1 /* $OpenBSD: if_otus.c,v 1.49 2015/11/24 13:33:18 mpi Exp $ */ 2 3 /*- 4 * Copyright (c) 2009 Damien Bergamini <damien.bergamini@free.fr> 5 * Copyright (c) 2015 Adrian Chadd <adrian@FreeBSD.org> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /* 21 * Driver for Atheros AR9001U chipset. 22 */ 23 24 #include <sys/cdefs.h> 25 __FBSDID("$FreeBSD$"); 26 27 #include "opt_wlan.h" 28 29 #include <sys/param.h> 30 #include <sys/endian.h> 31 #include <sys/sockio.h> 32 #include <sys/mbuf.h> 33 #include <sys/kernel.h> 34 #include <sys/malloc.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/conf.h> 38 #include <sys/bus.h> 39 #include <sys/rman.h> 40 #include <sys/firmware.h> 41 #include <sys/module.h> 42 #include <sys/taskqueue.h> 43 44 #include <machine/bus.h> 45 #include <machine/resource.h> 46 47 #include <net/bpf.h> 48 #include <net/if.h> 49 #include <net/if_var.h> 50 #include <net/if_arp.h> 51 #include <net/if_dl.h> 52 #include <net/if_media.h> 53 54 #include <netinet/in.h> 55 #include <netinet/in_systm.h> 56 #include <netinet/in_var.h> 57 #include <netinet/if_ether.h> 58 #include <netinet/ip.h> 59 60 #include <net80211/ieee80211_var.h> 61 #include <net80211/ieee80211_regdomain.h> 62 #include <net80211/ieee80211_radiotap.h> 63 #include <net80211/ieee80211_ratectl.h> 64 #ifdef IEEE80211_SUPPORT_SUPERG 65 #include <net80211/ieee80211_superg.h> 66 #endif 67 68 #include <dev/usb/usb.h> 69 #include <dev/usb/usbdi.h> 70 #include "usbdevs.h" 71 72 #define USB_DEBUG_VAR otus_debug 73 #include <dev/usb/usb_debug.h> 74 75 #include "if_otusreg.h" 76 77 static int otus_debug = 0; 78 static SYSCTL_NODE(_hw_usb, OID_AUTO, otus, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 79 "USB otus"); 80 SYSCTL_INT(_hw_usb_otus, OID_AUTO, debug, CTLFLAG_RWTUN, &otus_debug, 0, 81 "Debug level"); 82 #define OTUS_DEBUG_XMIT 0x00000001 83 #define OTUS_DEBUG_RECV 0x00000002 84 #define OTUS_DEBUG_TXDONE 0x00000004 85 #define OTUS_DEBUG_RXDONE 0x00000008 86 #define OTUS_DEBUG_CMD 0x00000010 87 #define OTUS_DEBUG_CMDDONE 0x00000020 88 #define OTUS_DEBUG_RESET 0x00000040 89 #define OTUS_DEBUG_STATE 0x00000080 90 #define OTUS_DEBUG_CMDNOTIFY 0x00000100 91 #define OTUS_DEBUG_REGIO 0x00000200 92 #define OTUS_DEBUG_IRQ 0x00000400 93 #define OTUS_DEBUG_TXCOMP 0x00000800 94 #define OTUS_DEBUG_ANY 0xffffffff 95 96 #define OTUS_DPRINTF(sc, dm, ...) \ 97 do { \ 98 if ((dm == OTUS_DEBUG_ANY) || (dm & otus_debug)) \ 99 device_printf(sc->sc_dev, __VA_ARGS__); \ 100 } while (0) 101 102 #define OTUS_DEV(v, p) { USB_VPI(v, p, 0) } 103 static const STRUCT_USB_HOST_ID otus_devs[] = { 104 OTUS_DEV(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_WN7512), 105 OTUS_DEV(USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_3CRUSBN275), 106 OTUS_DEV(USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_TG121N), 107 OTUS_DEV(USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_AR9170), 108 OTUS_DEV(USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_WN612), 109 OTUS_DEV(USB_VENDOR_ATHEROS2, USB_PRODUCT_ATHEROS2_WN821NV2), 110 OTUS_DEV(USB_VENDOR_AVM, USB_PRODUCT_AVM_FRITZWLAN), 111 OTUS_DEV(USB_VENDOR_CACE, USB_PRODUCT_CACE_AIRPCAPNX), 112 OTUS_DEV(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA130D1), 113 OTUS_DEV(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA160A1), 114 OTUS_DEV(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA160A2), 115 OTUS_DEV(USB_VENDOR_IODATA, USB_PRODUCT_IODATA_WNGDNUS2), 116 OTUS_DEV(USB_VENDOR_NEC, USB_PRODUCT_NEC_WL300NUG), 117 OTUS_DEV(USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WN111V2), 118 OTUS_DEV(USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNA1000), 119 OTUS_DEV(USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNDA3100), 120 OTUS_DEV(USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GW_US300), 121 OTUS_DEV(USB_VENDOR_WISTRONNEWEB, USB_PRODUCT_WISTRONNEWEB_O8494), 122 OTUS_DEV(USB_VENDOR_WISTRONNEWEB, USB_PRODUCT_WISTRONNEWEB_WNC0600), 123 OTUS_DEV(USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_UB81), 124 OTUS_DEV(USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_UB82), 125 OTUS_DEV(USB_VENDOR_ZYDAS, USB_PRODUCT_ZYDAS_ZD1221), 126 OTUS_DEV(USB_VENDOR_ZYXEL, USB_PRODUCT_ZYXEL_NWD271N), 127 }; 128 129 static device_probe_t otus_match; 130 static device_attach_t otus_attach; 131 static device_detach_t otus_detach; 132 133 static int otus_attachhook(struct otus_softc *); 134 void otus_get_chanlist(struct otus_softc *); 135 static void otus_getradiocaps(struct ieee80211com *, int, int *, 136 struct ieee80211_channel[]); 137 int otus_load_firmware(struct otus_softc *, const char *, 138 uint32_t); 139 int otus_open_pipes(struct otus_softc *); 140 void otus_close_pipes(struct otus_softc *); 141 142 static int otus_alloc_tx_cmd_list(struct otus_softc *); 143 static void otus_free_tx_cmd_list(struct otus_softc *); 144 145 static int otus_alloc_rx_list(struct otus_softc *); 146 static void otus_free_rx_list(struct otus_softc *); 147 static int otus_alloc_tx_list(struct otus_softc *); 148 static void otus_free_tx_list(struct otus_softc *); 149 static void otus_free_list(struct otus_softc *, struct otus_data [], int); 150 static struct otus_data *_otus_getbuf(struct otus_softc *); 151 static struct otus_data *otus_getbuf(struct otus_softc *); 152 static void otus_freebuf(struct otus_softc *, struct otus_data *); 153 154 static struct otus_tx_cmd *_otus_get_txcmd(struct otus_softc *); 155 static struct otus_tx_cmd *otus_get_txcmd(struct otus_softc *); 156 static void otus_free_txcmd(struct otus_softc *, struct otus_tx_cmd *); 157 158 void otus_next_scan(void *, int); 159 static void otus_tx_task(void *, int pending); 160 void otus_do_async(struct otus_softc *, 161 void (*)(struct otus_softc *, void *), void *, int); 162 int otus_newstate(struct ieee80211vap *, enum ieee80211_state, 163 int); 164 int otus_cmd(struct otus_softc *, uint8_t, const void *, int, 165 void *, int); 166 void otus_write(struct otus_softc *, uint32_t, uint32_t); 167 int otus_write_barrier(struct otus_softc *); 168 static struct ieee80211_node *otus_node_alloc(struct ieee80211vap *vap, 169 const uint8_t mac[IEEE80211_ADDR_LEN]); 170 int otus_media_change(struct ifnet *); 171 int otus_read_eeprom(struct otus_softc *); 172 void otus_newassoc(struct ieee80211_node *, int); 173 void otus_cmd_rxeof(struct otus_softc *, uint8_t *, int); 174 void otus_sub_rxeof(struct otus_softc *, uint8_t *, int, 175 struct mbufq *); 176 static int otus_tx(struct otus_softc *, struct ieee80211_node *, 177 struct mbuf *, struct otus_data *, 178 const struct ieee80211_bpf_params *); 179 int otus_ioctl(struct ifnet *, u_long, caddr_t); 180 int otus_set_multi(struct otus_softc *); 181 static int otus_updateedca(struct ieee80211com *); 182 static void otus_updateedca_locked(struct otus_softc *); 183 static void otus_updateslot(struct otus_softc *); 184 static void otus_set_operating_mode(struct otus_softc *sc); 185 static void otus_set_rx_filter(struct otus_softc *sc); 186 int otus_init_mac(struct otus_softc *); 187 uint32_t otus_phy_get_def(struct otus_softc *, uint32_t); 188 int otus_set_board_values(struct otus_softc *, 189 struct ieee80211_channel *); 190 int otus_program_phy(struct otus_softc *, 191 struct ieee80211_channel *); 192 int otus_set_rf_bank4(struct otus_softc *, 193 struct ieee80211_channel *); 194 void otus_get_delta_slope(uint32_t, uint32_t *, uint32_t *); 195 static int otus_set_chan(struct otus_softc *, struct ieee80211_channel *, 196 int); 197 int otus_set_key(struct ieee80211com *, struct ieee80211_node *, 198 struct ieee80211_key *); 199 void otus_set_key_cb(struct otus_softc *, void *); 200 void otus_delete_key(struct ieee80211com *, struct ieee80211_node *, 201 struct ieee80211_key *); 202 void otus_delete_key_cb(struct otus_softc *, void *); 203 void otus_calibrate_to(void *, int); 204 int otus_set_bssid(struct otus_softc *, const uint8_t *); 205 int otus_set_macaddr(struct otus_softc *, const uint8_t *); 206 void otus_led_newstate_type1(struct otus_softc *); 207 void otus_led_newstate_type2(struct otus_softc *); 208 void otus_led_newstate_type3(struct otus_softc *); 209 int otus_init(struct otus_softc *sc); 210 void otus_stop(struct otus_softc *sc); 211 212 static device_method_t otus_methods[] = { 213 DEVMETHOD(device_probe, otus_match), 214 DEVMETHOD(device_attach, otus_attach), 215 DEVMETHOD(device_detach, otus_detach), 216 217 DEVMETHOD_END 218 }; 219 220 static driver_t otus_driver = { 221 .name = "otus", 222 .methods = otus_methods, 223 .size = sizeof(struct otus_softc) 224 }; 225 226 static devclass_t otus_devclass; 227 228 DRIVER_MODULE(otus, uhub, otus_driver, otus_devclass, NULL, 0); 229 MODULE_DEPEND(otus, wlan, 1, 1, 1); 230 MODULE_DEPEND(otus, usb, 1, 1, 1); 231 MODULE_DEPEND(otus, firmware, 1, 1, 1); 232 MODULE_VERSION(otus, 1); 233 234 static usb_callback_t otus_bulk_tx_callback; 235 static usb_callback_t otus_bulk_rx_callback; 236 static usb_callback_t otus_bulk_irq_callback; 237 static usb_callback_t otus_bulk_cmd_callback; 238 239 static const struct usb_config otus_config[OTUS_N_XFER] = { 240 [OTUS_BULK_TX] = { 241 .type = UE_BULK, 242 .endpoint = UE_ADDR_ANY, 243 .direction = UE_DIR_OUT, 244 .bufsize = 0x200, 245 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 246 .callback = otus_bulk_tx_callback, 247 .timeout = 5000, /* ms */ 248 }, 249 [OTUS_BULK_RX] = { 250 .type = UE_BULK, 251 .endpoint = UE_ADDR_ANY, 252 .direction = UE_DIR_IN, 253 .bufsize = OTUS_RXBUFSZ, 254 .flags = { .ext_buffer = 1, .pipe_bof = 1,.short_xfer_ok = 1,}, 255 .callback = otus_bulk_rx_callback, 256 }, 257 [OTUS_BULK_IRQ] = { 258 .type = UE_INTERRUPT, 259 .endpoint = UE_ADDR_ANY, 260 .direction = UE_DIR_IN, 261 .bufsize = OTUS_MAX_CTRLSZ, 262 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 263 .callback = otus_bulk_irq_callback, 264 }, 265 [OTUS_BULK_CMD] = { 266 .type = UE_INTERRUPT, 267 .endpoint = UE_ADDR_ANY, 268 .direction = UE_DIR_OUT, 269 .bufsize = OTUS_MAX_CTRLSZ, 270 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 271 .callback = otus_bulk_cmd_callback, 272 .timeout = 5000, /* ms */ 273 }, 274 }; 275 276 static int 277 otus_match(device_t self) 278 { 279 struct usb_attach_arg *uaa = device_get_ivars(self); 280 281 if (uaa->usb_mode != USB_MODE_HOST || 282 uaa->info.bIfaceIndex != 0 || 283 uaa->info.bConfigIndex != 0) 284 return (ENXIO); 285 286 return (usbd_lookup_id_by_uaa(otus_devs, sizeof(otus_devs), uaa)); 287 } 288 289 static int 290 otus_attach(device_t self) 291 { 292 struct usb_attach_arg *uaa = device_get_ivars(self); 293 struct otus_softc *sc = device_get_softc(self); 294 int error; 295 uint8_t iface_index; 296 297 device_set_usb_desc(self); 298 sc->sc_udev = uaa->device; 299 sc->sc_dev = self; 300 301 mtx_init(&sc->sc_mtx, device_get_nameunit(self), MTX_NETWORK_LOCK, 302 MTX_DEF); 303 304 TIMEOUT_TASK_INIT(taskqueue_thread, &sc->scan_to, 0, otus_next_scan, sc); 305 TIMEOUT_TASK_INIT(taskqueue_thread, &sc->calib_to, 0, otus_calibrate_to, sc); 306 TASK_INIT(&sc->tx_task, 0, otus_tx_task, sc); 307 mbufq_init(&sc->sc_snd, ifqmaxlen); 308 309 iface_index = 0; 310 error = usbd_transfer_setup(uaa->device, &iface_index, sc->sc_xfer, 311 otus_config, OTUS_N_XFER, sc, &sc->sc_mtx); 312 if (error) { 313 device_printf(sc->sc_dev, 314 "could not allocate USB transfers, err=%s\n", 315 usbd_errstr(error)); 316 goto fail_usb; 317 } 318 319 if ((error = otus_open_pipes(sc)) != 0) { 320 device_printf(sc->sc_dev, "%s: could not open pipes\n", 321 __func__); 322 goto fail; 323 } 324 325 /* XXX check return status; fail out if appropriate */ 326 if (otus_attachhook(sc) != 0) 327 goto fail; 328 329 return (0); 330 331 fail: 332 otus_close_pipes(sc); 333 fail_usb: 334 mtx_destroy(&sc->sc_mtx); 335 return (ENXIO); 336 } 337 338 static int 339 otus_detach(device_t self) 340 { 341 struct otus_softc *sc = device_get_softc(self); 342 struct ieee80211com *ic = &sc->sc_ic; 343 344 otus_stop(sc); 345 346 usbd_transfer_unsetup(sc->sc_xfer, OTUS_N_XFER); 347 348 taskqueue_drain_timeout(taskqueue_thread, &sc->scan_to); 349 taskqueue_drain_timeout(taskqueue_thread, &sc->calib_to); 350 taskqueue_drain(taskqueue_thread, &sc->tx_task); 351 352 otus_close_pipes(sc); 353 #if 0 354 /* Wait for all queued asynchronous commands to complete. */ 355 usb_rem_wait_task(sc->sc_udev, &sc->sc_task); 356 357 usbd_ref_wait(sc->sc_udev); 358 #endif 359 360 ieee80211_ifdetach(ic); 361 mtx_destroy(&sc->sc_mtx); 362 return 0; 363 } 364 365 static void 366 otus_delay_ms(struct otus_softc *sc, int ms) 367 { 368 369 DELAY(1000 * ms); 370 } 371 372 static struct ieee80211vap * 373 otus_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 374 enum ieee80211_opmode opmode, int flags, 375 const uint8_t bssid[IEEE80211_ADDR_LEN], 376 const uint8_t mac[IEEE80211_ADDR_LEN]) 377 { 378 struct otus_vap *uvp; 379 struct ieee80211vap *vap; 380 381 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 382 return (NULL); 383 384 uvp = malloc(sizeof(struct otus_vap), M_80211_VAP, M_WAITOK | M_ZERO); 385 vap = &uvp->vap; 386 387 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, 388 flags, bssid) != 0) { 389 /* out of memory */ 390 free(uvp, M_80211_VAP); 391 return (NULL); 392 } 393 394 /* override state transition machine */ 395 uvp->newstate = vap->iv_newstate; 396 vap->iv_newstate = otus_newstate; 397 398 /* XXX TODO: double-check */ 399 vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_16; 400 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_32K; 401 402 ieee80211_ratectl_init(vap); 403 404 /* complete setup */ 405 ieee80211_vap_attach(vap, ieee80211_media_change, 406 ieee80211_media_status, mac); 407 ic->ic_opmode = opmode; 408 409 return (vap); 410 } 411 412 static void 413 otus_vap_delete(struct ieee80211vap *vap) 414 { 415 struct otus_vap *uvp = OTUS_VAP(vap); 416 417 ieee80211_ratectl_deinit(vap); 418 ieee80211_vap_detach(vap); 419 free(uvp, M_80211_VAP); 420 } 421 422 static void 423 otus_parent(struct ieee80211com *ic) 424 { 425 struct otus_softc *sc = ic->ic_softc; 426 int startall = 0; 427 428 if (ic->ic_nrunning > 0) { 429 if (!sc->sc_running) { 430 otus_init(sc); 431 startall = 1; 432 } else { 433 (void) otus_set_multi(sc); 434 } 435 } else if (sc->sc_running) 436 otus_stop(sc); 437 438 if (startall) 439 ieee80211_start_all(ic); 440 } 441 442 static void 443 otus_drain_mbufq(struct otus_softc *sc) 444 { 445 struct mbuf *m; 446 struct ieee80211_node *ni; 447 448 OTUS_LOCK_ASSERT(sc); 449 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 450 ni = (struct ieee80211_node *) m->m_pkthdr.rcvif; 451 m->m_pkthdr.rcvif = NULL; 452 ieee80211_free_node(ni); 453 m_freem(m); 454 } 455 } 456 457 static void 458 otus_tx_start(struct otus_softc *sc) 459 { 460 461 taskqueue_enqueue(taskqueue_thread, &sc->tx_task); 462 } 463 464 static int 465 otus_transmit(struct ieee80211com *ic, struct mbuf *m) 466 { 467 struct otus_softc *sc = ic->ic_softc; 468 int error; 469 470 OTUS_LOCK(sc); 471 if (! sc->sc_running) { 472 OTUS_UNLOCK(sc); 473 return (ENXIO); 474 } 475 476 /* XXX TODO: handle fragments */ 477 error = mbufq_enqueue(&sc->sc_snd, m); 478 if (error) { 479 OTUS_DPRINTF(sc, OTUS_DEBUG_XMIT, 480 "%s: mbufq_enqueue failed: %d\n", 481 __func__, 482 error); 483 OTUS_UNLOCK(sc); 484 return (error); 485 } 486 OTUS_UNLOCK(sc); 487 488 /* Kick TX */ 489 otus_tx_start(sc); 490 491 return (0); 492 } 493 494 static void 495 _otus_start(struct otus_softc *sc) 496 { 497 struct ieee80211_node *ni; 498 struct otus_data *bf; 499 struct mbuf *m; 500 501 OTUS_LOCK_ASSERT(sc); 502 503 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 504 bf = otus_getbuf(sc); 505 if (bf == NULL) { 506 OTUS_DPRINTF(sc, OTUS_DEBUG_XMIT, 507 "%s: failed to get buffer\n", __func__); 508 mbufq_prepend(&sc->sc_snd, m); 509 break; 510 } 511 512 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 513 m->m_pkthdr.rcvif = NULL; 514 515 if (otus_tx(sc, ni, m, bf, NULL) != 0) { 516 OTUS_DPRINTF(sc, OTUS_DEBUG_XMIT, 517 "%s: failed to transmit\n", __func__); 518 if_inc_counter(ni->ni_vap->iv_ifp, 519 IFCOUNTER_OERRORS, 1); 520 otus_freebuf(sc, bf); 521 ieee80211_free_node(ni); 522 m_freem(m); 523 break; 524 } 525 } 526 } 527 528 static void 529 otus_tx_task(void *arg, int pending) 530 { 531 struct otus_softc *sc = arg; 532 533 OTUS_LOCK(sc); 534 _otus_start(sc); 535 OTUS_UNLOCK(sc); 536 } 537 538 static int 539 otus_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 540 const struct ieee80211_bpf_params *params) 541 { 542 struct ieee80211com *ic= ni->ni_ic; 543 struct otus_softc *sc = ic->ic_softc; 544 struct otus_data *bf = NULL; 545 int error = 0; 546 547 /* Don't transmit if we're not running */ 548 OTUS_LOCK(sc); 549 if (! sc->sc_running) { 550 error = ENETDOWN; 551 goto error; 552 } 553 554 bf = otus_getbuf(sc); 555 if (bf == NULL) { 556 error = ENOBUFS; 557 goto error; 558 } 559 560 if (otus_tx(sc, ni, m, bf, params) != 0) { 561 error = EIO; 562 goto error; 563 } 564 565 OTUS_UNLOCK(sc); 566 return (0); 567 error: 568 if (bf) 569 otus_freebuf(sc, bf); 570 OTUS_UNLOCK(sc); 571 m_freem(m); 572 return (ENXIO); 573 } 574 575 static void 576 otus_update_chw(struct ieee80211com *ic) 577 { 578 579 printf("%s: TODO\n", __func__); 580 } 581 582 static void 583 otus_set_channel(struct ieee80211com *ic) 584 { 585 struct otus_softc *sc = ic->ic_softc; 586 OTUS_DPRINTF(sc, OTUS_DEBUG_RESET, "%s: set channel: %d\n", 587 __func__, 588 ic->ic_curchan->ic_freq); 589 590 OTUS_LOCK(sc); 591 (void) otus_set_chan(sc, ic->ic_curchan, 0); 592 OTUS_UNLOCK(sc); 593 } 594 595 static int 596 otus_ampdu_enable(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 597 { 598 599 /* For now, no A-MPDU TX support in the driver */ 600 return (0); 601 } 602 603 static void 604 otus_scan_start(struct ieee80211com *ic) 605 { 606 607 // printf("%s: TODO\n", __func__); 608 } 609 610 static void 611 otus_scan_end(struct ieee80211com *ic) 612 { 613 614 // printf("%s: TODO\n", __func__); 615 } 616 617 static void 618 otus_update_mcast(struct ieee80211com *ic) 619 { 620 struct otus_softc *sc = ic->ic_softc; 621 622 (void) otus_set_multi(sc); 623 } 624 625 static int 626 otus_attachhook(struct otus_softc *sc) 627 { 628 struct ieee80211com *ic = &sc->sc_ic; 629 usb_device_request_t req; 630 uint32_t in, out; 631 int error; 632 633 /* Not locked */ 634 error = otus_load_firmware(sc, "otusfw_init", AR_FW_INIT_ADDR); 635 if (error != 0) { 636 device_printf(sc->sc_dev, "%s: could not load %s firmware\n", 637 __func__, "init"); 638 return (ENXIO); 639 } 640 641 /* XXX not locked? */ 642 otus_delay_ms(sc, 1000); 643 644 /* Not locked */ 645 error = otus_load_firmware(sc, "otusfw_main", AR_FW_MAIN_ADDR); 646 if (error != 0) { 647 device_printf(sc->sc_dev, "%s: could not load %s firmware\n", 648 __func__, "main"); 649 return (ENXIO); 650 } 651 652 OTUS_LOCK(sc); 653 654 /* Tell device that firmware transfer is complete. */ 655 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 656 req.bRequest = AR_FW_DOWNLOAD_COMPLETE; 657 USETW(req.wValue, 0); 658 USETW(req.wIndex, 0); 659 USETW(req.wLength, 0); 660 if (usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, &req, NULL, 661 0, NULL, 250) != 0) { 662 OTUS_UNLOCK(sc); 663 device_printf(sc->sc_dev, 664 "%s: firmware initialization failed\n", 665 __func__); 666 return (ENXIO); 667 } 668 669 /* Send an ECHO command to check that everything is settled. */ 670 in = 0xbadc0ffe; 671 if (otus_cmd(sc, AR_CMD_ECHO, &in, sizeof in, &out, sizeof(out)) != 0) { 672 OTUS_UNLOCK(sc); 673 device_printf(sc->sc_dev, 674 "%s: echo command failed\n", __func__); 675 return (ENXIO); 676 } 677 if (in != out) { 678 OTUS_UNLOCK(sc); 679 device_printf(sc->sc_dev, 680 "%s: echo reply mismatch: 0x%08x!=0x%08x\n", 681 __func__, in, out); 682 return (ENXIO); 683 } 684 685 /* Read entire EEPROM. */ 686 if (otus_read_eeprom(sc) != 0) { 687 OTUS_UNLOCK(sc); 688 device_printf(sc->sc_dev, 689 "%s: could not read EEPROM\n", 690 __func__); 691 return (ENXIO); 692 } 693 694 OTUS_UNLOCK(sc); 695 696 sc->txmask = sc->eeprom.baseEepHeader.txMask; 697 sc->rxmask = sc->eeprom.baseEepHeader.rxMask; 698 sc->capflags = sc->eeprom.baseEepHeader.opCapFlags; 699 IEEE80211_ADDR_COPY(ic->ic_macaddr, sc->eeprom.baseEepHeader.macAddr); 700 sc->sc_led_newstate = otus_led_newstate_type3; /* XXX */ 701 702 device_printf(sc->sc_dev, 703 "MAC/BBP AR9170, RF AR%X, MIMO %dT%dR, address %s\n", 704 (sc->capflags & AR5416_OPFLAGS_11A) ? 705 0x9104 : ((sc->txmask == 0x5) ? 0x9102 : 0x9101), 706 (sc->txmask == 0x5) ? 2 : 1, (sc->rxmask == 0x5) ? 2 : 1, 707 ether_sprintf(ic->ic_macaddr)); 708 709 ic->ic_softc = sc; 710 ic->ic_name = device_get_nameunit(sc->sc_dev); 711 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 712 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 713 714 /* Set device capabilities. */ 715 ic->ic_caps = 716 IEEE80211_C_STA | /* station mode */ 717 #if 0 718 IEEE80211_C_BGSCAN | /* Background scan. */ 719 #endif 720 IEEE80211_C_SHPREAMBLE | /* Short preamble supported. */ 721 IEEE80211_C_WME | /* WME/QoS */ 722 IEEE80211_C_SHSLOT | /* Short slot time supported. */ 723 IEEE80211_C_FF | /* Atheros fast-frames supported. */ 724 IEEE80211_C_MONITOR | 725 IEEE80211_C_WPA; /* WPA/RSN. */ 726 727 /* XXX TODO: 11n */ 728 729 #if 0 730 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 731 /* Set supported .11b and .11g rates. */ 732 ic->ic_sup_rates[IEEE80211_MODE_11B] = 733 ieee80211_std_rateset_11b; 734 ic->ic_sup_rates[IEEE80211_MODE_11G] = 735 ieee80211_std_rateset_11g; 736 } 737 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 738 /* Set supported .11a rates. */ 739 ic->ic_sup_rates[IEEE80211_MODE_11A] = 740 ieee80211_std_rateset_11a; 741 } 742 #endif 743 744 #if 0 745 /* Build the list of supported channels. */ 746 otus_get_chanlist(sc); 747 #else 748 otus_getradiocaps(ic, IEEE80211_CHAN_MAX, &ic->ic_nchans, 749 ic->ic_channels); 750 #endif 751 752 ieee80211_ifattach(ic); 753 ic->ic_raw_xmit = otus_raw_xmit; 754 ic->ic_scan_start = otus_scan_start; 755 ic->ic_scan_end = otus_scan_end; 756 ic->ic_set_channel = otus_set_channel; 757 ic->ic_getradiocaps = otus_getradiocaps; 758 ic->ic_vap_create = otus_vap_create; 759 ic->ic_vap_delete = otus_vap_delete; 760 ic->ic_update_mcast = otus_update_mcast; 761 ic->ic_update_promisc = otus_update_mcast; 762 ic->ic_parent = otus_parent; 763 ic->ic_transmit = otus_transmit; 764 ic->ic_update_chw = otus_update_chw; 765 ic->ic_ampdu_enable = otus_ampdu_enable; 766 ic->ic_wme.wme_update = otus_updateedca; 767 ic->ic_newassoc = otus_newassoc; 768 ic->ic_node_alloc = otus_node_alloc; 769 770 #ifdef notyet 771 ic->ic_set_key = otus_set_key; 772 ic->ic_delete_key = otus_delete_key; 773 #endif 774 775 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr, 776 sizeof(sc->sc_txtap), OTUS_TX_RADIOTAP_PRESENT, 777 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 778 OTUS_RX_RADIOTAP_PRESENT); 779 780 return (0); 781 } 782 783 void 784 otus_get_chanlist(struct otus_softc *sc) 785 { 786 struct ieee80211com *ic = &sc->sc_ic; 787 uint16_t domain; 788 uint8_t chan; 789 int i; 790 791 /* XXX regulatory domain. */ 792 domain = le16toh(sc->eeprom.baseEepHeader.regDmn[0]); 793 OTUS_DPRINTF(sc, OTUS_DEBUG_RESET, "regdomain=0x%04x\n", domain); 794 795 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 796 for (i = 0; i < 14; i++) { 797 chan = ar_chans[i]; 798 ic->ic_channels[chan].ic_freq = 799 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 800 ic->ic_channels[chan].ic_flags = 801 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 802 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 803 } 804 } 805 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 806 for (i = 14; i < nitems(ar_chans); i++) { 807 chan = ar_chans[i]; 808 ic->ic_channels[chan].ic_freq = 809 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 810 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 811 } 812 } 813 } 814 815 static void 816 otus_getradiocaps(struct ieee80211com *ic, 817 int maxchans, int *nchans, struct ieee80211_channel chans[]) 818 { 819 struct otus_softc *sc = ic->ic_softc; 820 uint8_t bands[IEEE80211_MODE_BYTES]; 821 822 /* Set supported .11b and .11g rates. */ 823 memset(bands, 0, sizeof(bands)); 824 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11G) { 825 setbit(bands, IEEE80211_MODE_11B); 826 setbit(bands, IEEE80211_MODE_11G); 827 #if 0 828 if (sc->sc_ht) 829 setbit(bands, IEEE80211_MODE_11NG); 830 #endif 831 ieee80211_add_channel_list_2ghz(chans, maxchans, nchans, 832 ar_chans, 14, bands, 0); 833 } 834 if (sc->eeprom.baseEepHeader.opCapFlags & AR5416_OPFLAGS_11A) { 835 setbit(bands, IEEE80211_MODE_11A); 836 ieee80211_add_channel_list_5ghz(chans, maxchans, nchans, 837 &ar_chans[14], nitems(ar_chans) - 14, bands, 0); 838 } 839 } 840 841 int 842 otus_load_firmware(struct otus_softc *sc, const char *name, uint32_t addr) 843 { 844 usb_device_request_t req; 845 char *ptr; 846 const struct firmware *fw; 847 int mlen, error, size; 848 849 error = 0; 850 851 /* Read firmware image from the filesystem. */ 852 if ((fw = firmware_get(name)) == NULL) { 853 device_printf(sc->sc_dev, 854 "%s: failed loadfirmware of file %s\n", __func__, name); 855 return (ENXIO); 856 } 857 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 858 req.bRequest = AR_FW_DOWNLOAD; 859 USETW(req.wIndex, 0); 860 861 OTUS_LOCK(sc); 862 863 /* XXX const */ 864 ptr = __DECONST(char *, fw->data); 865 size = fw->datasize; 866 addr >>= 8; 867 while (size > 0) { 868 mlen = MIN(size, 4096); 869 870 USETW(req.wValue, addr); 871 USETW(req.wLength, mlen); 872 if (usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 873 &req, ptr, 0, NULL, 250) != 0) { 874 error = EIO; 875 break; 876 } 877 addr += mlen >> 8; 878 ptr += mlen; 879 size -= mlen; 880 } 881 882 OTUS_UNLOCK(sc); 883 884 firmware_put(fw, FIRMWARE_UNLOAD); 885 if (error != 0) 886 device_printf(sc->sc_dev, 887 "%s: %s: error=%d\n", __func__, name, error); 888 return error; 889 } 890 891 int 892 otus_open_pipes(struct otus_softc *sc) 893 { 894 #if 0 895 int isize, error; 896 int i; 897 #endif 898 int error; 899 900 OTUS_UNLOCK_ASSERT(sc); 901 902 if ((error = otus_alloc_tx_cmd_list(sc)) != 0) { 903 device_printf(sc->sc_dev, 904 "%s: could not allocate command xfer\n", 905 __func__); 906 goto fail; 907 } 908 909 if ((error = otus_alloc_tx_list(sc)) != 0) { 910 device_printf(sc->sc_dev, "%s: could not allocate Tx xfers\n", 911 __func__); 912 goto fail; 913 } 914 915 if ((error = otus_alloc_rx_list(sc)) != 0) { 916 device_printf(sc->sc_dev, "%s: could not allocate Rx xfers\n", 917 __func__); 918 goto fail; 919 } 920 921 /* Enable RX transfers; needed for initial firmware messages */ 922 OTUS_LOCK(sc); 923 usbd_transfer_start(sc->sc_xfer[OTUS_BULK_RX]); 924 usbd_transfer_start(sc->sc_xfer[OTUS_BULK_IRQ]); 925 OTUS_UNLOCK(sc); 926 return 0; 927 928 fail: otus_close_pipes(sc); 929 return error; 930 } 931 932 void 933 otus_close_pipes(struct otus_softc *sc) 934 { 935 936 OTUS_LOCK(sc); 937 otus_free_tx_cmd_list(sc); 938 otus_free_tx_list(sc); 939 otus_free_rx_list(sc); 940 OTUS_UNLOCK(sc); 941 942 usbd_transfer_unsetup(sc->sc_xfer, OTUS_N_XFER); 943 } 944 945 static void 946 otus_free_cmd_list(struct otus_softc *sc, struct otus_tx_cmd cmd[], int ndata) 947 { 948 int i; 949 950 /* XXX TODO: someone has to have waken up waiters! */ 951 for (i = 0; i < ndata; i++) { 952 struct otus_tx_cmd *dp = &cmd[i]; 953 954 if (dp->buf != NULL) { 955 free(dp->buf, M_USBDEV); 956 dp->buf = NULL; 957 } 958 } 959 } 960 961 static int 962 otus_alloc_cmd_list(struct otus_softc *sc, struct otus_tx_cmd cmd[], 963 int ndata, int maxsz) 964 { 965 int i, error; 966 967 for (i = 0; i < ndata; i++) { 968 struct otus_tx_cmd *dp = &cmd[i]; 969 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT | M_ZERO); 970 dp->odata = NULL; 971 if (dp->buf == NULL) { 972 device_printf(sc->sc_dev, 973 "could not allocate buffer\n"); 974 error = ENOMEM; 975 goto fail; 976 } 977 } 978 979 return (0); 980 fail: 981 otus_free_cmd_list(sc, cmd, ndata); 982 return (error); 983 } 984 985 static int 986 otus_alloc_tx_cmd_list(struct otus_softc *sc) 987 { 988 int error, i; 989 990 error = otus_alloc_cmd_list(sc, sc->sc_cmd, OTUS_CMD_LIST_COUNT, 991 OTUS_MAX_TXCMDSZ); 992 if (error != 0) 993 return (error); 994 995 STAILQ_INIT(&sc->sc_cmd_active); 996 STAILQ_INIT(&sc->sc_cmd_inactive); 997 STAILQ_INIT(&sc->sc_cmd_pending); 998 STAILQ_INIT(&sc->sc_cmd_waiting); 999 1000 for (i = 0; i < OTUS_CMD_LIST_COUNT; i++) 1001 STAILQ_INSERT_HEAD(&sc->sc_cmd_inactive, &sc->sc_cmd[i], 1002 next_cmd); 1003 1004 return (0); 1005 } 1006 1007 static void 1008 otus_free_tx_cmd_list(struct otus_softc *sc) 1009 { 1010 1011 /* 1012 * XXX TODO: something needs to wake up any pending/sleeping 1013 * waiters! 1014 */ 1015 STAILQ_INIT(&sc->sc_cmd_active); 1016 STAILQ_INIT(&sc->sc_cmd_inactive); 1017 STAILQ_INIT(&sc->sc_cmd_pending); 1018 STAILQ_INIT(&sc->sc_cmd_waiting); 1019 1020 otus_free_cmd_list(sc, sc->sc_cmd, OTUS_CMD_LIST_COUNT); 1021 } 1022 1023 static int 1024 otus_alloc_list(struct otus_softc *sc, struct otus_data data[], 1025 int ndata, int maxsz) 1026 { 1027 int i, error; 1028 1029 for (i = 0; i < ndata; i++) { 1030 struct otus_data *dp = &data[i]; 1031 dp->sc = sc; 1032 dp->m = NULL; 1033 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT | M_ZERO); 1034 if (dp->buf == NULL) { 1035 device_printf(sc->sc_dev, 1036 "could not allocate buffer\n"); 1037 error = ENOMEM; 1038 goto fail; 1039 } 1040 dp->ni = NULL; 1041 } 1042 1043 return (0); 1044 fail: 1045 otus_free_list(sc, data, ndata); 1046 return (error); 1047 } 1048 1049 static int 1050 otus_alloc_rx_list(struct otus_softc *sc) 1051 { 1052 int error, i; 1053 1054 error = otus_alloc_list(sc, sc->sc_rx, OTUS_RX_LIST_COUNT, 1055 OTUS_RXBUFSZ); 1056 if (error != 0) 1057 return (error); 1058 1059 STAILQ_INIT(&sc->sc_rx_active); 1060 STAILQ_INIT(&sc->sc_rx_inactive); 1061 1062 for (i = 0; i < OTUS_RX_LIST_COUNT; i++) 1063 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next); 1064 1065 return (0); 1066 } 1067 1068 static int 1069 otus_alloc_tx_list(struct otus_softc *sc) 1070 { 1071 int error, i; 1072 1073 error = otus_alloc_list(sc, sc->sc_tx, OTUS_TX_LIST_COUNT, 1074 OTUS_TXBUFSZ); 1075 if (error != 0) 1076 return (error); 1077 1078 STAILQ_INIT(&sc->sc_tx_inactive); 1079 1080 for (i = 0; i != OTUS_N_XFER; i++) { 1081 STAILQ_INIT(&sc->sc_tx_active[i]); 1082 STAILQ_INIT(&sc->sc_tx_pending[i]); 1083 } 1084 1085 for (i = 0; i < OTUS_TX_LIST_COUNT; i++) { 1086 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next); 1087 } 1088 1089 return (0); 1090 } 1091 1092 static void 1093 otus_free_tx_list(struct otus_softc *sc) 1094 { 1095 int i; 1096 1097 /* prevent further allocations from TX list(s) */ 1098 STAILQ_INIT(&sc->sc_tx_inactive); 1099 1100 for (i = 0; i != OTUS_N_XFER; i++) { 1101 STAILQ_INIT(&sc->sc_tx_active[i]); 1102 STAILQ_INIT(&sc->sc_tx_pending[i]); 1103 } 1104 1105 otus_free_list(sc, sc->sc_tx, OTUS_TX_LIST_COUNT); 1106 } 1107 1108 static void 1109 otus_free_rx_list(struct otus_softc *sc) 1110 { 1111 /* prevent further allocations from RX list(s) */ 1112 STAILQ_INIT(&sc->sc_rx_inactive); 1113 STAILQ_INIT(&sc->sc_rx_active); 1114 1115 otus_free_list(sc, sc->sc_rx, OTUS_RX_LIST_COUNT); 1116 } 1117 1118 static void 1119 otus_free_list(struct otus_softc *sc, struct otus_data data[], int ndata) 1120 { 1121 int i; 1122 1123 for (i = 0; i < ndata; i++) { 1124 struct otus_data *dp = &data[i]; 1125 1126 if (dp->buf != NULL) { 1127 free(dp->buf, M_USBDEV); 1128 dp->buf = NULL; 1129 } 1130 if (dp->ni != NULL) { 1131 ieee80211_free_node(dp->ni); 1132 dp->ni = NULL; 1133 } 1134 } 1135 } 1136 1137 static struct otus_data * 1138 _otus_getbuf(struct otus_softc *sc) 1139 { 1140 struct otus_data *bf; 1141 1142 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 1143 if (bf != NULL) 1144 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 1145 else 1146 bf = NULL; 1147 /* XXX bzero? */ 1148 return (bf); 1149 } 1150 1151 static struct otus_data * 1152 otus_getbuf(struct otus_softc *sc) 1153 { 1154 struct otus_data *bf; 1155 1156 OTUS_LOCK_ASSERT(sc); 1157 1158 bf = _otus_getbuf(sc); 1159 return (bf); 1160 } 1161 1162 static void 1163 otus_freebuf(struct otus_softc *sc, struct otus_data *bf) 1164 { 1165 1166 OTUS_LOCK_ASSERT(sc); 1167 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, bf, next); 1168 } 1169 1170 static struct otus_tx_cmd * 1171 _otus_get_txcmd(struct otus_softc *sc) 1172 { 1173 struct otus_tx_cmd *bf; 1174 1175 bf = STAILQ_FIRST(&sc->sc_cmd_inactive); 1176 if (bf != NULL) 1177 STAILQ_REMOVE_HEAD(&sc->sc_cmd_inactive, next_cmd); 1178 else 1179 bf = NULL; 1180 return (bf); 1181 } 1182 1183 static struct otus_tx_cmd * 1184 otus_get_txcmd(struct otus_softc *sc) 1185 { 1186 struct otus_tx_cmd *bf; 1187 1188 OTUS_LOCK_ASSERT(sc); 1189 1190 bf = _otus_get_txcmd(sc); 1191 if (bf == NULL) { 1192 device_printf(sc->sc_dev, "%s: no tx cmd buffers\n", 1193 __func__); 1194 } 1195 return (bf); 1196 } 1197 1198 static void 1199 otus_free_txcmd(struct otus_softc *sc, struct otus_tx_cmd *bf) 1200 { 1201 1202 OTUS_LOCK_ASSERT(sc); 1203 STAILQ_INSERT_TAIL(&sc->sc_cmd_inactive, bf, next_cmd); 1204 } 1205 1206 void 1207 otus_next_scan(void *arg, int pending) 1208 { 1209 #if 0 1210 struct otus_softc *sc = arg; 1211 1212 if (usbd_is_dying(sc->sc_udev)) 1213 return; 1214 1215 usbd_ref_incr(sc->sc_udev); 1216 1217 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1218 ieee80211_next_scan(&sc->sc_ic.ic_if); 1219 1220 usbd_ref_decr(sc->sc_udev); 1221 #endif 1222 } 1223 1224 int 1225 otus_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 1226 { 1227 struct otus_vap *uvp = OTUS_VAP(vap); 1228 struct ieee80211com *ic = vap->iv_ic; 1229 struct otus_softc *sc = ic->ic_softc; 1230 enum ieee80211_state ostate; 1231 1232 ostate = vap->iv_state; 1233 OTUS_DPRINTF(sc, OTUS_DEBUG_STATE, "%s: %s -> %s\n", __func__, 1234 ieee80211_state_name[ostate], 1235 ieee80211_state_name[nstate]); 1236 1237 IEEE80211_UNLOCK(ic); 1238 1239 OTUS_LOCK(sc); 1240 1241 /* XXX TODO: more fleshing out! */ 1242 1243 switch (nstate) { 1244 case IEEE80211_S_INIT: 1245 otus_set_operating_mode(sc); 1246 otus_set_rx_filter(sc); 1247 break; 1248 case IEEE80211_S_RUN: 1249 if (ic->ic_opmode == IEEE80211_M_STA) { 1250 otus_updateslot(sc); 1251 otus_set_operating_mode(sc); 1252 otus_set_rx_filter(sc); 1253 1254 /* Start calibration timer. */ 1255 taskqueue_enqueue_timeout(taskqueue_thread, 1256 &sc->calib_to, hz); 1257 } 1258 break; 1259 default: 1260 break; 1261 } 1262 1263 /* XXX TODO: calibration? */ 1264 1265 sc->sc_led_newstate(sc); 1266 1267 OTUS_UNLOCK(sc); 1268 IEEE80211_LOCK(ic); 1269 return (uvp->newstate(vap, nstate, arg)); 1270 } 1271 1272 int 1273 otus_cmd(struct otus_softc *sc, uint8_t code, const void *idata, int ilen, 1274 void *odata, int odatalen) 1275 { 1276 struct otus_tx_cmd *cmd; 1277 struct ar_cmd_hdr *hdr; 1278 int xferlen, error; 1279 1280 OTUS_LOCK_ASSERT(sc); 1281 1282 /* Always bulk-out a multiple of 4 bytes. */ 1283 xferlen = (sizeof (*hdr) + ilen + 3) & ~3; 1284 if (xferlen > OTUS_MAX_TXCMDSZ) { 1285 device_printf(sc->sc_dev, "%s: command (0x%02x) size (%d) > %d\n", 1286 __func__, 1287 code, 1288 xferlen, 1289 OTUS_MAX_TXCMDSZ); 1290 return (EIO); 1291 } 1292 1293 cmd = otus_get_txcmd(sc); 1294 if (cmd == NULL) { 1295 device_printf(sc->sc_dev, "%s: failed to get buf\n", 1296 __func__); 1297 return (EIO); 1298 } 1299 1300 hdr = (struct ar_cmd_hdr *)cmd->buf; 1301 hdr->code = code; 1302 hdr->len = ilen; 1303 hdr->token = ++sc->token; /* Don't care about endianness. */ 1304 cmd->token = hdr->token; 1305 /* XXX TODO: check max cmd length? */ 1306 memcpy((uint8_t *)&hdr[1], idata, ilen); 1307 1308 OTUS_DPRINTF(sc, OTUS_DEBUG_CMD, 1309 "%s: sending command code=0x%02x len=%d token=%d\n", 1310 __func__, code, ilen, hdr->token); 1311 1312 cmd->odata = odata; 1313 cmd->odatalen = odatalen; 1314 cmd->buflen = xferlen; 1315 1316 /* Queue the command to the endpoint */ 1317 STAILQ_INSERT_TAIL(&sc->sc_cmd_pending, cmd, next_cmd); 1318 usbd_transfer_start(sc->sc_xfer[OTUS_BULK_CMD]); 1319 1320 /* Sleep on the command; wait for it to complete */ 1321 error = msleep(cmd, &sc->sc_mtx, PCATCH, "otuscmd", hz); 1322 1323 /* 1324 * At this point we don't own cmd any longer; it'll be 1325 * freed by the cmd bulk path or the RX notification 1326 * path. If the data is made available then it'll be copied 1327 * to the caller. All that is left to do is communicate 1328 * status back to the caller. 1329 */ 1330 if (error != 0) { 1331 device_printf(sc->sc_dev, 1332 "%s: timeout waiting for command 0x%02x reply\n", 1333 __func__, code); 1334 } 1335 return error; 1336 } 1337 1338 void 1339 otus_write(struct otus_softc *sc, uint32_t reg, uint32_t val) 1340 { 1341 1342 OTUS_LOCK_ASSERT(sc); 1343 1344 sc->write_buf[sc->write_idx].reg = htole32(reg); 1345 sc->write_buf[sc->write_idx].val = htole32(val); 1346 1347 if (++sc->write_idx > (AR_MAX_WRITE_IDX-1)) 1348 (void)otus_write_barrier(sc); 1349 } 1350 1351 int 1352 otus_write_barrier(struct otus_softc *sc) 1353 { 1354 int error; 1355 1356 OTUS_LOCK_ASSERT(sc); 1357 1358 if (sc->write_idx == 0) 1359 return 0; /* Nothing to flush. */ 1360 1361 OTUS_DPRINTF(sc, OTUS_DEBUG_REGIO, "%s: called; %d updates\n", 1362 __func__, 1363 sc->write_idx); 1364 1365 error = otus_cmd(sc, AR_CMD_WREG, sc->write_buf, 1366 sizeof (sc->write_buf[0]) * sc->write_idx, NULL, 0); 1367 sc->write_idx = 0; 1368 return error; 1369 } 1370 1371 static struct ieee80211_node * 1372 otus_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1373 { 1374 1375 return malloc(sizeof (struct otus_node), M_80211_NODE, 1376 M_NOWAIT | M_ZERO); 1377 } 1378 1379 #if 0 1380 int 1381 otus_media_change(struct ifnet *ifp) 1382 { 1383 struct otus_softc *sc = ifp->if_softc; 1384 struct ieee80211com *ic = &sc->sc_ic; 1385 uint8_t rate, ridx; 1386 int error; 1387 1388 error = ieee80211_media_change(ifp); 1389 if (error != ENETRESET) 1390 return error; 1391 1392 if (ic->ic_fixed_rate != -1) { 1393 rate = ic->ic_sup_rates[ic->ic_curmode]. 1394 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1395 for (ridx = 0; ridx <= OTUS_RIDX_MAX; ridx++) 1396 if (otus_rates[ridx].rate == rate) 1397 break; 1398 sc->fixed_ridx = ridx; 1399 } 1400 1401 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1402 error = otus_init(sc); 1403 1404 return error; 1405 } 1406 #endif 1407 1408 int 1409 otus_read_eeprom(struct otus_softc *sc) 1410 { 1411 uint32_t regs[8], reg; 1412 uint8_t *eep; 1413 int i, j, error; 1414 1415 OTUS_LOCK_ASSERT(sc); 1416 1417 /* Read EEPROM by blocks of 32 bytes. */ 1418 eep = (uint8_t *)&sc->eeprom; 1419 reg = AR_EEPROM_OFFSET; 1420 for (i = 0; i < sizeof (sc->eeprom) / 32; i++) { 1421 for (j = 0; j < 8; j++, reg += 4) 1422 regs[j] = htole32(reg); 1423 error = otus_cmd(sc, AR_CMD_RREG, regs, sizeof regs, eep, 32); 1424 if (error != 0) 1425 break; 1426 eep += 32; 1427 } 1428 return error; 1429 } 1430 1431 void 1432 otus_newassoc(struct ieee80211_node *ni, int isnew) 1433 { 1434 struct ieee80211com *ic = ni->ni_ic; 1435 struct otus_softc *sc = ic->ic_softc; 1436 struct otus_node *on = OTUS_NODE(ni); 1437 1438 OTUS_DPRINTF(sc, OTUS_DEBUG_STATE, "new assoc isnew=%d addr=%s\n", 1439 isnew, ether_sprintf(ni->ni_macaddr)); 1440 1441 on->tx_done = 0; 1442 on->tx_err = 0; 1443 on->tx_retries = 0; 1444 } 1445 1446 static void 1447 otus_cmd_handle_response(struct otus_softc *sc, struct ar_cmd_hdr *hdr) 1448 { 1449 struct otus_tx_cmd *cmd; 1450 1451 OTUS_LOCK_ASSERT(sc); 1452 1453 OTUS_DPRINTF(sc, OTUS_DEBUG_CMDDONE, 1454 "%s: received reply code=0x%02x len=%d token=%d\n", 1455 __func__, 1456 hdr->code, hdr->len, hdr->token); 1457 1458 /* 1459 * Walk the list, freeing items that aren't ours, 1460 * stopping when we hit our token. 1461 */ 1462 while ((cmd = STAILQ_FIRST(&sc->sc_cmd_waiting)) != NULL) { 1463 STAILQ_REMOVE_HEAD(&sc->sc_cmd_waiting, next_cmd); 1464 OTUS_DPRINTF(sc, OTUS_DEBUG_CMDDONE, 1465 "%s: cmd=%p; hdr.token=%d, cmd.token=%d\n", 1466 __func__, 1467 cmd, 1468 (int) hdr->token, 1469 (int) cmd->token); 1470 if (hdr->token == cmd->token) { 1471 /* Copy answer into caller's supplied buffer. */ 1472 if (cmd->odata != NULL) { 1473 if (hdr->len != cmd->odatalen) { 1474 device_printf(sc->sc_dev, 1475 "%s: code 0x%02x, len=%d, olen=%d\n", 1476 __func__, 1477 (int) hdr->code, 1478 (int) hdr->len, 1479 (int) cmd->odatalen); 1480 } 1481 memcpy(cmd->odata, &hdr[1], 1482 MIN(cmd->odatalen, hdr->len)); 1483 } 1484 wakeup(cmd); 1485 } 1486 1487 STAILQ_INSERT_TAIL(&sc->sc_cmd_inactive, cmd, next_cmd); 1488 } 1489 } 1490 1491 void 1492 otus_cmd_rxeof(struct otus_softc *sc, uint8_t *buf, int len) 1493 { 1494 struct ieee80211com *ic = &sc->sc_ic; 1495 struct ar_cmd_hdr *hdr; 1496 1497 OTUS_LOCK_ASSERT(sc); 1498 1499 if (__predict_false(len < sizeof (*hdr))) { 1500 OTUS_DPRINTF(sc, OTUS_DEBUG_CMDDONE, 1501 "cmd too small %d\n", len); 1502 return; 1503 } 1504 hdr = (struct ar_cmd_hdr *)buf; 1505 if (__predict_false(sizeof (*hdr) + hdr->len > len || 1506 sizeof (*hdr) + hdr->len > 64)) { 1507 OTUS_DPRINTF(sc, OTUS_DEBUG_CMDDONE, 1508 "cmd too large %d\n", hdr->len); 1509 return; 1510 } 1511 1512 OTUS_DPRINTF(sc, OTUS_DEBUG_RXDONE, 1513 "%s: code=%.02x\n", 1514 __func__, 1515 hdr->code); 1516 1517 /* 1518 * This has to reach into the cmd queue "waiting for 1519 * an RX response" list, grab the head entry and check 1520 * if we need to wake anyone up. 1521 */ 1522 if ((hdr->code & 0xc0) != 0xc0) { 1523 otus_cmd_handle_response(sc, hdr); 1524 return; 1525 } 1526 1527 /* Received unsolicited notification. */ 1528 switch (hdr->code & 0x3f) { 1529 case AR_EVT_BEACON: 1530 break; 1531 case AR_EVT_TX_COMP: 1532 { 1533 struct ar_evt_tx_comp *tx = (struct ar_evt_tx_comp *)&hdr[1]; 1534 struct ieee80211_node *ni; 1535 1536 ni = ieee80211_find_node(&ic->ic_sta, tx->macaddr); 1537 if (ni == NULL) { 1538 device_printf(sc->sc_dev, 1539 "%s: txcomp on unknown node (%s)\n", 1540 __func__, 1541 ether_sprintf(tx->macaddr)); 1542 break; 1543 } 1544 1545 OTUS_DPRINTF(sc, OTUS_DEBUG_TXCOMP, 1546 "tx completed %s status=%d phy=0x%x\n", 1547 ether_sprintf(tx->macaddr), le16toh(tx->status), 1548 le32toh(tx->phy)); 1549 1550 switch (le16toh(tx->status)) { 1551 case AR_TX_STATUS_COMP: 1552 #if 0 1553 ackfailcnt = 0; 1554 ieee80211_ratectl_tx_complete(ni->ni_vap, ni, 1555 IEEE80211_RATECTL_TX_SUCCESS, &ackfailcnt, NULL); 1556 #endif 1557 /* 1558 * We don't get the above; only error notifications. 1559 * Sigh. So, don't worry about this. 1560 */ 1561 break; 1562 case AR_TX_STATUS_RETRY_COMP: 1563 OTUS_NODE(ni)->tx_retries++; 1564 break; 1565 case AR_TX_STATUS_FAILED: 1566 OTUS_NODE(ni)->tx_err++; 1567 break; 1568 } 1569 ieee80211_free_node(ni); 1570 break; 1571 } 1572 case AR_EVT_TBTT: 1573 break; 1574 case AR_EVT_DO_BB_RESET: 1575 /* 1576 * This is "tell driver to reset baseband" from ar9170-fw. 1577 * 1578 * I'm not sure what we should do here, so I'm going to 1579 * fall through; it gets generated when RTSRetryCnt internally 1580 * reaches '5' - I guess the firmware authors thought that 1581 * meant that the BB may have gone deaf or something. 1582 */ 1583 default: 1584 device_printf(sc->sc_dev, 1585 "%s: received notification code=0x%02x len=%d\n", 1586 __func__, 1587 hdr->code, hdr->len); 1588 } 1589 } 1590 1591 void 1592 otus_sub_rxeof(struct otus_softc *sc, uint8_t *buf, int len, struct mbufq *rxq) 1593 { 1594 struct ieee80211com *ic = &sc->sc_ic; 1595 struct ieee80211_rx_stats rxs; 1596 #if 0 1597 struct ieee80211_node *ni; 1598 #endif 1599 struct ar_rx_tail *tail; 1600 struct ieee80211_frame *wh; 1601 struct mbuf *m; 1602 uint8_t *plcp; 1603 // int s; 1604 int mlen; 1605 1606 if (__predict_false(len < AR_PLCP_HDR_LEN)) { 1607 OTUS_DPRINTF(sc, OTUS_DEBUG_RXDONE, 1608 "sub-xfer too short %d\n", len); 1609 return; 1610 } 1611 plcp = buf; 1612 1613 /* All bits in the PLCP header are set to 1 for non-MPDU. */ 1614 if (memcmp(plcp, AR_PLCP_HDR_INTR, AR_PLCP_HDR_LEN) == 0) { 1615 otus_cmd_rxeof(sc, plcp + AR_PLCP_HDR_LEN, 1616 len - AR_PLCP_HDR_LEN); 1617 return; 1618 } 1619 1620 /* Received MPDU. */ 1621 if (__predict_false(len < AR_PLCP_HDR_LEN + sizeof (*tail))) { 1622 OTUS_DPRINTF(sc, OTUS_DEBUG_RXDONE, "MPDU too short %d\n", len); 1623 counter_u64_add(ic->ic_ierrors, 1); 1624 return; 1625 } 1626 tail = (struct ar_rx_tail *)(plcp + len - sizeof (*tail)); 1627 1628 /* Discard error frames; don't discard BAD_RA (eg monitor mode); let net80211 do that */ 1629 if (__predict_false((tail->error & ~AR_RX_ERROR_BAD_RA) != 0)) { 1630 OTUS_DPRINTF(sc, OTUS_DEBUG_RXDONE, "error frame 0x%02x\n", tail->error); 1631 if (tail->error & AR_RX_ERROR_FCS) { 1632 OTUS_DPRINTF(sc, OTUS_DEBUG_RXDONE, "bad FCS\n"); 1633 } else if (tail->error & AR_RX_ERROR_MMIC) { 1634 /* Report Michael MIC failures to net80211. */ 1635 #if 0 1636 ieee80211_notify_michael_failure(ni->ni_vap, wh, keyidx); 1637 #endif 1638 device_printf(sc->sc_dev, "%s: MIC failure\n", __func__); 1639 } 1640 counter_u64_add(ic->ic_ierrors, 1); 1641 return; 1642 } 1643 /* Compute MPDU's length. */ 1644 mlen = len - AR_PLCP_HDR_LEN - sizeof (*tail); 1645 /* Make sure there's room for an 802.11 header + FCS. */ 1646 if (__predict_false(mlen < IEEE80211_MIN_LEN)) { 1647 counter_u64_add(ic->ic_ierrors, 1); 1648 return; 1649 } 1650 mlen -= IEEE80211_CRC_LEN; /* strip 802.11 FCS */ 1651 1652 wh = (struct ieee80211_frame *)(plcp + AR_PLCP_HDR_LEN); 1653 1654 /* 1655 * TODO: I see > 2KiB buffers in this path; is it A-MSDU or something? 1656 */ 1657 m = m_get2(mlen, M_NOWAIT, MT_DATA, M_PKTHDR); 1658 if (m == NULL) { 1659 device_printf(sc->sc_dev, "%s: failed m_get2() (mlen=%d)\n", __func__, mlen); 1660 counter_u64_add(ic->ic_ierrors, 1); 1661 return; 1662 } 1663 1664 /* Finalize mbuf. */ 1665 memcpy(mtod(m, uint8_t *), wh, mlen); 1666 m->m_pkthdr.len = m->m_len = mlen; 1667 1668 #if 0 1669 if (__predict_false(sc->sc_drvbpf != NULL)) { 1670 struct otus_rx_radiotap_header *tap = &sc->sc_rxtap; 1671 struct mbuf mb; 1672 1673 tap->wr_flags = 0; 1674 tap->wr_antsignal = tail->rssi; 1675 tap->wr_rate = 2; /* In case it can't be found below. */ 1676 switch (tail->status & AR_RX_STATUS_MT_MASK) { 1677 case AR_RX_STATUS_MT_CCK: 1678 switch (plcp[0]) { 1679 case 10: tap->wr_rate = 2; break; 1680 case 20: tap->wr_rate = 4; break; 1681 case 55: tap->wr_rate = 11; break; 1682 case 110: tap->wr_rate = 22; break; 1683 } 1684 if (tail->status & AR_RX_STATUS_SHPREAMBLE) 1685 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1686 break; 1687 case AR_RX_STATUS_MT_OFDM: 1688 switch (plcp[0] & 0xf) { 1689 case 0xb: tap->wr_rate = 12; break; 1690 case 0xf: tap->wr_rate = 18; break; 1691 case 0xa: tap->wr_rate = 24; break; 1692 case 0xe: tap->wr_rate = 36; break; 1693 case 0x9: tap->wr_rate = 48; break; 1694 case 0xd: tap->wr_rate = 72; break; 1695 case 0x8: tap->wr_rate = 96; break; 1696 case 0xc: tap->wr_rate = 108; break; 1697 } 1698 break; 1699 } 1700 mb.m_data = (caddr_t)tap; 1701 mb.m_next = m; 1702 mb.m_nextpkt = NULL; 1703 mb.m_type = 0; 1704 mb.m_flags = 0; 1705 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1706 } 1707 #endif 1708 1709 /* Add RSSI/NF to this mbuf */ 1710 bzero(&rxs, sizeof(rxs)); 1711 rxs.r_flags = IEEE80211_R_NF | IEEE80211_R_RSSI; 1712 rxs.c_nf = sc->sc_nf[0]; /* XXX chain 0 != combined rssi/nf */ 1713 rxs.c_rssi = tail->rssi; 1714 /* XXX TODO: add MIMO RSSI/NF as well */ 1715 if (ieee80211_add_rx_params(m, &rxs) == 0) { 1716 counter_u64_add(ic->ic_ierrors, 1); 1717 return; 1718 } 1719 1720 /* XXX make a method */ 1721 STAILQ_INSERT_TAIL(&rxq->mq_head, m, m_stailqpkt); 1722 1723 #if 0 1724 OTUS_UNLOCK(sc); 1725 ni = ieee80211_find_rxnode(ic, wh); 1726 rxi.rxi_flags = 0; 1727 rxi.rxi_rssi = tail->rssi; 1728 rxi.rxi_tstamp = 0; /* unused */ 1729 ieee80211_input(ifp, m, ni, &rxi); 1730 1731 /* Node is no longer needed. */ 1732 ieee80211_release_node(ic, ni); 1733 OTUS_LOCK(sc); 1734 #endif 1735 } 1736 1737 static void 1738 otus_rxeof(struct usb_xfer *xfer, struct otus_data *data, struct mbufq *rxq) 1739 { 1740 struct otus_softc *sc = usbd_xfer_softc(xfer); 1741 caddr_t buf = data->buf; 1742 struct ar_rx_head *head; 1743 uint16_t hlen; 1744 int len; 1745 1746 usbd_xfer_status(xfer, &len, NULL, NULL, NULL); 1747 1748 while (len >= sizeof (*head)) { 1749 head = (struct ar_rx_head *)buf; 1750 if (__predict_false(head->tag != htole16(AR_RX_HEAD_TAG))) { 1751 OTUS_DPRINTF(sc, OTUS_DEBUG_RXDONE, 1752 "tag not valid 0x%x\n", le16toh(head->tag)); 1753 break; 1754 } 1755 hlen = le16toh(head->len); 1756 if (__predict_false(sizeof (*head) + hlen > len)) { 1757 OTUS_DPRINTF(sc, OTUS_DEBUG_RXDONE, 1758 "xfer too short %d/%d\n", len, hlen); 1759 break; 1760 } 1761 /* Process sub-xfer. */ 1762 otus_sub_rxeof(sc, (uint8_t *)&head[1], hlen, rxq); 1763 1764 /* Next sub-xfer is aligned on a 32-bit boundary. */ 1765 hlen = (sizeof (*head) + hlen + 3) & ~3; 1766 buf += hlen; 1767 len -= hlen; 1768 } 1769 } 1770 1771 static void 1772 otus_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 1773 { 1774 struct epoch_tracker et; 1775 struct otus_softc *sc = usbd_xfer_softc(xfer); 1776 struct ieee80211com *ic = &sc->sc_ic; 1777 struct ieee80211_frame *wh; 1778 struct ieee80211_node *ni; 1779 struct mbuf *m; 1780 struct mbufq scrx; 1781 struct otus_data *data; 1782 1783 OTUS_LOCK_ASSERT(sc); 1784 1785 mbufq_init(&scrx, 1024); 1786 1787 #if 0 1788 device_printf(sc->sc_dev, "%s: called; state=%d; error=%d\n", 1789 __func__, 1790 USB_GET_STATE(xfer), 1791 error); 1792 #endif 1793 1794 switch (USB_GET_STATE(xfer)) { 1795 case USB_ST_TRANSFERRED: 1796 data = STAILQ_FIRST(&sc->sc_rx_active); 1797 if (data == NULL) 1798 goto tr_setup; 1799 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1800 otus_rxeof(xfer, data, &scrx); 1801 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1802 /* FALLTHROUGH */ 1803 case USB_ST_SETUP: 1804 tr_setup: 1805 /* 1806 * XXX TODO: what if sc_rx isn't empty, but data 1807 * is empty? Then we leak mbufs. 1808 */ 1809 data = STAILQ_FIRST(&sc->sc_rx_inactive); 1810 if (data == NULL) { 1811 //KASSERT(m == NULL, ("mbuf isn't NULL")); 1812 return; 1813 } 1814 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 1815 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 1816 usbd_xfer_set_frame_data(xfer, 0, data->buf, 1817 usbd_xfer_max_len(xfer)); 1818 usbd_transfer_submit(xfer); 1819 /* 1820 * To avoid LOR we should unlock our private mutex here to call 1821 * ieee80211_input() because here is at the end of a USB 1822 * callback and safe to unlock. 1823 */ 1824 OTUS_UNLOCK(sc); 1825 NET_EPOCH_ENTER(et); 1826 while ((m = mbufq_dequeue(&scrx)) != NULL) { 1827 wh = mtod(m, struct ieee80211_frame *); 1828 ni = ieee80211_find_rxnode(ic, 1829 (struct ieee80211_frame_min *)wh); 1830 if (ni != NULL) { 1831 if (ni->ni_flags & IEEE80211_NODE_HT) 1832 m->m_flags |= M_AMPDU; 1833 (void)ieee80211_input_mimo(ni, m); 1834 ieee80211_free_node(ni); 1835 } else 1836 (void)ieee80211_input_mimo_all(ic, m); 1837 } 1838 NET_EPOCH_EXIT(et); 1839 #ifdef IEEE80211_SUPPORT_SUPERG 1840 ieee80211_ff_age_all(ic, 100); 1841 #endif 1842 OTUS_LOCK(sc); 1843 break; 1844 default: 1845 /* needs it to the inactive queue due to a error. */ 1846 data = STAILQ_FIRST(&sc->sc_rx_active); 1847 if (data != NULL) { 1848 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1849 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1850 } 1851 if (error != USB_ERR_CANCELLED) { 1852 usbd_xfer_set_stall(xfer); 1853 counter_u64_add(ic->ic_ierrors, 1); 1854 goto tr_setup; 1855 } 1856 break; 1857 } 1858 } 1859 1860 static void 1861 otus_txeof(struct usb_xfer *xfer, struct otus_data *data) 1862 { 1863 struct otus_softc *sc = usbd_xfer_softc(xfer); 1864 1865 OTUS_DPRINTF(sc, OTUS_DEBUG_TXDONE, 1866 "%s: called; data=%p\n", __func__, data); 1867 1868 OTUS_LOCK_ASSERT(sc); 1869 1870 if (sc->sc_tx_n_active == 0) { 1871 device_printf(sc->sc_dev, 1872 "%s: completed but tx_active=0\n", 1873 __func__); 1874 } else { 1875 sc->sc_tx_n_active--; 1876 } 1877 1878 if (data->m) { 1879 /* XXX status? */ 1880 /* XXX we get TX status via the RX path.. */ 1881 ieee80211_tx_complete(data->ni, data->m, 0); 1882 data->m = NULL; 1883 data->ni = NULL; 1884 } 1885 } 1886 1887 static void 1888 otus_txcmdeof(struct usb_xfer *xfer, struct otus_tx_cmd *cmd) 1889 { 1890 struct otus_softc *sc = usbd_xfer_softc(xfer); 1891 1892 OTUS_LOCK_ASSERT(sc); 1893 1894 OTUS_DPRINTF(sc, OTUS_DEBUG_CMDDONE, 1895 "%s: called; data=%p; odata=%p\n", 1896 __func__, cmd, cmd->odata); 1897 1898 /* 1899 * Non-response commands still need wakeup so the caller 1900 * knows it was submitted and completed OK; response commands should 1901 * wait until they're ACKed by the firmware with a response. 1902 */ 1903 if (cmd->odata) { 1904 STAILQ_INSERT_TAIL(&sc->sc_cmd_waiting, cmd, next_cmd); 1905 } else { 1906 wakeup(cmd); 1907 otus_free_txcmd(sc, cmd); 1908 } 1909 } 1910 1911 static void 1912 otus_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error) 1913 { 1914 uint8_t which = OTUS_BULK_TX; 1915 struct otus_softc *sc = usbd_xfer_softc(xfer); 1916 struct ieee80211com *ic = &sc->sc_ic; 1917 struct otus_data *data; 1918 1919 OTUS_LOCK_ASSERT(sc); 1920 1921 switch (USB_GET_STATE(xfer)) { 1922 case USB_ST_TRANSFERRED: 1923 data = STAILQ_FIRST(&sc->sc_tx_active[which]); 1924 if (data == NULL) 1925 goto tr_setup; 1926 OTUS_DPRINTF(sc, OTUS_DEBUG_TXDONE, 1927 "%s: transfer done %p\n", __func__, data); 1928 STAILQ_REMOVE_HEAD(&sc->sc_tx_active[which], next); 1929 otus_txeof(xfer, data); 1930 otus_freebuf(sc, data); 1931 /* FALLTHROUGH */ 1932 case USB_ST_SETUP: 1933 tr_setup: 1934 data = STAILQ_FIRST(&sc->sc_tx_pending[which]); 1935 if (data == NULL) { 1936 OTUS_DPRINTF(sc, OTUS_DEBUG_XMIT, 1937 "%s: empty pending queue sc %p\n", __func__, sc); 1938 sc->sc_tx_n_active = 0; 1939 goto finish; 1940 } 1941 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending[which], next); 1942 STAILQ_INSERT_TAIL(&sc->sc_tx_active[which], data, next); 1943 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen); 1944 OTUS_DPRINTF(sc, OTUS_DEBUG_XMIT, 1945 "%s: submitting transfer %p\n", __func__, data); 1946 usbd_transfer_submit(xfer); 1947 sc->sc_tx_n_active++; 1948 break; 1949 default: 1950 data = STAILQ_FIRST(&sc->sc_tx_active[which]); 1951 if (data != NULL) { 1952 STAILQ_REMOVE_HEAD(&sc->sc_tx_active[which], next); 1953 otus_txeof(xfer, data); 1954 otus_freebuf(sc, data); 1955 } 1956 counter_u64_add(ic->ic_oerrors, 1); 1957 1958 if (error != USB_ERR_CANCELLED) { 1959 usbd_xfer_set_stall(xfer); 1960 goto tr_setup; 1961 } 1962 break; 1963 } 1964 1965 finish: 1966 #ifdef IEEE80211_SUPPORT_SUPERG 1967 /* 1968 * If the TX active queue drops below a certain 1969 * threshold, ensure we age fast-frames out so they're 1970 * transmitted. 1971 */ 1972 if (sc->sc_tx_n_active < 2) { 1973 /* XXX ew - net80211 should defer this for us! */ 1974 OTUS_UNLOCK(sc); 1975 ieee80211_ff_flush(ic, WME_AC_VO); 1976 ieee80211_ff_flush(ic, WME_AC_VI); 1977 ieee80211_ff_flush(ic, WME_AC_BE); 1978 ieee80211_ff_flush(ic, WME_AC_BK); 1979 OTUS_LOCK(sc); 1980 } 1981 #endif 1982 /* Kick TX */ 1983 otus_tx_start(sc); 1984 } 1985 1986 static void 1987 otus_bulk_cmd_callback(struct usb_xfer *xfer, usb_error_t error) 1988 { 1989 struct otus_softc *sc = usbd_xfer_softc(xfer); 1990 #if 0 1991 struct ieee80211com *ic = &sc->sc_ic; 1992 #endif 1993 struct otus_tx_cmd *cmd; 1994 1995 OTUS_LOCK_ASSERT(sc); 1996 1997 switch (USB_GET_STATE(xfer)) { 1998 case USB_ST_TRANSFERRED: 1999 cmd = STAILQ_FIRST(&sc->sc_cmd_active); 2000 if (cmd == NULL) 2001 goto tr_setup; 2002 OTUS_DPRINTF(sc, OTUS_DEBUG_CMDDONE, 2003 "%s: transfer done %p\n", __func__, cmd); 2004 STAILQ_REMOVE_HEAD(&sc->sc_cmd_active, next_cmd); 2005 otus_txcmdeof(xfer, cmd); 2006 /* FALLTHROUGH */ 2007 case USB_ST_SETUP: 2008 tr_setup: 2009 cmd = STAILQ_FIRST(&sc->sc_cmd_pending); 2010 if (cmd == NULL) { 2011 OTUS_DPRINTF(sc, OTUS_DEBUG_CMD, 2012 "%s: empty pending queue sc %p\n", __func__, sc); 2013 return; 2014 } 2015 STAILQ_REMOVE_HEAD(&sc->sc_cmd_pending, next_cmd); 2016 STAILQ_INSERT_TAIL(&sc->sc_cmd_active, cmd, next_cmd); 2017 usbd_xfer_set_frame_data(xfer, 0, cmd->buf, cmd->buflen); 2018 OTUS_DPRINTF(sc, OTUS_DEBUG_CMD, 2019 "%s: submitting transfer %p; buf=%p, buflen=%d\n", __func__, cmd, cmd->buf, cmd->buflen); 2020 usbd_transfer_submit(xfer); 2021 break; 2022 default: 2023 cmd = STAILQ_FIRST(&sc->sc_cmd_active); 2024 if (cmd != NULL) { 2025 STAILQ_REMOVE_HEAD(&sc->sc_cmd_active, next_cmd); 2026 otus_txcmdeof(xfer, cmd); 2027 } 2028 2029 if (error != USB_ERR_CANCELLED) { 2030 usbd_xfer_set_stall(xfer); 2031 goto tr_setup; 2032 } 2033 break; 2034 } 2035 } 2036 2037 /* 2038 * This isn't used by carl9170; it however may be used by the 2039 * initial bootloader. 2040 */ 2041 static void 2042 otus_bulk_irq_callback(struct usb_xfer *xfer, usb_error_t error) 2043 { 2044 struct otus_softc *sc = usbd_xfer_softc(xfer); 2045 int actlen; 2046 int sumlen; 2047 2048 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 2049 OTUS_DPRINTF(sc, OTUS_DEBUG_IRQ, 2050 "%s: called; state=%d\n", __func__, USB_GET_STATE(xfer)); 2051 2052 switch (USB_GET_STATE(xfer)) { 2053 case USB_ST_TRANSFERRED: 2054 /* 2055 * Read usb frame data, if any. 2056 * "actlen" has the total length for all frames 2057 * transferred. 2058 */ 2059 OTUS_DPRINTF(sc, OTUS_DEBUG_IRQ, 2060 "%s: comp; %d bytes\n", 2061 __func__, 2062 actlen); 2063 #if 0 2064 pc = usbd_xfer_get_frame(xfer, 0); 2065 otus_dump_usb_rx_page(sc, pc, actlen); 2066 #endif 2067 /* XXX fallthrough */ 2068 case USB_ST_SETUP: 2069 /* 2070 * Setup xfer frame lengths/count and data 2071 */ 2072 OTUS_DPRINTF(sc, OTUS_DEBUG_IRQ, "%s: setup\n", __func__); 2073 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer)); 2074 usbd_transfer_submit(xfer); 2075 break; 2076 2077 default: /* Error */ 2078 /* 2079 * Print error message and clear stall 2080 * for example. 2081 */ 2082 OTUS_DPRINTF(sc, OTUS_DEBUG_IRQ, "%s: ERROR?\n", __func__); 2083 break; 2084 } 2085 } 2086 2087 /* 2088 * Map net80211 rate to hw rate for otus MAC/PHY. 2089 */ 2090 static uint8_t 2091 otus_rate_to_hw_rate(struct otus_softc *sc, uint8_t rate) 2092 { 2093 int is_2ghz; 2094 2095 is_2ghz = !! (IEEE80211_IS_CHAN_2GHZ(sc->sc_ic.ic_curchan)); 2096 2097 switch (rate) { 2098 /* CCK */ 2099 case 2: 2100 return (0x0); 2101 case 4: 2102 return (0x1); 2103 case 11: 2104 return (0x2); 2105 case 22: 2106 return (0x3); 2107 /* OFDM */ 2108 case 12: 2109 return (0xb); 2110 case 18: 2111 return (0xf); 2112 case 24: 2113 return (0xa); 2114 case 36: 2115 return (0xe); 2116 case 48: 2117 return (0x9); 2118 case 72: 2119 return (0xd); 2120 case 96: 2121 return (0x8); 2122 case 108: 2123 return (0xc); 2124 default: 2125 device_printf(sc->sc_dev, "%s: unknown rate '%d'\n", 2126 __func__, (int) rate); 2127 case 0: 2128 if (is_2ghz) 2129 return (0x0); /* 1MB CCK */ 2130 else 2131 return (0xb); /* 6MB OFDM */ 2132 2133 /* XXX TODO: HT */ 2134 } 2135 } 2136 2137 static int 2138 otus_hw_rate_is_ofdm(struct otus_softc *sc, uint8_t hw_rate) 2139 { 2140 2141 switch (hw_rate) { 2142 case 0x0: 2143 case 0x1: 2144 case 0x2: 2145 case 0x3: 2146 return (0); 2147 default: 2148 return (1); 2149 } 2150 } 2151 2152 2153 static void 2154 otus_tx_update_ratectl(struct otus_softc *sc, struct ieee80211_node *ni) 2155 { 2156 struct ieee80211_ratectl_tx_stats *txs = &sc->sc_txs; 2157 struct otus_node *on = OTUS_NODE(ni); 2158 2159 txs->flags = IEEE80211_RATECTL_TX_STATS_NODE | 2160 IEEE80211_RATECTL_TX_STATS_RETRIES; 2161 txs->ni = ni; 2162 txs->nframes = on->tx_done; 2163 txs->nsuccess = on->tx_done - on->tx_err; 2164 txs->nretries = on->tx_retries; 2165 2166 ieee80211_ratectl_tx_update(ni->ni_vap, txs); 2167 on->tx_done = on->tx_err = on->tx_retries = 0; 2168 } 2169 2170 /* 2171 * XXX TODO: support tx bpf parameters for configuration! 2172 * 2173 * Relevant pieces: 2174 * 2175 * ac = params->ibp_pri & 3; 2176 * rate = params->ibp_rate0; 2177 * params->ibp_flags & IEEE80211_BPF_NOACK 2178 * params->ibp_flags & IEEE80211_BPF_RTS 2179 * params->ibp_flags & IEEE80211_BPF_CTS 2180 * tx->rts_ntries = params->ibp_try1; 2181 * tx->data_ntries = params->ibp_try0; 2182 */ 2183 static int 2184 otus_tx(struct otus_softc *sc, struct ieee80211_node *ni, struct mbuf *m, 2185 struct otus_data *data, const struct ieee80211_bpf_params *params) 2186 { 2187 const struct ieee80211_txparam *tp = ni->ni_txparms; 2188 struct ieee80211com *ic = &sc->sc_ic; 2189 struct ieee80211vap *vap = ni->ni_vap; 2190 struct ieee80211_frame *wh; 2191 struct ieee80211_key *k; 2192 struct ar_tx_head *head; 2193 uint32_t phyctl; 2194 uint16_t macctl, qos; 2195 uint8_t qid, rate; 2196 int hasqos, xferlen, type, ismcast; 2197 2198 wh = mtod(m, struct ieee80211_frame *); 2199 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2200 k = ieee80211_crypto_encap(ni, m); 2201 if (k == NULL) { 2202 device_printf(sc->sc_dev, 2203 "%s: m=%p: ieee80211_crypto_encap returns NULL\n", 2204 __func__, 2205 m); 2206 return (ENOBUFS); 2207 } 2208 wh = mtod(m, struct ieee80211_frame *); 2209 } 2210 2211 /* Calculate transfer length; ensure data buffer is large enough */ 2212 xferlen = sizeof (*head) + m->m_pkthdr.len; 2213 if (xferlen > OTUS_TXBUFSZ) { 2214 device_printf(sc->sc_dev, 2215 "%s: 802.11 TX frame is %d bytes, max %d bytes\n", 2216 __func__, 2217 xferlen, 2218 OTUS_TXBUFSZ); 2219 return (ENOBUFS); 2220 } 2221 2222 hasqos = !! IEEE80211_QOS_HAS_SEQ(wh); 2223 2224 if (hasqos) { 2225 uint8_t tid; 2226 qos = ((const struct ieee80211_qosframe *)wh)->i_qos[0]; 2227 tid = qos & IEEE80211_QOS_TID; 2228 qid = TID_TO_WME_AC(tid); 2229 } else { 2230 qos = 0; 2231 qid = WME_AC_BE; 2232 } 2233 2234 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2235 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 2236 2237 /* Pickup a rate index. */ 2238 if (params != NULL) 2239 rate = otus_rate_to_hw_rate(sc, params->ibp_rate0); 2240 else if (!!(m->m_flags & M_EAPOL) || type != IEEE80211_FC0_TYPE_DATA) 2241 rate = otus_rate_to_hw_rate(sc, tp->mgmtrate); 2242 else if (ismcast) 2243 rate = otus_rate_to_hw_rate(sc, tp->mcastrate); 2244 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 2245 rate = otus_rate_to_hw_rate(sc, tp->ucastrate); 2246 else { 2247 (void) ieee80211_ratectl_rate(ni, NULL, 0); 2248 rate = otus_rate_to_hw_rate(sc, ni->ni_txrate); 2249 } 2250 2251 phyctl = 0; 2252 macctl = AR_TX_MAC_BACKOFF | AR_TX_MAC_HW_DUR | AR_TX_MAC_QID(qid); 2253 2254 /* 2255 * XXX TODO: params for NOACK, ACK, RTS, CTS, etc 2256 */ 2257 if (ismcast || 2258 (hasqos && ((qos & IEEE80211_QOS_ACKPOLICY) == 2259 IEEE80211_QOS_ACKPOLICY_NOACK))) 2260 macctl |= AR_TX_MAC_NOACK; 2261 2262 if (!ismcast) { 2263 if (m->m_pkthdr.len + IEEE80211_CRC_LEN >= vap->iv_rtsthreshold) 2264 macctl |= AR_TX_MAC_RTS; 2265 else if (ic->ic_flags & IEEE80211_F_USEPROT) { 2266 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 2267 macctl |= AR_TX_MAC_CTS; 2268 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 2269 macctl |= AR_TX_MAC_RTS; 2270 } 2271 } 2272 2273 phyctl |= AR_TX_PHY_MCS(rate); 2274 if (otus_hw_rate_is_ofdm(sc, rate)) { 2275 phyctl |= AR_TX_PHY_MT_OFDM; 2276 /* Always use all tx antennas for now, just to be safe */ 2277 phyctl |= AR_TX_PHY_ANTMSK(sc->txmask); 2278 } else { /* CCK */ 2279 phyctl |= AR_TX_PHY_MT_CCK; 2280 phyctl |= AR_TX_PHY_ANTMSK(sc->txmask); 2281 } 2282 2283 /* Update net80211 with the current counters */ 2284 otus_tx_update_ratectl(sc, ni); 2285 2286 /* Update rate control stats for frames that are ACK'ed. */ 2287 if (!(macctl & AR_TX_MAC_NOACK)) 2288 OTUS_NODE(ni)->tx_done++; 2289 2290 2291 /* Fill Tx descriptor. */ 2292 head = (struct ar_tx_head *)data->buf; 2293 head->len = htole16(m->m_pkthdr.len + IEEE80211_CRC_LEN); 2294 head->macctl = htole16(macctl); 2295 head->phyctl = htole32(phyctl); 2296 2297 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&head[1]); 2298 2299 data->buflen = xferlen; 2300 data->ni = ni; 2301 data->m = m; 2302 2303 OTUS_DPRINTF(sc, OTUS_DEBUG_XMIT, 2304 "%s: tx: m=%p; data=%p; len=%d mac=0x%04x phy=0x%08x rate=0x%02x, ni_txrate=%d\n", 2305 __func__, m, data, le16toh(head->len), macctl, phyctl, 2306 (int) rate, (int) ni->ni_txrate); 2307 2308 /* Submit transfer */ 2309 STAILQ_INSERT_TAIL(&sc->sc_tx_pending[OTUS_BULK_TX], data, next); 2310 usbd_transfer_start(sc->sc_xfer[OTUS_BULK_TX]); 2311 2312 return 0; 2313 } 2314 2315 static u_int 2316 otus_hash_maddr(void *arg, struct sockaddr_dl *sdl, u_int cnt) 2317 { 2318 uint32_t val, *hashes = arg; 2319 2320 val = le32dec(LLADDR(sdl) + 4); 2321 /* Get address byte 5 */ 2322 val = val & 0x0000ff00; 2323 val = val >> 8; 2324 2325 /* As per below, shift it >> 2 to get only 6 bits */ 2326 val = val >> 2; 2327 if (val < 32) 2328 hashes[0] |= 1 << val; 2329 else 2330 hashes[1] |= 1 << (val - 32); 2331 2332 return (1); 2333 } 2334 2335 2336 int 2337 otus_set_multi(struct otus_softc *sc) 2338 { 2339 struct ieee80211com *ic = &sc->sc_ic; 2340 uint32_t hashes[2]; 2341 int r; 2342 2343 if (ic->ic_allmulti > 0 || ic->ic_promisc > 0 || 2344 ic->ic_opmode == IEEE80211_M_MONITOR) { 2345 hashes[0] = 0xffffffff; 2346 hashes[1] = 0xffffffff; 2347 } else { 2348 struct ieee80211vap *vap; 2349 2350 hashes[0] = hashes[1] = 0; 2351 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) 2352 if_foreach_llmaddr(vap->iv_ifp, otus_hash_maddr, 2353 hashes); 2354 } 2355 #if 0 2356 /* XXX openbsd code */ 2357 while (enm != NULL) { 2358 bit = enm->enm_addrlo[5] >> 2; 2359 if (bit < 32) 2360 hashes[0] |= 1 << bit; 2361 else 2362 hashes[1] |= 1 << (bit - 32); 2363 ETHER_NEXT_MULTI(step, enm); 2364 } 2365 #endif 2366 2367 hashes[1] |= 1U << 31; /* Make sure the broadcast bit is set. */ 2368 2369 OTUS_LOCK(sc); 2370 otus_write(sc, AR_MAC_REG_GROUP_HASH_TBL_L, hashes[0]); 2371 otus_write(sc, AR_MAC_REG_GROUP_HASH_TBL_H, hashes[1]); 2372 r = otus_write_barrier(sc); 2373 /* XXX operating mode? filter? */ 2374 OTUS_UNLOCK(sc); 2375 return (r); 2376 } 2377 2378 static int 2379 otus_updateedca(struct ieee80211com *ic) 2380 { 2381 struct otus_softc *sc = ic->ic_softc; 2382 2383 OTUS_LOCK(sc); 2384 /* 2385 * XXX TODO: take temporary copy of EDCA information 2386 * when scheduling this so we have a more time-correct view 2387 * of things. 2388 * XXX TODO: this can be done on the net80211 level 2389 */ 2390 otus_updateedca_locked(sc); 2391 OTUS_UNLOCK(sc); 2392 return (0); 2393 } 2394 2395 static void 2396 otus_updateedca_locked(struct otus_softc *sc) 2397 { 2398 #define EXP2(val) ((1 << (val)) - 1) 2399 #define AIFS(val) ((val) * 9 + 10) 2400 struct chanAccParams chp; 2401 struct ieee80211com *ic = &sc->sc_ic; 2402 const struct wmeParams *edca; 2403 2404 ieee80211_wme_ic_getparams(ic, &chp); 2405 2406 OTUS_LOCK_ASSERT(sc); 2407 2408 edca = chp.cap_wmeParams; 2409 2410 /* Set CWmin/CWmax values. */ 2411 otus_write(sc, AR_MAC_REG_AC0_CW, 2412 EXP2(edca[WME_AC_BE].wmep_logcwmax) << 16 | 2413 EXP2(edca[WME_AC_BE].wmep_logcwmin)); 2414 otus_write(sc, AR_MAC_REG_AC1_CW, 2415 EXP2(edca[WME_AC_BK].wmep_logcwmax) << 16 | 2416 EXP2(edca[WME_AC_BK].wmep_logcwmin)); 2417 otus_write(sc, AR_MAC_REG_AC2_CW, 2418 EXP2(edca[WME_AC_VI].wmep_logcwmax) << 16 | 2419 EXP2(edca[WME_AC_VI].wmep_logcwmin)); 2420 otus_write(sc, AR_MAC_REG_AC3_CW, 2421 EXP2(edca[WME_AC_VO].wmep_logcwmax) << 16 | 2422 EXP2(edca[WME_AC_VO].wmep_logcwmin)); 2423 otus_write(sc, AR_MAC_REG_AC4_CW, /* Special TXQ. */ 2424 EXP2(edca[WME_AC_VO].wmep_logcwmax) << 16 | 2425 EXP2(edca[WME_AC_VO].wmep_logcwmin)); 2426 2427 /* Set AIFSN values. */ 2428 otus_write(sc, AR_MAC_REG_AC1_AC0_AIFS, 2429 AIFS(edca[WME_AC_VI].wmep_aifsn) << 24 | 2430 AIFS(edca[WME_AC_BK].wmep_aifsn) << 12 | 2431 AIFS(edca[WME_AC_BE].wmep_aifsn)); 2432 otus_write(sc, AR_MAC_REG_AC3_AC2_AIFS, 2433 AIFS(edca[WME_AC_VO].wmep_aifsn) << 16 | /* Special TXQ. */ 2434 AIFS(edca[WME_AC_VO].wmep_aifsn) << 4 | 2435 AIFS(edca[WME_AC_VI].wmep_aifsn) >> 8); 2436 2437 /* Set TXOP limit. */ 2438 otus_write(sc, AR_MAC_REG_AC1_AC0_TXOP, 2439 edca[WME_AC_BK].wmep_txopLimit << 16 | 2440 edca[WME_AC_BE].wmep_txopLimit); 2441 otus_write(sc, AR_MAC_REG_AC3_AC2_TXOP, 2442 edca[WME_AC_VO].wmep_txopLimit << 16 | 2443 edca[WME_AC_VI].wmep_txopLimit); 2444 2445 /* XXX ACK policy? */ 2446 2447 (void)otus_write_barrier(sc); 2448 2449 #undef AIFS 2450 #undef EXP2 2451 } 2452 2453 static void 2454 otus_updateslot(struct otus_softc *sc) 2455 { 2456 struct ieee80211com *ic = &sc->sc_ic; 2457 uint32_t slottime; 2458 2459 OTUS_LOCK_ASSERT(sc); 2460 2461 slottime = IEEE80211_GET_SLOTTIME(ic); 2462 otus_write(sc, AR_MAC_REG_SLOT_TIME, slottime << 10); 2463 (void)otus_write_barrier(sc); 2464 } 2465 2466 int 2467 otus_init_mac(struct otus_softc *sc) 2468 { 2469 int error; 2470 2471 OTUS_LOCK_ASSERT(sc); 2472 2473 otus_write(sc, AR_MAC_REG_ACK_EXTENSION, 0x40); 2474 otus_write(sc, AR_MAC_REG_RETRY_MAX, 0); 2475 otus_write(sc, AR_MAC_REG_RX_THRESHOLD, 0xc1f80); 2476 otus_write(sc, AR_MAC_REG_RX_PE_DELAY, 0x70); 2477 otus_write(sc, AR_MAC_REG_EIFS_AND_SIFS, 0xa144000); 2478 otus_write(sc, AR_MAC_REG_SLOT_TIME, 9 << 10); 2479 otus_write(sc, AR_MAC_REG_TID_CFACK_CFEND_RATE, 0x19000000); 2480 /* NAV protects ACK only (in TXOP). */ 2481 otus_write(sc, AR_MAC_REG_TXOP_DURATION, 0x201); 2482 /* Set beacon Tx power to 0x7. */ 2483 otus_write(sc, AR_MAC_REG_BCN_HT1, 0x8000170); 2484 otus_write(sc, AR_MAC_REG_BACKOFF_PROTECT, 0x105); 2485 otus_write(sc, AR_MAC_REG_AMPDU_FACTOR, 0x10000a); 2486 2487 otus_set_rx_filter(sc); 2488 2489 otus_write(sc, AR_MAC_REG_BASIC_RATE, 0x150f); 2490 otus_write(sc, AR_MAC_REG_MANDATORY_RATE, 0x150f); 2491 otus_write(sc, AR_MAC_REG_RTS_CTS_RATE, 0x10b01bb); 2492 otus_write(sc, AR_MAC_REG_ACK_TPC, 0x4003c1e); 2493 2494 /* Enable LED0 and LED1. */ 2495 otus_write(sc, AR_GPIO_REG_PORT_TYPE, 0x3); 2496 otus_write(sc, AR_GPIO_REG_PORT_DATA, 0x3); 2497 /* Switch MAC to OTUS interface. */ 2498 otus_write(sc, 0x1c3600, 0x3); 2499 otus_write(sc, AR_MAC_REG_AMPDU_RX_THRESH, 0xffff); 2500 otus_write(sc, AR_MAC_REG_MISC_680, 0xf00008); 2501 /* Disable Rx timeout (workaround). */ 2502 otus_write(sc, AR_MAC_REG_RX_TIMEOUT, 0); 2503 2504 /* Set USB Rx stream mode maximum frame number to 2. */ 2505 otus_write(sc, 0x1e1110, 0x4); 2506 /* Set USB Rx stream mode timeout to 10us. */ 2507 otus_write(sc, 0x1e1114, 0x80); 2508 2509 /* Set clock frequency to 88/80MHz. */ 2510 otus_write(sc, AR_PWR_REG_CLOCK_SEL, 0x73); 2511 /* Set WLAN DMA interrupt mode: generate intr per packet. */ 2512 otus_write(sc, AR_MAC_REG_TXRX_MPI, 0x110011); 2513 otus_write(sc, AR_MAC_REG_FCS_SELECT, 0x4); 2514 otus_write(sc, AR_MAC_REG_TXOP_NOT_ENOUGH_INDICATION, 0x141e0f48); 2515 2516 /* Disable HW decryption for now. */ 2517 otus_write(sc, AR_MAC_REG_ENCRYPTION, 0x78); 2518 2519 if ((error = otus_write_barrier(sc)) != 0) 2520 return error; 2521 2522 /* Set default EDCA parameters. */ 2523 otus_updateedca_locked(sc); 2524 2525 return 0; 2526 } 2527 2528 /* 2529 * Return default value for PHY register based on current operating mode. 2530 */ 2531 uint32_t 2532 otus_phy_get_def(struct otus_softc *sc, uint32_t reg) 2533 { 2534 int i; 2535 2536 for (i = 0; i < nitems(ar5416_phy_regs); i++) 2537 if (AR_PHY(ar5416_phy_regs[i]) == reg) 2538 return sc->phy_vals[i]; 2539 return 0; /* Register not found. */ 2540 } 2541 2542 /* 2543 * Update PHY's programming based on vendor-specific data stored in EEPROM. 2544 * This is for FEM-type devices only. 2545 */ 2546 int 2547 otus_set_board_values(struct otus_softc *sc, struct ieee80211_channel *c) 2548 { 2549 const struct ModalEepHeader *eep; 2550 uint32_t tmp, offset; 2551 2552 if (IEEE80211_IS_CHAN_5GHZ(c)) 2553 eep = &sc->eeprom.modalHeader[0]; 2554 else 2555 eep = &sc->eeprom.modalHeader[1]; 2556 2557 /* Offset of chain 2. */ 2558 offset = 2 * 0x1000; 2559 2560 tmp = le32toh(eep->antCtrlCommon); 2561 otus_write(sc, AR_PHY_SWITCH_COM, tmp); 2562 2563 tmp = le32toh(eep->antCtrlChain[0]); 2564 otus_write(sc, AR_PHY_SWITCH_CHAIN_0, tmp); 2565 2566 tmp = le32toh(eep->antCtrlChain[1]); 2567 otus_write(sc, AR_PHY_SWITCH_CHAIN_0 + offset, tmp); 2568 2569 if (1 /* sc->sc_sco == AR_SCO_SCN */) { 2570 tmp = otus_phy_get_def(sc, AR_PHY_SETTLING); 2571 tmp &= ~(0x7f << 7); 2572 tmp |= (eep->switchSettling & 0x7f) << 7; 2573 otus_write(sc, AR_PHY_SETTLING, tmp); 2574 } 2575 2576 tmp = otus_phy_get_def(sc, AR_PHY_DESIRED_SZ); 2577 tmp &= ~0xffff; 2578 tmp |= eep->pgaDesiredSize << 8 | eep->adcDesiredSize; 2579 otus_write(sc, AR_PHY_DESIRED_SZ, tmp); 2580 2581 tmp = eep->txEndToXpaOff << 24 | eep->txEndToXpaOff << 16 | 2582 eep->txFrameToXpaOn << 8 | eep->txFrameToXpaOn; 2583 otus_write(sc, AR_PHY_RF_CTL4, tmp); 2584 2585 tmp = otus_phy_get_def(sc, AR_PHY_RF_CTL3); 2586 tmp &= ~(0xff << 16); 2587 tmp |= eep->txEndToRxOn << 16; 2588 otus_write(sc, AR_PHY_RF_CTL3, tmp); 2589 2590 tmp = otus_phy_get_def(sc, AR_PHY_CCA); 2591 tmp &= ~(0x7f << 12); 2592 tmp |= (eep->thresh62 & 0x7f) << 12; 2593 otus_write(sc, AR_PHY_CCA, tmp); 2594 2595 tmp = otus_phy_get_def(sc, AR_PHY_RXGAIN); 2596 tmp &= ~(0x3f << 12); 2597 tmp |= (eep->txRxAttenCh[0] & 0x3f) << 12; 2598 otus_write(sc, AR_PHY_RXGAIN, tmp); 2599 2600 tmp = otus_phy_get_def(sc, AR_PHY_RXGAIN + offset); 2601 tmp &= ~(0x3f << 12); 2602 tmp |= (eep->txRxAttenCh[1] & 0x3f) << 12; 2603 otus_write(sc, AR_PHY_RXGAIN + offset, tmp); 2604 2605 tmp = otus_phy_get_def(sc, AR_PHY_GAIN_2GHZ); 2606 tmp &= ~(0x3f << 18); 2607 tmp |= (eep->rxTxMarginCh[0] & 0x3f) << 18; 2608 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2609 tmp &= ~(0xf << 10); 2610 tmp |= (eep->bswMargin[0] & 0xf) << 10; 2611 } 2612 otus_write(sc, AR_PHY_GAIN_2GHZ, tmp); 2613 2614 tmp = otus_phy_get_def(sc, AR_PHY_GAIN_2GHZ + offset); 2615 tmp &= ~(0x3f << 18); 2616 tmp |= (eep->rxTxMarginCh[1] & 0x3f) << 18; 2617 otus_write(sc, AR_PHY_GAIN_2GHZ + offset, tmp); 2618 2619 tmp = otus_phy_get_def(sc, AR_PHY_TIMING_CTRL4); 2620 tmp &= ~(0x3f << 5 | 0x1f); 2621 tmp |= (eep->iqCalICh[0] & 0x3f) << 5 | (eep->iqCalQCh[0] & 0x1f); 2622 otus_write(sc, AR_PHY_TIMING_CTRL4, tmp); 2623 2624 tmp = otus_phy_get_def(sc, AR_PHY_TIMING_CTRL4 + offset); 2625 tmp &= ~(0x3f << 5 | 0x1f); 2626 tmp |= (eep->iqCalICh[1] & 0x3f) << 5 | (eep->iqCalQCh[1] & 0x1f); 2627 otus_write(sc, AR_PHY_TIMING_CTRL4 + offset, tmp); 2628 2629 tmp = otus_phy_get_def(sc, AR_PHY_TPCRG1); 2630 tmp &= ~(0xf << 16); 2631 tmp |= (eep->xpd & 0xf) << 16; 2632 otus_write(sc, AR_PHY_TPCRG1, tmp); 2633 2634 return otus_write_barrier(sc); 2635 } 2636 2637 int 2638 otus_program_phy(struct otus_softc *sc, struct ieee80211_channel *c) 2639 { 2640 const uint32_t *vals; 2641 int error, i; 2642 2643 /* Select PHY programming based on band and bandwidth. */ 2644 if (IEEE80211_IS_CHAN_2GHZ(c)) 2645 vals = ar5416_phy_vals_2ghz_20mhz; 2646 else 2647 vals = ar5416_phy_vals_5ghz_20mhz; 2648 for (i = 0; i < nitems(ar5416_phy_regs); i++) 2649 otus_write(sc, AR_PHY(ar5416_phy_regs[i]), vals[i]); 2650 sc->phy_vals = vals; 2651 2652 if (sc->eeprom.baseEepHeader.deviceType == 0x80) /* FEM */ 2653 if ((error = otus_set_board_values(sc, c)) != 0) 2654 return error; 2655 2656 /* Initial Tx power settings. */ 2657 otus_write(sc, AR_PHY_POWER_TX_RATE_MAX, 0x7f); 2658 otus_write(sc, AR_PHY_POWER_TX_RATE1, 0x3f3f3f3f); 2659 otus_write(sc, AR_PHY_POWER_TX_RATE2, 0x3f3f3f3f); 2660 otus_write(sc, AR_PHY_POWER_TX_RATE3, 0x3f3f3f3f); 2661 otus_write(sc, AR_PHY_POWER_TX_RATE4, 0x3f3f3f3f); 2662 otus_write(sc, AR_PHY_POWER_TX_RATE5, 0x3f3f3f3f); 2663 otus_write(sc, AR_PHY_POWER_TX_RATE6, 0x3f3f3f3f); 2664 otus_write(sc, AR_PHY_POWER_TX_RATE7, 0x3f3f3f3f); 2665 otus_write(sc, AR_PHY_POWER_TX_RATE8, 0x3f3f3f3f); 2666 otus_write(sc, AR_PHY_POWER_TX_RATE9, 0x3f3f3f3f); 2667 2668 if (IEEE80211_IS_CHAN_2GHZ(c)) 2669 otus_write(sc, AR_PWR_REG_PLL_ADDAC, 0x5163); 2670 else 2671 otus_write(sc, AR_PWR_REG_PLL_ADDAC, 0x5143); 2672 2673 return otus_write_barrier(sc); 2674 } 2675 2676 static __inline uint8_t 2677 otus_reverse_bits(uint8_t v) 2678 { 2679 v = ((v >> 1) & 0x55) | ((v & 0x55) << 1); 2680 v = ((v >> 2) & 0x33) | ((v & 0x33) << 2); 2681 v = ((v >> 4) & 0x0f) | ((v & 0x0f) << 4); 2682 return v; 2683 } 2684 2685 int 2686 otus_set_rf_bank4(struct otus_softc *sc, struct ieee80211_channel *c) 2687 { 2688 uint8_t chansel, d0, d1; 2689 uint16_t data; 2690 int error; 2691 2692 OTUS_LOCK_ASSERT(sc); 2693 2694 d0 = 0; 2695 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2696 chansel = (c->ic_freq - 4800) / 5; 2697 if (chansel & 1) 2698 d0 |= AR_BANK4_AMODE_REFSEL(2); 2699 else 2700 d0 |= AR_BANK4_AMODE_REFSEL(1); 2701 } else { 2702 d0 |= AR_BANK4_AMODE_REFSEL(2); 2703 if (c->ic_freq == 2484) { /* CH 14 */ 2704 d0 |= AR_BANK4_BMODE_LF_SYNTH_FREQ; 2705 chansel = 10 + (c->ic_freq - 2274) / 5; 2706 } else 2707 chansel = 16 + (c->ic_freq - 2272) / 5; 2708 chansel <<= 2; 2709 } 2710 d0 |= AR_BANK4_ADDR(1) | AR_BANK4_CHUP; 2711 d1 = otus_reverse_bits(chansel); 2712 2713 /* Write bits 0-4 of d0 and d1. */ 2714 data = (d1 & 0x1f) << 5 | (d0 & 0x1f); 2715 otus_write(sc, AR_PHY(44), data); 2716 /* Write bits 5-7 of d0 and d1. */ 2717 data = (d1 >> 5) << 5 | (d0 >> 5); 2718 otus_write(sc, AR_PHY(58), data); 2719 2720 if ((error = otus_write_barrier(sc)) == 0) 2721 otus_delay_ms(sc, 10); 2722 return error; 2723 } 2724 2725 void 2726 otus_get_delta_slope(uint32_t coeff, uint32_t *exponent, uint32_t *mantissa) 2727 { 2728 #define COEFF_SCALE_SHIFT 24 2729 uint32_t exp, man; 2730 2731 /* exponent = 14 - floor(log2(coeff)) */ 2732 for (exp = 31; exp > 0; exp--) 2733 if (coeff & (1 << exp)) 2734 break; 2735 KASSERT(exp != 0, ("exp")); 2736 exp = 14 - (exp - COEFF_SCALE_SHIFT); 2737 2738 /* mantissa = floor(coeff * 2^exponent + 0.5) */ 2739 man = coeff + (1 << (COEFF_SCALE_SHIFT - exp - 1)); 2740 2741 *mantissa = man >> (COEFF_SCALE_SHIFT - exp); 2742 *exponent = exp - 16; 2743 #undef COEFF_SCALE_SHIFT 2744 } 2745 2746 static int 2747 otus_set_chan(struct otus_softc *sc, struct ieee80211_channel *c, int assoc) 2748 { 2749 struct ieee80211com *ic = &sc->sc_ic; 2750 struct ar_cmd_frequency cmd; 2751 struct ar_rsp_frequency rsp; 2752 const uint32_t *vals; 2753 uint32_t coeff, exp, man, tmp; 2754 uint8_t code; 2755 int error, chan, i; 2756 2757 error = 0; 2758 chan = ieee80211_chan2ieee(ic, c); 2759 2760 OTUS_DPRINTF(sc, OTUS_DEBUG_RESET, 2761 "setting channel %d (%dMHz)\n", chan, c->ic_freq); 2762 2763 tmp = IEEE80211_IS_CHAN_2GHZ(c) ? 0x105 : 0x104; 2764 otus_write(sc, AR_MAC_REG_DYNAMIC_SIFS_ACK, tmp); 2765 if ((error = otus_write_barrier(sc)) != 0) 2766 goto finish; 2767 2768 /* Disable BB Heavy Clip. */ 2769 otus_write(sc, AR_PHY_HEAVY_CLIP_ENABLE, 0x200); 2770 if ((error = otus_write_barrier(sc)) != 0) 2771 goto finish; 2772 2773 /* XXX Is that FREQ_START ? */ 2774 error = otus_cmd(sc, AR_CMD_FREQ_STRAT, NULL, 0, NULL, 0); 2775 if (error != 0) 2776 goto finish; 2777 2778 /* Reprogram PHY and RF on channel band or bandwidth changes. */ 2779 if (sc->bb_reset || c->ic_flags != sc->sc_curchan->ic_flags) { 2780 OTUS_DPRINTF(sc, OTUS_DEBUG_RESET, "band switch\n"); 2781 2782 /* Cold/Warm reset BB/ADDA. */ 2783 otus_write(sc, AR_PWR_REG_RESET, sc->bb_reset ? 0x800 : 0x400); 2784 if ((error = otus_write_barrier(sc)) != 0) 2785 goto finish; 2786 otus_write(sc, AR_PWR_REG_RESET, 0); 2787 if ((error = otus_write_barrier(sc)) != 0) 2788 goto finish; 2789 sc->bb_reset = 0; 2790 2791 if ((error = otus_program_phy(sc, c)) != 0) { 2792 device_printf(sc->sc_dev, 2793 "%s: could not program PHY\n", 2794 __func__); 2795 goto finish; 2796 } 2797 2798 /* Select RF programming based on band. */ 2799 if (IEEE80211_IS_CHAN_5GHZ(c)) 2800 vals = ar5416_banks_vals_5ghz; 2801 else 2802 vals = ar5416_banks_vals_2ghz; 2803 for (i = 0; i < nitems(ar5416_banks_regs); i++) 2804 otus_write(sc, AR_PHY(ar5416_banks_regs[i]), vals[i]); 2805 if ((error = otus_write_barrier(sc)) != 0) { 2806 device_printf(sc->sc_dev, 2807 "%s: could not program RF\n", 2808 __func__); 2809 goto finish; 2810 } 2811 code = AR_CMD_RF_INIT; 2812 } else { 2813 code = AR_CMD_FREQUENCY; 2814 } 2815 2816 if ((error = otus_set_rf_bank4(sc, c)) != 0) 2817 goto finish; 2818 2819 tmp = (sc->txmask == 0x5) ? 0x340 : 0x240; 2820 otus_write(sc, AR_PHY_TURBO, tmp); 2821 if ((error = otus_write_barrier(sc)) != 0) 2822 goto finish; 2823 2824 /* Send firmware command to set channel. */ 2825 cmd.freq = htole32((uint32_t)c->ic_freq * 1000); 2826 cmd.dynht2040 = htole32(0); 2827 cmd.htena = htole32(1); 2828 /* Set Delta Slope (exponent and mantissa). */ 2829 coeff = (100 << 24) / c->ic_freq; 2830 otus_get_delta_slope(coeff, &exp, &man); 2831 cmd.dsc_exp = htole32(exp); 2832 cmd.dsc_man = htole32(man); 2833 OTUS_DPRINTF(sc, OTUS_DEBUG_RESET, 2834 "ds coeff=%u exp=%u man=%u\n", coeff, exp, man); 2835 /* For Short GI, coeff is 9/10 that of normal coeff. */ 2836 coeff = (9 * coeff) / 10; 2837 otus_get_delta_slope(coeff, &exp, &man); 2838 cmd.dsc_shgi_exp = htole32(exp); 2839 cmd.dsc_shgi_man = htole32(man); 2840 OTUS_DPRINTF(sc, OTUS_DEBUG_RESET, 2841 "ds shgi coeff=%u exp=%u man=%u\n", coeff, exp, man); 2842 /* Set wait time for AGC and noise calibration (100 or 200ms). */ 2843 cmd.check_loop_count = assoc ? htole32(2000) : htole32(1000); 2844 OTUS_DPRINTF(sc, OTUS_DEBUG_RESET, 2845 "%s\n", (code == AR_CMD_RF_INIT) ? "RF_INIT" : "FREQUENCY"); 2846 error = otus_cmd(sc, code, &cmd, sizeof cmd, &rsp, sizeof(rsp)); 2847 if (error != 0) 2848 goto finish; 2849 if ((rsp.status & htole32(AR_CAL_ERR_AGC | AR_CAL_ERR_NF_VAL)) != 0) { 2850 OTUS_DPRINTF(sc, OTUS_DEBUG_RESET, 2851 "status=0x%x\n", le32toh(rsp.status)); 2852 /* Force cold reset on next channel. */ 2853 sc->bb_reset = 1; 2854 } 2855 #ifdef USB_DEBUG 2856 if (otus_debug & OTUS_DEBUG_RESET) { 2857 device_printf(sc->sc_dev, "calibration status=0x%x\n", 2858 le32toh(rsp.status)); 2859 for (i = 0; i < 2; i++) { /* 2 Rx chains */ 2860 /* Sign-extend 9-bit NF values. */ 2861 device_printf(sc->sc_dev, 2862 "noisefloor chain %d=%d\n", i, 2863 (((int32_t)le32toh(rsp.nf[i])) << 4) >> 23); 2864 device_printf(sc->sc_dev, 2865 "noisefloor ext chain %d=%d\n", i, 2866 ((int32_t)le32toh(rsp.nf_ext[i])) >> 23); 2867 } 2868 } 2869 #endif 2870 for (i = 0; i < OTUS_NUM_CHAINS; i++) { 2871 sc->sc_nf[i] = ((((int32_t)le32toh(rsp.nf[i])) << 4) >> 23); 2872 } 2873 sc->sc_curchan = c; 2874 finish: 2875 return (error); 2876 } 2877 2878 #ifdef notyet 2879 int 2880 otus_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2881 struct ieee80211_key *k) 2882 { 2883 struct otus_softc *sc = ic->ic_softc; 2884 struct otus_cmd_key cmd; 2885 2886 /* Defer setting of WEP keys until interface is brought up. */ 2887 if ((ic->ic_if.if_flags & (IFF_UP | IFF_RUNNING)) != 2888 (IFF_UP | IFF_RUNNING)) 2889 return 0; 2890 2891 /* Do it in a process context. */ 2892 cmd.key = *k; 2893 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 2894 otus_do_async(sc, otus_set_key_cb, &cmd, sizeof cmd); 2895 return 0; 2896 } 2897 2898 void 2899 otus_set_key_cb(struct otus_softc *sc, void *arg) 2900 { 2901 struct otus_cmd_key *cmd = arg; 2902 struct ieee80211_key *k = &cmd->key; 2903 struct ar_cmd_ekey key; 2904 uint16_t cipher; 2905 int error; 2906 2907 memset(&key, 0, sizeof key); 2908 if (k->k_flags & IEEE80211_KEY_GROUP) { 2909 key.uid = htole16(k->k_id); 2910 IEEE80211_ADDR_COPY(key.macaddr, sc->sc_ic.ic_myaddr); 2911 key.macaddr[0] |= 0x80; 2912 } else { 2913 key.uid = htole16(OTUS_UID(cmd->associd)); 2914 IEEE80211_ADDR_COPY(key.macaddr, ni->ni_macaddr); 2915 } 2916 key.kix = htole16(0); 2917 /* Map net80211 cipher to hardware. */ 2918 switch (k->k_cipher) { 2919 case IEEE80211_CIPHER_WEP40: 2920 cipher = AR_CIPHER_WEP64; 2921 break; 2922 case IEEE80211_CIPHER_WEP104: 2923 cipher = AR_CIPHER_WEP128; 2924 break; 2925 case IEEE80211_CIPHER_TKIP: 2926 cipher = AR_CIPHER_TKIP; 2927 break; 2928 case IEEE80211_CIPHER_CCMP: 2929 cipher = AR_CIPHER_AES; 2930 break; 2931 default: 2932 return; 2933 } 2934 key.cipher = htole16(cipher); 2935 memcpy(key.key, k->k_key, MIN(k->k_len, 16)); 2936 error = otus_cmd(sc, AR_CMD_EKEY, &key, sizeof key, NULL, 0); 2937 if (error != 0 || k->k_cipher != IEEE80211_CIPHER_TKIP) 2938 return; 2939 2940 /* TKIP: set Tx/Rx MIC Key. */ 2941 key.kix = htole16(1); 2942 memcpy(key.key, k->k_key + 16, 16); 2943 (void)otus_cmd(sc, AR_CMD_EKEY, &key, sizeof key, NULL, 0); 2944 } 2945 2946 void 2947 otus_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2948 struct ieee80211_key *k) 2949 { 2950 struct otus_softc *sc = ic->ic_softc; 2951 struct otus_cmd_key cmd; 2952 2953 if (!(ic->ic_if.if_flags & IFF_RUNNING) || 2954 ic->ic_state != IEEE80211_S_RUN) 2955 return; /* Nothing to do. */ 2956 2957 /* Do it in a process context. */ 2958 cmd.key = *k; 2959 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 2960 otus_do_async(sc, otus_delete_key_cb, &cmd, sizeof cmd); 2961 } 2962 2963 void 2964 otus_delete_key_cb(struct otus_softc *sc, void *arg) 2965 { 2966 struct otus_cmd_key *cmd = arg; 2967 struct ieee80211_key *k = &cmd->key; 2968 uint32_t uid; 2969 2970 if (k->k_flags & IEEE80211_KEY_GROUP) 2971 uid = htole32(k->k_id); 2972 else 2973 uid = htole32(OTUS_UID(cmd->associd)); 2974 (void)otus_cmd(sc, AR_CMD_DKEY, &uid, sizeof uid, NULL, 0); 2975 } 2976 #endif 2977 2978 /* 2979 * XXX TODO: check if we have to be doing any calibration in the host 2980 * or whether it's purely a firmware thing. 2981 */ 2982 void 2983 otus_calibrate_to(void *arg, int pending) 2984 { 2985 #if 0 2986 struct otus_softc *sc = arg; 2987 2988 device_printf(sc->sc_dev, "%s: called\n", __func__); 2989 struct ieee80211com *ic = &sc->sc_ic; 2990 struct ieee80211_node *ni; 2991 int s; 2992 2993 if (usbd_is_dying(sc->sc_udev)) 2994 return; 2995 2996 usbd_ref_incr(sc->sc_udev); 2997 2998 s = splnet(); 2999 ni = ic->ic_bss; 3000 ieee80211_amrr_choose(&sc->amrr, ni, &((struct otus_node *)ni)->amn); 3001 splx(s); 3002 3003 if (!usbd_is_dying(sc->sc_udev)) 3004 timeout_add_sec(&sc->calib_to, 1); 3005 3006 usbd_ref_decr(sc->sc_udev); 3007 #endif 3008 } 3009 3010 int 3011 otus_set_bssid(struct otus_softc *sc, const uint8_t *bssid) 3012 { 3013 3014 OTUS_LOCK_ASSERT(sc); 3015 3016 otus_write(sc, AR_MAC_REG_BSSID_L, 3017 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 3018 otus_write(sc, AR_MAC_REG_BSSID_H, 3019 bssid[4] | bssid[5] << 8); 3020 return otus_write_barrier(sc); 3021 } 3022 3023 int 3024 otus_set_macaddr(struct otus_softc *sc, const uint8_t *addr) 3025 { 3026 OTUS_LOCK_ASSERT(sc); 3027 3028 otus_write(sc, AR_MAC_REG_MAC_ADDR_L, 3029 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 3030 otus_write(sc, AR_MAC_REG_MAC_ADDR_H, 3031 addr[4] | addr[5] << 8); 3032 return otus_write_barrier(sc); 3033 } 3034 3035 /* Default single-LED. */ 3036 void 3037 otus_led_newstate_type1(struct otus_softc *sc) 3038 { 3039 /* TBD */ 3040 device_printf(sc->sc_dev, "%s: TODO\n", __func__); 3041 } 3042 3043 /* NETGEAR, dual-LED. */ 3044 void 3045 otus_led_newstate_type2(struct otus_softc *sc) 3046 { 3047 /* TBD */ 3048 device_printf(sc->sc_dev, "%s: TODO\n", __func__); 3049 } 3050 3051 /* NETGEAR, single-LED/3 colors (blue, red, purple.) */ 3052 void 3053 otus_led_newstate_type3(struct otus_softc *sc) 3054 { 3055 #if 0 3056 struct ieee80211com *ic = &sc->sc_ic; 3057 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3058 3059 uint32_t state = sc->led_state; 3060 3061 OTUS_LOCK_ASSERT(sc); 3062 3063 if (!vap) { 3064 state = 0; /* led off */ 3065 } else if (vap->iv_state == IEEE80211_S_INIT) { 3066 state = 0; /* LED off. */ 3067 } else if (vap->iv_state == IEEE80211_S_RUN) { 3068 /* Associated, LED always on. */ 3069 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) 3070 state = AR_LED0_ON; /* 2GHz=>Red. */ 3071 else 3072 state = AR_LED1_ON; /* 5GHz=>Blue. */ 3073 } else { 3074 /* Scanning, blink LED. */ 3075 state ^= AR_LED0_ON | AR_LED1_ON; 3076 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) 3077 state &= ~AR_LED1_ON; 3078 else 3079 state &= ~AR_LED0_ON; 3080 } 3081 if (state != sc->led_state) { 3082 otus_write(sc, AR_GPIO_REG_PORT_DATA, state); 3083 if (otus_write_barrier(sc) == 0) 3084 sc->led_state = state; 3085 } 3086 #endif 3087 } 3088 3089 static uint8_t zero_macaddr[IEEE80211_ADDR_LEN] = { 0,0,0,0,0,0 }; 3090 3091 /* 3092 * Set up operating mode, MAC/BSS address and RX filter. 3093 */ 3094 static void 3095 otus_set_operating_mode(struct otus_softc *sc) 3096 { 3097 struct ieee80211com *ic = &sc->sc_ic; 3098 struct ieee80211vap *vap; 3099 uint32_t cam_mode = AR_MAC_CAM_DEFAULTS; 3100 uint32_t rx_ctrl = AR_MAC_RX_CTRL_DEAGG | AR_MAC_RX_CTRL_SHORT_FILTER; 3101 uint32_t sniffer = AR_MAC_SNIFFER_DEFAULTS; 3102 uint32_t enc_mode = 0x78; /* XXX */ 3103 const uint8_t *macaddr; 3104 uint8_t bssid[IEEE80211_ADDR_LEN]; 3105 struct ieee80211_node *ni; 3106 3107 OTUS_LOCK_ASSERT(sc); 3108 3109 /* 3110 * If we're in sniffer mode or we don't have a MAC 3111 * address assigned, ensure it gets reset to all-zero. 3112 */ 3113 IEEE80211_ADDR_COPY(bssid, zero_macaddr); 3114 vap = TAILQ_FIRST(&ic->ic_vaps); 3115 macaddr = vap ? vap->iv_myaddr : ic->ic_macaddr; 3116 3117 switch (ic->ic_opmode) { 3118 case IEEE80211_M_STA: 3119 if (vap) { 3120 ni = ieee80211_ref_node(vap->iv_bss); 3121 IEEE80211_ADDR_COPY(bssid, ni->ni_bssid); 3122 ieee80211_free_node(ni); 3123 } 3124 cam_mode |= AR_MAC_CAM_STA; 3125 rx_ctrl |= AR_MAC_RX_CTRL_PASS_TO_HOST; 3126 break; 3127 case IEEE80211_M_MONITOR: 3128 /* 3129 * Note: monitor mode ends up causing the MAC to 3130 * generate ACK frames for everything it sees. 3131 * So don't do that; instead just put it in STA mode 3132 * and disable RX filters. 3133 */ 3134 default: 3135 cam_mode |= AR_MAC_CAM_STA; 3136 rx_ctrl |= AR_MAC_RX_CTRL_PASS_TO_HOST; 3137 break; 3138 } 3139 3140 /* 3141 * TODO: if/when we do hardware encryption, ensure it's 3142 * disabled if the NIC is in monitor mode. 3143 */ 3144 otus_write(sc, AR_MAC_REG_SNIFFER, sniffer); 3145 otus_write(sc, AR_MAC_REG_CAM_MODE, cam_mode); 3146 otus_write(sc, AR_MAC_REG_ENCRYPTION, enc_mode); 3147 otus_write(sc, AR_MAC_REG_RX_CONTROL, rx_ctrl); 3148 otus_set_macaddr(sc, macaddr); 3149 otus_set_bssid(sc, bssid); 3150 /* XXX barrier? */ 3151 } 3152 3153 static void 3154 otus_set_rx_filter(struct otus_softc *sc) 3155 { 3156 // struct ieee80211com *ic = &sc->sc_ic; 3157 3158 OTUS_LOCK_ASSERT(sc); 3159 3160 #if 0 3161 if (ic->ic_allmulti > 0 || ic->ic_promisc > 0 || 3162 ic->ic_opmode == IEEE80211_M_MONITOR) { 3163 otus_write(sc, AR_MAC_REG_FRAMETYPE_FILTER, 0xff00ffff); 3164 } else { 3165 #endif 3166 /* Filter any control frames, BAR is bit 24. */ 3167 otus_write(sc, AR_MAC_REG_FRAMETYPE_FILTER, 0x0500ffff); 3168 #if 0 3169 } 3170 #endif 3171 } 3172 3173 int 3174 otus_init(struct otus_softc *sc) 3175 { 3176 struct ieee80211com *ic = &sc->sc_ic; 3177 int error; 3178 3179 OTUS_UNLOCK_ASSERT(sc); 3180 3181 OTUS_LOCK(sc); 3182 3183 /* Drain any pending TX frames */ 3184 otus_drain_mbufq(sc); 3185 3186 /* Init MAC */ 3187 if ((error = otus_init_mac(sc)) != 0) { 3188 OTUS_UNLOCK(sc); 3189 device_printf(sc->sc_dev, 3190 "%s: could not initialize MAC\n", __func__); 3191 return error; 3192 } 3193 3194 otus_set_operating_mode(sc); 3195 otus_set_rx_filter(sc); 3196 (void) otus_set_operating_mode(sc); 3197 3198 sc->bb_reset = 1; /* Force cold reset. */ 3199 3200 if ((error = otus_set_chan(sc, ic->ic_curchan, 0)) != 0) { 3201 OTUS_UNLOCK(sc); 3202 device_printf(sc->sc_dev, 3203 "%s: could not set channel\n", __func__); 3204 return error; 3205 } 3206 3207 /* Start Rx. */ 3208 otus_write(sc, AR_MAC_REG_DMA_TRIGGER, 0x100); 3209 (void)otus_write_barrier(sc); 3210 3211 sc->sc_running = 1; 3212 3213 OTUS_UNLOCK(sc); 3214 return 0; 3215 } 3216 3217 void 3218 otus_stop(struct otus_softc *sc) 3219 { 3220 #if 0 3221 int s; 3222 #endif 3223 3224 OTUS_UNLOCK_ASSERT(sc); 3225 3226 OTUS_LOCK(sc); 3227 sc->sc_running = 0; 3228 sc->sc_tx_timer = 0; 3229 OTUS_UNLOCK(sc); 3230 3231 taskqueue_drain_timeout(taskqueue_thread, &sc->scan_to); 3232 taskqueue_drain_timeout(taskqueue_thread, &sc->calib_to); 3233 taskqueue_drain(taskqueue_thread, &sc->tx_task); 3234 3235 OTUS_LOCK(sc); 3236 sc->sc_running = 0; 3237 /* Stop Rx. */ 3238 otus_write(sc, AR_MAC_REG_DMA_TRIGGER, 0); 3239 (void)otus_write_barrier(sc); 3240 3241 /* Drain any pending TX frames */ 3242 otus_drain_mbufq(sc); 3243 3244 OTUS_UNLOCK(sc); 3245 } 3246