Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/dev/ic/atw.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* $NetBSD: atw.c,v 1.24.2.2 2004/06/27 08:30:49 jdc Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 1999, 2000, 2002, 2003, 2004 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by David Young, by Jason R. Thorpe, and by Charles M. Hannum. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39 /* 40 * Device driver for the ADMtek ADM8211 802.11 MAC/BBP. 41 */ 42 43 #include <sys/cdefs.h> 44 __KERNEL_RCSID(0, "$NetBSD: atw.c,v 1.24.2.2 2004/06/27 08:30:49 jdc Exp $"); 45 46 #include "bpfilter.h" 47 48 #include <sys/param.h> 49 #include <sys/systm.h> 50 #include <sys/callout.h> 51 #include <sys/mbuf.h> 52 #include <sys/malloc.h> 53 #include <sys/kernel.h> 54 #include <sys/socket.h> 55 #include <sys/ioctl.h> 56 #include <sys/errno.h> 57 #include <sys/device.h> 58 #include <sys/time.h> 59 60 #include <machine/endian.h> 61 62 #include <uvm/uvm_extern.h> 63 64 #include <net/if.h> 65 #include <net/if_dl.h> 66 #include <net/if_media.h> 67 #include <net/if_ether.h> 68 69 #include <net80211/ieee80211_var.h> 70 #include <net80211/ieee80211_compat.h> 71 #include <net80211/ieee80211_radiotap.h> 72 73 #if NBPFILTER > 0 74 #include <net/bpf.h> 75 #endif 76 77 #include <machine/bus.h> 78 #include <machine/intr.h> 79 80 #include <dev/ic/atwreg.h> 81 #include <dev/ic/rf3000reg.h> 82 #include <dev/ic/si4136reg.h> 83 #include <dev/ic/atwvar.h> 84 #include <dev/ic/smc93cx6var.h> 85 86 /* XXX TBD open questions 87 * 88 * 89 * When should I set DSSS PAD in reg 0x15 of RF3000? In 1-2Mbps 90 * modes only, or all modes (5.5-11 Mbps CCK modes, too?) Does the MAC 91 * handle this for me? 92 * 93 */ 94 /* device attachment 95 * 96 * print TOFS[012] 97 * 98 * device initialization 99 * 100 * clear ATW_FRCTL_MAXPSP to disable max power saving 101 * set ATW_TXBR_ALCUPDATE to enable ALC 102 * set TOFS[012]? (hope not) 103 * disable rx/tx 104 * set ATW_PAR_SWR (software reset) 105 * wait for ATW_PAR_SWR clear 106 * disable interrupts 107 * ack status register 108 * enable interrupts 109 * 110 * rx/tx initialization 111 * 112 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 113 * allocate and init descriptor rings 114 * write ATW_PAR_DSL (descriptor skip length) 115 * write descriptor base addrs: ATW_TDBD, ATW_TDBP, write ATW_RDB 116 * write ATW_NAR_SQ for one/both transmit descriptor rings 117 * write ATW_NAR_SQ for one/both transmit descriptor rings 118 * enable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 119 * 120 * rx/tx end 121 * 122 * stop DMA 123 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 124 * flush tx w/ ATW_NAR_HF 125 * 126 * scan 127 * 128 * initialize rx/tx 129 * 130 * IBSS join/create 131 * 132 * set ATW_NAR_EA (is set by ASIC?) 133 * 134 * BSS join: (re)association response 135 * 136 * set ATW_FRCTL_AID 137 * 138 * optimizations ??? 139 * 140 */ 141 142 #define VOODOO_DUR_11_ROUNDING 0x01 /* necessary */ 143 #define VOODOO_DUR_2_4_SPECIALCASE 0x02 /* NOT necessary */ 144 int atw_voodoo = VOODOO_DUR_11_ROUNDING; 145 146 int atw_rfio_enable_delay = 20 * 1000; 147 int atw_rfio_disable_delay = 2 * 1000; 148 int atw_writewep_delay = 5; 149 int atw_beacon_len_adjust = 4; 150 int atw_dwelltime = 200; 151 152 #ifdef ATW_DEBUG 153 int atw_xhdrctl = 0; 154 int atw_xrtylmt = ~0; 155 int atw_xservice = IEEE80211_PLCP_SERVICE; 156 int atw_xpaylen = 0; 157 158 int atw_debug = 0; 159 160 #define ATW_DPRINTF(x) if (atw_debug > 0) printf x 161 #define ATW_DPRINTF2(x) if (atw_debug > 1) printf x 162 #define ATW_DPRINTF3(x) if (atw_debug > 2) printf x 163 #define DPRINTF(sc, x) if ((sc)->sc_ic.ic_if.if_flags & IFF_DEBUG) printf x 164 #define DPRINTF2(sc, x) if ((sc)->sc_ic.ic_if.if_flags & IFF_DEBUG) ATW_DPRINTF2(x) 165 #define DPRINTF3(sc, x) if ((sc)->sc_ic.ic_if.if_flags & IFF_DEBUG) ATW_DPRINTF3(x) 166 static void atw_print_regs(struct atw_softc *, const char *); 167 static void atw_rf3000_print(struct atw_softc *); 168 static void atw_si4126_print(struct atw_softc *); 169 static void atw_dump_pkt(struct ifnet *, struct mbuf *); 170 #else 171 #define ATW_DPRINTF(x) 172 #define ATW_DPRINTF2(x) 173 #define ATW_DPRINTF3(x) 174 #define DPRINTF(sc, x) /* nothing */ 175 #define DPRINTF2(sc, x) /* nothing */ 176 #define DPRINTF3(sc, x) /* nothing */ 177 #endif 178 179 #ifdef ATW_STATS 180 void atw_print_stats(struct atw_softc *); 181 #endif 182 183 void atw_start(struct ifnet *); 184 void atw_watchdog(struct ifnet *); 185 int atw_ioctl(struct ifnet *, u_long, caddr_t); 186 int atw_init(struct ifnet *); 187 void atw_txdrain(struct atw_softc *); 188 void atw_stop(struct ifnet *, int); 189 190 void atw_reset(struct atw_softc *); 191 int atw_read_srom(struct atw_softc *); 192 193 void atw_shutdown(void *); 194 195 void atw_rxdrain(struct atw_softc *); 196 int atw_add_rxbuf(struct atw_softc *, int); 197 void atw_idle(struct atw_softc *, u_int32_t); 198 199 int atw_enable(struct atw_softc *); 200 void atw_disable(struct atw_softc *); 201 void atw_power(int, void *); 202 203 void atw_rxintr(struct atw_softc *); 204 void atw_txintr(struct atw_softc *); 205 void atw_linkintr(struct atw_softc *, u_int32_t); 206 207 static int atw_newstate(struct ieee80211com *, enum ieee80211_state, int); 208 static void atw_tsf(struct atw_softc *); 209 static void atw_start_beacon(struct atw_softc *, int); 210 static void atw_write_wep(struct atw_softc *); 211 static void atw_write_bssid(struct atw_softc *); 212 static void atw_write_bcn_thresh(struct atw_softc *); 213 static void atw_write_ssid(struct atw_softc *); 214 static void atw_write_sup_rates(struct atw_softc *); 215 static void atw_clear_sram(struct atw_softc *); 216 static void atw_write_sram(struct atw_softc *, u_int, u_int8_t *, u_int); 217 static int atw_media_change(struct ifnet *); 218 static void atw_media_status(struct ifnet *, struct ifmediareq *); 219 static void atw_filter_setup(struct atw_softc *); 220 static void atw_frame_setdurs(struct atw_softc *, struct atw_frame *, int, int); 221 static __inline u_int64_t atw_predict_beacon(u_int64_t, u_int32_t); 222 static void atw_recv_beacon(struct ieee80211com *, struct mbuf *, 223 struct ieee80211_node *, int, int, u_int32_t); 224 static void atw_recv_mgmt(struct ieee80211com *, struct mbuf *, 225 struct ieee80211_node *, int, int, u_int32_t); 226 static void atw_node_free(struct ieee80211com *, struct ieee80211_node *); 227 static struct ieee80211_node *atw_node_alloc(struct ieee80211com *); 228 229 static int atw_tune(struct atw_softc *); 230 231 static void atw_rfio_enable(struct atw_softc *, int); 232 233 /* RFMD RF3000 Baseband Processor */ 234 static int atw_rf3000_init(struct atw_softc *); 235 static int atw_rf3000_tune(struct atw_softc *, u_int8_t); 236 static int atw_rf3000_write(struct atw_softc *, u_int, u_int); 237 #ifdef ATW_DEBUG 238 static int atw_rf3000_read(struct atw_softc *sc, u_int, u_int *); 239 #endif /* ATW_DEBUG */ 240 241 /* Silicon Laboratories Si4126 RF/IF Synthesizer */ 242 static int atw_si4126_tune(struct atw_softc *, u_int8_t); 243 static int atw_si4126_write(struct atw_softc *, u_int, u_int); 244 #ifdef ATW_DEBUG 245 static int atw_si4126_read(struct atw_softc *, u_int, u_int *); 246 #endif /* ATW_DEBUG */ 247 248 const struct atw_txthresh_tab atw_txthresh_tab_lo[] = ATW_TXTHRESH_TAB_LO_RATE; 249 const struct atw_txthresh_tab atw_txthresh_tab_hi[] = ATW_TXTHRESH_TAB_HI_RATE; 250 251 const char *atw_tx_state[] = { 252 "STOPPED", 253 "RUNNING - FETCH", 254 "RUNNING - WAIT", 255 "RUNNING - READING", 256 "-- RESERVED1 --", 257 "-- RESERVED2 --", 258 "SUSPENDED", 259 "RUNNING - CLOSE" 260 }; 261 262 const char *atw_rx_state[] = { 263 "STOPPED", 264 "RUNNING - FETCH", 265 "RUNNING - CHECK", 266 "RUNNING - WAIT", 267 "SUSPENDED", 268 "RUNNING - CLOSE", 269 "RUNNING - FLUSH", 270 "RUNNING - QUEUE" 271 }; 272 273 int 274 atw_activate(struct device *self, enum devact act) 275 { 276 struct atw_softc *sc = (struct atw_softc *)self; 277 int rv = 0, s; 278 279 s = splnet(); 280 switch (act) { 281 case DVACT_ACTIVATE: 282 rv = EOPNOTSUPP; 283 break; 284 285 case DVACT_DEACTIVATE: 286 if_deactivate(&sc->sc_ic.ic_if); 287 break; 288 } 289 splx(s); 290 return rv; 291 } 292 293 /* 294 * atw_enable: 295 * 296 * Enable the ADM8211 chip. 297 */ 298 int 299 atw_enable(struct atw_softc *sc) 300 { 301 302 if (ATW_IS_ENABLED(sc) == 0) { 303 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) { 304 printf("%s: device enable failed\n", 305 sc->sc_dev.dv_xname); 306 return (EIO); 307 } 308 sc->sc_flags |= ATWF_ENABLED; 309 } 310 return (0); 311 } 312 313 /* 314 * atw_disable: 315 * 316 * Disable the ADM8211 chip. 317 */ 318 void 319 atw_disable(struct atw_softc *sc) 320 { 321 if (!ATW_IS_ENABLED(sc)) 322 return; 323 if (sc->sc_disable != NULL) 324 (*sc->sc_disable)(sc); 325 sc->sc_flags &= ~ATWF_ENABLED; 326 } 327 328 /* Returns -1 on failure. */ 329 int 330 atw_read_srom(struct atw_softc *sc) 331 { 332 struct seeprom_descriptor sd; 333 u_int32_t reg; 334 335 (void)memset(&sd, 0, sizeof(sd)); 336 337 reg = ATW_READ(sc, ATW_TEST0); 338 339 if ((reg & (ATW_TEST0_EPNE|ATW_TEST0_EPSNM)) != 0) { 340 printf("%s: bad or missing/bad SROM\n", sc->sc_dev.dv_xname); 341 return -1; 342 } 343 344 switch (reg & ATW_TEST0_EPTYP_MASK) { 345 case ATW_TEST0_EPTYP_93c66: 346 ATW_DPRINTF(("%s: 93c66 SROM\n", sc->sc_dev.dv_xname)); 347 sc->sc_sromsz = 512; 348 sd.sd_chip = C56_66; 349 break; 350 case ATW_TEST0_EPTYP_93c46: 351 ATW_DPRINTF(("%s: 93c46 SROM\n", sc->sc_dev.dv_xname)); 352 sc->sc_sromsz = 128; 353 sd.sd_chip = C46; 354 break; 355 default: 356 printf("%s: unknown SROM type %d\n", sc->sc_dev.dv_xname, 357 MASK_AND_RSHIFT(reg, ATW_TEST0_EPTYP_MASK)); 358 return -1; 359 } 360 361 sc->sc_srom = malloc(sc->sc_sromsz, M_DEVBUF, M_NOWAIT); 362 363 if (sc->sc_srom == NULL) { 364 printf("%s: unable to allocate SROM buffer\n", 365 sc->sc_dev.dv_xname); 366 return -1; 367 } 368 369 (void)memset(sc->sc_srom, 0, sc->sc_sromsz); 370 371 /* ADM8211 has a single 32-bit register for controlling the 372 * 93cx6 SROM. Bit SRS enables the serial port. There is no 373 * "ready" bit. The ADM8211 input/output sense is the reverse 374 * of read_seeprom's. 375 */ 376 sd.sd_tag = sc->sc_st; 377 sd.sd_bsh = sc->sc_sh; 378 sd.sd_regsize = 4; 379 sd.sd_control_offset = ATW_SPR; 380 sd.sd_status_offset = ATW_SPR; 381 sd.sd_dataout_offset = ATW_SPR; 382 sd.sd_CK = ATW_SPR_SCLK; 383 sd.sd_CS = ATW_SPR_SCS; 384 sd.sd_DI = ATW_SPR_SDO; 385 sd.sd_DO = ATW_SPR_SDI; 386 sd.sd_MS = ATW_SPR_SRS; 387 sd.sd_RDY = 0; 388 389 if (!read_seeprom(&sd, sc->sc_srom, 0, sc->sc_sromsz/2)) { 390 printf("%s: could not read SROM\n", sc->sc_dev.dv_xname); 391 free(sc->sc_srom, M_DEVBUF); 392 return -1; 393 } 394 #ifdef ATW_DEBUG 395 { 396 int i; 397 ATW_DPRINTF(("\nSerial EEPROM:\n\t")); 398 for (i = 0; i < sc->sc_sromsz/2; i = i + 1) { 399 if (((i % 8) == 0) && (i != 0)) { 400 ATW_DPRINTF(("\n\t")); 401 } 402 ATW_DPRINTF((" 0x%x", sc->sc_srom[i])); 403 } 404 ATW_DPRINTF(("\n")); 405 } 406 #endif /* ATW_DEBUG */ 407 return 0; 408 } 409 410 #ifdef ATW_DEBUG 411 static void 412 atw_print_regs(struct atw_softc *sc, const char *where) 413 { 414 #define PRINTREG(sc, reg) \ 415 ATW_DPRINTF2(("%s: reg[ " #reg " / %03x ] = %08x\n", \ 416 sc->sc_dev.dv_xname, reg, ATW_READ(sc, reg))) 417 418 ATW_DPRINTF2(("%s: %s\n", sc->sc_dev.dv_xname, where)); 419 420 PRINTREG(sc, ATW_PAR); 421 PRINTREG(sc, ATW_FRCTL); 422 PRINTREG(sc, ATW_TDR); 423 PRINTREG(sc, ATW_WTDP); 424 PRINTREG(sc, ATW_RDR); 425 PRINTREG(sc, ATW_WRDP); 426 PRINTREG(sc, ATW_RDB); 427 PRINTREG(sc, ATW_CSR3A); 428 PRINTREG(sc, ATW_TDBD); 429 PRINTREG(sc, ATW_TDBP); 430 PRINTREG(sc, ATW_STSR); 431 PRINTREG(sc, ATW_CSR5A); 432 PRINTREG(sc, ATW_NAR); 433 PRINTREG(sc, ATW_CSR6A); 434 PRINTREG(sc, ATW_IER); 435 PRINTREG(sc, ATW_CSR7A); 436 PRINTREG(sc, ATW_LPC); 437 PRINTREG(sc, ATW_TEST1); 438 PRINTREG(sc, ATW_SPR); 439 PRINTREG(sc, ATW_TEST0); 440 PRINTREG(sc, ATW_WCSR); 441 PRINTREG(sc, ATW_WPDR); 442 PRINTREG(sc, ATW_GPTMR); 443 PRINTREG(sc, ATW_GPIO); 444 PRINTREG(sc, ATW_BBPCTL); 445 PRINTREG(sc, ATW_SYNCTL); 446 PRINTREG(sc, ATW_PLCPHD); 447 PRINTREG(sc, ATW_MMIWADDR); 448 PRINTREG(sc, ATW_MMIRADDR1); 449 PRINTREG(sc, ATW_MMIRADDR2); 450 PRINTREG(sc, ATW_TXBR); 451 PRINTREG(sc, ATW_CSR15A); 452 PRINTREG(sc, ATW_ALCSTAT); 453 PRINTREG(sc, ATW_TOFS2); 454 PRINTREG(sc, ATW_CMDR); 455 PRINTREG(sc, ATW_PCIC); 456 PRINTREG(sc, ATW_PMCSR); 457 PRINTREG(sc, ATW_PAR0); 458 PRINTREG(sc, ATW_PAR1); 459 PRINTREG(sc, ATW_MAR0); 460 PRINTREG(sc, ATW_MAR1); 461 PRINTREG(sc, ATW_ATIMDA0); 462 PRINTREG(sc, ATW_ABDA1); 463 PRINTREG(sc, ATW_BSSID0); 464 PRINTREG(sc, ATW_TXLMT); 465 PRINTREG(sc, ATW_MIBCNT); 466 PRINTREG(sc, ATW_BCNT); 467 PRINTREG(sc, ATW_TSFTH); 468 PRINTREG(sc, ATW_TSC); 469 PRINTREG(sc, ATW_SYNRF); 470 PRINTREG(sc, ATW_BPLI); 471 PRINTREG(sc, ATW_CAP0); 472 PRINTREG(sc, ATW_CAP1); 473 PRINTREG(sc, ATW_RMD); 474 PRINTREG(sc, ATW_CFPP); 475 PRINTREG(sc, ATW_TOFS0); 476 PRINTREG(sc, ATW_TOFS1); 477 PRINTREG(sc, ATW_IFST); 478 PRINTREG(sc, ATW_RSPT); 479 PRINTREG(sc, ATW_TSFTL); 480 PRINTREG(sc, ATW_WEPCTL); 481 PRINTREG(sc, ATW_WESK); 482 PRINTREG(sc, ATW_WEPCNT); 483 PRINTREG(sc, ATW_MACTEST); 484 PRINTREG(sc, ATW_FER); 485 PRINTREG(sc, ATW_FEMR); 486 PRINTREG(sc, ATW_FPSR); 487 PRINTREG(sc, ATW_FFER); 488 #undef PRINTREG 489 } 490 #endif /* ATW_DEBUG */ 491 492 /* 493 * Finish attaching an ADMtek ADM8211 MAC. Called by bus-specific front-end. 494 */ 495 void 496 atw_attach(struct atw_softc *sc) 497 { 498 static const u_int8_t empty_macaddr[IEEE80211_ADDR_LEN] = { 499 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 500 }; 501 struct ieee80211com *ic = &sc->sc_ic; 502 struct ifnet *ifp = &ic->ic_if; 503 int country_code, error, i, nrate; 504 u_int32_t reg; 505 static const char *type_strings[] = {"Intersil (not supported)", 506 "RFMD", "Marvel (not supported)"}; 507 508 sc->sc_txth = atw_txthresh_tab_lo; 509 510 SIMPLEQ_INIT(&sc->sc_txfreeq); 511 SIMPLEQ_INIT(&sc->sc_txdirtyq); 512 513 #ifdef ATW_DEBUG 514 atw_print_regs(sc, "atw_attach"); 515 #endif /* ATW_DEBUG */ 516 517 /* 518 * Allocate the control data structures, and create and load the 519 * DMA map for it. 520 */ 521 if ((error = bus_dmamem_alloc(sc->sc_dmat, 522 sizeof(struct atw_control_data), PAGE_SIZE, 0, &sc->sc_cdseg, 523 1, &sc->sc_cdnseg, 0)) != 0) { 524 printf("%s: unable to allocate control data, error = %d\n", 525 sc->sc_dev.dv_xname, error); 526 goto fail_0; 527 } 528 529 if ((error = bus_dmamem_map(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg, 530 sizeof(struct atw_control_data), (caddr_t *)&sc->sc_control_data, 531 BUS_DMA_COHERENT)) != 0) { 532 printf("%s: unable to map control data, error = %d\n", 533 sc->sc_dev.dv_xname, error); 534 goto fail_1; 535 } 536 537 if ((error = bus_dmamap_create(sc->sc_dmat, 538 sizeof(struct atw_control_data), 1, 539 sizeof(struct atw_control_data), 0, 0, &sc->sc_cddmamap)) != 0) { 540 printf("%s: unable to create control data DMA map, " 541 "error = %d\n", sc->sc_dev.dv_xname, error); 542 goto fail_2; 543 } 544 545 if ((error = bus_dmamap_load(sc->sc_dmat, sc->sc_cddmamap, 546 sc->sc_control_data, sizeof(struct atw_control_data), NULL, 547 0)) != 0) { 548 printf("%s: unable to load control data DMA map, error = %d\n", 549 sc->sc_dev.dv_xname, error); 550 goto fail_3; 551 } 552 553 /* 554 * Create the transmit buffer DMA maps. 555 */ 556 sc->sc_ntxsegs = ATW_NTXSEGS; 557 for (i = 0; i < ATW_TXQUEUELEN; i++) { 558 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 559 sc->sc_ntxsegs, MCLBYTES, 0, 0, 560 &sc->sc_txsoft[i].txs_dmamap)) != 0) { 561 printf("%s: unable to create tx DMA map %d, " 562 "error = %d\n", sc->sc_dev.dv_xname, i, error); 563 goto fail_4; 564 } 565 } 566 567 /* 568 * Create the receive buffer DMA maps. 569 */ 570 for (i = 0; i < ATW_NRXDESC; i++) { 571 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 572 MCLBYTES, 0, 0, &sc->sc_rxsoft[i].rxs_dmamap)) != 0) { 573 printf("%s: unable to create rx DMA map %d, " 574 "error = %d\n", sc->sc_dev.dv_xname, i, error); 575 goto fail_5; 576 } 577 } 578 for (i = 0; i < ATW_NRXDESC; i++) { 579 sc->sc_rxsoft[i].rxs_mbuf = NULL; 580 } 581 582 /* Reset the chip to a known state. */ 583 atw_reset(sc); 584 585 if (atw_read_srom(sc) == -1) 586 return; 587 588 sc->sc_rftype = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CSR20], 589 ATW_SR_RFTYPE_MASK); 590 591 sc->sc_bbptype = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CSR20], 592 ATW_SR_BBPTYPE_MASK); 593 594 if (sc->sc_rftype > sizeof(type_strings)/sizeof(type_strings[0])) { 595 printf("%s: unknown RF\n", sc->sc_dev.dv_xname); 596 return; 597 } 598 if (sc->sc_bbptype > sizeof(type_strings)/sizeof(type_strings[0])) { 599 printf("%s: unknown BBP\n", sc->sc_dev.dv_xname); 600 return; 601 } 602 603 printf("%s: %s RF, %s BBP", sc->sc_dev.dv_xname, 604 type_strings[sc->sc_rftype], type_strings[sc->sc_bbptype]); 605 606 /* XXX There exists a Linux driver which seems to use RFType = 0 for 607 * MARVEL. My bug, or theirs? 608 */ 609 610 reg = LSHIFT(sc->sc_rftype, ATW_SYNCTL_RFTYPE_MASK); 611 612 switch (sc->sc_rftype) { 613 case ATW_RFTYPE_INTERSIL: 614 reg |= ATW_SYNCTL_CS1; 615 break; 616 case ATW_RFTYPE_RFMD: 617 reg |= ATW_SYNCTL_CS0; 618 break; 619 case ATW_RFTYPE_MARVEL: 620 break; 621 } 622 623 sc->sc_synctl_rd = reg | ATW_SYNCTL_RD; 624 sc->sc_synctl_wr = reg | ATW_SYNCTL_WR; 625 626 reg = LSHIFT(sc->sc_bbptype, ATW_BBPCTL_TYPE_MASK); 627 628 switch (sc->sc_bbptype) { 629 case ATW_RFTYPE_INTERSIL: 630 reg |= ATW_BBPCTL_TWI; 631 break; 632 case ATW_RFTYPE_RFMD: 633 reg |= ATW_BBPCTL_RF3KADDR_ADDR | ATW_BBPCTL_NEGEDGE_DO | 634 ATW_BBPCTL_CCA_ACTLO; 635 break; 636 case ATW_RFTYPE_MARVEL: 637 break; 638 } 639 640 sc->sc_bbpctl_wr = reg | ATW_BBPCTL_WR; 641 sc->sc_bbpctl_rd = reg | ATW_BBPCTL_RD; 642 643 /* 644 * From this point forward, the attachment cannot fail. A failure 645 * before this point releases all resources that may have been 646 * allocated. 647 */ 648 sc->sc_flags |= ATWF_ATTACHED /* | ATWF_RTSCTS */; 649 650 ATW_DPRINTF((" SROM MAC %04x%04x%04x", 651 htole16(sc->sc_srom[ATW_SR_MAC00]), 652 htole16(sc->sc_srom[ATW_SR_MAC01]), 653 htole16(sc->sc_srom[ATW_SR_MAC10]))); 654 655 country_code = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CTRY_CR29], 656 ATW_SR_CTRY_MASK); 657 658 #define ADD_CHANNEL(_ic, _chan) do { \ 659 _ic->ic_channels[_chan].ic_flags = IEEE80211_CHAN_B; \ 660 _ic->ic_channels[_chan].ic_freq = \ 661 ieee80211_ieee2mhz(_chan, _ic->ic_channels[_chan].ic_flags);\ 662 } while (0) 663 664 /* Find available channels */ 665 switch (country_code) { 666 case COUNTRY_MMK2: /* 1-14 */ 667 ADD_CHANNEL(ic, 14); 668 /*FALLTHROUGH*/ 669 case COUNTRY_ETSI: /* 1-13 */ 670 for (i = 1; i <= 13; i++) 671 ADD_CHANNEL(ic, i); 672 break; 673 case COUNTRY_FCC: /* 1-11 */ 674 case COUNTRY_IC: /* 1-11 */ 675 for (i = 1; i <= 11; i++) 676 ADD_CHANNEL(ic, i); 677 break; 678 case COUNTRY_MMK: /* 14 */ 679 ADD_CHANNEL(ic, 14); 680 break; 681 case COUNTRY_FRANCE: /* 10-13 */ 682 for (i = 10; i <= 13; i++) 683 ADD_CHANNEL(ic, i); 684 break; 685 default: /* assume channels 10-11 */ 686 case COUNTRY_SPAIN: /* 10-11 */ 687 for (i = 10; i <= 11; i++) 688 ADD_CHANNEL(ic, i); 689 break; 690 } 691 692 /* Read the MAC address. */ 693 reg = ATW_READ(sc, ATW_PAR0); 694 ic->ic_myaddr[0] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB0_MASK); 695 ic->ic_myaddr[1] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB1_MASK); 696 ic->ic_myaddr[2] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB2_MASK); 697 ic->ic_myaddr[3] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB3_MASK); 698 reg = ATW_READ(sc, ATW_PAR1); 699 ic->ic_myaddr[4] = MASK_AND_RSHIFT(reg, ATW_PAR1_PAB4_MASK); 700 ic->ic_myaddr[5] = MASK_AND_RSHIFT(reg, ATW_PAR1_PAB5_MASK); 701 702 if (IEEE80211_ADDR_EQ(ic->ic_myaddr, empty_macaddr)) { 703 printf(" could not get mac address, attach failed\n"); 704 return; 705 } 706 707 printf(" 802.11 address %s\n", ether_sprintf(ic->ic_myaddr)); 708 709 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 710 ifp->if_softc = sc; 711 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST | 712 IFF_NOTRAILERS; 713 ifp->if_ioctl = atw_ioctl; 714 ifp->if_start = atw_start; 715 ifp->if_watchdog = atw_watchdog; 716 ifp->if_init = atw_init; 717 ifp->if_stop = atw_stop; 718 IFQ_SET_READY(&ifp->if_snd); 719 720 ic->ic_phytype = IEEE80211_T_DS; 721 ic->ic_opmode = IEEE80211_M_STA; 722 ic->ic_caps = IEEE80211_C_PMGT | IEEE80211_C_IBSS | 723 IEEE80211_C_HOSTAP | IEEE80211_C_MONITOR | IEEE80211_C_WEP; 724 725 nrate = 0; 726 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 2; 727 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 4; 728 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 11; 729 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 22; 730 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_nrates = nrate; 731 732 /* 733 * Call MI attach routines. 734 */ 735 736 if_attach(ifp); 737 ieee80211_ifattach(ifp); 738 739 sc->sc_newstate = ic->ic_newstate; 740 ic->ic_newstate = atw_newstate; 741 742 sc->sc_recv_mgmt = ic->ic_recv_mgmt; 743 ic->ic_recv_mgmt = atw_recv_mgmt; 744 745 sc->sc_node_free = ic->ic_node_free; 746 ic->ic_node_free = atw_node_free; 747 748 sc->sc_node_alloc = ic->ic_node_alloc; 749 ic->ic_node_alloc = atw_node_alloc; 750 751 /* possibly we should fill in our own sc_send_prresp, since 752 * the ADM8211 is probably sending probe responses in ad hoc 753 * mode. 754 */ 755 756 /* complete initialization */ 757 ieee80211_media_init(ifp, atw_media_change, atw_media_status); 758 callout_init(&sc->sc_scan_ch); 759 760 #if NBPFILTER > 0 761 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 762 sizeof(struct ieee80211_frame) + 64, &sc->sc_radiobpf); 763 #endif 764 765 /* 766 * Make sure the interface is shutdown during reboot. 767 */ 768 sc->sc_sdhook = shutdownhook_establish(atw_shutdown, sc); 769 if (sc->sc_sdhook == NULL) 770 printf("%s: WARNING: unable to establish shutdown hook\n", 771 sc->sc_dev.dv_xname); 772 773 /* 774 * Add a suspend hook to make sure we come back up after a 775 * resume. 776 */ 777 sc->sc_powerhook = powerhook_establish(atw_power, sc); 778 if (sc->sc_powerhook == NULL) 779 printf("%s: WARNING: unable to establish power hook\n", 780 sc->sc_dev.dv_xname); 781 782 memset(&sc->sc_rxtapu, 0, sizeof(sc->sc_rxtapu)); 783 sc->sc_rxtap.ar_ihdr.it_len = sizeof(sc->sc_rxtapu); 784 sc->sc_rxtap.ar_ihdr.it_present = ATW_RX_RADIOTAP_PRESENT; 785 786 memset(&sc->sc_txtapu, 0, sizeof(sc->sc_txtapu)); 787 sc->sc_txtap.at_ihdr.it_len = sizeof(sc->sc_txtapu); 788 sc->sc_txtap.at_ihdr.it_present = ATW_TX_RADIOTAP_PRESENT; 789 790 return; 791 792 /* 793 * Free any resources we've allocated during the failed attach 794 * attempt. Do this in reverse order and fall through. 795 */ 796 fail_5: 797 for (i = 0; i < ATW_NRXDESC; i++) { 798 if (sc->sc_rxsoft[i].rxs_dmamap == NULL) 799 continue; 800 bus_dmamap_destroy(sc->sc_dmat, sc->sc_rxsoft[i].rxs_dmamap); 801 } 802 fail_4: 803 for (i = 0; i < ATW_TXQUEUELEN; i++) { 804 if (sc->sc_txsoft[i].txs_dmamap == NULL) 805 continue; 806 bus_dmamap_destroy(sc->sc_dmat, sc->sc_txsoft[i].txs_dmamap); 807 } 808 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 809 fail_3: 810 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 811 fail_2: 812 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->sc_control_data, 813 sizeof(struct atw_control_data)); 814 fail_1: 815 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 816 fail_0: 817 return; 818 } 819 820 static struct ieee80211_node * 821 atw_node_alloc(struct ieee80211com *ic) 822 { 823 struct atw_softc *sc = (struct atw_softc *)ic->ic_if.if_softc; 824 struct ieee80211_node *ni = (*sc->sc_node_alloc)(ic); 825 826 DPRINTF(sc, ("%s: alloc node %p\n", sc->sc_dev.dv_xname, ni)); 827 return ni; 828 } 829 830 static void 831 atw_node_free(struct ieee80211com *ic, struct ieee80211_node *ni) 832 { 833 struct atw_softc *sc = (struct atw_softc *)ic->ic_if.if_softc; 834 835 DPRINTF(sc, ("%s: freeing node %p %s\n", sc->sc_dev.dv_xname, ni, 836 ether_sprintf(ni->ni_bssid))); 837 (*sc->sc_node_free)(ic, ni); 838 } 839 840 /* 841 * atw_reset: 842 * 843 * Perform a soft reset on the ADM8211. 844 */ 845 void 846 atw_reset(struct atw_softc *sc) 847 { 848 int i; 849 850 ATW_WRITE(sc, ATW_PAR, ATW_PAR_SWR); 851 852 for (i = 0; i < 10000; i++) { 853 if (ATW_ISSET(sc, ATW_PAR, ATW_PAR_SWR) == 0) 854 break; 855 DELAY(1); 856 } 857 858 DPRINTF2(sc, ("%s: atw_reset %d iterations\n", sc->sc_dev.dv_xname, i)); 859 860 if (ATW_ISSET(sc, ATW_PAR, ATW_PAR_SWR)) 861 printf("%s: reset failed to complete\n", sc->sc_dev.dv_xname); 862 863 /* Turn off maximum power saving. */ 864 ATW_CLR(sc, ATW_FRCTL, ATW_FRCTL_MAXPSP); 865 866 /* Recall EEPROM. */ 867 ATW_SET(sc, ATW_TEST0, ATW_TEST0_EPRLD); 868 869 DELAY(10 * 1000); 870 871 /* A reset seems to affect the SRAM contents, so put them into 872 * a known state. 873 */ 874 atw_clear_sram(sc); 875 876 memset(sc->sc_bssid, 0, sizeof(sc->sc_bssid)); 877 878 sc->sc_lost_bcn_thresh = 0; 879 } 880 881 static void 882 atw_clear_sram(struct atw_softc *sc) 883 { 884 #if 0 885 for (addr = 0; addr < 448; addr++) { 886 ATW_WRITE(sc, ATW_WEPCTL, 887 ATW_WEPCTL_WR | ATW_WEPCTL_UNKNOWN0 | addr); 888 DELAY(1000); 889 ATW_WRITE(sc, ATW_WESK, 0); 890 DELAY(1000); /* paranoia */ 891 } 892 return; 893 #endif 894 memset(sc->sc_sram, 0, sizeof(sc->sc_sram)); 895 /* XXX not for revision 0x20. */ 896 atw_write_sram(sc, 0, sc->sc_sram, sizeof(sc->sc_sram)); 897 } 898 899 /* TBD atw_init 900 * 901 * set MAC based on ic->ic_bss->myaddr 902 * write WEP keys 903 * set TX rate 904 */ 905 906 /* 907 * atw_init: [ ifnet interface function ] 908 * 909 * Initialize the interface. Must be called at splnet(). 910 */ 911 int 912 atw_init(struct ifnet *ifp) 913 { 914 struct atw_softc *sc = ifp->if_softc; 915 struct ieee80211com *ic = &sc->sc_ic; 916 struct atw_txsoft *txs; 917 struct atw_rxsoft *rxs; 918 u_int32_t reg; 919 int i, error = 0; 920 921 if ((error = atw_enable(sc)) != 0) 922 goto out; 923 924 /* 925 * Cancel any pending I/O. This also resets. 926 */ 927 atw_stop(ifp, 0); 928 929 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 930 DPRINTF(sc, ("%s: channel %d freq %d flags 0x%04x\n", 931 __func__, ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan), 932 ic->ic_bss->ni_chan->ic_freq, ic->ic_bss->ni_chan->ic_flags)); 933 934 /* Turn off APM??? (A binary-only driver does this.) 935 * 936 * Set Rx store-and-forward mode. 937 */ 938 reg = ATW_READ(sc, ATW_CMDR); 939 reg &= ~ATW_CMDR_APM; 940 reg &= ~ATW_CMDR_DRT_MASK; 941 reg |= ATW_CMDR_RTE | LSHIFT(0x2, ATW_CMDR_DRT_MASK); 942 943 ATW_WRITE(sc, ATW_CMDR, reg); 944 945 /* Set data rate for PLCP Signal field, 1Mbps = 10 x 100Kb/s. 946 * 947 * XXX a binary-only driver sets a different service field than 948 * 0. why? 949 */ 950 reg = ATW_READ(sc, ATW_PLCPHD); 951 reg &= ~(ATW_PLCPHD_SERVICE_MASK|ATW_PLCPHD_SIGNAL_MASK); 952 reg |= LSHIFT(10, ATW_PLCPHD_SIGNAL_MASK) | 953 LSHIFT(0xb0, ATW_PLCPHD_SERVICE_MASK); 954 ATW_WRITE(sc, ATW_PLCPHD, reg); 955 956 /* XXX this magic can probably be figured out from the RFMD docs */ 957 reg = LSHIFT(4, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 958 LSHIFT(13, ATW_TOFS2_PWR0PAPE_MASK) | /* 13 us */ 959 LSHIFT(8, ATW_TOFS2_PWR1PAPE_MASK) | /* 8 us */ 960 LSHIFT(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 961 LSHIFT(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 962 LSHIFT(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 963 LSHIFT(4, ATW_TOFS2_PWR1PE2_MASK) | /* 4 us */ 964 LSHIFT(5, ATW_TOFS2_PWR0TXPE_MASK); /* 5 us */ 965 ATW_WRITE(sc, ATW_TOFS2, reg); 966 967 ATW_WRITE(sc, ATW_TXLMT, LSHIFT(512, ATW_TXLMT_MTMLT_MASK) | 968 LSHIFT(224, ATW_TXLMT_SRTYLIM_MASK)); 969 970 /* XXX this resets an Intersil RF front-end? */ 971 /* TBD condition on Intersil RFType? */ 972 ATW_WRITE(sc, ATW_SYNRF, ATW_SYNRF_INTERSIL_EN); 973 DELAY(10 * 1000); 974 ATW_WRITE(sc, ATW_SYNRF, 0); 975 DELAY(5 * 1000); 976 977 /* 16 TU max duration for contention-free period */ 978 reg = ATW_READ(sc, ATW_CFPP) & ~ATW_CFPP_CFPMD; 979 ATW_WRITE(sc, ATW_CFPP, reg | LSHIFT(16, ATW_CFPP_CFPMD)); 980 981 /* XXX I guess that the Cardbus clock is 22MHz? 982 * I am assuming that the role of ATW_TOFS0_USCNT is 983 * to divide the bus clock to get a 1MHz clock---the datasheet is not 984 * very clear on this point. It says in the datasheet that it is 985 * possible for the ADM8211 to accomodate bus speeds between 22MHz 986 * and 33MHz; maybe this is the way? I see a binary-only driver write 987 * these values. These values are also the power-on default. 988 */ 989 ATW_WRITE(sc, ATW_TOFS0, 990 LSHIFT(22, ATW_TOFS0_USCNT_MASK) | 991 ATW_TOFS0_TUCNT_MASK /* set all bits in TUCNT */); 992 993 /* Initialize interframe spacing. EIFS=0x64 is used by a binary-only 994 * driver. Go figure. 995 */ 996 reg = LSHIFT(IEEE80211_DUR_DS_SLOT, ATW_IFST_SLOT_MASK) | 997 LSHIFT(22 * IEEE80211_DUR_DS_SIFS /* # of 22MHz cycles */, 998 ATW_IFST_SIFS_MASK) | 999 LSHIFT(IEEE80211_DUR_DS_DIFS, ATW_IFST_DIFS_MASK) | 1000 LSHIFT(0x64 /* IEEE80211_DUR_DS_EIFS */, ATW_IFST_EIFS_MASK); 1001 1002 ATW_WRITE(sc, ATW_IFST, reg); 1003 1004 /* XXX More magic. Might relate to ACK timing. */ 1005 ATW_WRITE(sc, ATW_RSPT, LSHIFT(0xffff, ATW_RSPT_MART_MASK) | 1006 LSHIFT(0xff, ATW_RSPT_MIRT_MASK)); 1007 1008 /* Set up the MMI read/write addresses for the BBP. 1009 * 1010 * TBD find out the Marvel settings. 1011 */ 1012 switch (sc->sc_bbptype) { 1013 case ATW_BBPTYPE_INTERSIL: 1014 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_INTERSIL); 1015 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_INTERSIL); 1016 ATW_WRITE(sc, ATW_MMIRADDR2, ATW_MMIRADDR2_INTERSIL); 1017 break; 1018 case ATW_BBPTYPE_MARVEL: 1019 break; 1020 case ATW_BBPTYPE_RFMD: 1021 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_RFMD); 1022 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_RFMD); 1023 ATW_WRITE(sc, ATW_MMIRADDR2, ATW_MMIRADDR2_RFMD); 1024 default: 1025 break; 1026 } 1027 1028 sc->sc_wepctl = 0; 1029 ATW_WRITE(sc, ATW_MACTEST, ATW_MACTEST_MMI_USETXCLK); 1030 1031 if ((error = atw_rf3000_init(sc)) != 0) 1032 goto out; 1033 1034 /* 1035 * Initialize the PCI Access Register. 1036 */ 1037 sc->sc_busmode = ATW_PAR_BAR; /* XXX what is this? */ 1038 1039 /* 1040 * If we're allowed to do so, use Memory Read Line 1041 * and Memory Read Multiple. 1042 * 1043 * XXX Should we use Memory Write and Invalidate? 1044 */ 1045 if (sc->sc_flags & ATWF_MRL) 1046 sc->sc_busmode |= ATW_PAR_MRLE; 1047 if (sc->sc_flags & ATWF_MRM) 1048 sc->sc_busmode |= ATW_PAR_MRME; 1049 if (sc->sc_flags & ATWF_MWI) 1050 sc->sc_busmode |= ATW_PAR_MWIE; 1051 if (sc->sc_maxburst == 0) 1052 sc->sc_maxburst = 8; /* ADM8211 default */ 1053 1054 switch (sc->sc_cacheline) { 1055 default: 1056 /* Use burst length. */ 1057 break; 1058 case 8: 1059 sc->sc_busmode |= ATW_PAR_CAL_8DW; 1060 break; 1061 case 16: 1062 sc->sc_busmode |= ATW_PAR_CAL_16DW; 1063 break; 1064 case 32: 1065 sc->sc_busmode |= ATW_PAR_CAL_32DW; 1066 break; 1067 } 1068 switch (sc->sc_maxburst) { 1069 case 1: 1070 sc->sc_busmode |= ATW_PAR_PBL_1DW; 1071 break; 1072 case 2: 1073 sc->sc_busmode |= ATW_PAR_PBL_2DW; 1074 break; 1075 case 4: 1076 sc->sc_busmode |= ATW_PAR_PBL_4DW; 1077 break; 1078 case 8: 1079 sc->sc_busmode |= ATW_PAR_PBL_8DW; 1080 break; 1081 case 16: 1082 sc->sc_busmode |= ATW_PAR_PBL_16DW; 1083 break; 1084 case 32: 1085 sc->sc_busmode |= ATW_PAR_PBL_32DW; 1086 break; 1087 default: 1088 sc->sc_busmode |= ATW_PAR_PBL_8DW; 1089 break; 1090 } 1091 1092 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 1093 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 1094 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 1095 1096 /* 1097 * Initialize the OPMODE register. We don't write it until 1098 * we're ready to begin the transmit and receive processes. 1099 */ 1100 sc->sc_opmode = ATW_NAR_SR | ATW_NAR_ST | 1101 sc->sc_txth[sc->sc_txthresh].txth_opmode; 1102 1103 /* 1104 * Initialize the transmit descriptor ring. 1105 */ 1106 memset(sc->sc_txdescs, 0, sizeof(sc->sc_txdescs)); 1107 for (i = 0; i < ATW_NTXDESC; i++) { 1108 /* no transmit chaining */ 1109 sc->sc_txdescs[i].at_ctl = 0 /* ATW_TXFLAG_TCH */; 1110 sc->sc_txdescs[i].at_buf2 = 1111 htole32(ATW_CDTXADDR(sc, ATW_NEXTTX(i))); 1112 } 1113 /* use ring mode */ 1114 sc->sc_txdescs[ATW_NTXDESC - 1].at_ctl |= ATW_TXFLAG_TER; 1115 ATW_CDTXSYNC(sc, 0, ATW_NTXDESC, 1116 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 1117 sc->sc_txfree = ATW_NTXDESC; 1118 sc->sc_txnext = 0; 1119 1120 /* 1121 * Initialize the transmit job descriptors. 1122 */ 1123 SIMPLEQ_INIT(&sc->sc_txfreeq); 1124 SIMPLEQ_INIT(&sc->sc_txdirtyq); 1125 for (i = 0; i < ATW_TXQUEUELEN; i++) { 1126 txs = &sc->sc_txsoft[i]; 1127 txs->txs_mbuf = NULL; 1128 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 1129 } 1130 1131 /* 1132 * Initialize the receive descriptor and receive job 1133 * descriptor rings. 1134 */ 1135 for (i = 0; i < ATW_NRXDESC; i++) { 1136 rxs = &sc->sc_rxsoft[i]; 1137 if (rxs->rxs_mbuf == NULL) { 1138 if ((error = atw_add_rxbuf(sc, i)) != 0) { 1139 printf("%s: unable to allocate or map rx " 1140 "buffer %d, error = %d\n", 1141 sc->sc_dev.dv_xname, i, error); 1142 /* 1143 * XXX Should attempt to run with fewer receive 1144 * XXX buffers instead of just failing. 1145 */ 1146 atw_rxdrain(sc); 1147 goto out; 1148 } 1149 } else 1150 ATW_INIT_RXDESC(sc, i); 1151 } 1152 sc->sc_rxptr = 0; 1153 1154 /* disable all wake-up events */ 1155 ATW_CLR(sc, ATW_WCSR, ATW_WCSR_WP1E|ATW_WCSR_WP2E|ATW_WCSR_WP3E| 1156 ATW_WCSR_WP4E|ATW_WCSR_WP5E|ATW_WCSR_TSFTWE| 1157 ATW_WCSR_TIMWE|ATW_WCSR_ATIMWE|ATW_WCSR_KEYWE| 1158 ATW_WCSR_WFRE|ATW_WCSR_MPRE|ATW_WCSR_LSOE); 1159 1160 /* ack all wake-up events */ 1161 ATW_SET(sc, ATW_WCSR, 0); 1162 1163 /* 1164 * Initialize the interrupt mask and enable interrupts. 1165 */ 1166 /* normal interrupts */ 1167 sc->sc_inten = ATW_INTR_TCI | ATW_INTR_TDU | ATW_INTR_RCI | 1168 ATW_INTR_NISS | ATW_INTR_LINKON | ATW_INTR_BCNTC; 1169 1170 /* abnormal interrupts */ 1171 sc->sc_inten |= ATW_INTR_TPS | ATW_INTR_TLT | ATW_INTR_TRT | 1172 ATW_INTR_TUF | ATW_INTR_RDU | ATW_INTR_RPS | ATW_INTR_AISS | 1173 ATW_INTR_FBE | ATW_INTR_LINKOFF | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1174 1175 sc->sc_linkint_mask = ATW_INTR_LINKON | ATW_INTR_LINKOFF | 1176 ATW_INTR_BCNTC | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1177 sc->sc_rxint_mask = ATW_INTR_RCI | ATW_INTR_RDU; 1178 sc->sc_txint_mask = ATW_INTR_TCI | ATW_INTR_TUF | ATW_INTR_TLT | 1179 ATW_INTR_TRT; 1180 1181 sc->sc_linkint_mask &= sc->sc_inten; 1182 sc->sc_rxint_mask &= sc->sc_inten; 1183 sc->sc_txint_mask &= sc->sc_inten; 1184 1185 ATW_WRITE(sc, ATW_IER, sc->sc_inten); 1186 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1187 if (sc->sc_intr_ack != NULL) 1188 (*sc->sc_intr_ack)(sc); 1189 1190 DPRINTF(sc, ("%s: ATW_IER %08x, inten %08x\n", 1191 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_IER), sc->sc_inten)); 1192 1193 /* 1194 * Give the transmit and receive rings to the ADM8211. 1195 */ 1196 ATW_WRITE(sc, ATW_TDBD, ATW_CDTXADDR(sc, sc->sc_txnext)); 1197 ATW_WRITE(sc, ATW_RDB, ATW_CDRXADDR(sc, sc->sc_rxptr)); 1198 1199 /* common 802.11 configuration */ 1200 ic->ic_flags &= ~IEEE80211_F_IBSSON; 1201 switch (ic->ic_opmode) { 1202 case IEEE80211_M_STA: 1203 sc->sc_opmode &= ~ATW_NAR_EA; 1204 break; 1205 case IEEE80211_M_AHDEMO: /* XXX */ 1206 case IEEE80211_M_IBSS: 1207 ic->ic_flags |= IEEE80211_F_IBSSON; 1208 /*FALLTHROUGH*/ 1209 case IEEE80211_M_HOSTAP: /* XXX */ 1210 /* EA bit seems important for ad hoc reception. */ 1211 sc->sc_opmode |= ATW_NAR_EA; 1212 break; 1213 case IEEE80211_M_MONITOR: /* XXX */ 1214 break; 1215 } 1216 1217 atw_start_beacon(sc, 0); 1218 1219 switch (ic->ic_opmode) { 1220 case IEEE80211_M_AHDEMO: 1221 case IEEE80211_M_HOSTAP: 1222 ic->ic_bss->ni_intval = ic->ic_lintval; 1223 ic->ic_bss->ni_rssi = 0; 1224 ic->ic_bss->ni_rstamp = 0; 1225 break; 1226 default: /* XXX */ 1227 break; 1228 } 1229 1230 atw_write_ssid(sc); 1231 atw_write_sup_rates(sc); 1232 if (ic->ic_caps & IEEE80211_C_WEP) 1233 atw_write_wep(sc); 1234 1235 /* 1236 * Set the receive filter. This will start the transmit and 1237 * receive processes. 1238 */ 1239 atw_filter_setup(sc); 1240 1241 /* 1242 * Start the receive process. 1243 */ 1244 ATW_WRITE(sc, ATW_RDR, 0x1); 1245 1246 /* 1247 * Note that the interface is now running. 1248 */ 1249 ifp->if_flags |= IFF_RUNNING; 1250 ifp->if_flags &= ~IFF_OACTIVE; 1251 ic->ic_state = IEEE80211_S_INIT; 1252 1253 if (ic->ic_opmode != IEEE80211_M_MONITOR) 1254 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1255 else 1256 error = ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1257 out: 1258 if (error) { 1259 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1260 ifp->if_timer = 0; 1261 printf("%s: interface not running\n", sc->sc_dev.dv_xname); 1262 } 1263 #ifdef ATW_DEBUG 1264 atw_print_regs(sc, "end of init"); 1265 #endif /* ATW_DEBUG */ 1266 1267 return (error); 1268 } 1269 1270 /* enable == 1: host control of RF3000/Si4126 through ATW_SYNCTL. 1271 * 0: MAC control of RF3000/Si4126. 1272 * 1273 * Applies power, or selects RF front-end? Sets reset condition. 1274 * 1275 * TBD support non-RFMD BBP, non-SiLabs synth. 1276 */ 1277 static void 1278 atw_rfio_enable(struct atw_softc *sc, int enable) 1279 { 1280 if (enable) { 1281 ATW_WRITE(sc, ATW_SYNRF, 1282 ATW_SYNRF_SELRF|ATW_SYNRF_PE1|ATW_SYNRF_PHYRST); 1283 DELAY(atw_rfio_enable_delay); 1284 } else { 1285 ATW_WRITE(sc, ATW_SYNRF, 0); 1286 DELAY(atw_rfio_disable_delay); /* shorter for some reason */ 1287 } 1288 } 1289 1290 static int 1291 atw_tune(struct atw_softc *sc) 1292 { 1293 int rc; 1294 u_int32_t reg; 1295 int chan; 1296 struct ieee80211com *ic = &sc->sc_ic; 1297 1298 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 1299 if (chan == IEEE80211_CHAN_ANY) 1300 panic("%s: chan == IEEE80211_CHAN_ANY\n", __func__); 1301 1302 if (chan == sc->sc_cur_chan) 1303 return 0; 1304 1305 DPRINTF(sc, ("%s: chan %d -> %d\n", sc->sc_dev.dv_xname, 1306 sc->sc_cur_chan, chan)); 1307 1308 atw_idle(sc, ATW_NAR_SR|ATW_NAR_ST); 1309 1310 if ((rc = atw_si4126_tune(sc, chan)) != 0 || 1311 (rc = atw_rf3000_tune(sc, chan)) != 0) 1312 printf("%s: failed to tune channel %d\n", sc->sc_dev.dv_xname, 1313 chan); 1314 1315 reg = ATW_READ(sc, ATW_CAP0) & ~ATW_CAP0_CHN_MASK; 1316 ATW_WRITE(sc, ATW_CAP0, 1317 reg | LSHIFT(chan, ATW_CAP0_CHN_MASK)); 1318 1319 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 1320 1321 if (rc == 0) 1322 sc->sc_cur_chan = chan; 1323 1324 return rc; 1325 } 1326 1327 #ifdef ATW_DEBUG 1328 static void 1329 atw_si4126_print(struct atw_softc *sc) 1330 { 1331 struct ifnet *ifp = &sc->sc_ic.ic_if; 1332 u_int addr, val; 1333 1334 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1335 return; 1336 1337 for (addr = 0; addr <= 8; addr++) { 1338 printf("%s: synth[%d] = ", sc->sc_dev.dv_xname, addr); 1339 if (atw_si4126_read(sc, addr, &val) == 0) { 1340 printf("<unknown> (quitting print-out)\n"); 1341 break; 1342 } 1343 printf("%05x\n", val); 1344 } 1345 } 1346 #endif /* ATW_DEBUG */ 1347 1348 /* Tune to channel chan by adjusting the Si4126 RF/IF synthesizer. 1349 * 1350 * The RF/IF synthesizer produces two reference frequencies for 1351 * the RF2948B transceiver. The first frequency the RF2948B requires 1352 * is two times the so-called "intermediate frequency" (IF). Since 1353 * a SAW filter on the radio fixes the IF at 374MHz, I program the 1354 * Si4126 to generate IF LO = 374MHz x 2 = 748MHz. The second 1355 * frequency required by the transceiver is the radio frequency 1356 * (RF). This is a superheterodyne transceiver; for f(chan) the 1357 * center frequency of the channel we are tuning, RF = f(chan) - 1358 * IF. 1359 * 1360 * XXX I am told by SiLabs that the Si4126 will accept a broader range 1361 * of XIN than the 2-25MHz mentioned by the datasheet, even *without* 1362 * XINDIV2 = 1. I've tried this (it is necessary to double R) and it 1363 * works, but I have still programmed for XINDIV2 = 1 to be safe. 1364 */ 1365 static int 1366 atw_si4126_tune(struct atw_softc *sc, u_int8_t chan) 1367 { 1368 int rc = 0; 1369 u_int mhz; 1370 u_int R; 1371 u_int32_t reg; 1372 u_int16_t gain; 1373 1374 #ifdef ATW_DEBUG 1375 atw_si4126_print(sc); 1376 #endif /* ATW_DEBUG */ 1377 1378 if (chan == 14) 1379 mhz = 2484; 1380 else 1381 mhz = 2412 + 5 * (chan - 1); 1382 1383 /* Tune IF to 748MHz to suit the IF LO input of the 1384 * RF2494B, which is 2 x IF. No need to set an IF divider 1385 * because an IF in 526MHz - 952MHz is allowed. 1386 * 1387 * XIN is 44.000MHz, so divide it by two to get allowable 1388 * range of 2-25MHz. SiLabs tells me that this is not 1389 * strictly necessary. 1390 */ 1391 1392 R = 44; 1393 1394 atw_rfio_enable(sc, 1); 1395 1396 /* Power-up RF, IF synthesizers. */ 1397 if ((rc = atw_si4126_write(sc, SI4126_POWER, 1398 SI4126_POWER_PDIB|SI4126_POWER_PDRB)) != 0) 1399 goto out; 1400 1401 /* If RF2 N > 2047, then set KP2 to 1. */ 1402 gain = LSHIFT(((mhz - 374) > 2047) ? 1 : 0, SI4126_GAIN_KP2_MASK); 1403 1404 if ((rc = atw_si4126_write(sc, SI4126_GAIN, gain)) != 0) 1405 goto out; 1406 1407 /* set LPWR, too? */ 1408 if ((rc = atw_si4126_write(sc, SI4126_MAIN, 1409 SI4126_MAIN_XINDIV2)) != 0) 1410 goto out; 1411 1412 /* We set XINDIV2 = 1, so IF = N/(2 * R) * XIN. XIN = 44MHz. 1413 * I choose N = 1496, R = 44 so that 1496/(2 * 44) * 44MHz = 748MHz. 1414 */ 1415 if ((rc = atw_si4126_write(sc, SI4126_IFN, 1496)) != 0) 1416 goto out; 1417 1418 if ((rc = atw_si4126_write(sc, SI4126_IFR, R)) != 0) 1419 goto out; 1420 1421 /* Set RF1 arbitrarily. DO NOT configure RF1 after RF2, because 1422 * then RF1 becomes the active RF synthesizer, even on the Si4126, 1423 * which has no RF1! 1424 */ 1425 if ((rc = atw_si4126_write(sc, SI4126_RF1R, R)) != 0) 1426 goto out; 1427 1428 if ((rc = atw_si4126_write(sc, SI4126_RF1N, mhz - 374)) != 0) 1429 goto out; 1430 1431 /* N/R * XIN = RF. XIN = 44MHz. We desire RF = mhz - IF, 1432 * where IF = 374MHz. Let's divide XIN to 1MHz. So R = 44. 1433 * Now let's multiply it to mhz. So mhz - IF = N. 1434 */ 1435 if ((rc = atw_si4126_write(sc, SI4126_RF2R, R)) != 0) 1436 goto out; 1437 1438 if ((rc = atw_si4126_write(sc, SI4126_RF2N, mhz - 374)) != 0) 1439 goto out; 1440 1441 /* wait 100us from power-up for RF, IF to settle */ 1442 DELAY(100); 1443 1444 if ((sc->sc_if.if_flags & IFF_LINK1) == 0 || chan == 14) { 1445 /* XXX there is a binary driver which sends 1446 * ATW_GPIO_EN_MASK = 1, ATW_GPIO_O_MASK = 1. I had speculated 1447 * that this enables the Si4126 by raising its PWDN#, but I 1448 * think that it actually sets the Prism RF front-end 1449 * to a special mode for channel 14. 1450 */ 1451 reg = ATW_READ(sc, ATW_GPIO); 1452 reg &= ~(ATW_GPIO_EN_MASK|ATW_GPIO_O_MASK|ATW_GPIO_I_MASK); 1453 reg |= LSHIFT(1, ATW_GPIO_EN_MASK) | LSHIFT(1, ATW_GPIO_O_MASK); 1454 ATW_WRITE(sc, ATW_GPIO, reg); 1455 } 1456 1457 #ifdef ATW_DEBUG 1458 atw_si4126_print(sc); 1459 #endif /* ATW_DEBUG */ 1460 1461 out: 1462 atw_rfio_enable(sc, 0); 1463 1464 return rc; 1465 } 1466 1467 /* Baseline initialization of RF3000 BBP: set CCA mode and enable antenna 1468 * diversity. 1469 * 1470 * Call this w/ Tx/Rx suspended. 1471 */ 1472 static int 1473 atw_rf3000_init(struct atw_softc *sc) 1474 { 1475 int rc = 0; 1476 1477 atw_idle(sc, ATW_NAR_SR|ATW_NAR_ST); 1478 1479 atw_rfio_enable(sc, 1); 1480 1481 /* enable diversity */ 1482 rc = atw_rf3000_write(sc, RF3000_DIVCTL, RF3000_DIVCTL_ENABLE); 1483 1484 if (rc != 0) 1485 goto out; 1486 1487 /* sensible setting from a binary-only driver */ 1488 rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1489 LSHIFT(0x1d, RF3000_GAINCTL_TXVGC_MASK)); 1490 1491 if (rc != 0) 1492 goto out; 1493 1494 /* magic from a binary-only driver */ 1495 rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, 1496 LSHIFT(0x38, RF3000_LOGAINCAL_CAL_MASK)); 1497 1498 if (rc != 0) 1499 goto out; 1500 1501 rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, RF3000_HIGAINCAL_DSSSPAD); 1502 1503 if (rc != 0) 1504 goto out; 1505 1506 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, 0x0); 1507 1508 if (rc != 0) 1509 goto out; 1510 1511 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, RF3000_OPTIONS2_LNAGS_DELAY); 1512 1513 if (rc != 0) 1514 goto out; 1515 1516 /* CCA is acquisition sensitive */ 1517 rc = atw_rf3000_write(sc, RF3000_CCACTL, 1518 LSHIFT(RF3000_CCACTL_MODE_ACQ, RF3000_CCACTL_MODE_MASK)); 1519 1520 if (rc != 0) 1521 goto out; 1522 1523 out: 1524 atw_rfio_enable(sc, 0); 1525 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 1526 return rc; 1527 } 1528 1529 #ifdef ATW_DEBUG 1530 static void 1531 atw_rf3000_print(struct atw_softc *sc) 1532 { 1533 struct ifnet *ifp = &sc->sc_ic.ic_if; 1534 u_int addr, val; 1535 1536 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1537 return; 1538 1539 for (addr = 0x01; addr <= 0x15; addr++) { 1540 printf("%s: bbp[%d] = \n", sc->sc_dev.dv_xname, addr); 1541 if (atw_rf3000_read(sc, addr, &val) != 0) { 1542 printf("<unknown> (quitting print-out)\n"); 1543 break; 1544 } 1545 printf("%08x\n", val); 1546 } 1547 } 1548 #endif /* ATW_DEBUG */ 1549 1550 /* Set the power settings on the BBP for channel `chan'. */ 1551 static int 1552 atw_rf3000_tune(struct atw_softc *sc, u_int8_t chan) 1553 { 1554 int rc = 0; 1555 u_int32_t reg; 1556 u_int16_t txpower, lpf_cutoff, lna_gs_thresh; 1557 1558 txpower = sc->sc_srom[ATW_SR_TXPOWER(chan)]; 1559 lpf_cutoff = sc->sc_srom[ATW_SR_LPF_CUTOFF(chan)]; 1560 lna_gs_thresh = sc->sc_srom[ATW_SR_LNA_GS_THRESH(chan)]; 1561 1562 /* odd channels: LSB, even channels: MSB */ 1563 if (chan % 2 == 1) { 1564 txpower &= 0xFF; 1565 lpf_cutoff &= 0xFF; 1566 lna_gs_thresh &= 0xFF; 1567 } else { 1568 txpower >>= 8; 1569 lpf_cutoff >>= 8; 1570 lna_gs_thresh >>= 8; 1571 } 1572 1573 #ifdef ATW_DEBUG 1574 atw_rf3000_print(sc); 1575 #endif /* ATW_DEBUG */ 1576 1577 DPRINTF(sc, ("%s: chan %d txpower %02x, lpf_cutoff %02x, " 1578 "lna_gs_thresh %02x\n", 1579 sc->sc_dev.dv_xname, chan, txpower, lpf_cutoff, lna_gs_thresh)); 1580 1581 atw_rfio_enable(sc, 1); 1582 1583 if ((rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1584 LSHIFT(txpower, RF3000_GAINCTL_TXVGC_MASK))) != 0) 1585 goto out; 1586 1587 if ((rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, lpf_cutoff)) != 0) 1588 goto out; 1589 1590 if ((rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, lna_gs_thresh)) != 0) 1591 goto out; 1592 1593 /* from a binary-only driver. */ 1594 reg = ATW_READ(sc, ATW_PLCPHD); 1595 reg &= ~ATW_PLCPHD_SERVICE_MASK; 1596 reg |= LSHIFT(txpower << 2, ATW_PLCPHD_SERVICE_MASK); 1597 ATW_WRITE(sc, ATW_PLCPHD, reg); 1598 1599 #ifdef ATW_DEBUG 1600 atw_rf3000_print(sc); 1601 #endif /* ATW_DEBUG */ 1602 1603 out: 1604 atw_rfio_enable(sc, 0); 1605 1606 return rc; 1607 } 1608 1609 /* Write a register on the RF3000 baseband processor using the 1610 * registers provided by the ADM8211 for this purpose. 1611 * 1612 * Return 0 on success. 1613 */ 1614 static int 1615 atw_rf3000_write(struct atw_softc *sc, u_int addr, u_int val) 1616 { 1617 u_int32_t reg; 1618 int i; 1619 1620 for (i = 1000; --i >= 0; ) { 1621 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD|ATW_BBPCTL_WR) == 0) 1622 break; 1623 DELAY(100); 1624 } 1625 1626 if (i < 0) { 1627 printf("%s: BBPCTL busy (pre-write)\n", sc->sc_dev.dv_xname); 1628 return ETIMEDOUT; 1629 } 1630 1631 reg = sc->sc_bbpctl_wr | 1632 LSHIFT(val & 0xff, ATW_BBPCTL_DATA_MASK) | 1633 LSHIFT(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1634 1635 ATW_WRITE(sc, ATW_BBPCTL, reg); 1636 1637 for (i = 1000; --i >= 0; ) { 1638 DELAY(100); 1639 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_WR) == 0) 1640 break; 1641 } 1642 1643 ATW_CLR(sc, ATW_BBPCTL, ATW_BBPCTL_WR); 1644 1645 if (i < 0) { 1646 printf("%s: BBPCTL busy (post-write)\n", sc->sc_dev.dv_xname); 1647 return ETIMEDOUT; 1648 } 1649 return 0; 1650 } 1651 1652 /* Read a register on the RF3000 baseband processor using the registers 1653 * the ADM8211 provides for this purpose. 1654 * 1655 * The 7-bit register address is addr. Record the 8-bit data in the register 1656 * in *val. 1657 * 1658 * Return 0 on success. 1659 * 1660 * XXX This does not seem to work. The ADM8211 must require more or 1661 * different magic to read the chip than to write it. Possibly some 1662 * of the magic I have derived from a binary-only driver concerns 1663 * the "chip address" (see the RF3000 manual). 1664 */ 1665 #ifdef ATW_DEBUG 1666 static int 1667 atw_rf3000_read(struct atw_softc *sc, u_int addr, u_int *val) 1668 { 1669 u_int32_t reg; 1670 int i; 1671 1672 for (i = 1000; --i >= 0; ) { 1673 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD|ATW_BBPCTL_WR) == 0) 1674 break; 1675 DELAY(100); 1676 } 1677 1678 if (i < 0) { 1679 printf("%s: start atw_rf3000_read, BBPCTL busy\n", 1680 sc->sc_dev.dv_xname); 1681 return ETIMEDOUT; 1682 } 1683 1684 reg = sc->sc_bbpctl_rd | LSHIFT(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1685 1686 ATW_WRITE(sc, ATW_BBPCTL, reg); 1687 1688 for (i = 1000; --i >= 0; ) { 1689 DELAY(100); 1690 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD) == 0) 1691 break; 1692 } 1693 1694 ATW_CLR(sc, ATW_BBPCTL, ATW_BBPCTL_RD); 1695 1696 if (i < 0) { 1697 printf("%s: atw_rf3000_read wrote %08x; BBPCTL still busy\n", 1698 sc->sc_dev.dv_xname, reg); 1699 return ETIMEDOUT; 1700 } 1701 if (val != NULL) 1702 *val = MASK_AND_RSHIFT(reg, ATW_BBPCTL_DATA_MASK); 1703 return 0; 1704 } 1705 #endif /* ATW_DEBUG */ 1706 1707 /* Write a register on the Si4126 RF/IF synthesizer using the registers 1708 * provided by the ADM8211 for that purpose. 1709 * 1710 * val is 18 bits of data, and val is the 4-bit address of the register. 1711 * 1712 * Return 0 on success. 1713 */ 1714 static int 1715 atw_si4126_write(struct atw_softc *sc, u_int addr, u_int val) 1716 { 1717 u_int32_t bits, reg; 1718 int i; 1719 1720 KASSERT((addr & ~PRESHIFT(SI4126_TWI_ADDR_MASK)) == 0); 1721 KASSERT((val & ~PRESHIFT(SI4126_TWI_DATA_MASK)) == 0); 1722 1723 for (i = 1000; --i >= 0; ) { 1724 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD|ATW_SYNCTL_WR) == 0) 1725 break; 1726 DELAY(100); 1727 } 1728 1729 if (i < 0) { 1730 printf("%s: start atw_si4126_write, SYNCTL busy\n", 1731 sc->sc_dev.dv_xname); 1732 return ETIMEDOUT; 1733 } 1734 1735 bits = LSHIFT(val, SI4126_TWI_DATA_MASK) | 1736 LSHIFT(addr, SI4126_TWI_ADDR_MASK); 1737 1738 reg = sc->sc_synctl_wr | LSHIFT(bits, ATW_SYNCTL_DATA_MASK); 1739 1740 ATW_WRITE(sc, ATW_SYNCTL, reg); 1741 1742 for (i = 1000; --i >= 0; ) { 1743 DELAY(100); 1744 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_WR) == 0) 1745 break; 1746 } 1747 1748 /* restore to acceptable starting condition */ 1749 ATW_CLR(sc, ATW_SYNCTL, ATW_SYNCTL_WR); 1750 1751 if (i < 0) { 1752 printf("%s: atw_si4126_write wrote %08x, SYNCTL still busy\n", 1753 sc->sc_dev.dv_xname, reg); 1754 return ETIMEDOUT; 1755 } 1756 return 0; 1757 } 1758 1759 /* Read 18-bit data from the 4-bit address addr in Si4126 1760 * RF synthesizer and write the data to *val. Return 0 on success. 1761 * 1762 * XXX This does not seem to work. The ADM8211 must require more or 1763 * different magic to read the chip than to write it. 1764 */ 1765 #ifdef ATW_DEBUG 1766 static int 1767 atw_si4126_read(struct atw_softc *sc, u_int addr, u_int *val) 1768 { 1769 u_int32_t reg; 1770 int i; 1771 1772 KASSERT((addr & ~PRESHIFT(SI4126_TWI_ADDR_MASK)) == 0); 1773 1774 for (i = 1000; --i >= 0; ) { 1775 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD|ATW_SYNCTL_WR) == 0) 1776 break; 1777 DELAY(100); 1778 } 1779 1780 if (i < 0) { 1781 printf("%s: start atw_si4126_read, SYNCTL busy\n", 1782 sc->sc_dev.dv_xname); 1783 return ETIMEDOUT; 1784 } 1785 1786 reg = sc->sc_synctl_rd | LSHIFT(addr, ATW_SYNCTL_DATA_MASK); 1787 1788 ATW_WRITE(sc, ATW_SYNCTL, reg); 1789 1790 for (i = 1000; --i >= 0; ) { 1791 DELAY(100); 1792 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD) == 0) 1793 break; 1794 } 1795 1796 ATW_CLR(sc, ATW_SYNCTL, ATW_SYNCTL_RD); 1797 1798 if (i < 0) { 1799 printf("%s: atw_si4126_read wrote %08x, SYNCTL still busy\n", 1800 sc->sc_dev.dv_xname, reg); 1801 return ETIMEDOUT; 1802 } 1803 if (val != NULL) 1804 *val = MASK_AND_RSHIFT(ATW_READ(sc, ATW_SYNCTL), 1805 ATW_SYNCTL_DATA_MASK); 1806 return 0; 1807 } 1808 #endif /* ATW_DEBUG */ 1809 1810 /* XXX is the endianness correct? test. */ 1811 #define atw_calchash(addr) \ 1812 (ether_crc32_le((addr), IEEE80211_ADDR_LEN) & BITS(5, 0)) 1813 1814 /* 1815 * atw_filter_setup: 1816 * 1817 * Set the ADM8211's receive filter. 1818 */ 1819 static void 1820 atw_filter_setup(struct atw_softc *sc) 1821 { 1822 struct ieee80211com *ic = &sc->sc_ic; 1823 struct ethercom *ec = &ic->ic_ec; 1824 struct ifnet *ifp = &sc->sc_ic.ic_if; 1825 int hash; 1826 u_int32_t hashes[2] = { 0, 0 }; 1827 struct ether_multi *enm; 1828 struct ether_multistep step; 1829 1830 DPRINTF(sc, ("%s: atw_filter_setup: sc_flags 0x%08x\n", 1831 sc->sc_dev.dv_xname, sc->sc_flags)); 1832 1833 /* 1834 * If we're running, idle the receive engine. If we're NOT running, 1835 * we're being called from atw_init(), and our writing ATW_NAR will 1836 * start the transmit and receive processes in motion. 1837 */ 1838 if (ifp->if_flags & IFF_RUNNING) 1839 atw_idle(sc, ATW_NAR_SR); 1840 1841 sc->sc_opmode &= ~(ATW_NAR_PR|ATW_NAR_MM); 1842 1843 ifp->if_flags &= ~IFF_ALLMULTI; 1844 1845 if (ifp->if_flags & IFF_PROMISC) { 1846 sc->sc_opmode |= ATW_NAR_PR; 1847 allmulti: 1848 ifp->if_flags |= IFF_ALLMULTI; 1849 goto setit; 1850 } 1851 1852 /* 1853 * Program the 64-bit multicast hash filter. 1854 */ 1855 ETHER_FIRST_MULTI(step, ec, enm); 1856 while (enm != NULL) { 1857 /* XXX */ 1858 if (memcmp(enm->enm_addrlo, enm->enm_addrhi, 1859 ETHER_ADDR_LEN) != 0) 1860 goto allmulti; 1861 1862 hash = atw_calchash(enm->enm_addrlo); 1863 hashes[hash >> 5] |= 1 << (hash & 0x1f); 1864 ETHER_NEXT_MULTI(step, enm); 1865 } 1866 1867 if (ifp->if_flags & IFF_BROADCAST) { 1868 hash = atw_calchash(etherbroadcastaddr); 1869 hashes[hash >> 5] |= 1 << (hash & 0x1f); 1870 } 1871 1872 /* all bits set => hash is useless */ 1873 if (~(hashes[0] & hashes[1]) == 0) 1874 goto allmulti; 1875 1876 setit: 1877 if (ifp->if_flags & IFF_ALLMULTI) 1878 sc->sc_opmode |= ATW_NAR_MM; 1879 1880 /* XXX in scan mode, do not filter packets. maybe this is 1881 * unnecessary. 1882 */ 1883 if (ic->ic_state == IEEE80211_S_SCAN) 1884 sc->sc_opmode |= ATW_NAR_PR; 1885 1886 ATW_WRITE(sc, ATW_MAR0, hashes[0]); 1887 ATW_WRITE(sc, ATW_MAR1, hashes[1]); 1888 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 1889 DPRINTF(sc, ("%s: ATW_NAR %08x opmode %08x\n", sc->sc_dev.dv_xname, 1890 ATW_READ(sc, ATW_NAR), sc->sc_opmode)); 1891 1892 DPRINTF(sc, ("%s: atw_filter_setup: returning\n", sc->sc_dev.dv_xname)); 1893 } 1894 1895 /* Tell the ADM8211 our preferred BSSID. The ADM8211 must match 1896 * a beacon's BSSID and SSID against the preferred BSSID and SSID 1897 * before it will raise ATW_INTR_LINKON. When the ADM8211 receives 1898 * no beacon with the preferred BSSID and SSID in the number of 1899 * beacon intervals given in ATW_BPLI, then it raises ATW_INTR_LINKOFF. 1900 */ 1901 static void 1902 atw_write_bssid(struct atw_softc *sc) 1903 { 1904 struct ieee80211com *ic = &sc->sc_ic; 1905 u_int8_t *bssid; 1906 1907 bssid = ic->ic_bss->ni_bssid; 1908 1909 ATW_WRITE(sc, ATW_ABDA1, 1910 (ATW_READ(sc, ATW_ABDA1) & 1911 ~(ATW_ABDA1_BSSIDB4_MASK|ATW_ABDA1_BSSIDB5_MASK)) | 1912 LSHIFT(bssid[4], ATW_ABDA1_BSSIDB4_MASK) | 1913 LSHIFT(bssid[5], ATW_ABDA1_BSSIDB5_MASK)); 1914 1915 ATW_WRITE(sc, ATW_BSSID0, 1916 LSHIFT(bssid[0], ATW_BSSID0_BSSIDB0_MASK) | 1917 LSHIFT(bssid[1], ATW_BSSID0_BSSIDB1_MASK) | 1918 LSHIFT(bssid[2], ATW_BSSID0_BSSIDB2_MASK) | 1919 LSHIFT(bssid[3], ATW_BSSID0_BSSIDB3_MASK)); 1920 1921 DPRINTF(sc, ("%s: BSSID %s -> ", sc->sc_dev.dv_xname, 1922 ether_sprintf(sc->sc_bssid))); 1923 DPRINTF(sc, ("%s\n", ether_sprintf(bssid))); 1924 1925 memcpy(sc->sc_bssid, bssid, sizeof(sc->sc_bssid)); 1926 } 1927 1928 /* Tell the ADM8211 how many beacon intervals must pass without 1929 * receiving a beacon with the preferred BSSID & SSID set by 1930 * atw_write_bssid and atw_write_ssid before ATW_INTR_LINKOFF 1931 * raised. 1932 */ 1933 static void 1934 atw_write_bcn_thresh(struct atw_softc *sc) 1935 { 1936 struct ieee80211com *ic = &sc->sc_ic; 1937 int lost_bcn_thresh; 1938 1939 /* Lose link after one second or 7 beacons, whichever comes 1940 * first, but do not lose link before 2 beacons are lost. 1941 * 1942 * In host AP mode, set the lost-beacon threshold to 0. 1943 */ 1944 if (ic->ic_opmode == IEEE80211_M_HOSTAP) 1945 lost_bcn_thresh = 0; 1946 else { 1947 int beacons_per_second = 1948 1000000 / (IEEE80211_DUR_TU * MAX(1,ic->ic_bss->ni_intval)); 1949 lost_bcn_thresh = MAX(2, MIN(7, beacons_per_second)); 1950 } 1951 1952 /* XXX resets wake-up status bits */ 1953 ATW_WRITE(sc, ATW_WCSR, 1954 (ATW_READ(sc, ATW_WCSR) & ~ATW_WCSR_BLN_MASK) | 1955 (LSHIFT(lost_bcn_thresh, ATW_WCSR_BLN_MASK) & ATW_WCSR_BLN_MASK)); 1956 1957 DPRINTF(sc, ("%s: lost-beacon threshold %d -> %d\n", 1958 sc->sc_dev.dv_xname, sc->sc_lost_bcn_thresh, lost_bcn_thresh)); 1959 1960 sc->sc_lost_bcn_thresh = lost_bcn_thresh; 1961 1962 DPRINTF(sc, ("%s: atw_write_bcn_thresh reg[WCSR] = %08x\n", 1963 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_WCSR))); 1964 } 1965 1966 /* Write buflen bytes from buf to SRAM starting at the SRAM's ofs'th 1967 * 16-bit word. 1968 */ 1969 static void 1970 atw_write_sram(struct atw_softc *sc, u_int ofs, u_int8_t *buf, u_int buflen) 1971 { 1972 u_int i; 1973 u_int8_t *ptr; 1974 1975 memcpy(&sc->sc_sram[ofs], buf, buflen); 1976 1977 if (ofs % 2 != 0) { 1978 ofs--; 1979 buflen++; 1980 } 1981 1982 if (buflen % 2 != 0) 1983 buflen++; 1984 1985 assert(buflen + ofs <= ATW_SRAM_SIZE); 1986 1987 ptr = &sc->sc_sram[ofs]; 1988 1989 for (i = 0; i < buflen; i += 2) { 1990 ATW_WRITE(sc, ATW_WEPCTL, ATW_WEPCTL_WR | 1991 LSHIFT((ofs + i) / 2, ATW_WEPCTL_TBLADD_MASK)); 1992 DELAY(atw_writewep_delay); 1993 1994 ATW_WRITE(sc, ATW_WESK, 1995 LSHIFT((ptr[i + 1] << 8) | ptr[i], ATW_WESK_DATA_MASK)); 1996 DELAY(atw_writewep_delay); 1997 } 1998 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); /* restore WEP condition */ 1999 2000 if (sc->sc_if.if_flags & IFF_DEBUG) { 2001 int n_octets = 0; 2002 printf("%s: wrote %d bytes at 0x%x wepctl 0x%08x\n", 2003 sc->sc_dev.dv_xname, buflen, ofs, sc->sc_wepctl); 2004 for (i = 0; i < buflen; i++) { 2005 printf(" %02x", ptr[i]); 2006 if (++n_octets % 24 == 0) 2007 printf("\n"); 2008 } 2009 if (n_octets % 24 != 0) 2010 printf("\n"); 2011 } 2012 } 2013 2014 /* Write WEP keys from the ieee80211com to the ADM8211's SRAM. */ 2015 static void 2016 atw_write_wep(struct atw_softc *sc) 2017 { 2018 struct ieee80211com *ic = &sc->sc_ic; 2019 /* SRAM shared-key record format: key0 flags key1 ... key12 */ 2020 u_int8_t buf[IEEE80211_WEP_NKID] 2021 [1 /* key[0] */ + 1 /* flags */ + 12 /* key[1 .. 12] */]; 2022 u_int32_t reg; 2023 int i; 2024 2025 sc->sc_wepctl = 0; 2026 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); 2027 2028 if ((ic->ic_flags & IEEE80211_F_WEPON) == 0) 2029 return; 2030 2031 memset(&buf[0][0], 0, sizeof(buf)); 2032 2033 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2034 if (ic->ic_nw_keys[i].wk_len > 5) { 2035 buf[i][1] = ATW_WEP_ENABLED | ATW_WEP_104BIT; 2036 } else if (ic->ic_nw_keys[i].wk_len != 0) { 2037 buf[i][1] = ATW_WEP_ENABLED; 2038 } else { 2039 buf[i][1] = 0; 2040 continue; 2041 } 2042 buf[i][0] = ic->ic_nw_keys[i].wk_key[0]; 2043 memcpy(&buf[i][2], &ic->ic_nw_keys[i].wk_key[1], 2044 ic->ic_nw_keys[i].wk_len - 1); 2045 } 2046 2047 reg = ATW_READ(sc, ATW_MACTEST); 2048 reg |= ATW_MACTEST_MMI_USETXCLK | ATW_MACTEST_FORCE_KEYID; 2049 reg &= ~ATW_MACTEST_KEYID_MASK; 2050 reg |= LSHIFT(ic->ic_wep_txkey, ATW_MACTEST_KEYID_MASK); 2051 ATW_WRITE(sc, ATW_MACTEST, reg); 2052 2053 /* RX bypass WEP if revision != 0x20. (I assume revision != 0x20 2054 * throughout.) 2055 */ 2056 sc->sc_wepctl = ATW_WEPCTL_WEPENABLE | ATW_WEPCTL_WEPRXBYP; 2057 if (sc->sc_if.if_flags & IFF_LINK2) 2058 sc->sc_wepctl &= ~ATW_WEPCTL_WEPRXBYP; 2059 2060 atw_write_sram(sc, ATW_SRAM_ADDR_SHARED_KEY, (u_int8_t*)&buf[0][0], 2061 sizeof(buf)); 2062 } 2063 2064 const struct timeval atw_beacon_mininterval = {1, 0}; /* 1s */ 2065 2066 static void 2067 atw_recv_mgmt(struct ieee80211com *ic, struct mbuf *m, 2068 struct ieee80211_node *ni, int subtype, int rssi, u_int32_t rstamp) 2069 { 2070 struct atw_softc *sc = (struct atw_softc*)ic->ic_softc; 2071 2072 switch (subtype) { 2073 case IEEE80211_FC0_SUBTYPE_PROBE_REQ: 2074 /* do nothing: hardware answers probe request */ 2075 break; 2076 case IEEE80211_FC0_SUBTYPE_PROBE_RESP: 2077 case IEEE80211_FC0_SUBTYPE_BEACON: 2078 atw_recv_beacon(ic, m, ni, subtype, rssi, rstamp); 2079 break; 2080 default: 2081 (*sc->sc_recv_mgmt)(ic, m, ni, subtype, rssi, rstamp); 2082 break; 2083 } 2084 return; 2085 } 2086 2087 /* In ad hoc mode, atw_recv_beacon is responsible for the coalescence 2088 * of IBSSs with like SSID/channel but different BSSID. It joins the 2089 * oldest IBSS (i.e., with greatest TSF time), since that is the WECA 2090 * convention. Possibly the ADMtek chip does this for us; I will have 2091 * to test to find out. 2092 * 2093 * XXX we should add the duration field of the received beacon to 2094 * the TSF time it contains before comparing it with the ADM8211's 2095 * TSF. 2096 */ 2097 static void 2098 atw_recv_beacon(struct ieee80211com *ic, struct mbuf *m0, 2099 struct ieee80211_node *ni, int subtype, int rssi, u_int32_t rstamp) 2100 { 2101 struct atw_softc *sc; 2102 struct ieee80211_frame *wh; 2103 u_int64_t tsft, bcn_tsft; 2104 u_int32_t tsftl, tsfth; 2105 int do_print = 0; 2106 2107 sc = (struct atw_softc*)ic->ic_if.if_softc; 2108 2109 if (ic->ic_if.if_flags & IFF_DEBUG) 2110 do_print = (ic->ic_if.if_flags & IFF_LINK0) 2111 ? 1 : ratecheck(&sc->sc_last_beacon, &atw_beacon_mininterval); 2112 2113 wh = mtod(m0, struct ieee80211_frame *); 2114 2115 (*sc->sc_recv_mgmt)(ic, m0, ni, subtype, rssi, rstamp); 2116 2117 if (ic->ic_state != IEEE80211_S_RUN) { 2118 if (do_print) 2119 printf("%s: atw_recv_beacon: not running\n", 2120 sc->sc_dev.dv_xname); 2121 return; 2122 } 2123 2124 if ((ni = ieee80211_lookup_node(ic, wh->i_addr2, 2125 ic->ic_bss->ni_chan)) == NULL) { 2126 if (do_print) 2127 printf("%s: atw_recv_beacon: no node %s\n", 2128 sc->sc_dev.dv_xname, ether_sprintf(wh->i_addr2)); 2129 return; 2130 } 2131 2132 if (ieee80211_match_bss(ic, ni) != 0) { 2133 if (do_print) 2134 printf("%s: atw_recv_beacon: ssid mismatch %s\n", 2135 sc->sc_dev.dv_xname, ether_sprintf(wh->i_addr2)); 2136 return; 2137 } 2138 2139 if (memcmp(ni->ni_bssid, ic->ic_bss->ni_bssid, IEEE80211_ADDR_LEN) == 0) 2140 return; 2141 2142 if (do_print) 2143 printf("%s: atw_recv_beacon: bssid mismatch %s\n", 2144 sc->sc_dev.dv_xname, ether_sprintf(ni->ni_bssid)); 2145 2146 if (ic->ic_opmode != IEEE80211_M_IBSS) 2147 return; 2148 2149 /* If we read TSFTL right before rollover, we read a TSF timer 2150 * that is too high rather than too low. This prevents a spurious 2151 * synchronization down the line, however, our IBSS could suffer 2152 * from a creeping TSF.... 2153 */ 2154 tsftl = ATW_READ(sc, ATW_TSFTL); 2155 tsfth = ATW_READ(sc, ATW_TSFTH); 2156 2157 tsft = (u_int64_t)tsfth << 32 | tsftl; 2158 bcn_tsft = le64toh(*(u_int64_t*)ni->ni_tstamp); 2159 2160 if (do_print) 2161 printf("%s: my tsft %" PRIu64 " beacon tsft %" PRIu64 "\n", 2162 sc->sc_dev.dv_xname, tsft, bcn_tsft); 2163 2164 /* we are faster, let the other guy catch up */ 2165 if (bcn_tsft < tsft) 2166 return; 2167 2168 if (do_print) 2169 printf("%s: sync TSF with %s\n", sc->sc_dev.dv_xname, 2170 ether_sprintf(wh->i_addr2)); 2171 2172 ic->ic_flags &= ~IEEE80211_F_SIBSS; 2173 2174 #if 0 2175 atw_tsf(sc); 2176 #endif 2177 2178 /* negotiate rates with new IBSS */ 2179 ieee80211_fix_rate(ic, ni, IEEE80211_F_DOFRATE | 2180 IEEE80211_F_DONEGO | IEEE80211_F_DODEL); 2181 if (ni->ni_rates.rs_nrates == 0) { 2182 printf("%s: rates mismatch, BSSID %s\n", sc->sc_dev.dv_xname, 2183 ether_sprintf(ni->ni_bssid)); 2184 return; 2185 } 2186 2187 if (do_print) { 2188 printf("%s: sync BSSID %s -> ", sc->sc_dev.dv_xname, 2189 ether_sprintf(ic->ic_bss->ni_bssid)); 2190 printf("%s ", ether_sprintf(ni->ni_bssid)); 2191 printf("(from %s)\n", ether_sprintf(wh->i_addr2)); 2192 } 2193 2194 (*ic->ic_node_copy)(ic, ic->ic_bss, ni); 2195 2196 atw_write_bssid(sc); 2197 atw_write_bcn_thresh(sc); 2198 atw_start_beacon(sc, 1); 2199 } 2200 2201 /* Write the SSID in the ieee80211com to the SRAM on the ADM8211. 2202 * In ad hoc mode, the SSID is written to the beacons sent by the 2203 * ADM8211. In both ad hoc and infrastructure mode, beacons received 2204 * with matching SSID affect ATW_INTR_LINKON/ATW_INTR_LINKOFF 2205 * indications. 2206 */ 2207 static void 2208 atw_write_ssid(struct atw_softc *sc) 2209 { 2210 struct ieee80211com *ic = &sc->sc_ic; 2211 /* 34 bytes are reserved in ADM8211 SRAM for the SSID */ 2212 u_int8_t buf[roundup(1 /* length */ + IEEE80211_NWID_LEN, 2)]; 2213 2214 memset(buf, 0, sizeof(buf)); 2215 buf[0] = ic->ic_bss->ni_esslen; 2216 memcpy(&buf[1], ic->ic_bss->ni_essid, ic->ic_bss->ni_esslen); 2217 2218 atw_write_sram(sc, ATW_SRAM_ADDR_SSID, buf, sizeof(buf)); 2219 } 2220 2221 /* Write the supported rates in the ieee80211com to the SRAM of the ADM8211. 2222 * In ad hoc mode, the supported rates are written to beacons sent by the 2223 * ADM8211. 2224 */ 2225 static void 2226 atw_write_sup_rates(struct atw_softc *sc) 2227 { 2228 struct ieee80211com *ic = &sc->sc_ic; 2229 /* 14 bytes are probably (XXX) reserved in the ADM8211 SRAM for 2230 * supported rates 2231 */ 2232 u_int8_t buf[roundup(1 /* length */ + IEEE80211_RATE_SIZE, 2)]; 2233 2234 memset(buf, 0, sizeof(buf)); 2235 2236 buf[0] = ic->ic_bss->ni_rates.rs_nrates; 2237 2238 memcpy(&buf[1], ic->ic_bss->ni_rates.rs_rates, 2239 ic->ic_bss->ni_rates.rs_nrates); 2240 2241 atw_write_sram(sc, ATW_SRAM_ADDR_SUPRATES, buf, sizeof(buf)); 2242 } 2243 2244 /* Start/stop sending beacons. */ 2245 void 2246 atw_start_beacon(struct atw_softc *sc, int start) 2247 { 2248 struct ieee80211com *ic = &sc->sc_ic; 2249 u_int32_t len, capinfo, reg_bcnt, reg_cap1; 2250 2251 if (ATW_IS_ENABLED(sc) == 0) 2252 return; 2253 2254 len = capinfo = 0; 2255 2256 /* start beacons */ 2257 len = sizeof(struct ieee80211_frame) + 2258 8 /* timestamp */ + 2 /* beacon interval */ + 2259 2 /* capability info */ + 2260 2 + ic->ic_bss->ni_esslen /* SSID element */ + 2261 2 + ic->ic_bss->ni_rates.rs_nrates /* rates element */ + 2262 3 /* DS parameters */ + 2263 IEEE80211_CRC_LEN; 2264 2265 reg_bcnt = ATW_READ(sc, ATW_BCNT) & ~ATW_BCNT_BCNT_MASK; 2266 2267 reg_cap1 = ATW_READ(sc, ATW_CAP1) & ~ATW_CAP1_CAPI_MASK; 2268 2269 ATW_WRITE(sc, ATW_BCNT, reg_bcnt); 2270 ATW_WRITE(sc, ATW_CAP1, reg_cap1); 2271 2272 if (!start) 2273 return; 2274 2275 /* TBD use ni_capinfo */ 2276 2277 if (sc->sc_flags & ATWF_SHORT_PREAMBLE) 2278 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2279 if (ic->ic_flags & IEEE80211_F_WEPON) 2280 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2281 2282 switch (ic->ic_opmode) { 2283 case IEEE80211_M_IBSS: 2284 len += 4; /* IBSS parameters */ 2285 capinfo |= IEEE80211_CAPINFO_IBSS; 2286 break; 2287 case IEEE80211_M_HOSTAP: 2288 /* XXX 6-byte minimum TIM */ 2289 len += atw_beacon_len_adjust; 2290 capinfo |= IEEE80211_CAPINFO_ESS; 2291 break; 2292 default: 2293 return; 2294 } 2295 2296 reg_bcnt |= LSHIFT(len, ATW_BCNT_BCNT_MASK); 2297 reg_cap1 |= LSHIFT(capinfo, ATW_CAP1_CAPI_MASK); 2298 2299 ATW_WRITE(sc, ATW_BCNT, reg_bcnt); 2300 ATW_WRITE(sc, ATW_CAP1, reg_cap1); 2301 2302 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_BCNT] = %08x\n", 2303 sc->sc_dev.dv_xname, reg_bcnt)); 2304 2305 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_CAP1] = %08x\n", 2306 sc->sc_dev.dv_xname, reg_cap1)); 2307 } 2308 2309 /* First beacon was sent at time 0 microseconds, current time is 2310 * tsfth << 32 | tsftl microseconds, and beacon interval is tbtt 2311 * microseconds. Return the expected time in microseconds for the 2312 * beacon after next. 2313 */ 2314 static __inline u_int64_t 2315 atw_predict_beacon(u_int64_t tsft, u_int32_t tbtt) 2316 { 2317 return tsft + (tbtt - tsft % tbtt); 2318 } 2319 2320 /* If we've created an IBSS, write the TSF time in the ADM8211 to 2321 * the ieee80211com. 2322 * 2323 * Predict the next target beacon transmission time (TBTT) and 2324 * write it to the ADM8211. 2325 */ 2326 static void 2327 atw_tsf(struct atw_softc *sc) 2328 { 2329 #define TBTTOFS 20 /* TU */ 2330 2331 struct ieee80211com *ic = &sc->sc_ic; 2332 u_int64_t tsft, tbtt; 2333 2334 if ((ic->ic_opmode == IEEE80211_M_HOSTAP) || 2335 ((ic->ic_opmode == IEEE80211_M_IBSS) && 2336 (ic->ic_flags & IEEE80211_F_SIBSS))) { 2337 tsft = ATW_READ(sc, ATW_TSFTH); 2338 tsft <<= 32; 2339 tsft |= ATW_READ(sc, ATW_TSFTL); 2340 *(u_int64_t*)&ic->ic_bss->ni_tstamp[0] = htole64(tsft); 2341 } else 2342 tsft = le64toh(*(u_int64_t*)&ic->ic_bss->ni_tstamp[0]); 2343 2344 tbtt = atw_predict_beacon(tsft, 2345 ic->ic_bss->ni_intval * IEEE80211_DUR_TU); 2346 2347 /* skip one more beacon so that the TBTT cannot pass before 2348 * we've programmed it, and also so that we can subtract a 2349 * few TU so that we wake a little before TBTT. 2350 */ 2351 tbtt += ic->ic_bss->ni_intval * IEEE80211_DUR_TU; 2352 2353 /* wake up a little early */ 2354 tbtt -= TBTTOFS * IEEE80211_DUR_TU; 2355 2356 DPRINTF(sc, ("%s: tsft %" PRIu64 " tbtt %" PRIu64 "\n", 2357 sc->sc_dev.dv_xname, tsft, tbtt)); 2358 2359 ATW_WRITE(sc, ATW_TOFS1, 2360 LSHIFT(1, ATW_TOFS1_TSFTOFSR_MASK) | 2361 LSHIFT(TBTTOFS, ATW_TOFS1_TBTTOFS_MASK) | 2362 LSHIFT( 2363 MASK_AND_RSHIFT((u_int32_t)tbtt, BITS(25, 10)), 2364 ATW_TOFS1_TBTTPRE_MASK)); 2365 #undef TBTTOFS 2366 } 2367 2368 static void 2369 atw_next_scan(void *arg) 2370 { 2371 struct atw_softc *sc = arg; 2372 struct ieee80211com *ic = &sc->sc_ic; 2373 struct ifnet *ifp = &ic->ic_if; 2374 int s; 2375 2376 /* don't call atw_start w/o network interrupts blocked */ 2377 s = splnet(); 2378 if (ic->ic_state == IEEE80211_S_SCAN) 2379 ieee80211_next_scan(ifp); 2380 splx(s); 2381 } 2382 2383 /* Synchronize the hardware state with the software state. */ 2384 static int 2385 atw_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 2386 { 2387 struct ifnet *ifp = &ic->ic_if; 2388 struct atw_softc *sc = ifp->if_softc; 2389 enum ieee80211_state ostate; 2390 int error; 2391 2392 ostate = ic->ic_state; 2393 2394 if (nstate == IEEE80211_S_INIT) { 2395 callout_stop(&sc->sc_scan_ch); 2396 sc->sc_cur_chan = IEEE80211_CHAN_ANY; 2397 atw_start_beacon(sc, 0); 2398 return (*sc->sc_newstate)(ic, nstate, arg); 2399 } 2400 2401 if ((error = atw_tune(sc)) != 0) 2402 return error; 2403 2404 switch (nstate) { 2405 case IEEE80211_S_ASSOC: 2406 break; 2407 case IEEE80211_S_INIT: 2408 panic("%s: unexpected state IEEE80211_S_INIT\n", __func__); 2409 break; 2410 case IEEE80211_S_SCAN: 2411 memset(sc->sc_bssid, 0, IEEE80211_ADDR_LEN); 2412 atw_write_bssid(sc); 2413 2414 callout_reset(&sc->sc_scan_ch, atw_dwelltime * hz / 1000, 2415 atw_next_scan, sc); 2416 2417 break; 2418 case IEEE80211_S_RUN: 2419 if (ic->ic_opmode == IEEE80211_M_STA) 2420 break; 2421 /*FALLTHROUGH*/ 2422 case IEEE80211_S_AUTH: 2423 atw_write_bssid(sc); 2424 atw_write_bcn_thresh(sc); 2425 atw_write_ssid(sc); 2426 atw_write_sup_rates(sc); 2427 2428 if (ic->ic_opmode == IEEE80211_M_AHDEMO || 2429 ic->ic_opmode == IEEE80211_M_MONITOR) 2430 break; 2431 2432 /* set listen interval 2433 * XXX do software units agree w/ hardware? 2434 */ 2435 ATW_WRITE(sc, ATW_BPLI, 2436 LSHIFT(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2437 LSHIFT(ic->ic_lintval / ic->ic_bss->ni_intval, 2438 ATW_BPLI_LI_MASK)); 2439 2440 DPRINTF(sc, ("%s: reg[ATW_BPLI] = %08x\n", 2441 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_BPLI))); 2442 2443 atw_tsf(sc); 2444 break; 2445 } 2446 2447 if (nstate != IEEE80211_S_SCAN) 2448 callout_stop(&sc->sc_scan_ch); 2449 2450 if (nstate == IEEE80211_S_RUN && 2451 (ic->ic_opmode == IEEE80211_M_HOSTAP || 2452 ic->ic_opmode == IEEE80211_M_IBSS)) 2453 atw_start_beacon(sc, 1); 2454 else 2455 atw_start_beacon(sc, 0); 2456 2457 return (*sc->sc_newstate)(ic, nstate, arg); 2458 } 2459 2460 /* 2461 * atw_add_rxbuf: 2462 * 2463 * Add a receive buffer to the indicated descriptor. 2464 */ 2465 int 2466 atw_add_rxbuf(struct atw_softc *sc, int idx) 2467 { 2468 struct atw_rxsoft *rxs = &sc->sc_rxsoft[idx]; 2469 struct mbuf *m; 2470 int error; 2471 2472 MGETHDR(m, M_DONTWAIT, MT_DATA); 2473 if (m == NULL) 2474 return (ENOBUFS); 2475 2476 MCLGET(m, M_DONTWAIT); 2477 if ((m->m_flags & M_EXT) == 0) { 2478 m_freem(m); 2479 return (ENOBUFS); 2480 } 2481 2482 if (rxs->rxs_mbuf != NULL) 2483 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2484 2485 rxs->rxs_mbuf = m; 2486 2487 error = bus_dmamap_load(sc->sc_dmat, rxs->rxs_dmamap, 2488 m->m_ext.ext_buf, m->m_ext.ext_size, NULL, 2489 BUS_DMA_READ|BUS_DMA_NOWAIT); 2490 if (error) { 2491 printf("%s: can't load rx DMA map %d, error = %d\n", 2492 sc->sc_dev.dv_xname, idx, error); 2493 panic("atw_add_rxbuf"); /* XXX */ 2494 } 2495 2496 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 2497 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 2498 2499 ATW_INIT_RXDESC(sc, idx); 2500 2501 return (0); 2502 } 2503 2504 /* 2505 * Release any queued transmit buffers. 2506 */ 2507 void 2508 atw_txdrain(struct atw_softc *sc) 2509 { 2510 struct atw_txsoft *txs; 2511 2512 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 2513 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 2514 if (txs->txs_mbuf != NULL) { 2515 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2516 m_freem(txs->txs_mbuf); 2517 txs->txs_mbuf = NULL; 2518 } 2519 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 2520 } 2521 sc->sc_tx_timer = 0; 2522 } 2523 2524 /* 2525 * atw_stop: [ ifnet interface function ] 2526 * 2527 * Stop transmission on the interface. 2528 */ 2529 void 2530 atw_stop(struct ifnet *ifp, int disable) 2531 { 2532 struct atw_softc *sc = ifp->if_softc; 2533 struct ieee80211com *ic = &sc->sc_ic; 2534 2535 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2536 2537 /* Disable interrupts. */ 2538 ATW_WRITE(sc, ATW_IER, 0); 2539 2540 /* Stop the transmit and receive processes. */ 2541 sc->sc_opmode = 0; 2542 ATW_WRITE(sc, ATW_NAR, 0); 2543 ATW_WRITE(sc, ATW_TDBD, 0); 2544 ATW_WRITE(sc, ATW_TDBP, 0); 2545 ATW_WRITE(sc, ATW_RDB, 0); 2546 2547 atw_txdrain(sc); 2548 2549 if (disable) { 2550 atw_rxdrain(sc); 2551 atw_disable(sc); 2552 } 2553 2554 /* 2555 * Mark the interface down and cancel the watchdog timer. 2556 */ 2557 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2558 ifp->if_timer = 0; 2559 2560 if (!disable) 2561 atw_reset(sc); 2562 } 2563 2564 /* 2565 * atw_rxdrain: 2566 * 2567 * Drain the receive queue. 2568 */ 2569 void 2570 atw_rxdrain(struct atw_softc *sc) 2571 { 2572 struct atw_rxsoft *rxs; 2573 int i; 2574 2575 for (i = 0; i < ATW_NRXDESC; i++) { 2576 rxs = &sc->sc_rxsoft[i]; 2577 if (rxs->rxs_mbuf == NULL) 2578 continue; 2579 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2580 m_freem(rxs->rxs_mbuf); 2581 rxs->rxs_mbuf = NULL; 2582 } 2583 } 2584 2585 /* 2586 * atw_detach: 2587 * 2588 * Detach an ADM8211 interface. 2589 */ 2590 int 2591 atw_detach(struct atw_softc *sc) 2592 { 2593 struct ifnet *ifp = &sc->sc_ic.ic_if; 2594 struct atw_rxsoft *rxs; 2595 struct atw_txsoft *txs; 2596 int i; 2597 2598 /* 2599 * Succeed now if there isn't any work to do. 2600 */ 2601 if ((sc->sc_flags & ATWF_ATTACHED) == 0) 2602 return (0); 2603 2604 ieee80211_ifdetach(ifp); 2605 if_detach(ifp); 2606 2607 for (i = 0; i < ATW_NRXDESC; i++) { 2608 rxs = &sc->sc_rxsoft[i]; 2609 if (rxs->rxs_mbuf != NULL) { 2610 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2611 m_freem(rxs->rxs_mbuf); 2612 rxs->rxs_mbuf = NULL; 2613 } 2614 bus_dmamap_destroy(sc->sc_dmat, rxs->rxs_dmamap); 2615 } 2616 for (i = 0; i < ATW_TXQUEUELEN; i++) { 2617 txs = &sc->sc_txsoft[i]; 2618 if (txs->txs_mbuf != NULL) { 2619 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2620 m_freem(txs->txs_mbuf); 2621 txs->txs_mbuf = NULL; 2622 } 2623 bus_dmamap_destroy(sc->sc_dmat, txs->txs_dmamap); 2624 } 2625 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 2626 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 2627 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->sc_control_data, 2628 sizeof(struct atw_control_data)); 2629 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 2630 2631 shutdownhook_disestablish(sc->sc_sdhook); 2632 powerhook_disestablish(sc->sc_powerhook); 2633 2634 if (sc->sc_srom) 2635 free(sc->sc_srom, M_DEVBUF); 2636 2637 return (0); 2638 } 2639 2640 /* atw_shutdown: make sure the interface is stopped at reboot time. */ 2641 void 2642 atw_shutdown(void *arg) 2643 { 2644 struct atw_softc *sc = arg; 2645 2646 atw_stop(&sc->sc_ic.ic_if, 1); 2647 } 2648 2649 int 2650 atw_intr(void *arg) 2651 { 2652 struct atw_softc *sc = arg; 2653 struct ifnet *ifp = &sc->sc_ic.ic_if; 2654 u_int32_t status, rxstatus, txstatus, linkstatus; 2655 int handled = 0, txthresh; 2656 2657 #ifdef DEBUG 2658 if (ATW_IS_ENABLED(sc) == 0) 2659 panic("%s: atw_intr: not enabled", sc->sc_dev.dv_xname); 2660 #endif 2661 2662 /* 2663 * If the interface isn't running, the interrupt couldn't 2664 * possibly have come from us. 2665 */ 2666 if ((ifp->if_flags & IFF_RUNNING) == 0 || 2667 (sc->sc_dev.dv_flags & DVF_ACTIVE) == 0) 2668 return (0); 2669 2670 for (;;) { 2671 status = ATW_READ(sc, ATW_STSR); 2672 2673 if (status) 2674 ATW_WRITE(sc, ATW_STSR, status); 2675 2676 if (sc->sc_intr_ack != NULL) 2677 (*sc->sc_intr_ack)(sc); 2678 2679 #ifdef ATW_DEBUG 2680 #define PRINTINTR(flag) do { \ 2681 if ((status & flag) != 0) { \ 2682 printf("%s" #flag, delim); \ 2683 delim = ","; \ 2684 } \ 2685 } while (0) 2686 2687 if (atw_debug > 1 && status) { 2688 const char *delim = "<"; 2689 2690 printf("%s: reg[STSR] = %x", 2691 sc->sc_dev.dv_xname, status); 2692 2693 PRINTINTR(ATW_INTR_FBE); 2694 PRINTINTR(ATW_INTR_LINKOFF); 2695 PRINTINTR(ATW_INTR_LINKON); 2696 PRINTINTR(ATW_INTR_RCI); 2697 PRINTINTR(ATW_INTR_RDU); 2698 PRINTINTR(ATW_INTR_REIS); 2699 PRINTINTR(ATW_INTR_RPS); 2700 PRINTINTR(ATW_INTR_TCI); 2701 PRINTINTR(ATW_INTR_TDU); 2702 PRINTINTR(ATW_INTR_TLT); 2703 PRINTINTR(ATW_INTR_TPS); 2704 PRINTINTR(ATW_INTR_TRT); 2705 PRINTINTR(ATW_INTR_TUF); 2706 PRINTINTR(ATW_INTR_BCNTC); 2707 PRINTINTR(ATW_INTR_ATIME); 2708 PRINTINTR(ATW_INTR_TBTT); 2709 PRINTINTR(ATW_INTR_TSCZ); 2710 PRINTINTR(ATW_INTR_TSFTF); 2711 printf(">\n"); 2712 } 2713 #undef PRINTINTR 2714 #endif /* ATW_DEBUG */ 2715 2716 if ((status & sc->sc_inten) == 0) 2717 break; 2718 2719 handled = 1; 2720 2721 rxstatus = status & sc->sc_rxint_mask; 2722 txstatus = status & sc->sc_txint_mask; 2723 linkstatus = status & sc->sc_linkint_mask; 2724 2725 if (linkstatus) { 2726 atw_linkintr(sc, linkstatus); 2727 } 2728 2729 if (rxstatus) { 2730 /* Grab any new packets. */ 2731 atw_rxintr(sc); 2732 2733 if (rxstatus & ATW_INTR_RDU) { 2734 printf("%s: receive ring overrun\n", 2735 sc->sc_dev.dv_xname); 2736 /* Get the receive process going again. */ 2737 ATW_WRITE(sc, ATW_RDR, 0x1); 2738 break; 2739 } 2740 } 2741 2742 if (txstatus) { 2743 /* Sweep up transmit descriptors. */ 2744 atw_txintr(sc); 2745 2746 if (txstatus & ATW_INTR_TLT) 2747 DPRINTF(sc, ("%s: tx lifetime exceeded\n", 2748 sc->sc_dev.dv_xname)); 2749 2750 if (txstatus & ATW_INTR_TRT) 2751 DPRINTF(sc, ("%s: tx retry limit exceeded\n", 2752 sc->sc_dev.dv_xname)); 2753 2754 /* If Tx under-run, increase our transmit threshold 2755 * if another is available. 2756 */ 2757 txthresh = sc->sc_txthresh + 1; 2758 if ((txstatus & ATW_INTR_TUF) && 2759 sc->sc_txth[txthresh].txth_name != NULL) { 2760 /* Idle the transmit process. */ 2761 atw_idle(sc, ATW_NAR_ST); 2762 2763 sc->sc_txthresh = txthresh; 2764 sc->sc_opmode &= ~(ATW_NAR_TR_MASK|ATW_NAR_SF); 2765 sc->sc_opmode |= 2766 sc->sc_txth[txthresh].txth_opmode; 2767 printf("%s: transmit underrun; new " 2768 "threshold: %s\n", sc->sc_dev.dv_xname, 2769 sc->sc_txth[txthresh].txth_name); 2770 2771 /* Set the new threshold and restart 2772 * the transmit process. 2773 */ 2774 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2775 /* XXX Log every Nth underrun from 2776 * XXX now on? 2777 */ 2778 } 2779 } 2780 2781 if (status & (ATW_INTR_TPS|ATW_INTR_RPS)) { 2782 if (status & ATW_INTR_TPS) 2783 printf("%s: transmit process stopped\n", 2784 sc->sc_dev.dv_xname); 2785 if (status & ATW_INTR_RPS) 2786 printf("%s: receive process stopped\n", 2787 sc->sc_dev.dv_xname); 2788 (void)atw_init(ifp); 2789 break; 2790 } 2791 2792 if (status & ATW_INTR_FBE) { 2793 printf("%s: fatal bus error\n", sc->sc_dev.dv_xname); 2794 (void)atw_init(ifp); 2795 break; 2796 } 2797 2798 /* 2799 * Not handled: 2800 * 2801 * Transmit buffer unavailable -- normal 2802 * condition, nothing to do, really. 2803 * 2804 * Early receive interrupt -- not available on 2805 * all chips, we just use RI. We also only 2806 * use single-segment receive DMA, so this 2807 * is mostly useless. 2808 * 2809 * TBD others 2810 */ 2811 } 2812 2813 /* Try to get more packets going. */ 2814 atw_start(ifp); 2815 2816 return (handled); 2817 } 2818 2819 /* 2820 * atw_idle: 2821 * 2822 * Cause the transmit and/or receive processes to go idle. 2823 * 2824 * XXX It seems that the ADM8211 will not signal the end of the Rx/Tx 2825 * process in STSR if I clear SR or ST after the process has already 2826 * ceased. Fair enough. But the Rx process status bits in ATW_TEST0 2827 * do not seem to be too reliable. Perhaps I have the sense of the 2828 * Rx bits switched with the Tx bits? 2829 */ 2830 void 2831 atw_idle(struct atw_softc *sc, u_int32_t bits) 2832 { 2833 u_int32_t ackmask = 0, opmode, stsr, test0; 2834 int i, s; 2835 2836 /* without this, somehow we run concurrently w/ interrupt handler */ 2837 s = splnet(); 2838 2839 opmode = sc->sc_opmode & ~bits; 2840 2841 if (bits & ATW_NAR_SR) 2842 ackmask |= ATW_INTR_RPS; 2843 2844 if (bits & ATW_NAR_ST) { 2845 ackmask |= ATW_INTR_TPS; 2846 /* set ATW_NAR_HF to flush TX FIFO. */ 2847 opmode |= ATW_NAR_HF; 2848 } 2849 2850 ATW_WRITE(sc, ATW_NAR, opmode); 2851 2852 for (i = 0; i < 1000; i++) { 2853 stsr = ATW_READ(sc, ATW_STSR); 2854 if ((stsr & ackmask) == ackmask) 2855 break; 2856 DELAY(10); 2857 } 2858 2859 ATW_WRITE(sc, ATW_STSR, stsr & ackmask); 2860 2861 if ((stsr & ackmask) == ackmask) 2862 goto out; 2863 2864 test0 = ATW_READ(sc, ATW_TEST0); 2865 2866 if ((bits & ATW_NAR_ST) != 0 && (stsr & ATW_INTR_TPS) == 0 && 2867 (test0 & ATW_TEST0_TS_MASK) != ATW_TEST0_TS_STOPPED) { 2868 printf("%s: transmit process not idle [%s]\n", 2869 sc->sc_dev.dv_xname, 2870 atw_tx_state[MASK_AND_RSHIFT(test0, ATW_TEST0_TS_MASK)]); 2871 printf("%s: bits %08x test0 %08x stsr %08x\n", 2872 sc->sc_dev.dv_xname, bits, test0, stsr); 2873 } 2874 2875 if ((bits & ATW_NAR_SR) != 0 && (stsr & ATW_INTR_RPS) == 0 && 2876 (test0 & ATW_TEST0_RS_MASK) != ATW_TEST0_RS_STOPPED) { 2877 DPRINTF2(sc, ("%s: receive process not idle [%s]\n", 2878 sc->sc_dev.dv_xname, 2879 atw_rx_state[MASK_AND_RSHIFT(test0, ATW_TEST0_RS_MASK)])); 2880 DPRINTF2(sc, ("%s: bits %08x test0 %08x stsr %08x\n", 2881 sc->sc_dev.dv_xname, bits, test0, stsr)); 2882 } 2883 out: 2884 if ((bits & ATW_NAR_ST) != 0) 2885 atw_txdrain(sc); 2886 splx(s); 2887 return; 2888 } 2889 2890 /* 2891 * atw_linkintr: 2892 * 2893 * Helper; handle link-status interrupts. 2894 */ 2895 void 2896 atw_linkintr(struct atw_softc *sc, u_int32_t linkstatus) 2897 { 2898 struct ieee80211com *ic = &sc->sc_ic; 2899 2900 if (ic->ic_state != IEEE80211_S_RUN) 2901 return; 2902 2903 if (linkstatus & ATW_INTR_LINKON) { 2904 DPRINTF(sc, ("%s: link on\n", sc->sc_dev.dv_xname)); 2905 sc->sc_rescan_timer = 0; 2906 } else if (linkstatus & ATW_INTR_LINKOFF) { 2907 DPRINTF(sc, ("%s: link off\n", sc->sc_dev.dv_xname)); 2908 switch (ic->ic_opmode) { 2909 case IEEE80211_M_HOSTAP: 2910 return; 2911 case IEEE80211_M_IBSS: 2912 if (ic->ic_flags & IEEE80211_F_SIBSS) 2913 return; 2914 /*FALLTHROUGH*/ 2915 case IEEE80211_M_STA: 2916 sc->sc_rescan_timer = 3; 2917 ic->ic_if.if_timer = 1; 2918 break; 2919 default: 2920 break; 2921 } 2922 } 2923 } 2924 2925 /* 2926 * atw_rxintr: 2927 * 2928 * Helper; handle receive interrupts. 2929 */ 2930 void 2931 atw_rxintr(struct atw_softc *sc) 2932 { 2933 static int rate_tbl[] = {2, 4, 11, 22, 44}; 2934 struct ieee80211com *ic = &sc->sc_ic; 2935 struct ieee80211_node *ni; 2936 struct ieee80211_frame *wh; 2937 struct ifnet *ifp = &ic->ic_if; 2938 struct atw_rxsoft *rxs; 2939 struct mbuf *m; 2940 u_int32_t rxstat; 2941 int i, len, rate, rate0; 2942 u_int32_t rssi; 2943 2944 for (i = sc->sc_rxptr;; i = ATW_NEXTRX(i)) { 2945 rxs = &sc->sc_rxsoft[i]; 2946 2947 ATW_CDRXSYNC(sc, i, BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 2948 2949 rxstat = le32toh(sc->sc_rxdescs[i].ar_stat); 2950 rssi = le32toh(sc->sc_rxdescs[i].ar_rssi); 2951 rate0 = MASK_AND_RSHIFT(rxstat, ATW_RXSTAT_RXDR_MASK); 2952 2953 if (rxstat & ATW_RXSTAT_OWN) 2954 break; /* We have processed all receive buffers. */ 2955 2956 DPRINTF3(sc, 2957 ("%s: rx stat %08x rssi %08x buf1 %08x buf2 %08x\n", 2958 sc->sc_dev.dv_xname, 2959 sc->sc_rxdescs[i].ar_stat, 2960 sc->sc_rxdescs[i].ar_rssi, 2961 sc->sc_rxdescs[i].ar_buf1, 2962 sc->sc_rxdescs[i].ar_buf2)); 2963 2964 /* 2965 * Make sure the packet fit in one buffer. This should 2966 * always be the case. 2967 */ 2968 if ((rxstat & (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) != 2969 (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) { 2970 printf("%s: incoming packet spilled, resetting\n", 2971 sc->sc_dev.dv_xname); 2972 (void)atw_init(ifp); 2973 return; 2974 } 2975 2976 /* 2977 * If an error occurred, update stats, clear the status 2978 * word, and leave the packet buffer in place. It will 2979 * simply be reused the next time the ring comes around. 2980 * If 802.1Q VLAN MTU is enabled, ignore the Frame Too Long 2981 * error. 2982 */ 2983 2984 if ((rxstat & ATW_RXSTAT_ES) != 0 && 2985 ((sc->sc_ic.ic_ec.ec_capenable & ETHERCAP_VLAN_MTU) == 0 || 2986 (rxstat & (ATW_RXSTAT_DE | ATW_RXSTAT_SFDE | 2987 ATW_RXSTAT_SIGE | ATW_RXSTAT_CRC16E | 2988 ATW_RXSTAT_RXTOE | ATW_RXSTAT_CRC32E | 2989 ATW_RXSTAT_ICVE)) != 0)) { 2990 #define PRINTERR(bit, str) \ 2991 if (rxstat & (bit)) \ 2992 printf("%s: receive error: %s\n", \ 2993 sc->sc_dev.dv_xname, str) 2994 ifp->if_ierrors++; 2995 PRINTERR(ATW_RXSTAT_DE, "descriptor error"); 2996 PRINTERR(ATW_RXSTAT_SFDE, "PLCP SFD error"); 2997 PRINTERR(ATW_RXSTAT_SIGE, "PLCP signal error"); 2998 PRINTERR(ATW_RXSTAT_CRC16E, "PLCP CRC16 error"); 2999 PRINTERR(ATW_RXSTAT_RXTOE, "time-out"); 3000 PRINTERR(ATW_RXSTAT_CRC32E, "FCS error"); 3001 PRINTERR(ATW_RXSTAT_ICVE, "WEP ICV error"); 3002 #undef PRINTERR 3003 ATW_INIT_RXDESC(sc, i); 3004 continue; 3005 } 3006 3007 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3008 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 3009 3010 /* 3011 * No errors; receive the packet. Note the ADM8211 3012 * includes the CRC in promiscuous mode. 3013 */ 3014 len = MASK_AND_RSHIFT(rxstat, ATW_RXSTAT_FL_MASK); 3015 3016 /* 3017 * Allocate a new mbuf cluster. If that fails, we are 3018 * out of memory, and must drop the packet and recycle 3019 * the buffer that's already attached to this descriptor. 3020 */ 3021 m = rxs->rxs_mbuf; 3022 if (atw_add_rxbuf(sc, i) != 0) { 3023 ifp->if_ierrors++; 3024 ATW_INIT_RXDESC(sc, i); 3025 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3026 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 3027 continue; 3028 } 3029 3030 ifp->if_ipackets++; 3031 if (sc->sc_opmode & ATW_NAR_PR) 3032 m->m_flags |= M_HASFCS; 3033 m->m_pkthdr.rcvif = ifp; 3034 m->m_pkthdr.len = m->m_len = len; 3035 3036 if (rate0 >= sizeof(rate_tbl) / sizeof(rate_tbl[0])) 3037 rate = 0; 3038 else 3039 rate = rate_tbl[rate0]; 3040 3041 #if NBPFILTER > 0 3042 /* Pass this up to any BPF listeners. */ 3043 if (sc->sc_radiobpf != NULL) { 3044 struct mbuf mb; 3045 3046 struct atw_rx_radiotap_header *tap = &sc->sc_rxtap; 3047 3048 tap->ar_rate = rate; 3049 tap->ar_chan_freq = ic->ic_bss->ni_chan->ic_freq; 3050 tap->ar_chan_flags = ic->ic_bss->ni_chan->ic_flags; 3051 3052 /* TBD verify units are dB */ 3053 tap->ar_antsignal = (int)rssi; 3054 /* TBD tap->ar_flags */ 3055 3056 M_COPY_PKTHDR(&mb, m); 3057 mb.m_data = (caddr_t)tap; 3058 mb.m_len = tap->ar_ihdr.it_len; 3059 mb.m_next = m; 3060 mb.m_pkthdr.len += mb.m_len; 3061 bpf_mtap(sc->sc_radiobpf, &mb); 3062 } 3063 #endif /* NPBFILTER > 0 */ 3064 3065 wh = mtod(m, struct ieee80211_frame *); 3066 ni = ieee80211_find_rxnode(ic, wh); 3067 if (m->m_pkthdr.len >= sizeof(struct ieee80211_frame_min) || 3068 ic->ic_opmode == IEEE80211_M_MONITOR) 3069 ieee80211_input(ifp, m, ni, (int)rssi, 0); 3070 /* 3071 * The frame may have caused the node to be marked for 3072 * reclamation (e.g. in response to a DEAUTH message) 3073 * so use free_node here instead of unref_node. 3074 */ 3075 if (ni == ic->ic_bss) 3076 ieee80211_unref_node(&ni); 3077 else 3078 ieee80211_free_node(ic, ni); 3079 } 3080 3081 /* Update the receive pointer. */ 3082 sc->sc_rxptr = i; 3083 } 3084 3085 /* 3086 * atw_txintr: 3087 * 3088 * Helper; handle transmit interrupts. 3089 */ 3090 void 3091 atw_txintr(struct atw_softc *sc) 3092 { 3093 #define TXSTAT_ERRMASK (ATW_TXSTAT_TUF | ATW_TXSTAT_TLT | ATW_TXSTAT_TRT | \ 3094 ATW_TXSTAT_TRO | ATW_TXSTAT_SOFBR) 3095 #define TXSTAT_FMT "\2\31ATW_TXSTAT_SOFBR\32ATW_TXSTAT_TRO\33ATW_TXSTAT_TUF" \ 3096 "\34ATW_TXSTAT_TRT\35ATW_TXSTAT_TLT" 3097 3098 static char txstat_buf[sizeof("ffffffff<>" TXSTAT_FMT)]; 3099 struct ifnet *ifp = &sc->sc_ic.ic_if; 3100 struct atw_txsoft *txs; 3101 u_int32_t txstat; 3102 3103 DPRINTF3(sc, ("%s: atw_txintr: sc_flags 0x%08x\n", 3104 sc->sc_dev.dv_xname, sc->sc_flags)); 3105 3106 ifp->if_flags &= ~IFF_OACTIVE; 3107 3108 /* 3109 * Go through our Tx list and free mbufs for those 3110 * frames that have been transmitted. 3111 */ 3112 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 3113 ATW_CDTXSYNC(sc, txs->txs_lastdesc, 3114 txs->txs_ndescs, 3115 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3116 3117 #ifdef ATW_DEBUG 3118 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3119 int i; 3120 printf(" txsoft %p transmit chain:\n", txs); 3121 for (i = txs->txs_firstdesc;; i = ATW_NEXTTX(i)) { 3122 printf(" descriptor %d:\n", i); 3123 printf(" at_status: 0x%08x\n", 3124 le32toh(sc->sc_txdescs[i].at_stat)); 3125 printf(" at_flags: 0x%08x\n", 3126 le32toh(sc->sc_txdescs[i].at_flags)); 3127 printf(" at_buf1: 0x%08x\n", 3128 le32toh(sc->sc_txdescs[i].at_buf1)); 3129 printf(" at_buf2: 0x%08x\n", 3130 le32toh(sc->sc_txdescs[i].at_buf2)); 3131 if (i == txs->txs_lastdesc) 3132 break; 3133 } 3134 } 3135 #endif 3136 3137 txstat = le32toh(sc->sc_txdescs[txs->txs_lastdesc].at_stat); 3138 if (txstat & ATW_TXSTAT_OWN) 3139 break; 3140 3141 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 3142 3143 sc->sc_txfree += txs->txs_ndescs; 3144 3145 bus_dmamap_sync(sc->sc_dmat, txs->txs_dmamap, 3146 0, txs->txs_dmamap->dm_mapsize, 3147 BUS_DMASYNC_POSTWRITE); 3148 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 3149 m_freem(txs->txs_mbuf); 3150 txs->txs_mbuf = NULL; 3151 3152 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 3153 3154 if ((ifp->if_flags & IFF_DEBUG) != 0 && 3155 (txstat & TXSTAT_ERRMASK) != 0) { 3156 bitmask_snprintf(txstat & TXSTAT_ERRMASK, TXSTAT_FMT, 3157 txstat_buf, sizeof(txstat_buf)); 3158 printf("%s: txstat %s %d\n", sc->sc_dev.dv_xname, 3159 txstat_buf, 3160 MASK_AND_RSHIFT(txstat, ATW_TXSTAT_ARC_MASK)); 3161 } 3162 3163 /* 3164 * Check for errors and collisions. 3165 */ 3166 if (txstat & ATW_TXSTAT_TUF) 3167 sc->sc_stats.ts_tx_tuf++; 3168 if (txstat & ATW_TXSTAT_TLT) 3169 sc->sc_stats.ts_tx_tlt++; 3170 if (txstat & ATW_TXSTAT_TRT) 3171 sc->sc_stats.ts_tx_trt++; 3172 if (txstat & ATW_TXSTAT_TRO) 3173 sc->sc_stats.ts_tx_tro++; 3174 if (txstat & ATW_TXSTAT_SOFBR) { 3175 sc->sc_stats.ts_tx_sofbr++; 3176 } 3177 3178 if ((txstat & ATW_TXSTAT_ES) == 0) 3179 ifp->if_collisions += 3180 MASK_AND_RSHIFT(txstat, ATW_TXSTAT_ARC_MASK); 3181 else 3182 ifp->if_oerrors++; 3183 3184 ifp->if_opackets++; 3185 } 3186 3187 /* 3188 * If there are no more pending transmissions, cancel the watchdog 3189 * timer. 3190 */ 3191 if (txs == NULL) 3192 sc->sc_tx_timer = 0; 3193 #undef TXSTAT_ERRMASK 3194 #undef TXSTAT_FMT 3195 } 3196 3197 /* 3198 * atw_watchdog: [ifnet interface function] 3199 * 3200 * Watchdog timer handler. 3201 */ 3202 void 3203 atw_watchdog(struct ifnet *ifp) 3204 { 3205 struct atw_softc *sc = ifp->if_softc; 3206 struct ieee80211com *ic = &sc->sc_ic; 3207 3208 ifp->if_timer = 0; 3209 if (ATW_IS_ENABLED(sc) == 0) 3210 return; 3211 3212 if (sc->sc_rescan_timer) { 3213 if (--sc->sc_rescan_timer == 0) 3214 (void)ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3215 } 3216 if (sc->sc_tx_timer) { 3217 if (--sc->sc_tx_timer == 0 && 3218 !SIMPLEQ_EMPTY(&sc->sc_txdirtyq)) { 3219 printf("%s: transmit timeout\n", ifp->if_xname); 3220 ifp->if_oerrors++; 3221 (void)atw_init(ifp); 3222 atw_start(ifp); 3223 } 3224 } 3225 if (sc->sc_tx_timer != 0 || sc->sc_rescan_timer != 0) 3226 ifp->if_timer = 1; 3227 ieee80211_watchdog(ifp); 3228 } 3229 3230 /* Compute the 802.11 Duration field and the PLCP Length fields for 3231 * a len-byte frame (HEADER + PAYLOAD + FCS) sent at rate * 500Kbps. 3232 * Write the fields to the ADM8211 Tx header, frm. 3233 * 3234 * TBD use the fragmentation threshold to find the right duration for 3235 * the first & last fragments. 3236 * 3237 * TBD make certain of the duration fields applied by the ADM8211 to each 3238 * fragment. I think that the ADM8211 knows how to subtract the CTS 3239 * duration when ATW_HDRCTL_RTSCTS is clear; that is why I add it regardless. 3240 * I also think that the ADM8211 does *some* arithmetic for us, because 3241 * otherwise I think we would have to set a first duration for CTS/first 3242 * fragment, a second duration for fragments between the first and the 3243 * last, and a third duration for the last fragment. 3244 * 3245 * TBD make certain that duration fields reflect addition of FCS/WEP 3246 * and correct duration arithmetic as necessary. 3247 */ 3248 static void 3249 atw_frame_setdurs(struct atw_softc *sc, struct atw_frame *frm, int rate, 3250 int len) 3251 { 3252 int remainder; 3253 3254 /* deal also with encrypted fragments */ 3255 if (frm->atw_hdrctl & htole16(ATW_HDRCTL_WEP)) { 3256 DPRINTF2(sc, ("%s: atw_frame_setdurs len += 8\n", 3257 sc->sc_dev.dv_xname)); 3258 len += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + 3259 IEEE80211_WEP_CRCLEN; 3260 } 3261 3262 /* 802.11 Duration Field for CTS/Data/ACK sequence minus FCS & WEP 3263 * duration (XXX added by MAC?). 3264 */ 3265 frm->atw_head_dur = (16 * (len - IEEE80211_CRC_LEN)) / rate; 3266 remainder = (16 * (len - IEEE80211_CRC_LEN)) % rate; 3267 3268 if (rate <= 4) 3269 /* 1-2Mbps WLAN: send ACK/CTS at 1Mbps */ 3270 frm->atw_head_dur += 3 * (IEEE80211_DUR_DS_SIFS + 3271 IEEE80211_DUR_DS_SHORT_PREAMBLE + 3272 IEEE80211_DUR_DS_FAST_PLCPHDR) + 3273 IEEE80211_DUR_DS_SLOW_CTS + IEEE80211_DUR_DS_SLOW_ACK; 3274 else 3275 /* 5-11Mbps WLAN: send ACK/CTS at 2Mbps */ 3276 frm->atw_head_dur += 3 * (IEEE80211_DUR_DS_SIFS + 3277 IEEE80211_DUR_DS_SHORT_PREAMBLE + 3278 IEEE80211_DUR_DS_FAST_PLCPHDR) + 3279 IEEE80211_DUR_DS_FAST_CTS + IEEE80211_DUR_DS_FAST_ACK; 3280 3281 /* lengthen duration if long preamble */ 3282 if ((sc->sc_flags & ATWF_SHORT_PREAMBLE) == 0) 3283 frm->atw_head_dur += 3284 3 * (IEEE80211_DUR_DS_LONG_PREAMBLE - 3285 IEEE80211_DUR_DS_SHORT_PREAMBLE) + 3286 3 * (IEEE80211_DUR_DS_SLOW_PLCPHDR - 3287 IEEE80211_DUR_DS_FAST_PLCPHDR); 3288 3289 if (remainder != 0) 3290 frm->atw_head_dur++; 3291 3292 if ((atw_voodoo & VOODOO_DUR_2_4_SPECIALCASE) && 3293 (rate == 2 || rate == 4)) { 3294 /* derived from Linux: how could this be right? */ 3295 frm->atw_head_plcplen = frm->atw_head_dur; 3296 } else { 3297 frm->atw_head_plcplen = (16 * len) / rate; 3298 remainder = (80 * len) % (rate * 5); 3299 3300 if (remainder != 0) { 3301 frm->atw_head_plcplen++; 3302 3303 /* XXX magic */ 3304 if ((atw_voodoo & VOODOO_DUR_11_ROUNDING) && 3305 rate == 22 && remainder <= 30) 3306 frm->atw_head_plcplen |= 0x8000; 3307 } 3308 } 3309 frm->atw_tail_plcplen = frm->atw_head_plcplen = 3310 htole16(frm->atw_head_plcplen); 3311 frm->atw_tail_dur = frm->atw_head_dur = htole16(frm->atw_head_dur); 3312 } 3313 3314 #ifdef ATW_DEBUG 3315 static void 3316 atw_dump_pkt(struct ifnet *ifp, struct mbuf *m0) 3317 { 3318 struct atw_softc *sc = ifp->if_softc; 3319 struct mbuf *m; 3320 int i, noctets = 0; 3321 3322 printf("%s: %d-byte packet\n", sc->sc_dev.dv_xname, 3323 m0->m_pkthdr.len); 3324 3325 for (m = m0; m; m = m->m_next) { 3326 if (m->m_len == 0) 3327 continue; 3328 for (i = 0; i < m->m_len; i++) { 3329 printf(" %02x", ((u_int8_t*)m->m_data)[i]); 3330 if (++noctets % 24 == 0) 3331 printf("\n"); 3332 } 3333 } 3334 printf("%s%s: %d bytes emitted\n", 3335 (noctets % 24 != 0) ? "\n" : "", sc->sc_dev.dv_xname, noctets); 3336 } 3337 #endif /* ATW_DEBUG */ 3338 3339 /* 3340 * atw_start: [ifnet interface function] 3341 * 3342 * Start packet transmission on the interface. 3343 */ 3344 void 3345 atw_start(struct ifnet *ifp) 3346 { 3347 struct atw_softc *sc = ifp->if_softc; 3348 struct ieee80211com *ic = &sc->sc_ic; 3349 struct ieee80211_node *ni; 3350 struct ieee80211_frame *wh; 3351 struct atw_frame *hh; 3352 struct mbuf *m0, *m; 3353 struct atw_txsoft *txs, *last_txs; 3354 struct atw_txdesc *txd; 3355 int do_encrypt, rate; 3356 bus_dmamap_t dmamap; 3357 int ctl, error, firsttx, nexttx, lasttx = -1, first, ofree, seg; 3358 3359 DPRINTF2(sc, ("%s: atw_start: sc_flags 0x%08x, if_flags 0x%08x\n", 3360 sc->sc_dev.dv_xname, sc->sc_flags, ifp->if_flags)); 3361 3362 if ((ifp->if_flags & (IFF_RUNNING|IFF_OACTIVE)) != IFF_RUNNING) 3363 return; 3364 3365 #if 0 /* TBD ??? */ 3366 if ((sc->sc_flags & ATWF_LINK_UP) == 0 && ifp->if_snd.ifq_len < 10) 3367 return; 3368 #endif 3369 3370 /* 3371 * Remember the previous number of free descriptors and 3372 * the first descriptor we'll use. 3373 */ 3374 ofree = sc->sc_txfree; 3375 firsttx = sc->sc_txnext; 3376 3377 DPRINTF2(sc, ("%s: atw_start: txfree %d, txnext %d\n", 3378 sc->sc_dev.dv_xname, ofree, firsttx)); 3379 3380 /* 3381 * Loop through the send queue, setting up transmit descriptors 3382 * until we drain the queue, or use up all available transmit 3383 * descriptors. 3384 */ 3385 while ((txs = SIMPLEQ_FIRST(&sc->sc_txfreeq)) != NULL && 3386 sc->sc_txfree != 0) { 3387 3388 do_encrypt = 0; 3389 /* 3390 * Grab a packet off the management queue, if it 3391 * is not empty. Otherwise, from the data queue. 3392 */ 3393 IF_DEQUEUE(&ic->ic_mgtq, m0); 3394 if (m0 != NULL) { 3395 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 3396 m0->m_pkthdr.rcvif = NULL; 3397 } else { 3398 IFQ_DEQUEUE(&ifp->if_snd, m0); 3399 if (m0 == NULL) 3400 break; 3401 #if NBPFILTER > 0 3402 if (ifp->if_bpf != NULL) 3403 bpf_mtap(ifp->if_bpf, m0); 3404 #endif /* NBPFILTER > 0 */ 3405 if ((m0 = ieee80211_encap(ifp, m0, &ni)) == NULL) { 3406 ifp->if_oerrors++; 3407 break; 3408 } 3409 } 3410 3411 rate = MAX(ieee80211_get_rate(ic), 2); 3412 3413 #if NBPFILTER > 0 3414 /* 3415 * Pass the packet to any BPF listeners. 3416 */ 3417 if (ic->ic_rawbpf != NULL) 3418 bpf_mtap((caddr_t)ic->ic_rawbpf, m0); 3419 3420 if (sc->sc_radiobpf != NULL) { 3421 struct mbuf mb; 3422 struct atw_tx_radiotap_header *tap = &sc->sc_txtap; 3423 3424 tap->at_rate = rate; 3425 tap->at_chan_freq = ic->ic_bss->ni_chan->ic_freq; 3426 tap->at_chan_flags = ic->ic_bss->ni_chan->ic_flags; 3427 3428 /* TBD tap->at_flags */ 3429 3430 M_COPY_PKTHDR(&mb, m0); 3431 mb.m_data = (caddr_t)tap; 3432 mb.m_len = tap->at_ihdr.it_len; 3433 mb.m_next = m0; 3434 mb.m_pkthdr.len += mb.m_len; 3435 bpf_mtap(sc->sc_radiobpf, &mb); 3436 } 3437 #endif /* NBPFILTER > 0 */ 3438 3439 M_PREPEND(m0, offsetof(struct atw_frame, atw_ihdr), M_DONTWAIT); 3440 3441 if (ni != NULL && ni != ic->ic_bss) 3442 ieee80211_free_node(ic, ni); 3443 3444 if (m0 == NULL) { 3445 ifp->if_oerrors++; 3446 break; 3447 } 3448 3449 /* just to make sure. */ 3450 m0 = m_pullup(m0, sizeof(struct atw_frame)); 3451 3452 if (m0 == NULL) { 3453 ifp->if_oerrors++; 3454 break; 3455 } 3456 3457 hh = mtod(m0, struct atw_frame *); 3458 wh = &hh->atw_ihdr; 3459 3460 do_encrypt = (wh->i_fc[1] & IEEE80211_FC1_WEP) ? 1 : 0; 3461 3462 /* Copy everything we need from the 802.11 header: 3463 * Frame Control; address 1, address 3, or addresses 3464 * 3 and 4. NIC fills in BSSID, SA. 3465 */ 3466 if (wh->i_fc[1] & IEEE80211_FC1_DIR_TODS) { 3467 if (wh->i_fc[1] & IEEE80211_FC1_DIR_FROMDS) 3468 panic("%s: illegal WDS frame", 3469 sc->sc_dev.dv_xname); 3470 memcpy(hh->atw_dst, wh->i_addr3, IEEE80211_ADDR_LEN); 3471 } else 3472 memcpy(hh->atw_dst, wh->i_addr1, IEEE80211_ADDR_LEN); 3473 3474 *(u_int16_t*)hh->atw_fc = *(u_int16_t*)wh->i_fc; 3475 3476 /* initialize remaining Tx parameters */ 3477 memset(&hh->u, 0, sizeof(hh->u)); 3478 3479 hh->atw_rate = rate * 5; 3480 /* XXX this could be incorrect if M_FCS. _encap should 3481 * probably strip FCS just in case it sticks around in 3482 * bridged packets. 3483 */ 3484 hh->atw_service = IEEE80211_PLCP_SERVICE; /* XXX guess */ 3485 hh->atw_paylen = htole16(m0->m_pkthdr.len - 3486 sizeof(struct atw_frame)); 3487 3488 #if 0 3489 /* this virtually guaranteed that WEP-encrypted frames 3490 * are fragmented. oops. 3491 */ 3492 hh->atw_fragthr = htole16(m0->m_pkthdr.len - 3493 sizeof(struct atw_frame) + sizeof(struct ieee80211_frame)); 3494 hh->atw_fragthr &= htole16(ATW_FRAGTHR_FRAGTHR_MASK); 3495 #else 3496 hh->atw_fragthr = htole16(ATW_FRAGTHR_FRAGTHR_MASK); 3497 #endif 3498 3499 hh->atw_rtylmt = 3; 3500 hh->atw_hdrctl = htole16(ATW_HDRCTL_UNKNOWN1); 3501 if (do_encrypt) { 3502 hh->atw_hdrctl |= htole16(ATW_HDRCTL_WEP); 3503 hh->atw_keyid = ic->ic_wep_txkey; 3504 } 3505 3506 /* TBD 4-addr frames */ 3507 atw_frame_setdurs(sc, hh, rate, 3508 m0->m_pkthdr.len - sizeof(struct atw_frame) + 3509 sizeof(struct ieee80211_frame) + IEEE80211_CRC_LEN); 3510 3511 /* never fragment multicast frames */ 3512 if (IEEE80211_IS_MULTICAST(hh->atw_dst)) { 3513 hh->atw_fragthr = htole16(ATW_FRAGTHR_FRAGTHR_MASK); 3514 } else if (sc->sc_flags & ATWF_RTSCTS) { 3515 hh->atw_hdrctl |= htole16(ATW_HDRCTL_RTSCTS); 3516 } 3517 3518 #ifdef ATW_DEBUG 3519 /* experimental stuff */ 3520 if (atw_xrtylmt != ~0) 3521 hh->atw_rtylmt = atw_xrtylmt; 3522 if (atw_xhdrctl != 0) 3523 hh->atw_hdrctl |= htole16(atw_xhdrctl); 3524 if (atw_xservice != IEEE80211_PLCP_SERVICE) 3525 hh->atw_service = atw_xservice; 3526 if (atw_xpaylen != 0) 3527 hh->atw_paylen = htole16(atw_xpaylen); 3528 hh->atw_fragnum = 0; 3529 3530 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3531 printf("%s: dst = %s, rate = 0x%02x, " 3532 "service = 0x%02x, paylen = 0x%04x\n", 3533 sc->sc_dev.dv_xname, ether_sprintf(hh->atw_dst), 3534 hh->atw_rate, hh->atw_service, hh->atw_paylen); 3535 3536 printf("%s: fc[0] = 0x%02x, fc[1] = 0x%02x, " 3537 "dur1 = 0x%04x, dur2 = 0x%04x, " 3538 "dur3 = 0x%04x, rts_dur = 0x%04x\n", 3539 sc->sc_dev.dv_xname, hh->atw_fc[0], hh->atw_fc[1], 3540 hh->atw_tail_plcplen, hh->atw_head_plcplen, 3541 hh->atw_tail_dur, hh->atw_head_dur); 3542 3543 printf("%s: hdrctl = 0x%04x, fragthr = 0x%04x, " 3544 "fragnum = 0x%02x, rtylmt = 0x%04x\n", 3545 sc->sc_dev.dv_xname, hh->atw_hdrctl, 3546 hh->atw_fragthr, hh->atw_fragnum, hh->atw_rtylmt); 3547 3548 printf("%s: keyid = %d\n", 3549 sc->sc_dev.dv_xname, hh->atw_keyid); 3550 3551 atw_dump_pkt(ifp, m0); 3552 } 3553 #endif /* ATW_DEBUG */ 3554 3555 dmamap = txs->txs_dmamap; 3556 3557 /* 3558 * Load the DMA map. Copy and try (once) again if the packet 3559 * didn't fit in the alloted number of segments. 3560 */ 3561 for (first = 1; 3562 (error = bus_dmamap_load_mbuf(sc->sc_dmat, dmamap, m0, 3563 BUS_DMA_WRITE|BUS_DMA_NOWAIT)) != 0 && first; 3564 first = 0) { 3565 MGETHDR(m, M_DONTWAIT, MT_DATA); 3566 if (m == NULL) { 3567 printf("%s: unable to allocate Tx mbuf\n", 3568 sc->sc_dev.dv_xname); 3569 break; 3570 } 3571 if (m0->m_pkthdr.len > MHLEN) { 3572 MCLGET(m, M_DONTWAIT); 3573 if ((m->m_flags & M_EXT) == 0) { 3574 printf("%s: unable to allocate Tx " 3575 "cluster\n", sc->sc_dev.dv_xname); 3576 m_freem(m); 3577 break; 3578 } 3579 } 3580 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(m, caddr_t)); 3581 m->m_pkthdr.len = m->m_len = m0->m_pkthdr.len; 3582 m_freem(m0); 3583 m0 = m; 3584 m = NULL; 3585 } 3586 if (error != 0) { 3587 printf("%s: unable to load Tx buffer, " 3588 "error = %d\n", sc->sc_dev.dv_xname, error); 3589 m_freem(m0); 3590 break; 3591 } 3592 3593 /* 3594 * Ensure we have enough descriptors free to describe 3595 * the packet. 3596 */ 3597 if (dmamap->dm_nsegs > sc->sc_txfree) { 3598 /* 3599 * Not enough free descriptors to transmit 3600 * this packet. Unload the DMA map and 3601 * drop the packet. Notify the upper layer 3602 * that there are no more slots left. 3603 * 3604 * XXX We could allocate an mbuf and copy, but 3605 * XXX it is worth it? 3606 */ 3607 ifp->if_flags |= IFF_OACTIVE; 3608 bus_dmamap_unload(sc->sc_dmat, dmamap); 3609 m_freem(m0); 3610 break; 3611 } 3612 3613 /* 3614 * WE ARE NOW COMMITTED TO TRANSMITTING THE PACKET. 3615 */ 3616 3617 /* Sync the DMA map. */ 3618 bus_dmamap_sync(sc->sc_dmat, dmamap, 0, dmamap->dm_mapsize, 3619 BUS_DMASYNC_PREWRITE); 3620 3621 /* XXX arbitrary retry limit; 8 because I have seen it in 3622 * use already and maybe 0 means "no tries" ! 3623 */ 3624 ctl = htole32(LSHIFT(8, ATW_TXCTL_TL_MASK)); 3625 3626 DPRINTF2(sc, ("%s: TXDR <- max(10, %d)\n", 3627 sc->sc_dev.dv_xname, rate * 5)); 3628 ctl |= htole32(LSHIFT(MAX(10, rate * 5), ATW_TXCTL_TXDR_MASK)); 3629 3630 /* 3631 * Initialize the transmit descriptors. 3632 */ 3633 for (nexttx = sc->sc_txnext, seg = 0; 3634 seg < dmamap->dm_nsegs; 3635 seg++, nexttx = ATW_NEXTTX(nexttx)) { 3636 /* 3637 * If this is the first descriptor we're 3638 * enqueueing, don't set the OWN bit just 3639 * yet. That could cause a race condition. 3640 * We'll do it below. 3641 */ 3642 txd = &sc->sc_txdescs[nexttx]; 3643 txd->at_ctl = ctl | 3644 ((nexttx == firsttx) ? 0 : htole32(ATW_TXCTL_OWN)); 3645 3646 txd->at_buf1 = htole32(dmamap->dm_segs[seg].ds_addr); 3647 txd->at_flags = 3648 htole32(LSHIFT(dmamap->dm_segs[seg].ds_len, 3649 ATW_TXFLAG_TBS1_MASK)) | 3650 ((nexttx == (ATW_NTXDESC - 1)) 3651 ? htole32(ATW_TXFLAG_TER) : 0); 3652 lasttx = nexttx; 3653 } 3654 3655 IASSERT(lasttx != -1, ("bad lastx")); 3656 /* Set `first segment' and `last segment' appropriately. */ 3657 sc->sc_txdescs[sc->sc_txnext].at_flags |= 3658 htole32(ATW_TXFLAG_FS); 3659 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_LS); 3660 3661 #ifdef ATW_DEBUG 3662 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3663 printf(" txsoft %p transmit chain:\n", txs); 3664 for (seg = sc->sc_txnext;; seg = ATW_NEXTTX(seg)) { 3665 printf(" descriptor %d:\n", seg); 3666 printf(" at_ctl: 0x%08x\n", 3667 le32toh(sc->sc_txdescs[seg].at_ctl)); 3668 printf(" at_flags: 0x%08x\n", 3669 le32toh(sc->sc_txdescs[seg].at_flags)); 3670 printf(" at_buf1: 0x%08x\n", 3671 le32toh(sc->sc_txdescs[seg].at_buf1)); 3672 printf(" at_buf2: 0x%08x\n", 3673 le32toh(sc->sc_txdescs[seg].at_buf2)); 3674 if (seg == lasttx) 3675 break; 3676 } 3677 } 3678 #endif 3679 3680 /* Sync the descriptors we're using. */ 3681 ATW_CDTXSYNC(sc, sc->sc_txnext, dmamap->dm_nsegs, 3682 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3683 3684 /* 3685 * Store a pointer to the packet so we can free it later, 3686 * and remember what txdirty will be once the packet is 3687 * done. 3688 */ 3689 txs->txs_mbuf = m0; 3690 txs->txs_firstdesc = sc->sc_txnext; 3691 txs->txs_lastdesc = lasttx; 3692 txs->txs_ndescs = dmamap->dm_nsegs; 3693 3694 /* Advance the tx pointer. */ 3695 sc->sc_txfree -= dmamap->dm_nsegs; 3696 sc->sc_txnext = nexttx; 3697 3698 SIMPLEQ_REMOVE_HEAD(&sc->sc_txfreeq, txs_q); 3699 SIMPLEQ_INSERT_TAIL(&sc->sc_txdirtyq, txs, txs_q); 3700 3701 last_txs = txs; 3702 } 3703 3704 if (txs == NULL || sc->sc_txfree == 0) { 3705 /* No more slots left; notify upper layer. */ 3706 ifp->if_flags |= IFF_OACTIVE; 3707 } 3708 3709 if (sc->sc_txfree != ofree) { 3710 DPRINTF2(sc, ("%s: packets enqueued, IC on %d, OWN on %d\n", 3711 sc->sc_dev.dv_xname, lasttx, firsttx)); 3712 /* 3713 * Cause a transmit interrupt to happen on the 3714 * last packet we enqueued. 3715 */ 3716 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_IC); 3717 ATW_CDTXSYNC(sc, lasttx, 1, 3718 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3719 3720 /* 3721 * The entire packet chain is set up. Give the 3722 * first descriptor to the chip now. 3723 */ 3724 sc->sc_txdescs[firsttx].at_ctl |= htole32(ATW_TXCTL_OWN); 3725 ATW_CDTXSYNC(sc, firsttx, 1, 3726 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3727 3728 /* Wake up the transmitter. */ 3729 /* XXX USE AUTOPOLLING? */ 3730 ATW_WRITE(sc, ATW_TDR, 0x1); 3731 3732 /* Set a watchdog timer in case the chip flakes out. */ 3733 sc->sc_tx_timer = 5; 3734 ifp->if_timer = 1; 3735 } 3736 } 3737 3738 /* 3739 * atw_power: 3740 * 3741 * Power management (suspend/resume) hook. 3742 */ 3743 void 3744 atw_power(int why, void *arg) 3745 { 3746 struct atw_softc *sc = arg; 3747 struct ifnet *ifp = &sc->sc_ic.ic_if; 3748 int s; 3749 3750 DPRINTF(sc, ("%s: atw_power(%d,)\n", sc->sc_dev.dv_xname, why)); 3751 3752 s = splnet(); 3753 switch (why) { 3754 case PWR_STANDBY: 3755 /* XXX do nothing. */ 3756 break; 3757 case PWR_SUSPEND: 3758 atw_stop(ifp, 0); 3759 if (sc->sc_power != NULL) 3760 (*sc->sc_power)(sc, why); 3761 break; 3762 case PWR_RESUME: 3763 if (ifp->if_flags & IFF_UP) { 3764 if (sc->sc_power != NULL) 3765 (*sc->sc_power)(sc, why); 3766 atw_init(ifp); 3767 } 3768 break; 3769 case PWR_SOFTSUSPEND: 3770 case PWR_SOFTSTANDBY: 3771 case PWR_SOFTRESUME: 3772 break; 3773 } 3774 splx(s); 3775 } 3776 3777 /* 3778 * atw_ioctl: [ifnet interface function] 3779 * 3780 * Handle control requests from the operator. 3781 */ 3782 int 3783 atw_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3784 { 3785 struct atw_softc *sc = ifp->if_softc; 3786 struct ifreq *ifr = (struct ifreq *)data; 3787 int s, error = 0; 3788 3789 /* XXX monkey see, monkey do. comes from wi_ioctl. */ 3790 if ((sc->sc_dev.dv_flags & DVF_ACTIVE) == 0) 3791 return ENXIO; 3792 3793 s = splnet(); 3794 3795 switch (cmd) { 3796 case SIOCSIFFLAGS: 3797 if (ifp->if_flags & IFF_UP) { 3798 if (ATW_IS_ENABLED(sc)) { 3799 /* 3800 * To avoid rescanning another access point, 3801 * do not call atw_init() here. Instead, 3802 * only reflect media settings. 3803 */ 3804 atw_filter_setup(sc); 3805 } else 3806 error = atw_init(ifp); 3807 } else if (ATW_IS_ENABLED(sc)) 3808 atw_stop(ifp, 1); 3809 break; 3810 case SIOCADDMULTI: 3811 case SIOCDELMULTI: 3812 error = (cmd == SIOCADDMULTI) ? 3813 ether_addmulti(ifr, &sc->sc_ic.ic_ec) : 3814 ether_delmulti(ifr, &sc->sc_ic.ic_ec); 3815 if (error == ENETRESET) { 3816 if (ATW_IS_ENABLED(sc)) 3817 atw_filter_setup(sc); /* do not rescan */ 3818 error = 0; 3819 } 3820 break; 3821 default: 3822 error = ieee80211_ioctl(ifp, cmd, data); 3823 if (error == ENETRESET) { 3824 if (ATW_IS_ENABLED(sc)) 3825 error = atw_init(ifp); 3826 else 3827 error = 0; 3828 } 3829 break; 3830 } 3831 3832 /* Try to get more packets going. */ 3833 if (ATW_IS_ENABLED(sc)) 3834 atw_start(ifp); 3835 3836 splx(s); 3837 return (error); 3838 } 3839 3840 static int 3841 atw_media_change(struct ifnet *ifp) 3842 { 3843 int error; 3844 3845 error = ieee80211_media_change(ifp); 3846 if (error == ENETRESET) { 3847 if ((ifp->if_flags & (IFF_RUNNING|IFF_UP)) == 3848 (IFF_RUNNING|IFF_UP)) 3849 atw_init(ifp); /* XXX lose error */ 3850 error = 0; 3851 } 3852 return error; 3853 } 3854 3855 static void 3856 atw_media_status(struct ifnet *ifp, struct ifmediareq *imr) 3857 { 3858 struct atw_softc *sc = ifp->if_softc; 3859 3860 if (ATW_IS_ENABLED(sc) == 0) { 3861 imr->ifm_active = IFM_IEEE80211 | IFM_NONE; 3862 imr->ifm_status = 0; 3863 return; 3864 } 3865 ieee80211_media_status(ifp, imr); 3866 }
Cache object: 4c9251bbd8a7c28245f956ff171957d3
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]