search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
HAMMER Utilities: MFC work to date.
[dragonfly.git] / sys / dev / netif / iwi / if_iwi.c
blob44c1ae014405dc584fb4eb92e309e0aee689f566
1 /*
2 * Copyright (c) 2004-2006
3 * Damien Bergamini <damien.bergamini@free.fr>.
4 * Copyright (c) 2004, 2005
5 * Andrew Atrens <atrens@nortelnetworks.com>.
6 *
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice unmodified, this list of conditions, and the following
14 * disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
31 * $FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.8.2.6 2006/02/23 02:06:46 sam Exp $
32 * $DragonFly: src/sys/dev/netif/iwi/if_iwi.c,v 1.21 2008/05/14 11:59:20 sephe Exp $
33 */
34
35 /*-
36 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver
37 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm
38 */
39
40 #include <sys/param.h>
41 #include <sys/sysctl.h>
42 #include <sys/sockio.h>
43 #include <sys/mbuf.h>
44 #include <sys/kernel.h>
45 #include <sys/kthread.h>
46 #include <sys/interrupt.h>
47 #include <sys/socket.h>
48 #include <sys/systm.h>
49 #include <sys/malloc.h>
50 #include <sys/module.h>
51 #include <sys/endian.h>
52 #include <sys/proc.h>
53 #include <sys/ucred.h>
54 #include <sys/bus.h>
55 #include <sys/rman.h>
56 #include <sys/serialize.h>
57
58 #include <bus/pci/pcidevs.h>
59 #include <bus/pci/pcireg.h>
60 #include <bus/pci/pcivar.h>
61
62 #include <net/bpf.h>
63 #include <net/if.h>
64 #include <net/if_arp.h>
65 #include <net/ethernet.h>
66 #include <net/if_dl.h>
67 #include <net/if_media.h>
68 #include <net/if_types.h>
69 #include <net/ifq_var.h>
70
71 #include <netproto/802_11/ieee80211_var.h>
72 #include <netproto/802_11/ieee80211_radiotap.h>
73
74 #include <netinet/in.h>
75 #include <netinet/in_systm.h>
76 #include <netinet/in_var.h>
77 #include <netinet/ip.h>
78 #include <netinet/if_ether.h>
79
80 #include <dev/netif/iwi/if_iwireg.h>
81 #include <dev/netif/iwi/if_iwivar.h>
82
83 #ifdef IWI_DEBUG
84 #define DPRINTF(x) do { if (iwi_debug > 0) kprintf x; } while (0)
85 #define DPRINTFN(n, x) do { if (iwi_debug >= (n)) kprintf x; } while (0)
86 int iwi_debug = 0;
87 SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level");
88 #else
89 #define DPRINTF(x)
90 #define DPRINTFN(n, x)
91 #endif
92
93 static struct iwi_ident {
94 uint16_t vendor;
95 uint16_t device;
96 const char *name;
97 } iwi_ident_table[] = {
98 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2200BG,
99 "Intel(R) PRO/Wireless 2200BG" },
100 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2225BG,
101 "Intel(R) PRO/Wireless 2225BG" },
102 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1,
103 "Intel(R) PRO/Wireless 2915ABG" },
104 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2,
105 "Intel(R) PRO/Wireless 2915ABG" },
106 { 0, 0, NULL }
107 };
108
109 static void iwi_fw_monitor(void *);
110 static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int);
111 static void iwi_dma_map_mbuf(void *, bus_dma_segment_t *, int, bus_size_t,
112 int);
113 static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *,
114 int);
115 static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *);
116 static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *);
117 static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *,
118 int, bus_addr_t, bus_addr_t);
119 static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *);
120 static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *);
121 static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *,
122 int);
123 static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *);
124 static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *);
125 static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *);
126 static void iwi_node_free(struct ieee80211_node *);
127 static int iwi_media_change(struct ifnet *);
128 static void iwi_media_status(struct ifnet *, struct ifmediareq *);
129 static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int);
130 static int iwi_wme_update(struct ieee80211com *);
131 static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t);
132 static void iwi_fix_channel(struct ieee80211com *, struct mbuf *);
133 static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int,
134 struct iwi_frame *);
135 static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *);
136 static void iwi_rx_intr(struct iwi_softc *);
137 static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *);
138 static void iwi_intr(void *);
139 static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int);
140 static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *);
141 static int iwi_tx_start(struct ifnet *, struct mbuf *,
142 struct ieee80211_node *, int);
143 static void iwi_start(struct ifnet *);
144 static void iwi_watchdog(struct ifnet *);
145 static int iwi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
146 static void iwi_stop_master(struct iwi_softc *);
147 static int iwi_reset(struct iwi_softc *);
148 static int iwi_load_ucode(struct iwi_softc *, void *, int);
149 static int iwi_load_firmware(struct iwi_softc *, void *, int);
150 static int iwi_cache_firmware(struct iwi_softc *, void *);
151 static void iwi_free_firmware(struct iwi_softc *);
152 static int iwi_config(struct iwi_softc *);
153 static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *);
154 static int iwi_scan(struct iwi_softc *);
155 static int iwi_auth_and_assoc(struct iwi_softc *);
156 static void iwi_init(void *);
157 static void iwi_stop(void *);
158 static int iwi_sysctl_stats(SYSCTL_HANDLER_ARGS);
159 static int iwi_sysctl_radio(SYSCTL_HANDLER_ARGS);
160
161 static int iwi_probe(device_t);
162 static int iwi_attach(device_t);
163 static int iwi_detach(device_t);
164 static int iwi_shutdown(device_t);
165 static int iwi_suspend(device_t);
166 static int iwi_resume(device_t);
167
168 static int iwi_alloc_ibss_node(struct iwi_softc *);
169 static void iwi_free_ibss_node(struct iwi_softc *, int);
170
171 static device_method_t iwi_methods[] = {
172 /* Device interface */
173 DEVMETHOD(device_probe, iwi_probe),
174 DEVMETHOD(device_attach, iwi_attach),
175 DEVMETHOD(device_detach, iwi_detach),
176 DEVMETHOD(device_shutdown, iwi_shutdown),
177 DEVMETHOD(device_suspend, iwi_suspend),
178 DEVMETHOD(device_resume, iwi_resume),
179
180 { 0, 0 }
181 };
182
183 static driver_t iwi_driver = {
184 "iwi",
185 iwi_methods,
186 sizeof (struct iwi_softc)
187 };
188
189 static devclass_t iwi_devclass;
190
191 DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0);
192
193 MODULE_DEPEND(iwi, pci, 1, 1, 1);
194 MODULE_DEPEND(iwi, wlan, 1, 1, 1);
195
196 /*
197 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
198 */
199 static const struct ieee80211_rateset iwi_rateset_11a =
200 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } };
201
202 static const struct ieee80211_rateset iwi_rateset_11b =
203 { 4, { 2, 4, 11, 22 } };
204
205 static const struct ieee80211_rateset iwi_rateset_11g =
206 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
207
208 static void
209 iwi_fw_monitor(void *arg)
210 {
211 struct iwi_softc *sc = arg;
212 struct ifnet *ifp = &sc->sc_ic.ic_if;
213
214 lwkt_serialize_enter(ifp->if_serializer);
215 for (;;) {
216 int error = 0;
217
218 /*
219 * Test to see whether we are detaching,
220 * this is used to avoid race condition
221 * especially when attaching fails.
222 */
223 if ((sc->flags & IWI_FLAG_EXIT) == 0) {
224 crit_enter();
225 tsleep_interlock(IWI_FW_WAKE_MONITOR(sc));
226 lwkt_serialize_exit(ifp->if_serializer);
227 error = tsleep(IWI_FW_WAKE_MONITOR(sc),
228 0, "iwifwm", 0);
229 crit_exit();
230 lwkt_serialize_enter(ifp->if_serializer);
231 }
232
233 if (error == 0) {
234 int boff;
235
236 if (sc->flags & IWI_FLAG_EXIT)
237 break;
238 else if ((sc->flags & IWI_FLAG_RESET) == 0)
239 continue;
240
241 if_printf(ifp, "reset firmware\n");
242 for (boff = 1; sc->flags & IWI_FLAG_RESET; boff++) {
243 iwi_init(sc);
244 if (sc->flags & IWI_FLAG_FW_INITED) {
245 sc->flags &= ~IWI_FLAG_RESET;
246 } else if (boff > 10) { /* XXX */
247 if_printf(ifp, "fw reset failed. "
248 "retrying...\n");
249
250 /* XXX avoid to sleep to long */
251 boff = 1;
252 }
253
254 /*
255 * Since this would be infinite loop,
256 * if reseting firmware never succeeded,
257 * we test to see whether we are detaching.
258 */
259 if (sc->flags & IWI_FLAG_EXIT)
260 break;
261
262 crit_enter();
263 tsleep_interlock(IWI_FW_CMD_ACKED(sc));
264 lwkt_serialize_exit(ifp->if_serializer);
265 error = tsleep(IWI_FW_CMD_ACKED(sc), 0,
266 "iwirun", boff * hz);
267 crit_exit();
268 lwkt_serialize_enter(ifp->if_serializer);
269 }
270 }
271 }
272 lwkt_serialize_exit(ifp->if_serializer);
273
274 if_printf(ifp, "fw monitor exiting\n");
275 wakeup(IWI_FW_EXIT_MONITOR(sc));
276 kthread_exit();
277 }
278
279 static int
280 iwi_probe(device_t dev)
281 {
282 const struct iwi_ident *ident;
283 uint16_t vid, did;
284
285 vid = pci_get_vendor(dev);
286 did = pci_get_device(dev);
287 for (ident = iwi_ident_table; ident->name != NULL; ident++) {
288 if (vid == ident->vendor && did == ident->device) {
289 device_set_desc(dev, ident->name);
290 return 0;
291 }
292 }
293 return ENXIO;
294 }
295
296 /* Base Address Register */
297 #define IWI_PCI_BAR0 0x10
298
299 static int
300 iwi_attach(device_t dev)
301 {
302 struct iwi_softc *sc = device_get_softc(dev);
303 struct ieee80211com *ic = &sc->sc_ic;
304 struct ifnet *ifp = &ic->ic_if;
305 uint16_t val;
306 int error, i;
307
308 sc->sc_dev = dev;
309 if_initname(ifp, device_get_name(dev), device_get_unit(dev));
310
311 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) {
312 device_printf(dev, "chip is in D%d power mode "
313 "-- setting to D0\n", pci_get_powerstate(dev));
314 pci_set_powerstate(dev, PCI_POWERSTATE_D0);
315 }
316
317 pci_write_config(dev, 0x41, 0, 1);
318
319 /* enable bus-mastering */
320 pci_enable_busmaster(dev);
321
322 sc->mem_rid = IWI_PCI_BAR0;
323 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid,
324 RF_ACTIVE);
325 if (sc->mem == NULL) {
326 device_printf(dev, "could not allocate memory resource\n");
327 return ENXIO;
328 }
329 sc->sc_st = rman_get_bustag(sc->mem);
330 sc->sc_sh = rman_get_bushandle(sc->mem);
331
332 sc->irq_rid = 0;
333 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid,
334 RF_ACTIVE | RF_SHAREABLE);
335 if (sc->irq == NULL) {
336 device_printf(dev, "could not allocate interrupt resource\n");
337 goto fail;
338 }
339
340 if (iwi_reset(sc) != 0) {
341 device_printf(dev, "could not reset adapter\n");
342 goto fail;
343 }
344
345 /*
346 * Allocate rings.
347 */
348 error = iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT);
349 if (error != 0) {
350 device_printf(dev, "could not allocate Cmd ring\n");
351 goto fail;
352 }
353
354 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT,
355 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX);
356 if (error != 0) {
357 device_printf(dev, "could not allocate Tx ring 1\n");
358 goto fail;
359 }
360
361 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT,
362 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX);
363 if (error != 0) {
364 device_printf(dev, "could not allocate Tx ring 2\n");
365 goto fail;
366 }
367
368 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT,
369 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX);
370 if (error != 0) {
371 device_printf(dev, "could not allocate Tx ring 3\n");
372 goto fail;
373 }
374
375 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT,
376 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX);
377 if (error != 0) {
378 device_printf(dev, "could not allocate Tx ring 4\n");
379 goto fail;
380 }
381
382 error = iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT);
383 if (error != 0) {
384 device_printf(dev, "could not allocate Rx ring\n");
385 goto fail;
386 }
387
388 sysctl_ctx_init(&sc->sysctl_ctx);
389 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx,
390 SYSCTL_STATIC_CHILDREN(_hw),
391 OID_AUTO,
392 device_get_nameunit(dev),
393 CTLFLAG_RD,
394 0, "");
395 if (sc->sysctl_tree == NULL) {
396 device_printf(dev, "sysctl add node failed\n");
397 error = EIO;
398 goto fail;
399 }
400
401 ifp->if_softc = sc;
402 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
403 ifp->if_init = iwi_init;
404 ifp->if_ioctl = iwi_ioctl;
405 ifp->if_start = iwi_start;
406 ifp->if_watchdog = iwi_watchdog;
407 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN);
408 ifq_set_ready(&ifp->if_snd);
409
410 ic->ic_wme.wme_update = iwi_wme_update;
411 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
412 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
413 ic->ic_state = IEEE80211_S_INIT;
414
415 /* set device capabilities */
416 ic->ic_caps =
417 IEEE80211_C_IBSS | /* IBSS mode supported */
418 IEEE80211_C_MONITOR | /* monitor mode supported */
419 IEEE80211_C_TXPMGT | /* tx power management */
420 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
421 IEEE80211_C_WPA | /* 802.11i */
422 IEEE80211_C_WME; /* 802.11e */
423
424 /* read MAC address from EEPROM */
425 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0);
426 ic->ic_myaddr[0] = val & 0xff;
427 ic->ic_myaddr[1] = val >> 8;
428 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1);
429 ic->ic_myaddr[2] = val & 0xff;
430 ic->ic_myaddr[3] = val >> 8;
431 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2);
432 ic->ic_myaddr[4] = val & 0xff;
433 ic->ic_myaddr[5] = val >> 8;
434
435 if (pci_get_device(dev) >= 0x4223) {
436 /* set supported .11a rates (2915ABG only) */
437 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a;
438
439 /* set supported .11a channels */
440 for (i = 36; i <= 64; i += 4) {
441 ic->ic_channels[i].ic_freq =
442 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
443 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
444 }
445 for (i = 149; i <= 165; i += 4) {
446 ic->ic_channels[i].ic_freq =
447 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
448 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
449 }
450 }
451
452 /* set supported .11b and .11g rates */
453 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b;
454 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g;
455
456 /* set supported .11b and .11g channels (1 through 14) */
457 for (i = 1; i <= 14; i++) {
458 ic->ic_channels[i].ic_freq =
459 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
460 ic->ic_channels[i].ic_flags =
461 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
462 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
463 }
464
465 ieee80211_ifattach(ic);
466 /* override default methods */
467 ic->ic_node_alloc = iwi_node_alloc;
468 sc->sc_node_free = ic->ic_node_free;
469 ic->ic_node_free = iwi_node_free;
470 /* override state transition machine */
471 sc->sc_newstate = ic->ic_newstate;
472 ic->ic_newstate = iwi_newstate;
473 ieee80211_media_init(ic, iwi_media_change, iwi_media_status);
474
475 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO,
476 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf);
477
478 sc->sc_rxtap_len = sizeof sc->sc_rxtapu;
479 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
480 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT);
481
482 sc->sc_txtap_len = sizeof sc->sc_txtapu;
483 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
484 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT);
485
486 /*
487 * Add a few sysctl knobs.
488 */
489 sc->dwelltime = 100;
490 sc->bluetooth = 1;
491 sc->antenna = 0;
492
493 SYSCTL_ADD_PROC(&sc->sysctl_ctx,
494 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "radio",
495 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I",
496 "radio transmitter switch state (0=off, 1=on)");
497
498 SYSCTL_ADD_PROC(&sc->sysctl_ctx,
499 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "stats",
500 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S",
501 "statistics");
502
503 SYSCTL_ADD_INT(&sc->sysctl_ctx,
504 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell",
505 CTLFLAG_RW, &sc->dwelltime, 0,
506 "channel dwell time (ms) for AP/station scanning");
507
508 SYSCTL_ADD_INT(&sc->sysctl_ctx,
509 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "bluetooth",
510 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence");
511
512 SYSCTL_ADD_INT(&sc->sysctl_ctx,
513 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "antenna",
514 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)");
515
516 /*
517 * Start firmware monitoring thread
518 *
519 * NOTE:
520 * This should be done only after serializer is initialized,
521 * i.e. after ieee80211_ifattach(), because serializer will be
522 * held once iwi_fw_monitor() is entered.
523 */
524 error = kthread_create(iwi_fw_monitor, sc, &sc->sc_fw_monitor,
525 "%s:fw-monitor", device_get_nameunit(dev));
526 if (error) {
527 device_printf(dev, "could not create fw monitor\n");
528 goto fail1;
529 }
530 sc->flags |= IWI_FLAG_MONITOR;
531
532 /*
533 * Hook our interrupt after all initialization is complete.
534 */
535 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, iwi_intr, sc,
536 &sc->sc_ih, ifp->if_serializer);
537 if (error != 0) {
538 device_printf(dev, "could not set up interrupt\n");
539 goto fail1;
540 }
541
542 ifp->if_cpuid = ithread_cpuid(rman_get_start(sc->irq));
543 KKASSERT(ifp->if_cpuid >= 0 && ifp->if_cpuid < ncpus);
544
545 if (bootverbose)
546 ieee80211_announce(ic);
547
548 return 0;
549
550 fail1:
551 bpfdetach(ifp);
552 ieee80211_ifdetach(ic);
553 fail:
554 iwi_detach(dev);
555 return ENXIO;
556 }
557
558 static int
559 iwi_detach(device_t dev)
560 {
561 struct iwi_softc *sc = device_get_softc(dev);
562 struct ieee80211com *ic = &sc->sc_ic;
563 struct ifnet *ifp = ic->ic_ifp;
564
565 if (sc->flags & IWI_FLAG_MONITOR) {
566 lwkt_serialize_enter(ifp->if_serializer);
567 sc->flags |= IWI_FLAG_EXIT;
568 wakeup(IWI_FW_WAKE_MONITOR(sc));
569
570 crit_enter();
571 tsleep_interlock(IWI_FW_EXIT_MONITOR(sc));
572 lwkt_serialize_exit(ifp->if_serializer);
573 tsleep(IWI_FW_EXIT_MONITOR(sc), 0, "iwiexi", 0);
574 crit_exit();
575 /* No need to hold serializer again */
576
577 if_printf(ifp, "fw monitor exited\n");
578 }
579
580 if (device_is_attached(dev)) {
581 lwkt_serialize_enter(ifp->if_serializer);
582
583 iwi_stop(sc);
584 bus_teardown_intr(dev, sc->irq, sc->sc_ih);
585 iwi_free_firmware(sc);
586
587 lwkt_serialize_exit(ifp->if_serializer);
588
589 bpfdetach(ifp);
590 ieee80211_ifdetach(ic);
591 }
592
593 iwi_free_cmd_ring(sc, &sc->cmdq);
594 iwi_free_tx_ring(sc, &sc->txq[0]);
595 iwi_free_tx_ring(sc, &sc->txq[1]);
596 iwi_free_tx_ring(sc, &sc->txq[2]);
597 iwi_free_tx_ring(sc, &sc->txq[3]);
598 iwi_free_rx_ring(sc, &sc->rxq);
599
600 if (sc->irq != NULL)
601 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq);
602
603 if (sc->mem != NULL)
604 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem);
605
606 if (sc->sysctl_tree != NULL)
607 sysctl_ctx_free(&sc->sysctl_ctx);
608
609 return 0;
610 }
611
612 static void
613 iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error)
614 {
615 if (error != 0)
616 return;
617
618 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg));
619
620 *(bus_addr_t *)arg = segs[0].ds_addr;
621 }
622
623 static int
624 iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count)
625 {
626 int error;
627
628 ring->count = count;
629 ring->queued = 0;
630 ring->cur = ring->next = 0;
631
632 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
633 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_CMD_DESC_SIZE, 1,
634 count * IWI_CMD_DESC_SIZE, 0, &ring->desc_dmat);
635 if (error != 0) {
636 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
637 goto fail;
638 }
639
640 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
641 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map);
642 if (error != 0) {
643 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
644 goto fail;
645 }
646
647 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
648 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0);
649 if (error != 0) {
650 device_printf(sc->sc_dev, "could not load desc DMA map\n");
651 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
652 ring->desc = NULL;
653 return error;
654 }
655
656 return 0;
657
658 fail: iwi_free_cmd_ring(sc, ring);
659 return error;
660 }
661
662 static void
663 iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring)
664 {
665 ring->queued = 0;
666 ring->cur = ring->next = 0;
667 }
668
669 static void
670 iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring)
671 {
672 if (ring->desc != NULL) {
673 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
674 BUS_DMASYNC_POSTWRITE);
675 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
676 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
677 ring->desc = NULL;
678 }
679
680 if (ring->desc_dmat != NULL) {
681 bus_dma_tag_destroy(ring->desc_dmat);
682 ring->desc_dmat = NULL;
683 }
684 }
685
686 static int
687 iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count,
688 bus_addr_t csr_ridx, bus_addr_t csr_widx)
689 {
690 int i, error;
691
692 ring->count = count;
693 ring->queued = 0;
694 ring->cur = ring->next = 0;
695 ring->csr_ridx = csr_ridx;
696 ring->csr_widx = csr_widx;
697
698 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
699 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_TX_DESC_SIZE, 1,
700 count * IWI_TX_DESC_SIZE, 0, &ring->desc_dmat);
701 if (error != 0) {
702 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
703 goto fail;
704 }
705
706 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
707 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map);
708 if (error != 0) {
709 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
710 goto fail;
711 }
712
713 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
714 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0);
715 if (error != 0) {
716 device_printf(sc->sc_dev, "could not load desc DMA map\n");
717
718 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
719 ring->desc = NULL;
720 goto fail;
721 }
722
723 ring->data = kmalloc(count * sizeof (struct iwi_tx_data), M_DEVBUF,
724 M_WAITOK | M_ZERO);
725
726 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT,
727 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, IWI_MAX_NSEG - 2,
728 MCLBYTES, 0, &ring->data_dmat);
729 if (error != 0) {
730 device_printf(sc->sc_dev, "could not create data DMA tag\n");
731 goto fail;
732 }
733
734 for (i = 0; i < count; i++) {
735 error = bus_dmamap_create(ring->data_dmat, 0,
736 &ring->data[i].map);
737 if (error != 0) {
738 device_printf(sc->sc_dev, "could not create DMA map\n");
739 goto fail;
740 }
741 }
742
743 return 0;
744
745 fail: iwi_free_tx_ring(sc, ring);
746 return error;
747 }
748
749 static void
750 iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring)
751 {
752 struct iwi_tx_data *data;
753 int i;
754
755 for (i = 0; i < ring->count; i++) {
756 data = &ring->data[i];
757
758 if (data->m != NULL) {
759 bus_dmamap_sync(ring->data_dmat, data->map,
760 BUS_DMASYNC_POSTWRITE);
761 bus_dmamap_unload(ring->data_dmat, data->map);
762 m_freem(data->m);
763 data->m = NULL;
764 }
765
766 if (data->ni != NULL) {
767 ieee80211_free_node(data->ni);
768 data->ni = NULL;
769 }
770 }
771
772 ring->queued = 0;
773 ring->cur = ring->next = 0;
774 }
775
776 static void
777 iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring)
778 {
779 struct iwi_tx_data *data;
780 int i;
781
782 if (ring->desc != NULL) {
783 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
784 BUS_DMASYNC_POSTWRITE);
785 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
786 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
787 ring->desc = NULL;
788 }
789
790 if (ring->desc_dmat != NULL) {
791 bus_dma_tag_destroy(ring->desc_dmat);
792 ring->desc_dmat = NULL;
793 }
794
795 if (ring->data != NULL) {
796 for (i = 0; i < ring->count; i++) {
797 data = &ring->data[i];
798
799 if (data->m != NULL) {
800 bus_dmamap_sync(ring->data_dmat, data->map,
801 BUS_DMASYNC_POSTWRITE);
802 bus_dmamap_unload(ring->data_dmat, data->map);
803 m_freem(data->m);
804 data->m = NULL;
805 }
806
807 if (data->ni != NULL) {
808 ieee80211_free_node(data->ni);
809 data->ni = NULL;
810 }
811
812 if (data->map != NULL) {
813 bus_dmamap_destroy(ring->data_dmat, data->map);
814 data->map = NULL;
815 }
816 }
817
818 kfree(ring->data, M_DEVBUF);
819 ring->data = NULL;
820 }
821
822 if (ring->data_dmat != NULL) {
823 bus_dma_tag_destroy(ring->data_dmat);
824 ring->data_dmat = NULL;
825 }
826 }
827
828 static int
829 iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count)
830 {
831 struct iwi_rx_data *data;
832 int i, error;
833
834 ring->count = count;
835 ring->cur = 0;
836
837 ring->data = kmalloc(count * sizeof (struct iwi_rx_data), M_DEVBUF,
838 M_WAITOK | M_ZERO);
839
840 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT,
841 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0,
842 &ring->data_dmat);
843 if (error != 0) {
844 device_printf(sc->sc_dev, "could not create data DMA tag\n");
845 goto fail;
846 }
847
848 for (i = 0; i < count; i++) {
849 data = &ring->data[i];
850
851 error = bus_dmamap_create(ring->data_dmat, 0, &data->map);
852 if (error != 0) {
853 device_printf(sc->sc_dev, "could not create DMA map\n");
854 goto fail;
855 }
856
857 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR);
858 if (data->m == NULL) {
859 device_printf(sc->sc_dev,
860 "could not allocate rx mbuf\n");
861 error = ENOMEM;
862 goto fail;
863 }
864
865 error = bus_dmamap_load(ring->data_dmat, data->map,
866 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr,
867 &data->physaddr, 0);
868 if (error != 0) {
869 device_printf(sc->sc_dev,
870 "could not load rx buf DMA map");
871
872 m_freem(data->m);
873 data->m = NULL;
874 goto fail;
875 }
876
877 data->reg = IWI_CSR_RX_BASE + i * 4;
878 }
879
880 return 0;
881
882 fail: iwi_free_rx_ring(sc, ring);
883 return error;
884 }
885
886 static void
887 iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring)
888 {
889 ring->cur = 0;
890 }
891
892 static void
893 iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring)
894 {
895 struct iwi_rx_data *data;
896 int i;
897
898 if (ring->data != NULL) {
899 for (i = 0; i < ring->count; i++) {
900 data = &ring->data[i];
901
902 if (data->m != NULL) {
903 bus_dmamap_sync(ring->data_dmat, data->map,
904 BUS_DMASYNC_POSTREAD);
905 bus_dmamap_unload(ring->data_dmat, data->map);
906 m_freem(data->m);
907 data->m = NULL;
908 }
909
910 if (data->map != NULL) {
911 bus_dmamap_destroy(ring->data_dmat, data->map);
912 data->map = NULL;
913 }
914 }
915
916 kfree(ring->data, M_DEVBUF);
917 ring->data = NULL;
918 }
919
920 if (ring->data_dmat != NULL) {
921 bus_dma_tag_destroy(ring->data_dmat);
922 ring->data_dmat = NULL;
923 }
924 }
925
926 static int
927 iwi_shutdown(device_t dev)
928 {
929 struct iwi_softc *sc = device_get_softc(dev);
930 struct ifnet *ifp = &sc->sc_ic.ic_if;
931
932 lwkt_serialize_enter(ifp->if_serializer);
933 iwi_stop(sc);
934 lwkt_serialize_exit(ifp->if_serializer);
935
936 return 0;
937 }
938
939 static int
940 iwi_suspend(device_t dev)
941 {
942 struct iwi_softc *sc = device_get_softc(dev);
943 struct ifnet *ifp = &sc->sc_ic.ic_if;
944
945 lwkt_serialize_enter(ifp->if_serializer);
946 iwi_stop(sc);
947 lwkt_serialize_exit(ifp->if_serializer);
948
949 return 0;
950 }
951
952 static int
953 iwi_resume(device_t dev)
954 {
955 struct iwi_softc *sc = device_get_softc(dev);
956 struct ifnet *ifp = sc->sc_ic.ic_ifp;
957
958 lwkt_serialize_enter(ifp->if_serializer);
959
960 pci_write_config(dev, 0x41, 0, 1);
961
962 if (ifp->if_flags & IFF_UP) {
963 ifp->if_init(ifp->if_softc);
964 if (ifp->if_flags & IFF_RUNNING)
965 if_devstart(ifp);
966 }
967
968 lwkt_serialize_exit(ifp->if_serializer);
969
970 return 0;
971 }
972
973 static struct ieee80211_node *
974 iwi_node_alloc(struct ieee80211_node_table *nt)
975 {
976 struct iwi_node *in;
977
978 in = kmalloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO);
979 if (in == NULL)
980 return NULL;
981
982 in->in_station = -1;
983
984 return &in->in_node;
985 }
986
987 static void
988 iwi_node_free(struct ieee80211_node *ni)
989 {
990 struct ieee80211com *ic = ni->ni_ic;
991 struct iwi_softc *sc = ic->ic_ifp->if_softc;
992 struct iwi_node *in = (struct iwi_node *)ni;
993
994 if (in->in_station != -1)
995 iwi_free_ibss_node(sc, in->in_station);
996
997 sc->sc_node_free(ni);
998 }
999
1000 static int
1001 iwi_media_change(struct ifnet *ifp)
1002 {
1003 struct iwi_softc *sc = ifp->if_softc;
1004 int error;
1005
1006 ASSERT_SERIALIZED(ifp->if_serializer);
1007
1008 error = ieee80211_media_change(ifp);
1009 if (error != ENETRESET)
1010 return error;
1011
1012 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
1013 iwi_init(sc);
1014 return 0;
1015 }
1016
1017 /*
1018 * The firmware automatically adapts the transmit speed. We report its current
1019 * value here.
1020 */
1021 static void
1022 iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr)
1023 {
1024 struct iwi_softc *sc = ifp->if_softc;
1025 struct ieee80211com *ic = &sc->sc_ic;
1026 #define N(a) (sizeof (a) / sizeof (a[0]))
1027 static const struct {
1028 uint32_t val;
1029 int rate;
1030 } rates[] = {
1031 { IWI_RATE_DS1, 2 },
1032 { IWI_RATE_DS2, 4 },
1033 { IWI_RATE_DS5, 11 },
1034 { IWI_RATE_DS11, 22 },
1035 { IWI_RATE_OFDM6, 12 },
1036 { IWI_RATE_OFDM9, 18 },
1037 { IWI_RATE_OFDM12, 24 },
1038 { IWI_RATE_OFDM18, 36 },
1039 { IWI_RATE_OFDM24, 48 },
1040 { IWI_RATE_OFDM36, 72 },
1041 { IWI_RATE_OFDM48, 96 },
1042 { IWI_RATE_OFDM54, 108 },
1043 };
1044 uint32_t val;
1045 int rate, i;
1046
1047 imr->ifm_status = IFM_AVALID;
1048 imr->ifm_active = IFM_IEEE80211;
1049 if (ic->ic_state == IEEE80211_S_RUN)
1050 imr->ifm_status |= IFM_ACTIVE;
1051
1052 /* read current transmission rate from adapter */
1053 val = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE);
1054
1055 /* convert rate to 802.11 rate */
1056 for (i = 0; i < N(rates) && rates[i].val != val; i++);
1057 rate = (i < N(rates)) ? rates[i].rate : 0;
1058
1059 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode);
1060 switch (ic->ic_opmode) {
1061 case IEEE80211_M_STA:
1062 break;
1063
1064 case IEEE80211_M_IBSS:
1065 imr->ifm_active |= IFM_IEEE80211_ADHOC;
1066 break;
1067
1068 case IEEE80211_M_MONITOR:
1069 imr->ifm_active |= IFM_IEEE80211_MONITOR;
1070 break;
1071
1072 case IEEE80211_M_AHDEMO:
1073 case IEEE80211_M_HOSTAP:
1074 /* should not get there */
1075 break;
1076 }
1077 #undef N
1078 }
1079
1080 static int
1081 iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
1082 {
1083 struct ifnet *ifp = ic->ic_ifp;
1084 struct iwi_softc *sc = ifp->if_softc;
1085 enum ieee80211_state ostate;
1086 uint32_t tmp;
1087
1088 ostate = ic->ic_state;
1089
1090 switch (nstate) {
1091 case IEEE80211_S_SCAN:
1092 if (sc->flags & IWI_FLAG_SCANNING)
1093 break;
1094
1095 ieee80211_node_table_reset(&ic->ic_scan);
1096 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN;
1097 sc->flags |= IWI_FLAG_SCANNING;
1098 iwi_scan(sc);
1099 break;
1100
1101 case IEEE80211_S_AUTH:
1102 iwi_auth_and_assoc(sc);
1103 break;
1104
1105 case IEEE80211_S_RUN:
1106 if (ic->ic_opmode == IEEE80211_M_IBSS)
1107 iwi_auth_and_assoc(sc);
1108 else if (ic->ic_opmode == IEEE80211_M_MONITOR)
1109 iwi_set_chan(sc, ic->ic_ibss_chan);
1110
1111 /* assoc led on */
1112 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK;
1113 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp | IWI_LED_ASSOC);
1114
1115 return sc->sc_newstate(ic, nstate,
1116 IEEE80211_FC0_SUBTYPE_ASSOC_RESP);
1117
1118 case IEEE80211_S_ASSOC:
1119 break;
1120
1121 case IEEE80211_S_INIT:
1122 sc->flags &= ~IWI_FLAG_SCANNING;
1123
1124 if (ostate != IEEE80211_S_RUN)
1125 break;
1126
1127 /* assoc led off */
1128 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK;
1129 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp & ~IWI_LED_ASSOC);
1130 break;
1131 }
1132
1133 ic->ic_state = nstate;
1134
1135 return 0;
1136 }
1137
1138 /*
1139 * WME parameters coming from IEEE 802.11e specification. These values are
1140 * already declared in ieee80211_proto.c, but they are static so they can't
1141 * be reused here.
1142 */
1143 static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = {
1144 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */
1145 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */
1146 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */
1147 { 0, 2, 3, 4, 102 } /* WME_AC_VO */
1148 };
1149
1150 static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = {
1151 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */
1152 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */
1153 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */
1154 { 0, 2, 2, 3, 47 } /* WME_AC_VO */
1155 };
1156
1157 static int
1158 iwi_wme_update(struct ieee80211com *ic)
1159 {
1160 #define IWI_EXP2(v) htole16((1 << (v)) - 1)
1161 #define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v))
1162 struct iwi_softc *sc = ic->ic_ifp->if_softc;
1163 struct iwi_wme_params wme[3];
1164 const struct wmeParams *wmep;
1165 int ac;
1166
1167 /*
1168 * We shall not override firmware default WME values if WME is not
1169 * actually enabled.
1170 */
1171 if (!(ic->ic_flags & IEEE80211_F_WME))
1172 return 0;
1173
1174 for (ac = 0; ac < WME_NUM_AC; ac++) {
1175 /* set WME values for current operating mode */
1176 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac];
1177 wme[0].aifsn[ac] = wmep->wmep_aifsn;
1178 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin);
1179 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax);
1180 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit);
1181 wme[0].acm[ac] = wmep->wmep_acm;
1182
1183 /* set WME values for CCK modulation */
1184 wmep = &iwi_wme_cck_params[ac];
1185 wme[1].aifsn[ac] = wmep->wmep_aifsn;
1186 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin);
1187 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax);
1188 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit);
1189 wme[1].acm[ac] = wmep->wmep_acm;
1190
1191 /* set WME values for OFDM modulation */
1192 wmep = &iwi_wme_ofdm_params[ac];
1193 wme[2].aifsn[ac] = wmep->wmep_aifsn;
1194 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin);
1195 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax);
1196 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit);
1197 wme[2].acm[ac] = wmep->wmep_acm;
1198 }
1199
1200 DPRINTF(("Setting WME parameters\n"));
1201 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1);
1202 #undef IWI_USEC
1203 #undef IWI_EXP2
1204 }
1205
1206 /*
1207 * Read 16 bits at address 'addr' from the serial EEPROM.
1208 */
1209 static uint16_t
1210 iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr)
1211 {
1212 uint32_t tmp;
1213 uint16_t val;
1214 int n;
1215
1216 /* Clock C once before the first command */
1217 IWI_EEPROM_CTL(sc, 0);
1218 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1219 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C);
1220 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1221
1222 /* Write start bit (1) */
1223 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D);
1224 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C);
1225
1226 /* Write READ opcode (10) */
1227 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D);
1228 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C);
1229 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1230 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C);
1231
1232 /* Write address A7-A0 */
1233 for (n = 7; n >= 0; n--) {
1234 IWI_EEPROM_CTL(sc, IWI_EEPROM_S |
1235 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D));
1236 IWI_EEPROM_CTL(sc, IWI_EEPROM_S |
1237 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C);
1238 }
1239
1240 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1241
1242 /* Read data Q15-Q0 */
1243 val = 0;
1244 for (n = 15; n >= 0; n--) {
1245 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C);
1246 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1247 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL);
1248 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n;
1249 }
1250
1251 IWI_EEPROM_CTL(sc, 0);
1252
1253 /* Clear Chip Select and clock C */
1254 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1255 IWI_EEPROM_CTL(sc, 0);
1256 IWI_EEPROM_CTL(sc, IWI_EEPROM_C);
1257
1258 return val;
1259 }
1260
1261 /*
1262 * XXX: Hack to set the current channel to the value advertised in beacons or
1263 * probe responses. Only used during AP detection.
1264 */
1265 static void
1266 iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m)
1267 {
1268 struct ieee80211_frame *wh;
1269 uint8_t subtype;
1270 uint8_t *frm, *efrm;
1271
1272 wh = mtod(m, struct ieee80211_frame *);
1273
1274 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT)
1275 return;
1276
1277 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
1278
1279 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON &&
1280 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP)
1281 return;
1282
1283 frm = (uint8_t *)(wh + 1);
1284 efrm = mtod(m, uint8_t *) + m->m_len;
1285
1286 frm += 12; /* skip tstamp, bintval and capinfo fields */
1287 while (frm < efrm) {
1288 if (*frm == IEEE80211_ELEMID_DSPARMS)
1289 #if IEEE80211_CHAN_MAX < 255
1290 if (frm[2] <= IEEE80211_CHAN_MAX)
1291 #endif
1292 ic->ic_curchan = &ic->ic_channels[frm[2]];
1293
1294 frm += frm[1] + 2;
1295 }
1296 }
1297
1298 static void
1299 iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i,
1300 struct iwi_frame *frame)
1301 {
1302 struct ieee80211com *ic = &sc->sc_ic;
1303 struct ifnet *ifp = ic->ic_ifp;
1304 struct mbuf *mnew, *m;
1305 struct ieee80211_frame *wh;
1306 struct ieee80211_node *ni;
1307 int error;
1308
1309 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n",
1310 le16toh(frame->len), frame->chan, frame->rssi_dbm));
1311
1312 if (le16toh(frame->len) < sizeof (struct ieee80211_frame))
1313 return;
1314
1315 /*
1316 * Try to allocate a new mbuf for this ring element and load it before
1317 * processing the current mbuf. If the ring element cannot be loaded,
1318 * drop the received packet and reuse the old mbuf. In the unlikely
1319 * case that the old mbuf can't be reloaded either, explicitly panic.
1320 */
1321 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR);
1322 if (mnew == NULL) {
1323 ifp->if_ierrors++;
1324 return;
1325 }
1326
1327 bus_dmamap_unload(sc->rxq.data_dmat, data->map);
1328
1329 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1330 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr,
1331 0);
1332 if (error != 0) {
1333 m_freem(mnew);
1334
1335 /* try to reload the old mbuf */
1336 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1337 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr,
1338 &data->physaddr, 0);
1339 if (error != 0) {
1340 /* very unlikely that it will fail... */
1341 panic("%s: could not load old rx mbuf",
1342 device_get_name(sc->sc_dev));
1343 }
1344 ifp->if_ierrors++;
1345 return;
1346 }
1347
1348 /*
1349 * New mbuf successfully loaded, update Rx ring and continue
1350 * processing.
1351 */
1352 m = data->m;
1353 data->m = mnew;
1354 CSR_WRITE_4(sc, data->reg, data->physaddr);
1355
1356 /* Finalize mbuf */
1357 m->m_pkthdr.rcvif = ifp;
1358 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) +
1359 sizeof (struct iwi_frame) + le16toh(frame->len);
1360
1361 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame));
1362
1363 if (ic->ic_state == IEEE80211_S_SCAN)
1364 iwi_fix_channel(ic, m);
1365
1366 if (sc->sc_drvbpf != NULL) {
1367 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap;
1368
1369 tap->wr_flags = 0;
1370 tap->wr_rate = frame->rate;
1371 tap->wr_chan_freq =
1372 htole16(ic->ic_channels[frame->chan].ic_freq);
1373 tap->wr_chan_flags =
1374 htole16(ic->ic_channels[frame->chan].ic_flags);
1375 tap->wr_antsignal = frame->signal;
1376 tap->wr_antenna = frame->antenna;
1377
1378 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len);
1379 }
1380
1381 wh = mtod(m, struct ieee80211_frame *);
1382 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh);
1383
1384 /* send the frame to the 802.11 layer */
1385 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0);
1386
1387 /* node is no longer needed */
1388 ieee80211_free_node(ni);
1389 }
1390
1391 static void
1392 iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif)
1393 {
1394 struct ieee80211com *ic = &sc->sc_ic;
1395 struct iwi_notif_scan_channel *chan;
1396 struct iwi_notif_scan_complete *scan;
1397 struct iwi_notif_authentication *auth;
1398 struct iwi_notif_association *assoc;
1399
1400 switch (notif->type) {
1401 case IWI_NOTIF_TYPE_SCAN_CHANNEL:
1402 chan = (struct iwi_notif_scan_channel *)(notif + 1);
1403
1404 DPRINTFN(2, ("Scanning channel (%u)\n", chan->nchan));
1405 break;
1406
1407 case IWI_NOTIF_TYPE_SCAN_COMPLETE:
1408 scan = (struct iwi_notif_scan_complete *)(notif + 1);
1409
1410 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan,
1411 scan->status));
1412
1413 /* monitor mode uses scan to set the channel ... */
1414 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1415 sc->flags &= ~IWI_FLAG_SCANNING;
1416 ieee80211_end_scan(ic);
1417 } else
1418 iwi_set_chan(sc, ic->ic_ibss_chan);
1419 break;
1420
1421 case IWI_NOTIF_TYPE_AUTHENTICATION:
1422 auth = (struct iwi_notif_authentication *)(notif + 1);
1423
1424 DPRINTFN(2, ("Authentication (%u)\n", auth->state));
1425
1426 switch (auth->state) {
1427 case IWI_AUTHENTICATED:
1428 ieee80211_node_authorize(ic->ic_bss);
1429 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1);
1430 break;
1431
1432 case IWI_DEAUTHENTICATED:
1433 break;
1434
1435 default:
1436 device_printf(sc->sc_dev,
1437 "unknown authentication state %u\n", auth->state);
1438 }
1439 break;
1440
1441 case IWI_NOTIF_TYPE_ASSOCIATION:
1442 assoc = (struct iwi_notif_association *)(notif + 1);
1443
1444 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state,
1445 assoc->status));
1446
1447 switch (assoc->state) {
1448 case IWI_AUTHENTICATED:
1449 /* re-association, do nothing */
1450 break;
1451
1452 case IWI_ASSOCIATED:
1453 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
1454 break;
1455
1456 case IWI_DEASSOCIATED:
1457 ieee80211_begin_scan(ic, 1);
1458 break;
1459
1460 default:
1461 device_printf(sc->sc_dev,
1462 "unknown association state %u\n", assoc->state);
1463 }
1464 break;
1465
1466 default:
1467 DPRINTFN(5, ("Notification (%u)\n", notif->type));
1468 }
1469 }
1470
1471 static void
1472 iwi_rx_intr(struct iwi_softc *sc)
1473 {
1474 struct iwi_rx_data *data;
1475 struct iwi_hdr *hdr;
1476 uint32_t hw;
1477
1478 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX);
1479
1480 for (; sc->rxq.cur != hw;) {
1481 data = &sc->rxq.data[sc->rxq.cur];
1482
1483 bus_dmamap_sync(sc->rxq.data_dmat, data->map,
1484 BUS_DMASYNC_POSTREAD);
1485
1486 hdr = mtod(data->m, struct iwi_hdr *);
1487
1488 switch (hdr->type) {
1489 case IWI_HDR_TYPE_FRAME:
1490 iwi_frame_intr(sc, data, sc->rxq.cur,
1491 (struct iwi_frame *)(hdr + 1));
1492 break;
1493
1494 case IWI_HDR_TYPE_NOTIF:
1495 iwi_notification_intr(sc,
1496 (struct iwi_notif *)(hdr + 1));
1497 break;
1498
1499 default:
1500 device_printf(sc->sc_dev, "unknown hdr type %u\n",
1501 hdr->type);
1502 }
1503
1504 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur));
1505
1506 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT;
1507 }
1508
1509 /* Tell the firmware what we have processed */
1510 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1;
1511 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw);
1512 }
1513
1514 static void
1515 iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq)
1516 {
1517 struct ieee80211com *ic = &sc->sc_ic;
1518 struct ifnet *ifp = ic->ic_ifp;
1519 struct iwi_tx_data *data;
1520 uint32_t hw;
1521
1522 hw = CSR_READ_4(sc, txq->csr_ridx);
1523
1524 for (; txq->next != hw;) {
1525 data = &txq->data[txq->next];
1526
1527 bus_dmamap_sync(txq->data_dmat, data->map,
1528 BUS_DMASYNC_POSTWRITE);
1529 bus_dmamap_unload(txq->data_dmat, data->map);
1530 m_freem(data->m);
1531 data->m = NULL;
1532 ieee80211_free_node(data->ni);
1533 data->ni = NULL;
1534
1535 DPRINTFN(15, ("tx done idx=%u\n", txq->next));
1536
1537 ifp->if_opackets++;
1538
1539 txq->queued--;
1540 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT;
1541 }
1542
1543 sc->sc_tx_timer = 0;
1544 ifp->if_flags &= ~IFF_OACTIVE;
1545 if_devstart(ifp);
1546 }
1547
1548 static void
1549 iwi_intr(void *arg)
1550 {
1551 struct iwi_softc *sc = arg;
1552 uint32_t r;
1553
1554 r = CSR_READ_4(sc, IWI_CSR_INTR);
1555 if (r == 0 || r == 0xffffffff)
1556 return;
1557
1558 /* disable interrupts */
1559 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0);
1560
1561 if (r & IWI_INTR_FATAL_ERROR) {
1562 device_printf(sc->sc_dev, "fatal error\n");
1563
1564 if ((sc->flags & (IWI_FLAG_EXIT | IWI_FLAG_RESET)) == 0) {
1565 sc->flags |= IWI_FLAG_RESET;
1566 device_printf(sc->sc_dev, "wake firmware monitor\n");
1567 wakeup(IWI_FW_WAKE_MONITOR(sc));
1568 }
1569 }
1570
1571 if (r & IWI_INTR_PARITY_ERROR) {
1572 device_printf(sc->sc_dev, "parity error\n");
1573 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP;
1574 iwi_stop(sc);
1575 }
1576
1577 if (r & IWI_INTR_FW_INITED) {
1578 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR)))
1579 wakeup(IWI_FW_INITIALIZED(sc));
1580 }
1581
1582 if (r & IWI_INTR_RADIO_OFF) {
1583 DPRINTF(("radio transmitter turned off\n"));
1584 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP;
1585 iwi_stop(sc);
1586 }
1587
1588 if (r & IWI_INTR_CMD_DONE)
1589 wakeup(IWI_FW_CMD_ACKED(sc));
1590
1591 if (r & IWI_INTR_TX1_DONE)
1592 iwi_tx_intr(sc, &sc->txq[0]);
1593
1594 if (r & IWI_INTR_TX2_DONE)
1595 iwi_tx_intr(sc, &sc->txq[1]);
1596
1597 if (r & IWI_INTR_TX3_DONE)
1598 iwi_tx_intr(sc, &sc->txq[2]);
1599
1600 if (r & IWI_INTR_TX4_DONE)
1601 iwi_tx_intr(sc, &sc->txq[3]);
1602
1603 if (r & IWI_INTR_RX_DONE)
1604 iwi_rx_intr(sc);
1605
1606 /* acknowledge interrupts */
1607 CSR_WRITE_4(sc, IWI_CSR_INTR, r);
1608
1609 /* re-enable interrupts */
1610 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK);
1611 }
1612
1613 static int
1614 iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, int async)
1615 {
1616 struct iwi_cmd_desc *desc;
1617 struct ifnet *ifp = &sc->sc_ic.ic_if;
1618 int ret;
1619
1620 desc = &sc->cmdq.desc[sc->cmdq.cur];
1621
1622 desc->hdr.type = IWI_HDR_TYPE_COMMAND;
1623 desc->hdr.flags = IWI_HDR_FLAG_IRQ;
1624 desc->type = type;
1625 desc->len = len;
1626 memcpy(desc->data, data, len);
1627
1628 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map,
1629 BUS_DMASYNC_PREWRITE);
1630
1631 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur,
1632 type, len));
1633
1634 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT;
1635 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur);
1636
1637 if (!async) {
1638 ASSERT_SERIALIZED(ifp->if_serializer);
1639
1640 crit_enter();
1641 tsleep_interlock(IWI_FW_CMD_ACKED(sc));
1642 lwkt_serialize_exit(ifp->if_serializer);
1643 ret = tsleep(IWI_FW_CMD_ACKED(sc), 0, "iwicmd", hz);
1644 crit_exit();
1645 lwkt_serialize_enter(ifp->if_serializer);
1646 } else {
1647 ret = 0;
1648 }
1649
1650 return ret;
1651 }
1652
1653 static void
1654 iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in)
1655 {
1656 struct iwi_ibssnode node;
1657
1658 /* write node information into NIC memory */
1659 memset(&node, 0, sizeof node);
1660 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr);
1661
1662 CSR_WRITE_REGION_1(sc,
1663 IWI_CSR_NODE_BASE + in->in_station * sizeof node,
1664 (uint8_t *)&node, sizeof node);
1665 }
1666
1667 struct iwi_dma_mapping {
1668 bus_dma_segment_t segs[IWI_MAX_NSEG];
1669 int nseg;
1670 bus_size_t mapsize;
1671 };
1672
1673 static void
1674 iwi_dma_map_mbuf(void *arg, bus_dma_segment_t *segs, int nseg,
1675 bus_size_t mapsize, int error)
1676 {
1677 struct iwi_dma_mapping *map = arg;
1678
1679 if (error != 0)
1680 return;
1681
1682 KASSERT(nseg <= IWI_MAX_NSEG, ("too many DMA segments %d", nseg));
1683
1684 bcopy(segs, map->segs, nseg * sizeof(bus_dma_segment_t));
1685 map->nseg = nseg;
1686 map->mapsize = mapsize;
1687 }
1688
1689 static int
1690 iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni,
1691 int ac)
1692 {
1693 struct iwi_softc *sc = ifp->if_softc;
1694 struct ieee80211com *ic = &sc->sc_ic;
1695 struct iwi_node *in = (struct iwi_node *)ni;
1696 struct ieee80211_frame *wh;
1697 struct ieee80211_key *k;
1698 const struct chanAccParams *cap;
1699 struct iwi_tx_ring *txq = &sc->txq[ac];
1700 struct iwi_tx_data *data;
1701 struct iwi_tx_desc *desc;
1702 struct mbuf *mnew;
1703 struct iwi_dma_mapping map;
1704 int error, hdrlen, i, noack = 0;
1705
1706 wh = mtod(m0, struct ieee80211_frame *);
1707
1708 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) {
1709 hdrlen = sizeof (struct ieee80211_qosframe);
1710 cap = &ic->ic_wme.wme_chanParams;
1711 noack = cap->cap_wmeParams[ac].wmep_noackPolicy;
1712 } else
1713 hdrlen = sizeof (struct ieee80211_frame);
1714
1715 /*
1716 * This is only used in IBSS mode where the firmware expect an index
1717 * in a h/w table instead of a destination address.
1718 */
1719 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) {
1720 in->in_station = iwi_alloc_ibss_node(sc);
1721 if (in->in_station == -1) { /* h/w table is full */
1722 m_freem(m0);
1723 ieee80211_free_node(ni);
1724 ifp->if_oerrors++;
1725 if_printf(ifp, "ibss table is full\n");
1726 return 0;
1727 }
1728 iwi_write_ibssnode(sc, in);
1729 }
1730
1731 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1732 k = ieee80211_crypto_encap(ic, ni, m0);
1733 if (k == NULL) {
1734 m_freem(m0);
1735 return ENOBUFS;
1736 }
1737
1738 /* packet header may have moved, reset our local pointer */
1739 wh = mtod(m0, struct ieee80211_frame *);
1740 }
1741
1742 if (sc->sc_drvbpf != NULL) {
1743 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap;
1744
1745 tap->wt_flags = 0;
1746 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq);
1747 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags);
1748
1749 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len);
1750 }
1751
1752 data = &txq->data[txq->cur];
1753 desc = &txq->desc[txq->cur];
1754
1755 /* save and trim IEEE802.11 header */
1756 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh);
1757 m_adj(m0, hdrlen);
1758
1759 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0,
1760 iwi_dma_map_mbuf, &map, BUS_DMA_NOWAIT);
1761 if (error != 0 && error != EFBIG) {
1762 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1763 error);
1764 m_freem(m0);
1765 return error;
1766 }
1767 if (error != 0) {
1768 mnew = m_defrag(m0, MB_DONTWAIT);
1769 if (mnew == NULL) {
1770 device_printf(sc->sc_dev,
1771 "could not defragment mbuf\n");
1772 m_freem(m0);
1773 return ENOBUFS;
1774 }
1775 m0 = mnew;
1776
1777 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0,
1778 iwi_dma_map_mbuf, &map,
1779 BUS_DMA_NOWAIT);
1780 if (error != 0) {
1781 device_printf(sc->sc_dev,
1782 "could not map mbuf (error %d)\n", error);
1783 m_freem(m0);
1784 return error;
1785 }
1786 }
1787
1788 data->m = m0;
1789 data->ni = ni;
1790
1791 desc->hdr.type = IWI_HDR_TYPE_DATA;
1792 desc->hdr.flags = IWI_HDR_FLAG_IRQ;
1793 desc->station =
1794 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0;
1795 desc->cmd = IWI_DATA_CMD_TX;
1796 desc->len = htole16(m0->m_pkthdr.len);
1797 desc->flags = 0;
1798 desc->xflags = 0;
1799
1800 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1))
1801 desc->flags |= IWI_DATA_FLAG_NEED_ACK;
1802
1803 #if 0
1804 if (ic->ic_flags & IEEE80211_F_PRIVACY) {
1805 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP;
1806 desc->weptxkey = ic->ic_crypto.cs_def_txkey;
1807 } else
1808 #endif
1809 desc->flags |= IWI_DATA_FLAG_NO_WEP;
1810
1811 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
1812 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE;
1813
1814 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS)
1815 desc->xflags |= IWI_DATA_XFLAG_QOS;
1816
1817 desc->nseg = htole32(map.nseg);
1818 for (i = 0; i < map.nseg; i++) {
1819 desc->seg_addr[i] = htole32(map.segs[i].ds_addr);
1820 desc->seg_len[i] = htole16(map.segs[i].ds_len);
1821 }
1822
1823 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1824 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE);
1825
1826 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n",
1827 ac, txq->cur, le16toh(desc->len), map.nseg));
1828
1829 txq->queued++;
1830 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT;
1831 CSR_WRITE_4(sc, txq->csr_widx, txq->cur);
1832
1833 return 0;
1834 }
1835
1836 static void
1837 iwi_start(struct ifnet *ifp)
1838 {
1839 struct iwi_softc *sc = ifp->if_softc;
1840 struct ieee80211com *ic = &sc->sc_ic;
1841 struct mbuf *m0;
1842 struct ether_header *eh;
1843 struct ieee80211_node *ni;
1844 int ac;
1845
1846 ieee80211_drain_mgtq(&ic->ic_mgtq);
1847 if (ic->ic_state != IEEE80211_S_RUN) {
1848 ifq_purge(&ifp->if_snd);
1849 return;
1850 }
1851
1852 for (;;) {
1853 m0 = ifq_dequeue(&ifp->if_snd, NULL);
1854 if (m0 == NULL)
1855 break;
1856
1857 if (m0->m_len < sizeof (struct ether_header) &&
1858 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) {
1859 ifp->if_oerrors++;
1860 continue;
1861 }
1862 eh = mtod(m0, struct ether_header *);
1863 ni = ieee80211_find_txnode(ic, eh->ether_dhost);
1864 if (ni == NULL) {
1865 m_freem(m0);
1866 ifp->if_oerrors++;
1867 continue;
1868 }
1869
1870 /* classify mbuf so we can find which tx ring to use */
1871 if (ieee80211_classify(ic, m0, ni) != 0) {
1872 m_freem(m0);
1873 ieee80211_free_node(ni);
1874 ifp->if_oerrors++;
1875 continue;
1876 }
1877
1878 /* no QoS encapsulation for EAPOL frames */
1879 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ?
1880 M_WME_GETAC(m0) : WME_AC_BE;
1881
1882 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) {
1883 /* there is no place left in this ring */
1884 m_freem(m0);
1885 ieee80211_free_node(ni);
1886 ifp->if_flags |= IFF_OACTIVE;
1887 break;
1888 }
1889
1890 BPF_MTAP(ifp, m0);
1891
1892 m0 = ieee80211_encap(ic, m0, ni);
1893 if (m0 == NULL) {
1894 ieee80211_free_node(ni);
1895 ifp->if_oerrors++;
1896 continue;
1897 }
1898
1899 if (ic->ic_rawbpf != NULL)
1900 bpf_mtap(ic->ic_rawbpf, m0);
1901
1902 if (iwi_tx_start(ifp, m0, ni, ac) != 0) {
1903 ieee80211_free_node(ni);
1904 ifp->if_oerrors++;
1905 break;
1906 }
1907
1908 sc->sc_tx_timer = 5;
1909 ifp->if_timer = 1;
1910 }
1911 }
1912
1913 static void
1914 iwi_watchdog(struct ifnet *ifp)
1915 {
1916 struct iwi_softc *sc = ifp->if_softc;
1917 struct ieee80211com *ic = &sc->sc_ic;
1918
1919 ifp->if_timer = 0;
1920
1921 if (sc->sc_tx_timer > 0) {
1922 if (--sc->sc_tx_timer == 0) {
1923 if_printf(ifp, "device timeout\n");
1924 ifp->if_oerrors++;
1925 sc->flags |= IWI_FLAG_RESET;
1926 wakeup(IWI_FW_WAKE_MONITOR(sc));
1927 return;
1928 }
1929 ifp->if_timer = 1;
1930 }
1931
1932 ieee80211_watchdog(ic);
1933 }
1934
1935 static int
1936 iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
1937 {
1938 struct iwi_softc *sc = ifp->if_softc;
1939 struct ieee80211com *ic = &sc->sc_ic;
1940 struct ifreq *ifr;
1941 int error = 0;
1942
1943 switch (cmd) {
1944 case SIOCSIFFLAGS:
1945 if (ifp->if_flags & IFF_UP) {
1946 if (!(ifp->if_flags & IFF_RUNNING))
1947 iwi_init(sc);
1948 } else {
1949 if (ifp->if_flags & IFF_RUNNING)
1950 iwi_stop(sc);
1951 }
1952 break;
1953
1954 case SIOCSLOADFW:
1955 /* only super-user can do that! */
1956 error = suser_cred(cr, NULL_CRED_OKAY);
1957 if (error != 0)
1958 break;
1959
1960 ifr = (struct ifreq *)data;
1961 error = iwi_cache_firmware(sc, ifr->ifr_data);
1962 break;
1963
1964 case SIOCSKILLFW:
1965 /* only super-user can do that! */
1966 error = suser_cred(cr, NULL_CRED_OKAY);
1967 if (error != 0)
1968 break;
1969
1970 ifp->if_flags &= ~IFF_UP;
1971 iwi_stop(sc);
1972 iwi_free_firmware(sc);
1973 break;
1974
1975 default:
1976 error = ieee80211_ioctl(ic, cmd, data, cr);
1977 }
1978
1979 if (error == ENETRESET) {
1980 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
1981 (IFF_UP | IFF_RUNNING) &&
1982 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL))
1983 iwi_init(sc);
1984 error = 0;
1985 }
1986
1987 return error;
1988 }
1989
1990 static void
1991 iwi_stop_master(struct iwi_softc *sc)
1992 {
1993 uint32_t tmp;
1994 int ntries;
1995
1996 /* disable interrupts */
1997 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0);
1998
1999 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER);
2000 for (ntries = 0; ntries < 5; ntries++) {
2001 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED)
2002 break;
2003 DELAY(10);
2004 }
2005 if (ntries == 5)
2006 if_printf(&sc->sc_ic.ic_if, "timeout waiting for master\n");
2007
2008 tmp = CSR_READ_4(sc, IWI_CSR_RST);
2009 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET);
2010
2011 sc->flags &= ~IWI_FLAG_FW_INITED;
2012 }
2013
2014 static int
2015 iwi_reset(struct iwi_softc *sc)
2016 {
2017 uint32_t tmp;
2018 int i, ntries;
2019
2020 iwi_stop_master(sc);
2021
2022 tmp = CSR_READ_4(sc, IWI_CSR_CTL);
2023 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT);
2024
2025 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST);
2026
2027 /* Wait for clock stabilization */
2028 for (ntries = 0; ntries < 1000; ntries++) {
2029 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY)
2030 break;
2031 DELAY(200);
2032 }
2033 if (ntries == 1000) {
2034 if_printf(&sc->sc_ic.ic_if,
2035 "timeout waiting for clock stabilization\n");
2036 return EIO;
2037 }
2038
2039 tmp = CSR_READ_4(sc, IWI_CSR_RST);
2040 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET);
2041
2042 DELAY(10);
2043
2044 tmp = CSR_READ_4(sc, IWI_CSR_CTL);
2045 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT);
2046
2047 /* Clear NIC memory */
2048 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0);
2049 for (i = 0; i < 0xc000; i++)
2050 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0);
2051
2052 return 0;
2053 }
2054
2055 static int
2056 iwi_load_ucode(struct iwi_softc *sc, void *uc, int size)
2057 {
2058 uint32_t tmp;
2059 uint16_t *w;
2060 int ntries, i;
2061
2062 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) |
2063 IWI_RST_STOP_MASTER);
2064 for (ntries = 0; ntries < 5; ntries++) {
2065 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED)
2066 break;
2067 DELAY(10);
2068 }
2069 if (ntries == 5) {
2070 device_printf(sc->sc_dev, "timeout waiting for master\n");
2071 return EIO;
2072 }
2073
2074 MEM_WRITE_4(sc, 0x3000e0, 0x80000000);
2075 DELAY(5000);
2076
2077 tmp = CSR_READ_4(sc, IWI_CSR_RST);
2078 tmp &= ~IWI_RST_PRINCETON_RESET;
2079 CSR_WRITE_4(sc, IWI_CSR_RST, tmp);
2080
2081 DELAY(5000);
2082 MEM_WRITE_4(sc, 0x3000e0, 0);
2083 DELAY(1000);
2084 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 1);
2085 DELAY(1000);
2086 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 0);
2087 DELAY(1000);
2088 MEM_WRITE_1(sc, 0x200000, 0x00);
2089 MEM_WRITE_1(sc, 0x200000, 0x40);
2090 DELAY(1000);
2091
2092 /* write microcode into adapter memory */
2093 for (w = uc; size > 0; w++, size -= 2)
2094 MEM_WRITE_2(sc, 0x200010, htole16(*w));
2095
2096 MEM_WRITE_1(sc, 0x200000, 0x00);
2097 MEM_WRITE_1(sc, 0x200000, 0x80);
2098
2099 /* wait until we get an answer */
2100 for (ntries = 0; ntries < 100; ntries++) {
2101 if (MEM_READ_1(sc, 0x200000) & 1)
2102 break;
2103 DELAY(100);
2104 }
2105 if (ntries == 100) {
2106 device_printf(sc->sc_dev,
2107 "timeout waiting for ucode to initialize\n");
2108 return EIO;
2109 }
2110
2111 /* read the answer or the firmware will not initialize properly */
2112 for (i = 0; i < 7; i++)
2113 MEM_READ_4(sc, 0x200004);
2114
2115 MEM_WRITE_1(sc, 0x200000, 0x00);
2116
2117 return 0;
2118 }
2119
2120 /* macro to handle unaligned little endian data in firmware image */
2121 #define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24)
2122
2123 static int
2124 iwi_load_firmware(struct iwi_softc *sc, void *fw, int size)
2125 {
2126 bus_dma_tag_t dmat;
2127 bus_dmamap_t map;
2128 bus_addr_t physaddr;
2129 void *virtaddr;
2130 u_char *p, *end;
2131 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp;
2132 int ntries, error = 0;
2133 struct ifnet *ifp = &sc->sc_ic.ic_if;
2134
2135 ASSERT_SERIALIZED(ifp->if_serializer);
2136
2137 /* Allocate DMA memory for mapping firmware image */
2138 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
2139 BUS_SPACE_MAXADDR, NULL, NULL, size, 1, size, 0, &dmat);
2140 if (error != 0) {
2141 device_printf(sc->sc_dev,
2142 "could not create firmware DMA tag\n");
2143 goto fail1;
2144 }
2145
2146 error = bus_dmamem_alloc(dmat, &virtaddr, BUS_DMA_WAITOK, &map);
2147 if (error != 0) {
2148 device_printf(sc->sc_dev,
2149 "could not allocate firmware DMA memory\n");
2150 goto fail2;
2151 }
2152
2153 error = bus_dmamap_load(dmat, map, virtaddr, size, iwi_dma_map_addr,
2154 &physaddr, 0);
2155 if (error != 0) {
2156 device_printf(sc->sc_dev, "could not load firmware DMA map\n");
2157 goto fail3;
2158 }
2159
2160 /* Copy firmware image to DMA memory */
2161 memcpy(virtaddr, fw, size);
2162
2163 /* Make sure the adapter will get up-to-date values */
2164 bus_dmamap_sync(dmat, map, BUS_DMASYNC_PREWRITE);
2165
2166 /* Tell the adapter where the command blocks are stored */
2167 MEM_WRITE_4(sc, 0x3000a0, 0x27000);
2168
2169 /*
2170 * Store command blocks into adapter's internal memory using register
2171 * indirections. The adapter will read the firmware image through DMA
2172 * using information stored in command blocks.
2173 */
2174 src = physaddr;
2175 p = virtaddr;
2176 end = p + size;
2177 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000);
2178
2179 while (p < end) {
2180 dst = GETLE32(p); p += 4; src += 4;
2181 len = GETLE32(p); p += 4; src += 4;
2182 p += len;
2183
2184 while (len > 0) {
2185 mlen = min(len, IWI_CB_MAXDATALEN);
2186
2187 ctl = IWI_CB_DEFAULT_CTL | mlen;
2188 sum = ctl ^ src ^ dst;
2189
2190 /* Write a command block */
2191 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl);
2192 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src);
2193 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst);
2194 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum);
2195
2196 src += mlen;
2197 dst += mlen;
2198 len -= mlen;
2199 }
2200 }
2201
2202 /* Write a fictive final command block (sentinel) */
2203 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR);
2204 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0);
2205
2206 tmp = CSR_READ_4(sc, IWI_CSR_RST);
2207 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER);
2208 CSR_WRITE_4(sc, IWI_CSR_RST, tmp);
2209
2210 /* Tell the adapter to start processing command blocks */
2211 MEM_WRITE_4(sc, 0x3000a4, 0x540100);
2212
2213 /* Wait until the adapter reaches the sentinel */
2214 for (ntries = 0; ntries < 400; ntries++) {
2215 if (MEM_READ_4(sc, 0x3000d0) >= sentinel)
2216 break;
2217 DELAY(100);
2218 }
2219 if (ntries == 400) {
2220 device_printf(sc->sc_dev,
2221 "timeout processing command blocks\n");
2222 error = EIO;
2223 goto fail4;
2224 }
2225
2226 /* We're done with command blocks processing */
2227 MEM_WRITE_4(sc, 0x3000a4, 0x540c00);
2228
2229 /* Allow interrupts so we know when the firmware is ready */
2230 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK);
2231
2232 /* Tell the adapter to initialize the firmware */
2233 CSR_WRITE_4(sc, IWI_CSR_RST, 0);
2234
2235 tmp = CSR_READ_4(sc, IWI_CSR_CTL);
2236 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY);
2237
2238 /* wait at most one second for firmware initialization to complete */
2239 crit_enter();
2240 tsleep_interlock(IWI_FW_INITIALIZED(sc));
2241 lwkt_serialize_exit(ifp->if_serializer);
2242 error = tsleep(IWI_FW_INITIALIZED(sc), 0, "iwiinit", hz);
2243 crit_exit();
2244 lwkt_serialize_enter(ifp->if_serializer);
2245 if (error != 0) {
2246 device_printf(sc->sc_dev, "timeout waiting for firmware "
2247 "initialization to complete\n");
2248 goto fail4;
2249 }
2250
2251 fail4: bus_dmamap_sync(dmat, map, BUS_DMASYNC_POSTWRITE);
2252 bus_dmamap_unload(dmat, map);
2253 fail3: bus_dmamem_free(dmat, virtaddr, map);
2254 fail2: bus_dma_tag_destroy(dmat);
2255 fail1:
2256 return error;
2257 }
2258
2259 /*
2260 * Store firmware into kernel memory so we can download it when we need to,
2261 * e.g when the adapter wakes up from suspend mode.
2262 */
2263 static int
2264 iwi_cache_firmware(struct iwi_softc *sc, void *data)
2265 {
2266 struct iwi_firmware *kfw = &sc->fw;
2267 struct iwi_firmware ufw;
2268 int error;
2269
2270 iwi_free_firmware(sc);
2271
2272 if ((error = copyin(data, &ufw, sizeof ufw)) != 0)
2273 return error;
2274
2275 kfw->boot_size = ufw.boot_size;
2276 kfw->ucode_size = ufw.ucode_size;
2277 kfw->main_size = ufw.main_size;
2278
2279 kfw->boot = kmalloc(kfw->boot_size, M_DEVBUF, M_WAITOK);
2280 kfw->ucode = kmalloc(kfw->ucode_size, M_DEVBUF, M_WAITOK);
2281 kfw->main = kmalloc(kfw->main_size, M_DEVBUF, M_WAITOK);
2282
2283 if ((error = copyin(ufw.boot, kfw->boot, kfw->boot_size)) != 0)
2284 goto fail;
2285
2286 if ((error = copyin(ufw.ucode, kfw->ucode, kfw->ucode_size)) != 0)
2287 goto fail;
2288
2289 if ((error = copyin(ufw.main, kfw->main, kfw->main_size)) != 0)
2290 goto fail;
2291
2292 DPRINTF(("Firmware cached: boot %u, ucode %u, main %u\n",
2293 kfw->boot_size, kfw->ucode_size, kfw->main_size));
2294
2295 sc->flags |= IWI_FLAG_FW_CACHED;
2296
2297 return 0;
2298
2299 fail:
2300 kfree(kfw->boot, M_DEVBUF);
2301 kfree(kfw->ucode, M_DEVBUF);
2302 kfree(kfw->main, M_DEVBUF);
2303
2304 return error;
2305 }
2306
2307 static void
2308 iwi_free_firmware(struct iwi_softc *sc)
2309 {
2310 if (!(sc->flags & IWI_FLAG_FW_CACHED))
2311 return;
2312
2313 kfree(sc->fw.boot, M_DEVBUF);
2314 kfree(sc->fw.ucode, M_DEVBUF);
2315 kfree(sc->fw.main, M_DEVBUF);
2316
2317 sc->flags &= ~IWI_FLAG_FW_CACHED;
2318 }
2319
2320 static int
2321 iwi_config(struct iwi_softc *sc)
2322 {
2323 struct ieee80211com *ic = &sc->sc_ic;
2324 struct ifnet *ifp = ic->ic_ifp;
2325 struct iwi_configuration config;
2326 struct iwi_rateset rs;
2327 struct iwi_txpower power;
2328 struct ieee80211_key *wk;
2329 struct iwi_wep_key wepkey;
2330 uint32_t data;
2331 int error, i;
2332
2333 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp));
2334 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":"));
2335 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr,
2336 IEEE80211_ADDR_LEN, 0);
2337 if (error != 0)
2338 return error;
2339
2340 memset(&config, 0, sizeof config);
2341 config.bluetooth_coexistence = sc->bluetooth;
2342 config.antenna = sc->antenna;
2343 config.multicast_enabled = 1;
2344 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0;
2345 config.disable_unicast_decryption = 1;
2346 config.disable_multicast_decryption = 1;
2347 DPRINTF(("Configuring adapter\n"));
2348 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 0);
2349 if (error != 0)
2350 return error;
2351
2352 data = htole32(IWI_POWER_MODE_CAM);
2353 DPRINTF(("Setting power mode to %u\n", le32toh(data)));
2354 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0);
2355 if (error != 0)
2356 return error;
2357
2358 data = htole32(ic->ic_rtsthreshold);
2359 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data)));
2360 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0);
2361 if (error != 0)
2362 return error;
2363
2364 data = htole32(ic->ic_fragthreshold);
2365 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data)));
2366 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0);
2367 if (error != 0)
2368 return error;
2369
2370 if (ic->ic_opmode == IEEE80211_M_IBSS) {
2371 power.mode = IWI_MODE_11B;
2372 power.nchan = 11;
2373 for (i = 0; i < 11; i++) {
2374 power.chan[i].chan = i + 1;
2375 power.chan[i].power = IWI_TXPOWER_MAX;
2376 }
2377 DPRINTF(("Setting .11b channels tx power\n"));
2378 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power,
2379 0);
2380 if (error != 0)
2381 return error;
2382
2383 power.mode = IWI_MODE_11G;
2384 DPRINTF(("Setting .11g channels tx power\n"));
2385 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power,
2386 0);
2387 if (error != 0)
2388 return error;
2389 }
2390
2391 rs.mode = IWI_MODE_11G;
2392 rs.type = IWI_RATESET_TYPE_SUPPORTED;
2393 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates;
2394 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates,
2395 rs.nrates);
2396 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates));
2397 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0);
2398 if (error != 0)
2399 return error;
2400
2401 rs.mode = IWI_MODE_11A;
2402 rs.type = IWI_RATESET_TYPE_SUPPORTED;
2403 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates;
2404 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates,
2405 rs.nrates);
2406 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates));
2407 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0);
2408 if (error != 0)
2409 return error;
2410
2411 /* if we have a desired ESSID, set it now */
2412 if (ic->ic_des_esslen != 0) {
2413 #ifdef IWI_DEBUG
2414 if (iwi_debug > 0) {
2415 kprintf("Setting desired ESSID to ");
2416 ieee80211_print_essid(ic->ic_des_essid,
2417 ic->ic_des_esslen);
2418 kprintf("\n");
2419 }
2420 #endif
2421 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid,
2422 ic->ic_des_esslen, 0);
2423 if (error != 0)
2424 return error;
2425 }
2426
2427 data = htole32(karc4random());
2428 DPRINTF(("Setting initialization vector to %u\n", le32toh(data)));
2429 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0);
2430 if (error != 0)
2431 return error;
2432
2433 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
2434 wk = &ic->ic_crypto.cs_nw_keys[i];
2435
2436 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY;
2437 wepkey.idx = i;
2438 wepkey.len = wk->wk_keylen;
2439 memset(wepkey.key, 0, sizeof wepkey.key);
2440 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen);
2441 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx,
2442 wepkey.len));
2443 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey,
2444 sizeof wepkey, 0);
2445 if (error != 0)
2446 return error;
2447 }
2448
2449 /* Enable adapter */
2450 DPRINTF(("Enabling adapter\n"));
2451 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0);
2452 }
2453
2454 static int
2455 iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan)
2456 {
2457 struct ieee80211com *ic = &sc->sc_ic;
2458 struct iwi_scan scan;
2459
2460 memset(&scan, 0, sizeof scan);
2461 memset(scan.type, IWI_SCAN_TYPE_PASSIVE, sizeof scan.type);
2462 scan.passive = htole16(2000);
2463 scan.channels[0] = 1 |
2464 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ);
2465 scan.channels[1] = ieee80211_chan2ieee(ic, chan);
2466
2467 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan)));
2468 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1);
2469 }
2470
2471 static int
2472 iwi_scan(struct iwi_softc *sc)
2473 {
2474 struct ieee80211com *ic = &sc->sc_ic;
2475 struct iwi_scan scan;
2476 uint8_t *p;
2477 int i, count;
2478
2479 memset(&scan, 0, sizeof scan);
2480
2481 if (ic->ic_des_esslen != 0) {
2482 scan.bdirected = htole16(sc->dwelltime);
2483 memset(scan.type, IWI_SCAN_TYPE_BDIRECTED, sizeof scan.type);
2484 } else {
2485 scan.broadcast = htole16(sc->dwelltime);
2486 memset(scan.type, IWI_SCAN_TYPE_BROADCAST, sizeof scan.type);
2487 }
2488
2489 p = scan.channels;
2490 count = 0;
2491 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) {
2492 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) &&
2493 isset(ic->ic_chan_active, i)) {
2494 *++p = i;
2495 count++;
2496 }
2497 }
2498 *(p - count) = IWI_CHAN_5GHZ | count;
2499
2500 p = (count > 0) ? p + 1 : scan.channels;
2501 count = 0;
2502 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) {
2503 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) &&
2504 isset(ic->ic_chan_active, i)) {
2505 *++p = i;
2506 count++;
2507 }
2508 }
2509 *(p - count) = IWI_CHAN_2GHZ | count;
2510
2511 DPRINTF(("Start scanning\n"));
2512 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1);
2513 }
2514
2515 static int
2516 iwi_auth_and_assoc(struct iwi_softc *sc)
2517 {
2518 struct ieee80211com *ic = &sc->sc_ic;
2519 struct ifnet *ifp = ic->ic_ifp;
2520 struct ieee80211_node *ni = ic->ic_bss;
2521 struct ieee80211_wme_info wme;
2522 struct iwi_configuration config;
2523 struct iwi_associate assoc;
2524 struct iwi_rateset rs;
2525 uint16_t capinfo;
2526 uint32_t data;
2527 int error;
2528
2529 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) {
2530 memset(&config, 0, sizeof config);
2531 config.bluetooth_coexistence = sc->bluetooth;
2532 config.antenna = sc->antenna;
2533 config.multicast_enabled = 1;
2534 config.use_protection = 1;
2535 config.answer_pbreq =
2536 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0;
2537 config.disable_unicast_decryption = 1;
2538 config.disable_multicast_decryption = 1;
2539 DPRINTF(("Configuring adapter\n"));
2540 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config,
2541 1);
2542 if (error != 0)
2543 return error;
2544 }
2545
2546 #ifdef IWI_DEBUG
2547 if (iwi_debug > 0) {
2548 kprintf("Setting ESSID to ");
2549 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen);
2550 kprintf("\n");
2551 }
2552 #endif
2553 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1);
2554 if (error != 0)
2555 return error;
2556
2557 /* the rate set has already been "negotiated" */
2558 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A :
2559 IWI_MODE_11G;
2560 rs.type = IWI_RATESET_TYPE_NEGOTIATED;
2561 rs.nrates = ni->ni_rates.rs_nrates;
2562 KKASSERT(rs.nrates <= IWI_RATESET_MAXSIZE);
2563 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates);
2564 DPRINTF(("Setting negociated rates (%u)\n", rs.nrates));
2565 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1);
2566 if (error != 0)
2567 return error;
2568
2569 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) {
2570 wme.wme_id = IEEE80211_ELEMID_VENDOR;
2571 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2;
2572 wme.wme_oui[0] = 0x00;
2573 wme.wme_oui[1] = 0x50;
2574 wme.wme_oui[2] = 0xf2;
2575 wme.wme_type = WME_OUI_TYPE;
2576 wme.wme_subtype = WME_INFO_OUI_SUBTYPE;
2577 wme.wme_version = WME_VERSION;
2578 wme.wme_info = 0;
2579
2580 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len));
2581 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1);
2582 if (error != 0)
2583 return error;
2584 }
2585
2586 if (ic->ic_opt_ie != NULL) {
2587 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len));
2588 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie,
2589 ic->ic_opt_ie_len, 1);
2590 if (error != 0)
2591 return error;
2592 }
2593
2594 data = htole32(ni->ni_rssi);
2595 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi));
2596 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1);
2597 if (error != 0)
2598 return error;
2599
2600 memset(&assoc, 0, sizeof assoc);
2601 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A :
2602 IWI_MODE_11G;
2603 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan);
2604 if (ni->ni_authmode == IEEE80211_AUTH_SHARED)
2605 assoc.auth = ic->ic_crypto.cs_def_txkey << 4 | IWI_AUTH_SHARED;
2606 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL)
2607 assoc.policy |= htole16(IWI_POLICY_WME);
2608 if (ic->ic_flags & IEEE80211_F_WPA)
2609 assoc.policy |= htole16(IWI_POLICY_WPA);
2610 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8);
2611
2612 if (ic->ic_opmode == IEEE80211_M_IBSS)
2613 capinfo = IEEE80211_CAPINFO_IBSS;
2614 else
2615 capinfo = IEEE80211_CAPINFO_ESS;
2616 if (ic->ic_flags & IEEE80211_F_PRIVACY)
2617 capinfo |= IEEE80211_CAPINFO_PRIVACY;
2618 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) &&
2619 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan))
2620 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE;
2621 if (ic->ic_flags & IEEE80211_F_SHSLOT)
2622 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME;
2623 assoc.capinfo = htole16(capinfo);
2624
2625 assoc.lintval = htole16(ic->ic_lintval);
2626 assoc.intval = htole16(ni->ni_intval);
2627 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid);
2628 if (ic->ic_opmode == IEEE80211_M_IBSS)
2629 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr);
2630 else
2631 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid);
2632
2633 DPRINTF(("Trying to associate to %6D channel %u auth %u\n",
2634 assoc.bssid, ":", assoc.chan, assoc.auth));
2635 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1);
2636 }
2637
2638 static void
2639 iwi_init(void *priv)
2640 {
2641 struct iwi_softc *sc = priv;
2642 struct ieee80211com *ic = &sc->sc_ic;
2643 struct ifnet *ifp = ic->ic_ifp;
2644 struct iwi_firmware *fw = &sc->fw;
2645 struct iwi_rx_data *data;
2646 int i;
2647
2648 /* exit immediately if firmware has not been ioctl'd */
2649 if (!(sc->flags & IWI_FLAG_FW_CACHED)) {
2650 if (!(sc->flags & IWI_FLAG_FW_WARNED))
2651 device_printf(sc->sc_dev, "Please load firmware\n");
2652 sc->flags |= IWI_FLAG_FW_WARNED;
2653 ifp->if_flags &= ~IFF_UP;
2654 return;
2655 }
2656
2657 iwi_stop(sc);
2658
2659 if (iwi_reset(sc) != 0) {
2660 device_printf(sc->sc_dev, "could not reset adapter\n");
2661 goto fail;
2662 }
2663
2664 if (iwi_load_firmware(sc, fw->boot, fw->boot_size) != 0) {
2665 device_printf(sc->sc_dev, "could not load boot firmware\n");
2666 goto fail;
2667 }
2668
2669 if (iwi_load_ucode(sc, fw->ucode, fw->ucode_size) != 0) {
2670 device_printf(sc->sc_dev, "could not load microcode\n");
2671 goto fail;
2672 }
2673
2674 iwi_stop_master(sc);
2675
2676 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr);
2677 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count);
2678 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur);
2679
2680 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr);
2681 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count);
2682 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur);
2683
2684 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr);
2685 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count);
2686 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur);
2687
2688 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr);
2689 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count);
2690 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur);
2691
2692 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr);
2693 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count);
2694 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur);
2695
2696 for (i = 0; i < sc->rxq.count; i++) {
2697 data = &sc->rxq.data[i];
2698 CSR_WRITE_4(sc, data->reg, data->physaddr);
2699 }
2700
2701 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1);
2702
2703 if (iwi_load_firmware(sc, fw->main, fw->main_size) != 0) {
2704 device_printf(sc->sc_dev, "could not load main firmware\n");
2705 goto fail;
2706 }
2707
2708 sc->flags |= IWI_FLAG_FW_INITED;
2709
2710 if (iwi_config(sc) != 0) {
2711 device_printf(sc->sc_dev, "device configuration failed\n");
2712 goto fail;
2713 }
2714
2715 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2716 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)
2717 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2718 } else
2719 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
2720
2721 ifp->if_flags &= ~IFF_OACTIVE;
2722 ifp->if_flags |= IFF_RUNNING;
2723
2724 return;
2725
2726 fail: ifp->if_flags &= ~IFF_UP;
2727 iwi_stop(sc);
2728 }
2729
2730 static void
2731 iwi_stop(void *priv)
2732 {
2733 struct iwi_softc *sc = priv;
2734 struct ieee80211com *ic = &sc->sc_ic;
2735 struct ifnet *ifp = ic->ic_ifp;
2736
2737 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
2738
2739 iwi_stop_master(sc);
2740
2741 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET);
2742
2743 /* reset rings */
2744 iwi_reset_cmd_ring(sc, &sc->cmdq);
2745 iwi_reset_tx_ring(sc, &sc->txq[0]);
2746 iwi_reset_tx_ring(sc, &sc->txq[1]);
2747 iwi_reset_tx_ring(sc, &sc->txq[2]);
2748 iwi_reset_tx_ring(sc, &sc->txq[3]);
2749 iwi_reset_rx_ring(sc, &sc->rxq);
2750
2751 sc->sc_tx_timer = 0;
2752 ifp->if_timer = 0;
2753 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE);
2754 }
2755
2756 static int
2757 iwi_sysctl_stats(SYSCTL_HANDLER_ARGS)
2758 {
2759 struct iwi_softc *sc = arg1;
2760 struct ifnet *ifp = &sc->sc_ic.ic_if;
2761 uint32_t size, buf[128];
2762
2763 lwkt_serialize_enter(ifp->if_serializer);
2764
2765 if (!(sc->flags & IWI_FLAG_FW_INITED)) {
2766 memset(buf, 0, sizeof buf);
2767 goto back;
2768 }
2769
2770 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1);
2771 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size);
2772 back:
2773 lwkt_serialize_exit(ifp->if_serializer);
2774 return SYSCTL_OUT(req, buf, sizeof buf);
2775 }
2776
2777 static int
2778 iwi_sysctl_radio(SYSCTL_HANDLER_ARGS)
2779 {
2780 struct iwi_softc *sc = arg1;
2781 struct ifnet *ifp = &sc->sc_ic.ic_if;
2782 int val;
2783
2784 lwkt_serialize_enter(ifp->if_serializer);
2785 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0;
2786 lwkt_serialize_exit(ifp->if_serializer);
2787
2788 return SYSCTL_OUT(req, &val, sizeof val);
2789 }
2790
2791 static const int8_t iwi_bitmap[256] = {
2792 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2793 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5,
2794 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2795 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6,
2796 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2797 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5,
2798 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2799 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 7,
2800 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2801 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5,
2802 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2803 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6,
2804 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2805 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5,
2806 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2807 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, -1
2808 };
2809
2810 static int
2811 iwi_alloc_ibss_node(struct iwi_softc *sc)
2812 {
2813 int i;
2814
2815 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer);
2816
2817 for (i = 0; i < IWI_MAX_IBSSNODE_NBYTE; ++i) {
2818 int ret;
2819
2820 ret = iwi_bitmap[sc->sc_ibss_node[i]];
2821 if (ret != -1) {
2822 sc->sc_ibss_node[i] |= (1 << ret);
2823 ret += (i * NBBY);
2824 return ret;
2825 }
2826 }
2827 return -1;
2828 }
2829
2830 static void
2831 iwi_free_ibss_node(struct iwi_softc *sc, int ibss_node)
2832 {
2833 int i, b;
2834
2835 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer);
2836 KASSERT(ibss_node < IWI_MAX_IBSSNODE, ("free ibss node, out of range"));
2837
2838 i = ibss_node / NBBY;
2839 b = ibss_node % NBBY;
2840
2841 sc->sc_ibss_node[i] &= ~(1 << b);
2842 }
DragonFly BSD