1 /*- 2 * Copyright (c) 2004, 2005 3 * Damien Bergamini <damien.bergamini@free.fr>. All rights reserved. 4 * Copyright (c) 2005-2006 Sam Leffler, Errno Consulting 5 * Copyright (c) 2007 Andrew Thompson <thompsa@FreeBSD.org> 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice unmodified, this list of conditions, and the following 12 * disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 __FBSDID("$FreeBSD$"); 32 33 /*- 34 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 35 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 36 */ 37 38 #include <sys/param.h> 39 #include <sys/sysctl.h> 40 #include <sys/sockio.h> 41 #include <sys/mbuf.h> 42 #include <sys/kernel.h> 43 #include <sys/socket.h> 44 #include <sys/systm.h> 45 #include <sys/malloc.h> 46 #include <sys/lock.h> 47 #include <sys/mutex.h> 48 #include <sys/module.h> 49 #include <sys/bus.h> 50 #include <sys/endian.h> 51 #include <sys/proc.h> 52 #include <sys/mount.h> 53 #include <sys/namei.h> 54 #include <sys/linker.h> 55 #include <sys/firmware.h> 56 #include <sys/kthread.h> 57 #include <sys/taskqueue.h> 58 59 #include <machine/bus.h> 60 #include <machine/resource.h> 61 #include <sys/rman.h> 62 63 #include <dev/pci/pcireg.h> 64 #include <dev/pci/pcivar.h> 65 66 #include <net/bpf.h> 67 #include <net/if.h> 68 #include <net/if_arp.h> 69 #include <net/ethernet.h> 70 #include <net/if_dl.h> 71 #include <net/if_media.h> 72 #include <net/if_types.h> 73 74 #include <net80211/ieee80211_var.h> 75 #include <net80211/ieee80211_radiotap.h> 76 #include <net80211/ieee80211_regdomain.h> 77 78 #include <netinet/in.h> 79 #include <netinet/in_systm.h> 80 #include <netinet/in_var.h> 81 #include <netinet/ip.h> 82 #include <netinet/if_ether.h> 83 84 #include <dev/iwi/if_iwireg.h> 85 #include <dev/iwi/if_iwivar.h> 86 87 #define IWI_DEBUG 88 #ifdef IWI_DEBUG 89 #define DPRINTF(x) do { if (iwi_debug > 0) printf x; } while (0) 90 #define DPRINTFN(n, x) do { if (iwi_debug >= (n)) printf x; } while (0) 91 int iwi_debug = 0; 92 SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level"); 93 #else 94 #define DPRINTF(x) 95 #define DPRINTFN(n, x) 96 #endif 97 98 MODULE_DEPEND(iwi, pci, 1, 1, 1); 99 MODULE_DEPEND(iwi, wlan, 1, 1, 1); 100 MODULE_DEPEND(iwi, firmware, 1, 1, 1); 101 102 enum { 103 IWI_LED_TX, 104 IWI_LED_RX, 105 IWI_LED_POLL, 106 }; 107 108 struct iwi_ident { 109 uint16_t vendor; 110 uint16_t device; 111 const char *name; 112 }; 113 114 static const struct iwi_ident iwi_ident_table[] = { 115 { 0x8086, 0x4220, "Intel(R) PRO/Wireless 2200BG" }, 116 { 0x8086, 0x4221, "Intel(R) PRO/Wireless 2225BG" }, 117 { 0x8086, 0x4223, "Intel(R) PRO/Wireless 2915ABG" }, 118 { 0x8086, 0x4224, "Intel(R) PRO/Wireless 2915ABG" }, 119 120 { 0, 0, NULL } 121 }; 122 123 static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 124 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 125 int); 126 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 127 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 128 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 129 int, bus_addr_t, bus_addr_t); 130 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 131 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 132 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 133 int); 134 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 135 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 136 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 137 static void iwi_node_free(struct ieee80211_node *); 138 static int iwi_media_change(struct ifnet *); 139 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 140 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 141 static void iwi_wme_init(struct iwi_softc *); 142 static int iwi_wme_setparams(struct iwi_softc *); 143 static int iwi_wme_update(struct ieee80211com *); 144 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 145 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 146 struct iwi_frame *); 147 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 148 static void iwi_rx_intr(struct iwi_softc *); 149 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 150 static void iwi_intr(void *); 151 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t); 152 static void iwi_write_ibssnode(struct iwi_softc *, const u_int8_t [], int); 153 static int iwi_tx_start(struct ifnet *, struct mbuf *, 154 struct ieee80211_node *, int); 155 static void iwi_start(struct ifnet *); 156 static void iwi_watchdog(void *); 157 static int iwi_ioctl(struct ifnet *, u_long, caddr_t); 158 static void iwi_stop_master(struct iwi_softc *); 159 static int iwi_reset(struct iwi_softc *); 160 static int iwi_load_ucode(struct iwi_softc *, const struct iwi_fw *); 161 static int iwi_load_firmware(struct iwi_softc *, const struct iwi_fw *); 162 static void iwi_release_fw_dma(struct iwi_softc *sc); 163 static int iwi_config(struct iwi_softc *); 164 static int iwi_get_firmware(struct iwi_softc *); 165 static void iwi_put_firmware(struct iwi_softc *); 166 static int iwi_scanchan(struct iwi_softc *, unsigned long, int); 167 static void iwi_scan_start(struct ieee80211com *); 168 static void iwi_scan_end(struct ieee80211com *); 169 static void iwi_scanabort(void *, int); 170 static void iwi_set_channel(struct ieee80211com *); 171 static void iwi_scan_curchan(struct ieee80211com *, unsigned long maxdwell); 172 #if 0 173 static void iwi_scan_allchan(struct ieee80211com *, unsigned long maxdwell); 174 #endif 175 static void iwi_scan_mindwell(struct ieee80211com *); 176 static void iwi_assoc(struct ieee80211com *ic); 177 static void iwi_disassoc(struct ieee80211com *); 178 static void iwi_ops(void *, int); 179 static int iwi_queue_cmd(struct iwi_softc *, int); 180 static int iwi_auth_and_assoc(struct iwi_softc *); 181 static int iwi_disassociate(struct iwi_softc *, int quiet); 182 static void iwi_init(void *); 183 static void iwi_init_locked(void *, int); 184 static void iwi_stop(void *); 185 static void iwi_restart(void *, int); 186 static int iwi_getrfkill(struct iwi_softc *); 187 static void iwi_radio_on(void *, int); 188 static void iwi_radio_off(void *, int); 189 static void iwi_sysctlattach(struct iwi_softc *); 190 static void iwi_led_event(struct iwi_softc *, int); 191 static void iwi_ledattach(struct iwi_softc *); 192 193 static int iwi_probe(device_t); 194 static int iwi_attach(device_t); 195 static int iwi_detach(device_t); 196 static int iwi_shutdown(device_t); 197 static int iwi_suspend(device_t); 198 static int iwi_resume(device_t); 199 200 static device_method_t iwi_methods[] = { 201 /* Device interface */ 202 DEVMETHOD(device_probe, iwi_probe), 203 DEVMETHOD(device_attach, iwi_attach), 204 DEVMETHOD(device_detach, iwi_detach), 205 DEVMETHOD(device_shutdown, iwi_shutdown), 206 DEVMETHOD(device_suspend, iwi_suspend), 207 DEVMETHOD(device_resume, iwi_resume), 208 209 { 0, 0 } 210 }; 211 212 static driver_t iwi_driver = { 213 "iwi", 214 iwi_methods, 215 sizeof (struct iwi_softc) 216 }; 217 218 static devclass_t iwi_devclass; 219 220 DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0); 221 222 static __inline uint8_t 223 MEM_READ_1(struct iwi_softc *sc, uint32_t addr) 224 { 225 CSR_WRITE_4(sc, IWI_CSR_INDIRECT_ADDR, addr); 226 return CSR_READ_1(sc, IWI_CSR_INDIRECT_DATA); 227 } 228 229 static __inline uint32_t 230 MEM_READ_4(struct iwi_softc *sc, uint32_t addr) 231 { 232 CSR_WRITE_4(sc, IWI_CSR_INDIRECT_ADDR, addr); 233 return CSR_READ_4(sc, IWI_CSR_INDIRECT_DATA); 234 } 235 236 static int 237 iwi_probe(device_t dev) 238 { 239 const struct iwi_ident *ident; 240 241 for (ident = iwi_ident_table; ident->name != NULL; ident++) { 242 if (pci_get_vendor(dev) == ident->vendor && 243 pci_get_device(dev) == ident->device) { 244 device_set_desc(dev, ident->name); 245 return 0; 246 } 247 } 248 return ENXIO; 249 } 250 251 /* Base Address Register */ 252 #define IWI_PCI_BAR0 0x10 253 254 static int 255 iwi_attach(device_t dev) 256 { 257 struct iwi_softc *sc = device_get_softc(dev); 258 struct ifnet *ifp; 259 struct ieee80211com *ic = &sc->sc_ic; 260 uint16_t val; 261 int i, error, bands; 262 263 sc->sc_dev = dev; 264 265 IWI_LOCK_INIT(sc); 266 IWI_CMD_LOCK_INIT(sc); 267 268 sc->sc_unr = new_unrhdr(1, IWI_MAX_IBSSNODE-1, &sc->sc_mtx); 269 270 #if __FreeBSD_version >= 700000 271 sc->sc_tq = taskqueue_create("iwi_taskq", M_NOWAIT | M_ZERO, 272 taskqueue_thread_enqueue, &sc->sc_tq); 273 taskqueue_start_threads(&sc->sc_tq, 1, PI_NET, "%s taskq", 274 device_get_nameunit(dev)); 275 sc->sc_tq2 = taskqueue_create("iwi_taskq2", M_NOWAIT | M_ZERO, 276 taskqueue_thread_enqueue, &sc->sc_tq2); 277 taskqueue_start_threads(&sc->sc_tq2, 1, PI_NET, "%s taskq2", 278 device_get_nameunit(dev)); 279 #else 280 sc->sc_tq = taskqueue_create("iwi_taskq", M_NOWAIT | M_ZERO, 281 taskqueue_thread_enqueue, &sc->sc_tq, &sc->sc_tqproc); 282 kproc_create(taskqueue_thread_loop, &sc->sc_tq, &sc->sc_tqproc, 283 0, 0, "%s taskq", device_get_nameunit(dev)); 284 sc->sc_tq2 = taskqueue_create("iwi_taskq2", M_NOWAIT | M_ZERO, 285 taskqueue_thread_enqueue, &sc->sc_tq2, &sc->sc_tqproc); 286 kproc_create(taskqueue_thread_loop, &sc->sc_tq2, &sc->sc_tqproc, 287 0, 0, "%s taskq2", device_get_nameunit(dev)); 288 #endif 289 TASK_INIT(&sc->sc_radiontask, 0, iwi_radio_on, sc); 290 TASK_INIT(&sc->sc_radiofftask, 0, iwi_radio_off, sc); 291 TASK_INIT(&sc->sc_restarttask, 0, iwi_restart, sc); 292 TASK_INIT(&sc->sc_opstask, 0, iwi_ops, sc); 293 TASK_INIT(&sc->sc_scanaborttask, 0, iwi_scanabort, sc); 294 callout_init_mtx(&sc->sc_wdtimer, &sc->sc_mtx, 0); 295 296 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { 297 device_printf(dev, "chip is in D%d power mode " 298 "-- setting to D0\n", pci_get_powerstate(dev)); 299 pci_set_powerstate(dev, PCI_POWERSTATE_D0); 300 } 301 302 pci_write_config(dev, 0x41, 0, 1); 303 304 /* enable bus-mastering */ 305 pci_enable_busmaster(dev); 306 307 sc->mem_rid = IWI_PCI_BAR0; 308 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid, 309 RF_ACTIVE); 310 if (sc->mem == NULL) { 311 device_printf(dev, "could not allocate memory resource\n"); 312 goto fail; 313 } 314 315 sc->sc_st = rman_get_bustag(sc->mem); 316 sc->sc_sh = rman_get_bushandle(sc->mem); 317 318 sc->irq_rid = 0; 319 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid, 320 RF_ACTIVE | RF_SHAREABLE); 321 if (sc->irq == NULL) { 322 device_printf(dev, "could not allocate interrupt resource\n"); 323 goto fail; 324 } 325 326 if (iwi_reset(sc) != 0) { 327 device_printf(dev, "could not reset adapter\n"); 328 goto fail; 329 } 330 331 /* 332 * Allocate rings. 333 */ 334 if (iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT) != 0) { 335 device_printf(dev, "could not allocate Cmd ring\n"); 336 goto fail; 337 } 338 339 for (i = 0; i < 4; i++) { 340 error = iwi_alloc_tx_ring(sc, &sc->txq[i], IWI_TX_RING_COUNT, 341 IWI_CSR_TX1_RIDX + i * 4, 342 IWI_CSR_TX1_WIDX + i * 4); 343 if (error != 0) { 344 device_printf(dev, "could not allocate Tx ring %d\n", 345 i+i); 346 goto fail; 347 } 348 } 349 350 if (iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT) != 0) { 351 device_printf(dev, "could not allocate Rx ring\n"); 352 goto fail; 353 } 354 355 iwi_wme_init(sc); 356 357 ifp = sc->sc_ifp = if_alloc(IFT_ETHER); 358 if (ifp == NULL) { 359 device_printf(dev, "can not if_alloc()\n"); 360 goto fail; 361 } 362 ic->ic_ifp = ifp; 363 ifp->if_softc = sc; 364 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 365 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 366 ifp->if_init = iwi_init; 367 ifp->if_ioctl = iwi_ioctl; 368 ifp->if_start = iwi_start; 369 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 370 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN; 371 IFQ_SET_READY(&ifp->if_snd); 372 373 ic->ic_wme.wme_update = iwi_wme_update; 374 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 375 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 376 ic->ic_state = IEEE80211_S_INIT; 377 378 /* set device capabilities */ 379 ic->ic_caps = 380 IEEE80211_C_IBSS /* IBSS mode supported */ 381 | IEEE80211_C_MONITOR /* monitor mode supported */ 382 | IEEE80211_C_PMGT /* power save supported */ 383 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 384 | IEEE80211_C_WPA /* 802.11i */ 385 | IEEE80211_C_WME /* 802.11e */ 386 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 387 ; 388 389 /* read MAC address from EEPROM */ 390 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 391 ic->ic_myaddr[0] = val & 0xff; 392 ic->ic_myaddr[1] = val >> 8; 393 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 394 ic->ic_myaddr[2] = val & 0xff; 395 ic->ic_myaddr[3] = val >> 8; 396 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 397 ic->ic_myaddr[4] = val & 0xff; 398 ic->ic_myaddr[5] = val >> 8; 399 400 bands = 0; 401 setbit(&bands, IEEE80211_MODE_11B); 402 setbit(&bands, IEEE80211_MODE_11G); 403 if (pci_get_device(dev) >= 0x4223) 404 setbit(&bands, IEEE80211_MODE_11A); 405 ieee80211_init_channels(ic, 0, CTRY_DEFAULT, bands, 0, 1); 406 407 ieee80211_ifattach(ic); 408 ic->ic_bmissthreshold = 10; /* override default */ 409 /* override default methods */ 410 ic->ic_node_alloc = iwi_node_alloc; 411 sc->sc_node_free = ic->ic_node_free; 412 ic->ic_node_free = iwi_node_free; 413 ic->ic_scan_start = iwi_scan_start; 414 ic->ic_scan_end = iwi_scan_end; 415 ic->ic_set_channel = iwi_set_channel; 416 ic->ic_scan_curchan = iwi_scan_curchan; 417 ic->ic_scan_mindwell = iwi_scan_mindwell; 418 419 /* override state transition machine */ 420 sc->sc_newstate = ic->ic_newstate; 421 ic->ic_newstate = iwi_newstate; 422 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 423 424 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 425 sizeof (struct ieee80211_frame) + sizeof (sc->sc_txtap), 426 &sc->sc_drvbpf); 427 428 sc->sc_rxtap_len = sizeof sc->sc_rxtap; 429 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 430 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 431 432 sc->sc_txtap_len = sizeof sc->sc_txtap; 433 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 434 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 435 436 iwi_sysctlattach(sc); 437 iwi_ledattach(sc); 438 439 /* 440 * Hook our interrupt after all initialization is complete. 441 */ 442 error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET | INTR_MPSAFE, 443 NULL, iwi_intr, sc, &sc->sc_ih); 444 if (error != 0) { 445 device_printf(dev, "could not set up interrupt\n"); 446 goto fail; 447 } 448 449 if (bootverbose) 450 ieee80211_announce(ic); 451 452 return 0; 453 454 fail: iwi_detach(dev); 455 return ENXIO; 456 } 457 458 static int 459 iwi_detach(device_t dev) 460 { 461 struct iwi_softc *sc = device_get_softc(dev); 462 struct ieee80211com *ic = &sc->sc_ic; 463 struct ifnet *ifp = ic->ic_ifp; 464 IWI_LOCK_DECL; 465 466 if (ifp != NULL) { 467 IWI_LOCK(sc); 468 iwi_stop(sc); 469 IWI_UNLOCK(sc); 470 bpfdetach(ifp); 471 ieee80211_ifdetach(ic); 472 } 473 474 callout_drain(&sc->sc_wdtimer); 475 iwi_put_firmware(sc); 476 iwi_release_fw_dma(sc); 477 478 iwi_free_cmd_ring(sc, &sc->cmdq); 479 iwi_free_tx_ring(sc, &sc->txq[0]); 480 iwi_free_tx_ring(sc, &sc->txq[1]); 481 iwi_free_tx_ring(sc, &sc->txq[2]); 482 iwi_free_tx_ring(sc, &sc->txq[3]); 483 iwi_free_rx_ring(sc, &sc->rxq); 484 485 if (sc->irq != NULL) { 486 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 487 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq); 488 } 489 490 if (sc->mem != NULL) 491 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem); 492 493 if (ifp != NULL) 494 if_free(ifp); 495 496 taskqueue_free(sc->sc_tq); 497 taskqueue_free(sc->sc_tq2); 498 499 if (sc->sc_unr != NULL) 500 delete_unrhdr(sc->sc_unr); 501 502 IWI_LOCK_DESTROY(sc); 503 IWI_CMD_LOCK_DESTROY(sc); 504 505 return 0; 506 } 507 508 static void 509 iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 510 { 511 if (error != 0) 512 return; 513 514 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 515 516 *(bus_addr_t *)arg = segs[0].ds_addr; 517 } 518 519 static int 520 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count) 521 { 522 int error; 523 524 ring->count = count; 525 ring->queued = 0; 526 ring->cur = ring->next = 0; 527 528 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 529 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 530 count * IWI_CMD_DESC_SIZE, 1, count * IWI_CMD_DESC_SIZE, 0, 531 NULL, NULL, &ring->desc_dmat); 532 if (error != 0) { 533 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 534 goto fail; 535 } 536 537 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 538 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 539 if (error != 0) { 540 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 541 goto fail; 542 } 543 544 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 545 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 546 if (error != 0) { 547 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 548 goto fail; 549 } 550 551 return 0; 552 553 fail: iwi_free_cmd_ring(sc, ring); 554 return error; 555 } 556 557 static void 558 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 559 { 560 ring->queued = 0; 561 ring->cur = ring->next = 0; 562 } 563 564 static void 565 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 566 { 567 if (ring->desc != NULL) { 568 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 569 BUS_DMASYNC_POSTWRITE); 570 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 571 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 572 } 573 574 if (ring->desc_dmat != NULL) 575 bus_dma_tag_destroy(ring->desc_dmat); 576 } 577 578 static int 579 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count, 580 bus_addr_t csr_ridx, bus_addr_t csr_widx) 581 { 582 int i, error; 583 584 ring->count = count; 585 ring->queued = 0; 586 ring->cur = ring->next = 0; 587 ring->csr_ridx = csr_ridx; 588 ring->csr_widx = csr_widx; 589 590 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 591 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 592 count * IWI_TX_DESC_SIZE, 1, count * IWI_TX_DESC_SIZE, 0, NULL, 593 NULL, &ring->desc_dmat); 594 if (error != 0) { 595 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 596 goto fail; 597 } 598 599 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 600 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 601 if (error != 0) { 602 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 603 goto fail; 604 } 605 606 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 607 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 608 if (error != 0) { 609 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 610 goto fail; 611 } 612 613 ring->data = malloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 614 M_NOWAIT | M_ZERO); 615 if (ring->data == NULL) { 616 device_printf(sc->sc_dev, "could not allocate soft data\n"); 617 error = ENOMEM; 618 goto fail; 619 } 620 621 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 622 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 623 IWI_MAX_NSEG, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 624 if (error != 0) { 625 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 626 goto fail; 627 } 628 629 for (i = 0; i < count; i++) { 630 error = bus_dmamap_create(ring->data_dmat, 0, 631 &ring->data[i].map); 632 if (error != 0) { 633 device_printf(sc->sc_dev, "could not create DMA map\n"); 634 goto fail; 635 } 636 } 637 638 return 0; 639 640 fail: iwi_free_tx_ring(sc, ring); 641 return error; 642 } 643 644 static void 645 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 646 { 647 struct iwi_tx_data *data; 648 int i; 649 650 for (i = 0; i < ring->count; i++) { 651 data = &ring->data[i]; 652 653 if (data->m != NULL) { 654 bus_dmamap_sync(ring->data_dmat, data->map, 655 BUS_DMASYNC_POSTWRITE); 656 bus_dmamap_unload(ring->data_dmat, data->map); 657 m_freem(data->m); 658 data->m = NULL; 659 } 660 661 if (data->ni != NULL) { 662 ieee80211_free_node(data->ni); 663 data->ni = NULL; 664 } 665 } 666 667 ring->queued = 0; 668 ring->cur = ring->next = 0; 669 } 670 671 static void 672 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 673 { 674 struct iwi_tx_data *data; 675 int i; 676 677 if (ring->desc != NULL) { 678 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 679 BUS_DMASYNC_POSTWRITE); 680 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 681 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 682 } 683 684 if (ring->desc_dmat != NULL) 685 bus_dma_tag_destroy(ring->desc_dmat); 686 687 if (ring->data != NULL) { 688 for (i = 0; i < ring->count; i++) { 689 data = &ring->data[i]; 690 691 if (data->m != NULL) { 692 bus_dmamap_sync(ring->data_dmat, data->map, 693 BUS_DMASYNC_POSTWRITE); 694 bus_dmamap_unload(ring->data_dmat, data->map); 695 m_freem(data->m); 696 } 697 698 if (data->ni != NULL) 699 ieee80211_free_node(data->ni); 700 701 if (data->map != NULL) 702 bus_dmamap_destroy(ring->data_dmat, data->map); 703 } 704 705 free(ring->data, M_DEVBUF); 706 } 707 708 if (ring->data_dmat != NULL) 709 bus_dma_tag_destroy(ring->data_dmat); 710 } 711 712 static int 713 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count) 714 { 715 struct iwi_rx_data *data; 716 int i, error; 717 718 ring->count = count; 719 ring->cur = 0; 720 721 ring->data = malloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 722 M_NOWAIT | M_ZERO); 723 if (ring->data == NULL) { 724 device_printf(sc->sc_dev, "could not allocate soft data\n"); 725 error = ENOMEM; 726 goto fail; 727 } 728 729 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 730 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 731 1, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 732 if (error != 0) { 733 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 734 goto fail; 735 } 736 737 for (i = 0; i < count; i++) { 738 data = &ring->data[i]; 739 740 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 741 if (error != 0) { 742 device_printf(sc->sc_dev, "could not create DMA map\n"); 743 goto fail; 744 } 745 746 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 747 if (data->m == NULL) { 748 device_printf(sc->sc_dev, 749 "could not allocate rx mbuf\n"); 750 error = ENOMEM; 751 goto fail; 752 } 753 754 error = bus_dmamap_load(ring->data_dmat, data->map, 755 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 756 &data->physaddr, 0); 757 if (error != 0) { 758 device_printf(sc->sc_dev, 759 "could not load rx buf DMA map"); 760 goto fail; 761 } 762 763 data->reg = IWI_CSR_RX_BASE + i * 4; 764 } 765 766 return 0; 767 768 fail: iwi_free_rx_ring(sc, ring); 769 return error; 770 } 771 772 static void 773 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 774 { 775 ring->cur = 0; 776 } 777 778 static void 779 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 780 { 781 struct iwi_rx_data *data; 782 int i; 783 784 if (ring->data != NULL) { 785 for (i = 0; i < ring->count; i++) { 786 data = &ring->data[i]; 787 788 if (data->m != NULL) { 789 bus_dmamap_sync(ring->data_dmat, data->map, 790 BUS_DMASYNC_POSTREAD); 791 bus_dmamap_unload(ring->data_dmat, data->map); 792 m_freem(data->m); 793 } 794 795 if (data->map != NULL) 796 bus_dmamap_destroy(ring->data_dmat, data->map); 797 } 798 799 free(ring->data, M_DEVBUF); 800 } 801 802 if (ring->data_dmat != NULL) 803 bus_dma_tag_destroy(ring->data_dmat); 804 } 805 806 static int 807 iwi_shutdown(device_t dev) 808 { 809 struct iwi_softc *sc = device_get_softc(dev); 810 IWI_LOCK_DECL; 811 812 IWI_LOCK(sc); 813 iwi_stop(sc); 814 IWI_UNLOCK(sc); 815 iwi_put_firmware(sc); /* ??? XXX */ 816 817 return 0; 818 } 819 820 static int 821 iwi_suspend(device_t dev) 822 { 823 struct iwi_softc *sc = device_get_softc(dev); 824 IWI_LOCK_DECL; 825 826 IWI_LOCK(sc); 827 iwi_stop(sc); 828 IWI_UNLOCK(sc); 829 830 return 0; 831 } 832 833 static int 834 iwi_resume(device_t dev) 835 { 836 struct iwi_softc *sc = device_get_softc(dev); 837 struct ifnet *ifp = sc->sc_ic.ic_ifp; 838 IWI_LOCK_DECL; 839 840 IWI_LOCK(sc); 841 842 pci_write_config(dev, 0x41, 0, 1); 843 844 if (ifp->if_flags & IFF_UP) { 845 ifp->if_init(ifp->if_softc); 846 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 847 ifp->if_start(ifp); 848 } 849 850 IWI_UNLOCK(sc); 851 852 return 0; 853 } 854 855 static struct ieee80211_node * 856 iwi_node_alloc(struct ieee80211_node_table *nt) 857 { 858 struct iwi_node *in; 859 860 in = malloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 861 if (in == NULL) 862 return NULL; 863 864 in->in_station = -1; 865 866 return &in->in_node; 867 } 868 869 static void 870 iwi_node_free(struct ieee80211_node *ni) 871 { 872 struct ieee80211com *ic = ni->ni_ic; 873 struct iwi_softc *sc = ic->ic_ifp->if_softc; 874 struct iwi_node *in = (struct iwi_node *)ni; 875 876 if (in->in_station != -1) { 877 DPRINTF(("%s mac %6D station %u\n", __func__, 878 ni->ni_macaddr, ":", in->in_station)); 879 free_unr(sc->sc_unr, in->in_station); 880 } 881 882 sc->sc_node_free(ni); 883 } 884 885 static int 886 iwi_media_change(struct ifnet *ifp) 887 { 888 struct iwi_softc *sc = ifp->if_softc; 889 int error; 890 IWI_LOCK_DECL; 891 892 IWI_LOCK(sc); 893 894 error = ieee80211_media_change(ifp); 895 if (error == ENETRESET && 896 (ifp->if_flags & IFF_UP) && (ifp->if_drv_flags & IFF_DRV_RUNNING)) 897 iwi_init_locked(sc, 0); 898 899 IWI_UNLOCK(sc); 900 901 return error; 902 } 903 904 /* 905 * Convert h/w rate code to IEEE rate code. 906 */ 907 static int 908 iwi_cvtrate(int iwirate) 909 { 910 switch (iwirate) { 911 case IWI_RATE_DS1: return 2; 912 case IWI_RATE_DS2: return 4; 913 case IWI_RATE_DS5: return 11; 914 case IWI_RATE_DS11: return 22; 915 case IWI_RATE_OFDM6: return 12; 916 case IWI_RATE_OFDM9: return 18; 917 case IWI_RATE_OFDM12: return 24; 918 case IWI_RATE_OFDM18: return 36; 919 case IWI_RATE_OFDM24: return 48; 920 case IWI_RATE_OFDM36: return 72; 921 case IWI_RATE_OFDM48: return 96; 922 case IWI_RATE_OFDM54: return 108; 923 } 924 return 0; 925 } 926 927 /* 928 * The firmware automatically adapts the transmit speed. We report its current 929 * value here. 930 */ 931 static void 932 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 933 { 934 struct iwi_softc *sc = ifp->if_softc; 935 struct ieee80211com *ic = &sc->sc_ic; 936 int rate; 937 938 imr->ifm_status = IFM_AVALID; 939 imr->ifm_active = IFM_IEEE80211; 940 if (ic->ic_state == IEEE80211_S_RUN) 941 imr->ifm_status |= IFM_ACTIVE; 942 943 /* read current transmission rate from adapter */ 944 rate = iwi_cvtrate(CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE)); 945 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 946 947 if (ic->ic_opmode == IEEE80211_M_IBSS) 948 imr->ifm_active |= IFM_IEEE80211_ADHOC; 949 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 950 imr->ifm_active |= IFM_IEEE80211_MONITOR; 951 } 952 953 static int 954 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 955 { 956 struct ifnet *ifp = ic->ic_ifp; 957 struct iwi_softc *sc = ifp->if_softc; 958 int error = 0; 959 960 DPRINTF(("%s: %s -> %s flags 0x%x\n", __func__, 961 ieee80211_state_name[ic->ic_state], 962 ieee80211_state_name[nstate], sc->flags)); 963 964 /* XXX state change race with taskqueue */ 965 switch (nstate) { 966 case IEEE80211_S_AUTH: 967 iwi_assoc(ic); 968 break; 969 case IEEE80211_S_RUN: 970 if (ic->ic_opmode == IEEE80211_M_IBSS) { 971 /* 972 * XXX when joining an ibss network we are called 973 * with a SCAN -> RUN transition on scan complete. 974 * Use that to call iwi_auth_and_assoc. On completing 975 * the join we are then called again with an 976 * AUTH -> RUN transition and we want to do nothing. 977 * This is all totally bogus and needs to be redone. 978 */ 979 if (ic->ic_state == IEEE80211_S_SCAN) 980 iwi_assoc(ic); 981 } 982 break; 983 case IEEE80211_S_INIT: 984 /* 985 * NB: don't try to do this if iwi_stop_master has 986 * shutdown the firmware and disabled interrupts. 987 */ 988 if (ic->ic_state == IEEE80211_S_RUN && 989 (sc->flags & IWI_FLAG_FW_INITED)) 990 iwi_disassoc(ic); 991 if (ic->ic_state == IEEE80211_S_SCAN && 992 (sc->fw_state == IWI_FW_SCANNING)) 993 ieee80211_cancel_scan(ic); 994 break; 995 case IEEE80211_S_ASSOC: 996 /* 997 * If we are not transitioning from AUTH the resend the 998 * association request. 999 */ 1000 if (ic->ic_state != IEEE80211_S_AUTH) 1001 iwi_assoc(ic); 1002 break; 1003 default: 1004 break; 1005 } 1006 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg); 1007 1008 } 1009 1010 /* 1011 * WME parameters coming from IEEE 802.11e specification. These values are 1012 * already declared in ieee80211_proto.c, but they are static so they can't 1013 * be reused here. 1014 */ 1015 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1016 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1017 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1018 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1019 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1020 }; 1021 1022 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1023 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1024 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1025 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1026 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1027 }; 1028 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1029 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1030 1031 static void 1032 iwi_wme_init(struct iwi_softc *sc) 1033 { 1034 const struct wmeParams *wmep; 1035 int ac; 1036 1037 memset(sc->wme, 0, sizeof sc->wme); 1038 for (ac = 0; ac < WME_NUM_AC; ac++) { 1039 /* set WME values for CCK modulation */ 1040 wmep = &iwi_wme_cck_params[ac]; 1041 sc->wme[1].aifsn[ac] = wmep->wmep_aifsn; 1042 sc->wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1043 sc->wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1044 sc->wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1045 sc->wme[1].acm[ac] = wmep->wmep_acm; 1046 1047 /* set WME values for OFDM modulation */ 1048 wmep = &iwi_wme_ofdm_params[ac]; 1049 sc->wme[2].aifsn[ac] = wmep->wmep_aifsn; 1050 sc->wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1051 sc->wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1052 sc->wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1053 sc->wme[2].acm[ac] = wmep->wmep_acm; 1054 } 1055 } 1056 1057 static int 1058 iwi_wme_setparams(struct iwi_softc *sc) 1059 { 1060 struct ieee80211com *ic = &sc->sc_ic; 1061 const struct wmeParams *wmep; 1062 int ac; 1063 1064 for (ac = 0; ac < WME_NUM_AC; ac++) { 1065 /* set WME values for current operating mode */ 1066 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1067 sc->wme[0].aifsn[ac] = wmep->wmep_aifsn; 1068 sc->wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1069 sc->wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1070 sc->wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1071 sc->wme[0].acm[ac] = wmep->wmep_acm; 1072 } 1073 1074 DPRINTF(("Setting WME parameters\n")); 1075 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, sc->wme, sizeof sc->wme); 1076 } 1077 #undef IWI_USEC 1078 #undef IWI_EXP2 1079 1080 static int 1081 iwi_wme_update(struct ieee80211com *ic) 1082 { 1083 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1084 1085 /* 1086 * We may be called to update the WME parameters in 1087 * the adapter at various places. If we're already 1088 * associated then initiate the request immediately 1089 * (via the taskqueue); otherwise we assume the params 1090 * will get sent down to the adapter as part of the 1091 * work iwi_auth_and_assoc does. 1092 */ 1093 return (iwi_queue_cmd(sc, IWI_SET_WME)); 1094 } 1095 1096 static int 1097 iwi_wme_setie(struct iwi_softc *sc) 1098 { 1099 struct ieee80211_wme_info wme; 1100 1101 memset(&wme, 0, sizeof wme); 1102 wme.wme_id = IEEE80211_ELEMID_VENDOR; 1103 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 1104 wme.wme_oui[0] = 0x00; 1105 wme.wme_oui[1] = 0x50; 1106 wme.wme_oui[2] = 0xf2; 1107 wme.wme_type = WME_OUI_TYPE; 1108 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 1109 wme.wme_version = WME_VERSION; 1110 wme.wme_info = 0; 1111 1112 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 1113 return iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme); 1114 } 1115 1116 /* 1117 * Read 16 bits at address 'addr' from the serial EEPROM. 1118 */ 1119 static uint16_t 1120 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1121 { 1122 uint32_t tmp; 1123 uint16_t val; 1124 int n; 1125 1126 /* clock C once before the first command */ 1127 IWI_EEPROM_CTL(sc, 0); 1128 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1129 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1130 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1131 1132 /* write start bit (1) */ 1133 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1134 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1135 1136 /* write READ opcode (10) */ 1137 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1138 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1139 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1140 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1141 1142 /* write address A7-A0 */ 1143 for (n = 7; n >= 0; n--) { 1144 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1145 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1146 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1147 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1148 } 1149 1150 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1151 1152 /* read data Q15-Q0 */ 1153 val = 0; 1154 for (n = 15; n >= 0; n--) { 1155 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1156 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1157 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1158 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1159 } 1160 1161 IWI_EEPROM_CTL(sc, 0); 1162 1163 /* clear Chip Select and clock C */ 1164 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1165 IWI_EEPROM_CTL(sc, 0); 1166 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1167 1168 return val; 1169 } 1170 1171 static void 1172 iwi_setcurchan(struct iwi_softc *sc, int chan) 1173 { 1174 struct ieee80211com *ic = &sc->sc_ic; 1175 1176 sc->curchan = chan; 1177 1178 sc->sc_rxtap.wr_chan_freq = sc->sc_txtap.wt_chan_freq = 1179 htole16(ic->ic_curchan->ic_freq); 1180 sc->sc_rxtap.wr_chan_flags = sc->sc_txtap.wt_chan_flags = 1181 htole16(ic->ic_curchan->ic_flags); 1182 } 1183 1184 static void 1185 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1186 struct iwi_frame *frame) 1187 { 1188 struct ieee80211com *ic = &sc->sc_ic; 1189 struct ifnet *ifp = ic->ic_ifp; 1190 struct mbuf *mnew, *m; 1191 struct ieee80211_node *ni; 1192 int type, error, framelen; 1193 IWI_LOCK_DECL; 1194 1195 framelen = le16toh(frame->len); 1196 if (framelen < IEEE80211_MIN_LEN || framelen > MCLBYTES) { 1197 /* 1198 * XXX >MCLBYTES is bogus as it means the h/w dma'd 1199 * out of bounds; need to figure out how to limit 1200 * frame size in the firmware 1201 */ 1202 /* XXX stat */ 1203 DPRINTFN(1, 1204 ("drop rx frame len=%u chan=%u rssi=%u rssi_dbm=%u\n", 1205 le16toh(frame->len), frame->chan, frame->rssi, 1206 frame->rssi_dbm)); 1207 return; 1208 } 1209 1210 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u rssi_dbm=%u\n", 1211 le16toh(frame->len), frame->chan, frame->rssi, frame->rssi_dbm)); 1212 1213 if (frame->chan != sc->curchan) 1214 iwi_setcurchan(sc, frame->chan); 1215 1216 /* 1217 * Try to allocate a new mbuf for this ring element and load it before 1218 * processing the current mbuf. If the ring element cannot be loaded, 1219 * drop the received packet and reuse the old mbuf. In the unlikely 1220 * case that the old mbuf can't be reloaded either, explicitly panic. 1221 */ 1222 mnew = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1223 if (mnew == NULL) { 1224 ifp->if_ierrors++; 1225 return; 1226 } 1227 1228 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1229 1230 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1231 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr, 1232 0); 1233 if (error != 0) { 1234 m_freem(mnew); 1235 1236 /* try to reload the old mbuf */ 1237 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1238 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 1239 &data->physaddr, 0); 1240 if (error != 0) { 1241 /* very unlikely that it will fail... */ 1242 panic("%s: could not load old rx mbuf", 1243 device_get_name(sc->sc_dev)); 1244 } 1245 ifp->if_ierrors++; 1246 return; 1247 } 1248 1249 /* 1250 * New mbuf successfully loaded, update Rx ring and continue 1251 * processing. 1252 */ 1253 m = data->m; 1254 data->m = mnew; 1255 CSR_WRITE_4(sc, data->reg, data->physaddr); 1256 1257 /* finalize mbuf */ 1258 m->m_pkthdr.rcvif = ifp; 1259 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1260 sizeof (struct iwi_frame) + framelen; 1261 1262 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1263 1264 if (bpf_peers_present(sc->sc_drvbpf)) { 1265 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1266 1267 tap->wr_flags = 0; 1268 tap->wr_rate = iwi_cvtrate(frame->rate); 1269 tap->wr_antsignal = frame->signal; 1270 tap->wr_antenna = frame->antenna; 1271 1272 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1273 } 1274 IWI_UNLOCK(sc); 1275 1276 ni = ieee80211_find_rxnode(ic, mtod(m, struct ieee80211_frame_min *)); 1277 1278 /* send the frame to the 802.11 layer */ 1279 type = ieee80211_input(ic, m, ni, frame->rssi_dbm, 0, 0); 1280 1281 /* node is no longer needed */ 1282 ieee80211_free_node(ni); 1283 1284 IWI_LOCK(sc); 1285 if (sc->sc_softled) { 1286 /* 1287 * Blink for any data frame. Otherwise do a 1288 * heartbeat-style blink when idle. The latter 1289 * is mainly for station mode where we depend on 1290 * periodic beacon frames to trigger the poll event. 1291 */ 1292 if (type == IEEE80211_FC0_TYPE_DATA) { 1293 sc->sc_rxrate = frame->rate; 1294 iwi_led_event(sc, IWI_LED_RX); 1295 } else if (ticks - sc->sc_ledevent >= sc->sc_ledidle) 1296 iwi_led_event(sc, IWI_LED_POLL); 1297 } 1298 } 1299 1300 /* unaligned little endian access */ 1301 #define LE_READ_2(p) \ 1302 ((u_int16_t) \ 1303 ((((const u_int8_t *)(p))[0] ) | \ 1304 (((const u_int8_t *)(p))[1] << 8))) 1305 #define LE_READ_4(p) \ 1306 ((u_int32_t) \ 1307 ((((const u_int8_t *)(p))[0] ) | \ 1308 (((const u_int8_t *)(p))[1] << 8) | \ 1309 (((const u_int8_t *)(p))[2] << 16) | \ 1310 (((const u_int8_t *)(p))[3] << 24))) 1311 1312 #define IEEE80211_VERIFY_LENGTH(_len, _minlen) do { \ 1313 if ((_len) < (_minlen)) { \ 1314 return; \ 1315 } \ 1316 } while (0) 1317 1318 static int __inline 1319 iswmeoui(const u_int8_t *frm) 1320 { 1321 return frm[1] > 3 && LE_READ_4(frm+2) == ((WME_OUI_TYPE<<24)|WME_OUI); 1322 } 1323 1324 /* 1325 * Check for an association response frame to see if QoS 1326 * has been negotiated. We parse just enough to figure 1327 * out if we're supposed to use QoS. The proper solution 1328 * is to pass the frame up so ieee80211_input can do the 1329 * work but that's made hard by how things currently are 1330 * done in the driver. 1331 */ 1332 static void 1333 iwi_checkforqos(struct iwi_softc *sc, const struct ieee80211_frame *wh, int len) 1334 { 1335 #define SUBTYPE(wh) ((wh)->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) 1336 const uint8_t *frm, *efrm, *wme; 1337 struct ieee80211_node *ni; 1338 uint16_t capinfo, status, associd; 1339 1340 /* NB: +8 for capinfo, status, associd, and first ie */ 1341 if (!(sizeof(*wh)+8 < len && len < IEEE80211_MAX_LEN) || 1342 SUBTYPE(wh) != IEEE80211_FC0_SUBTYPE_ASSOC_RESP) 1343 return; 1344 /* 1345 * asresp frame format 1346 * [2] capability information 1347 * [2] status 1348 * [2] association ID 1349 * [tlv] supported rates 1350 * [tlv] extended supported rates 1351 * [tlv] WME 1352 */ 1353 frm = (const uint8_t *)&wh[1]; 1354 efrm = ((const uint8_t *) wh) + len; 1355 1356 capinfo = le16toh(*(const uint16_t *)frm); 1357 frm += 2; 1358 status = le16toh(*(const uint16_t *)frm); 1359 frm += 2; 1360 associd = le16toh(*(const uint16_t *)frm); 1361 frm += 2; 1362 1363 wme = NULL; 1364 while (frm < efrm) { 1365 IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1]); 1366 switch (*frm) { 1367 case IEEE80211_ELEMID_VENDOR: 1368 if (iswmeoui(frm)) 1369 wme = frm; 1370 break; 1371 } 1372 frm += frm[1] + 2; 1373 } 1374 1375 ni = sc->sc_ic.ic_bss; 1376 ni->ni_capinfo = capinfo; 1377 ni->ni_associd = associd; 1378 if (wme != NULL) 1379 ni->ni_flags |= IEEE80211_NODE_QOS; 1380 else 1381 ni->ni_flags &= ~IEEE80211_NODE_QOS; 1382 #undef SUBTYPE 1383 } 1384 1385 static void 1386 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1387 { 1388 struct ieee80211com *ic = &sc->sc_ic; 1389 struct iwi_notif_scan_channel *chan; 1390 struct iwi_notif_scan_complete *scan; 1391 struct iwi_notif_authentication *auth; 1392 struct iwi_notif_association *assoc; 1393 struct iwi_notif_beacon_state *beacon; 1394 1395 switch (notif->type) { 1396 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1397 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1398 1399 DPRINTFN(3, ("Scan of channel %u complete (%u)\n", 1400 ieee80211_ieee2mhz(chan->nchan, 0), chan->nchan)); 1401 1402 /* Reset the timer, the scan is still going */ 1403 sc->sc_state_timer = 3; 1404 break; 1405 1406 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1407 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1408 1409 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1410 scan->status)); 1411 1412 IWI_STATE_END(sc, IWI_FW_SCANNING); 1413 1414 if (scan->status == IWI_SCAN_COMPLETED) 1415 ieee80211_scan_next(ic); 1416 1417 break; 1418 1419 case IWI_NOTIF_TYPE_AUTHENTICATION: 1420 auth = (struct iwi_notif_authentication *)(notif + 1); 1421 1422 switch (auth->state) { 1423 case IWI_AUTH_SUCCESS: 1424 DPRINTFN(2, ("Authentication succeeeded\n")); 1425 ieee80211_node_authorize(ic->ic_bss); 1426 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1427 break; 1428 1429 case IWI_AUTH_FAIL: 1430 DPRINTFN(2, ("Authentication failed\n")); 1431 sc->flags &= ~IWI_FLAG_ASSOCIATED; 1432 IWI_STATE_END(sc, IWI_FW_ASSOCIATING); 1433 /* XXX */ 1434 break; 1435 1436 case IWI_AUTH_SENT_1: 1437 case IWI_AUTH_RECV_2: 1438 case IWI_AUTH_SEQ1_PASS: 1439 break; 1440 1441 case IWI_AUTH_SEQ1_FAIL: 1442 DPRINTFN(2, ("Initial authentication handshake failed; " 1443 "you probably need shared key\n")); 1444 IWI_STATE_END(sc, IWI_FW_ASSOCIATING); 1445 /* XXX retry shared key when in auto */ 1446 break; 1447 1448 default: 1449 device_printf(sc->sc_dev, 1450 "unknown authentication state %u\n", auth->state); 1451 } 1452 break; 1453 1454 case IWI_NOTIF_TYPE_ASSOCIATION: 1455 assoc = (struct iwi_notif_association *)(notif + 1); 1456 1457 switch (assoc->state) { 1458 case IWI_AUTH_SUCCESS: 1459 /* re-association, do nothing */ 1460 break; 1461 1462 case IWI_ASSOC_SUCCESS: 1463 DPRINTFN(2, ("Association succeeded\n")); 1464 sc->flags |= IWI_FLAG_ASSOCIATED; 1465 IWI_STATE_END(sc, IWI_FW_ASSOCIATING); 1466 iwi_checkforqos(sc, 1467 (const struct ieee80211_frame *)(assoc+1), 1468 le16toh(notif->len) - sizeof(*assoc)); 1469 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1470 break; 1471 1472 case IWI_ASSOC_INIT: 1473 switch (sc->fw_state) { 1474 case IWI_FW_ASSOCIATING: 1475 DPRINTFN(2, ("Association failed\n")); 1476 IWI_STATE_END(sc, IWI_FW_ASSOCIATING); 1477 ieee80211_new_state(ic, 1478 IEEE80211_S_SCAN, -1); 1479 break; 1480 1481 case IWI_FW_DISASSOCIATING: 1482 DPRINTFN(2, ("Dissassociated\n")); 1483 IWI_STATE_END(sc, 1484 IWI_FW_DISASSOCIATING); 1485 break; 1486 } 1487 sc->flags &= ~IWI_FLAG_ASSOCIATED; 1488 break; 1489 1490 default: 1491 device_printf(sc->sc_dev, 1492 "unknown association state %u\n", assoc->state); 1493 } 1494 break; 1495 1496 case IWI_NOTIF_TYPE_BEACON: 1497 /* XXX check struct length */ 1498 beacon = (struct iwi_notif_beacon_state *)(notif + 1); 1499 1500 DPRINTFN(5, ("Beacon state (%u, %u)\n", 1501 beacon->state, le32toh(beacon->number))); 1502 1503 if (beacon->state == IWI_BEACON_MISS) { 1504 /* 1505 * The firmware notifies us of every beacon miss 1506 * so we need to track the count against the 1507 * configured threshold before notifying the 1508 * 802.11 layer. 1509 * XXX try to roam, drop assoc only on much higher count 1510 */ 1511 if (le32toh(beacon->number) >= ic->ic_bmissthreshold) { 1512 DPRINTF(("Beacon miss: %u >= %u\n", 1513 le32toh(beacon->number), 1514 ic->ic_bmissthreshold)); 1515 ieee80211_beacon_miss(ic); 1516 } 1517 } 1518 break; 1519 1520 case IWI_NOTIF_TYPE_CALIBRATION: 1521 case IWI_NOTIF_TYPE_NOISE: 1522 case IWI_NOTIF_TYPE_LINK_QUALITY: 1523 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1524 break; 1525 1526 default: 1527 DPRINTF(("unknown notification type %u flags 0x%x len %u\n", 1528 notif->type, notif->flags, le16toh(notif->len))); 1529 } 1530 } 1531 1532 static void 1533 iwi_rx_intr(struct iwi_softc *sc) 1534 { 1535 struct iwi_rx_data *data; 1536 struct iwi_hdr *hdr; 1537 uint32_t hw; 1538 1539 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1540 1541 for (; sc->rxq.cur != hw;) { 1542 data = &sc->rxq.data[sc->rxq.cur]; 1543 1544 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1545 BUS_DMASYNC_POSTREAD); 1546 1547 hdr = mtod(data->m, struct iwi_hdr *); 1548 1549 switch (hdr->type) { 1550 case IWI_HDR_TYPE_FRAME: 1551 iwi_frame_intr(sc, data, sc->rxq.cur, 1552 (struct iwi_frame *)(hdr + 1)); 1553 break; 1554 1555 case IWI_HDR_TYPE_NOTIF: 1556 iwi_notification_intr(sc, 1557 (struct iwi_notif *)(hdr + 1)); 1558 break; 1559 1560 default: 1561 device_printf(sc->sc_dev, "unknown hdr type %u\n", 1562 hdr->type); 1563 } 1564 1565 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1566 1567 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT; 1568 } 1569 1570 /* tell the firmware what we have processed */ 1571 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1; 1572 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1573 } 1574 1575 static void 1576 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1577 { 1578 struct ieee80211com *ic = &sc->sc_ic; 1579 struct ifnet *ifp = ic->ic_ifp; 1580 struct iwi_tx_data *data; 1581 uint32_t hw; 1582 1583 hw = CSR_READ_4(sc, txq->csr_ridx); 1584 1585 for (; txq->next != hw;) { 1586 data = &txq->data[txq->next]; 1587 1588 bus_dmamap_sync(txq->data_dmat, data->map, 1589 BUS_DMASYNC_POSTWRITE); 1590 bus_dmamap_unload(txq->data_dmat, data->map); 1591 if (data->m->m_flags & M_TXCB) 1592 ieee80211_process_callback(data->ni, data->m, 0/*XXX*/); 1593 m_freem(data->m); 1594 data->m = NULL; 1595 ieee80211_free_node(data->ni); 1596 data->ni = NULL; 1597 1598 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1599 1600 ifp->if_opackets++; 1601 1602 txq->queued--; 1603 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT; 1604 } 1605 1606 sc->sc_tx_timer = 0; 1607 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 1608 1609 if (sc->sc_softled) 1610 iwi_led_event(sc, IWI_LED_TX); 1611 1612 iwi_start(ifp); 1613 } 1614 1615 static void 1616 iwi_intr(void *arg) 1617 { 1618 struct iwi_softc *sc = arg; 1619 uint32_t r; 1620 IWI_LOCK_DECL; 1621 1622 IWI_LOCK(sc); 1623 1624 if ((r = CSR_READ_4(sc, IWI_CSR_INTR)) == 0 || r == 0xffffffff) { 1625 IWI_UNLOCK(sc); 1626 return; 1627 } 1628 1629 /* acknowledge interrupts */ 1630 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1631 1632 if (r & IWI_INTR_FATAL_ERROR) { 1633 device_printf(sc->sc_dev, "firmware error\n"); 1634 /* don't restart if the interface isn't up */ 1635 if (sc->sc_ifp->if_drv_flags & IFF_DRV_RUNNING) 1636 taskqueue_enqueue(sc->sc_tq2, &sc->sc_restarttask); 1637 1638 sc->flags &= ~IWI_FLAG_BUSY; 1639 sc->sc_busy_timer = 0; 1640 wakeup(sc); 1641 } 1642 1643 if (r & IWI_INTR_FW_INITED) { 1644 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1645 wakeup(sc); 1646 } 1647 1648 if (r & IWI_INTR_RADIO_OFF) 1649 taskqueue_enqueue(sc->sc_tq, &sc->sc_radiofftask); 1650 1651 if (r & IWI_INTR_CMD_DONE) { 1652 sc->flags &= ~IWI_FLAG_BUSY; 1653 sc->sc_busy_timer = 0; 1654 wakeup(sc); 1655 } 1656 1657 if (r & IWI_INTR_TX1_DONE) 1658 iwi_tx_intr(sc, &sc->txq[0]); 1659 1660 if (r & IWI_INTR_TX2_DONE) 1661 iwi_tx_intr(sc, &sc->txq[1]); 1662 1663 if (r & IWI_INTR_TX3_DONE) 1664 iwi_tx_intr(sc, &sc->txq[2]); 1665 1666 if (r & IWI_INTR_TX4_DONE) 1667 iwi_tx_intr(sc, &sc->txq[3]); 1668 1669 if (r & IWI_INTR_RX_DONE) 1670 iwi_rx_intr(sc); 1671 1672 if (r & IWI_INTR_PARITY_ERROR) { 1673 /* XXX rate-limit */ 1674 device_printf(sc->sc_dev, "parity error\n"); 1675 } 1676 1677 IWI_UNLOCK(sc); 1678 } 1679 1680 static int 1681 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len) 1682 { 1683 struct iwi_cmd_desc *desc; 1684 1685 IWI_LOCK_ASSERT(sc); 1686 1687 if (sc->flags & IWI_FLAG_BUSY) { 1688 device_printf(sc->sc_dev, "%s: cmd %d not sent, busy\n", 1689 __func__, type); 1690 return EAGAIN; 1691 } 1692 sc->flags |= IWI_FLAG_BUSY; 1693 sc->sc_busy_timer = 2; 1694 1695 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1696 1697 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1698 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1699 desc->type = type; 1700 desc->len = len; 1701 memcpy(desc->data, data, len); 1702 1703 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map, 1704 BUS_DMASYNC_PREWRITE); 1705 1706 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1707 type, len)); 1708 1709 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT; 1710 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1711 1712 return msleep(sc, &sc->sc_mtx, 0, "iwicmd", hz); 1713 } 1714 1715 static void 1716 iwi_write_ibssnode(struct iwi_softc *sc, 1717 const u_int8_t addr[IEEE80211_ADDR_LEN], int entry) 1718 { 1719 struct iwi_ibssnode node; 1720 1721 /* write node information into NIC memory */ 1722 memset(&node, 0, sizeof node); 1723 IEEE80211_ADDR_COPY(node.bssid, addr); 1724 1725 DPRINTF(("%s mac %6D station %u\n", __func__, node.bssid, ":", entry)); 1726 1727 CSR_WRITE_REGION_1(sc, 1728 IWI_CSR_NODE_BASE + entry * sizeof node, 1729 (uint8_t *)&node, sizeof node); 1730 } 1731 1732 static int 1733 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1734 int ac) 1735 { 1736 struct iwi_softc *sc = ifp->if_softc; 1737 struct ieee80211com *ic = &sc->sc_ic; 1738 struct iwi_node *in = (struct iwi_node *)ni; 1739 const struct ieee80211_frame *wh; 1740 struct ieee80211_key *k; 1741 const struct chanAccParams *cap; 1742 struct iwi_tx_ring *txq = &sc->txq[ac]; 1743 struct iwi_tx_data *data; 1744 struct iwi_tx_desc *desc; 1745 struct mbuf *mnew; 1746 bus_dma_segment_t segs[IWI_MAX_NSEG]; 1747 int error, nsegs, hdrlen, i; 1748 int ismcast, flags, xflags, staid; 1749 1750 IWI_LOCK_ASSERT(sc); 1751 wh = mtod(m0, const struct ieee80211_frame *); 1752 /* NB: only data frames use this path */ 1753 hdrlen = ieee80211_hdrsize(wh); 1754 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1755 flags = xflags = 0; 1756 1757 if (!ismcast) 1758 flags |= IWI_DATA_FLAG_NEED_ACK; 1759 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1760 flags |= IWI_DATA_FLAG_SHPREAMBLE; 1761 if (IEEE80211_QOS_HAS_SEQ(wh)) { 1762 xflags |= IWI_DATA_XFLAG_QOS; 1763 cap = &ic->ic_wme.wme_chanParams; 1764 if (!cap->cap_wmeParams[ac].wmep_noackPolicy) 1765 flags &= ~IWI_DATA_FLAG_NEED_ACK; 1766 } 1767 1768 /* 1769 * This is only used in IBSS mode where the firmware expect an index 1770 * in a h/w table instead of a destination address. 1771 */ 1772 if (ic->ic_opmode == IEEE80211_M_IBSS) { 1773 if (!ismcast) { 1774 if (in->in_station == -1) { 1775 in->in_station = alloc_unr(sc->sc_unr); 1776 if (in->in_station == -1) { 1777 /* h/w table is full */ 1778 m_freem(m0); 1779 ieee80211_free_node(ni); 1780 ifp->if_oerrors++; 1781 return 0; 1782 } 1783 iwi_write_ibssnode(sc, 1784 ni->ni_macaddr, in->in_station); 1785 } 1786 staid = in->in_station; 1787 } else { 1788 /* 1789 * Multicast addresses have no associated node 1790 * so there will be no station entry. We reserve 1791 * entry 0 for one mcast address and use that. 1792 * If there are many being used this will be 1793 * expensive and we'll need to do a better job 1794 * but for now this handles the broadcast case. 1795 */ 1796 if (!IEEE80211_ADDR_EQ(wh->i_addr1, sc->sc_mcast)) { 1797 IEEE80211_ADDR_COPY(sc->sc_mcast, wh->i_addr1); 1798 iwi_write_ibssnode(sc, sc->sc_mcast, 0); 1799 } 1800 staid = 0; 1801 } 1802 } else 1803 staid = 0; 1804 1805 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1806 k = ieee80211_crypto_encap(ic, ni, m0); 1807 if (k == NULL) { 1808 m_freem(m0); 1809 return ENOBUFS; 1810 } 1811 1812 /* packet header may have moved, reset our local pointer */ 1813 wh = mtod(m0, struct ieee80211_frame *); 1814 } 1815 1816 if (bpf_peers_present(sc->sc_drvbpf)) { 1817 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1818 1819 tap->wt_flags = 0; 1820 1821 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1822 } 1823 1824 data = &txq->data[txq->cur]; 1825 desc = &txq->desc[txq->cur]; 1826 1827 /* save and trim IEEE802.11 header */ 1828 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1829 m_adj(m0, hdrlen); 1830 1831 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, segs, 1832 &nsegs, 0); 1833 if (error != 0 && error != EFBIG) { 1834 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1835 error); 1836 m_freem(m0); 1837 return error; 1838 } 1839 if (error != 0) { 1840 mnew = m_defrag(m0, M_DONTWAIT); 1841 if (mnew == NULL) { 1842 device_printf(sc->sc_dev, 1843 "could not defragment mbuf\n"); 1844 m_freem(m0); 1845 return ENOBUFS; 1846 } 1847 m0 = mnew; 1848 1849 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, 1850 m0, segs, &nsegs, 0); 1851 if (error != 0) { 1852 device_printf(sc->sc_dev, 1853 "could not map mbuf (error %d)\n", error); 1854 m_freem(m0); 1855 return error; 1856 } 1857 } 1858 1859 data->m = m0; 1860 data->ni = ni; 1861 1862 desc->hdr.type = IWI_HDR_TYPE_DATA; 1863 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1864 desc->station = staid; 1865 desc->cmd = IWI_DATA_CMD_TX; 1866 desc->len = htole16(m0->m_pkthdr.len); 1867 desc->flags = flags; 1868 desc->xflags = xflags; 1869 1870 #if 0 1871 if (ic->ic_flags & IEEE80211_F_PRIVACY) 1872 desc->wep_txkey = ic->ic_crypto.cs_def_txkey; 1873 else 1874 #endif 1875 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1876 1877 desc->nseg = htole32(nsegs); 1878 for (i = 0; i < nsegs; i++) { 1879 desc->seg_addr[i] = htole32(segs[i].ds_addr); 1880 desc->seg_len[i] = htole16(segs[i].ds_len); 1881 } 1882 1883 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1884 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1885 1886 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1887 ac, txq->cur, le16toh(desc->len), nsegs)); 1888 1889 txq->queued++; 1890 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT; 1891 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1892 1893 return 0; 1894 } 1895 1896 static void 1897 iwi_start(struct ifnet *ifp) 1898 { 1899 struct iwi_softc *sc = ifp->if_softc; 1900 struct ieee80211com *ic = &sc->sc_ic; 1901 struct mbuf *m0; 1902 struct ether_header *eh; 1903 struct ieee80211_node *ni; 1904 int ac; 1905 IWI_LOCK_DECL; 1906 1907 IWI_LOCK(sc); 1908 1909 if (ic->ic_state != IEEE80211_S_RUN) { 1910 IWI_UNLOCK(sc); 1911 return; 1912 } 1913 1914 for (;;) { 1915 IF_DEQUEUE(&ic->ic_mgtq, m0); 1916 if (m0 == NULL) { 1917 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0); 1918 if (m0 == NULL) 1919 break; 1920 /* 1921 * Cancel any background scan. 1922 */ 1923 if (ic->ic_flags & IEEE80211_F_SCAN) 1924 ieee80211_cancel_scan(ic); 1925 1926 if (m0->m_len < sizeof (struct ether_header) && 1927 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1928 ifp->if_oerrors++; 1929 continue; 1930 } 1931 eh = mtod(m0, struct ether_header *); 1932 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1933 if (ni == NULL) { 1934 m_freem(m0); 1935 ifp->if_oerrors++; 1936 continue; 1937 } 1938 1939 /* classify mbuf so we can find which tx ring to use */ 1940 if (ieee80211_classify(ic, m0, ni) != 0) { 1941 m_freem(m0); 1942 ieee80211_free_node(ni); 1943 ifp->if_oerrors++; 1944 continue; 1945 } 1946 1947 /* XXX does not belong here */ 1948 /* no QoS encapsulation for EAPOL frames */ 1949 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1950 M_WME_GETAC(m0) : WME_AC_BE; 1951 1952 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) { 1953 /* there is no place left in this ring */ 1954 IFQ_DRV_PREPEND(&ifp->if_snd, m0); 1955 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1956 break; 1957 } 1958 1959 BPF_MTAP(ifp, m0); 1960 1961 m0 = ieee80211_encap(ic, m0, ni); 1962 if (m0 == NULL) { 1963 ieee80211_free_node(ni); 1964 ifp->if_oerrors++; 1965 continue; 1966 } 1967 } else { 1968 ni = (struct ieee80211_node *) m0->m_pkthdr.rcvif; 1969 m0->m_pkthdr.rcvif = NULL; 1970 /* XXX no way to send mgt frames (yet), discard */ 1971 m_freem(m0); 1972 ieee80211_free_node(ni); 1973 continue; 1974 } 1975 1976 if (bpf_peers_present(ic->ic_rawbpf)) 1977 bpf_mtap(ic->ic_rawbpf, m0); 1978 1979 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1980 ieee80211_free_node(ni); 1981 ifp->if_oerrors++; 1982 break; 1983 } 1984 1985 sc->sc_tx_timer = 5; 1986 ic->ic_lastdata = ticks; 1987 } 1988 1989 IWI_UNLOCK(sc); 1990 } 1991 1992 static void 1993 iwi_watchdog(void *arg) 1994 { 1995 struct iwi_softc *sc = arg; 1996 struct ifnet *ifp = sc->sc_ifp; 1997 1998 IWI_LOCK_ASSERT(sc); 1999 2000 if (sc->sc_tx_timer > 0) { 2001 if (--sc->sc_tx_timer == 0) { 2002 if_printf(ifp, "device timeout\n"); 2003 ifp->if_oerrors++; 2004 taskqueue_enqueue(sc->sc_tq2, &sc->sc_restarttask); 2005 } 2006 } 2007 if (sc->sc_rfkill_timer > 0) { 2008 if (--sc->sc_rfkill_timer == 0) { 2009 /* 2010 * Check for a change in rfkill state. We get an 2011 * interrupt when a radio is disabled but not when 2012 * it is enabled so we must poll for the latter. 2013 */ 2014 if (!iwi_getrfkill(sc)) 2015 taskqueue_enqueue(sc->sc_tq, &sc->sc_radiontask); 2016 else 2017 sc->sc_rfkill_timer = 2; 2018 } 2019 } 2020 if (sc->sc_state_timer > 0) { 2021 if (--sc->sc_state_timer == 0) { 2022 if_printf(ifp, "firmware stuck in state %d, resetting\n", 2023 sc->fw_state); 2024 taskqueue_enqueue(sc->sc_tq2, &sc->sc_restarttask); 2025 if (sc->fw_state == IWI_FW_SCANNING) 2026 ieee80211_cancel_scan(&sc->sc_ic); 2027 sc->sc_state_timer = 3; 2028 } 2029 } 2030 if (sc->sc_busy_timer > 0) { 2031 if (--sc->sc_busy_timer == 0) { 2032 if_printf(ifp, "firmware command timeout, resetting\n"); 2033 taskqueue_enqueue(sc->sc_tq2, &sc->sc_restarttask); 2034 } 2035 } 2036 2037 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 2038 callout_reset(&sc->sc_wdtimer, hz, iwi_watchdog, sc); 2039 } 2040 2041 static int 2042 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2043 { 2044 struct iwi_softc *sc = ifp->if_softc; 2045 struct ieee80211com *ic = &sc->sc_ic; 2046 int error = 0; 2047 IWI_LOCK_DECL; 2048 2049 IWI_LOCK(sc); 2050 2051 /* 2052 * wait until pending iwi_cmd() are completed, to avoid races 2053 * that could cause problems. 2054 */ 2055 while (sc->flags & IWI_FLAG_BUSY) 2056 msleep(sc, &sc->sc_mtx, 0, "iwiioctl", hz); 2057 2058 switch (cmd) { 2059 case SIOCSIFFLAGS: 2060 if (ifp->if_flags & IFF_UP) { 2061 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) 2062 iwi_init_locked(sc, 0); 2063 } else { 2064 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 2065 iwi_stop(sc); 2066 else { 2067 /* 2068 * If device was stopped due to rfkill then 2069 * marked down we'll have the polling thread 2070 * running; stop it explicitly. 2071 */ 2072 sc->sc_rfkill_timer = 0; 2073 } 2074 } 2075 break; 2076 2077 default: 2078 error = ieee80211_ioctl(ic, cmd, data); 2079 } 2080 2081 if (error == ENETRESET) { 2082 if ((ifp->if_flags & IFF_UP) && 2083 (ifp->if_drv_flags & IFF_DRV_RUNNING) && 2084 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 2085 iwi_init_locked(sc, 0); 2086 error = 0; 2087 } 2088 2089 IWI_UNLOCK(sc); 2090 2091 return error; 2092 } 2093 2094 static void 2095 iwi_stop_master(struct iwi_softc *sc) 2096 { 2097 uint32_t tmp; 2098 int ntries; 2099 2100 /* disable interrupts */ 2101 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 2102 2103 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 2104 for (ntries = 0; ntries < 5; ntries++) { 2105 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2106 break; 2107 DELAY(10); 2108 } 2109 if (ntries == 5) 2110 device_printf(sc->sc_dev, "timeout waiting for master\n"); 2111 2112 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2113 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET); 2114 2115 sc->flags &= ~IWI_FLAG_FW_INITED; 2116 } 2117 2118 static int 2119 iwi_reset(struct iwi_softc *sc) 2120 { 2121 uint32_t tmp; 2122 int i, ntries; 2123 2124 iwi_stop_master(sc); 2125 2126 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2127 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2128 2129 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 2130 2131 /* wait for clock stabilization */ 2132 for (ntries = 0; ntries < 1000; ntries++) { 2133 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 2134 break; 2135 DELAY(200); 2136 } 2137 if (ntries == 1000) { 2138 device_printf(sc->sc_dev, 2139 "timeout waiting for clock stabilization\n"); 2140 return EIO; 2141 } 2142 2143 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2144 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET); 2145 2146 DELAY(10); 2147 2148 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2149 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2150 2151 /* clear NIC memory */ 2152 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2153 for (i = 0; i < 0xc000; i++) 2154 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2155 2156 return 0; 2157 } 2158 2159 static const struct iwi_firmware_ohdr * 2160 iwi_setup_ofw(struct iwi_softc *sc, struct iwi_fw *fw) 2161 { 2162 const struct firmware *fp = fw->fp; 2163 const struct iwi_firmware_ohdr *hdr; 2164 2165 if (fp->datasize < sizeof (struct iwi_firmware_ohdr)) { 2166 device_printf(sc->sc_dev, "image '%s' too small\n", fp->name); 2167 return NULL; 2168 } 2169 hdr = (const struct iwi_firmware_ohdr *)fp->data; 2170 if ((IWI_FW_GET_MAJOR(le32toh(hdr->version)) != IWI_FW_REQ_MAJOR) || 2171 (IWI_FW_GET_MINOR(le32toh(hdr->version)) != IWI_FW_REQ_MINOR)) { 2172 device_printf(sc->sc_dev, "version for '%s' %d.%d != %d.%d\n", 2173 fp->name, IWI_FW_GET_MAJOR(le32toh(hdr->version)), 2174 IWI_FW_GET_MINOR(le32toh(hdr->version)), IWI_FW_REQ_MAJOR, 2175 IWI_FW_REQ_MINOR); 2176 return NULL; 2177 } 2178 fw->data = ((const char *) fp->data) + sizeof(struct iwi_firmware_ohdr); 2179 fw->size = fp->datasize - sizeof(struct iwi_firmware_ohdr); 2180 fw->name = fp->name; 2181 return hdr; 2182 } 2183 2184 static const struct iwi_firmware_ohdr * 2185 iwi_setup_oucode(struct iwi_softc *sc, struct iwi_fw *fw) 2186 { 2187 const struct iwi_firmware_ohdr *hdr; 2188 2189 hdr = iwi_setup_ofw(sc, fw); 2190 if (hdr != NULL && le32toh(hdr->mode) != IWI_FW_MODE_UCODE) { 2191 device_printf(sc->sc_dev, "%s is not a ucode image\n", 2192 fw->name); 2193 hdr = NULL; 2194 } 2195 return hdr; 2196 } 2197 2198 static void 2199 iwi_getfw(struct iwi_fw *fw, const char *fwname, 2200 struct iwi_fw *uc, const char *ucname) 2201 { 2202 if (fw->fp == NULL) 2203 fw->fp = firmware_get(fwname); 2204 /* NB: pre-3.0 ucode is packaged separately */ 2205 if (uc->fp == NULL && fw->fp != NULL && fw->fp->version < 300) 2206 uc->fp = firmware_get(ucname); 2207 } 2208 2209 /* 2210 * Get the required firmware images if not already loaded. 2211 * Note that we hold firmware images so long as the device 2212 * is marked up in case we need to reload them on device init. 2213 * This is necessary because we re-init the device sometimes 2214 * from a context where we cannot read from the filesystem 2215 * (e.g. from the taskqueue thread when rfkill is re-enabled). 2216 * XXX return 0 on success, 1 on error. 2217 * 2218 * NB: the order of get'ing and put'ing images here is 2219 * intentional to support handling firmware images bundled 2220 * by operating mode and/or all together in one file with 2221 * the boot firmware as "master". 2222 */ 2223 static int 2224 iwi_get_firmware(struct iwi_softc *sc) 2225 { 2226 struct ieee80211com *ic = &sc->sc_ic; 2227 const struct iwi_firmware_hdr *hdr; 2228 const struct firmware *fp; 2229 2230 /* invalidate cached firmware on mode change */ 2231 if (sc->fw_mode != ic->ic_opmode) 2232 iwi_put_firmware(sc); 2233 2234 switch (ic->ic_opmode) { 2235 case IEEE80211_M_STA: 2236 iwi_getfw(&sc->fw_fw, "iwi_bss", &sc->fw_uc, "iwi_ucode_bss"); 2237 break; 2238 2239 case IEEE80211_M_IBSS: 2240 iwi_getfw(&sc->fw_fw, "iwi_ibss", &sc->fw_uc, "iwi_ucode_ibss"); 2241 break; 2242 2243 case IEEE80211_M_MONITOR: 2244 iwi_getfw(&sc->fw_fw, "iwi_monitor", 2245 &sc->fw_uc, "iwi_ucode_monitor"); 2246 break; 2247 2248 default: 2249 break; 2250 } 2251 fp = sc->fw_fw.fp; 2252 if (fp == NULL) { 2253 device_printf(sc->sc_dev, "could not load firmware\n"); 2254 goto bad; 2255 } 2256 if (fp->version < 300) { 2257 /* 2258 * Firmware prior to 3.0 was packaged as separate 2259 * boot, firmware, and ucode images. Verify the 2260 * ucode image was read in, retrieve the boot image 2261 * if needed, and check version stamps for consistency. 2262 * The version stamps in the data are also checked 2263 * above; this is a bit paranoid but is a cheap 2264 * safeguard against mis-packaging. 2265 */ 2266 if (sc->fw_uc.fp == NULL) { 2267 device_printf(sc->sc_dev, "could not load ucode\n"); 2268 goto bad; 2269 } 2270 if (sc->fw_boot.fp == NULL) { 2271 sc->fw_boot.fp = firmware_get("iwi_boot"); 2272 if (sc->fw_boot.fp == NULL) { 2273 device_printf(sc->sc_dev, 2274 "could not load boot firmware\n"); 2275 goto bad; 2276 } 2277 } 2278 if (sc->fw_boot.fp->version != sc->fw_fw.fp->version || 2279 sc->fw_boot.fp->version != sc->fw_uc.fp->version) { 2280 device_printf(sc->sc_dev, 2281 "firmware version mismatch: " 2282 "'%s' is %d, '%s' is %d, '%s' is %d\n", 2283 sc->fw_boot.fp->name, sc->fw_boot.fp->version, 2284 sc->fw_uc.fp->name, sc->fw_uc.fp->version, 2285 sc->fw_fw.fp->name, sc->fw_fw.fp->version 2286 ); 2287 goto bad; 2288 } 2289 /* 2290 * Check and setup each image. 2291 */ 2292 if (iwi_setup_oucode(sc, &sc->fw_uc) == NULL || 2293 iwi_setup_ofw(sc, &sc->fw_boot) == NULL || 2294 iwi_setup_ofw(sc, &sc->fw_fw) == NULL) 2295 goto bad; 2296 } else { 2297 /* 2298 * Check and setup combined image. 2299 */ 2300 if (fp->datasize < sizeof(struct iwi_firmware_hdr)) { 2301 device_printf(sc->sc_dev, "image '%s' too small\n", 2302 fp->name); 2303 goto bad; 2304 } 2305 hdr = (const struct iwi_firmware_hdr *)fp->data; 2306 if (fp->datasize < sizeof(*hdr) + le32toh(hdr->bsize) + le32toh(hdr->usize) 2307 + le32toh(hdr->fsize)) { 2308 device_printf(sc->sc_dev, "image '%s' too small (2)\n", 2309 fp->name); 2310 goto bad; 2311 } 2312 sc->fw_boot.data = ((const char *) fp->data) + sizeof(*hdr); 2313 sc->fw_boot.size = le32toh(hdr->bsize); 2314 sc->fw_boot.name = fp->name; 2315 sc->fw_uc.data = sc->fw_boot.data + sc->fw_boot.size; 2316 sc->fw_uc.size = le32toh(hdr->usize); 2317 sc->fw_uc.name = fp->name; 2318 sc->fw_fw.data = sc->fw_uc.data + sc->fw_uc.size; 2319 sc->fw_fw.size = le32toh(hdr->fsize); 2320 sc->fw_fw.name = fp->name; 2321 } 2322 #if 0 2323 device_printf(sc->sc_dev, "boot %d ucode %d fw %d bytes\n", 2324 sc->fw_boot.size, sc->fw_uc.size, sc->fw_fw.size); 2325 #endif 2326 2327 sc->fw_mode = ic->ic_opmode; 2328 return 0; 2329 bad: 2330 iwi_put_firmware(sc); 2331 return 1; 2332 } 2333 2334 static void 2335 iwi_put_fw(struct iwi_fw *fw) 2336 { 2337 if (fw->fp != NULL) { 2338 firmware_put(fw->fp, FIRMWARE_UNLOAD); 2339 fw->fp = NULL; 2340 } 2341 fw->data = NULL; 2342 fw->size = 0; 2343 fw->name = NULL; 2344 } 2345 2346 /* 2347 * Release any cached firmware images. 2348 */ 2349 static void 2350 iwi_put_firmware(struct iwi_softc *sc) 2351 { 2352 iwi_put_fw(&sc->fw_uc); 2353 iwi_put_fw(&sc->fw_fw); 2354 iwi_put_fw(&sc->fw_boot); 2355 } 2356 2357 static int 2358 iwi_load_ucode(struct iwi_softc *sc, const struct iwi_fw *fw) 2359 { 2360 uint32_t tmp; 2361 const uint16_t *w; 2362 const char *uc = fw->data; 2363 size_t size = fw->size; 2364 int i, ntries, error; 2365 2366 IWI_LOCK_ASSERT(sc); 2367 error = 0; 2368 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2369 IWI_RST_STOP_MASTER); 2370 for (ntries = 0; ntries < 5; ntries++) { 2371 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2372 break; 2373 DELAY(10); 2374 } 2375 if (ntries == 5) { 2376 device_printf(sc->sc_dev, "timeout waiting for master\n"); 2377 error = EIO; 2378 goto fail; 2379 } 2380 2381 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2382 DELAY(5000); 2383 2384 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2385 tmp &= ~IWI_RST_PRINCETON_RESET; 2386 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2387 2388 DELAY(5000); 2389 MEM_WRITE_4(sc, 0x3000e0, 0); 2390 DELAY(1000); 2391 MEM_WRITE_4(sc, IWI_MEM_EEPROM_EVENT, 1); 2392 DELAY(1000); 2393 MEM_WRITE_4(sc, IWI_MEM_EEPROM_EVENT, 0); 2394 DELAY(1000); 2395 MEM_WRITE_1(sc, 0x200000, 0x00); 2396 MEM_WRITE_1(sc, 0x200000, 0x40); 2397 DELAY(1000); 2398 2399 /* write microcode into adapter memory */ 2400 for (w = (const uint16_t *)uc; size > 0; w++, size -= 2) 2401 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2402 2403 MEM_WRITE_1(sc, 0x200000, 0x00); 2404 MEM_WRITE_1(sc, 0x200000, 0x80); 2405 2406 /* wait until we get an answer */ 2407 for (ntries = 0; ntries < 100; ntries++) { 2408 if (MEM_READ_1(sc, 0x200000) & 1) 2409 break; 2410 DELAY(100); 2411 } 2412 if (ntries == 100) { 2413 device_printf(sc->sc_dev, 2414 "timeout waiting for ucode to initialize\n"); 2415 error = EIO; 2416 goto fail; 2417 } 2418 2419 /* read the answer or the firmware will not initialize properly */ 2420 for (i = 0; i < 7; i++) 2421 MEM_READ_4(sc, 0x200004); 2422 2423 MEM_WRITE_1(sc, 0x200000, 0x00); 2424 2425 fail: 2426 return error; 2427 } 2428 2429 /* macro to handle unaligned little endian data in firmware image */ 2430 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2431 2432 static int 2433 iwi_load_firmware(struct iwi_softc *sc, const struct iwi_fw *fw) 2434 { 2435 u_char *p, *end; 2436 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp; 2437 int ntries, error; 2438 2439 IWI_LOCK_ASSERT(sc); 2440 /* copy firmware image to DMA memory */ 2441 memcpy(sc->fw_virtaddr, fw->data, fw->size); 2442 2443 /* make sure the adapter will get up-to-date values */ 2444 bus_dmamap_sync(sc->fw_dmat, sc->fw_map, BUS_DMASYNC_PREWRITE); 2445 2446 /* tell the adapter where the command blocks are stored */ 2447 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2448 2449 /* 2450 * Store command blocks into adapter's internal memory using register 2451 * indirections. The adapter will read the firmware image through DMA 2452 * using information stored in command blocks. 2453 */ 2454 src = sc->fw_physaddr; 2455 p = sc->fw_virtaddr; 2456 end = p + fw->size; 2457 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2458 2459 while (p < end) { 2460 dst = GETLE32(p); p += 4; src += 4; 2461 len = GETLE32(p); p += 4; src += 4; 2462 p += len; 2463 2464 while (len > 0) { 2465 mlen = min(len, IWI_CB_MAXDATALEN); 2466 2467 ctl = IWI_CB_DEFAULT_CTL | mlen; 2468 sum = ctl ^ src ^ dst; 2469 2470 /* write a command block */ 2471 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2472 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src); 2473 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst); 2474 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2475 2476 src += mlen; 2477 dst += mlen; 2478 len -= mlen; 2479 } 2480 } 2481 2482 /* write a fictive final command block (sentinel) */ 2483 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2484 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2485 2486 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2487 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER); 2488 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2489 2490 /* tell the adapter to start processing command blocks */ 2491 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2492 2493 /* wait until the adapter reaches the sentinel */ 2494 for (ntries = 0; ntries < 400; ntries++) { 2495 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2496 break; 2497 DELAY(100); 2498 } 2499 /* sync dma, just in case */ 2500 bus_dmamap_sync(sc->fw_dmat, sc->fw_map, BUS_DMASYNC_POSTWRITE); 2501 if (ntries == 400) { 2502 device_printf(sc->sc_dev, 2503 "timeout processing command blocks for %s firmware\n", 2504 fw->name); 2505 return EIO; 2506 } 2507 2508 /* we're done with command blocks processing */ 2509 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2510 2511 /* allow interrupts so we know when the firmware is ready */ 2512 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2513 2514 /* tell the adapter to initialize the firmware */ 2515 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2516 2517 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2518 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY); 2519 2520 /* wait at most one second for firmware initialization to complete */ 2521 if ((error = msleep(sc, &sc->sc_mtx, 0, "iwiinit", hz)) != 0) { 2522 device_printf(sc->sc_dev, "timeout waiting for %s firmware " 2523 "initialization to complete\n", fw->name); 2524 } 2525 2526 return error; 2527 } 2528 2529 static int 2530 iwi_setpowermode(struct iwi_softc *sc) 2531 { 2532 struct ieee80211com *ic = &sc->sc_ic; 2533 uint32_t data; 2534 2535 if (ic->ic_flags & IEEE80211_F_PMGTON) { 2536 /* XXX set more fine-grained operation */ 2537 data = htole32(IWI_POWER_MODE_MAX); 2538 } else 2539 data = htole32(IWI_POWER_MODE_CAM); 2540 2541 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2542 return iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data); 2543 } 2544 2545 static int 2546 iwi_setwepkeys(struct iwi_softc *sc) 2547 { 2548 struct ieee80211com *ic = &sc->sc_ic; 2549 struct iwi_wep_key wepkey; 2550 struct ieee80211_key *wk; 2551 int error, i; 2552 2553 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2554 wk = &ic->ic_crypto.cs_nw_keys[i]; 2555 2556 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2557 wepkey.idx = i; 2558 wepkey.len = wk->wk_keylen; 2559 memset(wepkey.key, 0, sizeof wepkey.key); 2560 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2561 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx, 2562 wepkey.len)); 2563 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2564 sizeof wepkey); 2565 if (error != 0) 2566 return error; 2567 } 2568 return 0; 2569 } 2570 2571 static int 2572 iwi_config(struct iwi_softc *sc) 2573 { 2574 struct ieee80211com *ic = &sc->sc_ic; 2575 struct ifnet *ifp = ic->ic_ifp; 2576 struct iwi_configuration config; 2577 struct iwi_rateset rs; 2578 struct iwi_txpower power; 2579 uint32_t data; 2580 int error, i; 2581 IWI_LOCK_ASSERT(sc); 2582 2583 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2584 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":")); 2585 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2586 IEEE80211_ADDR_LEN); 2587 if (error != 0) 2588 return error; 2589 2590 memset(&config, 0, sizeof config); 2591 config.bluetooth_coexistence = sc->bluetooth; 2592 config.silence_threshold = 0x1e; 2593 config.antenna = sc->antenna; 2594 config.multicast_enabled = 1; 2595 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2596 config.disable_unicast_decryption = 1; 2597 config.disable_multicast_decryption = 1; 2598 DPRINTF(("Configuring adapter\n")); 2599 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config); 2600 if (error != 0) 2601 return error; 2602 2603 error = iwi_setpowermode(sc); 2604 if (error != 0) 2605 return error; 2606 2607 data = htole32(ic->ic_rtsthreshold); 2608 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2609 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data); 2610 if (error != 0) 2611 return error; 2612 2613 data = htole32(ic->ic_fragthreshold); 2614 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2615 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data); 2616 if (error != 0) 2617 return error; 2618 2619 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2620 power.mode = IWI_MODE_11B; 2621 power.nchan = 11; 2622 for (i = 0; i < 11; i++) { 2623 power.chan[i].chan = i + 1; 2624 power.chan[i].power = IWI_TXPOWER_MAX; 2625 } 2626 DPRINTF(("Setting .11b channels tx power\n")); 2627 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power); 2628 if (error != 0) 2629 return error; 2630 2631 power.mode = IWI_MODE_11G; 2632 DPRINTF(("Setting .11g channels tx power\n")); 2633 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power); 2634 if (error != 0) 2635 return error; 2636 } 2637 2638 memset(&rs, 0, sizeof rs); 2639 rs.mode = IWI_MODE_11G; 2640 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2641 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2642 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2643 rs.nrates); 2644 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2645 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs); 2646 if (error != 0) 2647 return error; 2648 2649 memset(&rs, 0, sizeof rs); 2650 rs.mode = IWI_MODE_11A; 2651 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2652 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2653 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2654 rs.nrates); 2655 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2656 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs); 2657 if (error != 0) 2658 return error; 2659 2660 /* if we have a desired ESSID, set it now */ 2661 if (ic->ic_des_ssid[0].len != 0) { 2662 #ifdef IWI_DEBUG 2663 if (iwi_debug > 0) { 2664 printf("Setting desired ESSID to "); 2665 ieee80211_print_essid(ic->ic_des_ssid[0].ssid, 2666 ic->ic_des_ssid[0].len); 2667 printf("\n"); 2668 } 2669 #endif 2670 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_ssid[0].ssid, 2671 ic->ic_des_ssid[0].len); 2672 if (error != 0) 2673 return error; 2674 } 2675 2676 data = htole32(arc4random()); 2677 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2678 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data); 2679 if (error != 0) 2680 return error; 2681 2682 error = iwi_setwepkeys(sc); 2683 if (error != 0) 2684 return error; 2685 2686 /* enable adapter */ 2687 DPRINTF(("Enabling adapter\n")); 2688 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0); 2689 } 2690 2691 static __inline void 2692 set_scan_type(struct iwi_scan_ext *scan, int ix, int scan_type) 2693 { 2694 uint8_t *st = &scan->scan_type[ix / 2]; 2695 if (ix % 2) 2696 *st = (*st & 0xf0) | ((scan_type & 0xf) << 0); 2697 else 2698 *st = (*st & 0x0f) | ((scan_type & 0xf) << 4); 2699 } 2700 2701 static int 2702 scan_type(const struct ieee80211_scan_state *ss, 2703 const struct ieee80211_channel *chan) 2704 { 2705 /* We can only set one essid for a directed scan */ 2706 if (ss->ss_nssid != 0) 2707 return IWI_SCAN_TYPE_BDIRECTED; 2708 if ((ss->ss_flags & IEEE80211_SCAN_ACTIVE) && 2709 (chan->ic_flags & IEEE80211_CHAN_PASSIVE) == 0) 2710 return IWI_SCAN_TYPE_BROADCAST; 2711 return IWI_SCAN_TYPE_PASSIVE; 2712 } 2713 2714 static __inline int 2715 scan_band(const struct ieee80211_channel *c) 2716 { 2717 return IEEE80211_IS_CHAN_5GHZ(c) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ; 2718 } 2719 2720 /* 2721 * Start a scan on the current channel or all channels. 2722 */ 2723 static int 2724 iwi_scanchan(struct iwi_softc *sc, unsigned long maxdwell, int mode) 2725 { 2726 struct ieee80211com *ic; 2727 struct ieee80211_channel *chan; 2728 struct ieee80211_scan_state *ss; 2729 struct iwi_scan_ext scan; 2730 int error = 0; 2731 2732 IWI_LOCK_ASSERT(sc); 2733 if (sc->fw_state == IWI_FW_SCANNING) { 2734 /* 2735 * This should not happen as we only trigger scan_next after 2736 * completion 2737 */ 2738 DPRINTF(("%s: called too early - still scanning\n", __func__)); 2739 return (EBUSY); 2740 } 2741 IWI_STATE_BEGIN(sc, IWI_FW_SCANNING); 2742 2743 ic = &sc->sc_ic; 2744 ss = ic->ic_scan; 2745 2746 memset(&scan, 0, sizeof scan); 2747 scan.full_scan_index = htole32(++sc->sc_scangen); 2748 scan.dwell_time[IWI_SCAN_TYPE_PASSIVE] = htole16(maxdwell); 2749 if (ic->ic_flags_ext & IEEE80211_FEXT_BGSCAN) { 2750 /* 2751 * Use very short dwell times for when we send probe request 2752 * frames. Without this bg scans hang. Ideally this should 2753 * be handled with early-termination as done by net80211 but 2754 * that's not feasible (aborting a scan is problematic). 2755 */ 2756 scan.dwell_time[IWI_SCAN_TYPE_BROADCAST] = htole16(30); 2757 scan.dwell_time[IWI_SCAN_TYPE_BDIRECTED] = htole16(30); 2758 } else { 2759 scan.dwell_time[IWI_SCAN_TYPE_BROADCAST] = htole16(maxdwell); 2760 scan.dwell_time[IWI_SCAN_TYPE_BDIRECTED] = htole16(maxdwell); 2761 } 2762 2763 /* We can only set one essid for a directed scan */ 2764 if (ss->ss_nssid != 0) { 2765 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ss->ss_ssid[0].ssid, 2766 ss->ss_ssid[0].len); 2767 if (error) 2768 return (error); 2769 } 2770 2771 if (mode == IWI_SCAN_ALLCHAN) { 2772 int i, next, band, b, bstart; 2773 /* 2774 * Convert scan list to run-length encoded channel list 2775 * the firmware requires (preserving the order setup by 2776 * net80211). The first entry in each run specifies the 2777 * band and the count of items in the run. 2778 */ 2779 next = 0; /* next open slot */ 2780 bstart = 0; /* NB: not needed, silence compiler */ 2781 band = -1; /* NB: impossible value */ 2782 KASSERT(ss->ss_last > 0, ("no channels")); 2783 for (i = 0; i < ss->ss_last; i++) { 2784 chan = ss->ss_chans[i]; 2785 b = scan_band(chan); 2786 if (b != band) { 2787 if (band != -1) 2788 scan.channels[bstart] = 2789 (next - bstart) | band; 2790 /* NB: this allocates a slot for the run-len */ 2791 band = b, bstart = next++; 2792 } 2793 if (next >= IWI_SCAN_CHANNELS) { 2794 DPRINTF(("truncating scan list\n")); 2795 break; 2796 } 2797 scan.channels[next] = ieee80211_chan2ieee(ic, chan); 2798 set_scan_type(&scan, next, scan_type(ss, chan)); 2799 next++; 2800 } 2801 scan.channels[bstart] = (next - bstart) | band; 2802 } else { 2803 /* Scan the current channel only */ 2804 chan = ic->ic_curchan; 2805 scan.channels[0] = 1 | scan_band(chan); 2806 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2807 set_scan_type(&scan, 1, scan_type(ss, chan)); 2808 } 2809 #ifdef IWI_DEBUG 2810 if (iwi_debug > 0) { 2811 static const char *scantype[8] = 2812 { "PSTOP", "PASV", "DIR", "BCAST", "BDIR", "5", "6", "7" }; 2813 int i; 2814 printf("Scan request: index %u dwell %d/%d/%d\n" 2815 , le32toh(scan.full_scan_index) 2816 , le16toh(scan.dwell_time[IWI_SCAN_TYPE_PASSIVE]) 2817 , le16toh(scan.dwell_time[IWI_SCAN_TYPE_BROADCAST]) 2818 , le16toh(scan.dwell_time[IWI_SCAN_TYPE_BDIRECTED]) 2819 ); 2820 i = 0; 2821 do { 2822 int run = scan.channels[i]; 2823 if (run == 0) 2824 break; 2825 printf("Scan %d %s channels:", run & 0x3f, 2826 run & IWI_CHAN_2GHZ ? "2.4GHz" : "5GHz"); 2827 for (run &= 0x3f, i++; run > 0; run--, i++) { 2828 uint8_t type = scan.scan_type[i/2]; 2829 printf(" %u/%s", scan.channels[i], 2830 scantype[(i & 1 ? type : type>>4) & 7]); 2831 } 2832 printf("\n"); 2833 } while (i < IWI_SCAN_CHANNELS); 2834 } 2835 #endif 2836 2837 return (iwi_cmd(sc, IWI_CMD_SCAN_EXT, &scan, sizeof scan)); 2838 } 2839 2840 static void 2841 iwi_scanabort(void *arg, int npending) 2842 { 2843 struct iwi_softc *sc = arg; 2844 IWI_LOCK_DECL; 2845 2846 IWI_LOCK(sc); 2847 sc->flags &= ~IWI_FLAG_CHANNEL_SCAN; 2848 /* NB: make sure we're still scanning */ 2849 if (sc->fw_state == IWI_FW_SCANNING) 2850 iwi_cmd(sc, IWI_CMD_ABORT_SCAN, NULL, 0); 2851 IWI_UNLOCK(sc); 2852 } 2853 2854 static int 2855 iwi_set_sensitivity(struct iwi_softc *sc, int8_t rssi_dbm) 2856 { 2857 struct iwi_sensitivity sens; 2858 2859 DPRINTF(("Setting sensitivity to %d\n", rssi_dbm)); 2860 2861 memset(&sens, 0, sizeof sens); 2862 sens.rssi = htole16(rssi_dbm); 2863 return iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &sens, sizeof sens); 2864 } 2865 2866 static int 2867 iwi_auth_and_assoc(struct iwi_softc *sc) 2868 { 2869 struct ieee80211com *ic = &sc->sc_ic; 2870 struct ifnet *ifp = ic->ic_ifp; 2871 struct ieee80211_node *ni = ic->ic_bss; 2872 struct iwi_configuration config; 2873 struct iwi_associate *assoc = &sc->assoc; 2874 struct iwi_rateset rs; 2875 uint16_t capinfo; 2876 int error, mode; 2877 2878 IWI_LOCK_ASSERT(sc); 2879 2880 if (sc->flags & IWI_FLAG_ASSOCIATED) { 2881 DPRINTF(("Already associated\n")); 2882 return (-1); 2883 } 2884 2885 IWI_STATE_BEGIN(sc, IWI_FW_ASSOCIATING); 2886 error = 0; 2887 mode = 0; 2888 2889 if (IEEE80211_IS_CHAN_A(ic->ic_curchan)) 2890 mode = IWI_MODE_11A; 2891 else if (IEEE80211_IS_CHAN_G(ic->ic_curchan)) 2892 mode = IWI_MODE_11G; 2893 if (IEEE80211_IS_CHAN_B(ic->ic_curchan)) 2894 mode = IWI_MODE_11B; 2895 2896 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) { 2897 memset(&config, 0, sizeof config); 2898 config.bluetooth_coexistence = sc->bluetooth; 2899 config.antenna = sc->antenna; 2900 config.multicast_enabled = 1; 2901 if (mode == IWI_MODE_11G) 2902 config.use_protection = 1; 2903 config.answer_pbreq = 2904 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2905 config.disable_unicast_decryption = 1; 2906 config.disable_multicast_decryption = 1; 2907 DPRINTF(("Configuring adapter\n")); 2908 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config); 2909 if (error != 0) 2910 goto done; 2911 } 2912 2913 #ifdef IWI_DEBUG 2914 if (iwi_debug > 0) { 2915 printf("Setting ESSID to "); 2916 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2917 printf("\n"); 2918 } 2919 #endif 2920 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen); 2921 if (error != 0) 2922 goto done; 2923 2924 /* the rate set has already been "negotiated" */ 2925 memset(&rs, 0, sizeof rs); 2926 rs.mode = mode; 2927 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2928 rs.nrates = ni->ni_rates.rs_nrates; 2929 if (rs.nrates > IWI_RATESET_SIZE) { 2930 DPRINTF(("Truncating negotiated rate set from %u\n", 2931 rs.nrates)); 2932 rs.nrates = IWI_RATESET_SIZE; 2933 } 2934 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2935 DPRINTF(("Setting negotiated rates (%u)\n", rs.nrates)); 2936 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs); 2937 if (error != 0) 2938 goto done; 2939 2940 memset(assoc, 0, sizeof *assoc); 2941 2942 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2943 /* NB: don't treat WME setup as failure */ 2944 if (iwi_wme_setparams(sc) == 0 && iwi_wme_setie(sc) == 0) 2945 assoc->policy |= htole16(IWI_POLICY_WME); 2946 /* XXX complain on failure? */ 2947 } 2948 2949 if (ic->ic_opt_ie != NULL) { 2950 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2951 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2952 ic->ic_opt_ie_len); 2953 if (error != 0) 2954 goto done; 2955 } 2956 2957 error = iwi_set_sensitivity(sc, ni->ni_rssi); 2958 if (error != 0) 2959 goto done; 2960 2961 assoc->mode = mode; 2962 assoc->chan = ic->ic_curchan->ic_ieee; 2963 /* 2964 * NB: do not arrange for shared key auth w/o privacy 2965 * (i.e. a wep key); it causes a firmware error. 2966 */ 2967 if ((ic->ic_flags & IEEE80211_F_PRIVACY) && 2968 ni->ni_authmode == IEEE80211_AUTH_SHARED) { 2969 assoc->auth = IWI_AUTH_SHARED; 2970 /* 2971 * It's possible to have privacy marked but no default 2972 * key setup. This typically is due to a user app bug 2973 * but if we blindly grab the key the firmware will 2974 * barf so avoid it for now. 2975 */ 2976 if (ic->ic_crypto.cs_def_txkey != IEEE80211_KEYIX_NONE) 2977 assoc->auth |= ic->ic_crypto.cs_def_txkey << 4; 2978 2979 error = iwi_setwepkeys(sc); 2980 if (error != 0) 2981 goto done; 2982 } 2983 if (ic->ic_flags & IEEE80211_F_WPA) 2984 assoc->policy |= htole16(IWI_POLICY_WPA); 2985 if (ic->ic_opmode == IEEE80211_M_IBSS && ni->ni_tstamp.tsf == 0) 2986 assoc->type = IWI_HC_IBSS_START; 2987 else 2988 assoc->type = IWI_HC_ASSOC; 2989 memcpy(assoc->tstamp, ni->ni_tstamp.data, 8); 2990 2991 if (ic->ic_opmode == IEEE80211_M_IBSS) 2992 capinfo = IEEE80211_CAPINFO_IBSS; 2993 else 2994 capinfo = IEEE80211_CAPINFO_ESS; 2995 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2996 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2997 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2998 IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) 2999 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 3000 if (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_SLOTTIME) 3001 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 3002 assoc->capinfo = htole16(capinfo); 3003 3004 assoc->lintval = htole16(ic->ic_lintval); 3005 assoc->intval = htole16(ni->ni_intval); 3006 IEEE80211_ADDR_COPY(assoc->bssid, ni->ni_bssid); 3007 if (ic->ic_opmode == IEEE80211_M_IBSS) 3008 IEEE80211_ADDR_COPY(assoc->dst, ifp->if_broadcastaddr); 3009 else 3010 IEEE80211_ADDR_COPY(assoc->dst, ni->ni_bssid); 3011 3012 DPRINTF(("%s bssid %6D dst %6D channel %u policy 0x%x " 3013 "auth %u capinfo 0x%x lintval %u bintval %u\n", 3014 assoc->type == IWI_HC_IBSS_START ? "Start" : "Join", 3015 assoc->bssid, ":", assoc->dst, ":", 3016 assoc->chan, le16toh(assoc->policy), assoc->auth, 3017 le16toh(assoc->capinfo), le16toh(assoc->lintval), 3018 le16toh(assoc->intval))); 3019 error = iwi_cmd(sc, IWI_CMD_ASSOCIATE, assoc, sizeof *assoc); 3020 done: 3021 if (error) 3022 IWI_STATE_END(sc, IWI_FW_ASSOCIATING); 3023 3024 return (error); 3025 } 3026 3027 static int 3028 iwi_disassociate(struct iwi_softc *sc, int quiet) 3029 { 3030 struct iwi_associate *assoc = &sc->assoc; 3031 3032 if ((sc->flags & IWI_FLAG_ASSOCIATED) == 0) { 3033 DPRINTF(("Not associated\n")); 3034 return (-1); 3035 } 3036 3037 IWI_STATE_BEGIN(sc, IWI_FW_DISASSOCIATING); 3038 3039 if (quiet) 3040 assoc->type = IWI_HC_DISASSOC_QUIET; 3041 else 3042 assoc->type = IWI_HC_DISASSOC; 3043 3044 DPRINTF(("Trying to disassociate from %6D channel %u\n", 3045 assoc->bssid, ":", assoc->chan)); 3046 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, assoc, sizeof *assoc); 3047 } 3048 3049 static void 3050 iwi_init(void *priv) 3051 { 3052 struct iwi_softc *sc = priv; 3053 IWI_LOCK_DECL; 3054 3055 IWI_LOCK(sc); 3056 iwi_init_locked(sc, 0); 3057 IWI_UNLOCK(sc); 3058 } 3059 3060 /* 3061 * release dma resources for the firmware 3062 */ 3063 static void 3064 iwi_release_fw_dma(struct iwi_softc *sc) 3065 { 3066 if (sc->fw_flags & IWI_FW_HAVE_PHY) 3067 bus_dmamap_unload(sc->fw_dmat, sc->fw_map); 3068 if (sc->fw_flags & IWI_FW_HAVE_MAP) 3069 bus_dmamem_free(sc->fw_dmat, sc->fw_virtaddr, sc->fw_map); 3070 if (sc->fw_flags & IWI_FW_HAVE_DMAT) 3071 bus_dma_tag_destroy(sc->fw_dmat); 3072 3073 sc->fw_flags = 0; 3074 sc->fw_dma_size = 0; 3075 sc->fw_dmat = NULL; 3076 sc->fw_map = NULL; 3077 sc->fw_physaddr = 0; 3078 sc->fw_virtaddr = NULL; 3079 } 3080 3081 /* 3082 * allocate the dma descriptor for the firmware. 3083 * Return 0 on success, 1 on error. 3084 * Must be called unlocked, protected by IWI_FLAG_FW_LOADING. 3085 */ 3086 static int 3087 iwi_init_fw_dma(struct iwi_softc *sc, int size) 3088 { 3089 if (sc->fw_dma_size >= size) 3090 return 0; 3091 if (bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 3092 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 3093 size, 1, size, 0, NULL, NULL, &sc->fw_dmat) != 0) { 3094 device_printf(sc->sc_dev, 3095 "could not create firmware DMA tag\n"); 3096 goto error; 3097 } 3098 sc->fw_flags |= IWI_FW_HAVE_DMAT; 3099 if (bus_dmamem_alloc(sc->fw_dmat, &sc->fw_virtaddr, 0, 3100 &sc->fw_map) != 0) { 3101 device_printf(sc->sc_dev, 3102 "could not allocate firmware DMA memory\n"); 3103 goto error; 3104 } 3105 sc->fw_flags |= IWI_FW_HAVE_MAP; 3106 if (bus_dmamap_load(sc->fw_dmat, sc->fw_map, sc->fw_virtaddr, 3107 size, iwi_dma_map_addr, &sc->fw_physaddr, 0) != 0) { 3108 device_printf(sc->sc_dev, "could not load firmware DMA map\n"); 3109 goto error; 3110 } 3111 sc->fw_flags |= IWI_FW_HAVE_PHY; 3112 sc->fw_dma_size = size; 3113 return 0; 3114 3115 error: 3116 iwi_release_fw_dma(sc); 3117 return 1; 3118 } 3119 3120 static void 3121 iwi_init_locked(void *priv, int force) 3122 { 3123 struct iwi_softc *sc = priv; 3124 struct ieee80211com *ic = &sc->sc_ic; 3125 struct ifnet *ifp = ic->ic_ifp; 3126 struct iwi_rx_data *data; 3127 int i; 3128 IWI_LOCK_DECL; 3129 3130 IWI_LOCK_ASSERT(sc); 3131 if (sc->fw_state == IWI_FW_LOADING) { 3132 device_printf(sc->sc_dev, "%s: already loading\n", __func__); 3133 return; /* XXX: condvar? */ 3134 } 3135 3136 iwi_stop(sc); 3137 IWI_STATE_BEGIN(sc, IWI_FW_LOADING); 3138 3139 if (iwi_reset(sc) != 0) { 3140 device_printf(sc->sc_dev, "could not reset adapter\n"); 3141 goto fail; 3142 } 3143 3144 IWI_UNLOCK(sc); 3145 if (iwi_get_firmware(sc)) { 3146 IWI_LOCK(sc); 3147 goto fail; 3148 } 3149 3150 /* allocate DMA memory for mapping firmware image */ 3151 i = sc->fw_fw.size; 3152 if (sc->fw_boot.size > i) 3153 i = sc->fw_boot.size; 3154 /* XXX do we dma the ucode as well ? */ 3155 if (sc->fw_uc.size > i) 3156 i = sc->fw_uc.size; 3157 if (iwi_init_fw_dma(sc, i)) { 3158 IWI_LOCK(sc); 3159 goto fail; 3160 } 3161 IWI_LOCK(sc); 3162 3163 if (iwi_load_firmware(sc, &sc->fw_boot) != 0) { 3164 device_printf(sc->sc_dev, 3165 "could not load boot firmware %s\n", sc->fw_boot.name); 3166 goto fail; 3167 } 3168 3169 if (iwi_load_ucode(sc, &sc->fw_uc) != 0) { 3170 device_printf(sc->sc_dev, 3171 "could not load microcode %s\n", sc->fw_uc.name); 3172 goto fail; 3173 } 3174 3175 iwi_stop_master(sc); 3176 3177 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr); 3178 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 3179 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 3180 3181 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr); 3182 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 3183 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 3184 3185 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr); 3186 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 3187 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 3188 3189 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr); 3190 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 3191 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 3192 3193 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr); 3194 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 3195 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 3196 3197 for (i = 0; i < sc->rxq.count; i++) { 3198 data = &sc->rxq.data[i]; 3199 CSR_WRITE_4(sc, data->reg, data->physaddr); 3200 } 3201 3202 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1); 3203 3204 if (iwi_load_firmware(sc, &sc->fw_fw) != 0) { 3205 device_printf(sc->sc_dev, 3206 "could not load main firmware %s\n", sc->fw_fw.name); 3207 goto fail; 3208 } 3209 sc->flags |= IWI_FLAG_FW_INITED; 3210 3211 if (iwi_config(sc) != 0) { 3212 device_printf(sc->sc_dev, "device configuration failed\n"); 3213 goto fail; 3214 } 3215 3216 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 3217 /* 3218 * NB: When restarting the adapter clock the state 3219 * machine regardless of the roaming mode; otherwise 3220 * we need to notify user apps so they can manually 3221 * get us going again. 3222 */ 3223 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL || force) 3224 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3225 } else 3226 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3227 3228 callout_reset(&sc->sc_wdtimer, hz, iwi_watchdog, sc); 3229 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3230 ifp->if_drv_flags |= IFF_DRV_RUNNING; 3231 3232 IWI_STATE_END(sc, IWI_FW_LOADING); 3233 return; 3234 3235 fail: ifp->if_flags &= ~IFF_UP; 3236 IWI_STATE_END(sc, IWI_FW_LOADING); 3237 iwi_stop(sc); 3238 iwi_put_firmware(sc); 3239 } 3240 3241 static void 3242 iwi_stop(void *priv) 3243 { 3244 struct iwi_softc *sc = priv; 3245 struct ieee80211com *ic = &sc->sc_ic; 3246 struct ifnet *ifp = ic->ic_ifp; 3247 3248 IWI_LOCK_ASSERT(sc); 3249 if (sc->sc_softled) { 3250 callout_stop(&sc->sc_ledtimer); 3251 sc->sc_blinking = 0; 3252 } 3253 3254 callout_stop(&sc->sc_wdtimer); 3255 iwi_stop_master(sc); 3256 3257 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET); 3258 3259 /* reset rings */ 3260 iwi_reset_cmd_ring(sc, &sc->cmdq); 3261 iwi_reset_tx_ring(sc, &sc->txq[0]); 3262 iwi_reset_tx_ring(sc, &sc->txq[1]); 3263 iwi_reset_tx_ring(sc, &sc->txq[2]); 3264 iwi_reset_tx_ring(sc, &sc->txq[3]); 3265 iwi_reset_rx_ring(sc, &sc->rxq); 3266 3267 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 3268 3269 memset(sc->sc_cmd, 0, sizeof(sc->sc_cmd)); 3270 sc->sc_tx_timer = 0; 3271 sc->sc_rfkill_timer = 0; 3272 sc->sc_state_timer = 0; 3273 sc->sc_busy_timer = 0; 3274 sc->flags &= ~(IWI_FLAG_BUSY | IWI_FLAG_ASSOCIATED); 3275 sc->fw_state = IWI_FW_IDLE; 3276 wakeup(sc); 3277 3278 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3279 } 3280 3281 static void 3282 iwi_restart(void *arg, int npending) 3283 { 3284 struct iwi_softc *sc = arg; 3285 IWI_LOCK_DECL; 3286 3287 IWI_LOCK(sc); 3288 iwi_init_locked(sc, 1); /* NB: force state machine */ 3289 IWI_UNLOCK(sc); 3290 } 3291 3292 /* 3293 * Return whether or not the radio is enabled in hardware 3294 * (i.e. the rfkill switch is "off"). 3295 */ 3296 static int 3297 iwi_getrfkill(struct iwi_softc *sc) 3298 { 3299 return (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) == 0; 3300 } 3301 3302 static void 3303 iwi_radio_on(void *arg, int pending) 3304 { 3305 struct iwi_softc *sc = arg; 3306 3307 device_printf(sc->sc_dev, "radio turned on\n"); 3308 iwi_init(sc); 3309 } 3310 3311 static void 3312 iwi_radio_off(void *arg, int pending) 3313 { 3314 struct iwi_softc *sc = arg; 3315 IWI_LOCK_DECL; 3316 3317 device_printf(sc->sc_dev, "radio turned off\n"); 3318 IWI_LOCK(sc); 3319 iwi_stop(sc); 3320 sc->sc_rfkill_timer = 2; 3321 IWI_UNLOCK(sc); 3322 } 3323 3324 static int 3325 iwi_sysctl_stats(SYSCTL_HANDLER_ARGS) 3326 { 3327 struct iwi_softc *sc = arg1; 3328 uint32_t size, buf[128]; 3329 3330 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 3331 memset(buf, 0, sizeof buf); 3332 return SYSCTL_OUT(req, buf, sizeof buf); 3333 } 3334 3335 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 3336 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 3337 3338 return SYSCTL_OUT(req, buf, sizeof buf); 3339 } 3340 3341 static int 3342 iwi_sysctl_radio(SYSCTL_HANDLER_ARGS) 3343 { 3344 struct iwi_softc *sc = arg1; 3345 int val = !iwi_getrfkill(sc); 3346 3347 return SYSCTL_OUT(req, &val, sizeof val); 3348 } 3349 3350 /* 3351 * Add sysctl knobs. 3352 */ 3353 static void 3354 iwi_sysctlattach(struct iwi_softc *sc) 3355 { 3356 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 3357 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 3358 3359 SYSCTL_ADD_PROC(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, "radio", 3360 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I", 3361 "radio transmitter switch state (0=off, 1=on)"); 3362 3363 SYSCTL_ADD_PROC(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, "stats", 3364 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S", 3365 "statistics"); 3366 3367 sc->bluetooth = 0; 3368 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, "bluetooth", 3369 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence"); 3370 3371 sc->antenna = IWI_ANTENNA_AUTO; 3372 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, "antenna", 3373 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)"); 3374 } 3375 3376 /* 3377 * LED support. 3378 * 3379 * Different cards have different capabilities. Some have three 3380 * led's while others have only one. The linux ipw driver defines 3381 * led's for link state (associated or not), band (11a, 11g, 11b), 3382 * and for link activity. We use one led and vary the blink rate 3383 * according to the tx/rx traffic a la the ath driver. 3384 */ 3385 3386 static __inline uint32_t 3387 iwi_toggle_event(uint32_t r) 3388 { 3389 return r &~ (IWI_RST_STANDBY | IWI_RST_GATE_ODMA | 3390 IWI_RST_GATE_IDMA | IWI_RST_GATE_ADMA); 3391 } 3392 3393 static uint32_t 3394 iwi_read_event(struct iwi_softc *sc) 3395 { 3396 return MEM_READ_4(sc, IWI_MEM_EEPROM_EVENT); 3397 } 3398 3399 static void 3400 iwi_write_event(struct iwi_softc *sc, uint32_t v) 3401 { 3402 MEM_WRITE_4(sc, IWI_MEM_EEPROM_EVENT, v); 3403 } 3404 3405 static void 3406 iwi_led_done(void *arg) 3407 { 3408 struct iwi_softc *sc = arg; 3409 3410 sc->sc_blinking = 0; 3411 } 3412 3413 /* 3414 * Turn the activity LED off: flip the pin and then set a timer so no 3415 * update will happen for the specified duration. 3416 */ 3417 static void 3418 iwi_led_off(void *arg) 3419 { 3420 struct iwi_softc *sc = arg; 3421 uint32_t v; 3422 3423 v = iwi_read_event(sc); 3424 v &= ~sc->sc_ledpin; 3425 iwi_write_event(sc, iwi_toggle_event(v)); 3426 callout_reset(&sc->sc_ledtimer, sc->sc_ledoff, iwi_led_done, sc); 3427 } 3428 3429 /* 3430 * Blink the LED according to the specified on/off times. 3431 */ 3432 static void 3433 iwi_led_blink(struct iwi_softc *sc, int on, int off) 3434 { 3435 uint32_t v; 3436 3437 v = iwi_read_event(sc); 3438 v |= sc->sc_ledpin; 3439 iwi_write_event(sc, iwi_toggle_event(v)); 3440 sc->sc_blinking = 1; 3441 sc->sc_ledoff = off; 3442 callout_reset(&sc->sc_ledtimer, on, iwi_led_off, sc); 3443 } 3444 3445 static void 3446 iwi_led_event(struct iwi_softc *sc, int event) 3447 { 3448 #define N(a) (sizeof(a)/sizeof(a[0])) 3449 /* NB: on/off times from the Atheros NDIS driver, w/ permission */ 3450 static const struct { 3451 u_int rate; /* tx/rx iwi rate */ 3452 u_int16_t timeOn; /* LED on time (ms) */ 3453 u_int16_t timeOff; /* LED off time (ms) */ 3454 } blinkrates[] = { 3455 { IWI_RATE_OFDM54, 40, 10 }, 3456 { IWI_RATE_OFDM48, 44, 11 }, 3457 { IWI_RATE_OFDM36, 50, 13 }, 3458 { IWI_RATE_OFDM24, 57, 14 }, 3459 { IWI_RATE_OFDM18, 67, 16 }, 3460 { IWI_RATE_OFDM12, 80, 20 }, 3461 { IWI_RATE_DS11, 100, 25 }, 3462 { IWI_RATE_OFDM9, 133, 34 }, 3463 { IWI_RATE_OFDM6, 160, 40 }, 3464 { IWI_RATE_DS5, 200, 50 }, 3465 { 6, 240, 58 }, /* XXX 3Mb/s if it existed */ 3466 { IWI_RATE_DS2, 267, 66 }, 3467 { IWI_RATE_DS1, 400, 100 }, 3468 { 0, 500, 130 }, /* unknown rate/polling */ 3469 }; 3470 uint32_t txrate; 3471 int j = 0; /* XXX silence compiler */ 3472 3473 sc->sc_ledevent = ticks; /* time of last event */ 3474 if (sc->sc_blinking) /* don't interrupt active blink */ 3475 return; 3476 switch (event) { 3477 case IWI_LED_POLL: 3478 j = N(blinkrates)-1; 3479 break; 3480 case IWI_LED_TX: 3481 /* read current transmission rate from adapter */ 3482 txrate = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE); 3483 if (blinkrates[sc->sc_txrix].rate != txrate) { 3484 for (j = 0; j < N(blinkrates)-1; j++) 3485 if (blinkrates[j].rate == txrate) 3486 break; 3487 sc->sc_txrix = j; 3488 } else 3489 j = sc->sc_txrix; 3490 break; 3491 case IWI_LED_RX: 3492 if (blinkrates[sc->sc_rxrix].rate != sc->sc_rxrate) { 3493 for (j = 0; j < N(blinkrates)-1; j++) 3494 if (blinkrates[j].rate == sc->sc_rxrate) 3495 break; 3496 sc->sc_rxrix = j; 3497 } else 3498 j = sc->sc_rxrix; 3499 break; 3500 } 3501 /* XXX beware of overflow */ 3502 iwi_led_blink(sc, (blinkrates[j].timeOn * hz) / 1000, 3503 (blinkrates[j].timeOff * hz) / 1000); 3504 #undef N 3505 } 3506 3507 static int 3508 iwi_sysctl_softled(SYSCTL_HANDLER_ARGS) 3509 { 3510 struct iwi_softc *sc = arg1; 3511 int softled = sc->sc_softled; 3512 int error; 3513 3514 error = sysctl_handle_int(oidp, &softled, 0, req); 3515 if (error || !req->newptr) 3516 return error; 3517 softled = (softled != 0); 3518 if (softled != sc->sc_softled) { 3519 if (softled) { 3520 uint32_t v = iwi_read_event(sc); 3521 v &= ~sc->sc_ledpin; 3522 iwi_write_event(sc, iwi_toggle_event(v)); 3523 } 3524 sc->sc_softled = softled; 3525 } 3526 return 0; 3527 } 3528 3529 static void 3530 iwi_ledattach(struct iwi_softc *sc) 3531 { 3532 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 3533 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 3534 3535 sc->sc_blinking = 0; 3536 sc->sc_ledstate = 1; 3537 sc->sc_ledidle = (2700*hz)/1000; /* 2.7sec */ 3538 callout_init_mtx(&sc->sc_ledtimer, &sc->sc_mtx, 0); 3539 3540 SYSCTL_ADD_PROC(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 3541 "softled", CTLTYPE_INT | CTLFLAG_RW, sc, 0, 3542 iwi_sysctl_softled, "I", "enable/disable software LED support"); 3543 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 3544 "ledpin", CTLFLAG_RW, &sc->sc_ledpin, 0, 3545 "pin setting to turn activity LED on"); 3546 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 3547 "ledidle", CTLFLAG_RW, &sc->sc_ledidle, 0, 3548 "idle time for inactivity LED (ticks)"); 3549 /* XXX for debugging */ 3550 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 3551 "nictype", CTLFLAG_RD, &sc->sc_nictype, 0, 3552 "NIC type from EEPROM"); 3553 3554 sc->sc_ledpin = IWI_RST_LED_ACTIVITY; 3555 sc->sc_softled = 1; 3556 3557 sc->sc_nictype = (iwi_read_prom_word(sc, IWI_EEPROM_NIC) >> 8) & 0xff; 3558 if (sc->sc_nictype == 1) { 3559 /* 3560 * NB: led's are reversed. 3561 */ 3562 sc->sc_ledpin = IWI_RST_LED_ASSOCIATED; 3563 } 3564 } 3565 3566 static void 3567 iwi_ops(void *arg, int npending) 3568 { 3569 struct iwi_softc *sc = arg; 3570 struct ieee80211com *ic = &sc->sc_ic; 3571 IWI_LOCK_DECL; 3572 int cmd; 3573 3574 again: 3575 IWI_CMD_LOCK(sc); 3576 cmd = sc->sc_cmd[sc->sc_cmd_cur]; 3577 if (cmd == 0) { 3578 /* No more commands to process */ 3579 IWI_CMD_UNLOCK(sc); 3580 return; 3581 } 3582 sc->sc_cmd[sc->sc_cmd_cur] = 0; /* free the slot */ 3583 sc->sc_cmd_cur = (sc->sc_cmd_cur + 1) % IWI_CMD_MAXOPS; 3584 IWI_CMD_UNLOCK(sc); 3585 3586 IWI_LOCK(sc); 3587 while (sc->fw_state != IWI_FW_IDLE || (sc->flags & IWI_FLAG_BUSY)) { 3588 msleep(sc, &sc->sc_mtx, 0, "iwicmd", hz/10); 3589 } 3590 3591 if (!(sc->sc_ifp->if_drv_flags & IFF_DRV_RUNNING)) { 3592 IWI_UNLOCK(sc); 3593 return; 3594 } 3595 3596 switch (cmd) { 3597 case IWI_ASSOC: 3598 iwi_auth_and_assoc(sc); 3599 break; 3600 case IWI_DISASSOC: 3601 iwi_disassociate(sc, 0); 3602 break; 3603 case IWI_SET_WME: 3604 if (ic->ic_state == IEEE80211_S_RUN) 3605 (void) iwi_wme_setparams(sc); 3606 break; 3607 case IWI_SCAN_START: 3608 sc->flags |= IWI_FLAG_CHANNEL_SCAN; 3609 break; 3610 case IWI_SCAN_CURCHAN: 3611 case IWI_SCAN_ALLCHAN: 3612 if (!(sc->flags & IWI_FLAG_CHANNEL_SCAN)) { 3613 DPRINTF(("%s: ic_scan_curchan while not scanning\n", 3614 __func__)); 3615 goto done; 3616 } 3617 if (iwi_scanchan(sc, sc->sc_maxdwell, cmd)) 3618 ieee80211_cancel_scan(ic); 3619 3620 break; 3621 } 3622 done: 3623 IWI_UNLOCK(sc); 3624 3625 /* Take another pass */ 3626 goto again; 3627 } 3628 3629 static int 3630 iwi_queue_cmd(struct iwi_softc *sc, int cmd) 3631 { 3632 IWI_CMD_LOCK(sc); 3633 if (sc->sc_cmd[sc->sc_cmd_next] != 0) { 3634 IWI_CMD_UNLOCK(sc); 3635 DPRINTF(("%s: command %d dropped\n", __func__, cmd)); 3636 return (EBUSY); 3637 } 3638 3639 sc->sc_cmd[sc->sc_cmd_next] = cmd; 3640 sc->sc_cmd_next = (sc->sc_cmd_next + 1) % IWI_CMD_MAXOPS; 3641 taskqueue_enqueue(sc->sc_tq, &sc->sc_opstask); 3642 IWI_CMD_UNLOCK(sc); 3643 return (0); 3644 } 3645 3646 static void 3647 iwi_scan_start(struct ieee80211com *ic) 3648 { 3649 struct ifnet *ifp = ic->ic_ifp; 3650 struct iwi_softc *sc = ifp->if_softc; 3651 3652 iwi_queue_cmd(sc, IWI_SCAN_START); 3653 } 3654 3655 static void 3656 iwi_set_channel(struct ieee80211com *ic) 3657 { 3658 struct ifnet *ifp = ic->ic_ifp; 3659 struct iwi_softc *sc = ifp->if_softc; 3660 if (sc->fw_state == IWI_FW_IDLE) 3661 iwi_setcurchan(sc, ic->ic_curchan->ic_ieee); 3662 } 3663 3664 static void 3665 iwi_scan_curchan(struct ieee80211com *ic, unsigned long maxdwell) 3666 { 3667 struct ifnet *ifp = ic->ic_ifp; 3668 struct iwi_softc *sc = ifp->if_softc; 3669 3670 sc->sc_maxdwell = maxdwell; 3671 iwi_queue_cmd(sc, IWI_SCAN_CURCHAN); 3672 } 3673 3674 #if 0 3675 static void 3676 iwi_scan_allchan(struct ieee80211com *ic, unsigned long maxdwell) 3677 { 3678 struct ifnet *ifp = ic->ic_ifp; 3679 struct iwi_softc *sc = ifp->if_softc; 3680 3681 sc->sc_maxdwell = maxdwell; 3682 iwi_queue_cmd(sc, IWI_SCAN_ALLCHAN); 3683 } 3684 #endif 3685 3686 static void 3687 iwi_scan_mindwell(struct ieee80211com *ic) 3688 { 3689 /* NB: don't try to abort scan; wait for firmware to finish */ 3690 } 3691 3692 static void 3693 iwi_scan_end(struct ieee80211com *ic) 3694 { 3695 struct ifnet *ifp = ic->ic_ifp; 3696 struct iwi_softc *sc = ifp->if_softc; 3697 3698 taskqueue_enqueue(sc->sc_tq2, &sc->sc_scanaborttask); 3699 } 3700 3701 static void 3702 iwi_assoc(struct ieee80211com *ic) 3703 { 3704 struct ifnet *ifp = ic->ic_ifp; 3705 struct iwi_softc *sc = ifp->if_softc; 3706 3707 /* The firmware will fail if we are already associated */ 3708 if (sc->flags & IWI_FLAG_ASSOCIATED) 3709 iwi_disassoc(ic); 3710 3711 iwi_queue_cmd(sc, IWI_ASSOC); 3712 } 3713 3714 static void 3715 iwi_disassoc(struct ieee80211com *ic) 3716 { 3717 struct ifnet *ifp = ic->ic_ifp; 3718 struct iwi_softc *sc = ifp->if_softc; 3719 3720 iwi_queue_cmd(sc, IWI_DISASSOC); 3721 } 3722