1 /* 2 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 /* 7 * Copyright (c) 2002-2004 Sam Leffler, Errno Consulting 8 * All rights reserved. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer, 15 * without modification. 16 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 17 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 18 * redistribution must be conditioned upon including a substantially 19 * similar Disclaimer requirement for further binary redistribution. 20 * 3. Neither the names of the above-listed copyright holders nor the names 21 * of any contributors may be used to endorse or promote products derived 22 * from this software without specific prior written permission. 23 * 24 * NO WARRANTY 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 28 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 29 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 30 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 33 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 35 * THE POSSIBILITY OF SUCH DAMAGES. 36 * 37 */ 38 39 #pragma ident "%Z%%M% %I% %E% SMI" 40 41 /* 42 * Driver for the Atheros Wireless LAN controller. 43 * 44 * The Atheros driver calls into net80211 module for IEEE80211 protocol 45 * management functionalities. The driver includes a LLD(Low Level Driver) 46 * part to implement H/W related operations. 47 * The following is the high level structure of ath driver. 48 * (The arrows between modules indicate function call direction.) 49 * 50 * 51 * | 52 * | GLD thread 53 * V 54 * ================== ========================================= 55 * | | |[1] | 56 * | | | GLDv3 Callback functions registered | 57 * | Net80211 | ========================= by | 58 * | module | | | driver | 59 * | | V | | 60 * | |======================== | | 61 * | Functions exported by net80211 | | | 62 * | | | | 63 * ========================================== ================= 64 * | | 65 * V | 66 * +----------------------------------+ | 67 * |[2] | | 68 * | Net80211 Callback functions | | 69 * | registered by LLD | | 70 * +----------------------------------+ | 71 * | | 72 * V v 73 * +-----------------------------------------------------------+ 74 * |[3] | 75 * | LLD Internal functions | 76 * | | 77 * +-----------------------------------------------------------+ 78 * ^ 79 * | Software interrupt thread 80 * | 81 * 82 * The short description of each module is as below: 83 * Module 1: GLD callback functions, which are intercepting the calls from 84 * GLD to LLD. 85 * Module 2: Net80211 callback functions registered by LLD, which 86 * calls into LLD for H/W related functions needed by net80211. 87 * Module 3: LLD Internal functions, which are responsible for allocing 88 * descriptor/buffer, handling interrupt and other H/W 89 * operations. 90 * 91 * All functions are running in 3 types of thread: 92 * 1. GLD callbacks threads, such as ioctl, intr, etc. 93 * 2. Clock interruptt thread which is responsible for scan, rate control and 94 * calibration. 95 * 3. Software Interrupt thread originated in LLD. 96 * 97 * The lock strategy is as below: 98 * There have 4 queues for tx, each queue has one asc_txqlock[i] to 99 * prevent conflicts access to queue resource from different thread. 100 * 101 * All the transmit buffers are contained in asc_txbuf which are 102 * protected by asc_txbuflock. 103 * 104 * Each receive buffers are contained in asc_rxbuf which are protected 105 * by asc_rxbuflock. 106 * 107 * In ath struct, asc_genlock is a general lock, protecting most other 108 * operational data in ath_softc struct and HAL accesses. 109 * It is acquired by the interupt handler and most "mode-ctrl" routines. 110 * 111 * Any of the locks can be acquired singly, but where multiple 112 * locks are acquired, they *must* be in the order: 113 * asc_genlock >> asc_txqlock[i] >> asc_txbuflock >> asc_rxbuflock 114 */ 115 116 #include <sys/param.h> 117 #include <sys/types.h> 118 #include <sys/signal.h> 119 #include <sys/stream.h> 120 #include <sys/termio.h> 121 #include <sys/errno.h> 122 #include <sys/file.h> 123 #include <sys/cmn_err.h> 124 #include <sys/stropts.h> 125 #include <sys/strsubr.h> 126 #include <sys/strtty.h> 127 #include <sys/kbio.h> 128 #include <sys/cred.h> 129 #include <sys/stat.h> 130 #include <sys/consdev.h> 131 #include <sys/kmem.h> 132 #include <sys/modctl.h> 133 #include <sys/ddi.h> 134 #include <sys/sunddi.h> 135 #include <sys/pci.h> 136 #include <sys/errno.h> 137 #include <sys/mac.h> 138 #include <sys/dlpi.h> 139 #include <sys/ethernet.h> 140 #include <sys/list.h> 141 #include <sys/byteorder.h> 142 #include <sys/strsun.h> 143 #include <sys/policy.h> 144 #include <inet/common.h> 145 #include <inet/nd.h> 146 #include <inet/mi.h> 147 #include <inet/wifi_ioctl.h> 148 #include <sys/mac_wifi.h> 149 #include "ath_hal.h" 150 #include "ath_impl.h" 151 #include "ath_aux.h" 152 #include "ath_rate.h" 153 154 #define ATH_MAX_RSSI 63 /* max rssi */ 155 156 extern void ath_halfix_init(void); 157 extern void ath_halfix_finit(void); 158 extern int32_t ath_getset(ath_t *asc, mblk_t *mp, uint32_t cmd); 159 160 /* 161 * PIO access attributes for registers 162 */ 163 static ddi_device_acc_attr_t ath_reg_accattr = { 164 DDI_DEVICE_ATTR_V0, 165 DDI_STRUCTURE_LE_ACC, 166 DDI_STRICTORDER_ACC 167 }; 168 169 /* 170 * DMA access attributes for descriptors: NOT to be byte swapped. 171 */ 172 static ddi_device_acc_attr_t ath_desc_accattr = { 173 DDI_DEVICE_ATTR_V0, 174 DDI_STRUCTURE_LE_ACC, 175 DDI_STRICTORDER_ACC 176 }; 177 178 /* 179 * Describes the chip's DMA engine 180 */ 181 static ddi_dma_attr_t dma_attr = { 182 DMA_ATTR_V0, /* dma_attr version */ 183 0x0000000000000000ull, /* dma_attr_addr_lo */ 184 0xFFFFFFFFFFFFFFFFull, /* dma_attr_addr_hi */ 185 0x00000000FFFFFFFFull, /* dma_attr_count_max */ 186 0x0000000000000001ull, /* dma_attr_align */ 187 0x00000FFF, /* dma_attr_burstsizes */ 188 0x00000001, /* dma_attr_minxfer */ 189 0x000000000000FFFFull, /* dma_attr_maxxfer */ 190 0xFFFFFFFFFFFFFFFFull, /* dma_attr_seg */ 191 1, /* dma_attr_sgllen */ 192 0x00000001, /* dma_attr_granular */ 193 0 /* dma_attr_flags */ 194 }; 195 196 static kmutex_t ath_loglock; 197 static void *ath_soft_state_p = NULL; 198 static int ath_dwelltime = 150; /* scan interval, ms */ 199 200 static int ath_m_stat(void *, uint_t, uint64_t *); 201 static int ath_m_start(void *); 202 static void ath_m_stop(void *); 203 static int ath_m_promisc(void *, boolean_t); 204 static int ath_m_multicst(void *, boolean_t, const uint8_t *); 205 static int ath_m_unicst(void *, const uint8_t *); 206 static mblk_t *ath_m_tx(void *, mblk_t *); 207 static void ath_m_ioctl(void *, queue_t *, mblk_t *); 208 static mac_callbacks_t ath_m_callbacks = { 209 MC_IOCTL, 210 ath_m_stat, 211 ath_m_start, 212 ath_m_stop, 213 ath_m_promisc, 214 ath_m_multicst, 215 ath_m_unicst, 216 ath_m_tx, 217 NULL, /* mc_resources; */ 218 ath_m_ioctl, 219 NULL /* mc_getcapab */ 220 }; 221 222 /* 223 * Available debug flags: 224 * ATH_DBG_INIT, ATH_DBG_GLD, ATH_DBG_HAL, ATH_DBG_INT, ATH_DBG_ATTACH, 225 * ATH_DBG_DETACH, ATH_DBG_AUX, ATH_DBG_WIFICFG, ATH_DBG_OSDEP 226 */ 227 uint32_t ath_dbg_flags = 0; 228 229 /* 230 * Exception/warning cases not leading to panic. 231 */ 232 void 233 ath_problem(const int8_t *fmt, ...) 234 { 235 va_list args; 236 237 mutex_enter(&ath_loglock); 238 239 va_start(args, fmt); 240 vcmn_err(CE_WARN, fmt, args); 241 va_end(args); 242 243 mutex_exit(&ath_loglock); 244 } 245 246 /* 247 * Normal log information independent of debug. 248 */ 249 void 250 ath_log(const int8_t *fmt, ...) 251 { 252 va_list args; 253 254 mutex_enter(&ath_loglock); 255 256 va_start(args, fmt); 257 vcmn_err(CE_CONT, fmt, args); 258 va_end(args); 259 260 mutex_exit(&ath_loglock); 261 } 262 263 void 264 ath_dbg(uint32_t dbg_flags, const int8_t *fmt, ...) 265 { 266 va_list args; 267 268 if (dbg_flags & ath_dbg_flags) { 269 mutex_enter(&ath_loglock); 270 va_start(args, fmt); 271 vcmn_err(CE_CONT, fmt, args); 272 va_end(args); 273 mutex_exit(&ath_loglock); 274 } 275 } 276 277 void 278 ath_setup_desc(ath_t *asc, struct ath_buf *bf) 279 { 280 struct ath_desc *ds; 281 282 ds = bf->bf_desc; 283 ds->ds_link = bf->bf_daddr; 284 ds->ds_data = bf->bf_dma.cookie.dmac_address; 285 ds->ds_vdata = bf->bf_dma.mem_va; 286 ATH_HAL_SETUPRXDESC(asc->asc_ah, ds, 287 bf->bf_dma.alength, /* buffer size */ 288 0); 289 290 if (asc->asc_rxlink != NULL) 291 *asc->asc_rxlink = bf->bf_daddr; 292 asc->asc_rxlink = &ds->ds_link; 293 } 294 295 296 /* 297 * Allocate an area of memory and a DMA handle for accessing it 298 */ 299 static int 300 ath_alloc_dma_mem(dev_info_t *devinfo, size_t memsize, 301 ddi_device_acc_attr_t *attr_p, uint_t alloc_flags, 302 uint_t bind_flags, dma_area_t *dma_p) 303 { 304 int err; 305 306 /* 307 * Allocate handle 308 */ 309 err = ddi_dma_alloc_handle(devinfo, &dma_attr, 310 DDI_DMA_SLEEP, NULL, &dma_p->dma_hdl); 311 if (err != DDI_SUCCESS) 312 return (DDI_FAILURE); 313 314 /* 315 * Allocate memory 316 */ 317 err = ddi_dma_mem_alloc(dma_p->dma_hdl, memsize, attr_p, 318 alloc_flags, DDI_DMA_SLEEP, NULL, &dma_p->mem_va, 319 &dma_p->alength, &dma_p->acc_hdl); 320 if (err != DDI_SUCCESS) 321 return (DDI_FAILURE); 322 323 /* 324 * Bind the two together 325 */ 326 err = ddi_dma_addr_bind_handle(dma_p->dma_hdl, NULL, 327 dma_p->mem_va, dma_p->alength, bind_flags, 328 DDI_DMA_SLEEP, NULL, &dma_p->cookie, &dma_p->ncookies); 329 if (err != DDI_DMA_MAPPED) 330 return (DDI_FAILURE); 331 332 dma_p->nslots = ~0U; 333 dma_p->size = ~0U; 334 dma_p->token = ~0U; 335 dma_p->offset = 0; 336 return (DDI_SUCCESS); 337 } 338 339 /* 340 * Free one allocated area of DMAable memory 341 */ 342 static void 343 ath_free_dma_mem(dma_area_t *dma_p) 344 { 345 if (dma_p->dma_hdl != NULL) { 346 (void) ddi_dma_unbind_handle(dma_p->dma_hdl); 347 if (dma_p->acc_hdl != NULL) { 348 ddi_dma_mem_free(&dma_p->acc_hdl); 349 dma_p->acc_hdl = NULL; 350 } 351 ddi_dma_free_handle(&dma_p->dma_hdl); 352 dma_p->ncookies = 0; 353 dma_p->dma_hdl = NULL; 354 } 355 } 356 357 358 static int 359 ath_desc_alloc(dev_info_t *devinfo, ath_t *asc) 360 { 361 int i, err; 362 size_t size; 363 struct ath_desc *ds; 364 struct ath_buf *bf; 365 366 size = sizeof (struct ath_desc) * (ATH_TXBUF + ATH_RXBUF); 367 368 err = ath_alloc_dma_mem(devinfo, size, &ath_desc_accattr, 369 DDI_DMA_CONSISTENT, DDI_DMA_RDWR | DDI_DMA_CONSISTENT, 370 &asc->asc_desc_dma); 371 372 /* virtual address of the first descriptor */ 373 asc->asc_desc = (struct ath_desc *)asc->asc_desc_dma.mem_va; 374 375 ds = asc->asc_desc; 376 ATH_DEBUG((ATH_DBG_INIT, "ath: ath_desc_alloc(): DMA map: " 377 "%p (%d) -> %p\n", 378 asc->asc_desc, asc->asc_desc_dma.alength, 379 asc->asc_desc_dma.cookie.dmac_address)); 380 381 /* allocate data structures to describe TX/RX DMA buffers */ 382 asc->asc_vbuflen = sizeof (struct ath_buf) * (ATH_TXBUF + ATH_RXBUF); 383 bf = (struct ath_buf *)kmem_zalloc(asc->asc_vbuflen, KM_SLEEP); 384 asc->asc_vbufptr = bf; 385 386 /* DMA buffer size for each TX/RX packet */ 387 asc->asc_dmabuf_size = roundup(1000 + sizeof (struct ieee80211_frame) + 388 IEEE80211_MTU + IEEE80211_CRC_LEN + 389 (IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + 390 IEEE80211_WEP_CRCLEN), asc->asc_cachelsz); 391 392 /* create RX buffer list and allocate DMA memory */ 393 list_create(&asc->asc_rxbuf_list, sizeof (struct ath_buf), 394 offsetof(struct ath_buf, bf_node)); 395 for (i = 0; i < ATH_RXBUF; i++, bf++, ds++) { 396 bf->bf_desc = ds; 397 bf->bf_daddr = asc->asc_desc_dma.cookie.dmac_address + 398 ((caddr_t)ds - (caddr_t)asc->asc_desc); 399 list_insert_tail(&asc->asc_rxbuf_list, bf); 400 401 /* alloc DMA memory */ 402 err = ath_alloc_dma_mem(devinfo, asc->asc_dmabuf_size, 403 &ath_desc_accattr, 404 DDI_DMA_STREAMING, DDI_DMA_READ | DDI_DMA_STREAMING, 405 &bf->bf_dma); 406 if (err != DDI_SUCCESS) 407 return (err); 408 } 409 410 /* create TX buffer list and allocate DMA memory */ 411 list_create(&asc->asc_txbuf_list, sizeof (struct ath_buf), 412 offsetof(struct ath_buf, bf_node)); 413 for (i = 0; i < ATH_TXBUF; i++, bf++, ds++) { 414 bf->bf_desc = ds; 415 bf->bf_daddr = asc->asc_desc_dma.cookie.dmac_address + 416 ((caddr_t)ds - (caddr_t)asc->asc_desc); 417 list_insert_tail(&asc->asc_txbuf_list, bf); 418 419 /* alloc DMA memory */ 420 err = ath_alloc_dma_mem(devinfo, asc->asc_dmabuf_size, 421 &ath_desc_accattr, 422 DDI_DMA_STREAMING, DDI_DMA_STREAMING, &bf->bf_dma); 423 if (err != DDI_SUCCESS) 424 return (err); 425 } 426 427 return (DDI_SUCCESS); 428 } 429 430 static void 431 ath_desc_free(ath_t *asc) 432 { 433 struct ath_buf *bf; 434 435 /* Free TX DMA buffer */ 436 bf = list_head(&asc->asc_txbuf_list); 437 while (bf != NULL) { 438 ath_free_dma_mem(&bf->bf_dma); 439 list_remove(&asc->asc_txbuf_list, bf); 440 bf = list_head(&asc->asc_txbuf_list); 441 } 442 list_destroy(&asc->asc_txbuf_list); 443 444 /* Free RX DMA uffer */ 445 bf = list_head(&asc->asc_rxbuf_list); 446 while (bf != NULL) { 447 ath_free_dma_mem(&bf->bf_dma); 448 list_remove(&asc->asc_rxbuf_list, bf); 449 bf = list_head(&asc->asc_rxbuf_list); 450 } 451 list_destroy(&asc->asc_rxbuf_list); 452 453 /* Free descriptor DMA buffer */ 454 ath_free_dma_mem(&asc->asc_desc_dma); 455 456 kmem_free((void *)asc->asc_vbufptr, asc->asc_vbuflen); 457 asc->asc_vbufptr = NULL; 458 } 459 460 static void 461 ath_printrxbuf(struct ath_buf *bf, int32_t done) 462 { 463 struct ath_desc *ds = bf->bf_desc; 464 465 ATH_DEBUG((ATH_DBG_RECV, "ath: R (%p %p) %08x %08x %08x " 466 "%08x %08x %08x %c\n", 467 ds, bf->bf_daddr, 468 ds->ds_link, ds->ds_data, 469 ds->ds_ctl0, ds->ds_ctl1, 470 ds->ds_hw[0], ds->ds_hw[1], 471 !done ? ' ' : (ds->ds_rxstat.rs_status == 0) ? '*' : '!')); 472 } 473 474 static void 475 ath_rx_handler(ath_t *asc) 476 { 477 ieee80211com_t *ic = (ieee80211com_t *)asc; 478 struct ath_buf *bf; 479 struct ath_hal *ah = asc->asc_ah; 480 struct ath_desc *ds; 481 mblk_t *rx_mp; 482 struct ieee80211_frame *wh; 483 int32_t len, loop = 1; 484 uint8_t phyerr; 485 HAL_STATUS status; 486 HAL_NODE_STATS hal_node_stats; 487 struct ieee80211_node *in; 488 489 do { 490 mutex_enter(&asc->asc_rxbuflock); 491 bf = list_head(&asc->asc_rxbuf_list); 492 if (bf == NULL) { 493 ATH_DEBUG((ATH_DBG_RECV, "ath: ath_rx_handler(): " 494 "no buffer\n")); 495 mutex_exit(&asc->asc_rxbuflock); 496 break; 497 } 498 ASSERT(bf->bf_dma.cookie.dmac_address != NULL); 499 ds = bf->bf_desc; 500 if (ds->ds_link == bf->bf_daddr) { 501 /* 502 * Never process the self-linked entry at the end, 503 * this may be met at heavy load. 504 */ 505 mutex_exit(&asc->asc_rxbuflock); 506 break; 507 } 508 509 status = ATH_HAL_RXPROCDESC(ah, ds, 510 bf->bf_daddr, 511 ATH_PA2DESC(asc, ds->ds_link)); 512 if (status == HAL_EINPROGRESS) { 513 mutex_exit(&asc->asc_rxbuflock); 514 break; 515 } 516 list_remove(&asc->asc_rxbuf_list, bf); 517 mutex_exit(&asc->asc_rxbuflock); 518 519 if (ds->ds_rxstat.rs_status != 0) { 520 if (ds->ds_rxstat.rs_status & HAL_RXERR_CRC) 521 asc->asc_stats.ast_rx_crcerr++; 522 if (ds->ds_rxstat.rs_status & HAL_RXERR_FIFO) 523 asc->asc_stats.ast_rx_fifoerr++; 524 if (ds->ds_rxstat.rs_status & HAL_RXERR_DECRYPT) 525 asc->asc_stats.ast_rx_badcrypt++; 526 if (ds->ds_rxstat.rs_status & HAL_RXERR_PHY) { 527 asc->asc_stats.ast_rx_phyerr++; 528 phyerr = ds->ds_rxstat.rs_phyerr & 0x1f; 529 asc->asc_stats.ast_rx_phy[phyerr]++; 530 } 531 goto rx_next; 532 } 533 len = ds->ds_rxstat.rs_datalen; 534 535 /* less than sizeof(struct ieee80211_frame) */ 536 if (len < 20) { 537 asc->asc_stats.ast_rx_tooshort++; 538 goto rx_next; 539 } 540 541 if ((rx_mp = allocb(asc->asc_dmabuf_size, BPRI_MED)) == NULL) { 542 ath_problem("ath: ath_rx_handler(): " 543 "allocing mblk buffer failed.\n"); 544 return; 545 } 546 547 ATH_DMA_SYNC(bf->bf_dma, DDI_DMA_SYNC_FORCPU); 548 bcopy(bf->bf_dma.mem_va, rx_mp->b_rptr, len); 549 550 rx_mp->b_wptr += len; 551 wh = (struct ieee80211_frame *)rx_mp->b_rptr; 552 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 553 IEEE80211_FC0_TYPE_CTL) { 554 /* 555 * Ignore control frame received in promisc mode. 556 */ 557 freemsg(rx_mp); 558 goto rx_next; 559 } 560 /* Remove the CRC at the end of IEEE80211 frame */ 561 rx_mp->b_wptr -= IEEE80211_CRC_LEN; 562 #ifdef DEBUG 563 ath_printrxbuf(bf, status == HAL_OK); 564 #endif /* DEBUG */ 565 /* 566 * Locate the node for sender, track state, and then 567 * pass the (referenced) node up to the 802.11 layer 568 * for its use. 569 */ 570 in = ieee80211_find_rxnode(ic, wh); 571 572 /* 573 * Send frame up for processing. 574 */ 575 (void) ieee80211_input(ic, rx_mp, in, 576 ds->ds_rxstat.rs_rssi, 577 ds->ds_rxstat.rs_tstamp); 578 579 ieee80211_free_node(in); 580 581 rx_next: 582 mutex_enter(&asc->asc_rxbuflock); 583 list_insert_tail(&asc->asc_rxbuf_list, bf); 584 mutex_exit(&asc->asc_rxbuflock); 585 ath_setup_desc(asc, bf); 586 } while (loop); 587 588 /* rx signal state monitoring */ 589 ATH_HAL_RXMONITOR(ah, &hal_node_stats, &asc->asc_curchan); 590 } 591 592 static void 593 ath_printtxbuf(struct ath_buf *bf, int done) 594 { 595 struct ath_desc *ds = bf->bf_desc; 596 597 ATH_DEBUG((ATH_DBG_SEND, "ath: T(%p %p) %08x %08x %08x %08x %08x" 598 " %08x %08x %08x %c\n", 599 ds, bf->bf_daddr, 600 ds->ds_link, ds->ds_data, 601 ds->ds_ctl0, ds->ds_ctl1, 602 ds->ds_hw[0], ds->ds_hw[1], ds->ds_hw[2], ds->ds_hw[3], 603 !done ? ' ' : (ds->ds_txstat.ts_status == 0) ? '*' : '!')); 604 } 605 606 /* 607 * The input parameter mp has following assumption: 608 * For data packets, GLDv3 mac_wifi plugin allocates and fills the 609 * ieee80211 header. For management packets, net80211 allocates and 610 * fills the ieee80211 header. In both cases, enough spaces in the 611 * header are left for encryption option. 612 */ 613 static int32_t 614 ath_tx_start(ath_t *asc, struct ieee80211_node *in, struct ath_buf *bf, 615 mblk_t *mp) 616 { 617 ieee80211com_t *ic = (ieee80211com_t *)asc; 618 struct ieee80211_frame *wh; 619 struct ath_hal *ah = asc->asc_ah; 620 uint32_t subtype, flags, ctsduration; 621 int32_t keyix, iswep, hdrlen, pktlen, mblen, mbslen, try0; 622 uint8_t rix, cix, txrate, ctsrate; 623 struct ath_desc *ds; 624 struct ath_txq *txq; 625 HAL_PKT_TYPE atype; 626 const HAL_RATE_TABLE *rt; 627 HAL_BOOL shortPreamble; 628 struct ath_node *an; 629 caddr_t dest; 630 631 /* 632 * CRC are added by H/W, not encaped by driver, 633 * but we must count it in pkt length. 634 */ 635 pktlen = IEEE80211_CRC_LEN; 636 637 wh = (struct ieee80211_frame *)mp->b_rptr; 638 iswep = wh->i_fc[1] & IEEE80211_FC1_WEP; 639 keyix = HAL_TXKEYIX_INVALID; 640 hdrlen = sizeof (struct ieee80211_frame); 641 if (iswep != 0) { 642 const struct ieee80211_cipher *cip; 643 struct ieee80211_key *k; 644 645 /* 646 * Construct the 802.11 header+trailer for an encrypted 647 * frame. The only reason this can fail is because of an 648 * unknown or unsupported cipher/key type. 649 */ 650 k = ieee80211_crypto_encap(ic, mp); 651 if (k == NULL) { 652 ATH_DEBUG((ATH_DBG_AUX, "crypto_encap failed\n")); 653 /* 654 * This can happen when the key is yanked after the 655 * frame was queued. Just discard the frame; the 656 * 802.11 layer counts failures and provides 657 * debugging/diagnostics. 658 */ 659 return (EIO); 660 } 661 cip = k->wk_cipher; 662 /* 663 * Adjust the packet + header lengths for the crypto 664 * additions and calculate the h/w key index. When 665 * a s/w mic is done the frame will have had any mic 666 * added to it prior to entry so m0->m_pkthdr.len above will 667 * account for it. Otherwise we need to add it to the 668 * packet length. 669 */ 670 hdrlen += cip->ic_header; 671 pktlen += cip->ic_trailer; 672 if ((k->wk_flags & IEEE80211_KEY_SWMIC) == 0) 673 pktlen += cip->ic_miclen; 674 keyix = k->wk_keyix; 675 676 /* packet header may have moved, reset our local pointer */ 677 wh = (struct ieee80211_frame *)mp->b_rptr; 678 } 679 680 dest = bf->bf_dma.mem_va; 681 for (; mp != NULL; mp = mp->b_cont) { 682 mblen = MBLKL(mp); 683 bcopy(mp->b_rptr, dest, mblen); 684 dest += mblen; 685 } 686 mbslen = dest - bf->bf_dma.mem_va; 687 pktlen += mbslen; 688 689 bf->bf_in = in; 690 691 /* setup descriptors */ 692 ds = bf->bf_desc; 693 rt = asc->asc_currates; 694 ASSERT(rt != NULL); 695 696 /* 697 * The 802.11 layer marks whether or not we should 698 * use short preamble based on the current mode and 699 * negotiated parameters. 700 */ 701 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 702 (in->in_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE)) { 703 shortPreamble = AH_TRUE; 704 asc->asc_stats.ast_tx_shortpre++; 705 } else { 706 shortPreamble = AH_FALSE; 707 } 708 709 an = ATH_NODE(in); 710 711 /* 712 * Calculate Atheros packet type from IEEE80211 packet header 713 * and setup for rate calculations. 714 */ 715 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 716 case IEEE80211_FC0_TYPE_MGT: 717 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 718 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON) 719 atype = HAL_PKT_TYPE_BEACON; 720 else if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 721 atype = HAL_PKT_TYPE_PROBE_RESP; 722 else if (subtype == IEEE80211_FC0_SUBTYPE_ATIM) 723 atype = HAL_PKT_TYPE_ATIM; 724 else 725 atype = HAL_PKT_TYPE_NORMAL; 726 rix = 0; /* lowest rate */ 727 try0 = ATH_TXMAXTRY; 728 if (shortPreamble) 729 txrate = an->an_tx_mgtratesp; 730 else 731 txrate = an->an_tx_mgtrate; 732 /* force all ctl frames to highest queue */ 733 txq = asc->asc_ac2q[WME_AC_VO]; 734 break; 735 case IEEE80211_FC0_TYPE_CTL: 736 atype = HAL_PKT_TYPE_PSPOLL; 737 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 738 rix = 0; /* lowest rate */ 739 try0 = ATH_TXMAXTRY; 740 if (shortPreamble) 741 txrate = an->an_tx_mgtratesp; 742 else 743 txrate = an->an_tx_mgtrate; 744 /* force all ctl frames to highest queue */ 745 txq = asc->asc_ac2q[WME_AC_VO]; 746 break; 747 case IEEE80211_FC0_TYPE_DATA: 748 atype = HAL_PKT_TYPE_NORMAL; 749 rix = an->an_tx_rix0; 750 try0 = an->an_tx_try0; 751 if (shortPreamble) 752 txrate = an->an_tx_rate0sp; 753 else 754 txrate = an->an_tx_rate0; 755 /* Always use background queue */ 756 txq = asc->asc_ac2q[WME_AC_BK]; 757 break; 758 default: 759 /* Unknown 802.11 frame */ 760 asc->asc_stats.ast_tx_invalid++; 761 return (1); 762 } 763 /* 764 * Calculate miscellaneous flags. 765 */ 766 flags = HAL_TXDESC_CLRDMASK; 767 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 768 flags |= HAL_TXDESC_NOACK; /* no ack on broad/multicast */ 769 asc->asc_stats.ast_tx_noack++; 770 } else if (pktlen > ic->ic_rtsthreshold) { 771 flags |= HAL_TXDESC_RTSENA; /* RTS based on frame length */ 772 asc->asc_stats.ast_tx_rts++; 773 } 774 775 /* 776 * Calculate duration. This logically belongs in the 802.11 777 * layer but it lacks sufficient information to calculate it. 778 */ 779 if ((flags & HAL_TXDESC_NOACK) == 0 && 780 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != 781 IEEE80211_FC0_TYPE_CTL) { 782 uint16_t dur; 783 dur = ath_hal_computetxtime(ah, rt, IEEE80211_ACK_SIZE, 784 rix, shortPreamble); 785 *(uint16_t *)wh->i_dur = LE_16(dur); 786 } 787 788 /* 789 * Calculate RTS/CTS rate and duration if needed. 790 */ 791 ctsduration = 0; 792 if (flags & (HAL_TXDESC_RTSENA|HAL_TXDESC_CTSENA)) { 793 /* 794 * CTS transmit rate is derived from the transmit rate 795 * by looking in the h/w rate table. We must also factor 796 * in whether or not a short preamble is to be used. 797 */ 798 cix = rt->info[rix].controlRate; 799 ctsrate = rt->info[cix].rateCode; 800 if (shortPreamble) 801 ctsrate |= rt->info[cix].shortPreamble; 802 /* 803 * Compute the transmit duration based on the size 804 * of an ACK frame. We call into the HAL to do the 805 * computation since it depends on the characteristics 806 * of the actual PHY being used. 807 */ 808 if (flags & HAL_TXDESC_RTSENA) { /* SIFS + CTS */ 809 ctsduration += ath_hal_computetxtime(ah, 810 rt, IEEE80211_ACK_SIZE, cix, shortPreamble); 811 } 812 /* SIFS + data */ 813 ctsduration += ath_hal_computetxtime(ah, 814 rt, pktlen, rix, shortPreamble); 815 if ((flags & HAL_TXDESC_NOACK) == 0) { /* SIFS + ACK */ 816 ctsduration += ath_hal_computetxtime(ah, 817 rt, IEEE80211_ACK_SIZE, cix, shortPreamble); 818 } 819 } else 820 ctsrate = 0; 821 822 if (++txq->axq_intrcnt >= ATH_TXINTR_PERIOD) { 823 flags |= HAL_TXDESC_INTREQ; 824 txq->axq_intrcnt = 0; 825 } 826 827 /* 828 * Formulate first tx descriptor with tx controls. 829 */ 830 ATH_HAL_SETUPTXDESC(ah, ds, 831 pktlen, /* packet length */ 832 hdrlen, /* header length */ 833 atype, /* Atheros packet type */ 834 MIN(in->in_txpower, 60), /* txpower */ 835 txrate, try0, /* series 0 rate/tries */ 836 keyix, /* key cache index */ 837 an->an_tx_antenna, /* antenna mode */ 838 flags, /* flags */ 839 ctsrate, /* rts/cts rate */ 840 ctsduration); /* rts/cts duration */ 841 bf->bf_flags = flags; 842 843 ATH_DEBUG((ATH_DBG_SEND, "ath: ath_xmit(): to %s totlen=%d " 844 "an->an_tx_rate1sp=%d tx_rate2sp=%d tx_rate3sp=%d " 845 "qnum=%d rix=%d sht=%d dur = %d\n", 846 ieee80211_macaddr_sprintf(wh->i_addr1), mbslen, an->an_tx_rate1sp, 847 an->an_tx_rate2sp, an->an_tx_rate3sp, 848 txq->axq_qnum, rix, shortPreamble, *(uint16_t *)wh->i_dur)); 849 850 /* 851 * Setup the multi-rate retry state only when we're 852 * going to use it. This assumes ath_hal_setuptxdesc 853 * initializes the descriptors (so we don't have to) 854 * when the hardware supports multi-rate retry and 855 * we don't use it. 856 */ 857 if (try0 != ATH_TXMAXTRY) 858 ATH_HAL_SETUPXTXDESC(ah, ds, 859 an->an_tx_rate1sp, 2, /* series 1 */ 860 an->an_tx_rate2sp, 2, /* series 2 */ 861 an->an_tx_rate3sp, 2); /* series 3 */ 862 863 ds->ds_link = 0; 864 ds->ds_data = bf->bf_dma.cookie.dmac_address; 865 ATH_HAL_FILLTXDESC(ah, ds, 866 mbslen, /* segment length */ 867 AH_TRUE, /* first segment */ 868 AH_TRUE, /* last segment */ 869 ds); /* first descriptor */ 870 871 ATH_DMA_SYNC(bf->bf_dma, DDI_DMA_SYNC_FORDEV); 872 873 mutex_enter(&txq->axq_lock); 874 list_insert_tail(&txq->axq_list, bf); 875 if (txq->axq_link == NULL) { 876 ATH_HAL_PUTTXBUF(ah, txq->axq_qnum, bf->bf_daddr); 877 } else { 878 *txq->axq_link = bf->bf_daddr; 879 } 880 txq->axq_link = &ds->ds_link; 881 mutex_exit(&txq->axq_lock); 882 883 ATH_HAL_TXSTART(ah, txq->axq_qnum); 884 885 ic->ic_stats.is_tx_frags++; 886 ic->ic_stats.is_tx_bytes += pktlen; 887 888 return (0); 889 } 890 891 /* 892 * Transmit a management frame. On failure we reclaim the skbuff. 893 * Note that management frames come directly from the 802.11 layer 894 * and do not honor the send queue flow control. Need to investigate 895 * using priority queueing so management frames can bypass data. 896 */ 897 static int 898 ath_xmit(ieee80211com_t *ic, mblk_t *mp, uint8_t type) 899 { 900 ath_t *asc = (ath_t *)ic; 901 struct ath_hal *ah = asc->asc_ah; 902 struct ieee80211_node *in = NULL; 903 struct ath_buf *bf = NULL; 904 struct ieee80211_frame *wh; 905 int error = 0; 906 907 ASSERT(mp->b_next == NULL); 908 909 /* Grab a TX buffer */ 910 mutex_enter(&asc->asc_txbuflock); 911 bf = list_head(&asc->asc_txbuf_list); 912 if (bf != NULL) 913 list_remove(&asc->asc_txbuf_list, bf); 914 if (list_empty(&asc->asc_txbuf_list)) { 915 ATH_DEBUG((ATH_DBG_SEND, "ath: ath_mgmt_send(): " 916 "stop queue\n")); 917 asc->asc_stats.ast_tx_qstop++; 918 } 919 mutex_exit(&asc->asc_txbuflock); 920 if (bf == NULL) { 921 ATH_DEBUG((ATH_DBG_SEND, "ath: ath_mgmt_send(): discard, " 922 "no xmit buf\n")); 923 ic->ic_stats.is_tx_nobuf++; 924 if ((type & IEEE80211_FC0_TYPE_MASK) == 925 IEEE80211_FC0_TYPE_DATA) { 926 asc->asc_stats.ast_tx_nobuf++; 927 mutex_enter(&asc->asc_resched_lock); 928 asc->asc_resched_needed = B_TRUE; 929 mutex_exit(&asc->asc_resched_lock); 930 } else { 931 asc->asc_stats.ast_tx_nobufmgt++; 932 freemsg(mp); 933 } 934 return (ENOMEM); 935 } 936 937 wh = (struct ieee80211_frame *)mp->b_rptr; 938 939 /* Locate node */ 940 in = ieee80211_find_txnode(ic, wh->i_addr1); 941 if (in == NULL) { 942 error = EIO; 943 goto bad; 944 } 945 946 in->in_inact = 0; 947 switch (type & IEEE80211_FC0_TYPE_MASK) { 948 case IEEE80211_FC0_TYPE_DATA: 949 (void) ieee80211_encap(ic, mp, in); 950 break; 951 default: 952 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 953 IEEE80211_FC0_SUBTYPE_PROBE_RESP) { 954 /* fill time stamp */ 955 uint64_t tsf; 956 uint32_t *tstamp; 957 958 tsf = ATH_HAL_GETTSF64(ah); 959 /* adjust 100us delay to xmit */ 960 tsf += 100; 961 tstamp = (uint32_t *)&wh[1]; 962 tstamp[0] = LE_32(tsf & 0xffffffff); 963 tstamp[1] = LE_32(tsf >> 32); 964 } 965 asc->asc_stats.ast_tx_mgmt++; 966 break; 967 } 968 969 error = ath_tx_start(asc, in, bf, mp); 970 if (error != 0) { 971 bad: 972 ic->ic_stats.is_tx_failed++; 973 if (bf != NULL) { 974 mutex_enter(&asc->asc_txbuflock); 975 list_insert_tail(&asc->asc_txbuf_list, bf); 976 mutex_exit(&asc->asc_txbuflock); 977 } 978 } 979 if (in != NULL) 980 ieee80211_free_node(in); 981 if ((type & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_DATA || 982 error == 0) { 983 freemsg(mp); 984 } 985 986 return (error); 987 } 988 989 static mblk_t * 990 ath_m_tx(void *arg, mblk_t *mp) 991 { 992 ath_t *asc = arg; 993 ieee80211com_t *ic = (ieee80211com_t *)asc; 994 mblk_t *next; 995 int error = 0; 996 997 /* 998 * No data frames go out unless we're associated; this 999 * should not happen as the 802.11 layer does not enable 1000 * the xmit queue until we enter the RUN state. 1001 */ 1002 if (ic->ic_state != IEEE80211_S_RUN) { 1003 ATH_DEBUG((ATH_DBG_SEND, "ath: ath_m_tx(): " 1004 "discard, state %u\n", ic->ic_state)); 1005 asc->asc_stats.ast_tx_discard++; 1006 freemsgchain(mp); 1007 return (NULL); 1008 } 1009 1010 while (mp != NULL) { 1011 next = mp->b_next; 1012 mp->b_next = NULL; 1013 error = ath_xmit(ic, mp, IEEE80211_FC0_TYPE_DATA); 1014 if (error != 0) { 1015 mp->b_next = next; 1016 if (error == ENOMEM) { 1017 break; 1018 } else { 1019 freemsgchain(mp); /* CR6501759 issues */ 1020 return (NULL); 1021 } 1022 } 1023 mp = next; 1024 } 1025 1026 return (mp); 1027 1028 } 1029 1030 static int 1031 ath_tx_processq(ath_t *asc, struct ath_txq *txq) 1032 { 1033 ieee80211com_t *ic = (ieee80211com_t *)asc; 1034 struct ath_hal *ah = asc->asc_ah; 1035 struct ath_buf *bf; 1036 struct ath_desc *ds; 1037 struct ieee80211_node *in; 1038 int32_t sr, lr, nacked = 0; 1039 HAL_STATUS status; 1040 struct ath_node *an; 1041 1042 for (;;) { 1043 mutex_enter(&txq->axq_lock); 1044 bf = list_head(&txq->axq_list); 1045 if (bf == NULL) { 1046 txq->axq_link = NULL; 1047 mutex_exit(&txq->axq_lock); 1048 break; 1049 } 1050 ds = bf->bf_desc; /* last decriptor */ 1051 status = ATH_HAL_TXPROCDESC(ah, ds); 1052 #ifdef DEBUG 1053 ath_printtxbuf(bf, status == HAL_OK); 1054 #endif 1055 if (status == HAL_EINPROGRESS) { 1056 mutex_exit(&txq->axq_lock); 1057 break; 1058 } 1059 list_remove(&txq->axq_list, bf); 1060 mutex_exit(&txq->axq_lock); 1061 in = bf->bf_in; 1062 if (in != NULL) { 1063 an = ATH_NODE(in); 1064 /* Successful transmition */ 1065 if (ds->ds_txstat.ts_status == 0) { 1066 an->an_tx_ok++; 1067 an->an_tx_antenna = 1068 ds->ds_txstat.ts_antenna; 1069 if (ds->ds_txstat.ts_rate & 1070 HAL_TXSTAT_ALTRATE) 1071 asc->asc_stats.ast_tx_altrate++; 1072 asc->asc_stats.ast_tx_rssidelta = 1073 ds->ds_txstat.ts_rssi - 1074 asc->asc_stats.ast_tx_rssi; 1075 asc->asc_stats.ast_tx_rssi = 1076 ds->ds_txstat.ts_rssi; 1077 } else { 1078 an->an_tx_err++; 1079 if (ds->ds_txstat.ts_status & 1080 HAL_TXERR_XRETRY) 1081 asc->asc_stats. 1082 ast_tx_xretries++; 1083 if (ds->ds_txstat.ts_status & 1084 HAL_TXERR_FIFO) 1085 asc->asc_stats.ast_tx_fifoerr++; 1086 if (ds->ds_txstat.ts_status & 1087 HAL_TXERR_FILT) 1088 asc->asc_stats. 1089 ast_tx_filtered++; 1090 an->an_tx_antenna = 0; /* invalidate */ 1091 } 1092 sr = ds->ds_txstat.ts_shortretry; 1093 lr = ds->ds_txstat.ts_longretry; 1094 asc->asc_stats.ast_tx_shortretry += sr; 1095 asc->asc_stats.ast_tx_longretry += lr; 1096 /* 1097 * Hand the descriptor to the rate control algorithm. 1098 */ 1099 if ((ds->ds_txstat.ts_status & HAL_TXERR_FILT) == 0 && 1100 (bf->bf_flags & HAL_TXDESC_NOACK) == 0) { 1101 /* 1102 * If frame was ack'd update the last rx time 1103 * used to workaround phantom bmiss interrupts. 1104 */ 1105 if (ds->ds_txstat.ts_status == 0) { 1106 nacked++; 1107 an->an_tx_ok++; 1108 } else { 1109 an->an_tx_err++; 1110 } 1111 an->an_tx_retr += sr + lr; 1112 } 1113 } 1114 bf->bf_in = NULL; 1115 mutex_enter(&asc->asc_txbuflock); 1116 list_insert_tail(&asc->asc_txbuf_list, bf); 1117 mutex_exit(&asc->asc_txbuflock); 1118 /* 1119 * Reschedule stalled outbound packets 1120 */ 1121 mutex_enter(&asc->asc_resched_lock); 1122 if (asc->asc_resched_needed) { 1123 asc->asc_resched_needed = B_FALSE; 1124 mac_tx_update(ic->ic_mach); 1125 } 1126 mutex_exit(&asc->asc_resched_lock); 1127 } 1128 return (nacked); 1129 } 1130 1131 1132 static void 1133 ath_tx_handler(ath_t *asc) 1134 { 1135 int i; 1136 1137 /* 1138 * Process each active queue. 1139 */ 1140 for (i = 0; i < HAL_NUM_TX_QUEUES; i++) { 1141 if (ATH_TXQ_SETUP(asc, i)) { 1142 (void) ath_tx_processq(asc, &asc->asc_txq[i]); 1143 } 1144 } 1145 } 1146 1147 static struct ieee80211_node * 1148 ath_node_alloc(ieee80211com_t *ic) 1149 { 1150 struct ath_node *an; 1151 ath_t *asc = (ath_t *)ic; 1152 1153 an = kmem_zalloc(sizeof (struct ath_node), KM_SLEEP); 1154 ath_rate_update(asc, &an->an_node, 0); 1155 return (&an->an_node); 1156 } 1157 1158 static void 1159 ath_node_free(struct ieee80211_node *in) 1160 { 1161 ieee80211com_t *ic = in->in_ic; 1162 ath_t *asc = (ath_t *)ic; 1163 struct ath_buf *bf; 1164 struct ath_txq *txq; 1165 int32_t i; 1166 1167 for (i = 0; i < HAL_NUM_TX_QUEUES; i++) { 1168 if (ATH_TXQ_SETUP(asc, i)) { 1169 txq = &asc->asc_txq[i]; 1170 mutex_enter(&txq->axq_lock); 1171 bf = list_head(&txq->axq_list); 1172 while (bf != NULL) { 1173 if (bf->bf_in == in) { 1174 bf->bf_in = NULL; 1175 } 1176 bf = list_next(&txq->axq_list, bf); 1177 } 1178 mutex_exit(&txq->axq_lock); 1179 } 1180 } 1181 ic->ic_node_cleanup(in); 1182 if (in->in_wpa_ie != NULL) 1183 ieee80211_free(in->in_wpa_ie); 1184 kmem_free(in, sizeof (struct ath_node)); 1185 } 1186 1187 static void 1188 ath_next_scan(void *arg) 1189 { 1190 ieee80211com_t *ic = arg; 1191 ath_t *asc = (ath_t *)ic; 1192 1193 asc->asc_scan_timer = 0; 1194 if (ic->ic_state == IEEE80211_S_SCAN) { 1195 asc->asc_scan_timer = timeout(ath_next_scan, (void *)asc, 1196 drv_usectohz(ath_dwelltime * 1000)); 1197 ieee80211_next_scan(ic); 1198 } 1199 } 1200 1201 static void 1202 ath_stop_scantimer(ath_t *asc) 1203 { 1204 timeout_id_t tmp_id = 0; 1205 1206 while ((asc->asc_scan_timer != 0) && (tmp_id != asc->asc_scan_timer)) { 1207 tmp_id = asc->asc_scan_timer; 1208 (void) untimeout(tmp_id); 1209 } 1210 asc->asc_scan_timer = 0; 1211 } 1212 1213 static int32_t 1214 ath_newstate(ieee80211com_t *ic, enum ieee80211_state nstate, int arg) 1215 { 1216 ath_t *asc = (ath_t *)ic; 1217 struct ath_hal *ah = asc->asc_ah; 1218 struct ieee80211_node *in; 1219 int32_t i, error; 1220 uint8_t *bssid; 1221 uint32_t rfilt; 1222 enum ieee80211_state ostate; 1223 1224 static const HAL_LED_STATE leds[] = { 1225 HAL_LED_INIT, /* IEEE80211_S_INIT */ 1226 HAL_LED_SCAN, /* IEEE80211_S_SCAN */ 1227 HAL_LED_AUTH, /* IEEE80211_S_AUTH */ 1228 HAL_LED_ASSOC, /* IEEE80211_S_ASSOC */ 1229 HAL_LED_RUN, /* IEEE80211_S_RUN */ 1230 }; 1231 if (!ATH_IS_RUNNING(asc)) 1232 return (0); 1233 1234 ostate = ic->ic_state; 1235 if (nstate != IEEE80211_S_SCAN) 1236 ath_stop_scantimer(asc); 1237 1238 ATH_LOCK(asc); 1239 ATH_HAL_SETLEDSTATE(ah, leds[nstate]); /* set LED */ 1240 1241 if (nstate == IEEE80211_S_INIT) { 1242 asc->asc_imask &= ~(HAL_INT_SWBA | HAL_INT_BMISS); 1243 ATH_HAL_INTRSET(ah, asc->asc_imask &~ HAL_INT_GLOBAL); 1244 ATH_UNLOCK(asc); 1245 goto done; 1246 } 1247 in = ic->ic_bss; 1248 error = ath_chan_set(asc, ic->ic_curchan); 1249 if (error != 0) { 1250 if (nstate != IEEE80211_S_SCAN) { 1251 ATH_UNLOCK(asc); 1252 ieee80211_reset_chan(ic); 1253 goto bad; 1254 } 1255 } 1256 1257 rfilt = ath_calcrxfilter(asc); 1258 if (nstate == IEEE80211_S_SCAN) 1259 bssid = ic->ic_macaddr; 1260 else 1261 bssid = in->in_bssid; 1262 ATH_HAL_SETRXFILTER(ah, rfilt); 1263 1264 if (nstate == IEEE80211_S_RUN && ic->ic_opmode != IEEE80211_M_IBSS) 1265 ATH_HAL_SETASSOCID(ah, bssid, in->in_associd); 1266 else 1267 ATH_HAL_SETASSOCID(ah, bssid, 0); 1268 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1269 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1270 if (ATH_HAL_KEYISVALID(ah, i)) 1271 ATH_HAL_KEYSETMAC(ah, i, bssid); 1272 } 1273 } 1274 1275 if ((nstate == IEEE80211_S_RUN) && 1276 (ostate != IEEE80211_S_RUN)) { 1277 /* Configure the beacon and sleep timers. */ 1278 ath_beacon_config(asc); 1279 } else { 1280 asc->asc_imask &= ~(HAL_INT_SWBA | HAL_INT_BMISS); 1281 ATH_HAL_INTRSET(ah, asc->asc_imask); 1282 } 1283 /* 1284 * Reset the rate control state. 1285 */ 1286 ath_rate_ctl_reset(asc, nstate); 1287 1288 if (nstate == IEEE80211_S_RUN && (ostate != IEEE80211_S_RUN)) { 1289 nvlist_t *attr_list = NULL; 1290 sysevent_id_t eid; 1291 int32_t err = 0; 1292 char *str_name = "ATH"; 1293 char str_value[256] = {0}; 1294 1295 ATH_DEBUG((ATH_DBG_80211, "ath: ath new state(RUN): " 1296 "ic_flags=0x%08x iv=%d" 1297 " bssid=%s capinfo=0x%04x chan=%d\n", 1298 ic->ic_flags, 1299 in->in_intval, 1300 ieee80211_macaddr_sprintf(in->in_bssid), 1301 in->in_capinfo, 1302 ieee80211_chan2ieee(ic, in->in_chan))); 1303 1304 (void) sprintf(str_value, "%s%s%d", "-i ", 1305 ddi_driver_name(asc->asc_dev), 1306 ddi_get_instance(asc->asc_dev)); 1307 if (nvlist_alloc(&attr_list, 1308 NV_UNIQUE_NAME_TYPE, KM_SLEEP) == 0) { 1309 err = nvlist_add_string(attr_list, 1310 str_name, str_value); 1311 if (err != DDI_SUCCESS) 1312 ATH_DEBUG((ATH_DBG_80211, "ath: " 1313 "ath_new_state: error log event\n")); 1314 err = ddi_log_sysevent(asc->asc_dev, 1315 DDI_VENDOR_SUNW, "class", 1316 "subclass", attr_list, 1317 &eid, DDI_NOSLEEP); 1318 if (err != DDI_SUCCESS) 1319 ATH_DEBUG((ATH_DBG_80211, "ath: " 1320 "ath_new_state(): error log event\n")); 1321 nvlist_free(attr_list); 1322 } 1323 } 1324 1325 ATH_UNLOCK(asc); 1326 done: 1327 /* 1328 * Invoke the parent method to complete the work. 1329 */ 1330 error = asc->asc_newstate(ic, nstate, arg); 1331 /* 1332 * Finally, start any timers. 1333 */ 1334 if (nstate == IEEE80211_S_RUN) { 1335 ieee80211_start_watchdog(ic, 1); 1336 } else if ((nstate == IEEE80211_S_SCAN) && (ostate != nstate)) { 1337 /* start ap/neighbor scan timer */ 1338 ASSERT(asc->asc_scan_timer == 0); 1339 asc->asc_scan_timer = timeout(ath_next_scan, (void *)asc, 1340 drv_usectohz(ath_dwelltime * 1000)); 1341 } 1342 bad: 1343 return (error); 1344 } 1345 1346 /* 1347 * Periodically recalibrate the PHY to account 1348 * for temperature/environment changes. 1349 */ 1350 static void 1351 ath_calibrate(ath_t *asc) 1352 { 1353 struct ath_hal *ah = asc->asc_ah; 1354 HAL_BOOL iqcaldone; 1355 1356 asc->asc_stats.ast_per_cal++; 1357 1358 if (ATH_HAL_GETRFGAIN(ah) == HAL_RFGAIN_NEED_CHANGE) { 1359 /* 1360 * Rfgain is out of bounds, reset the chip 1361 * to load new gain values. 1362 */ 1363 ATH_DEBUG((ATH_DBG_HAL, "ath: ath_calibrate(): " 1364 "Need change RFgain\n")); 1365 asc->asc_stats.ast_per_rfgain++; 1366 (void) ath_reset(&asc->asc_isc); 1367 } 1368 if (!ATH_HAL_CALIBRATE(ah, &asc->asc_curchan, &iqcaldone)) { 1369 ATH_DEBUG((ATH_DBG_HAL, "ath: ath_calibrate(): " 1370 "calibration of channel %u failed\n", 1371 asc->asc_curchan.channel)); 1372 asc->asc_stats.ast_per_calfail++; 1373 } 1374 } 1375 1376 static void 1377 ath_watchdog(void *arg) 1378 { 1379 ath_t *asc = arg; 1380 ieee80211com_t *ic = &asc->asc_isc; 1381 int ntimer = 0; 1382 1383 ATH_LOCK(asc); 1384 ic->ic_watchdog_timer = 0; 1385 if (!ATH_IS_RUNNING(asc)) { 1386 ATH_UNLOCK(asc); 1387 return; 1388 } 1389 1390 if (ic->ic_state == IEEE80211_S_RUN) { 1391 /* periodic recalibration */ 1392 ath_calibrate(asc); 1393 1394 /* 1395 * Start the background rate control thread if we 1396 * are not configured to use a fixed xmit rate. 1397 */ 1398 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) { 1399 asc->asc_stats.ast_rate_calls ++; 1400 if (ic->ic_opmode == IEEE80211_M_STA) 1401 ath_rate_ctl(ic, ic->ic_bss); 1402 else 1403 ieee80211_iterate_nodes(&ic->ic_sta, 1404 ath_rate_cb, asc); 1405 } 1406 1407 ntimer = 1; 1408 } 1409 ATH_UNLOCK(asc); 1410 1411 ieee80211_watchdog(ic); 1412 if (ntimer != 0) 1413 ieee80211_start_watchdog(ic, ntimer); 1414 } 1415 1416 static uint_t 1417 ath_intr(caddr_t arg) 1418 { 1419 ath_t *asc = (ath_t *)arg; 1420 struct ath_hal *ah = asc->asc_ah; 1421 HAL_INT status; 1422 ieee80211com_t *ic = (ieee80211com_t *)asc; 1423 1424 ATH_LOCK(asc); 1425 1426 if (!ATH_IS_RUNNING(asc)) { 1427 /* 1428 * The hardware is not ready/present, don't touch anything. 1429 * Note this can happen early on if the IRQ is shared. 1430 */ 1431 ATH_UNLOCK(asc); 1432 return (DDI_INTR_UNCLAIMED); 1433 } 1434 1435 if (!ATH_HAL_INTRPEND(ah)) { /* shared irq, not for us */ 1436 ATH_UNLOCK(asc); 1437 return (DDI_INTR_UNCLAIMED); 1438 } 1439 1440 ATH_HAL_GETISR(ah, &status); 1441 status &= asc->asc_imask; 1442 if (status & HAL_INT_FATAL) { 1443 asc->asc_stats.ast_hardware++; 1444 goto reset; 1445 } else if (status & HAL_INT_RXORN) { 1446 asc->asc_stats.ast_rxorn++; 1447 goto reset; 1448 } else { 1449 if (status & HAL_INT_RXEOL) { 1450 asc->asc_stats.ast_rxeol++; 1451 asc->asc_rxlink = NULL; 1452 } 1453 if (status & HAL_INT_TXURN) { 1454 asc->asc_stats.ast_txurn++; 1455 ATH_HAL_UPDATETXTRIGLEVEL(ah, AH_TRUE); 1456 } 1457 1458 if (status & HAL_INT_RX) { 1459 asc->asc_rx_pend = 1; 1460 ddi_trigger_softintr(asc->asc_softint_id); 1461 } 1462 if (status & HAL_INT_TX) { 1463 ath_tx_handler(asc); 1464 } 1465 ATH_UNLOCK(asc); 1466 1467 if (status & HAL_INT_SWBA) { 1468 /* This will occur only in Host-AP or Ad-Hoc mode */ 1469 return (DDI_INTR_CLAIMED); 1470 } 1471 if (status & HAL_INT_BMISS) { 1472 if (ic->ic_state == IEEE80211_S_RUN) { 1473 (void) ieee80211_new_state(ic, 1474 IEEE80211_S_ASSOC, -1); 1475 } 1476 } 1477 } 1478 1479 return (DDI_INTR_CLAIMED); 1480 reset: 1481 (void) ath_reset(ic); 1482 ATH_UNLOCK(asc); 1483 return (DDI_INTR_CLAIMED); 1484 } 1485 1486 static uint_t 1487 ath_softint_handler(caddr_t data) 1488 { 1489 ath_t *asc = (ath_t *)data; 1490 1491 /* 1492 * Check if the soft interrupt is triggered by another 1493 * driver at the same level. 1494 */ 1495 ATH_LOCK(asc); 1496 if (asc->asc_rx_pend) { /* Soft interrupt for this driver */ 1497 asc->asc_rx_pend = 0; 1498 ATH_UNLOCK(asc); 1499 ath_rx_handler(asc); 1500 return (DDI_INTR_CLAIMED); 1501 } 1502 ATH_UNLOCK(asc); 1503 return (DDI_INTR_UNCLAIMED); 1504 } 1505 1506 /* 1507 * following are gld callback routine 1508 * ath_gld_send, ath_gld_ioctl, ath_gld_gstat 1509 * are listed in other corresponding sections. 1510 * reset the hardware w/o losing operational state. this is 1511 * basically a more efficient way of doing ath_gld_stop, ath_gld_start, 1512 * followed by state transitions to the current 802.11 1513 * operational state. used to recover from errors rx overrun 1514 * and to reset the hardware when rf gain settings must be reset. 1515 */ 1516 1517 static void 1518 ath_stop_locked(ath_t *asc) 1519 { 1520 ieee80211com_t *ic = (ieee80211com_t *)asc; 1521 struct ath_hal *ah = asc->asc_ah; 1522 1523 ATH_LOCK_ASSERT(asc); 1524 /* 1525 * Shutdown the hardware and driver: 1526 * reset 802.11 state machine 1527 * turn off timers 1528 * disable interrupts 1529 * turn off the radio 1530 * clear transmit machinery 1531 * clear receive machinery 1532 * drain and release tx queues 1533 * reclaim beacon resources 1534 * power down hardware 1535 * 1536 * Note that some of this work is not possible if the 1537 * hardware is gone (invalid). 1538 */ 1539 ATH_UNLOCK(asc); 1540 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 1541 ieee80211_stop_watchdog(ic); 1542 ATH_LOCK(asc); 1543 ATH_HAL_INTRSET(ah, 0); 1544 ath_draintxq(asc); 1545 if (ATH_IS_RUNNING(asc)) { 1546 ath_stoprecv(asc); 1547 ATH_HAL_PHYDISABLE(ah); 1548 } else { 1549 asc->asc_rxlink = NULL; 1550 } 1551 } 1552 1553 static void 1554 ath_m_stop(void *arg) 1555 { 1556 ath_t *asc = arg; 1557 struct ath_hal *ah = asc->asc_ah; 1558 1559 ATH_LOCK(asc); 1560 ath_stop_locked(asc); 1561 ATH_HAL_SETPOWER(ah, HAL_PM_AWAKE); 1562 asc->asc_invalid = 1; 1563 ATH_UNLOCK(asc); 1564 } 1565 1566 int 1567 ath_m_start(void *arg) 1568 { 1569 ath_t *asc = arg; 1570 ieee80211com_t *ic = (ieee80211com_t *)asc; 1571 struct ath_hal *ah = asc->asc_ah; 1572 HAL_STATUS status; 1573 1574 ATH_LOCK(asc); 1575 /* 1576 * Stop anything previously setup. This is safe 1577 * whether this is the first time through or not. 1578 */ 1579 ath_stop_locked(asc); 1580 1581 /* 1582 * The basic interface to setting the hardware in a good 1583 * state is ``reset''. On return the hardware is known to 1584 * be powered up and with interrupts disabled. This must 1585 * be followed by initialization of the appropriate bits 1586 * and then setup of the interrupt mask. 1587 */ 1588 asc->asc_curchan.channel = ic->ic_curchan->ich_freq; 1589 asc->asc_curchan.channelFlags = ath_chan2flags(ic, ic->ic_curchan); 1590 if (!ATH_HAL_RESET(ah, (HAL_OPMODE)ic->ic_opmode, 1591 &asc->asc_curchan, AH_FALSE, &status)) { 1592 ATH_DEBUG((ATH_DBG_HAL, "ath: ath_m_start(): " 1593 "reset hardware failed, hal status %u\n", status)); 1594 ATH_UNLOCK(asc); 1595 return (ENOTACTIVE); 1596 } 1597 1598 (void) ath_startrecv(asc); 1599 1600 /* 1601 * Enable interrupts. 1602 */ 1603 asc->asc_imask = HAL_INT_RX | HAL_INT_TX 1604 | HAL_INT_RXEOL | HAL_INT_RXORN 1605 | HAL_INT_FATAL | HAL_INT_GLOBAL; 1606 ATH_HAL_INTRSET(ah, asc->asc_imask); 1607 1608 ic->ic_state = IEEE80211_S_INIT; 1609 1610 /* 1611 * The hardware should be ready to go now so it's safe 1612 * to kick the 802.11 state machine as it's likely to 1613 * immediately call back to us to send mgmt frames. 1614 */ 1615 ath_chan_change(asc, ic->ic_curchan); 1616 asc->asc_invalid = 0; 1617 ATH_UNLOCK(asc); 1618 return (0); 1619 } 1620 1621 1622 static int 1623 ath_m_unicst(void *arg, const uint8_t *macaddr) 1624 { 1625 ath_t *asc = arg; 1626 struct ath_hal *ah = asc->asc_ah; 1627 1628 ATH_DEBUG((ATH_DBG_GLD, "ath: ath_gld_saddr(): " 1629 "%.2x:%.2x:%.2x:%.2x:%.2x:%.2x\n", 1630 macaddr[0], macaddr[1], macaddr[2], 1631 macaddr[3], macaddr[4], macaddr[5])); 1632 1633 ATH_LOCK(asc); 1634 IEEE80211_ADDR_COPY(asc->asc_isc.ic_macaddr, macaddr); 1635 ATH_HAL_SETMAC(ah, asc->asc_isc.ic_macaddr); 1636 1637 (void) ath_reset(&asc->asc_isc); 1638 ATH_UNLOCK(asc); 1639 return (0); 1640 } 1641 1642 static int 1643 ath_m_promisc(void *arg, boolean_t on) 1644 { 1645 ath_t *asc = arg; 1646 struct ath_hal *ah = asc->asc_ah; 1647 uint32_t rfilt; 1648 1649 ATH_LOCK(asc); 1650 rfilt = ATH_HAL_GETRXFILTER(ah); 1651 if (on) 1652 rfilt |= HAL_RX_FILTER_PROM; 1653 else 1654 rfilt &= ~HAL_RX_FILTER_PROM; 1655 ATH_HAL_SETRXFILTER(ah, rfilt); 1656 ATH_UNLOCK(asc); 1657 1658 return (0); 1659 } 1660 1661 static int 1662 ath_m_multicst(void *arg, boolean_t add, const uint8_t *mca) 1663 { 1664 ath_t *asc = arg; 1665 struct ath_hal *ah = asc->asc_ah; 1666 uint32_t mfilt[2], val, rfilt; 1667 uint8_t pos; 1668 1669 ATH_LOCK(asc); 1670 rfilt = ATH_HAL_GETRXFILTER(ah); 1671 1672 /* disable multicast */ 1673 if (!add) { 1674 ATH_HAL_SETRXFILTER(ah, rfilt & (~HAL_RX_FILTER_MCAST)); 1675 ATH_UNLOCK(asc); 1676 return (0); 1677 } 1678 1679 /* enable multicast */ 1680 ATH_HAL_SETRXFILTER(ah, rfilt | HAL_RX_FILTER_MCAST); 1681 1682 mfilt[0] = mfilt[1] = 0; 1683 1684 /* calculate XOR of eight 6bit values */ 1685 val = ATH_LE_READ_4(mca + 0); 1686 pos = (val >> 18) ^ (val >> 12) ^ (val >> 6) ^ val; 1687 val = ATH_LE_READ_4(mca + 3); 1688 pos ^= (val >> 18) ^ (val >> 12) ^ (val >> 6) ^ val; 1689 pos &= 0x3f; 1690 mfilt[pos / 32] |= (1 << (pos % 32)); 1691 ATH_HAL_SETMCASTFILTER(ah, mfilt[0], mfilt[1]); 1692 1693 ATH_UNLOCK(asc); 1694 return (0); 1695 } 1696 1697 static void 1698 ath_m_ioctl(void *arg, queue_t *wq, mblk_t *mp) 1699 { 1700 ath_t *asc = arg; 1701 int32_t err; 1702 1703 err = ieee80211_ioctl(&asc->asc_isc, wq, mp); 1704 ATH_LOCK(asc); 1705 if (err == ENETRESET) { 1706 if (ATH_IS_RUNNING(asc)) { 1707 ATH_UNLOCK(asc); 1708 (void) ath_m_start(asc); 1709 (void) ieee80211_new_state(&asc->asc_isc, 1710 IEEE80211_S_SCAN, -1); 1711 ATH_LOCK(asc); 1712 } 1713 } 1714 ATH_UNLOCK(asc); 1715 } 1716 1717 static int 1718 ath_m_stat(void *arg, uint_t stat, uint64_t *val) 1719 { 1720 ath_t *asc = arg; 1721 ieee80211com_t *ic = (ieee80211com_t *)asc; 1722 struct ieee80211_node *in = ic->ic_bss; 1723 struct ieee80211_rateset *rs = &in->in_rates; 1724 1725 ATH_LOCK(asc); 1726 switch (stat) { 1727 case MAC_STAT_IFSPEED: 1728 *val = (rs->ir_rates[in->in_txrate] & IEEE80211_RATE_VAL) / 2 * 1729 1000000ull; 1730 break; 1731 case MAC_STAT_NOXMTBUF: 1732 *val = asc->asc_stats.ast_tx_nobuf + 1733 asc->asc_stats.ast_tx_nobufmgt; 1734 break; 1735 case MAC_STAT_IERRORS: 1736 *val = asc->asc_stats.ast_rx_tooshort; 1737 break; 1738 case MAC_STAT_RBYTES: 1739 *val = ic->ic_stats.is_rx_bytes; 1740 break; 1741 case MAC_STAT_IPACKETS: 1742 *val = ic->ic_stats.is_rx_frags; 1743 break; 1744 case MAC_STAT_OBYTES: 1745 *val = ic->ic_stats.is_tx_bytes; 1746 break; 1747 case MAC_STAT_OPACKETS: 1748 *val = ic->ic_stats.is_tx_frags; 1749 break; 1750 case MAC_STAT_OERRORS: 1751 case WIFI_STAT_TX_FAILED: 1752 *val = asc->asc_stats.ast_tx_fifoerr + 1753 asc->asc_stats.ast_tx_xretries + 1754 asc->asc_stats.ast_tx_discard; 1755 break; 1756 case WIFI_STAT_TX_RETRANS: 1757 *val = asc->asc_stats.ast_tx_xretries; 1758 break; 1759 case WIFI_STAT_FCS_ERRORS: 1760 *val = asc->asc_stats.ast_rx_crcerr; 1761 break; 1762 case WIFI_STAT_WEP_ERRORS: 1763 *val = asc->asc_stats.ast_rx_badcrypt; 1764 break; 1765 case WIFI_STAT_TX_FRAGS: 1766 case WIFI_STAT_MCAST_TX: 1767 case WIFI_STAT_RTS_SUCCESS: 1768 case WIFI_STAT_RTS_FAILURE: 1769 case WIFI_STAT_ACK_FAILURE: 1770 case WIFI_STAT_RX_FRAGS: 1771 case WIFI_STAT_MCAST_RX: 1772 case WIFI_STAT_RX_DUPS: 1773 ATH_UNLOCK(asc); 1774 return (ieee80211_stat(ic, stat, val)); 1775 default: 1776 ATH_UNLOCK(asc); 1777 return (ENOTSUP); 1778 } 1779 ATH_UNLOCK(asc); 1780 1781 return (0); 1782 } 1783 1784 static int 1785 ath_attach(dev_info_t *devinfo, ddi_attach_cmd_t cmd) 1786 { 1787 ath_t *asc; 1788 ieee80211com_t *ic; 1789 struct ath_hal *ah; 1790 uint8_t csz; 1791 HAL_STATUS status; 1792 caddr_t regs; 1793 uint32_t i, val; 1794 uint16_t vendor_id, device_id, command; 1795 const char *athname; 1796 int32_t ath_countrycode = CTRY_DEFAULT; /* country code */ 1797 int32_t err, ath_regdomain = 0; /* regulatory domain */ 1798 char strbuf[32]; 1799 int instance; 1800 wifi_data_t wd = { 0 }; 1801 mac_register_t *macp; 1802 1803 if (cmd != DDI_ATTACH) 1804 return (DDI_FAILURE); 1805 1806 instance = ddi_get_instance(devinfo); 1807 if (ddi_soft_state_zalloc(ath_soft_state_p, instance) != DDI_SUCCESS) { 1808 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1809 "Unable to alloc softstate\n")); 1810 return (DDI_FAILURE); 1811 } 1812 1813 asc = ddi_get_soft_state(ath_soft_state_p, ddi_get_instance(devinfo)); 1814 ic = (ieee80211com_t *)asc; 1815 asc->asc_dev = devinfo; 1816 1817 mutex_init(&asc->asc_genlock, NULL, MUTEX_DRIVER, NULL); 1818 mutex_init(&asc->asc_txbuflock, NULL, MUTEX_DRIVER, NULL); 1819 mutex_init(&asc->asc_rxbuflock, NULL, MUTEX_DRIVER, NULL); 1820 mutex_init(&asc->asc_resched_lock, NULL, MUTEX_DRIVER, NULL); 1821 1822 err = pci_config_setup(devinfo, &asc->asc_cfg_handle); 1823 if (err != DDI_SUCCESS) { 1824 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1825 "pci_config_setup() failed")); 1826 goto attach_fail0; 1827 } 1828 1829 /* 1830 * Cache line size is used to size and align various 1831 * structures used to communicate with the hardware. 1832 */ 1833 csz = pci_config_get8(asc->asc_cfg_handle, PCI_CONF_CACHE_LINESZ); 1834 if (csz == 0) { 1835 /* 1836 * We must have this setup properly for rx buffer 1837 * DMA to work so force a reasonable value here if it 1838 * comes up zero. 1839 */ 1840 csz = ATH_DEF_CACHE_BYTES / sizeof (uint32_t); 1841 pci_config_put8(asc->asc_cfg_handle, PCI_CONF_CACHE_LINESZ, 1842 csz); 1843 } 1844 asc->asc_cachelsz = csz << 2; 1845 vendor_id = pci_config_get16(asc->asc_cfg_handle, PCI_CONF_VENID); 1846 device_id = pci_config_get16(asc->asc_cfg_handle, PCI_CONF_DEVID); 1847 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): vendor 0x%x, " 1848 "device id 0x%x, cache size %d\n", vendor_id, device_id, csz)); 1849 1850 athname = ath_hal_probe(vendor_id, device_id); 1851 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): athname: %s\n", 1852 athname ? athname : "Atheros ???")); 1853 1854 /* 1855 * Enable response to memory space accesses, 1856 * and enabe bus master. 1857 */ 1858 command = PCI_COMM_MAE | PCI_COMM_ME; 1859 pci_config_put16(asc->asc_cfg_handle, PCI_CONF_COMM, command); 1860 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1861 "set command reg to 0x%x \n", command)); 1862 1863 pci_config_put8(asc->asc_cfg_handle, PCI_CONF_LATENCY_TIMER, 0xa8); 1864 val = pci_config_get32(asc->asc_cfg_handle, 0x40); 1865 if ((val & 0x0000ff00) != 0) 1866 pci_config_put32(asc->asc_cfg_handle, 0x40, val & 0xffff00ff); 1867 1868 err = ddi_regs_map_setup(devinfo, 1, 1869 ®s, 0, 0, &ath_reg_accattr, &asc->asc_io_handle); 1870 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1871 "regs map1 = %x err=%d\n", regs, err)); 1872 if (err != DDI_SUCCESS) { 1873 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1874 "ddi_regs_map_setup() failed")); 1875 goto attach_fail1; 1876 } 1877 1878 ah = ath_hal_attach(device_id, asc, 0, regs, &status); 1879 if (ah == NULL) { 1880 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1881 "unable to attach hw; HAL status %u\n", status)); 1882 goto attach_fail2; 1883 } 1884 ATH_HAL_INTRSET(ah, 0); 1885 asc->asc_ah = ah; 1886 1887 if (ah->ah_abi != HAL_ABI_VERSION) { 1888 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1889 "HAL ABI mismatch detected (0x%x != 0x%x)\n", 1890 ah->ah_abi, HAL_ABI_VERSION)); 1891 goto attach_fail3; 1892 } 1893 1894 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1895 "HAL ABI version 0x%x\n", ah->ah_abi)); 1896 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1897 "HAL mac version %d.%d, phy version %d.%d\n", 1898 ah->ah_macVersion, ah->ah_macRev, 1899 ah->ah_phyRev >> 4, ah->ah_phyRev & 0xf)); 1900 if (ah->ah_analog5GhzRev) 1901 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1902 "HAL 5ghz radio version %d.%d\n", 1903 ah->ah_analog5GhzRev >> 4, 1904 ah->ah_analog5GhzRev & 0xf)); 1905 if (ah->ah_analog2GhzRev) 1906 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1907 "HAL 2ghz radio version %d.%d\n", 1908 ah->ah_analog2GhzRev >> 4, 1909 ah->ah_analog2GhzRev & 0xf)); 1910 1911 /* 1912 * Check if the MAC has multi-rate retry support. 1913 * We do this by trying to setup a fake extended 1914 * descriptor. MAC's that don't have support will 1915 * return false w/o doing anything. MAC's that do 1916 * support it will return true w/o doing anything. 1917 */ 1918 asc->asc_mrretry = ATH_HAL_SETUPXTXDESC(ah, NULL, 0, 0, 0, 0, 0, 0); 1919 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1920 "multi rate retry support=%x\n", 1921 asc->asc_mrretry)); 1922 1923 /* 1924 * Get the hardware key cache size. 1925 */ 1926 asc->asc_keymax = ATH_HAL_KEYCACHESIZE(ah); 1927 if (asc->asc_keymax > sizeof (asc->asc_keymap) * NBBY) { 1928 ATH_DEBUG((ATH_DBG_ATTACH, "ath_attach:" 1929 " Warning, using only %u entries in %u key cache\n", 1930 sizeof (asc->asc_keymap) * NBBY, asc->asc_keymax)); 1931 asc->asc_keymax = sizeof (asc->asc_keymap) * NBBY; 1932 } 1933 /* 1934 * Reset the key cache since some parts do not 1935 * reset the contents on initial power up. 1936 */ 1937 for (i = 0; i < asc->asc_keymax; i++) 1938 ATH_HAL_KEYRESET(ah, i); 1939 1940 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1941 setbit(asc->asc_keymap, i); 1942 setbit(asc->asc_keymap, i+32); 1943 setbit(asc->asc_keymap, i+64); 1944 setbit(asc->asc_keymap, i+32+64); 1945 } 1946 1947 ATH_HAL_GETREGDOMAIN(ah, (uint32_t *)&ath_regdomain); 1948 ATH_HAL_GETCOUNTRYCODE(ah, &ath_countrycode); 1949 /* 1950 * Collect the channel list using the default country 1951 * code and including outdoor channels. The 802.11 layer 1952 * is resposible for filtering this list to a set of 1953 * channels that it considers ok to use. 1954 */ 1955 asc->asc_have11g = 0; 1956 1957 /* enable outdoor use, enable extended channels */ 1958 err = ath_getchannels(asc, ath_countrycode, AH_FALSE, AH_TRUE); 1959 if (err != 0) 1960 goto attach_fail3; 1961 1962 /* 1963 * Setup rate tables for all potential media types. 1964 */ 1965 ath_rate_setup(asc, IEEE80211_MODE_11A); 1966 ath_rate_setup(asc, IEEE80211_MODE_11B); 1967 ath_rate_setup(asc, IEEE80211_MODE_11G); 1968 ath_rate_setup(asc, IEEE80211_MODE_TURBO_A); 1969 1970 /* Setup here so ath_rate_update is happy */ 1971 ath_setcurmode(asc, IEEE80211_MODE_11A); 1972 1973 err = ath_desc_alloc(devinfo, asc); 1974 if (err != DDI_SUCCESS) { 1975 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 1976 "failed to allocate descriptors: %d\n", err)); 1977 goto attach_fail3; 1978 } 1979 1980 /* Setup transmit queues in the HAL */ 1981 if (ath_txq_setup(asc)) 1982 goto attach_fail4; 1983 1984 ATH_HAL_GETMAC(ah, ic->ic_macaddr); 1985 1986 /* 1987 * Initialize pointers to device specific functions which 1988 * will be used by the generic layer. 1989 */ 1990 /* 11g support is identified when we fetch the channel set */ 1991 if (asc->asc_have11g) 1992 ic->ic_caps |= IEEE80211_C_SHPREAMBLE | 1993 IEEE80211_C_SHSLOT; /* short slot time */ 1994 /* 1995 * Query the hal to figure out h/w crypto support. 1996 */ 1997 if (ATH_HAL_CIPHERSUPPORTED(ah, HAL_CIPHER_WEP)) 1998 ic->ic_caps |= IEEE80211_C_WEP; 1999 if (ATH_HAL_CIPHERSUPPORTED(ah, HAL_CIPHER_AES_OCB)) 2000 ic->ic_caps |= IEEE80211_C_AES; 2001 if (ATH_HAL_CIPHERSUPPORTED(ah, HAL_CIPHER_AES_CCM)) { 2002 ATH_DEBUG((ATH_DBG_ATTACH, "Atheros support H/W CCMP\n")); 2003 ic->ic_caps |= IEEE80211_C_AES_CCM; 2004 } 2005 if (ATH_HAL_CIPHERSUPPORTED(ah, HAL_CIPHER_CKIP)) 2006 ic->ic_caps |= IEEE80211_C_CKIP; 2007 if (ATH_HAL_CIPHERSUPPORTED(ah, HAL_CIPHER_TKIP)) { 2008 ATH_DEBUG((ATH_DBG_ATTACH, "Atheros support H/W TKIP\n")); 2009 ic->ic_caps |= IEEE80211_C_TKIP; 2010 /* 2011 * Check if h/w does the MIC and/or whether the 2012 * separate key cache entries are required to 2013 * handle both tx+rx MIC keys. 2014 */ 2015 if (ATH_HAL_CIPHERSUPPORTED(ah, HAL_CIPHER_MIC)) { 2016 ATH_DEBUG((ATH_DBG_ATTACH, "Support H/W TKIP MIC\n")); 2017 ic->ic_caps |= IEEE80211_C_TKIPMIC; 2018 } 2019 if (ATH_HAL_TKIPSPLIT(ah)) 2020 asc->asc_splitmic = 1; 2021 } 2022 ic->ic_caps |= IEEE80211_C_WPA; /* Support WPA/WPA2 */ 2023 2024 asc->asc_hasclrkey = ATH_HAL_CIPHERSUPPORTED(ah, HAL_CIPHER_CLR); 2025 ic->ic_phytype = IEEE80211_T_OFDM; 2026 ic->ic_opmode = IEEE80211_M_STA; 2027 ic->ic_state = IEEE80211_S_INIT; 2028 ic->ic_maxrssi = ATH_MAX_RSSI; 2029 ic->ic_set_shortslot = ath_set_shortslot; 2030 ic->ic_xmit = ath_xmit; 2031 ieee80211_attach(ic); 2032 2033 /* different instance has different WPA door */ 2034 (void) snprintf(ic->ic_wpadoor, MAX_IEEE80211STR, "%s_%s%d", WPA_DOOR, 2035 ddi_driver_name(devinfo), 2036 ddi_get_instance(devinfo)); 2037 2038 /* Override 80211 default routines */ 2039 ic->ic_reset = ath_reset; 2040 asc->asc_newstate = ic->ic_newstate; 2041 ic->ic_newstate = ath_newstate; 2042 ic->ic_watchdog = ath_watchdog; 2043 ic->ic_node_alloc = ath_node_alloc; 2044 ic->ic_node_free = ath_node_free; 2045 ic->ic_crypto.cs_key_alloc = ath_key_alloc; 2046 ic->ic_crypto.cs_key_delete = ath_key_delete; 2047 ic->ic_crypto.cs_key_set = ath_key_set; 2048 ieee80211_media_init(ic); 2049 /* 2050 * initialize default tx key 2051 */ 2052 ic->ic_def_txkey = 0; 2053 2054 asc->asc_rx_pend = 0; 2055 ATH_HAL_INTRSET(ah, 0); 2056 err = ddi_add_softintr(devinfo, DDI_SOFTINT_LOW, 2057 &asc->asc_softint_id, NULL, 0, ath_softint_handler, (caddr_t)asc); 2058 if (err != DDI_SUCCESS) { 2059 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 2060 "ddi_add_softintr() failed\n")); 2061 goto attach_fail5; 2062 } 2063 2064 if (ddi_get_iblock_cookie(devinfo, 0, &asc->asc_iblock) 2065 != DDI_SUCCESS) { 2066 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 2067 "Can not get iblock cookie for INT\n")); 2068 goto attach_fail6; 2069 } 2070 2071 if (ddi_add_intr(devinfo, 0, NULL, NULL, ath_intr, 2072 (caddr_t)asc) != DDI_SUCCESS) { 2073 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 2074 "Can not set intr for ATH driver\n")); 2075 goto attach_fail6; 2076 } 2077 2078 /* 2079 * Provide initial settings for the WiFi plugin; whenever this 2080 * information changes, we need to call mac_plugindata_update() 2081 */ 2082 wd.wd_opmode = ic->ic_opmode; 2083 wd.wd_secalloc = WIFI_SEC_NONE; 2084 IEEE80211_ADDR_COPY(wd.wd_bssid, ic->ic_bss->in_bssid); 2085 2086 if ((macp = mac_alloc(MAC_VERSION)) == NULL) { 2087 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 2088 "MAC version mismatch\n")); 2089 goto attach_fail7; 2090 } 2091 2092 macp->m_type_ident = MAC_PLUGIN_IDENT_WIFI; 2093 macp->m_driver = asc; 2094 macp->m_dip = devinfo; 2095 macp->m_src_addr = ic->ic_macaddr; 2096 macp->m_callbacks = &ath_m_callbacks; 2097 macp->m_min_sdu = 0; 2098 macp->m_max_sdu = IEEE80211_MTU; 2099 macp->m_pdata = &wd; 2100 macp->m_pdata_size = sizeof (wd); 2101 2102 err = mac_register(macp, &ic->ic_mach); 2103 mac_free(macp); 2104 if (err != 0) { 2105 ATH_DEBUG((ATH_DBG_ATTACH, "ath: ath_attach(): " 2106 "mac_register err %x\n", err)); 2107 goto attach_fail7; 2108 } 2109 2110 /* Create minor node of type DDI_NT_NET_WIFI */ 2111 (void) snprintf(strbuf, sizeof (strbuf), "%s%d", 2112 ATH_NODENAME, instance); 2113 err = ddi_create_minor_node(devinfo, strbuf, S_IFCHR, 2114 instance + 1, DDI_NT_NET_WIFI, 0); 2115 if (err != DDI_SUCCESS) 2116 ATH_DEBUG((ATH_DBG_ATTACH, "WARN: ath: ath_attach(): " 2117 "Create minor node failed - %d\n", err)); 2118 2119 mac_link_update(ic->ic_mach, LINK_STATE_DOWN); 2120 asc->asc_invalid = 1; 2121 return (DDI_SUCCESS); 2122 attach_fail7: 2123 ddi_remove_intr(devinfo, 0, asc->asc_iblock); 2124 attach_fail6: 2125 ddi_remove_softintr(asc->asc_softint_id); 2126 attach_fail5: 2127 (void) ieee80211_detach(ic); 2128 attach_fail4: 2129 ath_desc_free(asc); 2130 attach_fail3: 2131 ah->ah_detach(asc->asc_ah); 2132 attach_fail2: 2133 ddi_regs_map_free(&asc->asc_io_handle); 2134 attach_fail1: 2135 pci_config_teardown(&asc->asc_cfg_handle); 2136 attach_fail0: 2137 asc->asc_invalid = 1; 2138 mutex_destroy(&asc->asc_txbuflock); 2139 for (i = 0; i < HAL_NUM_TX_QUEUES; i++) { 2140 if (ATH_TXQ_SETUP(asc, i)) { 2141 struct ath_txq *txq = &asc->asc_txq[i]; 2142 mutex_destroy(&txq->axq_lock); 2143 } 2144 } 2145 mutex_destroy(&asc->asc_rxbuflock); 2146 mutex_destroy(&asc->asc_genlock); 2147 mutex_destroy(&asc->asc_resched_lock); 2148 ddi_soft_state_free(ath_soft_state_p, instance); 2149 2150 return (DDI_FAILURE); 2151 } 2152 2153 static int32_t 2154 ath_detach(dev_info_t *devinfo, ddi_detach_cmd_t cmd) 2155 { 2156 ath_t *asc; 2157 2158 asc = ddi_get_soft_state(ath_soft_state_p, ddi_get_instance(devinfo)); 2159 ASSERT(asc != NULL); 2160 2161 if (cmd != DDI_DETACH) 2162 return (DDI_FAILURE); 2163 2164 ath_stop_scantimer(asc); 2165 2166 /* disable interrupts */ 2167 ATH_HAL_INTRSET(asc->asc_ah, 0); 2168 2169 /* 2170 * Unregister from the MAC layer subsystem 2171 */ 2172 if (mac_unregister(asc->asc_isc.ic_mach) != 0) 2173 return (DDI_FAILURE); 2174 2175 /* free intterrupt resources */ 2176 ddi_remove_intr(devinfo, 0, asc->asc_iblock); 2177 ddi_remove_softintr(asc->asc_softint_id); 2178 2179 /* 2180 * NB: the order of these is important: 2181 * o call the 802.11 layer before detaching the hal to 2182 * insure callbacks into the driver to delete global 2183 * key cache entries can be handled 2184 * o reclaim the tx queue data structures after calling 2185 * the 802.11 layer as we'll get called back to reclaim 2186 * node state and potentially want to use them 2187 * o to cleanup the tx queues the hal is called, so detach 2188 * it last 2189 */ 2190 ieee80211_detach(&asc->asc_isc); 2191 ath_desc_free(asc); 2192 ath_txq_cleanup(asc); 2193 asc->asc_ah->ah_detach(asc->asc_ah); 2194 2195 /* free io handle */ 2196 ddi_regs_map_free(&asc->asc_io_handle); 2197 pci_config_teardown(&asc->asc_cfg_handle); 2198 2199 /* destroy locks */ 2200 mutex_destroy(&asc->asc_rxbuflock); 2201 mutex_destroy(&asc->asc_genlock); 2202 mutex_destroy(&asc->asc_resched_lock); 2203 2204 ddi_remove_minor_node(devinfo, NULL); 2205 ddi_soft_state_free(ath_soft_state_p, ddi_get_instance(devinfo)); 2206 2207 return (DDI_SUCCESS); 2208 } 2209 2210 DDI_DEFINE_STREAM_OPS(ath_dev_ops, nulldev, nulldev, ath_attach, ath_detach, 2211 nodev, NULL, D_MP, NULL); 2212 2213 static struct modldrv ath_modldrv = { 2214 &mod_driverops, /* Type of module. This one is a driver */ 2215 "ath driver 1.3/HAL 0.9.17.2", /* short description */ 2216 &ath_dev_ops /* driver specific ops */ 2217 }; 2218 2219 static struct modlinkage modlinkage = { 2220 MODREV_1, (void *)&ath_modldrv, NULL 2221 }; 2222 2223 2224 int 2225 _info(struct modinfo *modinfop) 2226 { 2227 return (mod_info(&modlinkage, modinfop)); 2228 } 2229 2230 int 2231 _init(void) 2232 { 2233 int status; 2234 2235 status = ddi_soft_state_init(&ath_soft_state_p, sizeof (ath_t), 1); 2236 if (status != 0) 2237 return (status); 2238 2239 mutex_init(&ath_loglock, NULL, MUTEX_DRIVER, NULL); 2240 ath_halfix_init(); 2241 mac_init_ops(&ath_dev_ops, "ath"); 2242 status = mod_install(&modlinkage); 2243 if (status != 0) { 2244 mac_fini_ops(&ath_dev_ops); 2245 ath_halfix_finit(); 2246 mutex_destroy(&ath_loglock); 2247 ddi_soft_state_fini(&ath_soft_state_p); 2248 } 2249 2250 return (status); 2251 } 2252 2253 int 2254 _fini(void) 2255 { 2256 int status; 2257 2258 status = mod_remove(&modlinkage); 2259 if (status == 0) { 2260 mac_fini_ops(&ath_dev_ops); 2261 ath_halfix_finit(); 2262 mutex_destroy(&ath_loglock); 2263 ddi_soft_state_fini(&ath_soft_state_p); 2264 } 2265 return (status); 2266 } 2267