; /* In case answer is received too late. */ 846 splx(s); 847 if (error != 0) { 848 printf("%s: timeout waiting for command 0x%02x reply\n", 849 sc->sc_dev.dv_xname, code); 850 } 851 return error; 852 } 853 854 void 855 otus_write(struct otus_softc *sc, uint32_t reg, uint32_t val) 856 { 857 sc->write_buf[sc->write_idx].reg = htole32(reg); 858 sc->write_buf[sc->write_idx].val = htole32(val); 859 860 if (++sc->write_idx > AR_MAX_WRITE_IDX) 861 (void)otus_write_barrier(sc); 862 } 863 864 int 865 otus_write_barrier(struct otus_softc *sc) 866 { 867 int error; 868 869 if (sc->write_idx == 0) 870 return 0; /* Nothing to flush. */ 871 872 error = otus_cmd(sc, AR_CMD_WREG, sc->write_buf, 873 sizeof (sc->write_buf[0]) * sc->write_idx, NULL); 874 sc->write_idx = 0; 875 return error; 876 } 877 878 struct ieee80211_node * 879 otus_node_alloc(struct ieee80211com *ic) 880 { 881 return malloc(sizeof (struct otus_node), M_DEVBUF, M_NOWAIT | M_ZERO); 882 } 883 884 int 885 otus_media_change(struct ifnet *ifp) 886 { 887 struct otus_softc *sc = ifp->if_softc; 888 struct ieee80211com *ic = &sc->sc_ic; 889 uint8_t rate, ridx; 890 int error; 891 892 error = ieee80211_media_change(ifp); 893 if (error != ENETRESET) 894 return error; 895 896 if (ic->ic_fixed_rate != -1) { 897 rate = ic->ic_sup_rates[ic->ic_curmode]. 898 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 899 for (ridx = 0; ridx <= OTUS_RIDX_MAX; ridx++) 900 if (otus_rates[ridx].rate == rate) 901 break; 902 sc->fixed_ridx = ridx; 903 } 904 905 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 906 error = otus_init(ifp); 907 908 return error; 909 } 910 911 int 912 otus_read_eeprom(struct otus_softc *sc) 913 { 914 uint32_t regs[8], reg; 915 uint8_t *eep; 916 int i, j, error; 917 918 /* Read EEPROM by blocks of 32 bytes. */ 919 eep = (uint8_t *)&sc->eeprom; 920 reg = AR_EEPROM_OFFSET; 921 for (i = 0; i < sizeof (sc->eeprom) / 32; i++) { 922 for (j = 0; j < 8; j++, reg += 4) 923 regs[j] = htole32(reg); 924 error = otus_cmd(sc, AR_CMD_RREG, regs, sizeof regs, eep); 925 if (error != 0) 926 break; 927 eep += 32; 928 } 929 return error; 930 } 931 932 void 933 otus_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 934 { 935 struct otus_softc *sc = ic->ic_softc; 936 struct otus_node *on = (void *)ni; 937 struct ieee80211_rateset *rs = &ni->ni_rates; 938 uint8_t rate; 939 int ridx, i; 940 941 DPRINTF(("new assoc isnew=%d addr=%s\n", 942 isnew, ether_sprintf(ni->ni_macaddr))); 943 944 ieee80211_amrr_node_init(&sc->amrr, &on->amn); 945 /* Start at lowest available bit-rate, AMRR will raise. */ 946 ni->ni_txrate = 0; 947 948 for (i = 0; i < rs->rs_nrates; i++) { 949 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 950 /* Convert 802.11 rate to hardware rate index. */ 951 for (ridx = 0; ridx <= OTUS_RIDX_MAX; ridx++) 952 if (otus_rates[ridx].rate == rate) 953 break; 954 on->ridx[i] = ridx; 955 DPRINTF(("rate=0x%02x ridx=%d\n", 956 rs->rs_rates[i], on->ridx[i])); 957 } 958 } 959 960 /* ARGSUSED */ 961 void 962 otus_intr(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 963 { 964 #if 0 965 struct otus_softc *sc = priv; 966 int len; 967 968 /* 969 * The Rx intr pipe is unused with current firmware. Notifications 970 * and replies to commands are sent through the Rx bulk pipe instead 971 * (with a magic PLCP header.) 972 */ 973 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 974 DPRINTF(("intr status=%d\n", status)); 975 if (status == USBD_STALLED) 976 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 977 return; 978 } 979 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 980 981 otus_cmd_rxeof(sc, sc->ibuf, len); 982 #endif 983 } 984 985 void 986 otus_cmd_rxeof(struct otus_softc *sc, uint8_t *buf, int len) 987 { 988 struct ieee80211com *ic = &sc->sc_ic; 989 struct otus_tx_cmd *cmd; 990 struct ar_cmd_hdr *hdr; 991 int s; 992 993 if (__predict_false(len < sizeof (*hdr))) { 994 DPRINTF(("cmd too small %d\n", len)); 995 return; 996 } 997 hdr = (struct ar_cmd_hdr *)buf; 998 if (__predict_false(sizeof (*hdr) + hdr->len > len || 999 sizeof (*hdr) + hdr->len > 64)) { 1000 DPRINTF(("cmd too large %d\n", hdr->len)); 1001 return; 1002 } 1003 1004 if ((hdr->code & 0xc0) != 0xc0) { 1005 DPRINTFN(2, ("received reply code=0x%02x len=%d token=%d\n", 1006 hdr->code, hdr->len, hdr->token)); 1007 cmd = &sc->tx_cmd; 1008 if (__predict_false(hdr->token != cmd->token)) 1009 return; 1010 /* Copy answer into caller's supplied buffer. */ 1011 if (cmd->odata != NULL) 1012 memcpy(cmd->odata, &hdr[1], hdr->len); 1013 cmd->done = 1; 1014 wakeup(cmd); 1015 return; 1016 } 1017 1018 /* Received unsolicited notification. */ 1019 DPRINTF(("received notification code=0x%02x len=%d\n", 1020 hdr->code, hdr->len)); 1021 switch (hdr->code & 0x3f) { 1022 case AR_EVT_BEACON: 1023 break; 1024 case AR_EVT_TX_COMP: 1025 { 1026 struct ar_evt_tx_comp *tx = (struct ar_evt_tx_comp *)&hdr[1]; 1027 struct ieee80211_node *ni; 1028 struct otus_node *on; 1029 1030 DPRINTF(("tx completed %s status=%d phy=0x%x\n", 1031 ether_sprintf(tx->macaddr), letoh16(tx->status), 1032 letoh32(tx->phy))); 1033 s = splnet(); 1034 #ifdef notyet 1035 #ifndef IEEE80211_STA_ONLY 1036 if (ic->ic_opmode != IEEE80211_M_STA) { 1037 ni = ieee80211_find_node(ic, tx->macaddr); 1038 if (__predict_false(ni == NULL)) { 1039 splx(s); 1040 break; 1041 } 1042 } else 1043 #endif 1044 #endif 1045 ni = ic->ic_bss; 1046 /* Update rate control statistics. */ 1047 on = (void *)ni; 1048 /* NB: we do not set the TX_MAC_RATE_PROBING flag. */ 1049 if (__predict_true(tx->status != 0)) 1050 on->amn.amn_retrycnt++; 1051 splx(s); 1052 break; 1053 } 1054 case AR_EVT_TBTT: 1055 break; 1056 } 1057 } 1058 1059 void 1060 otus_sub_rxeof(struct otus_softc *sc, uint8_t *buf, int len) 1061 { 1062 struct ieee80211com *ic = &sc->sc_ic; 1063 struct ifnet *ifp = &ic->ic_if; 1064 struct ieee80211_rxinfo rxi; 1065 struct ieee80211_node *ni; 1066 struct ar_rx_tail *tail; 1067 struct ieee80211_frame *wh; 1068 struct mbuf *m; 1069 uint8_t *plcp; 1070 int s, mlen, align; 1071 1072 if (__predict_false(len < AR_PLCP_HDR_LEN)) { 1073 DPRINTF(("sub-xfer too short %d\n", len)); 1074 return; 1075 } 1076 plcp = buf; 1077 1078 /* All bits in the PLCP header are set to 1 for non-MPDU. */ 1079 if (memcmp(plcp, AR_PLCP_HDR_INTR, AR_PLCP_HDR_LEN) == 0) { 1080 otus_cmd_rxeof(sc, plcp + AR_PLCP_HDR_LEN, 1081 len - AR_PLCP_HDR_LEN); 1082 return; 1083 } 1084 1085 /* Received MPDU. */ 1086 if (__predict_false(len < AR_PLCP_HDR_LEN + sizeof (*tail))) { 1087 DPRINTF(("MPDU too short %d\n", len)); 1088 ifp->if_ierrors++; 1089 return; 1090 } 1091 tail = (struct ar_rx_tail *)(plcp + len - sizeof (*tail)); 1092 1093 /* Discard error frames. */ 1094 if (__predict_false(tail->error != 0)) { 1095 DPRINTF(("error frame 0x%02x\n", tail->error)); 1096 if (tail->error & AR_RX_ERROR_FCS) { 1097 DPRINTFN(3, ("bad FCS\n")); 1098 } else if (tail->error & AR_RX_ERROR_MMIC) { 1099 /* Report Michael MIC failures to net80211. */ 1100 ic->ic_stats.is_rx_locmicfail++; 1101 ieee80211_michael_mic_failure(ic, 0); 1102 } 1103 ifp->if_ierrors++; 1104 return; 1105 } 1106 /* Compute MPDU's length. */ 1107 mlen = len - AR_PLCP_HDR_LEN - sizeof (*tail); 1108 /* Make sure there's room for an 802.11 header + FCS. */ 1109 if (__predict_false(mlen < IEEE80211_MIN_LEN)) { 1110 ifp->if_ierrors++; 1111 return; 1112 } 1113 mlen -= IEEE80211_CRC_LEN; /* strip 802.11 FCS */ 1114 1115 wh = (struct ieee80211_frame *)(plcp + AR_PLCP_HDR_LEN); 1116 /* Provide a 32-bit aligned protocol header to the stack. */ 1117 align = (ieee80211_has_qos(wh) ^ ieee80211_has_addr4(wh)) ? 2 : 0; 1118 1119 MGETHDR(m, M_DONTWAIT, MT_DATA); 1120 if (__predict_false(m == NULL)) { 1121 ifp->if_ierrors++; 1122 return; 1123 } 1124 if (align + mlen > MHLEN) { 1125 MCLGET(m, M_DONTWAIT); 1126 if (__predict_false(!(m->m_flags & M_EXT))) { 1127 ifp->if_ierrors++; 1128 m_freem(m); 1129 return; 1130 } 1131 } 1132 /* Finalize mbuf. */ 1133 m->m_pkthdr.rcvif = ifp; 1134 m->m_data += align; 1135 memcpy(mtod(m, caddr_t), wh, mlen); 1136 m->m_pkthdr.len = m->m_len = mlen; 1137 1138 #if NBPFILTER > 0 1139 if (__predict_false(sc->sc_drvbpf != NULL)) { 1140 struct otus_rx_radiotap_header *tap = &sc->sc_rxtap; 1141 struct mbuf mb; 1142 1143 tap->wr_flags = 0; 1144 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1145 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1146 tap->wr_antsignal = tail->rssi; 1147 tap->wr_rate = 2; /* In case it can't be found below. */ 1148 switch (tail->status & AR_RX_STATUS_MT_MASK) { 1149 case AR_RX_STATUS_MT_CCK: 1150 switch (plcp[0]) { 1151 case 10: tap->wr_rate = 2; break; 1152 case 20: tap->wr_rate = 4; break; 1153 case 55: tap->wr_rate = 11; break; 1154 case 110: tap->wr_rate = 22; break; 1155 } 1156 if (tail->status & AR_RX_STATUS_SHPREAMBLE) 1157 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1158 break; 1159 case AR_RX_STATUS_MT_OFDM: 1160 switch (plcp[0] & 0xf) { 1161 case 0xb: tap->wr_rate = 12; break; 1162 case 0xf: tap->wr_rate = 18; break; 1163 case 0xa: tap->wr_rate = 24; break; 1164 case 0xe: tap->wr_rate = 36; break; 1165 case 0x9: tap->wr_rate = 48; break; 1166 case 0xd: tap->wr_rate = 72; break; 1167 case 0x8: tap->wr_rate = 96; break; 1168 case 0xc: tap->wr_rate = 108; break; 1169 } 1170 break; 1171 } 1172 mb.m_data = (caddr_t)tap; 1173 mb.m_len = sc->sc_rxtap_len; 1174 mb.m_next = m; 1175 mb.m_nextpkt = NULL; 1176 mb.m_type = 0; 1177 mb.m_flags = 0; 1178 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1179 } 1180 #endif 1181 1182 s = splnet(); 1183 ni = ieee80211_find_rxnode(ic, wh); 1184 rxi.rxi_flags = 0; 1185 rxi.rxi_rssi = tail->rssi; 1186 rxi.rxi_tstamp = 0; /* unused */ 1187 ieee80211_input(ifp, m, ni, &rxi); 1188 1189 /* Node is no longer needed. */ 1190 ieee80211_release_node(ic, ni); 1191 splx(s); 1192 } 1193 1194 void 1195 otus_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 1196 { 1197 struct otus_rx_data *data = priv; 1198 struct otus_softc *sc = data->sc; 1199 caddr_t buf = data->buf; 1200 struct ar_rx_head *head; 1201 uint16_t hlen; 1202 int len; 1203 1204 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 1205 DPRINTF(("RX status=%d\n", status)); 1206 if (status == USBD_STALLED) 1207 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1208 if (status != USBD_CANCELLED) 1209 goto resubmit; 1210 return; 1211 } 1212 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1213 1214 while (len >= sizeof (*head)) { 1215 head = (struct ar_rx_head *)buf; 1216 if (__predict_false(head->tag != htole16(AR_RX_HEAD_TAG))) { 1217 DPRINTF(("tag not valid 0x%x\n", letoh16(head->tag))); 1218 break; 1219 } 1220 hlen = letoh16(head->len); 1221 if (__predict_false(sizeof (*head) + hlen > len)) { 1222 DPRINTF(("xfer too short %d/%d\n", len, hlen)); 1223 break; 1224 } 1225 /* Process sub-xfer. */ 1226 otus_sub_rxeof(sc, (uint8_t *)&head[1], hlen); 1227 1228 /* Next sub-xfer is aligned on a 32-bit boundary. */ 1229 hlen = (sizeof (*head) + hlen + 3) & ~3; 1230 buf += hlen; 1231 len -= hlen; 1232 } 1233 1234 resubmit: 1235 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, OTUS_RXBUFSZ, 1236 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, otus_rxeof); 1237 (void)usbd_transfer(data->xfer); 1238 } 1239 1240 void 1241 otus_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 1242 { 1243 struct otus_tx_data *data = priv; 1244 struct otus_softc *sc = data->sc; 1245 struct ieee80211com *ic = &sc->sc_ic; 1246 struct ifnet *ifp = &ic->ic_if; 1247 int s; 1248 1249 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 1250 DPRINTF(("TX status=%d\n", status)); 1251 if (status == USBD_STALLED) 1252 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1253 ifp->if_oerrors++; 1254 return; 1255 } 1256 s = splnet(); 1257 sc->tx_queued--; 1258 sc->sc_tx_timer = 0; 1259 ifp->if_flags &= ~IFF_OACTIVE; 1260 otus_start(ifp); 1261 splx(s); 1262 } 1263 1264 int 1265 otus_tx(struct otus_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 1266 { 1267 struct ieee80211com *ic = &sc->sc_ic; 1268 struct otus_node *on = (void *)ni; 1269 struct otus_tx_data *data; 1270 struct ieee80211_frame *wh; 1271 struct ieee80211_key *k; 1272 struct ar_tx_head *head; 1273 uint32_t phyctl; 1274 uint16_t macctl, qos; 1275 uint8_t tid, qid; 1276 int error, ridx, hasqos, xferlen; 1277 1278 wh = mtod(m, struct ieee80211_frame *); 1279 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1280 k = ieee80211_get_txkey(ic, wh, ni); 1281 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) 1282 return ENOBUFS; 1283 wh = mtod(m, struct ieee80211_frame *); 1284 } 1285 1286 if ((hasqos = ieee80211_has_qos(wh))) { 1287 qos = ieee80211_get_qos(wh); 1288 tid = qos & IEEE80211_QOS_TID; 1289 qid = ieee80211_up_to_ac(ic, tid); 1290 } else 1291 qid = EDCA_AC_BE; 1292 1293 /* Pickup a rate index. */ 1294 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 1295 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_DATA) 1296 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 1297 OTUS_RIDX_OFDM6 : OTUS_RIDX_CCK1; 1298 else if (ic->ic_fixed_rate != -1) 1299 ridx = sc->fixed_ridx; 1300 else 1301 ridx = on->ridx[ni->ni_txrate]; 1302 1303 phyctl = 0; 1304 macctl = AR_TX_MAC_BACKOFF | AR_TX_MAC_HW_DUR | AR_TX_MAC_QID(qid); 1305 1306 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 1307 (hasqos && ((qos & IEEE80211_QOS_ACK_POLICY_MASK) == 1308 IEEE80211_QOS_ACK_POLICY_NOACK))) 1309 macctl |= AR_TX_MAC_NOACK; 1310 1311 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1312 if (m->m_pkthdr.len + IEEE80211_CRC_LEN >= ic->ic_rtsthreshold) 1313 macctl |= AR_TX_MAC_RTS; 1314 else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 1315 ridx >= OTUS_RIDX_OFDM6) { 1316 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 1317 macctl |= AR_TX_MAC_CTS; 1318 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 1319 macctl |= AR_TX_MAC_RTS; 1320 } 1321 } 1322 1323 phyctl |= AR_TX_PHY_MCS(otus_rates[ridx].mcs); 1324 if (ridx >= OTUS_RIDX_OFDM6) { 1325 phyctl |= AR_TX_PHY_MT_OFDM; 1326 if (ridx <= OTUS_RIDX_OFDM24) 1327 phyctl |= AR_TX_PHY_ANTMSK(sc->txmask); 1328 else 1329 phyctl |= AR_TX_PHY_ANTMSK(1); 1330 } else { /* CCK */ 1331 phyctl |= AR_TX_PHY_MT_CCK; 1332 phyctl |= AR_TX_PHY_ANTMSK(sc->txmask); 1333 } 1334 1335 /* Update rate control stats for frames that are ACK'ed. */ 1336 if (!(macctl & AR_TX_MAC_NOACK)) 1337 ((struct otus_node *)ni)->amn.amn_txcnt++; 1338 1339 data = &sc->tx_data[sc->tx_cur]; 1340 /* Fill Tx descriptor. */ 1341 head = (struct ar_tx_head *)data->buf; 1342 head->len = htole16(m->m_pkthdr.len + IEEE80211_CRC_LEN); 1343 head->macctl = htole16(macctl); 1344 head->phyctl = htole32(phyctl); 1345 1346 #if NBPFILTER > 0 1347 if (__predict_false(sc->sc_drvbpf != NULL)) { 1348 struct otus_tx_radiotap_header *tap = &sc->sc_txtap; 1349 struct mbuf mb; 1350 1351 tap->wt_flags = 0; 1352 tap->wt_rate = otus_rates[ridx].rate; 1353 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1354 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1355 1356 mb.m_data = (caddr_t)tap; 1357 mb.m_len = sc->sc_txtap_len; 1358 mb.m_next = m; 1359 mb.m_nextpkt = NULL; 1360 mb.m_type = 0; 1361 mb.m_flags = 0; 1362 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1363 } 1364 #endif 1365 1366 xferlen = sizeof (*head) + m->m_pkthdr.len; 1367 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&head[1]); 1368 m_freem(m); 1369 ieee80211_release_node(ic, ni); 1370 1371 DPRINTFN(5, ("tx queued=%d len=%d mac=0x%04x phy=0x%08x rate=%d\n", 1372 sc->tx_queued, head->len, head->macctl, head->phyctl, 1373 otus_rates[ridx].rate)); 1374 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1375 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, OTUS_TX_TIMEOUT, otus_txeof); 1376 error = usbd_transfer(data->xfer); 1377 if (__predict_false(error != USBD_IN_PROGRESS && error != 0)) 1378 return error; 1379 1380 sc->tx_queued++; 1381 sc->tx_cur = (sc->tx_cur + 1) % OTUS_TX_DATA_LIST_COUNT; 1382 1383 return 0; 1384 } 1385 1386 void 1387 otus_start(struct ifnet *ifp) 1388 { 1389 struct otus_softc *sc = ifp->if_softc; 1390 struct ieee80211com *ic = &sc->sc_ic; 1391 struct ieee80211_node *ni; 1392 struct mbuf *m; 1393 1394 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1395 return; 1396 1397 for (;;) { 1398 if (sc->tx_queued >= OTUS_TX_DATA_LIST_COUNT) { 1399 ifp->if_flags |= IFF_OACTIVE; 1400 break; 1401 } 1402 /* Send pending management frames first. */ 1403 IF_DEQUEUE(&ic->ic_mgtq, m); 1404 if (m != NULL) { 1405 ni = (void *)m->m_pkthdr.rcvif; 1406 goto sendit; 1407 } 1408 if (ic->ic_state != IEEE80211_S_RUN) 1409 break; 1410 1411 /* Encapsulate and send data frames. */ 1412 IFQ_DEQUEUE(&ifp->if_snd, m); 1413 if (m == NULL) 1414 break; 1415 #if NBPFILTER > 0 1416 if (ifp->if_bpf != NULL) 1417 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 1418 #endif 1419 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) 1420 continue; 1421 sendit: 1422 #if NBPFILTER > 0 1423 if (ic->ic_rawbpf != NULL) 1424 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 1425 #endif 1426 if (otus_tx(sc, m, ni) != 0) { 1427 ieee80211_release_node(ic, ni); 1428 ifp->if_oerrors++; 1429 continue; 1430 } 1431 1432 sc->sc_tx_timer = 5; 1433 ifp->if_timer = 1; 1434 } 1435 } 1436 1437 void 1438 otus_watchdog(struct ifnet *ifp) 1439 { 1440 struct otus_softc *sc = ifp->if_softc; 1441 1442 ifp->if_timer = 0; 1443 1444 if (sc->sc_tx_timer > 0) { 1445 if (--sc->sc_tx_timer == 0) { 1446 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1447 /* otus_init(ifp); XXX needs a process context! */ 1448 ifp->if_oerrors++; 1449 return; 1450 } 1451 ifp->if_timer = 1; 1452 } 1453 ieee80211_watchdog(ifp); 1454 } 1455 1456 int 1457 otus_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1458 { 1459 struct otus_softc *sc = ifp->if_softc; 1460 struct ieee80211com *ic = &sc->sc_ic; 1461 struct ifaddr *ifa; 1462 struct ifreq *ifr; 1463 int s, error = 0; 1464 1465 s = splnet(); 1466 1467 switch (cmd) { 1468 case SIOCSIFADDR: 1469 ifa = (struct ifaddr *)data; 1470 ifp->if_flags |= IFF_UP; 1471 #ifdef INET 1472 if (ifa->ifa_addr->sa_family == AF_INET) 1473 arp_ifinit(&ic->ic_ac, ifa); 1474 #endif 1475 /* FALLTHROUGH */ 1476 case SIOCSIFFLAGS: 1477 if (ifp->if_flags & IFF_UP) { 1478 if ((ifp->if_flags & IFF_RUNNING) && 1479 ((ifp->if_flags ^ sc->sc_if_flags) & 1480 (IFF_ALLMULTI | IFF_PROMISC)) != 0) { 1481 otus_set_multi(sc); 1482 } else if (!(ifp->if_flags & IFF_RUNNING)) 1483 otus_init(ifp); 1484 1485 } else if (ifp->if_flags & IFF_RUNNING) 1486 otus_stop(ifp); 1487 1488 sc->sc_if_flags = ifp->if_flags; 1489 break; 1490 case SIOCADDMULTI: 1491 case SIOCDELMULTI: 1492 ifr = (struct ifreq *)data; 1493 error = (cmd == SIOCADDMULTI) ? 1494 ether_addmulti(ifr, &ic->ic_ac) : 1495 ether_delmulti(ifr, &ic->ic_ac); 1496 if (error == ENETRESET) 1497 error = 0; 1498 break; 1499 case SIOCS80211CHANNEL: 1500 error = ieee80211_ioctl(ifp, cmd, data); 1501 if (error == ENETRESET && 1502 ic->ic_opmode == IEEE80211_M_MONITOR) { 1503 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1504 (IFF_UP | IFF_RUNNING)) 1505 otus_set_chan(sc, ic->ic_ibss_chan); 1506 error = 0; 1507 } 1508 break; 1509 default: 1510 error = ieee80211_ioctl(ifp, cmd, data); 1511 } 1512 1513 if (error == ENETRESET) { 1514 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1515 (IFF_UP | IFF_RUNNING)) 1516 otus_init(ifp); 1517 error = 0; 1518 } 1519 1520 splx(s); 1521 return error; 1522 } 1523 1524 int 1525 otus_set_multi(struct otus_softc *sc) 1526 { 1527 struct arpcom *ac = &sc->sc_ic.ic_ac; 1528 struct ifnet *ifp = &ac->ac_if; 1529 struct ether_multi *enm; 1530 struct ether_multistep step; 1531 uint32_t lo, hi; 1532 uint8_t bit; 1533 1534 if ((ifp->if_flags & (IFF_ALLMULTI | IFF_PROMISC)) != 0) { 1535 lo = hi = 0xffffffff; 1536 goto done; 1537 } 1538 lo = hi = 0; 1539 ETHER_FIRST_MULTI(step, ac, enm); 1540 while (enm != NULL) { 1541 if (bcmp(enm->enm_addrlo, enm->enm_addrhi, ETHER_ADDR_LEN)) { 1542 ifp->if_flags |= IFF_ALLMULTI; 1543 lo = hi = 0xffffffff; 1544 goto done; 1545 } 1546 bit = enm->enm_addrlo[5] >> 2; 1547 if (bit < 32) 1548 lo |= 1 << bit; 1549 else 1550 hi |= 1 << (bit - 32); 1551 ETHER_NEXT_MULTI(step, enm); 1552 } 1553 done: 1554 hi |= 1 << 31; /* Make sure the broadcast bit is set. */ 1555 otus_write(sc, AR_MAC_REG_GROUP_HASH_TBL_L, lo); 1556 otus_write(sc, AR_MAC_REG_GROUP_HASH_TBL_H, hi); 1557 return otus_write_barrier(sc); 1558 } 1559 1560 void 1561 otus_updateedca(struct ieee80211com *ic) 1562 { 1563 /* Do it in a process context. */ 1564 otus_do_async(ic->ic_softc, otus_updateedca_cb, NULL, 0); 1565 } 1566 1567 /* ARGSUSED */ 1568 void 1569 otus_updateedca_cb(struct otus_softc *sc, void *arg) 1570 { 1571 #define EXP2(val) ((1 << (val)) - 1) 1572 #define AIFS(val) ((val) * 9 + 10) 1573 struct ieee80211com *ic = &sc->sc_ic; 1574 const struct ieee80211_edca_ac_params *edca; 1575 int s; 1576 1577 s = splnet(); 1578 1579 edca = (ic->ic_flags & IEEE80211_F_QOS) ? 1580 ic->ic_edca_ac : otus_edca_def; 1581 1582 /* Set CWmin/CWmax values. */ 1583 otus_write(sc, AR_MAC_REG_AC0_CW, 1584 EXP2(edca[EDCA_AC_BE].ac_ecwmax) << 16 | 1585 EXP2(edca[EDCA_AC_BE].ac_ecwmin)); 1586 otus_write(sc, AR_MAC_REG_AC1_CW, 1587 EXP2(edca[EDCA_AC_BK].ac_ecwmax) << 16 | 1588 EXP2(edca[EDCA_AC_BK].ac_ecwmin)); 1589 otus_write(sc, AR_MAC_REG_AC2_CW, 1590 EXP2(edca[EDCA_AC_VI].ac_ecwmax) << 16 | 1591 EXP2(edca[EDCA_AC_VI].ac_ecwmin)); 1592 otus_write(sc, AR_MAC_REG_AC3_CW, 1593 EXP2(edca[EDCA_AC_VO].ac_ecwmax) << 16 | 1594 EXP2(edca[EDCA_AC_VO].ac_ecwmin)); 1595 otus_write(sc, AR_MAC_REG_AC4_CW, /* Special TXQ. */ 1596 EXP2(edca[EDCA_AC_VO].ac_ecwmax) << 16 | 1597 EXP2(edca[EDCA_AC_VO].ac_ecwmin)); 1598 1599 /* Set AIFSN values. */ 1600 otus_write(sc, AR_MAC_REG_AC1_AC0_AIFS, 1601 AIFS(edca[EDCA_AC_VI].ac_aifsn) << 24 | 1602 AIFS(edca[EDCA_AC_BK].ac_aifsn) << 12 | 1603 AIFS(edca[EDCA_AC_BE].ac_aifsn)); 1604 otus_write(sc, AR_MAC_REG_AC3_AC2_AIFS, 1605 AIFS(edca[EDCA_AC_VO].ac_aifsn) << 16 | /* Special TXQ. */ 1606 AIFS(edca[EDCA_AC_VO].ac_aifsn) << 4 | 1607 AIFS(edca[EDCA_AC_VI].ac_aifsn) >> 8); 1608 1609 /* Set TXOP limit. */ 1610 otus_write(sc, AR_MAC_REG_AC1_AC0_TXOP, 1611 edca[EDCA_AC_BK].ac_txoplimit << 16 | 1612 edca[EDCA_AC_BE].ac_txoplimit); 1613 otus_write(sc, AR_MAC_REG_AC3_AC2_TXOP, 1614 edca[EDCA_AC_VO].ac_txoplimit << 16 | 1615 edca[EDCA_AC_VI].ac_txoplimit); 1616 1617 splx(s); 1618 1619 (void)otus_write_barrier(sc); 1620 #undef AIFS 1621 #undef EXP2 1622 } 1623 1624 void 1625 otus_updateslot(struct ieee80211com *ic) 1626 { 1627 /* Do it in a process context. */ 1628 otus_do_async(ic->ic_softc, otus_updateslot_cb, NULL, 0); 1629 } 1630 1631 /* ARGSUSED */ 1632 void 1633 otus_updateslot_cb(struct otus_softc *sc, void *arg) 1634 { 1635 uint32_t slottime; 1636 1637 slottime = (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 1638 otus_write(sc, AR_MAC_REG_SLOT_TIME, slottime << 10); 1639 (void)otus_write_barrier(sc); 1640 } 1641 1642 int 1643 otus_init_mac(struct otus_softc *sc) 1644 { 1645 int error; 1646 1647 otus_write(sc, AR_MAC_REG_ACK_EXTENSION, 0x40); 1648 otus_write(sc, AR_MAC_REG_RETRY_MAX, 0); 1649 otus_write(sc, AR_MAC_REG_SNIFFER, 0x2000000); 1650 otus_write(sc, AR_MAC_REG_RX_THRESHOLD, 0xc1f80); 1651 otus_write(sc, AR_MAC_REG_RX_PE_DELAY, 0x70); 1652 otus_write(sc, AR_MAC_REG_EIFS_AND_SIFS, 0xa144000); 1653 otus_write(sc, AR_MAC_REG_SLOT_TIME, 9 << 10); 1654 otus_write(sc, 0x1c3b2c, 0x19000000); 1655 /* NAV protects ACK only (in TXOP). */ 1656 otus_write(sc, 0x1c3b38, 0x201); 1657 /* Set beacon Tx power to 0x7. */ 1658 otus_write(sc, AR_MAC_REG_BCN_HT1, 0x8000170); 1659 otus_write(sc, AR_MAC_REG_BACKOFF_PROTECT, 0x105); 1660 otus_write(sc, 0x1c3b9c, 0x10000a); 1661 /* Filter any control frames, BAR is bit 24. */ 1662 otus_write(sc, 0x1c368c, 0x0500ffff); 1663 otus_write(sc, 0x1c3c40, 0x1); 1664 otus_write(sc, AR_MAC_REG_BASIC_RATE, 0x150f); 1665 otus_write(sc, AR_MAC_REG_MANDATORY_RATE, 0x150f); 1666 otus_write(sc, AR_MAC_REG_RTS_CTS_RATE, 0x10b01bb); 1667 otus_write(sc, 0x1c3694, 0x4003c1e); 1668 /* Enable LED0 and LED1. */ 1669 otus_write(sc, 0x1d0100, 0x3); 1670 otus_write(sc, 0x1d0104, 0x3); 1671 /* Switch MAC to OTUS interface. */ 1672 otus_write(sc, 0x1c3600, 0x3); 1673 otus_write(sc, 0x1c3c50, 0xffff); 1674 otus_write(sc, 0x1c3680, 0xf00008); 1675 /* Disable Rx timeout (workaround). */ 1676 otus_write(sc, 0x1c362c, 0); 1677 1678 /* Set USB Rx stream mode maximum frame number to 2. */ 1679 otus_write(sc, 0x1e1110, 0x4); 1680 /* Set USB Rx stream mode timeout to 10us. */ 1681 otus_write(sc, 0x1e1114, 0x80); 1682 1683 /* Set clock frequency to 88/80MHz. */ 1684 otus_write(sc, 0x1d4008, 0x73); 1685 /* Set WLAN DMA interrupt mode: generate intr per packet. */ 1686 otus_write(sc, 0x1c3d7c, 0x110011); 1687 otus_write(sc, 0x1c3bb0, 0x4); 1688 otus_write(sc, AR_MAC_REG_TXOP_NOT_ENOUGH_INDICATION, 0x141e0f48); 1689 1690 /* Disable HW decryption for now. */ 1691 otus_write(sc, 0x1c3678, 0x78); 1692 1693 if ((error = otus_write_barrier(sc)) != 0) 1694 return error; 1695 1696 /* Set default EDCA parameters. */ 1697 otus_updateedca_cb(sc, NULL); 1698 1699 return 0; 1700 } 1701 1702 /* 1703 * Return default value for PHY register based on current operating mode. 1704 */ 1705 uint32_t 1706 otus_phy_get_def(struct otus_softc *sc, uint32_t reg) 1707 { 1708 int i; 1709 1710 for (i = 0; i < nitems(ar5416_phy_regs); i++) 1711 if (AR_PHY(ar5416_phy_regs[i]) == reg) 1712 return sc->phy_vals[i]; 1713 return 0; /* Register not found. */ 1714 } 1715 1716 /* 1717 * Update PHY's programming based on vendor-specific data stored in EEPROM. 1718 * This is for FEM-type devices only. 1719 */ 1720 int 1721 otus_set_board_values(struct otus_softc *sc, struct ieee80211_channel *c) 1722 { 1723 const struct ModalEepHeader *eep; 1724 uint32_t tmp, offset; 1725 1726 if (IEEE80211_IS_CHAN_5GHZ(c)) 1727 eep = &sc->eeprom.modalHeader[0]; 1728 else 1729 eep = &sc->eeprom.modalHeader[1]; 1730 1731 /* Offset of chain 2. */ 1732 offset = 2 * 0x1000; 1733 1734 tmp = letoh32(eep->antCtrlCommon); 1735 otus_write(sc, AR_PHY_SWITCH_COM, tmp); 1736 1737 tmp = letoh32(eep->antCtrlChain[0]); 1738 otus_write(sc, AR_PHY_SWITCH_CHAIN_0, tmp); 1739 1740 tmp = letoh32(eep->antCtrlChain[1]); 1741 otus_write(sc, AR_PHY_SWITCH_CHAIN_0 + offset, tmp); 1742 1743 if (1 /* sc->sc_sco == AR_SCO_SCN */) { 1744 tmp = otus_phy_get_def(sc, AR_PHY_SETTLING); 1745 tmp &= ~(0x7f << 7); 1746 tmp |= (eep->switchSettling & 0x7f) << 7; 1747 otus_write(sc, AR_PHY_SETTLING, tmp); 1748 } 1749 1750 tmp = otus_phy_get_def(sc, AR_PHY_DESIRED_SZ); 1751 tmp &= ~0xffff; 1752 tmp |= eep->pgaDesiredSize << 8 | eep->adcDesiredSize; 1753 otus_write(sc, AR_PHY_DESIRED_SZ, tmp); 1754 1755 tmp = eep->txEndToXpaOff << 24 | eep->txEndToXpaOff << 16 | 1756 eep->txFrameToXpaOn << 8 | eep->txFrameToXpaOn; 1757 otus_write(sc, AR_PHY_RF_CTL4, tmp); 1758 1759 tmp = otus_phy_get_def(sc, AR_PHY_RF_CTL3); 1760 tmp &= ~(0xff << 16); 1761 tmp |= eep->txEndToRxOn << 16; 1762 otus_write(sc, AR_PHY_RF_CTL3, tmp); 1763 1764 tmp = otus_phy_get_def(sc, AR_PHY_CCA); 1765 tmp &= ~(0x7f << 12); 1766 tmp |= (eep->thresh62 & 0x7f) << 12; 1767 otus_write(sc, AR_PHY_CCA, tmp); 1768 1769 tmp = otus_phy_get_def(sc, AR_PHY_RXGAIN); 1770 tmp &= ~(0x3f << 12); 1771 tmp |= (eep->txRxAttenCh[0] & 0x3f) << 12; 1772 otus_write(sc, AR_PHY_RXGAIN, tmp); 1773 1774 tmp = otus_phy_get_def(sc, AR_PHY_RXGAIN + offset); 1775 tmp &= ~(0x3f << 12); 1776 tmp |= (eep->txRxAttenCh[1] & 0x3f) << 12; 1777 otus_write(sc, AR_PHY_RXGAIN + offset, tmp); 1778 1779 tmp = otus_phy_get_def(sc, AR_PHY_GAIN_2GHZ); 1780 tmp &= ~(0x3f << 18); 1781 tmp |= (eep->rxTxMarginCh[0] & 0x3f) << 18; 1782 if (IEEE80211_IS_CHAN_5GHZ(c)) { 1783 tmp &= ~(0xf << 10); 1784 tmp |= (eep->bswMargin[0] & 0xf) << 10; 1785 } 1786 otus_write(sc, AR_PHY_GAIN_2GHZ, tmp); 1787 1788 tmp = otus_phy_get_def(sc, AR_PHY_GAIN_2GHZ + offset); 1789 tmp &= ~(0x3f << 18); 1790 tmp |= (eep->rxTxMarginCh[1] & 0x3f) << 18; 1791 otus_write(sc, AR_PHY_GAIN_2GHZ + offset, tmp); 1792 1793 tmp = otus_phy_get_def(sc, AR_PHY_TIMING_CTRL4); 1794 tmp &= ~(0x3f << 5 | 0x1f); 1795 tmp |= (eep->iqCalICh[0] & 0x3f) << 5 | (eep->iqCalQCh[0] & 0x1f); 1796 otus_write(sc, AR_PHY_TIMING_CTRL4, tmp); 1797 1798 tmp = otus_phy_get_def(sc, AR_PHY_TIMING_CTRL4 + offset); 1799 tmp &= ~(0x3f << 5 | 0x1f); 1800 tmp |= (eep->iqCalICh[1] & 0x3f) << 5 | (eep->iqCalQCh[1] & 0x1f); 1801 otus_write(sc, AR_PHY_TIMING_CTRL4 + offset, tmp); 1802 1803 tmp = otus_phy_get_def(sc, AR_PHY_TPCRG1); 1804 tmp &= ~(0xf << 16); 1805 tmp |= (eep->xpd & 0xf) << 16; 1806 otus_write(sc, AR_PHY_TPCRG1, tmp); 1807 1808 return otus_write_barrier(sc); 1809 } 1810 1811 int 1812 otus_program_phy(struct otus_softc *sc, struct ieee80211_channel *c) 1813 { 1814 const uint32_t *vals; 1815 int error, i; 1816 1817 /* Select PHY programming based on band and bandwidth. */ 1818 if (IEEE80211_IS_CHAN_2GHZ(c)) 1819 vals = ar5416_phy_vals_2ghz_20mhz; 1820 else 1821 vals = ar5416_phy_vals_5ghz_20mhz; 1822 for (i = 0; i < nitems(ar5416_phy_regs); i++) 1823 otus_write(sc, AR_PHY(ar5416_phy_regs[i]), vals[i]); 1824 sc->phy_vals = vals; 1825 1826 if (sc->eeprom.baseEepHeader.deviceType == 0x80) /* FEM */ 1827 if ((error = otus_set_board_values(sc, c)) != 0) 1828 return error; 1829 1830 /* Initial Tx power settings. */ 1831 otus_write(sc, AR_PHY_POWER_TX_RATE_MAX, 0x7f); 1832 otus_write(sc, AR_PHY_POWER_TX_RATE1, 0x3f3f3f3f); 1833 otus_write(sc, AR_PHY_POWER_TX_RATE2, 0x3f3f3f3f); 1834 otus_write(sc, AR_PHY_POWER_TX_RATE3, 0x3f3f3f3f); 1835 otus_write(sc, AR_PHY_POWER_TX_RATE4, 0x3f3f3f3f); 1836 otus_write(sc, AR_PHY_POWER_TX_RATE5, 0x3f3f3f3f); 1837 otus_write(sc, AR_PHY_POWER_TX_RATE6, 0x3f3f3f3f); 1838 otus_write(sc, AR_PHY_POWER_TX_RATE7, 0x3f3f3f3f); 1839 otus_write(sc, AR_PHY_POWER_TX_RATE8, 0x3f3f3f3f); 1840 otus_write(sc, AR_PHY_POWER_TX_RATE9, 0x3f3f3f3f); 1841 1842 if (IEEE80211_IS_CHAN_2GHZ(c)) 1843 otus_write(sc, 0x1d4014, 0x5163); 1844 else 1845 otus_write(sc, 0x1d4014, 0x5143); 1846 1847 return otus_write_barrier(sc); 1848 } 1849 1850 static __inline uint8_t 1851 otus_reverse_bits(uint8_t v) 1852 { 1853 v = ((v >> 1) & 0x55) | ((v & 0x55) << 1); 1854 v = ((v >> 2) & 0x33) | ((v & 0x33) << 2); 1855 v = ((v >> 4) & 0x0f) | ((v & 0x0f) << 4); 1856 return v; 1857 } 1858 1859 void 1860 otus_get_delta_slope(uint32_t coeff, uint32_t *exponent, uint32_t *mantissa) 1861 { 1862 #define COEFF_SCALE_SHIFT 24 1863 uint32_t exp, man; 1864 1865 /* exponent = 14 - floor(log2(coeff)) */ 1866 for (exp = 31; exp > 0; exp--) 1867 if (coeff & (1 << exp)) 1868 break; 1869 KASSERT(exp != 0); 1870 exp = 14 - (exp - COEFF_SCALE_SHIFT); 1871 1872 /* mantissa = floor(coeff * 2^exponent + 0.5) */ 1873 man = coeff + (1 << (COEFF_SCALE_SHIFT - exp - 1)); 1874 1875 *mantissa = man >> (COEFF_SCALE_SHIFT - exp); 1876 *exponent = exp - 16; 1877 #undef COEFF_SCALE_SHIFT 1878 } 1879 1880 int 1881 otus_set_chan(struct otus_softc *sc, struct ieee80211_channel *c) 1882 { 1883 struct ieee80211com *ic = &sc->sc_ic; 1884 struct ar_cmd_frequency cmd; 1885 struct ar_rsp_frequency rsp; 1886 const uint32_t *vals; 1887 uint32_t coeff, exp, man, tmp; 1888 uint16_t data; 1889 uint8_t code, chansel, d0, d1; 1890 int error, chan, i; 1891 1892 chan = ieee80211_chan2ieee(ic, c); 1893 DPRINTF(("setting channel %d\n", chan)); 1894 1895 tmp = IEEE80211_IS_CHAN_2GHZ(c) ? 0x105 : 0x104; 1896 otus_write(sc, AR_MAC_REG_DYNAMIC_SIFS_ACK, tmp); 1897 (void)otus_write_barrier(sc); 1898 1899 /* Disable BB Heavy Clip. */ 1900 otus_write(sc, AR_PHY_HEAVY_CLIP_ENABLE, 0x200); 1901 (void)otus_write_barrier(sc); 1902 1903 error = otus_cmd(sc, AR_CMD_FREQ_STRAT, NULL, 0, NULL); 1904 if (error != 0) 1905 return error; 1906 1907 /* Reprogram PHY and RF on channel band or bandwidth changes. */ 1908 if (1 || c->ic_flags != sc->sc_curchan->ic_flags) { 1909 DPRINTF(("band switch\n")); 1910 1911 /* Reset BB/ADDA. */ 1912 otus_write(sc, 0x1d4004, 0x400); /* XXX cold/warm */ 1913 (void)otus_write_barrier(sc); 1914 otus_write(sc, 0x1d4004, 0); 1915 (void)otus_write_barrier(sc); 1916 1917 if ((error = otus_program_phy(sc, c)) != 0) { 1918 printf("%s: could not program PHY\n", 1919 sc->sc_dev.dv_xname); 1920 return error; 1921 } 1922 1923 /* Select RF programming based on band. */ 1924 if (IEEE80211_IS_CHAN_5GHZ(c)) 1925 vals = ar5416_banks_vals_5ghz; 1926 else 1927 vals = ar5416_banks_vals_2ghz; 1928 for (i = 0; i < nitems(ar5416_banks_regs); i++) 1929 otus_write(sc, AR_PHY(ar5416_banks_regs[i]), vals[i]); 1930 if ((error = otus_write_barrier(sc)) != 0) 1931 return error; 1932 1933 code = AR_CMD_RF_INIT; 1934 } else { 1935 code = AR_CMD_FREQUENCY; 1936 } 1937 1938 d0 = 0; 1939 if (IEEE80211_IS_CHAN_5GHZ(c)) { 1940 chansel = (c->ic_freq - 4800) / 5; 1941 if (chansel & 1) 1942 d0 |= AR_BANK4_AMODE_REFSEL(2); 1943 else 1944 d0 |= AR_BANK4_AMODE_REFSEL(1); 1945 } else { 1946 d0 |= AR_BANK4_AMODE_REFSEL(2); 1947 if (chan == 14) { 1948 d0 |= AR_BANK4_BMODE_LF_SYNTH_FREQ; 1949 chansel = 10 + (c->ic_freq - 2274) / 5; 1950 } else 1951 chansel = 16 + (c->ic_freq - 2272) / 5; 1952 chansel <<= 2; 1953 } 1954 d0 |= AR_BANK4_ADDR(1) | AR_BANK4_CHUP; 1955 d1 = otus_reverse_bits(chansel); 1956 1957 /* Write bits 0-4 of d0 and d1. */ 1958 data = (d1 & 0x1f) << 5 | (d0 & 0x1f); 1959 otus_write(sc, AR_PHY(44), data); 1960 /* Write bits 5-7 of d0 and d1. */ 1961 data = (d1 >> 5) << 5 | (d0 >> 5); 1962 otus_write(sc, AR_PHY(58), data); 1963 1964 if ((error = otus_write_barrier(sc)) != 0) 1965 return error; 1966 usbd_delay_ms(sc->sc_udev, 10); 1967 1968 tmp = (sc->txmask == 0x5) ? 0x340 : 0x240; 1969 otus_write(sc, AR_PHY_TURBO, tmp); 1970 (void)otus_write_barrier(sc); 1971 1972 /* Send firmware command to set channel. */ 1973 cmd.freq = htole32((uint32_t)c->ic_freq * 1000); 1974 cmd.dynht2040 = htole32(0); 1975 cmd.htena = htole32(1); 1976 /* Set Delta Slope (exponent and mantissa). */ 1977 coeff = (100 << 24) / c->ic_freq; 1978 otus_get_delta_slope(coeff, &exp, &man); 1979 cmd.delta_slope_coeff_exp = htole32(exp); 1980 cmd.delta_slope_coeff_man = htole32(man); 1981 DPRINTF(("delta slope exp=%u man=%u\n", exp, man)); 1982 /* For Short GI, coeff is 9/10 of normal coeff. */ 1983 coeff = (9 * coeff) / 10; 1984 otus_get_delta_slope(coeff, &exp, &man); 1985 cmd.delta_slope_coeff_exp_shgi = htole32(exp); 1986 cmd.delta_slope_coeff_man_shgi = htole32(man); 1987 DPRINTF(("delta slope shgi exp=%u man=%u\n", exp, man)); 1988 /* Set wait time for AGC and noise calibration (100ms). */ 1989 cmd.check_loop_count = htole32(1000); 1990 DPRINTF(("%s\n", (code == AR_CMD_RF_INIT) ? "RF_INIT" : "FREQUENCY")); 1991 error = otus_cmd(sc, code, &cmd, sizeof (cmd), &rsp); 1992 if (error != 0) 1993 return error; 1994 1995 DPRINTF(("status=0x%x\n", letoh32(rsp.status))); 1996 sc->sc_curchan = c; 1997 1998 return 0; 1999 } 2000 2001 #ifdef notyet 2002 int 2003 otus_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2004 struct ieee80211_key *k) 2005 { 2006 struct otus_softc *sc = ic->ic_softc; 2007 struct otus_cmd_key cmd; 2008 2009 /* Do it in a process context. */ 2010 cmd.key = *k; 2011 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 2012 otus_do_async(sc, otus_set_key_cb, &cmd, sizeof cmd); 2013 return 0; 2014 } 2015 2016 void 2017 otus_set_key_cb(struct otus_softc *sc, void *arg) 2018 { 2019 struct otus_cmd_key *cmd = arg; 2020 struct ieee80211_key *k = &cmd->key; 2021 struct ar_cmd_ekey key; 2022 uint16_t cipher; 2023 int error; 2024 2025 memset(&key, 0, sizeof key); 2026 if (k->k_flags & IEEE80211_KEY_GROUP) { 2027 key.uid = htole16(k->k_id); 2028 IEEE80211_ADDR_COPY(key.macaddr, sc->sc_ic.ic_myaddr); 2029 key.macaddr[0] |= 0x80; 2030 } else { 2031 key.uid = htole16(OTUS_UID(cmd->associd)); 2032 IEEE80211_ADDR_COPY(key.macaddr, ni->ni_macaddr); 2033 } 2034 key.kix = htole16(0); 2035 /* Map net80211 cipher to hardware. */ 2036 switch (k->k_cipher) { 2037 case IEEE80211_CIPHER_WEP40: 2038 cipher = AR_CIPHER_WEP64; 2039 break; 2040 case IEEE80211_CIPHER_WEP104: 2041 cipher = AR_CIPHER_WEP128; 2042 break; 2043 case IEEE80211_CIPHER_TKIP: 2044 cipher = AR_CIPHER_TKIP; 2045 break; 2046 case IEEE80211_CIPHER_CCMP: 2047 cipher = AR_CIPHER_AES; 2048 break; 2049 default: 2050 return; 2051 } 2052 key.cipher = htole16(cipher); 2053 memcpy(key.key, k->k_key, MIN(k->k_len, 16)); 2054 error = otus_cmd(sc, AR_CMD_EKEY, &key, sizeof key, NULL); 2055 if (error != 0 || k->k_cipher != IEEE80211_CIPHER_TKIP) 2056 return; 2057 2058 /* TKIP: set Tx/Rx MIC Key. */ 2059 key.kix = htole16(1); 2060 memcpy(key.key, k->k_key + 16, 16); 2061 (void)otus_cmd(sc, AR_CMD_EKEY, &key, sizeof key, NULL); 2062 } 2063 2064 void 2065 otus_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2066 struct ieee80211_key *k) 2067 { 2068 struct otus_softc *sc = ic->ic_softc; 2069 struct otus_cmd_key cmd; 2070 2071 if (!(ic->ic_if.if_flags & IFF_RUNNING) || 2072 ic->ic_state != IEEE80211_S_RUN) 2073 return; /* Nothing to do. */ 2074 2075 /* Do it in a process context. */ 2076 cmd.key = *k; 2077 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 2078 otus_do_async(sc, otus_delete_key_cb, &cmd, sizeof cmd); 2079 } 2080 2081 void 2082 otus_delete_key_cb(struct otus_softc *sc, void *arg) 2083 { 2084 struct otus_cmd_key *cmd = arg; 2085 struct ieee80211_key *k = &cmd->key; 2086 uint32_t uid; 2087 2088 if (k->k_flags & IEEE80211_KEY_GROUP) 2089 uid = htole32(k->k_id); 2090 else 2091 uid = htole32(OTUS_UID(cmd->associd)); 2092 (void)otus_cmd(sc, AR_CMD_DKEY, &uid, sizeof uid, NULL); 2093 } 2094 #endif 2095 2096 void 2097 otus_calibrate_to(void *arg) 2098 { 2099 struct otus_softc *sc = arg; 2100 struct ieee80211com *ic = &sc->sc_ic; 2101 struct ieee80211_node *ni; 2102 int s; 2103 2104 s = splnet(); 2105 ni = ic->ic_bss; 2106 ieee80211_amrr_choose(&sc->amrr, ni, &((struct otus_node *)ni)->amn); 2107 splx(s); 2108 2109 timeout_add_sec(&sc->calib_to, 1); 2110 } 2111 2112 int 2113 otus_set_bssid(struct otus_softc *sc, const uint8_t *bssid) 2114 { 2115 otus_write(sc, 0x1c3618, 2116 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 2117 otus_write(sc, 0x1c361c, 2118 bssid[4] | bssid[5] << 8); 2119 return otus_write_barrier(sc); 2120 } 2121 2122 int 2123 otus_set_macaddr(struct otus_softc *sc, const uint8_t *addr) 2124 { 2125 otus_write(sc, AR_MAC_REG_MAC_ADDR_L, 2126 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 2127 otus_write(sc, AR_MAC_REG_MAC_ADDR_H, 2128 addr[4] | addr[5] << 8); 2129 return otus_write_barrier(sc); 2130 } 2131 2132 /* Default single-LED. */ 2133 void 2134 otus_led_newstate_type1(struct otus_softc *sc) 2135 { 2136 /* TBD */ 2137 } 2138 2139 /* NETGEAR, dual-LED. */ 2140 void 2141 otus_led_newstate_type2(struct otus_softc *sc) 2142 { 2143 /* TBD */ 2144 } 2145 2146 /* NETGEAR, single-LED/3 colors (blue, red, purple.) */ 2147 void 2148 otus_led_newstate_type3(struct otus_softc *sc) 2149 { 2150 struct ieee80211com *ic = &sc->sc_ic; 2151 uint32_t state = sc->led_state; 2152 2153 if (ic->ic_state == IEEE80211_S_INIT) { 2154 state = 0; /* LED off. */ 2155 } else if (ic->ic_state == IEEE80211_S_RUN) { 2156 /* Associated, LED always on. */ 2157 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) 2158 state = AR_LED0_ON; /* 2GHz=>Red. */ 2159 else 2160 state = AR_LED1_ON; /* 5GHz=>Blue. */ 2161 } else { 2162 /* Scanning, blink LED. */ 2163 state ^= AR_LED0_ON | AR_LED1_ON; 2164 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) 2165 state &= ~AR_LED1_ON; 2166 else 2167 state &= ~AR_LED0_ON; 2168 } 2169 if (state != sc->led_state) { 2170 otus_write(sc, 0x1d0104, state); 2171 if (otus_write_barrier(sc) == 0) 2172 sc->led_state = state; 2173 } 2174 } 2175 2176 int 2177 otus_init(struct ifnet *ifp) 2178 { 2179 struct otus_softc *sc = ifp->if_softc; 2180 struct ieee80211com *ic = &sc->sc_ic; 2181 int error; 2182 2183 /* Init host command ring. */ 2184 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 2185 2186 if ((error = otus_init_mac(sc)) != 0) { 2187 printf("%s: could not initialize MAC\n", sc->sc_dev.dv_xname); 2188 return error; 2189 } 2190 2191 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2192 (void)otus_set_macaddr(sc, ic->ic_myaddr); 2193 2194 switch (ic->ic_opmode) { 2195 #ifdef notyet 2196 #ifndef IEEE80211_STA_ONLY 2197 case IEEE80211_M_HOSTAP: 2198 otus_write(sc, 0x1c3700, 0x0f0000a1); 2199 otus_write(sc, 0x1c3c40, 0x1); 2200 break; 2201 case IEEE80211_M_IBSS: 2202 otus_write(sc, 0x1c3700, 0x0f000000); 2203 otus_write(sc, 0x1c3c40, 0x1); 2204 break; 2205 #endif 2206 #endif 2207 case IEEE80211_M_STA: 2208 otus_write(sc, 0x1c3700, 0x0f000002); 2209 otus_write(sc, 0x1c3c40, 0x1); 2210 break; 2211 default: 2212 break; 2213 } 2214 otus_write(sc, AR_MAC_REG_SNIFFER, 2215 (ic->ic_opmode == IEEE80211_M_MONITOR) ? 0x2000001 : 0x2000000); 2216 (void)otus_write_barrier(sc); 2217 2218 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 2219 sc->sc_curchan = &ic->ic_channels[0]; /* Force band switch. */ 2220 if ((error = otus_set_chan(sc, ic->ic_ibss_chan)) != 0) { 2221 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 2222 return error; 2223 } 2224 2225 /* Start Rx. */ 2226 otus_write(sc, 0x1c3d30, 0x100); 2227 (void)otus_write_barrier(sc); 2228 2229 ifp->if_flags &= ~IFF_OACTIVE; 2230 ifp->if_flags |= IFF_RUNNING; 2231 2232 if (ic->ic_opmode == IEEE80211_M_MONITOR) 2233 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2234 else 2235 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2236 2237 return 0; 2238 } 2239 2240 void 2241 otus_stop(struct ifnet *ifp) 2242 { 2243 struct otus_softc *sc = ifp->if_softc; 2244 struct ieee80211com *ic = &sc->sc_ic; 2245 int s; 2246 2247 sc->sc_tx_timer = 0; 2248 ifp->if_timer = 0; 2249 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2250 2251 timeout_del(&sc->scan_to); 2252 timeout_del(&sc->calib_to); 2253 2254 s = splusb(); 2255 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2256 /* Wait for all queued asynchronous commands to complete. */ 2257 while (sc->cmdq.queued > 0) 2258 tsleep(&sc->cmdq, 0, "cmdq", 0); 2259 splx(s); 2260 2261 /* Stop Rx. */ 2262 otus_write(sc, 0x1c3d30, 0); 2263 (void)otus_write_barrier(sc); 2264 2265 sc->tx_queued = 0; 2266 } 2267