1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2007-2009 Sam Leffler, Errno Consulting 5 * Copyright (c) 2007-2008 Marvell Semiconductor, Inc. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer, 13 * without modification. 14 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 15 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 16 * redistribution must be conditioned upon including a substantially 17 * similar Disclaimer requirement for further binary redistribution. 18 * 19 * NO WARRANTY 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 23 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 24 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 25 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 28 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 30 * THE POSSIBILITY OF SUCH DAMAGES. 31 */ 32 33 #include <sys/cdefs.h> 34 __FBSDID("$FreeBSD$"); 35 36 /* 37 * Driver for the Marvell 88W8363 Wireless LAN controller. 38 */ 39 40 #include "opt_inet.h" 41 #include "opt_mwl.h" 42 #include "opt_wlan.h" 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/sysctl.h> 47 #include <sys/mbuf.h> 48 #include <sys/malloc.h> 49 #include <sys/lock.h> 50 #include <sys/mutex.h> 51 #include <sys/kernel.h> 52 #include <sys/socket.h> 53 #include <sys/sockio.h> 54 #include <sys/errno.h> 55 #include <sys/callout.h> 56 #include <sys/bus.h> 57 #include <sys/endian.h> 58 #include <sys/kthread.h> 59 #include <sys/taskqueue.h> 60 61 #include <machine/bus.h> 62 63 #include <net/if.h> 64 #include <net/if_var.h> 65 #include <net/if_dl.h> 66 #include <net/if_media.h> 67 #include <net/if_types.h> 68 #include <net/if_arp.h> 69 #include <net/ethernet.h> 70 #include <net/if_llc.h> 71 72 #include <net/bpf.h> 73 74 #include <net80211/ieee80211_var.h> 75 #include <net80211/ieee80211_input.h> 76 #include <net80211/ieee80211_regdomain.h> 77 78 #ifdef INET 79 #include <netinet/in.h> 80 #include <netinet/if_ether.h> 81 #endif /* INET */ 82 83 #include <dev/mwl/if_mwlvar.h> 84 #include <dev/mwl/mwldiag.h> 85 86 /* idiomatic shorthands: MS = mask+shift, SM = shift+mask */ 87 #define MS(v,x) (((v) & x) >> x##_S) 88 #define SM(v,x) (((v) << x##_S) & x) 89 90 static struct ieee80211vap *mwl_vap_create(struct ieee80211com *, 91 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 92 const uint8_t [IEEE80211_ADDR_LEN], 93 const uint8_t [IEEE80211_ADDR_LEN]); 94 static void mwl_vap_delete(struct ieee80211vap *); 95 static int mwl_setupdma(struct mwl_softc *); 96 static int mwl_hal_reset(struct mwl_softc *sc); 97 static int mwl_init(struct mwl_softc *); 98 static void mwl_parent(struct ieee80211com *); 99 static int mwl_reset(struct ieee80211vap *, u_long); 100 static void mwl_stop(struct mwl_softc *); 101 static void mwl_start(struct mwl_softc *); 102 static int mwl_transmit(struct ieee80211com *, struct mbuf *); 103 static int mwl_raw_xmit(struct ieee80211_node *, struct mbuf *, 104 const struct ieee80211_bpf_params *); 105 static int mwl_media_change(struct ifnet *); 106 static void mwl_watchdog(void *); 107 static int mwl_ioctl(struct ieee80211com *, u_long, void *); 108 static void mwl_radar_proc(void *, int); 109 static void mwl_chanswitch_proc(void *, int); 110 static void mwl_bawatchdog_proc(void *, int); 111 static int mwl_key_alloc(struct ieee80211vap *, 112 struct ieee80211_key *, 113 ieee80211_keyix *, ieee80211_keyix *); 114 static int mwl_key_delete(struct ieee80211vap *, 115 const struct ieee80211_key *); 116 static int mwl_key_set(struct ieee80211vap *, 117 const struct ieee80211_key *); 118 static int _mwl_key_set(struct ieee80211vap *, 119 const struct ieee80211_key *, 120 const uint8_t mac[IEEE80211_ADDR_LEN]); 121 static int mwl_mode_init(struct mwl_softc *); 122 static void mwl_update_mcast(struct ieee80211com *); 123 static void mwl_update_promisc(struct ieee80211com *); 124 static void mwl_updateslot(struct ieee80211com *); 125 static int mwl_beacon_setup(struct ieee80211vap *); 126 static void mwl_beacon_update(struct ieee80211vap *, int); 127 #ifdef MWL_HOST_PS_SUPPORT 128 static void mwl_update_ps(struct ieee80211vap *, int); 129 static int mwl_set_tim(struct ieee80211_node *, int); 130 #endif 131 static int mwl_dma_setup(struct mwl_softc *); 132 static void mwl_dma_cleanup(struct mwl_softc *); 133 static struct ieee80211_node *mwl_node_alloc(struct ieee80211vap *, 134 const uint8_t [IEEE80211_ADDR_LEN]); 135 static void mwl_node_cleanup(struct ieee80211_node *); 136 static void mwl_node_drain(struct ieee80211_node *); 137 static void mwl_node_getsignal(const struct ieee80211_node *, 138 int8_t *, int8_t *); 139 static void mwl_node_getmimoinfo(const struct ieee80211_node *, 140 struct ieee80211_mimo_info *); 141 static int mwl_rxbuf_init(struct mwl_softc *, struct mwl_rxbuf *); 142 static void mwl_rx_proc(void *, int); 143 static void mwl_txq_init(struct mwl_softc *sc, struct mwl_txq *, int); 144 static int mwl_tx_setup(struct mwl_softc *, int, int); 145 static int mwl_wme_update(struct ieee80211com *); 146 static void mwl_tx_cleanupq(struct mwl_softc *, struct mwl_txq *); 147 static void mwl_tx_cleanup(struct mwl_softc *); 148 static uint16_t mwl_calcformat(uint8_t rate, const struct ieee80211_node *); 149 static int mwl_tx_start(struct mwl_softc *, struct ieee80211_node *, 150 struct mwl_txbuf *, struct mbuf *); 151 static void mwl_tx_proc(void *, int); 152 static int mwl_chan_set(struct mwl_softc *, struct ieee80211_channel *); 153 static void mwl_draintxq(struct mwl_softc *); 154 static void mwl_cleartxq(struct mwl_softc *, struct ieee80211vap *); 155 static int mwl_recv_action(struct ieee80211_node *, 156 const struct ieee80211_frame *, 157 const uint8_t *, const uint8_t *); 158 static int mwl_addba_request(struct ieee80211_node *, 159 struct ieee80211_tx_ampdu *, int dialogtoken, 160 int baparamset, int batimeout); 161 static int mwl_addba_response(struct ieee80211_node *, 162 struct ieee80211_tx_ampdu *, int status, 163 int baparamset, int batimeout); 164 static void mwl_addba_stop(struct ieee80211_node *, 165 struct ieee80211_tx_ampdu *); 166 static int mwl_startrecv(struct mwl_softc *); 167 static MWL_HAL_APMODE mwl_getapmode(const struct ieee80211vap *, 168 struct ieee80211_channel *); 169 static int mwl_setapmode(struct ieee80211vap *, struct ieee80211_channel*); 170 static void mwl_scan_start(struct ieee80211com *); 171 static void mwl_scan_end(struct ieee80211com *); 172 static void mwl_set_channel(struct ieee80211com *); 173 static int mwl_peerstadb(struct ieee80211_node *, 174 int aid, int staid, MWL_HAL_PEERINFO *pi); 175 static int mwl_localstadb(struct ieee80211vap *); 176 static int mwl_newstate(struct ieee80211vap *, enum ieee80211_state, int); 177 static int allocstaid(struct mwl_softc *sc, int aid); 178 static void delstaid(struct mwl_softc *sc, int staid); 179 static void mwl_newassoc(struct ieee80211_node *, int); 180 static void mwl_agestations(void *); 181 static int mwl_setregdomain(struct ieee80211com *, 182 struct ieee80211_regdomain *, int, 183 struct ieee80211_channel []); 184 static void mwl_getradiocaps(struct ieee80211com *, int, int *, 185 struct ieee80211_channel []); 186 static int mwl_getchannels(struct mwl_softc *); 187 188 static void mwl_sysctlattach(struct mwl_softc *); 189 static void mwl_announce(struct mwl_softc *); 190 191 SYSCTL_NODE(_hw, OID_AUTO, mwl, CTLFLAG_RD | CTLFLAG_MPSAFE, 0, 192 "Marvell driver parameters"); 193 194 static int mwl_rxdesc = MWL_RXDESC; /* # rx desc's to allocate */ 195 SYSCTL_INT(_hw_mwl, OID_AUTO, rxdesc, CTLFLAG_RW, &mwl_rxdesc, 196 0, "rx descriptors allocated"); 197 static int mwl_rxbuf = MWL_RXBUF; /* # rx buffers to allocate */ 198 SYSCTL_INT(_hw_mwl, OID_AUTO, rxbuf, CTLFLAG_RWTUN, &mwl_rxbuf, 199 0, "rx buffers allocated"); 200 static int mwl_txbuf = MWL_TXBUF; /* # tx buffers to allocate */ 201 SYSCTL_INT(_hw_mwl, OID_AUTO, txbuf, CTLFLAG_RWTUN, &mwl_txbuf, 202 0, "tx buffers allocated"); 203 static int mwl_txcoalesce = 8; /* # tx packets to q before poking f/w*/ 204 SYSCTL_INT(_hw_mwl, OID_AUTO, txcoalesce, CTLFLAG_RWTUN, &mwl_txcoalesce, 205 0, "tx buffers to send at once"); 206 static int mwl_rxquota = MWL_RXBUF; /* # max buffers to process */ 207 SYSCTL_INT(_hw_mwl, OID_AUTO, rxquota, CTLFLAG_RWTUN, &mwl_rxquota, 208 0, "max rx buffers to process per interrupt"); 209 static int mwl_rxdmalow = 3; /* # min buffers for wakeup */ 210 SYSCTL_INT(_hw_mwl, OID_AUTO, rxdmalow, CTLFLAG_RWTUN, &mwl_rxdmalow, 211 0, "min free rx buffers before restarting traffic"); 212 213 #ifdef MWL_DEBUG 214 static int mwl_debug = 0; 215 SYSCTL_INT(_hw_mwl, OID_AUTO, debug, CTLFLAG_RWTUN, &mwl_debug, 216 0, "control debugging printfs"); 217 enum { 218 MWL_DEBUG_XMIT = 0x00000001, /* basic xmit operation */ 219 MWL_DEBUG_XMIT_DESC = 0x00000002, /* xmit descriptors */ 220 MWL_DEBUG_RECV = 0x00000004, /* basic recv operation */ 221 MWL_DEBUG_RECV_DESC = 0x00000008, /* recv descriptors */ 222 MWL_DEBUG_RESET = 0x00000010, /* reset processing */ 223 MWL_DEBUG_BEACON = 0x00000020, /* beacon handling */ 224 MWL_DEBUG_INTR = 0x00000040, /* ISR */ 225 MWL_DEBUG_TX_PROC = 0x00000080, /* tx ISR proc */ 226 MWL_DEBUG_RX_PROC = 0x00000100, /* rx ISR proc */ 227 MWL_DEBUG_KEYCACHE = 0x00000200, /* key cache management */ 228 MWL_DEBUG_STATE = 0x00000400, /* 802.11 state transitions */ 229 MWL_DEBUG_NODE = 0x00000800, /* node management */ 230 MWL_DEBUG_RECV_ALL = 0x00001000, /* trace all frames (beacons) */ 231 MWL_DEBUG_TSO = 0x00002000, /* TSO processing */ 232 MWL_DEBUG_AMPDU = 0x00004000, /* BA stream handling */ 233 MWL_DEBUG_ANY = 0xffffffff 234 }; 235 #define IS_BEACON(wh) \ 236 ((wh->i_fc[0] & (IEEE80211_FC0_TYPE_MASK|IEEE80211_FC0_SUBTYPE_MASK)) == \ 237 (IEEE80211_FC0_TYPE_MGT|IEEE80211_FC0_SUBTYPE_BEACON)) 238 #define IFF_DUMPPKTS_RECV(sc, wh) \ 239 ((sc->sc_debug & MWL_DEBUG_RECV) && \ 240 ((sc->sc_debug & MWL_DEBUG_RECV_ALL) || !IS_BEACON(wh))) 241 #define IFF_DUMPPKTS_XMIT(sc) \ 242 (sc->sc_debug & MWL_DEBUG_XMIT) 243 244 #define DPRINTF(sc, m, fmt, ...) do { \ 245 if (sc->sc_debug & (m)) \ 246 printf(fmt, __VA_ARGS__); \ 247 } while (0) 248 #define KEYPRINTF(sc, hk, mac) do { \ 249 if (sc->sc_debug & MWL_DEBUG_KEYCACHE) \ 250 mwl_keyprint(sc, __func__, hk, mac); \ 251 } while (0) 252 static void mwl_printrxbuf(const struct mwl_rxbuf *bf, u_int ix); 253 static void mwl_printtxbuf(const struct mwl_txbuf *bf, u_int qnum, u_int ix); 254 #else 255 #define IFF_DUMPPKTS_RECV(sc, wh) 0 256 #define IFF_DUMPPKTS_XMIT(sc) 0 257 #define DPRINTF(sc, m, fmt, ...) do { (void )sc; } while (0) 258 #define KEYPRINTF(sc, k, mac) do { (void )sc; } while (0) 259 #endif 260 261 static MALLOC_DEFINE(M_MWLDEV, "mwldev", "mwl driver dma buffers"); 262 263 /* 264 * Each packet has fixed front matter: a 2-byte length 265 * of the payload, followed by a 4-address 802.11 header 266 * (regardless of the actual header and always w/o any 267 * QoS header). The payload then follows. 268 */ 269 struct mwltxrec { 270 uint16_t fwlen; 271 struct ieee80211_frame_addr4 wh; 272 } __packed; 273 274 /* 275 * Read/Write shorthands for accesses to BAR 0. Note 276 * that all BAR 1 operations are done in the "hal" and 277 * there should be no reference to them here. 278 */ 279 #ifdef MWL_DEBUG 280 static __inline uint32_t 281 RD4(struct mwl_softc *sc, bus_size_t off) 282 { 283 return bus_space_read_4(sc->sc_io0t, sc->sc_io0h, off); 284 } 285 #endif 286 287 static __inline void 288 WR4(struct mwl_softc *sc, bus_size_t off, uint32_t val) 289 { 290 bus_space_write_4(sc->sc_io0t, sc->sc_io0h, off, val); 291 } 292 293 int 294 mwl_attach(uint16_t devid, struct mwl_softc *sc) 295 { 296 struct ieee80211com *ic = &sc->sc_ic; 297 struct mwl_hal *mh; 298 int error = 0; 299 300 DPRINTF(sc, MWL_DEBUG_ANY, "%s: devid 0x%x\n", __func__, devid); 301 302 /* 303 * Setup the RX free list lock early, so it can be consistently 304 * removed. 305 */ 306 MWL_RXFREE_INIT(sc); 307 308 mh = mwl_hal_attach(sc->sc_dev, devid, 309 sc->sc_io1h, sc->sc_io1t, sc->sc_dmat); 310 if (mh == NULL) { 311 device_printf(sc->sc_dev, "unable to attach HAL\n"); 312 error = EIO; 313 goto bad; 314 } 315 sc->sc_mh = mh; 316 /* 317 * Load firmware so we can get setup. We arbitrarily 318 * pick station firmware; we'll re-load firmware as 319 * needed so setting up the wrong mode isn't a big deal. 320 */ 321 if (mwl_hal_fwload(mh, NULL) != 0) { 322 device_printf(sc->sc_dev, "unable to setup builtin firmware\n"); 323 error = EIO; 324 goto bad1; 325 } 326 if (mwl_hal_gethwspecs(mh, &sc->sc_hwspecs) != 0) { 327 device_printf(sc->sc_dev, "unable to fetch h/w specs\n"); 328 error = EIO; 329 goto bad1; 330 } 331 error = mwl_getchannels(sc); 332 if (error != 0) 333 goto bad1; 334 335 sc->sc_txantenna = 0; /* h/w default */ 336 sc->sc_rxantenna = 0; /* h/w default */ 337 sc->sc_invalid = 0; /* ready to go, enable int handling */ 338 sc->sc_ageinterval = MWL_AGEINTERVAL; 339 340 /* 341 * Allocate tx+rx descriptors and populate the lists. 342 * We immediately push the information to the firmware 343 * as otherwise it gets upset. 344 */ 345 error = mwl_dma_setup(sc); 346 if (error != 0) { 347 device_printf(sc->sc_dev, "failed to setup descriptors: %d\n", 348 error); 349 goto bad1; 350 } 351 error = mwl_setupdma(sc); /* push to firmware */ 352 if (error != 0) /* NB: mwl_setupdma prints msg */ 353 goto bad1; 354 355 callout_init(&sc->sc_timer, 1); 356 callout_init_mtx(&sc->sc_watchdog, &sc->sc_mtx, 0); 357 mbufq_init(&sc->sc_snd, ifqmaxlen); 358 359 sc->sc_tq = taskqueue_create("mwl_taskq", M_NOWAIT, 360 taskqueue_thread_enqueue, &sc->sc_tq); 361 taskqueue_start_threads(&sc->sc_tq, 1, PI_NET, 362 "%s taskq", device_get_nameunit(sc->sc_dev)); 363 364 NET_TASK_INIT(&sc->sc_rxtask, 0, mwl_rx_proc, sc); 365 TASK_INIT(&sc->sc_radartask, 0, mwl_radar_proc, sc); 366 TASK_INIT(&sc->sc_chanswitchtask, 0, mwl_chanswitch_proc, sc); 367 TASK_INIT(&sc->sc_bawatchdogtask, 0, mwl_bawatchdog_proc, sc); 368 369 /* NB: insure BK queue is the lowest priority h/w queue */ 370 if (!mwl_tx_setup(sc, WME_AC_BK, MWL_WME_AC_BK)) { 371 device_printf(sc->sc_dev, 372 "unable to setup xmit queue for %s traffic!\n", 373 ieee80211_wme_acnames[WME_AC_BK]); 374 error = EIO; 375 goto bad2; 376 } 377 if (!mwl_tx_setup(sc, WME_AC_BE, MWL_WME_AC_BE) || 378 !mwl_tx_setup(sc, WME_AC_VI, MWL_WME_AC_VI) || 379 !mwl_tx_setup(sc, WME_AC_VO, MWL_WME_AC_VO)) { 380 /* 381 * Not enough hardware tx queues to properly do WME; 382 * just punt and assign them all to the same h/w queue. 383 * We could do a better job of this if, for example, 384 * we allocate queues when we switch from station to 385 * AP mode. 386 */ 387 if (sc->sc_ac2q[WME_AC_VI] != NULL) 388 mwl_tx_cleanupq(sc, sc->sc_ac2q[WME_AC_VI]); 389 if (sc->sc_ac2q[WME_AC_BE] != NULL) 390 mwl_tx_cleanupq(sc, sc->sc_ac2q[WME_AC_BE]); 391 sc->sc_ac2q[WME_AC_BE] = sc->sc_ac2q[WME_AC_BK]; 392 sc->sc_ac2q[WME_AC_VI] = sc->sc_ac2q[WME_AC_BK]; 393 sc->sc_ac2q[WME_AC_VO] = sc->sc_ac2q[WME_AC_BK]; 394 } 395 TASK_INIT(&sc->sc_txtask, 0, mwl_tx_proc, sc); 396 397 ic->ic_softc = sc; 398 ic->ic_name = device_get_nameunit(sc->sc_dev); 399 /* XXX not right but it's not used anywhere important */ 400 ic->ic_phytype = IEEE80211_T_OFDM; 401 ic->ic_opmode = IEEE80211_M_STA; 402 ic->ic_caps = 403 IEEE80211_C_STA /* station mode supported */ 404 | IEEE80211_C_HOSTAP /* hostap mode */ 405 | IEEE80211_C_MONITOR /* monitor mode */ 406 #if 0 407 | IEEE80211_C_IBSS /* ibss, nee adhoc, mode */ 408 | IEEE80211_C_AHDEMO /* adhoc demo mode */ 409 #endif 410 | IEEE80211_C_MBSS /* mesh point link mode */ 411 | IEEE80211_C_WDS /* WDS supported */ 412 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 413 | IEEE80211_C_SHSLOT /* short slot time supported */ 414 | IEEE80211_C_WME /* WME/WMM supported */ 415 | IEEE80211_C_BURST /* xmit bursting supported */ 416 | IEEE80211_C_WPA /* capable of WPA1+WPA2 */ 417 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 418 | IEEE80211_C_TXFRAG /* handle tx frags */ 419 | IEEE80211_C_TXPMGT /* capable of txpow mgt */ 420 | IEEE80211_C_DFS /* DFS supported */ 421 ; 422 423 ic->ic_htcaps = 424 IEEE80211_HTCAP_SMPS_ENA /* SM PS mode enabled */ 425 | IEEE80211_HTCAP_CHWIDTH40 /* 40MHz channel width */ 426 | IEEE80211_HTCAP_SHORTGI20 /* short GI in 20MHz */ 427 | IEEE80211_HTCAP_SHORTGI40 /* short GI in 40MHz */ 428 | IEEE80211_HTCAP_RXSTBC_2STREAM/* 1-2 spatial streams */ 429 #if MWL_AGGR_SIZE == 7935 430 | IEEE80211_HTCAP_MAXAMSDU_7935 /* max A-MSDU length */ 431 #else 432 | IEEE80211_HTCAP_MAXAMSDU_3839 /* max A-MSDU length */ 433 #endif 434 #if 0 435 | IEEE80211_HTCAP_PSMP /* PSMP supported */ 436 | IEEE80211_HTCAP_40INTOLERANT /* 40MHz intolerant */ 437 #endif 438 /* s/w capabilities */ 439 | IEEE80211_HTC_HT /* HT operation */ 440 | IEEE80211_HTC_AMPDU /* tx A-MPDU */ 441 | IEEE80211_HTC_AMSDU /* tx A-MSDU */ 442 | IEEE80211_HTC_SMPS /* SMPS available */ 443 ; 444 445 /* 446 * Mark h/w crypto support. 447 * XXX no way to query h/w support. 448 */ 449 ic->ic_cryptocaps |= IEEE80211_CRYPTO_WEP 450 | IEEE80211_CRYPTO_AES_CCM 451 | IEEE80211_CRYPTO_TKIP 452 | IEEE80211_CRYPTO_TKIPMIC 453 ; 454 /* 455 * Transmit requires space in the packet for a special 456 * format transmit record and optional padding between 457 * this record and the payload. Ask the net80211 layer 458 * to arrange this when encapsulating packets so we can 459 * add it efficiently. 460 */ 461 ic->ic_headroom = sizeof(struct mwltxrec) - 462 sizeof(struct ieee80211_frame); 463 464 IEEE80211_ADDR_COPY(ic->ic_macaddr, sc->sc_hwspecs.macAddr); 465 466 /* call MI attach routine. */ 467 ieee80211_ifattach(ic); 468 ic->ic_setregdomain = mwl_setregdomain; 469 ic->ic_getradiocaps = mwl_getradiocaps; 470 /* override default methods */ 471 ic->ic_raw_xmit = mwl_raw_xmit; 472 ic->ic_newassoc = mwl_newassoc; 473 ic->ic_updateslot = mwl_updateslot; 474 ic->ic_update_mcast = mwl_update_mcast; 475 ic->ic_update_promisc = mwl_update_promisc; 476 ic->ic_wme.wme_update = mwl_wme_update; 477 ic->ic_transmit = mwl_transmit; 478 ic->ic_ioctl = mwl_ioctl; 479 ic->ic_parent = mwl_parent; 480 481 ic->ic_node_alloc = mwl_node_alloc; 482 sc->sc_node_cleanup = ic->ic_node_cleanup; 483 ic->ic_node_cleanup = mwl_node_cleanup; 484 sc->sc_node_drain = ic->ic_node_drain; 485 ic->ic_node_drain = mwl_node_drain; 486 ic->ic_node_getsignal = mwl_node_getsignal; 487 ic->ic_node_getmimoinfo = mwl_node_getmimoinfo; 488 489 ic->ic_scan_start = mwl_scan_start; 490 ic->ic_scan_end = mwl_scan_end; 491 ic->ic_set_channel = mwl_set_channel; 492 493 sc->sc_recv_action = ic->ic_recv_action; 494 ic->ic_recv_action = mwl_recv_action; 495 sc->sc_addba_request = ic->ic_addba_request; 496 ic->ic_addba_request = mwl_addba_request; 497 sc->sc_addba_response = ic->ic_addba_response; 498 ic->ic_addba_response = mwl_addba_response; 499 sc->sc_addba_stop = ic->ic_addba_stop; 500 ic->ic_addba_stop = mwl_addba_stop; 501 502 ic->ic_vap_create = mwl_vap_create; 503 ic->ic_vap_delete = mwl_vap_delete; 504 505 ieee80211_radiotap_attach(ic, 506 &sc->sc_tx_th.wt_ihdr, sizeof(sc->sc_tx_th), 507 MWL_TX_RADIOTAP_PRESENT, 508 &sc->sc_rx_th.wr_ihdr, sizeof(sc->sc_rx_th), 509 MWL_RX_RADIOTAP_PRESENT); 510 /* 511 * Setup dynamic sysctl's now that country code and 512 * regdomain are available from the hal. 513 */ 514 mwl_sysctlattach(sc); 515 516 if (bootverbose) 517 ieee80211_announce(ic); 518 mwl_announce(sc); 519 return 0; 520 bad2: 521 mwl_dma_cleanup(sc); 522 bad1: 523 mwl_hal_detach(mh); 524 bad: 525 MWL_RXFREE_DESTROY(sc); 526 sc->sc_invalid = 1; 527 return error; 528 } 529 530 int 531 mwl_detach(struct mwl_softc *sc) 532 { 533 struct ieee80211com *ic = &sc->sc_ic; 534 535 MWL_LOCK(sc); 536 mwl_stop(sc); 537 MWL_UNLOCK(sc); 538 /* 539 * NB: the order of these is important: 540 * o call the 802.11 layer before detaching the hal to 541 * insure callbacks into the driver to delete global 542 * key cache entries can be handled 543 * o reclaim the tx queue data structures after calling 544 * the 802.11 layer as we'll get called back to reclaim 545 * node state and potentially want to use them 546 * o to cleanup the tx queues the hal is called, so detach 547 * it last 548 * Other than that, it's straightforward... 549 */ 550 ieee80211_ifdetach(ic); 551 callout_drain(&sc->sc_watchdog); 552 mwl_dma_cleanup(sc); 553 MWL_RXFREE_DESTROY(sc); 554 mwl_tx_cleanup(sc); 555 mwl_hal_detach(sc->sc_mh); 556 mbufq_drain(&sc->sc_snd); 557 558 return 0; 559 } 560 561 /* 562 * MAC address handling for multiple BSS on the same radio. 563 * The first vap uses the MAC address from the EEPROM. For 564 * subsequent vap's we set the U/L bit (bit 1) in the MAC 565 * address and use the next six bits as an index. 566 */ 567 static void 568 assign_address(struct mwl_softc *sc, uint8_t mac[IEEE80211_ADDR_LEN], int clone) 569 { 570 int i; 571 572 if (clone && mwl_hal_ismbsscapable(sc->sc_mh)) { 573 /* NB: we only do this if h/w supports multiple bssid */ 574 for (i = 0; i < 32; i++) 575 if ((sc->sc_bssidmask & (1<<i)) == 0) 576 break; 577 if (i != 0) 578 mac[0] |= (i << 2)|0x2; 579 } else 580 i = 0; 581 sc->sc_bssidmask |= 1<<i; 582 if (i == 0) 583 sc->sc_nbssid0++; 584 } 585 586 static void 587 reclaim_address(struct mwl_softc *sc, const uint8_t mac[IEEE80211_ADDR_LEN]) 588 { 589 int i = mac[0] >> 2; 590 if (i != 0 || --sc->sc_nbssid0 == 0) 591 sc->sc_bssidmask &= ~(1<<i); 592 } 593 594 static struct ieee80211vap * 595 mwl_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 596 enum ieee80211_opmode opmode, int flags, 597 const uint8_t bssid[IEEE80211_ADDR_LEN], 598 const uint8_t mac0[IEEE80211_ADDR_LEN]) 599 { 600 struct mwl_softc *sc = ic->ic_softc; 601 struct mwl_hal *mh = sc->sc_mh; 602 struct ieee80211vap *vap, *apvap; 603 struct mwl_hal_vap *hvap; 604 struct mwl_vap *mvp; 605 uint8_t mac[IEEE80211_ADDR_LEN]; 606 607 IEEE80211_ADDR_COPY(mac, mac0); 608 switch (opmode) { 609 case IEEE80211_M_HOSTAP: 610 case IEEE80211_M_MBSS: 611 if ((flags & IEEE80211_CLONE_MACADDR) == 0) 612 assign_address(sc, mac, flags & IEEE80211_CLONE_BSSID); 613 hvap = mwl_hal_newvap(mh, MWL_HAL_AP, mac); 614 if (hvap == NULL) { 615 if ((flags & IEEE80211_CLONE_MACADDR) == 0) 616 reclaim_address(sc, mac); 617 return NULL; 618 } 619 break; 620 case IEEE80211_M_STA: 621 if ((flags & IEEE80211_CLONE_MACADDR) == 0) 622 assign_address(sc, mac, flags & IEEE80211_CLONE_BSSID); 623 hvap = mwl_hal_newvap(mh, MWL_HAL_STA, mac); 624 if (hvap == NULL) { 625 if ((flags & IEEE80211_CLONE_MACADDR) == 0) 626 reclaim_address(sc, mac); 627 return NULL; 628 } 629 /* no h/w beacon miss support; always use s/w */ 630 flags |= IEEE80211_CLONE_NOBEACONS; 631 break; 632 case IEEE80211_M_WDS: 633 hvap = NULL; /* NB: we use associated AP vap */ 634 if (sc->sc_napvaps == 0) 635 return NULL; /* no existing AP vap */ 636 break; 637 case IEEE80211_M_MONITOR: 638 hvap = NULL; 639 break; 640 case IEEE80211_M_IBSS: 641 case IEEE80211_M_AHDEMO: 642 default: 643 return NULL; 644 } 645 646 mvp = malloc(sizeof(struct mwl_vap), M_80211_VAP, M_WAITOK | M_ZERO); 647 mvp->mv_hvap = hvap; 648 if (opmode == IEEE80211_M_WDS) { 649 /* 650 * WDS vaps must have an associated AP vap; find one. 651 * XXX not right. 652 */ 653 TAILQ_FOREACH(apvap, &ic->ic_vaps, iv_next) 654 if (apvap->iv_opmode == IEEE80211_M_HOSTAP) { 655 mvp->mv_ap_hvap = MWL_VAP(apvap)->mv_hvap; 656 break; 657 } 658 KASSERT(mvp->mv_ap_hvap != NULL, ("no ap vap")); 659 } 660 vap = &mvp->mv_vap; 661 ieee80211_vap_setup(ic, vap, name, unit, opmode, flags, bssid); 662 /* override with driver methods */ 663 mvp->mv_newstate = vap->iv_newstate; 664 vap->iv_newstate = mwl_newstate; 665 vap->iv_max_keyix = 0; /* XXX */ 666 vap->iv_key_alloc = mwl_key_alloc; 667 vap->iv_key_delete = mwl_key_delete; 668 vap->iv_key_set = mwl_key_set; 669 #ifdef MWL_HOST_PS_SUPPORT 670 if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_MBSS) { 671 vap->iv_update_ps = mwl_update_ps; 672 mvp->mv_set_tim = vap->iv_set_tim; 673 vap->iv_set_tim = mwl_set_tim; 674 } 675 #endif 676 vap->iv_reset = mwl_reset; 677 vap->iv_update_beacon = mwl_beacon_update; 678 679 /* override max aid so sta's cannot assoc when we're out of sta id's */ 680 vap->iv_max_aid = MWL_MAXSTAID; 681 /* override default A-MPDU rx parameters */ 682 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K; 683 vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_4; 684 685 /* complete setup */ 686 ieee80211_vap_attach(vap, mwl_media_change, ieee80211_media_status, 687 mac); 688 689 switch (vap->iv_opmode) { 690 case IEEE80211_M_HOSTAP: 691 case IEEE80211_M_MBSS: 692 case IEEE80211_M_STA: 693 /* 694 * Setup sta db entry for local address. 695 */ 696 mwl_localstadb(vap); 697 if (vap->iv_opmode == IEEE80211_M_HOSTAP || 698 vap->iv_opmode == IEEE80211_M_MBSS) 699 sc->sc_napvaps++; 700 else 701 sc->sc_nstavaps++; 702 break; 703 case IEEE80211_M_WDS: 704 sc->sc_nwdsvaps++; 705 break; 706 default: 707 break; 708 } 709 /* 710 * Setup overall operating mode. 711 */ 712 if (sc->sc_napvaps) 713 ic->ic_opmode = IEEE80211_M_HOSTAP; 714 else if (sc->sc_nstavaps) 715 ic->ic_opmode = IEEE80211_M_STA; 716 else 717 ic->ic_opmode = opmode; 718 719 return vap; 720 } 721 722 static void 723 mwl_vap_delete(struct ieee80211vap *vap) 724 { 725 struct mwl_vap *mvp = MWL_VAP(vap); 726 struct mwl_softc *sc = vap->iv_ic->ic_softc; 727 struct mwl_hal *mh = sc->sc_mh; 728 struct mwl_hal_vap *hvap = mvp->mv_hvap; 729 enum ieee80211_opmode opmode = vap->iv_opmode; 730 731 /* XXX disallow ap vap delete if WDS still present */ 732 if (sc->sc_running) { 733 /* quiesce h/w while we remove the vap */ 734 mwl_hal_intrset(mh, 0); /* disable interrupts */ 735 } 736 ieee80211_vap_detach(vap); 737 switch (opmode) { 738 case IEEE80211_M_HOSTAP: 739 case IEEE80211_M_MBSS: 740 case IEEE80211_M_STA: 741 KASSERT(hvap != NULL, ("no hal vap handle")); 742 (void) mwl_hal_delstation(hvap, vap->iv_myaddr); 743 mwl_hal_delvap(hvap); 744 if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_MBSS) 745 sc->sc_napvaps--; 746 else 747 sc->sc_nstavaps--; 748 /* XXX don't do it for IEEE80211_CLONE_MACADDR */ 749 reclaim_address(sc, vap->iv_myaddr); 750 break; 751 case IEEE80211_M_WDS: 752 sc->sc_nwdsvaps--; 753 break; 754 default: 755 break; 756 } 757 mwl_cleartxq(sc, vap); 758 free(mvp, M_80211_VAP); 759 if (sc->sc_running) 760 mwl_hal_intrset(mh, sc->sc_imask); 761 } 762 763 void 764 mwl_suspend(struct mwl_softc *sc) 765 { 766 767 MWL_LOCK(sc); 768 mwl_stop(sc); 769 MWL_UNLOCK(sc); 770 } 771 772 void 773 mwl_resume(struct mwl_softc *sc) 774 { 775 int error = EDOOFUS; 776 777 MWL_LOCK(sc); 778 if (sc->sc_ic.ic_nrunning > 0) 779 error = mwl_init(sc); 780 MWL_UNLOCK(sc); 781 782 if (error == 0) 783 ieee80211_start_all(&sc->sc_ic); /* start all vap's */ 784 } 785 786 void 787 mwl_shutdown(void *arg) 788 { 789 struct mwl_softc *sc = arg; 790 791 MWL_LOCK(sc); 792 mwl_stop(sc); 793 MWL_UNLOCK(sc); 794 } 795 796 /* 797 * Interrupt handler. Most of the actual processing is deferred. 798 */ 799 void 800 mwl_intr(void *arg) 801 { 802 struct mwl_softc *sc = arg; 803 struct mwl_hal *mh = sc->sc_mh; 804 uint32_t status; 805 806 if (sc->sc_invalid) { 807 /* 808 * The hardware is not ready/present, don't touch anything. 809 * Note this can happen early on if the IRQ is shared. 810 */ 811 DPRINTF(sc, MWL_DEBUG_ANY, "%s: invalid; ignored\n", __func__); 812 return; 813 } 814 /* 815 * Figure out the reason(s) for the interrupt. 816 */ 817 mwl_hal_getisr(mh, &status); /* NB: clears ISR too */ 818 if (status == 0) /* must be a shared irq */ 819 return; 820 821 DPRINTF(sc, MWL_DEBUG_INTR, "%s: status 0x%x imask 0x%x\n", 822 __func__, status, sc->sc_imask); 823 if (status & MACREG_A2HRIC_BIT_RX_RDY) 824 taskqueue_enqueue(sc->sc_tq, &sc->sc_rxtask); 825 if (status & MACREG_A2HRIC_BIT_TX_DONE) 826 taskqueue_enqueue(sc->sc_tq, &sc->sc_txtask); 827 if (status & MACREG_A2HRIC_BIT_BA_WATCHDOG) 828 taskqueue_enqueue(sc->sc_tq, &sc->sc_bawatchdogtask); 829 if (status & MACREG_A2HRIC_BIT_OPC_DONE) 830 mwl_hal_cmddone(mh); 831 if (status & MACREG_A2HRIC_BIT_MAC_EVENT) { 832 ; 833 } 834 if (status & MACREG_A2HRIC_BIT_ICV_ERROR) { 835 /* TKIP ICV error */ 836 sc->sc_stats.mst_rx_badtkipicv++; 837 } 838 if (status & MACREG_A2HRIC_BIT_QUEUE_EMPTY) { 839 /* 11n aggregation queue is empty, re-fill */ 840 ; 841 } 842 if (status & MACREG_A2HRIC_BIT_QUEUE_FULL) { 843 ; 844 } 845 if (status & MACREG_A2HRIC_BIT_RADAR_DETECT) { 846 /* radar detected, process event */ 847 taskqueue_enqueue(sc->sc_tq, &sc->sc_radartask); 848 } 849 if (status & MACREG_A2HRIC_BIT_CHAN_SWITCH) { 850 /* DFS channel switch */ 851 taskqueue_enqueue(sc->sc_tq, &sc->sc_chanswitchtask); 852 } 853 } 854 855 static void 856 mwl_radar_proc(void *arg, int pending) 857 { 858 struct mwl_softc *sc = arg; 859 struct ieee80211com *ic = &sc->sc_ic; 860 861 DPRINTF(sc, MWL_DEBUG_ANY, "%s: radar detected, pending %u\n", 862 __func__, pending); 863 864 sc->sc_stats.mst_radardetect++; 865 /* XXX stop h/w BA streams? */ 866 867 IEEE80211_LOCK(ic); 868 ieee80211_dfs_notify_radar(ic, ic->ic_curchan); 869 IEEE80211_UNLOCK(ic); 870 } 871 872 static void 873 mwl_chanswitch_proc(void *arg, int pending) 874 { 875 struct mwl_softc *sc = arg; 876 struct ieee80211com *ic = &sc->sc_ic; 877 878 DPRINTF(sc, MWL_DEBUG_ANY, "%s: channel switch notice, pending %u\n", 879 __func__, pending); 880 881 IEEE80211_LOCK(ic); 882 sc->sc_csapending = 0; 883 ieee80211_csa_completeswitch(ic); 884 IEEE80211_UNLOCK(ic); 885 } 886 887 static void 888 mwl_bawatchdog(const MWL_HAL_BASTREAM *sp) 889 { 890 struct ieee80211_node *ni = sp->data[0]; 891 892 /* send DELBA and drop the stream */ 893 ieee80211_ampdu_stop(ni, sp->data[1], IEEE80211_REASON_UNSPECIFIED); 894 } 895 896 static void 897 mwl_bawatchdog_proc(void *arg, int pending) 898 { 899 struct mwl_softc *sc = arg; 900 struct mwl_hal *mh = sc->sc_mh; 901 const MWL_HAL_BASTREAM *sp; 902 uint8_t bitmap, n; 903 904 sc->sc_stats.mst_bawatchdog++; 905 906 if (mwl_hal_getwatchdogbitmap(mh, &bitmap) != 0) { 907 DPRINTF(sc, MWL_DEBUG_AMPDU, 908 "%s: could not get bitmap\n", __func__); 909 sc->sc_stats.mst_bawatchdog_failed++; 910 return; 911 } 912 DPRINTF(sc, MWL_DEBUG_AMPDU, "%s: bitmap 0x%x\n", __func__, bitmap); 913 if (bitmap == 0xff) { 914 n = 0; 915 /* disable all ba streams */ 916 for (bitmap = 0; bitmap < 8; bitmap++) { 917 sp = mwl_hal_bastream_lookup(mh, bitmap); 918 if (sp != NULL) { 919 mwl_bawatchdog(sp); 920 n++; 921 } 922 } 923 if (n == 0) { 924 DPRINTF(sc, MWL_DEBUG_AMPDU, 925 "%s: no BA streams found\n", __func__); 926 sc->sc_stats.mst_bawatchdog_empty++; 927 } 928 } else if (bitmap != 0xaa) { 929 /* disable a single ba stream */ 930 sp = mwl_hal_bastream_lookup(mh, bitmap); 931 if (sp != NULL) { 932 mwl_bawatchdog(sp); 933 } else { 934 DPRINTF(sc, MWL_DEBUG_AMPDU, 935 "%s: no BA stream %d\n", __func__, bitmap); 936 sc->sc_stats.mst_bawatchdog_notfound++; 937 } 938 } 939 } 940 941 /* 942 * Convert net80211 channel to a HAL channel. 943 */ 944 static void 945 mwl_mapchan(MWL_HAL_CHANNEL *hc, const struct ieee80211_channel *chan) 946 { 947 hc->channel = chan->ic_ieee; 948 949 *(uint32_t *)&hc->channelFlags = 0; 950 if (IEEE80211_IS_CHAN_2GHZ(chan)) 951 hc->channelFlags.FreqBand = MWL_FREQ_BAND_2DOT4GHZ; 952 else if (IEEE80211_IS_CHAN_5GHZ(chan)) 953 hc->channelFlags.FreqBand = MWL_FREQ_BAND_5GHZ; 954 if (IEEE80211_IS_CHAN_HT40(chan)) { 955 hc->channelFlags.ChnlWidth = MWL_CH_40_MHz_WIDTH; 956 if (IEEE80211_IS_CHAN_HT40U(chan)) 957 hc->channelFlags.ExtChnlOffset = MWL_EXT_CH_ABOVE_CTRL_CH; 958 else 959 hc->channelFlags.ExtChnlOffset = MWL_EXT_CH_BELOW_CTRL_CH; 960 } else 961 hc->channelFlags.ChnlWidth = MWL_CH_20_MHz_WIDTH; 962 /* XXX 10MHz channels */ 963 } 964 965 /* 966 * Inform firmware of our tx/rx dma setup. The BAR 0 967 * writes below are for compatibility with older firmware. 968 * For current firmware we send this information with a 969 * cmd block via mwl_hal_sethwdma. 970 */ 971 static int 972 mwl_setupdma(struct mwl_softc *sc) 973 { 974 int error, i; 975 976 sc->sc_hwdma.rxDescRead = sc->sc_rxdma.dd_desc_paddr; 977 WR4(sc, sc->sc_hwspecs.rxDescRead, sc->sc_hwdma.rxDescRead); 978 WR4(sc, sc->sc_hwspecs.rxDescWrite, sc->sc_hwdma.rxDescRead); 979 980 for (i = 0; i < MWL_NUM_TX_QUEUES-MWL_NUM_ACK_QUEUES; i++) { 981 struct mwl_txq *txq = &sc->sc_txq[i]; 982 sc->sc_hwdma.wcbBase[i] = txq->dma.dd_desc_paddr; 983 WR4(sc, sc->sc_hwspecs.wcbBase[i], sc->sc_hwdma.wcbBase[i]); 984 } 985 sc->sc_hwdma.maxNumTxWcb = mwl_txbuf; 986 sc->sc_hwdma.maxNumWCB = MWL_NUM_TX_QUEUES-MWL_NUM_ACK_QUEUES; 987 988 error = mwl_hal_sethwdma(sc->sc_mh, &sc->sc_hwdma); 989 if (error != 0) { 990 device_printf(sc->sc_dev, 991 "unable to setup tx/rx dma; hal status %u\n", error); 992 /* XXX */ 993 } 994 return error; 995 } 996 997 /* 998 * Inform firmware of tx rate parameters. 999 * Called after a channel change. 1000 */ 1001 static int 1002 mwl_setcurchanrates(struct mwl_softc *sc) 1003 { 1004 struct ieee80211com *ic = &sc->sc_ic; 1005 const struct ieee80211_rateset *rs; 1006 MWL_HAL_TXRATE rates; 1007 1008 memset(&rates, 0, sizeof(rates)); 1009 rs = ieee80211_get_suprates(ic, ic->ic_curchan); 1010 /* rate used to send management frames */ 1011 rates.MgtRate = rs->rs_rates[0] & IEEE80211_RATE_VAL; 1012 /* rate used to send multicast frames */ 1013 rates.McastRate = rates.MgtRate; 1014 1015 return mwl_hal_settxrate_auto(sc->sc_mh, &rates); 1016 } 1017 1018 /* 1019 * Inform firmware of tx rate parameters. Called whenever 1020 * user-settable params change and after a channel change. 1021 */ 1022 static int 1023 mwl_setrates(struct ieee80211vap *vap) 1024 { 1025 struct mwl_vap *mvp = MWL_VAP(vap); 1026 struct ieee80211_node *ni = vap->iv_bss; 1027 const struct ieee80211_txparam *tp = ni->ni_txparms; 1028 MWL_HAL_TXRATE rates; 1029 1030 KASSERT(vap->iv_state == IEEE80211_S_RUN, ("state %d", vap->iv_state)); 1031 1032 /* 1033 * Update the h/w rate map. 1034 * NB: 0x80 for MCS is passed through unchanged 1035 */ 1036 memset(&rates, 0, sizeof(rates)); 1037 /* rate used to send management frames */ 1038 rates.MgtRate = tp->mgmtrate; 1039 /* rate used to send multicast frames */ 1040 rates.McastRate = tp->mcastrate; 1041 1042 /* while here calculate EAPOL fixed rate cookie */ 1043 mvp->mv_eapolformat = htole16(mwl_calcformat(rates.MgtRate, ni)); 1044 1045 return mwl_hal_settxrate(mvp->mv_hvap, 1046 tp->ucastrate != IEEE80211_FIXED_RATE_NONE ? 1047 RATE_FIXED : RATE_AUTO, &rates); 1048 } 1049 1050 /* 1051 * Setup a fixed xmit rate cookie for EAPOL frames. 1052 */ 1053 static void 1054 mwl_seteapolformat(struct ieee80211vap *vap) 1055 { 1056 struct mwl_vap *mvp = MWL_VAP(vap); 1057 struct ieee80211_node *ni = vap->iv_bss; 1058 enum ieee80211_phymode mode; 1059 uint8_t rate; 1060 1061 KASSERT(vap->iv_state == IEEE80211_S_RUN, ("state %d", vap->iv_state)); 1062 1063 mode = ieee80211_chan2mode(ni->ni_chan); 1064 /* 1065 * Use legacy rates when operating a mixed HT+non-HT bss. 1066 * NB: this may violate POLA for sta and wds vap's. 1067 */ 1068 if (mode == IEEE80211_MODE_11NA && 1069 (vap->iv_flags_ht & IEEE80211_FHT_PUREN) == 0) 1070 rate = vap->iv_txparms[IEEE80211_MODE_11A].mgmtrate; 1071 else if (mode == IEEE80211_MODE_11NG && 1072 (vap->iv_flags_ht & IEEE80211_FHT_PUREN) == 0) 1073 rate = vap->iv_txparms[IEEE80211_MODE_11G].mgmtrate; 1074 else 1075 rate = vap->iv_txparms[mode].mgmtrate; 1076 1077 mvp->mv_eapolformat = htole16(mwl_calcformat(rate, ni)); 1078 } 1079 1080 /* 1081 * Map SKU+country code to region code for radar bin'ing. 1082 */ 1083 static int 1084 mwl_map2regioncode(const struct ieee80211_regdomain *rd) 1085 { 1086 switch (rd->regdomain) { 1087 case SKU_FCC: 1088 case SKU_FCC3: 1089 return DOMAIN_CODE_FCC; 1090 case SKU_CA: 1091 return DOMAIN_CODE_IC; 1092 case SKU_ETSI: 1093 case SKU_ETSI2: 1094 case SKU_ETSI3: 1095 if (rd->country == CTRY_SPAIN) 1096 return DOMAIN_CODE_SPAIN; 1097 if (rd->country == CTRY_FRANCE || rd->country == CTRY_FRANCE2) 1098 return DOMAIN_CODE_FRANCE; 1099 /* XXX force 1.3.1 radar type */ 1100 return DOMAIN_CODE_ETSI_131; 1101 case SKU_JAPAN: 1102 return DOMAIN_CODE_MKK; 1103 case SKU_ROW: 1104 return DOMAIN_CODE_DGT; /* Taiwan */ 1105 case SKU_APAC: 1106 case SKU_APAC2: 1107 case SKU_APAC3: 1108 return DOMAIN_CODE_AUS; /* Australia */ 1109 } 1110 /* XXX KOREA? */ 1111 return DOMAIN_CODE_FCC; /* XXX? */ 1112 } 1113 1114 static int 1115 mwl_hal_reset(struct mwl_softc *sc) 1116 { 1117 struct ieee80211com *ic = &sc->sc_ic; 1118 struct mwl_hal *mh = sc->sc_mh; 1119 1120 mwl_hal_setantenna(mh, WL_ANTENNATYPE_RX, sc->sc_rxantenna); 1121 mwl_hal_setantenna(mh, WL_ANTENNATYPE_TX, sc->sc_txantenna); 1122 mwl_hal_setradio(mh, 1, WL_AUTO_PREAMBLE); 1123 mwl_hal_setwmm(sc->sc_mh, (ic->ic_flags & IEEE80211_F_WME) != 0); 1124 mwl_chan_set(sc, ic->ic_curchan); 1125 /* NB: RF/RA performance tuned for indoor mode */ 1126 mwl_hal_setrateadaptmode(mh, 0); 1127 mwl_hal_setoptimizationlevel(mh, 1128 (ic->ic_flags & IEEE80211_F_BURST) != 0); 1129 1130 mwl_hal_setregioncode(mh, mwl_map2regioncode(&ic->ic_regdomain)); 1131 1132 mwl_hal_setaggampduratemode(mh, 1, 80); /* XXX */ 1133 mwl_hal_setcfend(mh, 0); /* XXX */ 1134 1135 return 1; 1136 } 1137 1138 static int 1139 mwl_init(struct mwl_softc *sc) 1140 { 1141 struct mwl_hal *mh = sc->sc_mh; 1142 int error = 0; 1143 1144 MWL_LOCK_ASSERT(sc); 1145 1146 /* 1147 * Stop anything previously setup. This is safe 1148 * whether this is the first time through or not. 1149 */ 1150 mwl_stop(sc); 1151 1152 /* 1153 * Push vap-independent state to the firmware. 1154 */ 1155 if (!mwl_hal_reset(sc)) { 1156 device_printf(sc->sc_dev, "unable to reset hardware\n"); 1157 return EIO; 1158 } 1159 1160 /* 1161 * Setup recv (once); transmit is already good to go. 1162 */ 1163 error = mwl_startrecv(sc); 1164 if (error != 0) { 1165 device_printf(sc->sc_dev, "unable to start recv logic\n"); 1166 return error; 1167 } 1168 1169 /* 1170 * Enable interrupts. 1171 */ 1172 sc->sc_imask = MACREG_A2HRIC_BIT_RX_RDY 1173 | MACREG_A2HRIC_BIT_TX_DONE 1174 | MACREG_A2HRIC_BIT_OPC_DONE 1175 #if 0 1176 | MACREG_A2HRIC_BIT_MAC_EVENT 1177 #endif 1178 | MACREG_A2HRIC_BIT_ICV_ERROR 1179 | MACREG_A2HRIC_BIT_RADAR_DETECT 1180 | MACREG_A2HRIC_BIT_CHAN_SWITCH 1181 #if 0 1182 | MACREG_A2HRIC_BIT_QUEUE_EMPTY 1183 #endif 1184 | MACREG_A2HRIC_BIT_BA_WATCHDOG 1185 | MACREQ_A2HRIC_BIT_TX_ACK 1186 ; 1187 1188 sc->sc_running = 1; 1189 mwl_hal_intrset(mh, sc->sc_imask); 1190 callout_reset(&sc->sc_watchdog, hz, mwl_watchdog, sc); 1191 1192 return 0; 1193 } 1194 1195 static void 1196 mwl_stop(struct mwl_softc *sc) 1197 { 1198 1199 MWL_LOCK_ASSERT(sc); 1200 if (sc->sc_running) { 1201 /* 1202 * Shutdown the hardware and driver. 1203 */ 1204 sc->sc_running = 0; 1205 callout_stop(&sc->sc_watchdog); 1206 sc->sc_tx_timer = 0; 1207 mwl_draintxq(sc); 1208 } 1209 } 1210 1211 static int 1212 mwl_reset_vap(struct ieee80211vap *vap, int state) 1213 { 1214 struct mwl_hal_vap *hvap = MWL_VAP(vap)->mv_hvap; 1215 struct ieee80211com *ic = vap->iv_ic; 1216 1217 if (state == IEEE80211_S_RUN) 1218 mwl_setrates(vap); 1219 /* XXX off by 1? */ 1220 mwl_hal_setrtsthreshold(hvap, vap->iv_rtsthreshold); 1221 /* XXX auto? 20/40 split? */ 1222 mwl_hal_sethtgi(hvap, (vap->iv_flags_ht & 1223 (IEEE80211_FHT_SHORTGI20|IEEE80211_FHT_SHORTGI40)) ? 1 : 0); 1224 mwl_hal_setnprot(hvap, ic->ic_htprotmode == IEEE80211_PROT_NONE ? 1225 HTPROTECT_NONE : HTPROTECT_AUTO); 1226 /* XXX txpower cap */ 1227 1228 /* re-setup beacons */ 1229 if (state == IEEE80211_S_RUN && 1230 (vap->iv_opmode == IEEE80211_M_HOSTAP || 1231 vap->iv_opmode == IEEE80211_M_MBSS || 1232 vap->iv_opmode == IEEE80211_M_IBSS)) { 1233 mwl_setapmode(vap, vap->iv_bss->ni_chan); 1234 mwl_hal_setnprotmode(hvap, 1235 MS(ic->ic_curhtprotmode, IEEE80211_HTINFO_OPMODE)); 1236 return mwl_beacon_setup(vap); 1237 } 1238 return 0; 1239 } 1240 1241 /* 1242 * Reset the hardware w/o losing operational state. 1243 * Used to reset or reload hardware state for a vap. 1244 */ 1245 static int 1246 mwl_reset(struct ieee80211vap *vap, u_long cmd) 1247 { 1248 struct mwl_hal_vap *hvap = MWL_VAP(vap)->mv_hvap; 1249 int error = 0; 1250 1251 if (hvap != NULL) { /* WDS, MONITOR, etc. */ 1252 struct ieee80211com *ic = vap->iv_ic; 1253 struct mwl_softc *sc = ic->ic_softc; 1254 struct mwl_hal *mh = sc->sc_mh; 1255 1256 /* XXX handle DWDS sta vap change */ 1257 /* XXX do we need to disable interrupts? */ 1258 mwl_hal_intrset(mh, 0); /* disable interrupts */ 1259 error = mwl_reset_vap(vap, vap->iv_state); 1260 mwl_hal_intrset(mh, sc->sc_imask); 1261 } 1262 return error; 1263 } 1264 1265 /* 1266 * Allocate a tx buffer for sending a frame. The 1267 * packet is assumed to have the WME AC stored so 1268 * we can use it to select the appropriate h/w queue. 1269 */ 1270 static struct mwl_txbuf * 1271 mwl_gettxbuf(struct mwl_softc *sc, struct mwl_txq *txq) 1272 { 1273 struct mwl_txbuf *bf; 1274 1275 /* 1276 * Grab a TX buffer and associated resources. 1277 */ 1278 MWL_TXQ_LOCK(txq); 1279 bf = STAILQ_FIRST(&txq->free); 1280 if (bf != NULL) { 1281 STAILQ_REMOVE_HEAD(&txq->free, bf_list); 1282 txq->nfree--; 1283 } 1284 MWL_TXQ_UNLOCK(txq); 1285 if (bf == NULL) 1286 DPRINTF(sc, MWL_DEBUG_XMIT, 1287 "%s: out of xmit buffers on q %d\n", __func__, txq->qnum); 1288 return bf; 1289 } 1290 1291 /* 1292 * Return a tx buffer to the queue it came from. Note there 1293 * are two cases because we must preserve the order of buffers 1294 * as it reflects the fixed order of descriptors in memory 1295 * (the firmware pre-fetches descriptors so we cannot reorder). 1296 */ 1297 static void 1298 mwl_puttxbuf_head(struct mwl_txq *txq, struct mwl_txbuf *bf) 1299 { 1300 bf->bf_m = NULL; 1301 bf->bf_node = NULL; 1302 MWL_TXQ_LOCK(txq); 1303 STAILQ_INSERT_HEAD(&txq->free, bf, bf_list); 1304 txq->nfree++; 1305 MWL_TXQ_UNLOCK(txq); 1306 } 1307 1308 static void 1309 mwl_puttxbuf_tail(struct mwl_txq *txq, struct mwl_txbuf *bf) 1310 { 1311 bf->bf_m = NULL; 1312 bf->bf_node = NULL; 1313 MWL_TXQ_LOCK(txq); 1314 STAILQ_INSERT_TAIL(&txq->free, bf, bf_list); 1315 txq->nfree++; 1316 MWL_TXQ_UNLOCK(txq); 1317 } 1318 1319 static int 1320 mwl_transmit(struct ieee80211com *ic, struct mbuf *m) 1321 { 1322 struct mwl_softc *sc = ic->ic_softc; 1323 int error; 1324 1325 MWL_LOCK(sc); 1326 if (!sc->sc_running) { 1327 MWL_UNLOCK(sc); 1328 return (ENXIO); 1329 } 1330 error = mbufq_enqueue(&sc->sc_snd, m); 1331 if (error) { 1332 MWL_UNLOCK(sc); 1333 return (error); 1334 } 1335 mwl_start(sc); 1336 MWL_UNLOCK(sc); 1337 return (0); 1338 } 1339 1340 static void 1341 mwl_start(struct mwl_softc *sc) 1342 { 1343 struct ieee80211_node *ni; 1344 struct mwl_txbuf *bf; 1345 struct mbuf *m; 1346 struct mwl_txq *txq = NULL; /* XXX silence gcc */ 1347 int nqueued; 1348 1349 MWL_LOCK_ASSERT(sc); 1350 if (!sc->sc_running || sc->sc_invalid) 1351 return; 1352 nqueued = 0; 1353 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 1354 /* 1355 * Grab the node for the destination. 1356 */ 1357 ni = (struct ieee80211_node *) m->m_pkthdr.rcvif; 1358 KASSERT(ni != NULL, ("no node")); 1359 m->m_pkthdr.rcvif = NULL; /* committed, clear ref */ 1360 /* 1361 * Grab a TX buffer and associated resources. 1362 * We honor the classification by the 802.11 layer. 1363 */ 1364 txq = sc->sc_ac2q[M_WME_GETAC(m)]; 1365 bf = mwl_gettxbuf(sc, txq); 1366 if (bf == NULL) { 1367 m_freem(m); 1368 ieee80211_free_node(ni); 1369 #ifdef MWL_TX_NODROP 1370 sc->sc_stats.mst_tx_qstop++; 1371 break; 1372 #else 1373 DPRINTF(sc, MWL_DEBUG_XMIT, 1374 "%s: tail drop on q %d\n", __func__, txq->qnum); 1375 sc->sc_stats.mst_tx_qdrop++; 1376 continue; 1377 #endif /* MWL_TX_NODROP */ 1378 } 1379 1380 /* 1381 * Pass the frame to the h/w for transmission. 1382 */ 1383 if (mwl_tx_start(sc, ni, bf, m)) { 1384 if_inc_counter(ni->ni_vap->iv_ifp, 1385 IFCOUNTER_OERRORS, 1); 1386 mwl_puttxbuf_head(txq, bf); 1387 ieee80211_free_node(ni); 1388 continue; 1389 } 1390 nqueued++; 1391 if (nqueued >= mwl_txcoalesce) { 1392 /* 1393 * Poke the firmware to process queued frames; 1394 * see below about (lack of) locking. 1395 */ 1396 nqueued = 0; 1397 mwl_hal_txstart(sc->sc_mh, 0/*XXX*/); 1398 } 1399 } 1400 if (nqueued) { 1401 /* 1402 * NB: We don't need to lock against tx done because 1403 * this just prods the firmware to check the transmit 1404 * descriptors. The firmware will also start fetching 1405 * descriptors by itself if it notices new ones are 1406 * present when it goes to deliver a tx done interrupt 1407 * to the host. So if we race with tx done processing 1408 * it's ok. Delivering the kick here rather than in 1409 * mwl_tx_start is an optimization to avoid poking the 1410 * firmware for each packet. 1411 * 1412 * NB: the queue id isn't used so 0 is ok. 1413 */ 1414 mwl_hal_txstart(sc->sc_mh, 0/*XXX*/); 1415 } 1416 } 1417 1418 static int 1419 mwl_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 1420 const struct ieee80211_bpf_params *params) 1421 { 1422 struct ieee80211com *ic = ni->ni_ic; 1423 struct mwl_softc *sc = ic->ic_softc; 1424 struct mwl_txbuf *bf; 1425 struct mwl_txq *txq; 1426 1427 if (!sc->sc_running || sc->sc_invalid) { 1428 m_freem(m); 1429 return ENETDOWN; 1430 } 1431 /* 1432 * Grab a TX buffer and associated resources. 1433 * Note that we depend on the classification 1434 * by the 802.11 layer to get to the right h/w 1435 * queue. Management frames must ALWAYS go on 1436 * queue 1 but we cannot just force that here 1437 * because we may receive non-mgt frames. 1438 */ 1439 txq = sc->sc_ac2q[M_WME_GETAC(m)]; 1440 bf = mwl_gettxbuf(sc, txq); 1441 if (bf == NULL) { 1442 sc->sc_stats.mst_tx_qstop++; 1443 m_freem(m); 1444 return ENOBUFS; 1445 } 1446 /* 1447 * Pass the frame to the h/w for transmission. 1448 */ 1449 if (mwl_tx_start(sc, ni, bf, m)) { 1450 mwl_puttxbuf_head(txq, bf); 1451 1452 return EIO; /* XXX */ 1453 } 1454 /* 1455 * NB: We don't need to lock against tx done because 1456 * this just prods the firmware to check the transmit 1457 * descriptors. The firmware will also start fetching 1458 * descriptors by itself if it notices new ones are 1459 * present when it goes to deliver a tx done interrupt 1460 * to the host. So if we race with tx done processing 1461 * it's ok. Delivering the kick here rather than in 1462 * mwl_tx_start is an optimization to avoid poking the 1463 * firmware for each packet. 1464 * 1465 * NB: the queue id isn't used so 0 is ok. 1466 */ 1467 mwl_hal_txstart(sc->sc_mh, 0/*XXX*/); 1468 return 0; 1469 } 1470 1471 static int 1472 mwl_media_change(struct ifnet *ifp) 1473 { 1474 struct ieee80211vap *vap; 1475 int error; 1476 1477 /* NB: only the fixed rate can change and that doesn't need a reset */ 1478 error = ieee80211_media_change(ifp); 1479 if (error != 0) 1480 return (error); 1481 1482 vap = ifp->if_softc; 1483 mwl_setrates(vap); 1484 return (0); 1485 } 1486 1487 #ifdef MWL_DEBUG 1488 static void 1489 mwl_keyprint(struct mwl_softc *sc, const char *tag, 1490 const MWL_HAL_KEYVAL *hk, const uint8_t mac[IEEE80211_ADDR_LEN]) 1491 { 1492 static const char *ciphers[] = { 1493 "WEP", 1494 "TKIP", 1495 "AES-CCM", 1496 }; 1497 int i, n; 1498 1499 printf("%s: [%u] %-7s", tag, hk->keyIndex, ciphers[hk->keyTypeId]); 1500 for (i = 0, n = hk->keyLen; i < n; i++) 1501 printf(" %02x", hk->key.aes[i]); 1502 printf(" mac %s", ether_sprintf(mac)); 1503 if (hk->keyTypeId == KEY_TYPE_ID_TKIP) { 1504 printf(" %s", "rxmic"); 1505 for (i = 0; i < sizeof(hk->key.tkip.rxMic); i++) 1506 printf(" %02x", hk->key.tkip.rxMic[i]); 1507 printf(" txmic"); 1508 for (i = 0; i < sizeof(hk->key.tkip.txMic); i++) 1509 printf(" %02x", hk->key.tkip.txMic[i]); 1510 } 1511 printf(" flags 0x%x\n", hk->keyFlags); 1512 } 1513 #endif 1514 1515 /* 1516 * Allocate a key cache slot for a unicast key. The 1517 * firmware handles key allocation and every station is 1518 * guaranteed key space so we are always successful. 1519 */ 1520 static int 1521 mwl_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k, 1522 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix) 1523 { 1524 struct mwl_softc *sc = vap->iv_ic->ic_softc; 1525 1526 if (k->wk_keyix != IEEE80211_KEYIX_NONE || 1527 (k->wk_flags & IEEE80211_KEY_GROUP)) { 1528 if (!(&vap->iv_nw_keys[0] <= k && 1529 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) { 1530 /* should not happen */ 1531 DPRINTF(sc, MWL_DEBUG_KEYCACHE, 1532 "%s: bogus group key\n", __func__); 1533 return 0; 1534 } 1535 /* give the caller what they requested */ 1536 *keyix = *rxkeyix = ieee80211_crypto_get_key_wepidx(vap, k); 1537 } else { 1538 /* 1539 * Firmware handles key allocation. 1540 */ 1541 *keyix = *rxkeyix = 0; 1542 } 1543 return 1; 1544 } 1545 1546 /* 1547 * Delete a key entry allocated by mwl_key_alloc. 1548 */ 1549 static int 1550 mwl_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) 1551 { 1552 struct mwl_softc *sc = vap->iv_ic->ic_softc; 1553 struct mwl_hal_vap *hvap = MWL_VAP(vap)->mv_hvap; 1554 MWL_HAL_KEYVAL hk; 1555 const uint8_t bcastaddr[IEEE80211_ADDR_LEN] = 1556 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 1557 1558 if (hvap == NULL) { 1559 if (vap->iv_opmode != IEEE80211_M_WDS) { 1560 /* XXX monitor mode? */ 1561 DPRINTF(sc, MWL_DEBUG_KEYCACHE, 1562 "%s: no hvap for opmode %d\n", __func__, 1563 vap->iv_opmode); 1564 return 0; 1565 } 1566 hvap = MWL_VAP(vap)->mv_ap_hvap; 1567 } 1568 1569 DPRINTF(sc, MWL_DEBUG_KEYCACHE, "%s: delete key %u\n", 1570 __func__, k->wk_keyix); 1571 1572 memset(&hk, 0, sizeof(hk)); 1573 hk.keyIndex = k->wk_keyix; 1574 switch (k->wk_cipher->ic_cipher) { 1575 case IEEE80211_CIPHER_WEP: 1576 hk.keyTypeId = KEY_TYPE_ID_WEP; 1577 break; 1578 case IEEE80211_CIPHER_TKIP: 1579 hk.keyTypeId = KEY_TYPE_ID_TKIP; 1580 break; 1581 case IEEE80211_CIPHER_AES_CCM: 1582 hk.keyTypeId = KEY_TYPE_ID_AES; 1583 break; 1584 default: 1585 /* XXX should not happen */ 1586 DPRINTF(sc, MWL_DEBUG_KEYCACHE, "%s: unknown cipher %d\n", 1587 __func__, k->wk_cipher->ic_cipher); 1588 return 0; 1589 } 1590 return (mwl_hal_keyreset(hvap, &hk, bcastaddr) == 0); /*XXX*/ 1591 } 1592 1593 static __inline int 1594 addgroupflags(MWL_HAL_KEYVAL *hk, const struct ieee80211_key *k) 1595 { 1596 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1597 if (k->wk_flags & IEEE80211_KEY_XMIT) 1598 hk->keyFlags |= KEY_FLAG_TXGROUPKEY; 1599 if (k->wk_flags & IEEE80211_KEY_RECV) 1600 hk->keyFlags |= KEY_FLAG_RXGROUPKEY; 1601 return 1; 1602 } else 1603 return 0; 1604 } 1605 1606 /* 1607 * Set the key cache contents for the specified key. Key cache 1608 * slot(s) must already have been allocated by mwl_key_alloc. 1609 */ 1610 static int 1611 mwl_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k) 1612 { 1613 return (_mwl_key_set(vap, k, k->wk_macaddr)); 1614 } 1615 1616 static int 1617 _mwl_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k, 1618 const uint8_t mac[IEEE80211_ADDR_LEN]) 1619 { 1620 #define GRPXMIT (IEEE80211_KEY_XMIT | IEEE80211_KEY_GROUP) 1621 /* NB: static wep keys are marked GROUP+tx/rx; GTK will be tx or rx */ 1622 #define IEEE80211_IS_STATICKEY(k) \ 1623 (((k)->wk_flags & (GRPXMIT|IEEE80211_KEY_RECV)) == \ 1624 (GRPXMIT|IEEE80211_KEY_RECV)) 1625 struct mwl_softc *sc = vap->iv_ic->ic_softc; 1626 struct mwl_hal_vap *hvap = MWL_VAP(vap)->mv_hvap; 1627 const struct ieee80211_cipher *cip = k->wk_cipher; 1628 const uint8_t *macaddr; 1629 MWL_HAL_KEYVAL hk; 1630 1631 KASSERT((k->wk_flags & IEEE80211_KEY_SWCRYPT) == 0, 1632 ("s/w crypto set?")); 1633 1634 if (hvap == NULL) { 1635 if (vap->iv_opmode != IEEE80211_M_WDS) { 1636 /* XXX monitor mode? */ 1637 DPRINTF(sc, MWL_DEBUG_KEYCACHE, 1638 "%s: no hvap for opmode %d\n", __func__, 1639 vap->iv_opmode); 1640 return 0; 1641 } 1642 hvap = MWL_VAP(vap)->mv_ap_hvap; 1643 } 1644 memset(&hk, 0, sizeof(hk)); 1645 hk.keyIndex = k->wk_keyix; 1646 switch (cip->ic_cipher) { 1647 case IEEE80211_CIPHER_WEP: 1648 hk.keyTypeId = KEY_TYPE_ID_WEP; 1649 hk.keyLen = k->wk_keylen; 1650 if (k->wk_keyix == vap->iv_def_txkey) 1651 hk.keyFlags = KEY_FLAG_WEP_TXKEY; 1652 if (!IEEE80211_IS_STATICKEY(k)) { 1653 /* NB: WEP is never used for the PTK */ 1654 (void) addgroupflags(&hk, k); 1655 } 1656 break; 1657 case IEEE80211_CIPHER_TKIP: 1658 hk.keyTypeId = KEY_TYPE_ID_TKIP; 1659 hk.key.tkip.tsc.high = (uint32_t)(k->wk_keytsc >> 16); 1660 hk.key.tkip.tsc.low = (uint16_t)k->wk_keytsc; 1661 hk.keyFlags = KEY_FLAG_TSC_VALID | KEY_FLAG_MICKEY_VALID; 1662 hk.keyLen = k->wk_keylen + IEEE80211_MICBUF_SIZE; 1663 if (!addgroupflags(&hk, k)) 1664 hk.keyFlags |= KEY_FLAG_PAIRWISE; 1665 break; 1666 case IEEE80211_CIPHER_AES_CCM: 1667 hk.keyTypeId = KEY_TYPE_ID_AES; 1668 hk.keyLen = k->wk_keylen; 1669 if (!addgroupflags(&hk, k)) 1670 hk.keyFlags |= KEY_FLAG_PAIRWISE; 1671 break; 1672 default: 1673 /* XXX should not happen */ 1674 DPRINTF(sc, MWL_DEBUG_KEYCACHE, "%s: unknown cipher %d\n", 1675 __func__, k->wk_cipher->ic_cipher); 1676 return 0; 1677 } 1678 /* 1679 * NB: tkip mic keys get copied here too; the layout 1680 * just happens to match that in ieee80211_key. 1681 */ 1682 memcpy(hk.key.aes, k->wk_key, hk.keyLen); 1683 1684 /* 1685 * Locate address of sta db entry for writing key; 1686 * the convention unfortunately is somewhat different 1687 * than how net80211, hostapd, and wpa_supplicant think. 1688 */ 1689 if (vap->iv_opmode == IEEE80211_M_STA) { 1690 /* 1691 * NB: keys plumbed before the sta reaches AUTH state 1692 * will be discarded or written to the wrong sta db 1693 * entry because iv_bss is meaningless. This is ok 1694 * (right now) because we handle deferred plumbing of 1695 * WEP keys when the sta reaches AUTH state. 1696 */ 1697 macaddr = vap->iv_bss->ni_bssid; 1698 if ((k->wk_flags & IEEE80211_KEY_GROUP) == 0) { 1699 /* XXX plumb to local sta db too for static key wep */ 1700 mwl_hal_keyset(hvap, &hk, vap->iv_myaddr); 1701 } 1702 } else if (vap->iv_opmode == IEEE80211_M_WDS && 1703 vap->iv_state != IEEE80211_S_RUN) { 1704 /* 1705 * Prior to RUN state a WDS vap will not it's BSS node 1706 * setup so we will plumb the key to the wrong mac 1707 * address (it'll be our local address). Workaround 1708 * this for the moment by grabbing the correct address. 1709 */ 1710 macaddr = vap->iv_des_bssid; 1711 } else if ((k->wk_flags & GRPXMIT) == GRPXMIT) 1712 macaddr = vap->iv_myaddr; 1713 else 1714 macaddr = mac; 1715 KEYPRINTF(sc, &hk, macaddr); 1716 return (mwl_hal_keyset(hvap, &hk, macaddr) == 0); 1717 #undef IEEE80211_IS_STATICKEY 1718 #undef GRPXMIT 1719 } 1720 1721 /* 1722 * Set the multicast filter contents into the hardware. 1723 * XXX f/w has no support; just defer to the os. 1724 */ 1725 static void 1726 mwl_setmcastfilter(struct mwl_softc *sc) 1727 { 1728 #if 0 1729 struct ether_multi *enm; 1730 struct ether_multistep estep; 1731 uint8_t macs[IEEE80211_ADDR_LEN*MWL_HAL_MCAST_MAX];/* XXX stack use */ 1732 uint8_t *mp; 1733 int nmc; 1734 1735 mp = macs; 1736 nmc = 0; 1737 ETHER_FIRST_MULTI(estep, &sc->sc_ec, enm); 1738 while (enm != NULL) { 1739 /* XXX Punt on ranges. */ 1740 if (nmc == MWL_HAL_MCAST_MAX || 1741 !IEEE80211_ADDR_EQ(enm->enm_addrlo, enm->enm_addrhi)) { 1742 ifp->if_flags |= IFF_ALLMULTI; 1743 return; 1744 } 1745 IEEE80211_ADDR_COPY(mp, enm->enm_addrlo); 1746 mp += IEEE80211_ADDR_LEN, nmc++; 1747 ETHER_NEXT_MULTI(estep, enm); 1748 } 1749 ifp->if_flags &= ~IFF_ALLMULTI; 1750 mwl_hal_setmcast(sc->sc_mh, nmc, macs); 1751 #endif 1752 } 1753 1754 static int 1755 mwl_mode_init(struct mwl_softc *sc) 1756 { 1757 struct ieee80211com *ic = &sc->sc_ic; 1758 struct mwl_hal *mh = sc->sc_mh; 1759 1760 mwl_hal_setpromisc(mh, ic->ic_promisc > 0); 1761 mwl_setmcastfilter(sc); 1762 1763 return 0; 1764 } 1765 1766 /* 1767 * Callback from the 802.11 layer after a multicast state change. 1768 */ 1769 static void 1770 mwl_update_mcast(struct ieee80211com *ic) 1771 { 1772 struct mwl_softc *sc = ic->ic_softc; 1773 1774 mwl_setmcastfilter(sc); 1775 } 1776 1777 /* 1778 * Callback from the 802.11 layer after a promiscuous mode change. 1779 * Note this interface does not check the operating mode as this 1780 * is an internal callback and we are expected to honor the current 1781 * state (e.g. this is used for setting the interface in promiscuous 1782 * mode when operating in hostap mode to do ACS). 1783 */ 1784 static void 1785 mwl_update_promisc(struct ieee80211com *ic) 1786 { 1787 struct mwl_softc *sc = ic->ic_softc; 1788 1789 mwl_hal_setpromisc(sc->sc_mh, ic->ic_promisc > 0); 1790 } 1791 1792 /* 1793 * Callback from the 802.11 layer to update the slot time 1794 * based on the current setting. We use it to notify the 1795 * firmware of ERP changes and the f/w takes care of things 1796 * like slot time and preamble. 1797 */ 1798 static void 1799 mwl_updateslot(struct ieee80211com *ic) 1800 { 1801 struct mwl_softc *sc = ic->ic_softc; 1802 struct mwl_hal *mh = sc->sc_mh; 1803 int prot; 1804 1805 /* NB: can be called early; suppress needless cmds */ 1806 if (!sc->sc_running) 1807 return; 1808 1809 /* 1810 * Calculate the ERP flags. The firwmare will use 1811 * this to carry out the appropriate measures. 1812 */ 1813 prot = 0; 1814 if (IEEE80211_IS_CHAN_ANYG(ic->ic_curchan)) { 1815 if ((ic->ic_flags & IEEE80211_F_SHSLOT) == 0) 1816 prot |= IEEE80211_ERP_NON_ERP_PRESENT; 1817 if (ic->ic_flags & IEEE80211_F_USEPROT) 1818 prot |= IEEE80211_ERP_USE_PROTECTION; 1819 if (ic->ic_flags & IEEE80211_F_USEBARKER) 1820 prot |= IEEE80211_ERP_LONG_PREAMBLE; 1821 } 1822 1823 DPRINTF(sc, MWL_DEBUG_RESET, 1824 "%s: chan %u MHz/flags 0x%x %s slot, (prot 0x%x ic_flags 0x%x)\n", 1825 __func__, ic->ic_curchan->ic_freq, ic->ic_curchan->ic_flags, 1826 ic->ic_flags & IEEE80211_F_SHSLOT ? "short" : "long", prot, 1827 ic->ic_flags); 1828 1829 mwl_hal_setgprot(mh, prot); 1830 } 1831 1832 /* 1833 * Setup the beacon frame. 1834 */ 1835 static int 1836 mwl_beacon_setup(struct ieee80211vap *vap) 1837 { 1838 struct mwl_hal_vap *hvap = MWL_VAP(vap)->mv_hvap; 1839 struct ieee80211_node *ni = vap->iv_bss; 1840 struct mbuf *m; 1841 1842 m = ieee80211_beacon_alloc(ni); 1843 if (m == NULL) 1844 return ENOBUFS; 1845 mwl_hal_setbeacon(hvap, mtod(m, const void *), m->m_len); 1846 m_free(m); 1847 1848 return 0; 1849 } 1850 1851 /* 1852 * Update the beacon frame in response to a change. 1853 */ 1854 static void 1855 mwl_beacon_update(struct ieee80211vap *vap, int item) 1856 { 1857 struct mwl_hal_vap *hvap = MWL_VAP(vap)->mv_hvap; 1858 struct ieee80211com *ic = vap->iv_ic; 1859 1860 KASSERT(hvap != NULL, ("no beacon")); 1861 switch (item) { 1862 case IEEE80211_BEACON_ERP: 1863 mwl_updateslot(ic); 1864 break; 1865 case IEEE80211_BEACON_HTINFO: 1866 mwl_hal_setnprotmode(hvap, 1867 MS(ic->ic_curhtprotmode, IEEE80211_HTINFO_OPMODE)); 1868 break; 1869 case IEEE80211_BEACON_CAPS: 1870 case IEEE80211_BEACON_WME: 1871 case IEEE80211_BEACON_APPIE: 1872 case IEEE80211_BEACON_CSA: 1873 break; 1874 case IEEE80211_BEACON_TIM: 1875 /* NB: firmware always forms TIM */ 1876 return; 1877 } 1878 /* XXX retain beacon frame and update */ 1879 mwl_beacon_setup(vap); 1880 } 1881 1882 static void 1883 mwl_load_cb(void *arg, bus_dma_segment_t *segs, int nsegs, int error) 1884 { 1885 bus_addr_t *paddr = (bus_addr_t*) arg; 1886 KASSERT(error == 0, ("error %u on bus_dma callback", error)); 1887 *paddr = segs->ds_addr; 1888 } 1889 1890 #ifdef MWL_HOST_PS_SUPPORT 1891 /* 1892 * Handle power save station occupancy changes. 1893 */ 1894 static void 1895 mwl_update_ps(struct ieee80211vap *vap, int nsta) 1896 { 1897 struct mwl_vap *mvp = MWL_VAP(vap); 1898 1899 if (nsta == 0 || mvp->mv_last_ps_sta == 0) 1900 mwl_hal_setpowersave_bss(mvp->mv_hvap, nsta); 1901 mvp->mv_last_ps_sta = nsta; 1902 } 1903 1904 /* 1905 * Handle associated station power save state changes. 1906 */ 1907 static int 1908 mwl_set_tim(struct ieee80211_node *ni, int set) 1909 { 1910 struct ieee80211vap *vap = ni->ni_vap; 1911 struct mwl_vap *mvp = MWL_VAP(vap); 1912 1913 if (mvp->mv_set_tim(ni, set)) { /* NB: state change */ 1914 mwl_hal_setpowersave_sta(mvp->mv_hvap, 1915 IEEE80211_AID(ni->ni_associd), set); 1916 return 1; 1917 } else 1918 return 0; 1919 } 1920 #endif /* MWL_HOST_PS_SUPPORT */ 1921 1922 static int 1923 mwl_desc_setup(struct mwl_softc *sc, const char *name, 1924 struct mwl_descdma *dd, 1925 int nbuf, size_t bufsize, int ndesc, size_t descsize) 1926 { 1927 uint8_t *ds; 1928 int error; 1929 1930 DPRINTF(sc, MWL_DEBUG_RESET, 1931 "%s: %s DMA: %u bufs (%ju) %u desc/buf (%ju)\n", 1932 __func__, name, nbuf, (uintmax_t) bufsize, 1933 ndesc, (uintmax_t) descsize); 1934 1935 dd->dd_name = name; 1936 dd->dd_desc_len = nbuf * ndesc * descsize; 1937 1938 /* 1939 * Setup DMA descriptor area. 1940 */ 1941 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), /* parent */ 1942 PAGE_SIZE, 0, /* alignment, bounds */ 1943 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */ 1944 BUS_SPACE_MAXADDR, /* highaddr */ 1945 NULL, NULL, /* filter, filterarg */ 1946 dd->dd_desc_len, /* maxsize */ 1947 1, /* nsegments */ 1948 dd->dd_desc_len, /* maxsegsize */ 1949 BUS_DMA_ALLOCNOW, /* flags */ 1950 NULL, /* lockfunc */ 1951 NULL, /* lockarg */ 1952 &dd->dd_dmat); 1953 if (error != 0) { 1954 device_printf(sc->sc_dev, "cannot allocate %s DMA tag\n", dd->dd_name); 1955 return error; 1956 } 1957 1958 /* allocate descriptors */ 1959 error = bus_dmamem_alloc(dd->dd_dmat, (void**) &dd->dd_desc, 1960 BUS_DMA_NOWAIT | BUS_DMA_COHERENT, 1961 &dd->dd_dmamap); 1962 if (error != 0) { 1963 device_printf(sc->sc_dev, "unable to alloc memory for %u %s descriptors, " 1964 "error %u\n", nbuf * ndesc, dd->dd_name, error); 1965 goto fail1; 1966 } 1967 1968 error = bus_dmamap_load(dd->dd_dmat, dd->dd_dmamap, 1969 dd->dd_desc, dd->dd_desc_len, 1970 mwl_load_cb, &dd->dd_desc_paddr, 1971 BUS_DMA_NOWAIT); 1972 if (error != 0) { 1973 device_printf(sc->sc_dev, "unable to map %s descriptors, error %u\n", 1974 dd->dd_name, error); 1975 goto fail2; 1976 } 1977 1978 ds = dd->dd_desc; 1979 memset(ds, 0, dd->dd_desc_len); 1980 DPRINTF(sc, MWL_DEBUG_RESET, 1981 "%s: %s DMA map: %p (%lu) -> 0x%jx (%lu)\n", 1982 __func__, dd->dd_name, ds, (u_long) dd->dd_desc_len, 1983 (uintmax_t) dd->dd_desc_paddr, /*XXX*/ (u_long) dd->dd_desc_len); 1984 1985 return 0; 1986 fail2: 1987 bus_dmamem_free(dd->dd_dmat, dd->dd_desc, dd->dd_dmamap); 1988 fail1: 1989 bus_dma_tag_destroy(dd->dd_dmat); 1990 memset(dd, 0, sizeof(*dd)); 1991 return error; 1992 #undef DS2PHYS 1993 } 1994 1995 static void 1996 mwl_desc_cleanup(struct mwl_softc *sc, struct mwl_descdma *dd) 1997 { 1998 bus_dmamap_unload(dd->dd_dmat, dd->dd_dmamap); 1999 bus_dmamem_free(dd->dd_dmat, dd->dd_desc, dd->dd_dmamap); 2000 bus_dma_tag_destroy(dd->dd_dmat); 2001 2002 memset(dd, 0, sizeof(*dd)); 2003 } 2004 2005 /* 2006 * Construct a tx q's free list. The order of entries on 2007 * the list must reflect the physical layout of tx descriptors 2008 * because the firmware pre-fetches descriptors. 2009 * 2010 * XXX might be better to use indices into the buffer array. 2011 */ 2012 static void 2013 mwl_txq_reset(struct mwl_softc *sc, struct mwl_txq *txq) 2014 { 2015 struct mwl_txbuf *bf; 2016 int i; 2017 2018 bf = txq->dma.dd_bufptr; 2019 STAILQ_INIT(&txq->free); 2020 for (i = 0; i < mwl_txbuf; i++, bf++) 2021 STAILQ_INSERT_TAIL(&txq->free, bf, bf_list); 2022 txq->nfree = i; 2023 } 2024 2025 #define DS2PHYS(_dd, _ds) \ 2026 ((_dd)->dd_desc_paddr + ((caddr_t)(_ds) - (caddr_t)(_dd)->dd_desc)) 2027 2028 static int 2029 mwl_txdma_setup(struct mwl_softc *sc, struct mwl_txq *txq) 2030 { 2031 int error, bsize, i; 2032 struct mwl_txbuf *bf; 2033 struct mwl_txdesc *ds; 2034 2035 error = mwl_desc_setup(sc, "tx", &txq->dma, 2036 mwl_txbuf, sizeof(struct mwl_txbuf), 2037 MWL_TXDESC, sizeof(struct mwl_txdesc)); 2038 if (error != 0) 2039 return error; 2040 2041 /* allocate and setup tx buffers */ 2042 bsize = mwl_txbuf * sizeof(struct mwl_txbuf); 2043 bf = malloc(bsize, M_MWLDEV, M_NOWAIT | M_ZERO); 2044 if (bf == NULL) { 2045 device_printf(sc->sc_dev, "malloc of %u tx buffers failed\n", 2046 mwl_txbuf); 2047 return ENOMEM; 2048 } 2049 txq->dma.dd_bufptr = bf; 2050 2051 ds = txq->dma.dd_desc; 2052 for (i = 0; i < mwl_txbuf; i++, bf++, ds += MWL_TXDESC) { 2053 bf->bf_desc = ds; 2054 bf->bf_daddr = DS2PHYS(&txq->dma, ds); 2055 error = bus_dmamap_create(sc->sc_dmat, BUS_DMA_NOWAIT, 2056 &bf->bf_dmamap); 2057 if (error != 0) { 2058 device_printf(sc->sc_dev, "unable to create dmamap for tx " 2059 "buffer %u, error %u\n", i, error); 2060 return error; 2061 } 2062 } 2063 mwl_txq_reset(sc, txq); 2064 return 0; 2065 } 2066 2067 static void 2068 mwl_txdma_cleanup(struct mwl_softc *sc, struct mwl_txq *txq) 2069 { 2070 struct mwl_txbuf *bf; 2071 int i; 2072 2073 bf = txq->dma.dd_bufptr; 2074 for (i = 0; i < mwl_txbuf; i++, bf++) { 2075 KASSERT(bf->bf_m == NULL, ("mbuf on free list")); 2076 KASSERT(bf->bf_node == NULL, ("node on free list")); 2077 if (bf->bf_dmamap != NULL) 2078 bus_dmamap_destroy(sc->sc_dmat, bf->bf_dmamap); 2079 } 2080 STAILQ_INIT(&txq->free); 2081 txq->nfree = 0; 2082 if (txq->dma.dd_bufptr != NULL) { 2083 free(txq->dma.dd_bufptr, M_MWLDEV); 2084 txq->dma.dd_bufptr = NULL; 2085 } 2086 if (txq->dma.dd_desc_len != 0) 2087 mwl_desc_cleanup(sc, &txq->dma); 2088 } 2089 2090 static int 2091 mwl_rxdma_setup(struct mwl_softc *sc) 2092 { 2093 int error, jumbosize, bsize, i; 2094 struct mwl_rxbuf *bf; 2095 struct mwl_jumbo *rbuf; 2096 struct mwl_rxdesc *ds; 2097 caddr_t data; 2098 2099 error = mwl_desc_setup(sc, "rx", &sc->sc_rxdma, 2100 mwl_rxdesc, sizeof(struct mwl_rxbuf), 2101 1, sizeof(struct mwl_rxdesc)); 2102 if (error != 0) 2103 return error; 2104 2105 /* 2106 * Receive is done to a private pool of jumbo buffers. 2107 * This allows us to attach to mbuf's and avoid re-mapping 2108 * memory on each rx we post. We allocate a large chunk 2109 * of memory and manage it in the driver. The mbuf free 2110 * callback method is used to reclaim frames after sending 2111 * them up the stack. By default we allocate 2x the number of 2112 * rx descriptors configured so we have some slop to hold 2113 * us while frames are processed. 2114 */ 2115 if (mwl_rxbuf < 2*mwl_rxdesc) { 2116 device_printf(sc->sc_dev, 2117 "too few rx dma buffers (%d); increasing to %d\n", 2118 mwl_rxbuf, 2*mwl_rxdesc); 2119 mwl_rxbuf = 2*mwl_rxdesc; 2120 } 2121 jumbosize = roundup(MWL_AGGR_SIZE, PAGE_SIZE); 2122 sc->sc_rxmemsize = mwl_rxbuf*jumbosize; 2123 2124 error = bus_dma_tag_create(sc->sc_dmat, /* parent */ 2125 PAGE_SIZE, 0, /* alignment, bounds */ 2126 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */ 2127 BUS_SPACE_MAXADDR, /* highaddr */ 2128 NULL, NULL, /* filter, filterarg */ 2129 sc->sc_rxmemsize, /* maxsize */ 2130 1, /* nsegments */ 2131 sc->sc_rxmemsize, /* maxsegsize */ 2132 BUS_DMA_ALLOCNOW, /* flags */ 2133 NULL, /* lockfunc */ 2134 NULL, /* lockarg */ 2135 &sc->sc_rxdmat); 2136 if (error != 0) { 2137 device_printf(sc->sc_dev, "could not create rx DMA tag\n"); 2138 return error; 2139 } 2140 2141 error = bus_dmamem_alloc(sc->sc_rxdmat, (void**) &sc->sc_rxmem, 2142 BUS_DMA_NOWAIT | BUS_DMA_COHERENT, 2143 &sc->sc_rxmap); 2144 if (error != 0) { 2145 device_printf(sc->sc_dev, "could not alloc %ju bytes of rx DMA memory\n", 2146 (uintmax_t) sc->sc_rxmemsize); 2147 return error; 2148 } 2149 2150 error = bus_dmamap_load(sc->sc_rxdmat, sc->sc_rxmap, 2151 sc->sc_rxmem, sc->sc_rxmemsize, 2152 mwl_load_cb, &sc->sc_rxmem_paddr, 2153 BUS_DMA_NOWAIT); 2154 if (error != 0) { 2155 device_printf(sc->sc_dev, "could not load rx DMA map\n"); 2156 return error; 2157 } 2158 2159 /* 2160 * Allocate rx buffers and set them up. 2161 */ 2162 bsize = mwl_rxdesc * sizeof(struct mwl_rxbuf); 2163 bf = malloc(bsize, M_MWLDEV, M_NOWAIT | M_ZERO); 2164 if (bf == NULL) { 2165 device_printf(sc->sc_dev, "malloc of %u rx buffers failed\n", bsize); 2166 return error; 2167 } 2168 sc->sc_rxdma.dd_bufptr = bf; 2169 2170 STAILQ_INIT(&sc->sc_rxbuf); 2171 ds = sc->sc_rxdma.dd_desc; 2172 for (i = 0; i < mwl_rxdesc; i++, bf++, ds++) { 2173 bf->bf_desc = ds; 2174 bf->bf_daddr = DS2PHYS(&sc->sc_rxdma, ds); 2175 /* pre-assign dma buffer */ 2176 bf->bf_data = ((uint8_t *)sc->sc_rxmem) + (i*jumbosize); 2177 /* NB: tail is intentional to preserve descriptor order */ 2178 STAILQ_INSERT_TAIL(&sc->sc_rxbuf, bf, bf_list); 2179 } 2180 2181 /* 2182 * Place remainder of dma memory buffers on the free list. 2183 */ 2184 SLIST_INIT(&sc->sc_rxfree); 2185 for (; i < mwl_rxbuf; i++) { 2186 data = ((uint8_t *)sc->sc_rxmem) + (i*jumbosize); 2187 rbuf = MWL_JUMBO_DATA2BUF(data); 2188 SLIST_INSERT_HEAD(&sc->sc_rxfree, rbuf, next); 2189 sc->sc_nrxfree++; 2190 } 2191 return 0; 2192 } 2193 #undef DS2PHYS 2194 2195 static void 2196 mwl_rxdma_cleanup(struct mwl_softc *sc) 2197 { 2198 if (sc->sc_rxmem_paddr != 0) { 2199 bus_dmamap_unload(sc->sc_rxdmat, sc->sc_rxmap); 2200 sc->sc_rxmem_paddr = 0; 2201 } 2202 if (sc->sc_rxmem != NULL) { 2203 bus_dmamem_free(sc->sc_rxdmat, sc->sc_rxmem, sc->sc_rxmap); 2204 sc->sc_rxmem = NULL; 2205 } 2206 if (sc->sc_rxdma.dd_bufptr != NULL) { 2207 free(sc->sc_rxdma.dd_bufptr, M_MWLDEV); 2208 sc->sc_rxdma.dd_bufptr = NULL; 2209 } 2210 if (sc->sc_rxdma.dd_desc_len != 0) 2211 mwl_desc_cleanup(sc, &sc->sc_rxdma); 2212 } 2213 2214 static int 2215 mwl_dma_setup(struct mwl_softc *sc) 2216 { 2217 int error, i; 2218 2219 error = mwl_rxdma_setup(sc); 2220 if (error != 0) { 2221 mwl_rxdma_cleanup(sc); 2222 return error; 2223 } 2224 2225 for (i = 0; i < MWL_NUM_TX_QUEUES; i++) { 2226 error = mwl_txdma_setup(sc, &sc->sc_txq[i]); 2227 if (error != 0) { 2228 mwl_dma_cleanup(sc); 2229 return error; 2230 } 2231 } 2232 return 0; 2233 } 2234 2235 static void 2236 mwl_dma_cleanup(struct mwl_softc *sc) 2237 { 2238 int i; 2239 2240 for (i = 0; i < MWL_NUM_TX_QUEUES; i++) 2241 mwl_txdma_cleanup(sc, &sc->sc_txq[i]); 2242 mwl_rxdma_cleanup(sc); 2243 } 2244 2245 static struct ieee80211_node * 2246 mwl_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 2247 { 2248 struct ieee80211com *ic = vap->iv_ic; 2249 struct mwl_softc *sc = ic->ic_softc; 2250 const size_t space = sizeof(struct mwl_node); 2251 struct mwl_node *mn; 2252 2253 mn = malloc(space, M_80211_NODE, M_NOWAIT|M_ZERO); 2254 if (mn == NULL) { 2255 /* XXX stat+msg */ 2256 return NULL; 2257 } 2258 DPRINTF(sc, MWL_DEBUG_NODE, "%s: mn %p\n", __func__, mn); 2259 return &mn->mn_node; 2260 } 2261 2262 static void 2263 mwl_node_cleanup(struct ieee80211_node *ni) 2264 { 2265 struct ieee80211com *ic = ni->ni_ic; 2266 struct mwl_softc *sc = ic->ic_softc; 2267 struct mwl_node *mn = MWL_NODE(ni); 2268 2269 DPRINTF(sc, MWL_DEBUG_NODE, "%s: ni %p ic %p staid %d\n", 2270 __func__, ni, ni->ni_ic, mn->mn_staid); 2271 2272 if (mn->mn_staid != 0) { 2273 struct ieee80211vap *vap = ni->ni_vap; 2274 2275 if (mn->mn_hvap != NULL) { 2276 if (vap->iv_opmode == IEEE80211_M_STA) 2277 mwl_hal_delstation(mn->mn_hvap, vap->iv_myaddr); 2278 else 2279 mwl_hal_delstation(mn->mn_hvap, ni->ni_macaddr); 2280 } 2281 /* 2282 * NB: legacy WDS peer sta db entry is installed using 2283 * the associate ap's hvap; use it again to delete it. 2284 * XXX can vap be NULL? 2285 */ 2286 else if (vap->iv_opmode == IEEE80211_M_WDS && 2287 MWL_VAP(vap)->mv_ap_hvap != NULL) 2288 mwl_hal_delstation(MWL_VAP(vap)->mv_ap_hvap, 2289 ni->ni_macaddr); 2290 delstaid(sc, mn->mn_staid); 2291 mn->mn_staid = 0; 2292 } 2293 sc->sc_node_cleanup(ni); 2294 } 2295 2296 /* 2297 * Reclaim rx dma buffers from packets sitting on the ampdu 2298 * reorder queue for a station. We replace buffers with a 2299 * system cluster (if available). 2300 */ 2301 static void 2302 mwl_ampdu_rxdma_reclaim(struct ieee80211_rx_ampdu *rap) 2303 { 2304 #if 0 2305 int i, n, off; 2306 struct mbuf *m; 2307 void *cl; 2308 2309 n = rap->rxa_qframes; 2310 for (i = 0; i < rap->rxa_wnd && n > 0; i++) { 2311 m = rap->rxa_m[i]; 2312 if (m == NULL) 2313 continue; 2314 n--; 2315 /* our dma buffers have a well-known free routine */ 2316 if ((m->m_flags & M_EXT) == 0 || 2317 m->m_ext.ext_free != mwl_ext_free) 2318 continue; 2319 /* 2320 * Try to allocate a cluster and move the data. 2321 */ 2322 off = m->m_data - m->m_ext.ext_buf; 2323 if (off + m->m_pkthdr.len > MCLBYTES) { 2324 /* XXX no AMSDU for now */ 2325 continue; 2326 } 2327 cl = pool_cache_get_paddr(&mclpool_cache, 0, 2328 &m->m_ext.ext_paddr); 2329 if (cl != NULL) { 2330 /* 2331 * Copy the existing data to the cluster, remove 2332 * the rx dma buffer, and attach the cluster in 2333 * its place. Note we preserve the offset to the 2334 * data so frames being bridged can still prepend 2335 * their headers without adding another mbuf. 2336 */ 2337 memcpy((caddr_t) cl + off, m->m_data, m->m_pkthdr.len); 2338 MEXTREMOVE(m); 2339 MEXTADD(m, cl, MCLBYTES, 0, NULL, &mclpool_cache); 2340 /* setup mbuf like _MCLGET does */ 2341 m->m_flags |= M_CLUSTER | M_EXT_RW; 2342 _MOWNERREF(m, M_EXT | M_CLUSTER); 2343 /* NB: m_data is clobbered by MEXTADDR, adjust */ 2344 m->m_data += off; 2345 } 2346 } 2347 #endif 2348 } 2349 2350 /* 2351 * Callback to reclaim resources. We first let the 2352 * net80211 layer do it's thing, then if we are still 2353 * blocked by a lack of rx dma buffers we walk the ampdu 2354 * reorder q's to reclaim buffers by copying to a system 2355 * cluster. 2356 */ 2357 static void 2358 mwl_node_drain(struct ieee80211_node *ni) 2359 { 2360 struct ieee80211com *ic = ni->ni_ic; 2361 struct mwl_softc *sc = ic->ic_softc; 2362 struct mwl_node *mn = MWL_NODE(ni); 2363 2364 DPRINTF(sc, MWL_DEBUG_NODE, "%s: ni %p vap %p staid %d\n", 2365 __func__, ni, ni->ni_vap, mn->mn_staid); 2366 2367 /* NB: call up first to age out ampdu q's */ 2368 sc->sc_node_drain(ni); 2369 2370 /* XXX better to not check low water mark? */ 2371 if (sc->sc_rxblocked && mn->mn_staid != 0 && 2372 (ni->ni_flags & IEEE80211_NODE_HT)) { 2373 uint8_t tid; 2374 /* 2375 * Walk the reorder q and reclaim rx dma buffers by copying 2376 * the packet contents into clusters. 2377 */ 2378 for (tid = 0; tid < WME_NUM_TID; tid++) { 2379 struct ieee80211_rx_ampdu *rap; 2380 2381 rap = &ni->ni_rx_ampdu[tid]; 2382 if ((rap->rxa_flags & IEEE80211_AGGR_XCHGPEND) == 0) 2383 continue; 2384 if (rap->rxa_qframes) 2385 mwl_ampdu_rxdma_reclaim(rap); 2386 } 2387 } 2388 } 2389 2390 static void 2391 mwl_node_getsignal(const struct ieee80211_node *ni, int8_t *rssi, int8_t *noise) 2392 { 2393 *rssi = ni->ni_ic->ic_node_getrssi(ni); 2394 #ifdef MWL_ANT_INFO_SUPPORT 2395 #if 0 2396 /* XXX need to smooth data */ 2397 *noise = -MWL_NODE_CONST(ni)->mn_ai.nf; 2398 #else 2399 *noise = -95; /* XXX */ 2400 #endif 2401 #else 2402 *noise = -95; /* XXX */ 2403 #endif 2404 } 2405 2406 /* 2407 * Convert Hardware per-antenna rssi info to common format: 2408 * Let a1, a2, a3 represent the amplitudes per chain 2409 * Let amax represent max[a1, a2, a3] 2410 * Rssi1_dBm = RSSI_dBm + 20*log10(a1/amax) 2411 * Rssi1_dBm = RSSI_dBm + 20*log10(a1) - 20*log10(amax) 2412 * We store a table that is 4*20*log10(idx) - the extra 4 is to store or 2413 * maintain some extra precision. 2414 * 2415 * Values are stored in .5 db format capped at 127. 2416 */ 2417 static void 2418 mwl_node_getmimoinfo(const struct ieee80211_node *ni, 2419 struct ieee80211_mimo_info *mi) 2420 { 2421 #define CVT(_dst, _src) do { \ 2422 (_dst) = rssi + ((logdbtbl[_src] - logdbtbl[rssi_max]) >> 2); \ 2423 (_dst) = (_dst) > 64 ? 127 : ((_dst) << 1); \ 2424 } while (0) 2425 static const int8_t logdbtbl[32] = { 2426 0, 0, 24, 38, 48, 56, 62, 68, 2427 72, 76, 80, 83, 86, 89, 92, 94, 2428 96, 98, 100, 102, 104, 106, 107, 109, 2429 110, 112, 113, 115, 116, 117, 118, 119 2430 }; 2431 const struct mwl_node *mn = MWL_NODE_CONST(ni); 2432 uint8_t rssi = mn->mn_ai.rsvd1/2; /* XXX */ 2433 uint32_t rssi_max; 2434 2435 rssi_max = mn->mn_ai.rssi_a; 2436 if (mn->mn_ai.rssi_b > rssi_max) 2437 rssi_max = mn->mn_ai.rssi_b; 2438 if (mn->mn_ai.rssi_c > rssi_max) 2439 rssi_max = mn->mn_ai.rssi_c; 2440 2441 CVT(mi->ch[0].rssi[0], mn->mn_ai.rssi_a); 2442 CVT(mi->ch[1].rssi[0], mn->mn_ai.rssi_b); 2443 CVT(mi->ch[2].rssi[0], mn->mn_ai.rssi_c); 2444 2445 mi->ch[0].noise[0] = mn->mn_ai.nf_a; 2446 mi->ch[1].noise[0] = mn->mn_ai.nf_b; 2447 mi->ch[2].noise[0] = mn->mn_ai.nf_c; 2448 #undef CVT 2449 } 2450 2451 static __inline void * 2452 mwl_getrxdma(struct mwl_softc *sc) 2453 { 2454 struct mwl_jumbo *buf; 2455 void *data; 2456 2457 /* 2458 * Allocate from jumbo pool. 2459 */ 2460 MWL_RXFREE_LOCK(sc); 2461 buf = SLIST_FIRST(&sc->sc_rxfree); 2462 if (buf == NULL) { 2463 DPRINTF(sc, MWL_DEBUG_ANY, 2464 "%s: out of rx dma buffers\n", __func__); 2465 sc->sc_stats.mst_rx_nodmabuf++; 2466 data = NULL; 2467 } else { 2468 SLIST_REMOVE_HEAD(&sc->sc_rxfree, next); 2469 sc->sc_nrxfree--; 2470 data = MWL_JUMBO_BUF2DATA(buf); 2471 } 2472 MWL_RXFREE_UNLOCK(sc); 2473 return data; 2474 } 2475 2476 static __inline void 2477 mwl_putrxdma(struct mwl_softc *sc, void *data) 2478 { 2479 struct mwl_jumbo *buf; 2480 2481 /* XXX bounds check data */ 2482 MWL_RXFREE_LOCK(sc); 2483 buf = MWL_JUMBO_DATA2BUF(data); 2484 SLIST_INSERT_HEAD(&sc->sc_rxfree, buf, next); 2485 sc->sc_nrxfree++; 2486 MWL_RXFREE_UNLOCK(sc); 2487 } 2488 2489 static int 2490 mwl_rxbuf_init(struct mwl_softc *sc, struct mwl_rxbuf *bf) 2491 { 2492 struct mwl_rxdesc *ds; 2493 2494 ds = bf->bf_desc; 2495 if (bf->bf_data == NULL) { 2496 bf->bf_data = mwl_getrxdma(sc); 2497 if (bf->bf_data == NULL) { 2498 /* mark descriptor to be skipped */ 2499 ds->RxControl = EAGLE_RXD_CTRL_OS_OWN; 2500 /* NB: don't need PREREAD */ 2501 MWL_RXDESC_SYNC(sc, ds, BUS_DMASYNC_PREWRITE); 2502 sc->sc_stats.mst_rxbuf_failed++; 2503 return ENOMEM; 2504 } 2505 } 2506 /* 2507 * NB: DMA buffer contents is known to be unmodified 2508 * so there's no need to flush the data cache. 2509 */ 2510 2511 /* 2512 * Setup descriptor. 2513 */ 2514 ds->QosCtrl = 0; 2515 ds->RSSI = 0; 2516 ds->Status = EAGLE_RXD_STATUS_IDLE; 2517 ds->Channel = 0; 2518 ds->PktLen = htole16(MWL_AGGR_SIZE); 2519 ds->SQ2 = 0; 2520 ds->pPhysBuffData = htole32(MWL_JUMBO_DMA_ADDR(sc, bf->bf_data)); 2521 /* NB: don't touch pPhysNext, set once */ 2522 ds->RxControl = EAGLE_RXD_CTRL_DRIVER_OWN; 2523 MWL_RXDESC_SYNC(sc, ds, BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); 2524 2525 return 0; 2526 } 2527 2528 static void 2529 mwl_ext_free(struct mbuf *m) 2530 { 2531 struct mwl_softc *sc = m->m_ext.ext_arg1; 2532 2533 /* XXX bounds check data */ 2534 mwl_putrxdma(sc, m->m_ext.ext_buf); 2535 /* 2536 * If we were previously blocked by a lack of rx dma buffers 2537 * check if we now have enough to restart rx interrupt handling. 2538 * NB: we know we are called at splvm which is above splnet. 2539 */ 2540 if (sc->sc_rxblocked && sc->sc_nrxfree > mwl_rxdmalow) { 2541 sc->sc_rxblocked = 0; 2542 mwl_hal_intrset(sc->sc_mh, sc->sc_imask); 2543 } 2544 } 2545 2546 struct mwl_frame_bar { 2547 u_int8_t i_fc[2]; 2548 u_int8_t i_dur[2]; 2549 u_int8_t i_ra[IEEE80211_ADDR_LEN]; 2550 u_int8_t i_ta[IEEE80211_ADDR_LEN]; 2551 /* ctl, seq, FCS */ 2552 } __packed; 2553 2554 /* 2555 * Like ieee80211_anyhdrsize, but handles BAR frames 2556 * specially so the logic below to piece the 802.11 2557 * header together works. 2558 */ 2559 static __inline int 2560 mwl_anyhdrsize(const void *data) 2561 { 2562 const struct ieee80211_frame *wh = data; 2563 2564 if ((wh->i_fc[0]&IEEE80211_FC0_TYPE_MASK) == IEEE80211_FC0_TYPE_CTL) { 2565 switch (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) { 2566 case IEEE80211_FC0_SUBTYPE_CTS: 2567 case IEEE80211_FC0_SUBTYPE_ACK: 2568 return sizeof(struct ieee80211_frame_ack); 2569 case IEEE80211_FC0_SUBTYPE_BAR: 2570 return sizeof(struct mwl_frame_bar); 2571 } 2572 return sizeof(struct ieee80211_frame_min); 2573 } else 2574 return ieee80211_hdrsize(data); 2575 } 2576 2577 static void 2578 mwl_handlemicerror(struct ieee80211com *ic, const uint8_t *data) 2579 { 2580 const struct ieee80211_frame *wh; 2581 struct ieee80211_node *ni; 2582 2583 wh = (const struct ieee80211_frame *)(data + sizeof(uint16_t)); 2584 ni = ieee80211_find_rxnode(ic, (const struct ieee80211_frame_min *) wh); 2585 if (ni != NULL) { 2586 ieee80211_notify_michael_failure(ni->ni_vap, wh, 0); 2587 ieee80211_free_node(ni); 2588 } 2589 } 2590 2591 /* 2592 * Convert hardware signal strength to rssi. The value 2593 * provided by the device has the noise floor added in; 2594 * we need to compensate for this but we don't have that 2595 * so we use a fixed value. 2596 * 2597 * The offset of 8 is good for both 2.4 and 5GHz. The LNA 2598 * offset is already set as part of the initial gain. This 2599 * will give at least +/- 3dB for 2.4GHz and +/- 5dB for 5GHz. 2600 */ 2601 static __inline int 2602 cvtrssi(uint8_t ssi) 2603 { 2604 int rssi = (int) ssi + 8; 2605 /* XXX hack guess until we have a real noise floor */ 2606 rssi = 2*(87 - rssi); /* NB: .5 dBm units */ 2607 return (rssi < 0 ? 0 : rssi > 127 ? 127 : rssi); 2608 } 2609 2610 static void 2611 mwl_rx_proc(void *arg, int npending) 2612 { 2613 struct epoch_tracker et; 2614 struct mwl_softc *sc = arg; 2615 struct ieee80211com *ic = &sc->sc_ic; 2616 struct mwl_rxbuf *bf; 2617 struct mwl_rxdesc *ds; 2618 struct mbuf *m; 2619 struct ieee80211_qosframe *wh; 2620 struct ieee80211_node *ni; 2621 struct mwl_node *mn; 2622 int off, len, hdrlen, pktlen, rssi, ntodo; 2623 uint8_t *data, status; 2624 void *newdata; 2625 int16_t nf; 2626 2627 DPRINTF(sc, MWL_DEBUG_RX_PROC, "%s: pending %u rdptr 0x%x wrptr 0x%x\n", 2628 __func__, npending, RD4(sc, sc->sc_hwspecs.rxDescRead), 2629 RD4(sc, sc->sc_hwspecs.rxDescWrite)); 2630 nf = -96; /* XXX */ 2631 bf = sc->sc_rxnext; 2632 for (ntodo = mwl_rxquota; ntodo > 0; ntodo--) { 2633 if (bf == NULL) 2634 bf = STAILQ_FIRST(&sc->sc_rxbuf); 2635 ds = bf->bf_desc; 2636 data = bf->bf_data; 2637 if (data == NULL) { 2638 /* 2639 * If data allocation failed previously there 2640 * will be no buffer; try again to re-populate it. 2641 * Note the firmware will not advance to the next 2642 * descriptor with a dma buffer so we must mimic 2643 * this or we'll get out of sync. 2644 */ 2645 DPRINTF(sc, MWL_DEBUG_ANY, 2646 "%s: rx buf w/o dma memory\n", __func__); 2647 (void) mwl_rxbuf_init(sc, bf); 2648 sc->sc_stats.mst_rx_dmabufmissing++; 2649 break; 2650 } 2651 MWL_RXDESC_SYNC(sc, ds, 2652 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 2653 if (ds->RxControl != EAGLE_RXD_CTRL_DMA_OWN) 2654 break; 2655 #ifdef MWL_DEBUG 2656 if (sc->sc_debug & MWL_DEBUG_RECV_DESC) 2657 mwl_printrxbuf(bf, 0); 2658 #endif 2659 status = ds->Status; 2660 if (status & EAGLE_RXD_STATUS_DECRYPT_ERR_MASK) { 2661 counter_u64_add(ic->ic_ierrors, 1); 2662 sc->sc_stats.mst_rx_crypto++; 2663 /* 2664 * NB: Check EAGLE_RXD_STATUS_GENERAL_DECRYPT_ERR 2665 * for backwards compatibility. 2666 */ 2667 if (status != EAGLE_RXD_STATUS_GENERAL_DECRYPT_ERR && 2668 (status & EAGLE_RXD_STATUS_TKIP_MIC_DECRYPT_ERR)) { 2669 /* 2670 * MIC error, notify upper layers. 2671 */ 2672 bus_dmamap_sync(sc->sc_rxdmat, sc->sc_rxmap, 2673 BUS_DMASYNC_POSTREAD); 2674 mwl_handlemicerror(ic, data); 2675 sc->sc_stats.mst_rx_tkipmic++; 2676 } 2677 /* XXX too painful to tap packets */ 2678 goto rx_next; 2679 } 2680 /* 2681 * Sync the data buffer. 2682 */ 2683 len = le16toh(ds->PktLen); 2684 bus_dmamap_sync(sc->sc_rxdmat, sc->sc_rxmap, BUS_DMASYNC_POSTREAD); 2685 /* 2686 * The 802.11 header is provided all or in part at the front; 2687 * use it to calculate the true size of the header that we'll 2688 * construct below. We use this to figure out where to copy 2689 * payload prior to constructing the header. 2690 */ 2691 hdrlen = mwl_anyhdrsize(data + sizeof(uint16_t)); 2692 off = sizeof(uint16_t) + sizeof(struct ieee80211_frame_addr4); 2693 2694 /* calculate rssi early so we can re-use for each aggregate */ 2695 rssi = cvtrssi(ds->RSSI); 2696 2697 pktlen = hdrlen + (len - off); 2698 /* 2699 * NB: we know our frame is at least as large as 2700 * IEEE80211_MIN_LEN because there is a 4-address 2701 * frame at the front. Hence there's no need to 2702 * vet the packet length. If the frame in fact 2703 * is too small it should be discarded at the 2704 * net80211 layer. 2705 */ 2706 2707 /* 2708 * Attach dma buffer to an mbuf. We tried 2709 * doing this based on the packet size (i.e. 2710 * copying small packets) but it turns out to 2711 * be a net loss. The tradeoff might be system 2712 * dependent (cache architecture is important). 2713 */ 2714 MGETHDR(m, M_NOWAIT, MT_DATA); 2715 if (m == NULL) { 2716 DPRINTF(sc, MWL_DEBUG_ANY, 2717 "%s: no rx mbuf\n", __func__); 2718 sc->sc_stats.mst_rx_nombuf++; 2719 goto rx_next; 2720 } 2721 /* 2722 * Acquire the replacement dma buffer before 2723 * processing the frame. If we're out of dma 2724 * buffers we disable rx interrupts and wait 2725 * for the free pool to reach mlw_rxdmalow buffers 2726 * before starting to do work again. If the firmware 2727 * runs out of descriptors then it will toss frames 2728 * which is better than our doing it as that can 2729 * starve our processing. It is also important that 2730 * we always process rx'd frames in case they are 2731 * A-MPDU as otherwise the host's view of the BA 2732 * window may get out of sync with the firmware. 2733 */ 2734 newdata = mwl_getrxdma(sc); 2735 if (newdata == NULL) { 2736 /* NB: stat+msg in mwl_getrxdma */ 2737 m_free(m); 2738 /* disable RX interrupt and mark state */ 2739 mwl_hal_intrset(sc->sc_mh, 2740 sc->sc_imask &~ MACREG_A2HRIC_BIT_RX_RDY); 2741 sc->sc_rxblocked = 1; 2742 ieee80211_drain(ic); 2743 /* XXX check rxblocked and immediately start again? */ 2744 goto rx_stop; 2745 } 2746 bf->bf_data = newdata; 2747 /* 2748 * Attach the dma buffer to the mbuf; 2749 * mwl_rxbuf_init will re-setup the rx 2750 * descriptor using the replacement dma 2751 * buffer we just installed above. 2752 */ 2753 m_extadd(m, data, MWL_AGGR_SIZE, mwl_ext_free, sc, NULL, 0, 2754 EXT_NET_DRV); 2755 m->m_data += off - hdrlen; 2756 m->m_pkthdr.len = m->m_len = pktlen; 2757 /* NB: dma buffer assumed read-only */ 2758 2759 /* 2760 * Piece 802.11 header together. 2761 */ 2762 wh = mtod(m, struct ieee80211_qosframe *); 2763 /* NB: don't need to do this sometimes but ... */ 2764 /* XXX special case so we can memcpy after m_devget? */ 2765 ovbcopy(data + sizeof(uint16_t), wh, hdrlen); 2766 if (IEEE80211_QOS_HAS_SEQ(wh)) 2767 *(uint16_t *)ieee80211_getqos(wh) = ds->QosCtrl; 2768 /* 2769 * The f/w strips WEP header but doesn't clear 2770 * the WEP bit; mark the packet with M_WEP so 2771 * net80211 will treat the data as decrypted. 2772 * While here also clear the PWR_MGT bit since 2773 * power save is handled by the firmware and 2774 * passing this up will potentially cause the 2775 * upper layer to put a station in power save 2776 * (except when configured with MWL_HOST_PS_SUPPORT). 2777 */ 2778 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) 2779 m->m_flags |= M_WEP; 2780 #ifdef MWL_HOST_PS_SUPPORT 2781 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2782 #else 2783 wh->i_fc[1] &= ~(IEEE80211_FC1_PROTECTED | 2784 IEEE80211_FC1_PWR_MGT); 2785 #endif 2786 2787 if (ieee80211_radiotap_active(ic)) { 2788 struct mwl_rx_radiotap_header *tap = &sc->sc_rx_th; 2789 2790 tap->wr_flags = 0; 2791 tap->wr_rate = ds->Rate; 2792 tap->wr_antsignal = rssi + nf; 2793 tap->wr_antnoise = nf; 2794 } 2795 if (IFF_DUMPPKTS_RECV(sc, wh)) { 2796 ieee80211_dump_pkt(ic, mtod(m, caddr_t), 2797 len, ds->Rate, rssi); 2798 } 2799 /* dispatch */ 2800 ni = ieee80211_find_rxnode(ic, 2801 (const struct ieee80211_frame_min *) wh); 2802 2803 NET_EPOCH_ENTER(et); 2804 if (ni != NULL) { 2805 mn = MWL_NODE(ni); 2806 #ifdef MWL_ANT_INFO_SUPPORT 2807 mn->mn_ai.rssi_a = ds->ai.rssi_a; 2808 mn->mn_ai.rssi_b = ds->ai.rssi_b; 2809 mn->mn_ai.rssi_c = ds->ai.rssi_c; 2810 mn->mn_ai.rsvd1 = rssi; 2811 #endif 2812 /* tag AMPDU aggregates for reorder processing */ 2813 if (ni->ni_flags & IEEE80211_NODE_HT) 2814 m->m_flags |= M_AMPDU; 2815 (void) ieee80211_input(ni, m, rssi, nf); 2816 ieee80211_free_node(ni); 2817 } else 2818 (void) ieee80211_input_all(ic, m, rssi, nf); 2819 NET_EPOCH_EXIT(et); 2820 rx_next: 2821 /* NB: ignore ENOMEM so we process more descriptors */ 2822 (void) mwl_rxbuf_init(sc, bf); 2823 bf = STAILQ_NEXT(bf, bf_list); 2824 } 2825 rx_stop: 2826 sc->sc_rxnext = bf; 2827 2828 if (mbufq_first(&sc->sc_snd) != NULL) { 2829 /* NB: kick fw; the tx thread may have been preempted */ 2830 mwl_hal_txstart(sc->sc_mh, 0); 2831 mwl_start(sc); 2832 } 2833 } 2834 2835 static void 2836 mwl_txq_init(struct mwl_softc *sc, struct mwl_txq *txq, int qnum) 2837 { 2838 struct mwl_txbuf *bf, *bn; 2839 struct mwl_txdesc *ds; 2840 2841 MWL_TXQ_LOCK_INIT(sc, txq); 2842 txq->qnum = qnum; 2843 txq->txpri = 0; /* XXX */ 2844 #if 0 2845 /* NB: q setup by mwl_txdma_setup XXX */ 2846 STAILQ_INIT(&txq->free); 2847 #endif 2848 STAILQ_FOREACH(bf, &txq->free, bf_list) { 2849 bf->bf_txq = txq; 2850 2851 ds = bf->bf_desc; 2852 bn = STAILQ_NEXT(bf, bf_list); 2853 if (bn == NULL) 2854 bn = STAILQ_FIRST(&txq->free); 2855 ds->pPhysNext = htole32(bn->bf_daddr); 2856 } 2857 STAILQ_INIT(&txq->active); 2858 } 2859 2860 /* 2861 * Setup a hardware data transmit queue for the specified 2862 * access control. We record the mapping from ac's 2863 * to h/w queues for use by mwl_tx_start. 2864 */ 2865 static int 2866 mwl_tx_setup(struct mwl_softc *sc, int ac, int mvtype) 2867 { 2868 struct mwl_txq *txq; 2869 2870 if (ac >= nitems(sc->sc_ac2q)) { 2871 device_printf(sc->sc_dev, "AC %u out of range, max %zu!\n", 2872 ac, nitems(sc->sc_ac2q)); 2873 return 0; 2874 } 2875 if (mvtype >= MWL_NUM_TX_QUEUES) { 2876 device_printf(sc->sc_dev, "mvtype %u out of range, max %u!\n", 2877 mvtype, MWL_NUM_TX_QUEUES); 2878 return 0; 2879 } 2880 txq = &sc->sc_txq[mvtype]; 2881 mwl_txq_init(sc, txq, mvtype); 2882 sc->sc_ac2q[ac] = txq; 2883 return 1; 2884 } 2885 2886 /* 2887 * Update WME parameters for a transmit queue. 2888 */ 2889 static int 2890 mwl_txq_update(struct mwl_softc *sc, int ac) 2891 { 2892 #define MWL_EXPONENT_TO_VALUE(v) ((1<<v)-1) 2893 struct ieee80211com *ic = &sc->sc_ic; 2894 struct chanAccParams chp; 2895 struct mwl_txq *txq = sc->sc_ac2q[ac]; 2896 struct wmeParams *wmep; 2897 struct mwl_hal *mh = sc->sc_mh; 2898 int aifs, cwmin, cwmax, txoplim; 2899 2900 ieee80211_wme_ic_getparams(ic, &chp); 2901 wmep = &chp.cap_wmeParams[ac]; 2902 2903 aifs = wmep->wmep_aifsn; 2904 /* XXX in sta mode need to pass log values for cwmin/max */ 2905 cwmin = MWL_EXPONENT_TO_VALUE(wmep->wmep_logcwmin); 2906 cwmax = MWL_EXPONENT_TO_VALUE(wmep->wmep_logcwmax); 2907 txoplim = wmep->wmep_txopLimit; /* NB: units of 32us */ 2908 2909 if (mwl_hal_setedcaparams(mh, txq->qnum, cwmin, cwmax, aifs, txoplim)) { 2910 device_printf(sc->sc_dev, "unable to update hardware queue " 2911 "parameters for %s traffic!\n", 2912 ieee80211_wme_acnames[ac]); 2913 return 0; 2914 } 2915 return 1; 2916 #undef MWL_EXPONENT_TO_VALUE 2917 } 2918 2919 /* 2920 * Callback from the 802.11 layer to update WME parameters. 2921 */ 2922 static int 2923 mwl_wme_update(struct ieee80211com *ic) 2924 { 2925 struct mwl_softc *sc = ic->ic_softc; 2926 2927 return !mwl_txq_update(sc, WME_AC_BE) || 2928 !mwl_txq_update(sc, WME_AC_BK) || 2929 !mwl_txq_update(sc, WME_AC_VI) || 2930 !mwl_txq_update(sc, WME_AC_VO) ? EIO : 0; 2931 } 2932 2933 /* 2934 * Reclaim resources for a setup queue. 2935 */ 2936 static void 2937 mwl_tx_cleanupq(struct mwl_softc *sc, struct mwl_txq *txq) 2938 { 2939 /* XXX hal work? */ 2940 MWL_TXQ_LOCK_DESTROY(txq); 2941 } 2942 2943 /* 2944 * Reclaim all tx queue resources. 2945 */ 2946 static void 2947 mwl_tx_cleanup(struct mwl_softc *sc) 2948 { 2949 int i; 2950 2951 for (i = 0; i < MWL_NUM_TX_QUEUES; i++) 2952 mwl_tx_cleanupq(sc, &sc->sc_txq[i]); 2953 } 2954 2955 static int 2956 mwl_tx_dmasetup(struct mwl_softc *sc, struct mwl_txbuf *bf, struct mbuf *m0) 2957 { 2958 struct mbuf *m; 2959 int error; 2960 2961 /* 2962 * Load the DMA map so any coalescing is done. This 2963 * also calculates the number of descriptors we need. 2964 */ 2965 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 2966 bf->bf_segs, &bf->bf_nseg, 2967 BUS_DMA_NOWAIT); 2968 if (error == EFBIG) { 2969 /* XXX packet requires too many descriptors */ 2970 bf->bf_nseg = MWL_TXDESC+1; 2971 } else if (error != 0) { 2972 sc->sc_stats.mst_tx_busdma++; 2973 m_freem(m0); 2974 return error; 2975 } 2976 /* 2977 * Discard null packets and check for packets that 2978 * require too many TX descriptors. We try to convert 2979 * the latter to a cluster. 2980 */ 2981 if (error == EFBIG) { /* too many desc's, linearize */ 2982 sc->sc_stats.mst_tx_linear++; 2983 #if MWL_TXDESC > 1 2984 m = m_collapse(m0, M_NOWAIT, MWL_TXDESC); 2985 #else 2986 m = m_defrag(m0, M_NOWAIT); 2987 #endif 2988 if (m == NULL) { 2989 m_freem(m0); 2990 sc->sc_stats.mst_tx_nombuf++; 2991 return ENOMEM; 2992 } 2993 m0 = m; 2994 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 2995 bf->bf_segs, &bf->bf_nseg, 2996 BUS_DMA_NOWAIT); 2997 if (error != 0) { 2998 sc->sc_stats.mst_tx_busdma++; 2999 m_freem(m0); 3000 return error; 3001 } 3002 KASSERT(bf->bf_nseg <= MWL_TXDESC, 3003 ("too many segments after defrag; nseg %u", bf->bf_nseg)); 3004 } else if (bf->bf_nseg == 0) { /* null packet, discard */ 3005 sc->sc_stats.mst_tx_nodata++; 3006 m_freem(m0); 3007 return EIO; 3008 } 3009 DPRINTF(sc, MWL_DEBUG_XMIT, "%s: m %p len %u\n", 3010 __func__, m0, m0->m_pkthdr.len); 3011 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, BUS_DMASYNC_PREWRITE); 3012 bf->bf_m = m0; 3013 3014 return 0; 3015 } 3016 3017 static __inline int 3018 mwl_cvtlegacyrate(int rate) 3019 { 3020 switch (rate) { 3021 case 2: return 0; 3022 case 4: return 1; 3023 case 11: return 2; 3024 case 22: return 3; 3025 case 44: return 4; 3026 case 12: return 5; 3027 case 18: return 6; 3028 case 24: return 7; 3029 case 36: return 8; 3030 case 48: return 9; 3031 case 72: return 10; 3032 case 96: return 11; 3033 case 108:return 12; 3034 } 3035 return 0; 3036 } 3037 3038 /* 3039 * Calculate fixed tx rate information per client state; 3040 * this value is suitable for writing to the Format field 3041 * of a tx descriptor. 3042 */ 3043 static uint16_t 3044 mwl_calcformat(uint8_t rate, const struct ieee80211_node *ni) 3045 { 3046 uint16_t fmt; 3047 3048 fmt = SM(3, EAGLE_TXD_ANTENNA) 3049 | (IEEE80211_IS_CHAN_HT40D(ni->ni_chan) ? 3050 EAGLE_TXD_EXTCHAN_LO : EAGLE_TXD_EXTCHAN_HI); 3051 if (rate & IEEE80211_RATE_MCS) { /* HT MCS */ 3052 fmt |= EAGLE_TXD_FORMAT_HT 3053 /* NB: 0x80 implicitly stripped from ucastrate */ 3054 | SM(rate, EAGLE_TXD_RATE); 3055 /* XXX short/long GI may be wrong; re-check */ 3056 if (IEEE80211_IS_CHAN_HT40(ni->ni_chan)) { 3057 fmt |= EAGLE_TXD_CHW_40 3058 | (ni->ni_htcap & IEEE80211_HTCAP_SHORTGI40 ? 3059 EAGLE_TXD_GI_SHORT : EAGLE_TXD_GI_LONG); 3060 } else { 3061 fmt |= EAGLE_TXD_CHW_20 3062 | (ni->ni_htcap & IEEE80211_HTCAP_SHORTGI20 ? 3063 EAGLE_TXD_GI_SHORT : EAGLE_TXD_GI_LONG); 3064 } 3065 } else { /* legacy rate */ 3066 fmt |= EAGLE_TXD_FORMAT_LEGACY 3067 | SM(mwl_cvtlegacyrate(rate), EAGLE_TXD_RATE) 3068 | EAGLE_TXD_CHW_20 3069 /* XXX iv_flags & IEEE80211_F_SHPREAMBLE? */ 3070 | (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE ? 3071 EAGLE_TXD_PREAMBLE_SHORT : EAGLE_TXD_PREAMBLE_LONG); 3072 } 3073 return fmt; 3074 } 3075 3076 static int 3077 mwl_tx_start(struct mwl_softc *sc, struct ieee80211_node *ni, struct mwl_txbuf *bf, 3078 struct mbuf *m0) 3079 { 3080 struct ieee80211com *ic = &sc->sc_ic; 3081 struct ieee80211vap *vap = ni->ni_vap; 3082 int error, iswep, ismcast; 3083 int hdrlen, copyhdrlen, pktlen; 3084 struct mwl_txdesc *ds; 3085 struct mwl_txq *txq; 3086 struct ieee80211_frame *wh; 3087 struct mwltxrec *tr; 3088 struct mwl_node *mn; 3089 uint16_t qos; 3090 #if MWL_TXDESC > 1 3091 int i; 3092 #endif 3093 3094 wh = mtod(m0, struct ieee80211_frame *); 3095 iswep = wh->i_fc[1] & IEEE80211_FC1_PROTECTED; 3096 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 3097 hdrlen = ieee80211_anyhdrsize(wh); 3098 copyhdrlen = hdrlen; 3099 pktlen = m0->m_pkthdr.len; 3100 if (IEEE80211_QOS_HAS_SEQ(wh)) { 3101 qos = *(uint16_t *)ieee80211_getqos(wh); 3102 if (IEEE80211_IS_DSTODS(wh)) 3103 copyhdrlen -= sizeof(qos); 3104 } else 3105 qos = 0; 3106 3107 if (iswep) { 3108 const struct ieee80211_cipher *cip; 3109 struct ieee80211_key *k; 3110 3111 /* 3112 * Construct the 802.11 header+trailer for an encrypted 3113 * frame. The only reason this can fail is because of an 3114 * unknown or unsupported cipher/key type. 3115 * 3116 * NB: we do this even though the firmware will ignore 3117 * what we've done for WEP and TKIP as we need the 3118 * ExtIV filled in for CCMP and this also adjusts 3119 * the headers which simplifies our work below. 3120 */ 3121 k = ieee80211_crypto_encap(ni, m0); 3122 if (k == NULL) { 3123 /* 3124 * This can happen when the key is yanked after the 3125 * frame was queued. Just discard the frame; the 3126 * 802.11 layer counts failures and provides 3127 * debugging/diagnostics. 3128 */ 3129 m_freem(m0); 3130 return EIO; 3131 } 3132 /* 3133 * Adjust the packet length for the crypto additions 3134 * done during encap and any other bits that the f/w 3135 * will add later on. 3136 */ 3137 cip = k->wk_cipher; 3138 pktlen += cip->ic_header + cip->ic_miclen + cip->ic_trailer; 3139 3140 /* packet header may have moved, reset our local pointer */ 3141 wh = mtod(m0, struct ieee80211_frame *); 3142 } 3143 3144 if (ieee80211_radiotap_active_vap(vap)) { 3145 sc->sc_tx_th.wt_flags = 0; /* XXX */ 3146 if (iswep) 3147 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 3148 #if 0 3149 sc->sc_tx_th.wt_rate = ds->DataRate; 3150 #endif 3151 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 3152 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 3153 3154 ieee80211_radiotap_tx(vap, m0); 3155 } 3156 /* 3157 * Copy up/down the 802.11 header; the firmware requires 3158 * we present a 2-byte payload length followed by a 3159 * 4-address header (w/o QoS), followed (optionally) by 3160 * any WEP/ExtIV header (but only filled in for CCMP). 3161 * We are assured the mbuf has sufficient headroom to 3162 * prepend in-place by the setup of ic_headroom in 3163 * mwl_attach. 3164 */ 3165 if (hdrlen < sizeof(struct mwltxrec)) { 3166 const int space = sizeof(struct mwltxrec) - hdrlen; 3167 if (M_LEADINGSPACE(m0) < space) { 3168 /* NB: should never happen */ 3169 device_printf(sc->sc_dev, 3170 "not enough headroom, need %d found %zd, " 3171 "m_flags 0x%x m_len %d\n", 3172 space, M_LEADINGSPACE(m0), m0->m_flags, m0->m_len); 3173 ieee80211_dump_pkt(ic, 3174 mtod(m0, const uint8_t *), m0->m_len, 0, -1); 3175 m_freem(m0); 3176 sc->sc_stats.mst_tx_noheadroom++; 3177 return EIO; 3178 } 3179 M_PREPEND(m0, space, M_NOWAIT); 3180 } 3181 tr = mtod(m0, struct mwltxrec *); 3182 if (wh != (struct ieee80211_frame *) &tr->wh) 3183 ovbcopy(wh, &tr->wh, hdrlen); 3184 /* 3185 * Note: the "firmware length" is actually the length 3186 * of the fully formed "802.11 payload". That is, it's 3187 * everything except for the 802.11 header. In particular 3188 * this includes all crypto material including the MIC! 3189 */ 3190 tr->fwlen = htole16(pktlen - hdrlen); 3191 3192 /* 3193 * Load the DMA map so any coalescing is done. This 3194 * also calculates the number of descriptors we need. 3195 */ 3196 error = mwl_tx_dmasetup(sc, bf, m0); 3197 if (error != 0) { 3198 /* NB: stat collected in mwl_tx_dmasetup */ 3199 DPRINTF(sc, MWL_DEBUG_XMIT, 3200 "%s: unable to setup dma\n", __func__); 3201 return error; 3202 } 3203 bf->bf_node = ni; /* NB: held reference */ 3204 m0 = bf->bf_m; /* NB: may have changed */ 3205 tr = mtod(m0, struct mwltxrec *); 3206 wh = (struct ieee80211_frame *)&tr->wh; 3207 3208 /* 3209 * Formulate tx descriptor. 3210 */ 3211 ds = bf->bf_desc; 3212 txq = bf->bf_txq; 3213 3214 ds->QosCtrl = qos; /* NB: already little-endian */ 3215 #if MWL_TXDESC == 1 3216 /* 3217 * NB: multiframes should be zero because the descriptors 3218 * are initialized to zero. This should handle the case 3219 * where the driver is built with MWL_TXDESC=1 but we are 3220 * using firmware with multi-segment support. 3221 */ 3222 ds->PktPtr = htole32(bf->bf_segs[0].ds_addr); 3223 ds->PktLen = htole16(bf->bf_segs[0].ds_len); 3224 #else 3225 ds->multiframes = htole32(bf->bf_nseg); 3226 ds->PktLen = htole16(m0->m_pkthdr.len); 3227 for (i = 0; i < bf->bf_nseg; i++) { 3228 ds->PktPtrArray[i] = htole32(bf->bf_segs[i].ds_addr); 3229 ds->PktLenArray[i] = htole16(bf->bf_segs[i].ds_len); 3230 } 3231 #endif 3232 /* NB: pPhysNext, DataRate, and SapPktInfo setup once, don't touch */ 3233 ds->Format = 0; 3234 ds->pad = 0; 3235 ds->ack_wcb_addr = 0; 3236 3237 mn = MWL_NODE(ni); 3238 /* 3239 * Select transmit rate. 3240 */ 3241 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 3242 case IEEE80211_FC0_TYPE_MGT: 3243 sc->sc_stats.mst_tx_mgmt++; 3244 /* fall thru... */ 3245 case IEEE80211_FC0_TYPE_CTL: 3246 /* NB: assign to BE q to avoid bursting */ 3247 ds->TxPriority = MWL_WME_AC_BE; 3248 break; 3249 case IEEE80211_FC0_TYPE_DATA: 3250 if (!ismcast) { 3251 const struct ieee80211_txparam *tp = ni->ni_txparms; 3252 /* 3253 * EAPOL frames get forced to a fixed rate and w/o 3254 * aggregation; otherwise check for any fixed rate 3255 * for the client (may depend on association state). 3256 */ 3257 if (m0->m_flags & M_EAPOL) { 3258 const struct mwl_vap *mvp = MWL_VAP_CONST(vap); 3259 ds->Format = mvp->mv_eapolformat; 3260 ds->pad = htole16( 3261 EAGLE_TXD_FIXED_RATE | EAGLE_TXD_DONT_AGGR); 3262 } else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 3263 /* XXX pre-calculate per node */ 3264 ds->Format = htole16( 3265 mwl_calcformat(tp->ucastrate, ni)); 3266 ds->pad = htole16(EAGLE_TXD_FIXED_RATE); 3267 } 3268 /* NB: EAPOL frames will never have qos set */ 3269 if (qos == 0) 3270 ds->TxPriority = txq->qnum; 3271 #if MWL_MAXBA > 3 3272 else if (mwl_bastream_match(&mn->mn_ba[3], qos)) 3273 ds->TxPriority = mn->mn_ba[3].txq; 3274 #endif 3275 #if MWL_MAXBA > 2 3276 else if (mwl_bastream_match(&mn->mn_ba[2], qos)) 3277 ds->TxPriority = mn->mn_ba[2].txq; 3278 #endif 3279 #if MWL_MAXBA > 1 3280 else if (mwl_bastream_match(&mn->mn_ba[1], qos)) 3281 ds->TxPriority = mn->mn_ba[1].txq; 3282 #endif 3283 #if MWL_MAXBA > 0 3284 else if (mwl_bastream_match(&mn->mn_ba[0], qos)) 3285 ds->TxPriority = mn->mn_ba[0].txq; 3286 #endif 3287 else 3288 ds->TxPriority = txq->qnum; 3289 } else 3290 ds->TxPriority = txq->qnum; 3291 break; 3292 default: 3293 device_printf(sc->sc_dev, "bogus frame type 0x%x (%s)\n", 3294 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__); 3295 sc->sc_stats.mst_tx_badframetype++; 3296 m_freem(m0); 3297 return EIO; 3298 } 3299 3300 if (IFF_DUMPPKTS_XMIT(sc)) 3301 ieee80211_dump_pkt(ic, 3302 mtod(m0, const uint8_t *)+sizeof(uint16_t), 3303 m0->m_len - sizeof(uint16_t), ds->DataRate, -1); 3304 3305 MWL_TXQ_LOCK(txq); 3306 ds->Status = htole32(EAGLE_TXD_STATUS_FW_OWNED); 3307 STAILQ_INSERT_TAIL(&txq->active, bf, bf_list); 3308 MWL_TXDESC_SYNC(txq, ds, BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); 3309 3310 sc->sc_tx_timer = 5; 3311 MWL_TXQ_UNLOCK(txq); 3312 3313 return 0; 3314 } 3315 3316 static __inline int 3317 mwl_cvtlegacyrix(int rix) 3318 { 3319 static const int ieeerates[] = 3320 { 2, 4, 11, 22, 44, 12, 18, 24, 36, 48, 72, 96, 108 }; 3321 return (rix < nitems(ieeerates) ? ieeerates[rix] : 0); 3322 } 3323 3324 /* 3325 * Process completed xmit descriptors from the specified queue. 3326 */ 3327 static int 3328 mwl_tx_processq(struct mwl_softc *sc, struct mwl_txq *txq) 3329 { 3330 #define EAGLE_TXD_STATUS_MCAST \ 3331 (EAGLE_TXD_STATUS_MULTICAST_TX | EAGLE_TXD_STATUS_BROADCAST_TX) 3332 struct ieee80211com *ic = &sc->sc_ic; 3333 struct mwl_txbuf *bf; 3334 struct mwl_txdesc *ds; 3335 struct ieee80211_node *ni; 3336 struct mwl_node *an; 3337 int nreaped; 3338 uint32_t status; 3339 3340 DPRINTF(sc, MWL_DEBUG_TX_PROC, "%s: tx queue %u\n", __func__, txq->qnum); 3341 for (nreaped = 0;; nreaped++) { 3342 MWL_TXQ_LOCK(txq); 3343 bf = STAILQ_FIRST(&txq->active); 3344 if (bf == NULL) { 3345 MWL_TXQ_UNLOCK(txq); 3346 break; 3347 } 3348 ds = bf->bf_desc; 3349 MWL_TXDESC_SYNC(txq, ds, 3350 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 3351 if (ds->Status & htole32(EAGLE_TXD_STATUS_FW_OWNED)) { 3352 MWL_TXQ_UNLOCK(txq); 3353 break; 3354 } 3355 STAILQ_REMOVE_HEAD(&txq->active, bf_list); 3356 MWL_TXQ_UNLOCK(txq); 3357 3358 #ifdef MWL_DEBUG 3359 if (sc->sc_debug & MWL_DEBUG_XMIT_DESC) 3360 mwl_printtxbuf(bf, txq->qnum, nreaped); 3361 #endif 3362 ni = bf->bf_node; 3363 if (ni != NULL) { 3364 an = MWL_NODE(ni); 3365 status = le32toh(ds->Status); 3366 if (status & EAGLE_TXD_STATUS_OK) { 3367 uint16_t Format = le16toh(ds->Format); 3368 uint8_t txant = MS(Format, EAGLE_TXD_ANTENNA); 3369 3370 sc->sc_stats.mst_ant_tx[txant]++; 3371 if (status & EAGLE_TXD_STATUS_OK_RETRY) 3372 sc->sc_stats.mst_tx_retries++; 3373 if (status & EAGLE_TXD_STATUS_OK_MORE_RETRY) 3374 sc->sc_stats.mst_tx_mretries++; 3375 if (txq->qnum >= MWL_WME_AC_VO) 3376 ic->ic_wme.wme_hipri_traffic++; 3377 ni->ni_txrate = MS(Format, EAGLE_TXD_RATE); 3378 if ((Format & EAGLE_TXD_FORMAT_HT) == 0) { 3379 ni->ni_txrate = mwl_cvtlegacyrix( 3380 ni->ni_txrate); 3381 } else 3382 ni->ni_txrate |= IEEE80211_RATE_MCS; 3383 sc->sc_stats.mst_tx_rate = ni->ni_txrate; 3384 } else { 3385 if (status & EAGLE_TXD_STATUS_FAILED_LINK_ERROR) 3386 sc->sc_stats.mst_tx_linkerror++; 3387 if (status & EAGLE_TXD_STATUS_FAILED_XRETRY) 3388 sc->sc_stats.mst_tx_xretries++; 3389 if (status & EAGLE_TXD_STATUS_FAILED_AGING) 3390 sc->sc_stats.mst_tx_aging++; 3391 if (bf->bf_m->m_flags & M_FF) 3392 sc->sc_stats.mst_ff_txerr++; 3393 } 3394 if (bf->bf_m->m_flags & M_TXCB) 3395 /* XXX strip fw len in case header inspected */ 3396 m_adj(bf->bf_m, sizeof(uint16_t)); 3397 ieee80211_tx_complete(ni, bf->bf_m, 3398 (status & EAGLE_TXD_STATUS_OK) == 0); 3399 } else 3400 m_freem(bf->bf_m); 3401 ds->Status = htole32(EAGLE_TXD_STATUS_IDLE); 3402 3403 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, 3404 BUS_DMASYNC_POSTWRITE); 3405 bus_dmamap_unload(sc->sc_dmat, bf->bf_dmamap); 3406 3407 mwl_puttxbuf_tail(txq, bf); 3408 } 3409 return nreaped; 3410 #undef EAGLE_TXD_STATUS_MCAST 3411 } 3412 3413 /* 3414 * Deferred processing of transmit interrupt; special-cased 3415 * for four hardware queues, 0-3. 3416 */ 3417 static void 3418 mwl_tx_proc(void *arg, int npending) 3419 { 3420 struct mwl_softc *sc = arg; 3421 int nreaped; 3422 3423 /* 3424 * Process each active queue. 3425 */ 3426 nreaped = 0; 3427 if (!STAILQ_EMPTY(&sc->sc_txq[0].active)) 3428 nreaped += mwl_tx_processq(sc, &sc->sc_txq[0]); 3429 if (!STAILQ_EMPTY(&sc->sc_txq[1].active)) 3430 nreaped += mwl_tx_processq(sc, &sc->sc_txq[1]); 3431 if (!STAILQ_EMPTY(&sc->sc_txq[2].active)) 3432 nreaped += mwl_tx_processq(sc, &sc->sc_txq[2]); 3433 if (!STAILQ_EMPTY(&sc->sc_txq[3].active)) 3434 nreaped += mwl_tx_processq(sc, &sc->sc_txq[3]); 3435 3436 if (nreaped != 0) { 3437 sc->sc_tx_timer = 0; 3438 if (mbufq_first(&sc->sc_snd) != NULL) { 3439 /* NB: kick fw; the tx thread may have been preempted */ 3440 mwl_hal_txstart(sc->sc_mh, 0); 3441 mwl_start(sc); 3442 } 3443 } 3444 } 3445 3446 static void 3447 mwl_tx_draintxq(struct mwl_softc *sc, struct mwl_txq *txq) 3448 { 3449 struct ieee80211_node *ni; 3450 struct mwl_txbuf *bf; 3451 u_int ix; 3452 3453 /* 3454 * NB: this assumes output has been stopped and 3455 * we do not need to block mwl_tx_tasklet 3456 */ 3457 for (ix = 0;; ix++) { 3458 MWL_TXQ_LOCK(txq); 3459 bf = STAILQ_FIRST(&txq->active); 3460 if (bf == NULL) { 3461 MWL_TXQ_UNLOCK(txq); 3462 break; 3463 } 3464 STAILQ_REMOVE_HEAD(&txq->active, bf_list); 3465 MWL_TXQ_UNLOCK(txq); 3466 #ifdef MWL_DEBUG 3467 if (sc->sc_debug & MWL_DEBUG_RESET) { 3468 struct ieee80211com *ic = &sc->sc_ic; 3469 const struct mwltxrec *tr = 3470 mtod(bf->bf_m, const struct mwltxrec *); 3471 mwl_printtxbuf(bf, txq->qnum, ix); 3472 ieee80211_dump_pkt(ic, (const uint8_t *)&tr->wh, 3473 bf->bf_m->m_len - sizeof(tr->fwlen), 0, -1); 3474 } 3475 #endif /* MWL_DEBUG */ 3476 bus_dmamap_unload(sc->sc_dmat, bf->bf_dmamap); 3477 ni = bf->bf_node; 3478 if (ni != NULL) { 3479 /* 3480 * Reclaim node reference. 3481 */ 3482 ieee80211_free_node(ni); 3483 } 3484 m_freem(bf->bf_m); 3485 3486 mwl_puttxbuf_tail(txq, bf); 3487 } 3488 } 3489 3490 /* 3491 * Drain the transmit queues and reclaim resources. 3492 */ 3493 static void 3494 mwl_draintxq(struct mwl_softc *sc) 3495 { 3496 int i; 3497 3498 for (i = 0; i < MWL_NUM_TX_QUEUES; i++) 3499 mwl_tx_draintxq(sc, &sc->sc_txq[i]); 3500 sc->sc_tx_timer = 0; 3501 } 3502 3503 #ifdef MWL_DIAGAPI 3504 /* 3505 * Reset the transmit queues to a pristine state after a fw download. 3506 */ 3507 static void 3508 mwl_resettxq(struct mwl_softc *sc) 3509 { 3510 int i; 3511 3512 for (i = 0; i < MWL_NUM_TX_QUEUES; i++) 3513 mwl_txq_reset(sc, &sc->sc_txq[i]); 3514 } 3515 #endif /* MWL_DIAGAPI */ 3516 3517 /* 3518 * Clear the transmit queues of any frames submitted for the 3519 * specified vap. This is done when the vap is deleted so we 3520 * don't potentially reference the vap after it is gone. 3521 * Note we cannot remove the frames; we only reclaim the node 3522 * reference. 3523 */ 3524 static void 3525 mwl_cleartxq(struct mwl_softc *sc, struct ieee80211vap *vap) 3526 { 3527 struct mwl_txq *txq; 3528 struct mwl_txbuf *bf; 3529 int i; 3530 3531 for (i = 0; i < MWL_NUM_TX_QUEUES; i++) { 3532 txq = &sc->sc_txq[i]; 3533 MWL_TXQ_LOCK(txq); 3534 STAILQ_FOREACH(bf, &txq->active, bf_list) { 3535 struct ieee80211_node *ni = bf->bf_node; 3536 if (ni != NULL && ni->ni_vap == vap) { 3537 bf->bf_node = NULL; 3538 ieee80211_free_node(ni); 3539 } 3540 } 3541 MWL_TXQ_UNLOCK(txq); 3542 } 3543 } 3544 3545 static int 3546 mwl_recv_action(struct ieee80211_node *ni, const struct ieee80211_frame *wh, 3547 const uint8_t *frm, const uint8_t *efrm) 3548 { 3549 struct mwl_softc *sc = ni->ni_ic->ic_softc; 3550 const struct ieee80211_action *ia; 3551 3552 ia = (const struct ieee80211_action *) frm; 3553 if (ia->ia_category == IEEE80211_ACTION_CAT_HT && 3554 ia->ia_action == IEEE80211_ACTION_HT_MIMOPWRSAVE) { 3555 const struct ieee80211_action_ht_mimopowersave *mps = 3556 (const struct ieee80211_action_ht_mimopowersave *) ia; 3557 3558 mwl_hal_setmimops(sc->sc_mh, ni->ni_macaddr, 3559 mps->am_control & IEEE80211_A_HT_MIMOPWRSAVE_ENA, 3560 MS(mps->am_control, IEEE80211_A_HT_MIMOPWRSAVE_MODE)); 3561 return 0; 3562 } else 3563 return sc->sc_recv_action(ni, wh, frm, efrm); 3564 } 3565 3566 static int 3567 mwl_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 3568 int dialogtoken, int baparamset, int batimeout) 3569 { 3570 struct mwl_softc *sc = ni->ni_ic->ic_softc; 3571 struct ieee80211vap *vap = ni->ni_vap; 3572 struct mwl_node *mn = MWL_NODE(ni); 3573 struct mwl_bastate *bas; 3574 3575 bas = tap->txa_private; 3576 if (bas == NULL) { 3577 const MWL_HAL_BASTREAM *sp; 3578 /* 3579 * Check for a free BA stream slot. 3580 */ 3581 #if MWL_MAXBA > 3 3582 if (mn->mn_ba[3].bastream == NULL) 3583 bas = &mn->mn_ba[3]; 3584 else 3585 #endif 3586 #if MWL_MAXBA > 2 3587 if (mn->mn_ba[2].bastream == NULL) 3588 bas = &mn->mn_ba[2]; 3589 else 3590 #endif 3591 #if MWL_MAXBA > 1 3592 if (mn->mn_ba[1].bastream == NULL) 3593 bas = &mn->mn_ba[1]; 3594 else 3595 #endif 3596 #if MWL_MAXBA > 0 3597 if (mn->mn_ba[0].bastream == NULL) 3598 bas = &mn->mn_ba[0]; 3599 else 3600 #endif 3601 { 3602 /* sta already has max BA streams */ 3603 /* XXX assign BA stream to highest priority tid */ 3604 DPRINTF(sc, MWL_DEBUG_AMPDU, 3605 "%s: already has max bastreams\n", __func__); 3606 sc->sc_stats.mst_ampdu_reject++; 3607 return 0; 3608 } 3609 /* NB: no held reference to ni */ 3610 sp = mwl_hal_bastream_alloc(MWL_VAP(vap)->mv_hvap, 3611 (baparamset & IEEE80211_BAPS_POLICY_IMMEDIATE) != 0, 3612 ni->ni_macaddr, tap->txa_tid, ni->ni_htparam, 3613 ni, tap); 3614 if (sp == NULL) { 3615 /* 3616 * No available stream, return 0 so no 3617 * a-mpdu aggregation will be done. 3618 */ 3619 DPRINTF(sc, MWL_DEBUG_AMPDU, 3620 "%s: no bastream available\n", __func__); 3621 sc->sc_stats.mst_ampdu_nostream++; 3622 return 0; 3623 } 3624 DPRINTF(sc, MWL_DEBUG_AMPDU, "%s: alloc bastream %p\n", 3625 __func__, sp); 3626 /* NB: qos is left zero so we won't match in mwl_tx_start */ 3627 bas->bastream = sp; 3628 tap->txa_private = bas; 3629 } 3630 /* fetch current seq# from the firmware; if available */ 3631 if (mwl_hal_bastream_get_seqno(sc->sc_mh, bas->bastream, 3632 vap->iv_opmode == IEEE80211_M_STA ? vap->iv_myaddr : ni->ni_macaddr, 3633 &tap->txa_start) != 0) 3634 tap->txa_start = 0; 3635 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset, batimeout); 3636 } 3637 3638 static int 3639 mwl_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 3640 int code, int baparamset, int batimeout) 3641 { 3642 struct mwl_softc *sc = ni->ni_ic->ic_softc; 3643 struct mwl_bastate *bas; 3644 3645 bas = tap->txa_private; 3646 if (bas == NULL) { 3647 /* XXX should not happen */ 3648 DPRINTF(sc, MWL_DEBUG_AMPDU, 3649 "%s: no BA stream allocated, TID %d\n", 3650 __func__, tap->txa_tid); 3651 sc->sc_stats.mst_addba_nostream++; 3652 return 0; 3653 } 3654 if (code == IEEE80211_STATUS_SUCCESS) { 3655 struct ieee80211vap *vap = ni->ni_vap; 3656 int bufsiz, error; 3657 3658 /* 3659 * Tell the firmware to setup the BA stream; 3660 * we know resources are available because we 3661 * pre-allocated one before forming the request. 3662 */ 3663 bufsiz = MS(baparamset, IEEE80211_BAPS_BUFSIZ); 3664 if (bufsiz == 0) 3665 bufsiz = IEEE80211_AGGR_BAWMAX; 3666 error = mwl_hal_bastream_create(MWL_VAP(vap)->mv_hvap, 3667 bas->bastream, bufsiz, bufsiz, tap->txa_start); 3668 if (error != 0) { 3669 /* 3670 * Setup failed, return immediately so no a-mpdu 3671 * aggregation will be done. 3672 */ 3673 mwl_hal_bastream_destroy(sc->sc_mh, bas->bastream); 3674 mwl_bastream_free(bas); 3675 tap->txa_private = NULL; 3676 3677 DPRINTF(sc, MWL_DEBUG_AMPDU, 3678 "%s: create failed, error %d, bufsiz %d TID %d " 3679 "htparam 0x%x\n", __func__, error, bufsiz, 3680 tap->txa_tid, ni->ni_htparam); 3681 sc->sc_stats.mst_bacreate_failed++; 3682 return 0; 3683 } 3684 /* NB: cache txq to avoid ptr indirect */ 3685 mwl_bastream_setup(bas, tap->txa_tid, bas->bastream->txq); 3686 DPRINTF(sc, MWL_DEBUG_AMPDU, 3687 "%s: bastream %p assigned to txq %d TID %d bufsiz %d " 3688 "htparam 0x%x\n", __func__, bas->bastream, 3689 bas->txq, tap->txa_tid, bufsiz, ni->ni_htparam); 3690 } else { 3691 /* 3692 * Other side NAK'd us; return the resources. 3693 */ 3694 DPRINTF(sc, MWL_DEBUG_AMPDU, 3695 "%s: request failed with code %d, destroy bastream %p\n", 3696 __func__, code, bas->bastream); 3697 mwl_hal_bastream_destroy(sc->sc_mh, bas->bastream); 3698 mwl_bastream_free(bas); 3699 tap->txa_private = NULL; 3700 } 3701 /* NB: firmware sends BAR so we don't need to */ 3702 return sc->sc_addba_response(ni, tap, code, baparamset, batimeout); 3703 } 3704 3705 static void 3706 mwl_addba_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 3707 { 3708 struct mwl_softc *sc = ni->ni_ic->ic_softc; 3709 struct mwl_bastate *bas; 3710 3711 bas = tap->txa_private; 3712 if (bas != NULL) { 3713 DPRINTF(sc, MWL_DEBUG_AMPDU, "%s: destroy bastream %p\n", 3714 __func__, bas->bastream); 3715 mwl_hal_bastream_destroy(sc->sc_mh, bas->bastream); 3716 mwl_bastream_free(bas); 3717 tap->txa_private = NULL; 3718 } 3719 sc->sc_addba_stop(ni, tap); 3720 } 3721 3722 /* 3723 * Setup the rx data structures. This should only be 3724 * done once or we may get out of sync with the firmware. 3725 */ 3726 static int 3727 mwl_startrecv(struct mwl_softc *sc) 3728 { 3729 if (!sc->sc_recvsetup) { 3730 struct mwl_rxbuf *bf, *prev; 3731 struct mwl_rxdesc *ds; 3732 3733 prev = NULL; 3734 STAILQ_FOREACH(bf, &sc->sc_rxbuf, bf_list) { 3735 int error = mwl_rxbuf_init(sc, bf); 3736 if (error != 0) { 3737 DPRINTF(sc, MWL_DEBUG_RECV, 3738 "%s: mwl_rxbuf_init failed %d\n", 3739 __func__, error); 3740 return error; 3741 } 3742 if (prev != NULL) { 3743 ds = prev->bf_desc; 3744 ds->pPhysNext = htole32(bf->bf_daddr); 3745 } 3746 prev = bf; 3747 } 3748 if (prev != NULL) { 3749 ds = prev->bf_desc; 3750 ds->pPhysNext = 3751 htole32(STAILQ_FIRST(&sc->sc_rxbuf)->bf_daddr); 3752 } 3753 sc->sc_recvsetup = 1; 3754 } 3755 mwl_mode_init(sc); /* set filters, etc. */ 3756 return 0; 3757 } 3758 3759 static MWL_HAL_APMODE 3760 mwl_getapmode(const struct ieee80211vap *vap, struct ieee80211_channel *chan) 3761 { 3762 MWL_HAL_APMODE mode; 3763 3764 if (IEEE80211_IS_CHAN_HT(chan)) { 3765 if (vap->iv_flags_ht & IEEE80211_FHT_PUREN) 3766 mode = AP_MODE_N_ONLY; 3767 else if (IEEE80211_IS_CHAN_5GHZ(chan)) 3768 mode = AP_MODE_AandN; 3769 else if (vap->iv_flags & IEEE80211_F_PUREG) 3770 mode = AP_MODE_GandN; 3771 else 3772 mode = AP_MODE_BandGandN; 3773 } else if (IEEE80211_IS_CHAN_ANYG(chan)) { 3774 if (vap->iv_flags & IEEE80211_F_PUREG) 3775 mode = AP_MODE_G_ONLY; 3776 else 3777 mode = AP_MODE_MIXED; 3778 } else if (IEEE80211_IS_CHAN_B(chan)) 3779 mode = AP_MODE_B_ONLY; 3780 else if (IEEE80211_IS_CHAN_A(chan)) 3781 mode = AP_MODE_A_ONLY; 3782 else 3783 mode = AP_MODE_MIXED; /* XXX should not happen? */ 3784 return mode; 3785 } 3786 3787 static int 3788 mwl_setapmode(struct ieee80211vap *vap, struct ieee80211_channel *chan) 3789 { 3790 struct mwl_hal_vap *hvap = MWL_VAP(vap)->mv_hvap; 3791 return mwl_hal_setapmode(hvap, mwl_getapmode(vap, chan)); 3792 } 3793 3794 /* 3795 * Set/change channels. 3796 */ 3797 static int 3798 mwl_chan_set(struct mwl_softc *sc, struct ieee80211_channel *chan) 3799 { 3800 struct mwl_hal *mh = sc->sc_mh; 3801 struct ieee80211com *ic = &sc->sc_ic; 3802 MWL_HAL_CHANNEL hchan; 3803 int maxtxpow; 3804 3805 DPRINTF(sc, MWL_DEBUG_RESET, "%s: chan %u MHz/flags 0x%x\n", 3806 __func__, chan->ic_freq, chan->ic_flags); 3807 3808 /* 3809 * Convert to a HAL channel description with 3810 * the flags constrained to reflect the current 3811 * operating mode. 3812 */ 3813 mwl_mapchan(&hchan, chan); 3814 mwl_hal_intrset(mh, 0); /* disable interrupts */ 3815 #if 0 3816 mwl_draintxq(sc); /* clear pending tx frames */ 3817 #endif 3818 mwl_hal_setchannel(mh, &hchan); 3819 /* 3820 * Tx power is cap'd by the regulatory setting and 3821 * possibly a user-set limit. We pass the min of 3822 * these to the hal to apply them to the cal data 3823 * for this channel. 3824 * XXX min bound? 3825 */ 3826 maxtxpow = 2*chan->ic_maxregpower; 3827 if (maxtxpow > ic->ic_txpowlimit) 3828 maxtxpow = ic->ic_txpowlimit; 3829 mwl_hal_settxpower(mh, &hchan, maxtxpow / 2); 3830 /* NB: potentially change mcast/mgt rates */ 3831 mwl_setcurchanrates(sc); 3832 3833 /* 3834 * Update internal state. 3835 */ 3836 sc->sc_tx_th.wt_chan_freq = htole16(chan->ic_freq); 3837 sc->sc_rx_th.wr_chan_freq = htole16(chan->ic_freq); 3838 if (IEEE80211_IS_CHAN_A(chan)) { 3839 sc->sc_tx_th.wt_chan_flags = htole16(IEEE80211_CHAN_A); 3840 sc->sc_rx_th.wr_chan_flags = htole16(IEEE80211_CHAN_A); 3841 } else if (IEEE80211_IS_CHAN_ANYG(chan)) { 3842 sc->sc_tx_th.wt_chan_flags = htole16(IEEE80211_CHAN_G); 3843 sc->sc_rx_th.wr_chan_flags = htole16(IEEE80211_CHAN_G); 3844 } else { 3845 sc->sc_tx_th.wt_chan_flags = htole16(IEEE80211_CHAN_B); 3846 sc->sc_rx_th.wr_chan_flags = htole16(IEEE80211_CHAN_B); 3847 } 3848 sc->sc_curchan = hchan; 3849 mwl_hal_intrset(mh, sc->sc_imask); 3850 3851 return 0; 3852 } 3853 3854 static void 3855 mwl_scan_start(struct ieee80211com *ic) 3856 { 3857 struct mwl_softc *sc = ic->ic_softc; 3858 3859 DPRINTF(sc, MWL_DEBUG_STATE, "%s\n", __func__); 3860 } 3861 3862 static void 3863 mwl_scan_end(struct ieee80211com *ic) 3864 { 3865 struct mwl_softc *sc = ic->ic_softc; 3866 3867 DPRINTF(sc, MWL_DEBUG_STATE, "%s\n", __func__); 3868 } 3869 3870 static void 3871 mwl_set_channel(struct ieee80211com *ic) 3872 { 3873 struct mwl_softc *sc = ic->ic_softc; 3874 3875 (void) mwl_chan_set(sc, ic->ic_curchan); 3876 } 3877 3878 /* 3879 * Handle a channel switch request. We inform the firmware 3880 * and mark the global state to suppress various actions. 3881 * NB: we issue only one request to the fw; we may be called 3882 * multiple times if there are multiple vap's. 3883 */ 3884 static void 3885 mwl_startcsa(struct ieee80211vap *vap) 3886 { 3887 struct ieee80211com *ic = vap->iv_ic; 3888 struct mwl_softc *sc = ic->ic_softc; 3889 MWL_HAL_CHANNEL hchan; 3890 3891 if (sc->sc_csapending) 3892 return; 3893 3894 mwl_mapchan(&hchan, ic->ic_csa_newchan); 3895 /* 1 =>'s quiet channel */ 3896 mwl_hal_setchannelswitchie(sc->sc_mh, &hchan, 1, ic->ic_csa_count); 3897 sc->sc_csapending = 1; 3898 } 3899 3900 /* 3901 * Plumb any static WEP key for the station. This is 3902 * necessary as we must propagate the key from the 3903 * global key table of the vap to each sta db entry. 3904 */ 3905 static void 3906 mwl_setanywepkey(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 3907 { 3908 if ((vap->iv_flags & (IEEE80211_F_PRIVACY|IEEE80211_F_WPA)) == 3909 IEEE80211_F_PRIVACY && 3910 vap->iv_def_txkey != IEEE80211_KEYIX_NONE && 3911 vap->iv_nw_keys[vap->iv_def_txkey].wk_keyix != IEEE80211_KEYIX_NONE) 3912 (void) _mwl_key_set(vap, &vap->iv_nw_keys[vap->iv_def_txkey], 3913 mac); 3914 } 3915 3916 static int 3917 mwl_peerstadb(struct ieee80211_node *ni, int aid, int staid, MWL_HAL_PEERINFO *pi) 3918 { 3919 #define WME(ie) ((const struct ieee80211_wme_info *) ie) 3920 struct ieee80211vap *vap = ni->ni_vap; 3921 struct mwl_hal_vap *hvap; 3922 int error; 3923 3924 if (vap->iv_opmode == IEEE80211_M_WDS) { 3925 /* 3926 * WDS vap's do not have a f/w vap; instead they piggyback 3927 * on an AP vap and we must install the sta db entry and 3928 * crypto state using that AP's handle (the WDS vap has none). 3929 */ 3930 hvap = MWL_VAP(vap)->mv_ap_hvap; 3931 } else 3932 hvap = MWL_VAP(vap)->mv_hvap; 3933 error = mwl_hal_newstation(hvap, ni->ni_macaddr, 3934 aid, staid, pi, 3935 ni->ni_flags & (IEEE80211_NODE_QOS | IEEE80211_NODE_HT), 3936 ni->ni_ies.wme_ie != NULL ? WME(ni->ni_ies.wme_ie)->wme_info : 0); 3937 if (error == 0) { 3938 /* 3939 * Setup security for this station. For sta mode this is 3940 * needed even though do the same thing on transition to 3941 * AUTH state because the call to mwl_hal_newstation 3942 * clobbers the crypto state we setup. 3943 */ 3944 mwl_setanywepkey(vap, ni->ni_macaddr); 3945 } 3946 return error; 3947 #undef WME 3948 } 3949 3950 static void 3951 mwl_setglobalkeys(struct ieee80211vap *vap) 3952 { 3953 struct ieee80211_key *wk; 3954 3955 wk = &vap->iv_nw_keys[0]; 3956 for (; wk < &vap->iv_nw_keys[IEEE80211_WEP_NKID]; wk++) 3957 if (wk->wk_keyix != IEEE80211_KEYIX_NONE) 3958 (void) _mwl_key_set(vap, wk, vap->iv_myaddr); 3959 } 3960 3961 /* 3962 * Convert a legacy rate set to a firmware bitmask. 3963 */ 3964 static uint32_t 3965 get_rate_bitmap(const struct ieee80211_rateset *rs) 3966 { 3967 uint32_t rates; 3968 int i; 3969 3970 rates = 0; 3971 for (i = 0; i < rs->rs_nrates; i++) 3972 switch (rs->rs_rates[i] & IEEE80211_RATE_VAL) { 3973 case 2: rates |= 0x001; break; 3974 case 4: rates |= 0x002; break; 3975 case 11: rates |= 0x004; break; 3976 case 22: rates |= 0x008; break; 3977 case 44: rates |= 0x010; break; 3978 case 12: rates |= 0x020; break; 3979 case 18: rates |= 0x040; break; 3980 case 24: rates |= 0x080; break; 3981 case 36: rates |= 0x100; break; 3982 case 48: rates |= 0x200; break; 3983 case 72: rates |= 0x400; break; 3984 case 96: rates |= 0x800; break; 3985 case 108: rates |= 0x1000; break; 3986 } 3987 return rates; 3988 } 3989 3990 /* 3991 * Construct an HT firmware bitmask from an HT rate set. 3992 */ 3993 static uint32_t 3994 get_htrate_bitmap(const struct ieee80211_htrateset *rs) 3995 { 3996 uint32_t rates; 3997 int i; 3998 3999 rates = 0; 4000 for (i = 0; i < rs->rs_nrates; i++) { 4001 if (rs->rs_rates[i] < 16) 4002 rates |= 1<<rs->rs_rates[i]; 4003 } 4004 return rates; 4005 } 4006 4007 /* 4008 * Craft station database entry for station. 4009 * NB: use host byte order here, the hal handles byte swapping. 4010 */ 4011 static MWL_HAL_PEERINFO * 4012 mkpeerinfo(MWL_HAL_PEERINFO *pi, const struct ieee80211_node *ni) 4013 { 4014 const struct ieee80211vap *vap = ni->ni_vap; 4015 4016 memset(pi, 0, sizeof(*pi)); 4017 pi->LegacyRateBitMap = get_rate_bitmap(&ni->ni_rates); 4018 pi->CapInfo = ni->ni_capinfo; 4019 if (ni->ni_flags & IEEE80211_NODE_HT) { 4020 /* HT capabilities, etc */ 4021 pi->HTCapabilitiesInfo = ni->ni_htcap; 4022 /* XXX pi.HTCapabilitiesInfo */ 4023 pi->MacHTParamInfo = ni->ni_htparam; 4024 pi->HTRateBitMap = get_htrate_bitmap(&ni->ni_htrates); 4025 pi->AddHtInfo.ControlChan = ni->ni_htctlchan; 4026 pi->AddHtInfo.AddChan = ni->ni_ht2ndchan; 4027 pi->AddHtInfo.OpMode = ni->ni_htopmode; 4028 pi->AddHtInfo.stbc = ni->ni_htstbc; 4029 4030 /* constrain according to local configuration */ 4031 if ((vap->iv_flags_ht & IEEE80211_FHT_SHORTGI40) == 0) 4032 pi->HTCapabilitiesInfo &= ~IEEE80211_HTCAP_SHORTGI40; 4033 if ((vap->iv_flags_ht & IEEE80211_FHT_SHORTGI20) == 0) 4034 pi->HTCapabilitiesInfo &= ~IEEE80211_HTCAP_SHORTGI20; 4035 if (ni->ni_chw != 40) 4036 pi->HTCapabilitiesInfo &= ~IEEE80211_HTCAP_CHWIDTH40; 4037 } 4038 return pi; 4039 } 4040 4041 /* 4042 * Re-create the local sta db entry for a vap to ensure 4043 * up to date WME state is pushed to the firmware. Because 4044 * this resets crypto state this must be followed by a 4045 * reload of any keys in the global key table. 4046 */ 4047 static int 4048 mwl_localstadb(struct ieee80211vap *vap) 4049 { 4050 #define WME(ie) ((const struct ieee80211_wme_info *) ie) 4051 struct mwl_hal_vap *hvap = MWL_VAP(vap)->mv_hvap; 4052 struct ieee80211_node *bss; 4053 MWL_HAL_PEERINFO pi; 4054 int error; 4055 4056 switch (vap->iv_opmode) { 4057 case IEEE80211_M_STA: 4058 bss = vap->iv_bss; 4059 error = mwl_hal_newstation(hvap, vap->iv_myaddr, 0, 0, 4060 vap->iv_state == IEEE80211_S_RUN ? 4061 mkpeerinfo(&pi, bss) : NULL, 4062 (bss->ni_flags & (IEEE80211_NODE_QOS | IEEE80211_NODE_HT)), 4063 bss->ni_ies.wme_ie != NULL ? 4064 WME(bss->ni_ies.wme_ie)->wme_info : 0); 4065 if (error == 0) 4066 mwl_setglobalkeys(vap); 4067 break; 4068 case IEEE80211_M_HOSTAP: 4069 case IEEE80211_M_MBSS: 4070 error = mwl_hal_newstation(hvap, vap->iv_myaddr, 4071 0, 0, NULL, vap->iv_flags & IEEE80211_F_WME, 0); 4072 if (error == 0) 4073 mwl_setglobalkeys(vap); 4074 break; 4075 default: 4076 error = 0; 4077 break; 4078 } 4079 return error; 4080 #undef WME 4081 } 4082 4083 static int 4084 mwl_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 4085 { 4086 struct mwl_vap *mvp = MWL_VAP(vap); 4087 struct mwl_hal_vap *hvap = mvp->mv_hvap; 4088 struct ieee80211com *ic = vap->iv_ic; 4089 struct ieee80211_node *ni = NULL; 4090 struct mwl_softc *sc = ic->ic_softc; 4091 struct mwl_hal *mh = sc->sc_mh; 4092 enum ieee80211_state ostate = vap->iv_state; 4093 int error; 4094 4095 DPRINTF(sc, MWL_DEBUG_STATE, "%s: %s: %s -> %s\n", 4096 vap->iv_ifp->if_xname, __func__, 4097 ieee80211_state_name[ostate], ieee80211_state_name[nstate]); 4098 4099 callout_stop(&sc->sc_timer); 4100 /* 4101 * Clear current radar detection state. 4102 */ 4103 if (ostate == IEEE80211_S_CAC) { 4104 /* stop quiet mode radar detection */ 4105 mwl_hal_setradardetection(mh, DR_CHK_CHANNEL_AVAILABLE_STOP); 4106 } else if (sc->sc_radarena) { 4107 /* stop in-service radar detection */ 4108 mwl_hal_setradardetection(mh, DR_DFS_DISABLE); 4109 sc->sc_radarena = 0; 4110 } 4111 /* 4112 * Carry out per-state actions before doing net80211 work. 4113 */ 4114 if (nstate == IEEE80211_S_INIT) { 4115 /* NB: only ap+sta vap's have a fw entity */ 4116 if (hvap != NULL) 4117 mwl_hal_stop(hvap); 4118 } else if (nstate == IEEE80211_S_SCAN) { 4119 mwl_hal_start(hvap); 4120 /* NB: this disables beacon frames */ 4121 mwl_hal_setinframode(hvap); 4122 } else if (nstate == IEEE80211_S_AUTH) { 4123 /* 4124 * Must create a sta db entry in case a WEP key needs to 4125 * be plumbed. This entry will be overwritten if we 4126 * associate; otherwise it will be reclaimed on node free. 4127 */ 4128 ni = vap->iv_bss; 4129 MWL_NODE(ni)->mn_hvap = hvap; 4130 (void) mwl_peerstadb(ni, 0, 0, NULL); 4131 } else if (nstate == IEEE80211_S_CSA) { 4132 /* XXX move to below? */ 4133 if (vap->iv_opmode == IEEE80211_M_HOSTAP || 4134 vap->iv_opmode == IEEE80211_M_MBSS) 4135 mwl_startcsa(vap); 4136 } else if (nstate == IEEE80211_S_CAC) { 4137 /* XXX move to below? */ 4138 /* stop ap xmit and enable quiet mode radar detection */ 4139 mwl_hal_setradardetection(mh, DR_CHK_CHANNEL_AVAILABLE_START); 4140 } 4141 4142 /* 4143 * Invoke the parent method to do net80211 work. 4144 */ 4145 error = mvp->mv_newstate(vap, nstate, arg); 4146 4147 /* 4148 * Carry out work that must be done after net80211 runs; 4149 * this work requires up to date state (e.g. iv_bss). 4150 */ 4151 if (error == 0 && nstate == IEEE80211_S_RUN) { 4152 /* NB: collect bss node again, it may have changed */ 4153 ni = vap->iv_bss; 4154 4155 DPRINTF(sc, MWL_DEBUG_STATE, 4156 "%s: %s(RUN): iv_flags 0x%08x bintvl %d bssid %s " 4157 "capinfo 0x%04x chan %d\n", 4158 vap->iv_ifp->if_xname, __func__, vap->iv_flags, 4159 ni->ni_intval, ether_sprintf(ni->ni_bssid), ni->ni_capinfo, 4160 ieee80211_chan2ieee(ic, ic->ic_curchan)); 4161 4162 /* 4163 * Recreate local sta db entry to update WME/HT state. 4164 */ 4165 mwl_localstadb(vap); 4166 switch (vap->iv_opmode) { 4167 case IEEE80211_M_HOSTAP: 4168 case IEEE80211_M_MBSS: 4169 if (ostate == IEEE80211_S_CAC) { 4170 /* enable in-service radar detection */ 4171 mwl_hal_setradardetection(mh, 4172 DR_IN_SERVICE_MONITOR_START); 4173 sc->sc_radarena = 1; 4174 } 4175 /* 4176 * Allocate and setup the beacon frame 4177 * (and related state). 4178 */ 4179 error = mwl_reset_vap(vap, IEEE80211_S_RUN); 4180 if (error != 0) { 4181 DPRINTF(sc, MWL_DEBUG_STATE, 4182 "%s: beacon setup failed, error %d\n", 4183 __func__, error); 4184 goto bad; 4185 } 4186 /* NB: must be after setting up beacon */ 4187 mwl_hal_start(hvap); 4188 break; 4189 case IEEE80211_M_STA: 4190 DPRINTF(sc, MWL_DEBUG_STATE, "%s: %s: aid 0x%x\n", 4191 vap->iv_ifp->if_xname, __func__, ni->ni_associd); 4192 /* 4193 * Set state now that we're associated. 4194 */ 4195 mwl_hal_setassocid(hvap, ni->ni_bssid, ni->ni_associd); 4196 mwl_setrates(vap); 4197 mwl_hal_setrtsthreshold(hvap, vap->iv_rtsthreshold); 4198 if ((vap->iv_flags & IEEE80211_F_DWDS) && 4199 sc->sc_ndwdsvaps++ == 0) 4200 mwl_hal_setdwds(mh, 1); 4201 break; 4202 case IEEE80211_M_WDS: 4203 DPRINTF(sc, MWL_DEBUG_STATE, "%s: %s: bssid %s\n", 4204 vap->iv_ifp->if_xname, __func__, 4205 ether_sprintf(ni->ni_bssid)); 4206 mwl_seteapolformat(vap); 4207 break; 4208 default: 4209 break; 4210 } 4211 /* 4212 * Set CS mode according to operating channel; 4213 * this mostly an optimization for 5GHz. 4214 * 4215 * NB: must follow mwl_hal_start which resets csmode 4216 */ 4217 if (IEEE80211_IS_CHAN_5GHZ(ic->ic_bsschan)) 4218 mwl_hal_setcsmode(mh, CSMODE_AGGRESSIVE); 4219 else 4220 mwl_hal_setcsmode(mh, CSMODE_AUTO_ENA); 4221 /* 4222 * Start timer to prod firmware. 4223 */ 4224 if (sc->sc_ageinterval != 0) 4225 callout_reset(&sc->sc_timer, sc->sc_ageinterval*hz, 4226 mwl_agestations, sc); 4227 } else if (nstate == IEEE80211_S_SLEEP) { 4228 /* XXX set chip in power save */ 4229 } else if ((vap->iv_flags & IEEE80211_F_DWDS) && 4230 --sc->sc_ndwdsvaps == 0) 4231 mwl_hal_setdwds(mh, 0); 4232 bad: 4233 return error; 4234 } 4235 4236 /* 4237 * Manage station id's; these are separate from AID's 4238 * as AID's may have values out of the range of possible 4239 * station id's acceptable to the firmware. 4240 */ 4241 static int 4242 allocstaid(struct mwl_softc *sc, int aid) 4243 { 4244 int staid; 4245 4246 if (!(0 < aid && aid < MWL_MAXSTAID) || isset(sc->sc_staid, aid)) { 4247 /* NB: don't use 0 */ 4248 for (staid = 1; staid < MWL_MAXSTAID; staid++) 4249 if (isclr(sc->sc_staid, staid)) 4250 break; 4251 } else 4252 staid = aid; 4253 setbit(sc->sc_staid, staid); 4254 return staid; 4255 } 4256 4257 static void 4258 delstaid(struct mwl_softc *sc, int staid) 4259 { 4260 clrbit(sc->sc_staid, staid); 4261 } 4262 4263 /* 4264 * Setup driver-specific state for a newly associated node. 4265 * Note that we're called also on a re-associate, the isnew 4266 * param tells us if this is the first time or not. 4267 */ 4268 static void 4269 mwl_newassoc(struct ieee80211_node *ni, int isnew) 4270 { 4271 struct ieee80211vap *vap = ni->ni_vap; 4272 struct mwl_softc *sc = vap->iv_ic->ic_softc; 4273 struct mwl_node *mn = MWL_NODE(ni); 4274 MWL_HAL_PEERINFO pi; 4275 uint16_t aid; 4276 int error; 4277 4278 aid = IEEE80211_AID(ni->ni_associd); 4279 if (isnew) { 4280 mn->mn_staid = allocstaid(sc, aid); 4281 mn->mn_hvap = MWL_VAP(vap)->mv_hvap; 4282 } else { 4283 mn = MWL_NODE(ni); 4284 /* XXX reset BA stream? */ 4285 } 4286 DPRINTF(sc, MWL_DEBUG_NODE, "%s: mac %s isnew %d aid %d staid %d\n", 4287 __func__, ether_sprintf(ni->ni_macaddr), isnew, aid, mn->mn_staid); 4288 error = mwl_peerstadb(ni, aid, mn->mn_staid, mkpeerinfo(&pi, ni)); 4289 if (error != 0) { 4290 DPRINTF(sc, MWL_DEBUG_NODE, 4291 "%s: error %d creating sta db entry\n", 4292 __func__, error); 4293 /* XXX how to deal with error? */ 4294 } 4295 } 4296 4297 /* 4298 * Periodically poke the firmware to age out station state 4299 * (power save queues, pending tx aggregates). 4300 */ 4301 static void 4302 mwl_agestations(void *arg) 4303 { 4304 struct mwl_softc *sc = arg; 4305 4306 mwl_hal_setkeepalive(sc->sc_mh); 4307 if (sc->sc_ageinterval != 0) /* NB: catch dynamic changes */ 4308 callout_schedule(&sc->sc_timer, sc->sc_ageinterval*hz); 4309 } 4310 4311 static const struct mwl_hal_channel * 4312 findhalchannel(const MWL_HAL_CHANNELINFO *ci, int ieee) 4313 { 4314 int i; 4315 4316 for (i = 0; i < ci->nchannels; i++) { 4317 const struct mwl_hal_channel *hc = &ci->channels[i]; 4318 if (hc->ieee == ieee) 4319 return hc; 4320 } 4321 return NULL; 4322 } 4323 4324 static int 4325 mwl_setregdomain(struct ieee80211com *ic, struct ieee80211_regdomain *rd, 4326 int nchan, struct ieee80211_channel chans[]) 4327 { 4328 struct mwl_softc *sc = ic->ic_softc; 4329 struct mwl_hal *mh = sc->sc_mh; 4330 const MWL_HAL_CHANNELINFO *ci; 4331 int i; 4332 4333 for (i = 0; i < nchan; i++) { 4334 struct ieee80211_channel *c = &chans[i]; 4335 const struct mwl_hal_channel *hc; 4336 4337 if (IEEE80211_IS_CHAN_2GHZ(c)) { 4338 mwl_hal_getchannelinfo(mh, MWL_FREQ_BAND_2DOT4GHZ, 4339 IEEE80211_IS_CHAN_HT40(c) ? 4340 MWL_CH_40_MHz_WIDTH : MWL_CH_20_MHz_WIDTH, &ci); 4341 } else if (IEEE80211_IS_CHAN_5GHZ(c)) { 4342 mwl_hal_getchannelinfo(mh, MWL_FREQ_BAND_5GHZ, 4343 IEEE80211_IS_CHAN_HT40(c) ? 4344 MWL_CH_40_MHz_WIDTH : MWL_CH_20_MHz_WIDTH, &ci); 4345 } else { 4346 device_printf(sc->sc_dev, 4347 "%s: channel %u freq %u/0x%x not 2.4/5GHz\n", 4348 __func__, c->ic_ieee, c->ic_freq, c->ic_flags); 4349 return EINVAL; 4350 } 4351 /* 4352 * Verify channel has cal data and cap tx power. 4353 */ 4354 hc = findhalchannel(ci, c->ic_ieee); 4355 if (hc != NULL) { 4356 if (c->ic_maxpower > 2*hc->maxTxPow) 4357 c->ic_maxpower = 2*hc->maxTxPow; 4358 goto next; 4359 } 4360 if (IEEE80211_IS_CHAN_HT40(c)) { 4361 /* 4362 * Look for the extension channel since the 4363 * hal table only has the primary channel. 4364 */ 4365 hc = findhalchannel(ci, c->ic_extieee); 4366 if (hc != NULL) { 4367 if (c->ic_maxpower > 2*hc->maxTxPow) 4368 c->ic_maxpower = 2*hc->maxTxPow; 4369 goto next; 4370 } 4371 } 4372 device_printf(sc->sc_dev, 4373 "%s: no cal data for channel %u ext %u freq %u/0x%x\n", 4374 __func__, c->ic_ieee, c->ic_extieee, 4375 c->ic_freq, c->ic_flags); 4376 return EINVAL; 4377 next: 4378 ; 4379 } 4380 return 0; 4381 } 4382 4383 #define IEEE80211_CHAN_HTG (IEEE80211_CHAN_HT|IEEE80211_CHAN_G) 4384 #define IEEE80211_CHAN_HTA (IEEE80211_CHAN_HT|IEEE80211_CHAN_A) 4385 4386 static void 4387 addht40channels(struct ieee80211_channel chans[], int maxchans, int *nchans, 4388 const MWL_HAL_CHANNELINFO *ci, int flags) 4389 { 4390 int i, error; 4391 4392 for (i = 0; i < ci->nchannels; i++) { 4393 const struct mwl_hal_channel *hc = &ci->channels[i]; 4394 4395 error = ieee80211_add_channel_ht40(chans, maxchans, nchans, 4396 hc->ieee, hc->maxTxPow, flags); 4397 if (error != 0 && error != ENOENT) 4398 break; 4399 } 4400 } 4401 4402 static void 4403 addchannels(struct ieee80211_channel chans[], int maxchans, int *nchans, 4404 const MWL_HAL_CHANNELINFO *ci, const uint8_t bands[]) 4405 { 4406 int i, error; 4407 4408 error = 0; 4409 for (i = 0; i < ci->nchannels && error == 0; i++) { 4410 const struct mwl_hal_channel *hc = &ci->channels[i]; 4411 4412 error = ieee80211_add_channel(chans, maxchans, nchans, 4413 hc->ieee, hc->freq, hc->maxTxPow, 0, bands); 4414 } 4415 } 4416 4417 static void 4418 getchannels(struct mwl_softc *sc, int maxchans, int *nchans, 4419 struct ieee80211_channel chans[]) 4420 { 4421 const MWL_HAL_CHANNELINFO *ci; 4422 uint8_t bands[IEEE80211_MODE_BYTES]; 4423 4424 /* 4425 * Use the channel info from the hal to craft the 4426 * channel list. Note that we pass back an unsorted 4427 * list; the caller is required to sort it for us 4428 * (if desired). 4429 */ 4430 *nchans = 0; 4431 if (mwl_hal_getchannelinfo(sc->sc_mh, 4432 MWL_FREQ_BAND_2DOT4GHZ, MWL_CH_20_MHz_WIDTH, &ci) == 0) { 4433 memset(bands, 0, sizeof(bands)); 4434 setbit(bands, IEEE80211_MODE_11B); 4435 setbit(bands, IEEE80211_MODE_11G); 4436 setbit(bands, IEEE80211_MODE_11NG); 4437 addchannels(chans, maxchans, nchans, ci, bands); 4438 } 4439 if (mwl_hal_getchannelinfo(sc->sc_mh, 4440 MWL_FREQ_BAND_5GHZ, MWL_CH_20_MHz_WIDTH, &ci) == 0) { 4441 memset(bands, 0, sizeof(bands)); 4442 setbit(bands, IEEE80211_MODE_11A); 4443 setbit(bands, IEEE80211_MODE_11NA); 4444 addchannels(chans, maxchans, nchans, ci, bands); 4445 } 4446 if (mwl_hal_getchannelinfo(sc->sc_mh, 4447 MWL_FREQ_BAND_2DOT4GHZ, MWL_CH_40_MHz_WIDTH, &ci) == 0) 4448 addht40channels(chans, maxchans, nchans, ci, IEEE80211_CHAN_HTG); 4449 if (mwl_hal_getchannelinfo(sc->sc_mh, 4450 MWL_FREQ_BAND_5GHZ, MWL_CH_40_MHz_WIDTH, &ci) == 0) 4451 addht40channels(chans, maxchans, nchans, ci, IEEE80211_CHAN_HTA); 4452 } 4453 4454 static void 4455 mwl_getradiocaps(struct ieee80211com *ic, 4456 int maxchans, int *nchans, struct ieee80211_channel chans[]) 4457 { 4458 struct mwl_softc *sc = ic->ic_softc; 4459 4460 getchannels(sc, maxchans, nchans, chans); 4461 } 4462 4463 static int 4464 mwl_getchannels(struct mwl_softc *sc) 4465 { 4466 struct ieee80211com *ic = &sc->sc_ic; 4467 4468 /* 4469 * Use the channel info from the hal to craft the 4470 * channel list for net80211. Note that we pass up 4471 * an unsorted list; net80211 will sort it for us. 4472 */ 4473 memset(ic->ic_channels, 0, sizeof(ic->ic_channels)); 4474 ic->ic_nchans = 0; 4475 getchannels(sc, IEEE80211_CHAN_MAX, &ic->ic_nchans, ic->ic_channels); 4476 4477 ic->ic_regdomain.regdomain = SKU_DEBUG; 4478 ic->ic_regdomain.country = CTRY_DEFAULT; 4479 ic->ic_regdomain.location = 'I'; 4480 ic->ic_regdomain.isocc[0] = ' '; /* XXX? */ 4481 ic->ic_regdomain.isocc[1] = ' '; 4482 return (ic->ic_nchans == 0 ? EIO : 0); 4483 } 4484 #undef IEEE80211_CHAN_HTA 4485 #undef IEEE80211_CHAN_HTG 4486 4487 #ifdef MWL_DEBUG 4488 static void 4489 mwl_printrxbuf(const struct mwl_rxbuf *bf, u_int ix) 4490 { 4491 const struct mwl_rxdesc *ds = bf->bf_desc; 4492 uint32_t status = le32toh(ds->Status); 4493 4494 printf("R[%2u] (DS.V:%p DS.P:0x%jx) NEXT:%08x DATA:%08x RC:%02x%s\n" 4495 " STAT:%02x LEN:%04x RSSI:%02x CHAN:%02x RATE:%02x QOS:%04x HT:%04x\n", 4496 ix, ds, (uintmax_t)bf->bf_daddr, le32toh(ds->pPhysNext), 4497 le32toh(ds->pPhysBuffData), ds->RxControl, 4498 ds->RxControl != EAGLE_RXD_CTRL_DRIVER_OWN ? 4499 "" : (status & EAGLE_RXD_STATUS_OK) ? " *" : " !", 4500 ds->Status, le16toh(ds->PktLen), ds->RSSI, ds->Channel, 4501 ds->Rate, le16toh(ds->QosCtrl), le16toh(ds->HtSig2)); 4502 } 4503 4504 static void 4505 mwl_printtxbuf(const struct mwl_txbuf *bf, u_int qnum, u_int ix) 4506 { 4507 const struct mwl_txdesc *ds = bf->bf_desc; 4508 uint32_t status = le32toh(ds->Status); 4509 4510 printf("Q%u[%3u]", qnum, ix); 4511 printf(" (DS.V:%p DS.P:0x%jx)\n", ds, (uintmax_t)bf->bf_daddr); 4512 printf(" NEXT:%08x DATA:%08x LEN:%04x STAT:%08x%s\n", 4513 le32toh(ds->pPhysNext), 4514 le32toh(ds->PktPtr), le16toh(ds->PktLen), status, 4515 status & EAGLE_TXD_STATUS_USED ? 4516 "" : (status & 3) != 0 ? " *" : " !"); 4517 printf(" RATE:%02x PRI:%x QOS:%04x SAP:%08x FORMAT:%04x\n", 4518 ds->DataRate, ds->TxPriority, le16toh(ds->QosCtrl), 4519 le32toh(ds->SapPktInfo), le16toh(ds->Format)); 4520 #if MWL_TXDESC > 1 4521 printf(" MULTIFRAMES:%u LEN:%04x %04x %04x %04x %04x %04x\n" 4522 , le32toh(ds->multiframes) 4523 , le16toh(ds->PktLenArray[0]), le16toh(ds->PktLenArray[1]) 4524 , le16toh(ds->PktLenArray[2]), le16toh(ds->PktLenArray[3]) 4525 , le16toh(ds->PktLenArray[4]), le16toh(ds->PktLenArray[5]) 4526 ); 4527 printf(" DATA:%08x %08x %08x %08x %08x %08x\n" 4528 , le32toh(ds->PktPtrArray[0]), le32toh(ds->PktPtrArray[1]) 4529 , le32toh(ds->PktPtrArray[2]), le32toh(ds->PktPtrArray[3]) 4530 , le32toh(ds->PktPtrArray[4]), le32toh(ds->PktPtrArray[5]) 4531 ); 4532 #endif 4533 #if 0 4534 { const uint8_t *cp = (const uint8_t *) ds; 4535 int i; 4536 for (i = 0; i < sizeof(struct mwl_txdesc); i++) { 4537 printf("%02x ", cp[i]); 4538 if (((i+1) % 16) == 0) 4539 printf("\n"); 4540 } 4541 printf("\n"); 4542 } 4543 #endif 4544 } 4545 #endif /* MWL_DEBUG */ 4546 4547 #if 0 4548 static void 4549 mwl_txq_dump(struct mwl_txq *txq) 4550 { 4551 struct mwl_txbuf *bf; 4552 int i = 0; 4553 4554 MWL_TXQ_LOCK(txq); 4555 STAILQ_FOREACH(bf, &txq->active, bf_list) { 4556 struct mwl_txdesc *ds = bf->bf_desc; 4557 MWL_TXDESC_SYNC(txq, ds, 4558 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 4559 #ifdef MWL_DEBUG 4560 mwl_printtxbuf(bf, txq->qnum, i); 4561 #endif 4562 i++; 4563 } 4564 MWL_TXQ_UNLOCK(txq); 4565 } 4566 #endif 4567 4568 static void 4569 mwl_watchdog(void *arg) 4570 { 4571 struct mwl_softc *sc = arg; 4572 4573 callout_reset(&sc->sc_watchdog, hz, mwl_watchdog, sc); 4574 if (sc->sc_tx_timer == 0 || --sc->sc_tx_timer > 0) 4575 return; 4576 4577 if (sc->sc_running && !sc->sc_invalid) { 4578 if (mwl_hal_setkeepalive(sc->sc_mh)) 4579 device_printf(sc->sc_dev, 4580 "transmit timeout (firmware hung?)\n"); 4581 else 4582 device_printf(sc->sc_dev, 4583 "transmit timeout\n"); 4584 #if 0 4585 mwl_reset(sc); 4586 mwl_txq_dump(&sc->sc_txq[0]);/*XXX*/ 4587 #endif 4588 counter_u64_add(sc->sc_ic.ic_oerrors, 1); 4589 sc->sc_stats.mst_watchdog++; 4590 } 4591 } 4592 4593 #ifdef MWL_DIAGAPI 4594 /* 4595 * Diagnostic interface to the HAL. This is used by various 4596 * tools to do things like retrieve register contents for 4597 * debugging. The mechanism is intentionally opaque so that 4598 * it can change frequently w/o concern for compatibility. 4599 */ 4600 static int 4601 mwl_ioctl_diag(struct mwl_softc *sc, struct mwl_diag *md) 4602 { 4603 struct mwl_hal *mh = sc->sc_mh; 4604 u_int id = md->md_id & MWL_DIAG_ID; 4605 void *indata = NULL; 4606 void *outdata = NULL; 4607 u_int32_t insize = md->md_in_size; 4608 u_int32_t outsize = md->md_out_size; 4609 int error = 0; 4610 4611 if (md->md_id & MWL_DIAG_IN) { 4612 /* 4613 * Copy in data. 4614 */ 4615 indata = malloc(insize, M_TEMP, M_NOWAIT); 4616 if (indata == NULL) { 4617 error = ENOMEM; 4618 goto bad; 4619 } 4620 error = copyin(md->md_in_data, indata, insize); 4621 if (error) 4622 goto bad; 4623 } 4624 if (md->md_id & MWL_DIAG_DYN) { 4625 /* 4626 * Allocate a buffer for the results (otherwise the HAL 4627 * returns a pointer to a buffer where we can read the 4628 * results). Note that we depend on the HAL leaving this 4629 * pointer for us to use below in reclaiming the buffer; 4630 * may want to be more defensive. 4631 */ 4632 outdata = malloc(outsize, M_TEMP, M_NOWAIT); 4633 if (outdata == NULL) { 4634 error = ENOMEM; 4635 goto bad; 4636 } 4637 } 4638 if (mwl_hal_getdiagstate(mh, id, indata, insize, &outdata, &outsize)) { 4639 if (outsize < md->md_out_size) 4640 md->md_out_size = outsize; 4641 if (outdata != NULL) 4642 error = copyout(outdata, md->md_out_data, 4643 md->md_out_size); 4644 } else { 4645 error = EINVAL; 4646 } 4647 bad: 4648 if ((md->md_id & MWL_DIAG_IN) && indata != NULL) 4649 free(indata, M_TEMP); 4650 if ((md->md_id & MWL_DIAG_DYN) && outdata != NULL) 4651 free(outdata, M_TEMP); 4652 return error; 4653 } 4654 4655 static int 4656 mwl_ioctl_reset(struct mwl_softc *sc, struct mwl_diag *md) 4657 { 4658 struct mwl_hal *mh = sc->sc_mh; 4659 int error; 4660 4661 MWL_LOCK_ASSERT(sc); 4662 4663 if (md->md_id == 0 && mwl_hal_fwload(mh, NULL) != 0) { 4664 device_printf(sc->sc_dev, "unable to load firmware\n"); 4665 return EIO; 4666 } 4667 if (mwl_hal_gethwspecs(mh, &sc->sc_hwspecs) != 0) { 4668 device_printf(sc->sc_dev, "unable to fetch h/w specs\n"); 4669 return EIO; 4670 } 4671 error = mwl_setupdma(sc); 4672 if (error != 0) { 4673 /* NB: mwl_setupdma prints a msg */ 4674 return error; 4675 } 4676 /* 4677 * Reset tx/rx data structures; after reload we must 4678 * re-start the driver's notion of the next xmit/recv. 4679 */ 4680 mwl_draintxq(sc); /* clear pending frames */ 4681 mwl_resettxq(sc); /* rebuild tx q lists */ 4682 sc->sc_rxnext = NULL; /* force rx to start at the list head */ 4683 return 0; 4684 } 4685 #endif /* MWL_DIAGAPI */ 4686 4687 static void 4688 mwl_parent(struct ieee80211com *ic) 4689 { 4690 struct mwl_softc *sc = ic->ic_softc; 4691 int startall = 0; 4692 4693 MWL_LOCK(sc); 4694 if (ic->ic_nrunning > 0) { 4695 if (sc->sc_running) { 4696 /* 4697 * To avoid rescanning another access point, 4698 * do not call mwl_init() here. Instead, 4699 * only reflect promisc mode settings. 4700 */ 4701 mwl_mode_init(sc); 4702 } else { 4703 /* 4704 * Beware of being called during attach/detach 4705 * to reset promiscuous mode. In that case we 4706 * will still be marked UP but not RUNNING. 4707 * However trying to re-init the interface 4708 * is the wrong thing to do as we've already 4709 * torn down much of our state. There's 4710 * probably a better way to deal with this. 4711 */ 4712 if (!sc->sc_invalid) { 4713 mwl_init(sc); /* XXX lose error */ 4714 startall = 1; 4715 } 4716 } 4717 } else 4718 mwl_stop(sc); 4719 MWL_UNLOCK(sc); 4720 if (startall) 4721 ieee80211_start_all(ic); 4722 } 4723 4724 static int 4725 mwl_ioctl(struct ieee80211com *ic, u_long cmd, void *data) 4726 { 4727 struct mwl_softc *sc = ic->ic_softc; 4728 struct ifreq *ifr = data; 4729 int error = 0; 4730 4731 switch (cmd) { 4732 case SIOCGMVSTATS: 4733 mwl_hal_gethwstats(sc->sc_mh, &sc->sc_stats.hw_stats); 4734 #if 0 4735 /* NB: embed these numbers to get a consistent view */ 4736 sc->sc_stats.mst_tx_packets = 4737 ifp->if_get_counter(ifp, IFCOUNTER_OPACKETS); 4738 sc->sc_stats.mst_rx_packets = 4739 ifp->if_get_counter(ifp, IFCOUNTER_IPACKETS); 4740 #endif 4741 /* 4742 * NB: Drop the softc lock in case of a page fault; 4743 * we'll accept any potential inconsisentcy in the 4744 * statistics. The alternative is to copy the data 4745 * to a local structure. 4746 */ 4747 return (copyout(&sc->sc_stats, ifr_data_get_ptr(ifr), 4748 sizeof (sc->sc_stats))); 4749 #ifdef MWL_DIAGAPI 4750 case SIOCGMVDIAG: 4751 /* XXX check privs */ 4752 return mwl_ioctl_diag(sc, (struct mwl_diag *) ifr); 4753 case SIOCGMVRESET: 4754 /* XXX check privs */ 4755 MWL_LOCK(sc); 4756 error = mwl_ioctl_reset(sc,(struct mwl_diag *) ifr); 4757 MWL_UNLOCK(sc); 4758 break; 4759 #endif /* MWL_DIAGAPI */ 4760 default: 4761 error = ENOTTY; 4762 break; 4763 } 4764 return (error); 4765 } 4766 4767 #ifdef MWL_DEBUG 4768 static int 4769 mwl_sysctl_debug(SYSCTL_HANDLER_ARGS) 4770 { 4771 struct mwl_softc *sc = arg1; 4772 int debug, error; 4773 4774 debug = sc->sc_debug | (mwl_hal_getdebug(sc->sc_mh) << 24); 4775 error = sysctl_handle_int(oidp, &debug, 0, req); 4776 if (error || !req->newptr) 4777 return error; 4778 mwl_hal_setdebug(sc->sc_mh, debug >> 24); 4779 sc->sc_debug = debug & 0x00ffffff; 4780 return 0; 4781 } 4782 #endif /* MWL_DEBUG */ 4783 4784 static void 4785 mwl_sysctlattach(struct mwl_softc *sc) 4786 { 4787 #ifdef MWL_DEBUG 4788 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 4789 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 4790 4791 sc->sc_debug = mwl_debug; 4792 SYSCTL_ADD_PROC(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, "debug", 4793 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, sc, 0, 4794 mwl_sysctl_debug, "I", "control debugging printfs"); 4795 #endif 4796 } 4797 4798 /* 4799 * Announce various information on device/driver attach. 4800 */ 4801 static void 4802 mwl_announce(struct mwl_softc *sc) 4803 { 4804 4805 device_printf(sc->sc_dev, "Rev A%d hardware, v%d.%d.%d.%d firmware (regioncode %d)\n", 4806 sc->sc_hwspecs.hwVersion, 4807 (sc->sc_hwspecs.fwReleaseNumber>>24) & 0xff, 4808 (sc->sc_hwspecs.fwReleaseNumber>>16) & 0xff, 4809 (sc->sc_hwspecs.fwReleaseNumber>>8) & 0xff, 4810 (sc->sc_hwspecs.fwReleaseNumber>>0) & 0xff, 4811 sc->sc_hwspecs.regionCode); 4812 sc->sc_fwrelease = sc->sc_hwspecs.fwReleaseNumber; 4813 4814 if (bootverbose) { 4815 int i; 4816 for (i = 0; i <= WME_AC_VO; i++) { 4817 struct mwl_txq *txq = sc->sc_ac2q[i]; 4818 device_printf(sc->sc_dev, "Use hw queue %u for %s traffic\n", 4819 txq->qnum, ieee80211_wme_acnames[i]); 4820 } 4821 } 4822 if (bootverbose || mwl_rxdesc != MWL_RXDESC) 4823 device_printf(sc->sc_dev, "using %u rx descriptors\n", mwl_rxdesc); 4824 if (bootverbose || mwl_rxbuf != MWL_RXBUF) 4825 device_printf(sc->sc_dev, "using %u rx buffers\n", mwl_rxbuf); 4826 if (bootverbose || mwl_txbuf != MWL_TXBUF) 4827 device_printf(sc->sc_dev, "using %u tx buffers\n", mwl_txbuf); 4828 if (bootverbose && mwl_hal_ismbsscapable(sc->sc_mh)) 4829 device_printf(sc->sc_dev, "multi-bss support\n"); 4830 #ifdef MWL_TX_NODROP 4831 if (bootverbose) 4832 device_printf(sc->sc_dev, "no tx drop\n"); 4833 #endif 4834 } 4835