1 /* 2 * Copyright (c) 2004-2006 3 * Damien Bergamini <damien.bergamini@free.fr>. 4 * Copyright (c) 2004, 2005 5 * Andrew Atrens <atrens@nortelnetworks.com>. 6 * 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice unmodified, this list of conditions, and the following 14 * disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.8.2.6 2006/02/23 02:06:46 sam Exp $ 32 * $DragonFly: src/sys/dev/netif/iwi/if_iwi.c,v 1.19 2007/02/20 14:24:21 sephe Exp $ 33 */ 34 35 /*- 36 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 37 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 38 */ 39 40 #include <sys/param.h> 41 #include <sys/sysctl.h> 42 #include <sys/sockio.h> 43 #include <sys/mbuf.h> 44 #include <sys/kernel.h> 45 #include <sys/kthread.h> 46 #include <sys/socket.h> 47 #include <sys/systm.h> 48 #include <sys/malloc.h> 49 #include <sys/module.h> 50 #include <sys/endian.h> 51 #include <sys/proc.h> 52 #include <sys/ucred.h> 53 #include <sys/bus.h> 54 #include <sys/rman.h> 55 #include <sys/serialize.h> 56 57 #include <bus/pci/pcidevs.h> 58 #include <bus/pci/pcireg.h> 59 #include <bus/pci/pcivar.h> 60 61 #include <net/bpf.h> 62 #include <net/if.h> 63 #include <net/if_arp.h> 64 #include <net/ethernet.h> 65 #include <net/if_dl.h> 66 #include <net/if_media.h> 67 #include <net/if_types.h> 68 #include <net/ifq_var.h> 69 70 #include <netproto/802_11/ieee80211_var.h> 71 #include <netproto/802_11/ieee80211_radiotap.h> 72 73 #include <netinet/in.h> 74 #include <netinet/in_systm.h> 75 #include <netinet/in_var.h> 76 #include <netinet/ip.h> 77 #include <netinet/if_ether.h> 78 79 #include <dev/netif/iwi/if_iwireg.h> 80 #include <dev/netif/iwi/if_iwivar.h> 81 82 #ifdef IWI_DEBUG 83 #define DPRINTF(x) do { if (iwi_debug > 0) kprintf x; } while (0) 84 #define DPRINTFN(n, x) do { if (iwi_debug >= (n)) kprintf x; } while (0) 85 int iwi_debug = 0; 86 SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level"); 87 #else 88 #define DPRINTF(x) 89 #define DPRINTFN(n, x) 90 #endif 91 92 static struct iwi_ident { 93 uint16_t vendor; 94 uint16_t device; 95 const char *name; 96 } iwi_ident_table[] = { 97 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2200BG, 98 "Intel(R) PRO/Wireless 2200BG" }, 99 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2225BG, 100 "Intel(R) PRO/Wireless 2225BG" }, 101 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1, 102 "Intel(R) PRO/Wireless 2915ABG" }, 103 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2, 104 "Intel(R) PRO/Wireless 2915ABG" }, 105 { 0, 0, NULL } 106 }; 107 108 static void iwi_fw_monitor(void *); 109 static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 110 static void iwi_dma_map_mbuf(void *, bus_dma_segment_t *, int, bus_size_t, 111 int); 112 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 113 int); 114 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 115 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 116 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 117 int, bus_addr_t, bus_addr_t); 118 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 119 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 120 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 121 int); 122 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 123 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 124 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 125 static void iwi_node_free(struct ieee80211_node *); 126 static int iwi_media_change(struct ifnet *); 127 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 128 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 129 static int iwi_wme_update(struct ieee80211com *); 130 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 131 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 132 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 133 struct iwi_frame *); 134 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 135 static void iwi_rx_intr(struct iwi_softc *); 136 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 137 static void iwi_intr(void *); 138 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 139 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 140 static int iwi_tx_start(struct ifnet *, struct mbuf *, 141 struct ieee80211_node *, int); 142 static void iwi_start(struct ifnet *); 143 static void iwi_watchdog(struct ifnet *); 144 static int iwi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 145 static void iwi_stop_master(struct iwi_softc *); 146 static int iwi_reset(struct iwi_softc *); 147 static int iwi_load_ucode(struct iwi_softc *, void *, int); 148 static int iwi_load_firmware(struct iwi_softc *, void *, int); 149 static int iwi_cache_firmware(struct iwi_softc *, void *); 150 static void iwi_free_firmware(struct iwi_softc *); 151 static int iwi_config(struct iwi_softc *); 152 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 153 static int iwi_scan(struct iwi_softc *); 154 static int iwi_auth_and_assoc(struct iwi_softc *); 155 static void iwi_init(void *); 156 static void iwi_stop(void *); 157 static int iwi_sysctl_stats(SYSCTL_HANDLER_ARGS); 158 static int iwi_sysctl_radio(SYSCTL_HANDLER_ARGS); 159 160 static int iwi_probe(device_t); 161 static int iwi_attach(device_t); 162 static int iwi_detach(device_t); 163 static int iwi_shutdown(device_t); 164 static int iwi_suspend(device_t); 165 static int iwi_resume(device_t); 166 167 static int iwi_alloc_ibss_node(struct iwi_softc *); 168 static void iwi_free_ibss_node(struct iwi_softc *, int); 169 170 static device_method_t iwi_methods[] = { 171 /* Device interface */ 172 DEVMETHOD(device_probe, iwi_probe), 173 DEVMETHOD(device_attach, iwi_attach), 174 DEVMETHOD(device_detach, iwi_detach), 175 DEVMETHOD(device_shutdown, iwi_shutdown), 176 DEVMETHOD(device_suspend, iwi_suspend), 177 DEVMETHOD(device_resume, iwi_resume), 178 179 { 0, 0 } 180 }; 181 182 static driver_t iwi_driver = { 183 "iwi", 184 iwi_methods, 185 sizeof (struct iwi_softc) 186 }; 187 188 static devclass_t iwi_devclass; 189 190 DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0); 191 192 MODULE_DEPEND(iwi, pci, 1, 1, 1); 193 MODULE_DEPEND(iwi, wlan, 1, 1, 1); 194 195 /* 196 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 197 */ 198 static const struct ieee80211_rateset iwi_rateset_11a = 199 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 200 201 static const struct ieee80211_rateset iwi_rateset_11b = 202 { 4, { 2, 4, 11, 22 } }; 203 204 static const struct ieee80211_rateset iwi_rateset_11g = 205 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 206 207 static void 208 iwi_fw_monitor(void *arg) 209 { 210 struct iwi_softc *sc = arg; 211 struct ifnet *ifp = &sc->sc_ic.ic_if; 212 213 lwkt_serialize_enter(ifp->if_serializer); 214 for (;;) { 215 int error = 0; 216 217 /* 218 * Test to see whether we are detaching, 219 * this is used to avoid race condition 220 * especially when attaching fails. 221 */ 222 if ((sc->flags & IWI_FLAG_EXIT) == 0) { 223 crit_enter(); 224 tsleep_interlock(IWI_FW_WAKE_MONITOR(sc)); 225 lwkt_serialize_exit(ifp->if_serializer); 226 error = tsleep(IWI_FW_WAKE_MONITOR(sc), 227 0, "iwifwm", 0); 228 crit_exit(); 229 lwkt_serialize_enter(ifp->if_serializer); 230 } 231 232 if (error == 0) { 233 int boff; 234 235 if (sc->flags & IWI_FLAG_EXIT) 236 break; 237 else if ((sc->flags & IWI_FLAG_RESET) == 0) 238 continue; 239 240 if_printf(ifp, "reset firmware\n"); 241 for (boff = 1; sc->flags & IWI_FLAG_RESET; boff++) { 242 iwi_init(sc); 243 if (sc->flags & IWI_FLAG_FW_INITED) { 244 sc->flags &= ~IWI_FLAG_RESET; 245 } else if (boff > 10) { /* XXX */ 246 if_printf(ifp, "fw reset failed. " 247 "retrying...\n"); 248 249 /* XXX avoid to sleep to long */ 250 boff = 1; 251 } 252 253 /* 254 * Since this would be infinite loop, 255 * if reseting firmware never succeeded, 256 * we test to see whether we are detaching. 257 */ 258 if (sc->flags & IWI_FLAG_EXIT) 259 break; 260 261 crit_enter(); 262 tsleep_interlock(IWI_FW_CMD_ACKED(sc)); 263 lwkt_serialize_exit(ifp->if_serializer); 264 error = tsleep(IWI_FW_CMD_ACKED(sc), 0, 265 "iwirun", boff * hz); 266 crit_exit(); 267 lwkt_serialize_enter(ifp->if_serializer); 268 } 269 } 270 } 271 lwkt_serialize_exit(ifp->if_serializer); 272 273 if_printf(ifp, "fw monitor exiting\n"); 274 wakeup(IWI_FW_EXIT_MONITOR(sc)); 275 kthread_exit(); 276 } 277 278 static int 279 iwi_probe(device_t dev) 280 { 281 const struct iwi_ident *ident; 282 uint16_t vid, did; 283 284 vid = pci_get_vendor(dev); 285 did = pci_get_device(dev); 286 for (ident = iwi_ident_table; ident->name != NULL; ident++) { 287 if (vid == ident->vendor && did == ident->device) { 288 device_set_desc(dev, ident->name); 289 return 0; 290 } 291 } 292 return ENXIO; 293 } 294 295 /* Base Address Register */ 296 #define IWI_PCI_BAR0 0x10 297 298 static int 299 iwi_attach(device_t dev) 300 { 301 struct iwi_softc *sc = device_get_softc(dev); 302 struct ieee80211com *ic = &sc->sc_ic; 303 struct ifnet *ifp = &ic->ic_if; 304 uint16_t val; 305 int error, i; 306 307 sc->sc_dev = dev; 308 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 309 310 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { 311 device_printf(dev, "chip is in D%d power mode " 312 "-- setting to D0\n", pci_get_powerstate(dev)); 313 pci_set_powerstate(dev, PCI_POWERSTATE_D0); 314 } 315 316 pci_write_config(dev, 0x41, 0, 1); 317 318 /* enable bus-mastering */ 319 pci_enable_busmaster(dev); 320 321 sc->mem_rid = IWI_PCI_BAR0; 322 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid, 323 RF_ACTIVE); 324 if (sc->mem == NULL) { 325 device_printf(dev, "could not allocate memory resource\n"); 326 return ENXIO; 327 } 328 sc->sc_st = rman_get_bustag(sc->mem); 329 sc->sc_sh = rman_get_bushandle(sc->mem); 330 331 sc->irq_rid = 0; 332 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid, 333 RF_ACTIVE | RF_SHAREABLE); 334 if (sc->irq == NULL) { 335 device_printf(dev, "could not allocate interrupt resource\n"); 336 goto fail; 337 } 338 339 if (iwi_reset(sc) != 0) { 340 device_printf(dev, "could not reset adapter\n"); 341 goto fail; 342 } 343 344 /* 345 * Allocate rings. 346 */ 347 error = iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT); 348 if (error != 0) { 349 device_printf(dev, "could not allocate Cmd ring\n"); 350 goto fail; 351 } 352 353 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 354 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 355 if (error != 0) { 356 device_printf(dev, "could not allocate Tx ring 1\n"); 357 goto fail; 358 } 359 360 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 361 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 362 if (error != 0) { 363 device_printf(dev, "could not allocate Tx ring 2\n"); 364 goto fail; 365 } 366 367 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 368 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 369 if (error != 0) { 370 device_printf(dev, "could not allocate Tx ring 3\n"); 371 goto fail; 372 } 373 374 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 375 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 376 if (error != 0) { 377 device_printf(dev, "could not allocate Tx ring 4\n"); 378 goto fail; 379 } 380 381 error = iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT); 382 if (error != 0) { 383 device_printf(dev, "could not allocate Rx ring\n"); 384 goto fail; 385 } 386 387 sysctl_ctx_init(&sc->sysctl_ctx); 388 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx, 389 SYSCTL_STATIC_CHILDREN(_hw), 390 OID_AUTO, 391 device_get_nameunit(dev), 392 CTLFLAG_RD, 393 0, ""); 394 if (sc->sysctl_tree == NULL) { 395 device_printf(dev, "sysctl add node failed\n"); 396 error = EIO; 397 goto fail; 398 } 399 400 ifp->if_softc = sc; 401 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 402 ifp->if_init = iwi_init; 403 ifp->if_ioctl = iwi_ioctl; 404 ifp->if_start = iwi_start; 405 ifp->if_watchdog = iwi_watchdog; 406 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN); 407 ifq_set_ready(&ifp->if_snd); 408 409 ic->ic_wme.wme_update = iwi_wme_update; 410 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 411 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 412 ic->ic_state = IEEE80211_S_INIT; 413 414 /* set device capabilities */ 415 ic->ic_caps = 416 IEEE80211_C_IBSS | /* IBSS mode supported */ 417 IEEE80211_C_MONITOR | /* monitor mode supported */ 418 IEEE80211_C_TXPMGT | /* tx power management */ 419 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 420 IEEE80211_C_WEP | /* WEP */ 421 IEEE80211_C_WPA | /* 802.11i */ 422 IEEE80211_C_WME; /* 802.11e */ 423 424 /* read MAC address from EEPROM */ 425 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 426 ic->ic_myaddr[0] = val & 0xff; 427 ic->ic_myaddr[1] = val >> 8; 428 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 429 ic->ic_myaddr[2] = val & 0xff; 430 ic->ic_myaddr[3] = val >> 8; 431 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 432 ic->ic_myaddr[4] = val & 0xff; 433 ic->ic_myaddr[5] = val >> 8; 434 435 if (pci_get_device(dev) >= 0x4223) { 436 /* set supported .11a rates (2915ABG only) */ 437 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 438 439 /* set supported .11a channels */ 440 for (i = 36; i <= 64; i += 4) { 441 ic->ic_channels[i].ic_freq = 442 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 443 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 444 } 445 for (i = 149; i <= 165; i += 4) { 446 ic->ic_channels[i].ic_freq = 447 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 448 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 449 } 450 } 451 452 /* set supported .11b and .11g rates */ 453 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 454 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 455 456 /* set supported .11b and .11g channels (1 through 14) */ 457 for (i = 1; i <= 14; i++) { 458 ic->ic_channels[i].ic_freq = 459 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 460 ic->ic_channels[i].ic_flags = 461 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 462 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 463 } 464 465 ieee80211_ifattach(ic); 466 /* override default methods */ 467 ic->ic_node_alloc = iwi_node_alloc; 468 sc->sc_node_free = ic->ic_node_free; 469 ic->ic_node_free = iwi_node_free; 470 /* override state transition machine */ 471 sc->sc_newstate = ic->ic_newstate; 472 ic->ic_newstate = iwi_newstate; 473 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 474 475 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO, 476 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 477 478 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 479 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 480 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 481 482 sc->sc_txtap_len = sizeof sc->sc_txtapu; 483 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 484 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 485 486 /* 487 * Add a few sysctl knobs. 488 */ 489 sc->dwelltime = 100; 490 sc->bluetooth = 1; 491 sc->antenna = 0; 492 493 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 494 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "radio", 495 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I", 496 "radio transmitter switch state (0=off, 1=on)"); 497 498 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 499 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "stats", 500 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S", 501 "statistics"); 502 503 SYSCTL_ADD_INT(&sc->sysctl_ctx, 504 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell", 505 CTLFLAG_RW, &sc->dwelltime, 0, 506 "channel dwell time (ms) for AP/station scanning"); 507 508 SYSCTL_ADD_INT(&sc->sysctl_ctx, 509 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "bluetooth", 510 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence"); 511 512 SYSCTL_ADD_INT(&sc->sysctl_ctx, 513 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "antenna", 514 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)"); 515 516 /* 517 * Start firmware monitoring thread 518 * 519 * NOTE: 520 * This should be done only after serializer is initialized, 521 * i.e. after ieee80211_ifattach(), because serializer will be 522 * held once iwi_fw_monitor() is entered. 523 */ 524 error = kthread_create(iwi_fw_monitor, sc, &sc->sc_fw_monitor, 525 "%s:fw-monitor", device_get_nameunit(dev)); 526 if (error) { 527 device_printf(dev, "could not create fw monitor\n"); 528 goto fail1; 529 } 530 sc->flags |= IWI_FLAG_MONITOR; 531 532 /* 533 * Hook our interrupt after all initialization is complete. 534 */ 535 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, iwi_intr, sc, 536 &sc->sc_ih, ifp->if_serializer); 537 if (error != 0) { 538 device_printf(dev, "could not set up interrupt\n"); 539 goto fail1; 540 } 541 542 if (bootverbose) 543 ieee80211_announce(ic); 544 545 return 0; 546 547 fail1: 548 bpfdetach(ifp); 549 ieee80211_ifdetach(ic); 550 fail: 551 iwi_detach(dev); 552 return ENXIO; 553 } 554 555 static int 556 iwi_detach(device_t dev) 557 { 558 struct iwi_softc *sc = device_get_softc(dev); 559 struct ieee80211com *ic = &sc->sc_ic; 560 struct ifnet *ifp = ic->ic_ifp; 561 562 if (sc->flags & IWI_FLAG_MONITOR) { 563 lwkt_serialize_enter(ifp->if_serializer); 564 sc->flags |= IWI_FLAG_EXIT; 565 wakeup(IWI_FW_WAKE_MONITOR(sc)); 566 567 crit_enter(); 568 tsleep_interlock(IWI_FW_EXIT_MONITOR(sc)); 569 lwkt_serialize_exit(ifp->if_serializer); 570 tsleep(IWI_FW_EXIT_MONITOR(sc), 0, "iwiexi", 0); 571 crit_exit(); 572 /* No need to hold serializer again */ 573 574 if_printf(ifp, "fw monitor exited\n"); 575 } 576 577 if (device_is_attached(dev)) { 578 lwkt_serialize_enter(ifp->if_serializer); 579 580 iwi_stop(sc); 581 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 582 iwi_free_firmware(sc); 583 584 lwkt_serialize_exit(ifp->if_serializer); 585 586 bpfdetach(ifp); 587 ieee80211_ifdetach(ic); 588 } 589 590 iwi_free_cmd_ring(sc, &sc->cmdq); 591 iwi_free_tx_ring(sc, &sc->txq[0]); 592 iwi_free_tx_ring(sc, &sc->txq[1]); 593 iwi_free_tx_ring(sc, &sc->txq[2]); 594 iwi_free_tx_ring(sc, &sc->txq[3]); 595 iwi_free_rx_ring(sc, &sc->rxq); 596 597 if (sc->irq != NULL) 598 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq); 599 600 if (sc->mem != NULL) 601 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem); 602 603 if (sc->sysctl_tree != NULL) 604 sysctl_ctx_free(&sc->sysctl_ctx); 605 606 return 0; 607 } 608 609 static void 610 iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 611 { 612 if (error != 0) 613 return; 614 615 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 616 617 *(bus_addr_t *)arg = segs[0].ds_addr; 618 } 619 620 static int 621 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count) 622 { 623 int error; 624 625 ring->count = count; 626 ring->queued = 0; 627 ring->cur = ring->next = 0; 628 629 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 630 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_CMD_DESC_SIZE, 1, 631 count * IWI_CMD_DESC_SIZE, 0, &ring->desc_dmat); 632 if (error != 0) { 633 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 634 goto fail; 635 } 636 637 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 638 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 639 if (error != 0) { 640 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 641 goto fail; 642 } 643 644 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 645 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 646 if (error != 0) { 647 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 648 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 649 ring->desc = NULL; 650 return error; 651 } 652 653 return 0; 654 655 fail: iwi_free_cmd_ring(sc, ring); 656 return error; 657 } 658 659 static void 660 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 661 { 662 ring->queued = 0; 663 ring->cur = ring->next = 0; 664 } 665 666 static void 667 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 668 { 669 if (ring->desc != NULL) { 670 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 671 BUS_DMASYNC_POSTWRITE); 672 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 673 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 674 ring->desc = NULL; 675 } 676 677 if (ring->desc_dmat != NULL) { 678 bus_dma_tag_destroy(ring->desc_dmat); 679 ring->desc_dmat = NULL; 680 } 681 } 682 683 static int 684 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count, 685 bus_addr_t csr_ridx, bus_addr_t csr_widx) 686 { 687 int i, error; 688 689 ring->count = count; 690 ring->queued = 0; 691 ring->cur = ring->next = 0; 692 ring->csr_ridx = csr_ridx; 693 ring->csr_widx = csr_widx; 694 695 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 696 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_TX_DESC_SIZE, 1, 697 count * IWI_TX_DESC_SIZE, 0, &ring->desc_dmat); 698 if (error != 0) { 699 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 700 goto fail; 701 } 702 703 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 704 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 705 if (error != 0) { 706 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 707 goto fail; 708 } 709 710 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 711 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 712 if (error != 0) { 713 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 714 715 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 716 ring->desc = NULL; 717 goto fail; 718 } 719 720 ring->data = kmalloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 721 M_WAITOK | M_ZERO); 722 723 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 724 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, IWI_MAX_NSEG - 2, 725 MCLBYTES, 0, &ring->data_dmat); 726 if (error != 0) { 727 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 728 goto fail; 729 } 730 731 for (i = 0; i < count; i++) { 732 error = bus_dmamap_create(ring->data_dmat, 0, 733 &ring->data[i].map); 734 if (error != 0) { 735 device_printf(sc->sc_dev, "could not create DMA map\n"); 736 goto fail; 737 } 738 } 739 740 return 0; 741 742 fail: iwi_free_tx_ring(sc, ring); 743 return error; 744 } 745 746 static void 747 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 748 { 749 struct iwi_tx_data *data; 750 int i; 751 752 for (i = 0; i < ring->count; i++) { 753 data = &ring->data[i]; 754 755 if (data->m != NULL) { 756 bus_dmamap_sync(ring->data_dmat, data->map, 757 BUS_DMASYNC_POSTWRITE); 758 bus_dmamap_unload(ring->data_dmat, data->map); 759 m_freem(data->m); 760 data->m = NULL; 761 } 762 763 if (data->ni != NULL) { 764 ieee80211_free_node(data->ni); 765 data->ni = NULL; 766 } 767 } 768 769 ring->queued = 0; 770 ring->cur = ring->next = 0; 771 } 772 773 static void 774 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 775 { 776 struct iwi_tx_data *data; 777 int i; 778 779 if (ring->desc != NULL) { 780 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 781 BUS_DMASYNC_POSTWRITE); 782 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 783 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 784 ring->desc = NULL; 785 } 786 787 if (ring->desc_dmat != NULL) { 788 bus_dma_tag_destroy(ring->desc_dmat); 789 ring->desc_dmat = NULL; 790 } 791 792 if (ring->data != NULL) { 793 for (i = 0; i < ring->count; i++) { 794 data = &ring->data[i]; 795 796 if (data->m != NULL) { 797 bus_dmamap_sync(ring->data_dmat, data->map, 798 BUS_DMASYNC_POSTWRITE); 799 bus_dmamap_unload(ring->data_dmat, data->map); 800 m_freem(data->m); 801 data->m = NULL; 802 } 803 804 if (data->ni != NULL) { 805 ieee80211_free_node(data->ni); 806 data->ni = NULL; 807 } 808 809 if (data->map != NULL) { 810 bus_dmamap_destroy(ring->data_dmat, data->map); 811 data->map = NULL; 812 } 813 } 814 815 kfree(ring->data, M_DEVBUF); 816 ring->data = NULL; 817 } 818 819 if (ring->data_dmat != NULL) { 820 bus_dma_tag_destroy(ring->data_dmat); 821 ring->data_dmat = NULL; 822 } 823 } 824 825 static int 826 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count) 827 { 828 struct iwi_rx_data *data; 829 int i, error; 830 831 ring->count = count; 832 ring->cur = 0; 833 834 ring->data = kmalloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 835 M_WAITOK | M_ZERO); 836 837 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 838 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, 839 &ring->data_dmat); 840 if (error != 0) { 841 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 842 goto fail; 843 } 844 845 for (i = 0; i < count; i++) { 846 data = &ring->data[i]; 847 848 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 849 if (error != 0) { 850 device_printf(sc->sc_dev, "could not create DMA map\n"); 851 goto fail; 852 } 853 854 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR); 855 if (data->m == NULL) { 856 device_printf(sc->sc_dev, 857 "could not allocate rx mbuf\n"); 858 error = ENOMEM; 859 goto fail; 860 } 861 862 error = bus_dmamap_load(ring->data_dmat, data->map, 863 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 864 &data->physaddr, 0); 865 if (error != 0) { 866 device_printf(sc->sc_dev, 867 "could not load rx buf DMA map"); 868 869 m_freem(data->m); 870 data->m = NULL; 871 goto fail; 872 } 873 874 data->reg = IWI_CSR_RX_BASE + i * 4; 875 } 876 877 return 0; 878 879 fail: iwi_free_rx_ring(sc, ring); 880 return error; 881 } 882 883 static void 884 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 885 { 886 ring->cur = 0; 887 } 888 889 static void 890 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 891 { 892 struct iwi_rx_data *data; 893 int i; 894 895 if (ring->data != NULL) { 896 for (i = 0; i < ring->count; i++) { 897 data = &ring->data[i]; 898 899 if (data->m != NULL) { 900 bus_dmamap_sync(ring->data_dmat, data->map, 901 BUS_DMASYNC_POSTREAD); 902 bus_dmamap_unload(ring->data_dmat, data->map); 903 m_freem(data->m); 904 data->m = NULL; 905 } 906 907 if (data->map != NULL) { 908 bus_dmamap_destroy(ring->data_dmat, data->map); 909 data->map = NULL; 910 } 911 } 912 913 kfree(ring->data, M_DEVBUF); 914 ring->data = NULL; 915 } 916 917 if (ring->data_dmat != NULL) { 918 bus_dma_tag_destroy(ring->data_dmat); 919 ring->data_dmat = NULL; 920 } 921 } 922 923 static int 924 iwi_shutdown(device_t dev) 925 { 926 struct iwi_softc *sc = device_get_softc(dev); 927 struct ifnet *ifp = &sc->sc_ic.ic_if; 928 929 lwkt_serialize_enter(ifp->if_serializer); 930 iwi_stop(sc); 931 lwkt_serialize_exit(ifp->if_serializer); 932 933 return 0; 934 } 935 936 static int 937 iwi_suspend(device_t dev) 938 { 939 struct iwi_softc *sc = device_get_softc(dev); 940 struct ifnet *ifp = &sc->sc_ic.ic_if; 941 942 lwkt_serialize_enter(ifp->if_serializer); 943 iwi_stop(sc); 944 lwkt_serialize_exit(ifp->if_serializer); 945 946 return 0; 947 } 948 949 static int 950 iwi_resume(device_t dev) 951 { 952 struct iwi_softc *sc = device_get_softc(dev); 953 struct ifnet *ifp = sc->sc_ic.ic_ifp; 954 955 lwkt_serialize_enter(ifp->if_serializer); 956 957 pci_write_config(dev, 0x41, 0, 1); 958 959 if (ifp->if_flags & IFF_UP) { 960 ifp->if_init(ifp->if_softc); 961 if (ifp->if_flags & IFF_RUNNING) 962 ifp->if_start(ifp); 963 } 964 965 lwkt_serialize_exit(ifp->if_serializer); 966 967 return 0; 968 } 969 970 static struct ieee80211_node * 971 iwi_node_alloc(struct ieee80211_node_table *nt) 972 { 973 struct iwi_node *in; 974 975 in = kmalloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 976 if (in == NULL) 977 return NULL; 978 979 in->in_station = -1; 980 981 return &in->in_node; 982 } 983 984 static void 985 iwi_node_free(struct ieee80211_node *ni) 986 { 987 struct ieee80211com *ic = ni->ni_ic; 988 struct iwi_softc *sc = ic->ic_ifp->if_softc; 989 struct iwi_node *in = (struct iwi_node *)ni; 990 991 if (in->in_station != -1) 992 iwi_free_ibss_node(sc, in->in_station); 993 994 sc->sc_node_free(ni); 995 } 996 997 static int 998 iwi_media_change(struct ifnet *ifp) 999 { 1000 struct iwi_softc *sc = ifp->if_softc; 1001 int error; 1002 1003 ASSERT_SERIALIZED(ifp->if_serializer); 1004 1005 error = ieee80211_media_change(ifp); 1006 if (error != ENETRESET) 1007 return error; 1008 1009 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1010 iwi_init(sc); 1011 return 0; 1012 } 1013 1014 /* 1015 * The firmware automatically adapts the transmit speed. We report its current 1016 * value here. 1017 */ 1018 static void 1019 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 1020 { 1021 struct iwi_softc *sc = ifp->if_softc; 1022 struct ieee80211com *ic = &sc->sc_ic; 1023 #define N(a) (sizeof (a) / sizeof (a[0])) 1024 static const struct { 1025 uint32_t val; 1026 int rate; 1027 } rates[] = { 1028 { IWI_RATE_DS1, 2 }, 1029 { IWI_RATE_DS2, 4 }, 1030 { IWI_RATE_DS5, 11 }, 1031 { IWI_RATE_DS11, 22 }, 1032 { IWI_RATE_OFDM6, 12 }, 1033 { IWI_RATE_OFDM9, 18 }, 1034 { IWI_RATE_OFDM12, 24 }, 1035 { IWI_RATE_OFDM18, 36 }, 1036 { IWI_RATE_OFDM24, 48 }, 1037 { IWI_RATE_OFDM36, 72 }, 1038 { IWI_RATE_OFDM48, 96 }, 1039 { IWI_RATE_OFDM54, 108 }, 1040 }; 1041 uint32_t val; 1042 int rate, i; 1043 1044 imr->ifm_status = IFM_AVALID; 1045 imr->ifm_active = IFM_IEEE80211; 1046 if (ic->ic_state == IEEE80211_S_RUN) 1047 imr->ifm_status |= IFM_ACTIVE; 1048 1049 /* read current transmission rate from adapter */ 1050 val = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE); 1051 1052 /* convert rate to 802.11 rate */ 1053 for (i = 0; i < N(rates) && rates[i].val != val; i++); 1054 rate = (i < N(rates)) ? rates[i].rate : 0; 1055 1056 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 1057 switch (ic->ic_opmode) { 1058 case IEEE80211_M_STA: 1059 break; 1060 1061 case IEEE80211_M_IBSS: 1062 imr->ifm_active |= IFM_IEEE80211_ADHOC; 1063 break; 1064 1065 case IEEE80211_M_MONITOR: 1066 imr->ifm_active |= IFM_IEEE80211_MONITOR; 1067 break; 1068 1069 case IEEE80211_M_AHDEMO: 1070 case IEEE80211_M_HOSTAP: 1071 /* should not get there */ 1072 break; 1073 } 1074 #undef N 1075 } 1076 1077 static int 1078 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1079 { 1080 struct ifnet *ifp = ic->ic_ifp; 1081 struct iwi_softc *sc = ifp->if_softc; 1082 enum ieee80211_state ostate; 1083 uint32_t tmp; 1084 1085 ostate = ic->ic_state; 1086 1087 switch (nstate) { 1088 case IEEE80211_S_SCAN: 1089 if (sc->flags & IWI_FLAG_SCANNING) 1090 break; 1091 1092 ieee80211_node_table_reset(&ic->ic_scan); 1093 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1094 sc->flags |= IWI_FLAG_SCANNING; 1095 iwi_scan(sc); 1096 break; 1097 1098 case IEEE80211_S_AUTH: 1099 iwi_auth_and_assoc(sc); 1100 break; 1101 1102 case IEEE80211_S_RUN: 1103 if (ic->ic_opmode == IEEE80211_M_IBSS) 1104 iwi_auth_and_assoc(sc); 1105 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1106 iwi_set_chan(sc, ic->ic_ibss_chan); 1107 1108 /* assoc led on */ 1109 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1110 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp | IWI_LED_ASSOC); 1111 1112 return sc->sc_newstate(ic, nstate, 1113 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1114 1115 case IEEE80211_S_ASSOC: 1116 break; 1117 1118 case IEEE80211_S_INIT: 1119 sc->flags &= ~IWI_FLAG_SCANNING; 1120 1121 if (ostate != IEEE80211_S_RUN) 1122 break; 1123 1124 /* assoc led off */ 1125 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1126 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp & ~IWI_LED_ASSOC); 1127 break; 1128 } 1129 1130 ic->ic_state = nstate; 1131 1132 return 0; 1133 } 1134 1135 /* 1136 * WME parameters coming from IEEE 802.11e specification. These values are 1137 * already declared in ieee80211_proto.c, but they are static so they can't 1138 * be reused here. 1139 */ 1140 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1141 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1142 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1143 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1144 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1145 }; 1146 1147 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1148 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1149 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1150 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1151 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1152 }; 1153 1154 static int 1155 iwi_wme_update(struct ieee80211com *ic) 1156 { 1157 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1158 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1159 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1160 struct iwi_wme_params wme[3]; 1161 const struct wmeParams *wmep; 1162 int ac; 1163 1164 /* 1165 * We shall not override firmware default WME values if WME is not 1166 * actually enabled. 1167 */ 1168 if (!(ic->ic_flags & IEEE80211_F_WME)) 1169 return 0; 1170 1171 for (ac = 0; ac < WME_NUM_AC; ac++) { 1172 /* set WME values for current operating mode */ 1173 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1174 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1175 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1176 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1177 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1178 wme[0].acm[ac] = wmep->wmep_acm; 1179 1180 /* set WME values for CCK modulation */ 1181 wmep = &iwi_wme_cck_params[ac]; 1182 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1183 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1184 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1185 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1186 wme[1].acm[ac] = wmep->wmep_acm; 1187 1188 /* set WME values for OFDM modulation */ 1189 wmep = &iwi_wme_ofdm_params[ac]; 1190 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1191 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1192 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1193 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1194 wme[2].acm[ac] = wmep->wmep_acm; 1195 } 1196 1197 DPRINTF(("Setting WME parameters\n")); 1198 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1199 #undef IWI_USEC 1200 #undef IWI_EXP2 1201 } 1202 1203 /* 1204 * Read 16 bits at address 'addr' from the serial EEPROM. 1205 */ 1206 static uint16_t 1207 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1208 { 1209 uint32_t tmp; 1210 uint16_t val; 1211 int n; 1212 1213 /* Clock C once before the first command */ 1214 IWI_EEPROM_CTL(sc, 0); 1215 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1216 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1217 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1218 1219 /* Write start bit (1) */ 1220 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1221 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1222 1223 /* Write READ opcode (10) */ 1224 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1225 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1226 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1227 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1228 1229 /* Write address A7-A0 */ 1230 for (n = 7; n >= 0; n--) { 1231 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1232 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1233 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1234 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1235 } 1236 1237 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1238 1239 /* Read data Q15-Q0 */ 1240 val = 0; 1241 for (n = 15; n >= 0; n--) { 1242 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1243 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1244 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1245 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1246 } 1247 1248 IWI_EEPROM_CTL(sc, 0); 1249 1250 /* Clear Chip Select and clock C */ 1251 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1252 IWI_EEPROM_CTL(sc, 0); 1253 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1254 1255 return val; 1256 } 1257 1258 /* 1259 * XXX: Hack to set the current channel to the value advertised in beacons or 1260 * probe responses. Only used during AP detection. 1261 */ 1262 static void 1263 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1264 { 1265 struct ieee80211_frame *wh; 1266 uint8_t subtype; 1267 uint8_t *frm, *efrm; 1268 1269 wh = mtod(m, struct ieee80211_frame *); 1270 1271 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1272 return; 1273 1274 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1275 1276 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1277 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1278 return; 1279 1280 frm = (uint8_t *)(wh + 1); 1281 efrm = mtod(m, uint8_t *) + m->m_len; 1282 1283 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1284 while (frm < efrm) { 1285 if (*frm == IEEE80211_ELEMID_DSPARMS) 1286 #if IEEE80211_CHAN_MAX < 255 1287 if (frm[2] <= IEEE80211_CHAN_MAX) 1288 #endif 1289 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1290 1291 frm += frm[1] + 2; 1292 } 1293 } 1294 1295 static void 1296 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1297 struct iwi_frame *frame) 1298 { 1299 struct ieee80211com *ic = &sc->sc_ic; 1300 struct ifnet *ifp = ic->ic_ifp; 1301 struct mbuf *mnew, *m; 1302 struct ieee80211_frame *wh; 1303 struct ieee80211_node *ni; 1304 int error; 1305 1306 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1307 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1308 1309 if (le16toh(frame->len) < sizeof (struct ieee80211_frame)) 1310 return; 1311 1312 /* 1313 * Try to allocate a new mbuf for this ring element and load it before 1314 * processing the current mbuf. If the ring element cannot be loaded, 1315 * drop the received packet and reuse the old mbuf. In the unlikely 1316 * case that the old mbuf can't be reloaded either, explicitly panic. 1317 */ 1318 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR); 1319 if (mnew == NULL) { 1320 ifp->if_ierrors++; 1321 return; 1322 } 1323 1324 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1325 1326 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1327 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr, 1328 0); 1329 if (error != 0) { 1330 m_freem(mnew); 1331 1332 /* try to reload the old mbuf */ 1333 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1334 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 1335 &data->physaddr, 0); 1336 if (error != 0) { 1337 /* very unlikely that it will fail... */ 1338 panic("%s: could not load old rx mbuf", 1339 device_get_name(sc->sc_dev)); 1340 } 1341 ifp->if_ierrors++; 1342 return; 1343 } 1344 1345 /* 1346 * New mbuf successfully loaded, update Rx ring and continue 1347 * processing. 1348 */ 1349 m = data->m; 1350 data->m = mnew; 1351 CSR_WRITE_4(sc, data->reg, data->physaddr); 1352 1353 /* Finalize mbuf */ 1354 m->m_pkthdr.rcvif = ifp; 1355 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1356 sizeof (struct iwi_frame) + le16toh(frame->len); 1357 1358 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1359 1360 if (ic->ic_state == IEEE80211_S_SCAN) 1361 iwi_fix_channel(ic, m); 1362 1363 if (sc->sc_drvbpf != NULL) { 1364 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1365 1366 tap->wr_flags = 0; 1367 tap->wr_rate = frame->rate; 1368 tap->wr_chan_freq = 1369 htole16(ic->ic_channels[frame->chan].ic_freq); 1370 tap->wr_chan_flags = 1371 htole16(ic->ic_channels[frame->chan].ic_flags); 1372 tap->wr_antsignal = frame->signal; 1373 tap->wr_antenna = frame->antenna; 1374 1375 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len); 1376 } 1377 1378 wh = mtod(m, struct ieee80211_frame *); 1379 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1380 1381 /* send the frame to the 802.11 layer */ 1382 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1383 1384 /* node is no longer needed */ 1385 ieee80211_free_node(ni); 1386 } 1387 1388 static void 1389 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1390 { 1391 struct ieee80211com *ic = &sc->sc_ic; 1392 struct iwi_notif_scan_channel *chan; 1393 struct iwi_notif_scan_complete *scan; 1394 struct iwi_notif_authentication *auth; 1395 struct iwi_notif_association *assoc; 1396 1397 switch (notif->type) { 1398 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1399 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1400 1401 DPRINTFN(2, ("Scanning channel (%u)\n", chan->nchan)); 1402 break; 1403 1404 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1405 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1406 1407 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1408 scan->status)); 1409 1410 /* monitor mode uses scan to set the channel ... */ 1411 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1412 sc->flags &= ~IWI_FLAG_SCANNING; 1413 ieee80211_end_scan(ic); 1414 } else 1415 iwi_set_chan(sc, ic->ic_ibss_chan); 1416 break; 1417 1418 case IWI_NOTIF_TYPE_AUTHENTICATION: 1419 auth = (struct iwi_notif_authentication *)(notif + 1); 1420 1421 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1422 1423 switch (auth->state) { 1424 case IWI_AUTHENTICATED: 1425 ieee80211_node_authorize(ic->ic_bss); 1426 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1427 break; 1428 1429 case IWI_DEAUTHENTICATED: 1430 break; 1431 1432 default: 1433 device_printf(sc->sc_dev, 1434 "unknown authentication state %u\n", auth->state); 1435 } 1436 break; 1437 1438 case IWI_NOTIF_TYPE_ASSOCIATION: 1439 assoc = (struct iwi_notif_association *)(notif + 1); 1440 1441 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1442 assoc->status)); 1443 1444 switch (assoc->state) { 1445 case IWI_AUTHENTICATED: 1446 /* re-association, do nothing */ 1447 break; 1448 1449 case IWI_ASSOCIATED: 1450 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1451 break; 1452 1453 case IWI_DEASSOCIATED: 1454 ieee80211_begin_scan(ic, 1); 1455 break; 1456 1457 default: 1458 device_printf(sc->sc_dev, 1459 "unknown association state %u\n", assoc->state); 1460 } 1461 break; 1462 1463 default: 1464 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1465 } 1466 } 1467 1468 static void 1469 iwi_rx_intr(struct iwi_softc *sc) 1470 { 1471 struct iwi_rx_data *data; 1472 struct iwi_hdr *hdr; 1473 uint32_t hw; 1474 1475 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1476 1477 for (; sc->rxq.cur != hw;) { 1478 data = &sc->rxq.data[sc->rxq.cur]; 1479 1480 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1481 BUS_DMASYNC_POSTREAD); 1482 1483 hdr = mtod(data->m, struct iwi_hdr *); 1484 1485 switch (hdr->type) { 1486 case IWI_HDR_TYPE_FRAME: 1487 iwi_frame_intr(sc, data, sc->rxq.cur, 1488 (struct iwi_frame *)(hdr + 1)); 1489 break; 1490 1491 case IWI_HDR_TYPE_NOTIF: 1492 iwi_notification_intr(sc, 1493 (struct iwi_notif *)(hdr + 1)); 1494 break; 1495 1496 default: 1497 device_printf(sc->sc_dev, "unknown hdr type %u\n", 1498 hdr->type); 1499 } 1500 1501 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1502 1503 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT; 1504 } 1505 1506 /* Tell the firmware what we have processed */ 1507 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1; 1508 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1509 } 1510 1511 static void 1512 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1513 { 1514 struct ieee80211com *ic = &sc->sc_ic; 1515 struct ifnet *ifp = ic->ic_ifp; 1516 struct iwi_tx_data *data; 1517 uint32_t hw; 1518 1519 hw = CSR_READ_4(sc, txq->csr_ridx); 1520 1521 for (; txq->next != hw;) { 1522 data = &txq->data[txq->next]; 1523 1524 bus_dmamap_sync(txq->data_dmat, data->map, 1525 BUS_DMASYNC_POSTWRITE); 1526 bus_dmamap_unload(txq->data_dmat, data->map); 1527 m_freem(data->m); 1528 data->m = NULL; 1529 ieee80211_free_node(data->ni); 1530 data->ni = NULL; 1531 1532 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1533 1534 ifp->if_opackets++; 1535 1536 txq->queued--; 1537 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT; 1538 } 1539 1540 sc->sc_tx_timer = 0; 1541 ifp->if_flags &= ~IFF_OACTIVE; 1542 iwi_start(ifp); 1543 } 1544 1545 static void 1546 iwi_intr(void *arg) 1547 { 1548 struct iwi_softc *sc = arg; 1549 uint32_t r; 1550 1551 r = CSR_READ_4(sc, IWI_CSR_INTR); 1552 if (r == 0 || r == 0xffffffff) 1553 return; 1554 1555 /* disable interrupts */ 1556 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1557 1558 if (r & IWI_INTR_FATAL_ERROR) { 1559 device_printf(sc->sc_dev, "fatal error\n"); 1560 1561 if ((sc->flags & (IWI_FLAG_EXIT | IWI_FLAG_RESET)) == 0) { 1562 sc->flags |= IWI_FLAG_RESET; 1563 device_printf(sc->sc_dev, "wake firmware monitor\n"); 1564 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1565 } 1566 } 1567 1568 if (r & IWI_INTR_PARITY_ERROR) { 1569 device_printf(sc->sc_dev, "parity error\n"); 1570 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1571 iwi_stop(sc); 1572 } 1573 1574 if (r & IWI_INTR_FW_INITED) { 1575 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1576 wakeup(IWI_FW_INITIALIZED(sc)); 1577 } 1578 1579 if (r & IWI_INTR_RADIO_OFF) { 1580 DPRINTF(("radio transmitter turned off\n")); 1581 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1582 iwi_stop(sc); 1583 } 1584 1585 if (r & IWI_INTR_CMD_DONE) 1586 wakeup(IWI_FW_CMD_ACKED(sc)); 1587 1588 if (r & IWI_INTR_TX1_DONE) 1589 iwi_tx_intr(sc, &sc->txq[0]); 1590 1591 if (r & IWI_INTR_TX2_DONE) 1592 iwi_tx_intr(sc, &sc->txq[1]); 1593 1594 if (r & IWI_INTR_TX3_DONE) 1595 iwi_tx_intr(sc, &sc->txq[2]); 1596 1597 if (r & IWI_INTR_TX4_DONE) 1598 iwi_tx_intr(sc, &sc->txq[3]); 1599 1600 if (r & IWI_INTR_RX_DONE) 1601 iwi_rx_intr(sc); 1602 1603 /* acknowledge interrupts */ 1604 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1605 1606 /* re-enable interrupts */ 1607 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 1608 } 1609 1610 static int 1611 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, int async) 1612 { 1613 struct iwi_cmd_desc *desc; 1614 struct ifnet *ifp = &sc->sc_ic.ic_if; 1615 int ret; 1616 1617 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1618 1619 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1620 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1621 desc->type = type; 1622 desc->len = len; 1623 memcpy(desc->data, data, len); 1624 1625 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map, 1626 BUS_DMASYNC_PREWRITE); 1627 1628 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1629 type, len)); 1630 1631 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT; 1632 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1633 1634 if (!async) { 1635 ASSERT_SERIALIZED(ifp->if_serializer); 1636 1637 crit_enter(); 1638 tsleep_interlock(IWI_FW_CMD_ACKED(sc)); 1639 lwkt_serialize_exit(ifp->if_serializer); 1640 ret = tsleep(IWI_FW_CMD_ACKED(sc), 0, "iwicmd", hz); 1641 crit_exit(); 1642 lwkt_serialize_enter(ifp->if_serializer); 1643 } else { 1644 ret = 0; 1645 } 1646 1647 return ret; 1648 } 1649 1650 static void 1651 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1652 { 1653 struct iwi_ibssnode node; 1654 1655 /* write node information into NIC memory */ 1656 memset(&node, 0, sizeof node); 1657 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1658 1659 CSR_WRITE_REGION_1(sc, 1660 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1661 (uint8_t *)&node, sizeof node); 1662 } 1663 1664 struct iwi_dma_mapping { 1665 bus_dma_segment_t segs[IWI_MAX_NSEG]; 1666 int nseg; 1667 bus_size_t mapsize; 1668 }; 1669 1670 static void 1671 iwi_dma_map_mbuf(void *arg, bus_dma_segment_t *segs, int nseg, 1672 bus_size_t mapsize, int error) 1673 { 1674 struct iwi_dma_mapping *map = arg; 1675 1676 if (error != 0) 1677 return; 1678 1679 KASSERT(nseg <= IWI_MAX_NSEG, ("too many DMA segments %d", nseg)); 1680 1681 bcopy(segs, map->segs, nseg * sizeof(bus_dma_segment_t)); 1682 map->nseg = nseg; 1683 map->mapsize = mapsize; 1684 } 1685 1686 static int 1687 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1688 int ac) 1689 { 1690 struct iwi_softc *sc = ifp->if_softc; 1691 struct ieee80211com *ic = &sc->sc_ic; 1692 struct iwi_node *in = (struct iwi_node *)ni; 1693 struct ieee80211_frame *wh; 1694 struct ieee80211_key *k; 1695 const struct chanAccParams *cap; 1696 struct iwi_tx_ring *txq = &sc->txq[ac]; 1697 struct iwi_tx_data *data; 1698 struct iwi_tx_desc *desc; 1699 struct mbuf *mnew; 1700 struct iwi_dma_mapping map; 1701 int error, hdrlen, i, noack = 0; 1702 1703 wh = mtod(m0, struct ieee80211_frame *); 1704 1705 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1706 hdrlen = sizeof (struct ieee80211_qosframe); 1707 cap = &ic->ic_wme.wme_chanParams; 1708 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1709 } else 1710 hdrlen = sizeof (struct ieee80211_frame); 1711 1712 /* 1713 * This is only used in IBSS mode where the firmware expect an index 1714 * in a h/w table instead of a destination address. 1715 */ 1716 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1717 in->in_station = iwi_alloc_ibss_node(sc); 1718 if (in->in_station == -1) { /* h/w table is full */ 1719 m_freem(m0); 1720 ieee80211_free_node(ni); 1721 ifp->if_oerrors++; 1722 if_printf(ifp, "ibss table is full\n"); 1723 return 0; 1724 } 1725 iwi_write_ibssnode(sc, in); 1726 } 1727 1728 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1729 k = ieee80211_crypto_encap(ic, ni, m0); 1730 if (k == NULL) { 1731 m_freem(m0); 1732 return ENOBUFS; 1733 } 1734 1735 /* packet header may have moved, reset our local pointer */ 1736 wh = mtod(m0, struct ieee80211_frame *); 1737 } 1738 1739 if (sc->sc_drvbpf != NULL) { 1740 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1741 1742 tap->wt_flags = 0; 1743 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1744 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1745 1746 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len); 1747 } 1748 1749 data = &txq->data[txq->cur]; 1750 desc = &txq->desc[txq->cur]; 1751 1752 /* save and trim IEEE802.11 header */ 1753 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1754 m_adj(m0, hdrlen); 1755 1756 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1757 iwi_dma_map_mbuf, &map, BUS_DMA_NOWAIT); 1758 if (error != 0 && error != EFBIG) { 1759 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1760 error); 1761 m_freem(m0); 1762 return error; 1763 } 1764 if (error != 0) { 1765 mnew = m_defrag(m0, MB_DONTWAIT); 1766 if (mnew == NULL) { 1767 device_printf(sc->sc_dev, 1768 "could not defragment mbuf\n"); 1769 m_freem(m0); 1770 return ENOBUFS; 1771 } 1772 m0 = mnew; 1773 1774 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1775 iwi_dma_map_mbuf, &map, 1776 BUS_DMA_NOWAIT); 1777 if (error != 0) { 1778 device_printf(sc->sc_dev, 1779 "could not map mbuf (error %d)\n", error); 1780 m_freem(m0); 1781 return error; 1782 } 1783 } 1784 1785 data->m = m0; 1786 data->ni = ni; 1787 1788 desc->hdr.type = IWI_HDR_TYPE_DATA; 1789 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1790 desc->station = 1791 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1792 desc->cmd = IWI_DATA_CMD_TX; 1793 desc->len = htole16(m0->m_pkthdr.len); 1794 desc->flags = 0; 1795 desc->xflags = 0; 1796 1797 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1798 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1799 1800 #if 0 1801 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1802 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1803 desc->weptxkey = ic->ic_crypto.cs_def_txkey; 1804 } else 1805 #endif 1806 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1807 1808 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1809 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1810 1811 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1812 desc->xflags |= IWI_DATA_XFLAG_QOS; 1813 1814 desc->nseg = htole32(map.nseg); 1815 for (i = 0; i < map.nseg; i++) { 1816 desc->seg_addr[i] = htole32(map.segs[i].ds_addr); 1817 desc->seg_len[i] = htole16(map.segs[i].ds_len); 1818 } 1819 1820 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1821 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1822 1823 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1824 ac, txq->cur, le16toh(desc->len), map.nseg)); 1825 1826 txq->queued++; 1827 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT; 1828 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1829 1830 return 0; 1831 } 1832 1833 static void 1834 iwi_start(struct ifnet *ifp) 1835 { 1836 struct iwi_softc *sc = ifp->if_softc; 1837 struct ieee80211com *ic = &sc->sc_ic; 1838 struct mbuf *m0; 1839 struct ether_header *eh; 1840 struct ieee80211_node *ni; 1841 int ac; 1842 1843 if (ic->ic_state != IEEE80211_S_RUN) 1844 return; 1845 1846 IF_POLL(&ic->ic_mgtq, m0); 1847 if (m0 != NULL) 1848 ieee80211_drain_mgtq(&ic->ic_mgtq); 1849 1850 for (;;) { 1851 m0 = ifq_dequeue(&ifp->if_snd, NULL); 1852 if (m0 == NULL) 1853 break; 1854 1855 if (m0->m_len < sizeof (struct ether_header) && 1856 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1857 ifp->if_oerrors++; 1858 continue; 1859 } 1860 eh = mtod(m0, struct ether_header *); 1861 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1862 if (ni == NULL) { 1863 m_freem(m0); 1864 ifp->if_oerrors++; 1865 continue; 1866 } 1867 1868 /* classify mbuf so we can find which tx ring to use */ 1869 if (ieee80211_classify(ic, m0, ni) != 0) { 1870 m_freem(m0); 1871 ieee80211_free_node(ni); 1872 ifp->if_oerrors++; 1873 continue; 1874 } 1875 1876 /* no QoS encapsulation for EAPOL frames */ 1877 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1878 M_WME_GETAC(m0) : WME_AC_BE; 1879 1880 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) { 1881 /* there is no place left in this ring */ 1882 m_freem(m0); 1883 ieee80211_free_node(ni); 1884 ifp->if_flags |= IFF_OACTIVE; 1885 break; 1886 } 1887 1888 BPF_MTAP(ifp, m0); 1889 1890 m0 = ieee80211_encap(ic, m0, ni); 1891 if (m0 == NULL) { 1892 ieee80211_free_node(ni); 1893 ifp->if_oerrors++; 1894 continue; 1895 } 1896 1897 if (ic->ic_rawbpf != NULL) 1898 bpf_mtap(ic->ic_rawbpf, m0); 1899 1900 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1901 ieee80211_free_node(ni); 1902 ifp->if_oerrors++; 1903 break; 1904 } 1905 1906 sc->sc_tx_timer = 5; 1907 ifp->if_timer = 1; 1908 } 1909 } 1910 1911 static void 1912 iwi_watchdog(struct ifnet *ifp) 1913 { 1914 struct iwi_softc *sc = ifp->if_softc; 1915 struct ieee80211com *ic = &sc->sc_ic; 1916 1917 ifp->if_timer = 0; 1918 1919 if (sc->sc_tx_timer > 0) { 1920 if (--sc->sc_tx_timer == 0) { 1921 if_printf(ifp, "device timeout\n"); 1922 ifp->if_oerrors++; 1923 sc->flags |= IWI_FLAG_RESET; 1924 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1925 return; 1926 } 1927 ifp->if_timer = 1; 1928 } 1929 1930 ieee80211_watchdog(ic); 1931 } 1932 1933 static int 1934 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 1935 { 1936 struct iwi_softc *sc = ifp->if_softc; 1937 struct ieee80211com *ic = &sc->sc_ic; 1938 struct ifreq *ifr; 1939 int error = 0; 1940 1941 switch (cmd) { 1942 case SIOCSIFFLAGS: 1943 if (ifp->if_flags & IFF_UP) { 1944 if (!(ifp->if_flags & IFF_RUNNING)) 1945 iwi_init(sc); 1946 } else { 1947 if (ifp->if_flags & IFF_RUNNING) 1948 iwi_stop(sc); 1949 } 1950 break; 1951 1952 case SIOCSLOADFW: 1953 /* only super-user can do that! */ 1954 error = suser_cred(cr, NULL_CRED_OKAY); 1955 if (error != 0) 1956 break; 1957 1958 ifr = (struct ifreq *)data; 1959 error = iwi_cache_firmware(sc, ifr->ifr_data); 1960 break; 1961 1962 case SIOCSKILLFW: 1963 /* only super-user can do that! */ 1964 error = suser_cred(cr, NULL_CRED_OKAY); 1965 if (error != 0) 1966 break; 1967 1968 ifp->if_flags &= ~IFF_UP; 1969 iwi_stop(sc); 1970 iwi_free_firmware(sc); 1971 break; 1972 1973 default: 1974 error = ieee80211_ioctl(ic, cmd, data, cr); 1975 } 1976 1977 if (error == ENETRESET) { 1978 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1979 (IFF_UP | IFF_RUNNING) && 1980 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1981 iwi_init(sc); 1982 error = 0; 1983 } 1984 1985 return error; 1986 } 1987 1988 static void 1989 iwi_stop_master(struct iwi_softc *sc) 1990 { 1991 uint32_t tmp; 1992 int ntries; 1993 1994 /* disable interrupts */ 1995 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1996 1997 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 1998 for (ntries = 0; ntries < 5; ntries++) { 1999 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2000 break; 2001 DELAY(10); 2002 } 2003 if (ntries == 5) 2004 if_printf(&sc->sc_ic.ic_if, "timeout waiting for master\n"); 2005 2006 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2007 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET); 2008 2009 sc->flags &= ~IWI_FLAG_FW_INITED; 2010 } 2011 2012 static int 2013 iwi_reset(struct iwi_softc *sc) 2014 { 2015 uint32_t tmp; 2016 int i, ntries; 2017 2018 iwi_stop_master(sc); 2019 2020 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2021 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2022 2023 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 2024 2025 /* Wait for clock stabilization */ 2026 for (ntries = 0; ntries < 1000; ntries++) { 2027 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 2028 break; 2029 DELAY(200); 2030 } 2031 if (ntries == 1000) { 2032 if_printf(&sc->sc_ic.ic_if, 2033 "timeout waiting for clock stabilization\n"); 2034 return EIO; 2035 } 2036 2037 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2038 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET); 2039 2040 DELAY(10); 2041 2042 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2043 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2044 2045 /* Clear NIC memory */ 2046 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2047 for (i = 0; i < 0xc000; i++) 2048 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2049 2050 return 0; 2051 } 2052 2053 static int 2054 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 2055 { 2056 uint32_t tmp; 2057 uint16_t *w; 2058 int ntries, i; 2059 2060 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2061 IWI_RST_STOP_MASTER); 2062 for (ntries = 0; ntries < 5; ntries++) { 2063 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2064 break; 2065 DELAY(10); 2066 } 2067 if (ntries == 5) { 2068 device_printf(sc->sc_dev, "timeout waiting for master\n"); 2069 return EIO; 2070 } 2071 2072 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2073 DELAY(5000); 2074 2075 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2076 tmp &= ~IWI_RST_PRINCETON_RESET; 2077 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2078 2079 DELAY(5000); 2080 MEM_WRITE_4(sc, 0x3000e0, 0); 2081 DELAY(1000); 2082 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 1); 2083 DELAY(1000); 2084 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 0); 2085 DELAY(1000); 2086 MEM_WRITE_1(sc, 0x200000, 0x00); 2087 MEM_WRITE_1(sc, 0x200000, 0x40); 2088 DELAY(1000); 2089 2090 /* write microcode into adapter memory */ 2091 for (w = uc; size > 0; w++, size -= 2) 2092 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2093 2094 MEM_WRITE_1(sc, 0x200000, 0x00); 2095 MEM_WRITE_1(sc, 0x200000, 0x80); 2096 2097 /* wait until we get an answer */ 2098 for (ntries = 0; ntries < 100; ntries++) { 2099 if (MEM_READ_1(sc, 0x200000) & 1) 2100 break; 2101 DELAY(100); 2102 } 2103 if (ntries == 100) { 2104 device_printf(sc->sc_dev, 2105 "timeout waiting for ucode to initialize\n"); 2106 return EIO; 2107 } 2108 2109 /* read the answer or the firmware will not initialize properly */ 2110 for (i = 0; i < 7; i++) 2111 MEM_READ_4(sc, 0x200004); 2112 2113 MEM_WRITE_1(sc, 0x200000, 0x00); 2114 2115 return 0; 2116 } 2117 2118 /* macro to handle unaligned little endian data in firmware image */ 2119 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2120 2121 static int 2122 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2123 { 2124 bus_dma_tag_t dmat; 2125 bus_dmamap_t map; 2126 bus_addr_t physaddr; 2127 void *virtaddr; 2128 u_char *p, *end; 2129 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp; 2130 int ntries, error = 0; 2131 struct ifnet *ifp = &sc->sc_ic.ic_if; 2132 2133 ASSERT_SERIALIZED(ifp->if_serializer); 2134 2135 /* Allocate DMA memory for mapping firmware image */ 2136 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 2137 BUS_SPACE_MAXADDR, NULL, NULL, size, 1, size, 0, &dmat); 2138 if (error != 0) { 2139 device_printf(sc->sc_dev, 2140 "could not create firmware DMA tag\n"); 2141 goto fail1; 2142 } 2143 2144 error = bus_dmamem_alloc(dmat, &virtaddr, BUS_DMA_WAITOK, &map); 2145 if (error != 0) { 2146 device_printf(sc->sc_dev, 2147 "could not allocate firmware DMA memory\n"); 2148 goto fail2; 2149 } 2150 2151 error = bus_dmamap_load(dmat, map, virtaddr, size, iwi_dma_map_addr, 2152 &physaddr, 0); 2153 if (error != 0) { 2154 device_printf(sc->sc_dev, "could not load firmware DMA map\n"); 2155 goto fail3; 2156 } 2157 2158 /* Copy firmware image to DMA memory */ 2159 memcpy(virtaddr, fw, size); 2160 2161 /* Make sure the adapter will get up-to-date values */ 2162 bus_dmamap_sync(dmat, map, BUS_DMASYNC_PREWRITE); 2163 2164 /* Tell the adapter where the command blocks are stored */ 2165 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2166 2167 /* 2168 * Store command blocks into adapter's internal memory using register 2169 * indirections. The adapter will read the firmware image through DMA 2170 * using information stored in command blocks. 2171 */ 2172 src = physaddr; 2173 p = virtaddr; 2174 end = p + size; 2175 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2176 2177 while (p < end) { 2178 dst = GETLE32(p); p += 4; src += 4; 2179 len = GETLE32(p); p += 4; src += 4; 2180 p += len; 2181 2182 while (len > 0) { 2183 mlen = min(len, IWI_CB_MAXDATALEN); 2184 2185 ctl = IWI_CB_DEFAULT_CTL | mlen; 2186 sum = ctl ^ src ^ dst; 2187 2188 /* Write a command block */ 2189 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2190 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src); 2191 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst); 2192 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2193 2194 src += mlen; 2195 dst += mlen; 2196 len -= mlen; 2197 } 2198 } 2199 2200 /* Write a fictive final command block (sentinel) */ 2201 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2202 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2203 2204 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2205 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER); 2206 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2207 2208 /* Tell the adapter to start processing command blocks */ 2209 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2210 2211 /* Wait until the adapter reaches the sentinel */ 2212 for (ntries = 0; ntries < 400; ntries++) { 2213 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2214 break; 2215 DELAY(100); 2216 } 2217 if (ntries == 400) { 2218 device_printf(sc->sc_dev, 2219 "timeout processing command blocks\n"); 2220 error = EIO; 2221 goto fail4; 2222 } 2223 2224 /* We're done with command blocks processing */ 2225 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2226 2227 /* Allow interrupts so we know when the firmware is ready */ 2228 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2229 2230 /* Tell the adapter to initialize the firmware */ 2231 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2232 2233 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2234 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY); 2235 2236 /* wait at most one second for firmware initialization to complete */ 2237 crit_enter(); 2238 tsleep_interlock(IWI_FW_INITIALIZED(sc)); 2239 lwkt_serialize_exit(ifp->if_serializer); 2240 error = tsleep(IWI_FW_INITIALIZED(sc), 0, "iwiinit", hz); 2241 crit_exit(); 2242 lwkt_serialize_enter(ifp->if_serializer); 2243 if (error != 0) { 2244 device_printf(sc->sc_dev, "timeout waiting for firmware " 2245 "initialization to complete\n"); 2246 goto fail4; 2247 } 2248 2249 fail4: bus_dmamap_sync(dmat, map, BUS_DMASYNC_POSTWRITE); 2250 bus_dmamap_unload(dmat, map); 2251 fail3: bus_dmamem_free(dmat, virtaddr, map); 2252 fail2: bus_dma_tag_destroy(dmat); 2253 fail1: 2254 return error; 2255 } 2256 2257 /* 2258 * Store firmware into kernel memory so we can download it when we need to, 2259 * e.g when the adapter wakes up from suspend mode. 2260 */ 2261 static int 2262 iwi_cache_firmware(struct iwi_softc *sc, void *data) 2263 { 2264 struct iwi_firmware *kfw = &sc->fw; 2265 struct iwi_firmware ufw; 2266 int error; 2267 2268 iwi_free_firmware(sc); 2269 2270 if ((error = copyin(data, &ufw, sizeof ufw)) != 0) 2271 return error; 2272 2273 kfw->boot_size = ufw.boot_size; 2274 kfw->ucode_size = ufw.ucode_size; 2275 kfw->main_size = ufw.main_size; 2276 2277 kfw->boot = kmalloc(kfw->boot_size, M_DEVBUF, M_WAITOK); 2278 kfw->ucode = kmalloc(kfw->ucode_size, M_DEVBUF, M_WAITOK); 2279 kfw->main = kmalloc(kfw->main_size, M_DEVBUF, M_WAITOK); 2280 2281 if ((error = copyin(ufw.boot, kfw->boot, kfw->boot_size)) != 0) 2282 goto fail; 2283 2284 if ((error = copyin(ufw.ucode, kfw->ucode, kfw->ucode_size)) != 0) 2285 goto fail; 2286 2287 if ((error = copyin(ufw.main, kfw->main, kfw->main_size)) != 0) 2288 goto fail; 2289 2290 DPRINTF(("Firmware cached: boot %u, ucode %u, main %u\n", 2291 kfw->boot_size, kfw->ucode_size, kfw->main_size)); 2292 2293 sc->flags |= IWI_FLAG_FW_CACHED; 2294 2295 return 0; 2296 2297 fail: 2298 kfree(kfw->boot, M_DEVBUF); 2299 kfree(kfw->ucode, M_DEVBUF); 2300 kfree(kfw->main, M_DEVBUF); 2301 2302 return error; 2303 } 2304 2305 static void 2306 iwi_free_firmware(struct iwi_softc *sc) 2307 { 2308 if (!(sc->flags & IWI_FLAG_FW_CACHED)) 2309 return; 2310 2311 kfree(sc->fw.boot, M_DEVBUF); 2312 kfree(sc->fw.ucode, M_DEVBUF); 2313 kfree(sc->fw.main, M_DEVBUF); 2314 2315 sc->flags &= ~IWI_FLAG_FW_CACHED; 2316 } 2317 2318 static int 2319 iwi_config(struct iwi_softc *sc) 2320 { 2321 struct ieee80211com *ic = &sc->sc_ic; 2322 struct ifnet *ifp = ic->ic_ifp; 2323 struct iwi_configuration config; 2324 struct iwi_rateset rs; 2325 struct iwi_txpower power; 2326 struct ieee80211_key *wk; 2327 struct iwi_wep_key wepkey; 2328 uint32_t data; 2329 int error, i; 2330 2331 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2332 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":")); 2333 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2334 IEEE80211_ADDR_LEN, 0); 2335 if (error != 0) 2336 return error; 2337 2338 memset(&config, 0, sizeof config); 2339 config.bluetooth_coexistence = sc->bluetooth; 2340 config.antenna = sc->antenna; 2341 config.multicast_enabled = 1; 2342 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2343 config.disable_unicast_decryption = 1; 2344 config.disable_multicast_decryption = 1; 2345 DPRINTF(("Configuring adapter\n")); 2346 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 0); 2347 if (error != 0) 2348 return error; 2349 2350 data = htole32(IWI_POWER_MODE_CAM); 2351 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2352 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2353 if (error != 0) 2354 return error; 2355 2356 data = htole32(ic->ic_rtsthreshold); 2357 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2358 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2359 if (error != 0) 2360 return error; 2361 2362 data = htole32(ic->ic_fragthreshold); 2363 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2364 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2365 if (error != 0) 2366 return error; 2367 2368 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2369 power.mode = IWI_MODE_11B; 2370 power.nchan = 11; 2371 for (i = 0; i < 11; i++) { 2372 power.chan[i].chan = i + 1; 2373 power.chan[i].power = IWI_TXPOWER_MAX; 2374 } 2375 DPRINTF(("Setting .11b channels tx power\n")); 2376 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2377 0); 2378 if (error != 0) 2379 return error; 2380 2381 power.mode = IWI_MODE_11G; 2382 DPRINTF(("Setting .11g channels tx power\n")); 2383 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2384 0); 2385 if (error != 0) 2386 return error; 2387 } 2388 2389 rs.mode = IWI_MODE_11G; 2390 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2391 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2392 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2393 rs.nrates); 2394 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2395 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2396 if (error != 0) 2397 return error; 2398 2399 rs.mode = IWI_MODE_11A; 2400 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2401 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2402 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2403 rs.nrates); 2404 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2405 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2406 if (error != 0) 2407 return error; 2408 2409 /* if we have a desired ESSID, set it now */ 2410 if (ic->ic_des_esslen != 0) { 2411 #ifdef IWI_DEBUG 2412 if (iwi_debug > 0) { 2413 kprintf("Setting desired ESSID to "); 2414 ieee80211_print_essid(ic->ic_des_essid, 2415 ic->ic_des_esslen); 2416 kprintf("\n"); 2417 } 2418 #endif 2419 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2420 ic->ic_des_esslen, 0); 2421 if (error != 0) 2422 return error; 2423 } 2424 2425 data = htole32(karc4random()); 2426 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2427 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2428 if (error != 0) 2429 return error; 2430 2431 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2432 wk = &ic->ic_crypto.cs_nw_keys[i]; 2433 2434 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2435 wepkey.idx = i; 2436 wepkey.len = wk->wk_keylen; 2437 memset(wepkey.key, 0, sizeof wepkey.key); 2438 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2439 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx, 2440 wepkey.len)); 2441 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2442 sizeof wepkey, 0); 2443 if (error != 0) 2444 return error; 2445 } 2446 2447 /* Enable adapter */ 2448 DPRINTF(("Enabling adapter\n")); 2449 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2450 } 2451 2452 static int 2453 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2454 { 2455 struct ieee80211com *ic = &sc->sc_ic; 2456 struct iwi_scan scan; 2457 2458 memset(&scan, 0, sizeof scan); 2459 memset(scan.type, IWI_SCAN_TYPE_PASSIVE, sizeof scan.type); 2460 scan.passive = htole16(2000); 2461 scan.channels[0] = 1 | 2462 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2463 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2464 2465 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2466 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2467 } 2468 2469 static int 2470 iwi_scan(struct iwi_softc *sc) 2471 { 2472 struct ieee80211com *ic = &sc->sc_ic; 2473 struct iwi_scan scan; 2474 uint8_t *p; 2475 int i, count; 2476 2477 memset(&scan, 0, sizeof scan); 2478 2479 if (ic->ic_des_esslen != 0) { 2480 scan.bdirected = htole16(sc->dwelltime); 2481 memset(scan.type, IWI_SCAN_TYPE_BDIRECTED, sizeof scan.type); 2482 } else { 2483 scan.broadcast = htole16(sc->dwelltime); 2484 memset(scan.type, IWI_SCAN_TYPE_BROADCAST, sizeof scan.type); 2485 } 2486 2487 p = scan.channels; 2488 count = 0; 2489 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2490 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2491 isset(ic->ic_chan_active, i)) { 2492 *++p = i; 2493 count++; 2494 } 2495 } 2496 *(p - count) = IWI_CHAN_5GHZ | count; 2497 2498 p = (count > 0) ? p + 1 : scan.channels; 2499 count = 0; 2500 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2501 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2502 isset(ic->ic_chan_active, i)) { 2503 *++p = i; 2504 count++; 2505 } 2506 } 2507 *(p - count) = IWI_CHAN_2GHZ | count; 2508 2509 DPRINTF(("Start scanning\n")); 2510 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2511 } 2512 2513 static int 2514 iwi_auth_and_assoc(struct iwi_softc *sc) 2515 { 2516 struct ieee80211com *ic = &sc->sc_ic; 2517 struct ifnet *ifp = ic->ic_ifp; 2518 struct ieee80211_node *ni = ic->ic_bss; 2519 struct ieee80211_wme_info wme; 2520 struct iwi_configuration config; 2521 struct iwi_associate assoc; 2522 struct iwi_rateset rs; 2523 uint16_t capinfo; 2524 uint32_t data; 2525 int error; 2526 2527 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2528 memset(&config, 0, sizeof config); 2529 config.bluetooth_coexistence = sc->bluetooth; 2530 config.antenna = sc->antenna; 2531 config.multicast_enabled = 1; 2532 config.use_protection = 1; 2533 config.answer_pbreq = 2534 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2535 config.disable_unicast_decryption = 1; 2536 config.disable_multicast_decryption = 1; 2537 DPRINTF(("Configuring adapter\n")); 2538 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 2539 1); 2540 if (error != 0) 2541 return error; 2542 } 2543 2544 #ifdef IWI_DEBUG 2545 if (iwi_debug > 0) { 2546 kprintf("Setting ESSID to "); 2547 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2548 kprintf("\n"); 2549 } 2550 #endif 2551 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2552 if (error != 0) 2553 return error; 2554 2555 /* the rate set has already been "negotiated" */ 2556 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2557 IWI_MODE_11G; 2558 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2559 rs.nrates = ni->ni_rates.rs_nrates; 2560 KKASSERT(rs.nrates <= IWI_RATESET_MAXSIZE); 2561 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2562 DPRINTF(("Setting negociated rates (%u)\n", rs.nrates)); 2563 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2564 if (error != 0) 2565 return error; 2566 2567 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2568 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2569 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2570 wme.wme_oui[0] = 0x00; 2571 wme.wme_oui[1] = 0x50; 2572 wme.wme_oui[2] = 0xf2; 2573 wme.wme_type = WME_OUI_TYPE; 2574 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2575 wme.wme_version = WME_VERSION; 2576 wme.wme_info = 0; 2577 2578 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2579 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2580 if (error != 0) 2581 return error; 2582 } 2583 2584 if (ic->ic_opt_ie != NULL) { 2585 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2586 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2587 ic->ic_opt_ie_len, 1); 2588 if (error != 0) 2589 return error; 2590 } 2591 2592 data = htole32(ni->ni_rssi); 2593 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2594 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2595 if (error != 0) 2596 return error; 2597 2598 memset(&assoc, 0, sizeof assoc); 2599 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2600 IWI_MODE_11G; 2601 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2602 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2603 assoc.auth = ic->ic_crypto.cs_def_txkey << 4 | IWI_AUTH_SHARED; 2604 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2605 assoc.policy |= htole16(IWI_POLICY_WME); 2606 if (ic->ic_flags & IEEE80211_F_WPA) 2607 assoc.policy |= htole16(IWI_POLICY_WPA); 2608 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2609 2610 if (ic->ic_opmode == IEEE80211_M_IBSS) 2611 capinfo = IEEE80211_CAPINFO_IBSS; 2612 else 2613 capinfo = IEEE80211_CAPINFO_ESS; 2614 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2615 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2616 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2617 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2618 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2619 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2620 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2621 assoc.capinfo = htole16(capinfo); 2622 2623 assoc.lintval = htole16(ic->ic_lintval); 2624 assoc.intval = htole16(ni->ni_intval); 2625 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2626 if (ic->ic_opmode == IEEE80211_M_IBSS) 2627 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2628 else 2629 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2630 2631 DPRINTF(("Trying to associate to %6D channel %u auth %u\n", 2632 assoc.bssid, ":", assoc.chan, assoc.auth)); 2633 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2634 } 2635 2636 static void 2637 iwi_init(void *priv) 2638 { 2639 struct iwi_softc *sc = priv; 2640 struct ieee80211com *ic = &sc->sc_ic; 2641 struct ifnet *ifp = ic->ic_ifp; 2642 struct iwi_firmware *fw = &sc->fw; 2643 struct iwi_rx_data *data; 2644 int i; 2645 2646 /* exit immediately if firmware has not been ioctl'd */ 2647 if (!(sc->flags & IWI_FLAG_FW_CACHED)) { 2648 if (!(sc->flags & IWI_FLAG_FW_WARNED)) 2649 device_printf(sc->sc_dev, "Please load firmware\n"); 2650 sc->flags |= IWI_FLAG_FW_WARNED; 2651 ifp->if_flags &= ~IFF_UP; 2652 return; 2653 } 2654 2655 iwi_stop(sc); 2656 2657 if (iwi_reset(sc) != 0) { 2658 device_printf(sc->sc_dev, "could not reset adapter\n"); 2659 goto fail; 2660 } 2661 2662 if (iwi_load_firmware(sc, fw->boot, fw->boot_size) != 0) { 2663 device_printf(sc->sc_dev, "could not load boot firmware\n"); 2664 goto fail; 2665 } 2666 2667 if (iwi_load_ucode(sc, fw->ucode, fw->ucode_size) != 0) { 2668 device_printf(sc->sc_dev, "could not load microcode\n"); 2669 goto fail; 2670 } 2671 2672 iwi_stop_master(sc); 2673 2674 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr); 2675 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2676 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2677 2678 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr); 2679 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2680 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2681 2682 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr); 2683 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2684 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2685 2686 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr); 2687 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2688 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2689 2690 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr); 2691 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2692 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2693 2694 for (i = 0; i < sc->rxq.count; i++) { 2695 data = &sc->rxq.data[i]; 2696 CSR_WRITE_4(sc, data->reg, data->physaddr); 2697 } 2698 2699 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1); 2700 2701 if (iwi_load_firmware(sc, fw->main, fw->main_size) != 0) { 2702 device_printf(sc->sc_dev, "could not load main firmware\n"); 2703 goto fail; 2704 } 2705 2706 sc->flags |= IWI_FLAG_FW_INITED; 2707 2708 if (iwi_config(sc) != 0) { 2709 device_printf(sc->sc_dev, "device configuration failed\n"); 2710 goto fail; 2711 } 2712 2713 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2714 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2715 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2716 } else 2717 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2718 2719 ifp->if_flags &= ~IFF_OACTIVE; 2720 ifp->if_flags |= IFF_RUNNING; 2721 2722 return; 2723 2724 fail: ifp->if_flags &= ~IFF_UP; 2725 iwi_stop(sc); 2726 } 2727 2728 static void 2729 iwi_stop(void *priv) 2730 { 2731 struct iwi_softc *sc = priv; 2732 struct ieee80211com *ic = &sc->sc_ic; 2733 struct ifnet *ifp = ic->ic_ifp; 2734 2735 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2736 2737 iwi_stop_master(sc); 2738 2739 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET); 2740 2741 /* reset rings */ 2742 iwi_reset_cmd_ring(sc, &sc->cmdq); 2743 iwi_reset_tx_ring(sc, &sc->txq[0]); 2744 iwi_reset_tx_ring(sc, &sc->txq[1]); 2745 iwi_reset_tx_ring(sc, &sc->txq[2]); 2746 iwi_reset_tx_ring(sc, &sc->txq[3]); 2747 iwi_reset_rx_ring(sc, &sc->rxq); 2748 2749 sc->sc_tx_timer = 0; 2750 ifp->if_timer = 0; 2751 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2752 } 2753 2754 static int 2755 iwi_sysctl_stats(SYSCTL_HANDLER_ARGS) 2756 { 2757 struct iwi_softc *sc = arg1; 2758 struct ifnet *ifp = &sc->sc_ic.ic_if; 2759 uint32_t size, buf[128]; 2760 2761 lwkt_serialize_enter(ifp->if_serializer); 2762 2763 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 2764 memset(buf, 0, sizeof buf); 2765 goto back; 2766 } 2767 2768 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 2769 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 2770 back: 2771 lwkt_serialize_exit(ifp->if_serializer); 2772 return SYSCTL_OUT(req, buf, sizeof buf); 2773 } 2774 2775 static int 2776 iwi_sysctl_radio(SYSCTL_HANDLER_ARGS) 2777 { 2778 struct iwi_softc *sc = arg1; 2779 struct ifnet *ifp = &sc->sc_ic.ic_if; 2780 int val; 2781 2782 lwkt_serialize_enter(ifp->if_serializer); 2783 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 2784 lwkt_serialize_exit(ifp->if_serializer); 2785 2786 return SYSCTL_OUT(req, &val, sizeof val); 2787 } 2788 2789 static const int8_t iwi_bitmap[256] = { 2790 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2791 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2792 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2793 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2794 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2795 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2796 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2797 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 7, 2798 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2799 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2800 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2801 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2802 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2803 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2804 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2805 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, -1 2806 }; 2807 2808 static int 2809 iwi_alloc_ibss_node(struct iwi_softc *sc) 2810 { 2811 int i; 2812 2813 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2814 2815 for (i = 0; i < IWI_MAX_IBSSNODE_NBYTE; ++i) { 2816 int ret; 2817 2818 ret = iwi_bitmap[sc->sc_ibss_node[i]]; 2819 if (ret != -1) { 2820 sc->sc_ibss_node[i] |= (1 << ret); 2821 ret += (i * NBBY); 2822 return ret; 2823 } 2824 } 2825 return -1; 2826 } 2827 2828 static void 2829 iwi_free_ibss_node(struct iwi_softc *sc, int ibss_node) 2830 { 2831 int i, b; 2832 2833 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2834 KASSERT(ibss_node < IWI_MAX_IBSSNODE, ("free ibss node, out of range")); 2835 2836 i = ibss_node / NBBY; 2837 b = ibss_node % NBBY; 2838 2839 sc->sc_ibss_node[i] &= ~(1 << b); 2840 } 2841