1 /* 2 * Copyright (c) 2004-2006 3 * Damien Bergamini <damien.bergamini@free.fr>. 4 * Copyright (c) 2004, 2005 5 * Andrew Atrens <atrens@nortelnetworks.com>. 6 * 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice unmodified, this list of conditions, and the following 14 * disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.8.2.6 2006/02/23 02:06:46 sam Exp $ 32 * $DragonFly: src/sys/dev/netif/iwi/if_iwi.c,v 1.21 2008/05/14 11:59:20 sephe Exp $ 33 */ 34 35 /*- 36 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 37 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 38 */ 39 40 #include <sys/param.h> 41 #include <sys/sysctl.h> 42 #include <sys/sockio.h> 43 #include <sys/mbuf.h> 44 #include <sys/firmware.h> 45 #include <sys/kernel.h> 46 #include <sys/kthread.h> 47 #include <sys/interrupt.h> 48 #include <sys/socket.h> 49 #include <sys/systm.h> 50 #include <sys/malloc.h> 51 #include <sys/module.h> 52 #include <sys/endian.h> 53 #include <sys/proc.h> 54 #include <sys/priv.h> 55 #include <sys/ucred.h> 56 #include <sys/bus.h> 57 #include <sys/rman.h> 58 #include <sys/serialize.h> 59 60 #include <bus/pci/pcidevs.h> 61 #include <bus/pci/pcireg.h> 62 #include <bus/pci/pcivar.h> 63 64 #include <net/bpf.h> 65 #include <net/if.h> 66 #include <net/if_arp.h> 67 #include <net/ethernet.h> 68 #include <net/if_dl.h> 69 #include <net/if_media.h> 70 #include <net/if_types.h> 71 #include <net/ifq_var.h> 72 73 #include <netproto/802_11/ieee80211_var.h> 74 #include <netproto/802_11/ieee80211_radiotap.h> 75 76 #include <netinet/in.h> 77 #include <netinet/in_systm.h> 78 #include <netinet/in_var.h> 79 #include <netinet/ip.h> 80 #include <netinet/if_ether.h> 81 82 #include <dev/netif/iwi/if_iwireg.h> 83 #include <dev/netif/iwi/if_iwivar.h> 84 85 #ifdef IWI_DEBUG 86 #define DPRINTF(x) do { if (iwi_debug > 0) kprintf x; } while (0) 87 #define DPRINTFN(n, x) do { if (iwi_debug >= (n)) kprintf x; } while (0) 88 int iwi_debug = 0; 89 SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level"); 90 #else 91 #define DPRINTF(x) 92 #define DPRINTFN(n, x) 93 #endif 94 95 static struct iwi_ident { 96 uint16_t vendor; 97 uint16_t device; 98 const char *name; 99 } iwi_ident_table[] = { 100 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2200BG, 101 "Intel(R) PRO/Wireless 2200BG" }, 102 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2225BG, 103 "Intel(R) PRO/Wireless 2225BG" }, 104 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1, 105 "Intel(R) PRO/Wireless 2915ABG" }, 106 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2, 107 "Intel(R) PRO/Wireless 2915ABG" }, 108 { 0, 0, NULL } 109 }; 110 111 static void iwi_fw_monitor(void *); 112 static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 113 static void iwi_dma_map_mbuf(void *, bus_dma_segment_t *, int, bus_size_t, 114 int); 115 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 116 int); 117 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 118 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 119 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 120 int, bus_addr_t, bus_addr_t); 121 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 122 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 123 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 124 int); 125 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 126 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 127 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 128 static void iwi_node_free(struct ieee80211_node *); 129 static int iwi_media_change(struct ifnet *); 130 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 131 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 132 static int iwi_wme_update(struct ieee80211com *); 133 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 134 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 135 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 136 struct iwi_frame *); 137 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 138 static void iwi_rx_intr(struct iwi_softc *); 139 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 140 static void iwi_intr(void *); 141 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 142 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 143 static int iwi_tx_start(struct ifnet *, struct mbuf *, 144 struct ieee80211_node *, int); 145 static void iwi_start(struct ifnet *); 146 static void iwi_watchdog(struct ifnet *); 147 static int iwi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 148 static void iwi_stop_master(struct iwi_softc *); 149 static int iwi_reset(struct iwi_softc *); 150 static int iwi_load_ucode(struct iwi_softc *, void *, int); 151 static int iwi_alloc_firmware(struct iwi_softc *, enum ieee80211_opmode); 152 static int iwi_free_firmware(struct iwi_softc *); 153 static int iwi_load_firmware(struct iwi_softc *, void *, int); 154 static int iwi_config(struct iwi_softc *); 155 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 156 static int iwi_scan(struct iwi_softc *); 157 static int iwi_auth_and_assoc(struct iwi_softc *); 158 static void iwi_init(void *); 159 static void iwi_stop(void *); 160 static int iwi_sysctl_stats(SYSCTL_HANDLER_ARGS); 161 static int iwi_sysctl_radio(SYSCTL_HANDLER_ARGS); 162 163 static int iwi_probe(device_t); 164 static int iwi_attach(device_t); 165 static int iwi_detach(device_t); 166 static int iwi_shutdown(device_t); 167 static int iwi_suspend(device_t); 168 static int iwi_resume(device_t); 169 170 static int iwi_alloc_ibss_node(struct iwi_softc *); 171 static void iwi_free_ibss_node(struct iwi_softc *, int); 172 173 static device_method_t iwi_methods[] = { 174 /* Device interface */ 175 DEVMETHOD(device_probe, iwi_probe), 176 DEVMETHOD(device_attach, iwi_attach), 177 DEVMETHOD(device_detach, iwi_detach), 178 DEVMETHOD(device_shutdown, iwi_shutdown), 179 DEVMETHOD(device_suspend, iwi_suspend), 180 DEVMETHOD(device_resume, iwi_resume), 181 182 { 0, 0 } 183 }; 184 185 static driver_t iwi_driver = { 186 "iwi", 187 iwi_methods, 188 sizeof (struct iwi_softc) 189 }; 190 191 static devclass_t iwi_devclass; 192 193 DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0); 194 195 MODULE_DEPEND(iwi, pci, 1, 1, 1); 196 MODULE_DEPEND(iwi, wlan, 1, 1, 1); 197 198 /* 199 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 200 */ 201 static const struct ieee80211_rateset iwi_rateset_11a = 202 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 203 204 static const struct ieee80211_rateset iwi_rateset_11b = 205 { 4, { 2, 4, 11, 22 } }; 206 207 static const struct ieee80211_rateset iwi_rateset_11g = 208 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 209 210 static void 211 iwi_fw_monitor(void *arg) 212 { 213 struct iwi_softc *sc = arg; 214 struct ifnet *ifp = &sc->sc_ic.ic_if; 215 216 lwkt_serialize_enter(ifp->if_serializer); 217 for (;;) { 218 int error = 0; 219 220 /* 221 * Test to see whether we are detaching, 222 * this is used to avoid race condition 223 * especially when attaching fails. 224 */ 225 if ((sc->flags & IWI_FLAG_EXIT) == 0) { 226 crit_enter(); 227 tsleep_interlock(IWI_FW_WAKE_MONITOR(sc)); 228 lwkt_serialize_exit(ifp->if_serializer); 229 error = tsleep(IWI_FW_WAKE_MONITOR(sc), 230 0, "iwifwm", 0); 231 crit_exit(); 232 lwkt_serialize_enter(ifp->if_serializer); 233 } 234 235 if (error == 0) { 236 int boff; 237 238 if (sc->flags & IWI_FLAG_EXIT) 239 break; 240 else if ((sc->flags & IWI_FLAG_RESET) == 0) 241 continue; 242 243 if_printf(ifp, "reset firmware\n"); 244 for (boff = 1; sc->flags & IWI_FLAG_RESET; boff++) { 245 iwi_init(sc); 246 if (sc->flags & IWI_FLAG_FW_INITED) { 247 sc->flags &= ~IWI_FLAG_RESET; 248 } else if (boff > 10) { /* XXX */ 249 if_printf(ifp, "fw reset failed. " 250 "retrying...\n"); 251 252 /* XXX avoid to sleep to long */ 253 boff = 1; 254 } 255 256 /* 257 * Since this would be infinite loop, 258 * if reseting firmware never succeeded, 259 * we test to see whether we are detaching. 260 */ 261 if (sc->flags & IWI_FLAG_EXIT) 262 break; 263 264 crit_enter(); 265 tsleep_interlock(IWI_FW_CMD_ACKED(sc)); 266 lwkt_serialize_exit(ifp->if_serializer); 267 error = tsleep(IWI_FW_CMD_ACKED(sc), 0, 268 "iwirun", boff * hz); 269 crit_exit(); 270 lwkt_serialize_enter(ifp->if_serializer); 271 } 272 } 273 } 274 lwkt_serialize_exit(ifp->if_serializer); 275 276 if_printf(ifp, "fw monitor exiting\n"); 277 wakeup(IWI_FW_EXIT_MONITOR(sc)); 278 kthread_exit(); 279 } 280 281 static int 282 iwi_probe(device_t dev) 283 { 284 const struct iwi_ident *ident; 285 uint16_t vid, did; 286 287 vid = pci_get_vendor(dev); 288 did = pci_get_device(dev); 289 for (ident = iwi_ident_table; ident->name != NULL; ident++) { 290 if (vid == ident->vendor && did == ident->device) { 291 device_set_desc(dev, ident->name); 292 return 0; 293 } 294 } 295 return ENXIO; 296 } 297 298 /* Base Address Register */ 299 #define IWI_PCI_BAR0 0x10 300 301 static int 302 iwi_attach(device_t dev) 303 { 304 struct iwi_softc *sc = device_get_softc(dev); 305 struct ieee80211com *ic = &sc->sc_ic; 306 struct ifnet *ifp = &ic->ic_if; 307 uint16_t val; 308 int error, i; 309 310 sc->sc_dev = dev; 311 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 312 313 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { 314 device_printf(dev, "chip is in D%d power mode " 315 "-- setting to D0\n", pci_get_powerstate(dev)); 316 pci_set_powerstate(dev, PCI_POWERSTATE_D0); 317 } 318 319 pci_write_config(dev, 0x41, 0, 1); 320 321 /* enable bus-mastering */ 322 pci_enable_busmaster(dev); 323 324 sc->mem_rid = IWI_PCI_BAR0; 325 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid, 326 RF_ACTIVE); 327 if (sc->mem == NULL) { 328 device_printf(dev, "could not allocate memory resource\n"); 329 return ENXIO; 330 } 331 sc->sc_st = rman_get_bustag(sc->mem); 332 sc->sc_sh = rman_get_bushandle(sc->mem); 333 334 sc->irq_rid = 0; 335 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid, 336 RF_ACTIVE | RF_SHAREABLE); 337 if (sc->irq == NULL) { 338 device_printf(dev, "could not allocate interrupt resource\n"); 339 goto fail; 340 } 341 342 if (iwi_reset(sc) != 0) { 343 device_printf(dev, "could not reset adapter\n"); 344 goto fail; 345 } 346 347 /* 348 * Allocate rings. 349 */ 350 error = iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT); 351 if (error != 0) { 352 device_printf(dev, "could not allocate Cmd ring\n"); 353 goto fail; 354 } 355 356 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 357 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 358 if (error != 0) { 359 device_printf(dev, "could not allocate Tx ring 1\n"); 360 goto fail; 361 } 362 363 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 364 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 365 if (error != 0) { 366 device_printf(dev, "could not allocate Tx ring 2\n"); 367 goto fail; 368 } 369 370 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 371 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 372 if (error != 0) { 373 device_printf(dev, "could not allocate Tx ring 3\n"); 374 goto fail; 375 } 376 377 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 378 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 379 if (error != 0) { 380 device_printf(dev, "could not allocate Tx ring 4\n"); 381 goto fail; 382 } 383 384 error = iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT); 385 if (error != 0) { 386 device_printf(dev, "could not allocate Rx ring\n"); 387 goto fail; 388 } 389 390 sysctl_ctx_init(&sc->sysctl_ctx); 391 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx, 392 SYSCTL_STATIC_CHILDREN(_hw), 393 OID_AUTO, 394 device_get_nameunit(dev), 395 CTLFLAG_RD, 396 0, ""); 397 if (sc->sysctl_tree == NULL) { 398 device_printf(dev, "sysctl add node failed\n"); 399 error = EIO; 400 goto fail; 401 } 402 403 ifp->if_softc = sc; 404 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 405 ifp->if_init = iwi_init; 406 ifp->if_ioctl = iwi_ioctl; 407 ifp->if_start = iwi_start; 408 ifp->if_watchdog = iwi_watchdog; 409 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN); 410 ifq_set_ready(&ifp->if_snd); 411 412 ic->ic_wme.wme_update = iwi_wme_update; 413 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 414 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 415 ic->ic_state = IEEE80211_S_INIT; 416 417 /* set device capabilities */ 418 ic->ic_caps = 419 IEEE80211_C_IBSS | /* IBSS mode supported */ 420 IEEE80211_C_MONITOR | /* monitor mode supported */ 421 IEEE80211_C_TXPMGT | /* tx power management */ 422 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 423 IEEE80211_C_WPA | /* 802.11i */ 424 IEEE80211_C_WME; /* 802.11e */ 425 426 /* read MAC address from EEPROM */ 427 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 428 ic->ic_myaddr[0] = val & 0xff; 429 ic->ic_myaddr[1] = val >> 8; 430 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 431 ic->ic_myaddr[2] = val & 0xff; 432 ic->ic_myaddr[3] = val >> 8; 433 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 434 ic->ic_myaddr[4] = val & 0xff; 435 ic->ic_myaddr[5] = val >> 8; 436 437 if (pci_get_device(dev) >= 0x4223) { 438 /* set supported .11a rates (2915ABG only) */ 439 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 440 441 /* set supported .11a channels */ 442 for (i = 36; i <= 64; i += 4) { 443 ic->ic_channels[i].ic_freq = 444 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 445 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 446 } 447 for (i = 149; i <= 165; i += 4) { 448 ic->ic_channels[i].ic_freq = 449 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 450 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 451 } 452 } 453 454 /* set supported .11b and .11g rates */ 455 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 456 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 457 458 /* set supported .11b and .11g channels (1 through 14) */ 459 for (i = 1; i <= 14; i++) { 460 ic->ic_channels[i].ic_freq = 461 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 462 ic->ic_channels[i].ic_flags = 463 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 464 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 465 } 466 467 ieee80211_ifattach(ic); 468 /* override default methods */ 469 ic->ic_node_alloc = iwi_node_alloc; 470 sc->sc_node_free = ic->ic_node_free; 471 ic->ic_node_free = iwi_node_free; 472 /* override state transition machine */ 473 sc->sc_newstate = ic->ic_newstate; 474 ic->ic_newstate = iwi_newstate; 475 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 476 477 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO, 478 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 479 480 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 481 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 482 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 483 484 sc->sc_txtap_len = sizeof sc->sc_txtapu; 485 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 486 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 487 488 /* 489 * Add a few sysctl knobs. 490 */ 491 sc->dwelltime = 100; 492 sc->bluetooth = 1; 493 sc->antenna = 0; 494 495 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 496 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "radio", 497 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I", 498 "radio transmitter switch state (0=off, 1=on)"); 499 500 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 501 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "stats", 502 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S", 503 "statistics"); 504 505 SYSCTL_ADD_INT(&sc->sysctl_ctx, 506 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell", 507 CTLFLAG_RW, &sc->dwelltime, 0, 508 "channel dwell time (ms) for AP/station scanning"); 509 510 SYSCTL_ADD_INT(&sc->sysctl_ctx, 511 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "bluetooth", 512 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence"); 513 514 SYSCTL_ADD_INT(&sc->sysctl_ctx, 515 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "antenna", 516 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)"); 517 518 /* 519 * Start firmware monitoring thread 520 * 521 * NOTE: 522 * This should be done only after serializer is initialized, 523 * i.e. after ieee80211_ifattach(), because serializer will be 524 * held once iwi_fw_monitor() is entered. 525 */ 526 error = kthread_create(iwi_fw_monitor, sc, &sc->sc_fw_monitor, 527 "%s:fw-monitor", device_get_nameunit(dev)); 528 if (error) { 529 device_printf(dev, "could not create fw monitor\n"); 530 goto fail1; 531 } 532 sc->flags |= IWI_FLAG_MONITOR; 533 534 /* 535 * Hook our interrupt after all initialization is complete. 536 */ 537 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, iwi_intr, sc, 538 &sc->sc_ih, ifp->if_serializer); 539 if (error != 0) { 540 device_printf(dev, "could not set up interrupt\n"); 541 goto fail1; 542 } 543 544 ifp->if_cpuid = ithread_cpuid(rman_get_start(sc->irq)); 545 KKASSERT(ifp->if_cpuid >= 0 && ifp->if_cpuid < ncpus); 546 547 if (bootverbose) 548 ieee80211_announce(ic); 549 550 return 0; 551 552 fail1: 553 bpfdetach(ifp); 554 ieee80211_ifdetach(ic); 555 fail: 556 iwi_detach(dev); 557 return ENXIO; 558 } 559 560 static int 561 iwi_detach(device_t dev) 562 { 563 struct iwi_softc *sc = device_get_softc(dev); 564 struct ieee80211com *ic = &sc->sc_ic; 565 struct ifnet *ifp = ic->ic_ifp; 566 567 if (sc->flags & IWI_FLAG_MONITOR) { 568 lwkt_serialize_enter(ifp->if_serializer); 569 sc->flags |= IWI_FLAG_EXIT; 570 wakeup(IWI_FW_WAKE_MONITOR(sc)); 571 572 crit_enter(); 573 tsleep_interlock(IWI_FW_EXIT_MONITOR(sc)); 574 lwkt_serialize_exit(ifp->if_serializer); 575 tsleep(IWI_FW_EXIT_MONITOR(sc), 0, "iwiexi", 0); 576 crit_exit(); 577 /* No need to hold serializer again */ 578 579 if_printf(ifp, "fw monitor exited\n"); 580 } 581 582 if (device_is_attached(dev)) { 583 lwkt_serialize_enter(ifp->if_serializer); 584 585 iwi_stop(sc); 586 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 587 iwi_free_firmware(sc); 588 589 lwkt_serialize_exit(ifp->if_serializer); 590 591 bpfdetach(ifp); 592 ieee80211_ifdetach(ic); 593 } 594 595 iwi_free_cmd_ring(sc, &sc->cmdq); 596 iwi_free_tx_ring(sc, &sc->txq[0]); 597 iwi_free_tx_ring(sc, &sc->txq[1]); 598 iwi_free_tx_ring(sc, &sc->txq[2]); 599 iwi_free_tx_ring(sc, &sc->txq[3]); 600 iwi_free_rx_ring(sc, &sc->rxq); 601 602 if (sc->irq != NULL) 603 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq); 604 605 if (sc->mem != NULL) 606 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem); 607 608 if (sc->sysctl_tree != NULL) 609 sysctl_ctx_free(&sc->sysctl_ctx); 610 611 return 0; 612 } 613 614 static void 615 iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 616 { 617 if (error != 0) 618 return; 619 620 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 621 622 *(bus_addr_t *)arg = segs[0].ds_addr; 623 } 624 625 static int 626 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count) 627 { 628 int error; 629 630 ring->count = count; 631 ring->queued = 0; 632 ring->cur = ring->next = 0; 633 634 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 635 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_CMD_DESC_SIZE, 1, 636 count * IWI_CMD_DESC_SIZE, 0, &ring->desc_dmat); 637 if (error != 0) { 638 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 639 goto fail; 640 } 641 642 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 643 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 644 if (error != 0) { 645 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 646 goto fail; 647 } 648 649 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 650 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 651 if (error != 0) { 652 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 653 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 654 ring->desc = NULL; 655 return error; 656 } 657 658 return 0; 659 660 fail: iwi_free_cmd_ring(sc, ring); 661 return error; 662 } 663 664 static void 665 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 666 { 667 ring->queued = 0; 668 ring->cur = ring->next = 0; 669 } 670 671 static void 672 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 673 { 674 if (ring->desc != NULL) { 675 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 676 BUS_DMASYNC_POSTWRITE); 677 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 678 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 679 ring->desc = NULL; 680 } 681 682 if (ring->desc_dmat != NULL) { 683 bus_dma_tag_destroy(ring->desc_dmat); 684 ring->desc_dmat = NULL; 685 } 686 } 687 688 static int 689 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count, 690 bus_addr_t csr_ridx, bus_addr_t csr_widx) 691 { 692 int i, error; 693 694 ring->count = count; 695 ring->queued = 0; 696 ring->cur = ring->next = 0; 697 ring->csr_ridx = csr_ridx; 698 ring->csr_widx = csr_widx; 699 700 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 701 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_TX_DESC_SIZE, 1, 702 count * IWI_TX_DESC_SIZE, 0, &ring->desc_dmat); 703 if (error != 0) { 704 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 705 goto fail; 706 } 707 708 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 709 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 710 if (error != 0) { 711 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 712 goto fail; 713 } 714 715 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 716 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 717 if (error != 0) { 718 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 719 720 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 721 ring->desc = NULL; 722 goto fail; 723 } 724 725 ring->data = kmalloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 726 M_WAITOK | M_ZERO); 727 728 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 729 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, IWI_MAX_NSEG - 2, 730 MCLBYTES, 0, &ring->data_dmat); 731 if (error != 0) { 732 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 733 goto fail; 734 } 735 736 for (i = 0; i < count; i++) { 737 error = bus_dmamap_create(ring->data_dmat, 0, 738 &ring->data[i].map); 739 if (error != 0) { 740 device_printf(sc->sc_dev, "could not create DMA map\n"); 741 goto fail; 742 } 743 } 744 745 return 0; 746 747 fail: iwi_free_tx_ring(sc, ring); 748 return error; 749 } 750 751 static void 752 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 753 { 754 struct iwi_tx_data *data; 755 int i; 756 757 for (i = 0; i < ring->count; i++) { 758 data = &ring->data[i]; 759 760 if (data->m != NULL) { 761 bus_dmamap_sync(ring->data_dmat, data->map, 762 BUS_DMASYNC_POSTWRITE); 763 bus_dmamap_unload(ring->data_dmat, data->map); 764 m_freem(data->m); 765 data->m = NULL; 766 } 767 768 if (data->ni != NULL) { 769 ieee80211_free_node(data->ni); 770 data->ni = NULL; 771 } 772 } 773 774 ring->queued = 0; 775 ring->cur = ring->next = 0; 776 } 777 778 static void 779 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 780 { 781 struct iwi_tx_data *data; 782 int i; 783 784 if (ring->desc != NULL) { 785 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 786 BUS_DMASYNC_POSTWRITE); 787 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 788 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 789 ring->desc = NULL; 790 } 791 792 if (ring->desc_dmat != NULL) { 793 bus_dma_tag_destroy(ring->desc_dmat); 794 ring->desc_dmat = NULL; 795 } 796 797 if (ring->data != NULL) { 798 for (i = 0; i < ring->count; i++) { 799 data = &ring->data[i]; 800 801 if (data->m != NULL) { 802 bus_dmamap_sync(ring->data_dmat, data->map, 803 BUS_DMASYNC_POSTWRITE); 804 bus_dmamap_unload(ring->data_dmat, data->map); 805 m_freem(data->m); 806 data->m = NULL; 807 } 808 809 if (data->ni != NULL) { 810 ieee80211_free_node(data->ni); 811 data->ni = NULL; 812 } 813 814 if (data->map != NULL) { 815 bus_dmamap_destroy(ring->data_dmat, data->map); 816 data->map = NULL; 817 } 818 } 819 820 kfree(ring->data, M_DEVBUF); 821 ring->data = NULL; 822 } 823 824 if (ring->data_dmat != NULL) { 825 bus_dma_tag_destroy(ring->data_dmat); 826 ring->data_dmat = NULL; 827 } 828 } 829 830 static int 831 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count) 832 { 833 struct iwi_rx_data *data; 834 int i, error; 835 836 ring->count = count; 837 ring->cur = 0; 838 839 ring->data = kmalloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 840 M_WAITOK | M_ZERO); 841 842 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 843 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, 844 &ring->data_dmat); 845 if (error != 0) { 846 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 847 goto fail; 848 } 849 850 for (i = 0; i < count; i++) { 851 data = &ring->data[i]; 852 853 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 854 if (error != 0) { 855 device_printf(sc->sc_dev, "could not create DMA map\n"); 856 goto fail; 857 } 858 859 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR); 860 if (data->m == NULL) { 861 device_printf(sc->sc_dev, 862 "could not allocate rx mbuf\n"); 863 error = ENOMEM; 864 goto fail; 865 } 866 867 error = bus_dmamap_load(ring->data_dmat, data->map, 868 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 869 &data->physaddr, 0); 870 if (error != 0) { 871 device_printf(sc->sc_dev, 872 "could not load rx buf DMA map"); 873 874 m_freem(data->m); 875 data->m = NULL; 876 goto fail; 877 } 878 879 data->reg = IWI_CSR_RX_BASE + i * 4; 880 } 881 882 return 0; 883 884 fail: iwi_free_rx_ring(sc, ring); 885 return error; 886 } 887 888 static void 889 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 890 { 891 ring->cur = 0; 892 } 893 894 static void 895 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 896 { 897 struct iwi_rx_data *data; 898 int i; 899 900 if (ring->data != NULL) { 901 for (i = 0; i < ring->count; i++) { 902 data = &ring->data[i]; 903 904 if (data->m != NULL) { 905 bus_dmamap_sync(ring->data_dmat, data->map, 906 BUS_DMASYNC_POSTREAD); 907 bus_dmamap_unload(ring->data_dmat, data->map); 908 m_freem(data->m); 909 data->m = NULL; 910 } 911 912 if (data->map != NULL) { 913 bus_dmamap_destroy(ring->data_dmat, data->map); 914 data->map = NULL; 915 } 916 } 917 918 kfree(ring->data, M_DEVBUF); 919 ring->data = NULL; 920 } 921 922 if (ring->data_dmat != NULL) { 923 bus_dma_tag_destroy(ring->data_dmat); 924 ring->data_dmat = NULL; 925 } 926 } 927 928 static int 929 iwi_shutdown(device_t dev) 930 { 931 struct iwi_softc *sc = device_get_softc(dev); 932 struct ifnet *ifp = &sc->sc_ic.ic_if; 933 934 lwkt_serialize_enter(ifp->if_serializer); 935 iwi_stop(sc); 936 lwkt_serialize_exit(ifp->if_serializer); 937 938 return 0; 939 } 940 941 static int 942 iwi_suspend(device_t dev) 943 { 944 struct iwi_softc *sc = device_get_softc(dev); 945 struct ifnet *ifp = &sc->sc_ic.ic_if; 946 947 lwkt_serialize_enter(ifp->if_serializer); 948 iwi_stop(sc); 949 lwkt_serialize_exit(ifp->if_serializer); 950 951 return 0; 952 } 953 954 static int 955 iwi_resume(device_t dev) 956 { 957 struct iwi_softc *sc = device_get_softc(dev); 958 struct ifnet *ifp = sc->sc_ic.ic_ifp; 959 960 lwkt_serialize_enter(ifp->if_serializer); 961 962 pci_write_config(dev, 0x41, 0, 1); 963 964 if (ifp->if_flags & IFF_UP) { 965 ifp->if_init(ifp->if_softc); 966 if (ifp->if_flags & IFF_RUNNING) 967 if_devstart(ifp); 968 } 969 970 lwkt_serialize_exit(ifp->if_serializer); 971 972 return 0; 973 } 974 975 static struct ieee80211_node * 976 iwi_node_alloc(struct ieee80211_node_table *nt) 977 { 978 struct iwi_node *in; 979 980 in = kmalloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 981 if (in == NULL) 982 return NULL; 983 984 in->in_station = -1; 985 986 return &in->in_node; 987 } 988 989 static void 990 iwi_node_free(struct ieee80211_node *ni) 991 { 992 struct ieee80211com *ic = ni->ni_ic; 993 struct iwi_softc *sc = ic->ic_ifp->if_softc; 994 struct iwi_node *in = (struct iwi_node *)ni; 995 996 if (in->in_station != -1) 997 iwi_free_ibss_node(sc, in->in_station); 998 999 sc->sc_node_free(ni); 1000 } 1001 1002 static int 1003 iwi_media_change(struct ifnet *ifp) 1004 { 1005 struct iwi_softc *sc = ifp->if_softc; 1006 int error; 1007 1008 ASSERT_SERIALIZED(ifp->if_serializer); 1009 1010 error = ieee80211_media_change(ifp); 1011 if (error != ENETRESET) 1012 return error; 1013 1014 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1015 iwi_init(sc); 1016 return 0; 1017 } 1018 1019 /* 1020 * Convert h/w rate code to IEEE rate code. 1021 */ 1022 static int 1023 iwi_cvtrate(int iwirate) 1024 { 1025 switch (iwirate) { 1026 case IWI_RATE_DS1: return 2; 1027 case IWI_RATE_DS2: return 4; 1028 case IWI_RATE_DS5: return 11; 1029 case IWI_RATE_DS11: return 22; 1030 case IWI_RATE_OFDM6: return 12; 1031 case IWI_RATE_OFDM9: return 18; 1032 case IWI_RATE_OFDM12: return 24; 1033 case IWI_RATE_OFDM18: return 36; 1034 case IWI_RATE_OFDM24: return 48; 1035 case IWI_RATE_OFDM36: return 72; 1036 case IWI_RATE_OFDM48: return 96; 1037 case IWI_RATE_OFDM54: return 108; 1038 } 1039 return 0; 1040 } 1041 1042 /* 1043 * The firmware automatically adapts the transmit speed. We report its current 1044 * value here. 1045 */ 1046 static void 1047 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 1048 { 1049 struct iwi_softc *sc = ifp->if_softc; 1050 struct ieee80211com *ic = &sc->sc_ic; 1051 int rate; 1052 1053 imr->ifm_status = IFM_AVALID; 1054 imr->ifm_active = IFM_IEEE80211; 1055 if (ic->ic_state == IEEE80211_S_RUN) 1056 imr->ifm_status |= IFM_ACTIVE; 1057 1058 /* read current transmission rate from adapter */ 1059 rate = iwi_cvtrate(CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE)); 1060 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 1061 1062 if (ic->ic_opmode == IEEE80211_M_IBSS) 1063 imr->ifm_active |= IFM_IEEE80211_ADHOC; 1064 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1065 imr->ifm_active |= IFM_IEEE80211_MONITOR; 1066 } 1067 1068 static int 1069 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1070 { 1071 struct ifnet *ifp = ic->ic_ifp; 1072 struct iwi_softc *sc = ifp->if_softc; 1073 enum ieee80211_state ostate; 1074 uint32_t tmp; 1075 1076 ostate = ic->ic_state; 1077 1078 switch (nstate) { 1079 case IEEE80211_S_SCAN: 1080 if (sc->flags & IWI_FLAG_SCANNING) 1081 break; 1082 1083 ieee80211_node_table_reset(&ic->ic_scan); 1084 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1085 sc->flags |= IWI_FLAG_SCANNING; 1086 iwi_scan(sc); 1087 break; 1088 1089 case IEEE80211_S_AUTH: 1090 iwi_auth_and_assoc(sc); 1091 break; 1092 1093 case IEEE80211_S_RUN: 1094 if (ic->ic_opmode == IEEE80211_M_IBSS) 1095 iwi_auth_and_assoc(sc); 1096 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1097 iwi_set_chan(sc, ic->ic_ibss_chan); 1098 1099 /* assoc led on */ 1100 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1101 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp | IWI_LED_ASSOC); 1102 1103 return sc->sc_newstate(ic, nstate, 1104 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1105 1106 case IEEE80211_S_ASSOC: 1107 break; 1108 1109 case IEEE80211_S_INIT: 1110 sc->flags &= ~IWI_FLAG_SCANNING; 1111 1112 if (ostate != IEEE80211_S_RUN) 1113 break; 1114 1115 /* assoc led off */ 1116 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1117 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp & ~IWI_LED_ASSOC); 1118 break; 1119 } 1120 1121 ic->ic_state = nstate; 1122 1123 return 0; 1124 } 1125 1126 /* 1127 * WME parameters coming from IEEE 802.11e specification. These values are 1128 * already declared in ieee80211_proto.c, but they are static so they can't 1129 * be reused here. 1130 */ 1131 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1132 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1133 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1134 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1135 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1136 }; 1137 1138 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1139 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1140 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1141 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1142 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1143 }; 1144 1145 static int 1146 iwi_wme_update(struct ieee80211com *ic) 1147 { 1148 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1149 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1150 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1151 struct iwi_wme_params wme[3]; 1152 const struct wmeParams *wmep; 1153 int ac; 1154 1155 /* 1156 * We shall not override firmware default WME values if WME is not 1157 * actually enabled. 1158 */ 1159 if (!(ic->ic_flags & IEEE80211_F_WME)) 1160 return 0; 1161 1162 for (ac = 0; ac < WME_NUM_AC; ac++) { 1163 /* set WME values for current operating mode */ 1164 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1165 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1166 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1167 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1168 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1169 wme[0].acm[ac] = wmep->wmep_acm; 1170 1171 /* set WME values for CCK modulation */ 1172 wmep = &iwi_wme_cck_params[ac]; 1173 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1174 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1175 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1176 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1177 wme[1].acm[ac] = wmep->wmep_acm; 1178 1179 /* set WME values for OFDM modulation */ 1180 wmep = &iwi_wme_ofdm_params[ac]; 1181 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1182 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1183 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1184 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1185 wme[2].acm[ac] = wmep->wmep_acm; 1186 } 1187 1188 DPRINTF(("Setting WME parameters\n")); 1189 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1190 #undef IWI_USEC 1191 #undef IWI_EXP2 1192 } 1193 1194 /* 1195 * Read 16 bits at address 'addr' from the serial EEPROM. 1196 */ 1197 static uint16_t 1198 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1199 { 1200 uint32_t tmp; 1201 uint16_t val; 1202 int n; 1203 1204 /* Clock C once before the first command */ 1205 IWI_EEPROM_CTL(sc, 0); 1206 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1207 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1208 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1209 1210 /* Write start bit (1) */ 1211 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1212 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1213 1214 /* Write READ opcode (10) */ 1215 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1216 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1217 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1218 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1219 1220 /* Write address A7-A0 */ 1221 for (n = 7; n >= 0; n--) { 1222 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1223 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1224 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1225 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1226 } 1227 1228 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1229 1230 /* Read data Q15-Q0 */ 1231 val = 0; 1232 for (n = 15; n >= 0; n--) { 1233 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1234 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1235 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1236 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1237 } 1238 1239 IWI_EEPROM_CTL(sc, 0); 1240 1241 /* Clear Chip Select and clock C */ 1242 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1243 IWI_EEPROM_CTL(sc, 0); 1244 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1245 1246 return val; 1247 } 1248 1249 /* 1250 * XXX: Hack to set the current channel to the value advertised in beacons or 1251 * probe responses. Only used during AP detection. 1252 */ 1253 static void 1254 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1255 { 1256 struct ieee80211_frame *wh; 1257 uint8_t subtype; 1258 uint8_t *frm, *efrm; 1259 1260 wh = mtod(m, struct ieee80211_frame *); 1261 1262 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1263 return; 1264 1265 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1266 1267 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1268 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1269 return; 1270 1271 frm = (uint8_t *)(wh + 1); 1272 efrm = mtod(m, uint8_t *) + m->m_len; 1273 1274 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1275 while (frm < efrm) { 1276 if (*frm == IEEE80211_ELEMID_DSPARMS) 1277 #if IEEE80211_CHAN_MAX < 255 1278 if (frm[2] <= IEEE80211_CHAN_MAX) 1279 #endif 1280 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1281 1282 frm += frm[1] + 2; 1283 } 1284 } 1285 1286 static void 1287 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1288 struct iwi_frame *frame) 1289 { 1290 struct ieee80211com *ic = &sc->sc_ic; 1291 struct ifnet *ifp = ic->ic_ifp; 1292 struct mbuf *mnew, *m; 1293 struct ieee80211_frame *wh; 1294 struct ieee80211_node *ni; 1295 int error; 1296 1297 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1298 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1299 1300 if (le16toh(frame->len) < sizeof (struct ieee80211_frame)) 1301 return; 1302 1303 /* 1304 * Try to allocate a new mbuf for this ring element and load it before 1305 * processing the current mbuf. If the ring element cannot be loaded, 1306 * drop the received packet and reuse the old mbuf. In the unlikely 1307 * case that the old mbuf can't be reloaded either, explicitly panic. 1308 */ 1309 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR); 1310 if (mnew == NULL) { 1311 ifp->if_ierrors++; 1312 return; 1313 } 1314 1315 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1316 1317 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1318 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr, 1319 0); 1320 if (error != 0) { 1321 m_freem(mnew); 1322 1323 /* try to reload the old mbuf */ 1324 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1325 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 1326 &data->physaddr, 0); 1327 if (error != 0) { 1328 /* very unlikely that it will fail... */ 1329 panic("%s: could not load old rx mbuf", 1330 device_get_name(sc->sc_dev)); 1331 } 1332 ifp->if_ierrors++; 1333 return; 1334 } 1335 1336 /* 1337 * New mbuf successfully loaded, update Rx ring and continue 1338 * processing. 1339 */ 1340 m = data->m; 1341 data->m = mnew; 1342 CSR_WRITE_4(sc, data->reg, data->physaddr); 1343 1344 /* Finalize mbuf */ 1345 m->m_pkthdr.rcvif = ifp; 1346 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1347 sizeof (struct iwi_frame) + le16toh(frame->len); 1348 1349 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1350 1351 if (ic->ic_state == IEEE80211_S_SCAN) 1352 iwi_fix_channel(ic, m); 1353 1354 if (sc->sc_drvbpf != NULL) { 1355 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1356 1357 tap->wr_flags = 0; 1358 tap->wr_rate = frame->rate; 1359 tap->wr_chan_freq = 1360 htole16(ic->ic_channels[frame->chan].ic_freq); 1361 tap->wr_chan_flags = 1362 htole16(ic->ic_channels[frame->chan].ic_flags); 1363 tap->wr_antsignal = frame->signal; 1364 tap->wr_antenna = frame->antenna; 1365 1366 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len); 1367 } 1368 1369 wh = mtod(m, struct ieee80211_frame *); 1370 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1371 1372 /* send the frame to the 802.11 layer */ 1373 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1374 1375 /* node is no longer needed */ 1376 ieee80211_free_node(ni); 1377 } 1378 1379 static void 1380 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1381 { 1382 struct ieee80211com *ic = &sc->sc_ic; 1383 struct iwi_notif_scan_channel *chan; 1384 struct iwi_notif_scan_complete *scan; 1385 struct iwi_notif_authentication *auth; 1386 struct iwi_notif_association *assoc; 1387 1388 switch (notif->type) { 1389 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1390 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1391 1392 DPRINTFN(2, ("Scanning channel (%u)\n", chan->nchan)); 1393 break; 1394 1395 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1396 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1397 1398 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1399 scan->status)); 1400 1401 /* monitor mode uses scan to set the channel ... */ 1402 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1403 sc->flags &= ~IWI_FLAG_SCANNING; 1404 ieee80211_end_scan(ic); 1405 } else 1406 iwi_set_chan(sc, ic->ic_ibss_chan); 1407 break; 1408 1409 case IWI_NOTIF_TYPE_AUTHENTICATION: 1410 auth = (struct iwi_notif_authentication *)(notif + 1); 1411 1412 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1413 1414 switch (auth->state) { 1415 case IWI_AUTHENTICATED: 1416 ieee80211_node_authorize(ic->ic_bss); 1417 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1418 break; 1419 1420 case IWI_DEAUTHENTICATED: 1421 break; 1422 1423 default: 1424 device_printf(sc->sc_dev, 1425 "unknown authentication state %u\n", auth->state); 1426 } 1427 break; 1428 1429 case IWI_NOTIF_TYPE_ASSOCIATION: 1430 assoc = (struct iwi_notif_association *)(notif + 1); 1431 1432 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1433 assoc->status)); 1434 1435 switch (assoc->state) { 1436 case IWI_AUTHENTICATED: 1437 /* re-association, do nothing */ 1438 break; 1439 1440 case IWI_ASSOCIATED: 1441 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1442 break; 1443 1444 case IWI_DEASSOCIATED: 1445 ieee80211_begin_scan(ic, 1); 1446 break; 1447 1448 default: 1449 device_printf(sc->sc_dev, 1450 "unknown association state %u\n", assoc->state); 1451 } 1452 break; 1453 1454 default: 1455 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1456 } 1457 } 1458 1459 static void 1460 iwi_rx_intr(struct iwi_softc *sc) 1461 { 1462 struct iwi_rx_data *data; 1463 struct iwi_hdr *hdr; 1464 uint32_t hw; 1465 1466 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1467 1468 for (; sc->rxq.cur != hw;) { 1469 data = &sc->rxq.data[sc->rxq.cur]; 1470 1471 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1472 BUS_DMASYNC_POSTREAD); 1473 1474 hdr = mtod(data->m, struct iwi_hdr *); 1475 1476 switch (hdr->type) { 1477 case IWI_HDR_TYPE_FRAME: 1478 iwi_frame_intr(sc, data, sc->rxq.cur, 1479 (struct iwi_frame *)(hdr + 1)); 1480 break; 1481 1482 case IWI_HDR_TYPE_NOTIF: 1483 iwi_notification_intr(sc, 1484 (struct iwi_notif *)(hdr + 1)); 1485 break; 1486 1487 default: 1488 device_printf(sc->sc_dev, "unknown hdr type %u\n", 1489 hdr->type); 1490 } 1491 1492 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1493 1494 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT; 1495 } 1496 1497 /* Tell the firmware what we have processed */ 1498 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1; 1499 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1500 } 1501 1502 static void 1503 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1504 { 1505 struct ieee80211com *ic = &sc->sc_ic; 1506 struct ifnet *ifp = ic->ic_ifp; 1507 struct iwi_tx_data *data; 1508 uint32_t hw; 1509 1510 hw = CSR_READ_4(sc, txq->csr_ridx); 1511 1512 for (; txq->next != hw;) { 1513 data = &txq->data[txq->next]; 1514 1515 bus_dmamap_sync(txq->data_dmat, data->map, 1516 BUS_DMASYNC_POSTWRITE); 1517 bus_dmamap_unload(txq->data_dmat, data->map); 1518 m_freem(data->m); 1519 data->m = NULL; 1520 ieee80211_free_node(data->ni); 1521 data->ni = NULL; 1522 1523 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1524 1525 ifp->if_opackets++; 1526 1527 txq->queued--; 1528 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT; 1529 } 1530 1531 sc->sc_tx_timer = 0; 1532 ifp->if_flags &= ~IFF_OACTIVE; 1533 if_devstart(ifp); 1534 } 1535 1536 static void 1537 iwi_intr(void *arg) 1538 { 1539 struct iwi_softc *sc = arg; 1540 uint32_t r; 1541 1542 r = CSR_READ_4(sc, IWI_CSR_INTR); 1543 if (r == 0 || r == 0xffffffff) 1544 return; 1545 1546 /* disable interrupts */ 1547 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1548 1549 if (r & IWI_INTR_FATAL_ERROR) { 1550 device_printf(sc->sc_dev, "fatal error\n"); 1551 1552 if ((sc->flags & (IWI_FLAG_EXIT | IWI_FLAG_RESET)) == 0) { 1553 sc->flags |= IWI_FLAG_RESET; 1554 device_printf(sc->sc_dev, "wake firmware monitor\n"); 1555 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1556 } 1557 } 1558 1559 if (r & IWI_INTR_PARITY_ERROR) { 1560 device_printf(sc->sc_dev, "parity error\n"); 1561 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1562 iwi_stop(sc); 1563 } 1564 1565 if (r & IWI_INTR_FW_INITED) { 1566 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1567 wakeup(IWI_FW_INITIALIZED(sc)); 1568 } 1569 1570 if (r & IWI_INTR_RADIO_OFF) { 1571 DPRINTF(("radio transmitter turned off\n")); 1572 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1573 iwi_stop(sc); 1574 } 1575 1576 if (r & IWI_INTR_CMD_DONE) 1577 wakeup(IWI_FW_CMD_ACKED(sc)); 1578 1579 if (r & IWI_INTR_TX1_DONE) 1580 iwi_tx_intr(sc, &sc->txq[0]); 1581 1582 if (r & IWI_INTR_TX2_DONE) 1583 iwi_tx_intr(sc, &sc->txq[1]); 1584 1585 if (r & IWI_INTR_TX3_DONE) 1586 iwi_tx_intr(sc, &sc->txq[2]); 1587 1588 if (r & IWI_INTR_TX4_DONE) 1589 iwi_tx_intr(sc, &sc->txq[3]); 1590 1591 if (r & IWI_INTR_RX_DONE) 1592 iwi_rx_intr(sc); 1593 1594 /* acknowledge interrupts */ 1595 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1596 1597 /* re-enable interrupts */ 1598 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 1599 } 1600 1601 static int 1602 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, int async) 1603 { 1604 struct iwi_cmd_desc *desc; 1605 struct ifnet *ifp = &sc->sc_ic.ic_if; 1606 int ret; 1607 1608 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1609 1610 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1611 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1612 desc->type = type; 1613 desc->len = len; 1614 memcpy(desc->data, data, len); 1615 1616 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map, 1617 BUS_DMASYNC_PREWRITE); 1618 1619 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1620 type, len)); 1621 1622 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT; 1623 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1624 1625 if (!async) { 1626 ASSERT_SERIALIZED(ifp->if_serializer); 1627 1628 crit_enter(); 1629 tsleep_interlock(IWI_FW_CMD_ACKED(sc)); 1630 lwkt_serialize_exit(ifp->if_serializer); 1631 ret = tsleep(IWI_FW_CMD_ACKED(sc), 0, "iwicmd", hz); 1632 crit_exit(); 1633 lwkt_serialize_enter(ifp->if_serializer); 1634 } else { 1635 ret = 0; 1636 } 1637 1638 return ret; 1639 } 1640 1641 static void 1642 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1643 { 1644 struct iwi_ibssnode node; 1645 1646 /* write node information into NIC memory */ 1647 memset(&node, 0, sizeof node); 1648 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1649 1650 CSR_WRITE_REGION_1(sc, 1651 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1652 (uint8_t *)&node, sizeof node); 1653 } 1654 1655 struct iwi_dma_mapping { 1656 bus_dma_segment_t segs[IWI_MAX_NSEG]; 1657 int nseg; 1658 bus_size_t mapsize; 1659 }; 1660 1661 static void 1662 iwi_dma_map_mbuf(void *arg, bus_dma_segment_t *segs, int nseg, 1663 bus_size_t mapsize, int error) 1664 { 1665 struct iwi_dma_mapping *map = arg; 1666 1667 if (error != 0) 1668 return; 1669 1670 KASSERT(nseg <= IWI_MAX_NSEG, ("too many DMA segments %d", nseg)); 1671 1672 bcopy(segs, map->segs, nseg * sizeof(bus_dma_segment_t)); 1673 map->nseg = nseg; 1674 map->mapsize = mapsize; 1675 } 1676 1677 static int 1678 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1679 int ac) 1680 { 1681 struct iwi_softc *sc = ifp->if_softc; 1682 struct ieee80211com *ic = &sc->sc_ic; 1683 struct iwi_node *in = (struct iwi_node *)ni; 1684 struct ieee80211_frame *wh; 1685 struct ieee80211_key *k; 1686 const struct chanAccParams *cap; 1687 struct iwi_tx_ring *txq = &sc->txq[ac]; 1688 struct iwi_tx_data *data; 1689 struct iwi_tx_desc *desc; 1690 struct mbuf *mnew; 1691 struct iwi_dma_mapping map; 1692 int error, hdrlen, i, noack = 0; 1693 1694 wh = mtod(m0, struct ieee80211_frame *); 1695 1696 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1697 hdrlen = sizeof (struct ieee80211_qosframe); 1698 cap = &ic->ic_wme.wme_chanParams; 1699 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1700 } else 1701 hdrlen = sizeof (struct ieee80211_frame); 1702 1703 /* 1704 * This is only used in IBSS mode where the firmware expect an index 1705 * in a h/w table instead of a destination address. 1706 */ 1707 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1708 in->in_station = iwi_alloc_ibss_node(sc); 1709 if (in->in_station == -1) { /* h/w table is full */ 1710 m_freem(m0); 1711 ieee80211_free_node(ni); 1712 ifp->if_oerrors++; 1713 if_printf(ifp, "ibss table is full\n"); 1714 return 0; 1715 } 1716 iwi_write_ibssnode(sc, in); 1717 } 1718 1719 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1720 k = ieee80211_crypto_encap(ic, ni, m0); 1721 if (k == NULL) { 1722 m_freem(m0); 1723 return ENOBUFS; 1724 } 1725 1726 /* packet header may have moved, reset our local pointer */ 1727 wh = mtod(m0, struct ieee80211_frame *); 1728 } 1729 1730 if (sc->sc_drvbpf != NULL) { 1731 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1732 1733 tap->wt_flags = 0; 1734 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1735 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1736 1737 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len); 1738 } 1739 1740 data = &txq->data[txq->cur]; 1741 desc = &txq->desc[txq->cur]; 1742 1743 /* save and trim IEEE802.11 header */ 1744 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1745 m_adj(m0, hdrlen); 1746 1747 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1748 iwi_dma_map_mbuf, &map, BUS_DMA_NOWAIT); 1749 if (error != 0 && error != EFBIG) { 1750 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1751 error); 1752 m_freem(m0); 1753 return error; 1754 } 1755 if (error != 0) { 1756 mnew = m_defrag(m0, MB_DONTWAIT); 1757 if (mnew == NULL) { 1758 device_printf(sc->sc_dev, 1759 "could not defragment mbuf\n"); 1760 m_freem(m0); 1761 return ENOBUFS; 1762 } 1763 m0 = mnew; 1764 1765 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1766 iwi_dma_map_mbuf, &map, 1767 BUS_DMA_NOWAIT); 1768 if (error != 0) { 1769 device_printf(sc->sc_dev, 1770 "could not map mbuf (error %d)\n", error); 1771 m_freem(m0); 1772 return error; 1773 } 1774 } 1775 1776 data->m = m0; 1777 data->ni = ni; 1778 1779 desc->hdr.type = IWI_HDR_TYPE_DATA; 1780 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1781 desc->station = 1782 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1783 desc->cmd = IWI_DATA_CMD_TX; 1784 desc->len = htole16(m0->m_pkthdr.len); 1785 desc->flags = 0; 1786 desc->xflags = 0; 1787 1788 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1789 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1790 1791 #if 0 1792 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1793 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1794 desc->weptxkey = ic->ic_crypto.cs_def_txkey; 1795 } else 1796 #endif 1797 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1798 1799 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1800 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1801 1802 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1803 desc->xflags |= IWI_DATA_XFLAG_QOS; 1804 1805 desc->nseg = htole32(map.nseg); 1806 for (i = 0; i < map.nseg; i++) { 1807 desc->seg_addr[i] = htole32(map.segs[i].ds_addr); 1808 desc->seg_len[i] = htole16(map.segs[i].ds_len); 1809 } 1810 1811 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1812 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1813 1814 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1815 ac, txq->cur, le16toh(desc->len), map.nseg)); 1816 1817 txq->queued++; 1818 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT; 1819 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1820 1821 return 0; 1822 } 1823 1824 static void 1825 iwi_start(struct ifnet *ifp) 1826 { 1827 struct iwi_softc *sc = ifp->if_softc; 1828 struct ieee80211com *ic = &sc->sc_ic; 1829 struct mbuf *m0; 1830 struct ether_header *eh; 1831 struct ieee80211_node *ni; 1832 int ac; 1833 1834 ieee80211_drain_mgtq(&ic->ic_mgtq); 1835 if (ic->ic_state != IEEE80211_S_RUN) { 1836 ifq_purge(&ifp->if_snd); 1837 return; 1838 } 1839 1840 for (;;) { 1841 m0 = ifq_dequeue(&ifp->if_snd, NULL); 1842 if (m0 == NULL) 1843 break; 1844 1845 if (m0->m_len < sizeof (struct ether_header) && 1846 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1847 ifp->if_oerrors++; 1848 continue; 1849 } 1850 eh = mtod(m0, struct ether_header *); 1851 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1852 if (ni == NULL) { 1853 m_freem(m0); 1854 ifp->if_oerrors++; 1855 continue; 1856 } 1857 1858 /* classify mbuf so we can find which tx ring to use */ 1859 if (ieee80211_classify(ic, m0, ni) != 0) { 1860 m_freem(m0); 1861 ieee80211_free_node(ni); 1862 ifp->if_oerrors++; 1863 continue; 1864 } 1865 1866 /* no QoS encapsulation for EAPOL frames */ 1867 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1868 M_WME_GETAC(m0) : WME_AC_BE; 1869 1870 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) { 1871 /* there is no place left in this ring */ 1872 m_freem(m0); 1873 ieee80211_free_node(ni); 1874 ifp->if_flags |= IFF_OACTIVE; 1875 break; 1876 } 1877 1878 BPF_MTAP(ifp, m0); 1879 1880 m0 = ieee80211_encap(ic, m0, ni); 1881 if (m0 == NULL) { 1882 ieee80211_free_node(ni); 1883 ifp->if_oerrors++; 1884 continue; 1885 } 1886 1887 if (ic->ic_rawbpf != NULL) 1888 bpf_mtap(ic->ic_rawbpf, m0); 1889 1890 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1891 ieee80211_free_node(ni); 1892 ifp->if_oerrors++; 1893 break; 1894 } 1895 1896 sc->sc_tx_timer = 5; 1897 ifp->if_timer = 1; 1898 } 1899 } 1900 1901 static void 1902 iwi_watchdog(struct ifnet *ifp) 1903 { 1904 struct iwi_softc *sc = ifp->if_softc; 1905 struct ieee80211com *ic = &sc->sc_ic; 1906 1907 ifp->if_timer = 0; 1908 1909 if (sc->sc_tx_timer > 0) { 1910 if (--sc->sc_tx_timer == 0) { 1911 if_printf(ifp, "device timeout\n"); 1912 ifp->if_oerrors++; 1913 sc->flags |= IWI_FLAG_RESET; 1914 wakeup(IWI_FW_WAKE_MONITOR(sc)); 1915 return; 1916 } 1917 ifp->if_timer = 1; 1918 } 1919 1920 ieee80211_watchdog(ic); 1921 } 1922 1923 static int 1924 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 1925 { 1926 struct iwi_softc *sc = ifp->if_softc; 1927 struct ieee80211com *ic = &sc->sc_ic; 1928 int error = 0; 1929 1930 switch (cmd) { 1931 case SIOCSIFFLAGS: 1932 if (ifp->if_flags & IFF_UP) { 1933 if (!(ifp->if_flags & IFF_RUNNING)) 1934 iwi_init(sc); 1935 } else { 1936 if (ifp->if_flags & IFF_RUNNING) 1937 iwi_stop(sc); 1938 } 1939 break; 1940 1941 default: 1942 error = ieee80211_ioctl(ic, cmd, data, cr); 1943 } 1944 1945 if (error == ENETRESET) { 1946 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1947 (IFF_UP | IFF_RUNNING) && 1948 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1949 iwi_init(sc); 1950 error = 0; 1951 } 1952 1953 return error; 1954 } 1955 1956 static void 1957 iwi_stop_master(struct iwi_softc *sc) 1958 { 1959 uint32_t tmp; 1960 int ntries; 1961 1962 /* disable interrupts */ 1963 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1964 1965 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 1966 for (ntries = 0; ntries < 5; ntries++) { 1967 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1968 break; 1969 DELAY(10); 1970 } 1971 if (ntries == 5) 1972 if_printf(&sc->sc_ic.ic_if, "timeout waiting for master\n"); 1973 1974 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1975 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET); 1976 1977 sc->flags &= ~IWI_FLAG_FW_INITED; 1978 } 1979 1980 static int 1981 iwi_reset(struct iwi_softc *sc) 1982 { 1983 uint32_t tmp; 1984 int i, ntries; 1985 1986 iwi_stop_master(sc); 1987 1988 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 1989 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 1990 1991 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 1992 1993 /* Wait for clock stabilization */ 1994 for (ntries = 0; ntries < 1000; ntries++) { 1995 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 1996 break; 1997 DELAY(200); 1998 } 1999 if (ntries == 1000) { 2000 if_printf(&sc->sc_ic.ic_if, 2001 "timeout waiting for clock stabilization\n"); 2002 return EIO; 2003 } 2004 2005 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2006 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET); 2007 2008 DELAY(10); 2009 2010 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2011 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2012 2013 /* Clear NIC memory */ 2014 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2015 for (i = 0; i < 0xc000; i++) 2016 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2017 2018 return 0; 2019 } 2020 2021 static int 2022 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 2023 { 2024 uint32_t tmp; 2025 uint16_t *w; 2026 int ntries, i; 2027 2028 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2029 IWI_RST_STOP_MASTER); 2030 for (ntries = 0; ntries < 5; ntries++) { 2031 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2032 break; 2033 DELAY(10); 2034 } 2035 if (ntries == 5) { 2036 device_printf(sc->sc_dev, "timeout waiting for master\n"); 2037 return EIO; 2038 } 2039 2040 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2041 DELAY(5000); 2042 2043 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2044 tmp &= ~IWI_RST_PRINCETON_RESET; 2045 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2046 2047 DELAY(5000); 2048 MEM_WRITE_4(sc, 0x3000e0, 0); 2049 DELAY(1000); 2050 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 1); 2051 DELAY(1000); 2052 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 0); 2053 DELAY(1000); 2054 MEM_WRITE_1(sc, 0x200000, 0x00); 2055 MEM_WRITE_1(sc, 0x200000, 0x40); 2056 DELAY(1000); 2057 2058 /* write microcode into adapter memory */ 2059 for (w = uc; size > 0; w++, size -= 2) 2060 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2061 2062 MEM_WRITE_1(sc, 0x200000, 0x00); 2063 MEM_WRITE_1(sc, 0x200000, 0x80); 2064 2065 /* wait until we get an answer */ 2066 for (ntries = 0; ntries < 100; ntries++) { 2067 if (MEM_READ_1(sc, 0x200000) & 1) 2068 break; 2069 DELAY(100); 2070 } 2071 if (ntries == 100) { 2072 device_printf(sc->sc_dev, 2073 "timeout waiting for ucode to initialize\n"); 2074 return EIO; 2075 } 2076 2077 /* read the answer or the firmware will not initialize properly */ 2078 for (i = 0; i < 7; i++) 2079 MEM_READ_4(sc, 0x200004); 2080 2081 MEM_WRITE_1(sc, 0x200000, 0x00); 2082 2083 return 0; 2084 } 2085 2086 static int 2087 iwi_alloc_firmware(struct iwi_softc *sc, enum ieee80211_opmode opmode) 2088 { 2089 struct { 2090 const char *suffix; 2091 enum ieee80211_opmode opmode; 2092 } fw_arr[] = { 2093 { "bss", IEEE80211_M_STA }, 2094 { "ibss", IEEE80211_M_IBSS}, 2095 { "sniffer", IEEE80211_M_MONITOR}, 2096 { NULL, 0 } 2097 }; 2098 struct ifnet *ifp = &sc->sc_ic.ic_if; 2099 struct iwi_firmware_hdr *hdr; 2100 struct iwi_firmware *fw = &sc->fw; 2101 struct fw_image *image; 2102 char filename[128]; 2103 int i, error, length_sum; 2104 2105 for (i = 0; fw_arr[i].suffix != NULL; ++i) { 2106 if (fw_arr[i].opmode == opmode) 2107 break; 2108 } 2109 2110 KASSERT(fw_arr[i].suffix != NULL, ("unsupported opmode %u\n", opmode)); 2111 2112 ksnprintf(filename, sizeof(filename), IWI_FW_PATH, fw_arr[i].suffix); 2113 2114 /* 2115 * Release the serializer to avoid possible dead lock 2116 */ 2117 lwkt_serialize_exit(ifp->if_serializer); 2118 image = firmware_image_load(filename, NULL); 2119 lwkt_serialize_enter(ifp->if_serializer); 2120 2121 if (image == NULL) 2122 return ENOENT; 2123 fw->fw_image = image; 2124 2125 /* 2126 * Verify the image 2127 */ 2128 error = EINVAL; 2129 2130 if (fw->fw_image->fw_imglen < sizeof(struct iwi_firmware_hdr)) { 2131 if_printf(ifp, "%s firmware too short", image->fw_name); 2132 goto back; 2133 } 2134 2135 hdr = (struct iwi_firmware_hdr *)image->fw_image; 2136 if (hdr->vermaj != 3) { 2137 if_printf(ifp, "%s unsupported firmware version %d.%d\n", 2138 image->fw_name, hdr->vermaj, hdr->vermin); 2139 goto back; 2140 } 2141 2142 length_sum = le32toh(hdr->bsize) + le32toh(hdr->usize) + le32toh(hdr->fsize); 2143 if (length_sum + sizeof(*hdr) != image->fw_imglen) { 2144 if_printf(ifp, "%s size mismatch, %u/hdr %u\n", image->fw_name, 2145 fw->fw_image->fw_imglen, length_sum + sizeof(*hdr)); 2146 goto back; 2147 } 2148 2149 fw->boot = (uint8_t *)(hdr + 1); 2150 fw->boot_size = le32toh(hdr->bsize); 2151 fw->ucode = fw->boot + fw->boot_size; 2152 fw->ucode_size = le32toh(hdr->usize); 2153 fw->main = fw->ucode + fw->ucode_size; 2154 fw->main_size = le32toh(hdr->fsize); 2155 2156 error = 0; 2157 2158 back: 2159 if (error) { 2160 firmware_image_unload(fw->fw_image); 2161 bzero(fw, sizeof(*fw)); 2162 } 2163 return error; 2164 } 2165 2166 static int 2167 iwi_free_firmware(struct iwi_softc *sc) 2168 { 2169 if (sc->fw.fw_image != NULL) 2170 firmware_image_unload(sc->fw.fw_image); 2171 return 0; 2172 } 2173 2174 /* macro to handle unaligned little endian data in firmware image */ 2175 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2176 2177 static int 2178 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2179 { 2180 bus_dma_tag_t dmat; 2181 bus_dmamap_t map; 2182 bus_addr_t physaddr; 2183 void *virtaddr; 2184 u_char *p, *end; 2185 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp; 2186 int ntries, error = 0; 2187 struct ifnet *ifp = &sc->sc_ic.ic_if; 2188 2189 ASSERT_SERIALIZED(ifp->if_serializer); 2190 2191 /* Allocate DMA memory for mapping firmware image */ 2192 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 2193 BUS_SPACE_MAXADDR, NULL, NULL, size, 1, size, 0, &dmat); 2194 if (error != 0) { 2195 device_printf(sc->sc_dev, 2196 "could not create firmware DMA tag\n"); 2197 goto fail1; 2198 } 2199 2200 error = bus_dmamem_alloc(dmat, &virtaddr, BUS_DMA_WAITOK, &map); 2201 if (error != 0) { 2202 device_printf(sc->sc_dev, 2203 "could not allocate firmware DMA memory\n"); 2204 goto fail2; 2205 } 2206 2207 error = bus_dmamap_load(dmat, map, virtaddr, size, iwi_dma_map_addr, 2208 &physaddr, 0); 2209 if (error != 0) { 2210 device_printf(sc->sc_dev, "could not load firmware DMA map\n"); 2211 goto fail3; 2212 } 2213 2214 /* Copy firmware image to DMA memory */ 2215 memcpy(virtaddr, fw, size); 2216 2217 /* Make sure the adapter will get up-to-date values */ 2218 bus_dmamap_sync(dmat, map, BUS_DMASYNC_PREWRITE); 2219 2220 /* Tell the adapter where the command blocks are stored */ 2221 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2222 2223 /* 2224 * Store command blocks into adapter's internal memory using register 2225 * indirections. The adapter will read the firmware image through DMA 2226 * using information stored in command blocks. 2227 */ 2228 src = physaddr; 2229 p = virtaddr; 2230 end = p + size; 2231 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2232 2233 while (p < end) { 2234 dst = GETLE32(p); p += 4; src += 4; 2235 len = GETLE32(p); p += 4; src += 4; 2236 p += len; 2237 2238 while (len > 0) { 2239 mlen = min(len, IWI_CB_MAXDATALEN); 2240 2241 ctl = IWI_CB_DEFAULT_CTL | mlen; 2242 sum = ctl ^ src ^ dst; 2243 2244 /* Write a command block */ 2245 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2246 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src); 2247 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst); 2248 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2249 2250 src += mlen; 2251 dst += mlen; 2252 len -= mlen; 2253 } 2254 } 2255 2256 /* Write a fictive final command block (sentinel) */ 2257 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2258 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2259 2260 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2261 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER); 2262 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2263 2264 /* Tell the adapter to start processing command blocks */ 2265 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2266 2267 /* Wait until the adapter reaches the sentinel */ 2268 for (ntries = 0; ntries < 400; ntries++) { 2269 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2270 break; 2271 DELAY(100); 2272 } 2273 if (ntries == 400) { 2274 device_printf(sc->sc_dev, 2275 "timeout processing command blocks\n"); 2276 error = EIO; 2277 goto fail4; 2278 } 2279 2280 /* We're done with command blocks processing */ 2281 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2282 2283 /* Allow interrupts so we know when the firmware is ready */ 2284 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2285 2286 /* Tell the adapter to initialize the firmware */ 2287 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2288 2289 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2290 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY); 2291 2292 /* wait at most one second for firmware initialization to complete */ 2293 crit_enter(); 2294 tsleep_interlock(IWI_FW_INITIALIZED(sc)); 2295 lwkt_serialize_exit(ifp->if_serializer); 2296 error = tsleep(IWI_FW_INITIALIZED(sc), 0, "iwiinit", hz); 2297 crit_exit(); 2298 lwkt_serialize_enter(ifp->if_serializer); 2299 if (error != 0) { 2300 device_printf(sc->sc_dev, "timeout waiting for firmware " 2301 "initialization to complete\n"); 2302 goto fail4; 2303 } 2304 2305 fail4: bus_dmamap_sync(dmat, map, BUS_DMASYNC_POSTWRITE); 2306 bus_dmamap_unload(dmat, map); 2307 fail3: bus_dmamem_free(dmat, virtaddr, map); 2308 fail2: bus_dma_tag_destroy(dmat); 2309 fail1: 2310 return error; 2311 } 2312 2313 static int 2314 iwi_config(struct iwi_softc *sc) 2315 { 2316 struct ieee80211com *ic = &sc->sc_ic; 2317 struct ifnet *ifp = ic->ic_ifp; 2318 struct iwi_configuration config; 2319 struct iwi_rateset rs; 2320 struct iwi_txpower power; 2321 struct ieee80211_key *wk; 2322 struct iwi_wep_key wepkey; 2323 uint32_t data; 2324 int error, i; 2325 2326 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2327 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":")); 2328 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2329 IEEE80211_ADDR_LEN, 0); 2330 if (error != 0) 2331 return error; 2332 2333 memset(&config, 0, sizeof config); 2334 config.bluetooth_coexistence = sc->bluetooth; 2335 config.antenna = sc->antenna; 2336 config.multicast_enabled = 1; 2337 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2338 config.disable_unicast_decryption = 1; 2339 config.disable_multicast_decryption = 1; 2340 DPRINTF(("Configuring adapter\n")); 2341 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 0); 2342 if (error != 0) 2343 return error; 2344 2345 data = htole32(IWI_POWER_MODE_CAM); 2346 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2347 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2348 if (error != 0) 2349 return error; 2350 2351 data = htole32(ic->ic_rtsthreshold); 2352 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2353 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2354 if (error != 0) 2355 return error; 2356 2357 data = htole32(ic->ic_fragthreshold); 2358 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2359 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2360 if (error != 0) 2361 return error; 2362 2363 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2364 power.mode = IWI_MODE_11B; 2365 power.nchan = 11; 2366 for (i = 0; i < 11; i++) { 2367 power.chan[i].chan = i + 1; 2368 power.chan[i].power = IWI_TXPOWER_MAX; 2369 } 2370 DPRINTF(("Setting .11b channels tx power\n")); 2371 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2372 0); 2373 if (error != 0) 2374 return error; 2375 2376 power.mode = IWI_MODE_11G; 2377 DPRINTF(("Setting .11g channels tx power\n")); 2378 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2379 0); 2380 if (error != 0) 2381 return error; 2382 } 2383 2384 rs.mode = IWI_MODE_11G; 2385 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2386 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2387 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2388 rs.nrates); 2389 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2390 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2391 if (error != 0) 2392 return error; 2393 2394 rs.mode = IWI_MODE_11A; 2395 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2396 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2397 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2398 rs.nrates); 2399 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2400 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2401 if (error != 0) 2402 return error; 2403 2404 /* if we have a desired ESSID, set it now */ 2405 if (ic->ic_des_esslen != 0) { 2406 #ifdef IWI_DEBUG 2407 if (iwi_debug > 0) { 2408 kprintf("Setting desired ESSID to "); 2409 ieee80211_print_essid(ic->ic_des_essid, 2410 ic->ic_des_esslen); 2411 kprintf("\n"); 2412 } 2413 #endif 2414 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2415 ic->ic_des_esslen, 0); 2416 if (error != 0) 2417 return error; 2418 } 2419 2420 data = htole32(karc4random()); 2421 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2422 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2423 if (error != 0) 2424 return error; 2425 2426 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2427 wk = &ic->ic_crypto.cs_nw_keys[i]; 2428 2429 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2430 wepkey.idx = i; 2431 wepkey.len = wk->wk_keylen; 2432 memset(wepkey.key, 0, sizeof wepkey.key); 2433 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2434 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx, 2435 wepkey.len)); 2436 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2437 sizeof wepkey, 0); 2438 if (error != 0) 2439 return error; 2440 } 2441 2442 /* Enable adapter */ 2443 DPRINTF(("Enabling adapter\n")); 2444 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2445 } 2446 2447 static int 2448 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2449 { 2450 struct ieee80211com *ic = &sc->sc_ic; 2451 struct iwi_scan scan; 2452 2453 memset(&scan, 0, sizeof scan); 2454 memset(scan.type, IWI_SCAN_TYPE_PASSIVE, sizeof scan.type); 2455 scan.passive = htole16(2000); 2456 scan.channels[0] = 1 | 2457 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2458 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2459 2460 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2461 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2462 } 2463 2464 static int 2465 iwi_scan(struct iwi_softc *sc) 2466 { 2467 struct ieee80211com *ic = &sc->sc_ic; 2468 struct iwi_scan scan; 2469 uint8_t *p; 2470 int i, count; 2471 2472 memset(&scan, 0, sizeof scan); 2473 2474 if (ic->ic_des_esslen != 0) { 2475 scan.bdirected = htole16(sc->dwelltime); 2476 memset(scan.type, IWI_SCAN_TYPE_BDIRECTED, sizeof scan.type); 2477 } else { 2478 scan.broadcast = htole16(sc->dwelltime); 2479 memset(scan.type, IWI_SCAN_TYPE_BROADCAST, sizeof scan.type); 2480 } 2481 2482 p = scan.channels; 2483 count = 0; 2484 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2485 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2486 isset(ic->ic_chan_active, i)) { 2487 *++p = i; 2488 count++; 2489 } 2490 } 2491 *(p - count) = IWI_CHAN_5GHZ | count; 2492 2493 p = (count > 0) ? p + 1 : scan.channels; 2494 count = 0; 2495 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2496 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2497 isset(ic->ic_chan_active, i)) { 2498 *++p = i; 2499 count++; 2500 } 2501 } 2502 *(p - count) = IWI_CHAN_2GHZ | count; 2503 2504 DPRINTF(("Start scanning\n")); 2505 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2506 } 2507 2508 static int 2509 iwi_auth_and_assoc(struct iwi_softc *sc) 2510 { 2511 struct ieee80211com *ic = &sc->sc_ic; 2512 struct ifnet *ifp = ic->ic_ifp; 2513 struct ieee80211_node *ni = ic->ic_bss; 2514 struct ieee80211_wme_info wme; 2515 struct iwi_configuration config; 2516 struct iwi_associate assoc; 2517 struct iwi_rateset rs; 2518 uint16_t capinfo; 2519 uint32_t data; 2520 int error; 2521 2522 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2523 memset(&config, 0, sizeof config); 2524 config.bluetooth_coexistence = sc->bluetooth; 2525 config.antenna = sc->antenna; 2526 config.multicast_enabled = 1; 2527 config.use_protection = 1; 2528 config.answer_pbreq = 2529 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2530 config.disable_unicast_decryption = 1; 2531 config.disable_multicast_decryption = 1; 2532 DPRINTF(("Configuring adapter\n")); 2533 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 2534 1); 2535 if (error != 0) 2536 return error; 2537 } 2538 2539 #ifdef IWI_DEBUG 2540 if (iwi_debug > 0) { 2541 kprintf("Setting ESSID to "); 2542 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2543 kprintf("\n"); 2544 } 2545 #endif 2546 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2547 if (error != 0) 2548 return error; 2549 2550 /* the rate set has already been "negotiated" */ 2551 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2552 IWI_MODE_11G; 2553 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2554 rs.nrates = ni->ni_rates.rs_nrates; 2555 KKASSERT(rs.nrates <= IWI_RATESET_MAXSIZE); 2556 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2557 DPRINTF(("Setting negociated rates (%u)\n", rs.nrates)); 2558 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2559 if (error != 0) 2560 return error; 2561 2562 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2563 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2564 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2565 wme.wme_oui[0] = 0x00; 2566 wme.wme_oui[1] = 0x50; 2567 wme.wme_oui[2] = 0xf2; 2568 wme.wme_type = WME_OUI_TYPE; 2569 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2570 wme.wme_version = WME_VERSION; 2571 wme.wme_info = 0; 2572 2573 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2574 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2575 if (error != 0) 2576 return error; 2577 } 2578 2579 if (ic->ic_opt_ie != NULL) { 2580 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2581 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2582 ic->ic_opt_ie_len, 1); 2583 if (error != 0) 2584 return error; 2585 } 2586 2587 data = htole32(ni->ni_rssi); 2588 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2589 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2590 if (error != 0) 2591 return error; 2592 2593 memset(&assoc, 0, sizeof assoc); 2594 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2595 IWI_MODE_11G; 2596 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2597 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2598 assoc.auth = ic->ic_crypto.cs_def_txkey << 4 | IWI_AUTH_SHARED; 2599 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2600 assoc.policy |= htole16(IWI_POLICY_WME); 2601 if (ic->ic_flags & IEEE80211_F_WPA) 2602 assoc.policy |= htole16(IWI_POLICY_WPA); 2603 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2604 2605 if (ic->ic_opmode == IEEE80211_M_IBSS) 2606 capinfo = IEEE80211_CAPINFO_IBSS; 2607 else 2608 capinfo = IEEE80211_CAPINFO_ESS; 2609 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2610 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2611 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2612 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2613 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2614 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2615 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2616 assoc.capinfo = htole16(capinfo); 2617 2618 assoc.lintval = htole16(ic->ic_lintval); 2619 assoc.intval = htole16(ni->ni_intval); 2620 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2621 if (ic->ic_opmode == IEEE80211_M_IBSS) 2622 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2623 else 2624 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2625 2626 DPRINTF(("Trying to associate to %6D channel %u auth %u\n", 2627 assoc.bssid, ":", assoc.chan, assoc.auth)); 2628 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2629 } 2630 2631 static void 2632 iwi_init(void *priv) 2633 { 2634 struct iwi_softc *sc = priv; 2635 struct ieee80211com *ic = &sc->sc_ic; 2636 struct ifnet *ifp = ic->ic_ifp; 2637 struct iwi_firmware *fw = &sc->fw; 2638 struct iwi_rx_data *data; 2639 int i; 2640 2641 iwi_stop(sc); 2642 2643 if (iwi_reset(sc) != 0) { 2644 device_printf(sc->sc_dev, "could not reset adapter\n"); 2645 goto fail; 2646 } 2647 2648 if (iwi_alloc_firmware(sc, ic->ic_opmode) != 0) { 2649 device_printf(sc->sc_dev, "could not allocate firmware\n"); 2650 goto fail; 2651 } 2652 2653 if (iwi_load_firmware(sc, fw->boot, fw->boot_size) != 0) { 2654 device_printf(sc->sc_dev, "could not load boot firmware\n"); 2655 goto fail; 2656 } 2657 2658 if (iwi_load_ucode(sc, fw->ucode, fw->ucode_size) != 0) { 2659 device_printf(sc->sc_dev, "could not load microcode\n"); 2660 goto fail; 2661 } 2662 2663 iwi_stop_master(sc); 2664 2665 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr); 2666 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2667 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2668 2669 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr); 2670 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2671 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2672 2673 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr); 2674 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2675 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2676 2677 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr); 2678 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2679 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2680 2681 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr); 2682 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2683 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2684 2685 for (i = 0; i < sc->rxq.count; i++) { 2686 data = &sc->rxq.data[i]; 2687 CSR_WRITE_4(sc, data->reg, data->physaddr); 2688 } 2689 2690 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1); 2691 2692 if (iwi_load_firmware(sc, fw->main, fw->main_size) != 0) { 2693 device_printf(sc->sc_dev, "could not load main firmware\n"); 2694 goto fail; 2695 } 2696 2697 sc->flags |= IWI_FLAG_FW_INITED; 2698 2699 if (iwi_config(sc) != 0) { 2700 device_printf(sc->sc_dev, "device configuration failed\n"); 2701 goto fail; 2702 } 2703 2704 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2705 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2706 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2707 } else 2708 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2709 2710 ifp->if_flags &= ~IFF_OACTIVE; 2711 ifp->if_flags |= IFF_RUNNING; 2712 2713 return; 2714 2715 fail: ifp->if_flags &= ~IFF_UP; 2716 iwi_stop(sc); 2717 } 2718 2719 static void 2720 iwi_stop(void *priv) 2721 { 2722 struct iwi_softc *sc = priv; 2723 struct ieee80211com *ic = &sc->sc_ic; 2724 struct ifnet *ifp = ic->ic_ifp; 2725 2726 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2727 2728 iwi_stop_master(sc); 2729 2730 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET); 2731 2732 /* reset rings */ 2733 iwi_reset_cmd_ring(sc, &sc->cmdq); 2734 iwi_reset_tx_ring(sc, &sc->txq[0]); 2735 iwi_reset_tx_ring(sc, &sc->txq[1]); 2736 iwi_reset_tx_ring(sc, &sc->txq[2]); 2737 iwi_reset_tx_ring(sc, &sc->txq[3]); 2738 iwi_reset_rx_ring(sc, &sc->rxq); 2739 2740 sc->sc_tx_timer = 0; 2741 ifp->if_timer = 0; 2742 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2743 } 2744 2745 static int 2746 iwi_sysctl_stats(SYSCTL_HANDLER_ARGS) 2747 { 2748 struct iwi_softc *sc = arg1; 2749 struct ifnet *ifp = &sc->sc_ic.ic_if; 2750 uint32_t size, buf[128]; 2751 2752 lwkt_serialize_enter(ifp->if_serializer); 2753 2754 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 2755 memset(buf, 0, sizeof buf); 2756 goto back; 2757 } 2758 2759 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 2760 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 2761 back: 2762 lwkt_serialize_exit(ifp->if_serializer); 2763 return SYSCTL_OUT(req, buf, sizeof buf); 2764 } 2765 2766 static int 2767 iwi_sysctl_radio(SYSCTL_HANDLER_ARGS) 2768 { 2769 struct iwi_softc *sc = arg1; 2770 struct ifnet *ifp = &sc->sc_ic.ic_if; 2771 int val; 2772 2773 lwkt_serialize_enter(ifp->if_serializer); 2774 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 2775 lwkt_serialize_exit(ifp->if_serializer); 2776 2777 return SYSCTL_OUT(req, &val, sizeof val); 2778 } 2779 2780 static const int8_t iwi_bitmap[256] = { 2781 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2782 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2783 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2784 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2785 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2786 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2787 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2788 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 7, 2789 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2790 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2791 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2792 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2793 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2794 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2795 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2796 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, -1 2797 }; 2798 2799 static int 2800 iwi_alloc_ibss_node(struct iwi_softc *sc) 2801 { 2802 int i; 2803 2804 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2805 2806 for (i = 0; i < IWI_MAX_IBSSNODE_NBYTE; ++i) { 2807 int ret; 2808 2809 ret = iwi_bitmap[sc->sc_ibss_node[i]]; 2810 if (ret != -1) { 2811 sc->sc_ibss_node[i] |= (1 << ret); 2812 ret += (i * NBBY); 2813 return ret; 2814 } 2815 } 2816 return -1; 2817 } 2818 2819 static void 2820 iwi_free_ibss_node(struct iwi_softc *sc, int ibss_node) 2821 { 2822 int i, b; 2823 2824 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2825 KASSERT(ibss_node < IWI_MAX_IBSSNODE, ("free ibss node, out of range")); 2826 2827 i = ibss_node / NBBY; 2828 b = ibss_node % NBBY; 2829 2830 sc->sc_ibss_node[i] &= ~(1 << b); 2831 } 2832