1 /* $OpenBSD: if_otus.c,v 1.73 2024/05/23 03:21:08 jsg Exp $ */ 2 3 /*- 4 * Copyright (c) 2009 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /* 20 * Driver for Atheros AR9001U chipset. 21 */ 22 23 #include "bpfilter.h" 24 25 #include <sys/param.h> 26 #include <sys/sockio.h> 27 #include <sys/mbuf.h> 28 #include <sys/systm.h> 29 #include <sys/timeout.h> 30 #include <sys/device.h> 31 #include <sys/endian.h> 32 33 #include <machine/intr.h> 34 35 #if NBPFILTER > 0 36 #include <net/bpf.h> 37 #endif 38 #include <net/if.h> 39 #include <net/if_dl.h> 40 #include <net/if_media.h> 41 42 #include <netinet/in.h> 43 #include <netinet/if_ether.h> 44 45 #include <net80211/ieee80211_var.h> 46 #include <net80211/ieee80211_amrr.h> 47 #include <net80211/ieee80211_radiotap.h> 48 49 #include <dev/usb/usb.h> 50 #include <dev/usb/usbdi.h> 51 #include <dev/usb/usbdi_util.h> 52 #include <dev/usb/usbdevs.h> 53 54 #include <dev/usb/if_otusreg.h> 55 56 #ifdef OTUS_DEBUG 57 #define DPRINTF(x) do { if (otus_debug) printf x; } while (0) 58 #define DPRINTFN(n, x) do { if (otus_debug >= (n)) printf x; } while (0) 59 int otus_debug = 1; 60 #else 61 #define DPRINTF(x) 62 #define DPRINTFN(n, x) 63 #endif 64 65 static const struct usb_devno otus_devs[] = { 66 { USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_WN7512 }, 67 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_3CRUSBN275 }, 68 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_TG121N }, 69 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_AR9170 }, 70 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_WN612 }, 71 { USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_WN821NV2 }, 72 { USB_VENDOR_AVM, USB_PRODUCT_AVM_FRITZWLAN }, 73 { USB_VENDOR_CACE, USB_PRODUCT_CACE_AIRPCAPNX }, 74 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA130D1 }, 75 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA160A1 }, 76 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA160A2 }, 77 { USB_VENDOR_IODATA, USB_PRODUCT_IODATA_WNGDNUS2 }, 78 { USB_VENDOR_NEC, USB_PRODUCT_NEC_WL300NUG }, 79 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WN111V2 }, 80 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNA1000 }, 81 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNDA3100 }, 82 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GW_US300 }, 83 { USB_VENDOR_WISTRONNEWEB, USB_PRODUCT_WISTRONNEWEB_O8494 }, 84 { USB_VENDOR_WISTRONNEWEB, USB_PRODUCT_WISTRONNEWEB_WNC0600 }, 85 { USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_UB81 }, 86 { USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_UB82 }, 87 { USB_VENDOR_ZYDAS, USB_PRODUCT_ZYDAS_ZD1221 }, 88 { USB_VENDOR_ZYXEL, USB_PRODUCT_ZYXEL_NWD271N } 89 }; 90 91 int otus_match(struct device *, void *, void *); 92 void otus_attach(struct device *, struct device *, void *); 93 int otus_detach(struct device *, int); 94 void otus_attachhook(struct device *); 95 void otus_get_chanlist(struct otus_softc *); 96 int otus_load_firmware(struct otus_softc *, const char *, 97 uint32_t); 98 int otus_open_pipes(struct otus_softc *); 99 void otus_close_pipes(struct otus_softc *); 100 int otus_alloc_tx_cmd(struct otus_softc *); 101 void otus_free_tx_cmd(struct otus_softc *); 102 int otus_alloc_tx_data_list(struct otus_softc *); 103 void otus_free_tx_data_list(struct otus_softc *); 104 int otus_alloc_rx_data_list(struct otus_softc *); 105 void otus_free_rx_data_list(struct otus_softc *); 106 void otus_next_scan(void *); 107 void otus_task(void *); 108 void otus_do_async(struct otus_softc *, 109 void (*)(struct otus_softc *, void *), void *, int); 110 int otus_newstate(struct ieee80211com *, enum ieee80211_state, 111 int); 112 void otus_newstate_cb(struct otus_softc *, void *); 113 int otus_cmd(struct otus_softc *, uint8_t, const void *, int, 114 void *); 115 void otus_write(struct otus_softc *, uint32_t, uint32_t); 116 int otus_write_barrier(struct otus_softc *); 117 struct ieee80211_node *otus_node_alloc(struct ieee80211com *); 118 int otus_media_change(struct ifnet *); 119 int otus_read_eeprom(struct otus_softc *); 120 void otus_newassoc(struct ieee80211com *, struct ieee80211_node *, 121 int); 122 void otus_intr(struct usbd_xfer *, void *, usbd_status); 123 void otus_cmd_rxeof(struct otus_softc *, uint8_t *, int); 124 void otus_sub_rxeof(struct otus_softc *, uint8_t *, int, 125 struct mbuf_list *); 126 void otus_rxeof(struct usbd_xfer *, void *, usbd_status); 127 void otus_txeof(struct usbd_xfer *, void *, usbd_status); 128 int otus_tx(struct otus_softc *, struct mbuf *, 129 struct ieee80211_node *); 130 void otus_start(struct ifnet *); 131 void otus_watchdog(struct ifnet *); 132 int otus_ioctl(struct ifnet *, u_long, caddr_t); 133 int otus_set_multi(struct otus_softc *); 134 void otus_updateedca(struct ieee80211com *); 135 void otus_updateedca_cb(struct otus_softc *, void *); 136 void otus_updateslot(struct ieee80211com *); 137 void otus_updateslot_cb(struct otus_softc *, void *); 138 int otus_init_mac(struct otus_softc *); 139 uint32_t otus_phy_get_def(struct otus_softc *, uint32_t); 140 int otus_set_board_values(struct otus_softc *, 141 struct ieee80211_channel *); 142 int otus_program_phy(struct otus_softc *, 143 struct ieee80211_channel *); 144 int otus_set_rf_bank4(struct otus_softc *, 145 struct ieee80211_channel *); 146 void otus_get_delta_slope(uint32_t, uint32_t *, uint32_t *); 147 int otus_set_chan(struct otus_softc *, struct ieee80211_channel *, 148 int); 149 int otus_set_key(struct ieee80211com *, struct ieee80211_node *, 150 struct ieee80211_key *); 151 void otus_set_key_cb(struct otus_softc *, void *); 152 void otus_delete_key(struct ieee80211com *, struct ieee80211_node *, 153 struct ieee80211_key *); 154 void otus_delete_key_cb(struct otus_softc *, void *); 155 void otus_calibrate_to(void *); 156 int otus_set_bssid(struct otus_softc *, const uint8_t *); 157 int otus_set_macaddr(struct otus_softc *, const uint8_t *); 158 void otus_led_newstate_type1(struct otus_softc *); 159 void otus_led_newstate_type2(struct otus_softc *); 160 void otus_led_newstate_type3(struct otus_softc *); 161 int otus_init(struct ifnet *); 162 void otus_stop(struct ifnet *); 163 164 struct cfdriver otus_cd = { 165 NULL, "otus", DV_IFNET 166 }; 167 168 const struct cfattach otus_ca = { 169 sizeof (struct otus_softc), otus_match, otus_attach, otus_detach 170 }; 171 172 int 173 otus_match(struct device *parent, void *match, void *aux) 174 { 175 struct usb_attach_arg *uaa = aux; 176 177 if (uaa->iface == NULL || uaa->configno != 1) 178 return UMATCH_NONE; 179 180 return (usb_lookup(otus_devs, uaa->vendor, uaa->product) != NULL) ? 181 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 182 } 183 184 void 185 otus_attach(struct device *parent, struct device *self, void *aux) 186 { 187 struct otus_softc *sc = (struct otus_softc *)self; 188 struct usb_attach_arg *uaa = aux; 189 int error; 190 191 sc->sc_udev = uaa->device; 192 193 usb_init_task(&sc->sc_task, otus_task, sc, USB_TASK_TYPE_GENERIC); 194 timeout_set(&sc->scan_to, otus_next_scan, sc); 195 timeout_set(&sc->calib_to, otus_calibrate_to, sc); 196 197 sc->amrr.amrr_min_success_threshold = 1; 198 sc->amrr.amrr_max_success_threshold = 10; 199 200 /* Get the first interface handle. */ 201 error = usbd_device2interface_handle(sc->sc_udev, 0, &sc->sc_iface); 202 if (error != 0) { 203 printf("%s: could not get interface handle\n", 204 sc->sc_dev.dv_xname); 205 return; 206 } 207 208 if ((error = otus_open_pipes(sc)) != 0) { 209 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 210 return; 211 } 212 213 config_mountroot(self, otus_attachhook); 214 } 215 216 int 217 otus_detach(struct device *self, int flags) 218 { 219 struct otus_softc *sc = (struct otus_softc *)self; 220 struct ifnet *ifp = &sc->sc_ic.ic_if; 221 int s; 222 223 s = splusb(); 224 225 if (timeout_initialized(&sc->scan_to)) 226 timeout_del(&sc->scan_to); 227 if (timeout_initialized(&sc->calib_to)) 228 timeout_del(&sc->calib_to); 229 230 /* Wait for all queued asynchronous commands to complete. */ 231 usb_rem_wait_task(sc->sc_udev, &sc->sc_task); 232 233 usbd_ref_wait(sc->sc_udev); 234 235 if (ifp->if_softc != NULL) { 236 ifp->if_flags &= ~IFF_RUNNING; 237 ifq_clr_oactive(&ifp->if_snd); 238 ieee80211_ifdetach(ifp); 239 if_detach(ifp); 240 } 241 242 otus_close_pipes(sc); 243 244 splx(s); 245 246 return 0; 247 } 248 249 void 250 otus_attachhook(struct device *self) 251 { 252 struct otus_softc *sc = (struct otus_softc *)self; 253 struct ieee80211com *ic = &sc->sc_ic; 254 struct ifnet *ifp = &ic->ic_if; 255 usb_device_request_t req; 256 uint32_t in, out; 257 int error; 258 259 error = otus_load_firmware(sc, "otus-init", AR_FW_INIT_ADDR); 260 if (error != 0) { 261 printf("%s: could not load %s firmware\n", 262 sc->sc_dev.dv_xname, "init"); 263 return; 264 } 265 266 usbd_delay_ms(sc->sc_udev, 1000); 267 268 error = otus_load_firmware(sc, "otus-main", AR_FW_MAIN_ADDR); 269 if (error != 0) { 270 printf("%s: could not load %s firmware\n", 271 sc->sc_dev.dv_xname, "main"); 272 return; 273 } 274 275 /* Tell device that firmware transfer is complete. */ 276 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 277 req.bRequest = AR_FW_DOWNLOAD_COMPLETE; 278 USETW(req.wValue, 0); 279 USETW(req.wIndex, 0); 280 USETW(req.wLength, 0); 281 if (usbd_do_request(sc->sc_udev, &req, NULL) != 0) { 282 printf("%s: firmware initialization failed\n", 283 sc->sc_dev.dv_xname); 284 return; 285 } 286 287 /* Send an ECHO command to check that everything is settled. */ 288 in = 0xbadc0ffe; 289 if (otus_cmd(sc, AR_CMD_ECHO, &in, sizeof in, &out) != 0) { 290 printf("%s: echo command failed\n", sc->sc_dev.dv_xname); 291 return; 292 } 293 if (in != out) { 294 printf("%s: echo reply mismatch: 0x%08x!=0x%08x\n", 295 sc->sc_dev.dv_xname, in, out); 296 return; 297 } 298 299 /* Read entire EEPROM. */ 300 if (otus_read_eeprom(sc) != 0) { 301 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 302 return; 303 } 304 305 sc->txmask = sc->eeprom.baseEepHeader.txMask; 306 sc->rxmask = sc->eeprom.baseEepHeader.rxMask; 307 sc->capflags = sc->eeprom.baseEepHeader.opCapFlags; 308 IEEE80211_ADDR_COPY(ic->ic_myaddr, sc->eeprom.baseEepHeader.macAddr); 309 sc->sc_led_newstate = otus_led_newstate_type3; /* XXX */ 310 311 printf("%s: MAC/BBP AR9170, RF AR%X, MIMO %dT%dR, address %s\n", 312 sc->sc_dev.dv_xname, (sc->capflags & AR5416_OPFLAGS_11A) ? 313 0x9104 : ((sc->txmask == 0x5) ? 0x9102 : 0x9101), 314 (sc->txmask == 0x5) ? 2 : 1, (sc->rxmask == 0x5) ? 2 : 1, 315 ether_sprintf(ic->ic_myaddr)); 316 317 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 318 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 319 ic->ic_state = IEEE80211_S_INIT; 320 321 /* Set device capabilities. */ 322 ic->ic_caps = 323 IEEE80211_C_MONITOR | /* monitor mode supported */ 324 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 325 IEEE80211_C_SHSLOT | /* short slot time supported */ 326 IEEE80211_C_WEP | /* WEP */ 327 IEEE80211_C_RSN; /* WPA/RSN */ 328 329 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 330 /* Set supported .11b and .11g rates. */ 331 ic->ic_sup_rates[IEEE80211_MODE_11B] = 332 ieee80211_std_rateset_11b; 333 ic->ic_sup_rates[IEEE80211_MODE_11G] = 334 ieee80211_std_rateset_11g; 335 } 336 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 337 /* Set supported .11a rates. */ 338 ic->ic_sup_rates[IEEE80211_MODE_11A] = 339 ieee80211_std_rateset_11a; 340 } 341 342 /* Build the list of supported channels. */ 343 otus_get_chanlist(sc); 344 345 ifp->if_softc = sc; 346 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 347 ifp->if_ioctl = otus_ioctl; 348 ifp->if_start = otus_start; 349 ifp->if_watchdog = otus_watchdog; 350 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 351 352 if_attach(ifp); 353 ieee80211_ifattach(ifp); 354 ic->ic_node_alloc = otus_node_alloc; 355 ic->ic_newassoc = otus_newassoc; 356 ic->ic_updateslot = otus_updateslot; 357 ic->ic_updateedca = otus_updateedca; 358 #ifdef notyet 359 ic->ic_set_key = otus_set_key; 360 ic->ic_delete_key = otus_delete_key; 361 #endif 362 /* Override state transition machine. */ 363 sc->sc_newstate = ic->ic_newstate; 364 ic->ic_newstate = otus_newstate; 365 ieee80211_media_init(ifp, otus_media_change, ieee80211_media_status); 366 367 #if NBPFILTER > 0 368 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 369 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 370 371 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 372 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 373 sc->sc_rxtap.wr_ihdr.it_present = htole32(OTUS_RX_RADIOTAP_PRESENT); 374 375 sc->sc_txtap_len = sizeof sc->sc_txtapu; 376 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 377 sc->sc_txtap.wt_ihdr.it_present = htole32(OTUS_TX_RADIOTAP_PRESENT); 378 #endif 379 } 380 381 void 382 otus_get_chanlist(struct otus_softc *sc) 383 { 384 struct ieee80211com *ic = &sc->sc_ic; 385 uint16_t domain; 386 uint8_t chan; 387 int i; 388 389 /* XXX regulatory domain. */ 390 domain = letoh16(sc->eeprom.baseEepHeader.regDmn[0]); 391 DPRINTF(("regdomain=0x%04x\n", domain)); 392 393 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 394 for (i = 0; i < 14; i++) { 395 chan = ar_chans[i]; 396 ic->ic_channels[chan].ic_freq = 397 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 398 ic->ic_channels[chan].ic_flags = 399 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 400 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 401 } 402 } 403 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 404 for (i = 14; i < nitems(ar_chans); i++) { 405 chan = ar_chans[i]; 406 ic->ic_channels[chan].ic_freq = 407 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 408 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 409 } 410 } 411 } 412 413 int 414 otus_load_firmware(struct otus_softc *sc, const char *name, uint32_t addr) 415 { 416 usb_device_request_t req; 417 size_t fwsize, size; 418 u_char *fw, *ptr; 419 int mlen, error; 420 421 /* Read firmware image from the filesystem. */ 422 if ((error = loadfirmware(name, &fw, &fwsize)) != 0) { 423 printf("%s: failed loadfirmware of file %s (error %d)\n", 424 sc->sc_dev.dv_xname, name, error); 425 return error; 426 } 427 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 428 req.bRequest = AR_FW_DOWNLOAD; 429 USETW(req.wIndex, 0); 430 431 ptr = fw; 432 size = fwsize; 433 addr >>= 8; 434 while (size > 0) { 435 mlen = MIN(size, 4096); 436 437 USETW(req.wValue, addr); 438 USETW(req.wLength, mlen); 439 if (usbd_do_request(sc->sc_udev, &req, ptr) != 0) { 440 error = EIO; 441 break; 442 } 443 addr += mlen >> 8; 444 ptr += mlen; 445 size -= mlen; 446 } 447 free(fw, M_DEVBUF, fwsize); 448 return error; 449 } 450 451 int 452 otus_open_pipes(struct otus_softc *sc) 453 { 454 usb_endpoint_descriptor_t *ed; 455 int i, isize, error; 456 457 error = usbd_open_pipe(sc->sc_iface, AR_EPT_BULK_RX_NO, 0, 458 &sc->data_rx_pipe); 459 if (error != 0) { 460 printf("%s: could not open Rx bulk pipe\n", 461 sc->sc_dev.dv_xname); 462 goto fail; 463 } 464 465 ed = usbd_get_endpoint_descriptor(sc->sc_iface, AR_EPT_INTR_RX_NO); 466 if (ed == NULL) { 467 printf("%s: could not retrieve Rx intr pipe descriptor\n", 468 sc->sc_dev.dv_xname); 469 goto fail; 470 } 471 isize = UGETW(ed->wMaxPacketSize); 472 if (isize == 0) { 473 printf("%s: invalid Rx intr pipe descriptor\n", 474 sc->sc_dev.dv_xname); 475 goto fail; 476 } 477 sc->ibuf = malloc(isize, M_USBDEV, M_NOWAIT); 478 if (sc->ibuf == NULL) { 479 printf("%s: could not allocate Rx intr buffer\n", 480 sc->sc_dev.dv_xname); 481 goto fail; 482 } 483 sc->ibuflen = isize; 484 error = usbd_open_pipe_intr(sc->sc_iface, AR_EPT_INTR_RX_NO, 485 USBD_SHORT_XFER_OK, &sc->cmd_rx_pipe, sc, sc->ibuf, isize, 486 otus_intr, USBD_DEFAULT_INTERVAL); 487 if (error != 0) { 488 printf("%s: could not open Rx intr pipe\n", 489 sc->sc_dev.dv_xname); 490 goto fail; 491 } 492 493 error = usbd_open_pipe(sc->sc_iface, AR_EPT_BULK_TX_NO, 0, 494 &sc->data_tx_pipe); 495 if (error != 0) { 496 printf("%s: could not open Tx bulk pipe\n", 497 sc->sc_dev.dv_xname); 498 goto fail; 499 } 500 501 error = usbd_open_pipe(sc->sc_iface, AR_EPT_INTR_TX_NO, 0, 502 &sc->cmd_tx_pipe); 503 if (error != 0) { 504 printf("%s: could not open Tx intr pipe\n", 505 sc->sc_dev.dv_xname); 506 goto fail; 507 } 508 509 if (otus_alloc_tx_cmd(sc) != 0) { 510 printf("%s: could not allocate command xfer\n", 511 sc->sc_dev.dv_xname); 512 goto fail; 513 } 514 515 if (otus_alloc_tx_data_list(sc) != 0) { 516 printf("%s: could not allocate Tx xfers\n", 517 sc->sc_dev.dv_xname); 518 goto fail; 519 } 520 521 if (otus_alloc_rx_data_list(sc) != 0) { 522 printf("%s: could not allocate Rx xfers\n", 523 sc->sc_dev.dv_xname); 524 goto fail; 525 } 526 527 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) { 528 struct otus_rx_data *data = &sc->rx_data[i]; 529 530 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 531 OTUS_RXBUFSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 532 USBD_NO_TIMEOUT, otus_rxeof); 533 error = usbd_transfer(data->xfer); 534 if (error != USBD_IN_PROGRESS && error != 0) { 535 printf("%s: could not queue Rx xfer\n", 536 sc->sc_dev.dv_xname); 537 goto fail; 538 } 539 } 540 return 0; 541 542 fail: otus_close_pipes(sc); 543 return error; 544 } 545 546 void 547 otus_close_pipes(struct otus_softc *sc) 548 { 549 otus_free_tx_cmd(sc); 550 otus_free_tx_data_list(sc); 551 otus_free_rx_data_list(sc); 552 553 if (sc->data_rx_pipe != NULL) 554 usbd_close_pipe(sc->data_rx_pipe); 555 if (sc->cmd_rx_pipe != NULL) 556 usbd_close_pipe(sc->cmd_rx_pipe); 557 if (sc->ibuf != NULL) 558 free(sc->ibuf, M_USBDEV, sc->ibuflen); 559 if (sc->data_tx_pipe != NULL) 560 usbd_close_pipe(sc->data_tx_pipe); 561 if (sc->cmd_tx_pipe != NULL) 562 usbd_close_pipe(sc->cmd_tx_pipe); 563 } 564 565 int 566 otus_alloc_tx_cmd(struct otus_softc *sc) 567 { 568 struct otus_tx_cmd *cmd = &sc->tx_cmd; 569 570 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 571 if (cmd->xfer == NULL) { 572 printf("%s: could not allocate xfer\n", 573 sc->sc_dev.dv_xname); 574 return ENOMEM; 575 } 576 cmd->buf = usbd_alloc_buffer(cmd->xfer, OTUS_MAX_TXCMDSZ); 577 if (cmd->buf == NULL) { 578 printf("%s: could not allocate xfer buffer\n", 579 sc->sc_dev.dv_xname); 580 usbd_free_xfer(cmd->xfer); 581 cmd->xfer = NULL; 582 return ENOMEM; 583 } 584 return 0; 585 } 586 587 void 588 otus_free_tx_cmd(struct otus_softc *sc) 589 { 590 /* Make sure no transfers are pending. */ 591 usbd_abort_pipe(sc->cmd_tx_pipe); 592 593 if (sc->tx_cmd.xfer != NULL) 594 usbd_free_xfer(sc->tx_cmd.xfer); 595 } 596 597 int 598 otus_alloc_tx_data_list(struct otus_softc *sc) 599 { 600 struct otus_tx_data *data; 601 int i, error; 602 603 for (i = 0; i < OTUS_TX_DATA_LIST_COUNT; i++) { 604 data = &sc->tx_data[i]; 605 606 data->sc = sc; /* Backpointer for callbacks. */ 607 608 data->xfer = usbd_alloc_xfer(sc->sc_udev); 609 if (data->xfer == NULL) { 610 printf("%s: could not allocate xfer\n", 611 sc->sc_dev.dv_xname); 612 error = ENOMEM; 613 goto fail; 614 } 615 data->buf = usbd_alloc_buffer(data->xfer, OTUS_TXBUFSZ); 616 if (data->buf == NULL) { 617 printf("%s: could not allocate xfer buffer\n", 618 sc->sc_dev.dv_xname); 619 error = ENOMEM; 620 goto fail; 621 } 622 } 623 return 0; 624 625 fail: otus_free_tx_data_list(sc); 626 return error; 627 } 628 629 void 630 otus_free_tx_data_list(struct otus_softc *sc) 631 { 632 int i; 633 634 /* Make sure no transfers are pending. */ 635 usbd_abort_pipe(sc->data_tx_pipe); 636 637 for (i = 0; i < OTUS_TX_DATA_LIST_COUNT; i++) 638 if (sc->tx_data[i].xfer != NULL) 639 usbd_free_xfer(sc->tx_data[i].xfer); 640 } 641 642 int 643 otus_alloc_rx_data_list(struct otus_softc *sc) 644 { 645 struct otus_rx_data *data; 646 int i, error; 647 648 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) { 649 data = &sc->rx_data[i]; 650 651 data->sc = sc; /* Backpointer for callbacks. */ 652 653 data->xfer = usbd_alloc_xfer(sc->sc_udev); 654 if (data->xfer == NULL) { 655 printf("%s: could not allocate xfer\n", 656 sc->sc_dev.dv_xname); 657 error = ENOMEM; 658 goto fail; 659 } 660 data->buf = usbd_alloc_buffer(data->xfer, OTUS_RXBUFSZ); 661 if (data->buf == NULL) { 662 printf("%s: could not allocate xfer buffer\n", 663 sc->sc_dev.dv_xname); 664 error = ENOMEM; 665 goto fail; 666 } 667 } 668 return 0; 669 670 fail: otus_free_rx_data_list(sc); 671 return error; 672 } 673 674 void 675 otus_free_rx_data_list(struct otus_softc *sc) 676 { 677 int i; 678 679 /* Make sure no transfers are pending. */ 680 usbd_abort_pipe(sc->data_rx_pipe); 681 682 for (i = 0; i < OTUS_RX_DATA_LIST_COUNT; i++) 683 if (sc->rx_data[i].xfer != NULL) 684 usbd_free_xfer(sc->rx_data[i].xfer); 685 } 686 687 void 688 otus_next_scan(void *arg) 689 { 690 struct otus_softc *sc = arg; 691 struct ieee80211com *ic = &sc->sc_ic; 692 struct ifnet *ifp = &ic->ic_if; 693 694 if (usbd_is_dying(sc->sc_udev)) 695 return; 696 697 usbd_ref_incr(sc->sc_udev); 698 699 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN && 700 (ifp->if_flags & IFF_RUNNING)) 701 ieee80211_next_scan(&sc->sc_ic.ic_if); 702 703 usbd_ref_decr(sc->sc_udev); 704 } 705 706 void 707 otus_task(void *arg) 708 { 709 struct otus_softc *sc = arg; 710 struct otus_host_cmd_ring *ring = &sc->cmdq; 711 struct otus_host_cmd *cmd; 712 int s; 713 714 /* Process host commands. */ 715 s = splusb(); 716 while (ring->next != ring->cur) { 717 cmd = &ring->cmd[ring->next]; 718 splx(s); 719 /* Callback. */ 720 cmd->cb(sc, cmd->data); 721 s = splusb(); 722 ring->queued--; 723 ring->next = (ring->next + 1) % OTUS_HOST_CMD_RING_COUNT; 724 } 725 splx(s); 726 } 727 728 void 729 otus_do_async(struct otus_softc *sc, void (*cb)(struct otus_softc *, void *), 730 void *arg, int len) 731 { 732 struct otus_host_cmd_ring *ring = &sc->cmdq; 733 struct otus_host_cmd *cmd; 734 int s; 735 736 s = splusb(); 737 cmd = &ring->cmd[ring->cur]; 738 cmd->cb = cb; 739 KASSERT(len <= sizeof (cmd->data)); 740 memcpy(cmd->data, arg, len); 741 ring->cur = (ring->cur + 1) % OTUS_HOST_CMD_RING_COUNT; 742 743 /* If there is no pending command already, schedule a task. */ 744 if (++ring->queued == 1) 745 usb_add_task(sc->sc_udev, &sc->sc_task); 746 splx(s); 747 } 748 749 int 750 otus_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 751 { 752 struct otus_softc *sc = ic->ic_softc; 753 struct otus_cmd_newstate cmd; 754 755 /* Do it in a process context. */ 756 cmd.state = nstate; 757 cmd.arg = arg; 758 otus_do_async(sc, otus_newstate_cb, &cmd, sizeof cmd); 759 return 0; 760 } 761 762 void 763 otus_newstate_cb(struct otus_softc *sc, void *arg) 764 { 765 struct otus_cmd_newstate *cmd = arg; 766 struct ieee80211com *ic = &sc->sc_ic; 767 struct ieee80211_node *ni; 768 int s; 769 770 s = splnet(); 771 772 switch (cmd->state) { 773 case IEEE80211_S_INIT: 774 break; 775 776 case IEEE80211_S_SCAN: 777 (void)otus_set_chan(sc, ic->ic_bss->ni_chan, 0); 778 if (!usbd_is_dying(sc->sc_udev)) 779 timeout_add_msec(&sc->scan_to, 200); 780 break; 781 782 case IEEE80211_S_AUTH: 783 case IEEE80211_S_ASSOC: 784 (void)otus_set_chan(sc, ic->ic_bss->ni_chan, 0); 785 break; 786 787 case IEEE80211_S_RUN: 788 (void)otus_set_chan(sc, ic->ic_bss->ni_chan, 1); 789 790 ni = ic->ic_bss; 791 792 if (ic->ic_opmode == IEEE80211_M_STA) { 793 otus_updateslot(ic); 794 otus_set_bssid(sc, ni->ni_bssid); 795 796 /* Fake a join to init the Tx rate. */ 797 otus_newassoc(ic, ni, 1); 798 799 /* Start calibration timer. */ 800 if (!usbd_is_dying(sc->sc_udev)) 801 timeout_add_sec(&sc->calib_to, 1); 802 } 803 break; 804 } 805 806 sc->sc_led_newstate(sc); 807 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 808 809 splx(s); 810 } 811 812 int 813 otus_cmd(struct otus_softc *sc, uint8_t code, const void *idata, int ilen, 814 void *odata) 815 { 816 struct otus_tx_cmd *cmd = &sc->tx_cmd; 817 struct ar_cmd_hdr *hdr; 818 int s, xferlen, error; 819 820 /* Always bulk-out a multiple of 4 bytes. */ 821 xferlen = (sizeof (*hdr) + ilen + 3) & ~3; 822 823 hdr = (struct ar_cmd_hdr *)cmd->buf; 824 hdr->code = code; 825 hdr->len = ilen; 826 hdr->token = ++cmd->token; /* Don't care about endianness. */ 827 memcpy((uint8_t *)&hdr[1], idata, ilen); 828 829 DPRINTFN(2, ("sending command code=0x%02x len=%d token=%d\n", 830 code, ilen, hdr->token)); 831 832 s = splusb(); 833 cmd->odata = odata; 834 cmd->done = 0; 835 836 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 837 USBD_FORCE_SHORT_XFER | USBD_NO_COPY | USBD_SYNCHRONOUS, 838 OTUS_CMD_TIMEOUT, NULL); 839 error = usbd_transfer(cmd->xfer); 840 if (error != 0) { 841 splx(s); 842 printf("%s: could not send command 0x%x (error=%s)\n", 843 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 844 return EIO; 845 } 846 if (!cmd->done) 847 error = tsleep_nsec(cmd, PCATCH, "otuscmd", SEC_TO_NSEC(1)); 848 cmd->odata = NULL; /* In case answer is received too late. */ 849 splx(s); 850 if (error != 0) { 851 printf("%s: timeout waiting for command 0x%02x reply\n", 852 sc->sc_dev.dv_xname, code); 853 } 854 return error; 855 } 856 857 void 858 otus_write(struct otus_softc *sc, uint32_t reg, uint32_t val) 859 { 860 sc->write_buf[sc->write_idx].reg = htole32(reg); 861 sc->write_buf[sc->write_idx].val = htole32(val); 862 863 if (++sc->write_idx > AR_MAX_WRITE_IDX) 864 (void)otus_write_barrier(sc); 865 } 866 867 int 868 otus_write_barrier(struct otus_softc *sc) 869 { 870 int error; 871 872 if (sc->write_idx == 0) 873 return 0; /* Nothing to flush. */ 874 875 error = otus_cmd(sc, AR_CMD_WREG, sc->write_buf, 876 sizeof (sc->write_buf[0]) * sc->write_idx, NULL); 877 sc->write_idx = 0; 878 return error; 879 } 880 881 struct ieee80211_node * 882 otus_node_alloc(struct ieee80211com *ic) 883 { 884 return malloc(sizeof (struct otus_node), M_USBDEV, M_NOWAIT | M_ZERO); 885 } 886 887 int 888 otus_media_change(struct ifnet *ifp) 889 { 890 struct otus_softc *sc = ifp->if_softc; 891 struct ieee80211com *ic = &sc->sc_ic; 892 uint8_t rate, ridx; 893 int error; 894 895 error = ieee80211_media_change(ifp); 896 if (error != ENETRESET) 897 return error; 898 899 if (ic->ic_fixed_rate != -1) { 900 rate = ic->ic_sup_rates[ic->ic_curmode]. 901 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 902 for (ridx = 0; ridx <= OTUS_RIDX_MAX; ridx++) 903 if (otus_rates[ridx].rate == rate) 904 break; 905 sc->fixed_ridx = ridx; 906 } 907 908 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 909 error = otus_init(ifp); 910 911 return error; 912 } 913 914 int 915 otus_read_eeprom(struct otus_softc *sc) 916 { 917 uint32_t regs[8], reg; 918 uint8_t *eep; 919 int i, j, error; 920 921 /* Read EEPROM by blocks of 32 bytes. */ 922 eep = (uint8_t *)&sc->eeprom; 923 reg = AR_EEPROM_OFFSET; 924 for (i = 0; i < sizeof (sc->eeprom) / 32; i++) { 925 for (j = 0; j < 8; j++, reg += 4) 926 regs[j] = htole32(reg); 927 error = otus_cmd(sc, AR_CMD_RREG, regs, sizeof regs, eep); 928 if (error != 0) 929 break; 930 eep += 32; 931 } 932 return error; 933 } 934 935 void 936 otus_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 937 { 938 struct otus_softc *sc = ic->ic_softc; 939 struct otus_node *on = (void *)ni; 940 struct ieee80211_rateset *rs = &ni->ni_rates; 941 uint8_t rate; 942 int ridx, i; 943 944 DPRINTF(("new assoc isnew=%d addr=%s\n", 945 isnew, ether_sprintf(ni->ni_macaddr))); 946 947 ieee80211_amrr_node_init(&sc->amrr, &on->amn); 948 /* Start at lowest available bit-rate, AMRR will raise. */ 949 ni->ni_txrate = 0; 950 951 for (i = 0; i < rs->rs_nrates; i++) { 952 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 953 /* Convert 802.11 rate to hardware rate index. */ 954 for (ridx = 0; ridx <= OTUS_RIDX_MAX; ridx++) 955 if (otus_rates[ridx].rate == rate) 956 break; 957 on->ridx[i] = ridx; 958 DPRINTF(("rate=0x%02x ridx=%d\n", 959 rs->rs_rates[i], on->ridx[i])); 960 } 961 } 962 963 void 964 otus_intr(struct usbd_xfer *xfer, void *priv, usbd_status status) 965 { 966 #if 0 967 struct otus_softc *sc = priv; 968 int len; 969 970 /* 971 * The Rx intr pipe is unused with current firmware. Notifications 972 * and replies to commands are sent through the Rx bulk pipe instead 973 * (with a magic PLCP header.) 974 */ 975 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 976 DPRINTF(("intr status=%d\n", status)); 977 if (status == USBD_STALLED) 978 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 979 return; 980 } 981 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 982 983 otus_cmd_rxeof(sc, sc->ibuf, len); 984 #endif 985 } 986 987 void 988 otus_cmd_rxeof(struct otus_softc *sc, uint8_t *buf, int len) 989 { 990 struct ieee80211com *ic = &sc->sc_ic; 991 struct otus_tx_cmd *cmd; 992 struct ar_cmd_hdr *hdr; 993 int s; 994 995 if (__predict_false(len < sizeof (*hdr))) { 996 DPRINTF(("cmd too small %d\n", len)); 997 return; 998 } 999 hdr = (struct ar_cmd_hdr *)buf; 1000 if (__predict_false(sizeof (*hdr) + hdr->len > len || 1001 sizeof (*hdr) + hdr->len > 64)) { 1002 DPRINTF(("cmd too large %d\n", hdr->len)); 1003 return; 1004 } 1005 1006 if ((hdr->code & 0xc0) != 0xc0) { 1007 DPRINTFN(2, ("received reply code=0x%02x len=%d token=%d\n", 1008 hdr->code, hdr->len, hdr->token)); 1009 cmd = &sc->tx_cmd; 1010 if (__predict_false(hdr->token != cmd->token)) 1011 return; 1012 /* Copy answer into caller's supplied buffer. */ 1013 if (cmd->odata != NULL) 1014 memcpy(cmd->odata, &hdr[1], hdr->len); 1015 cmd->done = 1; 1016 wakeup(cmd); 1017 return; 1018 } 1019 1020 /* Received unsolicited notification. */ 1021 DPRINTF(("received notification code=0x%02x len=%d\n", 1022 hdr->code, hdr->len)); 1023 switch (hdr->code & 0x3f) { 1024 case AR_EVT_BEACON: 1025 break; 1026 case AR_EVT_TX_COMP: 1027 { 1028 struct ar_evt_tx_comp *tx = (struct ar_evt_tx_comp *)&hdr[1]; 1029 struct ieee80211_node *ni; 1030 struct otus_node *on; 1031 1032 DPRINTF(("tx completed %s status=%d phy=0x%x\n", 1033 ether_sprintf(tx->macaddr), letoh16(tx->status), 1034 letoh32(tx->phy))); 1035 s = splnet(); 1036 #ifdef notyet 1037 #ifndef IEEE80211_STA_ONLY 1038 if (ic->ic_opmode != IEEE80211_M_STA) { 1039 ni = ieee80211_find_node(ic, tx->macaddr); 1040 if (__predict_false(ni == NULL)) { 1041 splx(s); 1042 break; 1043 } 1044 } else 1045 #endif 1046 #endif 1047 ni = ic->ic_bss; 1048 /* Update rate control statistics. */ 1049 on = (void *)ni; 1050 /* NB: we do not set the TX_MAC_RATE_PROBING flag. */ 1051 if (__predict_true(tx->status != 0)) 1052 on->amn.amn_retrycnt++; 1053 splx(s); 1054 break; 1055 } 1056 case AR_EVT_TBTT: 1057 break; 1058 } 1059 } 1060 1061 void 1062 otus_sub_rxeof(struct otus_softc *sc, uint8_t *buf, int len, 1063 struct mbuf_list *ml) 1064 { 1065 struct ieee80211com *ic = &sc->sc_ic; 1066 struct ifnet *ifp = &ic->ic_if; 1067 struct ieee80211_rxinfo rxi; 1068 struct ieee80211_node *ni; 1069 struct ar_rx_tail *tail; 1070 struct ieee80211_frame *wh; 1071 struct mbuf *m; 1072 uint8_t *plcp; 1073 int s, mlen, align; 1074 1075 if (__predict_false(len < AR_PLCP_HDR_LEN)) { 1076 DPRINTF(("sub-xfer too short %d\n", len)); 1077 return; 1078 } 1079 plcp = buf; 1080 1081 /* All bits in the PLCP header are set to 1 for non-MPDU. */ 1082 if (memcmp(plcp, AR_PLCP_HDR_INTR, AR_PLCP_HDR_LEN) == 0) { 1083 otus_cmd_rxeof(sc, plcp + AR_PLCP_HDR_LEN, 1084 len - AR_PLCP_HDR_LEN); 1085 return; 1086 } 1087 1088 /* Received MPDU. */ 1089 if (__predict_false(len < AR_PLCP_HDR_LEN + sizeof (*tail))) { 1090 DPRINTF(("MPDU too short %d\n", len)); 1091 ifp->if_ierrors++; 1092 return; 1093 } 1094 tail = (struct ar_rx_tail *)(plcp + len - sizeof (*tail)); 1095 1096 /* Discard error frames. */ 1097 if (__predict_false(tail->error != 0)) { 1098 DPRINTF(("error frame 0x%02x\n", tail->error)); 1099 if (tail->error & AR_RX_ERROR_FCS) { 1100 DPRINTFN(3, ("bad FCS\n")); 1101 } else if (tail->error & AR_RX_ERROR_MMIC) { 1102 /* Report Michael MIC failures to net80211. */ 1103 ic->ic_stats.is_rx_locmicfail++; 1104 ieee80211_michael_mic_failure(ic, 0); 1105 } 1106 ifp->if_ierrors++; 1107 return; 1108 } 1109 /* Compute MPDU's length. */ 1110 mlen = len - AR_PLCP_HDR_LEN - sizeof (*tail); 1111 /* Make sure there's room for an 802.11 header + FCS. */ 1112 if (__predict_false(mlen < IEEE80211_MIN_LEN)) { 1113 ifp->if_ierrors++; 1114 return; 1115 } 1116 mlen -= IEEE80211_CRC_LEN; /* strip 802.11 FCS */ 1117 if (mlen > MCLBYTES) { 1118 DPRINTF(("frame too large: %d\n", mlen)); 1119 ifp->if_ierrors++; 1120 return; 1121 } 1122 1123 wh = (struct ieee80211_frame *)(plcp + AR_PLCP_HDR_LEN); 1124 /* Provide a 32-bit aligned protocol header to the stack. */ 1125 align = (ieee80211_has_qos(wh) ^ ieee80211_has_addr4(wh)) ? 2 : 0; 1126 1127 MGETHDR(m, M_DONTWAIT, MT_DATA); 1128 if (__predict_false(m == NULL)) { 1129 ifp->if_ierrors++; 1130 return; 1131 } 1132 if (align + mlen > MHLEN) { 1133 MCLGET(m, M_DONTWAIT); 1134 if (__predict_false(!(m->m_flags & M_EXT))) { 1135 ifp->if_ierrors++; 1136 m_freem(m); 1137 return; 1138 } 1139 } 1140 /* Finalize mbuf. */ 1141 m->m_data += align; 1142 memcpy(mtod(m, caddr_t), wh, mlen); 1143 m->m_pkthdr.len = m->m_len = mlen; 1144 1145 #if NBPFILTER > 0 1146 if (__predict_false(sc->sc_drvbpf != NULL)) { 1147 struct otus_rx_radiotap_header *tap = &sc->sc_rxtap; 1148 struct mbuf mb; 1149 1150 tap->wr_flags = 0; 1151 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1152 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1153 tap->wr_antsignal = tail->rssi; 1154 tap->wr_rate = 2; /* In case it can't be found below. */ 1155 switch (tail->status & AR_RX_STATUS_MT_MASK) { 1156 case AR_RX_STATUS_MT_CCK: 1157 switch (plcp[0]) { 1158 case 10: tap->wr_rate = 2; break; 1159 case 20: tap->wr_rate = 4; break; 1160 case 55: tap->wr_rate = 11; break; 1161 case 110: tap->wr_rate = 22; break; 1162 } 1163 if (tail->status & AR_RX_STATUS_SHPREAMBLE) 1164 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1165 break; 1166 case AR_RX_STATUS_MT_OFDM: 1167 switch (plcp[0] & 0xf) { 1168 case 0xb: tap->wr_rate = 12; break; 1169 case 0xf: tap->wr_rate = 18; break; 1170 case 0xa: tap->wr_rate = 24; break; 1171 case 0xe: tap->wr_rate = 36; break; 1172 case 0x9: tap->wr_rate = 48; break; 1173 case 0xd: tap->wr_rate = 72; break; 1174 case 0x8: tap->wr_rate = 96; break; 1175 case 0xc: tap->wr_rate = 108; break; 1176 } 1177 break; 1178 } 1179 mb.m_data = (caddr_t)tap; 1180 mb.m_len = sc->sc_rxtap_len; 1181 mb.m_next = m; 1182 mb.m_nextpkt = NULL; 1183 mb.m_type = 0; 1184 mb.m_flags = 0; 1185 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1186 } 1187 #endif 1188 1189 s = splnet(); 1190 ni = ieee80211_find_rxnode(ic, wh); 1191 memset(&rxi, 0, sizeof(rxi)); 1192 rxi.rxi_rssi = tail->rssi; 1193 ieee80211_inputm(ifp, m, ni, &rxi, ml); 1194 1195 /* Node is no longer needed. */ 1196 ieee80211_release_node(ic, ni); 1197 splx(s); 1198 } 1199 1200 void 1201 otus_rxeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 1202 { 1203 struct mbuf_list ml = MBUF_LIST_INITIALIZER(); 1204 struct otus_rx_data *data = priv; 1205 struct otus_softc *sc = data->sc; 1206 caddr_t buf = data->buf; 1207 struct ar_rx_head *head; 1208 uint16_t hlen; 1209 int len; 1210 1211 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 1212 DPRINTF(("RX status=%d\n", status)); 1213 if (status == USBD_STALLED) 1214 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1215 if (status != USBD_CANCELLED) 1216 goto resubmit; 1217 return; 1218 } 1219 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1220 1221 while (len >= sizeof (*head)) { 1222 head = (struct ar_rx_head *)buf; 1223 if (__predict_false(head->tag != htole16(AR_RX_HEAD_TAG))) { 1224 DPRINTF(("tag not valid 0x%x\n", letoh16(head->tag))); 1225 break; 1226 } 1227 hlen = letoh16(head->len); 1228 if (__predict_false(sizeof (*head) + hlen > len)) { 1229 DPRINTF(("xfer too short %d/%d\n", len, hlen)); 1230 break; 1231 } 1232 /* Process sub-xfer. */ 1233 otus_sub_rxeof(sc, (uint8_t *)&head[1], hlen, &ml); 1234 1235 /* Next sub-xfer is aligned on a 32-bit boundary. */ 1236 hlen = (sizeof (*head) + hlen + 3) & ~3; 1237 buf += hlen; 1238 len -= hlen; 1239 } 1240 if_input(&sc->sc_ic.ic_if, &ml); 1241 1242 resubmit: 1243 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, OTUS_RXBUFSZ, 1244 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, otus_rxeof); 1245 (void)usbd_transfer(data->xfer); 1246 } 1247 1248 void 1249 otus_txeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 1250 { 1251 struct otus_tx_data *data = priv; 1252 struct otus_softc *sc = data->sc; 1253 struct ieee80211com *ic = &sc->sc_ic; 1254 struct ifnet *ifp = &ic->ic_if; 1255 int s; 1256 1257 s = splnet(); 1258 sc->tx_queued--; 1259 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 1260 DPRINTF(("TX status=%d\n", status)); 1261 if (status == USBD_STALLED) 1262 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1263 ifp->if_oerrors++; 1264 splx(s); 1265 return; 1266 } 1267 sc->sc_tx_timer = 0; 1268 ifq_clr_oactive(&ifp->if_snd); 1269 otus_start(ifp); 1270 splx(s); 1271 } 1272 1273 int 1274 otus_tx(struct otus_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 1275 { 1276 struct ieee80211com *ic = &sc->sc_ic; 1277 struct otus_node *on = (void *)ni; 1278 struct otus_tx_data *data; 1279 struct ieee80211_frame *wh; 1280 struct ieee80211_key *k; 1281 struct ar_tx_head *head; 1282 uint32_t phyctl; 1283 uint16_t macctl, qos; 1284 uint8_t tid, qid; 1285 int error, ridx, hasqos, xferlen; 1286 1287 wh = mtod(m, struct ieee80211_frame *); 1288 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1289 k = ieee80211_get_txkey(ic, wh, ni); 1290 if ((m = ieee80211_encrypt(ic, m, k)) == NULL) 1291 return ENOBUFS; 1292 wh = mtod(m, struct ieee80211_frame *); 1293 } 1294 1295 if ((hasqos = ieee80211_has_qos(wh))) { 1296 qos = ieee80211_get_qos(wh); 1297 tid = qos & IEEE80211_QOS_TID; 1298 qid = ieee80211_up_to_ac(ic, tid); 1299 } else { 1300 qos = 0; 1301 qid = EDCA_AC_BE; 1302 } 1303 1304 /* Pickup a rate index. */ 1305 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 1306 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_DATA) 1307 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 1308 OTUS_RIDX_OFDM6 : OTUS_RIDX_CCK1; 1309 else if (ic->ic_fixed_rate != -1) 1310 ridx = sc->fixed_ridx; 1311 else 1312 ridx = on->ridx[ni->ni_txrate]; 1313 1314 phyctl = 0; 1315 macctl = AR_TX_MAC_BACKOFF | AR_TX_MAC_HW_DUR | AR_TX_MAC_QID(qid); 1316 1317 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 1318 (hasqos && ((qos & IEEE80211_QOS_ACK_POLICY_MASK) == 1319 IEEE80211_QOS_ACK_POLICY_NOACK))) 1320 macctl |= AR_TX_MAC_NOACK; 1321 1322 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1323 if (m->m_pkthdr.len + IEEE80211_CRC_LEN >= ic->ic_rtsthreshold) 1324 macctl |= AR_TX_MAC_RTS; 1325 else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 1326 ridx >= OTUS_RIDX_OFDM6) { 1327 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 1328 macctl |= AR_TX_MAC_CTS; 1329 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 1330 macctl |= AR_TX_MAC_RTS; 1331 } 1332 } 1333 1334 phyctl |= AR_TX_PHY_MCS(otus_rates[ridx].mcs); 1335 if (ridx >= OTUS_RIDX_OFDM6) { 1336 phyctl |= AR_TX_PHY_MT_OFDM; 1337 if (ridx <= OTUS_RIDX_OFDM24) 1338 phyctl |= AR_TX_PHY_ANTMSK(sc->txmask); 1339 else 1340 phyctl |= AR_TX_PHY_ANTMSK(1); 1341 } else { /* CCK */ 1342 phyctl |= AR_TX_PHY_MT_CCK; 1343 phyctl |= AR_TX_PHY_ANTMSK(sc->txmask); 1344 } 1345 1346 /* Update rate control stats for frames that are ACK'ed. */ 1347 if (!(macctl & AR_TX_MAC_NOACK)) 1348 ((struct otus_node *)ni)->amn.amn_txcnt++; 1349 1350 data = &sc->tx_data[sc->tx_cur]; 1351 /* Fill Tx descriptor. */ 1352 head = (struct ar_tx_head *)data->buf; 1353 head->len = htole16(m->m_pkthdr.len + IEEE80211_CRC_LEN); 1354 head->macctl = htole16(macctl); 1355 head->phyctl = htole32(phyctl); 1356 1357 #if NBPFILTER > 0 1358 if (__predict_false(sc->sc_drvbpf != NULL)) { 1359 struct otus_tx_radiotap_header *tap = &sc->sc_txtap; 1360 struct mbuf mb; 1361 1362 tap->wt_flags = 0; 1363 tap->wt_rate = otus_rates[ridx].rate; 1364 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1365 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1366 1367 mb.m_data = (caddr_t)tap; 1368 mb.m_len = sc->sc_txtap_len; 1369 mb.m_next = m; 1370 mb.m_nextpkt = NULL; 1371 mb.m_type = 0; 1372 mb.m_flags = 0; 1373 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1374 } 1375 #endif 1376 1377 xferlen = sizeof (*head) + m->m_pkthdr.len; 1378 m_copydata(m, 0, m->m_pkthdr.len, &head[1]); 1379 m_freem(m); 1380 1381 DPRINTFN(5, ("tx queued=%d len=%d mac=0x%04x phy=0x%08x rate=%d\n", 1382 sc->tx_queued, head->len, head->macctl, head->phyctl, 1383 otus_rates[ridx].rate)); 1384 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1385 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, OTUS_TX_TIMEOUT, otus_txeof); 1386 error = usbd_transfer(data->xfer); 1387 if (__predict_false(error != USBD_IN_PROGRESS && error != 0)) 1388 return error; 1389 1390 ieee80211_release_node(ic, ni); 1391 1392 sc->tx_queued++; 1393 sc->tx_cur = (sc->tx_cur + 1) % OTUS_TX_DATA_LIST_COUNT; 1394 1395 return 0; 1396 } 1397 1398 void 1399 otus_start(struct ifnet *ifp) 1400 { 1401 struct otus_softc *sc = ifp->if_softc; 1402 struct ieee80211com *ic = &sc->sc_ic; 1403 struct ieee80211_node *ni; 1404 struct mbuf *m; 1405 1406 if (!(ifp->if_flags & IFF_RUNNING) || ifq_is_oactive(&ifp->if_snd)) 1407 return; 1408 1409 for (;;) { 1410 if (sc->tx_queued >= OTUS_TX_DATA_LIST_COUNT) { 1411 ifq_set_oactive(&ifp->if_snd); 1412 break; 1413 } 1414 /* Send pending management frames first. */ 1415 m = mq_dequeue(&ic->ic_mgtq); 1416 if (m != NULL) { 1417 ni = m->m_pkthdr.ph_cookie; 1418 goto sendit; 1419 } 1420 if (ic->ic_state != IEEE80211_S_RUN) 1421 break; 1422 1423 /* Encapsulate and send data frames. */ 1424 m = ifq_dequeue(&ifp->if_snd); 1425 if (m == NULL) 1426 break; 1427 #if NBPFILTER > 0 1428 if (ifp->if_bpf != NULL) 1429 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 1430 #endif 1431 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) 1432 continue; 1433 sendit: 1434 #if NBPFILTER > 0 1435 if (ic->ic_rawbpf != NULL) 1436 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 1437 #endif 1438 if (otus_tx(sc, m, ni) != 0) { 1439 ieee80211_release_node(ic, ni); 1440 ifp->if_oerrors++; 1441 continue; 1442 } 1443 1444 sc->sc_tx_timer = 5; 1445 ifp->if_timer = 1; 1446 } 1447 } 1448 1449 void 1450 otus_watchdog(struct ifnet *ifp) 1451 { 1452 struct otus_softc *sc = ifp->if_softc; 1453 1454 ifp->if_timer = 0; 1455 1456 if (sc->sc_tx_timer > 0) { 1457 if (--sc->sc_tx_timer == 0) { 1458 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1459 /* otus_init(ifp); XXX needs a process context! */ 1460 ifp->if_oerrors++; 1461 return; 1462 } 1463 ifp->if_timer = 1; 1464 } 1465 ieee80211_watchdog(ifp); 1466 } 1467 1468 int 1469 otus_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1470 { 1471 struct otus_softc *sc = ifp->if_softc; 1472 struct ieee80211com *ic = &sc->sc_ic; 1473 int s, error = 0; 1474 1475 if (usbd_is_dying(sc->sc_udev)) 1476 return ENXIO; 1477 1478 usbd_ref_incr(sc->sc_udev); 1479 1480 s = splnet(); 1481 1482 switch (cmd) { 1483 case SIOCSIFADDR: 1484 ifp->if_flags |= IFF_UP; 1485 /* FALLTHROUGH */ 1486 case SIOCSIFFLAGS: 1487 if (ifp->if_flags & IFF_UP) { 1488 if ((ifp->if_flags & IFF_RUNNING) && 1489 ((ifp->if_flags ^ sc->sc_if_flags) & 1490 (IFF_ALLMULTI | IFF_PROMISC)) != 0) { 1491 otus_set_multi(sc); 1492 } else if (!(ifp->if_flags & IFF_RUNNING)) 1493 otus_init(ifp); 1494 1495 } else if (ifp->if_flags & IFF_RUNNING) 1496 otus_stop(ifp); 1497 1498 sc->sc_if_flags = ifp->if_flags; 1499 break; 1500 case SIOCS80211CHANNEL: 1501 error = ieee80211_ioctl(ifp, cmd, data); 1502 if (error == ENETRESET && 1503 ic->ic_opmode == IEEE80211_M_MONITOR) { 1504 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1505 (IFF_UP | IFF_RUNNING)) 1506 otus_set_chan(sc, ic->ic_ibss_chan, 0); 1507 error = 0; 1508 } 1509 break; 1510 default: 1511 error = ieee80211_ioctl(ifp, cmd, data); 1512 } 1513 1514 if (error == ENETRESET) { 1515 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1516 (IFF_UP | IFF_RUNNING)) 1517 otus_init(ifp); 1518 error = 0; 1519 } 1520 1521 splx(s); 1522 1523 usbd_ref_decr(sc->sc_udev); 1524 1525 return error; 1526 } 1527 1528 int 1529 otus_set_multi(struct otus_softc *sc) 1530 { 1531 struct arpcom *ac = &sc->sc_ic.ic_ac; 1532 struct ifnet *ifp = &ac->ac_if; 1533 struct ether_multi *enm; 1534 struct ether_multistep step; 1535 uint32_t lo, hi; 1536 uint8_t bit; 1537 1538 if (ac->ac_multirangecnt > 0) 1539 ifp->if_flags |= IFF_ALLMULTI; 1540 1541 if ((ifp->if_flags & (IFF_ALLMULTI | IFF_PROMISC)) != 0) { 1542 lo = hi = 0xffffffff; 1543 goto done; 1544 } 1545 lo = hi = 0; 1546 ETHER_FIRST_MULTI(step, ac, enm); 1547 while (enm != NULL) { 1548 bit = enm->enm_addrlo[5] >> 2; 1549 if (bit < 32) 1550 lo |= 1 << bit; 1551 else 1552 hi |= 1 << (bit - 32); 1553 ETHER_NEXT_MULTI(step, enm); 1554 } 1555 done: 1556 hi |= 1U << 31; /* Make sure the broadcast bit is set. */ 1557 otus_write(sc, AR_MAC_REG_GROUP_HASH_TBL_L, lo); 1558 otus_write(sc, AR_MAC_REG_GROUP_HASH_TBL_H, hi); 1559 return otus_write_barrier(sc); 1560 } 1561 1562 void 1563 otus_updateedca(struct ieee80211com *ic) 1564 { 1565 /* Do it in a process context. */ 1566 otus_do_async(ic->ic_softc, otus_updateedca_cb, NULL, 0); 1567 } 1568 1569 void 1570 otus_updateedca_cb(struct otus_softc *sc, void *arg) 1571 { 1572 #define EXP2(val) ((1 << (val)) - 1) 1573 #define AIFS(val) ((val) * 9 + 10) 1574 struct ieee80211com *ic = &sc->sc_ic; 1575 const struct ieee80211_edca_ac_params *edca; 1576 int s; 1577 1578 s = splnet(); 1579 1580 edca = (ic->ic_flags & IEEE80211_F_QOS) ? 1581 ic->ic_edca_ac : otus_edca_def; 1582 1583 /* Set CWmin/CWmax values. */ 1584 otus_write(sc, AR_MAC_REG_AC0_CW, 1585 EXP2(edca[EDCA_AC_BE].ac_ecwmax) << 16 | 1586 EXP2(edca[EDCA_AC_BE].ac_ecwmin)); 1587 otus_write(sc, AR_MAC_REG_AC1_CW, 1588 EXP2(edca[EDCA_AC_BK].ac_ecwmax) << 16 | 1589 EXP2(edca[EDCA_AC_BK].ac_ecwmin)); 1590 otus_write(sc, AR_MAC_REG_AC2_CW, 1591 EXP2(edca[EDCA_AC_VI].ac_ecwmax) << 16 | 1592 EXP2(edca[EDCA_AC_VI].ac_ecwmin)); 1593 otus_write(sc, AR_MAC_REG_AC3_CW, 1594 EXP2(edca[EDCA_AC_VO].ac_ecwmax) << 16 | 1595 EXP2(edca[EDCA_AC_VO].ac_ecwmin)); 1596 otus_write(sc, AR_MAC_REG_AC4_CW, /* Special TXQ. */ 1597 EXP2(edca[EDCA_AC_VO].ac_ecwmax) << 16 | 1598 EXP2(edca[EDCA_AC_VO].ac_ecwmin)); 1599 1600 /* Set AIFSN values. */ 1601 otus_write(sc, AR_MAC_REG_AC1_AC0_AIFS, 1602 AIFS(edca[EDCA_AC_VI].ac_aifsn) << 24 | 1603 AIFS(edca[EDCA_AC_BK].ac_aifsn) << 12 | 1604 AIFS(edca[EDCA_AC_BE].ac_aifsn)); 1605 otus_write(sc, AR_MAC_REG_AC3_AC2_AIFS, 1606 AIFS(edca[EDCA_AC_VO].ac_aifsn) << 16 | /* Special TXQ. */ 1607 AIFS(edca[EDCA_AC_VO].ac_aifsn) << 4 | 1608 AIFS(edca[EDCA_AC_VI].ac_aifsn) >> 8); 1609 1610 /* Set TXOP limit. */ 1611 otus_write(sc, AR_MAC_REG_AC1_AC0_TXOP, 1612 edca[EDCA_AC_BK].ac_txoplimit << 16 | 1613 edca[EDCA_AC_BE].ac_txoplimit); 1614 otus_write(sc, AR_MAC_REG_AC3_AC2_TXOP, 1615 edca[EDCA_AC_VO].ac_txoplimit << 16 | 1616 edca[EDCA_AC_VI].ac_txoplimit); 1617 1618 splx(s); 1619 1620 (void)otus_write_barrier(sc); 1621 #undef AIFS 1622 #undef EXP2 1623 } 1624 1625 void 1626 otus_updateslot(struct ieee80211com *ic) 1627 { 1628 /* Do it in a process context. */ 1629 otus_do_async(ic->ic_softc, otus_updateslot_cb, NULL, 0); 1630 } 1631 1632 void 1633 otus_updateslot_cb(struct otus_softc *sc, void *arg) 1634 { 1635 uint32_t slottime; 1636 1637 slottime = (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 1638 IEEE80211_DUR_DS_SHSLOT: IEEE80211_DUR_DS_SLOT; 1639 otus_write(sc, AR_MAC_REG_SLOT_TIME, slottime << 10); 1640 (void)otus_write_barrier(sc); 1641 } 1642 1643 int 1644 otus_init_mac(struct otus_softc *sc) 1645 { 1646 int error; 1647 1648 otus_write(sc, AR_MAC_REG_ACK_EXTENSION, 0x40); 1649 otus_write(sc, AR_MAC_REG_RETRY_MAX, 0); 1650 otus_write(sc, AR_MAC_REG_SNIFFER, 0x2000000); 1651 otus_write(sc, AR_MAC_REG_RX_THRESHOLD, 0xc1f80); 1652 otus_write(sc, AR_MAC_REG_RX_PE_DELAY, 0x70); 1653 otus_write(sc, AR_MAC_REG_EIFS_AND_SIFS, 0xa144000); 1654 otus_write(sc, AR_MAC_REG_SLOT_TIME, 9 << 10); 1655 otus_write(sc, 0x1c3b2c, 0x19000000); 1656 /* NAV protects ACK only (in TXOP). */ 1657 otus_write(sc, 0x1c3b38, 0x201); 1658 /* Set beacon Tx power to 0x7. */ 1659 otus_write(sc, AR_MAC_REG_BCN_HT1, 0x8000170); 1660 otus_write(sc, AR_MAC_REG_BACKOFF_PROTECT, 0x105); 1661 otus_write(sc, 0x1c3b9c, 0x10000a); 1662 /* Filter any control frames, BAR is bit 24. */ 1663 otus_write(sc, 0x1c368c, 0x0500ffff); 1664 otus_write(sc, 0x1c3c40, 0x1); 1665 otus_write(sc, AR_MAC_REG_BASIC_RATE, 0x150f); 1666 otus_write(sc, AR_MAC_REG_MANDATORY_RATE, 0x150f); 1667 otus_write(sc, AR_MAC_REG_RTS_CTS_RATE, 0x10b01bb); 1668 otus_write(sc, 0x1c3694, 0x4003c1e); 1669 /* Enable LED0 and LED1. */ 1670 otus_write(sc, 0x1d0100, 0x3); 1671 otus_write(sc, 0x1d0104, 0x3); 1672 /* Switch MAC to OTUS interface. */ 1673 otus_write(sc, 0x1c3600, 0x3); 1674 otus_write(sc, 0x1c3c50, 0xffff); 1675 otus_write(sc, 0x1c3680, 0xf00008); 1676 /* Disable Rx timeout (workaround). */ 1677 otus_write(sc, 0x1c362c, 0); 1678 1679 /* Set USB Rx stream mode maximum frame number to 2. */ 1680 otus_write(sc, 0x1e1110, 0x4); 1681 /* Set USB Rx stream mode timeout to 10us. */ 1682 otus_write(sc, 0x1e1114, 0x80); 1683 1684 /* Set clock frequency to 88/80MHz. */ 1685 otus_write(sc, 0x1d4008, 0x73); 1686 /* Set WLAN DMA interrupt mode: generate intr per packet. */ 1687 otus_write(sc, 0x1c3d7c, 0x110011); 1688 otus_write(sc, 0x1c3bb0, 0x4); 1689 otus_write(sc, AR_MAC_REG_TXOP_NOT_ENOUGH_INDICATION, 0x141e0f48); 1690 1691 /* Disable HW decryption for now. */ 1692 otus_write(sc, 0x1c3678, 0x78); 1693 1694 if ((error = otus_write_barrier(sc)) != 0) 1695 return error; 1696 1697 /* Set default EDCA parameters. */ 1698 otus_updateedca_cb(sc, NULL); 1699 1700 return 0; 1701 } 1702 1703 /* 1704 * Return default value for PHY register based on current operating mode. 1705 */ 1706 uint32_t 1707 otus_phy_get_def(struct otus_softc *sc, uint32_t reg) 1708 { 1709 int i; 1710 1711 for (i = 0; i < nitems(ar5416_phy_regs); i++) 1712 if (AR_PHY(ar5416_phy_regs[i]) == reg) 1713 return sc->phy_vals[i]; 1714 return 0; /* Register not found. */ 1715 } 1716 1717 /* 1718 * Update PHY's programming based on vendor-specific data stored in EEPROM. 1719 * This is for FEM-type devices only. 1720 */ 1721 int 1722 otus_set_board_values(struct otus_softc *sc, struct ieee80211_channel *c) 1723 { 1724 const struct ModalEepHeader *eep; 1725 uint32_t tmp, offset; 1726 1727 if (IEEE80211_IS_CHAN_5GHZ(c)) 1728 eep = &sc->eeprom.modalHeader[0]; 1729 else 1730 eep = &sc->eeprom.modalHeader[1]; 1731 1732 /* Offset of chain 2. */ 1733 offset = 2 * 0x1000; 1734 1735 tmp = letoh32(eep->antCtrlCommon); 1736 otus_write(sc, AR_PHY_SWITCH_COM, tmp); 1737 1738 tmp = letoh32(eep->antCtrlChain[0]); 1739 otus_write(sc, AR_PHY_SWITCH_CHAIN_0, tmp); 1740 1741 tmp = letoh32(eep->antCtrlChain[1]); 1742 otus_write(sc, AR_PHY_SWITCH_CHAIN_0 + offset, tmp); 1743 1744 if (1 /* sc->sc_sco == AR_SCO_SCN */) { 1745 tmp = otus_phy_get_def(sc, AR_PHY_SETTLING); 1746 tmp &= ~(0x7f << 7); 1747 tmp |= (eep->switchSettling & 0x7f) << 7; 1748 otus_write(sc, AR_PHY_SETTLING, tmp); 1749 } 1750 1751 tmp = otus_phy_get_def(sc, AR_PHY_DESIRED_SZ); 1752 tmp &= ~0xffff; 1753 tmp |= eep->pgaDesiredSize << 8 | eep->adcDesiredSize; 1754 otus_write(sc, AR_PHY_DESIRED_SZ, tmp); 1755 1756 tmp = eep->txEndToXpaOff << 24 | eep->txEndToXpaOff << 16 | 1757 eep->txFrameToXpaOn << 8 | eep->txFrameToXpaOn; 1758 otus_write(sc, AR_PHY_RF_CTL4, tmp); 1759 1760 tmp = otus_phy_get_def(sc, AR_PHY_RF_CTL3); 1761 tmp &= ~(0xff << 16); 1762 tmp |= eep->txEndToRxOn << 16; 1763 otus_write(sc, AR_PHY_RF_CTL3, tmp); 1764 1765 tmp = otus_phy_get_def(sc, AR_PHY_CCA); 1766 tmp &= ~(0x7f << 12); 1767 tmp |= (eep->thresh62 & 0x7f) << 12; 1768 otus_write(sc, AR_PHY_CCA, tmp); 1769 1770 tmp = otus_phy_get_def(sc, AR_PHY_RXGAIN); 1771 tmp &= ~(0x3f << 12); 1772 tmp |= (eep->txRxAttenCh[0] & 0x3f) << 12; 1773 otus_write(sc, AR_PHY_RXGAIN, tmp); 1774 1775 tmp = otus_phy_get_def(sc, AR_PHY_RXGAIN + offset); 1776 tmp &= ~(0x3f << 12); 1777 tmp |= (eep->txRxAttenCh[1] & 0x3f) << 12; 1778 otus_write(sc, AR_PHY_RXGAIN + offset, tmp); 1779 1780 tmp = otus_phy_get_def(sc, AR_PHY_GAIN_2GHZ); 1781 tmp &= ~(0x3f << 18); 1782 tmp |= (eep->rxTxMarginCh[0] & 0x3f) << 18; 1783 if (IEEE80211_IS_CHAN_5GHZ(c)) { 1784 tmp &= ~(0xf << 10); 1785 tmp |= (eep->bswMargin[0] & 0xf) << 10; 1786 } 1787 otus_write(sc, AR_PHY_GAIN_2GHZ, tmp); 1788 1789 tmp = otus_phy_get_def(sc, AR_PHY_GAIN_2GHZ + offset); 1790 tmp &= ~(0x3f << 18); 1791 tmp |= (eep->rxTxMarginCh[1] & 0x3f) << 18; 1792 otus_write(sc, AR_PHY_GAIN_2GHZ + offset, tmp); 1793 1794 tmp = otus_phy_get_def(sc, AR_PHY_TIMING_CTRL4); 1795 tmp &= ~(0x3f << 5 | 0x1f); 1796 tmp |= (eep->iqCalICh[0] & 0x3f) << 5 | (eep->iqCalQCh[0] & 0x1f); 1797 otus_write(sc, AR_PHY_TIMING_CTRL4, tmp); 1798 1799 tmp = otus_phy_get_def(sc, AR_PHY_TIMING_CTRL4 + offset); 1800 tmp &= ~(0x3f << 5 | 0x1f); 1801 tmp |= (eep->iqCalICh[1] & 0x3f) << 5 | (eep->iqCalQCh[1] & 0x1f); 1802 otus_write(sc, AR_PHY_TIMING_CTRL4 + offset, tmp); 1803 1804 tmp = otus_phy_get_def(sc, AR_PHY_TPCRG1); 1805 tmp &= ~(0xf << 16); 1806 tmp |= (eep->xpd & 0xf) << 16; 1807 otus_write(sc, AR_PHY_TPCRG1, tmp); 1808 1809 return otus_write_barrier(sc); 1810 } 1811 1812 int 1813 otus_program_phy(struct otus_softc *sc, struct ieee80211_channel *c) 1814 { 1815 const uint32_t *vals; 1816 int error, i; 1817 1818 /* Select PHY programming based on band and bandwidth. */ 1819 if (IEEE80211_IS_CHAN_2GHZ(c)) 1820 vals = ar5416_phy_vals_2ghz_20mhz; 1821 else 1822 vals = ar5416_phy_vals_5ghz_20mhz; 1823 for (i = 0; i < nitems(ar5416_phy_regs); i++) 1824 otus_write(sc, AR_PHY(ar5416_phy_regs[i]), vals[i]); 1825 sc->phy_vals = vals; 1826 1827 if (sc->eeprom.baseEepHeader.deviceType == 0x80) /* FEM */ 1828 if ((error = otus_set_board_values(sc, c)) != 0) 1829 return error; 1830 1831 /* Initial Tx power settings. */ 1832 otus_write(sc, AR_PHY_POWER_TX_RATE_MAX, 0x7f); 1833 otus_write(sc, AR_PHY_POWER_TX_RATE1, 0x3f3f3f3f); 1834 otus_write(sc, AR_PHY_POWER_TX_RATE2, 0x3f3f3f3f); 1835 otus_write(sc, AR_PHY_POWER_TX_RATE3, 0x3f3f3f3f); 1836 otus_write(sc, AR_PHY_POWER_TX_RATE4, 0x3f3f3f3f); 1837 otus_write(sc, AR_PHY_POWER_TX_RATE5, 0x3f3f3f3f); 1838 otus_write(sc, AR_PHY_POWER_TX_RATE6, 0x3f3f3f3f); 1839 otus_write(sc, AR_PHY_POWER_TX_RATE7, 0x3f3f3f3f); 1840 otus_write(sc, AR_PHY_POWER_TX_RATE8, 0x3f3f3f3f); 1841 otus_write(sc, AR_PHY_POWER_TX_RATE9, 0x3f3f3f3f); 1842 1843 if (IEEE80211_IS_CHAN_2GHZ(c)) 1844 otus_write(sc, 0x1d4014, 0x5163); 1845 else 1846 otus_write(sc, 0x1d4014, 0x5143); 1847 1848 return otus_write_barrier(sc); 1849 } 1850 1851 static __inline uint8_t 1852 otus_reverse_bits(uint8_t v) 1853 { 1854 v = ((v >> 1) & 0x55) | ((v & 0x55) << 1); 1855 v = ((v >> 2) & 0x33) | ((v & 0x33) << 2); 1856 v = ((v >> 4) & 0x0f) | ((v & 0x0f) << 4); 1857 return v; 1858 } 1859 1860 int 1861 otus_set_rf_bank4(struct otus_softc *sc, struct ieee80211_channel *c) 1862 { 1863 uint8_t chansel, d0, d1; 1864 uint16_t data; 1865 int error; 1866 1867 d0 = 0; 1868 if (IEEE80211_IS_CHAN_5GHZ(c)) { 1869 chansel = (c->ic_freq - 4800) / 5; 1870 if (chansel & 1) 1871 d0 |= AR_BANK4_AMODE_REFSEL(2); 1872 else 1873 d0 |= AR_BANK4_AMODE_REFSEL(1); 1874 } else { 1875 d0 |= AR_BANK4_AMODE_REFSEL(2); 1876 if (c->ic_freq == 2484) { /* CH 14 */ 1877 d0 |= AR_BANK4_BMODE_LF_SYNTH_FREQ; 1878 chansel = 10 + (c->ic_freq - 2274) / 5; 1879 } else 1880 chansel = 16 + (c->ic_freq - 2272) / 5; 1881 chansel <<= 2; 1882 } 1883 d0 |= AR_BANK4_ADDR(1) | AR_BANK4_CHUP; 1884 d1 = otus_reverse_bits(chansel); 1885 1886 /* Write bits 0-4 of d0 and d1. */ 1887 data = (d1 & 0x1f) << 5 | (d0 & 0x1f); 1888 otus_write(sc, AR_PHY(44), data); 1889 /* Write bits 5-7 of d0 and d1. */ 1890 data = (d1 >> 5) << 5 | (d0 >> 5); 1891 otus_write(sc, AR_PHY(58), data); 1892 1893 if ((error = otus_write_barrier(sc)) == 0) 1894 usbd_delay_ms(sc->sc_udev, 10); 1895 return error; 1896 } 1897 1898 void 1899 otus_get_delta_slope(uint32_t coeff, uint32_t *exponent, uint32_t *mantissa) 1900 { 1901 #define COEFF_SCALE_SHIFT 24 1902 uint32_t exp, man; 1903 1904 /* exponent = 14 - floor(log2(coeff)) */ 1905 for (exp = 31; exp > 0; exp--) 1906 if (coeff & (1 << exp)) 1907 break; 1908 KASSERT(exp != 0); 1909 exp = 14 - (exp - COEFF_SCALE_SHIFT); 1910 1911 /* mantissa = floor(coeff * 2^exponent + 0.5) */ 1912 man = coeff + (1 << (COEFF_SCALE_SHIFT - exp - 1)); 1913 1914 *mantissa = man >> (COEFF_SCALE_SHIFT - exp); 1915 *exponent = exp - 16; 1916 #undef COEFF_SCALE_SHIFT 1917 } 1918 1919 int 1920 otus_set_chan(struct otus_softc *sc, struct ieee80211_channel *c, int assoc) 1921 { 1922 struct ieee80211com *ic = &sc->sc_ic; 1923 struct ar_cmd_frequency cmd; 1924 struct ar_rsp_frequency rsp; 1925 const uint32_t *vals; 1926 uint32_t coeff, exp, man, tmp; 1927 uint8_t code; 1928 int error, chan, i; 1929 1930 chan = ieee80211_chan2ieee(ic, c); 1931 DPRINTF(("setting channel %d (%dMHz)\n", chan, c->ic_freq)); 1932 1933 tmp = IEEE80211_IS_CHAN_2GHZ(c) ? 0x105 : 0x104; 1934 otus_write(sc, AR_MAC_REG_DYNAMIC_SIFS_ACK, tmp); 1935 if ((error = otus_write_barrier(sc)) != 0) 1936 return error; 1937 1938 /* Disable BB Heavy Clip. */ 1939 otus_write(sc, AR_PHY_HEAVY_CLIP_ENABLE, 0x200); 1940 if ((error = otus_write_barrier(sc)) != 0) 1941 return error; 1942 1943 /* XXX Is that FREQ_START ? */ 1944 error = otus_cmd(sc, AR_CMD_FREQ_STRAT, NULL, 0, NULL); 1945 if (error != 0) 1946 return error; 1947 1948 /* Reprogram PHY and RF on channel band or bandwidth changes. */ 1949 if (sc->bb_reset || c->ic_flags != sc->sc_curchan->ic_flags) { 1950 DPRINTF(("band switch\n")); 1951 1952 /* Cold/Warm reset BB/ADDA. */ 1953 otus_write(sc, 0x1d4004, sc->bb_reset ? 0x800 : 0x400); 1954 if ((error = otus_write_barrier(sc)) != 0) 1955 return error; 1956 otus_write(sc, 0x1d4004, 0); 1957 if ((error = otus_write_barrier(sc)) != 0) 1958 return error; 1959 sc->bb_reset = 0; 1960 1961 if ((error = otus_program_phy(sc, c)) != 0) { 1962 printf("%s: could not program PHY\n", 1963 sc->sc_dev.dv_xname); 1964 return error; 1965 } 1966 1967 /* Select RF programming based on band. */ 1968 if (IEEE80211_IS_CHAN_5GHZ(c)) 1969 vals = ar5416_banks_vals_5ghz; 1970 else 1971 vals = ar5416_banks_vals_2ghz; 1972 for (i = 0; i < nitems(ar5416_banks_regs); i++) 1973 otus_write(sc, AR_PHY(ar5416_banks_regs[i]), vals[i]); 1974 if ((error = otus_write_barrier(sc)) != 0) { 1975 printf("%s: could not program RF\n", 1976 sc->sc_dev.dv_xname); 1977 return error; 1978 } 1979 code = AR_CMD_RF_INIT; 1980 } else { 1981 code = AR_CMD_FREQUENCY; 1982 } 1983 1984 if ((error = otus_set_rf_bank4(sc, c)) != 0) 1985 return error; 1986 1987 tmp = (sc->txmask == 0x5) ? 0x340 : 0x240; 1988 otus_write(sc, AR_PHY_TURBO, tmp); 1989 if ((error = otus_write_barrier(sc)) != 0) 1990 return error; 1991 1992 /* Send firmware command to set channel. */ 1993 cmd.freq = htole32((uint32_t)c->ic_freq * 1000); 1994 cmd.dynht2040 = htole32(0); 1995 cmd.htena = htole32(1); 1996 /* Set Delta Slope (exponent and mantissa). */ 1997 coeff = (100 << 24) / c->ic_freq; 1998 otus_get_delta_slope(coeff, &exp, &man); 1999 cmd.dsc_exp = htole32(exp); 2000 cmd.dsc_man = htole32(man); 2001 DPRINTF(("ds coeff=%u exp=%u man=%u\n", coeff, exp, man)); 2002 /* For Short GI, coeff is 9/10 that of normal coeff. */ 2003 coeff = (9 * coeff) / 10; 2004 otus_get_delta_slope(coeff, &exp, &man); 2005 cmd.dsc_shgi_exp = htole32(exp); 2006 cmd.dsc_shgi_man = htole32(man); 2007 DPRINTF(("ds shgi coeff=%u exp=%u man=%u\n", coeff, exp, man)); 2008 /* Set wait time for AGC and noise calibration (100 or 200ms). */ 2009 cmd.check_loop_count = assoc ? htole32(2000) : htole32(1000); 2010 DPRINTF(("%s\n", (code == AR_CMD_RF_INIT) ? "RF_INIT" : "FREQUENCY")); 2011 error = otus_cmd(sc, code, &cmd, sizeof cmd, &rsp); 2012 if (error != 0) 2013 return error; 2014 if ((rsp.status & htole32(AR_CAL_ERR_AGC | AR_CAL_ERR_NF_VAL)) != 0) { 2015 DPRINTF(("status=0x%x\n", letoh32(rsp.status))); 2016 /* Force cold reset on next channel. */ 2017 sc->bb_reset = 1; 2018 } 2019 #ifdef OTUS_DEBUG 2020 if (otus_debug) { 2021 printf("calibration status=0x%x\n", letoh32(rsp.status)); 2022 for (i = 0; i < 2; i++) { /* 2 Rx chains */ 2023 /* Sign-extend 9-bit NF values. */ 2024 printf("noisefloor chain %d=%d\n", i, 2025 (((int32_t)letoh32(rsp.nf[i])) << 4) >> 23); 2026 printf("noisefloor ext chain %d=%d\n", i, 2027 ((int32_t)letoh32(rsp.nf_ext[i])) >> 23); 2028 } 2029 } 2030 #endif 2031 sc->sc_curchan = c; 2032 return 0; 2033 } 2034 2035 #ifdef notyet 2036 int 2037 otus_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2038 struct ieee80211_key *k) 2039 { 2040 struct otus_softc *sc = ic->ic_softc; 2041 struct otus_cmd_key cmd; 2042 2043 /* Defer setting of WEP keys until interface is brought up. */ 2044 if ((ic->ic_if.if_flags & (IFF_UP | IFF_RUNNING)) != 2045 (IFF_UP | IFF_RUNNING)) 2046 return 0; 2047 2048 /* Do it in a process context. */ 2049 cmd.key = *k; 2050 cmd.ni = *ni; 2051 otus_do_async(sc, otus_set_key_cb, &cmd, sizeof cmd); 2052 sc->sc_key_tasks++ 2053 return EBUSY; 2054 } 2055 2056 void 2057 otus_set_key_cb(struct otus_softc *sc, void *arg) 2058 { 2059 struct otus_cmd_key *cmd = arg; 2060 struct ieee80211_key *k = &cmd->key; 2061 struct ar_cmd_ekey key; 2062 uint16_t cipher; 2063 int error; 2064 2065 sc->sc_keys_tasks--; 2066 2067 memset(&key, 0, sizeof key); 2068 if (k->k_flags & IEEE80211_KEY_GROUP) { 2069 key.uid = htole16(k->k_id); 2070 IEEE80211_ADDR_COPY(key.macaddr, sc->sc_ic.ic_myaddr); 2071 key.macaddr[0] |= 0x80; 2072 } else { 2073 key.uid = htole16(OTUS_UID(cmd->associd)); 2074 IEEE80211_ADDR_COPY(key.macaddr, ni->ni_macaddr); 2075 } 2076 key.kix = htole16(0); 2077 /* Map net80211 cipher to hardware. */ 2078 switch (k->k_cipher) { 2079 case IEEE80211_CIPHER_WEP40: 2080 cipher = AR_CIPHER_WEP64; 2081 break; 2082 case IEEE80211_CIPHER_WEP104: 2083 cipher = AR_CIPHER_WEP128; 2084 break; 2085 case IEEE80211_CIPHER_TKIP: 2086 cipher = AR_CIPHER_TKIP; 2087 break; 2088 case IEEE80211_CIPHER_CCMP: 2089 cipher = AR_CIPHER_AES; 2090 break; 2091 default: 2092 IEEE80211_SEND_MGMT(ic, cmd->ni, IEEE80211_FC0_SUBTYPE_DEAUTH, 2093 IEEE80211_REASON_AUTH_LEAVE); 2094 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2095 return; 2096 } 2097 key.cipher = htole16(cipher); 2098 memcpy(key.key, k->k_key, MIN(k->k_len, 16)); 2099 error = otus_cmd(sc, AR_CMD_EKEY, &key, sizeof key, NULL); 2100 if (error != 0 || k->k_cipher != IEEE80211_CIPHER_TKIP) { 2101 IEEE80211_SEND_MGMT(ic, cmd->ni, IEEE80211_FC0_SUBTYPE_DEAUTH, 2102 IEEE80211_REASON_AUTH_LEAVE); 2103 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2104 return; 2105 } 2106 2107 /* TKIP: set Tx/Rx MIC Key. */ 2108 key.kix = htole16(1); 2109 memcpy(key.key, k->k_key + 16, 16); 2110 (void)otus_cmd(sc, AR_CMD_EKEY, &key, sizeof key, NULL); 2111 2112 if (sc->sc_key_tasks == 0) { 2113 DPRINTF(("marking port %s valid\n", 2114 ether_sprintf(cmd->ni->ni_macaddr))); 2115 cmd->ni->ni_port_valid = 1; 2116 ieee80211_set_link_state(ic, LINK_STATE_UP); 2117 } 2118 } 2119 2120 void 2121 otus_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2122 struct ieee80211_key *k) 2123 { 2124 struct otus_softc *sc = ic->ic_softc; 2125 struct otus_cmd_key cmd; 2126 2127 if (!(ic->ic_if.if_flags & IFF_RUNNING) || 2128 ic->ic_state != IEEE80211_S_RUN) 2129 return; /* Nothing to do. */ 2130 2131 /* Do it in a process context. */ 2132 cmd.key = *k; 2133 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 2134 otus_do_async(sc, otus_delete_key_cb, &cmd, sizeof cmd); 2135 } 2136 2137 void 2138 otus_delete_key_cb(struct otus_softc *sc, void *arg) 2139 { 2140 struct otus_cmd_key *cmd = arg; 2141 struct ieee80211_key *k = &cmd->key; 2142 uint32_t uid; 2143 2144 if (k->k_flags & IEEE80211_KEY_GROUP) 2145 uid = htole32(k->k_id); 2146 else 2147 uid = htole32(OTUS_UID(cmd->associd)); 2148 (void)otus_cmd(sc, AR_CMD_DKEY, &uid, sizeof uid, NULL); 2149 } 2150 #endif 2151 2152 void 2153 otus_calibrate_to(void *arg) 2154 { 2155 struct otus_softc *sc = arg; 2156 struct ieee80211com *ic = &sc->sc_ic; 2157 struct ieee80211_node *ni; 2158 int s; 2159 2160 if (usbd_is_dying(sc->sc_udev)) 2161 return; 2162 2163 usbd_ref_incr(sc->sc_udev); 2164 2165 s = splnet(); 2166 ni = ic->ic_bss; 2167 ieee80211_amrr_choose(&sc->amrr, ni, &((struct otus_node *)ni)->amn); 2168 splx(s); 2169 2170 if (!usbd_is_dying(sc->sc_udev)) 2171 timeout_add_sec(&sc->calib_to, 1); 2172 2173 usbd_ref_decr(sc->sc_udev); 2174 } 2175 2176 int 2177 otus_set_bssid(struct otus_softc *sc, const uint8_t *bssid) 2178 { 2179 otus_write(sc, AR_MAC_REG_BSSID_L, 2180 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 2181 otus_write(sc, AR_MAC_REG_BSSID_H, 2182 bssid[4] | bssid[5] << 8); 2183 return otus_write_barrier(sc); 2184 } 2185 2186 int 2187 otus_set_macaddr(struct otus_softc *sc, const uint8_t *addr) 2188 { 2189 otus_write(sc, AR_MAC_REG_MAC_ADDR_L, 2190 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 2191 otus_write(sc, AR_MAC_REG_MAC_ADDR_H, 2192 addr[4] | addr[5] << 8); 2193 return otus_write_barrier(sc); 2194 } 2195 2196 /* Default single-LED. */ 2197 void 2198 otus_led_newstate_type1(struct otus_softc *sc) 2199 { 2200 /* TBD */ 2201 } 2202 2203 /* NETGEAR, dual-LED. */ 2204 void 2205 otus_led_newstate_type2(struct otus_softc *sc) 2206 { 2207 /* TBD */ 2208 } 2209 2210 /* NETGEAR, single-LED/3 colors (blue, red, purple.) */ 2211 void 2212 otus_led_newstate_type3(struct otus_softc *sc) 2213 { 2214 struct ieee80211com *ic = &sc->sc_ic; 2215 uint32_t state = sc->led_state; 2216 2217 if (ic->ic_state == IEEE80211_S_INIT) { 2218 state = 0; /* LED off. */ 2219 } else if (ic->ic_state == IEEE80211_S_RUN) { 2220 /* Associated, LED always on. */ 2221 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) 2222 state = AR_LED0_ON; /* 2GHz=>Red. */ 2223 else 2224 state = AR_LED1_ON; /* 5GHz=>Blue. */ 2225 } else { 2226 /* Scanning, blink LED. */ 2227 state ^= AR_LED0_ON | AR_LED1_ON; 2228 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) 2229 state &= ~AR_LED1_ON; 2230 else 2231 state &= ~AR_LED0_ON; 2232 } 2233 if (state != sc->led_state) { 2234 otus_write(sc, 0x1d0104, state); 2235 if (otus_write_barrier(sc) == 0) 2236 sc->led_state = state; 2237 } 2238 } 2239 2240 int 2241 otus_init(struct ifnet *ifp) 2242 { 2243 struct otus_softc *sc = ifp->if_softc; 2244 struct ieee80211com *ic = &sc->sc_ic; 2245 int error; 2246 2247 /* Init host command ring. */ 2248 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 2249 2250 if ((error = otus_init_mac(sc)) != 0) { 2251 printf("%s: could not initialize MAC\n", sc->sc_dev.dv_xname); 2252 return error; 2253 } 2254 2255 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2256 (void)otus_set_macaddr(sc, ic->ic_myaddr); 2257 2258 switch (ic->ic_opmode) { 2259 #ifdef notyet 2260 #ifndef IEEE80211_STA_ONLY 2261 case IEEE80211_M_HOSTAP: 2262 otus_write(sc, 0x1c3700, 0x0f0000a1); 2263 otus_write(sc, 0x1c3c40, 0x1); 2264 break; 2265 case IEEE80211_M_IBSS: 2266 otus_write(sc, 0x1c3700, 0x0f000000); 2267 otus_write(sc, 0x1c3c40, 0x1); 2268 break; 2269 #endif 2270 #endif 2271 case IEEE80211_M_STA: 2272 otus_write(sc, 0x1c3700, 0x0f000002); 2273 otus_write(sc, 0x1c3c40, 0x1); 2274 break; 2275 default: 2276 break; 2277 } 2278 otus_write(sc, AR_MAC_REG_SNIFFER, 2279 (ic->ic_opmode == IEEE80211_M_MONITOR) ? 0x2000001 : 0x2000000); 2280 (void)otus_write_barrier(sc); 2281 2282 sc->bb_reset = 1; /* Force cold reset. */ 2283 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 2284 if ((error = otus_set_chan(sc, ic->ic_ibss_chan, 0)) != 0) { 2285 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 2286 return error; 2287 } 2288 2289 /* Start Rx. */ 2290 otus_write(sc, AR_MAC_REG_DMA_TRIGGER, AR_DMA_TRIGGER_RXQ); 2291 (void)otus_write_barrier(sc); 2292 2293 ifp->if_flags |= IFF_RUNNING; 2294 ifq_clr_oactive(&ifp->if_snd); 2295 2296 if (ic->ic_opmode == IEEE80211_M_MONITOR) 2297 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2298 else 2299 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2300 2301 return 0; 2302 } 2303 2304 void 2305 otus_stop(struct ifnet *ifp) 2306 { 2307 struct otus_softc *sc = ifp->if_softc; 2308 struct ieee80211com *ic = &sc->sc_ic; 2309 int s; 2310 2311 sc->sc_tx_timer = 0; 2312 ifp->if_timer = 0; 2313 ifp->if_flags &= ~IFF_RUNNING; 2314 ifq_clr_oactive(&ifp->if_snd); 2315 2316 timeout_del(&sc->scan_to); 2317 timeout_del(&sc->calib_to); 2318 2319 s = splusb(); 2320 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2321 /* Wait for all queued asynchronous commands to complete. */ 2322 usb_wait_task(sc->sc_udev, &sc->sc_task); 2323 splx(s); 2324 2325 /* Stop Rx. */ 2326 otus_write(sc, AR_MAC_REG_DMA_TRIGGER, 0); 2327 (void)otus_write_barrier(sc); 2328 2329 sc->tx_queued = 0; 2330 } 2331