1 /* 2 * Copyright (c) 2004-2006 3 * Damien Bergamini <damien.bergamini@free.fr>. 4 * Copyright (c) 2004, 2005 5 * Andrew Atrens <atrens@nortelnetworks.com>. 6 * 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice unmodified, this list of conditions, and the following 14 * disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.8.2.6 2006/02/23 02:06:46 sam Exp $ 32 * $DragonFly: src/sys/dev/netif/iwi/if_iwi.c,v 1.21 2008/05/14 11:59:20 sephe Exp $ 33 */ 34 35 /*- 36 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 37 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 38 */ 39 40 #include <sys/param.h> 41 #include <sys/sysctl.h> 42 #include <sys/sockio.h> 43 #include <sys/mbuf.h> 44 #include <sys/kernel.h> 45 #include <sys/kthread.h> 46 #include <sys/interrupt.h> 47 #include <sys/socket.h> 48 #include <sys/systm.h> 49 #include <sys/malloc.h> 50 #include <sys/module.h> 51 #include <sys/endian.h> 52 #include <sys/proc.h> 53 #include <sys/ucred.h> 54 #include <sys/bus.h> 55 #include <sys/rman.h> 56 #include <sys/serialize.h> 57 58 #include <bus/pci/pcidevs.h> 59 #include <bus/pci/pcireg.h> 60 #include <bus/pci/pcivar.h> 61 62 #include <net/bpf.h> 63 #include <net/if.h> 64 #include <net/if_arp.h> 65 #include <net/ethernet.h> 66 #include <net/if_dl.h> 67 #include <net/if_media.h> 68 #include <net/if_types.h> 69 #include <net/ifq_var.h> 70 71 #include <netproto/802_11/ieee80211_var.h> 72 #include <netproto/802_11/ieee80211_radiotap.h> 73 74 #include <netinet/in.h> 75 #include <netinet/in_systm.h> 76 #include <netinet/in_var.h> 77 #include <netinet/ip.h> 78 #include <netinet/if_ether.h> 79 80 #include <dev/netif/iwi/if_iwireg.h> 81 #include <dev/netif/iwi/if_iwivar.h> 82 83 #ifdef IWI_DEBUG 84 #define DPRINTF(x) do { if (iwi_debug > 0) kprintf x; } while (0) 85 #define DPRINTFN(n, x) do { if (iwi_debug >= (n)) kprintf x; } while (0) 86 int iwi_debug = 0; 87 SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level"); 88 #else 89 #define DPRINTF(x) 90 #define DPRINTFN(n, x) 91 #endif 92 93 static struct iwi_ident { 94 uint16_t vendor; 95 uint16_t device; 96 const char *name; 97 } iwi_ident_table[] = { 98 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2200BG, 99 "Intel(R) PRO/Wireless 2200BG" }, 100 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2225BG, 101 "Intel(R) PRO/Wireless 2225BG" }, 102 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1, 103 "Intel(R) PRO/Wireless 2915ABG" }, 104 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2, 105 "Intel(R) PRO/Wireless 2915ABG" }, 106 { 0, 0, NULL } 107 }; 108 109 static void iwi_fw_monitor(void *); 110 static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 111 static void iwi_dma_map_mbuf(void *, bus_dma_segment_t *, int, bus_size_t, 112 int); 113 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 114 int); 115 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 116 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 117 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 118 int, bus_addr_t, bus_addr_t); 119 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 120 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 121 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 122 int); 123 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 124 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 125 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 126 static void iwi_node_free(struct ieee80211_node *); 127 static int iwi_media_change(struct ifnet *); 128 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 129 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 130 static int iwi_wme_update(struct ieee80211com *); 131 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 132 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 133 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 134 struct iwi_frame *); 135 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 136 static void iwi_rx_intr(struct iwi_softc *); 137 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 138 static void iwi_intr(void *); 139 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 140 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 141 static int iwi_tx_start(struct ifnet *, struct mbuf *, 142 struct ieee80211_node *, int); 143 static void iwi_start(struct ifnet *); 144 static void iwi_watchdog(struct ifnet *); 145 static int iwi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 146 static void iwi_stop_master(struct iwi_softc *); 147 static int iwi_reset(struct iwi_softc *); 148 static int iwi_load_ucode(struct iwi_softc *, void *, int); 149 static int iwi_load_firmware(struct iwi_softc *, void *, int); 150 static int iwi_cache_firmware(struct iwi_softc *, void *); 151 static void iwi_free_firmware(struct iwi_softc *); 152 static int iwi_config(struct iwi_softc *); 153 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 154 static int iwi_scan(struct iwi_softc *); 155 static int iwi_auth_and_assoc(struct iwi_softc *); 156 static void iwi_init(void *); 157 static void iwi_stop(void *); 158 static int iwi_sysctl_stats(SYSCTL_HANDLER_ARGS); 159 static int iwi_sysctl_radio(SYSCTL_HANDLER_ARGS); 160 161 static int iwi_probe(device_t); 162 static int iwi_attach(device_t); 163 static int iwi_detach(device_t); 164 static int iwi_shutdown(device_t); 165 static int iwi_suspend(device_t); 166 static int iwi_resume(device_t); 167 168 static int iwi_alloc_ibss_node(struct iwi_softc *); 169 static void iwi_free_ibss_node(struct iwi_softc *, int); 170 171 static device_method_t iwi_methods[] = { 172 /* Device interface */ 173 DEVMETHOD(device_probe, iwi_probe), 174 DEVMETHOD(device_attach, iwi_attach), 175 DEVMETHOD(device_detach, iwi_detach), 176 DEVMETHOD(device_shutdown, iwi_shutdown), 177 DEVMETHOD(device_suspend, iwi_suspend), 178 DEVMETHOD(device_resume, iwi_resume), 179 180 { 0, 0 } 181 }; 182 183 static driver_t iwi_driver = { 184 "iwi", 185 iwi_methods, 186 sizeof (struct iwi_softc) 187 }; 188 189 static devclass_t iwi_devclass; 190 191 DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0); 192 193 MODULE_DEPEND(iwi, pci, 1, 1, 1); 194 MODULE_DEPEND(iwi, wlan, 1, 1, 1); 195 196 /* 197 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 198 */ 199 static const struct ieee80211_rateset iwi_rateset_11a = 200 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 201 202 static const struct ieee80211_rateset iwi_rateset_11b = 203 { 4, { 2, 4, 11, 22 } }; 204 205 static const struct ieee80211_rateset iwi_rateset_11g = 206 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 207 208 static void 209 iwi_fw_monitor(void *arg) 210 { 211 struct iwi_softc *sc = arg; 212 struct ifnet *ifp = &sc->sc_ic.ic_if; 213 214 lwkt_serialize_enter(ifp->if_serializer); 215 for (;;) { 216 int error = 0; 217 218 /* 219 * Test to see whether we are detaching, 220 * this is used to avoid race condition 221 * especially when attaching fails. 222 */ 223 if ((sc->flags & IWI_FLAG_EXIT) == 0) { 224 crit_enter(); 225 tsleep_interlock(IWI_FW_WAKE_MONITOR(sc)); 226 lwkt_serialize_exit(ifp->if_serializer); 227 error = tsleep(IWI_FW_WAKE_MONITOR(sc), 228 0, "iwifwm", 0); 229 crit_exit(); 230 lwkt_serialize_enter(ifp->if_serializer); 231 } 232 233 if (error == 0) { 234 int boff; 235 236 if (sc->flags & IWI_FLAG_EXIT) 237 break; 238 else if ((sc->flags & IWI_FLAG_RESET) == 0) 239 continue; 240 241 if_printf(ifp, "reset firmware\n"); 242 for (boff = 1; sc->flags & IWI_FLAG_RESET; boff++) { 243 iwi_init(sc); 244 if (sc->flags & IWI_FLAG_FW_INITED) { 245 sc->flags &= ~IWI_FLAG_RESET; 246 } else if (boff > 10) { /* XXX */ 247 if_printf(ifp, "fw reset failed. " 248 "retrying...\n"); 249 250 /* XXX avoid to sleep to long */ 251 boff = 1; 252 } 253 254 /* 255 * Since this would be infinite loop, 256 * if reseting firmware never succeeded, 257 * we test to see whether we are detaching. 258 */ 259 if (sc->flags & IWI_FLAG_EXIT) 260 break; 261 262 crit_enter(); 263 tsleep_interlock(IWI_FW_CMD_ACKED(sc)); 264 lwkt_serialize_exit(ifp->if_serializer); 265 error = tsleep(IWI_FW_CMD_ACKED(sc), 0, 266 "iwirun", boff * hz); 267 crit_exit(); 268 lwkt_serialize_enter(ifp->if_serializer); 269 } 270 } 271 } 272 lwkt_serialize_exit(ifp->if_serializer); 273 274 if_printf(ifp, "fw monitor exiting\n"); 275 wakeup(IWI_FW_EXIT_MONITOR(sc)); 276 kthread_exit(); 277 } 278 279 static int 280 iwi_probe(device_t dev) 281 { 282 const struct iwi_ident *ident; 283 uint16_t vid, did; 284 285 vid = pci_get_vendor(dev); 286 did = pci_get_device(dev); 287 for (ident = iwi_ident_table; ident->name != NULL; ident++) { 288 if (vid == ident->vendor && did == ident->device) { 289 device_set_desc(dev, ident->name); 290 return 0; 291 } 292 } 293 return ENXIO; 294 } 295 296 /* Base Address Register */ 297 #define IWI_PCI_BAR0 0x10 298 299 static int 300 iwi_attach(device_t dev) 301 { 302 struct iwi_softc *sc = device_get_softc(dev); 303 struct ieee80211com *ic = &sc->sc_ic; 304 struct ifnet *ifp = &ic->ic_if; 305 uint16_t val; 306 int error, i; 307 308 sc->sc_dev = dev; 309 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 310 311 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { 312 device_printf(dev, "chip is in D%d power mode " 313 "-- setting to D0\n", pci_get_powerstate(dev)); 314 pci_set_powerstate(dev, PCI_POWERSTATE_D0); 315 } 316 317 pci_write_config(dev, 0x41, 0, 1); 318 319 /* enable bus-mastering */ 320 pci_enable_busmaster(dev); 321 322 sc->mem_rid = IWI_PCI_BAR0; 323 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid, 324 RF_ACTIVE); 325 if (sc->mem == NULL) { 326 device_printf(dev, "could not allocate memory resource\n"); 327 return ENXIO; 328 } 329 sc->sc_st = rman_get_bustag(sc->mem); 330 sc->sc_sh = rman_get_bushandle(sc->mem); 331 332 sc->irq_rid = 0; 333 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid, 334 RF_ACTIVE | RF_SHAREABLE); 335 if (sc->irq == NULL) { 336 device_printf(dev, "could not allocate interrupt resource\n"); 337 goto fail; 338 } 339 340 if (iwi_reset(sc) != 0) { 341 device_printf(dev, "could not reset adapter\n"); 342 goto fail; 343 } 344 345 /* 346 * Allocate rings. 347 */ 348 error = iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT); 349 if (error != 0) { 350 device_printf(dev, "could not allocate Cmd ring\n"); 351 goto fail; 352 } 353 354 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 355 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 356 if (error != 0) { 357 device_printf(dev, "could not allocate Tx ring 1\n"); 358 goto fail; 359 } 360 361 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 362 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 363 if (error != 0) { 364 device_printf(dev, "could not allocate Tx ring 2\n"); 365 goto fail; 366 } 367 368 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 369 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 370 if (error != 0) { 371 device_printf(dev, "could not allocate Tx ring 3\n"); 372 goto fail; 373 } 374 375 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 376 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 377 if (error != 0) { 378 device_printf(dev, "could not allocate Tx ring 4\n"); 379 goto fail; 380 } 381 382 error = iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT); 383 if (error != 0) { 384 device_printf(dev, "could not allocate Rx ring\n"); 385 goto fail; 386 } 387 388 sysctl_ctx_init(&sc->sysctl_ctx); 389 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx, 390 SYSCTL_STATIC_CHILDREN(_hw), 391 OID_AUTO, 392 device_get_nameunit(dev), 393 CTLFLAG_RD, 394 0, ""); 395 if (sc->sysctl_tree == NULL) { 396 device_printf(dev, "sysctl add node failed\n"); 397 error = EIO; 398 goto fail; 399 } 400 401 ifp->if_softc = sc; 402 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 403 ifp->if_init = iwi_init; 404 ifp->if_ioctl = iwi_ioctl; 405 ifp->if_start = iwi_start; 406 ifp->if_watchdog = iwi_watchdog; 407 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN); 408 ifq_set_ready(&ifp->if_snd); 409 410 ic->ic_wme.wme_update = iwi_wme_update; 411 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 412 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 413 ic->ic_state = IEEE80211_S_INIT; 414 415 /* set device capabilities */ 416 ic->ic_caps = 417 IEEE80211_C_IBSS | /* IBSS mode supported */ 418 IEEE80211_C_MONITOR | /* monitor mode supported */ 419 IEEE80211_C_TXPMGT | /* tx power management */ 420 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 421 IEEE80211_C_WPA | /* 802.11i */ 422 IEEE80211_C_WME; /* 802.11e */ 423 424 /* read MAC address from EEPROM */ 425 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 426 ic->ic_myaddr[0] = val & 0xff; 427 ic->ic_myaddr[1] = val >> 8; 428 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 429 ic->ic_myaddr[2] = val & 0xff; 430 ic->ic_myaddr[3] = val >> 8; 431 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 432 ic->ic_myaddr[4] = val & 0xff; 433 ic->ic_myaddr[5] = val >> 8; 434 435 if (pci_get_device(dev) >= 0x4223) { 436 /* set supported .11a rates (2915ABG only) */ 437 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 438 439 /* set supported .11a channels */ 440 for (i = 36; i <= 64; i += 4) { 441 ic->ic_channels[i].ic_freq = 442 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 443 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 444 } 445 for (i = 149; i <= 165; i += 4) { 446 ic->ic_channels[i].ic_freq = 447 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 448 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 449 } 450 } 451 452 /* set supported .11b and .11g rates */ 453 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 454 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 455 456 /* set supported .11b and .11g channels (1 through 14) */ 457 for (i = 1; i <= 14; i++) { 458 ic->ic_channels[i].ic_freq = 459 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 460 ic->ic_channels[i].ic_flags = 461 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 462 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 463 } 464 465 ieee80211_ifattach(ic); 466 /* override default methods */ 467 ic->ic_node_alloc = iwi_node_alloc; 468 sc->sc_node_free = ic->ic_node_free; 469 ic->ic_node_free = iwi_node_free; 470 /* override state transition machine */ 471 sc->sc_newstate = ic->ic_newstate; 472 ic->ic_newstate = iwi_newstate; 473 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 474 475 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO, 476 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 477 478 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 479 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 480 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 481 482 sc->sc_txtap_len = sizeof sc->sc_txtapu; 483 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 484 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 485 486 /* 487 * Add a few sysctl knobs. 488 */ 489 sc->dwelltime = 100; 490 sc->bluetooth = 1; 491 sc->antenna = 0; 492 493 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 494 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "radio", 495 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I", 496 "radio transmitter switch state (0=off, 1=on)"); 497 498 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 499 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "stats", 500 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S", 501 "statistics"); 502 503 SYSCTL_ADD_INT(&sc->sysctl_ctx, 504 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell", 505 CTLFLAG_RW, &sc->dwelltime, 0, 506 "channel dwell time (ms) for AP/station scanning"); 507 508 SYSCTL_ADD_INT(&sc->sysctl_ctx, 509 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "bluetooth", 510 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence"); 511 512 SYSCTL_ADD_INT(&sc->sysctl_ctx, 513 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "antenna", 514 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)"); 515 516 /* 517 * Start firmware monitoring thread 518 * 519 * NOTE: 520 * This should be done only after serializer is initialized, 521 * i.e. after ieee80211_ifattach(), because serializer will be 522 * held once iwi_fw_monitor() is entered. 523 */ 524 error = kthread_create(iwi_fw_monitor, sc, &sc->sc_fw_monitor, 525 "%s:fw-monitor", device_get_nameunit(dev)); 526 if (error) { 527 device_printf(dev, "could not create fw monitor\n"); 528 goto fail1; 529 } 530 sc->flags |= IWI_FLAG_MONITOR; 531 532 /* 533 * Hook our interrupt after all initialization is complete. 534 */ 535 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, iwi_intr, sc, 536 &sc->sc_ih, ifp->if_serializer); 537 if (error != 0) { 538 device_printf(dev, "could not set up interrupt\n"); 539 goto fail1; 540 } 541 542 ifp->if_cpuid = ithread_cpuid(rman_get_start(sc->irq)); 543 KKASSERT(ifp->if_cpuid >= 0 && ifp->if_cpuid < ncpus); 544 545 if (bootverbose) 546 ieee80211_announce(ic); 547 548 return 0; 549 550 fail1: 551 bpfdetach(ifp); 552 ieee80211_ifdetach(ic); 553 fail: 554 iwi_detach(dev); 555 return ENXIO; 556 } 557 558 static int 559 iwi_detach(device_t dev) 560 { 561 struct iwi_softc *sc = device_get_softc(dev); 562 struct ieee80211com *ic = &sc->sc_ic; 563 struct ifnet *ifp = ic->ic_ifp; 564 565 if (sc->flags & IWI_FLAG_MONITOR) { 566 lwkt_serialize_enter(ifp->if_serializer); 567 sc->flags |= IWI_FLAG_EXIT; 568 wakeup(IWI_FW_WAKE_MONITOR(sc)); 569 570 crit_enter(); 571 tsleep_interlock(IWI_FW_EXIT_MONITOR(sc)); 572 lwkt_serialize_exit(ifp->if_serializer); 573 tsleep(IWI_FW_EXIT_MONITOR(sc), 0, "iwiexi", 0); 574 crit_exit(); 575 /* No need to hold serializer again */ 576 577 if_printf(ifp, "fw monitor exited\n"); 578 } 579 580 if (device_is_attached(dev)) { 581 lwkt_serialize_enter(ifp->if_serializer); 582 583 iwi_stop(sc); 584 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 585 iwi_free_firmware(sc); 586 587 lwkt_serialize_exit(ifp->if_serializer); 588 589 bpfdetach(ifp); 590 ieee80211_ifdetach(ic); 591 } 592 593 iwi_free_cmd_ring(sc, &sc->cmdq); 594 iwi_free_tx_ring(sc, &sc->txq[0]); 595 iwi_free_tx_ring(sc, &sc->txq[1]); 596 iwi_free_tx_ring(sc, &sc->txq[2]); 597 iwi_free_tx_ring(sc, &sc->txq[3]); 598 iwi_free_rx_ring(sc, &sc->rxq); 599 600 if (sc->irq != NULL) 601 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq); 602 603 if (sc->mem != NULL) 604 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem); 605 606 if (sc->sysctl_tree != NULL) 607 sysctl_ctx_free(&sc->sysctl_ctx); 608 609 return 0; 610 } 611 612 static void 613 iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 614 { 615 if (error != 0) 616 return; 617 618 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 619 620 *(bus_addr_t *)arg = segs[0].ds_addr; 621 } 622 623 static int 624 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count) 625 { 626 int error; 627 628 ring->count = count; 629 ring->queued = 0; 630 ring->cur = ring->next = 0; 631 632 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 633 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_CMD_DESC_SIZE, 1, 634 count * IWI_CMD_DESC_SIZE, 0, &ring->desc_dmat); 635 if (error != 0) { 636 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 637 goto fail; 638 } 639 640 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 641 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 642 if (error != 0) { 643 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 644 goto fail; 645 } 646 647 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 648 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 649 if (error != 0) { 650 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 651 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 652 ring->desc = NULL; 653 return error; 654 } 655 656 return 0; 657 658 fail: iwi_free_cmd_ring(sc, ring); 659 return error; 660 } 661 662 static void 663 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 664 { 665 ring->queued = 0; 666 ring->cur = ring->next = 0; 667 } 668 669 static void 670 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 671 { 672 if (ring->desc != NULL) { 673 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 674 BUS_DMASYNC_POSTWRITE); 675 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 676 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 677 ring->desc = NULL; 678 } 679 680 if (ring->desc_dmat != NULL) { 681 bus_dma_tag_destroy(ring->desc_dmat); 682 ring->desc_dmat = NULL; 683 } 684 } 685 686 static int 687 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count, 688 bus_addr_t csr_ridx, bus_addr_t csr_widx) 689 { 690 int i, error; 691 692 ring->count = count; 693 ring->queued = 0; 694 ring->cur = ring->next = 0; 695 ring->csr_ridx = csr_ridx; 696 ring->csr_widx = csr_widx; 697 698 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 699 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_TX_DESC_SIZE, 1, 700 count * IWI_TX_DESC_SIZE, 0, &ring->desc_dmat); 701 if (error != 0) { 702 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 703 goto fail; 704 } 705 706 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 707 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 708 if (error != 0) { 709 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 710 goto fail; 711 } 712 713 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 714 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 715 if (error != 0) { 716 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 717 718 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 719 ring->desc = NULL; 720 goto fail; 721 } 722 723 ring->data = kmalloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 724 M_WAITOK | M_ZERO); 725 726 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 727 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, IWI_MAX_NSEG - 2, 728 MCLBYTES, 0, &ring->data_dmat); 729 if (error != 0) { 730 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 731 goto fail; 732 } 733 734 for (i = 0; i < count; i++) { 735 error = bus_dmamap_create(ring->data_dmat, 0, 736 &ring->data[i].map); 737 if (error != 0) { 738 device_printf(sc->sc_dev, "could not create DMA map\n"); 739 goto fail; 740 } 741 } 742 743 return 0; 744 745 fail: iwi_free_tx_ring(sc, ring); 746 return error; 747 } 748 749 static void 750 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 751 { 752 struct iwi_tx_data *data; 753 int i; 754 755 for (i = 0; i < ring->count; i++) { 756 data = &ring->data[i]; 757 758 if (data->m != NULL) { 759 bus_dmamap_sync(ring->data_dmat, data->map, 760 BUS_DMASYNC_POSTWRITE); 761 bus_dmamap_unload(ring->data_dmat, data->map); 762 m_freem(data->m); 763 data->m = NULL; 764 } 765 766 if (data->ni != NULL) { 767 ieee80211_free_node(data->ni); 768 data->ni = NULL; 769 } 770 } 771 772 ring->queued = 0; 773 ring->cur = ring->next = 0; 774 } 775 776 static void 777 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 778 { 779 struct iwi_tx_data *data; 780 int i; 781 782 if (ring->desc != NULL) { 783 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 784 BUS_DMASYNC_POSTWRITE); 785 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 786 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 787 ring->desc = NULL; 788 } 789 790 if (ring->desc_dmat != NULL) { 791 bus_dma_tag_destroy(ring->desc_dmat); 792 ring->desc_dmat = NULL; 793 } 794 795 if (ring->data != NULL) { 796 for (i = 0; i < ring->count; i++) { 797 data = &ring->data[i]; 798 799 if (data->m != NULL) { 800 bus_dmamap_sync(ring->data_dmat, data->map, 801 BUS_DMASYNC_POSTWRITE); 802 bus_dmamap_unload(ring->data_dmat, data->map); 803 m_freem(data->m); 804 data->m = NULL; 805 } 806 807 if (data->ni != NULL) { 808 ieee80211_free_node(data->ni); 809 data->ni = NULL; 810 } 811 812 if (data->map != NULL) { 813 bus_dmamap_destroy(ring->data_dmat, data->map); 814 data->map = NULL; 815 } 816 } 817 818 kfree(ring->data, M_DEVBUF); 819 ring->data = NULL; 820 } 821 822 if (ring->data_dmat != NULL) { 823 bus_dma_tag_destroy(ring->data_dmat); 824 ring->data_dmat = NULL; 825 } 826 } 827 828 static int 829 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count) 830 { 831 struct iwi_rx_data *data; 832 int i, error; 833 834 ring->count = count; 835 ring->cur = 0; 836 837 ring->data = kmalloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 838 M_WAITOK | M_ZERO); 839 840 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 841 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, 842 &ring->data_dmat); 843 if (error != 0) { 844 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 845 goto fail; 846 } 847 848 for (i = 0; i < count; i++) { 849 data = &ring->data[i]; 850 851 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 852 if (error != 0) { 853 device_printf(sc->sc_dev, "could not create DMA map\n"); 854 goto fail; 855 } 856 857 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR); 858 if (data->m == NULL) { 859 device_printf(sc->sc_dev, 860 "could not allocate rx mbuf\n"); 861 error = ENOMEM; 862 goto fail; 863 } 864 865 error = bus_dmamap_load(ring->data_dmat, data->map, 866 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 867 &data->physaddr, 0); 868 if (error != 0) { 869 device_printf(sc->sc_dev, 870 "could not load rx buf DMA map"); 871 872 m_freem(data->m); 873 data->m = NULL; 874 goto fail; 875 } 876 877 data->reg = IWI_CSR_RX_BASE + i * 4; 878 } 879 880 return 0; 881 882 fail: iwi_free_rx_ring(sc, ring); 883 return error; 884 } 885 886 static void 887 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 888 { 889 ring->cur = 0; 890 } 891 892 static void 893 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 894 { 895 struct iwi_rx_data *data; 896 int i; 897 898 if (ring->data != NULL) { 899 for (i = 0; i < ring->count; i++) { 900 data = &ring->data[i]; 901 902 if (data->m != NULL) { 903 bus_dmamap_sync(ring->data_dmat, data->map, 904 BUS_DMASYNC_POSTREAD); 905 bus_dmamap_unload(ring->data_dmat, data->map); 906 m_freem(data->m); 907 data->m = NULL; 908 } 909 910 if (data->map != NULL) { 911 bus_dmamap_destroy(ring->data_dmat, data->map); 912 data->map = NULL; 913 } 914 } 915 916 kfree(ring->data, M_DEVBUF); 917 ring->data = NULL; 918 } 919 920 if (ring->data_dmat != NULL) { 921 bus_dma_tag_destroy(ring->data_dmat); 922 ring->data_dmat = NULL; 923 } 924 } 925 926 static int 927 iwi_shutdown(device_t dev) 928 { 929 struct iwi_softc *sc = device_get_softc(dev); 930 struct ifnet *ifp = &sc->sc_ic.ic_if; 931 932 lwkt_serialize_enter(ifp->if_serializer); 933 iwi_stop(sc); 934 lwkt_serialize_exit(ifp->if_serializer); 935 936 return 0; 937 } 938 939 static int 940 iwi_suspend(device_t dev) 941 { 942 struct iwi_softc *sc = device_get_softc(dev); 943 struct ifnet *ifp = &sc->sc_ic.ic_if; 944 945 lwkt_serialize_enter(ifp->if_serializer); 946 iwi_stop(sc); 947 lwkt_serialize_exit(ifp->if_serializer); 948 949 return 0; 950 } 951 952 static int 953 iwi_resume(device_t dev) 954 { 955 struct iwi_softc *sc = device_get_softc(dev); 956 struct ifnet *ifp = sc->sc_ic.ic_ifp; 957 958 lwkt_serialize_enter(ifp->if_serializer); 959 960 pci_write_config(dev, 0x41, 0, 1); 961 962 if (ifp->if_flags & IFF_UP) { 963 ifp->if_init(ifp->if_softc); 964 if (ifp->if_flags & IFF_RUNNING) 965 if_devstart(ifp); 966 } 967 968 lwkt_serialize_exit(ifp->if_serializer); 969 970 return 0; 971 } 972 973 static struct ieee80211_node * 974 iwi_node_alloc(struct ieee80211_node_table *nt) 975 { 976 struct iwi_node *in; 977 978 in = kmalloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 979 if (in == NULL) 980 return NULL; 981 982 in->in_station = -1; 983 984 return &in->in_node; 985 } 986 987 static void 988 iwi_node_free(struct ieee80211_node *ni) 989 { 990 struct ieee80211com *ic = ni->ni_ic; 991 struct iwi_softc *sc = ic->ic_ifp->if_softc; 992 struct iwi_node *in = (struct iwi_node *)ni; 993 994 if (in->in_station != -1) 995 iwi_free_ibss_node(sc, in->in_station); 996 997 sc->sc_node_free(ni); 998 } 999 1000 static int 1001 iwi_media_change(struct ifnet *ifp) 1002 { 1003 struct iwi_softc *sc = ifp->if_softc; 1004 int error; 1005 1006 ASSERT_SERIALIZED(ifp->if_serializer); 1007 1008 error = ieee80211_media_change(ifp); 1009 if (error != ENETRESET) 1010 return error; 1011 1012 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1013 iwi_init(sc); 1014 return 0; 1015 } 1016 1017 /* 1018 * The firmware automatically adapts the transmit speed. We report its current 1019 * value here. 1020 */ 1021 static void 1022 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 1023 { 1024 struct iwi_softc *sc = ifp->if_softc; 1025 struct ieee80211com *ic = &sc->sc_ic; 1026 #define N(a) (sizeof (a) / sizeof (a[0])) 1027 static const struct { 1028 uint32_t val; 1029 int rate; 1030 } rates[] = { 1031 { IWI_RATE_DS1, 2 }, 1032 { IWI_RATE_DS2, 4 }, 1033 { IWI_RATE_DS5, 11 }, 1034 { IWI_RATE_DS11, 22 }, 1035 { IWI_RATE_OFDM6, 12 }, 1036 { IWI_RATE_OFDM9, 18 }, 1037 { IWI_RATE_OFDM12, 24 }, 1038 { IWI_RATE_OFDM18, 36 }, 1039 { IWI_RATE_OFDM24, 48 }, 1040 { IWI_RATE_OFDM36, 72 }, 1041 { IWI_RATE_OFDM48, 96 }, 1042 { IWI_RATE_OFDM54, 108 }, 1043 }; 1044 uint32_t val; 1045 int rate, i; 1046 1047 imr->ifm_status = IFM_AVALID; 1048 imr->ifm_active = IFM_IEEE80211; 1049 if (ic->ic_state == IEEE80211_S_RUN) 1050 imr->ifm_status |= IFM_ACTIVE; 1051 1052 /* read current transmission rate from adapter */ 1053 val = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE); 1054 1055 /* convert rate to 802.11 rate */ 1056 for (i = 0; i < N(rates) && rates[i].val != val; i++); 1057 rate = (i < N(rates)) ? rates[i].rate : 0; 1058 1059 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 1060 switch (ic->ic_opmode) { 1061 case IEEE80211_M_STA: 1062 break; 1063 1064 case IEEE80211_M_IBSS: 1065 imr->ifm_active |= IFM_IEEE80211_ADHOC; 1066 break; 1067 1068 case IEEE80211_M_MONITOR: 1069 imr->ifm_active |= IFM_IEEE80211_MONITOR; 1070 break; 1071 1072 case IEEE80211_M_AHDEMO: 1073 case IEEE80211_M_HOSTAP: 1074 /* should not get there */ 1075 break; 1076 } 1077 #undef N 1078 } 1079 1080 static int 1081 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1082 { 1083 struct ifnet *ifp = ic->ic_ifp; 1084 struct iwi_softc *sc = ifp->if_softc; 1085 enum ieee80211_state ostate; 1086 uint32_t tmp; 1087 1088 ostate = ic->ic_state; 1089 1090 switch (nstate) { 1091 case IEEE80211_S_SCAN: 1092 if (sc->flags & IWI_FLAG_SCANNING) 1093 break; 1094 1095 ieee80211_node_table_reset(&ic->ic_scan); 1096 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1097 sc->flags |= IWI_FLAG_SCANNING; 1098 iwi_scan(sc); 1099 break; 1100 1101 case IEEE80211_S_AUTH: 1102 iwi_auth_and_assoc(sc); 1103 break; 1104 1105 case IEEE80211_S_RUN: 1106 if (ic->ic_opmode == IEEE80211_M_IBSS) 1107 iwi_auth_and_assoc(sc); 1108 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1109 iwi_set_chan(sc, ic->ic_ibss_chan); 1110 1111 /* assoc led on */ 1112 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1113 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp | IWI_LED_ASSOC); 1114 1115 return sc->sc_newstate(ic, nstate, 1116 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1117 1118 case IEEE80211_S_ASSOC: 1119 break; 1120 1121 case IEEE80211_S_INIT: 1122 sc->flags &= ~IWI_FLAG_SCANNING; 1123 1124 if (ostate != IEEE80211_S_RUN) 1125 break; 1126 1127 /* assoc led off */ 1128 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1129 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp & ~IWI_LED_ASSOC); 1130 break; 1131 } 1132 1133 ic->ic_state = nstate; 1134 1135 return 0; 1136 } 1137 1138 /* 1139 * WME parameters coming from IEEE 802.11e specification. These values are 1140 * already declared in ieee80211_proto.c, but they are static so they can't 1141 * be reused here. 1142 */ 1143 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1144 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1145 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1146 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1147 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1148 }; 1149 1150 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1151 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1152 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1153 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1154 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1155 }; 1156 1157 static int 1158 iwi_wme_update(struct ieee80211com *ic) 1159 { 1160 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1161 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1162 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1163 struct iwi_wme_params wme[3]; 1164 const struct wmeParams *wmep; 1165 int ac; 1166 1167 /* 1168 * We shall not override firmware default WME values if WME is not 1169 * actually enabled. 1170 */ 1171 if (!(ic->ic_flags & IEEE80211_F_WME)) 1172 return 0; 1173 1174 for (ac = 0; ac < WME_NUM_AC; ac++) { 1175 /* set WME values for current operating mode */ 1176 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1177 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1178 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1179 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1180 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1181 wme[0].acm[ac] = wmep->wmep_acm; 1182 1183 /* set WME values for CCK modulation */ 1184 wmep = &iwi_wme_cck_params[ac]; 1185 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1186 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1187 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1188 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1189 wme[1].acm[ac] = wmep->wmep_acm; 1190 1191 /* set WME values for OFDM modulation */ 1192 wmep = &iwi_wme_ofdm_params[ac]; 1193 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1194 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1195 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1196 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1197 wme[2].acm[ac] = wmep->wmep_acm; 1198 } 1199 1200 DPRINTF(("Setting WME parameters\n")); 1201 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1202 #undef IWI_USEC 1203 #undef IWI_EXP2 1204 } 1205 1206 /* 1207 * Read 16 bits at address 'addr' from the serial EEPROM. 1208 */ 1209 static uint16_t 1210 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1211 { 1212 uint32_t tmp; 1213 uint16_t val; 1214 int n; 1215 1216 /* Clock C once before the first command */ 1217 IWI_EEPROM_CTL(sc, 0); 1218 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1219 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1220 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1221 1222 /* Write start bit (1) */ 1223 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1224 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1225 1226 /* Write READ opcode (10) */ 1227 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1228 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1229 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1230 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1231 1232 /* Write address A7-A0 */ 1233 for (n = 7; n >= 0; n--) { 1234 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1235 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1236 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1237 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1238 } 1239 1240 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1241 1242 /* Read data Q15-Q0 */ 1243 val = 0; 1244 for (n = 15; n >= 0; n--) { 1245 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1246 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1247 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1248 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1249 } 1250 1251 IWI_EEPROM_CTL(sc, 0); 1252 1253 /* Clear Chip Select and clock C */ 1254 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1255 IWI_EEPROM_CTL(sc, 0); 1256 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1257 1258 return val; 1259 } 1260 1261 /* 1262 * XXX: Hack to set the current channel to the value advertised in beacons or 1263 * probe responses. Only used during AP detection. 1264 */ 1265 static void 1266 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1267 { 1268 struct ieee80211_frame *wh; 1269 uint8_t subtype; 1270 uint8_t *frm, *efrm; 1271 1272 wh = mtod(m, struct ieee80211_frame *); 1273 1274 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1275 return; 1276 1277 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1278 1279 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1280 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1281 return; 1282 1283 frm = (uint8_t *)(wh + 1); 1284 efrm = mtod(m, uint8_t *) + m->m_len; 1285 1286 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1287 while (frm < efrm) { 1288 if (*frm == IEEE80211_ELEMID_DSPARMS) 1289 #if IEEE80211_CHAN_MAX < 255 1290 if (frm[2] <= IEEE80211_CHAN_MAX) 1291 #endif 1292 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1293 1294 frm += frm[1] + 2; 1295 } 1296 } 1297 1298 static void 1299 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1300 struct iwi_frame *frame) 1301 { 1302 struct ieee80211com *ic = &sc->sc_ic; 1303 struct ifnet *ifp = ic->ic_ifp; 1304 struct mbuf *mnew, *m; 1305 struct ieee80211_frame *wh; 1306 struct ieee80211_node *ni; 1307 int error; 1308 1309 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1310 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1311 1312 if (le16toh(frame->len) < sizeof (struct ieee80211_frame)) 1313 return; 1314 1315 /* 1316 * Try to allocate a new mbuf for this ring element and load it before 1317 * processing the current mbuf. If the ring element cannot be loaded, 1318 * drop the received packet and reuse the old mbuf. In the unlikely 1319 * case that the old mbuf can't be reloaded either, explicitly panic. 1320 */ 1321 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR); 1322 if (mnew == NULL) { 1323 ifp->if_ierrors++; 1324 return; 1325 } 1326 1327 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1328 1329 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1330 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr, 1331 0); 1332 if (error != 0) { 1333 m_freem(mnew); 1334 1335 /* try to reload the old mbuf */ 1336 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1337 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 1338 &data->physaddr, 0); 1339 if (error != 0) { 1340 /* very unlikely that it will fail... */ 1341 panic("%s: could not load old rx mbuf", 1342 device_get_name(sc->sc_dev)); 1343 } 1344 ifp->if_ierrors++; 1345 return; 1346 } 1347 1348 /* 1349 * New mbuf successfully loaded, update Rx ring and continue 1350 * processing. 1351 */ 1352 m = data->m; 1353 data->m = mnew; 1354 CSR_WRITE_4(sc, data->reg, data->physaddr); 1355 1356 /* Finalize mbuf */ 1357 m->m_pkthdr.rcvif = ifp; 1358 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1359 sizeof (struct iwi_frame) + le16toh(frame->len); 1360 1361 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1362 1363 if (ic->ic_state == IEEE80211_S_SCAN) 1364 iwi_fix_channel(ic, m); 1365 1366 if (sc->sc_drvbpf != NULL) { 1367 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1368 1369 tap->wr_flags = 0; 1370 tap->wr_rate = frame->rate; 1371 tap->wr_chan_freq = 1372 htole16(ic->ic_channels[frame->chan].ic_freq); 1373 tap->wr_chan_flags = 1374 htole16(ic->ic_channels[frame->chan].ic_flags); 1375 tap->wr_antsignal = frame->signal; 1376 tap->wr_antenna = frame->antenna; 1377 1378 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len); 1379 } 1380 1381 wh = mtod(m, struct ieee80211_frame *); 1382 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1383 1384 /* send the frame to the 802.11 layer */ 1385 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1386 1387 /* node is no longer needed */ 1388 ieee80211_free_node(ni); 1389 } 1390 1391 static void 1392 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1393 { 1394 struct ieee80211com *ic = &sc->sc_ic; 1395 struct iwi_notif_scan_channel *chan; 1396 struct iwi_notif_scan_complete *scan; 1397 struct iwi_notif_authentication *auth; 1398 struct iwi_notif_association *assoc; 1399 1400 switch (notif->type) { 1401 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1402 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1403 1404 DPRINTFN(2, ("Scanning channel (%u)\n", chan->nchan)); 1405 break; 1406 1407 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1408 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1409 1410 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1411 scan->status)); 1412 1413 /* monitor mode uses scan to set the channel ... */ 1414 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1415 sc->flags &= ~IWI_FLAG_SCANNING; 1416 ieee80211_end_scan(ic); 1417 } else 1418 iwi_set_chan(sc, ic->ic_ibss_chan); 1419 break; 1420 1421 case IWI_NOTIF_TYPE_AUTHENTICATION: 1422 auth = (struct iwi_notif_authentication *)(notif + 1); 1423 1424 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1425 1426 switch (auth->state) { 1427 case IWI_AUTHENTICATED: 1428 ieee80211_node_authorize(ic->ic_bss); 1429 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1430 break; 1431 1432 case IWI_DEAUTHENTICATED: 1433 break; 1434 1435 default: 1436 device_printf(sc->sc_dev, 1437 "unknown authentication state %u\n", auth->state); 1438 } 1439 break; 1440 1441 case IWI_NOTIF_TYPE_ASSOCIATION: 1442 assoc = (struct iwi_notif_association *)(notif + 1); 1443 1444 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1445 assoc->status)); 1446 1447 switch (assoc->state) { 1448 case IWI_AUTHENTICATED: 1449 /* re-association, do nothing */ 1450 break; 1451 1452 case IWI_ASSOCIATED: 1453 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1454 break; 1455 1456 case IWI_DEASSOCIATED: 1457 ieee80211_begin_scan(ic, 1); 1458 break; 1459 1460 default: 1461 device_printf(sc->sc_dev, 1462 "unknown association state %u\n", assoc->state); 1463 } 1464 break; 1465 1466 default: 1467 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1468 } 1469 } 1470 1471 static void 1472 iwi_rx_intr(struct iwi_softc *sc) 1473 { 1474 struct iwi_rx_data *data; 1475 struct iwi_hdr *hdr; 1476 uint32_t hw; 1477 1478 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1479 1480 for (; sc->rxq.cur != hw;) { 1481 data = &sc->rxq.data[sc->rxq.cur]; 1482 1483 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1484 BUS_DMASYNC_POSTREAD); 1485 1486 hdr = mtod(data->m, struct iwi_hdr *); 1487 1488 switch (hdr->type) { 1489 case IWI_HDR_TYPE_FRAME: 1490 iwi_frame_intr(sc, data, sc->rxq.cur, 1491 (struct iwi_frame *)(hdr + 1)); 1492 break; 1493 1494 case IWI_HDR_TYPE_NOTIF: 1495 iwi_notification_intr(sc, 1496 (struct iwi_notif *)(hdr + 1)); 1497 break; 1498 1499 default: 1500 device_printf(sc->sc_dev, "unknown hdr type %u\n", 1501 hdr->type); 1502 } 1503 1504 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1505 1506 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT; 1507 } 1508 1509 /* Tell the firmware what we have processed */ 1510 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1; 1511 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1512 } 1513 1514 static void 1515 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1516 { 1517 struct ieee80211com *ic = &sc->sc_ic; 1518 struct ifnet *ifp = ic->ic_ifp; 1519 struct iwi_tx_data *data; 1520 uint32_t hw; 1521 1522 hw = CSR_READ_4(sc, txq->csr_ridx); 1523 1524 for (; txq->next != hw;) { 1525 data = &txq->data[txq->next]; 1526 1527 bus_dmamap_sync(txq->data_dmat, data->map, 1528 BUS_DMASYNC_POSTWRITE); 1529 bus_dmamap_unload(txq->data_dmat, data->map); 1530 m_freem(data->m); 1531 data->m = NULL; 1532 ieee80211_free_node(data->ni); 1533 data->ni = NULL; 1534 1535 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1536 1537 ifp->if_opackets++; 1538 1539 txq->queued--; 1540 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT; 1541 } 1542 1543 sc->sc_tx_timer = 0; 1544 ifp->if_flags &= ~IFF_OACTIVE; 1545 if_devstart(ifp); 1546 } 1547 1548 static void 1549 iwi_intr(void *arg) 1550 { 1551 struct iwi_softc *sc = arg; 1552 uint32_t r; 1553 1554 r = CSR_READ_4(sc, IWI_CSR_INTR); 1555 if (r == 0 || r == 0xffffffff) 1556 return; 1557 1558 /* disable interrupts */ 1559 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1560 1561 if (r & IWI_INTR_FATAL_ERROR) { 1562 device_printf(sc->sc_dev, "fatal error\n"); 1563 1564 if ((sc->flags & (IWI_FLAG_EXIT | IWI_FLAG_RESET)) == 0) { 1565 sc->flags |= IWI_FLAG_RESET; 1566 device_printf(sc->sc_dev, "wake firmware monitor\n"); 1567 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1568 } 1569 } 1570 1571 if (r & IWI_INTR_PARITY_ERROR) { 1572 device_printf(sc->sc_dev, "parity error\n"); 1573 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1574 iwi_stop(sc); 1575 } 1576 1577 if (r & IWI_INTR_FW_INITED) { 1578 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1579 wakeup(IWI_FW_INITIALIZED(sc)); 1580 } 1581 1582 if (r & IWI_INTR_RADIO_OFF) { 1583 DPRINTF(("radio transmitter turned off\n")); 1584 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1585 iwi_stop(sc); 1586 } 1587 1588 if (r & IWI_INTR_CMD_DONE) 1589 wakeup(IWI_FW_CMD_ACKED(sc)); 1590 1591 if (r & IWI_INTR_TX1_DONE) 1592 iwi_tx_intr(sc, &sc->txq[0]); 1593 1594 if (r & IWI_INTR_TX2_DONE) 1595 iwi_tx_intr(sc, &sc->txq[1]); 1596 1597 if (r & IWI_INTR_TX3_DONE) 1598 iwi_tx_intr(sc, &sc->txq[2]); 1599 1600 if (r & IWI_INTR_TX4_DONE) 1601 iwi_tx_intr(sc, &sc->txq[3]); 1602 1603 if (r & IWI_INTR_RX_DONE) 1604 iwi_rx_intr(sc); 1605 1606 /* acknowledge interrupts */ 1607 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1608 1609 /* re-enable interrupts */ 1610 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 1611 } 1612 1613 static int 1614 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, int async) 1615 { 1616 struct iwi_cmd_desc *desc; 1617 struct ifnet *ifp = &sc->sc_ic.ic_if; 1618 int ret; 1619 1620 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1621 1622 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1623 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1624 desc->type = type; 1625 desc->len = len; 1626 memcpy(desc->data, data, len); 1627 1628 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map, 1629 BUS_DMASYNC_PREWRITE); 1630 1631 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1632 type, len)); 1633 1634 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT; 1635 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1636 1637 if (!async) { 1638 ASSERT_SERIALIZED(ifp->if_serializer); 1639 1640 crit_enter(); 1641 tsleep_interlock(IWI_FW_CMD_ACKED(sc)); 1642 lwkt_serialize_exit(ifp->if_serializer); 1643 ret = tsleep(IWI_FW_CMD_ACKED(sc), 0, "iwicmd", hz); 1644 crit_exit(); 1645 lwkt_serialize_enter(ifp->if_serializer); 1646 } else { 1647 ret = 0; 1648 } 1649 1650 return ret; 1651 } 1652 1653 static void 1654 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1655 { 1656 struct iwi_ibssnode node; 1657 1658 /* write node information into NIC memory */ 1659 memset(&node, 0, sizeof node); 1660 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1661 1662 CSR_WRITE_REGION_1(sc, 1663 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1664 (uint8_t *)&node, sizeof node); 1665 } 1666 1667 struct iwi_dma_mapping { 1668 bus_dma_segment_t segs[IWI_MAX_NSEG]; 1669 int nseg; 1670 bus_size_t mapsize; 1671 }; 1672 1673 static void 1674 iwi_dma_map_mbuf(void *arg, bus_dma_segment_t *segs, int nseg, 1675 bus_size_t mapsize, int error) 1676 { 1677 struct iwi_dma_mapping *map = arg; 1678 1679 if (error != 0) 1680 return; 1681 1682 KASSERT(nseg <= IWI_MAX_NSEG, ("too many DMA segments %d", nseg)); 1683 1684 bcopy(segs, map->segs, nseg * sizeof(bus_dma_segment_t)); 1685 map->nseg = nseg; 1686 map->mapsize = mapsize; 1687 } 1688 1689 static int 1690 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1691 int ac) 1692 { 1693 struct iwi_softc *sc = ifp->if_softc; 1694 struct ieee80211com *ic = &sc->sc_ic; 1695 struct iwi_node *in = (struct iwi_node *)ni; 1696 struct ieee80211_frame *wh; 1697 struct ieee80211_key *k; 1698 const struct chanAccParams *cap; 1699 struct iwi_tx_ring *txq = &sc->txq[ac]; 1700 struct iwi_tx_data *data; 1701 struct iwi_tx_desc *desc; 1702 struct mbuf *mnew; 1703 struct iwi_dma_mapping map; 1704 int error, hdrlen, i, noack = 0; 1705 1706 wh = mtod(m0, struct ieee80211_frame *); 1707 1708 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1709 hdrlen = sizeof (struct ieee80211_qosframe); 1710 cap = &ic->ic_wme.wme_chanParams; 1711 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1712 } else 1713 hdrlen = sizeof (struct ieee80211_frame); 1714 1715 /* 1716 * This is only used in IBSS mode where the firmware expect an index 1717 * in a h/w table instead of a destination address. 1718 */ 1719 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1720 in->in_station = iwi_alloc_ibss_node(sc); 1721 if (in->in_station == -1) { /* h/w table is full */ 1722 m_freem(m0); 1723 ieee80211_free_node(ni); 1724 ifp->if_oerrors++; 1725 if_printf(ifp, "ibss table is full\n"); 1726 return 0; 1727 } 1728 iwi_write_ibssnode(sc, in); 1729 } 1730 1731 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1732 k = ieee80211_crypto_encap(ic, ni, m0); 1733 if (k == NULL) { 1734 m_freem(m0); 1735 return ENOBUFS; 1736 } 1737 1738 /* packet header may have moved, reset our local pointer */ 1739 wh = mtod(m0, struct ieee80211_frame *); 1740 } 1741 1742 if (sc->sc_drvbpf != NULL) { 1743 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1744 1745 tap->wt_flags = 0; 1746 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1747 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1748 1749 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len); 1750 } 1751 1752 data = &txq->data[txq->cur]; 1753 desc = &txq->desc[txq->cur]; 1754 1755 /* save and trim IEEE802.11 header */ 1756 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1757 m_adj(m0, hdrlen); 1758 1759 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1760 iwi_dma_map_mbuf, &map, BUS_DMA_NOWAIT); 1761 if (error != 0 && error != EFBIG) { 1762 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1763 error); 1764 m_freem(m0); 1765 return error; 1766 } 1767 if (error != 0) { 1768 mnew = m_defrag(m0, MB_DONTWAIT); 1769 if (mnew == NULL) { 1770 device_printf(sc->sc_dev, 1771 "could not defragment mbuf\n"); 1772 m_freem(m0); 1773 return ENOBUFS; 1774 } 1775 m0 = mnew; 1776 1777 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1778 iwi_dma_map_mbuf, &map, 1779 BUS_DMA_NOWAIT); 1780 if (error != 0) { 1781 device_printf(sc->sc_dev, 1782 "could not map mbuf (error %d)\n", error); 1783 m_freem(m0); 1784 return error; 1785 } 1786 } 1787 1788 data->m = m0; 1789 data->ni = ni; 1790 1791 desc->hdr.type = IWI_HDR_TYPE_DATA; 1792 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1793 desc->station = 1794 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1795 desc->cmd = IWI_DATA_CMD_TX; 1796 desc->len = htole16(m0->m_pkthdr.len); 1797 desc->flags = 0; 1798 desc->xflags = 0; 1799 1800 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1801 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1802 1803 #if 0 1804 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1805 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1806 desc->weptxkey = ic->ic_crypto.cs_def_txkey; 1807 } else 1808 #endif 1809 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1810 1811 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1812 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1813 1814 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1815 desc->xflags |= IWI_DATA_XFLAG_QOS; 1816 1817 desc->nseg = htole32(map.nseg); 1818 for (i = 0; i < map.nseg; i++) { 1819 desc->seg_addr[i] = htole32(map.segs[i].ds_addr); 1820 desc->seg_len[i] = htole16(map.segs[i].ds_len); 1821 } 1822 1823 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1824 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1825 1826 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1827 ac, txq->cur, le16toh(desc->len), map.nseg)); 1828 1829 txq->queued++; 1830 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT; 1831 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1832 1833 return 0; 1834 } 1835 1836 static void 1837 iwi_start(struct ifnet *ifp) 1838 { 1839 struct iwi_softc *sc = ifp->if_softc; 1840 struct ieee80211com *ic = &sc->sc_ic; 1841 struct mbuf *m0; 1842 struct ether_header *eh; 1843 struct ieee80211_node *ni; 1844 int ac; 1845 1846 ieee80211_drain_mgtq(&ic->ic_mgtq); 1847 if (ic->ic_state != IEEE80211_S_RUN) { 1848 ifq_purge(&ifp->if_snd); 1849 return; 1850 } 1851 1852 for (;;) { 1853 m0 = ifq_dequeue(&ifp->if_snd, NULL); 1854 if (m0 == NULL) 1855 break; 1856 1857 if (m0->m_len < sizeof (struct ether_header) && 1858 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1859 ifp->if_oerrors++; 1860 continue; 1861 } 1862 eh = mtod(m0, struct ether_header *); 1863 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1864 if (ni == NULL) { 1865 m_freem(m0); 1866 ifp->if_oerrors++; 1867 continue; 1868 } 1869 1870 /* classify mbuf so we can find which tx ring to use */ 1871 if (ieee80211_classify(ic, m0, ni) != 0) { 1872 m_freem(m0); 1873 ieee80211_free_node(ni); 1874 ifp->if_oerrors++; 1875 continue; 1876 } 1877 1878 /* no QoS encapsulation for EAPOL frames */ 1879 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1880 M_WME_GETAC(m0) : WME_AC_BE; 1881 1882 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) { 1883 /* there is no place left in this ring */ 1884 m_freem(m0); 1885 ieee80211_free_node(ni); 1886 ifp->if_flags |= IFF_OACTIVE; 1887 break; 1888 } 1889 1890 BPF_MTAP(ifp, m0); 1891 1892 m0 = ieee80211_encap(ic, m0, ni); 1893 if (m0 == NULL) { 1894 ieee80211_free_node(ni); 1895 ifp->if_oerrors++; 1896 continue; 1897 } 1898 1899 if (ic->ic_rawbpf != NULL) 1900 bpf_mtap(ic->ic_rawbpf, m0); 1901 1902 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1903 ieee80211_free_node(ni); 1904 ifp->if_oerrors++; 1905 break; 1906 } 1907 1908 sc->sc_tx_timer = 5; 1909 ifp->if_timer = 1; 1910 } 1911 } 1912 1913 static void 1914 iwi_watchdog(struct ifnet *ifp) 1915 { 1916 struct iwi_softc *sc = ifp->if_softc; 1917 struct ieee80211com *ic = &sc->sc_ic; 1918 1919 ifp->if_timer = 0; 1920 1921 if (sc->sc_tx_timer > 0) { 1922 if (--sc->sc_tx_timer == 0) { 1923 if_printf(ifp, "device timeout\n"); 1924 ifp->if_oerrors++; 1925 sc->flags |= IWI_FLAG_RESET; 1926 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1927 return; 1928 } 1929 ifp->if_timer = 1; 1930 } 1931 1932 ieee80211_watchdog(ic); 1933 } 1934 1935 static int 1936 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 1937 { 1938 struct iwi_softc *sc = ifp->if_softc; 1939 struct ieee80211com *ic = &sc->sc_ic; 1940 struct ifreq *ifr; 1941 int error = 0; 1942 1943 switch (cmd) { 1944 case SIOCSIFFLAGS: 1945 if (ifp->if_flags & IFF_UP) { 1946 if (!(ifp->if_flags & IFF_RUNNING)) 1947 iwi_init(sc); 1948 } else { 1949 if (ifp->if_flags & IFF_RUNNING) 1950 iwi_stop(sc); 1951 } 1952 break; 1953 1954 case SIOCSLOADFW: 1955 /* only super-user can do that! */ 1956 error = suser_cred(cr, NULL_CRED_OKAY); 1957 if (error != 0) 1958 break; 1959 1960 ifr = (struct ifreq *)data; 1961 error = iwi_cache_firmware(sc, ifr->ifr_data); 1962 break; 1963 1964 case SIOCSKILLFW: 1965 /* only super-user can do that! */ 1966 error = suser_cred(cr, NULL_CRED_OKAY); 1967 if (error != 0) 1968 break; 1969 1970 ifp->if_flags &= ~IFF_UP; 1971 iwi_stop(sc); 1972 iwi_free_firmware(sc); 1973 break; 1974 1975 default: 1976 error = ieee80211_ioctl(ic, cmd, data, cr); 1977 } 1978 1979 if (error == ENETRESET) { 1980 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1981 (IFF_UP | IFF_RUNNING) && 1982 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1983 iwi_init(sc); 1984 error = 0; 1985 } 1986 1987 return error; 1988 } 1989 1990 static void 1991 iwi_stop_master(struct iwi_softc *sc) 1992 { 1993 uint32_t tmp; 1994 int ntries; 1995 1996 /* disable interrupts */ 1997 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1998 1999 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 2000 for (ntries = 0; ntries < 5; ntries++) { 2001 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2002 break; 2003 DELAY(10); 2004 } 2005 if (ntries == 5) 2006 if_printf(&sc->sc_ic.ic_if, "timeout waiting for master\n"); 2007 2008 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2009 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET); 2010 2011 sc->flags &= ~IWI_FLAG_FW_INITED; 2012 } 2013 2014 static int 2015 iwi_reset(struct iwi_softc *sc) 2016 { 2017 uint32_t tmp; 2018 int i, ntries; 2019 2020 iwi_stop_master(sc); 2021 2022 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2023 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2024 2025 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 2026 2027 /* Wait for clock stabilization */ 2028 for (ntries = 0; ntries < 1000; ntries++) { 2029 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 2030 break; 2031 DELAY(200); 2032 } 2033 if (ntries == 1000) { 2034 if_printf(&sc->sc_ic.ic_if, 2035 "timeout waiting for clock stabilization\n"); 2036 return EIO; 2037 } 2038 2039 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2040 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET); 2041 2042 DELAY(10); 2043 2044 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2045 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2046 2047 /* Clear NIC memory */ 2048 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2049 for (i = 0; i < 0xc000; i++) 2050 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2051 2052 return 0; 2053 } 2054 2055 static int 2056 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 2057 { 2058 uint32_t tmp; 2059 uint16_t *w; 2060 int ntries, i; 2061 2062 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2063 IWI_RST_STOP_MASTER); 2064 for (ntries = 0; ntries < 5; ntries++) { 2065 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2066 break; 2067 DELAY(10); 2068 } 2069 if (ntries == 5) { 2070 device_printf(sc->sc_dev, "timeout waiting for master\n"); 2071 return EIO; 2072 } 2073 2074 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2075 DELAY(5000); 2076 2077 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2078 tmp &= ~IWI_RST_PRINCETON_RESET; 2079 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2080 2081 DELAY(5000); 2082 MEM_WRITE_4(sc, 0x3000e0, 0); 2083 DELAY(1000); 2084 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 1); 2085 DELAY(1000); 2086 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 0); 2087 DELAY(1000); 2088 MEM_WRITE_1(sc, 0x200000, 0x00); 2089 MEM_WRITE_1(sc, 0x200000, 0x40); 2090 DELAY(1000); 2091 2092 /* write microcode into adapter memory */ 2093 for (w = uc; size > 0; w++, size -= 2) 2094 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2095 2096 MEM_WRITE_1(sc, 0x200000, 0x00); 2097 MEM_WRITE_1(sc, 0x200000, 0x80); 2098 2099 /* wait until we get an answer */ 2100 for (ntries = 0; ntries < 100; ntries++) { 2101 if (MEM_READ_1(sc, 0x200000) & 1) 2102 break; 2103 DELAY(100); 2104 } 2105 if (ntries == 100) { 2106 device_printf(sc->sc_dev, 2107 "timeout waiting for ucode to initialize\n"); 2108 return EIO; 2109 } 2110 2111 /* read the answer or the firmware will not initialize properly */ 2112 for (i = 0; i < 7; i++) 2113 MEM_READ_4(sc, 0x200004); 2114 2115 MEM_WRITE_1(sc, 0x200000, 0x00); 2116 2117 return 0; 2118 } 2119 2120 /* macro to handle unaligned little endian data in firmware image */ 2121 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2122 2123 static int 2124 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2125 { 2126 bus_dma_tag_t dmat; 2127 bus_dmamap_t map; 2128 bus_addr_t physaddr; 2129 void *virtaddr; 2130 u_char *p, *end; 2131 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp; 2132 int ntries, error = 0; 2133 struct ifnet *ifp = &sc->sc_ic.ic_if; 2134 2135 ASSERT_SERIALIZED(ifp->if_serializer); 2136 2137 /* Allocate DMA memory for mapping firmware image */ 2138 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 2139 BUS_SPACE_MAXADDR, NULL, NULL, size, 1, size, 0, &dmat); 2140 if (error != 0) { 2141 device_printf(sc->sc_dev, 2142 "could not create firmware DMA tag\n"); 2143 goto fail1; 2144 } 2145 2146 error = bus_dmamem_alloc(dmat, &virtaddr, BUS_DMA_WAITOK, &map); 2147 if (error != 0) { 2148 device_printf(sc->sc_dev, 2149 "could not allocate firmware DMA memory\n"); 2150 goto fail2; 2151 } 2152 2153 error = bus_dmamap_load(dmat, map, virtaddr, size, iwi_dma_map_addr, 2154 &physaddr, 0); 2155 if (error != 0) { 2156 device_printf(sc->sc_dev, "could not load firmware DMA map\n"); 2157 goto fail3; 2158 } 2159 2160 /* Copy firmware image to DMA memory */ 2161 memcpy(virtaddr, fw, size); 2162 2163 /* Make sure the adapter will get up-to-date values */ 2164 bus_dmamap_sync(dmat, map, BUS_DMASYNC_PREWRITE); 2165 2166 /* Tell the adapter where the command blocks are stored */ 2167 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2168 2169 /* 2170 * Store command blocks into adapter's internal memory using register 2171 * indirections. The adapter will read the firmware image through DMA 2172 * using information stored in command blocks. 2173 */ 2174 src = physaddr; 2175 p = virtaddr; 2176 end = p + size; 2177 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2178 2179 while (p < end) { 2180 dst = GETLE32(p); p += 4; src += 4; 2181 len = GETLE32(p); p += 4; src += 4; 2182 p += len; 2183 2184 while (len > 0) { 2185 mlen = min(len, IWI_CB_MAXDATALEN); 2186 2187 ctl = IWI_CB_DEFAULT_CTL | mlen; 2188 sum = ctl ^ src ^ dst; 2189 2190 /* Write a command block */ 2191 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2192 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src); 2193 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst); 2194 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2195 2196 src += mlen; 2197 dst += mlen; 2198 len -= mlen; 2199 } 2200 } 2201 2202 /* Write a fictive final command block (sentinel) */ 2203 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2204 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2205 2206 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2207 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER); 2208 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2209 2210 /* Tell the adapter to start processing command blocks */ 2211 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2212 2213 /* Wait until the adapter reaches the sentinel */ 2214 for (ntries = 0; ntries < 400; ntries++) { 2215 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2216 break; 2217 DELAY(100); 2218 } 2219 if (ntries == 400) { 2220 device_printf(sc->sc_dev, 2221 "timeout processing command blocks\n"); 2222 error = EIO; 2223 goto fail4; 2224 } 2225 2226 /* We're done with command blocks processing */ 2227 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2228 2229 /* Allow interrupts so we know when the firmware is ready */ 2230 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2231 2232 /* Tell the adapter to initialize the firmware */ 2233 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2234 2235 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2236 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY); 2237 2238 /* wait at most one second for firmware initialization to complete */ 2239 crit_enter(); 2240 tsleep_interlock(IWI_FW_INITIALIZED(sc)); 2241 lwkt_serialize_exit(ifp->if_serializer); 2242 error = tsleep(IWI_FW_INITIALIZED(sc), 0, "iwiinit", hz); 2243 crit_exit(); 2244 lwkt_serialize_enter(ifp->if_serializer); 2245 if (error != 0) { 2246 device_printf(sc->sc_dev, "timeout waiting for firmware " 2247 "initialization to complete\n"); 2248 goto fail4; 2249 } 2250 2251 fail4: bus_dmamap_sync(dmat, map, BUS_DMASYNC_POSTWRITE); 2252 bus_dmamap_unload(dmat, map); 2253 fail3: bus_dmamem_free(dmat, virtaddr, map); 2254 fail2: bus_dma_tag_destroy(dmat); 2255 fail1: 2256 return error; 2257 } 2258 2259 /* 2260 * Store firmware into kernel memory so we can download it when we need to, 2261 * e.g when the adapter wakes up from suspend mode. 2262 */ 2263 static int 2264 iwi_cache_firmware(struct iwi_softc *sc, void *data) 2265 { 2266 struct iwi_firmware *kfw = &sc->fw; 2267 struct iwi_firmware ufw; 2268 int error; 2269 2270 iwi_free_firmware(sc); 2271 2272 if ((error = copyin(data, &ufw, sizeof ufw)) != 0) 2273 return error; 2274 2275 kfw->boot_size = ufw.boot_size; 2276 kfw->ucode_size = ufw.ucode_size; 2277 kfw->main_size = ufw.main_size; 2278 2279 kfw->boot = kmalloc(kfw->boot_size, M_DEVBUF, M_WAITOK); 2280 kfw->ucode = kmalloc(kfw->ucode_size, M_DEVBUF, M_WAITOK); 2281 kfw->main = kmalloc(kfw->main_size, M_DEVBUF, M_WAITOK); 2282 2283 if ((error = copyin(ufw.boot, kfw->boot, kfw->boot_size)) != 0) 2284 goto fail; 2285 2286 if ((error = copyin(ufw.ucode, kfw->ucode, kfw->ucode_size)) != 0) 2287 goto fail; 2288 2289 if ((error = copyin(ufw.main, kfw->main, kfw->main_size)) != 0) 2290 goto fail; 2291 2292 DPRINTF(("Firmware cached: boot %u, ucode %u, main %u\n", 2293 kfw->boot_size, kfw->ucode_size, kfw->main_size)); 2294 2295 sc->flags |= IWI_FLAG_FW_CACHED; 2296 2297 return 0; 2298 2299 fail: 2300 kfree(kfw->boot, M_DEVBUF); 2301 kfree(kfw->ucode, M_DEVBUF); 2302 kfree(kfw->main, M_DEVBUF); 2303 2304 return error; 2305 } 2306 2307 static void 2308 iwi_free_firmware(struct iwi_softc *sc) 2309 { 2310 if (!(sc->flags & IWI_FLAG_FW_CACHED)) 2311 return; 2312 2313 kfree(sc->fw.boot, M_DEVBUF); 2314 kfree(sc->fw.ucode, M_DEVBUF); 2315 kfree(sc->fw.main, M_DEVBUF); 2316 2317 sc->flags &= ~IWI_FLAG_FW_CACHED; 2318 } 2319 2320 static int 2321 iwi_config(struct iwi_softc *sc) 2322 { 2323 struct ieee80211com *ic = &sc->sc_ic; 2324 struct ifnet *ifp = ic->ic_ifp; 2325 struct iwi_configuration config; 2326 struct iwi_rateset rs; 2327 struct iwi_txpower power; 2328 struct ieee80211_key *wk; 2329 struct iwi_wep_key wepkey; 2330 uint32_t data; 2331 int error, i; 2332 2333 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2334 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":")); 2335 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2336 IEEE80211_ADDR_LEN, 0); 2337 if (error != 0) 2338 return error; 2339 2340 memset(&config, 0, sizeof config); 2341 config.bluetooth_coexistence = sc->bluetooth; 2342 config.antenna = sc->antenna; 2343 config.multicast_enabled = 1; 2344 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2345 config.disable_unicast_decryption = 1; 2346 config.disable_multicast_decryption = 1; 2347 DPRINTF(("Configuring adapter\n")); 2348 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 0); 2349 if (error != 0) 2350 return error; 2351 2352 data = htole32(IWI_POWER_MODE_CAM); 2353 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2354 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2355 if (error != 0) 2356 return error; 2357 2358 data = htole32(ic->ic_rtsthreshold); 2359 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2360 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2361 if (error != 0) 2362 return error; 2363 2364 data = htole32(ic->ic_fragthreshold); 2365 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2366 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2367 if (error != 0) 2368 return error; 2369 2370 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2371 power.mode = IWI_MODE_11B; 2372 power.nchan = 11; 2373 for (i = 0; i < 11; i++) { 2374 power.chan[i].chan = i + 1; 2375 power.chan[i].power = IWI_TXPOWER_MAX; 2376 } 2377 DPRINTF(("Setting .11b channels tx power\n")); 2378 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2379 0); 2380 if (error != 0) 2381 return error; 2382 2383 power.mode = IWI_MODE_11G; 2384 DPRINTF(("Setting .11g channels tx power\n")); 2385 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2386 0); 2387 if (error != 0) 2388 return error; 2389 } 2390 2391 rs.mode = IWI_MODE_11G; 2392 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2393 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2394 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2395 rs.nrates); 2396 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2397 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2398 if (error != 0) 2399 return error; 2400 2401 rs.mode = IWI_MODE_11A; 2402 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2403 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2404 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2405 rs.nrates); 2406 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2407 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2408 if (error != 0) 2409 return error; 2410 2411 /* if we have a desired ESSID, set it now */ 2412 if (ic->ic_des_esslen != 0) { 2413 #ifdef IWI_DEBUG 2414 if (iwi_debug > 0) { 2415 kprintf("Setting desired ESSID to "); 2416 ieee80211_print_essid(ic->ic_des_essid, 2417 ic->ic_des_esslen); 2418 kprintf("\n"); 2419 } 2420 #endif 2421 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2422 ic->ic_des_esslen, 0); 2423 if (error != 0) 2424 return error; 2425 } 2426 2427 data = htole32(karc4random()); 2428 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2429 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2430 if (error != 0) 2431 return error; 2432 2433 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2434 wk = &ic->ic_crypto.cs_nw_keys[i]; 2435 2436 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2437 wepkey.idx = i; 2438 wepkey.len = wk->wk_keylen; 2439 memset(wepkey.key, 0, sizeof wepkey.key); 2440 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2441 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx, 2442 wepkey.len)); 2443 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2444 sizeof wepkey, 0); 2445 if (error != 0) 2446 return error; 2447 } 2448 2449 /* Enable adapter */ 2450 DPRINTF(("Enabling adapter\n")); 2451 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2452 } 2453 2454 static int 2455 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2456 { 2457 struct ieee80211com *ic = &sc->sc_ic; 2458 struct iwi_scan scan; 2459 2460 memset(&scan, 0, sizeof scan); 2461 memset(scan.type, IWI_SCAN_TYPE_PASSIVE, sizeof scan.type); 2462 scan.passive = htole16(2000); 2463 scan.channels[0] = 1 | 2464 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2465 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2466 2467 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2468 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2469 } 2470 2471 static int 2472 iwi_scan(struct iwi_softc *sc) 2473 { 2474 struct ieee80211com *ic = &sc->sc_ic; 2475 struct iwi_scan scan; 2476 uint8_t *p; 2477 int i, count; 2478 2479 memset(&scan, 0, sizeof scan); 2480 2481 if (ic->ic_des_esslen != 0) { 2482 scan.bdirected = htole16(sc->dwelltime); 2483 memset(scan.type, IWI_SCAN_TYPE_BDIRECTED, sizeof scan.type); 2484 } else { 2485 scan.broadcast = htole16(sc->dwelltime); 2486 memset(scan.type, IWI_SCAN_TYPE_BROADCAST, sizeof scan.type); 2487 } 2488 2489 p = scan.channels; 2490 count = 0; 2491 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2492 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2493 isset(ic->ic_chan_active, i)) { 2494 *++p = i; 2495 count++; 2496 } 2497 } 2498 *(p - count) = IWI_CHAN_5GHZ | count; 2499 2500 p = (count > 0) ? p + 1 : scan.channels; 2501 count = 0; 2502 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2503 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2504 isset(ic->ic_chan_active, i)) { 2505 *++p = i; 2506 count++; 2507 } 2508 } 2509 *(p - count) = IWI_CHAN_2GHZ | count; 2510 2511 DPRINTF(("Start scanning\n")); 2512 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2513 } 2514 2515 static int 2516 iwi_auth_and_assoc(struct iwi_softc *sc) 2517 { 2518 struct ieee80211com *ic = &sc->sc_ic; 2519 struct ifnet *ifp = ic->ic_ifp; 2520 struct ieee80211_node *ni = ic->ic_bss; 2521 struct ieee80211_wme_info wme; 2522 struct iwi_configuration config; 2523 struct iwi_associate assoc; 2524 struct iwi_rateset rs; 2525 uint16_t capinfo; 2526 uint32_t data; 2527 int error; 2528 2529 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2530 memset(&config, 0, sizeof config); 2531 config.bluetooth_coexistence = sc->bluetooth; 2532 config.antenna = sc->antenna; 2533 config.multicast_enabled = 1; 2534 config.use_protection = 1; 2535 config.answer_pbreq = 2536 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2537 config.disable_unicast_decryption = 1; 2538 config.disable_multicast_decryption = 1; 2539 DPRINTF(("Configuring adapter\n")); 2540 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 2541 1); 2542 if (error != 0) 2543 return error; 2544 } 2545 2546 #ifdef IWI_DEBUG 2547 if (iwi_debug > 0) { 2548 kprintf("Setting ESSID to "); 2549 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2550 kprintf("\n"); 2551 } 2552 #endif 2553 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2554 if (error != 0) 2555 return error; 2556 2557 /* the rate set has already been "negotiated" */ 2558 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2559 IWI_MODE_11G; 2560 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2561 rs.nrates = ni->ni_rates.rs_nrates; 2562 KKASSERT(rs.nrates <= IWI_RATESET_MAXSIZE); 2563 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2564 DPRINTF(("Setting negociated rates (%u)\n", rs.nrates)); 2565 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2566 if (error != 0) 2567 return error; 2568 2569 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2570 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2571 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2572 wme.wme_oui[0] = 0x00; 2573 wme.wme_oui[1] = 0x50; 2574 wme.wme_oui[2] = 0xf2; 2575 wme.wme_type = WME_OUI_TYPE; 2576 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2577 wme.wme_version = WME_VERSION; 2578 wme.wme_info = 0; 2579 2580 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2581 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2582 if (error != 0) 2583 return error; 2584 } 2585 2586 if (ic->ic_opt_ie != NULL) { 2587 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2588 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2589 ic->ic_opt_ie_len, 1); 2590 if (error != 0) 2591 return error; 2592 } 2593 2594 data = htole32(ni->ni_rssi); 2595 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2596 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2597 if (error != 0) 2598 return error; 2599 2600 memset(&assoc, 0, sizeof assoc); 2601 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2602 IWI_MODE_11G; 2603 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2604 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2605 assoc.auth = ic->ic_crypto.cs_def_txkey << 4 | IWI_AUTH_SHARED; 2606 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2607 assoc.policy |= htole16(IWI_POLICY_WME); 2608 if (ic->ic_flags & IEEE80211_F_WPA) 2609 assoc.policy |= htole16(IWI_POLICY_WPA); 2610 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2611 2612 if (ic->ic_opmode == IEEE80211_M_IBSS) 2613 capinfo = IEEE80211_CAPINFO_IBSS; 2614 else 2615 capinfo = IEEE80211_CAPINFO_ESS; 2616 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2617 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2618 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2619 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2620 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2621 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2622 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2623 assoc.capinfo = htole16(capinfo); 2624 2625 assoc.lintval = htole16(ic->ic_lintval); 2626 assoc.intval = htole16(ni->ni_intval); 2627 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2628 if (ic->ic_opmode == IEEE80211_M_IBSS) 2629 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2630 else 2631 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2632 2633 DPRINTF(("Trying to associate to %6D channel %u auth %u\n", 2634 assoc.bssid, ":", assoc.chan, assoc.auth)); 2635 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2636 } 2637 2638 static void 2639 iwi_init(void *priv) 2640 { 2641 struct iwi_softc *sc = priv; 2642 struct ieee80211com *ic = &sc->sc_ic; 2643 struct ifnet *ifp = ic->ic_ifp; 2644 struct iwi_firmware *fw = &sc->fw; 2645 struct iwi_rx_data *data; 2646 int i; 2647 2648 /* exit immediately if firmware has not been ioctl'd */ 2649 if (!(sc->flags & IWI_FLAG_FW_CACHED)) { 2650 if (!(sc->flags & IWI_FLAG_FW_WARNED)) 2651 device_printf(sc->sc_dev, "Please load firmware\n"); 2652 sc->flags |= IWI_FLAG_FW_WARNED; 2653 ifp->if_flags &= ~IFF_UP; 2654 return; 2655 } 2656 2657 iwi_stop(sc); 2658 2659 if (iwi_reset(sc) != 0) { 2660 device_printf(sc->sc_dev, "could not reset adapter\n"); 2661 goto fail; 2662 } 2663 2664 if (iwi_load_firmware(sc, fw->boot, fw->boot_size) != 0) { 2665 device_printf(sc->sc_dev, "could not load boot firmware\n"); 2666 goto fail; 2667 } 2668 2669 if (iwi_load_ucode(sc, fw->ucode, fw->ucode_size) != 0) { 2670 device_printf(sc->sc_dev, "could not load microcode\n"); 2671 goto fail; 2672 } 2673 2674 iwi_stop_master(sc); 2675 2676 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr); 2677 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2678 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2679 2680 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr); 2681 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2682 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2683 2684 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr); 2685 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2686 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2687 2688 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr); 2689 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2690 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2691 2692 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr); 2693 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2694 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2695 2696 for (i = 0; i < sc->rxq.count; i++) { 2697 data = &sc->rxq.data[i]; 2698 CSR_WRITE_4(sc, data->reg, data->physaddr); 2699 } 2700 2701 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1); 2702 2703 if (iwi_load_firmware(sc, fw->main, fw->main_size) != 0) { 2704 device_printf(sc->sc_dev, "could not load main firmware\n"); 2705 goto fail; 2706 } 2707 2708 sc->flags |= IWI_FLAG_FW_INITED; 2709 2710 if (iwi_config(sc) != 0) { 2711 device_printf(sc->sc_dev, "device configuration failed\n"); 2712 goto fail; 2713 } 2714 2715 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2716 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2717 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2718 } else 2719 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2720 2721 ifp->if_flags &= ~IFF_OACTIVE; 2722 ifp->if_flags |= IFF_RUNNING; 2723 2724 return; 2725 2726 fail: ifp->if_flags &= ~IFF_UP; 2727 iwi_stop(sc); 2728 } 2729 2730 static void 2731 iwi_stop(void *priv) 2732 { 2733 struct iwi_softc *sc = priv; 2734 struct ieee80211com *ic = &sc->sc_ic; 2735 struct ifnet *ifp = ic->ic_ifp; 2736 2737 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2738 2739 iwi_stop_master(sc); 2740 2741 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET); 2742 2743 /* reset rings */ 2744 iwi_reset_cmd_ring(sc, &sc->cmdq); 2745 iwi_reset_tx_ring(sc, &sc->txq[0]); 2746 iwi_reset_tx_ring(sc, &sc->txq[1]); 2747 iwi_reset_tx_ring(sc, &sc->txq[2]); 2748 iwi_reset_tx_ring(sc, &sc->txq[3]); 2749 iwi_reset_rx_ring(sc, &sc->rxq); 2750 2751 sc->sc_tx_timer = 0; 2752 ifp->if_timer = 0; 2753 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2754 } 2755 2756 static int 2757 iwi_sysctl_stats(SYSCTL_HANDLER_ARGS) 2758 { 2759 struct iwi_softc *sc = arg1; 2760 struct ifnet *ifp = &sc->sc_ic.ic_if; 2761 uint32_t size, buf[128]; 2762 2763 lwkt_serialize_enter(ifp->if_serializer); 2764 2765 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 2766 memset(buf, 0, sizeof buf); 2767 goto back; 2768 } 2769 2770 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 2771 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 2772 back: 2773 lwkt_serialize_exit(ifp->if_serializer); 2774 return SYSCTL_OUT(req, buf, sizeof buf); 2775 } 2776 2777 static int 2778 iwi_sysctl_radio(SYSCTL_HANDLER_ARGS) 2779 { 2780 struct iwi_softc *sc = arg1; 2781 struct ifnet *ifp = &sc->sc_ic.ic_if; 2782 int val; 2783 2784 lwkt_serialize_enter(ifp->if_serializer); 2785 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 2786 lwkt_serialize_exit(ifp->if_serializer); 2787 2788 return SYSCTL_OUT(req, &val, sizeof val); 2789 } 2790 2791 static const int8_t iwi_bitmap[256] = { 2792 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2793 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2794 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2795 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2796 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2797 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2798 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2799 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 7, 2800 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2801 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2802 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2803 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2804 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2805 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2806 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2807 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, -1 2808 }; 2809 2810 static int 2811 iwi_alloc_ibss_node(struct iwi_softc *sc) 2812 { 2813 int i; 2814 2815 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2816 2817 for (i = 0; i < IWI_MAX_IBSSNODE_NBYTE; ++i) { 2818 int ret; 2819 2820 ret = iwi_bitmap[sc->sc_ibss_node[i]]; 2821 if (ret != -1) { 2822 sc->sc_ibss_node[i] |= (1 << ret); 2823 ret += (i * NBBY); 2824 return ret; 2825 } 2826 } 2827 return -1; 2828 } 2829 2830 static void 2831 iwi_free_ibss_node(struct iwi_softc *sc, int ibss_node) 2832 { 2833 int i, b; 2834 2835 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2836 KASSERT(ibss_node < IWI_MAX_IBSSNODE, ("free ibss node, out of range")); 2837 2838 i = ibss_node / NBBY; 2839 b = ibss_node % NBBY; 2840 2841 sc->sc_ibss_node[i] &= ~(1 << b); 2842 } 2843