1 /* 2 * Copyright (c) 2004-2006 3 * Damien Bergamini <damien.bergamini@free.fr>. 4 * Copyright (c) 2004, 2005 5 * Andrew Atrens <atrens@nortelnetworks.com>. 6 * 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice unmodified, this list of conditions, and the following 14 * disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.8.2.6 2006/02/23 02:06:46 sam Exp $ 32 * $DragonFly: src/sys/dev/netif/iwi/if_iwi.c,v 1.12 2006/08/01 18:04:22 swildner Exp $ 33 */ 34 35 /*- 36 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 37 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 38 */ 39 40 #include <sys/param.h> 41 #include <sys/sysctl.h> 42 #include <sys/sockio.h> 43 #include <sys/mbuf.h> 44 #include <sys/kernel.h> 45 #include <sys/kthread.h> 46 #include <sys/socket.h> 47 #include <sys/systm.h> 48 #include <sys/malloc.h> 49 #include <sys/module.h> 50 #include <sys/bus.h> 51 #include <sys/endian.h> 52 #include <sys/proc.h> 53 #include <sys/ucred.h> 54 #include <sys/serialize.h> 55 56 #include <machine/bus.h> 57 #include <machine/resource.h> 58 #include <sys/rman.h> 59 60 #include <bus/pci/pcidevs.h> 61 #include <bus/pci/pcireg.h> 62 #include <bus/pci/pcivar.h> 63 64 #include <net/bpf.h> 65 #include <net/if.h> 66 #include <net/if_arp.h> 67 #include <net/ethernet.h> 68 #include <net/if_dl.h> 69 #include <net/if_media.h> 70 #include <net/if_types.h> 71 #include <net/ifq_var.h> 72 73 #include <netproto/802_11/ieee80211_var.h> 74 #include <netproto/802_11/ieee80211_radiotap.h> 75 76 #include <netinet/in.h> 77 #include <netinet/in_systm.h> 78 #include <netinet/in_var.h> 79 #include <netinet/ip.h> 80 #include <netinet/if_ether.h> 81 82 #include <dev/netif/iwi/if_iwireg.h> 83 #include <dev/netif/iwi/if_iwivar.h> 84 85 #ifdef IWI_DEBUG 86 #define DPRINTF(x) do { if (iwi_debug > 0) printf x; } while (0) 87 #define DPRINTFN(n, x) do { if (iwi_debug >= (n)) printf x; } while (0) 88 int iwi_debug = 0; 89 SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level"); 90 #else 91 #define DPRINTF(x) 92 #define DPRINTFN(n, x) 93 #endif 94 95 static struct iwi_ident { 96 uint16_t vendor; 97 uint16_t device; 98 const char *name; 99 } iwi_ident_table[] = { 100 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2200BG, 101 "Intel(R) PRO/Wireless 2200BG" }, 102 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2225BG, 103 "Intel(R) PRO/Wireless 2225BG" }, 104 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1, 105 "Intel(R) PRO/Wireless 2915ABG" }, 106 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2, 107 "Intel(R) PRO/Wireless 2915ABG" }, 108 { 0, 0, NULL } 109 }; 110 111 static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 112 static void iwi_dma_map_mbuf(void *, bus_dma_segment_t *, int, bus_size_t, 113 int); 114 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 115 int); 116 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 117 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 118 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 119 int, bus_addr_t, bus_addr_t); 120 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 121 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 122 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 123 int); 124 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 125 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 126 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 127 static void iwi_node_free(struct ieee80211_node *); 128 static int iwi_media_change(struct ifnet *); 129 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 130 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 131 static int iwi_wme_update(struct ieee80211com *); 132 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 133 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 134 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 135 struct iwi_frame *); 136 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 137 static void iwi_rx_intr(struct iwi_softc *); 138 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 139 static void iwi_intr(void *); 140 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 141 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 142 static int iwi_tx_start(struct ifnet *, struct mbuf *, 143 struct ieee80211_node *, int); 144 static void iwi_start(struct ifnet *); 145 static void iwi_watchdog(struct ifnet *); 146 static int iwi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 147 static void iwi_stop_master(struct iwi_softc *); 148 static int iwi_reset(struct iwi_softc *); 149 static int iwi_load_ucode(struct iwi_softc *, void *, int); 150 static int iwi_load_firmware(struct iwi_softc *, void *, int); 151 static int iwi_cache_firmware(struct iwi_softc *, void *); 152 static void iwi_free_firmware(struct iwi_softc *); 153 static int iwi_config(struct iwi_softc *); 154 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 155 static int iwi_scan(struct iwi_softc *); 156 static int iwi_auth_and_assoc(struct iwi_softc *); 157 static void iwi_init(void *); 158 static void iwi_stop(void *); 159 static int iwi_sysctl_stats(SYSCTL_HANDLER_ARGS); 160 static int iwi_sysctl_radio(SYSCTL_HANDLER_ARGS); 161 162 static int iwi_probe(device_t); 163 static int iwi_attach(device_t); 164 static int iwi_detach(device_t); 165 static int iwi_shutdown(device_t); 166 static int iwi_suspend(device_t); 167 static int iwi_resume(device_t); 168 169 static int iwi_alloc_ibss_node(struct iwi_softc *); 170 static void iwi_free_ibss_node(struct iwi_softc *, int); 171 172 static device_method_t iwi_methods[] = { 173 /* Device interface */ 174 DEVMETHOD(device_probe, iwi_probe), 175 DEVMETHOD(device_attach, iwi_attach), 176 DEVMETHOD(device_detach, iwi_detach), 177 DEVMETHOD(device_shutdown, iwi_shutdown), 178 DEVMETHOD(device_suspend, iwi_suspend), 179 DEVMETHOD(device_resume, iwi_resume), 180 181 { 0, 0 } 182 }; 183 184 static driver_t iwi_driver = { 185 "iwi", 186 iwi_methods, 187 sizeof (struct iwi_softc) 188 }; 189 190 static devclass_t iwi_devclass; 191 192 DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0); 193 194 MODULE_DEPEND(iwi, pci, 1, 1, 1); 195 MODULE_DEPEND(iwi, wlan, 1, 1, 1); 196 197 /* 198 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 199 */ 200 static const struct ieee80211_rateset iwi_rateset_11a = 201 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 202 203 static const struct ieee80211_rateset iwi_rateset_11b = 204 { 4, { 2, 4, 11, 22 } }; 205 206 static const struct ieee80211_rateset iwi_rateset_11g = 207 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 208 209 static int 210 iwi_probe(device_t dev) 211 { 212 const struct iwi_ident *ident; 213 uint16_t vid, did; 214 215 vid = pci_get_vendor(dev); 216 did = pci_get_device(dev); 217 for (ident = iwi_ident_table; ident->name != NULL; ident++) { 218 if (vid == ident->vendor && did == ident->device) { 219 device_set_desc(dev, ident->name); 220 return 0; 221 } 222 } 223 return ENXIO; 224 } 225 226 /* Base Address Register */ 227 #define IWI_PCI_BAR0 0x10 228 229 static int 230 iwi_attach(device_t dev) 231 { 232 struct iwi_softc *sc = device_get_softc(dev); 233 struct ieee80211com *ic = &sc->sc_ic; 234 struct ifnet *ifp = &ic->ic_if; 235 uint16_t val; 236 int error, i; 237 238 sc->sc_dev = dev; 239 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 240 241 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { 242 device_printf(dev, "chip is in D%d power mode " 243 "-- setting to D0\n", pci_get_powerstate(dev)); 244 pci_set_powerstate(dev, PCI_POWERSTATE_D0); 245 } 246 247 pci_write_config(dev, 0x41, 0, 1); 248 249 /* enable bus-mastering */ 250 pci_enable_busmaster(dev); 251 252 sc->mem_rid = IWI_PCI_BAR0; 253 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid, 254 RF_ACTIVE); 255 if (sc->mem == NULL) { 256 device_printf(dev, "could not allocate memory resource\n"); 257 return ENXIO; 258 } 259 sc->sc_st = rman_get_bustag(sc->mem); 260 sc->sc_sh = rman_get_bushandle(sc->mem); 261 262 sc->irq_rid = 0; 263 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid, 264 RF_ACTIVE | RF_SHAREABLE); 265 if (sc->irq == NULL) { 266 device_printf(dev, "could not allocate interrupt resource\n"); 267 goto fail; 268 } 269 270 if (iwi_reset(sc) != 0) { 271 device_printf(dev, "could not reset adapter\n"); 272 goto fail; 273 } 274 275 /* 276 * Allocate rings. 277 */ 278 error = iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT); 279 if (error != 0) { 280 device_printf(dev, "could not allocate Cmd ring\n"); 281 goto fail; 282 } 283 284 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 285 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 286 if (error != 0) { 287 device_printf(dev, "could not allocate Tx ring 1\n"); 288 goto fail; 289 } 290 291 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 292 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 293 if (error != 0) { 294 device_printf(dev, "could not allocate Tx ring 2\n"); 295 goto fail; 296 } 297 298 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 299 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 300 if (error != 0) { 301 device_printf(dev, "could not allocate Tx ring 3\n"); 302 goto fail; 303 } 304 305 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 306 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 307 if (error != 0) { 308 device_printf(dev, "could not allocate Tx ring 4\n"); 309 goto fail; 310 } 311 312 error = iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT); 313 if (error != 0) { 314 device_printf(dev, "could not allocate Rx ring\n"); 315 goto fail; 316 } 317 318 sysctl_ctx_init(&sc->sysctl_ctx); 319 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx, 320 SYSCTL_STATIC_CHILDREN(_hw), 321 OID_AUTO, 322 device_get_nameunit(dev), 323 CTLFLAG_RD, 324 0, ""); 325 if (sc->sysctl_tree == NULL) { 326 device_printf(dev, "sysctl add node failed\n"); 327 error = EIO; 328 goto fail; 329 } 330 331 ifp->if_softc = sc; 332 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 333 ifp->if_init = iwi_init; 334 ifp->if_ioctl = iwi_ioctl; 335 ifp->if_start = iwi_start; 336 ifp->if_watchdog = iwi_watchdog; 337 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN); 338 ifq_set_ready(&ifp->if_snd); 339 340 ic->ic_wme.wme_update = iwi_wme_update; 341 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 342 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 343 ic->ic_state = IEEE80211_S_INIT; 344 345 /* set device capabilities */ 346 ic->ic_caps = 347 IEEE80211_C_IBSS | /* IBSS mode supported */ 348 IEEE80211_C_MONITOR | /* monitor mode supported */ 349 IEEE80211_C_TXPMGT | /* tx power management */ 350 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 351 IEEE80211_C_WEP | /* WEP */ 352 IEEE80211_C_WPA | /* 802.11i */ 353 IEEE80211_C_WME; /* 802.11e */ 354 355 /* read MAC address from EEPROM */ 356 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 357 ic->ic_myaddr[0] = val & 0xff; 358 ic->ic_myaddr[1] = val >> 8; 359 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 360 ic->ic_myaddr[2] = val & 0xff; 361 ic->ic_myaddr[3] = val >> 8; 362 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 363 ic->ic_myaddr[4] = val & 0xff; 364 ic->ic_myaddr[5] = val >> 8; 365 366 if (pci_get_device(dev) >= 0x4223) { 367 /* set supported .11a rates (2915ABG only) */ 368 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 369 370 /* set supported .11a channels */ 371 for (i = 36; i <= 64; i += 4) { 372 ic->ic_channels[i].ic_freq = 373 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 374 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 375 } 376 for (i = 149; i <= 165; i += 4) { 377 ic->ic_channels[i].ic_freq = 378 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 379 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 380 } 381 } 382 383 /* set supported .11b and .11g rates */ 384 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 385 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 386 387 /* set supported .11b and .11g channels (1 through 14) */ 388 for (i = 1; i <= 14; i++) { 389 ic->ic_channels[i].ic_freq = 390 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 391 ic->ic_channels[i].ic_flags = 392 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 393 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 394 } 395 396 ieee80211_ifattach(ic); 397 /* override default methods */ 398 ic->ic_node_alloc = iwi_node_alloc; 399 sc->sc_node_free = ic->ic_node_free; 400 ic->ic_node_free = iwi_node_free; 401 /* override state transition machine */ 402 sc->sc_newstate = ic->ic_newstate; 403 ic->ic_newstate = iwi_newstate; 404 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 405 406 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO, 407 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 408 409 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 410 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 411 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 412 413 sc->sc_txtap_len = sizeof sc->sc_txtapu; 414 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 415 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 416 417 /* 418 * Add a few sysctl knobs. 419 */ 420 sc->dwelltime = 100; 421 sc->bluetooth = 1; 422 sc->antenna = 0; 423 424 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 425 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "radio", 426 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I", 427 "radio transmitter switch state (0=off, 1=on)"); 428 429 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 430 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "stats", 431 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S", 432 "statistics"); 433 434 SYSCTL_ADD_INT(&sc->sysctl_ctx, 435 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell", 436 CTLFLAG_RW, &sc->dwelltime, 0, 437 "channel dwell time (ms) for AP/station scanning"); 438 439 SYSCTL_ADD_INT(&sc->sysctl_ctx, 440 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "bluetooth", 441 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence"); 442 443 SYSCTL_ADD_INT(&sc->sysctl_ctx, 444 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "antenna", 445 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)"); 446 447 /* 448 * Hook our interrupt after all initialization is complete. 449 */ 450 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, iwi_intr, sc, 451 &sc->sc_ih, ifp->if_serializer); 452 if (error != 0) { 453 device_printf(dev, "could not set up interrupt\n"); 454 455 bpfdetach(ifp); 456 ieee80211_ifdetach(ic); 457 goto fail; 458 } 459 460 if (bootverbose) 461 ieee80211_announce(ic); 462 463 return 0; 464 fail: 465 iwi_detach(dev); 466 return ENXIO; 467 } 468 469 static int 470 iwi_detach(device_t dev) 471 { 472 struct iwi_softc *sc = device_get_softc(dev); 473 struct ieee80211com *ic = &sc->sc_ic; 474 struct ifnet *ifp = ic->ic_ifp; 475 476 if (device_is_attached(dev)) { 477 lwkt_serialize_enter(ifp->if_serializer); 478 479 iwi_stop(sc); 480 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 481 iwi_free_firmware(sc); 482 483 lwkt_serialize_exit(ifp->if_serializer); 484 485 bpfdetach(ifp); 486 ieee80211_ifdetach(ic); 487 } 488 489 iwi_free_cmd_ring(sc, &sc->cmdq); 490 iwi_free_tx_ring(sc, &sc->txq[0]); 491 iwi_free_tx_ring(sc, &sc->txq[1]); 492 iwi_free_tx_ring(sc, &sc->txq[2]); 493 iwi_free_tx_ring(sc, &sc->txq[3]); 494 iwi_free_rx_ring(sc, &sc->rxq); 495 496 if (sc->irq != NULL) 497 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq); 498 499 if (sc->mem != NULL) 500 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem); 501 502 if (sc->sysctl_tree != NULL) 503 sysctl_ctx_free(&sc->sysctl_ctx); 504 505 return 0; 506 } 507 508 static void 509 iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 510 { 511 if (error != 0) 512 return; 513 514 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 515 516 *(bus_addr_t *)arg = segs[0].ds_addr; 517 } 518 519 static int 520 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count) 521 { 522 int error; 523 524 ring->count = count; 525 ring->queued = 0; 526 ring->cur = ring->next = 0; 527 528 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 529 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_CMD_DESC_SIZE, 1, 530 count * IWI_CMD_DESC_SIZE, 0, &ring->desc_dmat); 531 if (error != 0) { 532 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 533 goto fail; 534 } 535 536 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 537 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 538 if (error != 0) { 539 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 540 goto fail; 541 } 542 543 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 544 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 545 if (error != 0) { 546 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 547 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 548 ring->desc = NULL; 549 return error; 550 } 551 552 return 0; 553 554 fail: iwi_free_cmd_ring(sc, ring); 555 return error; 556 } 557 558 static void 559 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 560 { 561 ring->queued = 0; 562 ring->cur = ring->next = 0; 563 } 564 565 static void 566 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 567 { 568 if (ring->desc != NULL) { 569 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 570 BUS_DMASYNC_POSTWRITE); 571 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 572 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 573 ring->desc = NULL; 574 } 575 576 if (ring->desc_dmat != NULL) { 577 bus_dma_tag_destroy(ring->desc_dmat); 578 ring->desc_dmat = NULL; 579 } 580 } 581 582 static int 583 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count, 584 bus_addr_t csr_ridx, bus_addr_t csr_widx) 585 { 586 int i, error; 587 588 ring->count = count; 589 ring->queued = 0; 590 ring->cur = ring->next = 0; 591 ring->csr_ridx = csr_ridx; 592 ring->csr_widx = csr_widx; 593 594 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 595 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_TX_DESC_SIZE, 1, 596 count * IWI_TX_DESC_SIZE, 0, &ring->desc_dmat); 597 if (error != 0) { 598 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 599 goto fail; 600 } 601 602 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 603 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 604 if (error != 0) { 605 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 606 goto fail; 607 } 608 609 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 610 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 611 if (error != 0) { 612 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 613 614 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 615 ring->desc = NULL; 616 goto fail; 617 } 618 619 ring->data = malloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 620 M_WAITOK | M_ZERO); 621 622 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 623 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, IWI_MAX_NSEG - 2, 624 MCLBYTES, 0, &ring->data_dmat); 625 if (error != 0) { 626 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 627 goto fail; 628 } 629 630 for (i = 0; i < count; i++) { 631 error = bus_dmamap_create(ring->data_dmat, 0, 632 &ring->data[i].map); 633 if (error != 0) { 634 device_printf(sc->sc_dev, "could not create DMA map\n"); 635 goto fail; 636 } 637 } 638 639 return 0; 640 641 fail: iwi_free_tx_ring(sc, ring); 642 return error; 643 } 644 645 static void 646 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 647 { 648 struct iwi_tx_data *data; 649 int i; 650 651 for (i = 0; i < ring->count; i++) { 652 data = &ring->data[i]; 653 654 if (data->m != NULL) { 655 bus_dmamap_sync(ring->data_dmat, data->map, 656 BUS_DMASYNC_POSTWRITE); 657 bus_dmamap_unload(ring->data_dmat, data->map); 658 m_freem(data->m); 659 data->m = NULL; 660 } 661 662 if (data->ni != NULL) { 663 ieee80211_free_node(data->ni); 664 data->ni = NULL; 665 } 666 } 667 668 ring->queued = 0; 669 ring->cur = ring->next = 0; 670 } 671 672 static void 673 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 674 { 675 struct iwi_tx_data *data; 676 int i; 677 678 if (ring->desc != NULL) { 679 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 680 BUS_DMASYNC_POSTWRITE); 681 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 682 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 683 ring->desc = NULL; 684 } 685 686 if (ring->desc_dmat != NULL) { 687 bus_dma_tag_destroy(ring->desc_dmat); 688 ring->desc_dmat = NULL; 689 } 690 691 if (ring->data != NULL) { 692 for (i = 0; i < ring->count; i++) { 693 data = &ring->data[i]; 694 695 if (data->m != NULL) { 696 bus_dmamap_sync(ring->data_dmat, data->map, 697 BUS_DMASYNC_POSTWRITE); 698 bus_dmamap_unload(ring->data_dmat, data->map); 699 m_freem(data->m); 700 data->m = NULL; 701 } 702 703 if (data->ni != NULL) { 704 ieee80211_free_node(data->ni); 705 data->ni = NULL; 706 } 707 708 if (data->map != NULL) { 709 bus_dmamap_destroy(ring->data_dmat, data->map); 710 data->map = NULL; 711 } 712 } 713 714 free(ring->data, M_DEVBUF); 715 ring->data = NULL; 716 } 717 718 if (ring->data_dmat != NULL) { 719 bus_dma_tag_destroy(ring->data_dmat); 720 ring->data_dmat = NULL; 721 } 722 } 723 724 static int 725 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count) 726 { 727 struct iwi_rx_data *data; 728 int i, error; 729 730 ring->count = count; 731 ring->cur = 0; 732 733 ring->data = malloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 734 M_WAITOK | M_ZERO); 735 736 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 737 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, 738 &ring->data_dmat); 739 if (error != 0) { 740 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 741 goto fail; 742 } 743 744 for (i = 0; i < count; i++) { 745 data = &ring->data[i]; 746 747 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 748 if (error != 0) { 749 device_printf(sc->sc_dev, "could not create DMA map\n"); 750 goto fail; 751 } 752 753 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR); 754 if (data->m == NULL) { 755 device_printf(sc->sc_dev, 756 "could not allocate rx mbuf\n"); 757 error = ENOMEM; 758 goto fail; 759 } 760 761 error = bus_dmamap_load(ring->data_dmat, data->map, 762 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 763 &data->physaddr, 0); 764 if (error != 0) { 765 device_printf(sc->sc_dev, 766 "could not load rx buf DMA map"); 767 768 m_freem(data->m); 769 data->m = NULL; 770 goto fail; 771 } 772 773 data->reg = IWI_CSR_RX_BASE + i * 4; 774 } 775 776 return 0; 777 778 fail: iwi_free_rx_ring(sc, ring); 779 return error; 780 } 781 782 static void 783 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 784 { 785 ring->cur = 0; 786 } 787 788 static void 789 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 790 { 791 struct iwi_rx_data *data; 792 int i; 793 794 if (ring->data != NULL) { 795 for (i = 0; i < ring->count; i++) { 796 data = &ring->data[i]; 797 798 if (data->m != NULL) { 799 bus_dmamap_sync(ring->data_dmat, data->map, 800 BUS_DMASYNC_POSTREAD); 801 bus_dmamap_unload(ring->data_dmat, data->map); 802 m_freem(data->m); 803 data->m = NULL; 804 } 805 806 if (data->map != NULL) { 807 bus_dmamap_destroy(ring->data_dmat, data->map); 808 data->map = NULL; 809 } 810 } 811 812 free(ring->data, M_DEVBUF); 813 ring->data = NULL; 814 } 815 816 if (ring->data_dmat != NULL) { 817 bus_dma_tag_destroy(ring->data_dmat); 818 ring->data_dmat = NULL; 819 } 820 } 821 822 static int 823 iwi_shutdown(device_t dev) 824 { 825 struct iwi_softc *sc = device_get_softc(dev); 826 struct ifnet *ifp = &sc->sc_ic.ic_if; 827 828 lwkt_serialize_enter(ifp->if_serializer); 829 iwi_stop(sc); 830 lwkt_serialize_exit(ifp->if_serializer); 831 832 return 0; 833 } 834 835 static int 836 iwi_suspend(device_t dev) 837 { 838 struct iwi_softc *sc = device_get_softc(dev); 839 struct ifnet *ifp = &sc->sc_ic.ic_if; 840 841 lwkt_serialize_enter(ifp->if_serializer); 842 iwi_stop(sc); 843 lwkt_serialize_exit(ifp->if_serializer); 844 845 return 0; 846 } 847 848 static int 849 iwi_resume(device_t dev) 850 { 851 struct iwi_softc *sc = device_get_softc(dev); 852 struct ifnet *ifp = sc->sc_ic.ic_ifp; 853 854 lwkt_serialize_enter(ifp->if_serializer); 855 856 pci_write_config(dev, 0x41, 0, 1); 857 858 if (ifp->if_flags & IFF_UP) { 859 ifp->if_init(ifp->if_softc); 860 if (ifp->if_flags & IFF_RUNNING) 861 ifp->if_start(ifp); 862 } 863 864 lwkt_serialize_exit(ifp->if_serializer); 865 866 return 0; 867 } 868 869 static struct ieee80211_node * 870 iwi_node_alloc(struct ieee80211_node_table *nt) 871 { 872 struct iwi_node *in; 873 874 in = malloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 875 if (in == NULL) 876 return NULL; 877 878 in->in_station = -1; 879 880 return &in->in_node; 881 } 882 883 static void 884 iwi_node_free(struct ieee80211_node *ni) 885 { 886 struct ieee80211com *ic = ni->ni_ic; 887 struct iwi_softc *sc = ic->ic_ifp->if_softc; 888 struct iwi_node *in = (struct iwi_node *)ni; 889 890 if (in->in_station != -1) 891 iwi_free_ibss_node(sc, in->in_station); 892 893 sc->sc_node_free(ni); 894 } 895 896 static int 897 iwi_media_change(struct ifnet *ifp) 898 { 899 struct iwi_softc *sc = ifp->if_softc; 900 int error; 901 902 ASSERT_SERIALIZED(ifp->if_serializer); 903 904 error = ieee80211_media_change(ifp); 905 if (error != ENETRESET) 906 return error; 907 908 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 909 iwi_init(sc); 910 return 0; 911 } 912 913 /* 914 * The firmware automatically adapts the transmit speed. We report its current 915 * value here. 916 */ 917 static void 918 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 919 { 920 struct iwi_softc *sc = ifp->if_softc; 921 struct ieee80211com *ic = &sc->sc_ic; 922 #define N(a) (sizeof (a) / sizeof (a[0])) 923 static const struct { 924 uint32_t val; 925 int rate; 926 } rates[] = { 927 { IWI_RATE_DS1, 2 }, 928 { IWI_RATE_DS2, 4 }, 929 { IWI_RATE_DS5, 11 }, 930 { IWI_RATE_DS11, 22 }, 931 { IWI_RATE_OFDM6, 12 }, 932 { IWI_RATE_OFDM9, 18 }, 933 { IWI_RATE_OFDM12, 24 }, 934 { IWI_RATE_OFDM18, 36 }, 935 { IWI_RATE_OFDM24, 48 }, 936 { IWI_RATE_OFDM36, 72 }, 937 { IWI_RATE_OFDM48, 96 }, 938 { IWI_RATE_OFDM54, 108 }, 939 }; 940 uint32_t val; 941 int rate, i; 942 943 imr->ifm_status = IFM_AVALID; 944 imr->ifm_active = IFM_IEEE80211; 945 if (ic->ic_state == IEEE80211_S_RUN) 946 imr->ifm_status |= IFM_ACTIVE; 947 948 /* read current transmission rate from adapter */ 949 val = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE); 950 951 /* convert rate to 802.11 rate */ 952 for (i = 0; i < N(rates) && rates[i].val != val; i++); 953 rate = (i < N(rates)) ? rates[i].rate : 0; 954 955 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 956 switch (ic->ic_opmode) { 957 case IEEE80211_M_STA: 958 break; 959 960 case IEEE80211_M_IBSS: 961 imr->ifm_active |= IFM_IEEE80211_ADHOC; 962 break; 963 964 case IEEE80211_M_MONITOR: 965 imr->ifm_active |= IFM_IEEE80211_MONITOR; 966 break; 967 968 case IEEE80211_M_AHDEMO: 969 case IEEE80211_M_HOSTAP: 970 /* should not get there */ 971 break; 972 } 973 #undef N 974 } 975 976 static int 977 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 978 { 979 struct ifnet *ifp = ic->ic_ifp; 980 struct iwi_softc *sc = ifp->if_softc; 981 enum ieee80211_state ostate; 982 uint32_t tmp; 983 984 ostate = ic->ic_state; 985 986 switch (nstate) { 987 case IEEE80211_S_SCAN: 988 if (sc->flags & IWI_FLAG_SCANNING) 989 break; 990 991 ieee80211_node_table_reset(&ic->ic_scan); 992 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 993 sc->flags |= IWI_FLAG_SCANNING; 994 iwi_scan(sc); 995 break; 996 997 case IEEE80211_S_AUTH: 998 iwi_auth_and_assoc(sc); 999 break; 1000 1001 case IEEE80211_S_RUN: 1002 if (ic->ic_opmode == IEEE80211_M_IBSS) 1003 iwi_auth_and_assoc(sc); 1004 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1005 iwi_set_chan(sc, ic->ic_ibss_chan); 1006 1007 /* assoc led on */ 1008 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1009 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp | IWI_LED_ASSOC); 1010 1011 return sc->sc_newstate(ic, nstate, 1012 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1013 1014 case IEEE80211_S_ASSOC: 1015 break; 1016 1017 case IEEE80211_S_INIT: 1018 sc->flags &= ~IWI_FLAG_SCANNING; 1019 1020 if (ostate != IEEE80211_S_RUN) 1021 break; 1022 1023 /* assoc led off */ 1024 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1025 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp & ~IWI_LED_ASSOC); 1026 break; 1027 } 1028 1029 ic->ic_state = nstate; 1030 1031 return 0; 1032 } 1033 1034 /* 1035 * WME parameters coming from IEEE 802.11e specification. These values are 1036 * already declared in ieee80211_proto.c, but they are static so they can't 1037 * be reused here. 1038 */ 1039 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1040 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1041 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1042 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1043 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1044 }; 1045 1046 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1047 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1048 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1049 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1050 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1051 }; 1052 1053 static int 1054 iwi_wme_update(struct ieee80211com *ic) 1055 { 1056 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1057 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1058 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1059 struct iwi_wme_params wme[3]; 1060 const struct wmeParams *wmep; 1061 int ac; 1062 1063 /* 1064 * We shall not override firmware default WME values if WME is not 1065 * actually enabled. 1066 */ 1067 if (!(ic->ic_flags & IEEE80211_F_WME)) 1068 return 0; 1069 1070 for (ac = 0; ac < WME_NUM_AC; ac++) { 1071 /* set WME values for current operating mode */ 1072 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1073 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1074 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1075 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1076 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1077 wme[0].acm[ac] = wmep->wmep_acm; 1078 1079 /* set WME values for CCK modulation */ 1080 wmep = &iwi_wme_cck_params[ac]; 1081 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1082 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1083 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1084 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1085 wme[1].acm[ac] = wmep->wmep_acm; 1086 1087 /* set WME values for OFDM modulation */ 1088 wmep = &iwi_wme_ofdm_params[ac]; 1089 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1090 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1091 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1092 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1093 wme[2].acm[ac] = wmep->wmep_acm; 1094 } 1095 1096 DPRINTF(("Setting WME parameters\n")); 1097 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1098 #undef IWI_USEC 1099 #undef IWI_EXP2 1100 } 1101 1102 /* 1103 * Read 16 bits at address 'addr' from the serial EEPROM. 1104 */ 1105 static uint16_t 1106 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1107 { 1108 uint32_t tmp; 1109 uint16_t val; 1110 int n; 1111 1112 /* Clock C once before the first command */ 1113 IWI_EEPROM_CTL(sc, 0); 1114 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1115 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1116 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1117 1118 /* Write start bit (1) */ 1119 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1120 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1121 1122 /* Write READ opcode (10) */ 1123 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1124 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1125 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1126 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1127 1128 /* Write address A7-A0 */ 1129 for (n = 7; n >= 0; n--) { 1130 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1131 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1132 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1133 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1134 } 1135 1136 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1137 1138 /* Read data Q15-Q0 */ 1139 val = 0; 1140 for (n = 15; n >= 0; n--) { 1141 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1142 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1143 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1144 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1145 } 1146 1147 IWI_EEPROM_CTL(sc, 0); 1148 1149 /* Clear Chip Select and clock C */ 1150 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1151 IWI_EEPROM_CTL(sc, 0); 1152 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1153 1154 return val; 1155 } 1156 1157 /* 1158 * XXX: Hack to set the current channel to the value advertised in beacons or 1159 * probe responses. Only used during AP detection. 1160 */ 1161 static void 1162 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1163 { 1164 struct ieee80211_frame *wh; 1165 uint8_t subtype; 1166 uint8_t *frm, *efrm; 1167 1168 wh = mtod(m, struct ieee80211_frame *); 1169 1170 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1171 return; 1172 1173 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1174 1175 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1176 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1177 return; 1178 1179 frm = (uint8_t *)(wh + 1); 1180 efrm = mtod(m, uint8_t *) + m->m_len; 1181 1182 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1183 while (frm < efrm) { 1184 if (*frm == IEEE80211_ELEMID_DSPARMS) 1185 #if IEEE80211_CHAN_MAX < 255 1186 if (frm[2] <= IEEE80211_CHAN_MAX) 1187 #endif 1188 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1189 1190 frm += frm[1] + 2; 1191 } 1192 } 1193 1194 static void 1195 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1196 struct iwi_frame *frame) 1197 { 1198 struct ieee80211com *ic = &sc->sc_ic; 1199 struct ifnet *ifp = ic->ic_ifp; 1200 struct mbuf *mnew, *m; 1201 struct ieee80211_frame *wh; 1202 struct ieee80211_node *ni; 1203 int error; 1204 1205 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1206 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1207 1208 if (le16toh(frame->len) < sizeof (struct ieee80211_frame)) 1209 return; 1210 1211 /* 1212 * Try to allocate a new mbuf for this ring element and load it before 1213 * processing the current mbuf. If the ring element cannot be loaded, 1214 * drop the received packet and reuse the old mbuf. In the unlikely 1215 * case that the old mbuf can't be reloaded either, explicitly panic. 1216 */ 1217 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR); 1218 if (mnew == NULL) { 1219 ifp->if_ierrors++; 1220 return; 1221 } 1222 1223 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1224 1225 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1226 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr, 1227 0); 1228 if (error != 0) { 1229 m_freem(mnew); 1230 1231 /* try to reload the old mbuf */ 1232 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1233 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 1234 &data->physaddr, 0); 1235 if (error != 0) { 1236 /* very unlikely that it will fail... */ 1237 panic("%s: could not load old rx mbuf", 1238 device_get_name(sc->sc_dev)); 1239 } 1240 ifp->if_ierrors++; 1241 return; 1242 } 1243 1244 /* 1245 * New mbuf successfully loaded, update Rx ring and continue 1246 * processing. 1247 */ 1248 m = data->m; 1249 data->m = mnew; 1250 CSR_WRITE_4(sc, data->reg, data->physaddr); 1251 1252 /* Finalize mbuf */ 1253 m->m_pkthdr.rcvif = ifp; 1254 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1255 sizeof (struct iwi_frame) + le16toh(frame->len); 1256 1257 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1258 1259 if (ic->ic_state == IEEE80211_S_SCAN) 1260 iwi_fix_channel(ic, m); 1261 1262 if (sc->sc_drvbpf != NULL) { 1263 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1264 1265 tap->wr_flags = 0; 1266 tap->wr_rate = frame->rate; 1267 tap->wr_chan_freq = 1268 htole16(ic->ic_channels[frame->chan].ic_freq); 1269 tap->wr_chan_flags = 1270 htole16(ic->ic_channels[frame->chan].ic_flags); 1271 tap->wr_antsignal = frame->signal; 1272 tap->wr_antenna = frame->antenna; 1273 1274 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len); 1275 } 1276 1277 wh = mtod(m, struct ieee80211_frame *); 1278 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1279 1280 /* send the frame to the 802.11 layer */ 1281 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1282 1283 /* node is no longer needed */ 1284 ieee80211_free_node(ni); 1285 } 1286 1287 static void 1288 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1289 { 1290 struct ieee80211com *ic = &sc->sc_ic; 1291 struct iwi_notif_scan_channel *chan; 1292 struct iwi_notif_scan_complete *scan; 1293 struct iwi_notif_authentication *auth; 1294 struct iwi_notif_association *assoc; 1295 1296 switch (notif->type) { 1297 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1298 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1299 1300 DPRINTFN(2, ("Scanning channel (%u)\n", chan->nchan)); 1301 break; 1302 1303 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1304 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1305 1306 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1307 scan->status)); 1308 1309 /* monitor mode uses scan to set the channel ... */ 1310 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1311 sc->flags &= ~IWI_FLAG_SCANNING; 1312 ieee80211_end_scan(ic); 1313 } else 1314 iwi_set_chan(sc, ic->ic_ibss_chan); 1315 break; 1316 1317 case IWI_NOTIF_TYPE_AUTHENTICATION: 1318 auth = (struct iwi_notif_authentication *)(notif + 1); 1319 1320 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1321 1322 switch (auth->state) { 1323 case IWI_AUTHENTICATED: 1324 ieee80211_node_authorize(ic->ic_bss); 1325 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1326 break; 1327 1328 case IWI_DEAUTHENTICATED: 1329 break; 1330 1331 default: 1332 device_printf(sc->sc_dev, 1333 "unknown authentication state %u\n", auth->state); 1334 } 1335 break; 1336 1337 case IWI_NOTIF_TYPE_ASSOCIATION: 1338 assoc = (struct iwi_notif_association *)(notif + 1); 1339 1340 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1341 assoc->status)); 1342 1343 switch (assoc->state) { 1344 case IWI_AUTHENTICATED: 1345 /* re-association, do nothing */ 1346 break; 1347 1348 case IWI_ASSOCIATED: 1349 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1350 break; 1351 1352 case IWI_DEASSOCIATED: 1353 ieee80211_begin_scan(ic, 1); 1354 break; 1355 1356 default: 1357 device_printf(sc->sc_dev, 1358 "unknown association state %u\n", assoc->state); 1359 } 1360 break; 1361 1362 default: 1363 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1364 } 1365 } 1366 1367 static void 1368 iwi_rx_intr(struct iwi_softc *sc) 1369 { 1370 struct iwi_rx_data *data; 1371 struct iwi_hdr *hdr; 1372 uint32_t hw; 1373 1374 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1375 1376 for (; sc->rxq.cur != hw;) { 1377 data = &sc->rxq.data[sc->rxq.cur]; 1378 1379 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1380 BUS_DMASYNC_POSTREAD); 1381 1382 hdr = mtod(data->m, struct iwi_hdr *); 1383 1384 switch (hdr->type) { 1385 case IWI_HDR_TYPE_FRAME: 1386 iwi_frame_intr(sc, data, sc->rxq.cur, 1387 (struct iwi_frame *)(hdr + 1)); 1388 break; 1389 1390 case IWI_HDR_TYPE_NOTIF: 1391 iwi_notification_intr(sc, 1392 (struct iwi_notif *)(hdr + 1)); 1393 break; 1394 1395 default: 1396 device_printf(sc->sc_dev, "unknown hdr type %u\n", 1397 hdr->type); 1398 } 1399 1400 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1401 1402 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT; 1403 } 1404 1405 /* Tell the firmware what we have processed */ 1406 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1; 1407 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1408 } 1409 1410 static void 1411 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1412 { 1413 struct ieee80211com *ic = &sc->sc_ic; 1414 struct ifnet *ifp = ic->ic_ifp; 1415 struct iwi_tx_data *data; 1416 uint32_t hw; 1417 1418 hw = CSR_READ_4(sc, txq->csr_ridx); 1419 1420 for (; txq->next != hw;) { 1421 data = &txq->data[txq->next]; 1422 1423 bus_dmamap_sync(txq->data_dmat, data->map, 1424 BUS_DMASYNC_POSTWRITE); 1425 bus_dmamap_unload(txq->data_dmat, data->map); 1426 m_freem(data->m); 1427 data->m = NULL; 1428 ieee80211_free_node(data->ni); 1429 data->ni = NULL; 1430 1431 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1432 1433 ifp->if_opackets++; 1434 1435 txq->queued--; 1436 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT; 1437 } 1438 1439 sc->sc_tx_timer = 0; 1440 ifp->if_flags &= ~IFF_OACTIVE; 1441 iwi_start(ifp); 1442 } 1443 1444 static void 1445 iwi_intr(void *arg) 1446 { 1447 struct iwi_softc *sc = arg; 1448 uint32_t r; 1449 1450 r = CSR_READ_4(sc, IWI_CSR_INTR); 1451 if (r == 0 || r == 0xffffffff) 1452 return; 1453 1454 /* disable interrupts */ 1455 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1456 1457 if (r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR)) { 1458 device_printf(sc->sc_dev, "fatal error\n"); 1459 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1460 iwi_stop(sc); 1461 } 1462 1463 if (r & IWI_INTR_FW_INITED) { 1464 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1465 wakeup(IWI_FW_INITIALIZED(sc)); 1466 } 1467 1468 if (r & IWI_INTR_RADIO_OFF) { 1469 DPRINTF(("radio transmitter turned off\n")); 1470 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1471 iwi_stop(sc); 1472 } 1473 1474 if (r & IWI_INTR_CMD_DONE) 1475 wakeup(IWI_FW_CMD_ACKED(sc)); 1476 1477 if (r & IWI_INTR_TX1_DONE) 1478 iwi_tx_intr(sc, &sc->txq[0]); 1479 1480 if (r & IWI_INTR_TX2_DONE) 1481 iwi_tx_intr(sc, &sc->txq[1]); 1482 1483 if (r & IWI_INTR_TX3_DONE) 1484 iwi_tx_intr(sc, &sc->txq[2]); 1485 1486 if (r & IWI_INTR_TX4_DONE) 1487 iwi_tx_intr(sc, &sc->txq[3]); 1488 1489 if (r & IWI_INTR_RX_DONE) 1490 iwi_rx_intr(sc); 1491 1492 /* acknowledge interrupts */ 1493 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1494 1495 /* re-enable interrupts */ 1496 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 1497 } 1498 1499 static int 1500 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, int async) 1501 { 1502 struct iwi_cmd_desc *desc; 1503 struct ifnet *ifp = &sc->sc_ic.ic_if; 1504 int ret; 1505 1506 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1507 1508 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1509 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1510 desc->type = type; 1511 desc->len = len; 1512 memcpy(desc->data, data, len); 1513 1514 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map, 1515 BUS_DMASYNC_PREWRITE); 1516 1517 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1518 type, len)); 1519 1520 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT; 1521 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1522 1523 if (!async) { 1524 ASSERT_SERIALIZED(ifp->if_serializer); 1525 1526 crit_enter(); 1527 tsleep_interlock(IWI_FW_CMD_ACKED(sc)); 1528 lwkt_serialize_exit(ifp->if_serializer); 1529 ret = tsleep(IWI_FW_CMD_ACKED(sc), 0, "iwicmd", hz); 1530 crit_exit(); 1531 lwkt_serialize_enter(ifp->if_serializer); 1532 } else { 1533 ret = 0; 1534 } 1535 1536 return ret; 1537 } 1538 1539 static void 1540 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1541 { 1542 struct iwi_ibssnode node; 1543 1544 /* write node information into NIC memory */ 1545 memset(&node, 0, sizeof node); 1546 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1547 1548 CSR_WRITE_REGION_1(sc, 1549 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1550 (uint8_t *)&node, sizeof node); 1551 } 1552 1553 struct iwi_dma_mapping { 1554 bus_dma_segment_t segs[IWI_MAX_NSEG]; 1555 int nseg; 1556 bus_size_t mapsize; 1557 }; 1558 1559 static void 1560 iwi_dma_map_mbuf(void *arg, bus_dma_segment_t *segs, int nseg, 1561 bus_size_t mapsize, int error) 1562 { 1563 struct iwi_dma_mapping *map = arg; 1564 1565 if (error != 0) 1566 return; 1567 1568 KASSERT(nseg <= IWI_MAX_NSEG, ("too many DMA segments %d", nseg)); 1569 1570 bcopy(segs, map->segs, nseg * sizeof(bus_dma_segment_t)); 1571 map->nseg = nseg; 1572 map->mapsize = mapsize; 1573 } 1574 1575 static int 1576 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1577 int ac) 1578 { 1579 struct iwi_softc *sc = ifp->if_softc; 1580 struct ieee80211com *ic = &sc->sc_ic; 1581 struct iwi_node *in = (struct iwi_node *)ni; 1582 struct ieee80211_frame *wh; 1583 struct ieee80211_key *k; 1584 const struct chanAccParams *cap; 1585 struct iwi_tx_ring *txq = &sc->txq[ac]; 1586 struct iwi_tx_data *data; 1587 struct iwi_tx_desc *desc; 1588 struct mbuf *mnew; 1589 struct iwi_dma_mapping map; 1590 int error, hdrlen, i, noack = 0; 1591 1592 wh = mtod(m0, struct ieee80211_frame *); 1593 1594 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1595 hdrlen = sizeof (struct ieee80211_qosframe); 1596 cap = &ic->ic_wme.wme_chanParams; 1597 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1598 } else 1599 hdrlen = sizeof (struct ieee80211_frame); 1600 1601 /* 1602 * This is only used in IBSS mode where the firmware expect an index 1603 * in a h/w table instead of a destination address. 1604 */ 1605 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1606 in->in_station = iwi_alloc_ibss_node(sc); 1607 if (in->in_station == -1) { /* h/w table is full */ 1608 m_freem(m0); 1609 ieee80211_free_node(ni); 1610 ifp->if_oerrors++; 1611 if_printf(ifp, "ibss table is full\n"); 1612 return 0; 1613 } 1614 iwi_write_ibssnode(sc, in); 1615 } 1616 1617 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1618 k = ieee80211_crypto_encap(ic, ni, m0); 1619 if (k == NULL) { 1620 m_freem(m0); 1621 return ENOBUFS; 1622 } 1623 1624 /* packet header may have moved, reset our local pointer */ 1625 wh = mtod(m0, struct ieee80211_frame *); 1626 } 1627 1628 if (sc->sc_drvbpf != NULL) { 1629 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1630 1631 tap->wt_flags = 0; 1632 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1633 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1634 1635 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len); 1636 } 1637 1638 data = &txq->data[txq->cur]; 1639 desc = &txq->desc[txq->cur]; 1640 1641 /* save and trim IEEE802.11 header */ 1642 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1643 m_adj(m0, hdrlen); 1644 1645 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1646 iwi_dma_map_mbuf, &map, BUS_DMA_NOWAIT); 1647 if (error != 0 && error != EFBIG) { 1648 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1649 error); 1650 m_freem(m0); 1651 return error; 1652 } 1653 if (error != 0) { 1654 mnew = m_defrag(m0, MB_DONTWAIT); 1655 if (mnew == NULL) { 1656 device_printf(sc->sc_dev, 1657 "could not defragment mbuf\n"); 1658 m_freem(m0); 1659 return ENOBUFS; 1660 } 1661 m0 = mnew; 1662 1663 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1664 iwi_dma_map_mbuf, &map, 1665 BUS_DMA_NOWAIT); 1666 if (error != 0) { 1667 device_printf(sc->sc_dev, 1668 "could not map mbuf (error %d)\n", error); 1669 m_freem(m0); 1670 return error; 1671 } 1672 } 1673 1674 data->m = m0; 1675 data->ni = ni; 1676 1677 desc->hdr.type = IWI_HDR_TYPE_DATA; 1678 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1679 desc->station = 1680 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1681 desc->cmd = IWI_DATA_CMD_TX; 1682 desc->len = htole16(m0->m_pkthdr.len); 1683 desc->flags = 0; 1684 desc->xflags = 0; 1685 1686 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1687 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1688 1689 #if 0 1690 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1691 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1692 desc->weptxkey = ic->ic_crypto.cs_def_txkey; 1693 } else 1694 #endif 1695 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1696 1697 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1698 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1699 1700 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1701 desc->xflags |= IWI_DATA_XFLAG_QOS; 1702 1703 desc->nseg = htole32(map.nseg); 1704 for (i = 0; i < map.nseg; i++) { 1705 desc->seg_addr[i] = htole32(map.segs[i].ds_addr); 1706 desc->seg_len[i] = htole16(map.segs[i].ds_len); 1707 } 1708 1709 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1710 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1711 1712 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1713 ac, txq->cur, le16toh(desc->len), nsegs)); 1714 1715 txq->queued++; 1716 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT; 1717 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1718 1719 return 0; 1720 } 1721 1722 static void 1723 iwi_start(struct ifnet *ifp) 1724 { 1725 struct iwi_softc *sc = ifp->if_softc; 1726 struct ieee80211com *ic = &sc->sc_ic; 1727 struct mbuf *m0; 1728 struct ether_header *eh; 1729 struct ieee80211_node *ni; 1730 int ac; 1731 1732 if (ic->ic_state != IEEE80211_S_RUN) 1733 return; 1734 1735 for (;;) { 1736 m0 = ifq_dequeue(&ifp->if_snd, NULL); 1737 if (m0 == NULL) 1738 break; 1739 1740 if (m0->m_len < sizeof (struct ether_header) && 1741 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1742 ifp->if_oerrors++; 1743 continue; 1744 } 1745 eh = mtod(m0, struct ether_header *); 1746 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1747 if (ni == NULL) { 1748 m_freem(m0); 1749 ifp->if_oerrors++; 1750 continue; 1751 } 1752 1753 /* classify mbuf so we can find which tx ring to use */ 1754 if (ieee80211_classify(ic, m0, ni) != 0) { 1755 m_freem(m0); 1756 ieee80211_free_node(ni); 1757 ifp->if_oerrors++; 1758 continue; 1759 } 1760 1761 /* no QoS encapsulation for EAPOL frames */ 1762 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1763 M_WME_GETAC(m0) : WME_AC_BE; 1764 1765 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) { 1766 /* there is no place left in this ring */ 1767 m_freem(m0); 1768 ieee80211_free_node(ni); 1769 ifp->if_flags |= IFF_OACTIVE; 1770 break; 1771 } 1772 1773 BPF_MTAP(ifp, m0); 1774 1775 m0 = ieee80211_encap(ic, m0, ni); 1776 if (m0 == NULL) { 1777 ieee80211_free_node(ni); 1778 ifp->if_oerrors++; 1779 continue; 1780 } 1781 1782 if (ic->ic_rawbpf != NULL) 1783 bpf_mtap(ic->ic_rawbpf, m0); 1784 1785 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1786 ieee80211_free_node(ni); 1787 ifp->if_oerrors++; 1788 break; 1789 } 1790 1791 sc->sc_tx_timer = 5; 1792 ifp->if_timer = 1; 1793 } 1794 } 1795 1796 static void 1797 iwi_watchdog(struct ifnet *ifp) 1798 { 1799 struct iwi_softc *sc = ifp->if_softc; 1800 struct ieee80211com *ic = &sc->sc_ic; 1801 1802 ifp->if_timer = 0; 1803 1804 if (sc->sc_tx_timer > 0) { 1805 if (--sc->sc_tx_timer == 0) { 1806 if_printf(ifp, "device timeout\n"); 1807 ifp->if_oerrors++; 1808 ifp->if_flags &= ~IFF_UP; 1809 iwi_stop(sc); 1810 return; 1811 } 1812 ifp->if_timer = 1; 1813 } 1814 1815 ieee80211_watchdog(ic); 1816 } 1817 1818 static int 1819 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 1820 { 1821 struct iwi_softc *sc = ifp->if_softc; 1822 struct ieee80211com *ic = &sc->sc_ic; 1823 struct ifreq *ifr; 1824 int error = 0; 1825 1826 switch (cmd) { 1827 case SIOCSIFFLAGS: 1828 if (ifp->if_flags & IFF_UP) { 1829 if (!(ifp->if_flags & IFF_RUNNING)) 1830 iwi_init(sc); 1831 } else { 1832 if (ifp->if_flags & IFF_RUNNING) 1833 iwi_stop(sc); 1834 } 1835 break; 1836 1837 case SIOCSLOADFW: 1838 /* only super-user can do that! */ 1839 error = suser_cred(cr, NULL_CRED_OKAY); 1840 if (error != 0) 1841 break; 1842 1843 ifr = (struct ifreq *)data; 1844 error = iwi_cache_firmware(sc, ifr->ifr_data); 1845 break; 1846 1847 case SIOCSKILLFW: 1848 /* only super-user can do that! */ 1849 error = suser_cred(cr, NULL_CRED_OKAY); 1850 if (error != 0) 1851 break; 1852 1853 ifp->if_flags &= ~IFF_UP; 1854 iwi_stop(sc); 1855 iwi_free_firmware(sc); 1856 break; 1857 1858 default: 1859 error = ieee80211_ioctl(ic, cmd, data, cr); 1860 } 1861 1862 if (error == ENETRESET) { 1863 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1864 (IFF_UP | IFF_RUNNING) && 1865 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1866 iwi_init(sc); 1867 error = 0; 1868 } 1869 1870 return error; 1871 } 1872 1873 static void 1874 iwi_stop_master(struct iwi_softc *sc) 1875 { 1876 uint32_t tmp; 1877 int ntries; 1878 1879 /* disable interrupts */ 1880 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1881 1882 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 1883 for (ntries = 0; ntries < 5; ntries++) { 1884 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1885 break; 1886 DELAY(10); 1887 } 1888 if (ntries == 5) 1889 if_printf(&sc->sc_ic.ic_if, "timeout waiting for master\n"); 1890 1891 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1892 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET); 1893 1894 sc->flags &= ~IWI_FLAG_FW_INITED; 1895 } 1896 1897 static int 1898 iwi_reset(struct iwi_softc *sc) 1899 { 1900 uint32_t tmp; 1901 int i, ntries; 1902 1903 iwi_stop_master(sc); 1904 1905 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 1906 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 1907 1908 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 1909 1910 /* Wait for clock stabilization */ 1911 for (ntries = 0; ntries < 1000; ntries++) { 1912 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 1913 break; 1914 DELAY(200); 1915 } 1916 if (ntries == 1000) { 1917 if_printf(&sc->sc_ic.ic_if, 1918 "timeout waiting for clock stabilization\n"); 1919 return EIO; 1920 } 1921 1922 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1923 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET); 1924 1925 DELAY(10); 1926 1927 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 1928 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 1929 1930 /* Clear NIC memory */ 1931 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 1932 for (i = 0; i < 0xc000; i++) 1933 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 1934 1935 return 0; 1936 } 1937 1938 static int 1939 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 1940 { 1941 uint32_t tmp; 1942 uint16_t *w; 1943 int ntries, i; 1944 1945 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 1946 IWI_RST_STOP_MASTER); 1947 for (ntries = 0; ntries < 5; ntries++) { 1948 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1949 break; 1950 DELAY(10); 1951 } 1952 if (ntries == 5) { 1953 device_printf(sc->sc_dev, "timeout waiting for master\n"); 1954 return EIO; 1955 } 1956 1957 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 1958 DELAY(5000); 1959 1960 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1961 tmp &= ~IWI_RST_PRINCETON_RESET; 1962 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 1963 1964 DELAY(5000); 1965 MEM_WRITE_4(sc, 0x3000e0, 0); 1966 DELAY(1000); 1967 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 1); 1968 DELAY(1000); 1969 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 0); 1970 DELAY(1000); 1971 MEM_WRITE_1(sc, 0x200000, 0x00); 1972 MEM_WRITE_1(sc, 0x200000, 0x40); 1973 DELAY(1000); 1974 1975 /* write microcode into adapter memory */ 1976 for (w = uc; size > 0; w++, size -= 2) 1977 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 1978 1979 MEM_WRITE_1(sc, 0x200000, 0x00); 1980 MEM_WRITE_1(sc, 0x200000, 0x80); 1981 1982 /* wait until we get an answer */ 1983 for (ntries = 0; ntries < 100; ntries++) { 1984 if (MEM_READ_1(sc, 0x200000) & 1) 1985 break; 1986 DELAY(100); 1987 } 1988 if (ntries == 100) { 1989 device_printf(sc->sc_dev, 1990 "timeout waiting for ucode to initialize\n"); 1991 return EIO; 1992 } 1993 1994 /* read the answer or the firmware will not initialize properly */ 1995 for (i = 0; i < 7; i++) 1996 MEM_READ_4(sc, 0x200004); 1997 1998 MEM_WRITE_1(sc, 0x200000, 0x00); 1999 2000 return 0; 2001 } 2002 2003 /* macro to handle unaligned little endian data in firmware image */ 2004 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2005 2006 static int 2007 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2008 { 2009 bus_dma_tag_t dmat; 2010 bus_dmamap_t map; 2011 bus_addr_t physaddr; 2012 void *virtaddr; 2013 u_char *p, *end; 2014 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp; 2015 int ntries, error = 0; 2016 struct ifnet *ifp = &sc->sc_ic.ic_if; 2017 2018 ASSERT_SERIALIZED(ifp->if_serializer); 2019 2020 /* Allocate DMA memory for mapping firmware image */ 2021 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 2022 BUS_SPACE_MAXADDR, NULL, NULL, size, 1, size, 0, &dmat); 2023 if (error != 0) { 2024 device_printf(sc->sc_dev, 2025 "could not create firmware DMA tag\n"); 2026 goto fail1; 2027 } 2028 2029 error = bus_dmamem_alloc(dmat, &virtaddr, BUS_DMA_WAITOK, &map); 2030 if (error != 0) { 2031 device_printf(sc->sc_dev, 2032 "could not allocate firmware DMA memory\n"); 2033 goto fail2; 2034 } 2035 2036 error = bus_dmamap_load(dmat, map, virtaddr, size, iwi_dma_map_addr, 2037 &physaddr, 0); 2038 if (error != 0) { 2039 device_printf(sc->sc_dev, "could not load firmware DMA map\n"); 2040 goto fail3; 2041 } 2042 2043 /* Copy firmware image to DMA memory */ 2044 memcpy(virtaddr, fw, size); 2045 2046 /* Make sure the adapter will get up-to-date values */ 2047 bus_dmamap_sync(dmat, map, BUS_DMASYNC_PREWRITE); 2048 2049 /* Tell the adapter where the command blocks are stored */ 2050 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2051 2052 /* 2053 * Store command blocks into adapter's internal memory using register 2054 * indirections. The adapter will read the firmware image through DMA 2055 * using information stored in command blocks. 2056 */ 2057 src = physaddr; 2058 p = virtaddr; 2059 end = p + size; 2060 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2061 2062 while (p < end) { 2063 dst = GETLE32(p); p += 4; src += 4; 2064 len = GETLE32(p); p += 4; src += 4; 2065 p += len; 2066 2067 while (len > 0) { 2068 mlen = min(len, IWI_CB_MAXDATALEN); 2069 2070 ctl = IWI_CB_DEFAULT_CTL | mlen; 2071 sum = ctl ^ src ^ dst; 2072 2073 /* Write a command block */ 2074 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2075 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src); 2076 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst); 2077 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2078 2079 src += mlen; 2080 dst += mlen; 2081 len -= mlen; 2082 } 2083 } 2084 2085 /* Write a fictive final command block (sentinel) */ 2086 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2087 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2088 2089 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2090 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER); 2091 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2092 2093 /* Tell the adapter to start processing command blocks */ 2094 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2095 2096 /* Wait until the adapter reaches the sentinel */ 2097 for (ntries = 0; ntries < 400; ntries++) { 2098 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2099 break; 2100 DELAY(100); 2101 } 2102 if (ntries == 400) { 2103 device_printf(sc->sc_dev, 2104 "timeout processing command blocks\n"); 2105 error = EIO; 2106 goto fail4; 2107 } 2108 2109 /* We're done with command blocks processing */ 2110 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2111 2112 /* Allow interrupts so we know when the firmware is ready */ 2113 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2114 2115 /* Tell the adapter to initialize the firmware */ 2116 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2117 2118 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2119 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY); 2120 2121 /* wait at most one second for firmware initialization to complete */ 2122 crit_enter(); 2123 tsleep_interlock(IWI_FW_INITIALIZED(sc)); 2124 lwkt_serialize_exit(ifp->if_serializer); 2125 error = tsleep(IWI_FW_INITIALIZED(sc), 0, "iwiinit", hz); 2126 crit_exit(); 2127 lwkt_serialize_enter(ifp->if_serializer); 2128 if (error != 0) { 2129 device_printf(sc->sc_dev, "timeout waiting for firmware " 2130 "initialization to complete\n"); 2131 goto fail4; 2132 } 2133 2134 fail4: bus_dmamap_sync(dmat, map, BUS_DMASYNC_POSTWRITE); 2135 bus_dmamap_unload(dmat, map); 2136 fail3: bus_dmamem_free(dmat, virtaddr, map); 2137 fail2: bus_dma_tag_destroy(dmat); 2138 fail1: 2139 return error; 2140 } 2141 2142 /* 2143 * Store firmware into kernel memory so we can download it when we need to, 2144 * e.g when the adapter wakes up from suspend mode. 2145 */ 2146 static int 2147 iwi_cache_firmware(struct iwi_softc *sc, void *data) 2148 { 2149 struct iwi_firmware *kfw = &sc->fw; 2150 struct iwi_firmware ufw; 2151 int error; 2152 2153 iwi_free_firmware(sc); 2154 2155 if ((error = copyin(data, &ufw, sizeof ufw)) != 0) 2156 return error; 2157 2158 kfw->boot_size = ufw.boot_size; 2159 kfw->ucode_size = ufw.ucode_size; 2160 kfw->main_size = ufw.main_size; 2161 2162 kfw->boot = malloc(kfw->boot_size, M_DEVBUF, M_WAITOK); 2163 kfw->ucode = malloc(kfw->ucode_size, M_DEVBUF, M_WAITOK); 2164 kfw->main = malloc(kfw->main_size, M_DEVBUF, M_WAITOK); 2165 2166 if ((error = copyin(ufw.boot, kfw->boot, kfw->boot_size)) != 0) 2167 goto fail; 2168 2169 if ((error = copyin(ufw.ucode, kfw->ucode, kfw->ucode_size)) != 0) 2170 goto fail; 2171 2172 if ((error = copyin(ufw.main, kfw->main, kfw->main_size)) != 0) 2173 goto fail; 2174 2175 DPRINTF(("Firmware cached: boot %u, ucode %u, main %u\n", 2176 kfw->boot_size, kfw->ucode_size, kfw->main_size)); 2177 2178 sc->flags |= IWI_FLAG_FW_CACHED; 2179 2180 return 0; 2181 2182 fail: 2183 free(kfw->boot, M_DEVBUF); 2184 free(kfw->ucode, M_DEVBUF); 2185 free(kfw->main, M_DEVBUF); 2186 2187 return error; 2188 } 2189 2190 static void 2191 iwi_free_firmware(struct iwi_softc *sc) 2192 { 2193 if (!(sc->flags & IWI_FLAG_FW_CACHED)) 2194 return; 2195 2196 free(sc->fw.boot, M_DEVBUF); 2197 free(sc->fw.ucode, M_DEVBUF); 2198 free(sc->fw.main, M_DEVBUF); 2199 2200 sc->flags &= ~IWI_FLAG_FW_CACHED; 2201 } 2202 2203 static int 2204 iwi_config(struct iwi_softc *sc) 2205 { 2206 struct ieee80211com *ic = &sc->sc_ic; 2207 struct ifnet *ifp = ic->ic_ifp; 2208 struct iwi_configuration config; 2209 struct iwi_rateset rs; 2210 struct iwi_txpower power; 2211 struct ieee80211_key *wk; 2212 struct iwi_wep_key wepkey; 2213 uint32_t data; 2214 int error, i; 2215 2216 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2217 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":")); 2218 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2219 IEEE80211_ADDR_LEN, 0); 2220 if (error != 0) 2221 return error; 2222 2223 memset(&config, 0, sizeof config); 2224 config.bluetooth_coexistence = sc->bluetooth; 2225 config.antenna = sc->antenna; 2226 config.multicast_enabled = 1; 2227 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2228 config.disable_unicast_decryption = 1; 2229 config.disable_multicast_decryption = 1; 2230 DPRINTF(("Configuring adapter\n")); 2231 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 0); 2232 if (error != 0) 2233 return error; 2234 2235 data = htole32(IWI_POWER_MODE_CAM); 2236 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2237 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2238 if (error != 0) 2239 return error; 2240 2241 data = htole32(ic->ic_rtsthreshold); 2242 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2243 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2244 if (error != 0) 2245 return error; 2246 2247 data = htole32(ic->ic_fragthreshold); 2248 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2249 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2250 if (error != 0) 2251 return error; 2252 2253 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2254 power.mode = IWI_MODE_11B; 2255 power.nchan = 11; 2256 for (i = 0; i < 11; i++) { 2257 power.chan[i].chan = i + 1; 2258 power.chan[i].power = IWI_TXPOWER_MAX; 2259 } 2260 DPRINTF(("Setting .11b channels tx power\n")); 2261 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2262 0); 2263 if (error != 0) 2264 return error; 2265 2266 power.mode = IWI_MODE_11G; 2267 DPRINTF(("Setting .11g channels tx power\n")); 2268 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2269 0); 2270 if (error != 0) 2271 return error; 2272 } 2273 2274 rs.mode = IWI_MODE_11G; 2275 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2276 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2277 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2278 rs.nrates); 2279 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2280 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2281 if (error != 0) 2282 return error; 2283 2284 rs.mode = IWI_MODE_11A; 2285 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2286 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2287 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2288 rs.nrates); 2289 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2290 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2291 if (error != 0) 2292 return error; 2293 2294 /* if we have a desired ESSID, set it now */ 2295 if (ic->ic_des_esslen != 0) { 2296 #ifdef IWI_DEBUG 2297 if (iwi_debug > 0) { 2298 printf("Setting desired ESSID to "); 2299 ieee80211_print_essid(ic->ic_des_essid, 2300 ic->ic_des_esslen); 2301 printf("\n"); 2302 } 2303 #endif 2304 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2305 ic->ic_des_esslen, 0); 2306 if (error != 0) 2307 return error; 2308 } 2309 2310 data = htole32(arc4random()); 2311 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2312 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2313 if (error != 0) 2314 return error; 2315 2316 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2317 wk = &ic->ic_crypto.cs_nw_keys[i]; 2318 2319 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2320 wepkey.idx = i; 2321 wepkey.len = wk->wk_keylen; 2322 memset(wepkey.key, 0, sizeof wepkey.key); 2323 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2324 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx, 2325 wepkey.len)); 2326 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2327 sizeof wepkey, 0); 2328 if (error != 0) 2329 return error; 2330 } 2331 2332 /* Enable adapter */ 2333 DPRINTF(("Enabling adapter\n")); 2334 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2335 } 2336 2337 static int 2338 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2339 { 2340 struct ieee80211com *ic = &sc->sc_ic; 2341 struct iwi_scan scan; 2342 2343 memset(&scan, 0, sizeof scan); 2344 memset(scan.type, IWI_SCAN_TYPE_PASSIVE, sizeof scan.type); 2345 scan.passive = htole16(2000); 2346 scan.channels[0] = 1 | 2347 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2348 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2349 2350 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2351 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2352 } 2353 2354 static int 2355 iwi_scan(struct iwi_softc *sc) 2356 { 2357 struct ieee80211com *ic = &sc->sc_ic; 2358 struct iwi_scan scan; 2359 uint8_t *p; 2360 int i, count; 2361 2362 memset(&scan, 0, sizeof scan); 2363 2364 if (ic->ic_des_esslen != 0) { 2365 scan.bdirected = htole16(sc->dwelltime); 2366 memset(scan.type, IWI_SCAN_TYPE_BDIRECTED, sizeof scan.type); 2367 } else { 2368 scan.broadcast = htole16(sc->dwelltime); 2369 memset(scan.type, IWI_SCAN_TYPE_BROADCAST, sizeof scan.type); 2370 } 2371 2372 p = scan.channels; 2373 count = 0; 2374 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2375 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2376 isset(ic->ic_chan_active, i)) { 2377 *++p = i; 2378 count++; 2379 } 2380 } 2381 *(p - count) = IWI_CHAN_5GHZ | count; 2382 2383 p = (count > 0) ? p + 1 : scan.channels; 2384 count = 0; 2385 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2386 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2387 isset(ic->ic_chan_active, i)) { 2388 *++p = i; 2389 count++; 2390 } 2391 } 2392 *(p - count) = IWI_CHAN_2GHZ | count; 2393 2394 DPRINTF(("Start scanning\n")); 2395 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2396 } 2397 2398 static int 2399 iwi_auth_and_assoc(struct iwi_softc *sc) 2400 { 2401 struct ieee80211com *ic = &sc->sc_ic; 2402 struct ifnet *ifp = ic->ic_ifp; 2403 struct ieee80211_node *ni = ic->ic_bss; 2404 struct ieee80211_wme_info wme; 2405 struct iwi_configuration config; 2406 struct iwi_associate assoc; 2407 struct iwi_rateset rs; 2408 uint16_t capinfo; 2409 uint32_t data; 2410 int error; 2411 2412 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2413 memset(&config, 0, sizeof config); 2414 config.bluetooth_coexistence = sc->bluetooth; 2415 config.antenna = sc->antenna; 2416 config.multicast_enabled = 1; 2417 config.use_protection = 1; 2418 config.answer_pbreq = 2419 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2420 config.disable_unicast_decryption = 1; 2421 config.disable_multicast_decryption = 1; 2422 DPRINTF(("Configuring adapter\n")); 2423 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 2424 1); 2425 if (error != 0) 2426 return error; 2427 } 2428 2429 #ifdef IWI_DEBUG 2430 if (iwi_debug > 0) { 2431 printf("Setting ESSID to "); 2432 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2433 printf("\n"); 2434 } 2435 #endif 2436 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2437 if (error != 0) 2438 return error; 2439 2440 /* the rate set has already been "negotiated" */ 2441 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2442 IWI_MODE_11G; 2443 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2444 rs.nrates = ni->ni_rates.rs_nrates; 2445 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2446 DPRINTF(("Setting negociated rates (%u)\n", rs.nrates)); 2447 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2448 if (error != 0) 2449 return error; 2450 2451 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2452 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2453 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2454 wme.wme_oui[0] = 0x00; 2455 wme.wme_oui[1] = 0x50; 2456 wme.wme_oui[2] = 0xf2; 2457 wme.wme_type = WME_OUI_TYPE; 2458 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2459 wme.wme_version = WME_VERSION; 2460 wme.wme_info = 0; 2461 2462 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2463 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2464 if (error != 0) 2465 return error; 2466 } 2467 2468 if (ic->ic_opt_ie != NULL) { 2469 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2470 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2471 ic->ic_opt_ie_len, 1); 2472 if (error != 0) 2473 return error; 2474 } 2475 2476 data = htole32(ni->ni_rssi); 2477 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2478 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2479 if (error != 0) 2480 return error; 2481 2482 memset(&assoc, 0, sizeof assoc); 2483 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2484 IWI_MODE_11G; 2485 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2486 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2487 assoc.auth = ic->ic_crypto.cs_def_txkey << 4 | IWI_AUTH_SHARED; 2488 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2489 assoc.policy |= htole16(IWI_POLICY_WME); 2490 if (ic->ic_flags & IEEE80211_F_WPA) 2491 assoc.policy |= htole16(IWI_POLICY_WPA); 2492 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2493 2494 if (ic->ic_opmode == IEEE80211_M_IBSS) 2495 capinfo = IEEE80211_CAPINFO_IBSS; 2496 else 2497 capinfo = IEEE80211_CAPINFO_ESS; 2498 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2499 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2500 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2501 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2502 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2503 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2504 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2505 assoc.capinfo = htole16(capinfo); 2506 2507 assoc.lintval = htole16(ic->ic_lintval); 2508 assoc.intval = htole16(ni->ni_intval); 2509 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2510 if (ic->ic_opmode == IEEE80211_M_IBSS) 2511 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2512 else 2513 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2514 2515 DPRINTF(("Trying to associate to %6D channel %u auth %u\n", 2516 assoc.bssid, ":", assoc.chan, assoc.auth)); 2517 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2518 } 2519 2520 static void 2521 iwi_init(void *priv) 2522 { 2523 struct iwi_softc *sc = priv; 2524 struct ieee80211com *ic = &sc->sc_ic; 2525 struct ifnet *ifp = ic->ic_ifp; 2526 struct iwi_firmware *fw = &sc->fw; 2527 struct iwi_rx_data *data; 2528 int i; 2529 2530 /* exit immediately if firmware has not been ioctl'd */ 2531 if (!(sc->flags & IWI_FLAG_FW_CACHED)) { 2532 if (!(sc->flags & IWI_FLAG_FW_WARNED)) 2533 device_printf(sc->sc_dev, "Please load firmware\n"); 2534 sc->flags |= IWI_FLAG_FW_WARNED; 2535 ifp->if_flags &= ~IFF_UP; 2536 return; 2537 } 2538 2539 iwi_stop(sc); 2540 2541 if (iwi_reset(sc) != 0) { 2542 device_printf(sc->sc_dev, "could not reset adapter\n"); 2543 goto fail; 2544 } 2545 2546 if (iwi_load_firmware(sc, fw->boot, fw->boot_size) != 0) { 2547 device_printf(sc->sc_dev, "could not load boot firmware\n"); 2548 goto fail; 2549 } 2550 2551 if (iwi_load_ucode(sc, fw->ucode, fw->ucode_size) != 0) { 2552 device_printf(sc->sc_dev, "could not load microcode\n"); 2553 goto fail; 2554 } 2555 2556 iwi_stop_master(sc); 2557 2558 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr); 2559 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2560 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2561 2562 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr); 2563 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2564 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2565 2566 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr); 2567 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2568 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2569 2570 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr); 2571 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2572 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2573 2574 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr); 2575 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2576 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2577 2578 for (i = 0; i < sc->rxq.count; i++) { 2579 data = &sc->rxq.data[i]; 2580 CSR_WRITE_4(sc, data->reg, data->physaddr); 2581 } 2582 2583 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1); 2584 2585 if (iwi_load_firmware(sc, fw->main, fw->main_size) != 0) { 2586 device_printf(sc->sc_dev, "could not load main firmware\n"); 2587 goto fail; 2588 } 2589 2590 sc->flags |= IWI_FLAG_FW_INITED; 2591 2592 if (iwi_config(sc) != 0) { 2593 device_printf(sc->sc_dev, "device configuration failed\n"); 2594 goto fail; 2595 } 2596 2597 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2598 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2599 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2600 } else 2601 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2602 2603 ifp->if_flags &= ~IFF_OACTIVE; 2604 ifp->if_flags |= IFF_RUNNING; 2605 2606 return; 2607 2608 fail: ifp->if_flags &= ~IFF_UP; 2609 iwi_stop(sc); 2610 } 2611 2612 static void 2613 iwi_stop(void *priv) 2614 { 2615 struct iwi_softc *sc = priv; 2616 struct ieee80211com *ic = &sc->sc_ic; 2617 struct ifnet *ifp = ic->ic_ifp; 2618 2619 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2620 2621 iwi_stop_master(sc); 2622 2623 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET); 2624 2625 /* reset rings */ 2626 iwi_reset_cmd_ring(sc, &sc->cmdq); 2627 iwi_reset_tx_ring(sc, &sc->txq[0]); 2628 iwi_reset_tx_ring(sc, &sc->txq[1]); 2629 iwi_reset_tx_ring(sc, &sc->txq[2]); 2630 iwi_reset_tx_ring(sc, &sc->txq[3]); 2631 iwi_reset_rx_ring(sc, &sc->rxq); 2632 2633 sc->sc_tx_timer = 0; 2634 ifp->if_timer = 0; 2635 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2636 } 2637 2638 static int 2639 iwi_sysctl_stats(SYSCTL_HANDLER_ARGS) 2640 { 2641 struct iwi_softc *sc = arg1; 2642 struct ifnet *ifp = &sc->sc_ic.ic_if; 2643 uint32_t size, buf[128]; 2644 2645 lwkt_serialize_enter(ifp->if_serializer); 2646 2647 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 2648 memset(buf, 0, sizeof buf); 2649 goto back; 2650 } 2651 2652 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 2653 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 2654 back: 2655 lwkt_serialize_exit(ifp->if_serializer); 2656 return SYSCTL_OUT(req, buf, sizeof buf); 2657 } 2658 2659 static int 2660 iwi_sysctl_radio(SYSCTL_HANDLER_ARGS) 2661 { 2662 struct iwi_softc *sc = arg1; 2663 struct ifnet *ifp = &sc->sc_ic.ic_if; 2664 int val; 2665 2666 lwkt_serialize_enter(ifp->if_serializer); 2667 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 2668 lwkt_serialize_exit(ifp->if_serializer); 2669 2670 return SYSCTL_OUT(req, &val, sizeof val); 2671 } 2672 2673 static const int8_t iwi_bitmap[256] = { 2674 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2675 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2676 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2677 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2678 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2679 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2680 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2681 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 7, 2682 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2683 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2684 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2685 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2686 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2687 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2688 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2689 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, -1 2690 }; 2691 2692 static int 2693 iwi_alloc_ibss_node(struct iwi_softc *sc) 2694 { 2695 int i; 2696 2697 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2698 2699 for (i = 0; i < IWI_MAX_IBSSNODE_NBYTE; ++i) { 2700 int ret; 2701 2702 ret = iwi_bitmap[sc->sc_ibss_node[i]]; 2703 if (ret != -1) { 2704 sc->sc_ibss_node[i] |= (1 << ret); 2705 ret += (i * NBBY); 2706 return ret; 2707 } 2708 } 2709 return -1; 2710 } 2711 2712 static void 2713 iwi_free_ibss_node(struct iwi_softc *sc, int ibss_node) 2714 { 2715 int i, b; 2716 2717 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2718 KASSERT(ibss_node < IWI_MAX_IBSSNODE, ("free ibss node, out of range")); 2719 2720 i = ibss_node / NBBY; 2721 b = ibss_node % NBBY; 2722 2723 sc->sc_ibss_node[i] &= ~(1 << b); 2724 } 2725