1 /* 2 * Copyright (c) 2004-2006 3 * Damien Bergamini <damien.bergamini@free.fr>. 4 * Copyright (c) 2004, 2005 5 * Andrew Atrens <atrens@nortelnetworks.com>. 6 * 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice unmodified, this list of conditions, and the following 14 * disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.8.2.6 2006/02/23 02:06:46 sam Exp $ 32 * $DragonFly: src/sys/dev/netif/iwi/if_iwi.c,v 1.11 2006/05/18 13:51:45 sephe Exp $ 33 */ 34 35 /*- 36 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 37 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 38 */ 39 40 #include <sys/param.h> 41 #include <sys/sysctl.h> 42 #include <sys/sockio.h> 43 #include <sys/mbuf.h> 44 #include <sys/kernel.h> 45 #include <sys/kthread.h> 46 #include <sys/socket.h> 47 #include <sys/systm.h> 48 #include <sys/malloc.h> 49 #include <sys/module.h> 50 #include <sys/bus.h> 51 #include <sys/endian.h> 52 #include <sys/proc.h> 53 #include <sys/ucred.h> 54 #include <sys/serialize.h> 55 56 #include <machine/bus.h> 57 #include <machine/resource.h> 58 #include <sys/rman.h> 59 60 #include <bus/pci/pcireg.h> 61 #include <bus/pci/pcivar.h> 62 63 #include <net/bpf.h> 64 #include <net/if.h> 65 #include <net/if_arp.h> 66 #include <net/ethernet.h> 67 #include <net/if_dl.h> 68 #include <net/if_media.h> 69 #include <net/if_types.h> 70 #include <net/ifq_var.h> 71 72 #include <netproto/802_11/ieee80211_var.h> 73 #include <netproto/802_11/ieee80211_radiotap.h> 74 75 #include <netinet/in.h> 76 #include <netinet/in_systm.h> 77 #include <netinet/in_var.h> 78 #include <netinet/ip.h> 79 #include <netinet/if_ether.h> 80 81 #include <dev/netif/iwi/if_iwireg.h> 82 #include <dev/netif/iwi/if_iwivar.h> 83 84 #ifdef IWI_DEBUG 85 #define DPRINTF(x) do { if (iwi_debug > 0) printf x; } while (0) 86 #define DPRINTFN(n, x) do { if (iwi_debug >= (n)) printf x; } while (0) 87 int iwi_debug = 0; 88 SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level"); 89 #else 90 #define DPRINTF(x) 91 #define DPRINTFN(n, x) 92 #endif 93 94 struct iwi_ident { 95 uint16_t vendor; 96 uint16_t device; 97 const char *name; 98 }; 99 100 static const struct iwi_ident iwi_ident_table[] = { 101 { 0x8086, 0x4220, "Intel(R) PRO/Wireless 2200BG" }, 102 { 0x8086, 0x4221, "Intel(R) PRO/Wireless 2225BG" }, 103 { 0x8086, 0x4223, "Intel(R) PRO/Wireless 2915ABG" }, 104 { 0x8086, 0x4224, "Intel(R) PRO/Wireless 2915ABG" }, 105 106 { 0, 0, NULL } 107 }; 108 109 static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 110 static void iwi_dma_map_mbuf(void *, bus_dma_segment_t *, int, bus_size_t, 111 int); 112 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 113 int); 114 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 115 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 116 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 117 int, bus_addr_t, bus_addr_t); 118 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 119 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 120 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 121 int); 122 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 123 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 124 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 125 static void iwi_node_free(struct ieee80211_node *); 126 static int iwi_media_change(struct ifnet *); 127 static void iwi_media_status(struct ifnet *, struct ifmediareq *); 128 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 129 static int iwi_wme_update(struct ieee80211com *); 130 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 131 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *); 132 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 133 struct iwi_frame *); 134 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 135 static void iwi_rx_intr(struct iwi_softc *); 136 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 137 static void iwi_intr(void *); 138 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int); 139 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *); 140 static int iwi_tx_start(struct ifnet *, struct mbuf *, 141 struct ieee80211_node *, int); 142 static void iwi_start(struct ifnet *); 143 static void iwi_watchdog(struct ifnet *); 144 static int iwi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 145 static void iwi_stop_master(struct iwi_softc *); 146 static int iwi_reset(struct iwi_softc *); 147 static int iwi_load_ucode(struct iwi_softc *, void *, int); 148 static int iwi_load_firmware(struct iwi_softc *, void *, int); 149 static int iwi_cache_firmware(struct iwi_softc *, void *); 150 static void iwi_free_firmware(struct iwi_softc *); 151 static int iwi_config(struct iwi_softc *); 152 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *); 153 static int iwi_scan(struct iwi_softc *); 154 static int iwi_auth_and_assoc(struct iwi_softc *); 155 static void iwi_init(void *); 156 static void iwi_stop(void *); 157 static int iwi_sysctl_stats(SYSCTL_HANDLER_ARGS); 158 static int iwi_sysctl_radio(SYSCTL_HANDLER_ARGS); 159 160 static int iwi_probe(device_t); 161 static int iwi_attach(device_t); 162 static int iwi_detach(device_t); 163 static int iwi_shutdown(device_t); 164 static int iwi_suspend(device_t); 165 static int iwi_resume(device_t); 166 167 static int iwi_alloc_ibss_node(struct iwi_softc *); 168 static void iwi_free_ibss_node(struct iwi_softc *, int); 169 170 static device_method_t iwi_methods[] = { 171 /* Device interface */ 172 DEVMETHOD(device_probe, iwi_probe), 173 DEVMETHOD(device_attach, iwi_attach), 174 DEVMETHOD(device_detach, iwi_detach), 175 DEVMETHOD(device_shutdown, iwi_shutdown), 176 DEVMETHOD(device_suspend, iwi_suspend), 177 DEVMETHOD(device_resume, iwi_resume), 178 179 { 0, 0 } 180 }; 181 182 static driver_t iwi_driver = { 183 "iwi", 184 iwi_methods, 185 sizeof (struct iwi_softc) 186 }; 187 188 static devclass_t iwi_devclass; 189 190 DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0); 191 192 MODULE_DEPEND(iwi, pci, 1, 1, 1); 193 MODULE_DEPEND(iwi, wlan, 1, 1, 1); 194 195 /* 196 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 197 */ 198 static const struct ieee80211_rateset iwi_rateset_11a = 199 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 200 201 static const struct ieee80211_rateset iwi_rateset_11b = 202 { 4, { 2, 4, 11, 22 } }; 203 204 static const struct ieee80211_rateset iwi_rateset_11g = 205 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 206 207 static int 208 iwi_probe(device_t dev) 209 { 210 const struct iwi_ident *ident; 211 uint16_t vid, did; 212 213 vid = pci_get_vendor(dev); 214 did = pci_get_device(dev); 215 for (ident = iwi_ident_table; ident->name != NULL; ident++) { 216 if (vid == ident->vendor && did == ident->device) { 217 device_set_desc(dev, ident->name); 218 return 0; 219 } 220 } 221 return ENXIO; 222 } 223 224 /* Base Address Register */ 225 #define IWI_PCI_BAR0 0x10 226 227 static int 228 iwi_attach(device_t dev) 229 { 230 struct iwi_softc *sc = device_get_softc(dev); 231 struct ieee80211com *ic = &sc->sc_ic; 232 struct ifnet *ifp = &ic->ic_if; 233 uint16_t val; 234 int error, i; 235 236 sc->sc_dev = dev; 237 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 238 239 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { 240 device_printf(dev, "chip is in D%d power mode " 241 "-- setting to D0\n", pci_get_powerstate(dev)); 242 pci_set_powerstate(dev, PCI_POWERSTATE_D0); 243 } 244 245 pci_write_config(dev, 0x41, 0, 1); 246 247 /* enable bus-mastering */ 248 pci_enable_busmaster(dev); 249 250 sc->mem_rid = IWI_PCI_BAR0; 251 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid, 252 RF_ACTIVE); 253 if (sc->mem == NULL) { 254 device_printf(dev, "could not allocate memory resource\n"); 255 return ENXIO; 256 } 257 sc->sc_st = rman_get_bustag(sc->mem); 258 sc->sc_sh = rman_get_bushandle(sc->mem); 259 260 sc->irq_rid = 0; 261 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid, 262 RF_ACTIVE | RF_SHAREABLE); 263 if (sc->irq == NULL) { 264 device_printf(dev, "could not allocate interrupt resource\n"); 265 goto fail; 266 } 267 268 if (iwi_reset(sc) != 0) { 269 device_printf(dev, "could not reset adapter\n"); 270 goto fail; 271 } 272 273 /* 274 * Allocate rings. 275 */ 276 error = iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT); 277 if (error != 0) { 278 device_printf(dev, "could not allocate Cmd ring\n"); 279 goto fail; 280 } 281 282 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT, 283 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX); 284 if (error != 0) { 285 device_printf(dev, "could not allocate Tx ring 1\n"); 286 goto fail; 287 } 288 289 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT, 290 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX); 291 if (error != 0) { 292 device_printf(dev, "could not allocate Tx ring 2\n"); 293 goto fail; 294 } 295 296 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT, 297 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX); 298 if (error != 0) { 299 device_printf(dev, "could not allocate Tx ring 3\n"); 300 goto fail; 301 } 302 303 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT, 304 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX); 305 if (error != 0) { 306 device_printf(dev, "could not allocate Tx ring 4\n"); 307 goto fail; 308 } 309 310 error = iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT); 311 if (error != 0) { 312 device_printf(dev, "could not allocate Rx ring\n"); 313 goto fail; 314 } 315 316 sysctl_ctx_init(&sc->sysctl_ctx); 317 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx, 318 SYSCTL_STATIC_CHILDREN(_hw), 319 OID_AUTO, 320 device_get_nameunit(dev), 321 CTLFLAG_RD, 322 0, ""); 323 if (sc->sysctl_tree == NULL) { 324 device_printf(dev, "sysctl add node failed\n"); 325 error = EIO; 326 goto fail; 327 } 328 329 ifp->if_softc = sc; 330 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 331 ifp->if_init = iwi_init; 332 ifp->if_ioctl = iwi_ioctl; 333 ifp->if_start = iwi_start; 334 ifp->if_watchdog = iwi_watchdog; 335 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN); 336 ifq_set_ready(&ifp->if_snd); 337 338 ic->ic_wme.wme_update = iwi_wme_update; 339 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 340 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 341 ic->ic_state = IEEE80211_S_INIT; 342 343 /* set device capabilities */ 344 ic->ic_caps = 345 IEEE80211_C_IBSS | /* IBSS mode supported */ 346 IEEE80211_C_MONITOR | /* monitor mode supported */ 347 IEEE80211_C_TXPMGT | /* tx power management */ 348 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 349 IEEE80211_C_WEP | /* WEP */ 350 IEEE80211_C_WPA | /* 802.11i */ 351 IEEE80211_C_WME; /* 802.11e */ 352 353 /* read MAC address from EEPROM */ 354 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 355 ic->ic_myaddr[0] = val & 0xff; 356 ic->ic_myaddr[1] = val >> 8; 357 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 358 ic->ic_myaddr[2] = val & 0xff; 359 ic->ic_myaddr[3] = val >> 8; 360 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 361 ic->ic_myaddr[4] = val & 0xff; 362 ic->ic_myaddr[5] = val >> 8; 363 364 if (pci_get_device(dev) >= 0x4223) { 365 /* set supported .11a rates (2915ABG only) */ 366 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a; 367 368 /* set supported .11a channels */ 369 for (i = 36; i <= 64; i += 4) { 370 ic->ic_channels[i].ic_freq = 371 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 372 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 373 } 374 for (i = 149; i <= 165; i += 4) { 375 ic->ic_channels[i].ic_freq = 376 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 377 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 378 } 379 } 380 381 /* set supported .11b and .11g rates */ 382 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b; 383 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g; 384 385 /* set supported .11b and .11g channels (1 through 14) */ 386 for (i = 1; i <= 14; i++) { 387 ic->ic_channels[i].ic_freq = 388 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 389 ic->ic_channels[i].ic_flags = 390 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 391 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 392 } 393 394 ieee80211_ifattach(ic); 395 /* override default methods */ 396 ic->ic_node_alloc = iwi_node_alloc; 397 sc->sc_node_free = ic->ic_node_free; 398 ic->ic_node_free = iwi_node_free; 399 /* override state transition machine */ 400 sc->sc_newstate = ic->ic_newstate; 401 ic->ic_newstate = iwi_newstate; 402 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 403 404 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO, 405 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 406 407 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 408 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 409 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 410 411 sc->sc_txtap_len = sizeof sc->sc_txtapu; 412 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 413 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 414 415 /* 416 * Add a few sysctl knobs. 417 */ 418 sc->dwelltime = 100; 419 sc->bluetooth = 1; 420 sc->antenna = 0; 421 422 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 423 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "radio", 424 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I", 425 "radio transmitter switch state (0=off, 1=on)"); 426 427 SYSCTL_ADD_PROC(&sc->sysctl_ctx, 428 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "stats", 429 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S", 430 "statistics"); 431 432 SYSCTL_ADD_INT(&sc->sysctl_ctx, 433 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell", 434 CTLFLAG_RW, &sc->dwelltime, 0, 435 "channel dwell time (ms) for AP/station scanning"); 436 437 SYSCTL_ADD_INT(&sc->sysctl_ctx, 438 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "bluetooth", 439 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence"); 440 441 SYSCTL_ADD_INT(&sc->sysctl_ctx, 442 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "antenna", 443 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)"); 444 445 /* 446 * Hook our interrupt after all initialization is complete. 447 */ 448 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, iwi_intr, sc, 449 &sc->sc_ih, ifp->if_serializer); 450 if (error != 0) { 451 device_printf(dev, "could not set up interrupt\n"); 452 453 bpfdetach(ifp); 454 ieee80211_ifdetach(ic); 455 goto fail; 456 } 457 458 if (bootverbose) 459 ieee80211_announce(ic); 460 461 return 0; 462 fail: 463 iwi_detach(dev); 464 return ENXIO; 465 } 466 467 static int 468 iwi_detach(device_t dev) 469 { 470 struct iwi_softc *sc = device_get_softc(dev); 471 struct ieee80211com *ic = &sc->sc_ic; 472 struct ifnet *ifp = ic->ic_ifp; 473 474 if (device_is_attached(dev)) { 475 lwkt_serialize_enter(ifp->if_serializer); 476 477 iwi_stop(sc); 478 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 479 iwi_free_firmware(sc); 480 481 lwkt_serialize_exit(ifp->if_serializer); 482 483 bpfdetach(ifp); 484 ieee80211_ifdetach(ic); 485 } 486 487 iwi_free_cmd_ring(sc, &sc->cmdq); 488 iwi_free_tx_ring(sc, &sc->txq[0]); 489 iwi_free_tx_ring(sc, &sc->txq[1]); 490 iwi_free_tx_ring(sc, &sc->txq[2]); 491 iwi_free_tx_ring(sc, &sc->txq[3]); 492 iwi_free_rx_ring(sc, &sc->rxq); 493 494 if (sc->irq != NULL) 495 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq); 496 497 if (sc->mem != NULL) 498 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem); 499 500 if (sc->sysctl_tree != NULL) 501 sysctl_ctx_free(&sc->sysctl_ctx); 502 503 return 0; 504 } 505 506 static void 507 iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 508 { 509 if (error != 0) 510 return; 511 512 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 513 514 *(bus_addr_t *)arg = segs[0].ds_addr; 515 } 516 517 static int 518 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count) 519 { 520 int error; 521 522 ring->count = count; 523 ring->queued = 0; 524 ring->cur = ring->next = 0; 525 526 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 527 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_CMD_DESC_SIZE, 1, 528 count * IWI_CMD_DESC_SIZE, 0, &ring->desc_dmat); 529 if (error != 0) { 530 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 531 goto fail; 532 } 533 534 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 535 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 536 if (error != 0) { 537 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 538 goto fail; 539 } 540 541 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 542 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 543 if (error != 0) { 544 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 545 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 546 ring->desc = NULL; 547 return error; 548 } 549 550 return 0; 551 552 fail: iwi_free_cmd_ring(sc, ring); 553 return error; 554 } 555 556 static void 557 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 558 { 559 ring->queued = 0; 560 ring->cur = ring->next = 0; 561 } 562 563 static void 564 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 565 { 566 if (ring->desc != NULL) { 567 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 568 BUS_DMASYNC_POSTWRITE); 569 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 570 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 571 ring->desc = NULL; 572 } 573 574 if (ring->desc_dmat != NULL) { 575 bus_dma_tag_destroy(ring->desc_dmat); 576 ring->desc_dmat = NULL; 577 } 578 } 579 580 static int 581 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count, 582 bus_addr_t csr_ridx, bus_addr_t csr_widx) 583 { 584 int i, error; 585 586 ring->count = count; 587 ring->queued = 0; 588 ring->cur = ring->next = 0; 589 ring->csr_ridx = csr_ridx; 590 ring->csr_widx = csr_widx; 591 592 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 593 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_TX_DESC_SIZE, 1, 594 count * IWI_TX_DESC_SIZE, 0, &ring->desc_dmat); 595 if (error != 0) { 596 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 597 goto fail; 598 } 599 600 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 601 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map); 602 if (error != 0) { 603 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 604 goto fail; 605 } 606 607 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 608 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 609 if (error != 0) { 610 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 611 612 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 613 ring->desc = NULL; 614 goto fail; 615 } 616 617 ring->data = malloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 618 M_WAITOK | M_ZERO); 619 620 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 621 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, IWI_MAX_NSEG - 2, 622 MCLBYTES, 0, &ring->data_dmat); 623 if (error != 0) { 624 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 625 goto fail; 626 } 627 628 for (i = 0; i < count; i++) { 629 error = bus_dmamap_create(ring->data_dmat, 0, 630 &ring->data[i].map); 631 if (error != 0) { 632 device_printf(sc->sc_dev, "could not create DMA map\n"); 633 goto fail; 634 } 635 } 636 637 return 0; 638 639 fail: iwi_free_tx_ring(sc, ring); 640 return error; 641 } 642 643 static void 644 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 645 { 646 struct iwi_tx_data *data; 647 int i; 648 649 for (i = 0; i < ring->count; i++) { 650 data = &ring->data[i]; 651 652 if (data->m != NULL) { 653 bus_dmamap_sync(ring->data_dmat, data->map, 654 BUS_DMASYNC_POSTWRITE); 655 bus_dmamap_unload(ring->data_dmat, data->map); 656 m_freem(data->m); 657 data->m = NULL; 658 } 659 660 if (data->ni != NULL) { 661 ieee80211_free_node(data->ni); 662 data->ni = NULL; 663 } 664 } 665 666 ring->queued = 0; 667 ring->cur = ring->next = 0; 668 } 669 670 static void 671 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 672 { 673 struct iwi_tx_data *data; 674 int i; 675 676 if (ring->desc != NULL) { 677 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 678 BUS_DMASYNC_POSTWRITE); 679 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 680 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 681 ring->desc = NULL; 682 } 683 684 if (ring->desc_dmat != NULL) { 685 bus_dma_tag_destroy(ring->desc_dmat); 686 ring->desc_dmat = NULL; 687 } 688 689 if (ring->data != NULL) { 690 for (i = 0; i < ring->count; i++) { 691 data = &ring->data[i]; 692 693 if (data->m != NULL) { 694 bus_dmamap_sync(ring->data_dmat, data->map, 695 BUS_DMASYNC_POSTWRITE); 696 bus_dmamap_unload(ring->data_dmat, data->map); 697 m_freem(data->m); 698 data->m = NULL; 699 } 700 701 if (data->ni != NULL) { 702 ieee80211_free_node(data->ni); 703 data->ni = NULL; 704 } 705 706 if (data->map != NULL) { 707 bus_dmamap_destroy(ring->data_dmat, data->map); 708 data->map = NULL; 709 } 710 } 711 712 free(ring->data, M_DEVBUF); 713 ring->data = NULL; 714 } 715 716 if (ring->data_dmat != NULL) { 717 bus_dma_tag_destroy(ring->data_dmat); 718 ring->data_dmat = NULL; 719 } 720 } 721 722 static int 723 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count) 724 { 725 struct iwi_rx_data *data; 726 int i, error; 727 728 ring->count = count; 729 ring->cur = 0; 730 731 ring->data = malloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 732 M_WAITOK | M_ZERO); 733 734 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 735 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, 736 &ring->data_dmat); 737 if (error != 0) { 738 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 739 goto fail; 740 } 741 742 for (i = 0; i < count; i++) { 743 data = &ring->data[i]; 744 745 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 746 if (error != 0) { 747 device_printf(sc->sc_dev, "could not create DMA map\n"); 748 goto fail; 749 } 750 751 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR); 752 if (data->m == NULL) { 753 device_printf(sc->sc_dev, 754 "could not allocate rx mbuf\n"); 755 error = ENOMEM; 756 goto fail; 757 } 758 759 error = bus_dmamap_load(ring->data_dmat, data->map, 760 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 761 &data->physaddr, 0); 762 if (error != 0) { 763 device_printf(sc->sc_dev, 764 "could not load rx buf DMA map"); 765 766 m_freem(data->m); 767 data->m = NULL; 768 goto fail; 769 } 770 771 data->reg = IWI_CSR_RX_BASE + i * 4; 772 } 773 774 return 0; 775 776 fail: iwi_free_rx_ring(sc, ring); 777 return error; 778 } 779 780 static void 781 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 782 { 783 ring->cur = 0; 784 } 785 786 static void 787 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 788 { 789 struct iwi_rx_data *data; 790 int i; 791 792 if (ring->data != NULL) { 793 for (i = 0; i < ring->count; i++) { 794 data = &ring->data[i]; 795 796 if (data->m != NULL) { 797 bus_dmamap_sync(ring->data_dmat, data->map, 798 BUS_DMASYNC_POSTREAD); 799 bus_dmamap_unload(ring->data_dmat, data->map); 800 m_freem(data->m); 801 data->m = NULL; 802 } 803 804 if (data->map != NULL) { 805 bus_dmamap_destroy(ring->data_dmat, data->map); 806 data->map = NULL; 807 } 808 } 809 810 free(ring->data, M_DEVBUF); 811 ring->data = NULL; 812 } 813 814 if (ring->data_dmat != NULL) { 815 bus_dma_tag_destroy(ring->data_dmat); 816 ring->data_dmat = NULL; 817 } 818 } 819 820 static int 821 iwi_shutdown(device_t dev) 822 { 823 struct iwi_softc *sc = device_get_softc(dev); 824 struct ifnet *ifp = &sc->sc_ic.ic_if; 825 826 lwkt_serialize_enter(ifp->if_serializer); 827 iwi_stop(sc); 828 lwkt_serialize_exit(ifp->if_serializer); 829 830 return 0; 831 } 832 833 static int 834 iwi_suspend(device_t dev) 835 { 836 struct iwi_softc *sc = device_get_softc(dev); 837 struct ifnet *ifp = &sc->sc_ic.ic_if; 838 839 lwkt_serialize_enter(ifp->if_serializer); 840 iwi_stop(sc); 841 lwkt_serialize_exit(ifp->if_serializer); 842 843 return 0; 844 } 845 846 static int 847 iwi_resume(device_t dev) 848 { 849 struct iwi_softc *sc = device_get_softc(dev); 850 struct ifnet *ifp = sc->sc_ic.ic_ifp; 851 852 lwkt_serialize_enter(ifp->if_serializer); 853 854 pci_write_config(dev, 0x41, 0, 1); 855 856 if (ifp->if_flags & IFF_UP) { 857 ifp->if_init(ifp->if_softc); 858 if (ifp->if_flags & IFF_RUNNING) 859 ifp->if_start(ifp); 860 } 861 862 lwkt_serialize_exit(ifp->if_serializer); 863 864 return 0; 865 } 866 867 static struct ieee80211_node * 868 iwi_node_alloc(struct ieee80211_node_table *nt) 869 { 870 struct iwi_node *in; 871 872 in = malloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 873 if (in == NULL) 874 return NULL; 875 876 in->in_station = -1; 877 878 return &in->in_node; 879 } 880 881 static void 882 iwi_node_free(struct ieee80211_node *ni) 883 { 884 struct ieee80211com *ic = ni->ni_ic; 885 struct iwi_softc *sc = ic->ic_ifp->if_softc; 886 struct iwi_node *in = (struct iwi_node *)ni; 887 888 if (in->in_station != -1) 889 iwi_free_ibss_node(sc, in->in_station); 890 891 sc->sc_node_free(ni); 892 } 893 894 static int 895 iwi_media_change(struct ifnet *ifp) 896 { 897 struct iwi_softc *sc = ifp->if_softc; 898 int error; 899 900 ASSERT_SERIALIZED(ifp->if_serializer); 901 902 error = ieee80211_media_change(ifp); 903 if (error != ENETRESET) 904 return error; 905 906 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 907 iwi_init(sc); 908 return 0; 909 } 910 911 /* 912 * The firmware automatically adapts the transmit speed. We report its current 913 * value here. 914 */ 915 static void 916 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 917 { 918 struct iwi_softc *sc = ifp->if_softc; 919 struct ieee80211com *ic = &sc->sc_ic; 920 #define N(a) (sizeof (a) / sizeof (a[0])) 921 static const struct { 922 uint32_t val; 923 int rate; 924 } rates[] = { 925 { IWI_RATE_DS1, 2 }, 926 { IWI_RATE_DS2, 4 }, 927 { IWI_RATE_DS5, 11 }, 928 { IWI_RATE_DS11, 22 }, 929 { IWI_RATE_OFDM6, 12 }, 930 { IWI_RATE_OFDM9, 18 }, 931 { IWI_RATE_OFDM12, 24 }, 932 { IWI_RATE_OFDM18, 36 }, 933 { IWI_RATE_OFDM24, 48 }, 934 { IWI_RATE_OFDM36, 72 }, 935 { IWI_RATE_OFDM48, 96 }, 936 { IWI_RATE_OFDM54, 108 }, 937 }; 938 uint32_t val; 939 int rate, i; 940 941 imr->ifm_status = IFM_AVALID; 942 imr->ifm_active = IFM_IEEE80211; 943 if (ic->ic_state == IEEE80211_S_RUN) 944 imr->ifm_status |= IFM_ACTIVE; 945 946 /* read current transmission rate from adapter */ 947 val = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE); 948 949 /* convert rate to 802.11 rate */ 950 for (i = 0; i < N(rates) && rates[i].val != val; i++); 951 rate = (i < N(rates)) ? rates[i].rate : 0; 952 953 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 954 switch (ic->ic_opmode) { 955 case IEEE80211_M_STA: 956 break; 957 958 case IEEE80211_M_IBSS: 959 imr->ifm_active |= IFM_IEEE80211_ADHOC; 960 break; 961 962 case IEEE80211_M_MONITOR: 963 imr->ifm_active |= IFM_IEEE80211_MONITOR; 964 break; 965 966 case IEEE80211_M_AHDEMO: 967 case IEEE80211_M_HOSTAP: 968 /* should not get there */ 969 break; 970 } 971 #undef N 972 } 973 974 static int 975 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 976 { 977 struct ifnet *ifp = ic->ic_ifp; 978 struct iwi_softc *sc = ifp->if_softc; 979 enum ieee80211_state ostate; 980 uint32_t tmp; 981 982 ostate = ic->ic_state; 983 984 switch (nstate) { 985 case IEEE80211_S_SCAN: 986 if (sc->flags & IWI_FLAG_SCANNING) 987 break; 988 989 ieee80211_node_table_reset(&ic->ic_scan); 990 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 991 sc->flags |= IWI_FLAG_SCANNING; 992 iwi_scan(sc); 993 break; 994 995 case IEEE80211_S_AUTH: 996 iwi_auth_and_assoc(sc); 997 break; 998 999 case IEEE80211_S_RUN: 1000 if (ic->ic_opmode == IEEE80211_M_IBSS) 1001 iwi_auth_and_assoc(sc); 1002 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 1003 iwi_set_chan(sc, ic->ic_ibss_chan); 1004 1005 /* assoc led on */ 1006 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1007 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp | IWI_LED_ASSOC); 1008 1009 return sc->sc_newstate(ic, nstate, 1010 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1011 1012 case IEEE80211_S_ASSOC: 1013 break; 1014 1015 case IEEE80211_S_INIT: 1016 sc->flags &= ~IWI_FLAG_SCANNING; 1017 1018 if (ostate != IEEE80211_S_RUN) 1019 break; 1020 1021 /* assoc led off */ 1022 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK; 1023 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp & ~IWI_LED_ASSOC); 1024 break; 1025 } 1026 1027 ic->ic_state = nstate; 1028 1029 return 0; 1030 } 1031 1032 /* 1033 * WME parameters coming from IEEE 802.11e specification. These values are 1034 * already declared in ieee80211_proto.c, but they are static so they can't 1035 * be reused here. 1036 */ 1037 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1038 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1039 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1040 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1041 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1042 }; 1043 1044 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1045 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1046 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1047 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1048 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1049 }; 1050 1051 static int 1052 iwi_wme_update(struct ieee80211com *ic) 1053 { 1054 #define IWI_EXP2(v) htole16((1 << (v)) - 1) 1055 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1056 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1057 struct iwi_wme_params wme[3]; 1058 const struct wmeParams *wmep; 1059 int ac; 1060 1061 /* 1062 * We shall not override firmware default WME values if WME is not 1063 * actually enabled. 1064 */ 1065 if (!(ic->ic_flags & IEEE80211_F_WME)) 1066 return 0; 1067 1068 for (ac = 0; ac < WME_NUM_AC; ac++) { 1069 /* set WME values for current operating mode */ 1070 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1071 wme[0].aifsn[ac] = wmep->wmep_aifsn; 1072 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1073 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1074 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1075 wme[0].acm[ac] = wmep->wmep_acm; 1076 1077 /* set WME values for CCK modulation */ 1078 wmep = &iwi_wme_cck_params[ac]; 1079 wme[1].aifsn[ac] = wmep->wmep_aifsn; 1080 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1081 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1082 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1083 wme[1].acm[ac] = wmep->wmep_acm; 1084 1085 /* set WME values for OFDM modulation */ 1086 wmep = &iwi_wme_ofdm_params[ac]; 1087 wme[2].aifsn[ac] = wmep->wmep_aifsn; 1088 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1089 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1090 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1091 wme[2].acm[ac] = wmep->wmep_acm; 1092 } 1093 1094 DPRINTF(("Setting WME parameters\n")); 1095 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1); 1096 #undef IWI_USEC 1097 #undef IWI_EXP2 1098 } 1099 1100 /* 1101 * Read 16 bits at address 'addr' from the serial EEPROM. 1102 */ 1103 static uint16_t 1104 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1105 { 1106 uint32_t tmp; 1107 uint16_t val; 1108 int n; 1109 1110 /* Clock C once before the first command */ 1111 IWI_EEPROM_CTL(sc, 0); 1112 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1113 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1114 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1115 1116 /* Write start bit (1) */ 1117 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1118 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1119 1120 /* Write READ opcode (10) */ 1121 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1122 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1123 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1124 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1125 1126 /* Write address A7-A0 */ 1127 for (n = 7; n >= 0; n--) { 1128 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1129 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1130 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1131 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1132 } 1133 1134 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1135 1136 /* Read data Q15-Q0 */ 1137 val = 0; 1138 for (n = 15; n >= 0; n--) { 1139 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1140 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1141 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1142 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1143 } 1144 1145 IWI_EEPROM_CTL(sc, 0); 1146 1147 /* Clear Chip Select and clock C */ 1148 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1149 IWI_EEPROM_CTL(sc, 0); 1150 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1151 1152 return val; 1153 } 1154 1155 /* 1156 * XXX: Hack to set the current channel to the value advertised in beacons or 1157 * probe responses. Only used during AP detection. 1158 */ 1159 static void 1160 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1161 { 1162 struct ieee80211_frame *wh; 1163 uint8_t subtype; 1164 uint8_t *frm, *efrm; 1165 1166 wh = mtod(m, struct ieee80211_frame *); 1167 1168 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1169 return; 1170 1171 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1172 1173 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1174 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1175 return; 1176 1177 frm = (uint8_t *)(wh + 1); 1178 efrm = mtod(m, uint8_t *) + m->m_len; 1179 1180 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1181 while (frm < efrm) { 1182 if (*frm == IEEE80211_ELEMID_DSPARMS) 1183 #if IEEE80211_CHAN_MAX < 255 1184 if (frm[2] <= IEEE80211_CHAN_MAX) 1185 #endif 1186 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1187 1188 frm += frm[1] + 2; 1189 } 1190 } 1191 1192 static void 1193 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1194 struct iwi_frame *frame) 1195 { 1196 struct ieee80211com *ic = &sc->sc_ic; 1197 struct ifnet *ifp = ic->ic_ifp; 1198 struct mbuf *mnew, *m; 1199 struct ieee80211_frame *wh; 1200 struct ieee80211_node *ni; 1201 int error; 1202 1203 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n", 1204 le16toh(frame->len), frame->chan, frame->rssi_dbm)); 1205 1206 if (le16toh(frame->len) < sizeof (struct ieee80211_frame)) 1207 return; 1208 1209 /* 1210 * Try to allocate a new mbuf for this ring element and load it before 1211 * processing the current mbuf. If the ring element cannot be loaded, 1212 * drop the received packet and reuse the old mbuf. In the unlikely 1213 * case that the old mbuf can't be reloaded either, explicitly panic. 1214 */ 1215 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR); 1216 if (mnew == NULL) { 1217 ifp->if_ierrors++; 1218 return; 1219 } 1220 1221 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1222 1223 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1224 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr, 1225 0); 1226 if (error != 0) { 1227 m_freem(mnew); 1228 1229 /* try to reload the old mbuf */ 1230 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1231 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 1232 &data->physaddr, 0); 1233 if (error != 0) { 1234 /* very unlikely that it will fail... */ 1235 panic("%s: could not load old rx mbuf", 1236 device_get_name(sc->sc_dev)); 1237 } 1238 ifp->if_ierrors++; 1239 return; 1240 } 1241 1242 /* 1243 * New mbuf successfully loaded, update Rx ring and continue 1244 * processing. 1245 */ 1246 m = data->m; 1247 data->m = mnew; 1248 CSR_WRITE_4(sc, data->reg, data->physaddr); 1249 1250 /* Finalize mbuf */ 1251 m->m_pkthdr.rcvif = ifp; 1252 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1253 sizeof (struct iwi_frame) + le16toh(frame->len); 1254 1255 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1256 1257 if (ic->ic_state == IEEE80211_S_SCAN) 1258 iwi_fix_channel(ic, m); 1259 1260 if (sc->sc_drvbpf != NULL) { 1261 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1262 1263 tap->wr_flags = 0; 1264 tap->wr_rate = frame->rate; 1265 tap->wr_chan_freq = 1266 htole16(ic->ic_channels[frame->chan].ic_freq); 1267 tap->wr_chan_flags = 1268 htole16(ic->ic_channels[frame->chan].ic_flags); 1269 tap->wr_antsignal = frame->signal; 1270 tap->wr_antenna = frame->antenna; 1271 1272 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len); 1273 } 1274 1275 wh = mtod(m, struct ieee80211_frame *); 1276 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1277 1278 /* send the frame to the 802.11 layer */ 1279 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0); 1280 1281 /* node is no longer needed */ 1282 ieee80211_free_node(ni); 1283 } 1284 1285 static void 1286 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1287 { 1288 struct ieee80211com *ic = &sc->sc_ic; 1289 struct iwi_notif_scan_channel *chan; 1290 struct iwi_notif_scan_complete *scan; 1291 struct iwi_notif_authentication *auth; 1292 struct iwi_notif_association *assoc; 1293 1294 switch (notif->type) { 1295 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1296 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1297 1298 DPRINTFN(2, ("Scanning channel (%u)\n", chan->nchan)); 1299 break; 1300 1301 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1302 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1303 1304 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1305 scan->status)); 1306 1307 /* monitor mode uses scan to set the channel ... */ 1308 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1309 sc->flags &= ~IWI_FLAG_SCANNING; 1310 ieee80211_end_scan(ic); 1311 } else 1312 iwi_set_chan(sc, ic->ic_ibss_chan); 1313 break; 1314 1315 case IWI_NOTIF_TYPE_AUTHENTICATION: 1316 auth = (struct iwi_notif_authentication *)(notif + 1); 1317 1318 DPRINTFN(2, ("Authentication (%u)\n", auth->state)); 1319 1320 switch (auth->state) { 1321 case IWI_AUTHENTICATED: 1322 ieee80211_node_authorize(ic->ic_bss); 1323 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1324 break; 1325 1326 case IWI_DEAUTHENTICATED: 1327 break; 1328 1329 default: 1330 device_printf(sc->sc_dev, 1331 "unknown authentication state %u\n", auth->state); 1332 } 1333 break; 1334 1335 case IWI_NOTIF_TYPE_ASSOCIATION: 1336 assoc = (struct iwi_notif_association *)(notif + 1); 1337 1338 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state, 1339 assoc->status)); 1340 1341 switch (assoc->state) { 1342 case IWI_AUTHENTICATED: 1343 /* re-association, do nothing */ 1344 break; 1345 1346 case IWI_ASSOCIATED: 1347 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1348 break; 1349 1350 case IWI_DEASSOCIATED: 1351 ieee80211_begin_scan(ic, 1); 1352 break; 1353 1354 default: 1355 device_printf(sc->sc_dev, 1356 "unknown association state %u\n", assoc->state); 1357 } 1358 break; 1359 1360 default: 1361 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1362 } 1363 } 1364 1365 static void 1366 iwi_rx_intr(struct iwi_softc *sc) 1367 { 1368 struct iwi_rx_data *data; 1369 struct iwi_hdr *hdr; 1370 uint32_t hw; 1371 1372 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1373 1374 for (; sc->rxq.cur != hw;) { 1375 data = &sc->rxq.data[sc->rxq.cur]; 1376 1377 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1378 BUS_DMASYNC_POSTREAD); 1379 1380 hdr = mtod(data->m, struct iwi_hdr *); 1381 1382 switch (hdr->type) { 1383 case IWI_HDR_TYPE_FRAME: 1384 iwi_frame_intr(sc, data, sc->rxq.cur, 1385 (struct iwi_frame *)(hdr + 1)); 1386 break; 1387 1388 case IWI_HDR_TYPE_NOTIF: 1389 iwi_notification_intr(sc, 1390 (struct iwi_notif *)(hdr + 1)); 1391 break; 1392 1393 default: 1394 device_printf(sc->sc_dev, "unknown hdr type %u\n", 1395 hdr->type); 1396 } 1397 1398 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1399 1400 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT; 1401 } 1402 1403 /* Tell the firmware what we have processed */ 1404 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1; 1405 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1406 } 1407 1408 static void 1409 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1410 { 1411 struct ieee80211com *ic = &sc->sc_ic; 1412 struct ifnet *ifp = ic->ic_ifp; 1413 struct iwi_tx_data *data; 1414 uint32_t hw; 1415 1416 hw = CSR_READ_4(sc, txq->csr_ridx); 1417 1418 for (; txq->next != hw;) { 1419 data = &txq->data[txq->next]; 1420 1421 bus_dmamap_sync(txq->data_dmat, data->map, 1422 BUS_DMASYNC_POSTWRITE); 1423 bus_dmamap_unload(txq->data_dmat, data->map); 1424 m_freem(data->m); 1425 data->m = NULL; 1426 ieee80211_free_node(data->ni); 1427 data->ni = NULL; 1428 1429 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1430 1431 ifp->if_opackets++; 1432 1433 txq->queued--; 1434 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT; 1435 } 1436 1437 sc->sc_tx_timer = 0; 1438 ifp->if_flags &= ~IFF_OACTIVE; 1439 iwi_start(ifp); 1440 } 1441 1442 static void 1443 iwi_intr(void *arg) 1444 { 1445 struct iwi_softc *sc = arg; 1446 uint32_t r; 1447 1448 r = CSR_READ_4(sc, IWI_CSR_INTR); 1449 if (r == 0 || r == 0xffffffff) 1450 return; 1451 1452 /* disable interrupts */ 1453 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1454 1455 if (r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR)) { 1456 device_printf(sc->sc_dev, "fatal error\n"); 1457 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1458 iwi_stop(sc); 1459 } 1460 1461 if (r & IWI_INTR_FW_INITED) { 1462 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1463 wakeup(IWI_FW_INITIALIZED(sc)); 1464 } 1465 1466 if (r & IWI_INTR_RADIO_OFF) { 1467 DPRINTF(("radio transmitter turned off\n")); 1468 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1469 iwi_stop(sc); 1470 } 1471 1472 if (r & IWI_INTR_CMD_DONE) 1473 wakeup(IWI_FW_CMD_ACKED(sc)); 1474 1475 if (r & IWI_INTR_TX1_DONE) 1476 iwi_tx_intr(sc, &sc->txq[0]); 1477 1478 if (r & IWI_INTR_TX2_DONE) 1479 iwi_tx_intr(sc, &sc->txq[1]); 1480 1481 if (r & IWI_INTR_TX3_DONE) 1482 iwi_tx_intr(sc, &sc->txq[2]); 1483 1484 if (r & IWI_INTR_TX4_DONE) 1485 iwi_tx_intr(sc, &sc->txq[3]); 1486 1487 if (r & IWI_INTR_RX_DONE) 1488 iwi_rx_intr(sc); 1489 1490 /* acknowledge interrupts */ 1491 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1492 1493 /* re-enable interrupts */ 1494 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 1495 } 1496 1497 static int 1498 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, int async) 1499 { 1500 struct iwi_cmd_desc *desc; 1501 struct ifnet *ifp = &sc->sc_ic.ic_if; 1502 int ret; 1503 1504 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1505 1506 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1507 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1508 desc->type = type; 1509 desc->len = len; 1510 memcpy(desc->data, data, len); 1511 1512 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map, 1513 BUS_DMASYNC_PREWRITE); 1514 1515 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1516 type, len)); 1517 1518 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT; 1519 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1520 1521 if (!async) { 1522 ASSERT_SERIALIZED(ifp->if_serializer); 1523 1524 crit_enter(); 1525 tsleep_interlock(IWI_FW_CMD_ACKED(sc)); 1526 lwkt_serialize_exit(ifp->if_serializer); 1527 ret = tsleep(IWI_FW_CMD_ACKED(sc), 0, "iwicmd", hz); 1528 crit_exit(); 1529 lwkt_serialize_enter(ifp->if_serializer); 1530 } else { 1531 ret = 0; 1532 } 1533 1534 return ret; 1535 } 1536 1537 static void 1538 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in) 1539 { 1540 struct iwi_ibssnode node; 1541 1542 /* write node information into NIC memory */ 1543 memset(&node, 0, sizeof node); 1544 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr); 1545 1546 CSR_WRITE_REGION_1(sc, 1547 IWI_CSR_NODE_BASE + in->in_station * sizeof node, 1548 (uint8_t *)&node, sizeof node); 1549 } 1550 1551 struct iwi_dma_mapping { 1552 bus_dma_segment_t segs[IWI_MAX_NSEG]; 1553 int nseg; 1554 bus_size_t mapsize; 1555 }; 1556 1557 static void 1558 iwi_dma_map_mbuf(void *arg, bus_dma_segment_t *segs, int nseg, 1559 bus_size_t mapsize, int error) 1560 { 1561 struct iwi_dma_mapping *map = arg; 1562 1563 if (error != 0) 1564 return; 1565 1566 KASSERT(nseg <= IWI_MAX_NSEG, ("too many DMA segments %d", nseg)); 1567 1568 bcopy(segs, map->segs, nseg * sizeof(bus_dma_segment_t)); 1569 map->nseg = nseg; 1570 map->mapsize = mapsize; 1571 } 1572 1573 static int 1574 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1575 int ac) 1576 { 1577 struct iwi_softc *sc = ifp->if_softc; 1578 struct ieee80211com *ic = &sc->sc_ic; 1579 struct iwi_node *in = (struct iwi_node *)ni; 1580 struct ieee80211_frame *wh; 1581 struct ieee80211_key *k; 1582 const struct chanAccParams *cap; 1583 struct iwi_tx_ring *txq = &sc->txq[ac]; 1584 struct iwi_tx_data *data; 1585 struct iwi_tx_desc *desc; 1586 struct mbuf *mnew; 1587 struct iwi_dma_mapping map; 1588 int error, hdrlen, i, noack = 0; 1589 1590 wh = mtod(m0, struct ieee80211_frame *); 1591 1592 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1593 hdrlen = sizeof (struct ieee80211_qosframe); 1594 cap = &ic->ic_wme.wme_chanParams; 1595 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1596 } else 1597 hdrlen = sizeof (struct ieee80211_frame); 1598 1599 /* 1600 * This is only used in IBSS mode where the firmware expect an index 1601 * in a h/w table instead of a destination address. 1602 */ 1603 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) { 1604 in->in_station = iwi_alloc_ibss_node(sc); 1605 if (in->in_station == -1) { /* h/w table is full */ 1606 m_freem(m0); 1607 ieee80211_free_node(ni); 1608 ifp->if_oerrors++; 1609 if_printf(ifp, "ibss table is full\n"); 1610 return 0; 1611 } 1612 iwi_write_ibssnode(sc, in); 1613 } 1614 1615 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1616 k = ieee80211_crypto_encap(ic, ni, m0); 1617 if (k == NULL) { 1618 m_freem(m0); 1619 return ENOBUFS; 1620 } 1621 1622 /* packet header may have moved, reset our local pointer */ 1623 wh = mtod(m0, struct ieee80211_frame *); 1624 } 1625 1626 if (sc->sc_drvbpf != NULL) { 1627 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1628 1629 tap->wt_flags = 0; 1630 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 1631 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 1632 1633 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len); 1634 } 1635 1636 data = &txq->data[txq->cur]; 1637 desc = &txq->desc[txq->cur]; 1638 1639 /* save and trim IEEE802.11 header */ 1640 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1641 m_adj(m0, hdrlen); 1642 1643 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1644 iwi_dma_map_mbuf, &map, BUS_DMA_NOWAIT); 1645 if (error != 0 && error != EFBIG) { 1646 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1647 error); 1648 m_freem(m0); 1649 return error; 1650 } 1651 if (error != 0) { 1652 mnew = m_defrag(m0, MB_DONTWAIT); 1653 if (mnew == NULL) { 1654 device_printf(sc->sc_dev, 1655 "could not defragment mbuf\n"); 1656 m_freem(m0); 1657 return ENOBUFS; 1658 } 1659 m0 = mnew; 1660 1661 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0, 1662 iwi_dma_map_mbuf, &map, 1663 BUS_DMA_NOWAIT); 1664 if (error != 0) { 1665 device_printf(sc->sc_dev, 1666 "could not map mbuf (error %d)\n", error); 1667 m_freem(m0); 1668 return error; 1669 } 1670 } 1671 1672 data->m = m0; 1673 data->ni = ni; 1674 1675 desc->hdr.type = IWI_HDR_TYPE_DATA; 1676 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1677 desc->station = 1678 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0; 1679 desc->cmd = IWI_DATA_CMD_TX; 1680 desc->len = htole16(m0->m_pkthdr.len); 1681 desc->flags = 0; 1682 desc->xflags = 0; 1683 1684 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1)) 1685 desc->flags |= IWI_DATA_FLAG_NEED_ACK; 1686 1687 #if 0 1688 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 1689 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP; 1690 desc->weptxkey = ic->ic_crypto.cs_def_txkey; 1691 } else 1692 #endif 1693 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1694 1695 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1696 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE; 1697 1698 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) 1699 desc->xflags |= IWI_DATA_XFLAG_QOS; 1700 1701 desc->nseg = htole32(map.nseg); 1702 for (i = 0; i < map.nseg; i++) { 1703 desc->seg_addr[i] = htole32(map.segs[i].ds_addr); 1704 desc->seg_len[i] = htole16(map.segs[i].ds_len); 1705 } 1706 1707 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1708 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1709 1710 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1711 ac, txq->cur, le16toh(desc->len), nsegs)); 1712 1713 txq->queued++; 1714 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT; 1715 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1716 1717 return 0; 1718 } 1719 1720 static void 1721 iwi_start(struct ifnet *ifp) 1722 { 1723 struct iwi_softc *sc = ifp->if_softc; 1724 struct ieee80211com *ic = &sc->sc_ic; 1725 struct mbuf *m0; 1726 struct ether_header *eh; 1727 struct ieee80211_node *ni; 1728 int ac; 1729 1730 if (ic->ic_state != IEEE80211_S_RUN) 1731 return; 1732 1733 for (;;) { 1734 m0 = ifq_dequeue(&ifp->if_snd, NULL); 1735 if (m0 == NULL) 1736 break; 1737 1738 if (m0->m_len < sizeof (struct ether_header) && 1739 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1740 ifp->if_oerrors++; 1741 continue; 1742 } 1743 eh = mtod(m0, struct ether_header *); 1744 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1745 if (ni == NULL) { 1746 m_freem(m0); 1747 ifp->if_oerrors++; 1748 continue; 1749 } 1750 1751 /* classify mbuf so we can find which tx ring to use */ 1752 if (ieee80211_classify(ic, m0, ni) != 0) { 1753 m_freem(m0); 1754 ieee80211_free_node(ni); 1755 ifp->if_oerrors++; 1756 continue; 1757 } 1758 1759 /* no QoS encapsulation for EAPOL frames */ 1760 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1761 M_WME_GETAC(m0) : WME_AC_BE; 1762 1763 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) { 1764 /* there is no place left in this ring */ 1765 m_freem(m0); 1766 ieee80211_free_node(ni); 1767 ifp->if_flags |= IFF_OACTIVE; 1768 break; 1769 } 1770 1771 BPF_MTAP(ifp, m0); 1772 1773 m0 = ieee80211_encap(ic, m0, ni); 1774 if (m0 == NULL) { 1775 ieee80211_free_node(ni); 1776 ifp->if_oerrors++; 1777 continue; 1778 } 1779 1780 if (ic->ic_rawbpf != NULL) 1781 bpf_mtap(ic->ic_rawbpf, m0); 1782 1783 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1784 ieee80211_free_node(ni); 1785 ifp->if_oerrors++; 1786 break; 1787 } 1788 1789 sc->sc_tx_timer = 5; 1790 ifp->if_timer = 1; 1791 } 1792 } 1793 1794 static void 1795 iwi_watchdog(struct ifnet *ifp) 1796 { 1797 struct iwi_softc *sc = ifp->if_softc; 1798 struct ieee80211com *ic = &sc->sc_ic; 1799 1800 ifp->if_timer = 0; 1801 1802 if (sc->sc_tx_timer > 0) { 1803 if (--sc->sc_tx_timer == 0) { 1804 if_printf(ifp, "device timeout\n"); 1805 ifp->if_oerrors++; 1806 ifp->if_flags &= ~IFF_UP; 1807 iwi_stop(sc); 1808 return; 1809 } 1810 ifp->if_timer = 1; 1811 } 1812 1813 ieee80211_watchdog(ic); 1814 } 1815 1816 static int 1817 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 1818 { 1819 struct iwi_softc *sc = ifp->if_softc; 1820 struct ieee80211com *ic = &sc->sc_ic; 1821 struct ifreq *ifr; 1822 int error = 0; 1823 1824 switch (cmd) { 1825 case SIOCSIFFLAGS: 1826 if (ifp->if_flags & IFF_UP) { 1827 if (!(ifp->if_flags & IFF_RUNNING)) 1828 iwi_init(sc); 1829 } else { 1830 if (ifp->if_flags & IFF_RUNNING) 1831 iwi_stop(sc); 1832 } 1833 break; 1834 1835 case SIOCSLOADFW: 1836 /* only super-user can do that! */ 1837 error = suser_cred(cr, NULL_CRED_OKAY); 1838 if (error != 0) 1839 break; 1840 1841 ifr = (struct ifreq *)data; 1842 error = iwi_cache_firmware(sc, ifr->ifr_data); 1843 break; 1844 1845 case SIOCSKILLFW: 1846 /* only super-user can do that! */ 1847 error = suser_cred(cr, NULL_CRED_OKAY); 1848 if (error != 0) 1849 break; 1850 1851 ifp->if_flags &= ~IFF_UP; 1852 iwi_stop(sc); 1853 iwi_free_firmware(sc); 1854 break; 1855 1856 default: 1857 error = ieee80211_ioctl(ic, cmd, data, cr); 1858 } 1859 1860 if (error == ENETRESET) { 1861 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1862 (IFF_UP | IFF_RUNNING) && 1863 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1864 iwi_init(sc); 1865 error = 0; 1866 } 1867 1868 return error; 1869 } 1870 1871 static void 1872 iwi_stop_master(struct iwi_softc *sc) 1873 { 1874 uint32_t tmp; 1875 int ntries; 1876 1877 /* disable interrupts */ 1878 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 1879 1880 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 1881 for (ntries = 0; ntries < 5; ntries++) { 1882 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1883 break; 1884 DELAY(10); 1885 } 1886 if (ntries == 5) 1887 if_printf(&sc->sc_ic.ic_if, "timeout waiting for master\n"); 1888 1889 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1890 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET); 1891 1892 sc->flags &= ~IWI_FLAG_FW_INITED; 1893 } 1894 1895 static int 1896 iwi_reset(struct iwi_softc *sc) 1897 { 1898 uint32_t tmp; 1899 int i, ntries; 1900 1901 iwi_stop_master(sc); 1902 1903 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 1904 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 1905 1906 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 1907 1908 /* Wait for clock stabilization */ 1909 for (ntries = 0; ntries < 1000; ntries++) { 1910 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 1911 break; 1912 DELAY(200); 1913 } 1914 if (ntries == 1000) { 1915 if_printf(&sc->sc_ic.ic_if, 1916 "timeout waiting for clock stabilization\n"); 1917 return EIO; 1918 } 1919 1920 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1921 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET); 1922 1923 DELAY(10); 1924 1925 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 1926 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 1927 1928 /* Clear NIC memory */ 1929 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 1930 for (i = 0; i < 0xc000; i++) 1931 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 1932 1933 return 0; 1934 } 1935 1936 static int 1937 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size) 1938 { 1939 uint32_t tmp; 1940 uint16_t *w; 1941 int ntries, i; 1942 1943 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 1944 IWI_RST_STOP_MASTER); 1945 for (ntries = 0; ntries < 5; ntries++) { 1946 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 1947 break; 1948 DELAY(10); 1949 } 1950 if (ntries == 5) { 1951 device_printf(sc->sc_dev, "timeout waiting for master\n"); 1952 return EIO; 1953 } 1954 1955 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 1956 DELAY(5000); 1957 1958 tmp = CSR_READ_4(sc, IWI_CSR_RST); 1959 tmp &= ~IWI_RST_PRINCETON_RESET; 1960 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 1961 1962 DELAY(5000); 1963 MEM_WRITE_4(sc, 0x3000e0, 0); 1964 DELAY(1000); 1965 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 1); 1966 DELAY(1000); 1967 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 0); 1968 DELAY(1000); 1969 MEM_WRITE_1(sc, 0x200000, 0x00); 1970 MEM_WRITE_1(sc, 0x200000, 0x40); 1971 DELAY(1000); 1972 1973 /* write microcode into adapter memory */ 1974 for (w = uc; size > 0; w++, size -= 2) 1975 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 1976 1977 MEM_WRITE_1(sc, 0x200000, 0x00); 1978 MEM_WRITE_1(sc, 0x200000, 0x80); 1979 1980 /* wait until we get an answer */ 1981 for (ntries = 0; ntries < 100; ntries++) { 1982 if (MEM_READ_1(sc, 0x200000) & 1) 1983 break; 1984 DELAY(100); 1985 } 1986 if (ntries == 100) { 1987 device_printf(sc->sc_dev, 1988 "timeout waiting for ucode to initialize\n"); 1989 return EIO; 1990 } 1991 1992 /* read the answer or the firmware will not initialize properly */ 1993 for (i = 0; i < 7; i++) 1994 MEM_READ_4(sc, 0x200004); 1995 1996 MEM_WRITE_1(sc, 0x200000, 0x00); 1997 1998 return 0; 1999 } 2000 2001 /* macro to handle unaligned little endian data in firmware image */ 2002 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2003 2004 static int 2005 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size) 2006 { 2007 bus_dma_tag_t dmat; 2008 bus_dmamap_t map; 2009 bus_addr_t physaddr; 2010 void *virtaddr; 2011 u_char *p, *end; 2012 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp; 2013 int ntries, error = 0; 2014 struct ifnet *ifp = &sc->sc_ic.ic_if; 2015 2016 ASSERT_SERIALIZED(ifp->if_serializer); 2017 2018 /* Allocate DMA memory for mapping firmware image */ 2019 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 2020 BUS_SPACE_MAXADDR, NULL, NULL, size, 1, size, 0, &dmat); 2021 if (error != 0) { 2022 device_printf(sc->sc_dev, 2023 "could not create firmware DMA tag\n"); 2024 goto fail1; 2025 } 2026 2027 error = bus_dmamem_alloc(dmat, &virtaddr, BUS_DMA_WAITOK, &map); 2028 if (error != 0) { 2029 device_printf(sc->sc_dev, 2030 "could not allocate firmware DMA memory\n"); 2031 goto fail2; 2032 } 2033 2034 error = bus_dmamap_load(dmat, map, virtaddr, size, iwi_dma_map_addr, 2035 &physaddr, 0); 2036 if (error != 0) { 2037 device_printf(sc->sc_dev, "could not load firmware DMA map\n"); 2038 goto fail3; 2039 } 2040 2041 /* Copy firmware image to DMA memory */ 2042 memcpy(virtaddr, fw, size); 2043 2044 /* Make sure the adapter will get up-to-date values */ 2045 bus_dmamap_sync(dmat, map, BUS_DMASYNC_PREWRITE); 2046 2047 /* Tell the adapter where the command blocks are stored */ 2048 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2049 2050 /* 2051 * Store command blocks into adapter's internal memory using register 2052 * indirections. The adapter will read the firmware image through DMA 2053 * using information stored in command blocks. 2054 */ 2055 src = physaddr; 2056 p = virtaddr; 2057 end = p + size; 2058 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2059 2060 while (p < end) { 2061 dst = GETLE32(p); p += 4; src += 4; 2062 len = GETLE32(p); p += 4; src += 4; 2063 p += len; 2064 2065 while (len > 0) { 2066 mlen = min(len, IWI_CB_MAXDATALEN); 2067 2068 ctl = IWI_CB_DEFAULT_CTL | mlen; 2069 sum = ctl ^ src ^ dst; 2070 2071 /* Write a command block */ 2072 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2073 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src); 2074 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst); 2075 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2076 2077 src += mlen; 2078 dst += mlen; 2079 len -= mlen; 2080 } 2081 } 2082 2083 /* Write a fictive final command block (sentinel) */ 2084 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2085 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2086 2087 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2088 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER); 2089 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2090 2091 /* Tell the adapter to start processing command blocks */ 2092 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2093 2094 /* Wait until the adapter reaches the sentinel */ 2095 for (ntries = 0; ntries < 400; ntries++) { 2096 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2097 break; 2098 DELAY(100); 2099 } 2100 if (ntries == 400) { 2101 device_printf(sc->sc_dev, 2102 "timeout processing command blocks\n"); 2103 error = EIO; 2104 goto fail4; 2105 } 2106 2107 /* We're done with command blocks processing */ 2108 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2109 2110 /* Allow interrupts so we know when the firmware is ready */ 2111 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2112 2113 /* Tell the adapter to initialize the firmware */ 2114 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2115 2116 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2117 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY); 2118 2119 /* wait at most one second for firmware initialization to complete */ 2120 crit_enter(); 2121 tsleep_interlock(IWI_FW_INITIALIZED(sc)); 2122 lwkt_serialize_exit(ifp->if_serializer); 2123 error = tsleep(IWI_FW_INITIALIZED(sc), 0, "iwiinit", hz); 2124 crit_exit(); 2125 lwkt_serialize_enter(ifp->if_serializer); 2126 if (error != 0) { 2127 device_printf(sc->sc_dev, "timeout waiting for firmware " 2128 "initialization to complete\n"); 2129 goto fail4; 2130 } 2131 2132 fail4: bus_dmamap_sync(dmat, map, BUS_DMASYNC_POSTWRITE); 2133 bus_dmamap_unload(dmat, map); 2134 fail3: bus_dmamem_free(dmat, virtaddr, map); 2135 fail2: bus_dma_tag_destroy(dmat); 2136 fail1: 2137 return error; 2138 } 2139 2140 /* 2141 * Store firmware into kernel memory so we can download it when we need to, 2142 * e.g when the adapter wakes up from suspend mode. 2143 */ 2144 static int 2145 iwi_cache_firmware(struct iwi_softc *sc, void *data) 2146 { 2147 struct iwi_firmware *kfw = &sc->fw; 2148 struct iwi_firmware ufw; 2149 int error; 2150 2151 iwi_free_firmware(sc); 2152 2153 if ((error = copyin(data, &ufw, sizeof ufw)) != 0) 2154 return error; 2155 2156 kfw->boot_size = ufw.boot_size; 2157 kfw->ucode_size = ufw.ucode_size; 2158 kfw->main_size = ufw.main_size; 2159 2160 kfw->boot = malloc(kfw->boot_size, M_DEVBUF, M_WAITOK); 2161 kfw->ucode = malloc(kfw->ucode_size, M_DEVBUF, M_WAITOK); 2162 kfw->main = malloc(kfw->main_size, M_DEVBUF, M_WAITOK); 2163 2164 if ((error = copyin(ufw.boot, kfw->boot, kfw->boot_size)) != 0) 2165 goto fail; 2166 2167 if ((error = copyin(ufw.ucode, kfw->ucode, kfw->ucode_size)) != 0) 2168 goto fail; 2169 2170 if ((error = copyin(ufw.main, kfw->main, kfw->main_size)) != 0) 2171 goto fail; 2172 2173 DPRINTF(("Firmware cached: boot %u, ucode %u, main %u\n", 2174 kfw->boot_size, kfw->ucode_size, kfw->main_size)); 2175 2176 sc->flags |= IWI_FLAG_FW_CACHED; 2177 2178 return 0; 2179 2180 fail: 2181 free(kfw->boot, M_DEVBUF); 2182 free(kfw->ucode, M_DEVBUF); 2183 free(kfw->main, M_DEVBUF); 2184 2185 return error; 2186 } 2187 2188 static void 2189 iwi_free_firmware(struct iwi_softc *sc) 2190 { 2191 if (!(sc->flags & IWI_FLAG_FW_CACHED)) 2192 return; 2193 2194 free(sc->fw.boot, M_DEVBUF); 2195 free(sc->fw.ucode, M_DEVBUF); 2196 free(sc->fw.main, M_DEVBUF); 2197 2198 sc->flags &= ~IWI_FLAG_FW_CACHED; 2199 } 2200 2201 static int 2202 iwi_config(struct iwi_softc *sc) 2203 { 2204 struct ieee80211com *ic = &sc->sc_ic; 2205 struct ifnet *ifp = ic->ic_ifp; 2206 struct iwi_configuration config; 2207 struct iwi_rateset rs; 2208 struct iwi_txpower power; 2209 struct ieee80211_key *wk; 2210 struct iwi_wep_key wepkey; 2211 uint32_t data; 2212 int error, i; 2213 2214 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2215 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":")); 2216 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2217 IEEE80211_ADDR_LEN, 0); 2218 if (error != 0) 2219 return error; 2220 2221 memset(&config, 0, sizeof config); 2222 config.bluetooth_coexistence = sc->bluetooth; 2223 config.antenna = sc->antenna; 2224 config.multicast_enabled = 1; 2225 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2226 config.disable_unicast_decryption = 1; 2227 config.disable_multicast_decryption = 1; 2228 DPRINTF(("Configuring adapter\n")); 2229 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 0); 2230 if (error != 0) 2231 return error; 2232 2233 data = htole32(IWI_POWER_MODE_CAM); 2234 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2235 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0); 2236 if (error != 0) 2237 return error; 2238 2239 data = htole32(ic->ic_rtsthreshold); 2240 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2241 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0); 2242 if (error != 0) 2243 return error; 2244 2245 data = htole32(ic->ic_fragthreshold); 2246 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2247 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0); 2248 if (error != 0) 2249 return error; 2250 2251 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2252 power.mode = IWI_MODE_11B; 2253 power.nchan = 11; 2254 for (i = 0; i < 11; i++) { 2255 power.chan[i].chan = i + 1; 2256 power.chan[i].power = IWI_TXPOWER_MAX; 2257 } 2258 DPRINTF(("Setting .11b channels tx power\n")); 2259 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2260 0); 2261 if (error != 0) 2262 return error; 2263 2264 power.mode = IWI_MODE_11G; 2265 DPRINTF(("Setting .11g channels tx power\n")); 2266 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power, 2267 0); 2268 if (error != 0) 2269 return error; 2270 } 2271 2272 rs.mode = IWI_MODE_11G; 2273 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2274 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2275 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2276 rs.nrates); 2277 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2278 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2279 if (error != 0) 2280 return error; 2281 2282 rs.mode = IWI_MODE_11A; 2283 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2284 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2285 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2286 rs.nrates); 2287 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2288 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0); 2289 if (error != 0) 2290 return error; 2291 2292 /* if we have a desired ESSID, set it now */ 2293 if (ic->ic_des_esslen != 0) { 2294 #ifdef IWI_DEBUG 2295 if (iwi_debug > 0) { 2296 printf("Setting desired ESSID to "); 2297 ieee80211_print_essid(ic->ic_des_essid, 2298 ic->ic_des_esslen); 2299 printf("\n"); 2300 } 2301 #endif 2302 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid, 2303 ic->ic_des_esslen, 0); 2304 if (error != 0) 2305 return error; 2306 } 2307 2308 data = htole32(arc4random()); 2309 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2310 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0); 2311 if (error != 0) 2312 return error; 2313 2314 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2315 wk = &ic->ic_crypto.cs_nw_keys[i]; 2316 2317 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2318 wepkey.idx = i; 2319 wepkey.len = wk->wk_keylen; 2320 memset(wepkey.key, 0, sizeof wepkey.key); 2321 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2322 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx, 2323 wepkey.len)); 2324 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2325 sizeof wepkey, 0); 2326 if (error != 0) 2327 return error; 2328 } 2329 2330 /* Enable adapter */ 2331 DPRINTF(("Enabling adapter\n")); 2332 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0); 2333 } 2334 2335 static int 2336 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan) 2337 { 2338 struct ieee80211com *ic = &sc->sc_ic; 2339 struct iwi_scan scan; 2340 2341 memset(&scan, 0, sizeof scan); 2342 memset(scan.type, IWI_SCAN_TYPE_PASSIVE, sizeof scan.type); 2343 scan.passive = htole16(2000); 2344 scan.channels[0] = 1 | 2345 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ); 2346 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2347 2348 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan))); 2349 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2350 } 2351 2352 static int 2353 iwi_scan(struct iwi_softc *sc) 2354 { 2355 struct ieee80211com *ic = &sc->sc_ic; 2356 struct iwi_scan scan; 2357 uint8_t *p; 2358 int i, count; 2359 2360 memset(&scan, 0, sizeof scan); 2361 2362 if (ic->ic_des_esslen != 0) { 2363 scan.bdirected = htole16(sc->dwelltime); 2364 memset(scan.type, IWI_SCAN_TYPE_BDIRECTED, sizeof scan.type); 2365 } else { 2366 scan.broadcast = htole16(sc->dwelltime); 2367 memset(scan.type, IWI_SCAN_TYPE_BROADCAST, sizeof scan.type); 2368 } 2369 2370 p = scan.channels; 2371 count = 0; 2372 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2373 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) && 2374 isset(ic->ic_chan_active, i)) { 2375 *++p = i; 2376 count++; 2377 } 2378 } 2379 *(p - count) = IWI_CHAN_5GHZ | count; 2380 2381 p = (count > 0) ? p + 1 : scan.channels; 2382 count = 0; 2383 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) { 2384 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) && 2385 isset(ic->ic_chan_active, i)) { 2386 *++p = i; 2387 count++; 2388 } 2389 } 2390 *(p - count) = IWI_CHAN_2GHZ | count; 2391 2392 DPRINTF(("Start scanning\n")); 2393 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1); 2394 } 2395 2396 static int 2397 iwi_auth_and_assoc(struct iwi_softc *sc) 2398 { 2399 struct ieee80211com *ic = &sc->sc_ic; 2400 struct ifnet *ifp = ic->ic_ifp; 2401 struct ieee80211_node *ni = ic->ic_bss; 2402 struct ieee80211_wme_info wme; 2403 struct iwi_configuration config; 2404 struct iwi_associate assoc; 2405 struct iwi_rateset rs; 2406 uint16_t capinfo; 2407 uint32_t data; 2408 int error; 2409 2410 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2411 memset(&config, 0, sizeof config); 2412 config.bluetooth_coexistence = sc->bluetooth; 2413 config.antenna = sc->antenna; 2414 config.multicast_enabled = 1; 2415 config.use_protection = 1; 2416 config.answer_pbreq = 2417 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2418 config.disable_unicast_decryption = 1; 2419 config.disable_multicast_decryption = 1; 2420 DPRINTF(("Configuring adapter\n")); 2421 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 2422 1); 2423 if (error != 0) 2424 return error; 2425 } 2426 2427 #ifdef IWI_DEBUG 2428 if (iwi_debug > 0) { 2429 printf("Setting ESSID to "); 2430 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2431 printf("\n"); 2432 } 2433 #endif 2434 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1); 2435 if (error != 0) 2436 return error; 2437 2438 /* the rate set has already been "negotiated" */ 2439 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2440 IWI_MODE_11G; 2441 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2442 rs.nrates = ni->ni_rates.rs_nrates; 2443 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2444 DPRINTF(("Setting negociated rates (%u)\n", rs.nrates)); 2445 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1); 2446 if (error != 0) 2447 return error; 2448 2449 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2450 wme.wme_id = IEEE80211_ELEMID_VENDOR; 2451 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 2452 wme.wme_oui[0] = 0x00; 2453 wme.wme_oui[1] = 0x50; 2454 wme.wme_oui[2] = 0xf2; 2455 wme.wme_type = WME_OUI_TYPE; 2456 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 2457 wme.wme_version = WME_VERSION; 2458 wme.wme_info = 0; 2459 2460 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 2461 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1); 2462 if (error != 0) 2463 return error; 2464 } 2465 2466 if (ic->ic_opt_ie != NULL) { 2467 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2468 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2469 ic->ic_opt_ie_len, 1); 2470 if (error != 0) 2471 return error; 2472 } 2473 2474 data = htole32(ni->ni_rssi); 2475 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi)); 2476 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1); 2477 if (error != 0) 2478 return error; 2479 2480 memset(&assoc, 0, sizeof assoc); 2481 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A : 2482 IWI_MODE_11G; 2483 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2484 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) 2485 assoc.auth = ic->ic_crypto.cs_def_txkey << 4 | IWI_AUTH_SHARED; 2486 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) 2487 assoc.policy |= htole16(IWI_POLICY_WME); 2488 if (ic->ic_flags & IEEE80211_F_WPA) 2489 assoc.policy |= htole16(IWI_POLICY_WPA); 2490 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8); 2491 2492 if (ic->ic_opmode == IEEE80211_M_IBSS) 2493 capinfo = IEEE80211_CAPINFO_IBSS; 2494 else 2495 capinfo = IEEE80211_CAPINFO_ESS; 2496 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2497 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2498 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2499 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2500 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2501 if (ic->ic_flags & IEEE80211_F_SHSLOT) 2502 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2503 assoc.capinfo = htole16(capinfo); 2504 2505 assoc.lintval = htole16(ic->ic_lintval); 2506 assoc.intval = htole16(ni->ni_intval); 2507 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid); 2508 if (ic->ic_opmode == IEEE80211_M_IBSS) 2509 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr); 2510 else 2511 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid); 2512 2513 DPRINTF(("Trying to associate to %6D channel %u auth %u\n", 2514 assoc.bssid, ":", assoc.chan, assoc.auth)); 2515 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1); 2516 } 2517 2518 static void 2519 iwi_init(void *priv) 2520 { 2521 struct iwi_softc *sc = priv; 2522 struct ieee80211com *ic = &sc->sc_ic; 2523 struct ifnet *ifp = ic->ic_ifp; 2524 struct iwi_firmware *fw = &sc->fw; 2525 struct iwi_rx_data *data; 2526 int i; 2527 2528 /* exit immediately if firmware has not been ioctl'd */ 2529 if (!(sc->flags & IWI_FLAG_FW_CACHED)) { 2530 if (!(sc->flags & IWI_FLAG_FW_WARNED)) 2531 device_printf(sc->sc_dev, "Please load firmware\n"); 2532 sc->flags |= IWI_FLAG_FW_WARNED; 2533 ifp->if_flags &= ~IFF_UP; 2534 return; 2535 } 2536 2537 iwi_stop(sc); 2538 2539 if (iwi_reset(sc) != 0) { 2540 device_printf(sc->sc_dev, "could not reset adapter\n"); 2541 goto fail; 2542 } 2543 2544 if (iwi_load_firmware(sc, fw->boot, fw->boot_size) != 0) { 2545 device_printf(sc->sc_dev, "could not load boot firmware\n"); 2546 goto fail; 2547 } 2548 2549 if (iwi_load_ucode(sc, fw->ucode, fw->ucode_size) != 0) { 2550 device_printf(sc->sc_dev, "could not load microcode\n"); 2551 goto fail; 2552 } 2553 2554 iwi_stop_master(sc); 2555 2556 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr); 2557 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 2558 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 2559 2560 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr); 2561 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 2562 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 2563 2564 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr); 2565 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 2566 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 2567 2568 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr); 2569 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 2570 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 2571 2572 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr); 2573 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 2574 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 2575 2576 for (i = 0; i < sc->rxq.count; i++) { 2577 data = &sc->rxq.data[i]; 2578 CSR_WRITE_4(sc, data->reg, data->physaddr); 2579 } 2580 2581 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1); 2582 2583 if (iwi_load_firmware(sc, fw->main, fw->main_size) != 0) { 2584 device_printf(sc->sc_dev, "could not load main firmware\n"); 2585 goto fail; 2586 } 2587 2588 sc->flags |= IWI_FLAG_FW_INITED; 2589 2590 if (iwi_config(sc) != 0) { 2591 device_printf(sc->sc_dev, "device configuration failed\n"); 2592 goto fail; 2593 } 2594 2595 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2596 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2597 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2598 } else 2599 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2600 2601 ifp->if_flags &= ~IFF_OACTIVE; 2602 ifp->if_flags |= IFF_RUNNING; 2603 2604 return; 2605 2606 fail: ifp->if_flags &= ~IFF_UP; 2607 iwi_stop(sc); 2608 } 2609 2610 static void 2611 iwi_stop(void *priv) 2612 { 2613 struct iwi_softc *sc = priv; 2614 struct ieee80211com *ic = &sc->sc_ic; 2615 struct ifnet *ifp = ic->ic_ifp; 2616 2617 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2618 2619 iwi_stop_master(sc); 2620 2621 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET); 2622 2623 /* reset rings */ 2624 iwi_reset_cmd_ring(sc, &sc->cmdq); 2625 iwi_reset_tx_ring(sc, &sc->txq[0]); 2626 iwi_reset_tx_ring(sc, &sc->txq[1]); 2627 iwi_reset_tx_ring(sc, &sc->txq[2]); 2628 iwi_reset_tx_ring(sc, &sc->txq[3]); 2629 iwi_reset_rx_ring(sc, &sc->rxq); 2630 2631 sc->sc_tx_timer = 0; 2632 ifp->if_timer = 0; 2633 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2634 } 2635 2636 static int 2637 iwi_sysctl_stats(SYSCTL_HANDLER_ARGS) 2638 { 2639 struct iwi_softc *sc = arg1; 2640 struct ifnet *ifp = &sc->sc_ic.ic_if; 2641 uint32_t size, buf[128]; 2642 2643 lwkt_serialize_enter(ifp->if_serializer); 2644 2645 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 2646 memset(buf, 0, sizeof buf); 2647 goto back; 2648 } 2649 2650 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 2651 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 2652 back: 2653 lwkt_serialize_exit(ifp->if_serializer); 2654 return SYSCTL_OUT(req, buf, sizeof buf); 2655 } 2656 2657 static int 2658 iwi_sysctl_radio(SYSCTL_HANDLER_ARGS) 2659 { 2660 struct iwi_softc *sc = arg1; 2661 struct ifnet *ifp = &sc->sc_ic.ic_if; 2662 int val; 2663 2664 lwkt_serialize_enter(ifp->if_serializer); 2665 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0; 2666 lwkt_serialize_exit(ifp->if_serializer); 2667 2668 return SYSCTL_OUT(req, &val, sizeof val); 2669 } 2670 2671 static const int8_t iwi_bitmap[256] = { 2672 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2673 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2674 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2675 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2676 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2677 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2678 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2679 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 7, 2680 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2681 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2682 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2683 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6, 2684 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2685 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5, 2686 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4, 2687 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, -1 2688 }; 2689 2690 static int 2691 iwi_alloc_ibss_node(struct iwi_softc *sc) 2692 { 2693 int i; 2694 2695 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2696 2697 for (i = 0; i < IWI_MAX_IBSSNODE_NBYTE; ++i) { 2698 int ret; 2699 2700 ret = iwi_bitmap[sc->sc_ibss_node[i]]; 2701 if (ret != -1) { 2702 sc->sc_ibss_node[i] |= (1 << ret); 2703 ret += (i * NBBY); 2704 return ret; 2705 } 2706 } 2707 return -1; 2708 } 2709 2710 static void 2711 iwi_free_ibss_node(struct iwi_softc *sc, int ibss_node) 2712 { 2713 int i, b; 2714 2715 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer); 2716 KASSERT(ibss_node < IWI_MAX_IBSSNODE, ("free ibss node, out of range")); 2717 2718 i = ibss_node / NBBY; 2719 b = ibss_node % NBBY; 2720 2721 sc->sc_ibss_node[i] &= ~(1 << b); 2722 } 2723