1 /* 2 * Copyright (c) 2004-2006 3 * Damien Bergamini <damien.bergamini@free.fr>. 4 * Copyright (c) 2004, 2005 5 * Andrew Atrens <atrens@nortelnetworks.com>. 6 * 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice unmodified, this list of conditions, and the following 14 * disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.8.2.6 2006/02/23 02:06:46 sam Exp $ 32 * $DragonFly: src/sys/dev/netif/iwi/if_iwi.c,v 1.21 2008/05/14 11:59:20 sephe Exp $ 33 */ 34 35 /*- 36 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 37 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 38 */ 39 40 #include <sys/param.h> 41 #include <sys/sysctl.h> 42 #include <sys/sockio.h> 43 #include <sys/mbuf.h> 44 #include <sys/firmware.h> 45 #include <sys/kernel.h> 46 #include <sys/kthread.h> 47 #include <sys/interrupt.h> 48 #include <sys/socket.h> 49 #include <sys/systm.h> 50 #include <sys/malloc.h> 51 #include <sys/module.h> 52 #include <sys/endian.h> 53 #include <sys/proc.h> 54 #include <sys/priv.h> 55 #include <sys/ucred.h> 56 #include <sys/bus.h> 57 #include <sys/rman.h> 58 #include <sys/serialize.h> 59 60 #include <bus/pci/pcidevs.h> 61 #include <bus/pci/pcireg.h> 62 #include <bus/pci/pcivar.h> 63 64 #include <net/bpf.h> 65 #include <net/if.h> 66 #include <net/if_arp.h> 67 #include <net/ethernet.h> 68 #include <net/if_dl.h> 69 #include <net/if_media.h> 70 #include <net/if_types.h> 71 #include <net/ifq_var.h> 72 73 #include <netproto/802_11/ieee80211_var.h> 74 #include <netproto/802_11/ieee80211_radiotap.h> 75 76 #include <netinet/in.h> 77 #include <netinet/in_systm.h> 78 #include <netinet/in_var.h> 79 #include <netinet/ip.h> 80 #include <netinet/if_ether.h> 81 82 #include <dev/netif/iwi/if_iwireg.h> 83 #include <dev/netif/iwi/if_iwivar.h> 84 85 #ifdef IWI_DEBUG 86 #define DPRINTF(x) do { if (iwi_debug > 0) kprintf x; } while (0) 87 #define DPRINTFN(n, x) do { if (iwi_debug >= (n)) kprintf x; } while (0) 88 int iwi_debug = 0; 89 SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level"); 90 #else 91 #define DPRINTF(x) 92 #define DPRINTFN(n, x) 93 #endif 94 95 static struct iwi_ident { 96 uint16_t vendor; 97 uint16_t device; 98 const char *name; 99 } iwi_ident_table[] = { 100 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2200BG, 101 "Intel(R) PRO/Wireless 2200BG" }, 102 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2225BG, 103 "Intel(R) PRO/Wireless 2225BG" }, 104 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1, 105 "Intel(R) PRO/Wireless 2915ABG" }, 106 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2, 107 "Intel(R) PRO/Wireless 2915ABG" }, 108 { 0, 0, NULL } 109 }; 110 111 static void iwi_fw_monitor(void *); 112 static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 113 static void iwi_dma_map_mbuf(void *, bus_dma_segment_t *, int, bus_size_t, 114 int); 115 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 116 int); 117 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 118 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 119 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 120 int, bus_addr_t, bus_addr_t); 121 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 122 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 123 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 124 int); 125 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 126 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 127 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 128 static void iwi_node_free(struct ieee80211_node *); 129 static int iwi_media_change(struct ifnet *); 130 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 131 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 132 static int iwi_wme_update(struct ieee80211com *); 133 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 134 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 135 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 136 struct iwi_frame *); 137 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 138 static void iwi_rx_intr(struct iwi_softc *); 139 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 140 static void iwi_intr(void *); 141 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 142 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 143 static int iwi_tx_start(struct ifnet *, struct mbuf *, 144 struct ieee80211_node *, int); 145 static void iwi_start(struct ifnet *); 146 static void iwi_watchdog(struct ifnet *); 147 static int iwi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 148 static void iwi_stop_master(struct iwi_softc *); 149 static int iwi_reset(struct iwi_softc *); 150 static int iwi_load_ucode(struct iwi_softc *, void *, int); 151 static int iwi_alloc_firmware(struct iwi_softc *, enum ieee80211_opmode); 152 static int iwi_free_firmware(struct iwi_softc *); 153 static int iwi_load_firmware(struct iwi_softc *, void *, int); 154 static int iwi_config(struct iwi_softc *); 155 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 156 static int iwi_scan(struct iwi_softc *); 157 static int iwi_auth_and_assoc(struct iwi_softc *); 158 static void iwi_init(void *); 159 static void iwi_stop(void *); 160 static int iwi_sysctl_stats(SYSCTL_HANDLER_ARGS); 161 static int iwi_sysctl_radio(SYSCTL_HANDLER_ARGS); 162 163 static int iwi_probe(device_t); 164 static int iwi_attach(device_t); 165 static int iwi_detach(device_t); 166 static int iwi_shutdown(device_t); 167 static int iwi_suspend(device_t); 168 static int iwi_resume(device_t); 169 170 static int iwi_alloc_ibss_node(struct iwi_softc *); 171 static void iwi_free_ibss_node(struct iwi_softc *, int); 172 173 static device_method_t iwi_methods[] = { 174 /* Device interface */ 175 DEVMETHOD(device_probe, iwi_probe), 176 DEVMETHOD(device_attach, iwi_attach), 177 DEVMETHOD(device_detach, iwi_detach), 178 DEVMETHOD(device_shutdown, iwi_shutdown), 179 DEVMETHOD(device_suspend, iwi_suspend), 180 DEVMETHOD(device_resume, iwi_resume), 181 182 { 0, 0 } 183 }; 184 185 static driver_t iwi_driver = { 186 "iwi", 187 iwi_methods, 188 sizeof (struct iwi_softc) 189 }; 190 191 static devclass_t iwi_devclass; 192 193 DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0); 194 195 MODULE_DEPEND(iwi, pci, 1, 1, 1); 196 MODULE_DEPEND(iwi, wlan, 1, 1, 1); 197 198 /* 199 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 200 */ 201 static const struct ieee80211_rateset iwi_rateset_11a = 202 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 203 204 static const struct ieee80211_rateset iwi_rateset_11b = 205 { 4, { 2, 4, 11, 22 } }; 206 207 static const struct ieee80211_rateset iwi_rateset_11g = 208 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 209 210 static void 211 iwi_fw_monitor(void *arg) 212 { 213 struct iwi_softc *sc = arg; 214 struct ifnet *ifp = &sc->sc_ic.ic_if; 215 216 lwkt_serialize_enter(ifp->if_serializer); 217 for (;;) { 218 int error = 0; 219 220 /* 221 * Test to see whether we are detaching, 222 * this is used to avoid race condition 223 * especially when attaching fails. 224 */ 225 if ((sc->flags & IWI_FLAG_EXIT) == 0) { 226 tsleep_interlock(IWI_FW_WAKE_MONITOR(sc), 0); 227 lwkt_serialize_exit(ifp->if_serializer); 228 error = tsleep(IWI_FW_WAKE_MONITOR(sc), 229 PINTERLOCKED, "iwifwm", 0); 230 lwkt_serialize_enter(ifp->if_serializer); 231 } 232 233 if (error == 0) { 234 int boff; 235 236 if (sc->flags & IWI_FLAG_EXIT) 237 break; 238 else if ((sc->flags & IWI_FLAG_RESET) == 0) 239 continue; 240 241 if_printf(ifp, "reset firmware\n"); 242 for (boff = 1; sc->flags & IWI_FLAG_RESET; boff++) { 243 iwi_init(sc); 244 if (sc->flags & IWI_FLAG_FW_INITED) { 245 sc->flags &= ~IWI_FLAG_RESET; 246 } else if (boff > 10) { /* XXX */ 247 if_printf(ifp, "fw reset failed. " 248 "retrying...\n"); 249 250 /* XXX avoid to sleep to long */ 251 boff = 1; 252 } 253 254 /* 255 * Since this would be infinite loop, 256 * if reseting firmware never succeeded, 257 * we test to see whether we are detaching. 258 */ 259 if (sc->flags & IWI_FLAG_EXIT) 260 break; 261 262 tsleep_interlock(IWI_FW_CMD_ACKED(sc), 0); 263 lwkt_serialize_exit(ifp->if_serializer); 264 error = tsleep(IWI_FW_CMD_ACKED(sc), 265 PINTERLOCKED, 266 "iwirun", boff * hz); 267 lwkt_serialize_enter(ifp->if_serializer); 268 } 269 } 270 } 271 lwkt_serialize_exit(ifp->if_serializer); 272 273 if_printf(ifp, "fw monitor exiting\n"); 274 wakeup(IWI_FW_EXIT_MONITOR(sc)); 275 kthread_exit(); 276 } 277 278 static int 279 iwi_probe(device_t dev) 280 { 281 const struct iwi_ident *ident; 282 uint16_t vid, did; 283 284 vid = pci_get_vendor(dev); 285 did = pci_get_device(dev); 286 for (ident = iwi_ident_table; ident->name != NULL; ident++) { 287 if (vid == ident->vendor && did == ident->device) { 288 device_set_desc(dev, ident->name); 289 return 0; 290 } 291 } 292 return ENXIO; 293 } 294 295 /* Base Address Register */ 296 #define IWI_PCI_BAR0 0x10 297 298 static int 299 iwi_attach(device_t dev) 300 { 301 struct iwi_softc *sc = device_get_softc(dev); 302 struct ieee80211com *ic = &sc->sc_ic; 303 struct ifnet *ifp = &ic->ic_if; 304 uint16_t val; 305 int error, i; 306 307 sc->sc_dev = dev; 308 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 309 310 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { 311 device_printf(dev, "chip is in D%d power mode " 312 "-- setting to D0\n", pci_get_powerstate(dev)); 313 pci_set_powerstate(dev, PCI_POWERSTATE_D0); 314 } 315 316 pci_write_config(dev, 0x41, 0, 1); 317 318 /* enable bus-mastering */ 319 pci_enable_busmaster(dev); 320 321 sc->mem_rid = IWI_PCI_BAR0; 322 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid, 323 RF_ACTIVE); 324 if (sc->mem == NULL) { 325 device_printf(dev, "could not allocate memory resource\n"); 326 return ENXIO; 327 } 328 sc->sc_st = rman_get_bustag(sc->mem); 329 sc->sc_sh = rman_get_bushandle(sc->mem); 330 331 sc->irq_rid = 0; 332 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid, 333 RF_ACTIVE | RF_SHAREABLE); 334 if (sc->irq == NULL) { 335 device_printf(dev, "could not allocate interrupt resource\n"); 336 goto fail; 337 } 338 339 if (iwi_reset(sc) != 0) { 340 device_printf(dev, "could not reset adapter\n"); 341 goto fail; 342 } 343 344 /* 345 * Allocate rings. 346 */ 347 error = iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT); 348 if (error != 0) { 349 device_printf(dev, "could not allocate Cmd ring\n"); 350 goto fail; 351 } 352 353 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 354 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 355 if (error != 0) { 356 device_printf(dev, "could not allocate Tx ring 1\n"); 357 goto fail; 358 } 359 360 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 361 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 362 if (error != 0) { 363 device_printf(dev, "could not allocate Tx ring 2\n"); 364 goto fail; 365 } 366 367 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 368 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 369 if (error != 0) { 370 device_printf(dev, "could not allocate Tx ring 3\n"); 371 goto fail; 372 } 373 374 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 375 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 376 if (error != 0) { 377 device_printf(dev, "could not allocate Tx ring 4\n"); 378 goto fail; 379 } 380 381 error = iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT); 382 if (error != 0) { 383 device_printf(dev, "could not allocate Rx ring\n"); 384 goto fail; 385 } 386 387 sysctl_ctx_init(&sc->sysctl_ctx); 388 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx, 389 SYSCTL_STATIC_CHILDREN(_hw), 390 OID_AUTO, 391 device_get_nameunit(dev), 392 CTLFLAG_RD, 393 0, ""); 394 if (sc->sysctl_tree == NULL) { 395 device_printf(dev, "sysctl add node failed\n"); 396 error = EIO; 397 goto fail; 398 } 399 400 ifp->if_softc = sc; 401 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 402 ifp->if_init = iwi_init; 403 ifp->if_ioctl = iwi_ioctl; 404 ifp->if_start = iwi_start; 405 ifp->if_watchdog = iwi_watchdog; 406 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN); 407 ifq_set_ready(&ifp->if_snd); 408 409 ic->ic_wme.wme_update = iwi_wme_update; 410 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 411 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 412 ic->ic_state = IEEE80211_S_INIT; 413 414 /* set device capabilities */ 415 ic->ic_caps = 416 IEEE80211_C_IBSS | /* IBSS mode supported */ 417 IEEE80211_C_MONITOR | /* monitor mode supported */ 418 IEEE80211_C_TXPMGT | /* tx power management */ 419 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 420 IEEE80211_C_WPA | /* 802.11i */ 421 IEEE80211_C_WME; /* 802.11e */ 422 423 /* read MAC address from EEPROM */ 424 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 425 ic->ic_myaddr[0] = val & 0xff; 426 ic->ic_myaddr[1] = val >> 8; 427 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 428 ic->ic_myaddr[2] = val & 0xff; 429 ic->ic_myaddr[3] = val >> 8; 430 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 431 ic->ic_myaddr[4] = val & 0xff; 432 ic->ic_myaddr[5] = val >> 8; 433 434 if (pci_get_device(dev) >= 0x4223) { 435 /* set supported .11a rates (2915ABG only) */ 436 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 437 438 /* set supported .11a channels */ 439 for (i = 36; i <= 64; i += 4) { 440 ic->ic_channels[i].ic_freq = 441 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 442 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 443 } 444 for (i = 149; i <= 165; i += 4) { 445 ic->ic_channels[i].ic_freq = 446 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 447 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 448 } 449 } 450 451 /* set supported .11b and .11g rates */ 452 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 453 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 454 455 /* set supported .11b and .11g channels (1 through 14) */ 456 for (i = 1; i <= 14; i++) { 457 ic->ic_channels[i].ic_freq = 458 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 459 ic->ic_channels[i].ic_flags = 460 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 461 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 462 } 463 464 ieee80211_ifattach(ic); 465 /* override default methods */ 466 ic->ic_node_alloc = iwi_node_alloc; 467 sc->sc_node_free = ic->ic_node_free; 468 ic->ic_node_free = iwi_node_free; 469 /* override state transition machine */ 470 sc->sc_newstate = ic->ic_newstate; 471 ic->ic_newstate = iwi_newstate; 472 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 473 474 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO, 475 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 476 477 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 478 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 479 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 480 481 sc->sc_txtap_len = sizeof sc->sc_txtapu; 482 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 483 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 484 485 /* 486 * Add a few sysctl knobs. 487 */ 488 sc->dwelltime = 100; 489 sc->bluetooth = 1; 490 sc->antenna = 0; 491 492 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 493 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "radio", 494 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I", 495 "radio transmitter switch state (0=off, 1=on)"); 496 497 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 498 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "stats", 499 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S", 500 "statistics"); 501 502 SYSCTL_ADD_INT(&sc->sysctl_ctx, 503 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell", 504 CTLFLAG_RW, &sc->dwelltime, 0, 505 "channel dwell time (ms) for AP/station scanning"); 506 507 SYSCTL_ADD_INT(&sc->sysctl_ctx, 508 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "bluetooth", 509 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence"); 510 511 SYSCTL_ADD_INT(&sc->sysctl_ctx, 512 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "antenna", 513 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)"); 514 515 /* 516 * Start firmware monitoring thread 517 * 518 * NOTE: 519 * This should be done only after serializer is initialized, 520 * i.e. after ieee80211_ifattach(), because serializer will be 521 * held once iwi_fw_monitor() is entered. 522 */ 523 error = kthread_create(iwi_fw_monitor, sc, &sc->sc_fw_monitor, 524 "%s:fw-monitor", device_get_nameunit(dev)); 525 if (error) { 526 device_printf(dev, "could not create fw monitor\n"); 527 goto fail1; 528 } 529 sc->flags |= IWI_FLAG_MONITOR; 530 531 /* 532 * Hook our interrupt after all initialization is complete. 533 */ 534 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, iwi_intr, sc, 535 &sc->sc_ih, ifp->if_serializer); 536 if (error != 0) { 537 device_printf(dev, "could not set up interrupt\n"); 538 goto fail1; 539 } 540 541 ifp->if_cpuid = ithread_cpuid(rman_get_start(sc->irq)); 542 KKASSERT(ifp->if_cpuid >= 0 && ifp->if_cpuid < ncpus); 543 544 if (bootverbose) 545 ieee80211_announce(ic); 546 547 return 0; 548 549 fail1: 550 bpfdetach(ifp); 551 ieee80211_ifdetach(ic); 552 fail: 553 iwi_detach(dev); 554 return ENXIO; 555 } 556 557 static int 558 iwi_detach(device_t dev) 559 { 560 struct iwi_softc *sc = device_get_softc(dev); 561 struct ieee80211com *ic = &sc->sc_ic; 562 struct ifnet *ifp = ic->ic_ifp; 563 564 if (sc->flags & IWI_FLAG_MONITOR) { 565 lwkt_serialize_enter(ifp->if_serializer); 566 sc->flags |= IWI_FLAG_EXIT; 567 wakeup(IWI_FW_WAKE_MONITOR(sc)); 568 569 tsleep_interlock(IWI_FW_EXIT_MONITOR(sc), 0); 570 lwkt_serialize_exit(ifp->if_serializer); 571 tsleep(IWI_FW_EXIT_MONITOR(sc), PINTERLOCKED, "iwiexi", 0); 572 /* No need to hold serializer again */ 573 574 if_printf(ifp, "fw monitor exited\n"); 575 } 576 577 if (device_is_attached(dev)) { 578 lwkt_serialize_enter(ifp->if_serializer); 579 580 iwi_stop(sc); 581 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 582 iwi_free_firmware(sc); 583 584 lwkt_serialize_exit(ifp->if_serializer); 585 586 bpfdetach(ifp); 587 ieee80211_ifdetach(ic); 588 } 589 590 iwi_free_cmd_ring(sc, &sc->cmdq); 591 iwi_free_tx_ring(sc, &sc->txq[0]); 592 iwi_free_tx_ring(sc, &sc->txq[1]); 593 iwi_free_tx_ring(sc, &sc->txq[2]); 594 iwi_free_tx_ring(sc, &sc->txq[3]); 595 iwi_free_rx_ring(sc, &sc->rxq); 596 597 if (sc->irq != NULL) 598 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq); 599 600 if (sc->mem != NULL) 601 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem); 602 603 if (sc->sysctl_tree != NULL) 604 sysctl_ctx_free(&sc->sysctl_ctx); 605 606 return 0; 607 } 608 609 static void 610 iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 611 { 612 if (error != 0) 613 return; 614 615 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 616 617 *(bus_addr_t *)arg = segs[0].ds_addr; 618 } 619 620 static int 621 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count) 622 { 623 int error; 624 625 ring->count = count; 626 ring->queued = 0; 627 ring->cur = ring->next = 0; 628 629 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 630 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_CMD_DESC_SIZE, 1, 631 count * IWI_CMD_DESC_SIZE, 0, &ring->desc_dmat); 632 if (error != 0) { 633 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 634 goto fail; 635 } 636 637 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 638 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 639 if (error != 0) { 640 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 641 goto fail; 642 } 643 644 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 645 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 646 if (error != 0) { 647 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 648 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 649 ring->desc = NULL; 650 return error; 651 } 652 653 return 0; 654 655 fail: iwi_free_cmd_ring(sc, ring); 656 return error; 657 } 658 659 static void 660 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 661 { 662 ring->queued = 0; 663 ring->cur = ring->next = 0; 664 } 665 666 static void 667 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 668 { 669 if (ring->desc != NULL) { 670 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 671 BUS_DMASYNC_POSTWRITE); 672 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 673 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 674 ring->desc = NULL; 675 } 676 677 if (ring->desc_dmat != NULL) { 678 bus_dma_tag_destroy(ring->desc_dmat); 679 ring->desc_dmat = NULL; 680 } 681 } 682 683 static int 684 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count, 685 bus_addr_t csr_ridx, bus_addr_t csr_widx) 686 { 687 int i, error; 688 689 ring->count = count; 690 ring->queued = 0; 691 ring->cur = ring->next = 0; 692 ring->csr_ridx = csr_ridx; 693 ring->csr_widx = csr_widx; 694 695 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 696 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_TX_DESC_SIZE, 1, 697 count * IWI_TX_DESC_SIZE, 0, &ring->desc_dmat); 698 if (error != 0) { 699 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 700 goto fail; 701 } 702 703 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 704 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 705 if (error != 0) { 706 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 707 goto fail; 708 } 709 710 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 711 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 712 if (error != 0) { 713 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 714 715 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 716 ring->desc = NULL; 717 goto fail; 718 } 719 720 ring->data = kmalloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 721 M_WAITOK | M_ZERO); 722 723 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 724 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, IWI_MAX_NSEG - 2, 725 MCLBYTES, 0, &ring->data_dmat); 726 if (error != 0) { 727 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 728 goto fail; 729 } 730 731 for (i = 0; i < count; i++) { 732 error = bus_dmamap_create(ring->data_dmat, 0, 733 &ring->data[i].map); 734 if (error != 0) { 735 device_printf(sc->sc_dev, "could not create DMA map\n"); 736 goto fail; 737 } 738 } 739 740 return 0; 741 742 fail: iwi_free_tx_ring(sc, ring); 743 return error; 744 } 745 746 static void 747 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 748 { 749 struct iwi_tx_data *data; 750 int i; 751 752 for (i = 0; i < ring->count; i++) { 753 data = &ring->data[i]; 754 755 if (data->m != NULL) { 756 bus_dmamap_sync(ring->data_dmat, data->map, 757 BUS_DMASYNC_POSTWRITE); 758 bus_dmamap_unload(ring->data_dmat, data->map); 759 m_freem(data->m); 760 data->m = NULL; 761 } 762 763 if (data->ni != NULL) { 764 ieee80211_free_node(data->ni); 765 data->ni = NULL; 766 } 767 } 768 769 ring->queued = 0; 770 ring->cur = ring->next = 0; 771 } 772 773 static void 774 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 775 { 776 struct iwi_tx_data *data; 777 int i; 778 779 if (ring->desc != NULL) { 780 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 781 BUS_DMASYNC_POSTWRITE); 782 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 783 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 784 ring->desc = NULL; 785 } 786 787 if (ring->desc_dmat != NULL) { 788 bus_dma_tag_destroy(ring->desc_dmat); 789 ring->desc_dmat = NULL; 790 } 791 792 if (ring->data != NULL) { 793 for (i = 0; i < ring->count; i++) { 794 data = &ring->data[i]; 795 796 if (data->m != NULL) { 797 bus_dmamap_sync(ring->data_dmat, data->map, 798 BUS_DMASYNC_POSTWRITE); 799 bus_dmamap_unload(ring->data_dmat, data->map); 800 m_freem(data->m); 801 data->m = NULL; 802 } 803 804 if (data->ni != NULL) { 805 ieee80211_free_node(data->ni); 806 data->ni = NULL; 807 } 808 809 if (data->map != NULL) { 810 bus_dmamap_destroy(ring->data_dmat, data->map); 811 data->map = NULL; 812 } 813 } 814 815 kfree(ring->data, M_DEVBUF); 816 ring->data = NULL; 817 } 818 819 if (ring->data_dmat != NULL) { 820 bus_dma_tag_destroy(ring->data_dmat); 821 ring->data_dmat = NULL; 822 } 823 } 824 825 static int 826 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count) 827 { 828 struct iwi_rx_data *data; 829 int i, error; 830 831 ring->count = count; 832 ring->cur = 0; 833 834 ring->data = kmalloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 835 M_WAITOK | M_ZERO); 836 837 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 838 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, 839 &ring->data_dmat); 840 if (error != 0) { 841 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 842 goto fail; 843 } 844 845 for (i = 0; i < count; i++) { 846 data = &ring->data[i]; 847 848 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 849 if (error != 0) { 850 device_printf(sc->sc_dev, "could not create DMA map\n"); 851 goto fail; 852 } 853 854 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR); 855 if (data->m == NULL) { 856 device_printf(sc->sc_dev, 857 "could not allocate rx mbuf\n"); 858 error = ENOMEM; 859 goto fail; 860 } 861 862 error = bus_dmamap_load(ring->data_dmat, data->map, 863 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 864 &data->physaddr, 0); 865 if (error != 0) { 866 device_printf(sc->sc_dev, 867 "could not load rx buf DMA map"); 868 869 m_freem(data->m); 870 data->m = NULL; 871 goto fail; 872 } 873 874 data->reg = IWI_CSR_RX_BASE + i * 4; 875 } 876 877 return 0; 878 879 fail: iwi_free_rx_ring(sc, ring); 880 return error; 881 } 882 883 static void 884 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 885 { 886 ring->cur = 0; 887 } 888 889 static void 890 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 891 { 892 struct iwi_rx_data *data; 893 int i; 894 895 if (ring->data != NULL) { 896 for (i = 0; i < ring->count; i++) { 897 data = &ring->data[i]; 898 899 if (data->m != NULL) { 900 bus_dmamap_sync(ring->data_dmat, data->map, 901 BUS_DMASYNC_POSTREAD); 902 bus_dmamap_unload(ring->data_dmat, data->map); 903 m_freem(data->m); 904 data->m = NULL; 905 } 906 907 if (data->map != NULL) { 908 bus_dmamap_destroy(ring->data_dmat, data->map); 909 data->map = NULL; 910 } 911 } 912 913 kfree(ring->data, M_DEVBUF); 914 ring->data = NULL; 915 } 916 917 if (ring->data_dmat != NULL) { 918 bus_dma_tag_destroy(ring->data_dmat); 919 ring->data_dmat = NULL; 920 } 921 } 922 923 static int 924 iwi_shutdown(device_t dev) 925 { 926 struct iwi_softc *sc = device_get_softc(dev); 927 struct ifnet *ifp = &sc->sc_ic.ic_if; 928 929 lwkt_serialize_enter(ifp->if_serializer); 930 iwi_stop(sc); 931 lwkt_serialize_exit(ifp->if_serializer); 932 933 return 0; 934 } 935 936 static int 937 iwi_suspend(device_t dev) 938 { 939 struct iwi_softc *sc = device_get_softc(dev); 940 struct ifnet *ifp = &sc->sc_ic.ic_if; 941 942 lwkt_serialize_enter(ifp->if_serializer); 943 iwi_stop(sc); 944 lwkt_serialize_exit(ifp->if_serializer); 945 946 return 0; 947 } 948 949 static int 950 iwi_resume(device_t dev) 951 { 952 struct iwi_softc *sc = device_get_softc(dev); 953 struct ifnet *ifp = sc->sc_ic.ic_ifp; 954 955 lwkt_serialize_enter(ifp->if_serializer); 956 957 pci_write_config(dev, 0x41, 0, 1); 958 959 if (ifp->if_flags & IFF_UP) { 960 ifp->if_init(ifp->if_softc); 961 if (ifp->if_flags & IFF_RUNNING) 962 if_devstart(ifp); 963 } 964 965 lwkt_serialize_exit(ifp->if_serializer); 966 967 return 0; 968 } 969 970 static struct ieee80211_node * 971 iwi_node_alloc(struct ieee80211_node_table *nt) 972 { 973 struct iwi_node *in; 974 975 in = kmalloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 976 if (in == NULL) 977 return NULL; 978 979 in->in_station = -1; 980 981 return &in->in_node; 982 } 983 984 static void 985 iwi_node_free(struct ieee80211_node *ni) 986 { 987 struct ieee80211com *ic = ni->ni_ic; 988 struct iwi_softc *sc = ic->ic_ifp->if_softc; 989 struct iwi_node *in = (struct iwi_node *)ni; 990 991 if (in->in_station != -1) 992 iwi_free_ibss_node(sc, in->in_station); 993 994 sc->sc_node_free(ni); 995 } 996 997 static int 998 iwi_media_change(struct ifnet *ifp) 999 { 1000 struct iwi_softc *sc = ifp->if_softc; 1001 int error; 1002 1003 ASSERT_SERIALIZED(ifp->if_serializer); 1004 1005 error = ieee80211_media_change(ifp); 1006 if (error != ENETRESET) 1007 return error; 1008 1009 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1010 iwi_init(sc); 1011 return 0; 1012 } 1013 1014 /* 1015 * Convert h/w rate code to IEEE rate code. 1016 */ 1017 static int 1018 iwi_cvtrate(int iwirate) 1019 { 1020 switch (iwirate) { 1021 case IWI_RATE_DS1: return 2; 1022 case IWI_RATE_DS2: return 4; 1023 case IWI_RATE_DS5: return 11; 1024 case IWI_RATE_DS11: return 22; 1025 case IWI_RATE_OFDM6: return 12; 1026 case IWI_RATE_OFDM9: return 18; 1027 case IWI_RATE_OFDM12: return 24; 1028 case IWI_RATE_OFDM18: return 36; 1029 case IWI_RATE_OFDM24: return 48; 1030 case IWI_RATE_OFDM36: return 72; 1031 case IWI_RATE_OFDM48: return 96; 1032 case IWI_RATE_OFDM54: return 108; 1033 } 1034 return 0; 1035 } 1036 1037 /* 1038 * The firmware automatically adapts the transmit speed. We report its current 1039 * value here. 1040 */ 1041 static void 1042 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 1043 { 1044 struct iwi_softc *sc = ifp->if_softc; 1045 struct ieee80211com *ic = &sc->sc_ic; 1046 int rate; 1047 1048 imr->ifm_status = IFM_AVALID; 1049 imr->ifm_active = IFM_IEEE80211; 1050 if (ic->ic_state == IEEE80211_S_RUN) 1051 imr->ifm_status |= IFM_ACTIVE; 1052 1053 /* read current transmission rate from adapter */ 1054 rate = iwi_cvtrate(CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE)); 1055 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 1056 1057 if (ic->ic_opmode == IEEE80211_M_IBSS) 1058 imr->ifm_active |= IFM_IEEE80211_ADHOC; 1059 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1060 imr->ifm_active |= IFM_IEEE80211_MONITOR; 1061 } 1062 1063 static int 1064 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1065 { 1066 struct ifnet *ifp = ic->ic_ifp; 1067 struct iwi_softc *sc = ifp->if_softc; 1068 enum ieee80211_state ostate; 1069 uint32_t tmp; 1070 1071 ostate = ic->ic_state; 1072 1073 switch (nstate) { 1074 case IEEE80211_S_SCAN: 1075 if (sc->flags & IWI_FLAG_SCANNING) 1076 break; 1077 1078 ieee80211_node_table_reset(&ic->ic_scan); 1079 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1080 sc->flags |= IWI_FLAG_SCANNING; 1081 iwi_scan(sc); 1082 break; 1083 1084 case IEEE80211_S_AUTH: 1085 iwi_auth_and_assoc(sc); 1086 break; 1087 1088 case IEEE80211_S_RUN: 1089 if (ic->ic_opmode == IEEE80211_M_IBSS) 1090 iwi_auth_and_assoc(sc); 1091 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1092 iwi_set_chan(sc, ic->ic_ibss_chan); 1093 1094 /* assoc led on */ 1095 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1096 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp | IWI_LED_ASSOC); 1097 1098 return sc->sc_newstate(ic, nstate, 1099 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1100 1101 case IEEE80211_S_ASSOC: 1102 break; 1103 1104 case IEEE80211_S_INIT: 1105 sc->flags &= ~IWI_FLAG_SCANNING; 1106 1107 if (ostate != IEEE80211_S_RUN) 1108 break; 1109 1110 /* assoc led off */ 1111 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1112 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp & ~IWI_LED_ASSOC); 1113 break; 1114 } 1115 1116 ic->ic_state = nstate; 1117 1118 return 0; 1119 } 1120 1121 /* 1122 * WME parameters coming from IEEE 802.11e specification. These values are 1123 * already declared in ieee80211_proto.c, but they are static so they can't 1124 * be reused here. 1125 */ 1126 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1127 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1128 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1129 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1130 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1131 }; 1132 1133 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1134 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1135 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1136 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1137 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1138 }; 1139 1140 static int 1141 iwi_wme_update(struct ieee80211com *ic) 1142 { 1143 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1144 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1145 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1146 struct iwi_wme_params wme[3]; 1147 const struct wmeParams *wmep; 1148 int ac; 1149 1150 /* 1151 * We shall not override firmware default WME values if WME is not 1152 * actually enabled. 1153 */ 1154 if (!(ic->ic_flags & IEEE80211_F_WME)) 1155 return 0; 1156 1157 for (ac = 0; ac < WME_NUM_AC; ac++) { 1158 /* set WME values for current operating mode */ 1159 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1160 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1161 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1162 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1163 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1164 wme[0].acm[ac] = wmep->wmep_acm; 1165 1166 /* set WME values for CCK modulation */ 1167 wmep = &iwi_wme_cck_params[ac]; 1168 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1169 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1170 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1171 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1172 wme[1].acm[ac] = wmep->wmep_acm; 1173 1174 /* set WME values for OFDM modulation */ 1175 wmep = &iwi_wme_ofdm_params[ac]; 1176 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1177 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1178 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1179 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1180 wme[2].acm[ac] = wmep->wmep_acm; 1181 } 1182 1183 DPRINTF(("Setting WME parameters\n")); 1184 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1185 #undef IWI_USEC 1186 #undef IWI_EXP2 1187 } 1188 1189 /* 1190 * Read 16 bits at address 'addr' from the serial EEPROM. 1191 */ 1192 static uint16_t 1193 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1194 { 1195 uint32_t tmp; 1196 uint16_t val; 1197 int n; 1198 1199 /* Clock C once before the first command */ 1200 IWI_EEPROM_CTL(sc, 0); 1201 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1202 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1203 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1204 1205 /* Write start bit (1) */ 1206 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1207 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1208 1209 /* Write READ opcode (10) */ 1210 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1211 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1212 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1213 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1214 1215 /* Write address A7-A0 */ 1216 for (n = 7; n >= 0; n--) { 1217 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1218 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1219 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1220 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1221 } 1222 1223 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1224 1225 /* Read data Q15-Q0 */ 1226 val = 0; 1227 for (n = 15; n >= 0; n--) { 1228 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1229 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1230 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1231 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1232 } 1233 1234 IWI_EEPROM_CTL(sc, 0); 1235 1236 /* Clear Chip Select and clock C */ 1237 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1238 IWI_EEPROM_CTL(sc, 0); 1239 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1240 1241 return val; 1242 } 1243 1244 /* 1245 * XXX: Hack to set the current channel to the value advertised in beacons or 1246 * probe responses. Only used during AP detection. 1247 */ 1248 static void 1249 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1250 { 1251 struct ieee80211_frame *wh; 1252 uint8_t subtype; 1253 uint8_t *frm, *efrm; 1254 1255 wh = mtod(m, struct ieee80211_frame *); 1256 1257 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1258 return; 1259 1260 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1261 1262 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1263 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1264 return; 1265 1266 frm = (uint8_t *)(wh + 1); 1267 efrm = mtod(m, uint8_t *) + m->m_len; 1268 1269 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1270 while (frm < efrm) { 1271 if (*frm == IEEE80211_ELEMID_DSPARMS) 1272 #if IEEE80211_CHAN_MAX < 255 1273 if (frm[2] <= IEEE80211_CHAN_MAX) 1274 #endif 1275 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1276 1277 frm += frm[1] + 2; 1278 } 1279 } 1280 1281 static void 1282 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1283 struct iwi_frame *frame) 1284 { 1285 struct ieee80211com *ic = &sc->sc_ic; 1286 struct ifnet *ifp = ic->ic_ifp; 1287 struct mbuf *mnew, *m; 1288 struct ieee80211_frame *wh; 1289 struct ieee80211_node *ni; 1290 int error; 1291 1292 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1293 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1294 1295 if (le16toh(frame->len) < sizeof (struct ieee80211_frame)) 1296 return; 1297 1298 /* 1299 * Try to allocate a new mbuf for this ring element and load it before 1300 * processing the current mbuf. If the ring element cannot be loaded, 1301 * drop the received packet and reuse the old mbuf. In the unlikely 1302 * case that the old mbuf can't be reloaded either, explicitly panic. 1303 */ 1304 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR); 1305 if (mnew == NULL) { 1306 ifp->if_ierrors++; 1307 return; 1308 } 1309 1310 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1311 1312 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1313 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr, 1314 0); 1315 if (error != 0) { 1316 m_freem(mnew); 1317 1318 /* try to reload the old mbuf */ 1319 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1320 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 1321 &data->physaddr, 0); 1322 if (error != 0) { 1323 /* very unlikely that it will fail... */ 1324 panic("%s: could not load old rx mbuf", 1325 device_get_name(sc->sc_dev)); 1326 } 1327 ifp->if_ierrors++; 1328 return; 1329 } 1330 1331 /* 1332 * New mbuf successfully loaded, update Rx ring and continue 1333 * processing. 1334 */ 1335 m = data->m; 1336 data->m = mnew; 1337 CSR_WRITE_4(sc, data->reg, data->physaddr); 1338 1339 /* Finalize mbuf */ 1340 m->m_pkthdr.rcvif = ifp; 1341 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1342 sizeof (struct iwi_frame) + le16toh(frame->len); 1343 1344 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1345 1346 if (ic->ic_state == IEEE80211_S_SCAN) 1347 iwi_fix_channel(ic, m); 1348 1349 if (sc->sc_drvbpf != NULL) { 1350 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1351 1352 tap->wr_flags = 0; 1353 tap->wr_rate = frame->rate; 1354 tap->wr_chan_freq = 1355 htole16(ic->ic_channels[frame->chan].ic_freq); 1356 tap->wr_chan_flags = 1357 htole16(ic->ic_channels[frame->chan].ic_flags); 1358 tap->wr_antsignal = frame->signal; 1359 tap->wr_antenna = frame->antenna; 1360 1361 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len); 1362 } 1363 1364 wh = mtod(m, struct ieee80211_frame *); 1365 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1366 1367 /* send the frame to the 802.11 layer */ 1368 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1369 1370 /* node is no longer needed */ 1371 ieee80211_free_node(ni); 1372 } 1373 1374 static void 1375 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1376 { 1377 struct ieee80211com *ic = &sc->sc_ic; 1378 struct iwi_notif_scan_channel *chan; 1379 struct iwi_notif_scan_complete *scan; 1380 struct iwi_notif_authentication *auth; 1381 struct iwi_notif_association *assoc; 1382 1383 switch (notif->type) { 1384 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1385 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1386 1387 DPRINTFN(2, ("Scanning channel (%u)\n", chan->nchan)); 1388 break; 1389 1390 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1391 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1392 1393 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1394 scan->status)); 1395 1396 /* monitor mode uses scan to set the channel ... */ 1397 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1398 sc->flags &= ~IWI_FLAG_SCANNING; 1399 ieee80211_end_scan(ic); 1400 } else 1401 iwi_set_chan(sc, ic->ic_ibss_chan); 1402 break; 1403 1404 case IWI_NOTIF_TYPE_AUTHENTICATION: 1405 auth = (struct iwi_notif_authentication *)(notif + 1); 1406 1407 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1408 1409 switch (auth->state) { 1410 case IWI_AUTHENTICATED: 1411 ieee80211_node_authorize(ic->ic_bss); 1412 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1413 break; 1414 1415 case IWI_DEAUTHENTICATED: 1416 break; 1417 1418 default: 1419 device_printf(sc->sc_dev, 1420 "unknown authentication state %u\n", auth->state); 1421 } 1422 break; 1423 1424 case IWI_NOTIF_TYPE_ASSOCIATION: 1425 assoc = (struct iwi_notif_association *)(notif + 1); 1426 1427 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1428 assoc->status)); 1429 1430 switch (assoc->state) { 1431 case IWI_AUTHENTICATED: 1432 /* re-association, do nothing */ 1433 break; 1434 1435 case IWI_ASSOCIATED: 1436 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1437 break; 1438 1439 case IWI_DEASSOCIATED: 1440 ieee80211_begin_scan(ic, 1); 1441 break; 1442 1443 default: 1444 device_printf(sc->sc_dev, 1445 "unknown association state %u\n", assoc->state); 1446 } 1447 break; 1448 1449 default: 1450 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1451 } 1452 } 1453 1454 static void 1455 iwi_rx_intr(struct iwi_softc *sc) 1456 { 1457 struct iwi_rx_data *data; 1458 struct iwi_hdr *hdr; 1459 uint32_t hw; 1460 1461 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1462 1463 for (; sc->rxq.cur != hw;) { 1464 data = &sc->rxq.data[sc->rxq.cur]; 1465 1466 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1467 BUS_DMASYNC_POSTREAD); 1468 1469 hdr = mtod(data->m, struct iwi_hdr *); 1470 1471 switch (hdr->type) { 1472 case IWI_HDR_TYPE_FRAME: 1473 iwi_frame_intr(sc, data, sc->rxq.cur, 1474 (struct iwi_frame *)(hdr + 1)); 1475 break; 1476 1477 case IWI_HDR_TYPE_NOTIF: 1478 iwi_notification_intr(sc, 1479 (struct iwi_notif *)(hdr + 1)); 1480 break; 1481 1482 default: 1483 device_printf(sc->sc_dev, "unknown hdr type %u\n", 1484 hdr->type); 1485 } 1486 1487 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1488 1489 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT; 1490 } 1491 1492 /* Tell the firmware what we have processed */ 1493 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1; 1494 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1495 } 1496 1497 static void 1498 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1499 { 1500 struct ieee80211com *ic = &sc->sc_ic; 1501 struct ifnet *ifp = ic->ic_ifp; 1502 struct iwi_tx_data *data; 1503 uint32_t hw; 1504 1505 hw = CSR_READ_4(sc, txq->csr_ridx); 1506 1507 for (; txq->next != hw;) { 1508 data = &txq->data[txq->next]; 1509 1510 bus_dmamap_sync(txq->data_dmat, data->map, 1511 BUS_DMASYNC_POSTWRITE); 1512 bus_dmamap_unload(txq->data_dmat, data->map); 1513 m_freem(data->m); 1514 data->m = NULL; 1515 ieee80211_free_node(data->ni); 1516 data->ni = NULL; 1517 1518 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1519 1520 ifp->if_opackets++; 1521 1522 txq->queued--; 1523 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT; 1524 } 1525 1526 sc->sc_tx_timer = 0; 1527 ifp->if_flags &= ~IFF_OACTIVE; 1528 if_devstart(ifp); 1529 } 1530 1531 static void 1532 iwi_intr(void *arg) 1533 { 1534 struct iwi_softc *sc = arg; 1535 uint32_t r; 1536 1537 r = CSR_READ_4(sc, IWI_CSR_INTR); 1538 if (r == 0 || r == 0xffffffff) 1539 return; 1540 1541 /* disable interrupts */ 1542 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1543 1544 if (r & IWI_INTR_FATAL_ERROR) { 1545 device_printf(sc->sc_dev, "fatal error\n"); 1546 1547 if ((sc->flags & (IWI_FLAG_EXIT | IWI_FLAG_RESET)) == 0) { 1548 sc->flags |= IWI_FLAG_RESET; 1549 device_printf(sc->sc_dev, "wake firmware monitor\n"); 1550 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1551 } 1552 } 1553 1554 if (r & IWI_INTR_PARITY_ERROR) { 1555 device_printf(sc->sc_dev, "parity error\n"); 1556 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1557 iwi_stop(sc); 1558 } 1559 1560 if (r & IWI_INTR_FW_INITED) { 1561 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1562 wakeup(IWI_FW_INITIALIZED(sc)); 1563 } 1564 1565 if (r & IWI_INTR_RADIO_OFF) { 1566 DPRINTF(("radio transmitter turned off\n")); 1567 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1568 iwi_stop(sc); 1569 } 1570 1571 if (r & IWI_INTR_CMD_DONE) 1572 wakeup(IWI_FW_CMD_ACKED(sc)); 1573 1574 if (r & IWI_INTR_TX1_DONE) 1575 iwi_tx_intr(sc, &sc->txq[0]); 1576 1577 if (r & IWI_INTR_TX2_DONE) 1578 iwi_tx_intr(sc, &sc->txq[1]); 1579 1580 if (r & IWI_INTR_TX3_DONE) 1581 iwi_tx_intr(sc, &sc->txq[2]); 1582 1583 if (r & IWI_INTR_TX4_DONE) 1584 iwi_tx_intr(sc, &sc->txq[3]); 1585 1586 if (r & IWI_INTR_RX_DONE) 1587 iwi_rx_intr(sc); 1588 1589 /* acknowledge interrupts */ 1590 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1591 1592 /* re-enable interrupts */ 1593 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 1594 } 1595 1596 static int 1597 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, int async) 1598 { 1599 struct iwi_cmd_desc *desc; 1600 struct ifnet *ifp = &sc->sc_ic.ic_if; 1601 int ret; 1602 1603 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1604 1605 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1606 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1607 desc->type = type; 1608 desc->len = len; 1609 memcpy(desc->data, data, len); 1610 1611 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map, 1612 BUS_DMASYNC_PREWRITE); 1613 1614 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1615 type, len)); 1616 1617 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT; 1618 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1619 1620 if (!async) { 1621 ASSERT_SERIALIZED(ifp->if_serializer); 1622 1623 tsleep_interlock(IWI_FW_CMD_ACKED(sc), 0); 1624 lwkt_serialize_exit(ifp->if_serializer); 1625 ret = tsleep(IWI_FW_CMD_ACKED(sc), PINTERLOCKED, "iwicmd", hz); 1626 lwkt_serialize_enter(ifp->if_serializer); 1627 } else { 1628 ret = 0; 1629 } 1630 1631 return ret; 1632 } 1633 1634 static void 1635 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1636 { 1637 struct iwi_ibssnode node; 1638 1639 /* write node information into NIC memory */ 1640 memset(&node, 0, sizeof node); 1641 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1642 1643 CSR_WRITE_REGION_1(sc, 1644 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1645 (uint8_t *)&node, sizeof node); 1646 } 1647 1648 struct iwi_dma_mapping { 1649 bus_dma_segment_t segs[IWI_MAX_NSEG]; 1650 int nseg; 1651 bus_size_t mapsize; 1652 }; 1653 1654 static void 1655 iwi_dma_map_mbuf(void *arg, bus_dma_segment_t *segs, int nseg, 1656 bus_size_t mapsize, int error) 1657 { 1658 struct iwi_dma_mapping *map = arg; 1659 1660 if (error != 0) 1661 return; 1662 1663 KASSERT(nseg <= IWI_MAX_NSEG, ("too many DMA segments %d", nseg)); 1664 1665 bcopy(segs, map->segs, nseg * sizeof(bus_dma_segment_t)); 1666 map->nseg = nseg; 1667 map->mapsize = mapsize; 1668 } 1669 1670 static int 1671 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1672 int ac) 1673 { 1674 struct iwi_softc *sc = ifp->if_softc; 1675 struct ieee80211com *ic = &sc->sc_ic; 1676 struct iwi_node *in = (struct iwi_node *)ni; 1677 struct ieee80211_frame *wh; 1678 struct ieee80211_key *k; 1679 const struct chanAccParams *cap; 1680 struct iwi_tx_ring *txq = &sc->txq[ac]; 1681 struct iwi_tx_data *data; 1682 struct iwi_tx_desc *desc; 1683 struct mbuf *mnew; 1684 struct iwi_dma_mapping map; 1685 int error, hdrlen, i, noack = 0; 1686 1687 wh = mtod(m0, struct ieee80211_frame *); 1688 1689 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1690 hdrlen = sizeof (struct ieee80211_qosframe); 1691 cap = &ic->ic_wme.wme_chanParams; 1692 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1693 } else 1694 hdrlen = sizeof (struct ieee80211_frame); 1695 1696 /* 1697 * This is only used in IBSS mode where the firmware expect an index 1698 * in a h/w table instead of a destination address. 1699 */ 1700 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1701 in->in_station = iwi_alloc_ibss_node(sc); 1702 if (in->in_station == -1) { /* h/w table is full */ 1703 m_freem(m0); 1704 ieee80211_free_node(ni); 1705 ifp->if_oerrors++; 1706 if_printf(ifp, "ibss table is full\n"); 1707 return 0; 1708 } 1709 iwi_write_ibssnode(sc, in); 1710 } 1711 1712 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1713 k = ieee80211_crypto_encap(ic, ni, m0); 1714 if (k == NULL) { 1715 m_freem(m0); 1716 return ENOBUFS; 1717 } 1718 1719 /* packet header may have moved, reset our local pointer */ 1720 wh = mtod(m0, struct ieee80211_frame *); 1721 } 1722 1723 if (sc->sc_drvbpf != NULL) { 1724 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1725 1726 tap->wt_flags = 0; 1727 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1728 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1729 1730 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len); 1731 } 1732 1733 data = &txq->data[txq->cur]; 1734 desc = &txq->desc[txq->cur]; 1735 1736 /* save and trim IEEE802.11 header */ 1737 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1738 m_adj(m0, hdrlen); 1739 1740 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1741 iwi_dma_map_mbuf, &map, BUS_DMA_NOWAIT); 1742 if (error != 0 && error != EFBIG) { 1743 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1744 error); 1745 m_freem(m0); 1746 return error; 1747 } 1748 if (error != 0) { 1749 mnew = m_defrag(m0, MB_DONTWAIT); 1750 if (mnew == NULL) { 1751 device_printf(sc->sc_dev, 1752 "could not defragment mbuf\n"); 1753 m_freem(m0); 1754 return ENOBUFS; 1755 } 1756 m0 = mnew; 1757 1758 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1759 iwi_dma_map_mbuf, &map, 1760 BUS_DMA_NOWAIT); 1761 if (error != 0) { 1762 device_printf(sc->sc_dev, 1763 "could not map mbuf (error %d)\n", error); 1764 m_freem(m0); 1765 return error; 1766 } 1767 } 1768 1769 data->m = m0; 1770 data->ni = ni; 1771 1772 desc->hdr.type = IWI_HDR_TYPE_DATA; 1773 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1774 desc->station = 1775 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1776 desc->cmd = IWI_DATA_CMD_TX; 1777 desc->len = htole16(m0->m_pkthdr.len); 1778 desc->flags = 0; 1779 desc->xflags = 0; 1780 1781 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1782 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1783 1784 #if 0 1785 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1786 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1787 desc->weptxkey = ic->ic_crypto.cs_def_txkey; 1788 } else 1789 #endif 1790 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1791 1792 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1793 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1794 1795 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1796 desc->xflags |= IWI_DATA_XFLAG_QOS; 1797 1798 desc->nseg = htole32(map.nseg); 1799 for (i = 0; i < map.nseg; i++) { 1800 desc->seg_addr[i] = htole32(map.segs[i].ds_addr); 1801 desc->seg_len[i] = htole16(map.segs[i].ds_len); 1802 } 1803 1804 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1805 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1806 1807 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1808 ac, txq->cur, le16toh(desc->len), map.nseg)); 1809 1810 txq->queued++; 1811 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT; 1812 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1813 1814 return 0; 1815 } 1816 1817 static void 1818 iwi_start(struct ifnet *ifp) 1819 { 1820 struct iwi_softc *sc = ifp->if_softc; 1821 struct ieee80211com *ic = &sc->sc_ic; 1822 struct mbuf *m0; 1823 struct ether_header *eh; 1824 struct ieee80211_node *ni; 1825 int ac; 1826 1827 ieee80211_drain_mgtq(&ic->ic_mgtq); 1828 if (ic->ic_state != IEEE80211_S_RUN) { 1829 ifq_purge(&ifp->if_snd); 1830 return; 1831 } 1832 1833 for (;;) { 1834 m0 = ifq_dequeue(&ifp->if_snd, NULL); 1835 if (m0 == NULL) 1836 break; 1837 1838 if (m0->m_len < sizeof (struct ether_header) && 1839 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1840 ifp->if_oerrors++; 1841 continue; 1842 } 1843 eh = mtod(m0, struct ether_header *); 1844 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1845 if (ni == NULL) { 1846 m_freem(m0); 1847 ifp->if_oerrors++; 1848 continue; 1849 } 1850 1851 /* classify mbuf so we can find which tx ring to use */ 1852 if (ieee80211_classify(ic, m0, ni) != 0) { 1853 m_freem(m0); 1854 ieee80211_free_node(ni); 1855 ifp->if_oerrors++; 1856 continue; 1857 } 1858 1859 /* no QoS encapsulation for EAPOL frames */ 1860 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1861 M_WME_GETAC(m0) : WME_AC_BE; 1862 1863 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) { 1864 /* there is no place left in this ring */ 1865 m_freem(m0); 1866 ieee80211_free_node(ni); 1867 ifp->if_flags |= IFF_OACTIVE; 1868 break; 1869 } 1870 1871 BPF_MTAP(ifp, m0); 1872 1873 m0 = ieee80211_encap(ic, m0, ni); 1874 if (m0 == NULL) { 1875 ieee80211_free_node(ni); 1876 ifp->if_oerrors++; 1877 continue; 1878 } 1879 1880 if (ic->ic_rawbpf != NULL) 1881 bpf_mtap(ic->ic_rawbpf, m0); 1882 1883 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1884 ieee80211_free_node(ni); 1885 ifp->if_oerrors++; 1886 break; 1887 } 1888 1889 sc->sc_tx_timer = 5; 1890 ifp->if_timer = 1; 1891 } 1892 } 1893 1894 static void 1895 iwi_watchdog(struct ifnet *ifp) 1896 { 1897 struct iwi_softc *sc = ifp->if_softc; 1898 struct ieee80211com *ic = &sc->sc_ic; 1899 1900 ifp->if_timer = 0; 1901 1902 if (sc->sc_tx_timer > 0) { 1903 if (--sc->sc_tx_timer == 0) { 1904 if_printf(ifp, "device timeout\n"); 1905 ifp->if_oerrors++; 1906 sc->flags |= IWI_FLAG_RESET; 1907 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1908 return; 1909 } 1910 ifp->if_timer = 1; 1911 } 1912 1913 ieee80211_watchdog(ic); 1914 } 1915 1916 static int 1917 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 1918 { 1919 struct iwi_softc *sc = ifp->if_softc; 1920 struct ieee80211com *ic = &sc->sc_ic; 1921 int error = 0; 1922 1923 switch (cmd) { 1924 case SIOCSIFFLAGS: 1925 if (ifp->if_flags & IFF_UP) { 1926 if (!(ifp->if_flags & IFF_RUNNING)) 1927 iwi_init(sc); 1928 } else { 1929 if (ifp->if_flags & IFF_RUNNING) 1930 iwi_stop(sc); 1931 } 1932 break; 1933 1934 default: 1935 error = ieee80211_ioctl(ic, cmd, data, cr); 1936 } 1937 1938 if (error == ENETRESET) { 1939 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1940 (IFF_UP | IFF_RUNNING) && 1941 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1942 iwi_init(sc); 1943 error = 0; 1944 } 1945 1946 return error; 1947 } 1948 1949 static void 1950 iwi_stop_master(struct iwi_softc *sc) 1951 { 1952 uint32_t tmp; 1953 int ntries; 1954 1955 /* disable interrupts */ 1956 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1957 1958 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 1959 for (ntries = 0; ntries < 5; ntries++) { 1960 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1961 break; 1962 DELAY(10); 1963 } 1964 if (ntries == 5) 1965 if_printf(&sc->sc_ic.ic_if, "timeout waiting for master\n"); 1966 1967 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1968 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET); 1969 1970 sc->flags &= ~IWI_FLAG_FW_INITED; 1971 } 1972 1973 static int 1974 iwi_reset(struct iwi_softc *sc) 1975 { 1976 uint32_t tmp; 1977 int i, ntries; 1978 1979 iwi_stop_master(sc); 1980 1981 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 1982 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 1983 1984 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 1985 1986 /* Wait for clock stabilization */ 1987 for (ntries = 0; ntries < 1000; ntries++) { 1988 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 1989 break; 1990 DELAY(200); 1991 } 1992 if (ntries == 1000) { 1993 if_printf(&sc->sc_ic.ic_if, 1994 "timeout waiting for clock stabilization\n"); 1995 return EIO; 1996 } 1997 1998 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1999 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET); 2000 2001 DELAY(10); 2002 2003 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2004 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2005 2006 /* Clear NIC memory */ 2007 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2008 for (i = 0; i < 0xc000; i++) 2009 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2010 2011 return 0; 2012 } 2013 2014 static int 2015 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 2016 { 2017 uint32_t tmp; 2018 uint16_t *w; 2019 int ntries, i; 2020 2021 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2022 IWI_RST_STOP_MASTER); 2023 for (ntries = 0; ntries < 5; ntries++) { 2024 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2025 break; 2026 DELAY(10); 2027 } 2028 if (ntries == 5) { 2029 device_printf(sc->sc_dev, "timeout waiting for master\n"); 2030 return EIO; 2031 } 2032 2033 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2034 DELAY(5000); 2035 2036 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2037 tmp &= ~IWI_RST_PRINCETON_RESET; 2038 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2039 2040 DELAY(5000); 2041 MEM_WRITE_4(sc, 0x3000e0, 0); 2042 DELAY(1000); 2043 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 1); 2044 DELAY(1000); 2045 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 0); 2046 DELAY(1000); 2047 MEM_WRITE_1(sc, 0x200000, 0x00); 2048 MEM_WRITE_1(sc, 0x200000, 0x40); 2049 DELAY(1000); 2050 2051 /* write microcode into adapter memory */ 2052 for (w = uc; size > 0; w++, size -= 2) 2053 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2054 2055 MEM_WRITE_1(sc, 0x200000, 0x00); 2056 MEM_WRITE_1(sc, 0x200000, 0x80); 2057 2058 /* wait until we get an answer */ 2059 for (ntries = 0; ntries < 100; ntries++) { 2060 if (MEM_READ_1(sc, 0x200000) & 1) 2061 break; 2062 DELAY(100); 2063 } 2064 if (ntries == 100) { 2065 device_printf(sc->sc_dev, 2066 "timeout waiting for ucode to initialize\n"); 2067 return EIO; 2068 } 2069 2070 /* read the answer or the firmware will not initialize properly */ 2071 for (i = 0; i < 7; i++) 2072 MEM_READ_4(sc, 0x200004); 2073 2074 MEM_WRITE_1(sc, 0x200000, 0x00); 2075 2076 return 0; 2077 } 2078 2079 static int 2080 iwi_alloc_firmware(struct iwi_softc *sc, enum ieee80211_opmode opmode) 2081 { 2082 struct { 2083 const char *suffix; 2084 enum ieee80211_opmode opmode; 2085 } fw_arr[] = { 2086 { "bss", IEEE80211_M_STA }, 2087 { "ibss", IEEE80211_M_IBSS}, 2088 { "sniffer", IEEE80211_M_MONITOR}, 2089 { NULL, 0 } 2090 }; 2091 struct ifnet *ifp = &sc->sc_ic.ic_if; 2092 struct iwi_firmware_hdr *hdr; 2093 struct iwi_firmware *fw = &sc->fw; 2094 struct fw_image *image; 2095 char filename[128]; 2096 int i, error, length_sum; 2097 2098 for (i = 0; fw_arr[i].suffix != NULL; ++i) { 2099 if (fw_arr[i].opmode == opmode) 2100 break; 2101 } 2102 2103 KASSERT(fw_arr[i].suffix != NULL, ("unsupported opmode %u\n", opmode)); 2104 2105 ksnprintf(filename, sizeof(filename), IWI_FW_PATH, fw_arr[i].suffix); 2106 2107 /* 2108 * Release the serializer to avoid possible dead lock 2109 */ 2110 lwkt_serialize_exit(ifp->if_serializer); 2111 image = firmware_image_load(filename, NULL); 2112 lwkt_serialize_enter(ifp->if_serializer); 2113 2114 if (image == NULL) 2115 return ENOENT; 2116 fw->fw_image = image; 2117 2118 /* 2119 * Verify the image 2120 */ 2121 error = EINVAL; 2122 2123 if (fw->fw_image->fw_imglen < sizeof(struct iwi_firmware_hdr)) { 2124 if_printf(ifp, "%s firmware too short", image->fw_name); 2125 goto back; 2126 } 2127 2128 hdr = (struct iwi_firmware_hdr *)image->fw_image; 2129 if (hdr->vermaj != 3) { 2130 if_printf(ifp, "%s unsupported firmware version %d.%d\n", 2131 image->fw_name, hdr->vermaj, hdr->vermin); 2132 goto back; 2133 } 2134 2135 length_sum = le32toh(hdr->bsize) + le32toh(hdr->usize) + le32toh(hdr->fsize); 2136 if (length_sum + sizeof(*hdr) != image->fw_imglen) { 2137 if_printf(ifp, 2138 "%s size mismatch, %zu/hdr %zu\n", 2139 image->fw_name, fw->fw_image->fw_imglen, 2140 length_sum + sizeof(*hdr)); 2141 goto back; 2142 } 2143 2144 fw->boot = (uint8_t *)(hdr + 1); 2145 fw->boot_size = le32toh(hdr->bsize); 2146 fw->ucode = fw->boot + fw->boot_size; 2147 fw->ucode_size = le32toh(hdr->usize); 2148 fw->main = fw->ucode + fw->ucode_size; 2149 fw->main_size = le32toh(hdr->fsize); 2150 2151 error = 0; 2152 2153 back: 2154 if (error) { 2155 firmware_image_unload(fw->fw_image); 2156 bzero(fw, sizeof(*fw)); 2157 } 2158 return error; 2159 } 2160 2161 static int 2162 iwi_free_firmware(struct iwi_softc *sc) 2163 { 2164 if (sc->fw.fw_image != NULL) 2165 firmware_image_unload(sc->fw.fw_image); 2166 return 0; 2167 } 2168 2169 /* macro to handle unaligned little endian data in firmware image */ 2170 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2171 2172 static int 2173 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2174 { 2175 bus_dma_tag_t dmat; 2176 bus_dmamap_t map; 2177 bus_addr_t physaddr; 2178 void *virtaddr; 2179 u_char *p, *end; 2180 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp; 2181 int ntries, error = 0; 2182 struct ifnet *ifp = &sc->sc_ic.ic_if; 2183 2184 ASSERT_SERIALIZED(ifp->if_serializer); 2185 2186 /* Allocate DMA memory for mapping firmware image */ 2187 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 2188 BUS_SPACE_MAXADDR, NULL, NULL, size, 1, size, 0, &dmat); 2189 if (error != 0) { 2190 device_printf(sc->sc_dev, 2191 "could not create firmware DMA tag\n"); 2192 goto fail1; 2193 } 2194 2195 error = bus_dmamem_alloc(dmat, &virtaddr, BUS_DMA_WAITOK, &map); 2196 if (error != 0) { 2197 device_printf(sc->sc_dev, 2198 "could not allocate firmware DMA memory\n"); 2199 goto fail2; 2200 } 2201 2202 error = bus_dmamap_load(dmat, map, virtaddr, size, iwi_dma_map_addr, 2203 &physaddr, 0); 2204 if (error != 0) { 2205 device_printf(sc->sc_dev, "could not load firmware DMA map\n"); 2206 goto fail3; 2207 } 2208 2209 /* Copy firmware image to DMA memory */ 2210 memcpy(virtaddr, fw, size); 2211 2212 /* Make sure the adapter will get up-to-date values */ 2213 bus_dmamap_sync(dmat, map, BUS_DMASYNC_PREWRITE); 2214 2215 /* Tell the adapter where the command blocks are stored */ 2216 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2217 2218 /* 2219 * Store command blocks into adapter's internal memory using register 2220 * indirections. The adapter will read the firmware image through DMA 2221 * using information stored in command blocks. 2222 */ 2223 src = physaddr; 2224 p = virtaddr; 2225 end = p + size; 2226 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2227 2228 while (p < end) { 2229 dst = GETLE32(p); p += 4; src += 4; 2230 len = GETLE32(p); p += 4; src += 4; 2231 p += len; 2232 2233 while (len > 0) { 2234 mlen = min(len, IWI_CB_MAXDATALEN); 2235 2236 ctl = IWI_CB_DEFAULT_CTL | mlen; 2237 sum = ctl ^ src ^ dst; 2238 2239 /* Write a command block */ 2240 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2241 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src); 2242 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst); 2243 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2244 2245 src += mlen; 2246 dst += mlen; 2247 len -= mlen; 2248 } 2249 } 2250 2251 /* Write a fictive final command block (sentinel) */ 2252 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2253 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2254 2255 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2256 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER); 2257 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2258 2259 /* Tell the adapter to start processing command blocks */ 2260 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2261 2262 /* Wait until the adapter reaches the sentinel */ 2263 for (ntries = 0; ntries < 400; ntries++) { 2264 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2265 break; 2266 DELAY(100); 2267 } 2268 if (ntries == 400) { 2269 device_printf(sc->sc_dev, 2270 "timeout processing command blocks\n"); 2271 error = EIO; 2272 goto fail4; 2273 } 2274 2275 /* We're done with command blocks processing */ 2276 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2277 2278 /* Allow interrupts so we know when the firmware is ready */ 2279 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2280 2281 /* Tell the adapter to initialize the firmware */ 2282 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2283 2284 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2285 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY); 2286 2287 /* wait at most one second for firmware initialization to complete */ 2288 tsleep_interlock(IWI_FW_INITIALIZED(sc), 0); 2289 lwkt_serialize_exit(ifp->if_serializer); 2290 error = tsleep(IWI_FW_INITIALIZED(sc), PINTERLOCKED, "iwiinit", hz); 2291 lwkt_serialize_enter(ifp->if_serializer); 2292 if (error != 0) { 2293 device_printf(sc->sc_dev, "timeout waiting for firmware " 2294 "initialization to complete\n"); 2295 goto fail4; 2296 } 2297 2298 fail4: bus_dmamap_sync(dmat, map, BUS_DMASYNC_POSTWRITE); 2299 bus_dmamap_unload(dmat, map); 2300 fail3: bus_dmamem_free(dmat, virtaddr, map); 2301 fail2: bus_dma_tag_destroy(dmat); 2302 fail1: 2303 return error; 2304 } 2305 2306 static int 2307 iwi_config(struct iwi_softc *sc) 2308 { 2309 struct ieee80211com *ic = &sc->sc_ic; 2310 struct ifnet *ifp = ic->ic_ifp; 2311 struct iwi_configuration config; 2312 struct iwi_rateset rs; 2313 struct iwi_txpower power; 2314 struct ieee80211_key *wk; 2315 struct iwi_wep_key wepkey; 2316 uint32_t data; 2317 int error, i; 2318 2319 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2320 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":")); 2321 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2322 IEEE80211_ADDR_LEN, 0); 2323 if (error != 0) 2324 return error; 2325 2326 memset(&config, 0, sizeof config); 2327 config.bluetooth_coexistence = sc->bluetooth; 2328 config.antenna = sc->antenna; 2329 config.multicast_enabled = 1; 2330 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2331 config.disable_unicast_decryption = 1; 2332 config.disable_multicast_decryption = 1; 2333 DPRINTF(("Configuring adapter\n")); 2334 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 0); 2335 if (error != 0) 2336 return error; 2337 2338 data = htole32(IWI_POWER_MODE_CAM); 2339 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2340 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2341 if (error != 0) 2342 return error; 2343 2344 data = htole32(ic->ic_rtsthreshold); 2345 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2346 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2347 if (error != 0) 2348 return error; 2349 2350 data = htole32(ic->ic_fragthreshold); 2351 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2352 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2353 if (error != 0) 2354 return error; 2355 2356 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2357 power.mode = IWI_MODE_11B; 2358 power.nchan = 11; 2359 for (i = 0; i < 11; i++) { 2360 power.chan[i].chan = i + 1; 2361 power.chan[i].power = IWI_TXPOWER_MAX; 2362 } 2363 DPRINTF(("Setting .11b channels tx power\n")); 2364 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2365 0); 2366 if (error != 0) 2367 return error; 2368 2369 power.mode = IWI_MODE_11G; 2370 DPRINTF(("Setting .11g channels tx power\n")); 2371 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2372 0); 2373 if (error != 0) 2374 return error; 2375 } 2376 2377 rs.mode = IWI_MODE_11G; 2378 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2379 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2380 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2381 rs.nrates); 2382 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2383 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2384 if (error != 0) 2385 return error; 2386 2387 rs.mode = IWI_MODE_11A; 2388 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2389 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2390 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2391 rs.nrates); 2392 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2393 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2394 if (error != 0) 2395 return error; 2396 2397 /* if we have a desired ESSID, set it now */ 2398 if (ic->ic_des_esslen != 0) { 2399 #ifdef IWI_DEBUG 2400 if (iwi_debug > 0) { 2401 kprintf("Setting desired ESSID to "); 2402 ieee80211_print_essid(ic->ic_des_essid, 2403 ic->ic_des_esslen); 2404 kprintf("\n"); 2405 } 2406 #endif 2407 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2408 ic->ic_des_esslen, 0); 2409 if (error != 0) 2410 return error; 2411 } 2412 2413 data = htole32(karc4random()); 2414 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2415 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2416 if (error != 0) 2417 return error; 2418 2419 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2420 wk = &ic->ic_crypto.cs_nw_keys[i]; 2421 2422 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2423 wepkey.idx = i; 2424 wepkey.len = wk->wk_keylen; 2425 memset(wepkey.key, 0, sizeof wepkey.key); 2426 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2427 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx, 2428 wepkey.len)); 2429 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2430 sizeof wepkey, 0); 2431 if (error != 0) 2432 return error; 2433 } 2434 2435 /* Enable adapter */ 2436 DPRINTF(("Enabling adapter\n")); 2437 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2438 } 2439 2440 static int 2441 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2442 { 2443 struct ieee80211com *ic = &sc->sc_ic; 2444 struct iwi_scan scan; 2445 2446 memset(&scan, 0, sizeof scan); 2447 memset(scan.type, IWI_SCAN_TYPE_PASSIVE, sizeof scan.type); 2448 scan.passive = htole16(2000); 2449 scan.channels[0] = 1 | 2450 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2451 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2452 2453 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2454 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2455 } 2456 2457 static int 2458 iwi_scan(struct iwi_softc *sc) 2459 { 2460 struct ieee80211com *ic = &sc->sc_ic; 2461 struct iwi_scan scan; 2462 uint8_t *p; 2463 int i, count; 2464 2465 memset(&scan, 0, sizeof scan); 2466 2467 if (ic->ic_des_esslen != 0) { 2468 scan.bdirected = htole16(sc->dwelltime); 2469 memset(scan.type, IWI_SCAN_TYPE_BDIRECTED, sizeof scan.type); 2470 } else { 2471 scan.broadcast = htole16(sc->dwelltime); 2472 memset(scan.type, IWI_SCAN_TYPE_BROADCAST, sizeof scan.type); 2473 } 2474 2475 p = scan.channels; 2476 count = 0; 2477 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2478 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2479 isset(ic->ic_chan_active, i)) { 2480 *++p = i; 2481 count++; 2482 } 2483 } 2484 *(p - count) = IWI_CHAN_5GHZ | count; 2485 2486 p = (count > 0) ? p + 1 : scan.channels; 2487 count = 0; 2488 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2489 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2490 isset(ic->ic_chan_active, i)) { 2491 *++p = i; 2492 count++; 2493 } 2494 } 2495 *(p - count) = IWI_CHAN_2GHZ | count; 2496 2497 DPRINTF(("Start scanning\n")); 2498 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2499 } 2500 2501 static int 2502 iwi_auth_and_assoc(struct iwi_softc *sc) 2503 { 2504 struct ieee80211com *ic = &sc->sc_ic; 2505 struct ifnet *ifp = ic->ic_ifp; 2506 struct ieee80211_node *ni = ic->ic_bss; 2507 struct ieee80211_wme_info wme; 2508 struct iwi_configuration config; 2509 struct iwi_associate assoc; 2510 struct iwi_rateset rs; 2511 uint16_t capinfo; 2512 uint32_t data; 2513 int error; 2514 2515 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2516 memset(&config, 0, sizeof config); 2517 config.bluetooth_coexistence = sc->bluetooth; 2518 config.antenna = sc->antenna; 2519 config.multicast_enabled = 1; 2520 config.use_protection = 1; 2521 config.answer_pbreq = 2522 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2523 config.disable_unicast_decryption = 1; 2524 config.disable_multicast_decryption = 1; 2525 DPRINTF(("Configuring adapter\n")); 2526 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 2527 1); 2528 if (error != 0) 2529 return error; 2530 } 2531 2532 #ifdef IWI_DEBUG 2533 if (iwi_debug > 0) { 2534 kprintf("Setting ESSID to "); 2535 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2536 kprintf("\n"); 2537 } 2538 #endif 2539 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2540 if (error != 0) 2541 return error; 2542 2543 /* the rate set has already been "negotiated" */ 2544 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2545 IWI_MODE_11G; 2546 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2547 rs.nrates = ni->ni_rates.rs_nrates; 2548 KKASSERT(rs.nrates <= IWI_RATESET_MAXSIZE); 2549 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2550 DPRINTF(("Setting negociated rates (%u)\n", rs.nrates)); 2551 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2552 if (error != 0) 2553 return error; 2554 2555 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2556 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2557 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2558 wme.wme_oui[0] = 0x00; 2559 wme.wme_oui[1] = 0x50; 2560 wme.wme_oui[2] = 0xf2; 2561 wme.wme_type = WME_OUI_TYPE; 2562 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2563 wme.wme_version = WME_VERSION; 2564 wme.wme_info = 0; 2565 2566 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2567 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2568 if (error != 0) 2569 return error; 2570 } 2571 2572 if (ic->ic_opt_ie != NULL) { 2573 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2574 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2575 ic->ic_opt_ie_len, 1); 2576 if (error != 0) 2577 return error; 2578 } 2579 2580 data = htole32(ni->ni_rssi); 2581 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2582 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2583 if (error != 0) 2584 return error; 2585 2586 memset(&assoc, 0, sizeof assoc); 2587 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2588 IWI_MODE_11G; 2589 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2590 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2591 assoc.auth = ic->ic_crypto.cs_def_txkey << 4 | IWI_AUTH_SHARED; 2592 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2593 assoc.policy |= htole16(IWI_POLICY_WME); 2594 if (ic->ic_flags & IEEE80211_F_WPA) 2595 assoc.policy |= htole16(IWI_POLICY_WPA); 2596 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2597 2598 if (ic->ic_opmode == IEEE80211_M_IBSS) 2599 capinfo = IEEE80211_CAPINFO_IBSS; 2600 else 2601 capinfo = IEEE80211_CAPINFO_ESS; 2602 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2603 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2604 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2605 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2606 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2607 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2608 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2609 assoc.capinfo = htole16(capinfo); 2610 2611 assoc.lintval = htole16(ic->ic_lintval); 2612 assoc.intval = htole16(ni->ni_intval); 2613 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2614 if (ic->ic_opmode == IEEE80211_M_IBSS) 2615 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2616 else 2617 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2618 2619 DPRINTF(("Trying to associate to %6D channel %u auth %u\n", 2620 assoc.bssid, ":", assoc.chan, assoc.auth)); 2621 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2622 } 2623 2624 static void 2625 iwi_init(void *priv) 2626 { 2627 struct iwi_softc *sc = priv; 2628 struct ieee80211com *ic = &sc->sc_ic; 2629 struct ifnet *ifp = ic->ic_ifp; 2630 struct iwi_firmware *fw = &sc->fw; 2631 struct iwi_rx_data *data; 2632 int i; 2633 2634 iwi_stop(sc); 2635 2636 if (iwi_reset(sc) != 0) { 2637 device_printf(sc->sc_dev, "could not reset adapter\n"); 2638 goto fail; 2639 } 2640 2641 if (iwi_alloc_firmware(sc, ic->ic_opmode) != 0) { 2642 device_printf(sc->sc_dev, "could not allocate firmware\n"); 2643 goto fail; 2644 } 2645 2646 if (iwi_load_firmware(sc, fw->boot, fw->boot_size) != 0) { 2647 device_printf(sc->sc_dev, "could not load boot firmware\n"); 2648 goto fail; 2649 } 2650 2651 if (iwi_load_ucode(sc, fw->ucode, fw->ucode_size) != 0) { 2652 device_printf(sc->sc_dev, "could not load microcode\n"); 2653 goto fail; 2654 } 2655 2656 iwi_stop_master(sc); 2657 2658 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr); 2659 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2660 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2661 2662 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr); 2663 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2664 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2665 2666 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr); 2667 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2668 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2669 2670 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr); 2671 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2672 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2673 2674 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr); 2675 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2676 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2677 2678 for (i = 0; i < sc->rxq.count; i++) { 2679 data = &sc->rxq.data[i]; 2680 CSR_WRITE_4(sc, data->reg, data->physaddr); 2681 } 2682 2683 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1); 2684 2685 if (iwi_load_firmware(sc, fw->main, fw->main_size) != 0) { 2686 device_printf(sc->sc_dev, "could not load main firmware\n"); 2687 goto fail; 2688 } 2689 2690 sc->flags |= IWI_FLAG_FW_INITED; 2691 2692 if (iwi_config(sc) != 0) { 2693 device_printf(sc->sc_dev, "device configuration failed\n"); 2694 goto fail; 2695 } 2696 2697 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2698 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2699 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2700 } else 2701 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2702 2703 ifp->if_flags &= ~IFF_OACTIVE; 2704 ifp->if_flags |= IFF_RUNNING; 2705 2706 return; 2707 2708 fail: ifp->if_flags &= ~IFF_UP; 2709 iwi_stop(sc); 2710 } 2711 2712 static void 2713 iwi_stop(void *priv) 2714 { 2715 struct iwi_softc *sc = priv; 2716 struct ieee80211com *ic = &sc->sc_ic; 2717 struct ifnet *ifp = ic->ic_ifp; 2718 2719 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2720 2721 iwi_stop_master(sc); 2722 2723 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET); 2724 2725 /* reset rings */ 2726 iwi_reset_cmd_ring(sc, &sc->cmdq); 2727 iwi_reset_tx_ring(sc, &sc->txq[0]); 2728 iwi_reset_tx_ring(sc, &sc->txq[1]); 2729 iwi_reset_tx_ring(sc, &sc->txq[2]); 2730 iwi_reset_tx_ring(sc, &sc->txq[3]); 2731 iwi_reset_rx_ring(sc, &sc->rxq); 2732 2733 sc->sc_tx_timer = 0; 2734 ifp->if_timer = 0; 2735 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2736 } 2737 2738 static int 2739 iwi_sysctl_stats(SYSCTL_HANDLER_ARGS) 2740 { 2741 struct iwi_softc *sc = arg1; 2742 struct ifnet *ifp = &sc->sc_ic.ic_if; 2743 uint32_t size, buf[128]; 2744 2745 lwkt_serialize_enter(ifp->if_serializer); 2746 2747 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 2748 memset(buf, 0, sizeof buf); 2749 goto back; 2750 } 2751 2752 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 2753 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 2754 back: 2755 lwkt_serialize_exit(ifp->if_serializer); 2756 return SYSCTL_OUT(req, buf, sizeof buf); 2757 } 2758 2759 static int 2760 iwi_sysctl_radio(SYSCTL_HANDLER_ARGS) 2761 { 2762 struct iwi_softc *sc = arg1; 2763 struct ifnet *ifp = &sc->sc_ic.ic_if; 2764 int val; 2765 2766 lwkt_serialize_enter(ifp->if_serializer); 2767 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 2768 lwkt_serialize_exit(ifp->if_serializer); 2769 2770 return SYSCTL_OUT(req, &val, sizeof val); 2771 } 2772 2773 static const int8_t iwi_bitmap[256] = { 2774 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2775 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2776 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2777 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2778 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2779 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2780 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2781 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 7, 2782 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2783 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2784 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2785 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2786 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2787 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2788 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2789 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, -1 2790 }; 2791 2792 static int 2793 iwi_alloc_ibss_node(struct iwi_softc *sc) 2794 { 2795 int i; 2796 2797 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2798 2799 for (i = 0; i < IWI_MAX_IBSSNODE_NBYTE; ++i) { 2800 int ret; 2801 2802 ret = iwi_bitmap[sc->sc_ibss_node[i]]; 2803 if (ret != -1) { 2804 sc->sc_ibss_node[i] |= (1 << ret); 2805 ret += (i * NBBY); 2806 return ret; 2807 } 2808 } 2809 return -1; 2810 } 2811 2812 static void 2813 iwi_free_ibss_node(struct iwi_softc *sc, int ibss_node) 2814 { 2815 int i, b; 2816 2817 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2818 KASSERT(ibss_node < IWI_MAX_IBSSNODE, ("free ibss node, out of range")); 2819 2820 i = ibss_node / NBBY; 2821 b = ibss_node % NBBY; 2822 2823 sc->sc_ibss_node[i] &= ~(1 << b); 2824 } 2825