1 /* $OpenBSD: if_otus.c,v 1.12 2009/09/15 18:44:55 damien Exp $ */ 2 3 /*- 4 * Copyright (c) 2009 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /*- 20 * Driver for Atheros AR9001U chipset. 21 * http://www.atheros.com/pt/bulletins/AR9001USBBulletin.pdf 22 */ 23 24 #include "bpfilter.h" 25 26 #include <sys/param.h> 27 #include <sys/sockio.h> 28 #include <sys/sysctl.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/socket.h> 32 #include <sys/systm.h> 33 #include <sys/timeout.h> 34 #include <sys/conf.h> 35 #include <sys/device.h> 36 37 #include <machine/bus.h> 38 #include <machine/endian.h> 39 #include <machine/intr.h> 40 41 #if NBPFILTER > 0 42 #include <net/bpf.h> 43 #endif 44 #include <net/if.h> 45 #include <net/if_arp.h> 46 #include <net/if_dl.h> 47 #include <net/if_media.h> 48 #include <net/if_types.h> 49 50 #include <netinet/in.h> 51 #include <netinet/in_systm.h> 52 #include <netinet/in_var.h> 53 #include <netinet/if_ether.h> 54 #include <netinet/ip.h> 55 56 #include <net80211/ieee80211_var.h> 57 #include <net80211/ieee80211_amrr.h> 58 #include <net80211/ieee80211_radiotap.h> 59 60 #include <dev/usb/usb.h> 61 #include <dev/usb/usbdi.h> 62 #include <dev/usb/usbdi_util.h> 63 #include <dev/usb/usbdevs.h> 64 65 #include <dev/usb/if_otusreg.h> 66 67 #ifdef USB_DEBUG 68 #define OTUS_DEBUG 69 #endif 70 71 #ifdef OTUS_DEBUG 72 #define DPRINTF(x) do { if (otus_debug) printf x; } while (0) 73 #define DPRINTFN(n, x) do { if (otus_debug >= (n)) printf x; } while (0) 74 int otus_debug = 1; 75 #else 76 #define DPRINTF(x) 77 #define DPRINTFN(n, x) 78 #endif 79 80 static const struct usb_devno otus_devs[] = { 81 { USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_WN7512 }, 82 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_TG121N }, 83 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_AR9170 }, 84 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_WN821NV2 }, 85 { USB_VENDOR_AVM, USB_PRODUCT_AVM_FRITZWLAN }, 86 { USB_VENDOR_CACE, USB_PRODUCT_CACE_AIRPCAPNX }, 87 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA130D1 }, 88 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA160A }, 89 { USB_VENDOR_IODATA, USB_PRODUCT_IODATA_WNGDNUS2 }, 90 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WN111V2 }, 91 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNDA3100 }, 92 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GW_US300 }, 93 { USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_UB81 }, 94 { USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_UB82 }, 95 { USB_VENDOR_ZYDAS, USB_PRODUCT_ZYDAS_ZD1221 }, 96 { USB_VENDOR_ZYXEL, USB_PRODUCT_ZYXEL_NWD271N } 97 }; 98 99 int otus_match(struct device *, void *, void *); 100 void otus_attach(struct device *, struct device *, void *); 101 int otus_detach(struct device *, int); 102 void otus_attachhook(void *); 103 void otus_get_chanlist(struct otus_softc *); 104 int otus_load_firmware(struct otus_softc *, const char *, 105 uint32_t); 106 int otus_open_pipes(struct otus_softc *); 107 void otus_close_pipes(struct otus_softc *); 108 int otus_alloc_tx_cmd(struct otus_softc *); 109 void otus_free_tx_cmd(struct otus_softc *); 110 int otus_alloc_tx_data_list(struct otus_softc *); 111 void otus_free_tx_data_list(struct otus_softc *); 112 int otus_alloc_rx_data_list(struct otus_softc *); 113 void otus_free_rx_data_list(struct otus_softc *); 114 void otus_next_scan(void *); 115 void otus_task(void *); 116 void otus_do_async(struct otus_softc *, 117 void (*)(struct otus_softc *, void *), void *, int); 118 int otus_newstate(struct ieee80211com *, enum ieee80211_state, 119 int); 120 void otus_newstate_cb(struct otus_softc *, void *); 121 int otus_cmd(struct otus_softc *, uint8_t, const void *, int, 122 void *); 123 void otus_write(struct otus_softc *, uint32_t, uint32_t); 124 int otus_write_barrier(struct otus_softc *); 125 struct ieee80211_node *otus_node_alloc(struct ieee80211com *); 126 int otus_media_change(struct ifnet *); 127 int otus_read_eeprom(struct otus_softc *); 128 void otus_newassoc(struct ieee80211com *, struct ieee80211_node *, 129 int); 130 void otus_intr(usbd_xfer_handle, usbd_private_handle, usbd_status); 131 void otus_cmd_rxeof(struct otus_softc *, uint8_t *, int); 132 void otus_sub_rxeof(struct otus_softc *, uint8_t *, int); 133 void otus_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 134 void otus_txeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 135 int otus_tx(struct otus_softc *, struct mbuf *, 136 struct ieee80211_node *); 137 void otus_start(struct ifnet *); 138 void otus_watchdog(struct ifnet *); 139 int otus_ioctl(struct ifnet *, u_long, caddr_t); 140 int otus_set_multi(struct otus_softc *); 141 void otus_updateedca(struct ieee80211com *); 142 void otus_updateedca_cb(struct otus_softc *, void *); 143 void otus_updateslot(struct ieee80211com *); 144 void otus_updateslot_cb(struct otus_softc *, void *); 145 int otus_init_mac(struct otus_softc *); 146 uint32_t otus_phy_get_def(struct otus_softc *, uint32_t); 147 int otus_set_board_values(struct otus_softc *, 148 struct ieee80211_channel *); 149 int otus_program_phy(struct otus_softc *, 150 struct ieee80211_channel *); 151 int otus_set_rf_bank4(struct otus_softc *, 152 struct ieee80211_channel *); 153 void otus_get_delta_slope(uint32_t, uint32_t *, uint32_t *); 154 int otus_set_chan(struct otus_softc *, struct ieee80211_channel *, 155 int); 156 int otus_set_key(struct ieee80211com *, struct ieee80211_node *, 157 struct ieee80211_key *); 158 void otus_set_key_cb(struct otus_softc *, void *); 159 void otus_delete_key(struct ieee80211com *, struct ieee80211_node *, 160 struct ieee80211_key *); 161 void otus_delete_key_cb(struct otus_softc *, void *); 162 void otus_calibrate_to(void *); 163 int otus_set_bssid(struct otus_softc *, const uint8_t *); 164 int otus_set_macaddr(struct otus_softc *, const uint8_t *); 165 void otus_led_newstate_type1(struct otus_softc *); 166 void otus_led_newstate_type2(struct otus_softc *); 167 void otus_led_newstate_type3(struct otus_softc *); 168 int otus_init(struct ifnet *); 169 void otus_stop(struct ifnet *); 170 171 struct cfdriver otus_cd = { 172 NULL, "otus", DV_IFNET 173 }; 174 175 const struct cfattach otus_ca = { 176 sizeof (struct otus_softc), otus_match, otus_attach, otus_detach 177 }; 178 179 int 180 otus_match(struct device *parent, void *match, void *aux) 181 { 182 struct usb_attach_arg *uaa = aux; 183 184 if (uaa->iface != NULL) 185 return UMATCH_NONE; 186 187 return (usb_lookup(otus_devs, uaa->vendor, uaa->product) != NULL) ? 188 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 189 } 190 191 void 192 otus_attach(struct device *parent, struct device *self, void *aux) 193 { 194 struct otus_softc *sc = (struct otus_softc *)self; 195 struct usb_attach_arg *uaa = aux; 196 int error; 197 198 sc->sc_udev = uaa->device; 199 200 usb_init_task(&sc->sc_task, otus_task, sc); 201 timeout_set(&sc->scan_to, otus_next_scan, sc); 202 timeout_set(&sc->calib_to, otus_calibrate_to, sc); 203 204 sc->amrr.amrr_min_success_threshold = 1; 205 sc->amrr.amrr_max_success_threshold = 10; 206 207 if (usbd_set_config_no(sc->sc_udev, 1, 0) != 0) { 208 printf("%s: could not set configuration no\n", 209 sc->sc_dev.dv_xname); 210 return; 211 } 212 213 /* Get the first interface handle. */ 214 error = usbd_device2interface_handle(sc->sc_udev, 0, &sc->sc_iface); 215 if (error != 0) { 216 printf("%s: could not get interface handle\n", 217 sc->sc_dev.dv_xname); 218 return; 219 } 220 221 if ((error = otus_open_pipes(sc)) != 0) { 222 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 223 return; 224 } 225 226 if (rootvp == NULL) 227 mountroothook_establish(otus_attachhook, sc); 228 else 229 otus_attachhook(sc); 230 231 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, &sc->sc_dev); 232 } 233 234 int 235 otus_detach(struct device *self, int flags) 236 { 237 struct otus_softc *sc = (struct otus_softc *)self; 238 struct ifnet *ifp = &sc->sc_ic.ic_if; 239 int s; 240 241 s = splnet(); 242 243 /* Wait for all queued asynchronous commands to complete. */ 244 while (sc->cmdq.queued > 0) 245 tsleep(&sc->cmdq, 0, "cmdq", 0); 246 247 timeout_del(&sc->scan_to); 248 timeout_del(&sc->calib_to); 249 250 if (ifp->if_flags != 0) { /* if_attach() has been called. */ 251 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 252 ieee80211_ifdetach(ifp); 253 if_detach(ifp); 254 } 255 256 otus_close_pipes(sc); 257 258 splx(s); 259 260 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, &sc->sc_dev); 261 262 return 0; 263 } 264 265 void 266 otus_attachhook(void *xsc) 267 { 268 struct otus_softc *sc = xsc; 269 struct ieee80211com *ic = &sc->sc_ic; 270 struct ifnet *ifp = &ic->ic_if; 271 usb_device_request_t req; 272 uint32_t in, out; 273 int error; 274 275 error = otus_load_firmware(sc, "otus-init", AR_FW_INIT_ADDR); 276 if (error != 0) { 277 printf("%s: could not load %s firmware\n", 278 sc->sc_dev.dv_xname, "init"); 279 return; 280 } 281 282 usbd_delay_ms(sc->sc_udev, 1000); 283 284 error = otus_load_firmware(sc, "otus-main", AR_FW_MAIN_ADDR); 285 if (error != 0) { 286 printf("%s: could not load %s firmware\n", 287 sc->sc_dev.dv_xname, "main"); 288 return; 289 } 290 291 /* Tell device that firmware transfer is complete. */ 292 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 293 req.bRequest = AR_FW_DOWNLOAD_COMPLETE; 294 USETW(req.wValue, 0); 295 USETW(req.wIndex, 0); 296 USETW(req.wLength, 0); 297 if (usbd_do_request(sc->sc_udev, &req, NULL) != 0) { 298 printf("%s: firmware initialization failed\n", 299 sc->sc_dev.dv_xname); 300 return; 301 } 302 303 /* Send an ECHO command to check that everything is settled. */ 304 in = 0xbadc0ffe; 305 if (otus_cmd(sc, AR_CMD_ECHO, &in, sizeof in, &out) != 0) { 306 printf("%s: echo command failed\n", sc->sc_dev.dv_xname); 307 return; 308 } 309 if (in != out) { 310 printf("%s: echo reply mismatch: 0x%08x!=0x%08x\n", 311 sc->sc_dev.dv_xname, in, out); 312 return; 313 } 314 315 /* Read entire EEPROM. */ 316 if (otus_read_eeprom(sc) != 0) { 317 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 318 return; 319 } 320 321 sc->txmask = sc->eeprom.baseEepHeader.txMask; 322 sc->rxmask = sc->eeprom.baseEepHeader.rxMask; 323 sc->capflags = sc->eeprom.baseEepHeader.opCapFlags; 324 IEEE80211_ADDR_COPY(ic->ic_myaddr, sc->eeprom.baseEepHeader.macAddr); 325 sc->sc_led_newstate = otus_led_newstate_type3; /* XXX */ 326 327 printf("%s: MAC/BBP AR9170, RF AR%X, MIMO %dT%dR, address %s\n", 328 sc->sc_dev.dv_xname, (sc->capflags & AR5416_OPFLAGS_11A) ? 329 0x9104 : ((sc->txmask == 0x5) ? 0x9102 : 0x9101), 330 (sc->txmask == 0x5) ? 2 : 1, (sc->rxmask == 0x5) ? 2 : 1, 331 ether_sprintf(ic->ic_myaddr)); 332 333 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 334 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 335 ic->ic_state = IEEE80211_S_INIT; 336 337 /* Set device capabilities. */ 338 ic->ic_caps = 339 IEEE80211_C_MONITOR | /* monitor mode supported */ 340 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 341 IEEE80211_C_SHSLOT | /* short slot time supported */ 342 IEEE80211_C_WEP | /* WEP */ 343 IEEE80211_C_RSN; /* WPA/RSN */ 344 345 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 346 /* Set supported .11b and .11g rates. */ 347 ic->ic_sup_rates[IEEE80211_MODE_11B] = 348 ieee80211_std_rateset_11b; 349 ic->ic_sup_rates[IEEE80211_MODE_11G] = 350 ieee80211_std_rateset_11g; 351 } 352 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 353 /* Set supported .11a rates. */ 354 ic->ic_sup_rates[IEEE80211_MODE_11A] = 355 ieee80211_std_rateset_11a; 356 } 357 358 /* Build the list of supported channels. */ 359 otus_get_chanlist(sc); 360 361 ifp->if_softc = sc; 362 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 363 ifp->if_init = otus_init; 364 ifp->if_ioctl = otus_ioctl; 365 ifp->if_start = otus_start; 366 ifp->if_watchdog = otus_watchdog; 367 IFQ_SET_READY(&ifp->if_snd); 368 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 369 370 if_attach(ifp); 371 ieee80211_ifattach(ifp); 372 ic->ic_node_alloc = otus_node_alloc; 373 ic->ic_newassoc = otus_newassoc; 374 ic->ic_updateslot = otus_updateslot; 375 ic->ic_updateedca = otus_updateedca; 376 #ifdef notyet 377 ic->ic_set_key = otus_set_key; 378 ic->ic_delete_key = otus_delete_key; 379 #endif 380 /* Override state transition machine. */ 381 sc->sc_newstate = ic->ic_newstate; 382 ic->ic_newstate = otus_newstate; 383 ieee80211_media_init(ifp, otus_media_change, ieee80211_media_status); 384 385 #if NBPFILTER > 0 386 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 387 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 388 389 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 390 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 391 sc->sc_rxtap.wr_ihdr.it_present = htole32(OTUS_RX_RADIOTAP_PRESENT); 392 393 sc->sc_txtap_len = sizeof sc->sc_txtapu; 394 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 395 sc->sc_txtap.wt_ihdr.it_present = htole32(OTUS_TX_RADIOTAP_PRESENT); 396 #endif 397 } 398 399 void 400 otus_get_chanlist(struct otus_softc *sc) 401 { 402 struct ieee80211com *ic = &sc->sc_ic; 403 uint16_t domain; 404 uint8_t chan; 405 int i; 406 407 /* XXX regulatory domain. */ 408 domain = letoh16(sc->eeprom.baseEepHeader.regDmn[0]); 409 DPRINTF(("regdomain=0x%04x\n", domain)); 410 411 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 412 for (i = 0; i < 14; i++) { 413 chan = ar_chans[i]; 414 ic->ic_channels[chan].ic_freq = 415 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 416 ic->ic_channels[chan].ic_flags = 417 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 418 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 419 } 420 } 421 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 422 for (i = 14; i < nitems(ar_chans); i++) { 423 chan = ar_chans[i]; 424 ic->ic_channels[chan].ic_freq = 425 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 426 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 427 } 428 } 429 } 430 431 int 432 otus_load_firmware(struct otus_softc *sc, const char *name, uint32_t addr) 433 { 434 usb_device_request_t req; 435 size_t size; 436 u_char *fw, *ptr; 437 int mlen, error; 438 439 /* Read firmware image from the filesystem. */ 440 if ((error = loadfirmware(name, &fw, &size)) != 0) { 441 printf("%s: failed loadfirmware of file %s (error %d)\n", 442 sc->sc_dev.dv_xname, name, error); 443 return error; 444 } 445 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 446 req.bRequest = AR_FW_DOWNLOAD; 447 USETW(req.wIndex, 0); 448 449 ptr = fw; 450 addr >>= 8; 451 while (size > 0) { 452 mlen = MIN(size, 4096); 453 454 USETW(req.wValue, addr); 455 USETW(req.wLength, mlen); 456 if (usbd_do_request(sc->sc_udev, &req, ptr) != 0) { 457 error = EIO; 458 break; 459 } 460 addr += mlen >> 8; 461 ptr += mlen; 462 size -= mlen; 463 } 464 free(fw, M_DEVBUF); 465 return error; 466 } 467 468 int 469 otus_open_pipes(struct otus_softc *sc) 470 { 471 usb_endpoint_descriptor_t *ed; 472 int i, isize, error; 473 474 error = usbd_open_pipe(sc->sc_iface, AR_EPT_BULK_RX_NO, 0, 475 &sc->data_rx_pipe); 476 if (error != 0) { 477 printf("%s: could not open Rx bulk pipe\n", 478 sc->sc_dev.dv_xname); 479 goto fail; 480 } 481 482 ed = usbd_get_endpoint_descriptor(sc->sc_iface, AR_EPT_INTR_RX_NO); 483 if (ed == NULL) { 484 printf("%s: could not retrieve Rx intr pipe descriptor\n", 485 sc->sc_dev.dv_xname); 486 goto fail; 487 } 488 isize = UGETW(ed->wMaxPacketSize); 489 if (isize == 0) { 490 printf("%s: invalid Rx intr pipe descriptor\n", 491 sc->sc_dev.dv_xname); 492 goto fail; 493 } 494 sc->ibuf = malloc(isize, M_USBDEV, M_NOWAIT); 495 if (sc->ibuf == NULL) { 496 printf("%s: could not allocate Rx intr buffer\n", 497 sc->sc_dev.dv_xname); 498 goto fail; 499 } 500 error = usbd_open_pipe_intr(sc->sc_iface, AR_EPT_INTR_RX_NO, 501 USBD_SHORT_XFER_OK, &sc->cmd_rx_pipe, sc, sc->ibuf, isize, 502 otus_intr, USBD_DEFAULT_INTERVAL); 503 if (error != 0) { 504 printf("%s: could not open Rx intr pipe\n", 505 sc->sc_dev.dv_xname); 506 goto fail; 507 } 508 509 error = usbd_open_pipe(sc->sc_iface, AR_EPT_BULK_TX_NO, 0, 510 &sc->data_tx_pipe); 511 if (error != 0) { 512 printf("%s: could not open Tx bulk pipe\n", 513 sc->sc_dev.dv_xname); 514 goto fail; 515 } 516 517 error = usbd_open_pipe(sc->sc_iface, AR_EPT_INTR_TX_NO, 0, 518 &sc->cmd_tx_pipe); 519 if (error != 0) { 520 printf("%s: could not open Tx intr pipe\n", 521 sc->sc_dev.dv_xname); 522 goto fail; 523 } 524 525 if (otus_alloc_tx_cmd(sc) != 0) { 526 printf("%s: could not allocate command xfer\n", 527 sc->sc_dev.dv_xname); 528 goto fail; 529 } 530 531 if (otus_alloc_tx_data_list(sc) != 0) { 532 printf("%s: could not allocate Tx xfers\n", 533 sc->sc_dev.dv_xname); 534 goto fail; 535 } 536 537 if (otus_alloc_rx_data_list(sc) != 0) { 538 printf("%s: could not allocate Rx xfers\n", 539 sc->sc_dev.dv_xname); 540 goto fail; 541 } 542 543 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) { 544 struct otus_rx_data *data = &sc->rx_data[i]; 545 546 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 547 OTUS_RXBUFSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 548 USBD_NO_TIMEOUT, otus_rxeof); 549 error = usbd_transfer(data->xfer); 550 if (error != USBD_IN_PROGRESS && error != 0) { 551 printf("%s: could not queue Rx xfer\n", 552 sc->sc_dev.dv_xname); 553 goto fail; 554 } 555 } 556 return 0; 557 558 fail: otus_close_pipes(sc); 559 return error; 560 } 561 562 void 563 otus_close_pipes(struct otus_softc *sc) 564 { 565 otus_free_tx_cmd(sc); 566 otus_free_tx_data_list(sc); 567 otus_free_rx_data_list(sc); 568 569 if (sc->data_rx_pipe != NULL) 570 usbd_close_pipe(sc->data_rx_pipe); 571 if (sc->cmd_rx_pipe != NULL) { 572 usbd_abort_pipe(sc->cmd_rx_pipe); 573 usbd_close_pipe(sc->cmd_rx_pipe); 574 } 575 if (sc->ibuf != NULL) 576 free(sc->ibuf, M_USBDEV); 577 if (sc->data_tx_pipe != NULL) 578 usbd_close_pipe(sc->data_tx_pipe); 579 if (sc->cmd_tx_pipe != NULL) 580 usbd_close_pipe(sc->cmd_tx_pipe); 581 } 582 583 int 584 otus_alloc_tx_cmd(struct otus_softc *sc) 585 { 586 struct otus_tx_cmd *cmd = &sc->tx_cmd; 587 588 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 589 if (cmd->xfer == NULL) { 590 printf("%s: could not allocate xfer\n", 591 sc->sc_dev.dv_xname); 592 return ENOMEM; 593 } 594 cmd->buf = usbd_alloc_buffer(cmd->xfer, OTUS_MAX_TXCMDSZ); 595 if (cmd->buf == NULL) { 596 printf("%s: could not allocate xfer buffer\n", 597 sc->sc_dev.dv_xname); 598 usbd_free_xfer(cmd->xfer); 599 return ENOMEM; 600 } 601 return 0; 602 } 603 604 void 605 otus_free_tx_cmd(struct otus_softc *sc) 606 { 607 /* Make sure no transfers are pending. */ 608 usbd_abort_pipe(sc->cmd_tx_pipe); 609 610 if (sc->tx_cmd.xfer != NULL) 611 usbd_free_xfer(sc->tx_cmd.xfer); 612 } 613 614 int 615 otus_alloc_tx_data_list(struct otus_softc *sc) 616 { 617 struct otus_tx_data *data; 618 int i, error; 619 620 for (i = 0; i < OTUS_TX_DATA_LIST_COUNT; i++) { 621 data = &sc->tx_data[i]; 622 623 data->sc = sc; /* Backpointer for callbacks. */ 624 625 data->xfer = usbd_alloc_xfer(sc->sc_udev); 626 if (data->xfer == NULL) { 627 printf("%s: could not allocate xfer\n", 628 sc->sc_dev.dv_xname); 629 error = ENOMEM; 630 goto fail; 631 } 632 data->buf = usbd_alloc_buffer(data->xfer, OTUS_TXBUFSZ); 633 if (data->buf == NULL) { 634 printf("%s: could not allocate xfer buffer\n", 635 sc->sc_dev.dv_xname); 636 error = ENOMEM; 637 goto fail; 638 } 639 } 640 return 0; 641 642 fail: otus_free_tx_data_list(sc); 643 return error; 644 } 645 646 void 647 otus_free_tx_data_list(struct otus_softc *sc) 648 { 649 int i; 650 651 /* Make sure no transfers are pending. */ 652 usbd_abort_pipe(sc->data_tx_pipe); 653 654 for (i = 0; i < OTUS_TX_DATA_LIST_COUNT; i++) 655 if (sc->tx_data[i].xfer != NULL) 656 usbd_free_xfer(sc->tx_data[i].xfer); 657 } 658 659 int 660 otus_alloc_rx_data_list(struct otus_softc *sc) 661 { 662 struct otus_rx_data *data; 663 int i, error; 664 665 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) { 666 data = &sc->rx_data[i]; 667 668 data->sc = sc; /* Backpointer for callbacks. */ 669 670 data->xfer = usbd_alloc_xfer(sc->sc_udev); 671 if (data->xfer == NULL) { 672 printf("%s: could not allocate xfer\n", 673 sc->sc_dev.dv_xname); 674 error = ENOMEM; 675 goto fail; 676 } 677 data->buf = usbd_alloc_buffer(data->xfer, OTUS_RXBUFSZ); 678 if (data->buf == NULL) { 679 printf("%s: could not allocate xfer buffer\n", 680 sc->sc_dev.dv_xname); 681 error = ENOMEM; 682 goto fail; 683 } 684 } 685 return 0; 686 687 fail: otus_free_rx_data_list(sc); 688 return error; 689 } 690 691 void 692 otus_free_rx_data_list(struct otus_softc *sc) 693 { 694 int i; 695 696 /* Make sure no transfers are pending. */ 697 usbd_abort_pipe(sc->data_rx_pipe); 698 699 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) 700 if (sc->rx_data[i].xfer != NULL) 701 usbd_free_xfer(sc->rx_data[i].xfer); 702 } 703 704 void 705 otus_next_scan(void *arg) 706 { 707 struct otus_softc *sc = arg; 708 709 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 710 ieee80211_next_scan(&sc->sc_ic.ic_if); 711 } 712 713 void 714 otus_task(void *arg) 715 { 716 struct otus_softc *sc = arg; 717 struct otus_host_cmd_ring *ring = &sc->cmdq; 718 struct otus_host_cmd *cmd; 719 int s; 720 721 /* Process host commands. */ 722 s = splusb(); 723 while (ring->next != ring->cur) { 724 cmd = &ring->cmd[ring->next]; 725 splx(s); 726 /* Callback. */ 727 cmd->cb(sc, cmd->data); 728 s = splusb(); 729 ring->queued--; 730 ring->next = (ring->next + 1) % OTUS_HOST_CMD_RING_COUNT; 731 } 732 wakeup(ring); 733 splx(s); 734 } 735 736 void 737 otus_do_async(struct otus_softc *sc, void (*cb)(struct otus_softc *, void *), 738 void *arg, int len) 739 { 740 struct otus_host_cmd_ring *ring = &sc->cmdq; 741 struct otus_host_cmd *cmd; 742 int s; 743 744 s = splusb(); 745 cmd = &ring->cmd[ring->cur]; 746 cmd->cb = cb; 747 KASSERT(len <= sizeof (cmd->data)); 748 memcpy(cmd->data, arg, len); 749 ring->cur = (ring->cur + 1) % OTUS_HOST_CMD_RING_COUNT; 750 751 /* If there is no pending command already, schedule a task. */ 752 if (++ring->queued == 1) 753 usb_add_task(sc->sc_udev, &sc->sc_task); 754 splx(s); 755 } 756 757 int 758 otus_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 759 { 760 struct otus_softc *sc = ic->ic_softc; 761 struct otus_cmd_newstate cmd; 762 763 /* Do it in a process context. */ 764 cmd.state = nstate; 765 cmd.arg = arg; 766 otus_do_async(sc, otus_newstate_cb, &cmd, sizeof cmd); 767 return 0; 768 } 769 770 void 771 otus_newstate_cb(struct otus_softc *sc, void *arg) 772 { 773 struct otus_cmd_newstate *cmd = arg; 774 struct ieee80211com *ic = &sc->sc_ic; 775 struct ieee80211_node *ni; 776 int s; 777 778 s = splnet(); 779 780 switch (cmd->state) { 781 case IEEE80211_S_INIT: 782 break; 783 784 case IEEE80211_S_SCAN: 785 (void)otus_set_chan(sc, ic->ic_bss->ni_chan, 0); 786 timeout_add_msec(&sc->scan_to, 200); 787 break; 788 789 case IEEE80211_S_AUTH: 790 case IEEE80211_S_ASSOC: 791 (void)otus_set_chan(sc, ic->ic_bss->ni_chan, 0); 792 break; 793 794 case IEEE80211_S_RUN: 795 (void)otus_set_chan(sc, ic->ic_bss->ni_chan, 1); 796 797 ni = ic->ic_bss; 798 799 if (ic->ic_opmode == IEEE80211_M_STA) { 800 otus_updateslot(ic); 801 otus_set_bssid(sc, ni->ni_bssid); 802 803 /* Fake a join to init the Tx rate. */ 804 otus_newassoc(ic, ni, 1); 805 806 /* Start calibration timer. */ 807 timeout_add_sec(&sc->calib_to, 1); 808 } 809 break; 810 } 811 812 sc->sc_led_newstate(sc); 813 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 814 815 splx(s); 816 } 817 818 int 819 otus_cmd(struct otus_softc *sc, uint8_t code, const void *idata, int ilen, 820 void *odata) 821 { 822 struct otus_tx_cmd *cmd = &sc->tx_cmd; 823 struct ar_cmd_hdr *hdr; 824 int s, xferlen, error; 825 826 /* Always bulk-out a multiple of 4 bytes. */ 827 xferlen = (sizeof (*hdr) + ilen + 3) & ~3; 828 829 hdr = (struct ar_cmd_hdr *)cmd->buf; 830 hdr->code = code; 831 hdr->len = ilen; 832 hdr->token = ++cmd->token; /* Don't care about endianness. */ 833 memcpy((uint8_t *)&hdr[1], idata, ilen); 834 835 DPRINTFN(2, ("sending command code=0x%02x len=%d token=%d\n", 836 code, ilen, hdr->token)); 837 838 s = splusb(); 839 cmd->odata = odata; 840 cmd->done = 0; 841 842 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 843 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, OTUS_CMD_TIMEOUT, NULL); 844 error = usbd_sync_transfer(cmd->xfer); 845 if (error != 0) { 846 splx(s); 847 printf("%s: could not send command 0x%x (error=%s)\n", 848 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 849 return EIO; 850 } 851 if (!cmd->done) 852 error = tsleep(cmd, PCATCH, "otuscmd", hz); 853 cmd->odata = NULL; /* In case answer is received too late. */ 854 splx(s); 855 if (error != 0) { 856 printf("%s: timeout waiting for command 0x%02x reply\n", 857 sc->sc_dev.dv_xname, code); 858 } 859 return error; 860 } 861 862 void 863 otus_write(struct otus_softc *sc, uint32_t reg, uint32_t val) 864 { 865 sc->write_buf[sc->write_idx].reg = htole32(reg); 866 sc->write_buf[sc->write_idx].val = htole32(val); 867 868 if (++sc->write_idx > AR_MAX_WRITE_IDX) 869 (void)otus_write_barrier(sc); 870 } 871 872 int 873 otus_write_barrier(struct otus_softc *sc) 874 { 875 int error; 876 877 if (sc->write_idx == 0) 878 return 0; /* Nothing to flush. */ 879 880 error = otus_cmd(sc, AR_CMD_WREG, sc->write_buf, 881 sizeof (sc->write_buf[0]) * sc->write_idx, NULL); 882 sc->write_idx = 0; 883 return error; 884 } 885 886 struct ieee80211_node * 887 otus_node_alloc(struct ieee80211com *ic) 888 { 889 return malloc(sizeof (struct otus_node), M_DEVBUF, M_NOWAIT | M_ZERO); 890 } 891 892 int 893 otus_media_change(struct ifnet *ifp) 894 { 895 struct otus_softc *sc = ifp->if_softc; 896 struct ieee80211com *ic = &sc->sc_ic; 897 uint8_t rate, ridx; 898 int error; 899 900 error = ieee80211_media_change(ifp); 901 if (error != ENETRESET) 902 return error; 903 904 if (ic->ic_fixed_rate != -1) { 905 rate = ic->ic_sup_rates[ic->ic_curmode]. 906 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 907 for (ridx = 0; ridx <= OTUS_RIDX_MAX; ridx++) 908 if (otus_rates[ridx].rate == rate) 909 break; 910 sc->fixed_ridx = ridx; 911 } 912 913 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 914 error = otus_init(ifp); 915 916 return error; 917 } 918 919 int 920 otus_read_eeprom(struct otus_softc *sc) 921 { 922 uint32_t regs[8], reg; 923 uint8_t *eep; 924 int i, j, error; 925 926 /* Read EEPROM by blocks of 32 bytes. */ 927 eep = (uint8_t *)&sc->eeprom; 928 reg = AR_EEPROM_OFFSET; 929 for (i = 0; i < sizeof (sc->eeprom) / 32; i++) { 930 for (j = 0; j < 8; j++, reg += 4) 931 regs[j] = htole32(reg); 932 error = otus_cmd(sc, AR_CMD_RREG, regs, sizeof regs, eep); 933 if (error != 0) 934 break; 935 eep += 32; 936 } 937 return error; 938 } 939 940 void 941 otus_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 942 { 943 struct otus_softc *sc = ic->ic_softc; 944 struct otus_node *on = (void *)ni; 945 struct ieee80211_rateset *rs = &ni->ni_rates; 946 uint8_t rate; 947 int ridx, i; 948 949 DPRINTF(("new assoc isnew=%d addr=%s\n", 950 isnew, ether_sprintf(ni->ni_macaddr))); 951 952 ieee80211_amrr_node_init(&sc->amrr, &on->amn); 953 /* Start at lowest available bit-rate, AMRR will raise. */ 954 ni->ni_txrate = 0; 955 956 for (i = 0; i < rs->rs_nrates; i++) { 957 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 958 /* Convert 802.11 rate to hardware rate index. */ 959 for (ridx = 0; ridx <= OTUS_RIDX_MAX; ridx++) 960 if (otus_rates[ridx].rate == rate) 961 break; 962 on->ridx[i] = ridx; 963 DPRINTF(("rate=0x%02x ridx=%d\n", 964 rs->rs_rates[i], on->ridx[i])); 965 } 966 } 967 968 /* ARGSUSED */ 969 void 970 otus_intr(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 971 { 972 #if 0 973 struct otus_softc *sc = priv; 974 int len; 975 976 /* 977 * The Rx intr pipe is unused with current firmware. Notifications 978 * and replies to commands are sent through the Rx bulk pipe instead 979 * (with a magic PLCP header.) 980 */ 981 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 982 DPRINTF(("intr status=%d\n", status)); 983 if (status == USBD_STALLED) 984 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 985 return; 986 } 987 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 988 989 otus_cmd_rxeof(sc, sc->ibuf, len); 990 #endif 991 } 992 993 void 994 otus_cmd_rxeof(struct otus_softc *sc, uint8_t *buf, int len) 995 { 996 struct ieee80211com *ic = &sc->sc_ic; 997 struct otus_tx_cmd *cmd; 998 struct ar_cmd_hdr *hdr; 999 int s; 1000 1001 if (__predict_false(len < sizeof (*hdr))) { 1002 DPRINTF(("cmd too small %d\n", len)); 1003 return; 1004 } 1005 hdr = (struct ar_cmd_hdr *)buf; 1006 if (__predict_false(sizeof (*hdr) + hdr->len > len || 1007 sizeof (*hdr) + hdr->len > 64)) { 1008 DPRINTF(("cmd too large %d\n", hdr->len)); 1009 return; 1010 } 1011 1012 if ((hdr->code & 0xc0) != 0xc0) { 1013 DPRINTFN(2, ("received reply code=0x%02x len=%d token=%d\n", 1014 hdr->code, hdr->len, hdr->token)); 1015 cmd = &sc->tx_cmd; 1016 if (__predict_false(hdr->token != cmd->token)) 1017 return; 1018 /* Copy answer into caller's supplied buffer. */ 1019 if (cmd->odata != NULL) 1020 memcpy(cmd->odata, &hdr[1], hdr->len); 1021 cmd->done = 1; 1022 wakeup(cmd); 1023 return; 1024 } 1025 1026 /* Received unsolicited notification. */ 1027 DPRINTF(("received notification code=0x%02x len=%d\n", 1028 hdr->code, hdr->len)); 1029 switch (hdr->code & 0x3f) { 1030 case AR_EVT_BEACON: 1031 break; 1032 case AR_EVT_TX_COMP: 1033 { 1034 struct ar_evt_tx_comp *tx = (struct ar_evt_tx_comp *)&hdr[1]; 1035 struct ieee80211_node *ni; 1036 struct otus_node *on; 1037 1038 DPRINTF(("tx completed %s status=%d phy=0x%x\n", 1039 ether_sprintf(tx->macaddr), letoh16(tx->status), 1040 letoh32(tx->phy))); 1041 s = splnet(); 1042 #ifdef notyet 1043 #ifndef IEEE80211_STA_ONLY 1044 if (ic->ic_opmode != IEEE80211_M_STA) { 1045 ni = ieee80211_find_node(ic, tx->macaddr); 1046 if (__predict_false(ni == NULL)) { 1047 splx(s); 1048 break; 1049 } 1050 } else 1051 #endif 1052 #endif 1053 ni = ic->ic_bss; 1054 /* Update rate control statistics. */ 1055 on = (void *)ni; 1056 /* NB: we do not set the TX_MAC_RATE_PROBING flag. */ 1057 if (__predict_true(tx->status != 0)) 1058 on->amn.amn_retrycnt++; 1059 splx(s); 1060 break; 1061 } 1062 case AR_EVT_TBTT: 1063 break; 1064 } 1065 } 1066 1067 void 1068 otus_sub_rxeof(struct otus_softc *sc, uint8_t *buf, int len) 1069 { 1070 struct ieee80211com *ic = &sc->sc_ic; 1071 struct ifnet *ifp = &ic->ic_if; 1072 struct ieee80211_rxinfo rxi; 1073 struct ieee80211_node *ni; 1074 struct ar_rx_tail *tail; 1075 struct ieee80211_frame *wh; 1076 struct mbuf *m; 1077 uint8_t *plcp; 1078 int s, mlen, align; 1079 1080 if (__predict_false(len < AR_PLCP_HDR_LEN)) { 1081 DPRINTF(("sub-xfer too short %d\n", len)); 1082 return; 1083 } 1084 plcp = buf; 1085 1086 /* All bits in the PLCP header are set to 1 for non-MPDU. */ 1087 if (memcmp(plcp, AR_PLCP_HDR_INTR, AR_PLCP_HDR_LEN) == 0) { 1088 otus_cmd_rxeof(sc, plcp + AR_PLCP_HDR_LEN, 1089 len - AR_PLCP_HDR_LEN); 1090 return; 1091 } 1092 1093 /* Received MPDU. */ 1094 if (__predict_false(len < AR_PLCP_HDR_LEN + sizeof (*tail))) { 1095 DPRINTF(("MPDU too short %d\n", len)); 1096 ifp->if_ierrors++; 1097 return; 1098 } 1099 tail = (struct ar_rx_tail *)(plcp + len - sizeof (*tail)); 1100 1101 /* Discard error frames. */ 1102 if (__predict_false(tail->error != 0)) { 1103 DPRINTF(("error frame 0x%02x\n", tail->error)); 1104 if (tail->error & AR_RX_ERROR_FCS) { 1105 DPRINTFN(3, ("bad FCS\n")); 1106 } else if (tail->error & AR_RX_ERROR_MMIC) { 1107 /* Report Michael MIC failures to net80211. */ 1108 ic->ic_stats.is_rx_locmicfail++; 1109 ieee80211_michael_mic_failure(ic, 0); 1110 } 1111 ifp->if_ierrors++; 1112 return; 1113 } 1114 /* Compute MPDU's length. */ 1115 mlen = len - AR_PLCP_HDR_LEN - sizeof (*tail); 1116 /* Make sure there's room for an 802.11 header + FCS. */ 1117 if (__predict_false(mlen < IEEE80211_MIN_LEN)) { 1118 ifp->if_ierrors++; 1119 return; 1120 } 1121 mlen -= IEEE80211_CRC_LEN; /* strip 802.11 FCS */ 1122 1123 wh = (struct ieee80211_frame *)(plcp + AR_PLCP_HDR_LEN); 1124 /* Provide a 32-bit aligned protocol header to the stack. */ 1125 align = (ieee80211_has_qos(wh) ^ ieee80211_has_addr4(wh)) ? 2 : 0; 1126 1127 MGETHDR(m, M_DONTWAIT, MT_DATA); 1128 if (__predict_false(m == NULL)) { 1129 ifp->if_ierrors++; 1130 return; 1131 } 1132 if (align + mlen > MHLEN) { 1133 MCLGET(m, M_DONTWAIT); 1134 if (__predict_false(!(m->m_flags & M_EXT))) { 1135 ifp->if_ierrors++; 1136 m_freem(m); 1137 return; 1138 } 1139 } 1140 /* Finalize mbuf. */ 1141 m->m_pkthdr.rcvif = ifp; 1142 m->m_data += align; 1143 memcpy(mtod(m, caddr_t), wh, mlen); 1144 m->m_pkthdr.len = m->m_len = mlen; 1145 1146 #if NBPFILTER > 0 1147 if (__predict_false(sc->sc_drvbpf != NULL)) { 1148 struct otus_rx_radiotap_header *tap = &sc->sc_rxtap; 1149 struct mbuf mb; 1150 1151 tap->wr_flags = 0; 1152 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1153 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1154 tap->wr_antsignal = tail->rssi; 1155 tap->wr_rate = 2; /* In case it can't be found below. */ 1156 switch (tail->status & AR_RX_STATUS_MT_MASK) { 1157 case AR_RX_STATUS_MT_CCK: 1158 switch (plcp[0]) { 1159 case 10: tap->wr_rate = 2; break; 1160 case 20: tap->wr_rate = 4; break; 1161 case 55: tap->wr_rate = 11; break; 1162 case 110: tap->wr_rate = 22; break; 1163 } 1164 if (tail->status & AR_RX_STATUS_SHPREAMBLE) 1165 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1166 break; 1167 case AR_RX_STATUS_MT_OFDM: 1168 switch (plcp[0] & 0xf) { 1169 case 0xb: tap->wr_rate = 12; break; 1170 case 0xf: tap->wr_rate = 18; break; 1171 case 0xa: tap->wr_rate = 24; break; 1172 case 0xe: tap->wr_rate = 36; break; 1173 case 0x9: tap->wr_rate = 48; break; 1174 case 0xd: tap->wr_rate = 72; break; 1175 case 0x8: tap->wr_rate = 96; break; 1176 case 0xc: tap->wr_rate = 108; break; 1177 } 1178 break; 1179 } 1180 mb.m_data = (caddr_t)tap; 1181 mb.m_len = sc->sc_rxtap_len; 1182 mb.m_next = m; 1183 mb.m_nextpkt = NULL; 1184 mb.m_type = 0; 1185 mb.m_flags = 0; 1186 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1187 } 1188 #endif 1189 1190 s = splnet(); 1191 ni = ieee80211_find_rxnode(ic, wh); 1192 rxi.rxi_flags = 0; 1193 rxi.rxi_rssi = tail->rssi; 1194 rxi.rxi_tstamp = 0; /* unused */ 1195 ieee80211_input(ifp, m, ni, &rxi); 1196 1197 /* Node is no longer needed. */ 1198 ieee80211_release_node(ic, ni); 1199 splx(s); 1200 } 1201 1202 void 1203 otus_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 1204 { 1205 struct otus_rx_data *data = priv; 1206 struct otus_softc *sc = data->sc; 1207 caddr_t buf = data->buf; 1208 struct ar_rx_head *head; 1209 uint16_t hlen; 1210 int len; 1211 1212 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 1213 DPRINTF(("RX status=%d\n", status)); 1214 if (status == USBD_STALLED) 1215 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1216 if (status != USBD_CANCELLED) 1217 goto resubmit; 1218 return; 1219 } 1220 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1221 1222 while (len >= sizeof (*head)) { 1223 head = (struct ar_rx_head *)buf; 1224 if (__predict_false(head->tag != htole16(AR_RX_HEAD_TAG))) { 1225 DPRINTF(("tag not valid 0x%x\n", letoh16(head->tag))); 1226 break; 1227 } 1228 hlen = letoh16(head->len); 1229 if (__predict_false(sizeof (*head) + hlen > len)) { 1230 DPRINTF(("xfer too short %d/%d\n", len, hlen)); 1231 break; 1232 } 1233 /* Process sub-xfer. */ 1234 otus_sub_rxeof(sc, (uint8_t *)&head[1], hlen); 1235 1236 /* Next sub-xfer is aligned on a 32-bit boundary. */ 1237 hlen = (sizeof (*head) + hlen + 3) & ~3; 1238 buf += hlen; 1239 len -= hlen; 1240 } 1241 1242 resubmit: 1243 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, OTUS_RXBUFSZ, 1244 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, otus_rxeof); 1245 (void)usbd_transfer(data->xfer); 1246 } 1247 1248 void 1249 otus_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 1250 { 1251 struct otus_tx_data *data = priv; 1252 struct otus_softc *sc = data->sc; 1253 struct ieee80211com *ic = &sc->sc_ic; 1254 struct ifnet *ifp = &ic->ic_if; 1255 int s; 1256 1257 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 1258 DPRINTF(("TX status=%d\n", status)); 1259 if (status == USBD_STALLED) 1260 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1261 ifp->if_oerrors++; 1262 return; 1263 } 1264 s = splnet(); 1265 sc->tx_queued--; 1266 sc->sc_tx_timer = 0; 1267 ifp->if_flags &= ~IFF_OACTIVE; 1268 otus_start(ifp); 1269 splx(s); 1270 } 1271 1272 int 1273 otus_tx(struct otus_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 1274 { 1275 struct ieee80211com *ic = &sc->sc_ic; 1276 struct otus_node *on = (void *)ni; 1277 struct otus_tx_data *data; 1278 struct ieee80211_frame *wh; 1279 struct ieee80211_key *k; 1280 struct ar_tx_head *head; 1281 uint32_t phyctl; 1282 uint16_t macctl, qos; 1283 uint8_t tid, qid; 1284 int error, ridx, hasqos, xferlen; 1285 1286 wh = mtod(m, struct ieee80211_frame *); 1287 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1288 k = ieee80211_get_txkey(ic, wh, ni); 1289 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) 1290 return ENOBUFS; 1291 wh = mtod(m, struct ieee80211_frame *); 1292 } 1293 1294 if ((hasqos = ieee80211_has_qos(wh))) { 1295 qos = ieee80211_get_qos(wh); 1296 tid = qos & IEEE80211_QOS_TID; 1297 qid = ieee80211_up_to_ac(ic, tid); 1298 } else 1299 qid = EDCA_AC_BE; 1300 1301 /* Pickup a rate index. */ 1302 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 1303 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_DATA) 1304 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 1305 OTUS_RIDX_OFDM6 : OTUS_RIDX_CCK1; 1306 else if (ic->ic_fixed_rate != -1) 1307 ridx = sc->fixed_ridx; 1308 else 1309 ridx = on->ridx[ni->ni_txrate]; 1310 1311 phyctl = 0; 1312 macctl = AR_TX_MAC_BACKOFF | AR_TX_MAC_HW_DUR | AR_TX_MAC_QID(qid); 1313 1314 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 1315 (hasqos && ((qos & IEEE80211_QOS_ACK_POLICY_MASK) == 1316 IEEE80211_QOS_ACK_POLICY_NOACK))) 1317 macctl |= AR_TX_MAC_NOACK; 1318 1319 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1320 if (m->m_pkthdr.len + IEEE80211_CRC_LEN >= ic->ic_rtsthreshold) 1321 macctl |= AR_TX_MAC_RTS; 1322 else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 1323 ridx >= OTUS_RIDX_OFDM6) { 1324 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 1325 macctl |= AR_TX_MAC_CTS; 1326 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 1327 macctl |= AR_TX_MAC_RTS; 1328 } 1329 } 1330 1331 phyctl |= AR_TX_PHY_MCS(otus_rates[ridx].mcs); 1332 if (ridx >= OTUS_RIDX_OFDM6) { 1333 phyctl |= AR_TX_PHY_MT_OFDM; 1334 if (ridx <= OTUS_RIDX_OFDM24) 1335 phyctl |= AR_TX_PHY_ANTMSK(sc->txmask); 1336 else 1337 phyctl |= AR_TX_PHY_ANTMSK(1); 1338 } else { /* CCK */ 1339 phyctl |= AR_TX_PHY_MT_CCK; 1340 phyctl |= AR_TX_PHY_ANTMSK(sc->txmask); 1341 } 1342 1343 /* Update rate control stats for frames that are ACK'ed. */ 1344 if (!(macctl & AR_TX_MAC_NOACK)) 1345 ((struct otus_node *)ni)->amn.amn_txcnt++; 1346 1347 data = &sc->tx_data[sc->tx_cur]; 1348 /* Fill Tx descriptor. */ 1349 head = (struct ar_tx_head *)data->buf; 1350 head->len = htole16(m->m_pkthdr.len + IEEE80211_CRC_LEN); 1351 head->macctl = htole16(macctl); 1352 head->phyctl = htole32(phyctl); 1353 1354 #if NBPFILTER > 0 1355 if (__predict_false(sc->sc_drvbpf != NULL)) { 1356 struct otus_tx_radiotap_header *tap = &sc->sc_txtap; 1357 struct mbuf mb; 1358 1359 tap->wt_flags = 0; 1360 tap->wt_rate = otus_rates[ridx].rate; 1361 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1362 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1363 1364 mb.m_data = (caddr_t)tap; 1365 mb.m_len = sc->sc_txtap_len; 1366 mb.m_next = m; 1367 mb.m_nextpkt = NULL; 1368 mb.m_type = 0; 1369 mb.m_flags = 0; 1370 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1371 } 1372 #endif 1373 1374 xferlen = sizeof (*head) + m->m_pkthdr.len; 1375 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&head[1]); 1376 m_freem(m); 1377 ieee80211_release_node(ic, ni); 1378 1379 DPRINTFN(5, ("tx queued=%d len=%d mac=0x%04x phy=0x%08x rate=%d\n", 1380 sc->tx_queued, head->len, head->macctl, head->phyctl, 1381 otus_rates[ridx].rate)); 1382 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1383 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, OTUS_TX_TIMEOUT, otus_txeof); 1384 error = usbd_transfer(data->xfer); 1385 if (__predict_false(error != USBD_IN_PROGRESS && error != 0)) 1386 return error; 1387 1388 sc->tx_queued++; 1389 sc->tx_cur = (sc->tx_cur + 1) % OTUS_TX_DATA_LIST_COUNT; 1390 1391 return 0; 1392 } 1393 1394 void 1395 otus_start(struct ifnet *ifp) 1396 { 1397 struct otus_softc *sc = ifp->if_softc; 1398 struct ieee80211com *ic = &sc->sc_ic; 1399 struct ieee80211_node *ni; 1400 struct mbuf *m; 1401 1402 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1403 return; 1404 1405 for (;;) { 1406 if (sc->tx_queued >= OTUS_TX_DATA_LIST_COUNT) { 1407 ifp->if_flags |= IFF_OACTIVE; 1408 break; 1409 } 1410 /* Send pending management frames first. */ 1411 IF_DEQUEUE(&ic->ic_mgtq, m); 1412 if (m != NULL) { 1413 ni = (void *)m->m_pkthdr.rcvif; 1414 goto sendit; 1415 } 1416 if (ic->ic_state != IEEE80211_S_RUN) 1417 break; 1418 1419 /* Encapsulate and send data frames. */ 1420 IFQ_DEQUEUE(&ifp->if_snd, m); 1421 if (m == NULL) 1422 break; 1423 #if NBPFILTER > 0 1424 if (ifp->if_bpf != NULL) 1425 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 1426 #endif 1427 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) 1428 continue; 1429 sendit: 1430 #if NBPFILTER > 0 1431 if (ic->ic_rawbpf != NULL) 1432 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 1433 #endif 1434 if (otus_tx(sc, m, ni) != 0) { 1435 ieee80211_release_node(ic, ni); 1436 ifp->if_oerrors++; 1437 continue; 1438 } 1439 1440 sc->sc_tx_timer = 5; 1441 ifp->if_timer = 1; 1442 } 1443 } 1444 1445 void 1446 otus_watchdog(struct ifnet *ifp) 1447 { 1448 struct otus_softc *sc = ifp->if_softc; 1449 1450 ifp->if_timer = 0; 1451 1452 if (sc->sc_tx_timer > 0) { 1453 if (--sc->sc_tx_timer == 0) { 1454 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1455 /* otus_init(ifp); XXX needs a process context! */ 1456 ifp->if_oerrors++; 1457 return; 1458 } 1459 ifp->if_timer = 1; 1460 } 1461 ieee80211_watchdog(ifp); 1462 } 1463 1464 int 1465 otus_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1466 { 1467 struct otus_softc *sc = ifp->if_softc; 1468 struct ieee80211com *ic = &sc->sc_ic; 1469 struct ifaddr *ifa; 1470 struct ifreq *ifr; 1471 int s, error = 0; 1472 1473 s = splnet(); 1474 1475 switch (cmd) { 1476 case SIOCSIFADDR: 1477 ifa = (struct ifaddr *)data; 1478 ifp->if_flags |= IFF_UP; 1479 #ifdef INET 1480 if (ifa->ifa_addr->sa_family == AF_INET) 1481 arp_ifinit(&ic->ic_ac, ifa); 1482 #endif 1483 /* FALLTHROUGH */ 1484 case SIOCSIFFLAGS: 1485 if (ifp->if_flags & IFF_UP) { 1486 if ((ifp->if_flags & IFF_RUNNING) && 1487 ((ifp->if_flags ^ sc->sc_if_flags) & 1488 (IFF_ALLMULTI | IFF_PROMISC)) != 0) { 1489 otus_set_multi(sc); 1490 } else if (!(ifp->if_flags & IFF_RUNNING)) 1491 otus_init(ifp); 1492 1493 } else if (ifp->if_flags & IFF_RUNNING) 1494 otus_stop(ifp); 1495 1496 sc->sc_if_flags = ifp->if_flags; 1497 break; 1498 case SIOCADDMULTI: 1499 case SIOCDELMULTI: 1500 ifr = (struct ifreq *)data; 1501 error = (cmd == SIOCADDMULTI) ? 1502 ether_addmulti(ifr, &ic->ic_ac) : 1503 ether_delmulti(ifr, &ic->ic_ac); 1504 if (error == ENETRESET) 1505 error = 0; 1506 break; 1507 case SIOCS80211CHANNEL: 1508 error = ieee80211_ioctl(ifp, cmd, data); 1509 if (error == ENETRESET && 1510 ic->ic_opmode == IEEE80211_M_MONITOR) { 1511 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1512 (IFF_UP | IFF_RUNNING)) 1513 otus_set_chan(sc, ic->ic_ibss_chan, 0); 1514 error = 0; 1515 } 1516 break; 1517 default: 1518 error = ieee80211_ioctl(ifp, cmd, data); 1519 } 1520 1521 if (error == ENETRESET) { 1522 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1523 (IFF_UP | IFF_RUNNING)) 1524 otus_init(ifp); 1525 error = 0; 1526 } 1527 1528 splx(s); 1529 return error; 1530 } 1531 1532 int 1533 otus_set_multi(struct otus_softc *sc) 1534 { 1535 struct arpcom *ac = &sc->sc_ic.ic_ac; 1536 struct ifnet *ifp = &ac->ac_if; 1537 struct ether_multi *enm; 1538 struct ether_multistep step; 1539 uint32_t lo, hi; 1540 uint8_t bit; 1541 1542 if ((ifp->if_flags & (IFF_ALLMULTI | IFF_PROMISC)) != 0) { 1543 lo = hi = 0xffffffff; 1544 goto done; 1545 } 1546 lo = hi = 0; 1547 ETHER_FIRST_MULTI(step, ac, enm); 1548 while (enm != NULL) { 1549 if (bcmp(enm->enm_addrlo, enm->enm_addrhi, ETHER_ADDR_LEN)) { 1550 ifp->if_flags |= IFF_ALLMULTI; 1551 lo = hi = 0xffffffff; 1552 goto done; 1553 } 1554 bit = enm->enm_addrlo[5] >> 2; 1555 if (bit < 32) 1556 lo |= 1 << bit; 1557 else 1558 hi |= 1 << (bit - 32); 1559 ETHER_NEXT_MULTI(step, enm); 1560 } 1561 done: 1562 hi |= 1 << 31; /* Make sure the broadcast bit is set. */ 1563 otus_write(sc, AR_MAC_REG_GROUP_HASH_TBL_L, lo); 1564 otus_write(sc, AR_MAC_REG_GROUP_HASH_TBL_H, hi); 1565 return otus_write_barrier(sc); 1566 } 1567 1568 void 1569 otus_updateedca(struct ieee80211com *ic) 1570 { 1571 /* Do it in a process context. */ 1572 otus_do_async(ic->ic_softc, otus_updateedca_cb, NULL, 0); 1573 } 1574 1575 /* ARGSUSED */ 1576 void 1577 otus_updateedca_cb(struct otus_softc *sc, void *arg) 1578 { 1579 #define EXP2(val) ((1 << (val)) - 1) 1580 #define AIFS(val) ((val) * 9 + 10) 1581 struct ieee80211com *ic = &sc->sc_ic; 1582 const struct ieee80211_edca_ac_params *edca; 1583 int s; 1584 1585 s = splnet(); 1586 1587 edca = (ic->ic_flags & IEEE80211_F_QOS) ? 1588 ic->ic_edca_ac : otus_edca_def; 1589 1590 /* Set CWmin/CWmax values. */ 1591 otus_write(sc, AR_MAC_REG_AC0_CW, 1592 EXP2(edca[EDCA_AC_BE].ac_ecwmax) << 16 | 1593 EXP2(edca[EDCA_AC_BE].ac_ecwmin)); 1594 otus_write(sc, AR_MAC_REG_AC1_CW, 1595 EXP2(edca[EDCA_AC_BK].ac_ecwmax) << 16 | 1596 EXP2(edca[EDCA_AC_BK].ac_ecwmin)); 1597 otus_write(sc, AR_MAC_REG_AC2_CW, 1598 EXP2(edca[EDCA_AC_VI].ac_ecwmax) << 16 | 1599 EXP2(edca[EDCA_AC_VI].ac_ecwmin)); 1600 otus_write(sc, AR_MAC_REG_AC3_CW, 1601 EXP2(edca[EDCA_AC_VO].ac_ecwmax) << 16 | 1602 EXP2(edca[EDCA_AC_VO].ac_ecwmin)); 1603 otus_write(sc, AR_MAC_REG_AC4_CW, /* Special TXQ. */ 1604 EXP2(edca[EDCA_AC_VO].ac_ecwmax) << 16 | 1605 EXP2(edca[EDCA_AC_VO].ac_ecwmin)); 1606 1607 /* Set AIFSN values. */ 1608 otus_write(sc, AR_MAC_REG_AC1_AC0_AIFS, 1609 AIFS(edca[EDCA_AC_VI].ac_aifsn) << 24 | 1610 AIFS(edca[EDCA_AC_BK].ac_aifsn) << 12 | 1611 AIFS(edca[EDCA_AC_BE].ac_aifsn)); 1612 otus_write(sc, AR_MAC_REG_AC3_AC2_AIFS, 1613 AIFS(edca[EDCA_AC_VO].ac_aifsn) << 16 | /* Special TXQ. */ 1614 AIFS(edca[EDCA_AC_VO].ac_aifsn) << 4 | 1615 AIFS(edca[EDCA_AC_VI].ac_aifsn) >> 8); 1616 1617 /* Set TXOP limit. */ 1618 otus_write(sc, AR_MAC_REG_AC1_AC0_TXOP, 1619 edca[EDCA_AC_BK].ac_txoplimit << 16 | 1620 edca[EDCA_AC_BE].ac_txoplimit); 1621 otus_write(sc, AR_MAC_REG_AC3_AC2_TXOP, 1622 edca[EDCA_AC_VO].ac_txoplimit << 16 | 1623 edca[EDCA_AC_VI].ac_txoplimit); 1624 1625 splx(s); 1626 1627 (void)otus_write_barrier(sc); 1628 #undef AIFS 1629 #undef EXP2 1630 } 1631 1632 void 1633 otus_updateslot(struct ieee80211com *ic) 1634 { 1635 /* Do it in a process context. */ 1636 otus_do_async(ic->ic_softc, otus_updateslot_cb, NULL, 0); 1637 } 1638 1639 /* ARGSUSED */ 1640 void 1641 otus_updateslot_cb(struct otus_softc *sc, void *arg) 1642 { 1643 uint32_t slottime; 1644 1645 slottime = (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 1646 otus_write(sc, AR_MAC_REG_SLOT_TIME, slottime << 10); 1647 (void)otus_write_barrier(sc); 1648 } 1649 1650 int 1651 otus_init_mac(struct otus_softc *sc) 1652 { 1653 int error; 1654 1655 otus_write(sc, AR_MAC_REG_ACK_EXTENSION, 0x40); 1656 otus_write(sc, AR_MAC_REG_RETRY_MAX, 0); 1657 otus_write(sc, AR_MAC_REG_SNIFFER, 0x2000000); 1658 otus_write(sc, AR_MAC_REG_RX_THRESHOLD, 0xc1f80); 1659 otus_write(sc, AR_MAC_REG_RX_PE_DELAY, 0x70); 1660 otus_write(sc, AR_MAC_REG_EIFS_AND_SIFS, 0xa144000); 1661 otus_write(sc, AR_MAC_REG_SLOT_TIME, 9 << 10); 1662 otus_write(sc, 0x1c3b2c, 0x19000000); 1663 /* NAV protects ACK only (in TXOP). */ 1664 otus_write(sc, 0x1c3b38, 0x201); 1665 /* Set beacon Tx power to 0x7. */ 1666 otus_write(sc, AR_MAC_REG_BCN_HT1, 0x8000170); 1667 otus_write(sc, AR_MAC_REG_BACKOFF_PROTECT, 0x105); 1668 otus_write(sc, 0x1c3b9c, 0x10000a); 1669 /* Filter any control frames, BAR is bit 24. */ 1670 otus_write(sc, 0x1c368c, 0x0500ffff); 1671 otus_write(sc, 0x1c3c40, 0x1); 1672 otus_write(sc, AR_MAC_REG_BASIC_RATE, 0x150f); 1673 otus_write(sc, AR_MAC_REG_MANDATORY_RATE, 0x150f); 1674 otus_write(sc, AR_MAC_REG_RTS_CTS_RATE, 0x10b01bb); 1675 otus_write(sc, 0x1c3694, 0x4003c1e); 1676 /* Enable LED0 and LED1. */ 1677 otus_write(sc, 0x1d0100, 0x3); 1678 otus_write(sc, 0x1d0104, 0x3); 1679 /* Switch MAC to OTUS interface. */ 1680 otus_write(sc, 0x1c3600, 0x3); 1681 otus_write(sc, 0x1c3c50, 0xffff); 1682 otus_write(sc, 0x1c3680, 0xf00008); 1683 /* Disable Rx timeout (workaround). */ 1684 otus_write(sc, 0x1c362c, 0); 1685 1686 /* Set USB Rx stream mode maximum frame number to 2. */ 1687 otus_write(sc, 0x1e1110, 0x4); 1688 /* Set USB Rx stream mode timeout to 10us. */ 1689 otus_write(sc, 0x1e1114, 0x80); 1690 1691 /* Set clock frequency to 88/80MHz. */ 1692 otus_write(sc, 0x1d4008, 0x73); 1693 /* Set WLAN DMA interrupt mode: generate intr per packet. */ 1694 otus_write(sc, 0x1c3d7c, 0x110011); 1695 otus_write(sc, 0x1c3bb0, 0x4); 1696 otus_write(sc, AR_MAC_REG_TXOP_NOT_ENOUGH_INDICATION, 0x141e0f48); 1697 1698 /* Disable HW decryption for now. */ 1699 otus_write(sc, 0x1c3678, 0x78); 1700 1701 if ((error = otus_write_barrier(sc)) != 0) 1702 return error; 1703 1704 /* Set default EDCA parameters. */ 1705 otus_updateedca_cb(sc, NULL); 1706 1707 return 0; 1708 } 1709 1710 /* 1711 * Return default value for PHY register based on current operating mode. 1712 */ 1713 uint32_t 1714 otus_phy_get_def(struct otus_softc *sc, uint32_t reg) 1715 { 1716 int i; 1717 1718 for (i = 0; i < nitems(ar5416_phy_regs); i++) 1719 if (AR_PHY(ar5416_phy_regs[i]) == reg) 1720 return sc->phy_vals[i]; 1721 return 0; /* Register not found. */ 1722 } 1723 1724 /* 1725 * Update PHY's programming based on vendor-specific data stored in EEPROM. 1726 * This is for FEM-type devices only. 1727 */ 1728 int 1729 otus_set_board_values(struct otus_softc *sc, struct ieee80211_channel *c) 1730 { 1731 const struct ModalEepHeader *eep; 1732 uint32_t tmp, offset; 1733 1734 if (IEEE80211_IS_CHAN_5GHZ(c)) 1735 eep = &sc->eeprom.modalHeader[0]; 1736 else 1737 eep = &sc->eeprom.modalHeader[1]; 1738 1739 /* Offset of chain 2. */ 1740 offset = 2 * 0x1000; 1741 1742 tmp = letoh32(eep->antCtrlCommon); 1743 otus_write(sc, AR_PHY_SWITCH_COM, tmp); 1744 1745 tmp = letoh32(eep->antCtrlChain[0]); 1746 otus_write(sc, AR_PHY_SWITCH_CHAIN_0, tmp); 1747 1748 tmp = letoh32(eep->antCtrlChain[1]); 1749 otus_write(sc, AR_PHY_SWITCH_CHAIN_0 + offset, tmp); 1750 1751 if (1 /* sc->sc_sco == AR_SCO_SCN */) { 1752 tmp = otus_phy_get_def(sc, AR_PHY_SETTLING); 1753 tmp &= ~(0x7f << 7); 1754 tmp |= (eep->switchSettling & 0x7f) << 7; 1755 otus_write(sc, AR_PHY_SETTLING, tmp); 1756 } 1757 1758 tmp = otus_phy_get_def(sc, AR_PHY_DESIRED_SZ); 1759 tmp &= ~0xffff; 1760 tmp |= eep->pgaDesiredSize << 8 | eep->adcDesiredSize; 1761 otus_write(sc, AR_PHY_DESIRED_SZ, tmp); 1762 1763 tmp = eep->txEndToXpaOff << 24 | eep->txEndToXpaOff << 16 | 1764 eep->txFrameToXpaOn << 8 | eep->txFrameToXpaOn; 1765 otus_write(sc, AR_PHY_RF_CTL4, tmp); 1766 1767 tmp = otus_phy_get_def(sc, AR_PHY_RF_CTL3); 1768 tmp &= ~(0xff << 16); 1769 tmp |= eep->txEndToRxOn << 16; 1770 otus_write(sc, AR_PHY_RF_CTL3, tmp); 1771 1772 tmp = otus_phy_get_def(sc, AR_PHY_CCA); 1773 tmp &= ~(0x7f << 12); 1774 tmp |= (eep->thresh62 & 0x7f) << 12; 1775 otus_write(sc, AR_PHY_CCA, tmp); 1776 1777 tmp = otus_phy_get_def(sc, AR_PHY_RXGAIN); 1778 tmp &= ~(0x3f << 12); 1779 tmp |= (eep->txRxAttenCh[0] & 0x3f) << 12; 1780 otus_write(sc, AR_PHY_RXGAIN, tmp); 1781 1782 tmp = otus_phy_get_def(sc, AR_PHY_RXGAIN + offset); 1783 tmp &= ~(0x3f << 12); 1784 tmp |= (eep->txRxAttenCh[1] & 0x3f) << 12; 1785 otus_write(sc, AR_PHY_RXGAIN + offset, tmp); 1786 1787 tmp = otus_phy_get_def(sc, AR_PHY_GAIN_2GHZ); 1788 tmp &= ~(0x3f << 18); 1789 tmp |= (eep->rxTxMarginCh[0] & 0x3f) << 18; 1790 if (IEEE80211_IS_CHAN_5GHZ(c)) { 1791 tmp &= ~(0xf << 10); 1792 tmp |= (eep->bswMargin[0] & 0xf) << 10; 1793 } 1794 otus_write(sc, AR_PHY_GAIN_2GHZ, tmp); 1795 1796 tmp = otus_phy_get_def(sc, AR_PHY_GAIN_2GHZ + offset); 1797 tmp &= ~(0x3f << 18); 1798 tmp |= (eep->rxTxMarginCh[1] & 0x3f) << 18; 1799 otus_write(sc, AR_PHY_GAIN_2GHZ + offset, tmp); 1800 1801 tmp = otus_phy_get_def(sc, AR_PHY_TIMING_CTRL4); 1802 tmp &= ~(0x3f << 5 | 0x1f); 1803 tmp |= (eep->iqCalICh[0] & 0x3f) << 5 | (eep->iqCalQCh[0] & 0x1f); 1804 otus_write(sc, AR_PHY_TIMING_CTRL4, tmp); 1805 1806 tmp = otus_phy_get_def(sc, AR_PHY_TIMING_CTRL4 + offset); 1807 tmp &= ~(0x3f << 5 | 0x1f); 1808 tmp |= (eep->iqCalICh[1] & 0x3f) << 5 | (eep->iqCalQCh[1] & 0x1f); 1809 otus_write(sc, AR_PHY_TIMING_CTRL4 + offset, tmp); 1810 1811 tmp = otus_phy_get_def(sc, AR_PHY_TPCRG1); 1812 tmp &= ~(0xf << 16); 1813 tmp |= (eep->xpd & 0xf) << 16; 1814 otus_write(sc, AR_PHY_TPCRG1, tmp); 1815 1816 return otus_write_barrier(sc); 1817 } 1818 1819 int 1820 otus_program_phy(struct otus_softc *sc, struct ieee80211_channel *c) 1821 { 1822 const uint32_t *vals; 1823 int error, i; 1824 1825 /* Select PHY programming based on band and bandwidth. */ 1826 if (IEEE80211_IS_CHAN_2GHZ(c)) 1827 vals = ar5416_phy_vals_2ghz_20mhz; 1828 else 1829 vals = ar5416_phy_vals_5ghz_20mhz; 1830 for (i = 0; i < nitems(ar5416_phy_regs); i++) 1831 otus_write(sc, AR_PHY(ar5416_phy_regs[i]), vals[i]); 1832 sc->phy_vals = vals; 1833 1834 if (sc->eeprom.baseEepHeader.deviceType == 0x80) /* FEM */ 1835 if ((error = otus_set_board_values(sc, c)) != 0) 1836 return error; 1837 1838 /* Initial Tx power settings. */ 1839 otus_write(sc, AR_PHY_POWER_TX_RATE_MAX, 0x7f); 1840 otus_write(sc, AR_PHY_POWER_TX_RATE1, 0x3f3f3f3f); 1841 otus_write(sc, AR_PHY_POWER_TX_RATE2, 0x3f3f3f3f); 1842 otus_write(sc, AR_PHY_POWER_TX_RATE3, 0x3f3f3f3f); 1843 otus_write(sc, AR_PHY_POWER_TX_RATE4, 0x3f3f3f3f); 1844 otus_write(sc, AR_PHY_POWER_TX_RATE5, 0x3f3f3f3f); 1845 otus_write(sc, AR_PHY_POWER_TX_RATE6, 0x3f3f3f3f); 1846 otus_write(sc, AR_PHY_POWER_TX_RATE7, 0x3f3f3f3f); 1847 otus_write(sc, AR_PHY_POWER_TX_RATE8, 0x3f3f3f3f); 1848 otus_write(sc, AR_PHY_POWER_TX_RATE9, 0x3f3f3f3f); 1849 1850 if (IEEE80211_IS_CHAN_2GHZ(c)) 1851 otus_write(sc, 0x1d4014, 0x5163); 1852 else 1853 otus_write(sc, 0x1d4014, 0x5143); 1854 1855 return otus_write_barrier(sc); 1856 } 1857 1858 static __inline uint8_t 1859 otus_reverse_bits(uint8_t v) 1860 { 1861 v = ((v >> 1) & 0x55) | ((v & 0x55) << 1); 1862 v = ((v >> 2) & 0x33) | ((v & 0x33) << 2); 1863 v = ((v >> 4) & 0x0f) | ((v & 0x0f) << 4); 1864 return v; 1865 } 1866 1867 int 1868 otus_set_rf_bank4(struct otus_softc *sc, struct ieee80211_channel *c) 1869 { 1870 uint8_t chansel, d0, d1; 1871 uint16_t data; 1872 int error; 1873 1874 d0 = 0; 1875 if (IEEE80211_IS_CHAN_5GHZ(c)) { 1876 chansel = (c->ic_freq - 4800) / 5; 1877 if (chansel & 1) 1878 d0 |= AR_BANK4_AMODE_REFSEL(2); 1879 else 1880 d0 |= AR_BANK4_AMODE_REFSEL(1); 1881 } else { 1882 d0 |= AR_BANK4_AMODE_REFSEL(2); 1883 if (c->ic_freq == 2484) { /* CH 14 */ 1884 d0 |= AR_BANK4_BMODE_LF_SYNTH_FREQ; 1885 chansel = 10 + (c->ic_freq - 2274) / 5; 1886 } else 1887 chansel = 16 + (c->ic_freq - 2272) / 5; 1888 chansel <<= 2; 1889 } 1890 d0 |= AR_BANK4_ADDR(1) | AR_BANK4_CHUP; 1891 d1 = otus_reverse_bits(chansel); 1892 1893 /* Write bits 0-4 of d0 and d1. */ 1894 data = (d1 & 0x1f) << 5 | (d0 & 0x1f); 1895 otus_write(sc, AR_PHY(44), data); 1896 /* Write bits 5-7 of d0 and d1. */ 1897 data = (d1 >> 5) << 5 | (d0 >> 5); 1898 otus_write(sc, AR_PHY(58), data); 1899 1900 if ((error = otus_write_barrier(sc)) == 0) 1901 usbd_delay_ms(sc->sc_udev, 10); 1902 return error; 1903 } 1904 1905 void 1906 otus_get_delta_slope(uint32_t coeff, uint32_t *exponent, uint32_t *mantissa) 1907 { 1908 #define COEFF_SCALE_SHIFT 24 1909 uint32_t exp, man; 1910 1911 /* exponent = 14 - floor(log2(coeff)) */ 1912 for (exp = 31; exp > 0; exp--) 1913 if (coeff & (1 << exp)) 1914 break; 1915 KASSERT(exp != 0); 1916 exp = 14 - (exp - COEFF_SCALE_SHIFT); 1917 1918 /* mantissa = floor(coeff * 2^exponent + 0.5) */ 1919 man = coeff + (1 << (COEFF_SCALE_SHIFT - exp - 1)); 1920 1921 *mantissa = man >> (COEFF_SCALE_SHIFT - exp); 1922 *exponent = exp - 16; 1923 #undef COEFF_SCALE_SHIFT 1924 } 1925 1926 int 1927 otus_set_chan(struct otus_softc *sc, struct ieee80211_channel *c, int assoc) 1928 { 1929 struct ieee80211com *ic = &sc->sc_ic; 1930 struct ar_cmd_frequency cmd; 1931 struct ar_rsp_frequency rsp; 1932 const uint32_t *vals; 1933 uint32_t coeff, exp, man, tmp; 1934 uint8_t code; 1935 int error, chan, i; 1936 1937 chan = ieee80211_chan2ieee(ic, c); 1938 DPRINTF(("setting channel %d (%dMHz)\n", chan, c->ic_freq)); 1939 1940 tmp = IEEE80211_IS_CHAN_2GHZ(c) ? 0x105 : 0x104; 1941 otus_write(sc, AR_MAC_REG_DYNAMIC_SIFS_ACK, tmp); 1942 if ((error = otus_write_barrier(sc)) != 0) 1943 return error; 1944 1945 /* Disable BB Heavy Clip. */ 1946 otus_write(sc, AR_PHY_HEAVY_CLIP_ENABLE, 0x200); 1947 if ((error = otus_write_barrier(sc)) != 0) 1948 return error; 1949 1950 /* XXX Is that FREQ_START ? */ 1951 error = otus_cmd(sc, AR_CMD_FREQ_STRAT, NULL, 0, NULL); 1952 if (error != 0) 1953 return error; 1954 1955 /* Reprogram PHY and RF on channel band or bandwidth changes. */ 1956 if (sc->bb_reset || c->ic_flags != sc->sc_curchan->ic_flags) { 1957 DPRINTF(("band switch\n")); 1958 1959 /* Cold/Warm reset BB/ADDA. */ 1960 otus_write(sc, 0x1d4004, sc->bb_reset ? 0x800 : 0x400); 1961 if ((error = otus_write_barrier(sc)) != 0) 1962 return error; 1963 otus_write(sc, 0x1d4004, 0); 1964 if ((error = otus_write_barrier(sc)) != 0) 1965 return error; 1966 sc->bb_reset = 0; 1967 1968 if ((error = otus_program_phy(sc, c)) != 0) { 1969 printf("%s: could not program PHY\n", 1970 sc->sc_dev.dv_xname); 1971 return error; 1972 } 1973 1974 /* Select RF programming based on band. */ 1975 if (IEEE80211_IS_CHAN_5GHZ(c)) 1976 vals = ar5416_banks_vals_5ghz; 1977 else 1978 vals = ar5416_banks_vals_2ghz; 1979 for (i = 0; i < nitems(ar5416_banks_regs); i++) 1980 otus_write(sc, AR_PHY(ar5416_banks_regs[i]), vals[i]); 1981 if ((error = otus_write_barrier(sc)) != 0) { 1982 printf("%s: could not program RF\n", 1983 sc->sc_dev.dv_xname); 1984 return error; 1985 } 1986 code = AR_CMD_RF_INIT; 1987 } else { 1988 code = AR_CMD_FREQUENCY; 1989 } 1990 1991 if ((error = otus_set_rf_bank4(sc, c)) != 0) 1992 return error; 1993 1994 tmp = (sc->txmask == 0x5) ? 0x340 : 0x240; 1995 otus_write(sc, AR_PHY_TURBO, tmp); 1996 if ((error = otus_write_barrier(sc)) != 0) 1997 return error; 1998 1999 /* Send firmware command to set channel. */ 2000 cmd.freq = htole32((uint32_t)c->ic_freq * 1000); 2001 cmd.dynht2040 = htole32(0); 2002 cmd.htena = htole32(1); 2003 /* Set Delta Slope (exponent and mantissa). */ 2004 coeff = (100 << 24) / c->ic_freq; 2005 otus_get_delta_slope(coeff, &exp, &man); 2006 cmd.dsc_exp = htole32(exp); 2007 cmd.dsc_man = htole32(man); 2008 DPRINTF(("ds coeff=%u exp=%u man=%u\n", coeff, exp, man)); 2009 /* For Short GI, coeff is 9/10 that of normal coeff. */ 2010 coeff = (9 * coeff) / 10; 2011 otus_get_delta_slope(coeff, &exp, &man); 2012 cmd.dsc_shgi_exp = htole32(exp); 2013 cmd.dsc_shgi_man = htole32(man); 2014 DPRINTF(("ds shgi coeff=%u exp=%u man=%u\n", coeff, exp, man)); 2015 /* Set wait time for AGC and noise calibration (100 or 200ms). */ 2016 cmd.check_loop_count = assoc ? htole32(2000) : htole32(1000); 2017 DPRINTF(("%s\n", (code == AR_CMD_RF_INIT) ? "RF_INIT" : "FREQUENCY")); 2018 error = otus_cmd(sc, code, &cmd, sizeof cmd, &rsp); 2019 if (error != 0) 2020 return error; 2021 if ((rsp.status & htole32(AR_CAL_ERR_AGC | AR_CAL_ERR_NF_VAL)) != 0) { 2022 DPRINTF(("status=0x%x\n", letoh32(rsp.status))); 2023 /* Force cold reset on next channel. */ 2024 sc->bb_reset = 1; 2025 } 2026 #ifdef OTUS_DEBUG 2027 if (otus_debug) { 2028 printf("calibration status=0x%x\n", letoh32(rsp.status)); 2029 for (i = 0; i < 2; i++) { /* 2 Rx chains */ 2030 /* Sign-extend 9-bit NF values. */ 2031 printf("noisefloor chain %d=%d\n", i, 2032 (((int32_t)letoh32(rsp.nf[i])) << 4) >> 23); 2033 printf("noisefloor ext chain %d=%d\n", i, 2034 ((int32_t)letoh32(rsp.nf_ext[i])) >> 23); 2035 } 2036 } 2037 #endif 2038 sc->sc_curchan = c; 2039 return 0; 2040 } 2041 2042 #ifdef notyet 2043 int 2044 otus_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2045 struct ieee80211_key *k) 2046 { 2047 struct otus_softc *sc = ic->ic_softc; 2048 struct otus_cmd_key cmd; 2049 2050 /* Do it in a process context. */ 2051 cmd.key = *k; 2052 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 2053 otus_do_async(sc, otus_set_key_cb, &cmd, sizeof cmd); 2054 return 0; 2055 } 2056 2057 void 2058 otus_set_key_cb(struct otus_softc *sc, void *arg) 2059 { 2060 struct otus_cmd_key *cmd = arg; 2061 struct ieee80211_key *k = &cmd->key; 2062 struct ar_cmd_ekey key; 2063 uint16_t cipher; 2064 int error; 2065 2066 memset(&key, 0, sizeof key); 2067 if (k->k_flags & IEEE80211_KEY_GROUP) { 2068 key.uid = htole16(k->k_id); 2069 IEEE80211_ADDR_COPY(key.macaddr, sc->sc_ic.ic_myaddr); 2070 key.macaddr[0] |= 0x80; 2071 } else { 2072 key.uid = htole16(OTUS_UID(cmd->associd)); 2073 IEEE80211_ADDR_COPY(key.macaddr, ni->ni_macaddr); 2074 } 2075 key.kix = htole16(0); 2076 /* Map net80211 cipher to hardware. */ 2077 switch (k->k_cipher) { 2078 case IEEE80211_CIPHER_WEP40: 2079 cipher = AR_CIPHER_WEP64; 2080 break; 2081 case IEEE80211_CIPHER_WEP104: 2082 cipher = AR_CIPHER_WEP128; 2083 break; 2084 case IEEE80211_CIPHER_TKIP: 2085 cipher = AR_CIPHER_TKIP; 2086 break; 2087 case IEEE80211_CIPHER_CCMP: 2088 cipher = AR_CIPHER_AES; 2089 break; 2090 default: 2091 return; 2092 } 2093 key.cipher = htole16(cipher); 2094 memcpy(key.key, k->k_key, MIN(k->k_len, 16)); 2095 error = otus_cmd(sc, AR_CMD_EKEY, &key, sizeof key, NULL); 2096 if (error != 0 || k->k_cipher != IEEE80211_CIPHER_TKIP) 2097 return; 2098 2099 /* TKIP: set Tx/Rx MIC Key. */ 2100 key.kix = htole16(1); 2101 memcpy(key.key, k->k_key + 16, 16); 2102 (void)otus_cmd(sc, AR_CMD_EKEY, &key, sizeof key, NULL); 2103 } 2104 2105 void 2106 otus_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2107 struct ieee80211_key *k) 2108 { 2109 struct otus_softc *sc = ic->ic_softc; 2110 struct otus_cmd_key cmd; 2111 2112 if (!(ic->ic_if.if_flags & IFF_RUNNING) || 2113 ic->ic_state != IEEE80211_S_RUN) 2114 return; /* Nothing to do. */ 2115 2116 /* Do it in a process context. */ 2117 cmd.key = *k; 2118 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 2119 otus_do_async(sc, otus_delete_key_cb, &cmd, sizeof cmd); 2120 } 2121 2122 void 2123 otus_delete_key_cb(struct otus_softc *sc, void *arg) 2124 { 2125 struct otus_cmd_key *cmd = arg; 2126 struct ieee80211_key *k = &cmd->key; 2127 uint32_t uid; 2128 2129 if (k->k_flags & IEEE80211_KEY_GROUP) 2130 uid = htole32(k->k_id); 2131 else 2132 uid = htole32(OTUS_UID(cmd->associd)); 2133 (void)otus_cmd(sc, AR_CMD_DKEY, &uid, sizeof uid, NULL); 2134 } 2135 #endif 2136 2137 void 2138 otus_calibrate_to(void *arg) 2139 { 2140 struct otus_softc *sc = arg; 2141 struct ieee80211com *ic = &sc->sc_ic; 2142 struct ieee80211_node *ni; 2143 int s; 2144 2145 s = splnet(); 2146 ni = ic->ic_bss; 2147 ieee80211_amrr_choose(&sc->amrr, ni, &((struct otus_node *)ni)->amn); 2148 splx(s); 2149 2150 timeout_add_sec(&sc->calib_to, 1); 2151 } 2152 2153 int 2154 otus_set_bssid(struct otus_softc *sc, const uint8_t *bssid) 2155 { 2156 otus_write(sc, AR_MAC_REG_BSSID_L, 2157 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 2158 otus_write(sc, AR_MAC_REG_BSSID_H, 2159 bssid[4] | bssid[5] << 8); 2160 return otus_write_barrier(sc); 2161 } 2162 2163 int 2164 otus_set_macaddr(struct otus_softc *sc, const uint8_t *addr) 2165 { 2166 otus_write(sc, AR_MAC_REG_MAC_ADDR_L, 2167 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 2168 otus_write(sc, AR_MAC_REG_MAC_ADDR_H, 2169 addr[4] | addr[5] << 8); 2170 return otus_write_barrier(sc); 2171 } 2172 2173 /* Default single-LED. */ 2174 void 2175 otus_led_newstate_type1(struct otus_softc *sc) 2176 { 2177 /* TBD */ 2178 } 2179 2180 /* NETGEAR, dual-LED. */ 2181 void 2182 otus_led_newstate_type2(struct otus_softc *sc) 2183 { 2184 /* TBD */ 2185 } 2186 2187 /* NETGEAR, single-LED/3 colors (blue, red, purple.) */ 2188 void 2189 otus_led_newstate_type3(struct otus_softc *sc) 2190 { 2191 struct ieee80211com *ic = &sc->sc_ic; 2192 uint32_t state = sc->led_state; 2193 2194 if (ic->ic_state == IEEE80211_S_INIT) { 2195 state = 0; /* LED off. */ 2196 } else if (ic->ic_state == IEEE80211_S_RUN) { 2197 /* Associated, LED always on. */ 2198 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) 2199 state = AR_LED0_ON; /* 2GHz=>Red. */ 2200 else 2201 state = AR_LED1_ON; /* 5GHz=>Blue. */ 2202 } else { 2203 /* Scanning, blink LED. */ 2204 state ^= AR_LED0_ON | AR_LED1_ON; 2205 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) 2206 state &= ~AR_LED1_ON; 2207 else 2208 state &= ~AR_LED0_ON; 2209 } 2210 if (state != sc->led_state) { 2211 otus_write(sc, 0x1d0104, state); 2212 if (otus_write_barrier(sc) == 0) 2213 sc->led_state = state; 2214 } 2215 } 2216 2217 int 2218 otus_init(struct ifnet *ifp) 2219 { 2220 struct otus_softc *sc = ifp->if_softc; 2221 struct ieee80211com *ic = &sc->sc_ic; 2222 int error; 2223 2224 /* Init host command ring. */ 2225 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 2226 2227 if ((error = otus_init_mac(sc)) != 0) { 2228 printf("%s: could not initialize MAC\n", sc->sc_dev.dv_xname); 2229 return error; 2230 } 2231 2232 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2233 (void)otus_set_macaddr(sc, ic->ic_myaddr); 2234 2235 switch (ic->ic_opmode) { 2236 #ifdef notyet 2237 #ifndef IEEE80211_STA_ONLY 2238 case IEEE80211_M_HOSTAP: 2239 otus_write(sc, 0x1c3700, 0x0f0000a1); 2240 otus_write(sc, 0x1c3c40, 0x1); 2241 break; 2242 case IEEE80211_M_IBSS: 2243 otus_write(sc, 0x1c3700, 0x0f000000); 2244 otus_write(sc, 0x1c3c40, 0x1); 2245 break; 2246 #endif 2247 #endif 2248 case IEEE80211_M_STA: 2249 otus_write(sc, 0x1c3700, 0x0f000002); 2250 otus_write(sc, 0x1c3c40, 0x1); 2251 break; 2252 default: 2253 break; 2254 } 2255 otus_write(sc, AR_MAC_REG_SNIFFER, 2256 (ic->ic_opmode == IEEE80211_M_MONITOR) ? 0x2000001 : 0x2000000); 2257 (void)otus_write_barrier(sc); 2258 2259 sc->bb_reset = 1; /* Force cold reset. */ 2260 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 2261 if ((error = otus_set_chan(sc, ic->ic_ibss_chan, 0)) != 0) { 2262 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 2263 return error; 2264 } 2265 2266 /* Start Rx. */ 2267 otus_write(sc, 0x1c3d30, 0x100); 2268 (void)otus_write_barrier(sc); 2269 2270 ifp->if_flags &= ~IFF_OACTIVE; 2271 ifp->if_flags |= IFF_RUNNING; 2272 2273 if (ic->ic_opmode == IEEE80211_M_MONITOR) 2274 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2275 else 2276 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2277 2278 return 0; 2279 } 2280 2281 void 2282 otus_stop(struct ifnet *ifp) 2283 { 2284 struct otus_softc *sc = ifp->if_softc; 2285 struct ieee80211com *ic = &sc->sc_ic; 2286 int s; 2287 2288 sc->sc_tx_timer = 0; 2289 ifp->if_timer = 0; 2290 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2291 2292 timeout_del(&sc->scan_to); 2293 timeout_del(&sc->calib_to); 2294 2295 s = splusb(); 2296 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2297 /* Wait for all queued asynchronous commands to complete. */ 2298 while (sc->cmdq.queued > 0) 2299 tsleep(&sc->cmdq, 0, "cmdq", 0); 2300 splx(s); 2301 2302 /* Stop Rx. */ 2303 otus_write(sc, 0x1c3d30, 0); 2304 (void)otus_write_barrier(sc); 2305 2306 sc->tx_queued = 0; 2307 } 2308