1 /* 2 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 /* 7 * Copyright (c) 2006 8 * Damien Bergamini <damien.bergamini@free.fr> 9 * 10 * Permission to use, copy, modify, and distribute this software for any 11 * purpose with or without fee is hereby granted, provided that the above 12 * copyright notice and this permission notice appear in all copies. 13 * 14 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 15 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 16 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 17 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 18 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 19 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 20 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 21 */ 22 23 #pragma ident "%Z%%M% %I% %E% SMI" 24 25 /* 26 * Driver for Intel PRO/Wireless 3945ABG 802.11 network adapters. 27 */ 28 29 #include <sys/types.h> 30 #include <sys/byteorder.h> 31 #include <sys/conf.h> 32 #include <sys/cmn_err.h> 33 #include <sys/stat.h> 34 #include <sys/ddi.h> 35 #include <sys/sunddi.h> 36 #include <sys/strsubr.h> 37 #include <sys/ethernet.h> 38 #include <inet/common.h> 39 #include <inet/nd.h> 40 #include <inet/mi.h> 41 #include <sys/note.h> 42 #include <sys/stream.h> 43 #include <sys/strsun.h> 44 #include <sys/modctl.h> 45 #include <sys/devops.h> 46 #include <sys/dlpi.h> 47 #include <sys/mac.h> 48 #include <sys/mac_wifi.h> 49 #include <sys/net80211.h> 50 #include <sys/net80211_proto.h> 51 #include <sys/varargs.h> 52 #include <sys/policy.h> 53 #include <sys/pci.h> 54 55 #include "wpireg.h" 56 #include "wpivar.h" 57 #include <inet/wifi_ioctl.h> 58 59 #ifdef DEBUG 60 #define WPI_DEBUG_80211 (1 << 0) 61 #define WPI_DEBUG_CMD (1 << 1) 62 #define WPI_DEBUG_DMA (1 << 2) 63 #define WPI_DEBUG_EEPROM (1 << 3) 64 #define WPI_DEBUG_FW (1 << 4) 65 #define WPI_DEBUG_HW (1 << 5) 66 #define WPI_DEBUG_INTR (1 << 6) 67 #define WPI_DEBUG_MRR (1 << 7) 68 #define WPI_DEBUG_PIO (1 << 8) 69 #define WPI_DEBUG_RX (1 << 9) 70 #define WPI_DEBUG_SCAN (1 << 10) 71 #define WPI_DEBUG_TX (1 << 11) 72 #define WPI_DEBUG_RATECTL (1 << 12) 73 #define WPI_DEBUG_RADIO (1 << 13) 74 uint32_t wpi_dbg_flags = 0; 75 #define WPI_DBG(x) \ 76 wpi_dbg x 77 #else 78 #define WPI_DBG(x) 79 #endif 80 81 static void *wpi_soft_state_p = NULL; 82 static uint8_t wpi_fw_bin [] = { 83 #include "fw-wpi/ipw3945.ucode.hex" 84 }; 85 86 /* DMA attributes for a shared page */ 87 static ddi_dma_attr_t sh_dma_attr = { 88 DMA_ATTR_V0, /* version of this structure */ 89 0, /* lowest usable address */ 90 0xffffffffU, /* highest usable address */ 91 0xffffffffU, /* maximum DMAable byte count */ 92 0x1000, /* alignment in bytes */ 93 0x1000, /* burst sizes (any?) */ 94 1, /* minimum transfer */ 95 0xffffffffU, /* maximum transfer */ 96 0xffffffffU, /* maximum segment length */ 97 1, /* maximum number of segments */ 98 1, /* granularity */ 99 0, /* flags (reserved) */ 100 }; 101 102 /* DMA attributes for a ring descriptor */ 103 static ddi_dma_attr_t ring_desc_dma_attr = { 104 DMA_ATTR_V0, /* version of this structure */ 105 0, /* lowest usable address */ 106 0xffffffffU, /* highest usable address */ 107 0xffffffffU, /* maximum DMAable byte count */ 108 0x4000, /* alignment in bytes */ 109 0x100, /* burst sizes (any?) */ 110 1, /* minimum transfer */ 111 0xffffffffU, /* maximum transfer */ 112 0xffffffffU, /* maximum segment length */ 113 1, /* maximum number of segments */ 114 1, /* granularity */ 115 0, /* flags (reserved) */ 116 }; 117 118 119 /* DMA attributes for a tx cmd */ 120 static ddi_dma_attr_t tx_cmd_dma_attr = { 121 DMA_ATTR_V0, /* version of this structure */ 122 0, /* lowest usable address */ 123 0xffffffffU, /* highest usable address */ 124 0xffffffffU, /* maximum DMAable byte count */ 125 4, /* alignment in bytes */ 126 0x100, /* burst sizes (any?) */ 127 1, /* minimum transfer */ 128 0xffffffffU, /* maximum transfer */ 129 0xffffffffU, /* maximum segment length */ 130 1, /* maximum number of segments */ 131 1, /* granularity */ 132 0, /* flags (reserved) */ 133 }; 134 135 /* DMA attributes for a rx buffer */ 136 static ddi_dma_attr_t rx_buffer_dma_attr = { 137 DMA_ATTR_V0, /* version of this structure */ 138 0, /* lowest usable address */ 139 0xffffffffU, /* highest usable address */ 140 0xffffffffU, /* maximum DMAable byte count */ 141 1, /* alignment in bytes */ 142 0x100, /* burst sizes (any?) */ 143 1, /* minimum transfer */ 144 0xffffffffU, /* maximum transfer */ 145 0xffffffffU, /* maximum segment length */ 146 1, /* maximum number of segments */ 147 1, /* granularity */ 148 0, /* flags (reserved) */ 149 }; 150 151 /* 152 * DMA attributes for a tx buffer. 153 * the maximum number of segments is 4 for the hardware. 154 * now all the wifi drivers put the whole frame in a single 155 * descriptor, so we define the maximum number of segments 4, 156 * just the same as the rx_buffer. we consider leverage the HW 157 * ability in the future, that is why we don't define rx and tx 158 * buffer_dma_attr as the same. 159 */ 160 static ddi_dma_attr_t tx_buffer_dma_attr = { 161 DMA_ATTR_V0, /* version of this structure */ 162 0, /* lowest usable address */ 163 0xffffffffU, /* highest usable address */ 164 0xffffffffU, /* maximum DMAable byte count */ 165 1, /* alignment in bytes */ 166 0x100, /* burst sizes (any?) */ 167 1, /* minimum transfer */ 168 0xffffffffU, /* maximum transfer */ 169 0xffffffffU, /* maximum segment length */ 170 1, /* maximum number of segments */ 171 1, /* granularity */ 172 0, /* flags (reserved) */ 173 }; 174 175 /* DMA attributes for a load firmware */ 176 static ddi_dma_attr_t fw_buffer_dma_attr = { 177 DMA_ATTR_V0, /* version of this structure */ 178 0, /* lowest usable address */ 179 0xffffffffU, /* highest usable address */ 180 0x7fffffff, /* maximum DMAable byte count */ 181 4, /* alignment in bytes */ 182 0x100, /* burst sizes (any?) */ 183 1, /* minimum transfer */ 184 0xffffffffU, /* maximum transfer */ 185 0xffffffffU, /* maximum segment length */ 186 4, /* maximum number of segments */ 187 1, /* granularity */ 188 0, /* flags (reserved) */ 189 }; 190 191 /* regs access attributes */ 192 static ddi_device_acc_attr_t wpi_reg_accattr = { 193 DDI_DEVICE_ATTR_V0, 194 DDI_STRUCTURE_LE_ACC, 195 DDI_STRICTORDER_ACC, 196 DDI_DEFAULT_ACC 197 }; 198 199 /* DMA access attributes */ 200 static ddi_device_acc_attr_t wpi_dma_accattr = { 201 DDI_DEVICE_ATTR_V0, 202 DDI_NEVERSWAP_ACC, 203 DDI_STRICTORDER_ACC, 204 DDI_DEFAULT_ACC 205 }; 206 207 static int wpi_ring_init(wpi_sc_t *); 208 static void wpi_ring_free(wpi_sc_t *); 209 static int wpi_alloc_shared(wpi_sc_t *); 210 static void wpi_free_shared(wpi_sc_t *); 211 static int wpi_alloc_fw_dma(wpi_sc_t *); 212 static void wpi_free_fw_dma(wpi_sc_t *); 213 static int wpi_alloc_rx_ring(wpi_sc_t *); 214 static void wpi_reset_rx_ring(wpi_sc_t *); 215 static void wpi_free_rx_ring(wpi_sc_t *); 216 static int wpi_alloc_tx_ring(wpi_sc_t *, wpi_tx_ring_t *, int, int); 217 static void wpi_reset_tx_ring(wpi_sc_t *, wpi_tx_ring_t *); 218 static void wpi_free_tx_ring(wpi_sc_t *, wpi_tx_ring_t *); 219 220 static ieee80211_node_t *wpi_node_alloc(ieee80211com_t *); 221 static void wpi_node_free(ieee80211_node_t *); 222 static int wpi_newstate(ieee80211com_t *, enum ieee80211_state, int); 223 static void wpi_mem_lock(wpi_sc_t *); 224 static void wpi_mem_unlock(wpi_sc_t *); 225 static uint32_t wpi_mem_read(wpi_sc_t *, uint16_t); 226 static void wpi_mem_write(wpi_sc_t *, uint16_t, uint32_t); 227 static void wpi_mem_write_region_4(wpi_sc_t *, uint16_t, 228 const uint32_t *, int); 229 static uint16_t wpi_read_prom_word(wpi_sc_t *, uint32_t); 230 static int wpi_load_microcode(wpi_sc_t *); 231 static int wpi_load_firmware(wpi_sc_t *, uint32_t); 232 static void wpi_rx_intr(wpi_sc_t *, wpi_rx_desc_t *, 233 wpi_rx_data_t *); 234 static void wpi_tx_intr(wpi_sc_t *, wpi_rx_desc_t *, 235 wpi_rx_data_t *); 236 static void wpi_cmd_intr(wpi_sc_t *, wpi_rx_desc_t *); 237 static uint_t wpi_intr(caddr_t); 238 static uint_t wpi_notif_softintr(caddr_t); 239 static uint8_t wpi_plcp_signal(int); 240 static void wpi_read_eeprom(wpi_sc_t *); 241 static int wpi_cmd(wpi_sc_t *, int, const void *, int, int); 242 static int wpi_mrr_setup(wpi_sc_t *); 243 static void wpi_set_led(wpi_sc_t *, uint8_t, uint8_t, uint8_t); 244 static int wpi_auth(wpi_sc_t *); 245 static int wpi_scan(wpi_sc_t *); 246 static int wpi_config(wpi_sc_t *); 247 static void wpi_stop_master(wpi_sc_t *); 248 static int wpi_power_up(wpi_sc_t *); 249 static int wpi_reset(wpi_sc_t *); 250 static void wpi_hw_config(wpi_sc_t *); 251 static int wpi_init(wpi_sc_t *); 252 static void wpi_stop(wpi_sc_t *); 253 static void wpi_amrr_init(wpi_amrr_t *); 254 static void wpi_amrr_timeout(wpi_sc_t *); 255 static void wpi_amrr_ratectl(void *, ieee80211_node_t *); 256 257 static int wpi_attach(dev_info_t *dip, ddi_attach_cmd_t cmd); 258 static int wpi_detach(dev_info_t *dip, ddi_detach_cmd_t cmd); 259 260 /* 261 * GLD specific operations 262 */ 263 static int wpi_m_stat(void *arg, uint_t stat, uint64_t *val); 264 static int wpi_m_start(void *arg); 265 static void wpi_m_stop(void *arg); 266 static int wpi_m_unicst(void *arg, const uint8_t *macaddr); 267 static int wpi_m_multicst(void *arg, boolean_t add, const uint8_t *m); 268 static int wpi_m_promisc(void *arg, boolean_t on); 269 static mblk_t *wpi_m_tx(void *arg, mblk_t *mp); 270 static void wpi_m_ioctl(void *arg, queue_t *wq, mblk_t *mp); 271 272 static void wpi_destroy_locks(wpi_sc_t *sc); 273 static int wpi_send(ieee80211com_t *ic, mblk_t *mp, uint8_t type); 274 static void wpi_thread(wpi_sc_t *sc); 275 276 /* 277 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 278 */ 279 static const struct ieee80211_rateset wpi_rateset_11b = 280 { 4, { 2, 4, 11, 22 } }; 281 282 static const struct ieee80211_rateset wpi_rateset_11g = 283 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 284 285 static const uint8_t wpi_ridx_to_signal[] = { 286 /* OFDM: IEEE Std 802.11a-1999, pp. 14 Table 80 */ 287 /* R1-R4 (ral/ural is R4-R1) */ 288 0xd, 0xf, 0x5, 0x7, 0x9, 0xb, 0x1, 0x3, 289 /* CCK: device-dependent */ 290 10, 20, 55, 110 291 }; 292 293 /* 294 * For mfthread only 295 */ 296 extern pri_t minclsyspri; 297 298 /* 299 * Module Loading Data & Entry Points 300 */ 301 DDI_DEFINE_STREAM_OPS(wpi_devops, nulldev, nulldev, wpi_attach, 302 wpi_detach, nodev, NULL, D_MP, NULL); 303 304 static struct modldrv wpi_modldrv = { 305 &mod_driverops, 306 "Intel(R) PRO/Wireless 3945ABG driver", 307 &wpi_devops 308 }; 309 310 static struct modlinkage wpi_modlinkage = { 311 MODREV_1, 312 &wpi_modldrv, 313 NULL 314 }; 315 316 int 317 _init(void) 318 { 319 int status; 320 321 status = ddi_soft_state_init(&wpi_soft_state_p, 322 sizeof (wpi_sc_t), 1); 323 if (status != DDI_SUCCESS) 324 return (status); 325 326 mac_init_ops(&wpi_devops, "wpi"); 327 status = mod_install(&wpi_modlinkage); 328 if (status != DDI_SUCCESS) { 329 mac_fini_ops(&wpi_devops); 330 ddi_soft_state_fini(&wpi_soft_state_p); 331 } 332 333 return (status); 334 } 335 336 int 337 _fini(void) 338 { 339 int status; 340 341 status = mod_remove(&wpi_modlinkage); 342 if (status == DDI_SUCCESS) { 343 mac_fini_ops(&wpi_devops); 344 ddi_soft_state_fini(&wpi_soft_state_p); 345 } 346 347 return (status); 348 } 349 350 int 351 _info(struct modinfo *mip) 352 { 353 return (mod_info(&wpi_modlinkage, mip)); 354 } 355 356 /* 357 * Mac Call Back entries 358 */ 359 mac_callbacks_t wpi_m_callbacks = { 360 MC_IOCTL, 361 wpi_m_stat, 362 wpi_m_start, 363 wpi_m_stop, 364 wpi_m_promisc, 365 wpi_m_multicst, 366 wpi_m_unicst, 367 wpi_m_tx, 368 NULL, 369 wpi_m_ioctl 370 }; 371 372 #ifdef DEBUG 373 void 374 wpi_dbg(uint32_t flags, const char *fmt, ...) 375 { 376 va_list ap; 377 378 if (flags & wpi_dbg_flags) { 379 va_start(ap, fmt); 380 vcmn_err(CE_NOTE, fmt, ap); 381 va_end(ap); 382 } 383 } 384 #endif 385 /* 386 * device operations 387 */ 388 int 389 wpi_attach(dev_info_t *dip, ddi_attach_cmd_t cmd) 390 { 391 wpi_sc_t *sc; 392 ddi_acc_handle_t cfg_handle; 393 caddr_t cfg_base; 394 ieee80211com_t *ic; 395 int instance, err, i; 396 char strbuf[32]; 397 wifi_data_t wd = { 0 }; 398 mac_register_t *macp; 399 400 if (cmd != DDI_ATTACH) { 401 err = DDI_FAILURE; 402 goto attach_fail1; 403 } 404 405 instance = ddi_get_instance(dip); 406 err = ddi_soft_state_zalloc(wpi_soft_state_p, instance); 407 if (err != DDI_SUCCESS) { 408 cmn_err(CE_WARN, 409 "wpi_attach(): failed to allocate soft state\n"); 410 goto attach_fail1; 411 } 412 sc = ddi_get_soft_state(wpi_soft_state_p, instance); 413 sc->sc_dip = dip; 414 415 err = ddi_regs_map_setup(dip, 0, &cfg_base, 0, 0, 416 &wpi_reg_accattr, &cfg_handle); 417 if (err != DDI_SUCCESS) { 418 cmn_err(CE_WARN, 419 "wpi_attach(): failed to map config spaces regs\n"); 420 goto attach_fail2; 421 } 422 sc->sc_rev = ddi_get8(cfg_handle, 423 (uint8_t *)(cfg_base + PCI_CONF_REVID)); 424 ddi_put8(cfg_handle, (uint8_t *)(cfg_base + 0x41), 0); 425 sc->sc_clsz = ddi_get16(cfg_handle, 426 (uint16_t *)(cfg_base + PCI_CONF_CACHE_LINESZ)); 427 ddi_regs_map_free(&cfg_handle); 428 if (!sc->sc_clsz) 429 sc->sc_clsz = 16; 430 sc->sc_clsz = (sc->sc_clsz << 2); 431 sc->sc_dmabuf_sz = roundup(0x1000 + sizeof (struct ieee80211_frame) + 432 IEEE80211_MTU + IEEE80211_CRC_LEN + 433 (IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + 434 IEEE80211_WEP_CRCLEN), sc->sc_clsz); 435 /* 436 * Map operating registers 437 */ 438 err = ddi_regs_map_setup(dip, 1, &sc->sc_base, 439 0, 0, &wpi_reg_accattr, &sc->sc_handle); 440 if (err != DDI_SUCCESS) { 441 cmn_err(CE_WARN, 442 "wpi_attach(): failed to map device regs\n"); 443 goto attach_fail2; 444 } 445 446 /* 447 * Allocate shared page. 448 */ 449 err = wpi_alloc_shared(sc); 450 if (err != DDI_SUCCESS) { 451 cmn_err(CE_WARN, "failed to allocate shared page\n"); 452 goto attach_fail3; 453 } 454 455 /* 456 * Get the hw conf, including MAC address, then init all rings. 457 */ 458 wpi_read_eeprom(sc); 459 err = wpi_ring_init(sc); 460 if (err != DDI_SUCCESS) { 461 cmn_err(CE_WARN, "wpi_attach(): " 462 "failed to allocate and initialize ring\n"); 463 goto attach_fail4; 464 } 465 466 sc->sc_hdr = (const wpi_firmware_hdr_t *)wpi_fw_bin; 467 468 /* firmware image layout: |HDR|<--TEXT-->|<--DATA-->|<--BOOT-->| */ 469 sc->sc_text = (const char *)(sc->sc_hdr + 1); 470 sc->sc_data = sc->sc_text + LE_32(sc->sc_hdr->textsz); 471 sc->sc_boot = sc->sc_data + LE_32(sc->sc_hdr->datasz); 472 err = wpi_alloc_fw_dma(sc); 473 if (err != DDI_SUCCESS) { 474 cmn_err(CE_WARN, "wpi_attach(): " 475 "failed to allocate firmware dma\n"); 476 goto attach_fail5; 477 } 478 479 /* 480 * Initialize mutexs and condvars 481 */ 482 err = ddi_get_iblock_cookie(dip, 0, &sc->sc_iblk); 483 if (err != DDI_SUCCESS) { 484 cmn_err(CE_WARN, 485 "wpi_attach(): failed to do ddi_get_iblock_cookie()\n"); 486 goto attach_fail6; 487 } 488 mutex_init(&sc->sc_glock, NULL, MUTEX_DRIVER, sc->sc_iblk); 489 mutex_init(&sc->sc_tx_lock, NULL, MUTEX_DRIVER, sc->sc_iblk); 490 cv_init(&sc->sc_fw_cv, NULL, CV_DRIVER, NULL); 491 cv_init(&sc->sc_cmd_cv, NULL, CV_DRIVER, NULL); 492 cv_init(&sc->sc_tx_cv, "tx-ring", CV_DRIVER, NULL); 493 /* 494 * initialize the mfthread 495 */ 496 mutex_init(&sc->sc_mt_lock, NULL, MUTEX_DRIVER, 497 (void *) sc->sc_iblk); 498 cv_init(&sc->sc_mt_cv, NULL, CV_DRIVER, NULL); 499 sc->sc_mf_thread = NULL; 500 sc->sc_mf_thread_switch = 0; 501 /* 502 * Initialize the wifi part, which will be used by 503 * generic layer 504 */ 505 ic = &sc->sc_ic; 506 ic->ic_phytype = IEEE80211_T_OFDM; 507 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 508 ic->ic_state = IEEE80211_S_INIT; 509 ic->ic_maxrssi = 70; /* experimental number */ 510 /* 511 * use software WEP for the current version. 512 */ 513 ic->ic_caps = IEEE80211_C_SHPREAMBLE | IEEE80211_C_TXPMGT | 514 IEEE80211_C_PMGT | IEEE80211_C_SHSLOT; 515 516 /* set supported .11b and .11g rates */ 517 ic->ic_sup_rates[IEEE80211_MODE_11B] = wpi_rateset_11b; 518 ic->ic_sup_rates[IEEE80211_MODE_11G] = wpi_rateset_11g; 519 520 /* set supported .11b and .11g channels (1 through 14) */ 521 for (i = 1; i <= 14; i++) { 522 ic->ic_sup_channels[i].ich_freq = 523 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 524 ic->ic_sup_channels[i].ich_flags = 525 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 526 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 527 } 528 ic->ic_ibss_chan = &ic->ic_sup_channels[0]; 529 ic->ic_xmit = wpi_send; 530 /* 531 * init Wifi layer 532 */ 533 ieee80211_attach(ic); 534 535 /* 536 * Override 80211 default routines 537 */ 538 sc->sc_newstate = ic->ic_newstate; 539 ic->ic_newstate = wpi_newstate; 540 ic->ic_node_alloc = wpi_node_alloc; 541 ic->ic_node_free = wpi_node_free; 542 ieee80211_media_init(ic); 543 /* 544 * initialize default tx key 545 */ 546 ic->ic_def_txkey = 0; 547 548 err = ddi_add_softintr(dip, DDI_SOFTINT_LOW, 549 &sc->sc_notif_softint_id, &sc->sc_iblk, NULL, wpi_notif_softintr, 550 (caddr_t)sc); 551 if (err != DDI_SUCCESS) { 552 cmn_err(CE_WARN, 553 "wpi_attach(): failed to do ddi_add_softintr()\n"); 554 goto attach_fail7; 555 } 556 557 /* 558 * Add the interrupt handler 559 */ 560 err = ddi_add_intr(dip, 0, &sc->sc_iblk, NULL, 561 wpi_intr, (caddr_t)sc); 562 if (err != DDI_SUCCESS) { 563 cmn_err(CE_WARN, 564 "wpi_attach(): failed to do ddi_add_intr()\n"); 565 goto attach_fail8; 566 } 567 568 /* 569 * Initialize pointer to device specific functions 570 */ 571 wd.wd_secalloc = WIFI_SEC_NONE; 572 wd.wd_opmode = ic->ic_opmode; 573 IEEE80211_ADDR_COPY(wd.wd_bssid, ic->ic_macaddr); 574 575 macp = mac_alloc(MAC_VERSION); 576 if (err != DDI_SUCCESS) { 577 cmn_err(CE_WARN, 578 "wpi_attach(): failed to do mac_alloc()\n"); 579 goto attach_fail9; 580 } 581 582 macp->m_type_ident = MAC_PLUGIN_IDENT_WIFI; 583 macp->m_driver = sc; 584 macp->m_dip = dip; 585 macp->m_src_addr = ic->ic_macaddr; 586 macp->m_callbacks = &wpi_m_callbacks; 587 macp->m_min_sdu = 0; 588 macp->m_max_sdu = IEEE80211_MTU; 589 macp->m_pdata = &wd; 590 macp->m_pdata_size = sizeof (wd); 591 592 /* 593 * Register the macp to mac 594 */ 595 err = mac_register(macp, &ic->ic_mach); 596 mac_free(macp); 597 if (err != DDI_SUCCESS) { 598 cmn_err(CE_WARN, 599 "wpi_attach(): failed to do mac_register()\n"); 600 goto attach_fail9; 601 } 602 603 /* 604 * Create minor node of type DDI_NT_NET_WIFI 605 */ 606 (void) snprintf(strbuf, sizeof (strbuf), "wpi%d", instance); 607 err = ddi_create_minor_node(dip, strbuf, S_IFCHR, 608 instance + 1, DDI_NT_NET_WIFI, 0); 609 if (err != DDI_SUCCESS) 610 cmn_err(CE_WARN, 611 "wpi_attach(): failed to do ddi_create_minor_node()\n"); 612 613 /* 614 * Notify link is down now 615 */ 616 mac_link_update(ic->ic_mach, LINK_STATE_DOWN); 617 618 /* 619 * create the mf thread to handle the link status, 620 * recovery fatal error, etc. 621 */ 622 623 sc->sc_mf_thread_switch = 1; 624 if (sc->sc_mf_thread == NULL) 625 sc->sc_mf_thread = thread_create((caddr_t)NULL, 0, 626 wpi_thread, sc, 0, &p0, TS_RUN, minclsyspri); 627 628 sc->sc_flags |= WPI_F_ATTACHED; 629 630 return (DDI_SUCCESS); 631 attach_fail9: 632 ddi_remove_intr(dip, 0, sc->sc_iblk); 633 attach_fail8: 634 ddi_remove_softintr(sc->sc_notif_softint_id); 635 sc->sc_notif_softint_id = NULL; 636 attach_fail7: 637 ieee80211_detach(ic); 638 wpi_destroy_locks(sc); 639 attach_fail6: 640 wpi_free_fw_dma(sc); 641 attach_fail5: 642 wpi_ring_free(sc); 643 attach_fail4: 644 wpi_free_shared(sc); 645 attach_fail3: 646 ddi_regs_map_free(&sc->sc_handle); 647 attach_fail2: 648 ddi_soft_state_free(wpi_soft_state_p, instance); 649 attach_fail1: 650 return (err); 651 } 652 653 int 654 wpi_detach(dev_info_t *dip, ddi_detach_cmd_t cmd) 655 { 656 wpi_sc_t *sc; 657 int err; 658 659 sc = ddi_get_soft_state(wpi_soft_state_p, ddi_get_instance(dip)); 660 ASSERT(sc != NULL); 661 662 if (cmd != DDI_DETACH) 663 return (DDI_FAILURE); 664 if (!(sc->sc_flags & WPI_F_ATTACHED)) 665 return (DDI_FAILURE); 666 667 /* 668 * Destroy the mf_thread 669 */ 670 mutex_enter(&sc->sc_mt_lock); 671 sc->sc_mf_thread_switch = 0; 672 while (sc->sc_mf_thread != NULL) { 673 if (cv_wait_sig(&sc->sc_mt_cv, &sc->sc_mt_lock) == 0) 674 break; 675 } 676 mutex_exit(&sc->sc_mt_lock); 677 678 wpi_stop(sc); 679 680 /* 681 * Unregiste from the MAC layer subsystem 682 */ 683 err = mac_unregister(sc->sc_ic.ic_mach); 684 if (err != DDI_SUCCESS) 685 return (err); 686 687 mutex_enter(&sc->sc_glock); 688 wpi_free_fw_dma(sc); 689 wpi_ring_free(sc); 690 wpi_free_shared(sc); 691 mutex_exit(&sc->sc_glock); 692 693 ddi_remove_intr(dip, 0, sc->sc_iblk); 694 ddi_remove_softintr(sc->sc_notif_softint_id); 695 sc->sc_notif_softint_id = NULL; 696 697 /* 698 * detach ieee80211 699 */ 700 ieee80211_detach(&sc->sc_ic); 701 702 wpi_destroy_locks(sc); 703 704 ddi_regs_map_free(&sc->sc_handle); 705 ddi_remove_minor_node(dip, NULL); 706 ddi_soft_state_free(wpi_soft_state_p, ddi_get_instance(dip)); 707 708 return (DDI_SUCCESS); 709 } 710 711 static void 712 wpi_destroy_locks(wpi_sc_t *sc) 713 { 714 cv_destroy(&sc->sc_mt_cv); 715 mutex_destroy(&sc->sc_mt_lock); 716 cv_destroy(&sc->sc_tx_cv); 717 cv_destroy(&sc->sc_cmd_cv); 718 cv_destroy(&sc->sc_fw_cv); 719 mutex_destroy(&sc->sc_tx_lock); 720 mutex_destroy(&sc->sc_glock); 721 } 722 723 /* 724 * Allocate an area of memory and a DMA handle for accessing it 725 */ 726 static int 727 wpi_alloc_dma_mem(wpi_sc_t *sc, size_t memsize, ddi_dma_attr_t *dma_attr_p, 728 ddi_device_acc_attr_t *acc_attr_p, uint_t dma_flags, wpi_dma_t *dma_p) 729 { 730 caddr_t vaddr; 731 int err; 732 733 /* 734 * Allocate handle 735 */ 736 err = ddi_dma_alloc_handle(sc->sc_dip, dma_attr_p, 737 DDI_DMA_SLEEP, NULL, &dma_p->dma_hdl); 738 if (err != DDI_SUCCESS) { 739 dma_p->dma_hdl = NULL; 740 return (DDI_FAILURE); 741 } 742 743 /* 744 * Allocate memory 745 */ 746 err = ddi_dma_mem_alloc(dma_p->dma_hdl, memsize, acc_attr_p, 747 dma_flags & (DDI_DMA_CONSISTENT | DDI_DMA_STREAMING), 748 DDI_DMA_SLEEP, NULL, &vaddr, &dma_p->alength, &dma_p->acc_hdl); 749 if (err != DDI_SUCCESS) { 750 ddi_dma_free_handle(&dma_p->dma_hdl); 751 dma_p->dma_hdl = NULL; 752 dma_p->acc_hdl = NULL; 753 return (DDI_FAILURE); 754 } 755 756 /* 757 * Bind the two together 758 */ 759 dma_p->mem_va = vaddr; 760 err = ddi_dma_addr_bind_handle(dma_p->dma_hdl, NULL, 761 vaddr, dma_p->alength, dma_flags, DDI_DMA_SLEEP, NULL, 762 &dma_p->cookie, &dma_p->ncookies); 763 if (err != DDI_DMA_MAPPED) { 764 ddi_dma_mem_free(&dma_p->acc_hdl); 765 ddi_dma_free_handle(&dma_p->dma_hdl); 766 dma_p->acc_hdl = NULL; 767 dma_p->dma_hdl = NULL; 768 return (DDI_FAILURE); 769 } 770 771 dma_p->nslots = ~0U; 772 dma_p->size = ~0U; 773 dma_p->token = ~0U; 774 dma_p->offset = 0; 775 return (DDI_SUCCESS); 776 } 777 778 /* 779 * Free one allocated area of DMAable memory 780 */ 781 static void 782 wpi_free_dma_mem(wpi_dma_t *dma_p) 783 { 784 if (dma_p->dma_hdl != NULL) { 785 if (dma_p->ncookies) { 786 (void) ddi_dma_unbind_handle(dma_p->dma_hdl); 787 dma_p->ncookies = 0; 788 } 789 ddi_dma_free_handle(&dma_p->dma_hdl); 790 dma_p->dma_hdl = NULL; 791 } 792 793 if (dma_p->acc_hdl != NULL) { 794 ddi_dma_mem_free(&dma_p->acc_hdl); 795 dma_p->acc_hdl = NULL; 796 } 797 } 798 799 /* 800 * Allocate an area of dma memory for firmware load. 801 * Idealy, this allocation should be a one time action, that is, 802 * the memory will be freed after the firmware is uploaded to the 803 * card. but since a recovery mechanism for the fatal firmware need 804 * reload the firmware, and re-allocate dma at run time may be failed, 805 * so we allocate it at attach and keep it in the whole lifecycle of 806 * the driver. 807 */ 808 static int 809 wpi_alloc_fw_dma(wpi_sc_t *sc) 810 { 811 int i, err = DDI_SUCCESS; 812 wpi_dma_t *dma_p; 813 814 err = wpi_alloc_dma_mem(sc, LE_32(sc->sc_hdr->textsz), 815 &fw_buffer_dma_attr, &wpi_dma_accattr, 816 DDI_DMA_RDWR | DDI_DMA_CONSISTENT, 817 &sc->sc_dma_fw_text); 818 dma_p = &sc->sc_dma_fw_text; 819 WPI_DBG((WPI_DEBUG_DMA, "ncookies:%d addr1:%x size1:%x\n", 820 dma_p->ncookies, dma_p->cookie.dmac_address, 821 dma_p->cookie.dmac_size)); 822 if (err != DDI_SUCCESS) { 823 cmn_err(CE_WARN, "wpi_alloc_fw_dma(): failed to alloc" 824 "text dma memory"); 825 goto fail; 826 } 827 for (i = 0; i < dma_p->ncookies; i++) { 828 sc->sc_fw_text_cookie[i] = dma_p->cookie; 829 ddi_dma_nextcookie(dma_p->dma_hdl, &dma_p->cookie); 830 } 831 err = wpi_alloc_dma_mem(sc, LE_32(sc->sc_hdr->datasz), 832 &fw_buffer_dma_attr, &wpi_dma_accattr, 833 DDI_DMA_RDWR | DDI_DMA_CONSISTENT, 834 &sc->sc_dma_fw_data); 835 dma_p = &sc->sc_dma_fw_data; 836 WPI_DBG((WPI_DEBUG_DMA, "ncookies:%d addr1:%x size1:%x\n", 837 dma_p->ncookies, dma_p->cookie.dmac_address, 838 dma_p->cookie.dmac_size)); 839 if (err != DDI_SUCCESS) { 840 cmn_err(CE_WARN, "wpi_alloc_fw_dma(): failed to alloc" 841 "data dma memory"); 842 goto fail; 843 } 844 for (i = 0; i < dma_p->ncookies; i++) { 845 sc->sc_fw_data_cookie[i] = dma_p->cookie; 846 ddi_dma_nextcookie(dma_p->dma_hdl, &dma_p->cookie); 847 } 848 fail: 849 return (err); 850 } 851 852 static void 853 wpi_free_fw_dma(wpi_sc_t *sc) 854 { 855 wpi_free_dma_mem(&sc->sc_dma_fw_text); 856 wpi_free_dma_mem(&sc->sc_dma_fw_data); 857 } 858 859 /* 860 * Allocate a shared page between host and NIC. 861 */ 862 static int 863 wpi_alloc_shared(wpi_sc_t *sc) 864 { 865 int err = DDI_SUCCESS; 866 867 /* must be aligned on a 4K-page boundary */ 868 err = wpi_alloc_dma_mem(sc, sizeof (wpi_shared_t), 869 &sh_dma_attr, &wpi_dma_accattr, 870 DDI_DMA_RDWR | DDI_DMA_CONSISTENT, 871 &sc->sc_dma_sh); 872 if (err != DDI_SUCCESS) 873 goto fail; 874 sc->sc_shared = (wpi_shared_t *)sc->sc_dma_sh.mem_va; 875 return (err); 876 877 fail: 878 wpi_free_shared(sc); 879 return (err); 880 } 881 882 static void 883 wpi_free_shared(wpi_sc_t *sc) 884 { 885 wpi_free_dma_mem(&sc->sc_dma_sh); 886 } 887 888 static int 889 wpi_alloc_rx_ring(wpi_sc_t *sc) 890 { 891 wpi_rx_ring_t *ring; 892 wpi_rx_data_t *data; 893 int i, err = DDI_SUCCESS; 894 895 ring = &sc->sc_rxq; 896 ring->cur = 0; 897 898 err = wpi_alloc_dma_mem(sc, WPI_RX_RING_COUNT * sizeof (uint32_t), 899 &ring_desc_dma_attr, &wpi_dma_accattr, 900 DDI_DMA_RDWR | DDI_DMA_CONSISTENT, 901 &ring->dma_desc); 902 if (err != DDI_SUCCESS) { 903 WPI_DBG((WPI_DEBUG_DMA, "dma alloc rx ring desc failed\n")); 904 goto fail; 905 } 906 ring->desc = (uint32_t *)ring->dma_desc.mem_va; 907 908 /* 909 * Allocate Rx buffers. 910 */ 911 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 912 data = &ring->data[i]; 913 err = wpi_alloc_dma_mem(sc, sc->sc_dmabuf_sz, 914 &rx_buffer_dma_attr, &wpi_dma_accattr, 915 DDI_DMA_READ | DDI_DMA_STREAMING, 916 &data->dma_data); 917 if (err != DDI_SUCCESS) { 918 WPI_DBG((WPI_DEBUG_DMA, "dma alloc rx ring buf[%d] " 919 "failed\n", i)); 920 goto fail; 921 } 922 923 ring->desc[i] = LE_32(data->dma_data.cookie.dmac_address); 924 } 925 926 WPI_DMA_SYNC(ring->dma_desc, DDI_DMA_SYNC_FORDEV); 927 928 return (err); 929 930 fail: 931 wpi_free_rx_ring(sc); 932 return (err); 933 } 934 935 static void 936 wpi_reset_rx_ring(wpi_sc_t *sc) 937 { 938 int ntries; 939 940 wpi_mem_lock(sc); 941 942 WPI_WRITE(sc, WPI_RX_CONFIG, 0); 943 for (ntries = 0; ntries < 2000; ntries++) { 944 if (WPI_READ(sc, WPI_RX_STATUS) & WPI_RX_IDLE) 945 break; 946 DELAY(1000); 947 } 948 #ifdef DEBUG 949 if (ntries == 2000) 950 WPI_DBG((WPI_DEBUG_DMA, "timeout resetting Rx ring\n")); 951 #endif 952 wpi_mem_unlock(sc); 953 954 sc->sc_rxq.cur = 0; 955 } 956 957 static void 958 wpi_free_rx_ring(wpi_sc_t *sc) 959 { 960 int i; 961 962 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 963 if (sc->sc_rxq.data[i].dma_data.dma_hdl) 964 WPI_DMA_SYNC(sc->sc_rxq.data[i].dma_data, 965 DDI_DMA_SYNC_FORCPU); 966 wpi_free_dma_mem(&sc->sc_rxq.data[i].dma_data); 967 } 968 969 if (sc->sc_rxq.dma_desc.dma_hdl) 970 WPI_DMA_SYNC(sc->sc_rxq.dma_desc, DDI_DMA_SYNC_FORDEV); 971 wpi_free_dma_mem(&sc->sc_rxq.dma_desc); 972 } 973 974 static int 975 wpi_alloc_tx_ring(wpi_sc_t *sc, wpi_tx_ring_t *ring, int count, int qid) 976 { 977 wpi_tx_data_t *data; 978 wpi_tx_desc_t *desc_h; 979 uint32_t paddr_desc_h; 980 wpi_tx_cmd_t *cmd_h; 981 uint32_t paddr_cmd_h; 982 int i, err = DDI_SUCCESS; 983 984 ring->qid = qid; 985 ring->count = count; 986 ring->queued = 0; 987 ring->cur = 0; 988 989 err = wpi_alloc_dma_mem(sc, count * sizeof (wpi_tx_desc_t), 990 &ring_desc_dma_attr, &wpi_dma_accattr, 991 DDI_DMA_RDWR | DDI_DMA_CONSISTENT, 992 &ring->dma_desc); 993 if (err != DDI_SUCCESS) { 994 WPI_DBG((WPI_DEBUG_DMA, "dma alloc tx ring desc[%d] failed\n", 995 qid)); 996 goto fail; 997 } 998 999 /* update shared page with ring's base address */ 1000 sc->sc_shared->txbase[qid] = ring->dma_desc.cookie.dmac_address; 1001 1002 desc_h = (wpi_tx_desc_t *)ring->dma_desc.mem_va; 1003 paddr_desc_h = ring->dma_desc.cookie.dmac_address; 1004 1005 err = wpi_alloc_dma_mem(sc, count * sizeof (wpi_tx_cmd_t), 1006 &tx_cmd_dma_attr, &wpi_dma_accattr, 1007 DDI_DMA_RDWR | DDI_DMA_CONSISTENT, 1008 &ring->dma_cmd); 1009 if (err != DDI_SUCCESS) { 1010 WPI_DBG((WPI_DEBUG_DMA, "dma alloc tx ring cmd[%d] failed\n", 1011 qid)); 1012 goto fail; 1013 } 1014 1015 cmd_h = (wpi_tx_cmd_t *)ring->dma_cmd.mem_va; 1016 paddr_cmd_h = ring->dma_cmd.cookie.dmac_address; 1017 1018 /* 1019 * Allocate Tx buffers. 1020 */ 1021 ring->data = kmem_zalloc(sizeof (wpi_tx_data_t) * count, KM_NOSLEEP); 1022 if (ring->data == NULL) { 1023 WPI_DBG((WPI_DEBUG_DMA, "could not allocate tx data slots\n")); 1024 goto fail; 1025 } 1026 1027 for (i = 0; i < count; i++) { 1028 data = &ring->data[i]; 1029 err = wpi_alloc_dma_mem(sc, sc->sc_dmabuf_sz, 1030 &tx_buffer_dma_attr, &wpi_dma_accattr, 1031 DDI_DMA_WRITE | DDI_DMA_STREAMING, 1032 &data->dma_data); 1033 if (err != DDI_SUCCESS) { 1034 WPI_DBG((WPI_DEBUG_DMA, "dma alloc tx ring buf[%d] " 1035 "failed\n", i)); 1036 goto fail; 1037 } 1038 1039 data->desc = desc_h + i; 1040 data->paddr_desc = paddr_desc_h + 1041 ((caddr_t)data->desc - (caddr_t)desc_h); 1042 data->cmd = cmd_h + i; 1043 data->paddr_cmd = paddr_cmd_h + 1044 ((caddr_t)data->cmd - (caddr_t)cmd_h); 1045 } 1046 1047 return (err); 1048 1049 fail: 1050 if (ring->data) 1051 kmem_free(ring->data, sizeof (wpi_tx_data_t) * count); 1052 wpi_free_tx_ring(sc, ring); 1053 return (err); 1054 } 1055 1056 static void 1057 wpi_reset_tx_ring(wpi_sc_t *sc, wpi_tx_ring_t *ring) 1058 { 1059 wpi_tx_data_t *data; 1060 int i, ntries; 1061 1062 wpi_mem_lock(sc); 1063 1064 WPI_WRITE(sc, WPI_TX_CONFIG(ring->qid), 0); 1065 for (ntries = 0; ntries < 100; ntries++) { 1066 if (WPI_READ(sc, WPI_TX_STATUS) & WPI_TX_IDLE(ring->qid)) 1067 break; 1068 DELAY(10); 1069 } 1070 #ifdef DEBUG 1071 if (ntries == 100 && wpi_dbg_flags > 0) { 1072 WPI_DBG((WPI_DEBUG_DMA, "timeout resetting Tx ring %d\n", 1073 ring->qid)); 1074 } 1075 #endif 1076 wpi_mem_unlock(sc); 1077 1078 for (i = 0; i < ring->count; i++) { 1079 data = &ring->data[i]; 1080 WPI_DMA_SYNC(data->dma_data, DDI_DMA_SYNC_FORDEV); 1081 } 1082 1083 ring->queued = 0; 1084 ring->cur = 0; 1085 } 1086 1087 /*ARGSUSED*/ 1088 static void 1089 wpi_free_tx_ring(wpi_sc_t *sc, wpi_tx_ring_t *ring) 1090 { 1091 int i; 1092 1093 if (ring->dma_desc.dma_hdl != NULL) 1094 WPI_DMA_SYNC(ring->dma_desc, DDI_DMA_SYNC_FORDEV); 1095 wpi_free_dma_mem(&ring->dma_desc); 1096 1097 if (ring->dma_cmd.dma_hdl != NULL) 1098 WPI_DMA_SYNC(ring->dma_cmd, DDI_DMA_SYNC_FORDEV); 1099 wpi_free_dma_mem(&ring->dma_cmd); 1100 1101 if (ring->data != NULL) { 1102 for (i = 0; i < ring->count; i++) { 1103 if (ring->data[i].dma_data.dma_hdl) 1104 WPI_DMA_SYNC(ring->data[i].dma_data, 1105 DDI_DMA_SYNC_FORDEV); 1106 wpi_free_dma_mem(&ring->data[i].dma_data); 1107 } 1108 kmem_free(ring->data, ring->count * sizeof (wpi_tx_data_t)); 1109 } 1110 } 1111 1112 static int 1113 wpi_ring_init(wpi_sc_t *sc) 1114 { 1115 int i, err = DDI_SUCCESS; 1116 1117 for (i = 0; i < 4; i++) { 1118 err = wpi_alloc_tx_ring(sc, &sc->sc_txq[i], WPI_TX_RING_COUNT, 1119 i); 1120 if (err != DDI_SUCCESS) 1121 goto fail; 1122 } 1123 err = wpi_alloc_tx_ring(sc, &sc->sc_cmdq, WPI_CMD_RING_COUNT, 4); 1124 if (err != DDI_SUCCESS) 1125 goto fail; 1126 err = wpi_alloc_tx_ring(sc, &sc->sc_svcq, WPI_SVC_RING_COUNT, 5); 1127 if (err != DDI_SUCCESS) 1128 goto fail; 1129 err = wpi_alloc_rx_ring(sc); 1130 if (err != DDI_SUCCESS) 1131 goto fail; 1132 return (err); 1133 1134 fail: 1135 return (err); 1136 } 1137 1138 static void 1139 wpi_ring_free(wpi_sc_t *sc) 1140 { 1141 int i = 4; 1142 1143 wpi_free_rx_ring(sc); 1144 wpi_free_tx_ring(sc, &sc->sc_svcq); 1145 wpi_free_tx_ring(sc, &sc->sc_cmdq); 1146 while (--i >= 0) { 1147 wpi_free_tx_ring(sc, &sc->sc_txq[i]); 1148 } 1149 } 1150 1151 /* ARGSUSED */ 1152 static ieee80211_node_t * 1153 wpi_node_alloc(ieee80211com_t *ic) 1154 { 1155 wpi_amrr_t *amrr; 1156 1157 amrr = kmem_zalloc(sizeof (wpi_amrr_t), KM_SLEEP); 1158 if (amrr != NULL) 1159 wpi_amrr_init(amrr); 1160 return (&amrr->in); 1161 } 1162 1163 static void 1164 wpi_node_free(ieee80211_node_t *in) 1165 { 1166 ieee80211com_t *ic = in->in_ic; 1167 1168 ic->ic_node_cleanup(in); 1169 kmem_free(in, sizeof (wpi_amrr_t)); 1170 } 1171 1172 /*ARGSUSED*/ 1173 static int 1174 wpi_newstate(ieee80211com_t *ic, enum ieee80211_state nstate, int arg) 1175 { 1176 wpi_sc_t *sc = (wpi_sc_t *)ic; 1177 ieee80211_node_t *in = ic->ic_bss; 1178 int i, err = WPI_SUCCESS; 1179 1180 mutex_enter(&sc->sc_glock); 1181 switch (nstate) { 1182 case IEEE80211_S_SCAN: 1183 /* ieee80211_node_table_reset(&ic->ic_scan); */ 1184 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1185 /* make the link LED blink while we're scanning */ 1186 wpi_set_led(sc, WPI_LED_LINK, 20, 2); 1187 1188 if ((err = wpi_scan(sc)) != 0) { 1189 WPI_DBG((WPI_DEBUG_80211, "could not initiate scan\n")); 1190 ic->ic_flags &= ~(IEEE80211_F_SCAN | 1191 IEEE80211_F_ASCAN); 1192 mutex_exit(&sc->sc_glock); 1193 return (err); 1194 } 1195 ic->ic_state = nstate; 1196 sc->sc_clk = 0; 1197 1198 mutex_exit(&sc->sc_glock); 1199 return (WPI_SUCCESS); 1200 1201 case IEEE80211_S_AUTH: 1202 /* reset state to handle reassociations correctly */ 1203 sc->sc_config.state = 0; 1204 sc->sc_config.filter &= ~LE_32(WPI_FILTER_BSS); 1205 1206 if ((err = wpi_auth(sc)) != 0) { 1207 WPI_DBG((WPI_DEBUG_80211, 1208 "could not send authentication request\n")); 1209 mutex_exit(&sc->sc_glock); 1210 return (err); 1211 } 1212 break; 1213 1214 case IEEE80211_S_RUN: 1215 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 1216 /* link LED blinks while monitoring */ 1217 wpi_set_led(sc, WPI_LED_LINK, 5, 5); 1218 break; 1219 } 1220 1221 if (ic->ic_opmode != IEEE80211_M_STA) { 1222 (void) wpi_auth(sc); 1223 /* need setup beacon here */ 1224 } 1225 WPI_DBG((WPI_DEBUG_80211, "wpi: associated.")); 1226 1227 /* update adapter's configuration */ 1228 sc->sc_config.state = LE_16(WPI_CONFIG_ASSOCIATED); 1229 /* short preamble/slot time are negotiated when associating */ 1230 sc->sc_config.flags &= ~LE_32(WPI_CONFIG_SHPREAMBLE | 1231 WPI_CONFIG_SHSLOT); 1232 if (ic->ic_flags & IEEE80211_F_SHSLOT) 1233 sc->sc_config.flags |= LE_32(WPI_CONFIG_SHSLOT); 1234 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1235 sc->sc_config.flags |= LE_32(WPI_CONFIG_SHPREAMBLE); 1236 sc->sc_config.filter |= LE_32(WPI_FILTER_BSS); 1237 if (ic->ic_opmode != IEEE80211_M_STA) 1238 sc->sc_config.filter |= LE_32(WPI_FILTER_BEACON); 1239 1240 WPI_DBG((WPI_DEBUG_80211, "config chan %d flags %x\n", 1241 sc->sc_config.chan, sc->sc_config.flags)); 1242 err = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->sc_config, 1243 sizeof (wpi_config_t), 1); 1244 if (err != WPI_SUCCESS) { 1245 WPI_DBG((WPI_DEBUG_80211, 1246 "could not update configuration\n")); 1247 mutex_exit(&sc->sc_glock); 1248 return (err); 1249 } 1250 1251 /* start automatic rate control */ 1252 mutex_enter(&sc->sc_mt_lock); 1253 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) { 1254 sc->sc_flags |= WPI_F_RATE_AUTO_CTL; 1255 /* set rate to some reasonable initial value */ 1256 i = in->in_rates.ir_nrates - 1; 1257 while (i > 0 && IEEE80211_RATE(i) > 72) 1258 i--; 1259 in->in_txrate = i; 1260 } else { 1261 sc->sc_flags &= ~WPI_F_RATE_AUTO_CTL; 1262 } 1263 mutex_exit(&sc->sc_mt_lock); 1264 1265 /* link LED always on while associated */ 1266 wpi_set_led(sc, WPI_LED_LINK, 0, 1); 1267 break; 1268 1269 case IEEE80211_S_INIT: 1270 case IEEE80211_S_ASSOC: 1271 break; 1272 } 1273 1274 mutex_exit(&sc->sc_glock); 1275 return (sc->sc_newstate(ic, nstate, arg)); 1276 } 1277 1278 /* 1279 * Grab exclusive access to NIC memory. 1280 */ 1281 static void 1282 wpi_mem_lock(wpi_sc_t *sc) 1283 { 1284 uint32_t tmp; 1285 int ntries; 1286 1287 tmp = WPI_READ(sc, WPI_GPIO_CTL); 1288 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_MAC); 1289 1290 /* spin until we actually get the lock */ 1291 for (ntries = 0; ntries < 1000; ntries++) { 1292 if ((WPI_READ(sc, WPI_GPIO_CTL) & 1293 (WPI_GPIO_CLOCK | WPI_GPIO_SLEEP)) == WPI_GPIO_CLOCK) 1294 break; 1295 DELAY(10); 1296 } 1297 if (ntries == 1000) 1298 WPI_DBG((WPI_DEBUG_PIO, "could not lock memory\n")); 1299 } 1300 1301 /* 1302 * Release lock on NIC memory. 1303 */ 1304 static void 1305 wpi_mem_unlock(wpi_sc_t *sc) 1306 { 1307 uint32_t tmp = WPI_READ(sc, WPI_GPIO_CTL); 1308 WPI_WRITE(sc, WPI_GPIO_CTL, tmp & ~WPI_GPIO_MAC); 1309 } 1310 1311 static uint32_t 1312 wpi_mem_read(wpi_sc_t *sc, uint16_t addr) 1313 { 1314 WPI_WRITE(sc, WPI_READ_MEM_ADDR, WPI_MEM_4 | addr); 1315 return (WPI_READ(sc, WPI_READ_MEM_DATA)); 1316 } 1317 1318 static void 1319 wpi_mem_write(wpi_sc_t *sc, uint16_t addr, uint32_t data) 1320 { 1321 WPI_WRITE(sc, WPI_WRITE_MEM_ADDR, WPI_MEM_4 | addr); 1322 WPI_WRITE(sc, WPI_WRITE_MEM_DATA, data); 1323 } 1324 1325 static void 1326 wpi_mem_write_region_4(wpi_sc_t *sc, uint16_t addr, 1327 const uint32_t *data, int wlen) 1328 { 1329 for (; wlen > 0; wlen--, data++, addr += 4) 1330 wpi_mem_write(sc, addr, *data); 1331 } 1332 1333 /* 1334 * Read 16 bits from the EEPROM. We access EEPROM through the MAC instead of 1335 * using the traditional bit-bang method. 1336 */ 1337 static uint16_t 1338 wpi_read_prom_word(wpi_sc_t *sc, uint32_t addr) 1339 { 1340 uint32_t val; 1341 int ntries; 1342 1343 WPI_WRITE(sc, WPI_EEPROM_CTL, addr << 2); 1344 1345 wpi_mem_lock(sc); 1346 for (ntries = 0; ntries < 10; ntries++) { 1347 if ((val = WPI_READ(sc, WPI_EEPROM_CTL)) & WPI_EEPROM_READY) 1348 break; 1349 DELAY(10); 1350 } 1351 wpi_mem_unlock(sc); 1352 1353 if (ntries == 10) { 1354 WPI_DBG((WPI_DEBUG_PIO, "could not read EEPROM\n")); 1355 return (0xdead); 1356 } 1357 return (val >> 16); 1358 } 1359 1360 /* 1361 * The firmware boot code is small and is intended to be copied directly into 1362 * the NIC internal memory. 1363 */ 1364 static int 1365 wpi_load_microcode(wpi_sc_t *sc) 1366 { 1367 const char *ucode; 1368 int size; 1369 1370 ucode = sc->sc_boot; 1371 size = LE_32(sc->sc_hdr->bootsz); 1372 /* check that microcode size is a multiple of 4 */ 1373 if (size & 3) 1374 return (EINVAL); 1375 1376 size /= sizeof (uint32_t); 1377 1378 wpi_mem_lock(sc); 1379 1380 /* copy microcode image into NIC memory */ 1381 wpi_mem_write_region_4(sc, WPI_MEM_UCODE_BASE, (const uint32_t *)ucode, 1382 size); 1383 1384 wpi_mem_write(sc, WPI_MEM_UCODE_SRC, 0); 1385 wpi_mem_write(sc, WPI_MEM_UCODE_DST, WPI_FW_TEXT); 1386 wpi_mem_write(sc, WPI_MEM_UCODE_SIZE, size); 1387 1388 /* run microcode */ 1389 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_RUN); 1390 1391 wpi_mem_unlock(sc); 1392 1393 return (WPI_SUCCESS); 1394 } 1395 1396 /* 1397 * The firmware text and data segments are transferred to the NIC using DMA. 1398 * The driver just copies the firmware into DMA-safe memory and tells the NIC 1399 * where to find it. Once the NIC has copied the firmware into its internal 1400 * memory, we can free our local copy in the driver. 1401 */ 1402 static int 1403 wpi_load_firmware(wpi_sc_t *sc, uint32_t target) 1404 { 1405 const char *fw; 1406 int size; 1407 wpi_dma_t *dma_p; 1408 ddi_dma_cookie_t *cookie; 1409 wpi_tx_desc_t desc; 1410 int i, ntries, err = WPI_SUCCESS; 1411 1412 /* only text and data here */ 1413 if (target == WPI_FW_TEXT) { 1414 fw = sc->sc_text; 1415 size = LE_32(sc->sc_hdr->textsz); 1416 dma_p = &sc->sc_dma_fw_text; 1417 cookie = sc->sc_fw_text_cookie; 1418 } else { 1419 fw = sc->sc_data; 1420 size = LE_32(sc->sc_hdr->datasz); 1421 dma_p = &sc->sc_dma_fw_data; 1422 cookie = sc->sc_fw_data_cookie; 1423 } 1424 1425 /* copy firmware image to DMA-safe memory */ 1426 (void) memcpy(dma_p->mem_va, fw, size); 1427 1428 /* make sure the adapter will get up-to-date values */ 1429 (void) ddi_dma_sync(dma_p->dma_hdl, 0, size, DDI_DMA_SYNC_FORDEV); 1430 1431 (void) memset(&desc, 0, sizeof (desc)); 1432 desc.flags = LE_32(WPI_PAD32(size) << 28 | dma_p->ncookies << 24); 1433 for (i = 0; i < dma_p->ncookies; i++) { 1434 WPI_DBG((WPI_DEBUG_DMA, "cookie%d addr:%x size:%x\n", 1435 i, cookie[i].dmac_address, cookie[i].dmac_size)); 1436 desc.segs[i].addr = cookie[i].dmac_address; 1437 desc.segs[i].len = (uint32_t)cookie[i].dmac_size; 1438 } 1439 1440 wpi_mem_lock(sc); 1441 1442 /* tell adapter where to copy image in its internal memory */ 1443 WPI_WRITE(sc, WPI_FW_TARGET, target); 1444 1445 WPI_WRITE(sc, WPI_TX_CONFIG(6), 0); 1446 1447 /* copy firmware descriptor into NIC memory */ 1448 WPI_WRITE_REGION_4(sc, WPI_TX_DESC(6), (uint32_t *)&desc, 1449 sizeof desc / sizeof (uint32_t)); 1450 1451 WPI_WRITE(sc, WPI_TX_CREDIT(6), 0xfffff); 1452 WPI_WRITE(sc, WPI_TX_STATE(6), 0x4001); 1453 WPI_WRITE(sc, WPI_TX_CONFIG(6), 0x80000001); 1454 1455 /* wait while the adapter is busy copying the firmware */ 1456 for (ntries = 0; ntries < 100; ntries++) { 1457 if (WPI_READ(sc, WPI_TX_STATUS) & WPI_TX_IDLE(6)) 1458 break; 1459 DELAY(1000); 1460 } 1461 if (ntries == 100) { 1462 WPI_DBG((WPI_DEBUG_FW, "timeout transferring firmware\n")); 1463 err = ETIMEDOUT; 1464 } 1465 1466 WPI_WRITE(sc, WPI_TX_CREDIT(6), 0); 1467 1468 wpi_mem_unlock(sc); 1469 1470 return (err); 1471 } 1472 1473 /*ARGSUSED*/ 1474 static void 1475 wpi_rx_intr(wpi_sc_t *sc, wpi_rx_desc_t *desc, wpi_rx_data_t *data) 1476 { 1477 ieee80211com_t *ic = &sc->sc_ic; 1478 wpi_rx_ring_t *ring = &sc->sc_rxq; 1479 wpi_rx_stat_t *stat; 1480 wpi_rx_head_t *head; 1481 wpi_rx_tail_t *tail; 1482 ieee80211_node_t *in; 1483 struct ieee80211_frame *wh; 1484 mblk_t *mp; 1485 uint16_t len; 1486 1487 stat = (wpi_rx_stat_t *)(desc + 1); 1488 1489 if (stat->len > WPI_STAT_MAXLEN) { 1490 WPI_DBG((WPI_DEBUG_RX, "invalid rx statistic header\n")); 1491 return; 1492 } 1493 1494 head = (wpi_rx_head_t *)((caddr_t)(stat + 1) + stat->len); 1495 tail = (wpi_rx_tail_t *)((caddr_t)(head + 1) + LE_16(head->len)); 1496 1497 len = LE_16(head->len); 1498 1499 WPI_DBG((WPI_DEBUG_RX, "rx intr: idx=%d len=%d stat len=%d rssi=%d " 1500 "rate=%x chan=%d tstamp=%llu", ring->cur, LE_32(desc->len), 1501 len, (int8_t)stat->rssi, head->rate, head->chan, 1502 LE_64(tail->tstamp))); 1503 1504 if ((len < 20) || (len > sc->sc_dmabuf_sz)) { 1505 sc->sc_rx_err++; 1506 return; 1507 } 1508 1509 /* 1510 * Discard Rx frames with bad CRC early 1511 */ 1512 if ((LE_32(tail->flags) & WPI_RX_NOERROR) != WPI_RX_NOERROR) { 1513 WPI_DBG((WPI_DEBUG_RX, "rx tail flags error %x\n", 1514 LE_32(tail->flags))); 1515 sc->sc_rx_err++; 1516 return; 1517 } 1518 1519 /* update Rx descriptor */ 1520 /* ring->desc[ring->cur] = LE_32(data->dma_data.cookie.dmac_address); */ 1521 1522 #ifdef WPI_BPF 1523 #ifndef WPI_CURRENT 1524 if (sc->sc_drvbpf != NULL) { 1525 #else 1526 if (bpf_peers_present(sc->sc_drvbpf)) { 1527 #endif 1528 struct wpi_rx_radiotap_header *tap = &sc->sc_rxtap; 1529 1530 tap->wr_flags = 0; 1531 tap->wr_rate = head->rate; 1532 tap->wr_chan_freq = 1533 LE_16(ic->ic_channels[head->chan].ic_freq); 1534 tap->wr_chan_flags = 1535 LE_16(ic->ic_channels[head->chan].ic_flags); 1536 tap->wr_dbm_antsignal = (int8_t)(stat->rssi - WPI_RSSI_OFFSET); 1537 tap->wr_dbm_antnoise = (int8_t)LE_16(stat->noise); 1538 tap->wr_tsft = tail->tstamp; 1539 tap->wr_antenna = (LE_16(head->flags) >> 4) & 0xf; 1540 switch (head->rate) { 1541 /* CCK rates */ 1542 case 10: tap->wr_rate = 2; break; 1543 case 20: tap->wr_rate = 4; break; 1544 case 55: tap->wr_rate = 11; break; 1545 case 110: tap->wr_rate = 22; break; 1546 /* OFDM rates */ 1547 case 0xd: tap->wr_rate = 12; break; 1548 case 0xf: tap->wr_rate = 18; break; 1549 case 0x5: tap->wr_rate = 24; break; 1550 case 0x7: tap->wr_rate = 36; break; 1551 case 0x9: tap->wr_rate = 48; break; 1552 case 0xb: tap->wr_rate = 72; break; 1553 case 0x1: tap->wr_rate = 96; break; 1554 case 0x3: tap->wr_rate = 108; break; 1555 /* unknown rate: should not happen */ 1556 default: tap->wr_rate = 0; 1557 } 1558 if (LE_16(head->flags) & 0x4) 1559 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1560 1561 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1562 } 1563 #endif 1564 /* grab a reference to the source node */ 1565 wh = (struct ieee80211_frame *)(head + 1); 1566 1567 #ifdef DEBUG 1568 if (wpi_dbg_flags & WPI_DEBUG_RX) 1569 ieee80211_dump_pkt((uint8_t *)wh, len, 0, 0); 1570 #endif 1571 1572 in = ieee80211_find_rxnode(ic, wh); 1573 mp = allocb(len, BPRI_MED); 1574 if (mp) { 1575 (void) memcpy(mp->b_wptr, wh, len); 1576 mp->b_wptr += len; 1577 1578 /* send the frame to the 802.11 layer */ 1579 (void) ieee80211_input(ic, mp, in, stat->rssi, 0); 1580 } else { 1581 sc->sc_rx_nobuf++; 1582 WPI_DBG((WPI_DEBUG_RX, 1583 "wpi_rx_intr(): alloc rx buf failed\n")); 1584 } 1585 /* release node reference */ 1586 ieee80211_free_node(in); 1587 } 1588 1589 /*ARGSUSED*/ 1590 static void 1591 wpi_tx_intr(wpi_sc_t *sc, wpi_rx_desc_t *desc, wpi_rx_data_t *data) 1592 { 1593 ieee80211com_t *ic = &sc->sc_ic; 1594 wpi_tx_ring_t *ring = &sc->sc_txq[desc->qid & 0x3]; 1595 /* wpi_tx_data_t *txdata = &ring->data[desc->idx]; */ 1596 wpi_tx_stat_t *stat = (wpi_tx_stat_t *)(desc + 1); 1597 wpi_amrr_t *amrr = (wpi_amrr_t *)ic->ic_bss; 1598 1599 WPI_DBG((WPI_DEBUG_TX, "tx done: qid=%d idx=%d retries=%d nkill=%d " 1600 "rate=%x duration=%d status=%x\n", 1601 desc->qid, desc->idx, stat->ntries, stat->nkill, stat->rate, 1602 LE_32(stat->duration), LE_32(stat->status))); 1603 1604 amrr->txcnt++; 1605 WPI_DBG((WPI_DEBUG_RATECTL, "tx: %d cnt\n", amrr->txcnt)); 1606 if (stat->ntries > 0) { 1607 amrr->retrycnt++; 1608 sc->sc_tx_retries++; 1609 WPI_DBG((WPI_DEBUG_RATECTL, "tx: %d retries\n", 1610 amrr->retrycnt)); 1611 } 1612 1613 sc->sc_tx_timer = 0; 1614 1615 mutex_enter(&sc->sc_tx_lock); 1616 ring->queued--; 1617 if (ring->queued < 0) 1618 ring->queued = 0; 1619 if ((sc->sc_need_reschedule) && (ring->queued <= (ring->count << 3))) { 1620 sc->sc_need_reschedule = 0; 1621 mutex_exit(&sc->sc_tx_lock); 1622 mac_tx_update(ic->ic_mach); 1623 mutex_enter(&sc->sc_tx_lock); 1624 } 1625 mutex_exit(&sc->sc_tx_lock); 1626 } 1627 1628 static void 1629 wpi_cmd_intr(wpi_sc_t *sc, wpi_rx_desc_t *desc) 1630 { 1631 if ((desc->qid & 7) != 4) { 1632 return; /* not a command ack */ 1633 } 1634 mutex_enter(&sc->sc_glock); 1635 sc->sc_flags |= WPI_F_CMD_DONE; 1636 cv_signal(&sc->sc_cmd_cv); 1637 mutex_exit(&sc->sc_glock); 1638 } 1639 1640 static uint_t 1641 wpi_notif_softintr(caddr_t arg) 1642 { 1643 wpi_sc_t *sc = (wpi_sc_t *)arg; 1644 ieee80211com_t *ic = &sc->sc_ic; 1645 wpi_rx_desc_t *desc; 1646 wpi_rx_data_t *data; 1647 uint32_t hw; 1648 1649 mutex_enter(&sc->sc_glock); 1650 if (sc->sc_notif_softint_pending != 1) { 1651 mutex_exit(&sc->sc_glock); 1652 return (DDI_INTR_UNCLAIMED); 1653 } 1654 mutex_exit(&sc->sc_glock); 1655 1656 hw = LE_32(sc->sc_shared->next); 1657 1658 while (sc->sc_rxq.cur != hw) { 1659 data = &sc->sc_rxq.data[sc->sc_rxq.cur]; 1660 desc = (wpi_rx_desc_t *)data->dma_data.mem_va; 1661 1662 WPI_DBG((WPI_DEBUG_INTR, "rx notification hw = %d cur = %d " 1663 "qid=%x idx=%d flags=%x type=%d len=%d\n", 1664 hw, sc->sc_rxq.cur, desc->qid, desc->idx, desc->flags, 1665 desc->type, LE_32(desc->len))); 1666 1667 if (!(desc->qid & 0x80)) /* reply to a command */ 1668 wpi_cmd_intr(sc, desc); 1669 1670 switch (desc->type) { 1671 case WPI_RX_DONE: 1672 /* a 802.11 frame was received */ 1673 wpi_rx_intr(sc, desc, data); 1674 break; 1675 1676 case WPI_TX_DONE: 1677 /* a 802.11 frame has been transmitted */ 1678 wpi_tx_intr(sc, desc, data); 1679 break; 1680 1681 case WPI_UC_READY: 1682 { 1683 wpi_ucode_info_t *uc = 1684 (wpi_ucode_info_t *)(desc + 1); 1685 1686 /* the microcontroller is ready */ 1687 WPI_DBG((WPI_DEBUG_FW, 1688 "microcode alive notification version %x " 1689 "alive %x\n", LE_32(uc->version), 1690 LE_32(uc->valid))); 1691 1692 if (LE_32(uc->valid) != 1) { 1693 WPI_DBG((WPI_DEBUG_FW, 1694 "microcontroller initialization failed\n")); 1695 } 1696 break; 1697 } 1698 case WPI_STATE_CHANGED: 1699 { 1700 uint32_t *status = (uint32_t *)(desc + 1); 1701 1702 /* enabled/disabled notification */ 1703 WPI_DBG((WPI_DEBUG_RADIO, "state changed to %x\n", 1704 LE_32(*status))); 1705 1706 if (LE_32(*status) & 1) { 1707 /* the radio button has to be pushed */ 1708 cmn_err(CE_NOTE, 1709 "wpi: Radio transmitter is off\n"); 1710 } 1711 break; 1712 } 1713 case WPI_START_SCAN: 1714 { 1715 wpi_start_scan_t *scan = 1716 (wpi_start_scan_t *)(desc + 1); 1717 1718 WPI_DBG((WPI_DEBUG_SCAN, 1719 "scanning channel %d status %x\n", 1720 scan->chan, LE_32(scan->status))); 1721 1722 /* fix current channel */ 1723 ic->ic_curchan = &ic->ic_sup_channels[scan->chan]; 1724 break; 1725 } 1726 case WPI_STOP_SCAN: 1727 WPI_DBG((WPI_DEBUG_SCAN, "scan finished\n")); 1728 ieee80211_end_scan(ic); 1729 break; 1730 } 1731 1732 sc->sc_rxq.cur = (sc->sc_rxq.cur + 1) % WPI_RX_RING_COUNT; 1733 } 1734 1735 /* tell the firmware what we have processed */ 1736 hw = (hw == 0) ? WPI_RX_RING_COUNT - 1 : hw - 1; 1737 WPI_WRITE(sc, WPI_RX_WIDX, hw & (~7)); 1738 mutex_enter(&sc->sc_glock); 1739 sc->sc_notif_softint_pending = 0; 1740 mutex_exit(&sc->sc_glock); 1741 1742 return (DDI_INTR_CLAIMED); 1743 } 1744 1745 static uint_t 1746 wpi_intr(caddr_t arg) 1747 { 1748 wpi_sc_t *sc = (wpi_sc_t *)arg; 1749 uint32_t r; 1750 1751 mutex_enter(&sc->sc_glock); 1752 r = WPI_READ(sc, WPI_INTR); 1753 if (r == 0 || r == 0xffffffff) { 1754 mutex_exit(&sc->sc_glock); 1755 return (DDI_INTR_UNCLAIMED); 1756 } 1757 1758 WPI_DBG((WPI_DEBUG_INTR, "interrupt reg %x\n", r)); 1759 1760 /* disable interrupts */ 1761 WPI_WRITE(sc, WPI_MASK, 0); 1762 /* ack interrupts */ 1763 WPI_WRITE(sc, WPI_INTR, r); 1764 1765 if (sc->sc_notif_softint_id == NULL) { 1766 mutex_exit(&sc->sc_glock); 1767 return (DDI_INTR_CLAIMED); 1768 } 1769 1770 if (r & (WPI_SW_ERROR | WPI_HW_ERROR)) { 1771 WPI_DBG((WPI_DEBUG_FW, "fatal firmware error\n")); 1772 mutex_exit(&sc->sc_glock); 1773 wpi_stop(sc); 1774 sc->sc_ostate = sc->sc_ic.ic_state; 1775 ieee80211_new_state(&sc->sc_ic, IEEE80211_S_INIT, -1); 1776 sc->sc_flags |= WPI_F_HW_ERR_RECOVER; 1777 return (DDI_INTR_CLAIMED); 1778 } 1779 1780 if (r & WPI_RX_INTR) { 1781 sc->sc_notif_softint_pending = 1; 1782 ddi_trigger_softintr(sc->sc_notif_softint_id); 1783 } 1784 1785 if (r & WPI_ALIVE_INTR) { /* firmware initialized */ 1786 sc->sc_flags |= WPI_F_FW_INIT; 1787 cv_signal(&sc->sc_fw_cv); 1788 } 1789 1790 /* re-enable interrupts */ 1791 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 1792 mutex_exit(&sc->sc_glock); 1793 1794 return (DDI_INTR_CLAIMED); 1795 } 1796 1797 static uint8_t 1798 wpi_plcp_signal(int rate) 1799 { 1800 switch (rate) { 1801 /* CCK rates (returned values are device-dependent) */ 1802 case 2: return (10); 1803 case 4: return (20); 1804 case 11: return (55); 1805 case 22: return (110); 1806 1807 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1808 /* R1-R4 (ral/ural is R4-R1) */ 1809 case 12: return (0xd); 1810 case 18: return (0xf); 1811 case 24: return (0x5); 1812 case 36: return (0x7); 1813 case 48: return (0x9); 1814 case 72: return (0xb); 1815 case 96: return (0x1); 1816 case 108: return (0x3); 1817 1818 /* unsupported rates (should not get there) */ 1819 default: return (0); 1820 } 1821 } 1822 1823 static mblk_t * 1824 wpi_m_tx(void *arg, mblk_t *mp) 1825 { 1826 wpi_sc_t *sc = (wpi_sc_t *)arg; 1827 ieee80211com_t *ic = &sc->sc_ic; 1828 mblk_t *next; 1829 1830 if (ic->ic_state != IEEE80211_S_RUN) { 1831 freemsgchain(mp); 1832 return (NULL); 1833 } 1834 1835 while (mp != NULL) { 1836 next = mp->b_next; 1837 mp->b_next = NULL; 1838 if (wpi_send(ic, mp, IEEE80211_FC0_TYPE_DATA) != 0) { 1839 mp->b_next = next; 1840 break; 1841 } 1842 mp = next; 1843 } 1844 return (mp); 1845 } 1846 1847 /* ARGSUSED */ 1848 static int 1849 wpi_send(ieee80211com_t *ic, mblk_t *mp, uint8_t type) 1850 { 1851 wpi_sc_t *sc = (wpi_sc_t *)ic; 1852 wpi_tx_ring_t *ring; 1853 wpi_tx_desc_t *desc; 1854 wpi_tx_data_t *data; 1855 wpi_tx_cmd_t *cmd; 1856 wpi_cmd_data_t *tx; 1857 ieee80211_node_t *in; 1858 struct ieee80211_frame *wh; 1859 struct ieee80211_key *k; 1860 mblk_t *m, *m0; 1861 int rate, hdrlen, len, mblen, off, err = WPI_SUCCESS; 1862 1863 ring = ((type & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_DATA) ? 1864 (&sc->sc_txq[0]) : (&sc->sc_txq[1]); 1865 data = &ring->data[ring->cur]; 1866 desc = data->desc; 1867 cmd = data->cmd; 1868 bzero(desc, sizeof (*desc)); 1869 bzero(cmd, sizeof (*cmd)); 1870 1871 mutex_enter(&sc->sc_tx_lock); 1872 if (ring->queued > ring->count - 64) { 1873 WPI_DBG((WPI_DEBUG_TX, "wpi_send(): no txbuf\n")); 1874 sc->sc_need_reschedule = 1; 1875 mutex_exit(&sc->sc_tx_lock); 1876 if ((type & IEEE80211_FC0_TYPE_MASK) != 1877 IEEE80211_FC0_TYPE_DATA) { 1878 freemsg(mp); 1879 } 1880 sc->sc_tx_nobuf++; 1881 err = WPI_FAIL; 1882 goto exit; 1883 } 1884 mutex_exit(&sc->sc_tx_lock); 1885 1886 hdrlen = sizeof (struct ieee80211_frame); 1887 1888 m = allocb(msgdsize(mp) + 32, BPRI_MED); 1889 if (m == NULL) { /* can not alloc buf, drop this package */ 1890 cmn_err(CE_WARN, 1891 "wpi_send(): failed to allocate msgbuf\n"); 1892 freemsg(mp); 1893 err = WPI_SUCCESS; 1894 goto exit; 1895 } 1896 for (off = 0, m0 = mp; m0 != NULL; m0 = m0->b_cont) { 1897 mblen = MBLKL(m0); 1898 (void) memcpy(m->b_rptr + off, m0->b_rptr, mblen); 1899 off += mblen; 1900 } 1901 m->b_wptr += off; 1902 freemsg(mp); 1903 1904 wh = (struct ieee80211_frame *)m->b_rptr; 1905 1906 in = ieee80211_find_txnode(ic, wh->i_addr1); 1907 if (in == NULL) { 1908 cmn_err(CE_WARN, "wpi_send(): failed to find tx node\n"); 1909 freemsg(m); 1910 sc->sc_tx_err++; 1911 err = WPI_SUCCESS; 1912 goto exit; 1913 } 1914 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1915 k = ieee80211_crypto_encap(ic, m); 1916 if (k == NULL) { 1917 freemsg(m); 1918 sc->sc_tx_err++; 1919 err = WPI_SUCCESS; 1920 goto exit; 1921 } 1922 1923 /* packet header may have moved, reset our local pointer */ 1924 wh = (struct ieee80211_frame *)m->b_rptr; 1925 } 1926 1927 len = msgdsize(m); 1928 1929 #ifdef DEBUG 1930 if (wpi_dbg_flags & WPI_DEBUG_TX) 1931 ieee80211_dump_pkt((uint8_t *)wh, hdrlen, 0, 0); 1932 #endif 1933 1934 /* pickup a rate */ 1935 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 1936 IEEE80211_FC0_TYPE_MGT) { 1937 /* mgmt frames are sent at the lowest available bit-rate */ 1938 rate = 2; 1939 } else { 1940 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1941 rate = ic->ic_fixed_rate; 1942 } else 1943 rate = in->in_rates.ir_rates[in->in_txrate]; 1944 } 1945 rate &= IEEE80211_RATE_VAL; 1946 WPI_DBG((WPI_DEBUG_RATECTL, "tx rate[%d of %d] = %x", 1947 in->in_txrate, in->in_rates.ir_nrates, rate)); 1948 #ifdef WPI_BPF 1949 #ifndef WPI_CURRENT 1950 if (sc->sc_drvbpf != NULL) { 1951 #else 1952 if (bpf_peers_present(sc->sc_drvbpf)) { 1953 #endif 1954 struct wpi_tx_radiotap_header *tap = &sc->sc_txtap; 1955 1956 tap->wt_flags = 0; 1957 tap->wt_chan_freq = LE_16(ic->ic_curchan->ic_freq); 1958 tap->wt_chan_flags = LE_16(ic->ic_curchan->ic_flags); 1959 tap->wt_rate = rate; 1960 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1961 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1962 1963 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1964 } 1965 #endif 1966 1967 cmd->code = WPI_CMD_TX_DATA; 1968 cmd->flags = 0; 1969 cmd->qid = ring->qid; 1970 cmd->idx = ring->cur; 1971 1972 tx = (wpi_cmd_data_t *)cmd->data; 1973 tx->flags = 0; 1974 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1975 tx->flags |= LE_32(WPI_TX_NEED_ACK); 1976 } else { 1977 tx->flags &= ~(LE_32(WPI_TX_NEED_ACK)); 1978 } 1979 1980 tx->flags |= (LE_32(WPI_TX_AUTO_SEQ)); 1981 tx->flags |= LE_32(WPI_TX_BT_DISABLE | WPI_TX_CALIBRATION); 1982 1983 /* retrieve destination node's id */ 1984 tx->id = IEEE80211_IS_MULTICAST(wh->i_addr1) ? WPI_ID_BROADCAST : 1985 WPI_ID_BSS; 1986 1987 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 1988 IEEE80211_FC0_TYPE_MGT) { 1989 /* tell h/w to set timestamp in probe responses */ 1990 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 1991 IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1992 tx->flags |= LE_32(WPI_TX_INSERT_TSTAMP); 1993 1994 if (((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 1995 IEEE80211_FC0_SUBTYPE_ASSOC_REQ) || 1996 ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 1997 IEEE80211_FC0_SUBTYPE_REASSOC_REQ)) 1998 tx->timeout = 3; 1999 else 2000 tx->timeout = 2; 2001 } else 2002 tx->timeout = 0; 2003 2004 tx->rate = wpi_plcp_signal(rate); 2005 2006 /* be very persistant at sending frames out */ 2007 tx->rts_ntries = 7; 2008 tx->data_ntries = 15; 2009 2010 tx->cck_mask = 0x0f; 2011 tx->ofdm_mask = 0xff; 2012 tx->lifetime = LE_32(0xffffffff); 2013 2014 tx->len = LE_16(len); 2015 2016 /* save and trim IEEE802.11 header */ 2017 (void) memcpy(tx + 1, m->b_rptr, hdrlen); 2018 m->b_rptr += hdrlen; 2019 (void) memcpy(data->dma_data.mem_va, m->b_rptr, len - hdrlen); 2020 2021 WPI_DBG((WPI_DEBUG_TX, "sending data: qid=%d idx=%d len=%d", ring->qid, 2022 ring->cur, len)); 2023 2024 /* first scatter/gather segment is used by the tx data command */ 2025 desc->flags = LE_32(WPI_PAD32(len) << 28 | (2) << 24); 2026 desc->segs[0].addr = LE_32(data->paddr_cmd); 2027 desc->segs[0].len = LE_32( 2028 roundup(4 + sizeof (wpi_cmd_data_t) + hdrlen, 4)); 2029 desc->segs[1].addr = LE_32(data->dma_data.cookie.dmac_address); 2030 desc->segs[1].len = LE_32(len - hdrlen); 2031 2032 WPI_DMA_SYNC(data->dma_data, DDI_DMA_SYNC_FORDEV); 2033 WPI_DMA_SYNC(ring->dma_desc, DDI_DMA_SYNC_FORDEV); 2034 2035 mutex_enter(&sc->sc_tx_lock); 2036 ring->queued++; 2037 mutex_exit(&sc->sc_tx_lock); 2038 2039 /* kick ring */ 2040 ring->cur = (ring->cur + 1) % WPI_TX_RING_COUNT; 2041 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2042 freemsg(m); 2043 /* release node reference */ 2044 ieee80211_free_node(in); 2045 2046 ic->ic_stats.is_tx_bytes += len; 2047 ic->ic_stats.is_tx_frags++; 2048 2049 if (sc->sc_tx_timer == 0) 2050 sc->sc_tx_timer = 5; 2051 exit: 2052 return (err); 2053 } 2054 2055 static void 2056 wpi_m_ioctl(void* arg, queue_t *wq, mblk_t *mp) 2057 { 2058 wpi_sc_t *sc = (wpi_sc_t *)arg; 2059 ieee80211com_t *ic = &sc->sc_ic; 2060 int err; 2061 2062 err = ieee80211_ioctl(ic, wq, mp); 2063 if (err == ENETRESET) { 2064 (void) ieee80211_new_state(ic, 2065 IEEE80211_S_SCAN, -1); 2066 } 2067 } 2068 2069 /*ARGSUSED*/ 2070 static int 2071 wpi_m_stat(void *arg, uint_t stat, uint64_t *val) 2072 { 2073 wpi_sc_t *sc = (wpi_sc_t *)arg; 2074 ieee80211com_t *ic = &sc->sc_ic; 2075 ieee80211_node_t *in = ic->ic_bss; 2076 struct ieee80211_rateset *rs = &in->in_rates; 2077 2078 mutex_enter(&sc->sc_glock); 2079 switch (stat) { 2080 case MAC_STAT_IFSPEED: 2081 *val = ((ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) ? 2082 (rs->ir_rates[in->in_txrate] & IEEE80211_RATE_VAL) 2083 : ic->ic_fixed_rate) * 5000000ull; 2084 break; 2085 case MAC_STAT_NOXMTBUF: 2086 *val = sc->sc_tx_nobuf; 2087 break; 2088 case MAC_STAT_NORCVBUF: 2089 *val = sc->sc_rx_nobuf; 2090 break; 2091 case MAC_STAT_IERRORS: 2092 *val = sc->sc_rx_err; 2093 break; 2094 case MAC_STAT_RBYTES: 2095 *val = ic->ic_stats.is_rx_bytes; 2096 break; 2097 case MAC_STAT_IPACKETS: 2098 *val = ic->ic_stats.is_rx_frags; 2099 break; 2100 case MAC_STAT_OBYTES: 2101 *val = ic->ic_stats.is_tx_bytes; 2102 break; 2103 case MAC_STAT_OPACKETS: 2104 *val = ic->ic_stats.is_tx_frags; 2105 break; 2106 case MAC_STAT_OERRORS: 2107 case WIFI_STAT_TX_FAILED: 2108 *val = sc->sc_tx_err; 2109 break; 2110 case WIFI_STAT_TX_RETRANS: 2111 *val = sc->sc_tx_retries; 2112 break; 2113 case WIFI_STAT_FCS_ERRORS: 2114 case WIFI_STAT_WEP_ERRORS: 2115 case WIFI_STAT_TX_FRAGS: 2116 case WIFI_STAT_MCAST_TX: 2117 case WIFI_STAT_RTS_SUCCESS: 2118 case WIFI_STAT_RTS_FAILURE: 2119 case WIFI_STAT_ACK_FAILURE: 2120 case WIFI_STAT_RX_FRAGS: 2121 case WIFI_STAT_MCAST_RX: 2122 case WIFI_STAT_RX_DUPS: 2123 mutex_exit(&sc->sc_glock); 2124 return (ieee80211_stat(ic, stat, val)); 2125 default: 2126 mutex_exit(&sc->sc_glock); 2127 return (ENOTSUP); 2128 } 2129 mutex_exit(&sc->sc_glock); 2130 2131 return (WPI_SUCCESS); 2132 2133 } 2134 2135 static int 2136 wpi_m_start(void *arg) 2137 { 2138 wpi_sc_t *sc = (wpi_sc_t *)arg; 2139 ieee80211com_t *ic = &sc->sc_ic; 2140 int err; 2141 2142 err = wpi_init(sc); 2143 if (err != WPI_SUCCESS) { 2144 wpi_stop(sc); 2145 DELAY(1000000); 2146 err = wpi_init(sc); 2147 } 2148 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2149 2150 return (err); 2151 } 2152 2153 static void 2154 wpi_m_stop(void *arg) 2155 { 2156 wpi_sc_t *sc = (wpi_sc_t *)arg; 2157 ieee80211com_t *ic = &sc->sc_ic; 2158 2159 wpi_stop(sc); 2160 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2161 mutex_enter(&sc->sc_mt_lock); 2162 sc->sc_flags &= ~WPI_F_HW_ERR_RECOVER; 2163 sc->sc_flags &= ~WPI_F_RATE_AUTO_CTL; 2164 mutex_exit(&sc->sc_mt_lock); 2165 } 2166 2167 /*ARGSUSED*/ 2168 static int 2169 wpi_m_unicst(void *arg, const uint8_t *macaddr) 2170 { 2171 wpi_sc_t *sc = (wpi_sc_t *)arg; 2172 ieee80211com_t *ic = &sc->sc_ic; 2173 int err; 2174 2175 if (!IEEE80211_ADDR_EQ(ic->ic_macaddr, macaddr)) { 2176 IEEE80211_ADDR_COPY(ic->ic_macaddr, macaddr); 2177 mutex_enter(&sc->sc_glock); 2178 err = wpi_config(sc); 2179 mutex_exit(&sc->sc_glock); 2180 if (err != WPI_SUCCESS) { 2181 cmn_err(CE_WARN, 2182 "wpi_m_unicst(): " 2183 "failed to configure device\n"); 2184 goto fail; 2185 } 2186 } 2187 return (WPI_SUCCESS); 2188 fail: 2189 return (err); 2190 } 2191 2192 /*ARGSUSED*/ 2193 static int 2194 wpi_m_multicst(void *arg, boolean_t add, const uint8_t *m) 2195 { 2196 return (WPI_SUCCESS); 2197 } 2198 2199 /*ARGSUSED*/ 2200 static int 2201 wpi_m_promisc(void *arg, boolean_t on) 2202 { 2203 return (WPI_SUCCESS); 2204 } 2205 2206 static void 2207 wpi_thread(wpi_sc_t *sc) 2208 { 2209 ieee80211com_t *ic = &sc->sc_ic; 2210 clock_t clk; 2211 int times = 0, err, n = 0, timeout = 0; 2212 2213 mutex_enter(&sc->sc_mt_lock); 2214 while (sc->sc_mf_thread_switch) { 2215 /* 2216 * recovery fatal error 2217 */ 2218 if (ic->ic_mach && 2219 (sc->sc_flags & WPI_F_HW_ERR_RECOVER)) { 2220 2221 WPI_DBG((WPI_DEBUG_FW, 2222 "wpi_thread(): " 2223 "try to recover fatal hw error: %d\n", times++)); 2224 2225 wpi_stop(sc); 2226 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2227 2228 mutex_exit(&sc->sc_mt_lock); 2229 delay(drv_usectohz(2000000)); 2230 mutex_enter(&sc->sc_mt_lock); 2231 err = wpi_init(sc); 2232 if (err != WPI_SUCCESS) { 2233 n++; 2234 if (n < 3) 2235 continue; 2236 } 2237 n = 0; 2238 sc->sc_flags &= ~WPI_F_HW_ERR_RECOVER; 2239 mutex_exit(&sc->sc_mt_lock); 2240 delay(drv_usectohz(2000000)); 2241 if (sc->sc_ostate != IEEE80211_S_INIT) 2242 ieee80211_begin_scan(ic, 0); 2243 mutex_enter(&sc->sc_mt_lock); 2244 } 2245 2246 /* 2247 * rate ctl 2248 */ 2249 if (ic->ic_mach && 2250 (sc->sc_flags & WPI_F_RATE_AUTO_CTL)) { 2251 clk = ddi_get_lbolt(); 2252 if (clk > sc->sc_clk + drv_usectohz(500000)) { 2253 wpi_amrr_timeout(sc); 2254 } 2255 } 2256 mutex_exit(&sc->sc_mt_lock); 2257 delay(drv_usectohz(100000)); 2258 mutex_enter(&sc->sc_mt_lock); 2259 if (sc->sc_tx_timer) { 2260 timeout++; 2261 if (timeout == 10) { 2262 sc->sc_tx_timer--; 2263 if (sc->sc_tx_timer == 0) { 2264 sc->sc_flags |= WPI_F_HW_ERR_RECOVER; 2265 sc->sc_ostate = IEEE80211_S_RUN; 2266 } 2267 timeout = 0; 2268 } 2269 } 2270 } 2271 sc->sc_mf_thread = NULL; 2272 cv_signal(&sc->sc_mt_cv); 2273 mutex_exit(&sc->sc_mt_lock); 2274 } 2275 2276 /* 2277 * Extract various information from EEPROM. 2278 */ 2279 static void 2280 wpi_read_eeprom(wpi_sc_t *sc) 2281 { 2282 ieee80211com_t *ic = &sc->sc_ic; 2283 uint16_t val; 2284 int i; 2285 2286 /* read MAC address */ 2287 val = wpi_read_prom_word(sc, WPI_EEPROM_MAC + 0); 2288 ic->ic_macaddr[0] = val & 0xff; 2289 ic->ic_macaddr[1] = val >> 8; 2290 val = wpi_read_prom_word(sc, WPI_EEPROM_MAC + 1); 2291 ic->ic_macaddr[2] = val & 0xff; 2292 ic->ic_macaddr[3] = val >> 8; 2293 val = wpi_read_prom_word(sc, WPI_EEPROM_MAC + 2); 2294 ic->ic_macaddr[4] = val & 0xff; 2295 ic->ic_macaddr[5] = val >> 8; 2296 2297 WPI_DBG((WPI_DEBUG_EEPROM, 2298 "mac:%2x:%2x:%2x:%2x:%2x:%2x\n", 2299 ic->ic_macaddr[0], ic->ic_macaddr[1], 2300 ic->ic_macaddr[2], ic->ic_macaddr[3], 2301 ic->ic_macaddr[4], ic->ic_macaddr[5])); 2302 /* read power settings for 2.4GHz channels */ 2303 for (i = 0; i < 14; i++) { 2304 sc->sc_pwr1[i] = wpi_read_prom_word(sc, WPI_EEPROM_PWR1 + i); 2305 sc->sc_pwr2[i] = wpi_read_prom_word(sc, WPI_EEPROM_PWR2 + i); 2306 WPI_DBG((WPI_DEBUG_EEPROM, 2307 "channel %d pwr1 0x%04x pwr2 0x%04x\n", i + 1, 2308 sc->sc_pwr1[i], sc->sc_pwr2[i])); 2309 } 2310 } 2311 2312 /* 2313 * Send a command to the firmware. 2314 */ 2315 static int 2316 wpi_cmd(wpi_sc_t *sc, int code, const void *buf, int size, int async) 2317 { 2318 wpi_tx_ring_t *ring = &sc->sc_cmdq; 2319 wpi_tx_desc_t *desc; 2320 wpi_tx_cmd_t *cmd; 2321 2322 ASSERT(size <= sizeof (cmd->data)); 2323 ASSERT(mutex_owned(&sc->sc_glock)); 2324 2325 WPI_DBG((WPI_DEBUG_CMD, "wpi_cmd() # code[%d]", code)); 2326 desc = ring->data[ring->cur].desc; 2327 cmd = ring->data[ring->cur].cmd; 2328 2329 cmd->code = (uint8_t)code; 2330 cmd->flags = 0; 2331 cmd->qid = ring->qid; 2332 cmd->idx = ring->cur; 2333 (void) memcpy(cmd->data, buf, size); 2334 2335 desc->flags = LE_32(WPI_PAD32(size) << 28 | 1 << 24); 2336 desc->segs[0].addr = ring->data[ring->cur].paddr_cmd; 2337 desc->segs[0].len = 4 + size; 2338 2339 /* kick cmd ring */ 2340 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2341 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2342 2343 if (async) 2344 return (WPI_SUCCESS); 2345 else { 2346 clock_t clk; 2347 sc->sc_flags &= ~WPI_F_CMD_DONE; 2348 clk = ddi_get_lbolt() + drv_usectohz(2000000); 2349 while (!(sc->sc_flags & WPI_F_CMD_DONE)) { 2350 if (cv_timedwait(&sc->sc_cmd_cv, &sc->sc_glock, clk) 2351 < 0) 2352 break; 2353 } 2354 if (sc->sc_flags & WPI_F_CMD_DONE) 2355 return (WPI_SUCCESS); 2356 else 2357 return (WPI_FAIL); 2358 } 2359 } 2360 2361 /* 2362 * Configure h/w multi-rate retries. 2363 */ 2364 static int 2365 wpi_mrr_setup(wpi_sc_t *sc) 2366 { 2367 wpi_mrr_setup_t mrr; 2368 int i, err; 2369 2370 /* CCK rates (not used with 802.11a) */ 2371 for (i = WPI_CCK1; i <= WPI_CCK11; i++) { 2372 mrr.rates[i].flags = 0; 2373 mrr.rates[i].signal = wpi_ridx_to_signal[i]; 2374 /* fallback to the immediate lower CCK rate (if any) */ 2375 mrr.rates[i].next = (i == WPI_CCK1) ? WPI_CCK1 : i - 1; 2376 /* try one time at this rate before falling back to "next" */ 2377 mrr.rates[i].ntries = 1; 2378 } 2379 2380 /* OFDM rates (not used with 802.11b) */ 2381 for (i = WPI_OFDM6; i <= WPI_OFDM54; i++) { 2382 mrr.rates[i].flags = 0; 2383 mrr.rates[i].signal = wpi_ridx_to_signal[i]; 2384 /* fallback to the immediate lower OFDM rate (if any) */ 2385 mrr.rates[i].next = (i == WPI_OFDM6) ? WPI_OFDM6 : i - 1; 2386 /* try one time at this rate before falling back to "next" */ 2387 mrr.rates[i].ntries = 1; 2388 } 2389 2390 /* setup MRR for control frames */ 2391 mrr.which = LE_32(WPI_MRR_CTL); 2392 err = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof (mrr), 1); 2393 if (err != WPI_SUCCESS) { 2394 WPI_DBG((WPI_DEBUG_MRR, 2395 "could not setup MRR for control frames\n")); 2396 return (err); 2397 } 2398 2399 /* setup MRR for data frames */ 2400 mrr.which = LE_32(WPI_MRR_DATA); 2401 err = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof (mrr), 1); 2402 if (err != WPI_SUCCESS) { 2403 WPI_DBG((WPI_DEBUG_MRR, 2404 "could not setup MRR for data frames\n")); 2405 return (err); 2406 } 2407 2408 return (WPI_SUCCESS); 2409 } 2410 2411 static void 2412 wpi_set_led(wpi_sc_t *sc, uint8_t which, uint8_t off, uint8_t on) 2413 { 2414 wpi_cmd_led_t led; 2415 2416 led.which = which; 2417 led.unit = LE_32(100000); /* on/off in unit of 100ms */ 2418 led.off = off; 2419 led.on = on; 2420 2421 (void) wpi_cmd(sc, WPI_CMD_SET_LED, &led, sizeof (led), 1); 2422 } 2423 2424 static int 2425 wpi_auth(wpi_sc_t *sc) 2426 { 2427 ieee80211com_t *ic = &sc->sc_ic; 2428 ieee80211_node_t *in = ic->ic_bss; 2429 wpi_node_t node; 2430 int err; 2431 2432 /* update adapter's configuration */ 2433 IEEE80211_ADDR_COPY(sc->sc_config.bssid, in->in_bssid); 2434 sc->sc_config.chan = ieee80211_chan2ieee(ic, in->in_chan); 2435 if (ic->ic_curmode == IEEE80211_MODE_11B) { 2436 sc->sc_config.cck_mask = 0x03; 2437 sc->sc_config.ofdm_mask = 0; 2438 } else if ((in->in_chan != IEEE80211_CHAN_ANYC) && 2439 (IEEE80211_IS_CHAN_5GHZ(in->in_chan))) { 2440 sc->sc_config.cck_mask = 0; 2441 sc->sc_config.ofdm_mask = 0x15; 2442 } else { /* assume 802.11b/g */ 2443 sc->sc_config.cck_mask = 0x0f; 2444 sc->sc_config.ofdm_mask = 0x15; 2445 } 2446 2447 WPI_DBG((WPI_DEBUG_80211, "config chan %d flags %x cck %x ofdm %x" 2448 " bssid:%02x:%02x:%02x:%02x:%02x:%2x\n", 2449 sc->sc_config.chan, sc->sc_config.flags, 2450 sc->sc_config.cck_mask, sc->sc_config.ofdm_mask, 2451 sc->sc_config.bssid[0], sc->sc_config.bssid[1], 2452 sc->sc_config.bssid[2], sc->sc_config.bssid[3], 2453 sc->sc_config.bssid[4], sc->sc_config.bssid[5])); 2454 err = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->sc_config, 2455 sizeof (wpi_config_t), 1); 2456 if (err != WPI_SUCCESS) { 2457 cmn_err(CE_WARN, "wpi_auth(): failed to configurate chan%d\n", 2458 sc->sc_config.chan); 2459 return (err); 2460 } 2461 2462 /* add default node */ 2463 (void) memset(&node, 0, sizeof (node)); 2464 IEEE80211_ADDR_COPY(node.bssid, in->in_bssid); 2465 node.id = WPI_ID_BSS; 2466 node.rate = wpi_plcp_signal(2); 2467 err = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof (node), 1); 2468 if (err != WPI_SUCCESS) { 2469 cmn_err(CE_WARN, "wpi_auth(): failed to add BSS node\n"); 2470 return (err); 2471 } 2472 2473 err = wpi_mrr_setup(sc); 2474 if (err != WPI_SUCCESS) { 2475 cmn_err(CE_WARN, "wpi_auth(): failed to setup MRR\n"); 2476 return (err); 2477 } 2478 2479 return (WPI_SUCCESS); 2480 } 2481 2482 /* 2483 * Send a scan request to the firmware. 2484 */ 2485 static int 2486 wpi_scan(wpi_sc_t *sc) 2487 { 2488 ieee80211com_t *ic = &sc->sc_ic; 2489 wpi_tx_ring_t *ring = &sc->sc_cmdq; 2490 wpi_tx_desc_t *desc; 2491 wpi_tx_data_t *data; 2492 wpi_tx_cmd_t *cmd; 2493 wpi_scan_hdr_t *hdr; 2494 wpi_scan_chan_t *chan; 2495 struct ieee80211_frame *wh; 2496 ieee80211_node_t *in = ic->ic_bss; 2497 struct ieee80211_rateset *rs; 2498 enum ieee80211_phymode mode; 2499 uint8_t *frm; 2500 int i, pktlen, nrates; 2501 2502 data = &ring->data[ring->cur]; 2503 desc = data->desc; 2504 cmd = (wpi_tx_cmd_t *)data->dma_data.mem_va; 2505 2506 cmd->code = WPI_CMD_SCAN; 2507 cmd->flags = 0; 2508 cmd->qid = ring->qid; 2509 cmd->idx = ring->cur; 2510 2511 hdr = (wpi_scan_hdr_t *)cmd->data; 2512 (void) memset(hdr, 0, sizeof (wpi_scan_hdr_t)); 2513 hdr->first = 1; 2514 hdr->nchan = 14; 2515 hdr->len = hdr->nchan * sizeof (wpi_scan_chan_t); 2516 hdr->quiet = LE_16(5); 2517 hdr->threshold = LE_16(1); 2518 hdr->filter = LE_32(5); 2519 hdr->rate = wpi_plcp_signal(2); 2520 hdr->id = WPI_ID_BROADCAST; 2521 hdr->mask = LE_32(0xffffffff); 2522 hdr->esslen = ic->ic_des_esslen; 2523 if (ic->ic_des_esslen) 2524 bcopy(ic->ic_des_essid, hdr->essid, ic->ic_des_esslen); 2525 else 2526 bzero(hdr->essid, sizeof (hdr->essid)); 2527 /* 2528 * Build a probe request frame. Most of the following code is a 2529 * copy & paste of what is done in net80211. Unfortunately, the 2530 * functions to add IEs are static and thus can't be reused here. 2531 */ 2532 wh = (struct ieee80211_frame *)(hdr + 1); 2533 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2534 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 2535 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2536 (void) memset(wh->i_addr1, 0xff, 6); 2537 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_macaddr); 2538 (void) memset(wh->i_addr3, 0xff, 6); 2539 *(uint16_t *)&wh->i_dur[0] = 0; /* filled by h/w */ 2540 *(uint16_t *)&wh->i_seq[0] = 0; /* filled by h/w */ 2541 2542 frm = (uint8_t *)(wh + 1); 2543 2544 /* add essid IE */ 2545 *frm++ = IEEE80211_ELEMID_SSID; 2546 *frm++ = in->in_esslen; 2547 (void) memcpy(frm, in->in_essid, in->in_esslen); 2548 frm += in->in_esslen; 2549 2550 mode = ieee80211_chan2mode(ic, ic->ic_curchan); 2551 rs = &ic->ic_sup_rates[mode]; 2552 2553 /* add supported rates IE */ 2554 *frm++ = IEEE80211_ELEMID_RATES; 2555 nrates = rs->ir_nrates; 2556 if (nrates > IEEE80211_RATE_SIZE) 2557 nrates = IEEE80211_RATE_SIZE; 2558 *frm++ = (uint8_t)nrates; 2559 (void) memcpy(frm, rs->ir_rates, nrates); 2560 frm += nrates; 2561 2562 /* add supported xrates IE */ 2563 if (rs->ir_nrates > IEEE80211_RATE_SIZE) { 2564 nrates = rs->ir_nrates - IEEE80211_RATE_SIZE; 2565 *frm++ = IEEE80211_ELEMID_XRATES; 2566 *frm++ = (uint8_t)nrates; 2567 (void) memcpy(frm, rs->ir_rates + IEEE80211_RATE_SIZE, nrates); 2568 frm += nrates; 2569 } 2570 2571 /* add optionnal IE (usually an RSN IE) */ 2572 if (ic->ic_opt_ie != NULL) { 2573 (void) memcpy(frm, ic->ic_opt_ie, ic->ic_opt_ie_len); 2574 frm += ic->ic_opt_ie_len; 2575 } 2576 2577 /* setup length of probe request */ 2578 hdr->pbrlen = LE_16(frm - (uint8_t *)wh); 2579 2580 /* align on a 4-byte boundary */ 2581 chan = (wpi_scan_chan_t *)frm; 2582 for (i = 1; i <= hdr->nchan; i++, chan++) { 2583 chan->flags = 3; 2584 chan->chan = (uint8_t)i; 2585 chan->magic = LE_16(0x62ab); 2586 chan->active = LE_16(20); 2587 chan->passive = LE_16(120); 2588 2589 frm += sizeof (wpi_scan_chan_t); 2590 } 2591 2592 pktlen = frm - (uint8_t *)cmd; 2593 2594 desc->flags = LE_32(WPI_PAD32(pktlen) << 28 | 1 << 24); 2595 desc->segs[0].addr = LE_32(data->dma_data.cookie.dmac_address); 2596 desc->segs[0].len = LE_32(pktlen); 2597 2598 WPI_DMA_SYNC(data->dma_data, DDI_DMA_SYNC_FORDEV); 2599 WPI_DMA_SYNC(ring->dma_desc, DDI_DMA_SYNC_FORDEV); 2600 2601 /* kick cmd ring */ 2602 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2603 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2604 2605 return (WPI_SUCCESS); /* will be notified async. of failure/success */ 2606 } 2607 2608 static int 2609 wpi_config(wpi_sc_t *sc) 2610 { 2611 ieee80211com_t *ic = &sc->sc_ic; 2612 wpi_txpower_t txpower; 2613 wpi_power_t power; 2614 #ifdef WPI_BLUE_COEXISTENCE 2615 wpi_bluetooth_t bluetooth; 2616 #endif 2617 wpi_node_t node; 2618 int err; 2619 2620 /* Intel's binary only daemon is a joke.. */ 2621 2622 /* set Tx power for 2.4GHz channels (values read from EEPROM) */ 2623 (void) memset(&txpower, 0, sizeof (txpower)); 2624 (void) memcpy(txpower.pwr1, sc->sc_pwr1, 14 * sizeof (uint16_t)); 2625 (void) memcpy(txpower.pwr2, sc->sc_pwr2, 14 * sizeof (uint16_t)); 2626 err = wpi_cmd(sc, WPI_CMD_TXPOWER, &txpower, sizeof (txpower), 0); 2627 if (err != WPI_SUCCESS) { 2628 cmn_err(CE_WARN, "wpi_config(): failed to set txpower\n"); 2629 return (err); 2630 } 2631 2632 /* set power mode */ 2633 (void) memset(&power, 0, sizeof (power)); 2634 power.flags = LE_32(0x8); 2635 err = wpi_cmd(sc, WPI_CMD_SET_POWER_MODE, &power, sizeof (power), 0); 2636 if (err != WPI_SUCCESS) { 2637 cmn_err(CE_WARN, "wpi_config(): failed to set power mode\n"); 2638 return (err); 2639 } 2640 #ifdef WPI_BLUE_COEXISTENCE 2641 /* configure bluetooth coexistence */ 2642 (void) memset(&bluetooth, 0, sizeof (bluetooth)); 2643 bluetooth.flags = 3; 2644 bluetooth.lead = 0xaa; 2645 bluetooth.kill = 1; 2646 err = wpi_cmd(sc, WPI_CMD_BLUETOOTH, &bluetooth, 2647 sizeof (bluetooth), 0); 2648 if (err != WPI_SUCCESS) { 2649 cmn_err(CE_WARN, 2650 "wpi_config(): " 2651 "failed to configurate bluetooth coexistence\n"); 2652 return (err); 2653 } 2654 #endif 2655 /* configure adapter */ 2656 (void) memset(&sc->sc_config, 0, sizeof (wpi_config_t)); 2657 IEEE80211_ADDR_COPY(sc->sc_config.myaddr, ic->ic_macaddr); 2658 sc->sc_config.chan = ieee80211_chan2ieee(ic, ic->ic_curchan); 2659 sc->sc_config.flags = LE_32(WPI_CONFIG_TSF | WPI_CONFIG_AUTO | 2660 WPI_CONFIG_24GHZ); 2661 sc->sc_config.filter = 0; 2662 switch (ic->ic_opmode) { 2663 case IEEE80211_M_STA: 2664 sc->sc_config.mode = WPI_MODE_STA; 2665 sc->sc_config.filter |= LE_32(WPI_FILTER_MULTICAST | 2666 WPI_FILTER_NODECRYPT); 2667 break; 2668 case IEEE80211_M_IBSS: 2669 case IEEE80211_M_AHDEMO: 2670 sc->sc_config.mode = WPI_MODE_IBSS; 2671 break; 2672 case IEEE80211_M_HOSTAP: 2673 sc->sc_config.mode = WPI_MODE_HOSTAP; 2674 break; 2675 case IEEE80211_M_MONITOR: 2676 sc->sc_config.mode = WPI_MODE_MONITOR; 2677 sc->sc_config.filter |= LE_32(WPI_FILTER_MULTICAST | 2678 WPI_FILTER_CTL | WPI_FILTER_PROMISC); 2679 break; 2680 } 2681 sc->sc_config.cck_mask = 0x0f; /* not yet negotiated */ 2682 sc->sc_config.ofdm_mask = 0xff; /* not yet negotiated */ 2683 err = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->sc_config, 2684 sizeof (wpi_config_t), 0); 2685 if (err != WPI_SUCCESS) { 2686 cmn_err(CE_WARN, "wpi_config(): " 2687 "failed to set configure command\n"); 2688 return (err); 2689 } 2690 2691 /* add broadcast node */ 2692 (void) memset(&node, 0, sizeof (node)); 2693 (void) memset(node.bssid, 0xff, 6); 2694 node.id = WPI_ID_BROADCAST; 2695 node.rate = wpi_plcp_signal(2); 2696 err = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof (node), 0); 2697 if (err != WPI_SUCCESS) { 2698 cmn_err(CE_WARN, "wpi_config(): " 2699 "failed to add broadcast node\n"); 2700 return (err); 2701 } 2702 2703 return (WPI_SUCCESS); 2704 } 2705 2706 static void 2707 wpi_stop_master(wpi_sc_t *sc) 2708 { 2709 uint32_t tmp; 2710 int ntries; 2711 2712 tmp = WPI_READ(sc, WPI_RESET); 2713 WPI_WRITE(sc, WPI_RESET, tmp | WPI_STOP_MASTER); 2714 2715 tmp = WPI_READ(sc, WPI_GPIO_CTL); 2716 if ((tmp & WPI_GPIO_PWR_STATUS) == WPI_GPIO_PWR_SLEEP) 2717 return; /* already asleep */ 2718 2719 for (ntries = 0; ntries < 2000; ntries++) { 2720 if (WPI_READ(sc, WPI_RESET) & WPI_MASTER_DISABLED) 2721 break; 2722 DELAY(1000); 2723 } 2724 if (ntries == 2000) 2725 WPI_DBG((WPI_DEBUG_HW, "timeout waiting for master\n")); 2726 } 2727 2728 static int 2729 wpi_power_up(wpi_sc_t *sc) 2730 { 2731 uint32_t tmp; 2732 int ntries; 2733 2734 wpi_mem_lock(sc); 2735 tmp = wpi_mem_read(sc, WPI_MEM_POWER); 2736 wpi_mem_write(sc, WPI_MEM_POWER, tmp & ~0x03000000); 2737 wpi_mem_unlock(sc); 2738 2739 for (ntries = 0; ntries < 5000; ntries++) { 2740 if (WPI_READ(sc, WPI_GPIO_STATUS) & WPI_POWERED) 2741 break; 2742 DELAY(10); 2743 } 2744 if (ntries == 5000) { 2745 cmn_err(CE_WARN, 2746 "wpi_power_up(): timeout waiting for NIC to power up\n"); 2747 return (ETIMEDOUT); 2748 } 2749 return (WPI_SUCCESS); 2750 } 2751 2752 static int 2753 wpi_reset(wpi_sc_t *sc) 2754 { 2755 uint32_t tmp; 2756 int ntries; 2757 2758 /* clear any pending interrupts */ 2759 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 2760 2761 tmp = WPI_READ(sc, WPI_PLL_CTL); 2762 WPI_WRITE(sc, WPI_PLL_CTL, tmp | WPI_PLL_INIT); 2763 2764 tmp = WPI_READ(sc, WPI_CHICKEN); 2765 WPI_WRITE(sc, WPI_CHICKEN, tmp | WPI_CHICKEN_RXNOLOS); 2766 2767 tmp = WPI_READ(sc, WPI_GPIO_CTL); 2768 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_INIT); 2769 2770 /* wait for clock stabilization */ 2771 for (ntries = 0; ntries < 1000; ntries++) { 2772 if (WPI_READ(sc, WPI_GPIO_CTL) & WPI_GPIO_CLOCK) 2773 break; 2774 DELAY(10); 2775 } 2776 if (ntries == 1000) { 2777 cmn_err(CE_WARN, 2778 "wpi_reset(): timeout waiting for clock stabilization\n"); 2779 return (ETIMEDOUT); 2780 } 2781 2782 /* initialize EEPROM */ 2783 tmp = WPI_READ(sc, WPI_EEPROM_STATUS); 2784 if ((tmp & WPI_EEPROM_VERSION) == 0) { 2785 cmn_err(CE_WARN, "wpi_reset(): EEPROM not found\n"); 2786 return (EIO); 2787 } 2788 WPI_WRITE(sc, WPI_EEPROM_STATUS, tmp & ~WPI_EEPROM_LOCKED); 2789 2790 return (WPI_SUCCESS); 2791 } 2792 2793 static void 2794 wpi_hw_config(wpi_sc_t *sc) 2795 { 2796 uint16_t val; 2797 uint32_t hw; 2798 2799 /* voodoo from the Linux "driver".. */ 2800 hw = WPI_READ(sc, WPI_HWCONFIG); 2801 2802 if ((sc->sc_rev & 0xc0) == 0x40) 2803 hw |= WPI_HW_ALM_MB; 2804 else if (!(sc->sc_rev & 0x80)) 2805 hw |= WPI_HW_ALM_MM; 2806 2807 val = wpi_read_prom_word(sc, WPI_EEPROM_CAPABILITIES); 2808 if ((val & 0xff) == 0x80) 2809 hw |= WPI_HW_SKU_MRC; 2810 2811 val = wpi_read_prom_word(sc, WPI_EEPROM_REVISION); 2812 hw &= ~WPI_HW_REV_D; 2813 if ((val & 0xf0) == 0xd0) 2814 hw |= WPI_HW_REV_D; 2815 2816 val = wpi_read_prom_word(sc, WPI_EEPROM_TYPE); 2817 if ((val & 0xff) > 1) 2818 hw |= WPI_HW_TYPE_B; 2819 2820 WPI_DBG((WPI_DEBUG_HW, "setting h/w config %x\n", hw)); 2821 WPI_WRITE(sc, WPI_HWCONFIG, hw); 2822 } 2823 2824 static int 2825 wpi_init(wpi_sc_t *sc) 2826 { 2827 uint32_t tmp; 2828 int qid, ntries, err; 2829 clock_t clk; 2830 2831 mutex_enter(&sc->sc_glock); 2832 sc->sc_flags &= ~WPI_F_FW_INIT; 2833 2834 (void) wpi_reset(sc); 2835 2836 wpi_mem_lock(sc); 2837 wpi_mem_write(sc, WPI_MEM_CLOCK1, 0xa00); 2838 DELAY(20); 2839 tmp = wpi_mem_read(sc, WPI_MEM_PCIDEV); 2840 wpi_mem_write(sc, WPI_MEM_PCIDEV, tmp | 0x800); 2841 wpi_mem_unlock(sc); 2842 2843 (void) wpi_power_up(sc); 2844 wpi_hw_config(sc); 2845 2846 /* init Rx ring */ 2847 wpi_mem_lock(sc); 2848 WPI_WRITE(sc, WPI_RX_BASE, sc->sc_rxq.dma_desc.cookie.dmac_address); 2849 WPI_WRITE(sc, WPI_RX_RIDX_PTR, 2850 (uint32_t)(sc->sc_dma_sh.cookie.dmac_address + 2851 offsetof(wpi_shared_t, next))); 2852 WPI_WRITE(sc, WPI_RX_WIDX, (WPI_RX_RING_COUNT - 1) & (~7)); 2853 WPI_WRITE(sc, WPI_RX_CONFIG, 0xa9601010); 2854 wpi_mem_unlock(sc); 2855 2856 /* init Tx rings */ 2857 wpi_mem_lock(sc); 2858 wpi_mem_write(sc, WPI_MEM_MODE, 2); /* bypass mode */ 2859 wpi_mem_write(sc, WPI_MEM_RA, 1); /* enable RA0 */ 2860 wpi_mem_write(sc, WPI_MEM_TXCFG, 0x3f); /* enable all 6 Tx rings */ 2861 wpi_mem_write(sc, WPI_MEM_BYPASS1, 0x10000); 2862 wpi_mem_write(sc, WPI_MEM_BYPASS2, 0x30002); 2863 wpi_mem_write(sc, WPI_MEM_MAGIC4, 4); 2864 wpi_mem_write(sc, WPI_MEM_MAGIC5, 5); 2865 2866 WPI_WRITE(sc, WPI_TX_BASE_PTR, sc->sc_dma_sh.cookie.dmac_address); 2867 WPI_WRITE(sc, WPI_MSG_CONFIG, 0xffff05a5); 2868 2869 for (qid = 0; qid < 6; qid++) { 2870 WPI_WRITE(sc, WPI_TX_CTL(qid), 0); 2871 WPI_WRITE(sc, WPI_TX_BASE(qid), 0); 2872 WPI_WRITE(sc, WPI_TX_CONFIG(qid), 0x80200008); 2873 } 2874 wpi_mem_unlock(sc); 2875 2876 /* clear "radio off" and "disable command" bits (reversed logic) */ 2877 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 2878 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_DISABLE_CMD); 2879 2880 /* clear any pending interrupts */ 2881 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 2882 2883 /* enable interrupts */ 2884 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 2885 2886 /* load firmware boot code into NIC */ 2887 err = wpi_load_microcode(sc); 2888 if (err != WPI_SUCCESS) { 2889 cmn_err(CE_WARN, "wpi_init(): failed to load microcode\n"); 2890 goto fail1; 2891 } 2892 2893 /* load firmware .text segment into NIC */ 2894 err = wpi_load_firmware(sc, WPI_FW_TEXT); 2895 if (err != WPI_SUCCESS) { 2896 cmn_err(CE_WARN, "wpi_init(): " 2897 "failed to load firmware(text)\n"); 2898 goto fail1; 2899 } 2900 2901 /* load firmware .data segment into NIC */ 2902 err = wpi_load_firmware(sc, WPI_FW_DATA); 2903 if (err != WPI_SUCCESS) { 2904 cmn_err(CE_WARN, "wpi_init(): " 2905 "failed to load firmware(data)\n"); 2906 goto fail1; 2907 } 2908 2909 /* now press "execute" ;-) */ 2910 tmp = WPI_READ(sc, WPI_RESET); 2911 tmp &= ~(WPI_MASTER_DISABLED | WPI_STOP_MASTER | WPI_NEVO_RESET); 2912 WPI_WRITE(sc, WPI_RESET, tmp); 2913 2914 /* ..and wait at most one second for adapter to initialize */ 2915 clk = ddi_get_lbolt() + drv_usectohz(2000000); 2916 while (!(sc->sc_flags & WPI_F_FW_INIT)) { 2917 if (cv_timedwait(&sc->sc_fw_cv, &sc->sc_glock, clk) < 0) 2918 break; 2919 } 2920 if (!(sc->sc_flags & WPI_F_FW_INIT)) { 2921 cmn_err(CE_WARN, 2922 "wpi_init(): timeout waiting for firmware init\n"); 2923 goto fail1; 2924 } 2925 2926 /* wait for thermal sensors to calibrate */ 2927 for (ntries = 0; ntries < 1000; ntries++) { 2928 if (WPI_READ(sc, WPI_TEMPERATURE) != 0) 2929 break; 2930 DELAY(10); 2931 } 2932 2933 if (ntries == 1000) { 2934 WPI_DBG((WPI_DEBUG_HW, 2935 "wpi_init(): timeout waiting for thermal sensors " 2936 "calibration\n")); 2937 } 2938 2939 WPI_DBG((WPI_DEBUG_HW, "temperature %d\n", 2940 (int)WPI_READ(sc, WPI_TEMPERATURE))); 2941 2942 err = wpi_config(sc); 2943 if (err) { 2944 cmn_err(CE_WARN, "wpi_init(): failed to configure device\n"); 2945 goto fail1; 2946 } 2947 2948 mutex_exit(&sc->sc_glock); 2949 return (WPI_SUCCESS); 2950 2951 fail1: 2952 err = WPI_FAIL; 2953 mutex_exit(&sc->sc_glock); 2954 return (err); 2955 } 2956 2957 static void 2958 wpi_stop(wpi_sc_t *sc) 2959 { 2960 uint32_t tmp; 2961 int ac; 2962 2963 2964 mutex_enter(&sc->sc_glock); 2965 /* disable interrupts */ 2966 WPI_WRITE(sc, WPI_MASK, 0); 2967 WPI_WRITE(sc, WPI_INTR, WPI_INTR_MASK); 2968 WPI_WRITE(sc, WPI_INTR_STATUS, 0xff); 2969 WPI_WRITE(sc, WPI_INTR_STATUS, 0x00070000); 2970 2971 wpi_mem_lock(sc); 2972 wpi_mem_write(sc, WPI_MEM_MODE, 0); 2973 wpi_mem_unlock(sc); 2974 2975 /* reset all Tx rings */ 2976 for (ac = 0; ac < 4; ac++) 2977 wpi_reset_tx_ring(sc, &sc->sc_txq[ac]); 2978 wpi_reset_tx_ring(sc, &sc->sc_cmdq); 2979 wpi_reset_tx_ring(sc, &sc->sc_svcq); 2980 2981 /* reset Rx ring */ 2982 wpi_reset_rx_ring(sc); 2983 2984 wpi_mem_lock(sc); 2985 wpi_mem_write(sc, WPI_MEM_CLOCK2, 0x200); 2986 wpi_mem_unlock(sc); 2987 2988 DELAY(5); 2989 2990 wpi_stop_master(sc); 2991 2992 sc->sc_tx_timer = 0; 2993 tmp = WPI_READ(sc, WPI_RESET); 2994 WPI_WRITE(sc, WPI_RESET, tmp | WPI_SW_RESET); 2995 mutex_exit(&sc->sc_glock); 2996 } 2997 2998 /* 2999 * Naive implementation of the Adaptive Multi Rate Retry algorithm: 3000 * "IEEE 802.11 Rate Adaptation: A Practical Approach" 3001 * Mathieu Lacage, Hossein Manshaei, Thierry Turletti 3002 * INRIA Sophia - Projet Planete 3003 * http://www-sop.inria.fr/rapports/sophia/RR-5208.html 3004 */ 3005 #define is_success(amrr) \ 3006 ((amrr)->retrycnt < (amrr)->txcnt / 10) 3007 #define is_failure(amrr) \ 3008 ((amrr)->retrycnt > (amrr)->txcnt / 3) 3009 #define is_enough(amrr) \ 3010 ((amrr)->txcnt > 100) 3011 #define is_min_rate(in) \ 3012 ((in)->in_txrate == 0) 3013 #define is_max_rate(in) \ 3014 ((in)->in_txrate == (in)->in_rates.ir_nrates - 1) 3015 #define increase_rate(in) \ 3016 ((in)->in_txrate++) 3017 #define decrease_rate(in) \ 3018 ((in)->in_txrate--) 3019 #define reset_cnt(amrr) \ 3020 { (amrr)->txcnt = (amrr)->retrycnt = 0; } 3021 3022 #define WPI_AMRR_MIN_SUCCESS_THRESHOLD 1 3023 #define WPI_AMRR_MAX_SUCCESS_THRESHOLD 15 3024 3025 static void 3026 wpi_amrr_init(wpi_amrr_t *amrr) 3027 { 3028 amrr->success = 0; 3029 amrr->recovery = 0; 3030 amrr->txcnt = amrr->retrycnt = 0; 3031 amrr->success_threshold = WPI_AMRR_MIN_SUCCESS_THRESHOLD; 3032 } 3033 3034 static void 3035 wpi_amrr_timeout(wpi_sc_t *sc) 3036 { 3037 ieee80211com_t *ic = &sc->sc_ic; 3038 3039 WPI_DBG((WPI_DEBUG_RATECTL, "wpi_amrr_timeout() enter\n")); 3040 if (ic->ic_opmode == IEEE80211_M_STA) 3041 wpi_amrr_ratectl(NULL, ic->ic_bss); 3042 else 3043 ieee80211_iterate_nodes(&ic->ic_sta, wpi_amrr_ratectl, NULL); 3044 sc->sc_clk = ddi_get_lbolt(); 3045 } 3046 3047 /* ARGSUSED */ 3048 static void 3049 wpi_amrr_ratectl(void *arg, ieee80211_node_t *in) 3050 { 3051 wpi_amrr_t *amrr = (wpi_amrr_t *)in; 3052 int need_change = 0; 3053 3054 if (is_success(amrr) && is_enough(amrr)) { 3055 amrr->success++; 3056 if (amrr->success >= amrr->success_threshold && 3057 !is_max_rate(in)) { 3058 amrr->recovery = 1; 3059 amrr->success = 0; 3060 increase_rate(in); 3061 WPI_DBG((WPI_DEBUG_RATECTL, 3062 "AMRR increasing rate %d (txcnt=%d retrycnt=%d)\n", 3063 in->in_txrate, amrr->txcnt, amrr->retrycnt)); 3064 need_change = 1; 3065 } else { 3066 amrr->recovery = 0; 3067 } 3068 } else if (is_failure(amrr)) { 3069 amrr->success = 0; 3070 if (!is_min_rate(in)) { 3071 if (amrr->recovery) { 3072 amrr->success_threshold++; 3073 if (amrr->success_threshold > 3074 WPI_AMRR_MAX_SUCCESS_THRESHOLD) 3075 amrr->success_threshold = 3076 WPI_AMRR_MAX_SUCCESS_THRESHOLD; 3077 } else { 3078 amrr->success_threshold = 3079 WPI_AMRR_MIN_SUCCESS_THRESHOLD; 3080 } 3081 decrease_rate(in); 3082 WPI_DBG((WPI_DEBUG_RATECTL, 3083 "AMRR decreasing rate %d (txcnt=%d retrycnt=%d)\n", 3084 in->in_txrate, amrr->txcnt, amrr->retrycnt)); 3085 need_change = 1; 3086 } 3087 amrr->recovery = 0; /* paper is incorrect */ 3088 } 3089 3090 if (is_enough(amrr) || need_change) 3091 reset_cnt(amrr); 3092 } 3093