Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/dev/iwn/if_iwn.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * Copyright (c) 2007-2009 Damien Bergamini <damien.bergamini@free.fr> 3 * Copyright (c) 2008 Benjamin Close <benjsc@FreeBSD.org> 4 * Copyright (c) 2008 Sam Leffler, Errno Consulting 5 * Copyright (c) 2011 Intel Corporation 6 * Copyright (c) 2013 Cedric GROSS <c.gross@kreiz-it.fr> 7 * Copyright (c) 2013 Adrian Chadd <adrian@FreeBSD.org> 8 * 9 * Permission to use, copy, modify, and distribute this software for any 10 * purpose with or without fee is hereby granted, provided that the above 11 * copyright notice and this permission notice appear in all copies. 12 * 13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20 */ 21 22 /* 23 * Driver for Intel WiFi Link 4965 and 1000/5000/6000 Series 802.11 network 24 * adapters. 25 */ 26 27 #include <sys/cdefs.h> 28 __FBSDID("$FreeBSD$"); 29 30 #include "opt_wlan.h" 31 #include "opt_iwn.h" 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/sysctl.h> 36 #include <sys/mbuf.h> 37 #include <sys/kernel.h> 38 #include <sys/socket.h> 39 #include <sys/systm.h> 40 #include <sys/malloc.h> 41 #include <sys/bus.h> 42 #include <sys/conf.h> 43 #include <sys/rman.h> 44 #include <sys/endian.h> 45 #include <sys/firmware.h> 46 #include <sys/limits.h> 47 #include <sys/module.h> 48 #include <sys/priv.h> 49 #include <sys/queue.h> 50 #include <sys/taskqueue.h> 51 52 #include <machine/bus.h> 53 #include <machine/resource.h> 54 #include <machine/clock.h> 55 56 #include <dev/pci/pcireg.h> 57 #include <dev/pci/pcivar.h> 58 59 #include <net/if.h> 60 #include <net/if_var.h> 61 #include <net/if_dl.h> 62 #include <net/if_media.h> 63 64 #include <netinet/in.h> 65 #include <netinet/if_ether.h> 66 67 #include <net80211/ieee80211_var.h> 68 #include <net80211/ieee80211_radiotap.h> 69 #include <net80211/ieee80211_regdomain.h> 70 #include <net80211/ieee80211_ratectl.h> 71 72 #include <dev/iwn/if_iwnreg.h> 73 #include <dev/iwn/if_iwnvar.h> 74 #include <dev/iwn/if_iwn_devid.h> 75 #include <dev/iwn/if_iwn_chip_cfg.h> 76 #include <dev/iwn/if_iwn_debug.h> 77 #include <dev/iwn/if_iwn_ioctl.h> 78 79 struct iwn_ident { 80 uint16_t vendor; 81 uint16_t device; 82 const char *name; 83 }; 84 85 static const struct iwn_ident iwn_ident_table[] = { 86 { 0x8086, IWN_DID_6x05_1, "Intel Centrino Advanced-N 6205" }, 87 { 0x8086, IWN_DID_1000_1, "Intel Centrino Wireless-N 1000" }, 88 { 0x8086, IWN_DID_1000_2, "Intel Centrino Wireless-N 1000" }, 89 { 0x8086, IWN_DID_6x05_2, "Intel Centrino Advanced-N 6205" }, 90 { 0x8086, IWN_DID_6050_1, "Intel Centrino Advanced-N + WiMAX 6250" }, 91 { 0x8086, IWN_DID_6050_2, "Intel Centrino Advanced-N + WiMAX 6250" }, 92 { 0x8086, IWN_DID_x030_1, "Intel Centrino Wireless-N 1030" }, 93 { 0x8086, IWN_DID_x030_2, "Intel Centrino Wireless-N 1030" }, 94 { 0x8086, IWN_DID_x030_3, "Intel Centrino Advanced-N 6230" }, 95 { 0x8086, IWN_DID_x030_4, "Intel Centrino Advanced-N 6230" }, 96 { 0x8086, IWN_DID_6150_1, "Intel Centrino Wireless-N + WiMAX 6150" }, 97 { 0x8086, IWN_DID_6150_2, "Intel Centrino Wireless-N + WiMAX 6150" }, 98 { 0x8086, IWN_DID_2x00_1, "Intel(R) Centrino(R) Wireless-N 2200 BGN" }, 99 { 0x8086, IWN_DID_2x00_2, "Intel(R) Centrino(R) Wireless-N 2200 BGN" }, 100 /* XXX 2200D is IWN_SDID_2x00_4; there's no way to express this here! */ 101 { 0x8086, IWN_DID_2x30_1, "Intel Centrino Wireless-N 2230" }, 102 { 0x8086, IWN_DID_2x30_2, "Intel Centrino Wireless-N 2230" }, 103 { 0x8086, IWN_DID_130_1, "Intel Centrino Wireless-N 130" }, 104 { 0x8086, IWN_DID_130_2, "Intel Centrino Wireless-N 130" }, 105 { 0x8086, IWN_DID_100_1, "Intel Centrino Wireless-N 100" }, 106 { 0x8086, IWN_DID_100_2, "Intel Centrino Wireless-N 100" }, 107 { 0x8086, IWN_DID_105_1, "Intel Centrino Wireless-N 105" }, 108 { 0x8086, IWN_DID_105_2, "Intel Centrino Wireless-N 105" }, 109 { 0x8086, IWN_DID_135_1, "Intel Centrino Wireless-N 135" }, 110 { 0x8086, IWN_DID_135_2, "Intel Centrino Wireless-N 135" }, 111 { 0x8086, IWN_DID_4965_1, "Intel Wireless WiFi Link 4965" }, 112 { 0x8086, IWN_DID_6x00_1, "Intel Centrino Ultimate-N 6300" }, 113 { 0x8086, IWN_DID_6x00_2, "Intel Centrino Advanced-N 6200" }, 114 { 0x8086, IWN_DID_4965_2, "Intel Wireless WiFi Link 4965" }, 115 { 0x8086, IWN_DID_4965_3, "Intel Wireless WiFi Link 4965" }, 116 { 0x8086, IWN_DID_5x00_1, "Intel WiFi Link 5100" }, 117 { 0x8086, IWN_DID_4965_4, "Intel Wireless WiFi Link 4965" }, 118 { 0x8086, IWN_DID_5x00_3, "Intel Ultimate N WiFi Link 5300" }, 119 { 0x8086, IWN_DID_5x00_4, "Intel Ultimate N WiFi Link 5300" }, 120 { 0x8086, IWN_DID_5x00_2, "Intel WiFi Link 5100" }, 121 { 0x8086, IWN_DID_6x00_3, "Intel Centrino Ultimate-N 6300" }, 122 { 0x8086, IWN_DID_6x00_4, "Intel Centrino Advanced-N 6200" }, 123 { 0x8086, IWN_DID_5x50_1, "Intel WiMAX/WiFi Link 5350" }, 124 { 0x8086, IWN_DID_5x50_2, "Intel WiMAX/WiFi Link 5350" }, 125 { 0x8086, IWN_DID_5x50_3, "Intel WiMAX/WiFi Link 5150" }, 126 { 0x8086, IWN_DID_5x50_4, "Intel WiMAX/WiFi Link 5150" }, 127 { 0x8086, IWN_DID_6035_1, "Intel Centrino Advanced 6235" }, 128 { 0x8086, IWN_DID_6035_2, "Intel Centrino Advanced 6235" }, 129 { 0, 0, NULL } 130 }; 131 132 static int iwn_probe(device_t); 133 static int iwn_attach(device_t); 134 static void iwn4965_attach(struct iwn_softc *, uint16_t); 135 static void iwn5000_attach(struct iwn_softc *, uint16_t); 136 static int iwn_config_specific(struct iwn_softc *, uint16_t); 137 static void iwn_radiotap_attach(struct iwn_softc *); 138 static void iwn_sysctlattach(struct iwn_softc *); 139 static struct ieee80211vap *iwn_vap_create(struct ieee80211com *, 140 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 141 const uint8_t [IEEE80211_ADDR_LEN], 142 const uint8_t [IEEE80211_ADDR_LEN]); 143 static void iwn_vap_delete(struct ieee80211vap *); 144 static int iwn_detach(device_t); 145 static int iwn_shutdown(device_t); 146 static int iwn_suspend(device_t); 147 static int iwn_resume(device_t); 148 static int iwn_nic_lock(struct iwn_softc *); 149 static int iwn_eeprom_lock(struct iwn_softc *); 150 static int iwn_init_otprom(struct iwn_softc *); 151 static int iwn_read_prom_data(struct iwn_softc *, uint32_t, void *, int); 152 static void iwn_dma_map_addr(void *, bus_dma_segment_t *, int, int); 153 static int iwn_dma_contig_alloc(struct iwn_softc *, struct iwn_dma_info *, 154 void **, bus_size_t, bus_size_t); 155 static void iwn_dma_contig_free(struct iwn_dma_info *); 156 static int iwn_alloc_sched(struct iwn_softc *); 157 static void iwn_free_sched(struct iwn_softc *); 158 static int iwn_alloc_kw(struct iwn_softc *); 159 static void iwn_free_kw(struct iwn_softc *); 160 static int iwn_alloc_ict(struct iwn_softc *); 161 static void iwn_free_ict(struct iwn_softc *); 162 static int iwn_alloc_fwmem(struct iwn_softc *); 163 static void iwn_free_fwmem(struct iwn_softc *); 164 static int iwn_alloc_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 165 static void iwn_reset_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 166 static void iwn_free_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 167 static int iwn_alloc_tx_ring(struct iwn_softc *, struct iwn_tx_ring *, 168 int); 169 static void iwn_reset_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 170 static void iwn_free_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 171 static void iwn_check_tx_ring(struct iwn_softc *, int); 172 static void iwn5000_ict_reset(struct iwn_softc *); 173 static int iwn_read_eeprom(struct iwn_softc *, 174 uint8_t macaddr[IEEE80211_ADDR_LEN]); 175 static void iwn4965_read_eeprom(struct iwn_softc *); 176 #ifdef IWN_DEBUG 177 static void iwn4965_print_power_group(struct iwn_softc *, int); 178 #endif 179 static void iwn5000_read_eeprom(struct iwn_softc *); 180 static uint32_t iwn_eeprom_channel_flags(struct iwn_eeprom_chan *); 181 static void iwn_read_eeprom_band(struct iwn_softc *, int, int, int *, 182 struct ieee80211_channel[]); 183 static void iwn_read_eeprom_ht40(struct iwn_softc *, int, int, int *, 184 struct ieee80211_channel[]); 185 static void iwn_read_eeprom_channels(struct iwn_softc *, int, uint32_t); 186 static struct iwn_eeprom_chan *iwn_find_eeprom_channel(struct iwn_softc *, 187 struct ieee80211_channel *); 188 static void iwn_getradiocaps(struct ieee80211com *, int, int *, 189 struct ieee80211_channel[]); 190 static int iwn_setregdomain(struct ieee80211com *, 191 struct ieee80211_regdomain *, int, 192 struct ieee80211_channel[]); 193 static void iwn_read_eeprom_enhinfo(struct iwn_softc *); 194 static struct ieee80211_node *iwn_node_alloc(struct ieee80211vap *, 195 const uint8_t mac[IEEE80211_ADDR_LEN]); 196 static void iwn_newassoc(struct ieee80211_node *, int); 197 static int iwn_newstate(struct ieee80211vap *, enum ieee80211_state, int); 198 static void iwn_calib_timeout(void *); 199 static void iwn_rx_phy(struct iwn_softc *, struct iwn_rx_desc *); 200 static void iwn_rx_done(struct iwn_softc *, struct iwn_rx_desc *, 201 struct iwn_rx_data *); 202 static void iwn_agg_tx_complete(struct iwn_softc *, struct iwn_tx_ring *, 203 int, int, int); 204 static void iwn_rx_compressed_ba(struct iwn_softc *, struct iwn_rx_desc *); 205 static void iwn5000_rx_calib_results(struct iwn_softc *, 206 struct iwn_rx_desc *); 207 static void iwn_rx_statistics(struct iwn_softc *, struct iwn_rx_desc *); 208 static void iwn4965_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 209 struct iwn_rx_data *); 210 static void iwn5000_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 211 struct iwn_rx_data *); 212 static void iwn_adj_ampdu_ptr(struct iwn_softc *, struct iwn_tx_ring *); 213 static void iwn_tx_done(struct iwn_softc *, struct iwn_rx_desc *, int, int, 214 uint8_t); 215 static int iwn_ampdu_check_bitmap(uint64_t, int, int); 216 static int iwn_ampdu_index_check(struct iwn_softc *, struct iwn_tx_ring *, 217 uint64_t, int, int); 218 static void iwn_ampdu_tx_done(struct iwn_softc *, int, int, int, void *); 219 static void iwn_cmd_done(struct iwn_softc *, struct iwn_rx_desc *); 220 static void iwn_notif_intr(struct iwn_softc *); 221 static void iwn_wakeup_intr(struct iwn_softc *); 222 static void iwn_rftoggle_task(void *, int); 223 static void iwn_fatal_intr(struct iwn_softc *); 224 static void iwn_intr(void *); 225 static void iwn4965_update_sched(struct iwn_softc *, int, int, uint8_t, 226 uint16_t); 227 static void iwn5000_update_sched(struct iwn_softc *, int, int, uint8_t, 228 uint16_t); 229 #ifdef notyet 230 static void iwn5000_reset_sched(struct iwn_softc *, int, int); 231 #endif 232 static int iwn_tx_data(struct iwn_softc *, struct mbuf *, 233 struct ieee80211_node *); 234 static int iwn_tx_data_raw(struct iwn_softc *, struct mbuf *, 235 struct ieee80211_node *, 236 const struct ieee80211_bpf_params *params); 237 static int iwn_tx_cmd(struct iwn_softc *, struct mbuf *, 238 struct ieee80211_node *, struct iwn_tx_ring *); 239 static void iwn_xmit_task(void *arg0, int pending); 240 static int iwn_raw_xmit(struct ieee80211_node *, struct mbuf *, 241 const struct ieee80211_bpf_params *); 242 static int iwn_transmit(struct ieee80211com *, struct mbuf *); 243 static void iwn_scan_timeout(void *); 244 static void iwn_watchdog(void *); 245 static int iwn_ioctl(struct ieee80211com *, u_long , void *); 246 static void iwn_parent(struct ieee80211com *); 247 static int iwn_cmd(struct iwn_softc *, int, const void *, int, int); 248 static int iwn4965_add_node(struct iwn_softc *, struct iwn_node_info *, 249 int); 250 static int iwn5000_add_node(struct iwn_softc *, struct iwn_node_info *, 251 int); 252 static int iwn_set_link_quality(struct iwn_softc *, 253 struct ieee80211_node *); 254 static int iwn_add_broadcast_node(struct iwn_softc *, int); 255 static int iwn_updateedca(struct ieee80211com *); 256 static void iwn_set_promisc(struct iwn_softc *); 257 static void iwn_update_promisc(struct ieee80211com *); 258 static void iwn_update_mcast(struct ieee80211com *); 259 static void iwn_set_led(struct iwn_softc *, uint8_t, uint8_t, uint8_t); 260 static int iwn_set_critical_temp(struct iwn_softc *); 261 static int iwn_set_timing(struct iwn_softc *, struct ieee80211_node *); 262 static void iwn4965_power_calibration(struct iwn_softc *, int); 263 static int iwn4965_set_txpower(struct iwn_softc *, int); 264 static int iwn5000_set_txpower(struct iwn_softc *, int); 265 static int iwn4965_get_rssi(struct iwn_softc *, struct iwn_rx_stat *); 266 static int iwn5000_get_rssi(struct iwn_softc *, struct iwn_rx_stat *); 267 static int iwn_get_noise(const struct iwn_rx_general_stats *); 268 static int iwn4965_get_temperature(struct iwn_softc *); 269 static int iwn5000_get_temperature(struct iwn_softc *); 270 static int iwn_init_sensitivity(struct iwn_softc *); 271 static void iwn_collect_noise(struct iwn_softc *, 272 const struct iwn_rx_general_stats *); 273 static int iwn4965_init_gains(struct iwn_softc *); 274 static int iwn5000_init_gains(struct iwn_softc *); 275 static int iwn4965_set_gains(struct iwn_softc *); 276 static int iwn5000_set_gains(struct iwn_softc *); 277 static void iwn_tune_sensitivity(struct iwn_softc *, 278 const struct iwn_rx_stats *); 279 static void iwn_save_stats_counters(struct iwn_softc *, 280 const struct iwn_stats *); 281 static int iwn_send_sensitivity(struct iwn_softc *); 282 static void iwn_check_rx_recovery(struct iwn_softc *, struct iwn_stats *); 283 static int iwn_set_pslevel(struct iwn_softc *, int, int, int); 284 static int iwn_send_btcoex(struct iwn_softc *); 285 static int iwn_send_advanced_btcoex(struct iwn_softc *); 286 static int iwn5000_runtime_calib(struct iwn_softc *); 287 static int iwn_check_bss_filter(struct iwn_softc *); 288 static int iwn4965_rxon_assoc(struct iwn_softc *, int); 289 static int iwn5000_rxon_assoc(struct iwn_softc *, int); 290 static int iwn_send_rxon(struct iwn_softc *, int, int); 291 static int iwn_config(struct iwn_softc *); 292 static int iwn_scan(struct iwn_softc *, struct ieee80211vap *, 293 struct ieee80211_scan_state *, struct ieee80211_channel *); 294 static int iwn_auth(struct iwn_softc *, struct ieee80211vap *vap); 295 static int iwn_run(struct iwn_softc *, struct ieee80211vap *vap); 296 static int iwn_ampdu_rx_start(struct ieee80211_node *, 297 struct ieee80211_rx_ampdu *, int, int, int); 298 static void iwn_ampdu_rx_stop(struct ieee80211_node *, 299 struct ieee80211_rx_ampdu *); 300 static int iwn_addba_request(struct ieee80211_node *, 301 struct ieee80211_tx_ampdu *, int, int, int); 302 static int iwn_addba_response(struct ieee80211_node *, 303 struct ieee80211_tx_ampdu *, int, int, int); 304 static int iwn_ampdu_tx_start(struct ieee80211com *, 305 struct ieee80211_node *, uint8_t); 306 static void iwn_ampdu_tx_stop(struct ieee80211_node *, 307 struct ieee80211_tx_ampdu *); 308 static void iwn4965_ampdu_tx_start(struct iwn_softc *, 309 struct ieee80211_node *, int, uint8_t, uint16_t); 310 static void iwn4965_ampdu_tx_stop(struct iwn_softc *, int, 311 uint8_t, uint16_t); 312 static void iwn5000_ampdu_tx_start(struct iwn_softc *, 313 struct ieee80211_node *, int, uint8_t, uint16_t); 314 static void iwn5000_ampdu_tx_stop(struct iwn_softc *, int, 315 uint8_t, uint16_t); 316 static int iwn5000_query_calibration(struct iwn_softc *); 317 static int iwn5000_send_calibration(struct iwn_softc *); 318 static int iwn5000_send_wimax_coex(struct iwn_softc *); 319 static int iwn5000_crystal_calib(struct iwn_softc *); 320 static int iwn5000_temp_offset_calib(struct iwn_softc *); 321 static int iwn5000_temp_offset_calibv2(struct iwn_softc *); 322 static int iwn4965_post_alive(struct iwn_softc *); 323 static int iwn5000_post_alive(struct iwn_softc *); 324 static int iwn4965_load_bootcode(struct iwn_softc *, const uint8_t *, 325 int); 326 static int iwn4965_load_firmware(struct iwn_softc *); 327 static int iwn5000_load_firmware_section(struct iwn_softc *, uint32_t, 328 const uint8_t *, int); 329 static int iwn5000_load_firmware(struct iwn_softc *); 330 static int iwn_read_firmware_leg(struct iwn_softc *, 331 struct iwn_fw_info *); 332 static int iwn_read_firmware_tlv(struct iwn_softc *, 333 struct iwn_fw_info *, uint16_t); 334 static int iwn_read_firmware(struct iwn_softc *); 335 static void iwn_unload_firmware(struct iwn_softc *); 336 static int iwn_clock_wait(struct iwn_softc *); 337 static int iwn_apm_init(struct iwn_softc *); 338 static void iwn_apm_stop_master(struct iwn_softc *); 339 static void iwn_apm_stop(struct iwn_softc *); 340 static int iwn4965_nic_config(struct iwn_softc *); 341 static int iwn5000_nic_config(struct iwn_softc *); 342 static int iwn_hw_prepare(struct iwn_softc *); 343 static int iwn_hw_init(struct iwn_softc *); 344 static void iwn_hw_stop(struct iwn_softc *); 345 static void iwn_panicked(void *, int); 346 static int iwn_init_locked(struct iwn_softc *); 347 static int iwn_init(struct iwn_softc *); 348 static void iwn_stop_locked(struct iwn_softc *); 349 static void iwn_stop(struct iwn_softc *); 350 static void iwn_scan_start(struct ieee80211com *); 351 static void iwn_scan_end(struct ieee80211com *); 352 static void iwn_set_channel(struct ieee80211com *); 353 static void iwn_scan_curchan(struct ieee80211_scan_state *, unsigned long); 354 static void iwn_scan_mindwell(struct ieee80211_scan_state *); 355 #ifdef IWN_DEBUG 356 static char *iwn_get_csr_string(int); 357 static void iwn_debug_register(struct iwn_softc *); 358 #endif 359 360 static device_method_t iwn_methods[] = { 361 /* Device interface */ 362 DEVMETHOD(device_probe, iwn_probe), 363 DEVMETHOD(device_attach, iwn_attach), 364 DEVMETHOD(device_detach, iwn_detach), 365 DEVMETHOD(device_shutdown, iwn_shutdown), 366 DEVMETHOD(device_suspend, iwn_suspend), 367 DEVMETHOD(device_resume, iwn_resume), 368 369 DEVMETHOD_END 370 }; 371 372 static driver_t iwn_driver = { 373 "iwn", 374 iwn_methods, 375 sizeof(struct iwn_softc) 376 }; 377 378 DRIVER_MODULE(iwn, pci, iwn_driver, NULL, NULL); 379 MODULE_PNP_INFO("U16:vendor;U16:device;D:#", pci, iwn, iwn_ident_table, 380 nitems(iwn_ident_table) - 1); 381 MODULE_VERSION(iwn, 1); 382 383 MODULE_DEPEND(iwn, firmware, 1, 1, 1); 384 MODULE_DEPEND(iwn, pci, 1, 1, 1); 385 MODULE_DEPEND(iwn, wlan, 1, 1, 1); 386 387 static d_ioctl_t iwn_cdev_ioctl; 388 static d_open_t iwn_cdev_open; 389 static d_close_t iwn_cdev_close; 390 391 static struct cdevsw iwn_cdevsw = { 392 .d_version = D_VERSION, 393 .d_flags = 0, 394 .d_open = iwn_cdev_open, 395 .d_close = iwn_cdev_close, 396 .d_ioctl = iwn_cdev_ioctl, 397 .d_name = "iwn", 398 }; 399 400 static int 401 iwn_probe(device_t dev) 402 { 403 const struct iwn_ident *ident; 404 405 for (ident = iwn_ident_table; ident->name != NULL; ident++) { 406 if (pci_get_vendor(dev) == ident->vendor && 407 pci_get_device(dev) == ident->device) { 408 device_set_desc(dev, ident->name); 409 return (BUS_PROBE_DEFAULT); 410 } 411 } 412 return ENXIO; 413 } 414 415 static int 416 iwn_is_3stream_device(struct iwn_softc *sc) 417 { 418 /* XXX for now only 5300, until the 5350 can be tested */ 419 if (sc->hw_type == IWN_HW_REV_TYPE_5300) 420 return (1); 421 return (0); 422 } 423 424 static int 425 iwn_attach(device_t dev) 426 { 427 struct iwn_softc *sc = device_get_softc(dev); 428 struct ieee80211com *ic; 429 int i, error, rid; 430 431 sc->sc_dev = dev; 432 433 #ifdef IWN_DEBUG 434 error = resource_int_value(device_get_name(sc->sc_dev), 435 device_get_unit(sc->sc_dev), "debug", &(sc->sc_debug)); 436 if (error != 0) 437 sc->sc_debug = 0; 438 #else 439 sc->sc_debug = 0; 440 #endif 441 442 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: begin\n",__func__); 443 444 /* 445 * Get the offset of the PCI Express Capability Structure in PCI 446 * Configuration Space. 447 */ 448 error = pci_find_cap(dev, PCIY_EXPRESS, &sc->sc_cap_off); 449 if (error != 0) { 450 device_printf(dev, "PCIe capability structure not found!\n"); 451 return error; 452 } 453 454 /* Clear device-specific "PCI retry timeout" register (41h). */ 455 pci_write_config(dev, 0x41, 0, 1); 456 457 /* Enable bus-mastering. */ 458 pci_enable_busmaster(dev); 459 460 rid = PCIR_BAR(0); 461 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &rid, 462 RF_ACTIVE); 463 if (sc->mem == NULL) { 464 device_printf(dev, "can't map mem space\n"); 465 error = ENOMEM; 466 return error; 467 } 468 sc->sc_st = rman_get_bustag(sc->mem); 469 sc->sc_sh = rman_get_bushandle(sc->mem); 470 471 i = 1; 472 rid = 0; 473 if (pci_alloc_msi(dev, &i) == 0) 474 rid = 1; 475 /* Install interrupt handler. */ 476 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid, RF_ACTIVE | 477 (rid != 0 ? 0 : RF_SHAREABLE)); 478 if (sc->irq == NULL) { 479 device_printf(dev, "can't map interrupt\n"); 480 error = ENOMEM; 481 goto fail; 482 } 483 484 IWN_LOCK_INIT(sc); 485 486 /* Read hardware revision and attach. */ 487 sc->hw_type = (IWN_READ(sc, IWN_HW_REV) >> IWN_HW_REV_TYPE_SHIFT) 488 & IWN_HW_REV_TYPE_MASK; 489 sc->subdevice_id = pci_get_subdevice(dev); 490 491 /* 492 * 4965 versus 5000 and later have different methods. 493 * Let's set those up first. 494 */ 495 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 496 iwn4965_attach(sc, pci_get_device(dev)); 497 else 498 iwn5000_attach(sc, pci_get_device(dev)); 499 500 /* 501 * Next, let's setup the various parameters of each NIC. 502 */ 503 error = iwn_config_specific(sc, pci_get_device(dev)); 504 if (error != 0) { 505 device_printf(dev, "could not attach device, error %d\n", 506 error); 507 goto fail; 508 } 509 510 if ((error = iwn_hw_prepare(sc)) != 0) { 511 device_printf(dev, "hardware not ready, error %d\n", error); 512 goto fail; 513 } 514 515 /* Allocate DMA memory for firmware transfers. */ 516 if ((error = iwn_alloc_fwmem(sc)) != 0) { 517 device_printf(dev, 518 "could not allocate memory for firmware, error %d\n", 519 error); 520 goto fail; 521 } 522 523 /* Allocate "Keep Warm" page. */ 524 if ((error = iwn_alloc_kw(sc)) != 0) { 525 device_printf(dev, 526 "could not allocate keep warm page, error %d\n", error); 527 goto fail; 528 } 529 530 /* Allocate ICT table for 5000 Series. */ 531 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 532 (error = iwn_alloc_ict(sc)) != 0) { 533 device_printf(dev, "could not allocate ICT table, error %d\n", 534 error); 535 goto fail; 536 } 537 538 /* Allocate TX scheduler "rings". */ 539 if ((error = iwn_alloc_sched(sc)) != 0) { 540 device_printf(dev, 541 "could not allocate TX scheduler rings, error %d\n", error); 542 goto fail; 543 } 544 545 /* Allocate TX rings (16 on 4965AGN, 20 on >=5000). */ 546 for (i = 0; i < sc->ntxqs; i++) { 547 if ((error = iwn_alloc_tx_ring(sc, &sc->txq[i], i)) != 0) { 548 device_printf(dev, 549 "could not allocate TX ring %d, error %d\n", i, 550 error); 551 goto fail; 552 } 553 } 554 555 /* Allocate RX ring. */ 556 if ((error = iwn_alloc_rx_ring(sc, &sc->rxq)) != 0) { 557 device_printf(dev, "could not allocate RX ring, error %d\n", 558 error); 559 goto fail; 560 } 561 562 /* Clear pending interrupts. */ 563 IWN_WRITE(sc, IWN_INT, 0xffffffff); 564 565 ic = &sc->sc_ic; 566 ic->ic_softc = sc; 567 ic->ic_name = device_get_nameunit(dev); 568 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 569 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 570 571 /* Set device capabilities. */ 572 ic->ic_caps = 573 IEEE80211_C_STA /* station mode supported */ 574 | IEEE80211_C_MONITOR /* monitor mode supported */ 575 #if 0 576 | IEEE80211_C_BGSCAN /* background scanning */ 577 #endif 578 | IEEE80211_C_TXPMGT /* tx power management */ 579 | IEEE80211_C_SHSLOT /* short slot time supported */ 580 | IEEE80211_C_WPA 581 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 582 #if 0 583 | IEEE80211_C_IBSS /* ibss/adhoc mode */ 584 #endif 585 | IEEE80211_C_WME /* WME */ 586 | IEEE80211_C_PMGT /* Station-side power mgmt */ 587 ; 588 589 /* Read MAC address, channels, etc from EEPROM. */ 590 if ((error = iwn_read_eeprom(sc, ic->ic_macaddr)) != 0) { 591 device_printf(dev, "could not read EEPROM, error %d\n", 592 error); 593 goto fail; 594 } 595 596 /* Count the number of available chains. */ 597 sc->ntxchains = 598 ((sc->txchainmask >> 2) & 1) + 599 ((sc->txchainmask >> 1) & 1) + 600 ((sc->txchainmask >> 0) & 1); 601 sc->nrxchains = 602 ((sc->rxchainmask >> 2) & 1) + 603 ((sc->rxchainmask >> 1) & 1) + 604 ((sc->rxchainmask >> 0) & 1); 605 if (bootverbose) { 606 device_printf(dev, "MIMO %dT%dR, %.4s, address %6D\n", 607 sc->ntxchains, sc->nrxchains, sc->eeprom_domain, 608 ic->ic_macaddr, ":"); 609 } 610 611 if (sc->sc_flags & IWN_FLAG_HAS_11N) { 612 ic->ic_rxstream = sc->nrxchains; 613 ic->ic_txstream = sc->ntxchains; 614 615 /* 616 * Some of the 3 antenna devices (ie, the 4965) only supports 617 * 2x2 operation. So correct the number of streams if 618 * it's not a 3-stream device. 619 */ 620 if (! iwn_is_3stream_device(sc)) { 621 if (ic->ic_rxstream > 2) 622 ic->ic_rxstream = 2; 623 if (ic->ic_txstream > 2) 624 ic->ic_txstream = 2; 625 } 626 627 ic->ic_htcaps = 628 IEEE80211_HTCAP_SMPS_OFF /* SMPS mode disabled */ 629 | IEEE80211_HTCAP_SHORTGI20 /* short GI in 20MHz */ 630 | IEEE80211_HTCAP_CHWIDTH40 /* 40MHz channel width*/ 631 | IEEE80211_HTCAP_SHORTGI40 /* short GI in 40MHz */ 632 #ifdef notyet 633 | IEEE80211_HTCAP_GREENFIELD 634 #if IWN_RBUF_SIZE == 8192 635 | IEEE80211_HTCAP_MAXAMSDU_7935 /* max A-MSDU length */ 636 #else 637 | IEEE80211_HTCAP_MAXAMSDU_3839 /* max A-MSDU length */ 638 #endif 639 #endif 640 /* s/w capabilities */ 641 | IEEE80211_HTC_HT /* HT operation */ 642 | IEEE80211_HTC_AMPDU /* tx A-MPDU */ 643 #ifdef notyet 644 | IEEE80211_HTC_AMSDU /* tx A-MSDU */ 645 #endif 646 ; 647 } 648 649 ieee80211_ifattach(ic); 650 ic->ic_vap_create = iwn_vap_create; 651 ic->ic_ioctl = iwn_ioctl; 652 ic->ic_parent = iwn_parent; 653 ic->ic_vap_delete = iwn_vap_delete; 654 ic->ic_transmit = iwn_transmit; 655 ic->ic_raw_xmit = iwn_raw_xmit; 656 ic->ic_node_alloc = iwn_node_alloc; 657 sc->sc_ampdu_rx_start = ic->ic_ampdu_rx_start; 658 ic->ic_ampdu_rx_start = iwn_ampdu_rx_start; 659 sc->sc_ampdu_rx_stop = ic->ic_ampdu_rx_stop; 660 ic->ic_ampdu_rx_stop = iwn_ampdu_rx_stop; 661 sc->sc_addba_request = ic->ic_addba_request; 662 ic->ic_addba_request = iwn_addba_request; 663 sc->sc_addba_response = ic->ic_addba_response; 664 ic->ic_addba_response = iwn_addba_response; 665 sc->sc_addba_stop = ic->ic_addba_stop; 666 ic->ic_addba_stop = iwn_ampdu_tx_stop; 667 ic->ic_newassoc = iwn_newassoc; 668 ic->ic_wme.wme_update = iwn_updateedca; 669 ic->ic_update_promisc = iwn_update_promisc; 670 ic->ic_update_mcast = iwn_update_mcast; 671 ic->ic_scan_start = iwn_scan_start; 672 ic->ic_scan_end = iwn_scan_end; 673 ic->ic_set_channel = iwn_set_channel; 674 ic->ic_scan_curchan = iwn_scan_curchan; 675 ic->ic_scan_mindwell = iwn_scan_mindwell; 676 ic->ic_getradiocaps = iwn_getradiocaps; 677 ic->ic_setregdomain = iwn_setregdomain; 678 679 iwn_radiotap_attach(sc); 680 681 callout_init_mtx(&sc->calib_to, &sc->sc_mtx, 0); 682 callout_init_mtx(&sc->scan_timeout, &sc->sc_mtx, 0); 683 callout_init_mtx(&sc->watchdog_to, &sc->sc_mtx, 0); 684 TASK_INIT(&sc->sc_rftoggle_task, 0, iwn_rftoggle_task, sc); 685 TASK_INIT(&sc->sc_panic_task, 0, iwn_panicked, sc); 686 TASK_INIT(&sc->sc_xmit_task, 0, iwn_xmit_task, sc); 687 688 mbufq_init(&sc->sc_xmit_queue, 1024); 689 690 sc->sc_tq = taskqueue_create("iwn_taskq", M_WAITOK, 691 taskqueue_thread_enqueue, &sc->sc_tq); 692 error = taskqueue_start_threads(&sc->sc_tq, 1, 0, "iwn_taskq"); 693 if (error != 0) { 694 device_printf(dev, "can't start threads, error %d\n", error); 695 goto fail; 696 } 697 698 iwn_sysctlattach(sc); 699 700 /* 701 * Hook our interrupt after all initialization is complete. 702 */ 703 error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET | INTR_MPSAFE, 704 NULL, iwn_intr, sc, &sc->sc_ih); 705 if (error != 0) { 706 device_printf(dev, "can't establish interrupt, error %d\n", 707 error); 708 goto fail; 709 } 710 711 #if 0 712 device_printf(sc->sc_dev, "%s: rx_stats=%d, rx_stats_bt=%d\n", 713 __func__, 714 sizeof(struct iwn_stats), 715 sizeof(struct iwn_stats_bt)); 716 #endif 717 718 if (bootverbose) 719 ieee80211_announce(ic); 720 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 721 722 /* Add debug ioctl right at the end */ 723 sc->sc_cdev = make_dev(&iwn_cdevsw, device_get_unit(dev), 724 UID_ROOT, GID_WHEEL, 0600, "%s", device_get_nameunit(dev)); 725 if (sc->sc_cdev == NULL) { 726 device_printf(dev, "failed to create debug character device\n"); 727 } else { 728 sc->sc_cdev->si_drv1 = sc; 729 } 730 return 0; 731 fail: 732 iwn_detach(dev); 733 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end in error\n",__func__); 734 return error; 735 } 736 737 /* 738 * Define specific configuration based on device id and subdevice id 739 * pid : PCI device id 740 */ 741 static int 742 iwn_config_specific(struct iwn_softc *sc, uint16_t pid) 743 { 744 745 switch (pid) { 746 /* 4965 series */ 747 case IWN_DID_4965_1: 748 case IWN_DID_4965_2: 749 case IWN_DID_4965_3: 750 case IWN_DID_4965_4: 751 sc->base_params = &iwn4965_base_params; 752 sc->limits = &iwn4965_sensitivity_limits; 753 sc->fwname = "iwn4965fw"; 754 /* Override chains masks, ROM is known to be broken. */ 755 sc->txchainmask = IWN_ANT_AB; 756 sc->rxchainmask = IWN_ANT_ABC; 757 /* Enable normal btcoex */ 758 sc->sc_flags |= IWN_FLAG_BTCOEX; 759 break; 760 /* 1000 Series */ 761 case IWN_DID_1000_1: 762 case IWN_DID_1000_2: 763 switch(sc->subdevice_id) { 764 case IWN_SDID_1000_1: 765 case IWN_SDID_1000_2: 766 case IWN_SDID_1000_3: 767 case IWN_SDID_1000_4: 768 case IWN_SDID_1000_5: 769 case IWN_SDID_1000_6: 770 case IWN_SDID_1000_7: 771 case IWN_SDID_1000_8: 772 case IWN_SDID_1000_9: 773 case IWN_SDID_1000_10: 774 case IWN_SDID_1000_11: 775 case IWN_SDID_1000_12: 776 sc->limits = &iwn1000_sensitivity_limits; 777 sc->base_params = &iwn1000_base_params; 778 sc->fwname = "iwn1000fw"; 779 break; 780 default: 781 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 782 "0x%04x rev %d not supported (subdevice)\n", pid, 783 sc->subdevice_id,sc->hw_type); 784 return ENOTSUP; 785 } 786 break; 787 /* 6x00 Series */ 788 case IWN_DID_6x00_2: 789 case IWN_DID_6x00_4: 790 case IWN_DID_6x00_1: 791 case IWN_DID_6x00_3: 792 sc->fwname = "iwn6000fw"; 793 sc->limits = &iwn6000_sensitivity_limits; 794 switch(sc->subdevice_id) { 795 case IWN_SDID_6x00_1: 796 case IWN_SDID_6x00_2: 797 case IWN_SDID_6x00_8: 798 //iwl6000_3agn_cfg 799 sc->base_params = &iwn_6000_base_params; 800 break; 801 case IWN_SDID_6x00_3: 802 case IWN_SDID_6x00_6: 803 case IWN_SDID_6x00_9: 804 ////iwl6000i_2agn 805 case IWN_SDID_6x00_4: 806 case IWN_SDID_6x00_7: 807 case IWN_SDID_6x00_10: 808 //iwl6000i_2abg_cfg 809 case IWN_SDID_6x00_5: 810 //iwl6000i_2bg_cfg 811 sc->base_params = &iwn_6000i_base_params; 812 sc->sc_flags |= IWN_FLAG_INTERNAL_PA; 813 sc->txchainmask = IWN_ANT_BC; 814 sc->rxchainmask = IWN_ANT_BC; 815 break; 816 default: 817 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 818 "0x%04x rev %d not supported (subdevice)\n", pid, 819 sc->subdevice_id,sc->hw_type); 820 return ENOTSUP; 821 } 822 break; 823 /* 6x05 Series */ 824 case IWN_DID_6x05_1: 825 case IWN_DID_6x05_2: 826 switch(sc->subdevice_id) { 827 case IWN_SDID_6x05_1: 828 case IWN_SDID_6x05_4: 829 case IWN_SDID_6x05_6: 830 //iwl6005_2agn_cfg 831 case IWN_SDID_6x05_2: 832 case IWN_SDID_6x05_5: 833 case IWN_SDID_6x05_7: 834 //iwl6005_2abg_cfg 835 case IWN_SDID_6x05_3: 836 //iwl6005_2bg_cfg 837 case IWN_SDID_6x05_8: 838 case IWN_SDID_6x05_9: 839 //iwl6005_2agn_sff_cfg 840 case IWN_SDID_6x05_10: 841 //iwl6005_2agn_d_cfg 842 case IWN_SDID_6x05_11: 843 //iwl6005_2agn_mow1_cfg 844 case IWN_SDID_6x05_12: 845 //iwl6005_2agn_mow2_cfg 846 sc->fwname = "iwn6000g2afw"; 847 sc->limits = &iwn6000_sensitivity_limits; 848 sc->base_params = &iwn_6000g2_base_params; 849 break; 850 default: 851 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 852 "0x%04x rev %d not supported (subdevice)\n", pid, 853 sc->subdevice_id,sc->hw_type); 854 return ENOTSUP; 855 } 856 break; 857 /* 6x35 Series */ 858 case IWN_DID_6035_1: 859 case IWN_DID_6035_2: 860 switch(sc->subdevice_id) { 861 case IWN_SDID_6035_1: 862 case IWN_SDID_6035_2: 863 case IWN_SDID_6035_3: 864 case IWN_SDID_6035_4: 865 case IWN_SDID_6035_5: 866 sc->fwname = "iwn6000g2bfw"; 867 sc->limits = &iwn6235_sensitivity_limits; 868 sc->base_params = &iwn_6235_base_params; 869 break; 870 default: 871 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 872 "0x%04x rev %d not supported (subdevice)\n", pid, 873 sc->subdevice_id,sc->hw_type); 874 return ENOTSUP; 875 } 876 break; 877 /* 6x50 WiFi/WiMax Series */ 878 case IWN_DID_6050_1: 879 case IWN_DID_6050_2: 880 switch(sc->subdevice_id) { 881 case IWN_SDID_6050_1: 882 case IWN_SDID_6050_3: 883 case IWN_SDID_6050_5: 884 //iwl6050_2agn_cfg 885 case IWN_SDID_6050_2: 886 case IWN_SDID_6050_4: 887 case IWN_SDID_6050_6: 888 //iwl6050_2abg_cfg 889 sc->fwname = "iwn6050fw"; 890 sc->txchainmask = IWN_ANT_AB; 891 sc->rxchainmask = IWN_ANT_AB; 892 sc->limits = &iwn6000_sensitivity_limits; 893 sc->base_params = &iwn_6050_base_params; 894 break; 895 default: 896 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 897 "0x%04x rev %d not supported (subdevice)\n", pid, 898 sc->subdevice_id,sc->hw_type); 899 return ENOTSUP; 900 } 901 break; 902 /* 6150 WiFi/WiMax Series */ 903 case IWN_DID_6150_1: 904 case IWN_DID_6150_2: 905 switch(sc->subdevice_id) { 906 case IWN_SDID_6150_1: 907 case IWN_SDID_6150_3: 908 case IWN_SDID_6150_5: 909 // iwl6150_bgn_cfg 910 case IWN_SDID_6150_2: 911 case IWN_SDID_6150_4: 912 case IWN_SDID_6150_6: 913 //iwl6150_bg_cfg 914 sc->fwname = "iwn6050fw"; 915 sc->limits = &iwn6000_sensitivity_limits; 916 sc->base_params = &iwn_6150_base_params; 917 break; 918 default: 919 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 920 "0x%04x rev %d not supported (subdevice)\n", pid, 921 sc->subdevice_id,sc->hw_type); 922 return ENOTSUP; 923 } 924 break; 925 /* 6030 Series and 1030 Series */ 926 case IWN_DID_x030_1: 927 case IWN_DID_x030_2: 928 case IWN_DID_x030_3: 929 case IWN_DID_x030_4: 930 switch(sc->subdevice_id) { 931 case IWN_SDID_x030_1: 932 case IWN_SDID_x030_3: 933 case IWN_SDID_x030_5: 934 // iwl1030_bgn_cfg 935 case IWN_SDID_x030_2: 936 case IWN_SDID_x030_4: 937 case IWN_SDID_x030_6: 938 //iwl1030_bg_cfg 939 case IWN_SDID_x030_7: 940 case IWN_SDID_x030_10: 941 case IWN_SDID_x030_14: 942 //iwl6030_2agn_cfg 943 case IWN_SDID_x030_8: 944 case IWN_SDID_x030_11: 945 case IWN_SDID_x030_15: 946 // iwl6030_2bgn_cfg 947 case IWN_SDID_x030_9: 948 case IWN_SDID_x030_12: 949 case IWN_SDID_x030_16: 950 // iwl6030_2abg_cfg 951 case IWN_SDID_x030_13: 952 //iwl6030_2bg_cfg 953 sc->fwname = "iwn6000g2bfw"; 954 sc->limits = &iwn6000_sensitivity_limits; 955 sc->base_params = &iwn_6000g2b_base_params; 956 break; 957 default: 958 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 959 "0x%04x rev %d not supported (subdevice)\n", pid, 960 sc->subdevice_id,sc->hw_type); 961 return ENOTSUP; 962 } 963 break; 964 /* 130 Series WiFi */ 965 /* XXX: This series will need adjustment for rate. 966 * see rx_with_siso_diversity in linux kernel 967 */ 968 case IWN_DID_130_1: 969 case IWN_DID_130_2: 970 switch(sc->subdevice_id) { 971 case IWN_SDID_130_1: 972 case IWN_SDID_130_3: 973 case IWN_SDID_130_5: 974 //iwl130_bgn_cfg 975 case IWN_SDID_130_2: 976 case IWN_SDID_130_4: 977 case IWN_SDID_130_6: 978 //iwl130_bg_cfg 979 sc->fwname = "iwn6000g2bfw"; 980 sc->limits = &iwn6000_sensitivity_limits; 981 sc->base_params = &iwn_6000g2b_base_params; 982 break; 983 default: 984 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 985 "0x%04x rev %d not supported (subdevice)\n", pid, 986 sc->subdevice_id,sc->hw_type); 987 return ENOTSUP; 988 } 989 break; 990 /* 100 Series WiFi */ 991 case IWN_DID_100_1: 992 case IWN_DID_100_2: 993 switch(sc->subdevice_id) { 994 case IWN_SDID_100_1: 995 case IWN_SDID_100_2: 996 case IWN_SDID_100_3: 997 case IWN_SDID_100_4: 998 case IWN_SDID_100_5: 999 case IWN_SDID_100_6: 1000 sc->limits = &iwn1000_sensitivity_limits; 1001 sc->base_params = &iwn1000_base_params; 1002 sc->fwname = "iwn100fw"; 1003 break; 1004 default: 1005 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1006 "0x%04x rev %d not supported (subdevice)\n", pid, 1007 sc->subdevice_id,sc->hw_type); 1008 return ENOTSUP; 1009 } 1010 break; 1011 1012 /* 105 Series */ 1013 /* XXX: This series will need adjustment for rate. 1014 * see rx_with_siso_diversity in linux kernel 1015 */ 1016 case IWN_DID_105_1: 1017 case IWN_DID_105_2: 1018 switch(sc->subdevice_id) { 1019 case IWN_SDID_105_1: 1020 case IWN_SDID_105_2: 1021 case IWN_SDID_105_3: 1022 //iwl105_bgn_cfg 1023 case IWN_SDID_105_4: 1024 //iwl105_bgn_d_cfg 1025 sc->limits = &iwn2030_sensitivity_limits; 1026 sc->base_params = &iwn2000_base_params; 1027 sc->fwname = "iwn105fw"; 1028 break; 1029 default: 1030 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1031 "0x%04x rev %d not supported (subdevice)\n", pid, 1032 sc->subdevice_id,sc->hw_type); 1033 return ENOTSUP; 1034 } 1035 break; 1036 1037 /* 135 Series */ 1038 /* XXX: This series will need adjustment for rate. 1039 * see rx_with_siso_diversity in linux kernel 1040 */ 1041 case IWN_DID_135_1: 1042 case IWN_DID_135_2: 1043 switch(sc->subdevice_id) { 1044 case IWN_SDID_135_1: 1045 case IWN_SDID_135_2: 1046 case IWN_SDID_135_3: 1047 sc->limits = &iwn2030_sensitivity_limits; 1048 sc->base_params = &iwn2030_base_params; 1049 sc->fwname = "iwn135fw"; 1050 break; 1051 default: 1052 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1053 "0x%04x rev %d not supported (subdevice)\n", pid, 1054 sc->subdevice_id,sc->hw_type); 1055 return ENOTSUP; 1056 } 1057 break; 1058 1059 /* 2x00 Series */ 1060 case IWN_DID_2x00_1: 1061 case IWN_DID_2x00_2: 1062 switch(sc->subdevice_id) { 1063 case IWN_SDID_2x00_1: 1064 case IWN_SDID_2x00_2: 1065 case IWN_SDID_2x00_3: 1066 //iwl2000_2bgn_cfg 1067 case IWN_SDID_2x00_4: 1068 //iwl2000_2bgn_d_cfg 1069 sc->limits = &iwn2030_sensitivity_limits; 1070 sc->base_params = &iwn2000_base_params; 1071 sc->fwname = "iwn2000fw"; 1072 break; 1073 default: 1074 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1075 "0x%04x rev %d not supported (subdevice) \n", 1076 pid, sc->subdevice_id, sc->hw_type); 1077 return ENOTSUP; 1078 } 1079 break; 1080 /* 2x30 Series */ 1081 case IWN_DID_2x30_1: 1082 case IWN_DID_2x30_2: 1083 switch(sc->subdevice_id) { 1084 case IWN_SDID_2x30_1: 1085 case IWN_SDID_2x30_3: 1086 case IWN_SDID_2x30_5: 1087 //iwl100_bgn_cfg 1088 case IWN_SDID_2x30_2: 1089 case IWN_SDID_2x30_4: 1090 case IWN_SDID_2x30_6: 1091 //iwl100_bg_cfg 1092 sc->limits = &iwn2030_sensitivity_limits; 1093 sc->base_params = &iwn2030_base_params; 1094 sc->fwname = "iwn2030fw"; 1095 break; 1096 default: 1097 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1098 "0x%04x rev %d not supported (subdevice)\n", pid, 1099 sc->subdevice_id,sc->hw_type); 1100 return ENOTSUP; 1101 } 1102 break; 1103 /* 5x00 Series */ 1104 case IWN_DID_5x00_1: 1105 case IWN_DID_5x00_2: 1106 case IWN_DID_5x00_3: 1107 case IWN_DID_5x00_4: 1108 sc->limits = &iwn5000_sensitivity_limits; 1109 sc->base_params = &iwn5000_base_params; 1110 sc->fwname = "iwn5000fw"; 1111 switch(sc->subdevice_id) { 1112 case IWN_SDID_5x00_1: 1113 case IWN_SDID_5x00_2: 1114 case IWN_SDID_5x00_3: 1115 case IWN_SDID_5x00_4: 1116 case IWN_SDID_5x00_9: 1117 case IWN_SDID_5x00_10: 1118 case IWN_SDID_5x00_11: 1119 case IWN_SDID_5x00_12: 1120 case IWN_SDID_5x00_17: 1121 case IWN_SDID_5x00_18: 1122 case IWN_SDID_5x00_19: 1123 case IWN_SDID_5x00_20: 1124 //iwl5100_agn_cfg 1125 sc->txchainmask = IWN_ANT_B; 1126 sc->rxchainmask = IWN_ANT_AB; 1127 break; 1128 case IWN_SDID_5x00_5: 1129 case IWN_SDID_5x00_6: 1130 case IWN_SDID_5x00_13: 1131 case IWN_SDID_5x00_14: 1132 case IWN_SDID_5x00_21: 1133 case IWN_SDID_5x00_22: 1134 //iwl5100_bgn_cfg 1135 sc->txchainmask = IWN_ANT_B; 1136 sc->rxchainmask = IWN_ANT_AB; 1137 break; 1138 case IWN_SDID_5x00_7: 1139 case IWN_SDID_5x00_8: 1140 case IWN_SDID_5x00_15: 1141 case IWN_SDID_5x00_16: 1142 case IWN_SDID_5x00_23: 1143 case IWN_SDID_5x00_24: 1144 //iwl5100_abg_cfg 1145 sc->txchainmask = IWN_ANT_B; 1146 sc->rxchainmask = IWN_ANT_AB; 1147 break; 1148 case IWN_SDID_5x00_25: 1149 case IWN_SDID_5x00_26: 1150 case IWN_SDID_5x00_27: 1151 case IWN_SDID_5x00_28: 1152 case IWN_SDID_5x00_29: 1153 case IWN_SDID_5x00_30: 1154 case IWN_SDID_5x00_31: 1155 case IWN_SDID_5x00_32: 1156 case IWN_SDID_5x00_33: 1157 case IWN_SDID_5x00_34: 1158 case IWN_SDID_5x00_35: 1159 case IWN_SDID_5x00_36: 1160 //iwl5300_agn_cfg 1161 sc->txchainmask = IWN_ANT_ABC; 1162 sc->rxchainmask = IWN_ANT_ABC; 1163 break; 1164 default: 1165 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1166 "0x%04x rev %d not supported (subdevice)\n", pid, 1167 sc->subdevice_id,sc->hw_type); 1168 return ENOTSUP; 1169 } 1170 break; 1171 /* 5x50 Series */ 1172 case IWN_DID_5x50_1: 1173 case IWN_DID_5x50_2: 1174 case IWN_DID_5x50_3: 1175 case IWN_DID_5x50_4: 1176 sc->limits = &iwn5000_sensitivity_limits; 1177 sc->base_params = &iwn5000_base_params; 1178 sc->fwname = "iwn5000fw"; 1179 switch(sc->subdevice_id) { 1180 case IWN_SDID_5x50_1: 1181 case IWN_SDID_5x50_2: 1182 case IWN_SDID_5x50_3: 1183 //iwl5350_agn_cfg 1184 sc->limits = &iwn5000_sensitivity_limits; 1185 sc->base_params = &iwn5000_base_params; 1186 sc->fwname = "iwn5000fw"; 1187 break; 1188 case IWN_SDID_5x50_4: 1189 case IWN_SDID_5x50_5: 1190 case IWN_SDID_5x50_8: 1191 case IWN_SDID_5x50_9: 1192 case IWN_SDID_5x50_10: 1193 case IWN_SDID_5x50_11: 1194 //iwl5150_agn_cfg 1195 case IWN_SDID_5x50_6: 1196 case IWN_SDID_5x50_7: 1197 case IWN_SDID_5x50_12: 1198 case IWN_SDID_5x50_13: 1199 //iwl5150_abg_cfg 1200 sc->limits = &iwn5000_sensitivity_limits; 1201 sc->fwname = "iwn5150fw"; 1202 sc->base_params = &iwn_5x50_base_params; 1203 break; 1204 default: 1205 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1206 "0x%04x rev %d not supported (subdevice)\n", pid, 1207 sc->subdevice_id,sc->hw_type); 1208 return ENOTSUP; 1209 } 1210 break; 1211 default: 1212 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id : 0x%04x" 1213 "rev 0x%08x not supported (device)\n", pid, sc->subdevice_id, 1214 sc->hw_type); 1215 return ENOTSUP; 1216 } 1217 return 0; 1218 } 1219 1220 static void 1221 iwn4965_attach(struct iwn_softc *sc, uint16_t pid) 1222 { 1223 struct iwn_ops *ops = &sc->ops; 1224 1225 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1226 1227 ops->load_firmware = iwn4965_load_firmware; 1228 ops->read_eeprom = iwn4965_read_eeprom; 1229 ops->post_alive = iwn4965_post_alive; 1230 ops->nic_config = iwn4965_nic_config; 1231 ops->update_sched = iwn4965_update_sched; 1232 ops->get_temperature = iwn4965_get_temperature; 1233 ops->get_rssi = iwn4965_get_rssi; 1234 ops->set_txpower = iwn4965_set_txpower; 1235 ops->init_gains = iwn4965_init_gains; 1236 ops->set_gains = iwn4965_set_gains; 1237 ops->rxon_assoc = iwn4965_rxon_assoc; 1238 ops->add_node = iwn4965_add_node; 1239 ops->tx_done = iwn4965_tx_done; 1240 ops->ampdu_tx_start = iwn4965_ampdu_tx_start; 1241 ops->ampdu_tx_stop = iwn4965_ampdu_tx_stop; 1242 sc->ntxqs = IWN4965_NTXQUEUES; 1243 sc->firstaggqueue = IWN4965_FIRSTAGGQUEUE; 1244 sc->ndmachnls = IWN4965_NDMACHNLS; 1245 sc->broadcast_id = IWN4965_ID_BROADCAST; 1246 sc->rxonsz = IWN4965_RXONSZ; 1247 sc->schedsz = IWN4965_SCHEDSZ; 1248 sc->fw_text_maxsz = IWN4965_FW_TEXT_MAXSZ; 1249 sc->fw_data_maxsz = IWN4965_FW_DATA_MAXSZ; 1250 sc->fwsz = IWN4965_FWSZ; 1251 sc->sched_txfact_addr = IWN4965_SCHED_TXFACT; 1252 sc->limits = &iwn4965_sensitivity_limits; 1253 sc->fwname = "iwn4965fw"; 1254 /* Override chains masks, ROM is known to be broken. */ 1255 sc->txchainmask = IWN_ANT_AB; 1256 sc->rxchainmask = IWN_ANT_ABC; 1257 /* Enable normal btcoex */ 1258 sc->sc_flags |= IWN_FLAG_BTCOEX; 1259 1260 DPRINTF(sc, IWN_DEBUG_TRACE, "%s: end\n",__func__); 1261 } 1262 1263 static void 1264 iwn5000_attach(struct iwn_softc *sc, uint16_t pid) 1265 { 1266 struct iwn_ops *ops = &sc->ops; 1267 1268 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1269 1270 ops->load_firmware = iwn5000_load_firmware; 1271 ops->read_eeprom = iwn5000_read_eeprom; 1272 ops->post_alive = iwn5000_post_alive; 1273 ops->nic_config = iwn5000_nic_config; 1274 ops->update_sched = iwn5000_update_sched; 1275 ops->get_temperature = iwn5000_get_temperature; 1276 ops->get_rssi = iwn5000_get_rssi; 1277 ops->set_txpower = iwn5000_set_txpower; 1278 ops->init_gains = iwn5000_init_gains; 1279 ops->set_gains = iwn5000_set_gains; 1280 ops->rxon_assoc = iwn5000_rxon_assoc; 1281 ops->add_node = iwn5000_add_node; 1282 ops->tx_done = iwn5000_tx_done; 1283 ops->ampdu_tx_start = iwn5000_ampdu_tx_start; 1284 ops->ampdu_tx_stop = iwn5000_ampdu_tx_stop; 1285 sc->ntxqs = IWN5000_NTXQUEUES; 1286 sc->firstaggqueue = IWN5000_FIRSTAGGQUEUE; 1287 sc->ndmachnls = IWN5000_NDMACHNLS; 1288 sc->broadcast_id = IWN5000_ID_BROADCAST; 1289 sc->rxonsz = IWN5000_RXONSZ; 1290 sc->schedsz = IWN5000_SCHEDSZ; 1291 sc->fw_text_maxsz = IWN5000_FW_TEXT_MAXSZ; 1292 sc->fw_data_maxsz = IWN5000_FW_DATA_MAXSZ; 1293 sc->fwsz = IWN5000_FWSZ; 1294 sc->sched_txfact_addr = IWN5000_SCHED_TXFACT; 1295 sc->reset_noise_gain = IWN5000_PHY_CALIB_RESET_NOISE_GAIN; 1296 sc->noise_gain = IWN5000_PHY_CALIB_NOISE_GAIN; 1297 1298 DPRINTF(sc, IWN_DEBUG_TRACE, "%s: end\n",__func__); 1299 } 1300 1301 /* 1302 * Attach the interface to 802.11 radiotap. 1303 */ 1304 static void 1305 iwn_radiotap_attach(struct iwn_softc *sc) 1306 { 1307 1308 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1309 ieee80211_radiotap_attach(&sc->sc_ic, 1310 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 1311 IWN_TX_RADIOTAP_PRESENT, 1312 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 1313 IWN_RX_RADIOTAP_PRESENT); 1314 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 1315 } 1316 1317 static void 1318 iwn_sysctlattach(struct iwn_softc *sc) 1319 { 1320 #ifdef IWN_DEBUG 1321 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 1322 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 1323 1324 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 1325 "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug, 1326 "control debugging printfs"); 1327 #endif 1328 } 1329 1330 static struct ieee80211vap * 1331 iwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 1332 enum ieee80211_opmode opmode, int flags, 1333 const uint8_t bssid[IEEE80211_ADDR_LEN], 1334 const uint8_t mac[IEEE80211_ADDR_LEN]) 1335 { 1336 struct iwn_softc *sc = ic->ic_softc; 1337 struct iwn_vap *ivp; 1338 struct ieee80211vap *vap; 1339 1340 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 1341 return NULL; 1342 1343 ivp = malloc(sizeof(struct iwn_vap), M_80211_VAP, M_WAITOK | M_ZERO); 1344 vap = &ivp->iv_vap; 1345 ieee80211_vap_setup(ic, vap, name, unit, opmode, flags, bssid); 1346 ivp->ctx = IWN_RXON_BSS_CTX; 1347 vap->iv_bmissthreshold = 10; /* override default */ 1348 /* Override with driver methods. */ 1349 ivp->iv_newstate = vap->iv_newstate; 1350 vap->iv_newstate = iwn_newstate; 1351 sc->ivap[IWN_RXON_BSS_CTX] = vap; 1352 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K; 1353 vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_4; /* 4uS */ 1354 1355 ieee80211_ratectl_init(vap); 1356 /* Complete setup. */ 1357 ieee80211_vap_attach(vap, ieee80211_media_change, 1358 ieee80211_media_status, mac); 1359 ic->ic_opmode = opmode; 1360 return vap; 1361 } 1362 1363 static void 1364 iwn_vap_delete(struct ieee80211vap *vap) 1365 { 1366 struct iwn_vap *ivp = IWN_VAP(vap); 1367 1368 ieee80211_ratectl_deinit(vap); 1369 ieee80211_vap_detach(vap); 1370 free(ivp, M_80211_VAP); 1371 } 1372 1373 static void 1374 iwn_xmit_queue_drain(struct iwn_softc *sc) 1375 { 1376 struct mbuf *m; 1377 struct ieee80211_node *ni; 1378 1379 IWN_LOCK_ASSERT(sc); 1380 while ((m = mbufq_dequeue(&sc->sc_xmit_queue)) != NULL) { 1381 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 1382 ieee80211_free_node(ni); 1383 m_freem(m); 1384 } 1385 } 1386 1387 static int 1388 iwn_xmit_queue_enqueue(struct iwn_softc *sc, struct mbuf *m) 1389 { 1390 1391 IWN_LOCK_ASSERT(sc); 1392 return (mbufq_enqueue(&sc->sc_xmit_queue, m)); 1393 } 1394 1395 static int 1396 iwn_detach(device_t dev) 1397 { 1398 struct iwn_softc *sc = device_get_softc(dev); 1399 int qid; 1400 1401 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1402 1403 if (sc->sc_ic.ic_softc != NULL) { 1404 /* Free the mbuf queue and node references */ 1405 IWN_LOCK(sc); 1406 iwn_xmit_queue_drain(sc); 1407 IWN_UNLOCK(sc); 1408 1409 iwn_stop(sc); 1410 1411 taskqueue_drain_all(sc->sc_tq); 1412 taskqueue_free(sc->sc_tq); 1413 1414 callout_drain(&sc->watchdog_to); 1415 callout_drain(&sc->scan_timeout); 1416 callout_drain(&sc->calib_to); 1417 ieee80211_ifdetach(&sc->sc_ic); 1418 } 1419 1420 /* Uninstall interrupt handler. */ 1421 if (sc->irq != NULL) { 1422 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 1423 bus_release_resource(dev, SYS_RES_IRQ, rman_get_rid(sc->irq), 1424 sc->irq); 1425 pci_release_msi(dev); 1426 } 1427 1428 /* Free DMA resources. */ 1429 iwn_free_rx_ring(sc, &sc->rxq); 1430 for (qid = 0; qid < sc->ntxqs; qid++) 1431 iwn_free_tx_ring(sc, &sc->txq[qid]); 1432 iwn_free_sched(sc); 1433 iwn_free_kw(sc); 1434 if (sc->ict != NULL) 1435 iwn_free_ict(sc); 1436 iwn_free_fwmem(sc); 1437 1438 if (sc->mem != NULL) 1439 bus_release_resource(dev, SYS_RES_MEMORY, 1440 rman_get_rid(sc->mem), sc->mem); 1441 1442 if (sc->sc_cdev) { 1443 destroy_dev(sc->sc_cdev); 1444 sc->sc_cdev = NULL; 1445 } 1446 1447 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n", __func__); 1448 IWN_LOCK_DESTROY(sc); 1449 return 0; 1450 } 1451 1452 static int 1453 iwn_shutdown(device_t dev) 1454 { 1455 struct iwn_softc *sc = device_get_softc(dev); 1456 1457 iwn_stop(sc); 1458 return 0; 1459 } 1460 1461 static int 1462 iwn_suspend(device_t dev) 1463 { 1464 struct iwn_softc *sc = device_get_softc(dev); 1465 1466 ieee80211_suspend_all(&sc->sc_ic); 1467 return 0; 1468 } 1469 1470 static int 1471 iwn_resume(device_t dev) 1472 { 1473 struct iwn_softc *sc = device_get_softc(dev); 1474 1475 /* Clear device-specific "PCI retry timeout" register (41h). */ 1476 pci_write_config(dev, 0x41, 0, 1); 1477 1478 ieee80211_resume_all(&sc->sc_ic); 1479 return 0; 1480 } 1481 1482 static int 1483 iwn_nic_lock(struct iwn_softc *sc) 1484 { 1485 int ntries; 1486 1487 /* Request exclusive access to NIC. */ 1488 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 1489 1490 /* Spin until we actually get the lock. */ 1491 for (ntries = 0; ntries < 1000; ntries++) { 1492 if ((IWN_READ(sc, IWN_GP_CNTRL) & 1493 (IWN_GP_CNTRL_MAC_ACCESS_ENA | IWN_GP_CNTRL_SLEEP)) == 1494 IWN_GP_CNTRL_MAC_ACCESS_ENA) 1495 return 0; 1496 DELAY(10); 1497 } 1498 return ETIMEDOUT; 1499 } 1500 1501 static __inline void 1502 iwn_nic_unlock(struct iwn_softc *sc) 1503 { 1504 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 1505 } 1506 1507 static __inline uint32_t 1508 iwn_prph_read(struct iwn_softc *sc, uint32_t addr) 1509 { 1510 IWN_WRITE(sc, IWN_PRPH_RADDR, IWN_PRPH_DWORD | addr); 1511 IWN_BARRIER_READ_WRITE(sc); 1512 return IWN_READ(sc, IWN_PRPH_RDATA); 1513 } 1514 1515 static __inline void 1516 iwn_prph_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 1517 { 1518 IWN_WRITE(sc, IWN_PRPH_WADDR, IWN_PRPH_DWORD | addr); 1519 IWN_BARRIER_WRITE(sc); 1520 IWN_WRITE(sc, IWN_PRPH_WDATA, data); 1521 } 1522 1523 static __inline void 1524 iwn_prph_setbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 1525 { 1526 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) | mask); 1527 } 1528 1529 static __inline void 1530 iwn_prph_clrbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 1531 { 1532 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) & ~mask); 1533 } 1534 1535 static __inline void 1536 iwn_prph_write_region_4(struct iwn_softc *sc, uint32_t addr, 1537 const uint32_t *data, int count) 1538 { 1539 for (; count > 0; count--, data++, addr += 4) 1540 iwn_prph_write(sc, addr, *data); 1541 } 1542 1543 static __inline uint32_t 1544 iwn_mem_read(struct iwn_softc *sc, uint32_t addr) 1545 { 1546 IWN_WRITE(sc, IWN_MEM_RADDR, addr); 1547 IWN_BARRIER_READ_WRITE(sc); 1548 return IWN_READ(sc, IWN_MEM_RDATA); 1549 } 1550 1551 static __inline void 1552 iwn_mem_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 1553 { 1554 IWN_WRITE(sc, IWN_MEM_WADDR, addr); 1555 IWN_BARRIER_WRITE(sc); 1556 IWN_WRITE(sc, IWN_MEM_WDATA, data); 1557 } 1558 1559 static __inline void 1560 iwn_mem_write_2(struct iwn_softc *sc, uint32_t addr, uint16_t data) 1561 { 1562 uint32_t tmp; 1563 1564 tmp = iwn_mem_read(sc, addr & ~3); 1565 if (addr & 3) 1566 tmp = (tmp & 0x0000ffff) | data << 16; 1567 else 1568 tmp = (tmp & 0xffff0000) | data; 1569 iwn_mem_write(sc, addr & ~3, tmp); 1570 } 1571 1572 static __inline void 1573 iwn_mem_read_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t *data, 1574 int count) 1575 { 1576 for (; count > 0; count--, addr += 4) 1577 *data++ = iwn_mem_read(sc, addr); 1578 } 1579 1580 static __inline void 1581 iwn_mem_set_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t val, 1582 int count) 1583 { 1584 for (; count > 0; count--, addr += 4) 1585 iwn_mem_write(sc, addr, val); 1586 } 1587 1588 static int 1589 iwn_eeprom_lock(struct iwn_softc *sc) 1590 { 1591 int i, ntries; 1592 1593 for (i = 0; i < 100; i++) { 1594 /* Request exclusive access to EEPROM. */ 1595 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 1596 IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1597 1598 /* Spin until we actually get the lock. */ 1599 for (ntries = 0; ntries < 100; ntries++) { 1600 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 1601 IWN_HW_IF_CONFIG_EEPROM_LOCKED) 1602 return 0; 1603 DELAY(10); 1604 } 1605 } 1606 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end timeout\n", __func__); 1607 return ETIMEDOUT; 1608 } 1609 1610 static __inline void 1611 iwn_eeprom_unlock(struct iwn_softc *sc) 1612 { 1613 IWN_CLRBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1614 } 1615 1616 /* 1617 * Initialize access by host to One Time Programmable ROM. 1618 * NB: This kind of ROM can be found on 1000 or 6000 Series only. 1619 */ 1620 static int 1621 iwn_init_otprom(struct iwn_softc *sc) 1622 { 1623 uint16_t prev, base, next; 1624 int count, error; 1625 1626 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1627 1628 /* Wait for clock stabilization before accessing prph. */ 1629 if ((error = iwn_clock_wait(sc)) != 0) 1630 return error; 1631 1632 if ((error = iwn_nic_lock(sc)) != 0) 1633 return error; 1634 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1635 DELAY(5); 1636 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1637 iwn_nic_unlock(sc); 1638 1639 /* Set auto clock gate disable bit for HW with OTP shadow RAM. */ 1640 if (sc->base_params->shadow_ram_support) { 1641 IWN_SETBITS(sc, IWN_DBG_LINK_PWR_MGMT, 1642 IWN_RESET_LINK_PWR_MGMT_DIS); 1643 } 1644 IWN_CLRBITS(sc, IWN_EEPROM_GP, IWN_EEPROM_GP_IF_OWNER); 1645 /* Clear ECC status. */ 1646 IWN_SETBITS(sc, IWN_OTP_GP, 1647 IWN_OTP_GP_ECC_CORR_STTS | IWN_OTP_GP_ECC_UNCORR_STTS); 1648 1649 /* 1650 * Find the block before last block (contains the EEPROM image) 1651 * for HW without OTP shadow RAM. 1652 */ 1653 if (! sc->base_params->shadow_ram_support) { 1654 /* Switch to absolute addressing mode. */ 1655 IWN_CLRBITS(sc, IWN_OTP_GP, IWN_OTP_GP_RELATIVE_ACCESS); 1656 base = prev = 0; 1657 for (count = 0; count < sc->base_params->max_ll_items; 1658 count++) { 1659 error = iwn_read_prom_data(sc, base, &next, 2); 1660 if (error != 0) 1661 return error; 1662 if (next == 0) /* End of linked-list. */ 1663 break; 1664 prev = base; 1665 base = le16toh(next); 1666 } 1667 if (count == 0 || count == sc->base_params->max_ll_items) 1668 return EIO; 1669 /* Skip "next" word. */ 1670 sc->prom_base = prev + 1; 1671 } 1672 1673 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 1674 1675 return 0; 1676 } 1677 1678 static int 1679 iwn_read_prom_data(struct iwn_softc *sc, uint32_t addr, void *data, int count) 1680 { 1681 uint8_t *out = data; 1682 uint32_t val, tmp; 1683 int ntries; 1684 1685 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1686 1687 addr += sc->prom_base; 1688 for (; count > 0; count -= 2, addr++) { 1689 IWN_WRITE(sc, IWN_EEPROM, addr << 2); 1690 for (ntries = 0; ntries < 20; ntries++) { 1691 val = IWN_READ(sc, IWN_EEPROM); 1692 if (val & IWN_EEPROM_READ_VALID) 1693 break; 1694 DELAY(5); 1695 } 1696 if (ntries == 20) { 1697 device_printf(sc->sc_dev, 1698 "timeout reading ROM at 0x%x\n", addr); 1699 return ETIMEDOUT; 1700 } 1701 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 1702 /* OTPROM, check for ECC errors. */ 1703 tmp = IWN_READ(sc, IWN_OTP_GP); 1704 if (tmp & IWN_OTP_GP_ECC_UNCORR_STTS) { 1705 device_printf(sc->sc_dev, 1706 "OTPROM ECC error at 0x%x\n", addr); 1707 return EIO; 1708 } 1709 if (tmp & IWN_OTP_GP_ECC_CORR_STTS) { 1710 /* Correctable ECC error, clear bit. */ 1711 IWN_SETBITS(sc, IWN_OTP_GP, 1712 IWN_OTP_GP_ECC_CORR_STTS); 1713 } 1714 } 1715 *out++ = val >> 16; 1716 if (count > 1) 1717 *out++ = val >> 24; 1718 } 1719 1720 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 1721 1722 return 0; 1723 } 1724 1725 static void 1726 iwn_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nsegs, int error) 1727 { 1728 if (error != 0) 1729 return; 1730 KASSERT(nsegs == 1, ("too many DMA segments, %d should be 1", nsegs)); 1731 *(bus_addr_t *)arg = segs[0].ds_addr; 1732 } 1733 1734 static int 1735 iwn_dma_contig_alloc(struct iwn_softc *sc, struct iwn_dma_info *dma, 1736 void **kvap, bus_size_t size, bus_size_t alignment) 1737 { 1738 int error; 1739 1740 dma->tag = NULL; 1741 dma->size = size; 1742 1743 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), alignment, 1744 0, BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, size, 1745 1, size, 0, NULL, NULL, &dma->tag); 1746 if (error != 0) 1747 goto fail; 1748 1749 error = bus_dmamem_alloc(dma->tag, (void **)&dma->vaddr, 1750 BUS_DMA_NOWAIT | BUS_DMA_ZERO | BUS_DMA_COHERENT, &dma->map); 1751 if (error != 0) 1752 goto fail; 1753 1754 error = bus_dmamap_load(dma->tag, dma->map, dma->vaddr, size, 1755 iwn_dma_map_addr, &dma->paddr, BUS_DMA_NOWAIT); 1756 if (error != 0) 1757 goto fail; 1758 1759 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 1760 1761 if (kvap != NULL) 1762 *kvap = dma->vaddr; 1763 1764 return 0; 1765 1766 fail: iwn_dma_contig_free(dma); 1767 return error; 1768 } 1769 1770 static void 1771 iwn_dma_contig_free(struct iwn_dma_info *dma) 1772 { 1773 if (dma->vaddr != NULL) { 1774 bus_dmamap_sync(dma->tag, dma->map, 1775 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 1776 bus_dmamap_unload(dma->tag, dma->map); 1777 bus_dmamem_free(dma->tag, dma->vaddr, dma->map); 1778 dma->vaddr = NULL; 1779 } 1780 if (dma->tag != NULL) { 1781 bus_dma_tag_destroy(dma->tag); 1782 dma->tag = NULL; 1783 } 1784 } 1785 1786 static int 1787 iwn_alloc_sched(struct iwn_softc *sc) 1788 { 1789 /* TX scheduler rings must be aligned on a 1KB boundary. */ 1790 return iwn_dma_contig_alloc(sc, &sc->sched_dma, (void **)&sc->sched, 1791 sc->schedsz, 1024); 1792 } 1793 1794 static void 1795 iwn_free_sched(struct iwn_softc *sc) 1796 { 1797 iwn_dma_contig_free(&sc->sched_dma); 1798 } 1799 1800 static int 1801 iwn_alloc_kw(struct iwn_softc *sc) 1802 { 1803 /* "Keep Warm" page must be aligned on a 4KB boundary. */ 1804 return iwn_dma_contig_alloc(sc, &sc->kw_dma, NULL, 4096, 4096); 1805 } 1806 1807 static void 1808 iwn_free_kw(struct iwn_softc *sc) 1809 { 1810 iwn_dma_contig_free(&sc->kw_dma); 1811 } 1812 1813 static int 1814 iwn_alloc_ict(struct iwn_softc *sc) 1815 { 1816 /* ICT table must be aligned on a 4KB boundary. */ 1817 return iwn_dma_contig_alloc(sc, &sc->ict_dma, (void **)&sc->ict, 1818 IWN_ICT_SIZE, 4096); 1819 } 1820 1821 static void 1822 iwn_free_ict(struct iwn_softc *sc) 1823 { 1824 iwn_dma_contig_free(&sc->ict_dma); 1825 } 1826 1827 static int 1828 iwn_alloc_fwmem(struct iwn_softc *sc) 1829 { 1830 /* Must be aligned on a 16-byte boundary. */ 1831 return iwn_dma_contig_alloc(sc, &sc->fw_dma, NULL, sc->fwsz, 16); 1832 } 1833 1834 static void 1835 iwn_free_fwmem(struct iwn_softc *sc) 1836 { 1837 iwn_dma_contig_free(&sc->fw_dma); 1838 } 1839 1840 static int 1841 iwn_alloc_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1842 { 1843 bus_size_t size; 1844 int i, error; 1845 1846 ring->cur = 0; 1847 1848 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1849 1850 /* Allocate RX descriptors (256-byte aligned). */ 1851 size = IWN_RX_RING_COUNT * sizeof (uint32_t); 1852 error = iwn_dma_contig_alloc(sc, &ring->desc_dma, (void **)&ring->desc, 1853 size, 256); 1854 if (error != 0) { 1855 device_printf(sc->sc_dev, 1856 "%s: could not allocate RX ring DMA memory, error %d\n", 1857 __func__, error); 1858 goto fail; 1859 } 1860 1861 /* Allocate RX status area (16-byte aligned). */ 1862 error = iwn_dma_contig_alloc(sc, &ring->stat_dma, (void **)&ring->stat, 1863 sizeof (struct iwn_rx_status), 16); 1864 if (error != 0) { 1865 device_printf(sc->sc_dev, 1866 "%s: could not allocate RX status DMA memory, error %d\n", 1867 __func__, error); 1868 goto fail; 1869 } 1870 1871 /* Create RX buffer DMA tag. */ 1872 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 1873 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 1874 IWN_RBUF_SIZE, 1, IWN_RBUF_SIZE, 0, NULL, NULL, &ring->data_dmat); 1875 if (error != 0) { 1876 device_printf(sc->sc_dev, 1877 "%s: could not create RX buf DMA tag, error %d\n", 1878 __func__, error); 1879 goto fail; 1880 } 1881 1882 /* 1883 * Allocate and map RX buffers. 1884 */ 1885 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1886 struct iwn_rx_data *data = &ring->data[i]; 1887 bus_addr_t paddr; 1888 1889 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 1890 if (error != 0) { 1891 device_printf(sc->sc_dev, 1892 "%s: could not create RX buf DMA map, error %d\n", 1893 __func__, error); 1894 goto fail; 1895 } 1896 1897 data->m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 1898 IWN_RBUF_SIZE); 1899 if (data->m == NULL) { 1900 device_printf(sc->sc_dev, 1901 "%s: could not allocate RX mbuf\n", __func__); 1902 error = ENOBUFS; 1903 goto fail; 1904 } 1905 1906 error = bus_dmamap_load(ring->data_dmat, data->map, 1907 mtod(data->m, void *), IWN_RBUF_SIZE, iwn_dma_map_addr, 1908 &paddr, BUS_DMA_NOWAIT); 1909 if (error != 0 && error != EFBIG) { 1910 device_printf(sc->sc_dev, 1911 "%s: can't map mbuf, error %d\n", __func__, 1912 error); 1913 goto fail; 1914 } 1915 1916 bus_dmamap_sync(ring->data_dmat, data->map, 1917 BUS_DMASYNC_PREREAD); 1918 1919 /* Set physical address of RX buffer (256-byte aligned). */ 1920 ring->desc[i] = htole32(paddr >> 8); 1921 } 1922 1923 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 1924 BUS_DMASYNC_PREWRITE); 1925 1926 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 1927 1928 return 0; 1929 1930 fail: iwn_free_rx_ring(sc, ring); 1931 1932 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end in error\n",__func__); 1933 1934 return error; 1935 } 1936 1937 static void 1938 iwn_reset_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1939 { 1940 int ntries; 1941 1942 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 1943 1944 if (iwn_nic_lock(sc) == 0) { 1945 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 1946 for (ntries = 0; ntries < 1000; ntries++) { 1947 if (IWN_READ(sc, IWN_FH_RX_STATUS) & 1948 IWN_FH_RX_STATUS_IDLE) 1949 break; 1950 DELAY(10); 1951 } 1952 iwn_nic_unlock(sc); 1953 } 1954 ring->cur = 0; 1955 sc->last_rx_valid = 0; 1956 } 1957 1958 static void 1959 iwn_free_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1960 { 1961 int i; 1962 1963 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s \n", __func__); 1964 1965 iwn_dma_contig_free(&ring->desc_dma); 1966 iwn_dma_contig_free(&ring->stat_dma); 1967 1968 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1969 struct iwn_rx_data *data = &ring->data[i]; 1970 1971 if (data->m != NULL) { 1972 bus_dmamap_sync(ring->data_dmat, data->map, 1973 BUS_DMASYNC_POSTREAD); 1974 bus_dmamap_unload(ring->data_dmat, data->map); 1975 m_freem(data->m); 1976 data->m = NULL; 1977 } 1978 if (data->map != NULL) 1979 bus_dmamap_destroy(ring->data_dmat, data->map); 1980 } 1981 if (ring->data_dmat != NULL) { 1982 bus_dma_tag_destroy(ring->data_dmat); 1983 ring->data_dmat = NULL; 1984 } 1985 } 1986 1987 static int 1988 iwn_alloc_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring, int qid) 1989 { 1990 bus_addr_t paddr; 1991 bus_size_t size; 1992 int i, error; 1993 1994 ring->qid = qid; 1995 ring->queued = 0; 1996 ring->cur = 0; 1997 1998 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1999 2000 /* Allocate TX descriptors (256-byte aligned). */ 2001 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_desc); 2002 error = iwn_dma_contig_alloc(sc, &ring->desc_dma, (void **)&ring->desc, 2003 size, 256); 2004 if (error != 0) { 2005 device_printf(sc->sc_dev, 2006 "%s: could not allocate TX ring DMA memory, error %d\n", 2007 __func__, error); 2008 goto fail; 2009 } 2010 2011 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_cmd); 2012 error = iwn_dma_contig_alloc(sc, &ring->cmd_dma, (void **)&ring->cmd, 2013 size, 4); 2014 if (error != 0) { 2015 device_printf(sc->sc_dev, 2016 "%s: could not allocate TX cmd DMA memory, error %d\n", 2017 __func__, error); 2018 goto fail; 2019 } 2020 2021 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 2022 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 2023 IWN_MAX_SCATTER - 1, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 2024 if (error != 0) { 2025 device_printf(sc->sc_dev, 2026 "%s: could not create TX buf DMA tag, error %d\n", 2027 __func__, error); 2028 goto fail; 2029 } 2030 2031 paddr = ring->cmd_dma.paddr; 2032 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 2033 struct iwn_tx_data *data = &ring->data[i]; 2034 2035 data->cmd_paddr = paddr; 2036 data->scratch_paddr = paddr + 12; 2037 paddr += sizeof (struct iwn_tx_cmd); 2038 2039 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 2040 if (error != 0) { 2041 device_printf(sc->sc_dev, 2042 "%s: could not create TX buf DMA map, error %d\n", 2043 __func__, error); 2044 goto fail; 2045 } 2046 } 2047 2048 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2049 2050 return 0; 2051 2052 fail: iwn_free_tx_ring(sc, ring); 2053 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end in error\n", __func__); 2054 return error; 2055 } 2056 2057 static void 2058 iwn_reset_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 2059 { 2060 int i; 2061 2062 DPRINTF(sc, IWN_DEBUG_TRACE, "->doing %s \n", __func__); 2063 2064 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 2065 struct iwn_tx_data *data = &ring->data[i]; 2066 2067 if (data->m != NULL) { 2068 bus_dmamap_sync(ring->data_dmat, data->map, 2069 BUS_DMASYNC_POSTWRITE); 2070 bus_dmamap_unload(ring->data_dmat, data->map); 2071 m_freem(data->m); 2072 data->m = NULL; 2073 } 2074 if (data->ni != NULL) { 2075 ieee80211_free_node(data->ni); 2076 data->ni = NULL; 2077 } 2078 data->remapped = 0; 2079 data->long_retries = 0; 2080 } 2081 /* Clear TX descriptors. */ 2082 memset(ring->desc, 0, ring->desc_dma.size); 2083 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 2084 BUS_DMASYNC_PREWRITE); 2085 sc->qfullmsk &= ~(1 << ring->qid); 2086 ring->queued = 0; 2087 ring->cur = 0; 2088 } 2089 2090 static void 2091 iwn_free_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 2092 { 2093 int i; 2094 2095 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s \n", __func__); 2096 2097 iwn_dma_contig_free(&ring->desc_dma); 2098 iwn_dma_contig_free(&ring->cmd_dma); 2099 2100 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 2101 struct iwn_tx_data *data = &ring->data[i]; 2102 2103 if (data->m != NULL) { 2104 bus_dmamap_sync(ring->data_dmat, data->map, 2105 BUS_DMASYNC_POSTWRITE); 2106 bus_dmamap_unload(ring->data_dmat, data->map); 2107 m_freem(data->m); 2108 } 2109 if (data->map != NULL) 2110 bus_dmamap_destroy(ring->data_dmat, data->map); 2111 } 2112 if (ring->data_dmat != NULL) { 2113 bus_dma_tag_destroy(ring->data_dmat); 2114 ring->data_dmat = NULL; 2115 } 2116 } 2117 2118 static void 2119 iwn_check_tx_ring(struct iwn_softc *sc, int qid) 2120 { 2121 struct iwn_tx_ring *ring = &sc->txq[qid]; 2122 2123 KASSERT(ring->queued >= 0, ("%s: ring->queued (%d) for queue %d < 0!", 2124 __func__, ring->queued, qid)); 2125 2126 if (qid >= sc->firstaggqueue) { 2127 struct iwn_ops *ops = &sc->ops; 2128 struct ieee80211_tx_ampdu *tap = sc->qid2tap[qid]; 2129 2130 if (ring->queued == 0 && !IEEE80211_AMPDU_RUNNING(tap)) { 2131 uint16_t ssn = tap->txa_start & 0xfff; 2132 uint8_t tid = tap->txa_tid; 2133 int *res = tap->txa_private; 2134 2135 iwn_nic_lock(sc); 2136 ops->ampdu_tx_stop(sc, qid, tid, ssn); 2137 iwn_nic_unlock(sc); 2138 2139 sc->qid2tap[qid] = NULL; 2140 free(res, M_DEVBUF); 2141 } 2142 } 2143 2144 if (ring->queued < IWN_TX_RING_LOMARK) { 2145 sc->qfullmsk &= ~(1 << qid); 2146 2147 if (ring->queued == 0) 2148 sc->sc_tx_timer = 0; 2149 else 2150 sc->sc_tx_timer = 5; 2151 } 2152 } 2153 2154 static void 2155 iwn5000_ict_reset(struct iwn_softc *sc) 2156 { 2157 /* Disable interrupts. */ 2158 IWN_WRITE(sc, IWN_INT_MASK, 0); 2159 2160 /* Reset ICT table. */ 2161 memset(sc->ict, 0, IWN_ICT_SIZE); 2162 sc->ict_cur = 0; 2163 2164 bus_dmamap_sync(sc->ict_dma.tag, sc->ict_dma.map, 2165 BUS_DMASYNC_PREWRITE); 2166 2167 /* Set physical address of ICT table (4KB aligned). */ 2168 DPRINTF(sc, IWN_DEBUG_RESET, "%s: enabling ICT\n", __func__); 2169 IWN_WRITE(sc, IWN_DRAM_INT_TBL, IWN_DRAM_INT_TBL_ENABLE | 2170 IWN_DRAM_INT_TBL_WRAP_CHECK | sc->ict_dma.paddr >> 12); 2171 2172 /* Enable periodic RX interrupt. */ 2173 sc->int_mask |= IWN_INT_RX_PERIODIC; 2174 /* Switch to ICT interrupt mode in driver. */ 2175 sc->sc_flags |= IWN_FLAG_USE_ICT; 2176 2177 /* Re-enable interrupts. */ 2178 IWN_WRITE(sc, IWN_INT, 0xffffffff); 2179 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 2180 } 2181 2182 static int 2183 iwn_read_eeprom(struct iwn_softc *sc, uint8_t macaddr[IEEE80211_ADDR_LEN]) 2184 { 2185 struct iwn_ops *ops = &sc->ops; 2186 uint16_t val; 2187 int error; 2188 2189 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2190 2191 /* Check whether adapter has an EEPROM or an OTPROM. */ 2192 if (sc->hw_type >= IWN_HW_REV_TYPE_1000 && 2193 (IWN_READ(sc, IWN_OTP_GP) & IWN_OTP_GP_DEV_SEL_OTP)) 2194 sc->sc_flags |= IWN_FLAG_HAS_OTPROM; 2195 DPRINTF(sc, IWN_DEBUG_RESET, "%s found\n", 2196 (sc->sc_flags & IWN_FLAG_HAS_OTPROM) ? "OTPROM" : "EEPROM"); 2197 2198 /* Adapter has to be powered on for EEPROM access to work. */ 2199 if ((error = iwn_apm_init(sc)) != 0) { 2200 device_printf(sc->sc_dev, 2201 "%s: could not power ON adapter, error %d\n", __func__, 2202 error); 2203 return error; 2204 } 2205 2206 if ((IWN_READ(sc, IWN_EEPROM_GP) & 0x7) == 0) { 2207 device_printf(sc->sc_dev, "%s: bad ROM signature\n", __func__); 2208 return EIO; 2209 } 2210 if ((error = iwn_eeprom_lock(sc)) != 0) { 2211 device_printf(sc->sc_dev, "%s: could not lock ROM, error %d\n", 2212 __func__, error); 2213 return error; 2214 } 2215 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 2216 if ((error = iwn_init_otprom(sc)) != 0) { 2217 device_printf(sc->sc_dev, 2218 "%s: could not initialize OTPROM, error %d\n", 2219 __func__, error); 2220 return error; 2221 } 2222 } 2223 2224 iwn_read_prom_data(sc, IWN_EEPROM_SKU_CAP, &val, 2); 2225 DPRINTF(sc, IWN_DEBUG_RESET, "SKU capabilities=0x%04x\n", le16toh(val)); 2226 /* Check if HT support is bonded out. */ 2227 if (val & htole16(IWN_EEPROM_SKU_CAP_11N)) 2228 sc->sc_flags |= IWN_FLAG_HAS_11N; 2229 2230 iwn_read_prom_data(sc, IWN_EEPROM_RFCFG, &val, 2); 2231 sc->rfcfg = le16toh(val); 2232 DPRINTF(sc, IWN_DEBUG_RESET, "radio config=0x%04x\n", sc->rfcfg); 2233 /* Read Tx/Rx chains from ROM unless it's known to be broken. */ 2234 if (sc->txchainmask == 0) 2235 sc->txchainmask = IWN_RFCFG_TXANTMSK(sc->rfcfg); 2236 if (sc->rxchainmask == 0) 2237 sc->rxchainmask = IWN_RFCFG_RXANTMSK(sc->rfcfg); 2238 2239 /* Read MAC address. */ 2240 iwn_read_prom_data(sc, IWN_EEPROM_MAC, macaddr, 6); 2241 2242 /* Read adapter-specific information from EEPROM. */ 2243 ops->read_eeprom(sc); 2244 2245 iwn_apm_stop(sc); /* Power OFF adapter. */ 2246 2247 iwn_eeprom_unlock(sc); 2248 2249 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2250 2251 return 0; 2252 } 2253 2254 static void 2255 iwn4965_read_eeprom(struct iwn_softc *sc) 2256 { 2257 uint32_t addr; 2258 uint16_t val; 2259 int i; 2260 2261 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2262 2263 /* Read regulatory domain (4 ASCII characters). */ 2264 iwn_read_prom_data(sc, IWN4965_EEPROM_DOMAIN, sc->eeprom_domain, 4); 2265 2266 /* Read the list of authorized channels (20MHz & 40MHz). */ 2267 for (i = 0; i < IWN_NBANDS - 1; i++) { 2268 addr = iwn4965_regulatory_bands[i]; 2269 iwn_read_eeprom_channels(sc, i, addr); 2270 } 2271 2272 /* Read maximum allowed TX power for 2GHz and 5GHz bands. */ 2273 iwn_read_prom_data(sc, IWN4965_EEPROM_MAXPOW, &val, 2); 2274 sc->maxpwr2GHz = val & 0xff; 2275 sc->maxpwr5GHz = val >> 8; 2276 /* Check that EEPROM values are within valid range. */ 2277 if (sc->maxpwr5GHz < 20 || sc->maxpwr5GHz > 50) 2278 sc->maxpwr5GHz = 38; 2279 if (sc->maxpwr2GHz < 20 || sc->maxpwr2GHz > 50) 2280 sc->maxpwr2GHz = 38; 2281 DPRINTF(sc, IWN_DEBUG_RESET, "maxpwr 2GHz=%d 5GHz=%d\n", 2282 sc->maxpwr2GHz, sc->maxpwr5GHz); 2283 2284 /* Read samples for each TX power group. */ 2285 iwn_read_prom_data(sc, IWN4965_EEPROM_BANDS, sc->bands, 2286 sizeof sc->bands); 2287 2288 /* Read voltage at which samples were taken. */ 2289 iwn_read_prom_data(sc, IWN4965_EEPROM_VOLTAGE, &val, 2); 2290 sc->eeprom_voltage = (int16_t)le16toh(val); 2291 DPRINTF(sc, IWN_DEBUG_RESET, "voltage=%d (in 0.3V)\n", 2292 sc->eeprom_voltage); 2293 2294 #ifdef IWN_DEBUG 2295 /* Print samples. */ 2296 if (sc->sc_debug & IWN_DEBUG_ANY) { 2297 for (i = 0; i < IWN_NBANDS - 1; i++) 2298 iwn4965_print_power_group(sc, i); 2299 } 2300 #endif 2301 2302 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2303 } 2304 2305 #ifdef IWN_DEBUG 2306 static void 2307 iwn4965_print_power_group(struct iwn_softc *sc, int i) 2308 { 2309 struct iwn4965_eeprom_band *band = &sc->bands[i]; 2310 struct iwn4965_eeprom_chan_samples *chans = band->chans; 2311 int j, c; 2312 2313 printf("===band %d===\n", i); 2314 printf("chan lo=%d, chan hi=%d\n", band->lo, band->hi); 2315 printf("chan1 num=%d\n", chans[0].num); 2316 for (c = 0; c < 2; c++) { 2317 for (j = 0; j < IWN_NSAMPLES; j++) { 2318 printf("chain %d, sample %d: temp=%d gain=%d " 2319 "power=%d pa_det=%d\n", c, j, 2320 chans[0].samples[c][j].temp, 2321 chans[0].samples[c][j].gain, 2322 chans[0].samples[c][j].power, 2323 chans[0].samples[c][j].pa_det); 2324 } 2325 } 2326 printf("chan2 num=%d\n", chans[1].num); 2327 for (c = 0; c < 2; c++) { 2328 for (j = 0; j < IWN_NSAMPLES; j++) { 2329 printf("chain %d, sample %d: temp=%d gain=%d " 2330 "power=%d pa_det=%d\n", c, j, 2331 chans[1].samples[c][j].temp, 2332 chans[1].samples[c][j].gain, 2333 chans[1].samples[c][j].power, 2334 chans[1].samples[c][j].pa_det); 2335 } 2336 } 2337 } 2338 #endif 2339 2340 static void 2341 iwn5000_read_eeprom(struct iwn_softc *sc) 2342 { 2343 struct iwn5000_eeprom_calib_hdr hdr; 2344 int32_t volt; 2345 uint32_t base, addr; 2346 uint16_t val; 2347 int i; 2348 2349 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2350 2351 /* Read regulatory domain (4 ASCII characters). */ 2352 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 2353 base = le16toh(val); 2354 iwn_read_prom_data(sc, base + IWN5000_EEPROM_DOMAIN, 2355 sc->eeprom_domain, 4); 2356 2357 /* Read the list of authorized channels (20MHz & 40MHz). */ 2358 for (i = 0; i < IWN_NBANDS - 1; i++) { 2359 addr = base + sc->base_params->regulatory_bands[i]; 2360 iwn_read_eeprom_channels(sc, i, addr); 2361 } 2362 2363 /* Read enhanced TX power information for 6000 Series. */ 2364 if (sc->base_params->enhanced_TX_power) 2365 iwn_read_eeprom_enhinfo(sc); 2366 2367 iwn_read_prom_data(sc, IWN5000_EEPROM_CAL, &val, 2); 2368 base = le16toh(val); 2369 iwn_read_prom_data(sc, base, &hdr, sizeof hdr); 2370 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 2371 "%s: calib version=%u pa type=%u voltage=%u\n", __func__, 2372 hdr.version, hdr.pa_type, le16toh(hdr.volt)); 2373 sc->calib_ver = hdr.version; 2374 2375 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2) { 2376 sc->eeprom_voltage = le16toh(hdr.volt); 2377 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 2378 sc->eeprom_temp_high=le16toh(val); 2379 iwn_read_prom_data(sc, base + IWN5000_EEPROM_VOLT, &val, 2); 2380 sc->eeprom_temp = le16toh(val); 2381 } 2382 2383 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 2384 /* Compute temperature offset. */ 2385 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 2386 sc->eeprom_temp = le16toh(val); 2387 iwn_read_prom_data(sc, base + IWN5000_EEPROM_VOLT, &val, 2); 2388 volt = le16toh(val); 2389 sc->temp_off = sc->eeprom_temp - (volt / -5); 2390 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "temp=%d volt=%d offset=%dK\n", 2391 sc->eeprom_temp, volt, sc->temp_off); 2392 } else { 2393 /* Read crystal calibration. */ 2394 iwn_read_prom_data(sc, base + IWN5000_EEPROM_CRYSTAL, 2395 &sc->eeprom_crystal, sizeof (uint32_t)); 2396 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "crystal calibration 0x%08x\n", 2397 le32toh(sc->eeprom_crystal)); 2398 } 2399 2400 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2401 2402 } 2403 2404 /* 2405 * Translate EEPROM flags to net80211. 2406 */ 2407 static uint32_t 2408 iwn_eeprom_channel_flags(struct iwn_eeprom_chan *channel) 2409 { 2410 uint32_t nflags; 2411 2412 nflags = 0; 2413 if ((channel->flags & IWN_EEPROM_CHAN_ACTIVE) == 0) 2414 nflags |= IEEE80211_CHAN_PASSIVE; 2415 if ((channel->flags & IWN_EEPROM_CHAN_IBSS) == 0) 2416 nflags |= IEEE80211_CHAN_NOADHOC; 2417 if (channel->flags & IWN_EEPROM_CHAN_RADAR) { 2418 nflags |= IEEE80211_CHAN_DFS; 2419 /* XXX apparently IBSS may still be marked */ 2420 nflags |= IEEE80211_CHAN_NOADHOC; 2421 } 2422 2423 return nflags; 2424 } 2425 2426 static void 2427 iwn_read_eeprom_band(struct iwn_softc *sc, int n, int maxchans, int *nchans, 2428 struct ieee80211_channel chans[]) 2429 { 2430 struct iwn_eeprom_chan *channels = sc->eeprom_channels[n]; 2431 const struct iwn_chan_band *band = &iwn_bands[n]; 2432 uint8_t bands[IEEE80211_MODE_BYTES]; 2433 uint8_t chan; 2434 int i, error, nflags; 2435 2436 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2437 2438 memset(bands, 0, sizeof(bands)); 2439 if (n == 0) { 2440 setbit(bands, IEEE80211_MODE_11B); 2441 setbit(bands, IEEE80211_MODE_11G); 2442 if (sc->sc_flags & IWN_FLAG_HAS_11N) 2443 setbit(bands, IEEE80211_MODE_11NG); 2444 } else { 2445 setbit(bands, IEEE80211_MODE_11A); 2446 if (sc->sc_flags & IWN_FLAG_HAS_11N) 2447 setbit(bands, IEEE80211_MODE_11NA); 2448 } 2449 2450 for (i = 0; i < band->nchan; i++) { 2451 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) { 2452 DPRINTF(sc, IWN_DEBUG_RESET, 2453 "skip chan %d flags 0x%x maxpwr %d\n", 2454 band->chan[i], channels[i].flags, 2455 channels[i].maxpwr); 2456 continue; 2457 } 2458 2459 chan = band->chan[i]; 2460 nflags = iwn_eeprom_channel_flags(&channels[i]); 2461 error = ieee80211_add_channel(chans, maxchans, nchans, 2462 chan, 0, channels[i].maxpwr, nflags, bands); 2463 if (error != 0) 2464 break; 2465 2466 /* Save maximum allowed TX power for this channel. */ 2467 /* XXX wrong */ 2468 sc->maxpwr[chan] = channels[i].maxpwr; 2469 2470 DPRINTF(sc, IWN_DEBUG_RESET, 2471 "add chan %d flags 0x%x maxpwr %d\n", chan, 2472 channels[i].flags, channels[i].maxpwr); 2473 } 2474 2475 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2476 2477 } 2478 2479 static void 2480 iwn_read_eeprom_ht40(struct iwn_softc *sc, int n, int maxchans, int *nchans, 2481 struct ieee80211_channel chans[]) 2482 { 2483 struct iwn_eeprom_chan *channels = sc->eeprom_channels[n]; 2484 const struct iwn_chan_band *band = &iwn_bands[n]; 2485 uint8_t chan; 2486 int i, error, nflags; 2487 2488 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s start\n", __func__); 2489 2490 if (!(sc->sc_flags & IWN_FLAG_HAS_11N)) { 2491 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end no 11n\n", __func__); 2492 return; 2493 } 2494 2495 for (i = 0; i < band->nchan; i++) { 2496 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) { 2497 DPRINTF(sc, IWN_DEBUG_RESET, 2498 "skip chan %d flags 0x%x maxpwr %d\n", 2499 band->chan[i], channels[i].flags, 2500 channels[i].maxpwr); 2501 continue; 2502 } 2503 2504 chan = band->chan[i]; 2505 nflags = iwn_eeprom_channel_flags(&channels[i]); 2506 nflags |= (n == 5 ? IEEE80211_CHAN_G : IEEE80211_CHAN_A); 2507 error = ieee80211_add_channel_ht40(chans, maxchans, nchans, 2508 chan, channels[i].maxpwr, nflags); 2509 switch (error) { 2510 case EINVAL: 2511 device_printf(sc->sc_dev, 2512 "%s: no entry for channel %d\n", __func__, chan); 2513 continue; 2514 case ENOENT: 2515 DPRINTF(sc, IWN_DEBUG_RESET, 2516 "%s: skip chan %d, extension channel not found\n", 2517 __func__, chan); 2518 continue; 2519 case ENOBUFS: 2520 device_printf(sc->sc_dev, 2521 "%s: channel table is full!\n", __func__); 2522 break; 2523 case 0: 2524 DPRINTF(sc, IWN_DEBUG_RESET, 2525 "add ht40 chan %d flags 0x%x maxpwr %d\n", 2526 chan, channels[i].flags, channels[i].maxpwr); 2527 /* FALLTHROUGH */ 2528 default: 2529 break; 2530 } 2531 } 2532 2533 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2534 2535 } 2536 2537 static void 2538 iwn_read_eeprom_channels(struct iwn_softc *sc, int n, uint32_t addr) 2539 { 2540 struct ieee80211com *ic = &sc->sc_ic; 2541 2542 iwn_read_prom_data(sc, addr, &sc->eeprom_channels[n], 2543 iwn_bands[n].nchan * sizeof (struct iwn_eeprom_chan)); 2544 2545 if (n < 5) { 2546 iwn_read_eeprom_band(sc, n, IEEE80211_CHAN_MAX, &ic->ic_nchans, 2547 ic->ic_channels); 2548 } else { 2549 iwn_read_eeprom_ht40(sc, n, IEEE80211_CHAN_MAX, &ic->ic_nchans, 2550 ic->ic_channels); 2551 } 2552 ieee80211_sort_channels(ic->ic_channels, ic->ic_nchans); 2553 } 2554 2555 static struct iwn_eeprom_chan * 2556 iwn_find_eeprom_channel(struct iwn_softc *sc, struct ieee80211_channel *c) 2557 { 2558 int band, chan, i, j; 2559 2560 if (IEEE80211_IS_CHAN_HT40(c)) { 2561 band = IEEE80211_IS_CHAN_5GHZ(c) ? 6 : 5; 2562 if (IEEE80211_IS_CHAN_HT40D(c)) 2563 chan = c->ic_extieee; 2564 else 2565 chan = c->ic_ieee; 2566 for (i = 0; i < iwn_bands[band].nchan; i++) { 2567 if (iwn_bands[band].chan[i] == chan) 2568 return &sc->eeprom_channels[band][i]; 2569 } 2570 } else { 2571 for (j = 0; j < 5; j++) { 2572 for (i = 0; i < iwn_bands[j].nchan; i++) { 2573 if (iwn_bands[j].chan[i] == c->ic_ieee && 2574 ((j == 0) ^ IEEE80211_IS_CHAN_A(c)) == 1) 2575 return &sc->eeprom_channels[j][i]; 2576 } 2577 } 2578 } 2579 return NULL; 2580 } 2581 2582 static void 2583 iwn_getradiocaps(struct ieee80211com *ic, 2584 int maxchans, int *nchans, struct ieee80211_channel chans[]) 2585 { 2586 struct iwn_softc *sc = ic->ic_softc; 2587 int i; 2588 2589 /* Parse the list of authorized channels. */ 2590 for (i = 0; i < 5 && *nchans < maxchans; i++) 2591 iwn_read_eeprom_band(sc, i, maxchans, nchans, chans); 2592 for (i = 5; i < IWN_NBANDS - 1 && *nchans < maxchans; i++) 2593 iwn_read_eeprom_ht40(sc, i, maxchans, nchans, chans); 2594 } 2595 2596 /* 2597 * Enforce flags read from EEPROM. 2598 */ 2599 static int 2600 iwn_setregdomain(struct ieee80211com *ic, struct ieee80211_regdomain *rd, 2601 int nchan, struct ieee80211_channel chans[]) 2602 { 2603 struct iwn_softc *sc = ic->ic_softc; 2604 int i; 2605 2606 for (i = 0; i < nchan; i++) { 2607 struct ieee80211_channel *c = &chans[i]; 2608 struct iwn_eeprom_chan *channel; 2609 2610 channel = iwn_find_eeprom_channel(sc, c); 2611 if (channel == NULL) { 2612 ic_printf(ic, "%s: invalid channel %u freq %u/0x%x\n", 2613 __func__, c->ic_ieee, c->ic_freq, c->ic_flags); 2614 return EINVAL; 2615 } 2616 c->ic_flags |= iwn_eeprom_channel_flags(channel); 2617 } 2618 2619 return 0; 2620 } 2621 2622 static void 2623 iwn_read_eeprom_enhinfo(struct iwn_softc *sc) 2624 { 2625 struct iwn_eeprom_enhinfo enhinfo[35]; 2626 struct ieee80211com *ic = &sc->sc_ic; 2627 struct ieee80211_channel *c; 2628 uint16_t val, base; 2629 int8_t maxpwr; 2630 uint8_t flags; 2631 int i, j; 2632 2633 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2634 2635 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 2636 base = le16toh(val); 2637 iwn_read_prom_data(sc, base + IWN6000_EEPROM_ENHINFO, 2638 enhinfo, sizeof enhinfo); 2639 2640 for (i = 0; i < nitems(enhinfo); i++) { 2641 flags = enhinfo[i].flags; 2642 if (!(flags & IWN_ENHINFO_VALID)) 2643 continue; /* Skip invalid entries. */ 2644 2645 maxpwr = 0; 2646 if (sc->txchainmask & IWN_ANT_A) 2647 maxpwr = MAX(maxpwr, enhinfo[i].chain[0]); 2648 if (sc->txchainmask & IWN_ANT_B) 2649 maxpwr = MAX(maxpwr, enhinfo[i].chain[1]); 2650 if (sc->txchainmask & IWN_ANT_C) 2651 maxpwr = MAX(maxpwr, enhinfo[i].chain[2]); 2652 if (sc->ntxchains == 2) 2653 maxpwr = MAX(maxpwr, enhinfo[i].mimo2); 2654 else if (sc->ntxchains == 3) 2655 maxpwr = MAX(maxpwr, enhinfo[i].mimo3); 2656 2657 for (j = 0; j < ic->ic_nchans; j++) { 2658 c = &ic->ic_channels[j]; 2659 if ((flags & IWN_ENHINFO_5GHZ)) { 2660 if (!IEEE80211_IS_CHAN_A(c)) 2661 continue; 2662 } else if ((flags & IWN_ENHINFO_OFDM)) { 2663 if (!IEEE80211_IS_CHAN_G(c)) 2664 continue; 2665 } else if (!IEEE80211_IS_CHAN_B(c)) 2666 continue; 2667 if ((flags & IWN_ENHINFO_HT40)) { 2668 if (!IEEE80211_IS_CHAN_HT40(c)) 2669 continue; 2670 } else { 2671 if (IEEE80211_IS_CHAN_HT40(c)) 2672 continue; 2673 } 2674 if (enhinfo[i].chan != 0 && 2675 enhinfo[i].chan != c->ic_ieee) 2676 continue; 2677 2678 DPRINTF(sc, IWN_DEBUG_RESET, 2679 "channel %d(%x), maxpwr %d\n", c->ic_ieee, 2680 c->ic_flags, maxpwr / 2); 2681 c->ic_maxregpower = maxpwr / 2; 2682 c->ic_maxpower = maxpwr; 2683 } 2684 } 2685 2686 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2687 2688 } 2689 2690 static struct ieee80211_node * 2691 iwn_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 2692 { 2693 struct iwn_node *wn; 2694 2695 wn = malloc(sizeof (struct iwn_node), M_80211_NODE, M_NOWAIT | M_ZERO); 2696 if (wn == NULL) 2697 return (NULL); 2698 2699 wn->id = IWN_ID_UNDEFINED; 2700 2701 return (&wn->ni); 2702 } 2703 2704 static __inline int 2705 rate2plcp(int rate) 2706 { 2707 switch (rate & 0xff) { 2708 case 12: return 0xd; 2709 case 18: return 0xf; 2710 case 24: return 0x5; 2711 case 36: return 0x7; 2712 case 48: return 0x9; 2713 case 72: return 0xb; 2714 case 96: return 0x1; 2715 case 108: return 0x3; 2716 case 2: return 10; 2717 case 4: return 20; 2718 case 11: return 55; 2719 case 22: return 110; 2720 } 2721 return 0; 2722 } 2723 2724 static __inline uint8_t 2725 plcp2rate(const uint8_t rate_plcp) 2726 { 2727 switch (rate_plcp) { 2728 case 0xd: return 12; 2729 case 0xf: return 18; 2730 case 0x5: return 24; 2731 case 0x7: return 36; 2732 case 0x9: return 48; 2733 case 0xb: return 72; 2734 case 0x1: return 96; 2735 case 0x3: return 108; 2736 case 10: return 2; 2737 case 20: return 4; 2738 case 55: return 11; 2739 case 110: return 22; 2740 default: return 0; 2741 } 2742 } 2743 2744 static int 2745 iwn_get_1stream_tx_antmask(struct iwn_softc *sc) 2746 { 2747 2748 return IWN_LSB(sc->txchainmask); 2749 } 2750 2751 static int 2752 iwn_get_2stream_tx_antmask(struct iwn_softc *sc) 2753 { 2754 int tx; 2755 2756 /* 2757 * The '2 stream' setup is a bit .. odd. 2758 * 2759 * For NICs that support only 1 antenna, default to IWN_ANT_AB or 2760 * the firmware panics (eg Intel 5100.) 2761 * 2762 * For NICs that support two antennas, we use ANT_AB. 2763 * 2764 * For NICs that support three antennas, we use the two that 2765 * wasn't the default one. 2766 * 2767 * XXX TODO: if bluetooth (full concurrent) is enabled, restrict 2768 * this to only one antenna. 2769 */ 2770 2771 /* Default - transmit on the other antennas */ 2772 tx = (sc->txchainmask & ~IWN_LSB(sc->txchainmask)); 2773 2774 /* Now, if it's zero, set it to IWN_ANT_AB, so to not panic firmware */ 2775 if (tx == 0) 2776 tx = IWN_ANT_AB; 2777 2778 /* 2779 * If the NIC is a two-stream TX NIC, configure the TX mask to 2780 * the default chainmask 2781 */ 2782 else if (sc->ntxchains == 2) 2783 tx = sc->txchainmask; 2784 2785 return (tx); 2786 } 2787 2788 2789 2790 /* 2791 * Calculate the required PLCP value from the given rate, 2792 * to the given node. 2793 * 2794 * This will take the node configuration (eg 11n, rate table 2795 * setup, etc) into consideration. 2796 */ 2797 static uint32_t 2798 iwn_rate_to_plcp(struct iwn_softc *sc, struct ieee80211_node *ni, 2799 uint8_t rate) 2800 { 2801 struct ieee80211com *ic = ni->ni_ic; 2802 uint32_t plcp = 0; 2803 int ridx; 2804 2805 /* 2806 * If it's an MCS rate, let's set the plcp correctly 2807 * and set the relevant flags based on the node config. 2808 */ 2809 if (rate & IEEE80211_RATE_MCS) { 2810 /* 2811 * Set the initial PLCP value to be between 0->31 for 2812 * MCS 0 -> MCS 31, then set the "I'm an MCS rate!" 2813 * flag. 2814 */ 2815 plcp = IEEE80211_RV(rate) | IWN_RFLAG_MCS; 2816 2817 /* 2818 * XXX the following should only occur if both 2819 * the local configuration _and_ the remote node 2820 * advertise these capabilities. Thus this code 2821 * may need fixing! 2822 */ 2823 2824 /* 2825 * Set the channel width and guard interval. 2826 */ 2827 if (IEEE80211_IS_CHAN_HT40(ni->ni_chan)) { 2828 plcp |= IWN_RFLAG_HT40; 2829 if (ni->ni_htcap & IEEE80211_HTCAP_SHORTGI40) 2830 plcp |= IWN_RFLAG_SGI; 2831 } else if (ni->ni_htcap & IEEE80211_HTCAP_SHORTGI20) { 2832 plcp |= IWN_RFLAG_SGI; 2833 } 2834 2835 /* 2836 * Ensure the selected rate matches the link quality 2837 * table entries being used. 2838 */ 2839 if (rate > 0x8f) 2840 plcp |= IWN_RFLAG_ANT(sc->txchainmask); 2841 else if (rate > 0x87) 2842 plcp |= IWN_RFLAG_ANT(iwn_get_2stream_tx_antmask(sc)); 2843 else 2844 plcp |= IWN_RFLAG_ANT(iwn_get_1stream_tx_antmask(sc)); 2845 } else { 2846 /* 2847 * Set the initial PLCP - fine for both 2848 * OFDM and CCK rates. 2849 */ 2850 plcp = rate2plcp(rate); 2851 2852 /* Set CCK flag if it's CCK */ 2853 2854 /* XXX It would be nice to have a method 2855 * to map the ridx -> phy table entry 2856 * so we could just query that, rather than 2857 * this hack to check against IWN_RIDX_OFDM6. 2858 */ 2859 ridx = ieee80211_legacy_rate_lookup(ic->ic_rt, 2860 rate & IEEE80211_RATE_VAL); 2861 if (ridx < IWN_RIDX_OFDM6 && 2862 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2863 plcp |= IWN_RFLAG_CCK; 2864 2865 /* Set antenna configuration */ 2866 /* XXX TODO: is this the right antenna to use for legacy? */ 2867 plcp |= IWN_RFLAG_ANT(iwn_get_1stream_tx_antmask(sc)); 2868 } 2869 2870 DPRINTF(sc, IWN_DEBUG_TXRATE, "%s: rate=0x%02x, plcp=0x%08x\n", 2871 __func__, 2872 rate, 2873 plcp); 2874 2875 return (htole32(plcp)); 2876 } 2877 2878 static void 2879 iwn_newassoc(struct ieee80211_node *ni, int isnew) 2880 { 2881 /* Doesn't do anything at the moment */ 2882 } 2883 2884 static int 2885 iwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2886 { 2887 struct iwn_vap *ivp = IWN_VAP(vap); 2888 struct ieee80211com *ic = vap->iv_ic; 2889 struct iwn_softc *sc = ic->ic_softc; 2890 int error = 0; 2891 2892 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2893 2894 DPRINTF(sc, IWN_DEBUG_STATE, "%s: %s -> %s\n", __func__, 2895 ieee80211_state_name[vap->iv_state], ieee80211_state_name[nstate]); 2896 2897 IEEE80211_UNLOCK(ic); 2898 IWN_LOCK(sc); 2899 callout_stop(&sc->calib_to); 2900 2901 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 2902 2903 switch (nstate) { 2904 case IEEE80211_S_ASSOC: 2905 if (vap->iv_state != IEEE80211_S_RUN) 2906 break; 2907 /* FALLTHROUGH */ 2908 case IEEE80211_S_AUTH: 2909 if (vap->iv_state == IEEE80211_S_AUTH) 2910 break; 2911 2912 /* 2913 * !AUTH -> AUTH transition requires state reset to handle 2914 * reassociations correctly. 2915 */ 2916 sc->rxon->associd = 0; 2917 sc->rxon->filter &= ~htole32(IWN_FILTER_BSS); 2918 sc->calib.state = IWN_CALIB_STATE_INIT; 2919 2920 /* Wait until we hear a beacon before we transmit */ 2921 if (IEEE80211_IS_CHAN_PASSIVE(ic->ic_curchan)) 2922 sc->sc_beacon_wait = 1; 2923 2924 if ((error = iwn_auth(sc, vap)) != 0) { 2925 device_printf(sc->sc_dev, 2926 "%s: could not move to auth state\n", __func__); 2927 } 2928 break; 2929 2930 case IEEE80211_S_RUN: 2931 /* 2932 * RUN -> RUN transition; Just restart the timers. 2933 */ 2934 if (vap->iv_state == IEEE80211_S_RUN) { 2935 sc->calib_cnt = 0; 2936 break; 2937 } 2938 2939 /* Wait until we hear a beacon before we transmit */ 2940 if (IEEE80211_IS_CHAN_PASSIVE(ic->ic_curchan)) 2941 sc->sc_beacon_wait = 1; 2942 2943 /* 2944 * !RUN -> RUN requires setting the association id 2945 * which is done with a firmware cmd. We also defer 2946 * starting the timers until that work is done. 2947 */ 2948 if ((error = iwn_run(sc, vap)) != 0) { 2949 device_printf(sc->sc_dev, 2950 "%s: could not move to run state\n", __func__); 2951 } 2952 break; 2953 2954 case IEEE80211_S_INIT: 2955 sc->calib.state = IWN_CALIB_STATE_INIT; 2956 /* 2957 * Purge the xmit queue so we don't have old frames 2958 * during a new association attempt. 2959 */ 2960 sc->sc_beacon_wait = 0; 2961 iwn_xmit_queue_drain(sc); 2962 break; 2963 2964 default: 2965 break; 2966 } 2967 IWN_UNLOCK(sc); 2968 IEEE80211_LOCK(ic); 2969 if (error != 0){ 2970 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end in error\n", __func__); 2971 return error; 2972 } 2973 2974 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 2975 2976 return ivp->iv_newstate(vap, nstate, arg); 2977 } 2978 2979 static void 2980 iwn_calib_timeout(void *arg) 2981 { 2982 struct iwn_softc *sc = arg; 2983 2984 IWN_LOCK_ASSERT(sc); 2985 2986 /* Force automatic TX power calibration every 60 secs. */ 2987 if (++sc->calib_cnt >= 120) { 2988 uint32_t flags = 0; 2989 2990 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s\n", 2991 "sending request for statistics"); 2992 (void)iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, 2993 sizeof flags, 1); 2994 sc->calib_cnt = 0; 2995 } 2996 callout_reset(&sc->calib_to, msecs_to_ticks(500), iwn_calib_timeout, 2997 sc); 2998 } 2999 3000 /* 3001 * Process an RX_PHY firmware notification. This is usually immediately 3002 * followed by an MPDU_RX_DONE notification. 3003 */ 3004 static void 3005 iwn_rx_phy(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3006 { 3007 struct iwn_rx_stat *stat = (struct iwn_rx_stat *)(desc + 1); 3008 3009 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: received PHY stats\n", __func__); 3010 3011 /* Save RX statistics, they will be used on MPDU_RX_DONE. */ 3012 memcpy(&sc->last_rx_stat, stat, sizeof (*stat)); 3013 sc->last_rx_valid = 1; 3014 } 3015 3016 /* 3017 * Process an RX_DONE (4965AGN only) or MPDU_RX_DONE firmware notification. 3018 * Each MPDU_RX_DONE notification must be preceded by an RX_PHY one. 3019 */ 3020 static void 3021 iwn_rx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3022 struct iwn_rx_data *data) 3023 { 3024 struct epoch_tracker et; 3025 struct iwn_ops *ops = &sc->ops; 3026 struct ieee80211com *ic = &sc->sc_ic; 3027 struct iwn_rx_ring *ring = &sc->rxq; 3028 struct ieee80211_frame_min *wh; 3029 struct ieee80211_node *ni; 3030 struct mbuf *m, *m1; 3031 struct iwn_rx_stat *stat; 3032 caddr_t head; 3033 bus_addr_t paddr; 3034 uint32_t flags; 3035 int error, len, rssi, nf; 3036 3037 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3038 3039 if (desc->type == IWN_MPDU_RX_DONE) { 3040 /* Check for prior RX_PHY notification. */ 3041 if (!sc->last_rx_valid) { 3042 DPRINTF(sc, IWN_DEBUG_ANY, 3043 "%s: missing RX_PHY\n", __func__); 3044 return; 3045 } 3046 stat = &sc->last_rx_stat; 3047 } else 3048 stat = (struct iwn_rx_stat *)(desc + 1); 3049 3050 if (stat->cfg_phy_len > IWN_STAT_MAXLEN) { 3051 device_printf(sc->sc_dev, 3052 "%s: invalid RX statistic header, len %d\n", __func__, 3053 stat->cfg_phy_len); 3054 return; 3055 } 3056 if (desc->type == IWN_MPDU_RX_DONE) { 3057 struct iwn_rx_mpdu *mpdu = (struct iwn_rx_mpdu *)(desc + 1); 3058 head = (caddr_t)(mpdu + 1); 3059 len = le16toh(mpdu->len); 3060 } else { 3061 head = (caddr_t)(stat + 1) + stat->cfg_phy_len; 3062 len = le16toh(stat->len); 3063 } 3064 3065 flags = le32toh(*(uint32_t *)(head + len)); 3066 3067 /* Discard frames with a bad FCS early. */ 3068 if ((flags & IWN_RX_NOERROR) != IWN_RX_NOERROR) { 3069 DPRINTF(sc, IWN_DEBUG_RECV, "%s: RX flags error %x\n", 3070 __func__, flags); 3071 counter_u64_add(ic->ic_ierrors, 1); 3072 return; 3073 } 3074 /* Discard frames that are too short. */ 3075 if (len < sizeof (struct ieee80211_frame_ack)) { 3076 DPRINTF(sc, IWN_DEBUG_RECV, "%s: frame too short: %d\n", 3077 __func__, len); 3078 counter_u64_add(ic->ic_ierrors, 1); 3079 return; 3080 } 3081 3082 m1 = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, IWN_RBUF_SIZE); 3083 if (m1 == NULL) { 3084 DPRINTF(sc, IWN_DEBUG_ANY, "%s: no mbuf to restock ring\n", 3085 __func__); 3086 counter_u64_add(ic->ic_ierrors, 1); 3087 return; 3088 } 3089 bus_dmamap_unload(ring->data_dmat, data->map); 3090 3091 error = bus_dmamap_load(ring->data_dmat, data->map, mtod(m1, void *), 3092 IWN_RBUF_SIZE, iwn_dma_map_addr, &paddr, BUS_DMA_NOWAIT); 3093 if (error != 0 && error != EFBIG) { 3094 device_printf(sc->sc_dev, 3095 "%s: bus_dmamap_load failed, error %d\n", __func__, error); 3096 m_freem(m1); 3097 3098 /* Try to reload the old mbuf. */ 3099 error = bus_dmamap_load(ring->data_dmat, data->map, 3100 mtod(data->m, void *), IWN_RBUF_SIZE, iwn_dma_map_addr, 3101 &paddr, BUS_DMA_NOWAIT); 3102 if (error != 0 && error != EFBIG) { 3103 panic("%s: could not load old RX mbuf", __func__); 3104 } 3105 bus_dmamap_sync(ring->data_dmat, data->map, 3106 BUS_DMASYNC_PREREAD); 3107 /* Physical address may have changed. */ 3108 ring->desc[ring->cur] = htole32(paddr >> 8); 3109 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 3110 BUS_DMASYNC_PREWRITE); 3111 counter_u64_add(ic->ic_ierrors, 1); 3112 return; 3113 } 3114 3115 bus_dmamap_sync(ring->data_dmat, data->map, 3116 BUS_DMASYNC_PREREAD); 3117 3118 m = data->m; 3119 data->m = m1; 3120 /* Update RX descriptor. */ 3121 ring->desc[ring->cur] = htole32(paddr >> 8); 3122 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 3123 BUS_DMASYNC_PREWRITE); 3124 3125 /* Finalize mbuf. */ 3126 m->m_data = head; 3127 m->m_pkthdr.len = m->m_len = len; 3128 3129 /* Grab a reference to the source node. */ 3130 wh = mtod(m, struct ieee80211_frame_min *); 3131 if (len >= sizeof(struct ieee80211_frame_min)) 3132 ni = ieee80211_find_rxnode(ic, wh); 3133 else 3134 ni = NULL; 3135 nf = (ni != NULL && ni->ni_vap->iv_state == IEEE80211_S_RUN && 3136 (ic->ic_flags & IEEE80211_F_SCAN) == 0) ? sc->noise : -95; 3137 3138 rssi = ops->get_rssi(sc, stat); 3139 3140 if (ieee80211_radiotap_active(ic)) { 3141 struct iwn_rx_radiotap_header *tap = &sc->sc_rxtap; 3142 uint32_t rate = le32toh(stat->rate); 3143 3144 tap->wr_flags = 0; 3145 if (stat->flags & htole16(IWN_STAT_FLAG_SHPREAMBLE)) 3146 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3147 tap->wr_dbm_antsignal = (int8_t)rssi; 3148 tap->wr_dbm_antnoise = (int8_t)nf; 3149 tap->wr_tsft = stat->tstamp; 3150 if (rate & IWN_RFLAG_MCS) { 3151 tap->wr_rate = rate & IWN_RFLAG_RATE_MCS; 3152 tap->wr_rate |= IEEE80211_RATE_MCS; 3153 } else 3154 tap->wr_rate = plcp2rate(rate & IWN_RFLAG_RATE); 3155 } 3156 3157 /* 3158 * If it's a beacon and we're waiting, then do the 3159 * wakeup. This should unblock raw_xmit/start. 3160 */ 3161 if (sc->sc_beacon_wait) { 3162 uint8_t type, subtype; 3163 /* NB: Re-assign wh */ 3164 wh = mtod(m, struct ieee80211_frame_min *); 3165 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3166 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 3167 /* 3168 * This assumes at this point we've received our own 3169 * beacon. 3170 */ 3171 DPRINTF(sc, IWN_DEBUG_TRACE, 3172 "%s: beacon_wait, type=%d, subtype=%d\n", 3173 __func__, type, subtype); 3174 if (type == IEEE80211_FC0_TYPE_MGT && 3175 subtype == IEEE80211_FC0_SUBTYPE_BEACON) { 3176 DPRINTF(sc, IWN_DEBUG_TRACE | IWN_DEBUG_XMIT, 3177 "%s: waking things up\n", __func__); 3178 /* queue taskqueue to transmit! */ 3179 taskqueue_enqueue(sc->sc_tq, &sc->sc_xmit_task); 3180 } 3181 } 3182 3183 IWN_UNLOCK(sc); 3184 NET_EPOCH_ENTER(et); 3185 3186 /* Send the frame to the 802.11 layer. */ 3187 if (ni != NULL) { 3188 if (ni->ni_flags & IEEE80211_NODE_HT) 3189 m->m_flags |= M_AMPDU; 3190 (void)ieee80211_input(ni, m, rssi - nf, nf); 3191 /* Node is no longer needed. */ 3192 ieee80211_free_node(ni); 3193 } else 3194 (void)ieee80211_input_all(ic, m, rssi - nf, nf); 3195 3196 NET_EPOCH_EXIT(et); 3197 IWN_LOCK(sc); 3198 3199 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3200 3201 } 3202 3203 static void 3204 iwn_agg_tx_complete(struct iwn_softc *sc, struct iwn_tx_ring *ring, int tid, 3205 int idx, int success) 3206 { 3207 struct ieee80211_ratectl_tx_status *txs = &sc->sc_txs; 3208 struct iwn_tx_data *data = &ring->data[idx]; 3209 struct iwn_node *wn; 3210 struct mbuf *m; 3211 struct ieee80211_node *ni; 3212 3213 KASSERT(data->ni != NULL, ("idx %d: no node", idx)); 3214 KASSERT(data->m != NULL, ("idx %d: no mbuf", idx)); 3215 3216 /* Unmap and free mbuf. */ 3217 bus_dmamap_sync(ring->data_dmat, data->map, 3218 BUS_DMASYNC_POSTWRITE); 3219 bus_dmamap_unload(ring->data_dmat, data->map); 3220 m = data->m, data->m = NULL; 3221 ni = data->ni, data->ni = NULL; 3222 wn = (void *)ni; 3223 3224 #if 0 3225 /* XXX causes significant performance degradation. */ 3226 txs->flags = IEEE80211_RATECTL_STATUS_SHORT_RETRY | 3227 IEEE80211_RATECTL_STATUS_LONG_RETRY; 3228 txs->long_retries = data->long_retries - 1; 3229 #else 3230 txs->flags = IEEE80211_RATECTL_STATUS_SHORT_RETRY; 3231 #endif 3232 txs->short_retries = wn->agg[tid].short_retries; 3233 if (success) 3234 txs->status = IEEE80211_RATECTL_TX_SUCCESS; 3235 else 3236 txs->status = IEEE80211_RATECTL_TX_FAIL_UNSPECIFIED; 3237 3238 wn->agg[tid].short_retries = 0; 3239 data->long_retries = 0; 3240 3241 DPRINTF(sc, IWN_DEBUG_AMPDU, "%s: freeing m %p ni %p idx %d qid %d\n", 3242 __func__, m, ni, idx, ring->qid); 3243 ieee80211_ratectl_tx_complete(ni, txs); 3244 ieee80211_tx_complete(ni, m, !success); 3245 } 3246 3247 /* Process an incoming Compressed BlockAck. */ 3248 static void 3249 iwn_rx_compressed_ba(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3250 { 3251 struct iwn_tx_ring *ring; 3252 struct iwn_tx_data *data; 3253 struct iwn_node *wn; 3254 struct iwn_compressed_ba *ba = (struct iwn_compressed_ba *)(desc + 1); 3255 struct ieee80211_tx_ampdu *tap; 3256 uint64_t bitmap; 3257 uint8_t tid; 3258 int i, qid, shift; 3259 int tx_ok = 0; 3260 3261 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3262 3263 qid = le16toh(ba->qid); 3264 tap = sc->qid2tap[qid]; 3265 ring = &sc->txq[qid]; 3266 tid = tap->txa_tid; 3267 wn = (void *)tap->txa_ni; 3268 3269 DPRINTF(sc, IWN_DEBUG_AMPDU, "%s: qid %d tid %d seq %04X ssn %04X\n" 3270 "bitmap: ba %016jX wn %016jX, start %d\n", 3271 __func__, qid, tid, le16toh(ba->seq), le16toh(ba->ssn), 3272 (uintmax_t)le64toh(ba->bitmap), (uintmax_t)wn->agg[tid].bitmap, 3273 wn->agg[tid].startidx); 3274 3275 if (wn->agg[tid].bitmap == 0) 3276 return; 3277 3278 shift = wn->agg[tid].startidx - ((le16toh(ba->seq) >> 4) & 0xff); 3279 if (shift <= -64) 3280 shift += 0x100; 3281 3282 /* 3283 * Walk the bitmap and calculate how many successful attempts 3284 * are made. 3285 * 3286 * Yes, the rate control code doesn't know these are A-MPDU 3287 * subframes; due to that long_retries stats are not used here. 3288 */ 3289 bitmap = le64toh(ba->bitmap); 3290 if (shift >= 0) 3291 bitmap >>= shift; 3292 else 3293 bitmap <<= -shift; 3294 bitmap &= wn->agg[tid].bitmap; 3295 wn->agg[tid].bitmap = 0; 3296 3297 for (i = wn->agg[tid].startidx; 3298 bitmap; 3299 bitmap >>= 1, i = (i + 1) % IWN_TX_RING_COUNT) { 3300 if ((bitmap & 1) == 0) 3301 continue; 3302 3303 data = &ring->data[i]; 3304 if (__predict_false(data->m == NULL)) { 3305 /* 3306 * There is no frame; skip this entry. 3307 * 3308 * NB: it is "ok" to have both 3309 * 'tx done' + 'compressed BA' replies for frame 3310 * with STATE_SCD_QUERY status. 3311 */ 3312 DPRINTF(sc, IWN_DEBUG_AMPDU, 3313 "%s: ring %d: no entry %d\n", __func__, qid, i); 3314 continue; 3315 } 3316 3317 tx_ok++; 3318 iwn_agg_tx_complete(sc, ring, tid, i, 1); 3319 } 3320 3321 ring->queued -= tx_ok; 3322 iwn_check_tx_ring(sc, qid); 3323 3324 DPRINTF(sc, IWN_DEBUG_TRACE | IWN_DEBUG_AMPDU, 3325 "->%s: end; %d ok\n",__func__, tx_ok); 3326 } 3327 3328 /* 3329 * Process a CALIBRATION_RESULT notification sent by the initialization 3330 * firmware on response to a CMD_CALIB_CONFIG command (5000 only). 3331 */ 3332 static void 3333 iwn5000_rx_calib_results(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3334 { 3335 struct iwn_phy_calib *calib = (struct iwn_phy_calib *)(desc + 1); 3336 int len, idx = -1; 3337 3338 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3339 3340 /* Runtime firmware should not send such a notification. */ 3341 if (sc->sc_flags & IWN_FLAG_CALIB_DONE){ 3342 DPRINTF(sc, IWN_DEBUG_TRACE, 3343 "->%s received after calib done\n", __func__); 3344 return; 3345 } 3346 len = (le32toh(desc->len) & 0x3fff) - 4; 3347 3348 switch (calib->code) { 3349 case IWN5000_PHY_CALIB_DC: 3350 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_DC) 3351 idx = 0; 3352 break; 3353 case IWN5000_PHY_CALIB_LO: 3354 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_LO) 3355 idx = 1; 3356 break; 3357 case IWN5000_PHY_CALIB_TX_IQ: 3358 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TX_IQ) 3359 idx = 2; 3360 break; 3361 case IWN5000_PHY_CALIB_TX_IQ_PERIODIC: 3362 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TX_IQ_PERIODIC) 3363 idx = 3; 3364 break; 3365 case IWN5000_PHY_CALIB_BASE_BAND: 3366 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_BASE_BAND) 3367 idx = 4; 3368 break; 3369 } 3370 if (idx == -1) /* Ignore other results. */ 3371 return; 3372 3373 /* Save calibration result. */ 3374 if (sc->calibcmd[idx].buf != NULL) 3375 free(sc->calibcmd[idx].buf, M_DEVBUF); 3376 sc->calibcmd[idx].buf = malloc(len, M_DEVBUF, M_NOWAIT); 3377 if (sc->calibcmd[idx].buf == NULL) { 3378 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 3379 "not enough memory for calibration result %d\n", 3380 calib->code); 3381 return; 3382 } 3383 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 3384 "saving calibration result idx=%d, code=%d len=%d\n", idx, calib->code, len); 3385 sc->calibcmd[idx].len = len; 3386 memcpy(sc->calibcmd[idx].buf, calib, len); 3387 } 3388 3389 static void 3390 iwn_stats_update(struct iwn_softc *sc, struct iwn_calib_state *calib, 3391 struct iwn_stats *stats, int len) 3392 { 3393 struct iwn_stats_bt *stats_bt; 3394 struct iwn_stats *lstats; 3395 3396 /* 3397 * First - check whether the length is the bluetooth or normal. 3398 * 3399 * If it's normal - just copy it and bump out. 3400 * Otherwise we have to convert things. 3401 */ 3402 3403 if (len == sizeof(struct iwn_stats) + 4) { 3404 memcpy(&sc->last_stat, stats, sizeof(struct iwn_stats)); 3405 sc->last_stat_valid = 1; 3406 return; 3407 } 3408 3409 /* 3410 * If it's not the bluetooth size - log, then just copy. 3411 */ 3412 if (len != sizeof(struct iwn_stats_bt) + 4) { 3413 DPRINTF(sc, IWN_DEBUG_STATS, 3414 "%s: size of rx statistics (%d) not an expected size!\n", 3415 __func__, 3416 len); 3417 memcpy(&sc->last_stat, stats, sizeof(struct iwn_stats)); 3418 sc->last_stat_valid = 1; 3419 return; 3420 } 3421 3422 /* 3423 * Ok. Time to copy. 3424 */ 3425 stats_bt = (struct iwn_stats_bt *) stats; 3426 lstats = &sc->last_stat; 3427 3428 /* flags */ 3429 lstats->flags = stats_bt->flags; 3430 /* rx_bt */ 3431 memcpy(&lstats->rx.ofdm, &stats_bt->rx_bt.ofdm, 3432 sizeof(struct iwn_rx_phy_stats)); 3433 memcpy(&lstats->rx.cck, &stats_bt->rx_bt.cck, 3434 sizeof(struct iwn_rx_phy_stats)); 3435 memcpy(&lstats->rx.general, &stats_bt->rx_bt.general_bt.common, 3436 sizeof(struct iwn_rx_general_stats)); 3437 memcpy(&lstats->rx.ht, &stats_bt->rx_bt.ht, 3438 sizeof(struct iwn_rx_ht_phy_stats)); 3439 /* tx */ 3440 memcpy(&lstats->tx, &stats_bt->tx, 3441 sizeof(struct iwn_tx_stats)); 3442 /* general */ 3443 memcpy(&lstats->general, &stats_bt->general, 3444 sizeof(struct iwn_general_stats)); 3445 3446 /* XXX TODO: Squirrel away the extra bluetooth stats somewhere */ 3447 sc->last_stat_valid = 1; 3448 } 3449 3450 /* 3451 * Process an RX_STATISTICS or BEACON_STATISTICS firmware notification. 3452 * The latter is sent by the firmware after each received beacon. 3453 */ 3454 static void 3455 iwn_rx_statistics(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3456 { 3457 struct iwn_ops *ops = &sc->ops; 3458 struct ieee80211com *ic = &sc->sc_ic; 3459 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3460 struct iwn_calib_state *calib = &sc->calib; 3461 struct iwn_stats *stats = (struct iwn_stats *)(desc + 1); 3462 struct iwn_stats *lstats; 3463 int temp; 3464 3465 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3466 3467 /* Ignore statistics received during a scan. */ 3468 if (vap->iv_state != IEEE80211_S_RUN || 3469 (ic->ic_flags & IEEE80211_F_SCAN)){ 3470 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s received during calib\n", 3471 __func__); 3472 return; 3473 } 3474 3475 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_STATS, 3476 "%s: received statistics, cmd %d, len %d\n", 3477 __func__, desc->type, le16toh(desc->len)); 3478 sc->calib_cnt = 0; /* Reset TX power calibration timeout. */ 3479 3480 /* 3481 * Collect/track general statistics for reporting. 3482 * 3483 * This takes care of ensuring that the bluetooth sized message 3484 * will be correctly converted to the legacy sized message. 3485 */ 3486 iwn_stats_update(sc, calib, stats, le16toh(desc->len)); 3487 3488 /* 3489 * And now, let's take a reference of it to use! 3490 */ 3491 lstats = &sc->last_stat; 3492 3493 /* Test if temperature has changed. */ 3494 if (lstats->general.temp != sc->rawtemp) { 3495 /* Convert "raw" temperature to degC. */ 3496 sc->rawtemp = stats->general.temp; 3497 temp = ops->get_temperature(sc); 3498 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: temperature %d\n", 3499 __func__, temp); 3500 3501 /* Update TX power if need be (4965AGN only). */ 3502 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 3503 iwn4965_power_calibration(sc, temp); 3504 } 3505 3506 if (desc->type != IWN_BEACON_STATISTICS) 3507 return; /* Reply to a statistics request. */ 3508 3509 sc->noise = iwn_get_noise(&lstats->rx.general); 3510 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: noise %d\n", __func__, sc->noise); 3511 3512 /* Test that RSSI and noise are present in stats report. */ 3513 if (le32toh(lstats->rx.general.flags) != 1) { 3514 DPRINTF(sc, IWN_DEBUG_ANY, "%s\n", 3515 "received statistics without RSSI"); 3516 return; 3517 } 3518 3519 if (calib->state == IWN_CALIB_STATE_ASSOC) 3520 iwn_collect_noise(sc, &lstats->rx.general); 3521 else if (calib->state == IWN_CALIB_STATE_RUN) { 3522 iwn_tune_sensitivity(sc, &lstats->rx); 3523 /* 3524 * XXX TODO: Only run the RX recovery if we're associated! 3525 */ 3526 iwn_check_rx_recovery(sc, lstats); 3527 iwn_save_stats_counters(sc, lstats); 3528 } 3529 3530 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3531 } 3532 3533 /* 3534 * Save the relevant statistic counters for the next calibration 3535 * pass. 3536 */ 3537 static void 3538 iwn_save_stats_counters(struct iwn_softc *sc, const struct iwn_stats *rs) 3539 { 3540 struct iwn_calib_state *calib = &sc->calib; 3541 3542 /* Save counters values for next call. */ 3543 calib->bad_plcp_cck = le32toh(rs->rx.cck.bad_plcp); 3544 calib->fa_cck = le32toh(rs->rx.cck.fa); 3545 calib->bad_plcp_ht = le32toh(rs->rx.ht.bad_plcp); 3546 calib->bad_plcp_ofdm = le32toh(rs->rx.ofdm.bad_plcp); 3547 calib->fa_ofdm = le32toh(rs->rx.ofdm.fa); 3548 3549 /* Last time we received these tick values */ 3550 sc->last_calib_ticks = ticks; 3551 } 3552 3553 /* 3554 * Process a TX_DONE firmware notification. Unfortunately, the 4965AGN 3555 * and 5000 adapters have different incompatible TX status formats. 3556 */ 3557 static void 3558 iwn4965_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3559 struct iwn_rx_data *data) 3560 { 3561 struct iwn4965_tx_stat *stat = (struct iwn4965_tx_stat *)(desc + 1); 3562 int qid = desc->qid & IWN_RX_DESC_QID_MSK; 3563 3564 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: " 3565 "qid %d idx %d RTS retries %d ACK retries %d nkill %d rate %x duration %d status %x\n", 3566 __func__, desc->qid, desc->idx, 3567 stat->rtsfailcnt, 3568 stat->ackfailcnt, 3569 stat->btkillcnt, 3570 stat->rate, le16toh(stat->duration), 3571 le32toh(stat->status)); 3572 3573 if (qid >= sc->firstaggqueue && stat->nframes != 1) { 3574 iwn_ampdu_tx_done(sc, qid, stat->nframes, stat->rtsfailcnt, 3575 &stat->status); 3576 } else { 3577 iwn_tx_done(sc, desc, stat->rtsfailcnt, stat->ackfailcnt, 3578 le32toh(stat->status) & 0xff); 3579 } 3580 } 3581 3582 static void 3583 iwn5000_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3584 struct iwn_rx_data *data) 3585 { 3586 struct iwn5000_tx_stat *stat = (struct iwn5000_tx_stat *)(desc + 1); 3587 int qid = desc->qid & IWN_RX_DESC_QID_MSK; 3588 3589 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: " 3590 "qid %d idx %d RTS retries %d ACK retries %d nkill %d rate %x duration %d status %x\n", 3591 __func__, desc->qid, desc->idx, 3592 stat->rtsfailcnt, 3593 stat->ackfailcnt, 3594 stat->btkillcnt, 3595 stat->rate, le16toh(stat->duration), 3596 le32toh(stat->status)); 3597 3598 #ifdef notyet 3599 /* Reset TX scheduler slot. */ 3600 iwn5000_reset_sched(sc, qid, desc->idx); 3601 #endif 3602 3603 if (qid >= sc->firstaggqueue && stat->nframes != 1) { 3604 iwn_ampdu_tx_done(sc, qid, stat->nframes, stat->rtsfailcnt, 3605 &stat->status); 3606 } else { 3607 iwn_tx_done(sc, desc, stat->rtsfailcnt, stat->ackfailcnt, 3608 le16toh(stat->status) & 0xff); 3609 } 3610 } 3611 3612 static void 3613 iwn_adj_ampdu_ptr(struct iwn_softc *sc, struct iwn_tx_ring *ring) 3614 { 3615 int i; 3616 3617 for (i = ring->read; i != ring->cur; i = (i + 1) % IWN_TX_RING_COUNT) { 3618 struct iwn_tx_data *data = &ring->data[i]; 3619 3620 if (data->m != NULL) 3621 break; 3622 3623 data->remapped = 0; 3624 } 3625 3626 ring->read = i; 3627 } 3628 3629 /* 3630 * Adapter-independent backend for TX_DONE firmware notifications. 3631 */ 3632 static void 3633 iwn_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, int rtsfailcnt, 3634 int ackfailcnt, uint8_t status) 3635 { 3636 struct ieee80211_ratectl_tx_status *txs = &sc->sc_txs; 3637 struct iwn_tx_ring *ring = &sc->txq[desc->qid & IWN_RX_DESC_QID_MSK]; 3638 struct iwn_tx_data *data = &ring->data[desc->idx]; 3639 struct mbuf *m; 3640 struct ieee80211_node *ni; 3641 3642 if (__predict_false(data->m == NULL && 3643 ring->qid >= sc->firstaggqueue)) { 3644 /* 3645 * There is no frame; skip this entry. 3646 */ 3647 DPRINTF(sc, IWN_DEBUG_AMPDU, "%s: ring %d: no entry %d\n", 3648 __func__, ring->qid, desc->idx); 3649 return; 3650 } 3651 3652 KASSERT(data->ni != NULL, ("no node")); 3653 KASSERT(data->m != NULL, ("no mbuf")); 3654 3655 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3656 3657 /* Unmap and free mbuf. */ 3658 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_POSTWRITE); 3659 bus_dmamap_unload(ring->data_dmat, data->map); 3660 m = data->m, data->m = NULL; 3661 ni = data->ni, data->ni = NULL; 3662 3663 data->long_retries = 0; 3664 3665 if (ring->qid >= sc->firstaggqueue) 3666 iwn_adj_ampdu_ptr(sc, ring); 3667 3668 /* 3669 * XXX f/w may hang (device timeout) when desc->idx - ring->read == 64 3670 * (aggregation queues only). 3671 */ 3672 3673 ring->queued--; 3674 iwn_check_tx_ring(sc, ring->qid); 3675 3676 /* 3677 * Update rate control statistics for the node. 3678 */ 3679 txs->flags = IEEE80211_RATECTL_STATUS_SHORT_RETRY | 3680 IEEE80211_RATECTL_STATUS_LONG_RETRY; 3681 txs->short_retries = rtsfailcnt; 3682 txs->long_retries = ackfailcnt; 3683 if (!(status & IWN_TX_FAIL)) 3684 txs->status = IEEE80211_RATECTL_TX_SUCCESS; 3685 else { 3686 switch (status) { 3687 case IWN_TX_FAIL_SHORT_LIMIT: 3688 txs->status = IEEE80211_RATECTL_TX_FAIL_SHORT; 3689 break; 3690 case IWN_TX_FAIL_LONG_LIMIT: 3691 txs->status = IEEE80211_RATECTL_TX_FAIL_LONG; 3692 break; 3693 case IWN_TX_STATUS_FAIL_LIFE_EXPIRE: 3694 txs->status = IEEE80211_RATECTL_TX_FAIL_EXPIRED; 3695 break; 3696 default: 3697 txs->status = IEEE80211_RATECTL_TX_FAIL_UNSPECIFIED; 3698 break; 3699 } 3700 } 3701 ieee80211_ratectl_tx_complete(ni, txs); 3702 3703 /* 3704 * Channels marked for "radar" require traffic to be received 3705 * to unlock before we can transmit. Until traffic is seen 3706 * any attempt to transmit is returned immediately with status 3707 * set to IWN_TX_FAIL_TX_LOCKED. Unfortunately this can easily 3708 * happen on first authenticate after scanning. To workaround 3709 * this we ignore a failure of this sort in AUTH state so the 3710 * 802.11 layer will fall back to using a timeout to wait for 3711 * the AUTH reply. This allows the firmware time to see 3712 * traffic so a subsequent retry of AUTH succeeds. It's 3713 * unclear why the firmware does not maintain state for 3714 * channels recently visited as this would allow immediate 3715 * use of the channel after a scan (where we see traffic). 3716 */ 3717 if (status == IWN_TX_FAIL_TX_LOCKED && 3718 ni->ni_vap->iv_state == IEEE80211_S_AUTH) 3719 ieee80211_tx_complete(ni, m, 0); 3720 else 3721 ieee80211_tx_complete(ni, m, 3722 (status & IWN_TX_FAIL) != 0); 3723 3724 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3725 } 3726 3727 /* 3728 * Process a "command done" firmware notification. This is where we wakeup 3729 * processes waiting for a synchronous command completion. 3730 */ 3731 static void 3732 iwn_cmd_done(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3733 { 3734 struct iwn_tx_ring *ring; 3735 struct iwn_tx_data *data; 3736 int cmd_queue_num; 3737 3738 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) 3739 cmd_queue_num = IWN_PAN_CMD_QUEUE; 3740 else 3741 cmd_queue_num = IWN_CMD_QUEUE_NUM; 3742 3743 if ((desc->qid & IWN_RX_DESC_QID_MSK) != cmd_queue_num) 3744 return; /* Not a command ack. */ 3745 3746 ring = &sc->txq[cmd_queue_num]; 3747 data = &ring->data[desc->idx]; 3748 3749 /* If the command was mapped in an mbuf, free it. */ 3750 if (data->m != NULL) { 3751 bus_dmamap_sync(ring->data_dmat, data->map, 3752 BUS_DMASYNC_POSTWRITE); 3753 bus_dmamap_unload(ring->data_dmat, data->map); 3754 m_freem(data->m); 3755 data->m = NULL; 3756 } 3757 wakeup(&ring->desc[desc->idx]); 3758 } 3759 3760 static int 3761 iwn_ampdu_check_bitmap(uint64_t bitmap, int start, int idx) 3762 { 3763 int bit, shift; 3764 3765 bit = idx - start; 3766 shift = 0; 3767 if (bit >= 64) { 3768 shift = 0x100 - bit; 3769 bit = 0; 3770 } else if (bit <= -64) 3771 bit = 0x100 + bit; 3772 else if (bit < 0) { 3773 shift = -bit; 3774 bit = 0; 3775 } 3776 3777 if (bit - shift >= 64) 3778 return (0); 3779 3780 return ((bitmap & (1ULL << (bit - shift))) != 0); 3781 } 3782 3783 /* 3784 * Firmware bug workaround: in case if 'retries' counter 3785 * overflows 'seqno' field will be incremented: 3786 * status|sequence|status|sequence|status|sequence 3787 * 0000 0A48 0001 0A49 0000 0A6A 3788 * 1000 0A48 1000 0A49 1000 0A6A 3789 * 2000 0A48 2000 0A49 2000 0A6A 3790 * ... 3791 * E000 0A48 E000 0A49 E000 0A6A 3792 * F000 0A48 F000 0A49 F000 0A6A 3793 * 0000 0A49 0000 0A49 0000 0A6B 3794 * 1000 0A49 1000 0A49 1000 0A6B 3795 * ... 3796 * D000 0A49 D000 0A49 D000 0A6B 3797 * E000 0A49 E001 0A49 E000 0A6B 3798 * F000 0A49 F001 0A49 F000 0A6B 3799 * 0000 0A4A 0000 0A4B 0000 0A6A 3800 * 1000 0A4A 1000 0A4B 1000 0A6A 3801 * ... 3802 * 3803 * Odd 'seqno' numbers are incremened by 2 every 2 overflows. 3804 * For even 'seqno' % 4 != 0 overflow is cyclic (0 -> +1 -> 0). 3805 * Not checked with nretries >= 64. 3806 * 3807 */ 3808 static int 3809 iwn_ampdu_index_check(struct iwn_softc *sc, struct iwn_tx_ring *ring, 3810 uint64_t bitmap, int start, int idx) 3811 { 3812 struct ieee80211com *ic = &sc->sc_ic; 3813 struct iwn_tx_data *data; 3814 int diff, min_retries, max_retries, new_idx, loop_end; 3815 3816 new_idx = idx - IWN_LONG_RETRY_LIMIT_LOG; 3817 if (new_idx < 0) 3818 new_idx += IWN_TX_RING_COUNT; 3819 3820 /* 3821 * Corner case: check if retry count is not too big; 3822 * reset device otherwise. 3823 */ 3824 if (!iwn_ampdu_check_bitmap(bitmap, start, new_idx)) { 3825 data = &ring->data[new_idx]; 3826 if (data->long_retries > IWN_LONG_RETRY_LIMIT) { 3827 device_printf(sc->sc_dev, 3828 "%s: retry count (%d) for idx %d/%d overflow, " 3829 "resetting...\n", __func__, data->long_retries, 3830 ring->qid, new_idx); 3831 ieee80211_restart_all(ic); 3832 return (-1); 3833 } 3834 } 3835 3836 /* Correct index if needed. */ 3837 loop_end = idx; 3838 do { 3839 data = &ring->data[new_idx]; 3840 diff = idx - new_idx; 3841 if (diff < 0) 3842 diff += IWN_TX_RING_COUNT; 3843 3844 min_retries = IWN_LONG_RETRY_FW_OVERFLOW * diff; 3845 if ((new_idx % 2) == 0) 3846 max_retries = IWN_LONG_RETRY_FW_OVERFLOW * (diff + 1); 3847 else 3848 max_retries = IWN_LONG_RETRY_FW_OVERFLOW * (diff + 2); 3849 3850 if (!iwn_ampdu_check_bitmap(bitmap, start, new_idx) && 3851 ((data->long_retries >= min_retries && 3852 data->long_retries < max_retries) || 3853 (diff == 1 && 3854 (new_idx & 0x03) == 0x02 && 3855 data->long_retries >= IWN_LONG_RETRY_FW_OVERFLOW))) { 3856 DPRINTF(sc, IWN_DEBUG_AMPDU, 3857 "%s: correcting index %d -> %d in queue %d" 3858 " (retries %d)\n", __func__, idx, new_idx, 3859 ring->qid, data->long_retries); 3860 return (new_idx); 3861 } 3862 3863 new_idx = (new_idx + 1) % IWN_TX_RING_COUNT; 3864 } while (new_idx != loop_end); 3865 3866 return (idx); 3867 } 3868 3869 static void 3870 iwn_ampdu_tx_done(struct iwn_softc *sc, int qid, int nframes, int rtsfailcnt, 3871 void *stat) 3872 { 3873 struct iwn_tx_ring *ring = &sc->txq[qid]; 3874 struct ieee80211_tx_ampdu *tap = sc->qid2tap[qid]; 3875 struct iwn_node *wn = (void *)tap->txa_ni; 3876 struct iwn_tx_data *data; 3877 uint64_t bitmap = 0; 3878 uint16_t *aggstatus = stat; 3879 uint8_t tid = tap->txa_tid; 3880 int bit, i, idx, shift, start, tx_err; 3881 3882 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3883 3884 start = le16toh(*(aggstatus + nframes * 2)) & 0xff; 3885 3886 for (i = 0; i < nframes; i++) { 3887 uint16_t status = le16toh(aggstatus[i * 2]); 3888 3889 if (status & IWN_AGG_TX_STATE_IGNORE_MASK) 3890 continue; 3891 3892 idx = le16toh(aggstatus[i * 2 + 1]) & 0xff; 3893 data = &ring->data[idx]; 3894 if (data->remapped) { 3895 idx = iwn_ampdu_index_check(sc, ring, bitmap, start, idx); 3896 if (idx == -1) { 3897 /* skip error (device will be restarted anyway). */ 3898 continue; 3899 } 3900 3901 /* Index may have changed. */ 3902 data = &ring->data[idx]; 3903 } 3904 3905 /* 3906 * XXX Sometimes (rarely) some frames are excluded from events. 3907 * XXX Due to that long_retries counter may be wrong. 3908 */ 3909 data->long_retries &= ~0x0f; 3910 data->long_retries += IWN_AGG_TX_TRY_COUNT(status) + 1; 3911 3912 if (data->long_retries >= IWN_LONG_RETRY_FW_OVERFLOW) { 3913 int diff, wrong_idx; 3914 3915 diff = data->long_retries / IWN_LONG_RETRY_FW_OVERFLOW; 3916 wrong_idx = (idx + diff) % IWN_TX_RING_COUNT; 3917 3918 /* 3919 * Mark the entry so the above code will check it 3920 * next time. 3921 */ 3922 ring->data[wrong_idx].remapped = 1; 3923 } 3924 3925 if (status & IWN_AGG_TX_STATE_UNDERRUN_MSK) { 3926 /* 3927 * NB: count retries but postpone - it was not 3928 * transmitted. 3929 */ 3930 continue; 3931 } 3932 3933 bit = idx - start; 3934 shift = 0; 3935 if (bit >= 64) { 3936 shift = 0x100 - bit; 3937 bit = 0; 3938 } else if (bit <= -64) 3939 bit = 0x100 + bit; 3940 else if (bit < 0) { 3941 shift = -bit; 3942 bit = 0; 3943 } 3944 bitmap = bitmap << shift; 3945 bitmap |= 1ULL << bit; 3946 } 3947 wn->agg[tid].startidx = start; 3948 wn->agg[tid].bitmap = bitmap; 3949 wn->agg[tid].short_retries = rtsfailcnt; 3950 3951 DPRINTF(sc, IWN_DEBUG_AMPDU, "%s: nframes %d start %d bitmap %016jX\n", 3952 __func__, nframes, start, (uintmax_t)bitmap); 3953 3954 i = ring->read; 3955 3956 for (tx_err = 0; 3957 i != wn->agg[tid].startidx; 3958 i = (i + 1) % IWN_TX_RING_COUNT) { 3959 data = &ring->data[i]; 3960 data->remapped = 0; 3961 if (data->m == NULL) 3962 continue; 3963 3964 tx_err++; 3965 iwn_agg_tx_complete(sc, ring, tid, i, 0); 3966 } 3967 3968 ring->read = wn->agg[tid].startidx; 3969 ring->queued -= tx_err; 3970 3971 iwn_check_tx_ring(sc, qid); 3972 3973 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3974 } 3975 3976 /* 3977 * Process an INT_FH_RX or INT_SW_RX interrupt. 3978 */ 3979 static void 3980 iwn_notif_intr(struct iwn_softc *sc) 3981 { 3982 struct iwn_ops *ops = &sc->ops; 3983 struct ieee80211com *ic = &sc->sc_ic; 3984 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3985 uint16_t hw; 3986 int is_stopped; 3987 3988 bus_dmamap_sync(sc->rxq.stat_dma.tag, sc->rxq.stat_dma.map, 3989 BUS_DMASYNC_POSTREAD); 3990 3991 hw = le16toh(sc->rxq.stat->closed_count) & 0xfff; 3992 while (sc->rxq.cur != hw) { 3993 struct iwn_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 3994 struct iwn_rx_desc *desc; 3995 3996 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 3997 BUS_DMASYNC_POSTREAD); 3998 desc = mtod(data->m, struct iwn_rx_desc *); 3999 4000 DPRINTF(sc, IWN_DEBUG_RECV, 4001 "%s: cur=%d; qid %x idx %d flags %x type %d(%s) len %d\n", 4002 __func__, sc->rxq.cur, desc->qid & IWN_RX_DESC_QID_MSK, 4003 desc->idx, desc->flags, desc->type, 4004 iwn_intr_str(desc->type), le16toh(desc->len)); 4005 4006 if (!(desc->qid & IWN_UNSOLICITED_RX_NOTIF)) /* Reply to a command. */ 4007 iwn_cmd_done(sc, desc); 4008 4009 switch (desc->type) { 4010 case IWN_RX_PHY: 4011 iwn_rx_phy(sc, desc); 4012 break; 4013 4014 case IWN_RX_DONE: /* 4965AGN only. */ 4015 case IWN_MPDU_RX_DONE: 4016 /* An 802.11 frame has been received. */ 4017 iwn_rx_done(sc, desc, data); 4018 4019 is_stopped = (sc->sc_flags & IWN_FLAG_RUNNING) == 0; 4020 if (__predict_false(is_stopped)) 4021 return; 4022 4023 break; 4024 4025 case IWN_RX_COMPRESSED_BA: 4026 /* A Compressed BlockAck has been received. */ 4027 iwn_rx_compressed_ba(sc, desc); 4028 break; 4029 4030 case IWN_TX_DONE: 4031 /* An 802.11 frame has been transmitted. */ 4032 ops->tx_done(sc, desc, data); 4033 break; 4034 4035 case IWN_RX_STATISTICS: 4036 case IWN_BEACON_STATISTICS: 4037 iwn_rx_statistics(sc, desc); 4038 break; 4039 4040 case IWN_BEACON_MISSED: 4041 { 4042 struct iwn_beacon_missed *miss = 4043 (struct iwn_beacon_missed *)(desc + 1); 4044 int misses; 4045 4046 misses = le32toh(miss->consecutive); 4047 4048 DPRINTF(sc, IWN_DEBUG_STATE, 4049 "%s: beacons missed %d/%d\n", __func__, 4050 misses, le32toh(miss->total)); 4051 /* 4052 * If more than 5 consecutive beacons are missed, 4053 * reinitialize the sensitivity state machine. 4054 */ 4055 if (vap->iv_state == IEEE80211_S_RUN && 4056 (ic->ic_flags & IEEE80211_F_SCAN) == 0) { 4057 if (misses > 5) 4058 (void)iwn_init_sensitivity(sc); 4059 if (misses >= vap->iv_bmissthreshold) { 4060 IWN_UNLOCK(sc); 4061 ieee80211_beacon_miss(ic); 4062 IWN_LOCK(sc); 4063 4064 is_stopped = (sc->sc_flags & 4065 IWN_FLAG_RUNNING) == 0; 4066 if (__predict_false(is_stopped)) 4067 return; 4068 } 4069 } 4070 break; 4071 } 4072 case IWN_UC_READY: 4073 { 4074 struct iwn_ucode_info *uc = 4075 (struct iwn_ucode_info *)(desc + 1); 4076 4077 /* The microcontroller is ready. */ 4078 DPRINTF(sc, IWN_DEBUG_RESET, 4079 "microcode alive notification version=%d.%d " 4080 "subtype=%x alive=%x\n", uc->major, uc->minor, 4081 uc->subtype, le32toh(uc->valid)); 4082 4083 if (le32toh(uc->valid) != 1) { 4084 device_printf(sc->sc_dev, 4085 "microcontroller initialization failed"); 4086 break; 4087 } 4088 if (uc->subtype == IWN_UCODE_INIT) { 4089 /* Save microcontroller report. */ 4090 memcpy(&sc->ucode_info, uc, sizeof (*uc)); 4091 } 4092 /* Save the address of the error log in SRAM. */ 4093 sc->errptr = le32toh(uc->errptr); 4094 break; 4095 } 4096 #ifdef IWN_DEBUG 4097 case IWN_STATE_CHANGED: 4098 { 4099 /* 4100 * State change allows hardware switch change to be 4101 * noted. However, we handle this in iwn_intr as we 4102 * get both the enable/disble intr. 4103 */ 4104 uint32_t *status = (uint32_t *)(desc + 1); 4105 DPRINTF(sc, IWN_DEBUG_INTR | IWN_DEBUG_STATE, 4106 "state changed to %x\n", 4107 le32toh(*status)); 4108 break; 4109 } 4110 case IWN_START_SCAN: 4111 { 4112 struct iwn_start_scan *scan = 4113 (struct iwn_start_scan *)(desc + 1); 4114 DPRINTF(sc, IWN_DEBUG_ANY, 4115 "%s: scanning channel %d status %x\n", 4116 __func__, scan->chan, le32toh(scan->status)); 4117 break; 4118 } 4119 #endif 4120 case IWN_STOP_SCAN: 4121 { 4122 #ifdef IWN_DEBUG 4123 struct iwn_stop_scan *scan = 4124 (struct iwn_stop_scan *)(desc + 1); 4125 DPRINTF(sc, IWN_DEBUG_STATE | IWN_DEBUG_SCAN, 4126 "scan finished nchan=%d status=%d chan=%d\n", 4127 scan->nchan, scan->status, scan->chan); 4128 #endif 4129 sc->sc_is_scanning = 0; 4130 callout_stop(&sc->scan_timeout); 4131 IWN_UNLOCK(sc); 4132 ieee80211_scan_next(vap); 4133 IWN_LOCK(sc); 4134 4135 is_stopped = (sc->sc_flags & IWN_FLAG_RUNNING) == 0; 4136 if (__predict_false(is_stopped)) 4137 return; 4138 4139 break; 4140 } 4141 case IWN5000_CALIBRATION_RESULT: 4142 iwn5000_rx_calib_results(sc, desc); 4143 break; 4144 4145 case IWN5000_CALIBRATION_DONE: 4146 sc->sc_flags |= IWN_FLAG_CALIB_DONE; 4147 wakeup(sc); 4148 break; 4149 } 4150 4151 sc->rxq.cur = (sc->rxq.cur + 1) % IWN_RX_RING_COUNT; 4152 } 4153 4154 /* Tell the firmware what we have processed. */ 4155 hw = (hw == 0) ? IWN_RX_RING_COUNT - 1 : hw - 1; 4156 IWN_WRITE(sc, IWN_FH_RX_WPTR, hw & ~7); 4157 } 4158 4159 /* 4160 * Process an INT_WAKEUP interrupt raised when the microcontroller wakes up 4161 * from power-down sleep mode. 4162 */ 4163 static void 4164 iwn_wakeup_intr(struct iwn_softc *sc) 4165 { 4166 int qid; 4167 4168 DPRINTF(sc, IWN_DEBUG_RESET, "%s: ucode wakeup from power-down sleep\n", 4169 __func__); 4170 4171 /* Wakeup RX and TX rings. */ 4172 IWN_WRITE(sc, IWN_FH_RX_WPTR, sc->rxq.cur & ~7); 4173 for (qid = 0; qid < sc->ntxqs; qid++) { 4174 struct iwn_tx_ring *ring = &sc->txq[qid]; 4175 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | ring->cur); 4176 } 4177 } 4178 4179 static void 4180 iwn_rftoggle_task(void *arg, int npending) 4181 { 4182 struct iwn_softc *sc = arg; 4183 struct ieee80211com *ic = &sc->sc_ic; 4184 uint32_t tmp; 4185 4186 IWN_LOCK(sc); 4187 tmp = IWN_READ(sc, IWN_GP_CNTRL); 4188 IWN_UNLOCK(sc); 4189 4190 device_printf(sc->sc_dev, "RF switch: radio %s\n", 4191 (tmp & IWN_GP_CNTRL_RFKILL) ? "enabled" : "disabled"); 4192 if (!(tmp & IWN_GP_CNTRL_RFKILL)) { 4193 ieee80211_suspend_all(ic); 4194 4195 /* Enable interrupts to get RF toggle notification. */ 4196 IWN_LOCK(sc); 4197 IWN_WRITE(sc, IWN_INT, 0xffffffff); 4198 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 4199 IWN_UNLOCK(sc); 4200 } else 4201 ieee80211_resume_all(ic); 4202 } 4203 4204 /* 4205 * Dump the error log of the firmware when a firmware panic occurs. Although 4206 * we can't debug the firmware because it is neither open source nor free, it 4207 * can help us to identify certain classes of problems. 4208 */ 4209 static void 4210 iwn_fatal_intr(struct iwn_softc *sc) 4211 { 4212 struct iwn_fw_dump dump; 4213 int i; 4214 4215 IWN_LOCK_ASSERT(sc); 4216 4217 /* Force a complete recalibration on next init. */ 4218 sc->sc_flags &= ~IWN_FLAG_CALIB_DONE; 4219 4220 /* Check that the error log address is valid. */ 4221 if (sc->errptr < IWN_FW_DATA_BASE || 4222 sc->errptr + sizeof (dump) > 4223 IWN_FW_DATA_BASE + sc->fw_data_maxsz) { 4224 printf("%s: bad firmware error log address 0x%08x\n", __func__, 4225 sc->errptr); 4226 return; 4227 } 4228 if (iwn_nic_lock(sc) != 0) { 4229 printf("%s: could not read firmware error log\n", __func__); 4230 return; 4231 } 4232 /* Read firmware error log from SRAM. */ 4233 iwn_mem_read_region_4(sc, sc->errptr, (uint32_t *)&dump, 4234 sizeof (dump) / sizeof (uint32_t)); 4235 iwn_nic_unlock(sc); 4236 4237 if (dump.valid == 0) { 4238 printf("%s: firmware error log is empty\n", __func__); 4239 return; 4240 } 4241 printf("firmware error log:\n"); 4242 printf(" error type = \"%s\" (0x%08X)\n", 4243 (dump.id < nitems(iwn_fw_errmsg)) ? 4244 iwn_fw_errmsg[dump.id] : "UNKNOWN", 4245 dump.id); 4246 printf(" program counter = 0x%08X\n", dump.pc); 4247 printf(" source line = 0x%08X\n", dump.src_line); 4248 printf(" error data = 0x%08X%08X\n", 4249 dump.error_data[0], dump.error_data[1]); 4250 printf(" branch link = 0x%08X%08X\n", 4251 dump.branch_link[0], dump.branch_link[1]); 4252 printf(" interrupt link = 0x%08X%08X\n", 4253 dump.interrupt_link[0], dump.interrupt_link[1]); 4254 printf(" time = %u\n", dump.time[0]); 4255 4256 /* Dump driver status (TX and RX rings) while we're here. */ 4257 printf("driver status:\n"); 4258 for (i = 0; i < sc->ntxqs; i++) { 4259 struct iwn_tx_ring *ring = &sc->txq[i]; 4260 printf(" tx ring %2d: qid=%-2d cur=%-3d queued=%-3d\n", 4261 i, ring->qid, ring->cur, ring->queued); 4262 } 4263 printf(" rx ring: cur=%d\n", sc->rxq.cur); 4264 } 4265 4266 static void 4267 iwn_intr(void *arg) 4268 { 4269 struct iwn_softc *sc = arg; 4270 uint32_t r1, r2, tmp; 4271 4272 IWN_LOCK(sc); 4273 4274 /* Disable interrupts. */ 4275 IWN_WRITE(sc, IWN_INT_MASK, 0); 4276 4277 /* Read interrupts from ICT (fast) or from registers (slow). */ 4278 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 4279 bus_dmamap_sync(sc->ict_dma.tag, sc->ict_dma.map, 4280 BUS_DMASYNC_POSTREAD); 4281 tmp = 0; 4282 while (sc->ict[sc->ict_cur] != 0) { 4283 tmp |= sc->ict[sc->ict_cur]; 4284 sc->ict[sc->ict_cur] = 0; /* Acknowledge. */ 4285 sc->ict_cur = (sc->ict_cur + 1) % IWN_ICT_COUNT; 4286 } 4287 tmp = le32toh(tmp); 4288 if (tmp == 0xffffffff) /* Shouldn't happen. */ 4289 tmp = 0; 4290 else if (tmp & 0xc0000) /* Workaround a HW bug. */ 4291 tmp |= 0x8000; 4292 r1 = (tmp & 0xff00) << 16 | (tmp & 0xff); 4293 r2 = 0; /* Unused. */ 4294 } else { 4295 r1 = IWN_READ(sc, IWN_INT); 4296 if (r1 == 0xffffffff || (r1 & 0xfffffff0) == 0xa5a5a5a0) { 4297 IWN_UNLOCK(sc); 4298 return; /* Hardware gone! */ 4299 } 4300 r2 = IWN_READ(sc, IWN_FH_INT); 4301 } 4302 4303 DPRINTF(sc, IWN_DEBUG_INTR, "interrupt reg1=0x%08x reg2=0x%08x\n" 4304 , r1, r2); 4305 4306 if (r1 == 0 && r2 == 0) 4307 goto done; /* Interrupt not for us. */ 4308 4309 /* Acknowledge interrupts. */ 4310 IWN_WRITE(sc, IWN_INT, r1); 4311 if (!(sc->sc_flags & IWN_FLAG_USE_ICT)) 4312 IWN_WRITE(sc, IWN_FH_INT, r2); 4313 4314 if (r1 & IWN_INT_RF_TOGGLED) { 4315 taskqueue_enqueue(sc->sc_tq, &sc->sc_rftoggle_task); 4316 goto done; 4317 } 4318 if (r1 & IWN_INT_CT_REACHED) { 4319 device_printf(sc->sc_dev, "%s: critical temperature reached!\n", 4320 __func__); 4321 } 4322 if (r1 & (IWN_INT_SW_ERR | IWN_INT_HW_ERR)) { 4323 device_printf(sc->sc_dev, "%s: fatal firmware error\n", 4324 __func__); 4325 #ifdef IWN_DEBUG 4326 iwn_debug_register(sc); 4327 #endif 4328 /* Dump firmware error log and stop. */ 4329 iwn_fatal_intr(sc); 4330 4331 taskqueue_enqueue(sc->sc_tq, &sc->sc_panic_task); 4332 goto done; 4333 } 4334 if ((r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX | IWN_INT_RX_PERIODIC)) || 4335 (r2 & IWN_FH_INT_RX)) { 4336 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 4337 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) 4338 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_RX); 4339 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 4340 IWN_INT_PERIODIC_DIS); 4341 iwn_notif_intr(sc); 4342 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) { 4343 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 4344 IWN_INT_PERIODIC_ENA); 4345 } 4346 } else 4347 iwn_notif_intr(sc); 4348 } 4349 4350 if ((r1 & IWN_INT_FH_TX) || (r2 & IWN_FH_INT_TX)) { 4351 if (sc->sc_flags & IWN_FLAG_USE_ICT) 4352 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_TX); 4353 wakeup(sc); /* FH DMA transfer completed. */ 4354 } 4355 4356 if (r1 & IWN_INT_ALIVE) 4357 wakeup(sc); /* Firmware is alive. */ 4358 4359 if (r1 & IWN_INT_WAKEUP) 4360 iwn_wakeup_intr(sc); 4361 4362 done: 4363 /* Re-enable interrupts. */ 4364 if (sc->sc_flags & IWN_FLAG_RUNNING) 4365 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 4366 4367 IWN_UNLOCK(sc); 4368 } 4369 4370 /* 4371 * Update TX scheduler ring when transmitting an 802.11 frame (4965AGN and 4372 * 5000 adapters use a slightly different format). 4373 */ 4374 static void 4375 iwn4965_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 4376 uint16_t len) 4377 { 4378 uint16_t *w = &sc->sched[qid * IWN4965_SCHED_COUNT + idx]; 4379 4380 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 4381 4382 *w = htole16(len + 8); 4383 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4384 BUS_DMASYNC_PREWRITE); 4385 if (idx < IWN_SCHED_WINSZ) { 4386 *(w + IWN_TX_RING_COUNT) = *w; 4387 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4388 BUS_DMASYNC_PREWRITE); 4389 } 4390 } 4391 4392 static void 4393 iwn5000_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 4394 uint16_t len) 4395 { 4396 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 4397 4398 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 4399 4400 *w = htole16(id << 12 | (len + 8)); 4401 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4402 BUS_DMASYNC_PREWRITE); 4403 if (idx < IWN_SCHED_WINSZ) { 4404 *(w + IWN_TX_RING_COUNT) = *w; 4405 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4406 BUS_DMASYNC_PREWRITE); 4407 } 4408 } 4409 4410 #ifdef notyet 4411 static void 4412 iwn5000_reset_sched(struct iwn_softc *sc, int qid, int idx) 4413 { 4414 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 4415 4416 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 4417 4418 *w = (*w & htole16(0xf000)) | htole16(1); 4419 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4420 BUS_DMASYNC_PREWRITE); 4421 if (idx < IWN_SCHED_WINSZ) { 4422 *(w + IWN_TX_RING_COUNT) = *w; 4423 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4424 BUS_DMASYNC_PREWRITE); 4425 } 4426 } 4427 #endif 4428 4429 /* 4430 * Check whether OFDM 11g protection will be enabled for the given rate. 4431 * 4432 * The original driver code only enabled protection for OFDM rates. 4433 * It didn't check to see whether it was operating in 11a or 11bg mode. 4434 */ 4435 static int 4436 iwn_check_rate_needs_protection(struct iwn_softc *sc, 4437 struct ieee80211vap *vap, uint8_t rate) 4438 { 4439 struct ieee80211com *ic = vap->iv_ic; 4440 4441 /* 4442 * Not in 2GHz mode? Then there's no need to enable OFDM 4443 * 11bg protection. 4444 */ 4445 if (! IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) { 4446 return (0); 4447 } 4448 4449 /* 4450 * 11bg protection not enabled? Then don't use it. 4451 */ 4452 if ((vap->iv_flags & IEEE80211_F_USEPROT) == 0) 4453 return (0); 4454 4455 /* 4456 * If it's an 11n rate - no protection. 4457 * We'll do it via a specific 11n check. 4458 */ 4459 if (rate & IEEE80211_RATE_MCS) { 4460 return (0); 4461 } 4462 4463 /* 4464 * Do a rate table lookup. If the PHY is CCK, 4465 * don't do protection. 4466 */ 4467 if (ieee80211_rate2phytype(ic->ic_rt, rate) == IEEE80211_T_CCK) 4468 return (0); 4469 4470 /* 4471 * Yup, enable protection. 4472 */ 4473 return (1); 4474 } 4475 4476 /* 4477 * return a value between 0 and IWN_MAX_TX_RETRIES-1 as an index into 4478 * the link quality table that reflects this particular entry. 4479 */ 4480 static int 4481 iwn_tx_rate_to_linkq_offset(struct iwn_softc *sc, struct ieee80211_node *ni, 4482 uint8_t rate) 4483 { 4484 struct ieee80211_rateset *rs; 4485 int is_11n; 4486 int nr; 4487 int i; 4488 uint8_t cmp_rate; 4489 4490 /* 4491 * Figure out if we're using 11n or not here. 4492 */ 4493 if (IEEE80211_IS_CHAN_HT(ni->ni_chan) && ni->ni_htrates.rs_nrates > 0) 4494 is_11n = 1; 4495 else 4496 is_11n = 0; 4497 4498 /* 4499 * Use the correct rate table. 4500 */ 4501 if (is_11n) { 4502 rs = (struct ieee80211_rateset *) &ni->ni_htrates; 4503 nr = ni->ni_htrates.rs_nrates; 4504 } else { 4505 rs = &ni->ni_rates; 4506 nr = rs->rs_nrates; 4507 } 4508 4509 /* 4510 * Find the relevant link quality entry in the table. 4511 */ 4512 for (i = 0; i < nr && i < IWN_MAX_TX_RETRIES - 1 ; i++) { 4513 /* 4514 * The link quality table index starts at 0 == highest 4515 * rate, so we walk the rate table backwards. 4516 */ 4517 cmp_rate = rs->rs_rates[(nr - 1) - i]; 4518 if (rate & IEEE80211_RATE_MCS) 4519 cmp_rate |= IEEE80211_RATE_MCS; 4520 4521 #if 0 4522 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: idx %d: nr=%d, rate=0x%02x, rateentry=0x%02x\n", 4523 __func__, 4524 i, 4525 nr, 4526 rate, 4527 cmp_rate); 4528 #endif 4529 4530 if (cmp_rate == rate) 4531 return (i); 4532 } 4533 4534 /* Failed? Start at the end */ 4535 return (IWN_MAX_TX_RETRIES - 1); 4536 } 4537 4538 static int 4539 iwn_tx_data(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 4540 { 4541 const struct ieee80211_txparam *tp = ni->ni_txparms; 4542 struct ieee80211vap *vap = ni->ni_vap; 4543 struct ieee80211com *ic = ni->ni_ic; 4544 struct iwn_node *wn = (void *)ni; 4545 struct iwn_tx_ring *ring; 4546 struct iwn_tx_cmd *cmd; 4547 struct iwn_cmd_data *tx; 4548 struct ieee80211_frame *wh; 4549 struct ieee80211_key *k = NULL; 4550 uint32_t flags; 4551 uint16_t qos; 4552 uint8_t tid, type; 4553 int ac, totlen, rate; 4554 4555 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 4556 4557 IWN_LOCK_ASSERT(sc); 4558 4559 wh = mtod(m, struct ieee80211_frame *); 4560 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 4561 4562 /* Select EDCA Access Category and TX ring for this frame. */ 4563 if (IEEE80211_QOS_HAS_SEQ(wh)) { 4564 qos = ((const struct ieee80211_qosframe *)wh)->i_qos[0]; 4565 tid = qos & IEEE80211_QOS_TID; 4566 } else { 4567 qos = 0; 4568 tid = 0; 4569 } 4570 4571 /* Choose a TX rate index. */ 4572 if (type == IEEE80211_FC0_TYPE_MGT || 4573 type == IEEE80211_FC0_TYPE_CTL || 4574 (m->m_flags & M_EAPOL) != 0) 4575 rate = tp->mgmtrate; 4576 else if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 4577 rate = tp->mcastrate; 4578 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 4579 rate = tp->ucastrate; 4580 else { 4581 /* XXX pass pktlen */ 4582 (void) ieee80211_ratectl_rate(ni, NULL, 0); 4583 rate = ni->ni_txrate; 4584 } 4585 4586 /* 4587 * XXX TODO: Group addressed frames aren't aggregated and must 4588 * go to the normal non-aggregation queue, and have a NONQOS TID 4589 * assigned from net80211. 4590 */ 4591 4592 ac = M_WME_GETAC(m); 4593 if (m->m_flags & M_AMPDU_MPDU) { 4594 struct ieee80211_tx_ampdu *tap = &ni->ni_tx_ampdu[ac]; 4595 4596 if (!IEEE80211_AMPDU_RUNNING(tap)) 4597 return (EINVAL); 4598 4599 ac = *(int *)tap->txa_private; 4600 } 4601 4602 /* Encrypt the frame if need be. */ 4603 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 4604 /* Retrieve key for TX. */ 4605 k = ieee80211_crypto_encap(ni, m); 4606 if (k == NULL) { 4607 return ENOBUFS; 4608 } 4609 /* 802.11 header may have moved. */ 4610 wh = mtod(m, struct ieee80211_frame *); 4611 } 4612 totlen = m->m_pkthdr.len; 4613 4614 if (ieee80211_radiotap_active_vap(vap)) { 4615 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 4616 4617 tap->wt_flags = 0; 4618 tap->wt_rate = rate; 4619 if (k != NULL) 4620 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 4621 4622 ieee80211_radiotap_tx(vap, m); 4623 } 4624 4625 flags = 0; 4626 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 4627 /* Unicast frame, check if an ACK is expected. */ 4628 if (!qos || (qos & IEEE80211_QOS_ACKPOLICY) != 4629 IEEE80211_QOS_ACKPOLICY_NOACK) 4630 flags |= IWN_TX_NEED_ACK; 4631 } 4632 if ((wh->i_fc[0] & 4633 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 4634 (IEEE80211_FC0_TYPE_CTL | IEEE80211_FC0_SUBTYPE_BAR)) 4635 flags |= IWN_TX_IMM_BA; /* Cannot happen yet. */ 4636 4637 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) 4638 flags |= IWN_TX_MORE_FRAG; /* Cannot happen yet. */ 4639 4640 /* Check if frame must be protected using RTS/CTS or CTS-to-self. */ 4641 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 4642 /* NB: Group frames are sent using CCK in 802.11b/g. */ 4643 if (totlen + IEEE80211_CRC_LEN > vap->iv_rtsthreshold) { 4644 flags |= IWN_TX_NEED_RTS; 4645 } else if (iwn_check_rate_needs_protection(sc, vap, rate)) { 4646 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 4647 flags |= IWN_TX_NEED_CTS; 4648 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 4649 flags |= IWN_TX_NEED_RTS; 4650 } else if ((rate & IEEE80211_RATE_MCS) && 4651 (ic->ic_htprotmode == IEEE80211_PROT_RTSCTS)) { 4652 flags |= IWN_TX_NEED_RTS; 4653 } 4654 4655 /* XXX HT protection? */ 4656 4657 if (flags & (IWN_TX_NEED_RTS | IWN_TX_NEED_CTS)) { 4658 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4659 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 4660 flags &= ~(IWN_TX_NEED_RTS | IWN_TX_NEED_CTS); 4661 flags |= IWN_TX_NEED_PROTECTION; 4662 } else 4663 flags |= IWN_TX_FULL_TXOP; 4664 } 4665 } 4666 4667 ring = &sc->txq[ac]; 4668 if (m->m_flags & M_AMPDU_MPDU) { 4669 uint16_t seqno = ni->ni_txseqs[tid]; 4670 4671 if (ring->queued > IWN_TX_RING_COUNT / 2 && 4672 (ring->cur + 1) % IWN_TX_RING_COUNT == ring->read) { 4673 DPRINTF(sc, IWN_DEBUG_AMPDU, "%s: no more space " 4674 "(queued %d) left in %d queue!\n", 4675 __func__, ring->queued, ac); 4676 return (ENOBUFS); 4677 } 4678 4679 /* 4680 * Queue this frame to the hardware ring that we've 4681 * negotiated AMPDU TX on. 4682 * 4683 * Note that the sequence number must match the TX slot 4684 * being used! 4685 */ 4686 if ((seqno % 256) != ring->cur) { 4687 device_printf(sc->sc_dev, 4688 "%s: m=%p: seqno (%d) (%d) != ring index (%d) !\n", 4689 __func__, 4690 m, 4691 seqno, 4692 seqno % 256, 4693 ring->cur); 4694 4695 /* XXX until D9195 will not be committed */ 4696 ni->ni_txseqs[tid] &= ~0xff; 4697 ni->ni_txseqs[tid] += ring->cur; 4698 seqno = ni->ni_txseqs[tid]; 4699 } 4700 4701 *(uint16_t *)wh->i_seq = 4702 htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT); 4703 ni->ni_txseqs[tid]++; 4704 } 4705 4706 /* Prepare TX firmware command. */ 4707 cmd = &ring->cmd[ring->cur]; 4708 tx = (struct iwn_cmd_data *)cmd->data; 4709 4710 /* NB: No need to clear tx, all fields are reinitialized here. */ 4711 tx->scratch = 0; /* clear "scratch" area */ 4712 4713 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 4714 type != IEEE80211_FC0_TYPE_DATA) 4715 tx->id = sc->broadcast_id; 4716 else 4717 tx->id = wn->id; 4718 4719 if (type == IEEE80211_FC0_TYPE_MGT) { 4720 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 4721 4722 /* Tell HW to set timestamp in probe responses. */ 4723 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 4724 flags |= IWN_TX_INSERT_TSTAMP; 4725 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 4726 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 4727 tx->timeout = htole16(3); 4728 else 4729 tx->timeout = htole16(2); 4730 } else 4731 tx->timeout = htole16(0); 4732 4733 if (tx->id == sc->broadcast_id) { 4734 /* Group or management frame. */ 4735 tx->linkq = 0; 4736 } else { 4737 tx->linkq = iwn_tx_rate_to_linkq_offset(sc, ni, rate); 4738 flags |= IWN_TX_LINKQ; /* enable MRR */ 4739 } 4740 4741 tx->tid = tid; 4742 tx->rts_ntries = 60; 4743 tx->data_ntries = 15; 4744 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 4745 tx->rate = iwn_rate_to_plcp(sc, ni, rate); 4746 tx->security = 0; 4747 tx->flags = htole32(flags); 4748 4749 return (iwn_tx_cmd(sc, m, ni, ring)); 4750 } 4751 4752 static int 4753 iwn_tx_data_raw(struct iwn_softc *sc, struct mbuf *m, 4754 struct ieee80211_node *ni, const struct ieee80211_bpf_params *params) 4755 { 4756 struct ieee80211vap *vap = ni->ni_vap; 4757 struct iwn_tx_cmd *cmd; 4758 struct iwn_cmd_data *tx; 4759 struct ieee80211_frame *wh; 4760 struct iwn_tx_ring *ring; 4761 uint32_t flags; 4762 int ac, rate; 4763 uint8_t type; 4764 4765 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 4766 4767 IWN_LOCK_ASSERT(sc); 4768 4769 wh = mtod(m, struct ieee80211_frame *); 4770 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 4771 4772 ac = params->ibp_pri & 3; 4773 4774 /* Choose a TX rate. */ 4775 rate = params->ibp_rate0; 4776 4777 flags = 0; 4778 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 4779 flags |= IWN_TX_NEED_ACK; 4780 if (params->ibp_flags & IEEE80211_BPF_RTS) { 4781 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4782 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 4783 flags &= ~IWN_TX_NEED_RTS; 4784 flags |= IWN_TX_NEED_PROTECTION; 4785 } else 4786 flags |= IWN_TX_NEED_RTS | IWN_TX_FULL_TXOP; 4787 } 4788 if (params->ibp_flags & IEEE80211_BPF_CTS) { 4789 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4790 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 4791 flags &= ~IWN_TX_NEED_CTS; 4792 flags |= IWN_TX_NEED_PROTECTION; 4793 } else 4794 flags |= IWN_TX_NEED_CTS | IWN_TX_FULL_TXOP; 4795 } 4796 4797 if (ieee80211_radiotap_active_vap(vap)) { 4798 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 4799 4800 tap->wt_flags = 0; 4801 tap->wt_rate = rate; 4802 4803 ieee80211_radiotap_tx(vap, m); 4804 } 4805 4806 ring = &sc->txq[ac]; 4807 cmd = &ring->cmd[ring->cur]; 4808 4809 tx = (struct iwn_cmd_data *)cmd->data; 4810 /* NB: No need to clear tx, all fields are reinitialized here. */ 4811 tx->scratch = 0; /* clear "scratch" area */ 4812 4813 if (type == IEEE80211_FC0_TYPE_MGT) { 4814 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 4815 4816 /* Tell HW to set timestamp in probe responses. */ 4817 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 4818 flags |= IWN_TX_INSERT_TSTAMP; 4819 4820 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 4821 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 4822 tx->timeout = htole16(3); 4823 else 4824 tx->timeout = htole16(2); 4825 } else 4826 tx->timeout = htole16(0); 4827 4828 tx->tid = 0; 4829 tx->id = sc->broadcast_id; 4830 tx->rts_ntries = params->ibp_try1; 4831 tx->data_ntries = params->ibp_try0; 4832 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 4833 tx->rate = iwn_rate_to_plcp(sc, ni, rate); 4834 tx->security = 0; 4835 tx->flags = htole32(flags); 4836 4837 /* Group or management frame. */ 4838 tx->linkq = 0; 4839 4840 return (iwn_tx_cmd(sc, m, ni, ring)); 4841 } 4842 4843 static int 4844 iwn_tx_cmd(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 4845 struct iwn_tx_ring *ring) 4846 { 4847 struct iwn_ops *ops = &sc->ops; 4848 struct iwn_tx_cmd *cmd; 4849 struct iwn_cmd_data *tx; 4850 struct ieee80211_frame *wh; 4851 struct iwn_tx_desc *desc; 4852 struct iwn_tx_data *data; 4853 bus_dma_segment_t *seg, segs[IWN_MAX_SCATTER]; 4854 struct mbuf *m1; 4855 u_int hdrlen; 4856 int totlen, error, pad, nsegs = 0, i; 4857 4858 wh = mtod(m, struct ieee80211_frame *); 4859 hdrlen = ieee80211_anyhdrsize(wh); 4860 totlen = m->m_pkthdr.len; 4861 4862 desc = &ring->desc[ring->cur]; 4863 data = &ring->data[ring->cur]; 4864 4865 if (__predict_false(data->m != NULL || data->ni != NULL)) { 4866 device_printf(sc->sc_dev, "%s: ni (%p) or m (%p) for idx %d " 4867 "in queue %d is not NULL!\n", __func__, data->ni, data->m, 4868 ring->cur, ring->qid); 4869 return EIO; 4870 } 4871 4872 /* Prepare TX firmware command. */ 4873 cmd = &ring->cmd[ring->cur]; 4874 cmd->code = IWN_CMD_TX_DATA; 4875 cmd->flags = 0; 4876 cmd->qid = ring->qid; 4877 cmd->idx = ring->cur; 4878 4879 tx = (struct iwn_cmd_data *)cmd->data; 4880 tx->len = htole16(totlen); 4881 4882 /* Set physical address of "scratch area". */ 4883 tx->loaddr = htole32(IWN_LOADDR(data->scratch_paddr)); 4884 tx->hiaddr = IWN_HIADDR(data->scratch_paddr); 4885 if (hdrlen & 3) { 4886 /* First segment length must be a multiple of 4. */ 4887 tx->flags |= htole32(IWN_TX_NEED_PADDING); 4888 pad = 4 - (hdrlen & 3); 4889 } else 4890 pad = 0; 4891 4892 /* Copy 802.11 header in TX command. */ 4893 memcpy((uint8_t *)(tx + 1), wh, hdrlen); 4894 4895 /* Trim 802.11 header. */ 4896 m_adj(m, hdrlen); 4897 4898 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, m, segs, 4899 &nsegs, BUS_DMA_NOWAIT); 4900 if (error != 0) { 4901 if (error != EFBIG) { 4902 device_printf(sc->sc_dev, 4903 "%s: can't map mbuf (error %d)\n", __func__, error); 4904 return error; 4905 } 4906 /* Too many DMA segments, linearize mbuf. */ 4907 m1 = m_collapse(m, M_NOWAIT, IWN_MAX_SCATTER - 1); 4908 if (m1 == NULL) { 4909 device_printf(sc->sc_dev, 4910 "%s: could not defrag mbuf\n", __func__); 4911 return ENOBUFS; 4912 } 4913 m = m1; 4914 4915 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, m, 4916 segs, &nsegs, BUS_DMA_NOWAIT); 4917 if (error != 0) { 4918 /* XXX fix this */ 4919 /* 4920 * NB: Do not return error; 4921 * original mbuf does not exist anymore. 4922 */ 4923 device_printf(sc->sc_dev, 4924 "%s: can't map mbuf (error %d)\n", 4925 __func__, error); 4926 if_inc_counter(ni->ni_vap->iv_ifp, 4927 IFCOUNTER_OERRORS, 1); 4928 ieee80211_free_node(ni); 4929 m_freem(m); 4930 return 0; 4931 } 4932 } 4933 4934 data->m = m; 4935 data->ni = ni; 4936 4937 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: qid %d idx %d len %d nsegs %d " 4938 "plcp 0x%x\n", 4939 __func__, ring->qid, ring->cur, totlen, nsegs, tx->rate); 4940 4941 /* Fill TX descriptor. */ 4942 desc->nsegs = 1; 4943 if (m->m_len != 0) 4944 desc->nsegs += nsegs; 4945 /* First DMA segment is used by the TX command. */ 4946 desc->segs[0].addr = htole32(IWN_LOADDR(data->cmd_paddr)); 4947 desc->segs[0].len = htole16(IWN_HIADDR(data->cmd_paddr) | 4948 (4 + sizeof (*tx) + hdrlen + pad) << 4); 4949 /* Other DMA segments are for data payload. */ 4950 seg = &segs[0]; 4951 for (i = 1; i <= nsegs; i++) { 4952 desc->segs[i].addr = htole32(IWN_LOADDR(seg->ds_addr)); 4953 desc->segs[i].len = htole16(IWN_HIADDR(seg->ds_addr) | 4954 seg->ds_len << 4); 4955 seg++; 4956 } 4957 4958 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 4959 bus_dmamap_sync(ring->cmd_dma.tag, ring->cmd_dma.map, 4960 BUS_DMASYNC_PREWRITE); 4961 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 4962 BUS_DMASYNC_PREWRITE); 4963 4964 /* Update TX scheduler. */ 4965 if (ring->qid >= sc->firstaggqueue) 4966 ops->update_sched(sc, ring->qid, ring->cur, tx->id, totlen); 4967 4968 /* Kick TX ring. */ 4969 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 4970 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 4971 4972 /* Mark TX ring as full if we reach a certain threshold. */ 4973 if (++ring->queued > IWN_TX_RING_HIMARK) 4974 sc->qfullmsk |= 1 << ring->qid; 4975 4976 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 4977 4978 return 0; 4979 } 4980 4981 static void 4982 iwn_xmit_task(void *arg0, int pending) 4983 { 4984 struct iwn_softc *sc = arg0; 4985 struct ieee80211_node *ni; 4986 struct mbuf *m; 4987 int error; 4988 struct ieee80211_bpf_params p; 4989 int have_p; 4990 4991 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: called\n", __func__); 4992 4993 IWN_LOCK(sc); 4994 /* 4995 * Dequeue frames, attempt to transmit, 4996 * then disable beaconwait when we're done. 4997 */ 4998 while ((m = mbufq_dequeue(&sc->sc_xmit_queue)) != NULL) { 4999 have_p = 0; 5000 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 5001 5002 /* Get xmit params if appropriate */ 5003 if (ieee80211_get_xmit_params(m, &p) == 0) 5004 have_p = 1; 5005 5006 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: m=%p, have_p=%d\n", 5007 __func__, m, have_p); 5008 5009 /* If we have xmit params, use them */ 5010 if (have_p) 5011 error = iwn_tx_data_raw(sc, m, ni, &p); 5012 else 5013 error = iwn_tx_data(sc, m, ni); 5014 5015 if (error != 0) { 5016 if_inc_counter(ni->ni_vap->iv_ifp, 5017 IFCOUNTER_OERRORS, 1); 5018 ieee80211_free_node(ni); 5019 m_freem(m); 5020 } 5021 } 5022 5023 sc->sc_beacon_wait = 0; 5024 IWN_UNLOCK(sc); 5025 } 5026 5027 /* 5028 * raw frame xmit - free node/reference if failed. 5029 */ 5030 static int 5031 iwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 5032 const struct ieee80211_bpf_params *params) 5033 { 5034 struct ieee80211com *ic = ni->ni_ic; 5035 struct iwn_softc *sc = ic->ic_softc; 5036 int error = 0; 5037 5038 DPRINTF(sc, IWN_DEBUG_XMIT | IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5039 5040 IWN_LOCK(sc); 5041 if ((sc->sc_flags & IWN_FLAG_RUNNING) == 0) { 5042 m_freem(m); 5043 IWN_UNLOCK(sc); 5044 return (ENETDOWN); 5045 } 5046 5047 /* queue frame if we have to */ 5048 if (sc->sc_beacon_wait) { 5049 if (iwn_xmit_queue_enqueue(sc, m) != 0) { 5050 m_freem(m); 5051 IWN_UNLOCK(sc); 5052 return (ENOBUFS); 5053 } 5054 /* Queued, so just return OK */ 5055 IWN_UNLOCK(sc); 5056 return (0); 5057 } 5058 5059 if (params == NULL) { 5060 /* 5061 * Legacy path; interpret frame contents to decide 5062 * precisely how to send the frame. 5063 */ 5064 error = iwn_tx_data(sc, m, ni); 5065 } else { 5066 /* 5067 * Caller supplied explicit parameters to use in 5068 * sending the frame. 5069 */ 5070 error = iwn_tx_data_raw(sc, m, ni, params); 5071 } 5072 if (error == 0) 5073 sc->sc_tx_timer = 5; 5074 else 5075 m_freem(m); 5076 5077 IWN_UNLOCK(sc); 5078 5079 DPRINTF(sc, IWN_DEBUG_TRACE | IWN_DEBUG_XMIT, "->%s: end\n",__func__); 5080 5081 return (error); 5082 } 5083 5084 /* 5085 * transmit - don't free mbuf if failed; don't free node ref if failed. 5086 */ 5087 static int 5088 iwn_transmit(struct ieee80211com *ic, struct mbuf *m) 5089 { 5090 struct iwn_softc *sc = ic->ic_softc; 5091 struct ieee80211_node *ni; 5092 int error; 5093 5094 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 5095 5096 IWN_LOCK(sc); 5097 if ((sc->sc_flags & IWN_FLAG_RUNNING) == 0 || sc->sc_beacon_wait) { 5098 IWN_UNLOCK(sc); 5099 return (ENXIO); 5100 } 5101 5102 if (sc->qfullmsk) { 5103 IWN_UNLOCK(sc); 5104 return (ENOBUFS); 5105 } 5106 5107 error = iwn_tx_data(sc, m, ni); 5108 if (!error) 5109 sc->sc_tx_timer = 5; 5110 IWN_UNLOCK(sc); 5111 return (error); 5112 } 5113 5114 static void 5115 iwn_scan_timeout(void *arg) 5116 { 5117 struct iwn_softc *sc = arg; 5118 struct ieee80211com *ic = &sc->sc_ic; 5119 5120 ic_printf(ic, "scan timeout\n"); 5121 ieee80211_restart_all(ic); 5122 } 5123 5124 static void 5125 iwn_watchdog(void *arg) 5126 { 5127 struct iwn_softc *sc = arg; 5128 struct ieee80211com *ic = &sc->sc_ic; 5129 5130 IWN_LOCK_ASSERT(sc); 5131 5132 KASSERT(sc->sc_flags & IWN_FLAG_RUNNING, ("not running")); 5133 5134 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5135 5136 if (sc->sc_tx_timer > 0) { 5137 if (--sc->sc_tx_timer == 0) { 5138 ic_printf(ic, "device timeout\n"); 5139 ieee80211_restart_all(ic); 5140 return; 5141 } 5142 } 5143 callout_reset(&sc->watchdog_to, hz, iwn_watchdog, sc); 5144 } 5145 5146 static int 5147 iwn_cdev_open(struct cdev *dev, int flags, int type, struct thread *td) 5148 { 5149 5150 return (0); 5151 } 5152 5153 static int 5154 iwn_cdev_close(struct cdev *dev, int flags, int type, struct thread *td) 5155 { 5156 5157 return (0); 5158 } 5159 5160 static int 5161 iwn_cdev_ioctl(struct cdev *dev, unsigned long cmd, caddr_t data, int fflag, 5162 struct thread *td) 5163 { 5164 int rc; 5165 struct iwn_softc *sc = dev->si_drv1; 5166 struct iwn_ioctl_data *d; 5167 5168 rc = priv_check(td, PRIV_DRIVER); 5169 if (rc != 0) 5170 return (0); 5171 5172 switch (cmd) { 5173 case SIOCGIWNSTATS: 5174 d = (struct iwn_ioctl_data *) data; 5175 IWN_LOCK(sc); 5176 /* XXX validate permissions/memory/etc? */ 5177 rc = copyout(&sc->last_stat, d->dst_addr, sizeof(struct iwn_stats)); 5178 IWN_UNLOCK(sc); 5179 break; 5180 case SIOCZIWNSTATS: 5181 IWN_LOCK(sc); 5182 memset(&sc->last_stat, 0, sizeof(struct iwn_stats)); 5183 IWN_UNLOCK(sc); 5184 break; 5185 default: 5186 rc = EINVAL; 5187 break; 5188 } 5189 return (rc); 5190 } 5191 5192 static int 5193 iwn_ioctl(struct ieee80211com *ic, u_long cmd, void *data) 5194 { 5195 5196 return (ENOTTY); 5197 } 5198 5199 static void 5200 iwn_parent(struct ieee80211com *ic) 5201 { 5202 struct iwn_softc *sc = ic->ic_softc; 5203 struct ieee80211vap *vap; 5204 int error; 5205 5206 if (ic->ic_nrunning > 0) { 5207 error = iwn_init(sc); 5208 5209 switch (error) { 5210 case 0: 5211 ieee80211_start_all(ic); 5212 break; 5213 case 1: 5214 /* radio is disabled via RFkill switch */ 5215 taskqueue_enqueue(sc->sc_tq, &sc->sc_rftoggle_task); 5216 break; 5217 default: 5218 vap = TAILQ_FIRST(&ic->ic_vaps); 5219 if (vap != NULL) 5220 ieee80211_stop(vap); 5221 break; 5222 } 5223 } else 5224 iwn_stop(sc); 5225 } 5226 5227 /* 5228 * Send a command to the firmware. 5229 */ 5230 static int 5231 iwn_cmd(struct iwn_softc *sc, int code, const void *buf, int size, int async) 5232 { 5233 struct iwn_tx_ring *ring; 5234 struct iwn_tx_desc *desc; 5235 struct iwn_tx_data *data; 5236 struct iwn_tx_cmd *cmd; 5237 struct mbuf *m; 5238 bus_addr_t paddr; 5239 int totlen, error; 5240 int cmd_queue_num; 5241 5242 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5243 5244 if (async == 0) 5245 IWN_LOCK_ASSERT(sc); 5246 5247 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) 5248 cmd_queue_num = IWN_PAN_CMD_QUEUE; 5249 else 5250 cmd_queue_num = IWN_CMD_QUEUE_NUM; 5251 5252 ring = &sc->txq[cmd_queue_num]; 5253 desc = &ring->desc[ring->cur]; 5254 data = &ring->data[ring->cur]; 5255 totlen = 4 + size; 5256 5257 if (size > sizeof cmd->data) { 5258 /* Command is too large to fit in a descriptor. */ 5259 if (totlen > MCLBYTES) 5260 return EINVAL; 5261 m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE); 5262 if (m == NULL) 5263 return ENOMEM; 5264 cmd = mtod(m, struct iwn_tx_cmd *); 5265 error = bus_dmamap_load(ring->data_dmat, data->map, cmd, 5266 totlen, iwn_dma_map_addr, &paddr, BUS_DMA_NOWAIT); 5267 if (error != 0) { 5268 m_freem(m); 5269 return error; 5270 } 5271 data->m = m; 5272 } else { 5273 cmd = &ring->cmd[ring->cur]; 5274 paddr = data->cmd_paddr; 5275 } 5276 5277 cmd->code = code; 5278 cmd->flags = 0; 5279 cmd->qid = ring->qid; 5280 cmd->idx = ring->cur; 5281 memcpy(cmd->data, buf, size); 5282 5283 desc->nsegs = 1; 5284 desc->segs[0].addr = htole32(IWN_LOADDR(paddr)); 5285 desc->segs[0].len = htole16(IWN_HIADDR(paddr) | totlen << 4); 5286 5287 DPRINTF(sc, IWN_DEBUG_CMD, "%s: %s (0x%x) flags %d qid %d idx %d\n", 5288 __func__, iwn_intr_str(cmd->code), cmd->code, 5289 cmd->flags, cmd->qid, cmd->idx); 5290 5291 if (size > sizeof cmd->data) { 5292 bus_dmamap_sync(ring->data_dmat, data->map, 5293 BUS_DMASYNC_PREWRITE); 5294 } else { 5295 bus_dmamap_sync(ring->cmd_dma.tag, ring->cmd_dma.map, 5296 BUS_DMASYNC_PREWRITE); 5297 } 5298 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 5299 BUS_DMASYNC_PREWRITE); 5300 5301 /* Kick command ring. */ 5302 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 5303 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 5304 5305 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5306 5307 return async ? 0 : msleep(desc, &sc->sc_mtx, PCATCH, "iwncmd", hz); 5308 } 5309 5310 static int 5311 iwn4965_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 5312 { 5313 struct iwn4965_node_info hnode; 5314 caddr_t src, dst; 5315 5316 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5317 5318 /* 5319 * We use the node structure for 5000 Series internally (it is 5320 * a superset of the one for 4965AGN). We thus copy the common 5321 * fields before sending the command. 5322 */ 5323 src = (caddr_t)node; 5324 dst = (caddr_t)&hnode; 5325 memcpy(dst, src, 48); 5326 /* Skip TSC, RX MIC and TX MIC fields from ``src''. */ 5327 memcpy(dst + 48, src + 72, 20); 5328 return iwn_cmd(sc, IWN_CMD_ADD_NODE, &hnode, sizeof hnode, async); 5329 } 5330 5331 static int 5332 iwn5000_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 5333 { 5334 5335 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5336 5337 /* Direct mapping. */ 5338 return iwn_cmd(sc, IWN_CMD_ADD_NODE, node, sizeof (*node), async); 5339 } 5340 5341 static int 5342 iwn_set_link_quality(struct iwn_softc *sc, struct ieee80211_node *ni) 5343 { 5344 struct iwn_node *wn = (void *)ni; 5345 struct ieee80211_rateset *rs; 5346 struct iwn_cmd_link_quality linkq; 5347 int i, rate, txrate; 5348 int is_11n; 5349 5350 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5351 5352 memset(&linkq, 0, sizeof linkq); 5353 linkq.id = wn->id; 5354 linkq.antmsk_1stream = iwn_get_1stream_tx_antmask(sc); 5355 linkq.antmsk_2stream = iwn_get_2stream_tx_antmask(sc); 5356 5357 linkq.ampdu_max = 32; /* XXX negotiated? */ 5358 linkq.ampdu_threshold = 3; 5359 linkq.ampdu_limit = htole16(4000); /* 4ms */ 5360 5361 DPRINTF(sc, IWN_DEBUG_XMIT, 5362 "%s: 1stream antenna=0x%02x, 2stream antenna=0x%02x, ntxstreams=%d\n", 5363 __func__, 5364 linkq.antmsk_1stream, 5365 linkq.antmsk_2stream, 5366 sc->ntxchains); 5367 5368 /* 5369 * Are we using 11n rates? Ensure the channel is 5370 * 11n _and_ we have some 11n rates, or don't 5371 * try. 5372 */ 5373 if (IEEE80211_IS_CHAN_HT(ni->ni_chan) && ni->ni_htrates.rs_nrates > 0) { 5374 rs = (struct ieee80211_rateset *) &ni->ni_htrates; 5375 is_11n = 1; 5376 } else { 5377 rs = &ni->ni_rates; 5378 is_11n = 0; 5379 } 5380 5381 /* Start at highest available bit-rate. */ 5382 /* 5383 * XXX this is all very dirty! 5384 */ 5385 if (is_11n) 5386 txrate = ni->ni_htrates.rs_nrates - 1; 5387 else 5388 txrate = rs->rs_nrates - 1; 5389 for (i = 0; i < IWN_MAX_TX_RETRIES; i++) { 5390 uint32_t plcp; 5391 5392 /* 5393 * XXX TODO: ensure the last two slots are the two lowest 5394 * rate entries, just for now. 5395 */ 5396 if (i == 14 || i == 15) 5397 txrate = 0; 5398 5399 if (is_11n) 5400 rate = IEEE80211_RATE_MCS | rs->rs_rates[txrate]; 5401 else 5402 rate = IEEE80211_RV(rs->rs_rates[txrate]); 5403 5404 /* Do rate -> PLCP config mapping */ 5405 plcp = iwn_rate_to_plcp(sc, ni, rate); 5406 linkq.retry[i] = plcp; 5407 DPRINTF(sc, IWN_DEBUG_XMIT, 5408 "%s: i=%d, txrate=%d, rate=0x%02x, plcp=0x%08x\n", 5409 __func__, 5410 i, 5411 txrate, 5412 rate, 5413 le32toh(plcp)); 5414 5415 /* 5416 * The mimo field is an index into the table which 5417 * indicates the first index where it and subsequent entries 5418 * will not be using MIMO. 5419 * 5420 * Since we're filling linkq from 0..15 and we're filling 5421 * from the highest MCS rates to the lowest rates, if we 5422 * _are_ doing a dual-stream rate, set mimo to idx+1 (ie, 5423 * the next entry.) That way if the next entry is a non-MIMO 5424 * entry, we're already pointing at it. 5425 */ 5426 if ((le32toh(plcp) & IWN_RFLAG_MCS) && 5427 IEEE80211_RV(le32toh(plcp)) > 7) 5428 linkq.mimo = i + 1; 5429 5430 /* Next retry at immediate lower bit-rate. */ 5431 if (txrate > 0) 5432 txrate--; 5433 } 5434 /* 5435 * If we reached the end of the list and indeed we hit 5436 * all MIMO rates (eg 5300 doing MCS23-15) then yes, 5437 * set mimo to 15. Setting it to 16 panics the firmware. 5438 */ 5439 if (linkq.mimo > 15) 5440 linkq.mimo = 15; 5441 5442 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: mimo = %d\n", __func__, linkq.mimo); 5443 5444 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5445 5446 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, 1); 5447 } 5448 5449 /* 5450 * Broadcast node is used to send group-addressed and management frames. 5451 */ 5452 static int 5453 iwn_add_broadcast_node(struct iwn_softc *sc, int async) 5454 { 5455 struct iwn_ops *ops = &sc->ops; 5456 struct ieee80211com *ic = &sc->sc_ic; 5457 struct iwn_node_info node; 5458 struct iwn_cmd_link_quality linkq; 5459 uint8_t txant; 5460 int i, error; 5461 5462 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5463 5464 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 5465 5466 memset(&node, 0, sizeof node); 5467 IEEE80211_ADDR_COPY(node.macaddr, ieee80211broadcastaddr); 5468 node.id = sc->broadcast_id; 5469 DPRINTF(sc, IWN_DEBUG_RESET, "%s: adding broadcast node\n", __func__); 5470 if ((error = ops->add_node(sc, &node, async)) != 0) 5471 return error; 5472 5473 /* Use the first valid TX antenna. */ 5474 txant = IWN_LSB(sc->txchainmask); 5475 5476 memset(&linkq, 0, sizeof linkq); 5477 linkq.id = sc->broadcast_id; 5478 linkq.antmsk_1stream = iwn_get_1stream_tx_antmask(sc); 5479 linkq.antmsk_2stream = iwn_get_2stream_tx_antmask(sc); 5480 linkq.ampdu_max = 64; 5481 linkq.ampdu_threshold = 3; 5482 linkq.ampdu_limit = htole16(4000); /* 4ms */ 5483 5484 /* Use lowest mandatory bit-rate. */ 5485 /* XXX rate table lookup? */ 5486 if (IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan)) 5487 linkq.retry[0] = htole32(0xd); 5488 else 5489 linkq.retry[0] = htole32(10 | IWN_RFLAG_CCK); 5490 linkq.retry[0] |= htole32(IWN_RFLAG_ANT(txant)); 5491 /* Use same bit-rate for all TX retries. */ 5492 for (i = 1; i < IWN_MAX_TX_RETRIES; i++) { 5493 linkq.retry[i] = linkq.retry[0]; 5494 } 5495 5496 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5497 5498 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, async); 5499 } 5500 5501 static int 5502 iwn_updateedca(struct ieee80211com *ic) 5503 { 5504 #define IWN_EXP2(x) ((1 << (x)) - 1) /* CWmin = 2^ECWmin - 1 */ 5505 struct iwn_softc *sc = ic->ic_softc; 5506 struct iwn_edca_params cmd; 5507 struct chanAccParams chp; 5508 int aci; 5509 5510 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5511 5512 ieee80211_wme_ic_getparams(ic, &chp); 5513 5514 memset(&cmd, 0, sizeof cmd); 5515 cmd.flags = htole32(IWN_EDCA_UPDATE); 5516 5517 IEEE80211_LOCK(ic); 5518 for (aci = 0; aci < WME_NUM_AC; aci++) { 5519 const struct wmeParams *ac = &chp.cap_wmeParams[aci]; 5520 cmd.ac[aci].aifsn = ac->wmep_aifsn; 5521 cmd.ac[aci].cwmin = htole16(IWN_EXP2(ac->wmep_logcwmin)); 5522 cmd.ac[aci].cwmax = htole16(IWN_EXP2(ac->wmep_logcwmax)); 5523 cmd.ac[aci].txoplimit = 5524 htole16(IEEE80211_TXOP_TO_US(ac->wmep_txopLimit)); 5525 } 5526 IEEE80211_UNLOCK(ic); 5527 5528 IWN_LOCK(sc); 5529 (void)iwn_cmd(sc, IWN_CMD_EDCA_PARAMS, &cmd, sizeof cmd, 1); 5530 IWN_UNLOCK(sc); 5531 5532 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5533 5534 return 0; 5535 #undef IWN_EXP2 5536 } 5537 5538 static void 5539 iwn_set_promisc(struct iwn_softc *sc) 5540 { 5541 struct ieee80211com *ic = &sc->sc_ic; 5542 uint32_t promisc_filter; 5543 5544 promisc_filter = IWN_FILTER_CTL | IWN_FILTER_PROMISC; 5545 if (ic->ic_promisc > 0 || ic->ic_opmode == IEEE80211_M_MONITOR) 5546 sc->rxon->filter |= htole32(promisc_filter); 5547 else 5548 sc->rxon->filter &= ~htole32(promisc_filter); 5549 } 5550 5551 static void 5552 iwn_update_promisc(struct ieee80211com *ic) 5553 { 5554 struct iwn_softc *sc = ic->ic_softc; 5555 int error; 5556 5557 if (ic->ic_opmode == IEEE80211_M_MONITOR) 5558 return; /* nothing to do */ 5559 5560 IWN_LOCK(sc); 5561 if (!(sc->sc_flags & IWN_FLAG_RUNNING)) { 5562 IWN_UNLOCK(sc); 5563 return; 5564 } 5565 5566 iwn_set_promisc(sc); 5567 if ((error = iwn_send_rxon(sc, 1, 1)) != 0) { 5568 device_printf(sc->sc_dev, 5569 "%s: could not send RXON, error %d\n", 5570 __func__, error); 5571 } 5572 IWN_UNLOCK(sc); 5573 } 5574 5575 static void 5576 iwn_update_mcast(struct ieee80211com *ic) 5577 { 5578 /* Ignore */ 5579 } 5580 5581 static void 5582 iwn_set_led(struct iwn_softc *sc, uint8_t which, uint8_t off, uint8_t on) 5583 { 5584 struct iwn_cmd_led led; 5585 5586 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5587 5588 #if 0 5589 /* XXX don't set LEDs during scan? */ 5590 if (sc->sc_is_scanning) 5591 return; 5592 #endif 5593 5594 /* Clear microcode LED ownership. */ 5595 IWN_CLRBITS(sc, IWN_LED, IWN_LED_BSM_CTRL); 5596 5597 led.which = which; 5598 led.unit = htole32(10000); /* on/off in unit of 100ms */ 5599 led.off = off; 5600 led.on = on; 5601 (void)iwn_cmd(sc, IWN_CMD_SET_LED, &led, sizeof led, 1); 5602 } 5603 5604 /* 5605 * Set the critical temperature at which the firmware will stop the radio 5606 * and notify us. 5607 */ 5608 static int 5609 iwn_set_critical_temp(struct iwn_softc *sc) 5610 { 5611 struct iwn_critical_temp crit; 5612 int32_t temp; 5613 5614 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5615 5616 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CTEMP_STOP_RF); 5617 5618 if (sc->hw_type == IWN_HW_REV_TYPE_5150) 5619 temp = (IWN_CTOK(110) - sc->temp_off) * -5; 5620 else if (sc->hw_type == IWN_HW_REV_TYPE_4965) 5621 temp = IWN_CTOK(110); 5622 else 5623 temp = 110; 5624 memset(&crit, 0, sizeof crit); 5625 crit.tempR = htole32(temp); 5626 DPRINTF(sc, IWN_DEBUG_RESET, "setting critical temp to %d\n", temp); 5627 return iwn_cmd(sc, IWN_CMD_SET_CRITICAL_TEMP, &crit, sizeof crit, 0); 5628 } 5629 5630 static int 5631 iwn_set_timing(struct iwn_softc *sc, struct ieee80211_node *ni) 5632 { 5633 struct iwn_cmd_timing cmd; 5634 uint64_t val, mod; 5635 5636 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5637 5638 memset(&cmd, 0, sizeof cmd); 5639 memcpy(&cmd.tstamp, ni->ni_tstamp.data, sizeof (uint64_t)); 5640 cmd.bintval = htole16(ni->ni_intval); 5641 cmd.lintval = htole16(10); 5642 5643 /* Compute remaining time until next beacon. */ 5644 val = (uint64_t)ni->ni_intval * IEEE80211_DUR_TU; 5645 mod = le64toh(cmd.tstamp) % val; 5646 cmd.binitval = htole32((uint32_t)(val - mod)); 5647 5648 DPRINTF(sc, IWN_DEBUG_RESET, "timing bintval=%u tstamp=%ju, init=%u\n", 5649 ni->ni_intval, le64toh(cmd.tstamp), (uint32_t)(val - mod)); 5650 5651 return iwn_cmd(sc, IWN_CMD_TIMING, &cmd, sizeof cmd, 1); 5652 } 5653 5654 static void 5655 iwn4965_power_calibration(struct iwn_softc *sc, int temp) 5656 { 5657 5658 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5659 5660 /* Adjust TX power if need be (delta >= 3 degC). */ 5661 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: temperature %d->%d\n", 5662 __func__, sc->temp, temp); 5663 if (abs(temp - sc->temp) >= 3) { 5664 /* Record temperature of last calibration. */ 5665 sc->temp = temp; 5666 (void)iwn4965_set_txpower(sc, 1); 5667 } 5668 } 5669 5670 /* 5671 * Set TX power for current channel (each rate has its own power settings). 5672 * This function takes into account the regulatory information from EEPROM, 5673 * the current temperature and the current voltage. 5674 */ 5675 static int 5676 iwn4965_set_txpower(struct iwn_softc *sc, int async) 5677 { 5678 /* Fixed-point arithmetic division using a n-bit fractional part. */ 5679 #define fdivround(a, b, n) \ 5680 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 5681 /* Linear interpolation. */ 5682 #define interpolate(x, x1, y1, x2, y2, n) \ 5683 ((y1) + fdivround(((int)(x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 5684 5685 static const int tdiv[IWN_NATTEN_GROUPS] = { 9, 8, 8, 8, 6 }; 5686 struct iwn_ucode_info *uc = &sc->ucode_info; 5687 struct iwn4965_cmd_txpower cmd; 5688 struct iwn4965_eeprom_chan_samples *chans; 5689 const uint8_t *rf_gain, *dsp_gain; 5690 int32_t vdiff, tdiff; 5691 int i, is_chan_5ghz, c, grp, maxpwr; 5692 uint8_t chan; 5693 5694 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 5695 /* Retrieve current channel from last RXON. */ 5696 chan = sc->rxon->chan; 5697 is_chan_5ghz = (sc->rxon->flags & htole32(IWN_RXON_24GHZ)) == 0; 5698 DPRINTF(sc, IWN_DEBUG_RESET, "setting TX power for channel %d\n", 5699 chan); 5700 5701 memset(&cmd, 0, sizeof cmd); 5702 cmd.band = is_chan_5ghz ? 0 : 1; 5703 cmd.chan = chan; 5704 5705 if (is_chan_5ghz) { 5706 maxpwr = sc->maxpwr5GHz; 5707 rf_gain = iwn4965_rf_gain_5ghz; 5708 dsp_gain = iwn4965_dsp_gain_5ghz; 5709 } else { 5710 maxpwr = sc->maxpwr2GHz; 5711 rf_gain = iwn4965_rf_gain_2ghz; 5712 dsp_gain = iwn4965_dsp_gain_2ghz; 5713 } 5714 5715 /* Compute voltage compensation. */ 5716 vdiff = ((int32_t)le32toh(uc->volt) - sc->eeprom_voltage) / 7; 5717 if (vdiff > 0) 5718 vdiff *= 2; 5719 if (abs(vdiff) > 2) 5720 vdiff = 0; 5721 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5722 "%s: voltage compensation=%d (UCODE=%d, EEPROM=%d)\n", 5723 __func__, vdiff, le32toh(uc->volt), sc->eeprom_voltage); 5724 5725 /* Get channel attenuation group. */ 5726 if (chan <= 20) /* 1-20 */ 5727 grp = 4; 5728 else if (chan <= 43) /* 34-43 */ 5729 grp = 0; 5730 else if (chan <= 70) /* 44-70 */ 5731 grp = 1; 5732 else if (chan <= 124) /* 71-124 */ 5733 grp = 2; 5734 else /* 125-200 */ 5735 grp = 3; 5736 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5737 "%s: chan %d, attenuation group=%d\n", __func__, chan, grp); 5738 5739 /* Get channel sub-band. */ 5740 for (i = 0; i < IWN_NBANDS; i++) 5741 if (sc->bands[i].lo != 0 && 5742 sc->bands[i].lo <= chan && chan <= sc->bands[i].hi) 5743 break; 5744 if (i == IWN_NBANDS) /* Can't happen in real-life. */ 5745 return EINVAL; 5746 chans = sc->bands[i].chans; 5747 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5748 "%s: chan %d sub-band=%d\n", __func__, chan, i); 5749 5750 for (c = 0; c < 2; c++) { 5751 uint8_t power, gain, temp; 5752 int maxchpwr, pwr, ridx, idx; 5753 5754 power = interpolate(chan, 5755 chans[0].num, chans[0].samples[c][1].power, 5756 chans[1].num, chans[1].samples[c][1].power, 1); 5757 gain = interpolate(chan, 5758 chans[0].num, chans[0].samples[c][1].gain, 5759 chans[1].num, chans[1].samples[c][1].gain, 1); 5760 temp = interpolate(chan, 5761 chans[0].num, chans[0].samples[c][1].temp, 5762 chans[1].num, chans[1].samples[c][1].temp, 1); 5763 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5764 "%s: Tx chain %d: power=%d gain=%d temp=%d\n", 5765 __func__, c, power, gain, temp); 5766 5767 /* Compute temperature compensation. */ 5768 tdiff = ((sc->temp - temp) * 2) / tdiv[grp]; 5769 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5770 "%s: temperature compensation=%d (current=%d, EEPROM=%d)\n", 5771 __func__, tdiff, sc->temp, temp); 5772 5773 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) { 5774 /* Convert dBm to half-dBm. */ 5775 maxchpwr = sc->maxpwr[chan] * 2; 5776 if ((ridx / 8) & 1) 5777 maxchpwr -= 6; /* MIMO 2T: -3dB */ 5778 5779 pwr = maxpwr; 5780 5781 /* Adjust TX power based on rate. */ 5782 if ((ridx % 8) == 5) 5783 pwr -= 15; /* OFDM48: -7.5dB */ 5784 else if ((ridx % 8) == 6) 5785 pwr -= 17; /* OFDM54: -8.5dB */ 5786 else if ((ridx % 8) == 7) 5787 pwr -= 20; /* OFDM60: -10dB */ 5788 else 5789 pwr -= 10; /* Others: -5dB */ 5790 5791 /* Do not exceed channel max TX power. */ 5792 if (pwr > maxchpwr) 5793 pwr = maxchpwr; 5794 5795 idx = gain - (pwr - power) - tdiff - vdiff; 5796 if ((ridx / 8) & 1) /* MIMO */ 5797 idx += (int32_t)le32toh(uc->atten[grp][c]); 5798 5799 if (cmd.band == 0) 5800 idx += 9; /* 5GHz */ 5801 if (ridx == IWN_RIDX_MAX) 5802 idx += 5; /* CCK */ 5803 5804 /* Make sure idx stays in a valid range. */ 5805 if (idx < 0) 5806 idx = 0; 5807 else if (idx > IWN4965_MAX_PWR_INDEX) 5808 idx = IWN4965_MAX_PWR_INDEX; 5809 5810 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5811 "%s: Tx chain %d, rate idx %d: power=%d\n", 5812 __func__, c, ridx, idx); 5813 cmd.power[ridx].rf_gain[c] = rf_gain[idx]; 5814 cmd.power[ridx].dsp_gain[c] = dsp_gain[idx]; 5815 } 5816 } 5817 5818 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5819 "%s: set tx power for chan %d\n", __func__, chan); 5820 return iwn_cmd(sc, IWN_CMD_TXPOWER, &cmd, sizeof cmd, async); 5821 5822 #undef interpolate 5823 #undef fdivround 5824 } 5825 5826 static int 5827 iwn5000_set_txpower(struct iwn_softc *sc, int async) 5828 { 5829 struct iwn5000_cmd_txpower cmd; 5830 int cmdid; 5831 5832 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5833 5834 /* 5835 * TX power calibration is handled automatically by the firmware 5836 * for 5000 Series. 5837 */ 5838 memset(&cmd, 0, sizeof cmd); 5839 cmd.global_limit = 2 * IWN5000_TXPOWER_MAX_DBM; /* 16 dBm */ 5840 cmd.flags = IWN5000_TXPOWER_NO_CLOSED; 5841 cmd.srv_limit = IWN5000_TXPOWER_AUTO; 5842 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_XMIT, 5843 "%s: setting TX power; rev=%d\n", 5844 __func__, 5845 IWN_UCODE_API(sc->ucode_rev)); 5846 if (IWN_UCODE_API(sc->ucode_rev) == 1) 5847 cmdid = IWN_CMD_TXPOWER_DBM_V1; 5848 else 5849 cmdid = IWN_CMD_TXPOWER_DBM; 5850 return iwn_cmd(sc, cmdid, &cmd, sizeof cmd, async); 5851 } 5852 5853 /* 5854 * Retrieve the maximum RSSI (in dBm) among receivers. 5855 */ 5856 static int 5857 iwn4965_get_rssi(struct iwn_softc *sc, struct iwn_rx_stat *stat) 5858 { 5859 struct iwn4965_rx_phystat *phy = (void *)stat->phybuf; 5860 uint8_t mask, agc; 5861 int rssi; 5862 5863 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5864 5865 mask = (le16toh(phy->antenna) >> 4) & IWN_ANT_ABC; 5866 agc = (le16toh(phy->agc) >> 7) & 0x7f; 5867 5868 rssi = 0; 5869 if (mask & IWN_ANT_A) 5870 rssi = MAX(rssi, phy->rssi[0]); 5871 if (mask & IWN_ANT_B) 5872 rssi = MAX(rssi, phy->rssi[2]); 5873 if (mask & IWN_ANT_C) 5874 rssi = MAX(rssi, phy->rssi[4]); 5875 5876 DPRINTF(sc, IWN_DEBUG_RECV, 5877 "%s: agc %d mask 0x%x rssi %d %d %d result %d\n", __func__, agc, 5878 mask, phy->rssi[0], phy->rssi[2], phy->rssi[4], 5879 rssi - agc - IWN_RSSI_TO_DBM); 5880 return rssi - agc - IWN_RSSI_TO_DBM; 5881 } 5882 5883 static int 5884 iwn5000_get_rssi(struct iwn_softc *sc, struct iwn_rx_stat *stat) 5885 { 5886 struct iwn5000_rx_phystat *phy = (void *)stat->phybuf; 5887 uint8_t agc; 5888 int rssi; 5889 5890 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5891 5892 agc = (le32toh(phy->agc) >> 9) & 0x7f; 5893 5894 rssi = MAX(le16toh(phy->rssi[0]) & 0xff, 5895 le16toh(phy->rssi[1]) & 0xff); 5896 rssi = MAX(le16toh(phy->rssi[2]) & 0xff, rssi); 5897 5898 DPRINTF(sc, IWN_DEBUG_RECV, 5899 "%s: agc %d rssi %d %d %d result %d\n", __func__, agc, 5900 phy->rssi[0], phy->rssi[1], phy->rssi[2], 5901 rssi - agc - IWN_RSSI_TO_DBM); 5902 return rssi - agc - IWN_RSSI_TO_DBM; 5903 } 5904 5905 /* 5906 * Retrieve the average noise (in dBm) among receivers. 5907 */ 5908 static int 5909 iwn_get_noise(const struct iwn_rx_general_stats *stats) 5910 { 5911 int i, total, nbant, noise; 5912 5913 total = nbant = 0; 5914 for (i = 0; i < 3; i++) { 5915 if ((noise = le32toh(stats->noise[i]) & 0xff) == 0) 5916 continue; 5917 total += noise; 5918 nbant++; 5919 } 5920 /* There should be at least one antenna but check anyway. */ 5921 return (nbant == 0) ? -127 : (total / nbant) - 107; 5922 } 5923 5924 /* 5925 * Compute temperature (in degC) from last received statistics. 5926 */ 5927 static int 5928 iwn4965_get_temperature(struct iwn_softc *sc) 5929 { 5930 struct iwn_ucode_info *uc = &sc->ucode_info; 5931 int32_t r1, r2, r3, r4, temp; 5932 5933 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5934 5935 r1 = le32toh(uc->temp[0].chan20MHz); 5936 r2 = le32toh(uc->temp[1].chan20MHz); 5937 r3 = le32toh(uc->temp[2].chan20MHz); 5938 r4 = le32toh(sc->rawtemp); 5939 5940 if (r1 == r3) /* Prevents division by 0 (should not happen). */ 5941 return 0; 5942 5943 /* Sign-extend 23-bit R4 value to 32-bit. */ 5944 r4 = ((r4 & 0xffffff) ^ 0x800000) - 0x800000; 5945 /* Compute temperature in Kelvin. */ 5946 temp = (259 * (r4 - r2)) / (r3 - r1); 5947 temp = (temp * 97) / 100 + 8; 5948 5949 DPRINTF(sc, IWN_DEBUG_ANY, "temperature %dK/%dC\n", temp, 5950 IWN_KTOC(temp)); 5951 return IWN_KTOC(temp); 5952 } 5953 5954 static int 5955 iwn5000_get_temperature(struct iwn_softc *sc) 5956 { 5957 int32_t temp; 5958 5959 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5960 5961 /* 5962 * Temperature is not used by the driver for 5000 Series because 5963 * TX power calibration is handled by firmware. 5964 */ 5965 temp = le32toh(sc->rawtemp); 5966 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 5967 temp = (temp / -5) + sc->temp_off; 5968 temp = IWN_KTOC(temp); 5969 } 5970 return temp; 5971 } 5972 5973 /* 5974 * Initialize sensitivity calibration state machine. 5975 */ 5976 static int 5977 iwn_init_sensitivity(struct iwn_softc *sc) 5978 { 5979 struct iwn_ops *ops = &sc->ops; 5980 struct iwn_calib_state *calib = &sc->calib; 5981 uint32_t flags; 5982 int error; 5983 5984 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5985 5986 /* Reset calibration state machine. */ 5987 memset(calib, 0, sizeof (*calib)); 5988 calib->state = IWN_CALIB_STATE_INIT; 5989 calib->cck_state = IWN_CCK_STATE_HIFA; 5990 /* Set initial correlation values. */ 5991 calib->ofdm_x1 = sc->limits->min_ofdm_x1; 5992 calib->ofdm_mrc_x1 = sc->limits->min_ofdm_mrc_x1; 5993 calib->ofdm_x4 = sc->limits->min_ofdm_x4; 5994 calib->ofdm_mrc_x4 = sc->limits->min_ofdm_mrc_x4; 5995 calib->cck_x4 = 125; 5996 calib->cck_mrc_x4 = sc->limits->min_cck_mrc_x4; 5997 calib->energy_cck = sc->limits->energy_cck; 5998 5999 /* Write initial sensitivity. */ 6000 if ((error = iwn_send_sensitivity(sc)) != 0) 6001 return error; 6002 6003 /* Write initial gains. */ 6004 if ((error = ops->init_gains(sc)) != 0) 6005 return error; 6006 6007 /* Request statistics at each beacon interval. */ 6008 flags = 0; 6009 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: sending request for statistics\n", 6010 __func__); 6011 return iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, sizeof flags, 1); 6012 } 6013 6014 /* 6015 * Collect noise and RSSI statistics for the first 20 beacons received 6016 * after association and use them to determine connected antennas and 6017 * to set differential gains. 6018 */ 6019 static void 6020 iwn_collect_noise(struct iwn_softc *sc, 6021 const struct iwn_rx_general_stats *stats) 6022 { 6023 struct iwn_ops *ops = &sc->ops; 6024 struct iwn_calib_state *calib = &sc->calib; 6025 struct ieee80211com *ic = &sc->sc_ic; 6026 uint32_t val; 6027 int i; 6028 6029 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 6030 6031 /* Accumulate RSSI and noise for all 3 antennas. */ 6032 for (i = 0; i < 3; i++) { 6033 calib->rssi[i] += le32toh(stats->rssi[i]) & 0xff; 6034 calib->noise[i] += le32toh(stats->noise[i]) & 0xff; 6035 } 6036 /* NB: We update differential gains only once after 20 beacons. */ 6037 if (++calib->nbeacons < 20) 6038 return; 6039 6040 /* Determine highest average RSSI. */ 6041 val = MAX(calib->rssi[0], calib->rssi[1]); 6042 val = MAX(calib->rssi[2], val); 6043 6044 /* Determine which antennas are connected. */ 6045 sc->chainmask = sc->rxchainmask; 6046 for (i = 0; i < 3; i++) 6047 if (val - calib->rssi[i] > 15 * 20) 6048 sc->chainmask &= ~(1 << i); 6049 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_XMIT, 6050 "%s: RX chains mask: theoretical=0x%x, actual=0x%x\n", 6051 __func__, sc->rxchainmask, sc->chainmask); 6052 6053 /* If none of the TX antennas are connected, keep at least one. */ 6054 if ((sc->chainmask & sc->txchainmask) == 0) 6055 sc->chainmask |= IWN_LSB(sc->txchainmask); 6056 6057 (void)ops->set_gains(sc); 6058 calib->state = IWN_CALIB_STATE_RUN; 6059 6060 #ifdef notyet 6061 /* XXX Disable RX chains with no antennas connected. */ 6062 sc->rxon->rxchain = htole16(IWN_RXCHAIN_SEL(sc->chainmask)); 6063 if (sc->sc_is_scanning) 6064 device_printf(sc->sc_dev, 6065 "%s: is_scanning set, before RXON\n", 6066 __func__); 6067 (void)iwn_cmd(sc, IWN_CMD_RXON, sc->rxon, sc->rxonsz, 1); 6068 #endif 6069 6070 /* Enable power-saving mode if requested by user. */ 6071 if (ic->ic_flags & IEEE80211_F_PMGTON) 6072 (void)iwn_set_pslevel(sc, 0, 3, 1); 6073 6074 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 6075 6076 } 6077 6078 static int 6079 iwn4965_init_gains(struct iwn_softc *sc) 6080 { 6081 struct iwn_phy_calib_gain cmd; 6082 6083 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 6084 6085 memset(&cmd, 0, sizeof cmd); 6086 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 6087 /* Differential gains initially set to 0 for all 3 antennas. */ 6088 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6089 "%s: setting initial differential gains\n", __func__); 6090 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 6091 } 6092 6093 static int 6094 iwn5000_init_gains(struct iwn_softc *sc) 6095 { 6096 struct iwn_phy_calib cmd; 6097 6098 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 6099 6100 memset(&cmd, 0, sizeof cmd); 6101 cmd.code = sc->reset_noise_gain; 6102 cmd.ngroups = 1; 6103 cmd.isvalid = 1; 6104 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6105 "%s: setting initial differential gains\n", __func__); 6106 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 6107 } 6108 6109 static int 6110 iwn4965_set_gains(struct iwn_softc *sc) 6111 { 6112 struct iwn_calib_state *calib = &sc->calib; 6113 struct iwn_phy_calib_gain cmd; 6114 int i, delta, noise; 6115 6116 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 6117 6118 /* Get minimal noise among connected antennas. */ 6119 noise = INT_MAX; /* NB: There's at least one antenna. */ 6120 for (i = 0; i < 3; i++) 6121 if (sc->chainmask & (1 << i)) 6122 noise = MIN(calib->noise[i], noise); 6123 6124 memset(&cmd, 0, sizeof cmd); 6125 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 6126 /* Set differential gains for connected antennas. */ 6127 for (i = 0; i < 3; i++) { 6128 if (sc->chainmask & (1 << i)) { 6129 /* Compute attenuation (in unit of 1.5dB). */ 6130 delta = (noise - (int32_t)calib->noise[i]) / 30; 6131 /* NB: delta <= 0 */ 6132 /* Limit to [-4.5dB,0]. */ 6133 cmd.gain[i] = MIN(abs(delta), 3); 6134 if (delta < 0) 6135 cmd.gain[i] |= 1 << 2; /* sign bit */ 6136 } 6137 } 6138 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6139 "setting differential gains Ant A/B/C: %x/%x/%x (%x)\n", 6140 cmd.gain[0], cmd.gain[1], cmd.gain[2], sc->chainmask); 6141 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 6142 } 6143 6144 static int 6145 iwn5000_set_gains(struct iwn_softc *sc) 6146 { 6147 struct iwn_calib_state *calib = &sc->calib; 6148 struct iwn_phy_calib_gain cmd; 6149 int i, ant, div, delta; 6150 6151 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 6152 6153 /* We collected 20 beacons and !=6050 need a 1.5 factor. */ 6154 div = (sc->hw_type == IWN_HW_REV_TYPE_6050) ? 20 : 30; 6155 6156 memset(&cmd, 0, sizeof cmd); 6157 cmd.code = sc->noise_gain; 6158 cmd.ngroups = 1; 6159 cmd.isvalid = 1; 6160 /* Get first available RX antenna as referential. */ 6161 ant = IWN_LSB(sc->rxchainmask); 6162 /* Set differential gains for other antennas. */ 6163 for (i = ant + 1; i < 3; i++) { 6164 if (sc->chainmask & (1 << i)) { 6165 /* The delta is relative to antenna "ant". */ 6166 delta = ((int32_t)calib->noise[ant] - 6167 (int32_t)calib->noise[i]) / div; 6168 /* Limit to [-4.5dB,+4.5dB]. */ 6169 cmd.gain[i - 1] = MIN(abs(delta), 3); 6170 if (delta < 0) 6171 cmd.gain[i - 1] |= 1 << 2; /* sign bit */ 6172 } 6173 } 6174 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_XMIT, 6175 "setting differential gains Ant B/C: %x/%x (%x)\n", 6176 cmd.gain[0], cmd.gain[1], sc->chainmask); 6177 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 6178 } 6179 6180 /* 6181 * Tune RF RX sensitivity based on the number of false alarms detected 6182 * during the last beacon period. 6183 */ 6184 static void 6185 iwn_tune_sensitivity(struct iwn_softc *sc, const struct iwn_rx_stats *stats) 6186 { 6187 #define inc(val, inc, max) \ 6188 if ((val) < (max)) { \ 6189 if ((val) < (max) - (inc)) \ 6190 (val) += (inc); \ 6191 else \ 6192 (val) = (max); \ 6193 needs_update = 1; \ 6194 } 6195 #define dec(val, dec, min) \ 6196 if ((val) > (min)) { \ 6197 if ((val) > (min) + (dec)) \ 6198 (val) -= (dec); \ 6199 else \ 6200 (val) = (min); \ 6201 needs_update = 1; \ 6202 } 6203 6204 const struct iwn_sensitivity_limits *limits = sc->limits; 6205 struct iwn_calib_state *calib = &sc->calib; 6206 uint32_t val, rxena, fa; 6207 uint32_t energy[3], energy_min; 6208 uint8_t noise[3], noise_ref; 6209 int i, needs_update = 0; 6210 6211 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 6212 6213 /* Check that we've been enabled long enough. */ 6214 if ((rxena = le32toh(stats->general.load)) == 0){ 6215 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end not so long\n", __func__); 6216 return; 6217 } 6218 6219 /* Compute number of false alarms since last call for OFDM. */ 6220 fa = le32toh(stats->ofdm.bad_plcp) - calib->bad_plcp_ofdm; 6221 fa += le32toh(stats->ofdm.fa) - calib->fa_ofdm; 6222 fa *= 200 * IEEE80211_DUR_TU; /* 200TU */ 6223 6224 if (fa > 50 * rxena) { 6225 /* High false alarm count, decrease sensitivity. */ 6226 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6227 "%s: OFDM high false alarm count: %u\n", __func__, fa); 6228 inc(calib->ofdm_x1, 1, limits->max_ofdm_x1); 6229 inc(calib->ofdm_mrc_x1, 1, limits->max_ofdm_mrc_x1); 6230 inc(calib->ofdm_x4, 1, limits->max_ofdm_x4); 6231 inc(calib->ofdm_mrc_x4, 1, limits->max_ofdm_mrc_x4); 6232 6233 } else if (fa < 5 * rxena) { 6234 /* Low false alarm count, increase sensitivity. */ 6235 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6236 "%s: OFDM low false alarm count: %u\n", __func__, fa); 6237 dec(calib->ofdm_x1, 1, limits->min_ofdm_x1); 6238 dec(calib->ofdm_mrc_x1, 1, limits->min_ofdm_mrc_x1); 6239 dec(calib->ofdm_x4, 1, limits->min_ofdm_x4); 6240 dec(calib->ofdm_mrc_x4, 1, limits->min_ofdm_mrc_x4); 6241 } 6242 6243 /* Compute maximum noise among 3 receivers. */ 6244 for (i = 0; i < 3; i++) 6245 noise[i] = (le32toh(stats->general.noise[i]) >> 8) & 0xff; 6246 val = MAX(noise[0], noise[1]); 6247 val = MAX(noise[2], val); 6248 /* Insert it into our samples table. */ 6249 calib->noise_samples[calib->cur_noise_sample] = val; 6250 calib->cur_noise_sample = (calib->cur_noise_sample + 1) % 20; 6251 6252 /* Compute maximum noise among last 20 samples. */ 6253 noise_ref = calib->noise_samples[0]; 6254 for (i = 1; i < 20; i++) 6255 noise_ref = MAX(noise_ref, calib->noise_samples[i]); 6256 6257 /* Compute maximum energy among 3 receivers. */ 6258 for (i = 0; i < 3; i++) 6259 energy[i] = le32toh(stats->general.energy[i]); 6260 val = MIN(energy[0], energy[1]); 6261 val = MIN(energy[2], val); 6262 /* Insert it into our samples table. */ 6263 calib->energy_samples[calib->cur_energy_sample] = val; 6264 calib->cur_energy_sample = (calib->cur_energy_sample + 1) % 10; 6265 6266 /* Compute minimum energy among last 10 samples. */ 6267 energy_min = calib->energy_samples[0]; 6268 for (i = 1; i < 10; i++) 6269 energy_min = MAX(energy_min, calib->energy_samples[i]); 6270 energy_min += 6; 6271 6272 /* Compute number of false alarms since last call for CCK. */ 6273 fa = le32toh(stats->cck.bad_plcp) - calib->bad_plcp_cck; 6274 fa += le32toh(stats->cck.fa) - calib->fa_cck; 6275 fa *= 200 * IEEE80211_DUR_TU; /* 200TU */ 6276 6277 if (fa > 50 * rxena) { 6278 /* High false alarm count, decrease sensitivity. */ 6279 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6280 "%s: CCK high false alarm count: %u\n", __func__, fa); 6281 calib->cck_state = IWN_CCK_STATE_HIFA; 6282 calib->low_fa = 0; 6283 6284 if (calib->cck_x4 > 160) { 6285 calib->noise_ref = noise_ref; 6286 if (calib->energy_cck > 2) 6287 dec(calib->energy_cck, 2, energy_min); 6288 } 6289 if (calib->cck_x4 < 160) { 6290 calib->cck_x4 = 161; 6291 needs_update = 1; 6292 } else 6293 inc(calib->cck_x4, 3, limits->max_cck_x4); 6294 6295 inc(calib->cck_mrc_x4, 3, limits->max_cck_mrc_x4); 6296 6297 } else if (fa < 5 * rxena) { 6298 /* Low false alarm count, increase sensitivity. */ 6299 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6300 "%s: CCK low false alarm count: %u\n", __func__, fa); 6301 calib->cck_state = IWN_CCK_STATE_LOFA; 6302 calib->low_fa++; 6303 6304 if (calib->cck_state != IWN_CCK_STATE_INIT && 6305 (((int32_t)calib->noise_ref - (int32_t)noise_ref) > 2 || 6306 calib->low_fa > 100)) { 6307 inc(calib->energy_cck, 2, limits->min_energy_cck); 6308 dec(calib->cck_x4, 3, limits->min_cck_x4); 6309 dec(calib->cck_mrc_x4, 3, limits->min_cck_mrc_x4); 6310 } 6311 } else { 6312 /* Not worth to increase or decrease sensitivity. */ 6313 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6314 "%s: CCK normal false alarm count: %u\n", __func__, fa); 6315 calib->low_fa = 0; 6316 calib->noise_ref = noise_ref; 6317 6318 if (calib->cck_state == IWN_CCK_STATE_HIFA) { 6319 /* Previous interval had many false alarms. */ 6320 dec(calib->energy_cck, 8, energy_min); 6321 } 6322 calib->cck_state = IWN_CCK_STATE_INIT; 6323 } 6324 6325 if (needs_update) 6326 (void)iwn_send_sensitivity(sc); 6327 6328 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 6329 6330 #undef dec 6331 #undef inc 6332 } 6333 6334 static int 6335 iwn_send_sensitivity(struct iwn_softc *sc) 6336 { 6337 struct iwn_calib_state *calib = &sc->calib; 6338 struct iwn_enhanced_sensitivity_cmd cmd; 6339 int len; 6340 6341 memset(&cmd, 0, sizeof cmd); 6342 len = sizeof (struct iwn_sensitivity_cmd); 6343 cmd.which = IWN_SENSITIVITY_WORKTBL; 6344 /* OFDM modulation. */ 6345 cmd.corr_ofdm_x1 = htole16(calib->ofdm_x1); 6346 cmd.corr_ofdm_mrc_x1 = htole16(calib->ofdm_mrc_x1); 6347 cmd.corr_ofdm_x4 = htole16(calib->ofdm_x4); 6348 cmd.corr_ofdm_mrc_x4 = htole16(calib->ofdm_mrc_x4); 6349 cmd.energy_ofdm = htole16(sc->limits->energy_ofdm); 6350 cmd.energy_ofdm_th = htole16(62); 6351 /* CCK modulation. */ 6352 cmd.corr_cck_x4 = htole16(calib->cck_x4); 6353 cmd.corr_cck_mrc_x4 = htole16(calib->cck_mrc_x4); 6354 cmd.energy_cck = htole16(calib->energy_cck); 6355 /* Barker modulation: use default values. */ 6356 cmd.corr_barker = htole16(190); 6357 cmd.corr_barker_mrc = htole16(sc->limits->barker_mrc); 6358 6359 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6360 "%s: set sensitivity %d/%d/%d/%d/%d/%d/%d\n", __func__, 6361 calib->ofdm_x1, calib->ofdm_mrc_x1, calib->ofdm_x4, 6362 calib->ofdm_mrc_x4, calib->cck_x4, 6363 calib->cck_mrc_x4, calib->energy_cck); 6364 6365 if (!(sc->sc_flags & IWN_FLAG_ENH_SENS)) 6366 goto send; 6367 /* Enhanced sensitivity settings. */ 6368 len = sizeof (struct iwn_enhanced_sensitivity_cmd); 6369 cmd.ofdm_det_slope_mrc = htole16(668); 6370 cmd.ofdm_det_icept_mrc = htole16(4); 6371 cmd.ofdm_det_slope = htole16(486); 6372 cmd.ofdm_det_icept = htole16(37); 6373 cmd.cck_det_slope_mrc = htole16(853); 6374 cmd.cck_det_icept_mrc = htole16(4); 6375 cmd.cck_det_slope = htole16(476); 6376 cmd.cck_det_icept = htole16(99); 6377 send: 6378 return iwn_cmd(sc, IWN_CMD_SET_SENSITIVITY, &cmd, len, 1); 6379 } 6380 6381 /* 6382 * Look at the increase of PLCP errors over time; if it exceeds 6383 * a programmed threshold then trigger an RF retune. 6384 */ 6385 static void 6386 iwn_check_rx_recovery(struct iwn_softc *sc, struct iwn_stats *rs) 6387 { 6388 int32_t delta_ofdm, delta_ht, delta_cck; 6389 struct iwn_calib_state *calib = &sc->calib; 6390 int delta_ticks, cur_ticks; 6391 int delta_msec; 6392 int thresh; 6393 6394 /* 6395 * Calculate the difference between the current and 6396 * previous statistics. 6397 */ 6398 delta_cck = le32toh(rs->rx.cck.bad_plcp) - calib->bad_plcp_cck; 6399 delta_ofdm = le32toh(rs->rx.ofdm.bad_plcp) - calib->bad_plcp_ofdm; 6400 delta_ht = le32toh(rs->rx.ht.bad_plcp) - calib->bad_plcp_ht; 6401 6402 /* 6403 * Calculate the delta in time between successive statistics 6404 * messages. Yes, it can roll over; so we make sure that 6405 * this doesn't happen. 6406 * 6407 * XXX go figure out what to do about rollover 6408 * XXX go figure out what to do if ticks rolls over to -ve instead! 6409 * XXX go stab signed integer overflow undefined-ness in the face. 6410 */ 6411 cur_ticks = ticks; 6412 delta_ticks = cur_ticks - sc->last_calib_ticks; 6413 6414 /* 6415 * If any are negative, then the firmware likely reset; so just 6416 * bail. We'll pick this up next time. 6417 */ 6418 if (delta_cck < 0 || delta_ofdm < 0 || delta_ht < 0 || delta_ticks < 0) 6419 return; 6420 6421 /* 6422 * delta_ticks is in ticks; we need to convert it up to milliseconds 6423 * so we can do some useful math with it. 6424 */ 6425 delta_msec = ticks_to_msecs(delta_ticks); 6426 6427 /* 6428 * Calculate what our threshold is given the current delta_msec. 6429 */ 6430 thresh = sc->base_params->plcp_err_threshold * delta_msec; 6431 6432 DPRINTF(sc, IWN_DEBUG_STATE, 6433 "%s: time delta: %d; cck=%d, ofdm=%d, ht=%d, total=%d, thresh=%d\n", 6434 __func__, 6435 delta_msec, 6436 delta_cck, 6437 delta_ofdm, 6438 delta_ht, 6439 (delta_msec + delta_cck + delta_ofdm + delta_ht), 6440 thresh); 6441 6442 /* 6443 * If we need a retune, then schedule a single channel scan 6444 * to a channel that isn't the currently active one! 6445 * 6446 * The math from linux iwlwifi: 6447 * 6448 * if ((delta * 100 / msecs) > threshold) 6449 */ 6450 if (thresh > 0 && (delta_cck + delta_ofdm + delta_ht) * 100 > thresh) { 6451 DPRINTF(sc, IWN_DEBUG_ANY, 6452 "%s: PLCP error threshold raw (%d) comparison (%d) " 6453 "over limit (%d); retune!\n", 6454 __func__, 6455 (delta_cck + delta_ofdm + delta_ht), 6456 (delta_cck + delta_ofdm + delta_ht) * 100, 6457 thresh); 6458 } 6459 } 6460 6461 /* 6462 * Set STA mode power saving level (between 0 and 5). 6463 * Level 0 is CAM (Continuously Aware Mode), 5 is for maximum power saving. 6464 */ 6465 static int 6466 iwn_set_pslevel(struct iwn_softc *sc, int dtim, int level, int async) 6467 { 6468 struct iwn_pmgt_cmd cmd; 6469 const struct iwn_pmgt *pmgt; 6470 uint32_t max, skip_dtim; 6471 uint32_t reg; 6472 int i; 6473 6474 DPRINTF(sc, IWN_DEBUG_PWRSAVE, 6475 "%s: dtim=%d, level=%d, async=%d\n", 6476 __func__, 6477 dtim, 6478 level, 6479 async); 6480 6481 /* Select which PS parameters to use. */ 6482 if (dtim <= 2) 6483 pmgt = &iwn_pmgt[0][level]; 6484 else if (dtim <= 10) 6485 pmgt = &iwn_pmgt[1][level]; 6486 else 6487 pmgt = &iwn_pmgt[2][level]; 6488 6489 memset(&cmd, 0, sizeof cmd); 6490 if (level != 0) /* not CAM */ 6491 cmd.flags |= htole16(IWN_PS_ALLOW_SLEEP); 6492 if (level == 5) 6493 cmd.flags |= htole16(IWN_PS_FAST_PD); 6494 /* Retrieve PCIe Active State Power Management (ASPM). */ 6495 reg = pci_read_config(sc->sc_dev, sc->sc_cap_off + PCIER_LINK_CTL, 4); 6496 if (!(reg & PCIEM_LINK_CTL_ASPMC_L0S)) /* L0s Entry disabled. */ 6497 cmd.flags |= htole16(IWN_PS_PCI_PMGT); 6498 cmd.rxtimeout = htole32(pmgt->rxtimeout * 1024); 6499 cmd.txtimeout = htole32(pmgt->txtimeout * 1024); 6500 6501 if (dtim == 0) { 6502 dtim = 1; 6503 skip_dtim = 0; 6504 } else 6505 skip_dtim = pmgt->skip_dtim; 6506 if (skip_dtim != 0) { 6507 cmd.flags |= htole16(IWN_PS_SLEEP_OVER_DTIM); 6508 max = pmgt->intval[4]; 6509 if (max == (uint32_t)-1) 6510 max = dtim * (skip_dtim + 1); 6511 else if (max > dtim) 6512 max = rounddown(max, dtim); 6513 } else 6514 max = dtim; 6515 for (i = 0; i < 5; i++) 6516 cmd.intval[i] = htole32(MIN(max, pmgt->intval[i])); 6517 6518 DPRINTF(sc, IWN_DEBUG_RESET, "setting power saving level to %d\n", 6519 level); 6520 return iwn_cmd(sc, IWN_CMD_SET_POWER_MODE, &cmd, sizeof cmd, async); 6521 } 6522 6523 static int 6524 iwn_send_btcoex(struct iwn_softc *sc) 6525 { 6526 struct iwn_bluetooth cmd; 6527 6528 memset(&cmd, 0, sizeof cmd); 6529 cmd.flags = IWN_BT_COEX_CHAN_ANN | IWN_BT_COEX_BT_PRIO; 6530 cmd.lead_time = IWN_BT_LEAD_TIME_DEF; 6531 cmd.max_kill = IWN_BT_MAX_KILL_DEF; 6532 DPRINTF(sc, IWN_DEBUG_RESET, "%s: configuring bluetooth coexistence\n", 6533 __func__); 6534 return iwn_cmd(sc, IWN_CMD_BT_COEX, &cmd, sizeof(cmd), 0); 6535 } 6536 6537 static int 6538 iwn_send_advanced_btcoex(struct iwn_softc *sc) 6539 { 6540 static const uint32_t btcoex_3wire[12] = { 6541 0xaaaaaaaa, 0xaaaaaaaa, 0xaeaaaaaa, 0xaaaaaaaa, 6542 0xcc00ff28, 0x0000aaaa, 0xcc00aaaa, 0x0000aaaa, 6543 0xc0004000, 0x00004000, 0xf0005000, 0xf0005000, 6544 }; 6545 struct iwn6000_btcoex_config btconfig; 6546 struct iwn2000_btcoex_config btconfig2k; 6547 struct iwn_btcoex_priotable btprio; 6548 struct iwn_btcoex_prot btprot; 6549 int error, i; 6550 uint8_t flags; 6551 6552 memset(&btconfig, 0, sizeof btconfig); 6553 memset(&btconfig2k, 0, sizeof btconfig2k); 6554 6555 flags = IWN_BT_FLAG_COEX6000_MODE_3W << 6556 IWN_BT_FLAG_COEX6000_MODE_SHIFT; // Done as is in linux kernel 3.2 6557 6558 if (sc->base_params->bt_sco_disable) 6559 flags &= ~IWN_BT_FLAG_SYNC_2_BT_DISABLE; 6560 else 6561 flags |= IWN_BT_FLAG_SYNC_2_BT_DISABLE; 6562 6563 flags |= IWN_BT_FLAG_COEX6000_CHAN_INHIBITION; 6564 6565 /* Default flags result is 145 as old value */ 6566 6567 /* 6568 * Flags value has to be review. Values must change if we 6569 * which to disable it 6570 */ 6571 if (sc->base_params->bt_session_2) { 6572 btconfig2k.flags = flags; 6573 btconfig2k.max_kill = 5; 6574 btconfig2k.bt3_t7_timer = 1; 6575 btconfig2k.kill_ack = htole32(0xffff0000); 6576 btconfig2k.kill_cts = htole32(0xffff0000); 6577 btconfig2k.sample_time = 2; 6578 btconfig2k.bt3_t2_timer = 0xc; 6579 6580 for (i = 0; i < 12; i++) 6581 btconfig2k.lookup_table[i] = htole32(btcoex_3wire[i]); 6582 btconfig2k.valid = htole16(0xff); 6583 btconfig2k.prio_boost = htole32(0xf0); 6584 DPRINTF(sc, IWN_DEBUG_RESET, 6585 "%s: configuring advanced bluetooth coexistence" 6586 " session 2, flags : 0x%x\n", 6587 __func__, 6588 flags); 6589 error = iwn_cmd(sc, IWN_CMD_BT_COEX, &btconfig2k, 6590 sizeof(btconfig2k), 1); 6591 } else { 6592 btconfig.flags = flags; 6593 btconfig.max_kill = 5; 6594 btconfig.bt3_t7_timer = 1; 6595 btconfig.kill_ack = htole32(0xffff0000); 6596 btconfig.kill_cts = htole32(0xffff0000); 6597 btconfig.sample_time = 2; 6598 btconfig.bt3_t2_timer = 0xc; 6599 6600 for (i = 0; i < 12; i++) 6601 btconfig.lookup_table[i] = htole32(btcoex_3wire[i]); 6602 btconfig.valid = htole16(0xff); 6603 btconfig.prio_boost = 0xf0; 6604 DPRINTF(sc, IWN_DEBUG_RESET, 6605 "%s: configuring advanced bluetooth coexistence," 6606 " flags : 0x%x\n", 6607 __func__, 6608 flags); 6609 error = iwn_cmd(sc, IWN_CMD_BT_COEX, &btconfig, 6610 sizeof(btconfig), 1); 6611 } 6612 6613 if (error != 0) 6614 return error; 6615 6616 memset(&btprio, 0, sizeof btprio); 6617 btprio.calib_init1 = 0x6; 6618 btprio.calib_init2 = 0x7; 6619 btprio.calib_periodic_low1 = 0x2; 6620 btprio.calib_periodic_low2 = 0x3; 6621 btprio.calib_periodic_high1 = 0x4; 6622 btprio.calib_periodic_high2 = 0x5; 6623 btprio.dtim = 0x6; 6624 btprio.scan52 = 0x8; 6625 btprio.scan24 = 0xa; 6626 error = iwn_cmd(sc, IWN_CMD_BT_COEX_PRIOTABLE, &btprio, sizeof(btprio), 6627 1); 6628 if (error != 0) 6629 return error; 6630 6631 /* Force BT state machine change. */ 6632 memset(&btprot, 0, sizeof btprot); 6633 btprot.open = 1; 6634 btprot.type = 1; 6635 error = iwn_cmd(sc, IWN_CMD_BT_COEX_PROT, &btprot, sizeof(btprot), 1); 6636 if (error != 0) 6637 return error; 6638 btprot.open = 0; 6639 return iwn_cmd(sc, IWN_CMD_BT_COEX_PROT, &btprot, sizeof(btprot), 1); 6640 } 6641 6642 static int 6643 iwn5000_runtime_calib(struct iwn_softc *sc) 6644 { 6645 struct iwn5000_calib_config cmd; 6646 6647 memset(&cmd, 0, sizeof cmd); 6648 cmd.ucode.once.enable = 0xffffffff; 6649 cmd.ucode.once.start = IWN5000_CALIB_DC; 6650 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6651 "%s: configuring runtime calibration\n", __func__); 6652 return iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof(cmd), 0); 6653 } 6654 6655 static uint32_t 6656 iwn_get_rxon_ht_flags(struct iwn_softc *sc, struct ieee80211vap *vap, 6657 struct ieee80211_channel *c) 6658 { 6659 uint32_t htflags = 0; 6660 6661 if (! IEEE80211_IS_CHAN_HT(c)) 6662 return (0); 6663 6664 htflags |= IWN_RXON_HT_PROTMODE(vap->iv_curhtprotmode); 6665 6666 if (IEEE80211_IS_CHAN_HT40(c)) { 6667 switch (vap->iv_curhtprotmode) { 6668 case IEEE80211_HTINFO_OPMODE_HT20PR: 6669 htflags |= IWN_RXON_HT_MODEPURE40; 6670 break; 6671 default: 6672 htflags |= IWN_RXON_HT_MODEMIXED; 6673 break; 6674 } 6675 } 6676 if (IEEE80211_IS_CHAN_HT40D(c)) 6677 htflags |= IWN_RXON_HT_HT40MINUS; 6678 6679 return (htflags); 6680 } 6681 6682 static int 6683 iwn_check_bss_filter(struct iwn_softc *sc) 6684 { 6685 return ((sc->rxon->filter & htole32(IWN_FILTER_BSS)) != 0); 6686 } 6687 6688 static int 6689 iwn4965_rxon_assoc(struct iwn_softc *sc, int async) 6690 { 6691 struct iwn4965_rxon_assoc cmd; 6692 struct iwn_rxon *rxon = sc->rxon; 6693 6694 cmd.flags = rxon->flags; 6695 cmd.filter = rxon->filter; 6696 cmd.ofdm_mask = rxon->ofdm_mask; 6697 cmd.cck_mask = rxon->cck_mask; 6698 cmd.ht_single_mask = rxon->ht_single_mask; 6699 cmd.ht_dual_mask = rxon->ht_dual_mask; 6700 cmd.rxchain = rxon->rxchain; 6701 cmd.reserved = 0; 6702 6703 return (iwn_cmd(sc, IWN_CMD_RXON_ASSOC, &cmd, sizeof(cmd), async)); 6704 } 6705 6706 static int 6707 iwn5000_rxon_assoc(struct iwn_softc *sc, int async) 6708 { 6709 struct iwn5000_rxon_assoc cmd; 6710 struct iwn_rxon *rxon = sc->rxon; 6711 6712 cmd.flags = rxon->flags; 6713 cmd.filter = rxon->filter; 6714 cmd.ofdm_mask = rxon->ofdm_mask; 6715 cmd.cck_mask = rxon->cck_mask; 6716 cmd.reserved1 = 0; 6717 cmd.ht_single_mask = rxon->ht_single_mask; 6718 cmd.ht_dual_mask = rxon->ht_dual_mask; 6719 cmd.ht_triple_mask = rxon->ht_triple_mask; 6720 cmd.reserved2 = 0; 6721 cmd.rxchain = rxon->rxchain; 6722 cmd.acquisition = rxon->acquisition; 6723 cmd.reserved3 = 0; 6724 6725 return (iwn_cmd(sc, IWN_CMD_RXON_ASSOC, &cmd, sizeof(cmd), async)); 6726 } 6727 6728 static int 6729 iwn_send_rxon(struct iwn_softc *sc, int assoc, int async) 6730 { 6731 struct iwn_ops *ops = &sc->ops; 6732 int error; 6733 6734 IWN_LOCK_ASSERT(sc); 6735 6736 if (assoc && iwn_check_bss_filter(sc) != 0) { 6737 error = ops->rxon_assoc(sc, async); 6738 if (error != 0) { 6739 device_printf(sc->sc_dev, 6740 "%s: RXON_ASSOC command failed, error %d\n", 6741 __func__, error); 6742 return (error); 6743 } 6744 } else { 6745 if (sc->sc_is_scanning) 6746 device_printf(sc->sc_dev, 6747 "%s: is_scanning set, before RXON\n", 6748 __func__); 6749 6750 error = iwn_cmd(sc, IWN_CMD_RXON, sc->rxon, sc->rxonsz, async); 6751 if (error != 0) { 6752 device_printf(sc->sc_dev, 6753 "%s: RXON command failed, error %d\n", 6754 __func__, error); 6755 return (error); 6756 } 6757 6758 /* 6759 * Reconfiguring RXON clears the firmware nodes table so 6760 * we must add the broadcast node again. 6761 */ 6762 if (iwn_check_bss_filter(sc) == 0 && 6763 (error = iwn_add_broadcast_node(sc, async)) != 0) { 6764 device_printf(sc->sc_dev, 6765 "%s: could not add broadcast node, error %d\n", 6766 __func__, error); 6767 return (error); 6768 } 6769 } 6770 6771 /* Configuration has changed, set TX power accordingly. */ 6772 if ((error = ops->set_txpower(sc, async)) != 0) { 6773 device_printf(sc->sc_dev, 6774 "%s: could not set TX power, error %d\n", 6775 __func__, error); 6776 return (error); 6777 } 6778 6779 return (0); 6780 } 6781 6782 static int 6783 iwn_config(struct iwn_softc *sc) 6784 { 6785 struct ieee80211com *ic = &sc->sc_ic; 6786 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 6787 const uint8_t *macaddr; 6788 uint32_t txmask; 6789 uint16_t rxchain; 6790 int error; 6791 6792 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 6793 6794 if ((sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSET) 6795 && (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2)) { 6796 device_printf(sc->sc_dev,"%s: temp_offset and temp_offsetv2 are" 6797 " exclusive each together. Review NIC config file. Conf" 6798 " : 0x%08x Flags : 0x%08x \n", __func__, 6799 sc->base_params->calib_need, 6800 (IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSET | 6801 IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2)); 6802 return (EINVAL); 6803 } 6804 6805 /* Compute temperature calib if needed. Will be send by send calib */ 6806 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSET) { 6807 error = iwn5000_temp_offset_calib(sc); 6808 if (error != 0) { 6809 device_printf(sc->sc_dev, 6810 "%s: could not set temperature offset\n", __func__); 6811 return (error); 6812 } 6813 } else if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2) { 6814 error = iwn5000_temp_offset_calibv2(sc); 6815 if (error != 0) { 6816 device_printf(sc->sc_dev, 6817 "%s: could not compute temperature offset v2\n", 6818 __func__); 6819 return (error); 6820 } 6821 } 6822 6823 if (sc->hw_type == IWN_HW_REV_TYPE_6050) { 6824 /* Configure runtime DC calibration. */ 6825 error = iwn5000_runtime_calib(sc); 6826 if (error != 0) { 6827 device_printf(sc->sc_dev, 6828 "%s: could not configure runtime calibration\n", 6829 __func__); 6830 return error; 6831 } 6832 } 6833 6834 /* Configure valid TX chains for >=5000 Series. */ 6835 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 6836 IWN_UCODE_API(sc->ucode_rev) > 1) { 6837 txmask = htole32(sc->txchainmask); 6838 DPRINTF(sc, IWN_DEBUG_RESET | IWN_DEBUG_XMIT, 6839 "%s: configuring valid TX chains 0x%x\n", __func__, txmask); 6840 error = iwn_cmd(sc, IWN5000_CMD_TX_ANT_CONFIG, &txmask, 6841 sizeof txmask, 0); 6842 if (error != 0) { 6843 device_printf(sc->sc_dev, 6844 "%s: could not configure valid TX chains, " 6845 "error %d\n", __func__, error); 6846 return error; 6847 } 6848 } 6849 6850 /* Configure bluetooth coexistence. */ 6851 error = 0; 6852 6853 /* Configure bluetooth coexistence if needed. */ 6854 if (sc->base_params->bt_mode == IWN_BT_ADVANCED) 6855 error = iwn_send_advanced_btcoex(sc); 6856 if (sc->base_params->bt_mode == IWN_BT_SIMPLE) 6857 error = iwn_send_btcoex(sc); 6858 6859 if (error != 0) { 6860 device_printf(sc->sc_dev, 6861 "%s: could not configure bluetooth coexistence, error %d\n", 6862 __func__, error); 6863 return error; 6864 } 6865 6866 /* Set mode, channel, RX filter and enable RX. */ 6867 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 6868 memset(sc->rxon, 0, sizeof (struct iwn_rxon)); 6869 macaddr = vap ? vap->iv_myaddr : ic->ic_macaddr; 6870 IEEE80211_ADDR_COPY(sc->rxon->myaddr, macaddr); 6871 IEEE80211_ADDR_COPY(sc->rxon->wlap, macaddr); 6872 sc->rxon->chan = ieee80211_chan2ieee(ic, ic->ic_curchan); 6873 sc->rxon->flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 6874 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) 6875 sc->rxon->flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 6876 6877 sc->rxon->filter = htole32(IWN_FILTER_MULTICAST); 6878 switch (ic->ic_opmode) { 6879 case IEEE80211_M_STA: 6880 sc->rxon->mode = IWN_MODE_STA; 6881 break; 6882 case IEEE80211_M_MONITOR: 6883 sc->rxon->mode = IWN_MODE_MONITOR; 6884 break; 6885 default: 6886 /* Should not get there. */ 6887 break; 6888 } 6889 iwn_set_promisc(sc); 6890 sc->rxon->cck_mask = 0x0f; /* not yet negotiated */ 6891 sc->rxon->ofdm_mask = 0xff; /* not yet negotiated */ 6892 sc->rxon->ht_single_mask = 0xff; 6893 sc->rxon->ht_dual_mask = 0xff; 6894 sc->rxon->ht_triple_mask = 0xff; 6895 /* 6896 * In active association mode, ensure that 6897 * all the receive chains are enabled. 6898 * 6899 * Since we're not yet doing SMPS, don't allow the 6900 * number of idle RX chains to be less than the active 6901 * number. 6902 */ 6903 rxchain = 6904 IWN_RXCHAIN_VALID(sc->rxchainmask) | 6905 IWN_RXCHAIN_MIMO_COUNT(sc->nrxchains) | 6906 IWN_RXCHAIN_IDLE_COUNT(sc->nrxchains); 6907 sc->rxon->rxchain = htole16(rxchain); 6908 DPRINTF(sc, IWN_DEBUG_RESET | IWN_DEBUG_XMIT, 6909 "%s: rxchainmask=0x%x, nrxchains=%d\n", 6910 __func__, 6911 sc->rxchainmask, 6912 sc->nrxchains); 6913 6914 sc->rxon->flags |= htole32(iwn_get_rxon_ht_flags(sc, vap, ic->ic_curchan)); 6915 6916 DPRINTF(sc, IWN_DEBUG_RESET, 6917 "%s: setting configuration; flags=0x%08x\n", 6918 __func__, le32toh(sc->rxon->flags)); 6919 if ((error = iwn_send_rxon(sc, 0, 0)) != 0) { 6920 device_printf(sc->sc_dev, "%s: could not send RXON\n", 6921 __func__); 6922 return error; 6923 } 6924 6925 if ((error = iwn_set_critical_temp(sc)) != 0) { 6926 device_printf(sc->sc_dev, 6927 "%s: could not set critical temperature\n", __func__); 6928 return error; 6929 } 6930 6931 /* Set power saving level to CAM during initialization. */ 6932 if ((error = iwn_set_pslevel(sc, 0, 0, 0)) != 0) { 6933 device_printf(sc->sc_dev, 6934 "%s: could not set power saving level\n", __func__); 6935 return error; 6936 } 6937 6938 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 6939 6940 return 0; 6941 } 6942 6943 static uint16_t 6944 iwn_get_active_dwell_time(struct iwn_softc *sc, 6945 struct ieee80211_channel *c, uint8_t n_probes) 6946 { 6947 /* No channel? Default to 2GHz settings */ 6948 if (c == NULL || IEEE80211_IS_CHAN_2GHZ(c)) { 6949 return (IWN_ACTIVE_DWELL_TIME_2GHZ + 6950 IWN_ACTIVE_DWELL_FACTOR_2GHZ * (n_probes + 1)); 6951 } 6952 6953 /* 5GHz dwell time */ 6954 return (IWN_ACTIVE_DWELL_TIME_5GHZ + 6955 IWN_ACTIVE_DWELL_FACTOR_5GHZ * (n_probes + 1)); 6956 } 6957 6958 /* 6959 * Limit the total dwell time to 85% of the beacon interval. 6960 * 6961 * Returns the dwell time in milliseconds. 6962 */ 6963 static uint16_t 6964 iwn_limit_dwell(struct iwn_softc *sc, uint16_t dwell_time) 6965 { 6966 struct ieee80211com *ic = &sc->sc_ic; 6967 struct ieee80211vap *vap = NULL; 6968 int bintval = 0; 6969 6970 /* bintval is in TU (1.024mS) */ 6971 if (! TAILQ_EMPTY(&ic->ic_vaps)) { 6972 vap = TAILQ_FIRST(&ic->ic_vaps); 6973 bintval = vap->iv_bss->ni_intval; 6974 } 6975 6976 /* 6977 * If it's non-zero, we should calculate the minimum of 6978 * it and the DWELL_BASE. 6979 * 6980 * XXX Yes, the math should take into account that bintval 6981 * is 1.024mS, not 1mS.. 6982 */ 6983 if (bintval > 0) { 6984 DPRINTF(sc, IWN_DEBUG_SCAN, 6985 "%s: bintval=%d\n", 6986 __func__, 6987 bintval); 6988 return (MIN(IWN_PASSIVE_DWELL_BASE, ((bintval * 85) / 100))); 6989 } 6990 6991 /* No association context? Default */ 6992 return (IWN_PASSIVE_DWELL_BASE); 6993 } 6994 6995 static uint16_t 6996 iwn_get_passive_dwell_time(struct iwn_softc *sc, struct ieee80211_channel *c) 6997 { 6998 uint16_t passive; 6999 7000 if (c == NULL || IEEE80211_IS_CHAN_2GHZ(c)) { 7001 passive = IWN_PASSIVE_DWELL_BASE + IWN_PASSIVE_DWELL_TIME_2GHZ; 7002 } else { 7003 passive = IWN_PASSIVE_DWELL_BASE + IWN_PASSIVE_DWELL_TIME_5GHZ; 7004 } 7005 7006 /* Clamp to the beacon interval if we're associated */ 7007 return (iwn_limit_dwell(sc, passive)); 7008 } 7009 7010 static int 7011 iwn_scan(struct iwn_softc *sc, struct ieee80211vap *vap, 7012 struct ieee80211_scan_state *ss, struct ieee80211_channel *c) 7013 { 7014 struct ieee80211com *ic = &sc->sc_ic; 7015 struct ieee80211_node *ni = vap->iv_bss; 7016 struct iwn_scan_hdr *hdr; 7017 struct iwn_cmd_data *tx; 7018 struct iwn_scan_essid *essid; 7019 struct iwn_scan_chan *chan; 7020 struct ieee80211_frame *wh; 7021 struct ieee80211_rateset *rs; 7022 uint8_t *buf, *frm; 7023 uint16_t rxchain; 7024 uint8_t txant; 7025 int buflen, error; 7026 int is_active; 7027 uint16_t dwell_active, dwell_passive; 7028 uint32_t scan_service_time; 7029 7030 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7031 7032 /* 7033 * We are absolutely not allowed to send a scan command when another 7034 * scan command is pending. 7035 */ 7036 if (sc->sc_is_scanning) { 7037 device_printf(sc->sc_dev, "%s: called whilst scanning!\n", 7038 __func__); 7039 return (EAGAIN); 7040 } 7041 7042 /* Assign the scan channel */ 7043 c = ic->ic_curchan; 7044 7045 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 7046 buf = malloc(IWN_SCAN_MAXSZ, M_DEVBUF, M_NOWAIT | M_ZERO); 7047 if (buf == NULL) { 7048 device_printf(sc->sc_dev, 7049 "%s: could not allocate buffer for scan command\n", 7050 __func__); 7051 return ENOMEM; 7052 } 7053 hdr = (struct iwn_scan_hdr *)buf; 7054 /* 7055 * Move to the next channel if no frames are received within 10ms 7056 * after sending the probe request. 7057 */ 7058 hdr->quiet_time = htole16(10); /* timeout in milliseconds */ 7059 hdr->quiet_threshold = htole16(1); /* min # of packets */ 7060 /* 7061 * Max needs to be greater than active and passive and quiet! 7062 * It's also in microseconds! 7063 */ 7064 hdr->max_svc = htole32(250 * 1024); 7065 7066 /* 7067 * Reset scan: interval=100 7068 * Normal scan: interval=becaon interval 7069 * suspend_time: 100 (TU) 7070 * 7071 */ 7072 #if 0 7073 extra = (100 /* suspend_time */ / 100 /* beacon interval */) << 22; 7074 scan_service_time = extra | ((100 /* susp */ % 100 /* int */) * 1024); 7075 #else 7076 scan_service_time = (4 << 22) | (100 * 1024); /* Hardcode for now! */ 7077 #endif 7078 hdr->pause_svc = htole32(scan_service_time); 7079 7080 /* Select antennas for scanning. */ 7081 rxchain = 7082 IWN_RXCHAIN_VALID(sc->rxchainmask) | 7083 IWN_RXCHAIN_FORCE_MIMO_SEL(sc->rxchainmask) | 7084 IWN_RXCHAIN_DRIVER_FORCE; 7085 if (IEEE80211_IS_CHAN_A(c) && 7086 sc->hw_type == IWN_HW_REV_TYPE_4965) { 7087 /* Ant A must be avoided in 5GHz because of an HW bug. */ 7088 rxchain |= IWN_RXCHAIN_FORCE_SEL(IWN_ANT_B); 7089 } else /* Use all available RX antennas. */ 7090 rxchain |= IWN_RXCHAIN_FORCE_SEL(sc->rxchainmask); 7091 hdr->rxchain = htole16(rxchain); 7092 hdr->filter = htole32(IWN_FILTER_MULTICAST | IWN_FILTER_BEACON); 7093 7094 tx = (struct iwn_cmd_data *)(hdr + 1); 7095 tx->flags = htole32(IWN_TX_AUTO_SEQ); 7096 tx->id = sc->broadcast_id; 7097 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 7098 7099 if (IEEE80211_IS_CHAN_5GHZ(c)) { 7100 /* Send probe requests at 6Mbps. */ 7101 tx->rate = htole32(0xd); 7102 rs = &ic->ic_sup_rates[IEEE80211_MODE_11A]; 7103 } else { 7104 hdr->flags = htole32(IWN_RXON_24GHZ | IWN_RXON_AUTO); 7105 if (sc->hw_type == IWN_HW_REV_TYPE_4965 && 7106 sc->rxon->associd && sc->rxon->chan > 14) 7107 tx->rate = htole32(0xd); 7108 else { 7109 /* Send probe requests at 1Mbps. */ 7110 tx->rate = htole32(10 | IWN_RFLAG_CCK); 7111 } 7112 rs = &ic->ic_sup_rates[IEEE80211_MODE_11G]; 7113 } 7114 /* Use the first valid TX antenna. */ 7115 txant = IWN_LSB(sc->txchainmask); 7116 tx->rate |= htole32(IWN_RFLAG_ANT(txant)); 7117 7118 /* 7119 * Only do active scanning if we're announcing a probe request 7120 * for a given SSID (or more, if we ever add it to the driver.) 7121 */ 7122 is_active = 0; 7123 7124 /* 7125 * If we're scanning for a specific SSID, add it to the command. 7126 * 7127 * XXX maybe look at adding support for scanning multiple SSIDs? 7128 */ 7129 essid = (struct iwn_scan_essid *)(tx + 1); 7130 if (ss != NULL) { 7131 if (ss->ss_ssid[0].len != 0) { 7132 essid[0].id = IEEE80211_ELEMID_SSID; 7133 essid[0].len = ss->ss_ssid[0].len; 7134 memcpy(essid[0].data, ss->ss_ssid[0].ssid, ss->ss_ssid[0].len); 7135 } 7136 7137 DPRINTF(sc, IWN_DEBUG_SCAN, "%s: ssid_len=%d, ssid=%*s\n", 7138 __func__, 7139 ss->ss_ssid[0].len, 7140 ss->ss_ssid[0].len, 7141 ss->ss_ssid[0].ssid); 7142 7143 if (ss->ss_nssid > 0) 7144 is_active = 1; 7145 } 7146 7147 /* 7148 * Build a probe request frame. Most of the following code is a 7149 * copy & paste of what is done in net80211. 7150 */ 7151 wh = (struct ieee80211_frame *)(essid + 20); 7152 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 7153 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 7154 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 7155 IEEE80211_ADDR_COPY(wh->i_addr1, vap->iv_ifp->if_broadcastaddr); 7156 IEEE80211_ADDR_COPY(wh->i_addr2, IF_LLADDR(vap->iv_ifp)); 7157 IEEE80211_ADDR_COPY(wh->i_addr3, vap->iv_ifp->if_broadcastaddr); 7158 *(uint16_t *)&wh->i_dur[0] = 0; /* filled by HW */ 7159 *(uint16_t *)&wh->i_seq[0] = 0; /* filled by HW */ 7160 7161 frm = (uint8_t *)(wh + 1); 7162 frm = ieee80211_add_ssid(frm, NULL, 0); 7163 frm = ieee80211_add_rates(frm, rs); 7164 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 7165 frm = ieee80211_add_xrates(frm, rs); 7166 if (ic->ic_htcaps & IEEE80211_HTC_HT) 7167 frm = ieee80211_add_htcap(frm, ni); 7168 7169 /* Set length of probe request. */ 7170 tx->len = htole16(frm - (uint8_t *)wh); 7171 7172 /* 7173 * If active scanning is requested but a certain channel is 7174 * marked passive, we can do active scanning if we detect 7175 * transmissions. 7176 * 7177 * There is an issue with some firmware versions that triggers 7178 * a sysassert on a "good CRC threshold" of zero (== disabled), 7179 * on a radar channel even though this means that we should NOT 7180 * send probes. 7181 * 7182 * The "good CRC threshold" is the number of frames that we 7183 * need to receive during our dwell time on a channel before 7184 * sending out probes -- setting this to a huge value will 7185 * mean we never reach it, but at the same time work around 7186 * the aforementioned issue. Thus use IWL_GOOD_CRC_TH_NEVER 7187 * here instead of IWL_GOOD_CRC_TH_DISABLED. 7188 * 7189 * This was fixed in later versions along with some other 7190 * scan changes, and the threshold behaves as a flag in those 7191 * versions. 7192 */ 7193 7194 /* 7195 * If we're doing active scanning, set the crc_threshold 7196 * to a suitable value. This is different to active veruss 7197 * passive scanning depending upon the channel flags; the 7198 * firmware will obey that particular check for us. 7199 */ 7200 if (sc->tlv_feature_flags & IWN_UCODE_TLV_FLAGS_NEWSCAN) 7201 hdr->crc_threshold = is_active ? 7202 IWN_GOOD_CRC_TH_DEFAULT : IWN_GOOD_CRC_TH_DISABLED; 7203 else 7204 hdr->crc_threshold = is_active ? 7205 IWN_GOOD_CRC_TH_DEFAULT : IWN_GOOD_CRC_TH_NEVER; 7206 7207 chan = (struct iwn_scan_chan *)frm; 7208 chan->chan = htole16(ieee80211_chan2ieee(ic, c)); 7209 chan->flags = 0; 7210 if (ss->ss_nssid > 0) 7211 chan->flags |= htole32(IWN_CHAN_NPBREQS(1)); 7212 chan->dsp_gain = 0x6e; 7213 7214 /* 7215 * Set the passive/active flag depending upon the channel mode. 7216 * XXX TODO: take the is_active flag into account as well? 7217 */ 7218 if (c->ic_flags & IEEE80211_CHAN_PASSIVE) 7219 chan->flags |= htole32(IWN_CHAN_PASSIVE); 7220 else 7221 chan->flags |= htole32(IWN_CHAN_ACTIVE); 7222 7223 /* 7224 * Calculate the active/passive dwell times. 7225 */ 7226 7227 dwell_active = iwn_get_active_dwell_time(sc, c, ss->ss_nssid); 7228 dwell_passive = iwn_get_passive_dwell_time(sc, c); 7229 7230 /* Make sure they're valid */ 7231 if (dwell_passive <= dwell_active) 7232 dwell_passive = dwell_active + 1; 7233 7234 chan->active = htole16(dwell_active); 7235 chan->passive = htole16(dwell_passive); 7236 7237 if (IEEE80211_IS_CHAN_5GHZ(c)) 7238 chan->rf_gain = 0x3b; 7239 else 7240 chan->rf_gain = 0x28; 7241 7242 DPRINTF(sc, IWN_DEBUG_STATE, 7243 "%s: chan %u flags 0x%x rf_gain 0x%x " 7244 "dsp_gain 0x%x active %d passive %d scan_svc_time %d crc 0x%x " 7245 "isactive=%d numssid=%d\n", __func__, 7246 chan->chan, chan->flags, chan->rf_gain, chan->dsp_gain, 7247 dwell_active, dwell_passive, scan_service_time, 7248 hdr->crc_threshold, is_active, ss->ss_nssid); 7249 7250 hdr->nchan++; 7251 chan++; 7252 buflen = (uint8_t *)chan - buf; 7253 hdr->len = htole16(buflen); 7254 7255 if (sc->sc_is_scanning) { 7256 device_printf(sc->sc_dev, 7257 "%s: called with is_scanning set!\n", 7258 __func__); 7259 } 7260 sc->sc_is_scanning = 1; 7261 7262 DPRINTF(sc, IWN_DEBUG_STATE, "sending scan command nchan=%d\n", 7263 hdr->nchan); 7264 error = iwn_cmd(sc, IWN_CMD_SCAN, buf, buflen, 1); 7265 free(buf, M_DEVBUF); 7266 if (error == 0) 7267 callout_reset(&sc->scan_timeout, 5*hz, iwn_scan_timeout, sc); 7268 7269 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 7270 7271 return error; 7272 } 7273 7274 static int 7275 iwn_auth(struct iwn_softc *sc, struct ieee80211vap *vap) 7276 { 7277 struct ieee80211com *ic = &sc->sc_ic; 7278 struct ieee80211_node *ni = vap->iv_bss; 7279 int error; 7280 7281 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7282 7283 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 7284 /* Update adapter configuration. */ 7285 IEEE80211_ADDR_COPY(sc->rxon->bssid, ni->ni_bssid); 7286 sc->rxon->chan = ieee80211_chan2ieee(ic, ni->ni_chan); 7287 sc->rxon->flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 7288 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 7289 sc->rxon->flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 7290 7291 /* 7292 * We always set short slot on 5GHz channels. 7293 * We optionally set it for 2.4GHz channels. 7294 */ 7295 if (IEEE80211_IS_CHAN_5GHZ(ni->ni_chan)) 7296 sc->rxon->flags |= htole32(IWN_RXON_SHSLOT); 7297 else if (vap->iv_flags & IEEE80211_F_SHSLOT) 7298 sc->rxon->flags |= htole32(IWN_RXON_SHSLOT); 7299 7300 if (vap->iv_flags & IEEE80211_F_SHPREAMBLE) 7301 sc->rxon->flags |= htole32(IWN_RXON_SHPREAMBLE); 7302 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) { 7303 sc->rxon->cck_mask = 0; 7304 sc->rxon->ofdm_mask = 0x15; 7305 } else if (IEEE80211_IS_CHAN_B(ni->ni_chan)) { 7306 sc->rxon->cck_mask = 0x03; 7307 sc->rxon->ofdm_mask = 0; 7308 } else { 7309 /* Assume 802.11b/g. */ 7310 sc->rxon->cck_mask = 0x03; 7311 sc->rxon->ofdm_mask = 0x15; 7312 } 7313 7314 /* try HT */ 7315 sc->rxon->flags |= htole32(iwn_get_rxon_ht_flags(sc, vap, ic->ic_curchan)); 7316 7317 DPRINTF(sc, IWN_DEBUG_STATE, "rxon chan %d flags %x cck %x ofdm %x\n", 7318 sc->rxon->chan, sc->rxon->flags, sc->rxon->cck_mask, 7319 sc->rxon->ofdm_mask); 7320 7321 if ((error = iwn_send_rxon(sc, 0, 1)) != 0) { 7322 device_printf(sc->sc_dev, "%s: could not send RXON\n", 7323 __func__); 7324 return (error); 7325 } 7326 7327 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 7328 7329 return (0); 7330 } 7331 7332 static int 7333 iwn_run(struct iwn_softc *sc, struct ieee80211vap *vap) 7334 { 7335 struct iwn_ops *ops = &sc->ops; 7336 struct ieee80211com *ic = &sc->sc_ic; 7337 struct ieee80211_node *ni = vap->iv_bss; 7338 struct iwn_node_info node; 7339 int error; 7340 7341 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7342 7343 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 7344 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 7345 /* Link LED blinks while monitoring. */ 7346 iwn_set_led(sc, IWN_LED_LINK, 5, 5); 7347 return 0; 7348 } 7349 if ((error = iwn_set_timing(sc, ni)) != 0) { 7350 device_printf(sc->sc_dev, 7351 "%s: could not set timing, error %d\n", __func__, error); 7352 return error; 7353 } 7354 7355 /* Update adapter configuration. */ 7356 IEEE80211_ADDR_COPY(sc->rxon->bssid, ni->ni_bssid); 7357 sc->rxon->associd = htole16(IEEE80211_AID(ni->ni_associd)); 7358 sc->rxon->chan = ieee80211_chan2ieee(ic, ni->ni_chan); 7359 sc->rxon->flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 7360 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 7361 sc->rxon->flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 7362 7363 /* As previously - short slot only on 5GHz */ 7364 if (IEEE80211_IS_CHAN_5GHZ(ni->ni_chan)) 7365 sc->rxon->flags |= htole32(IWN_RXON_SHSLOT); 7366 else if (vap->iv_flags & IEEE80211_F_SHSLOT) 7367 sc->rxon->flags |= htole32(IWN_RXON_SHSLOT); 7368 7369 if (vap->iv_flags & IEEE80211_F_SHPREAMBLE) 7370 sc->rxon->flags |= htole32(IWN_RXON_SHPREAMBLE); 7371 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) { 7372 sc->rxon->cck_mask = 0; 7373 sc->rxon->ofdm_mask = 0x15; 7374 } else if (IEEE80211_IS_CHAN_B(ni->ni_chan)) { 7375 sc->rxon->cck_mask = 0x03; 7376 sc->rxon->ofdm_mask = 0; 7377 } else { 7378 /* Assume 802.11b/g. */ 7379 sc->rxon->cck_mask = 0x0f; 7380 sc->rxon->ofdm_mask = 0x15; 7381 } 7382 /* try HT */ 7383 sc->rxon->flags |= htole32(iwn_get_rxon_ht_flags(sc, vap, ni->ni_chan)); 7384 sc->rxon->filter |= htole32(IWN_FILTER_BSS); 7385 DPRINTF(sc, IWN_DEBUG_STATE, "rxon chan %d flags %x, curhtprotmode=%d\n", 7386 sc->rxon->chan, le32toh(sc->rxon->flags), vap->iv_curhtprotmode); 7387 7388 if ((error = iwn_send_rxon(sc, 0, 1)) != 0) { 7389 device_printf(sc->sc_dev, "%s: could not send RXON\n", 7390 __func__); 7391 return error; 7392 } 7393 7394 /* Fake a join to initialize the TX rate. */ 7395 ((struct iwn_node *)ni)->id = IWN_ID_BSS; 7396 iwn_newassoc(ni, 1); 7397 7398 /* Add BSS node. */ 7399 memset(&node, 0, sizeof node); 7400 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 7401 node.id = IWN_ID_BSS; 7402 if (IEEE80211_IS_CHAN_HT(ni->ni_chan)) { 7403 switch (ni->ni_htcap & IEEE80211_HTCAP_SMPS) { 7404 case IEEE80211_HTCAP_SMPS_ENA: 7405 node.htflags |= htole32(IWN_SMPS_MIMO_DIS); 7406 break; 7407 case IEEE80211_HTCAP_SMPS_DYNAMIC: 7408 node.htflags |= htole32(IWN_SMPS_MIMO_PROT); 7409 break; 7410 } 7411 node.htflags |= htole32(IWN_AMDPU_SIZE_FACTOR(3) | 7412 IWN_AMDPU_DENSITY(5)); /* 4us */ 7413 if (IEEE80211_IS_CHAN_HT40(ni->ni_chan)) 7414 node.htflags |= htole32(IWN_NODE_HT40); 7415 } 7416 DPRINTF(sc, IWN_DEBUG_STATE, "%s: adding BSS node\n", __func__); 7417 error = ops->add_node(sc, &node, 1); 7418 if (error != 0) { 7419 device_printf(sc->sc_dev, 7420 "%s: could not add BSS node, error %d\n", __func__, error); 7421 return error; 7422 } 7423 DPRINTF(sc, IWN_DEBUG_STATE, "%s: setting link quality for node %d\n", 7424 __func__, node.id); 7425 if ((error = iwn_set_link_quality(sc, ni)) != 0) { 7426 device_printf(sc->sc_dev, 7427 "%s: could not setup link quality for node %d, error %d\n", 7428 __func__, node.id, error); 7429 return error; 7430 } 7431 7432 if ((error = iwn_init_sensitivity(sc)) != 0) { 7433 device_printf(sc->sc_dev, 7434 "%s: could not set sensitivity, error %d\n", __func__, 7435 error); 7436 return error; 7437 } 7438 /* Start periodic calibration timer. */ 7439 sc->calib.state = IWN_CALIB_STATE_ASSOC; 7440 sc->calib_cnt = 0; 7441 callout_reset(&sc->calib_to, msecs_to_ticks(500), iwn_calib_timeout, 7442 sc); 7443 7444 /* Link LED always on while associated. */ 7445 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 7446 7447 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 7448 7449 return 0; 7450 } 7451 7452 /* 7453 * This function is called by upper layer when an ADDBA request is received 7454 * from another STA and before the ADDBA response is sent. 7455 */ 7456 static int 7457 iwn_ampdu_rx_start(struct ieee80211_node *ni, struct ieee80211_rx_ampdu *rap, 7458 int baparamset, int batimeout, int baseqctl) 7459 { 7460 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7461 struct iwn_ops *ops = &sc->ops; 7462 struct iwn_node *wn = (void *)ni; 7463 struct iwn_node_info node; 7464 uint16_t ssn; 7465 uint8_t tid; 7466 int error; 7467 7468 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7469 7470 tid = _IEEE80211_MASKSHIFT(le16toh(baparamset), IEEE80211_BAPS_TID); 7471 ssn = _IEEE80211_MASKSHIFT(le16toh(baseqctl), IEEE80211_BASEQ_START); 7472 7473 if (wn->id == IWN_ID_UNDEFINED) 7474 return (ENOENT); 7475 7476 memset(&node, 0, sizeof node); 7477 node.id = wn->id; 7478 node.control = IWN_NODE_UPDATE; 7479 node.flags = IWN_FLAG_SET_ADDBA; 7480 node.addba_tid = tid; 7481 node.addba_ssn = htole16(ssn); 7482 DPRINTF(sc, IWN_DEBUG_RECV, "ADDBA RA=%d TID=%d SSN=%d\n", 7483 wn->id, tid, ssn); 7484 error = ops->add_node(sc, &node, 1); 7485 if (error != 0) 7486 return error; 7487 return sc->sc_ampdu_rx_start(ni, rap, baparamset, batimeout, baseqctl); 7488 } 7489 7490 /* 7491 * This function is called by upper layer on teardown of an HT-immediate 7492 * Block Ack agreement (eg. uppon receipt of a DELBA frame). 7493 */ 7494 static void 7495 iwn_ampdu_rx_stop(struct ieee80211_node *ni, struct ieee80211_rx_ampdu *rap) 7496 { 7497 struct ieee80211com *ic = ni->ni_ic; 7498 struct iwn_softc *sc = ic->ic_softc; 7499 struct iwn_ops *ops = &sc->ops; 7500 struct iwn_node *wn = (void *)ni; 7501 struct iwn_node_info node; 7502 uint8_t tid; 7503 7504 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7505 7506 if (wn->id == IWN_ID_UNDEFINED) 7507 goto end; 7508 7509 /* XXX: tid as an argument */ 7510 for (tid = 0; tid < WME_NUM_TID; tid++) { 7511 if (&ni->ni_rx_ampdu[tid] == rap) 7512 break; 7513 } 7514 7515 memset(&node, 0, sizeof node); 7516 node.id = wn->id; 7517 node.control = IWN_NODE_UPDATE; 7518 node.flags = IWN_FLAG_SET_DELBA; 7519 node.delba_tid = tid; 7520 DPRINTF(sc, IWN_DEBUG_RECV, "DELBA RA=%d TID=%d\n", wn->id, tid); 7521 (void)ops->add_node(sc, &node, 1); 7522 end: 7523 sc->sc_ampdu_rx_stop(ni, rap); 7524 } 7525 7526 static int 7527 iwn_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 7528 int dialogtoken, int baparamset, int batimeout) 7529 { 7530 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7531 int qid; 7532 7533 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7534 7535 for (qid = sc->firstaggqueue; qid < sc->ntxqs; qid++) { 7536 if (sc->qid2tap[qid] == NULL) 7537 break; 7538 } 7539 if (qid == sc->ntxqs) { 7540 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: not free aggregation queue\n", 7541 __func__); 7542 return 0; 7543 } 7544 tap->txa_private = malloc(sizeof(int), M_DEVBUF, M_NOWAIT); 7545 if (tap->txa_private == NULL) { 7546 device_printf(sc->sc_dev, 7547 "%s: failed to alloc TX aggregation structure\n", __func__); 7548 return 0; 7549 } 7550 sc->qid2tap[qid] = tap; 7551 *(int *)tap->txa_private = qid; 7552 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset, 7553 batimeout); 7554 } 7555 7556 static int 7557 iwn_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 7558 int code, int baparamset, int batimeout) 7559 { 7560 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7561 int qid = *(int *)tap->txa_private; 7562 uint8_t tid = tap->txa_tid; 7563 int ret; 7564 7565 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7566 7567 if (code == IEEE80211_STATUS_SUCCESS) { 7568 ni->ni_txseqs[tid] = tap->txa_start & 0xfff; 7569 ret = iwn_ampdu_tx_start(ni->ni_ic, ni, tid); 7570 if (ret != 1) 7571 return ret; 7572 } else { 7573 sc->qid2tap[qid] = NULL; 7574 free(tap->txa_private, M_DEVBUF); 7575 tap->txa_private = NULL; 7576 } 7577 return sc->sc_addba_response(ni, tap, code, baparamset, batimeout); 7578 } 7579 7580 /* 7581 * This function is called by upper layer when an ADDBA response is received 7582 * from another STA. 7583 */ 7584 static int 7585 iwn_ampdu_tx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 7586 uint8_t tid) 7587 { 7588 struct ieee80211_tx_ampdu *tap = &ni->ni_tx_ampdu[tid]; 7589 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7590 struct iwn_ops *ops = &sc->ops; 7591 struct iwn_node *wn = (void *)ni; 7592 struct iwn_node_info node; 7593 int error, qid; 7594 7595 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7596 7597 if (wn->id == IWN_ID_UNDEFINED) 7598 return (0); 7599 7600 /* Enable TX for the specified RA/TID. */ 7601 wn->disable_tid &= ~(1 << tid); 7602 memset(&node, 0, sizeof node); 7603 node.id = wn->id; 7604 node.control = IWN_NODE_UPDATE; 7605 node.flags = IWN_FLAG_SET_DISABLE_TID; 7606 node.disable_tid = htole16(wn->disable_tid); 7607 error = ops->add_node(sc, &node, 1); 7608 if (error != 0) 7609 return 0; 7610 7611 if ((error = iwn_nic_lock(sc)) != 0) 7612 return 0; 7613 qid = *(int *)tap->txa_private; 7614 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: ra=%d tid=%d ssn=%d qid=%d\n", 7615 __func__, wn->id, tid, tap->txa_start, qid); 7616 ops->ampdu_tx_start(sc, ni, qid, tid, tap->txa_start & 0xfff); 7617 iwn_nic_unlock(sc); 7618 7619 iwn_set_link_quality(sc, ni); 7620 return 1; 7621 } 7622 7623 static void 7624 iwn_ampdu_tx_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 7625 { 7626 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7627 struct iwn_ops *ops = &sc->ops; 7628 uint8_t tid = tap->txa_tid; 7629 int qid; 7630 7631 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7632 7633 sc->sc_addba_stop(ni, tap); 7634 7635 if (tap->txa_private == NULL) 7636 return; 7637 7638 qid = *(int *)tap->txa_private; 7639 if (sc->txq[qid].queued != 0) 7640 return; 7641 if (iwn_nic_lock(sc) != 0) 7642 return; 7643 ops->ampdu_tx_stop(sc, qid, tid, tap->txa_start & 0xfff); 7644 iwn_nic_unlock(sc); 7645 sc->qid2tap[qid] = NULL; 7646 free(tap->txa_private, M_DEVBUF); 7647 tap->txa_private = NULL; 7648 } 7649 7650 static void 7651 iwn4965_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 7652 int qid, uint8_t tid, uint16_t ssn) 7653 { 7654 struct iwn_node *wn = (void *)ni; 7655 7656 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7657 7658 /* Stop TX scheduler while we're changing its configuration. */ 7659 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7660 IWN4965_TXQ_STATUS_CHGACT); 7661 7662 /* Assign RA/TID translation to the queue. */ 7663 iwn_mem_write_2(sc, sc->sched_base + IWN4965_SCHED_TRANS_TBL(qid), 7664 wn->id << 4 | tid); 7665 7666 /* Enable chain-building mode for the queue. */ 7667 iwn_prph_setbits(sc, IWN4965_SCHED_QCHAIN_SEL, 1 << qid); 7668 7669 /* Set starting sequence number from the ADDBA request. */ 7670 sc->txq[qid].cur = sc->txq[qid].read = (ssn & 0xff); 7671 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7672 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 7673 7674 /* Set scheduler window size. */ 7675 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid), 7676 IWN_SCHED_WINSZ); 7677 /* Set scheduler frame limit. */ 7678 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 7679 IWN_SCHED_LIMIT << 16); 7680 7681 /* Enable interrupts for the queue. */ 7682 iwn_prph_setbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 7683 7684 /* Mark the queue as active. */ 7685 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7686 IWN4965_TXQ_STATUS_ACTIVE | IWN4965_TXQ_STATUS_AGGR_ENA | 7687 iwn_tid2fifo[tid] << 1); 7688 } 7689 7690 static void 7691 iwn4965_ampdu_tx_stop(struct iwn_softc *sc, int qid, uint8_t tid, uint16_t ssn) 7692 { 7693 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7694 7695 /* Stop TX scheduler while we're changing its configuration. */ 7696 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7697 IWN4965_TXQ_STATUS_CHGACT); 7698 7699 /* Set starting sequence number from the ADDBA request. */ 7700 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7701 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 7702 7703 /* Disable interrupts for the queue. */ 7704 iwn_prph_clrbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 7705 7706 /* Mark the queue as inactive. */ 7707 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7708 IWN4965_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid] << 1); 7709 } 7710 7711 static void 7712 iwn5000_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 7713 int qid, uint8_t tid, uint16_t ssn) 7714 { 7715 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7716 7717 struct iwn_node *wn = (void *)ni; 7718 7719 /* Stop TX scheduler while we're changing its configuration. */ 7720 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7721 IWN5000_TXQ_STATUS_CHGACT); 7722 7723 /* Assign RA/TID translation to the queue. */ 7724 iwn_mem_write_2(sc, sc->sched_base + IWN5000_SCHED_TRANS_TBL(qid), 7725 wn->id << 4 | tid); 7726 7727 /* Enable chain-building mode for the queue. */ 7728 iwn_prph_setbits(sc, IWN5000_SCHED_QCHAIN_SEL, 1 << qid); 7729 7730 /* Enable aggregation for the queue. */ 7731 iwn_prph_setbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 7732 7733 /* Set starting sequence number from the ADDBA request. */ 7734 sc->txq[qid].cur = sc->txq[qid].read = (ssn & 0xff); 7735 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7736 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 7737 7738 /* Set scheduler window size and frame limit. */ 7739 iwn_mem_write(sc, sc->sched_base + IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 7740 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 7741 7742 /* Enable interrupts for the queue. */ 7743 iwn_prph_setbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 7744 7745 /* Mark the queue as active. */ 7746 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7747 IWN5000_TXQ_STATUS_ACTIVE | iwn_tid2fifo[tid]); 7748 } 7749 7750 static void 7751 iwn5000_ampdu_tx_stop(struct iwn_softc *sc, int qid, uint8_t tid, uint16_t ssn) 7752 { 7753 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7754 7755 /* Stop TX scheduler while we're changing its configuration. */ 7756 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7757 IWN5000_TXQ_STATUS_CHGACT); 7758 7759 /* Disable aggregation for the queue. */ 7760 iwn_prph_clrbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 7761 7762 /* Set starting sequence number from the ADDBA request. */ 7763 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7764 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 7765 7766 /* Disable interrupts for the queue. */ 7767 iwn_prph_clrbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 7768 7769 /* Mark the queue as inactive. */ 7770 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7771 IWN5000_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid]); 7772 } 7773 7774 /* 7775 * Query calibration tables from the initialization firmware. We do this 7776 * only once at first boot. Called from a process context. 7777 */ 7778 static int 7779 iwn5000_query_calibration(struct iwn_softc *sc) 7780 { 7781 struct iwn5000_calib_config cmd; 7782 int error; 7783 7784 memset(&cmd, 0, sizeof cmd); 7785 cmd.ucode.once.enable = htole32(0xffffffff); 7786 cmd.ucode.once.start = htole32(0xffffffff); 7787 cmd.ucode.once.send = htole32(0xffffffff); 7788 cmd.ucode.flags = htole32(0xffffffff); 7789 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: sending calibration query\n", 7790 __func__); 7791 error = iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof cmd, 0); 7792 if (error != 0) 7793 return error; 7794 7795 /* Wait at most two seconds for calibration to complete. */ 7796 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) 7797 error = msleep(sc, &sc->sc_mtx, PCATCH, "iwncal", 2 * hz); 7798 return error; 7799 } 7800 7801 /* 7802 * Send calibration results to the runtime firmware. These results were 7803 * obtained on first boot from the initialization firmware. 7804 */ 7805 static int 7806 iwn5000_send_calibration(struct iwn_softc *sc) 7807 { 7808 int idx, error; 7809 7810 for (idx = 0; idx < IWN5000_PHY_CALIB_MAX_RESULT; idx++) { 7811 if (!(sc->base_params->calib_need & (1<<idx))) { 7812 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7813 "No need of calib %d\n", 7814 idx); 7815 continue; /* no need for this calib */ 7816 } 7817 if (sc->calibcmd[idx].buf == NULL) { 7818 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7819 "Need calib idx : %d but no available data\n", 7820 idx); 7821 continue; 7822 } 7823 7824 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7825 "send calibration result idx=%d len=%d\n", idx, 7826 sc->calibcmd[idx].len); 7827 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, sc->calibcmd[idx].buf, 7828 sc->calibcmd[idx].len, 0); 7829 if (error != 0) { 7830 device_printf(sc->sc_dev, 7831 "%s: could not send calibration result, error %d\n", 7832 __func__, error); 7833 return error; 7834 } 7835 } 7836 return 0; 7837 } 7838 7839 static int 7840 iwn5000_send_wimax_coex(struct iwn_softc *sc) 7841 { 7842 struct iwn5000_wimax_coex wimax; 7843 7844 #if 0 7845 if (sc->hw_type == IWN_HW_REV_TYPE_6050) { 7846 /* Enable WiMAX coexistence for combo adapters. */ 7847 wimax.flags = 7848 IWN_WIMAX_COEX_ASSOC_WA_UNMASK | 7849 IWN_WIMAX_COEX_UNASSOC_WA_UNMASK | 7850 IWN_WIMAX_COEX_STA_TABLE_VALID | 7851 IWN_WIMAX_COEX_ENABLE; 7852 memcpy(wimax.events, iwn6050_wimax_events, 7853 sizeof iwn6050_wimax_events); 7854 } else 7855 #endif 7856 { 7857 /* Disable WiMAX coexistence. */ 7858 wimax.flags = 0; 7859 memset(wimax.events, 0, sizeof wimax.events); 7860 } 7861 DPRINTF(sc, IWN_DEBUG_RESET, "%s: Configuring WiMAX coexistence\n", 7862 __func__); 7863 return iwn_cmd(sc, IWN5000_CMD_WIMAX_COEX, &wimax, sizeof wimax, 0); 7864 } 7865 7866 static int 7867 iwn5000_crystal_calib(struct iwn_softc *sc) 7868 { 7869 struct iwn5000_phy_calib_crystal cmd; 7870 7871 memset(&cmd, 0, sizeof cmd); 7872 cmd.code = IWN5000_PHY_CALIB_CRYSTAL; 7873 cmd.ngroups = 1; 7874 cmd.isvalid = 1; 7875 cmd.cap_pin[0] = le32toh(sc->eeprom_crystal) & 0xff; 7876 cmd.cap_pin[1] = (le32toh(sc->eeprom_crystal) >> 16) & 0xff; 7877 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "sending crystal calibration %d, %d\n", 7878 cmd.cap_pin[0], cmd.cap_pin[1]); 7879 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 7880 } 7881 7882 static int 7883 iwn5000_temp_offset_calib(struct iwn_softc *sc) 7884 { 7885 struct iwn5000_phy_calib_temp_offset cmd; 7886 7887 memset(&cmd, 0, sizeof cmd); 7888 cmd.code = IWN5000_PHY_CALIB_TEMP_OFFSET; 7889 cmd.ngroups = 1; 7890 cmd.isvalid = 1; 7891 if (sc->eeprom_temp != 0) 7892 cmd.offset = htole16(sc->eeprom_temp); 7893 else 7894 cmd.offset = htole16(IWN_DEFAULT_TEMP_OFFSET); 7895 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "setting radio sensor offset to %d\n", 7896 le16toh(cmd.offset)); 7897 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 7898 } 7899 7900 static int 7901 iwn5000_temp_offset_calibv2(struct iwn_softc *sc) 7902 { 7903 struct iwn5000_phy_calib_temp_offsetv2 cmd; 7904 7905 memset(&cmd, 0, sizeof cmd); 7906 cmd.code = IWN5000_PHY_CALIB_TEMP_OFFSET; 7907 cmd.ngroups = 1; 7908 cmd.isvalid = 1; 7909 if (sc->eeprom_temp != 0) { 7910 cmd.offset_low = htole16(sc->eeprom_temp); 7911 cmd.offset_high = htole16(sc->eeprom_temp_high); 7912 } else { 7913 cmd.offset_low = htole16(IWN_DEFAULT_TEMP_OFFSET); 7914 cmd.offset_high = htole16(IWN_DEFAULT_TEMP_OFFSET); 7915 } 7916 cmd.burnt_voltage_ref = htole16(sc->eeprom_voltage); 7917 7918 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7919 "setting radio sensor low offset to %d, high offset to %d, voltage to %d\n", 7920 le16toh(cmd.offset_low), 7921 le16toh(cmd.offset_high), 7922 le16toh(cmd.burnt_voltage_ref)); 7923 7924 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 7925 } 7926 7927 /* 7928 * This function is called after the runtime firmware notifies us of its 7929 * readiness (called in a process context). 7930 */ 7931 static int 7932 iwn4965_post_alive(struct iwn_softc *sc) 7933 { 7934 int error, qid; 7935 7936 if ((error = iwn_nic_lock(sc)) != 0) 7937 return error; 7938 7939 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7940 7941 /* Clear TX scheduler state in SRAM. */ 7942 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 7943 iwn_mem_set_region_4(sc, sc->sched_base + IWN4965_SCHED_CTX_OFF, 0, 7944 IWN4965_SCHED_CTX_LEN / sizeof (uint32_t)); 7945 7946 /* Set physical address of TX scheduler rings (1KB aligned). */ 7947 iwn_prph_write(sc, IWN4965_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 7948 7949 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 7950 7951 /* Disable chain mode for all our 16 queues. */ 7952 iwn_prph_write(sc, IWN4965_SCHED_QCHAIN_SEL, 0); 7953 7954 for (qid = 0; qid < IWN4965_NTXQUEUES; qid++) { 7955 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), 0); 7956 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 7957 7958 /* Set scheduler window size. */ 7959 iwn_mem_write(sc, sc->sched_base + 7960 IWN4965_SCHED_QUEUE_OFFSET(qid), IWN_SCHED_WINSZ); 7961 /* Set scheduler frame limit. */ 7962 iwn_mem_write(sc, sc->sched_base + 7963 IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 7964 IWN_SCHED_LIMIT << 16); 7965 } 7966 7967 /* Enable interrupts for all our 16 queues. */ 7968 iwn_prph_write(sc, IWN4965_SCHED_INTR_MASK, 0xffff); 7969 /* Identify TX FIFO rings (0-7). */ 7970 iwn_prph_write(sc, IWN4965_SCHED_TXFACT, 0xff); 7971 7972 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 7973 for (qid = 0; qid < 7; qid++) { 7974 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 4, 5, 6 }; 7975 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7976 IWN4965_TXQ_STATUS_ACTIVE | qid2fifo[qid] << 1); 7977 } 7978 iwn_nic_unlock(sc); 7979 return 0; 7980 } 7981 7982 /* 7983 * This function is called after the initialization or runtime firmware 7984 * notifies us of its readiness (called in a process context). 7985 */ 7986 static int 7987 iwn5000_post_alive(struct iwn_softc *sc) 7988 { 7989 int error, qid; 7990 7991 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7992 7993 /* Switch to using ICT interrupt mode. */ 7994 iwn5000_ict_reset(sc); 7995 7996 if ((error = iwn_nic_lock(sc)) != 0){ 7997 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end in error\n", __func__); 7998 return error; 7999 } 8000 8001 /* Clear TX scheduler state in SRAM. */ 8002 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 8003 iwn_mem_set_region_4(sc, sc->sched_base + IWN5000_SCHED_CTX_OFF, 0, 8004 IWN5000_SCHED_CTX_LEN / sizeof (uint32_t)); 8005 8006 /* Set physical address of TX scheduler rings (1KB aligned). */ 8007 iwn_prph_write(sc, IWN5000_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 8008 8009 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 8010 8011 /* Enable chain mode for all queues, except command queue. */ 8012 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) 8013 iwn_prph_write(sc, IWN5000_SCHED_QCHAIN_SEL, 0xfffdf); 8014 else 8015 iwn_prph_write(sc, IWN5000_SCHED_QCHAIN_SEL, 0xfffef); 8016 iwn_prph_write(sc, IWN5000_SCHED_AGGR_SEL, 0); 8017 8018 for (qid = 0; qid < IWN5000_NTXQUEUES; qid++) { 8019 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), 0); 8020 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 8021 8022 iwn_mem_write(sc, sc->sched_base + 8023 IWN5000_SCHED_QUEUE_OFFSET(qid), 0); 8024 /* Set scheduler window size and frame limit. */ 8025 iwn_mem_write(sc, sc->sched_base + 8026 IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 8027 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 8028 } 8029 8030 /* Enable interrupts for all our 20 queues. */ 8031 iwn_prph_write(sc, IWN5000_SCHED_INTR_MASK, 0xfffff); 8032 /* Identify TX FIFO rings (0-7). */ 8033 iwn_prph_write(sc, IWN5000_SCHED_TXFACT, 0xff); 8034 8035 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 8036 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) { 8037 /* Mark TX rings as active. */ 8038 for (qid = 0; qid < 11; qid++) { 8039 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 0, 4, 2, 5, 4, 7, 5 }; 8040 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 8041 IWN5000_TXQ_STATUS_ACTIVE | qid2fifo[qid]); 8042 } 8043 } else { 8044 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 8045 for (qid = 0; qid < 7; qid++) { 8046 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 7, 5, 6 }; 8047 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 8048 IWN5000_TXQ_STATUS_ACTIVE | qid2fifo[qid]); 8049 } 8050 } 8051 iwn_nic_unlock(sc); 8052 8053 /* Configure WiMAX coexistence for combo adapters. */ 8054 error = iwn5000_send_wimax_coex(sc); 8055 if (error != 0) { 8056 device_printf(sc->sc_dev, 8057 "%s: could not configure WiMAX coexistence, error %d\n", 8058 __func__, error); 8059 return error; 8060 } 8061 if (sc->hw_type != IWN_HW_REV_TYPE_5150) { 8062 /* Perform crystal calibration. */ 8063 error = iwn5000_crystal_calib(sc); 8064 if (error != 0) { 8065 device_printf(sc->sc_dev, 8066 "%s: crystal calibration failed, error %d\n", 8067 __func__, error); 8068 return error; 8069 } 8070 } 8071 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) { 8072 /* Query calibration from the initialization firmware. */ 8073 if ((error = iwn5000_query_calibration(sc)) != 0) { 8074 device_printf(sc->sc_dev, 8075 "%s: could not query calibration, error %d\n", 8076 __func__, error); 8077 return error; 8078 } 8079 /* 8080 * We have the calibration results now, reboot with the 8081 * runtime firmware (call ourselves recursively!) 8082 */ 8083 iwn_hw_stop(sc); 8084 error = iwn_hw_init(sc); 8085 } else { 8086 /* Send calibration results to runtime firmware. */ 8087 error = iwn5000_send_calibration(sc); 8088 } 8089 8090 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 8091 8092 return error; 8093 } 8094 8095 /* 8096 * The firmware boot code is small and is intended to be copied directly into 8097 * the NIC internal memory (no DMA transfer). 8098 */ 8099 static int 8100 iwn4965_load_bootcode(struct iwn_softc *sc, const uint8_t *ucode, int size) 8101 { 8102 int error, ntries; 8103 8104 size /= sizeof (uint32_t); 8105 8106 if ((error = iwn_nic_lock(sc)) != 0) 8107 return error; 8108 8109 /* Copy microcode image into NIC memory. */ 8110 iwn_prph_write_region_4(sc, IWN_BSM_SRAM_BASE, 8111 (const uint32_t *)ucode, size); 8112 8113 iwn_prph_write(sc, IWN_BSM_WR_MEM_SRC, 0); 8114 iwn_prph_write(sc, IWN_BSM_WR_MEM_DST, IWN_FW_TEXT_BASE); 8115 iwn_prph_write(sc, IWN_BSM_WR_DWCOUNT, size); 8116 8117 /* Start boot load now. */ 8118 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START); 8119 8120 /* Wait for transfer to complete. */ 8121 for (ntries = 0; ntries < 1000; ntries++) { 8122 if (!(iwn_prph_read(sc, IWN_BSM_WR_CTRL) & 8123 IWN_BSM_WR_CTRL_START)) 8124 break; 8125 DELAY(10); 8126 } 8127 if (ntries == 1000) { 8128 device_printf(sc->sc_dev, "%s: could not load boot firmware\n", 8129 __func__); 8130 iwn_nic_unlock(sc); 8131 return ETIMEDOUT; 8132 } 8133 8134 /* Enable boot after power up. */ 8135 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START_EN); 8136 8137 iwn_nic_unlock(sc); 8138 return 0; 8139 } 8140 8141 static int 8142 iwn4965_load_firmware(struct iwn_softc *sc) 8143 { 8144 struct iwn_fw_info *fw = &sc->fw; 8145 struct iwn_dma_info *dma = &sc->fw_dma; 8146 int error; 8147 8148 /* Copy initialization sections into pre-allocated DMA-safe memory. */ 8149 memcpy(dma->vaddr, fw->init.data, fw->init.datasz); 8150 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 8151 memcpy(dma->vaddr + IWN4965_FW_DATA_MAXSZ, 8152 fw->init.text, fw->init.textsz); 8153 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 8154 8155 /* Tell adapter where to find initialization sections. */ 8156 if ((error = iwn_nic_lock(sc)) != 0) 8157 return error; 8158 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 8159 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->init.datasz); 8160 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 8161 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 8162 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, fw->init.textsz); 8163 iwn_nic_unlock(sc); 8164 8165 /* Load firmware boot code. */ 8166 error = iwn4965_load_bootcode(sc, fw->boot.text, fw->boot.textsz); 8167 if (error != 0) { 8168 device_printf(sc->sc_dev, "%s: could not load boot firmware\n", 8169 __func__); 8170 return error; 8171 } 8172 /* Now press "execute". */ 8173 IWN_WRITE(sc, IWN_RESET, 0); 8174 8175 /* Wait at most one second for first alive notification. */ 8176 if ((error = msleep(sc, &sc->sc_mtx, PCATCH, "iwninit", hz)) != 0) { 8177 device_printf(sc->sc_dev, 8178 "%s: timeout waiting for adapter to initialize, error %d\n", 8179 __func__, error); 8180 return error; 8181 } 8182 8183 /* Retrieve current temperature for initial TX power calibration. */ 8184 sc->rawtemp = sc->ucode_info.temp[3].chan20MHz; 8185 sc->temp = iwn4965_get_temperature(sc); 8186 8187 /* Copy runtime sections into pre-allocated DMA-safe memory. */ 8188 memcpy(dma->vaddr, fw->main.data, fw->main.datasz); 8189 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 8190 memcpy(dma->vaddr + IWN4965_FW_DATA_MAXSZ, 8191 fw->main.text, fw->main.textsz); 8192 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 8193 8194 /* Tell adapter where to find runtime sections. */ 8195 if ((error = iwn_nic_lock(sc)) != 0) 8196 return error; 8197 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 8198 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->main.datasz); 8199 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 8200 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 8201 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, 8202 IWN_FW_UPDATED | fw->main.textsz); 8203 iwn_nic_unlock(sc); 8204 8205 return 0; 8206 } 8207 8208 static int 8209 iwn5000_load_firmware_section(struct iwn_softc *sc, uint32_t dst, 8210 const uint8_t *section, int size) 8211 { 8212 struct iwn_dma_info *dma = &sc->fw_dma; 8213 int error; 8214 8215 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8216 8217 /* Copy firmware section into pre-allocated DMA-safe memory. */ 8218 memcpy(dma->vaddr, section, size); 8219 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 8220 8221 if ((error = iwn_nic_lock(sc)) != 0) 8222 return error; 8223 8224 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 8225 IWN_FH_TX_CONFIG_DMA_PAUSE); 8226 8227 IWN_WRITE(sc, IWN_FH_SRAM_ADDR(IWN_SRVC_DMACHNL), dst); 8228 IWN_WRITE(sc, IWN_FH_TFBD_CTRL0(IWN_SRVC_DMACHNL), 8229 IWN_LOADDR(dma->paddr)); 8230 IWN_WRITE(sc, IWN_FH_TFBD_CTRL1(IWN_SRVC_DMACHNL), 8231 IWN_HIADDR(dma->paddr) << 28 | size); 8232 IWN_WRITE(sc, IWN_FH_TXBUF_STATUS(IWN_SRVC_DMACHNL), 8233 IWN_FH_TXBUF_STATUS_TBNUM(1) | 8234 IWN_FH_TXBUF_STATUS_TBIDX(1) | 8235 IWN_FH_TXBUF_STATUS_TFBD_VALID); 8236 8237 /* Kick Flow Handler to start DMA transfer. */ 8238 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 8239 IWN_FH_TX_CONFIG_DMA_ENA | IWN_FH_TX_CONFIG_CIRQ_HOST_ENDTFD); 8240 8241 iwn_nic_unlock(sc); 8242 8243 /* Wait at most five seconds for FH DMA transfer to complete. */ 8244 return msleep(sc, &sc->sc_mtx, PCATCH, "iwninit", 5 * hz); 8245 } 8246 8247 static int 8248 iwn5000_load_firmware(struct iwn_softc *sc) 8249 { 8250 struct iwn_fw_part *fw; 8251 int error; 8252 8253 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8254 8255 /* Load the initialization firmware on first boot only. */ 8256 fw = (sc->sc_flags & IWN_FLAG_CALIB_DONE) ? 8257 &sc->fw.main : &sc->fw.init; 8258 8259 error = iwn5000_load_firmware_section(sc, IWN_FW_TEXT_BASE, 8260 fw->text, fw->textsz); 8261 if (error != 0) { 8262 device_printf(sc->sc_dev, 8263 "%s: could not load firmware %s section, error %d\n", 8264 __func__, ".text", error); 8265 return error; 8266 } 8267 error = iwn5000_load_firmware_section(sc, IWN_FW_DATA_BASE, 8268 fw->data, fw->datasz); 8269 if (error != 0) { 8270 device_printf(sc->sc_dev, 8271 "%s: could not load firmware %s section, error %d\n", 8272 __func__, ".data", error); 8273 return error; 8274 } 8275 8276 /* Now press "execute". */ 8277 IWN_WRITE(sc, IWN_RESET, 0); 8278 return 0; 8279 } 8280 8281 /* 8282 * Extract text and data sections from a legacy firmware image. 8283 */ 8284 static int 8285 iwn_read_firmware_leg(struct iwn_softc *sc, struct iwn_fw_info *fw) 8286 { 8287 const uint32_t *ptr; 8288 size_t hdrlen = 24; 8289 uint32_t rev; 8290 8291 ptr = (const uint32_t *)fw->data; 8292 rev = le32toh(*ptr++); 8293 8294 sc->ucode_rev = rev; 8295 8296 /* Check firmware API version. */ 8297 if (IWN_FW_API(rev) <= 1) { 8298 device_printf(sc->sc_dev, 8299 "%s: bad firmware, need API version >=2\n", __func__); 8300 return EINVAL; 8301 } 8302 if (IWN_FW_API(rev) >= 3) { 8303 /* Skip build number (version 2 header). */ 8304 hdrlen += 4; 8305 ptr++; 8306 } 8307 if (fw->size < hdrlen) { 8308 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8309 __func__, fw->size); 8310 return EINVAL; 8311 } 8312 fw->main.textsz = le32toh(*ptr++); 8313 fw->main.datasz = le32toh(*ptr++); 8314 fw->init.textsz = le32toh(*ptr++); 8315 fw->init.datasz = le32toh(*ptr++); 8316 fw->boot.textsz = le32toh(*ptr++); 8317 8318 /* Check that all firmware sections fit. */ 8319 if (fw->size < hdrlen + fw->main.textsz + fw->main.datasz + 8320 fw->init.textsz + fw->init.datasz + fw->boot.textsz) { 8321 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8322 __func__, fw->size); 8323 return EINVAL; 8324 } 8325 8326 /* Get pointers to firmware sections. */ 8327 fw->main.text = (const uint8_t *)ptr; 8328 fw->main.data = fw->main.text + fw->main.textsz; 8329 fw->init.text = fw->main.data + fw->main.datasz; 8330 fw->init.data = fw->init.text + fw->init.textsz; 8331 fw->boot.text = fw->init.data + fw->init.datasz; 8332 return 0; 8333 } 8334 8335 /* 8336 * Extract text and data sections from a TLV firmware image. 8337 */ 8338 static int 8339 iwn_read_firmware_tlv(struct iwn_softc *sc, struct iwn_fw_info *fw, 8340 uint16_t alt) 8341 { 8342 const struct iwn_fw_tlv_hdr *hdr; 8343 const struct iwn_fw_tlv *tlv; 8344 const uint8_t *ptr, *end; 8345 uint64_t altmask; 8346 uint32_t len, tmp; 8347 8348 if (fw->size < sizeof (*hdr)) { 8349 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8350 __func__, fw->size); 8351 return EINVAL; 8352 } 8353 hdr = (const struct iwn_fw_tlv_hdr *)fw->data; 8354 if (hdr->signature != htole32(IWN_FW_SIGNATURE)) { 8355 device_printf(sc->sc_dev, "%s: bad firmware signature 0x%08x\n", 8356 __func__, le32toh(hdr->signature)); 8357 return EINVAL; 8358 } 8359 DPRINTF(sc, IWN_DEBUG_RESET, "FW: \"%.64s\", build 0x%x\n", hdr->descr, 8360 le32toh(hdr->build)); 8361 sc->ucode_rev = le32toh(hdr->rev); 8362 8363 /* 8364 * Select the closest supported alternative that is less than 8365 * or equal to the specified one. 8366 */ 8367 altmask = le64toh(hdr->altmask); 8368 while (alt > 0 && !(altmask & (1ULL << alt))) 8369 alt--; /* Downgrade. */ 8370 DPRINTF(sc, IWN_DEBUG_RESET, "using alternative %d\n", alt); 8371 8372 ptr = (const uint8_t *)(hdr + 1); 8373 end = (const uint8_t *)(fw->data + fw->size); 8374 8375 /* Parse type-length-value fields. */ 8376 while (ptr + sizeof (*tlv) <= end) { 8377 tlv = (const struct iwn_fw_tlv *)ptr; 8378 len = le32toh(tlv->len); 8379 8380 ptr += sizeof (*tlv); 8381 if (ptr + len > end) { 8382 device_printf(sc->sc_dev, 8383 "%s: firmware too short: %zu bytes\n", __func__, 8384 fw->size); 8385 return EINVAL; 8386 } 8387 /* Skip other alternatives. */ 8388 if (tlv->alt != 0 && tlv->alt != htole16(alt)) 8389 goto next; 8390 8391 switch (le16toh(tlv->type)) { 8392 case IWN_FW_TLV_MAIN_TEXT: 8393 fw->main.text = ptr; 8394 fw->main.textsz = len; 8395 break; 8396 case IWN_FW_TLV_MAIN_DATA: 8397 fw->main.data = ptr; 8398 fw->main.datasz = len; 8399 break; 8400 case IWN_FW_TLV_INIT_TEXT: 8401 fw->init.text = ptr; 8402 fw->init.textsz = len; 8403 break; 8404 case IWN_FW_TLV_INIT_DATA: 8405 fw->init.data = ptr; 8406 fw->init.datasz = len; 8407 break; 8408 case IWN_FW_TLV_BOOT_TEXT: 8409 fw->boot.text = ptr; 8410 fw->boot.textsz = len; 8411 break; 8412 case IWN_FW_TLV_ENH_SENS: 8413 if (!len) 8414 sc->sc_flags |= IWN_FLAG_ENH_SENS; 8415 break; 8416 case IWN_FW_TLV_PHY_CALIB: 8417 tmp = le32toh(*ptr); 8418 if (tmp < 253) { 8419 sc->reset_noise_gain = tmp; 8420 sc->noise_gain = tmp + 1; 8421 } 8422 break; 8423 case IWN_FW_TLV_PAN: 8424 sc->sc_flags |= IWN_FLAG_PAN_SUPPORT; 8425 DPRINTF(sc, IWN_DEBUG_RESET, 8426 "PAN Support found: %d\n", 1); 8427 break; 8428 case IWN_FW_TLV_FLAGS: 8429 if (len < sizeof(uint32_t)) 8430 break; 8431 if (len % sizeof(uint32_t)) 8432 break; 8433 sc->tlv_feature_flags = le32toh(*ptr); 8434 DPRINTF(sc, IWN_DEBUG_RESET, 8435 "%s: feature: 0x%08x\n", 8436 __func__, 8437 sc->tlv_feature_flags); 8438 break; 8439 case IWN_FW_TLV_PBREQ_MAXLEN: 8440 case IWN_FW_TLV_RUNT_EVTLOG_PTR: 8441 case IWN_FW_TLV_RUNT_EVTLOG_SIZE: 8442 case IWN_FW_TLV_RUNT_ERRLOG_PTR: 8443 case IWN_FW_TLV_INIT_EVTLOG_PTR: 8444 case IWN_FW_TLV_INIT_EVTLOG_SIZE: 8445 case IWN_FW_TLV_INIT_ERRLOG_PTR: 8446 case IWN_FW_TLV_WOWLAN_INST: 8447 case IWN_FW_TLV_WOWLAN_DATA: 8448 DPRINTF(sc, IWN_DEBUG_RESET, 8449 "TLV type %d recognized but not handled\n", 8450 le16toh(tlv->type)); 8451 break; 8452 default: 8453 DPRINTF(sc, IWN_DEBUG_RESET, 8454 "TLV type %d not handled\n", le16toh(tlv->type)); 8455 break; 8456 } 8457 next: /* TLV fields are 32-bit aligned. */ 8458 ptr += (len + 3) & ~3; 8459 } 8460 return 0; 8461 } 8462 8463 static int 8464 iwn_read_firmware(struct iwn_softc *sc) 8465 { 8466 struct iwn_fw_info *fw = &sc->fw; 8467 int error; 8468 8469 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8470 8471 IWN_UNLOCK(sc); 8472 8473 memset(fw, 0, sizeof (*fw)); 8474 8475 /* Read firmware image from filesystem. */ 8476 sc->fw_fp = firmware_get(sc->fwname); 8477 if (sc->fw_fp == NULL) { 8478 device_printf(sc->sc_dev, "%s: could not read firmware %s\n", 8479 __func__, sc->fwname); 8480 IWN_LOCK(sc); 8481 return EINVAL; 8482 } 8483 IWN_LOCK(sc); 8484 8485 fw->size = sc->fw_fp->datasize; 8486 fw->data = (const uint8_t *)sc->fw_fp->data; 8487 if (fw->size < sizeof (uint32_t)) { 8488 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8489 __func__, fw->size); 8490 error = EINVAL; 8491 goto fail; 8492 } 8493 8494 /* Retrieve text and data sections. */ 8495 if (*(const uint32_t *)fw->data != 0) /* Legacy image. */ 8496 error = iwn_read_firmware_leg(sc, fw); 8497 else 8498 error = iwn_read_firmware_tlv(sc, fw, 1); 8499 if (error != 0) { 8500 device_printf(sc->sc_dev, 8501 "%s: could not read firmware sections, error %d\n", 8502 __func__, error); 8503 goto fail; 8504 } 8505 8506 device_printf(sc->sc_dev, "%s: ucode rev=0x%08x\n", __func__, sc->ucode_rev); 8507 8508 /* Make sure text and data sections fit in hardware memory. */ 8509 if (fw->main.textsz > sc->fw_text_maxsz || 8510 fw->main.datasz > sc->fw_data_maxsz || 8511 fw->init.textsz > sc->fw_text_maxsz || 8512 fw->init.datasz > sc->fw_data_maxsz || 8513 fw->boot.textsz > IWN_FW_BOOT_TEXT_MAXSZ || 8514 (fw->boot.textsz & 3) != 0) { 8515 device_printf(sc->sc_dev, "%s: firmware sections too large\n", 8516 __func__); 8517 error = EINVAL; 8518 goto fail; 8519 } 8520 8521 /* We can proceed with loading the firmware. */ 8522 return 0; 8523 8524 fail: iwn_unload_firmware(sc); 8525 return error; 8526 } 8527 8528 static void 8529 iwn_unload_firmware(struct iwn_softc *sc) 8530 { 8531 firmware_put(sc->fw_fp, FIRMWARE_UNLOAD); 8532 sc->fw_fp = NULL; 8533 } 8534 8535 static int 8536 iwn_clock_wait(struct iwn_softc *sc) 8537 { 8538 int ntries; 8539 8540 /* Set "initialization complete" bit. */ 8541 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 8542 8543 /* Wait for clock stabilization. */ 8544 for (ntries = 0; ntries < 2500; ntries++) { 8545 if (IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_MAC_CLOCK_READY) 8546 return 0; 8547 DELAY(10); 8548 } 8549 device_printf(sc->sc_dev, 8550 "%s: timeout waiting for clock stabilization\n", __func__); 8551 return ETIMEDOUT; 8552 } 8553 8554 static int 8555 iwn_apm_init(struct iwn_softc *sc) 8556 { 8557 uint32_t reg; 8558 int error; 8559 8560 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8561 8562 /* Disable L0s exit timer (NMI bug workaround). */ 8563 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_DIS_L0S_TIMER); 8564 /* Don't wait for ICH L0s (ICH bug workaround). */ 8565 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_L1A_NO_L0S_RX); 8566 8567 /* Set FH wait threshold to max (HW bug under stress workaround). */ 8568 IWN_SETBITS(sc, IWN_DBG_HPET_MEM, 0xffff0000); 8569 8570 /* Enable HAP INTA to move adapter from L1a to L0s. */ 8571 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_HAP_WAKE_L1A); 8572 8573 /* Retrieve PCIe Active State Power Management (ASPM). */ 8574 reg = pci_read_config(sc->sc_dev, sc->sc_cap_off + PCIER_LINK_CTL, 4); 8575 /* Workaround for HW instability in PCIe L0->L0s->L1 transition. */ 8576 if (reg & PCIEM_LINK_CTL_ASPMC_L1) /* L1 Entry enabled. */ 8577 IWN_SETBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 8578 else 8579 IWN_CLRBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 8580 8581 if (sc->base_params->pll_cfg_val) 8582 IWN_SETBITS(sc, IWN_ANA_PLL, sc->base_params->pll_cfg_val); 8583 8584 /* Wait for clock stabilization before accessing prph. */ 8585 if ((error = iwn_clock_wait(sc)) != 0) 8586 return error; 8587 8588 if ((error = iwn_nic_lock(sc)) != 0) 8589 return error; 8590 if (sc->hw_type == IWN_HW_REV_TYPE_4965) { 8591 /* Enable DMA and BSM (Bootstrap State Machine). */ 8592 iwn_prph_write(sc, IWN_APMG_CLK_EN, 8593 IWN_APMG_CLK_CTRL_DMA_CLK_RQT | 8594 IWN_APMG_CLK_CTRL_BSM_CLK_RQT); 8595 } else { 8596 /* Enable DMA. */ 8597 iwn_prph_write(sc, IWN_APMG_CLK_EN, 8598 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 8599 } 8600 DELAY(20); 8601 /* Disable L1-Active. */ 8602 iwn_prph_setbits(sc, IWN_APMG_PCI_STT, IWN_APMG_PCI_STT_L1A_DIS); 8603 iwn_nic_unlock(sc); 8604 8605 return 0; 8606 } 8607 8608 static void 8609 iwn_apm_stop_master(struct iwn_softc *sc) 8610 { 8611 int ntries; 8612 8613 /* Stop busmaster DMA activity. */ 8614 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_STOP_MASTER); 8615 for (ntries = 0; ntries < 100; ntries++) { 8616 if (IWN_READ(sc, IWN_RESET) & IWN_RESET_MASTER_DISABLED) 8617 return; 8618 DELAY(10); 8619 } 8620 device_printf(sc->sc_dev, "%s: timeout waiting for master\n", __func__); 8621 } 8622 8623 static void 8624 iwn_apm_stop(struct iwn_softc *sc) 8625 { 8626 iwn_apm_stop_master(sc); 8627 8628 /* Reset the entire device. */ 8629 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_SW); 8630 DELAY(10); 8631 /* Clear "initialization complete" bit. */ 8632 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 8633 } 8634 8635 static int 8636 iwn4965_nic_config(struct iwn_softc *sc) 8637 { 8638 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8639 8640 if (IWN_RFCFG_TYPE(sc->rfcfg) == 1) { 8641 /* 8642 * I don't believe this to be correct but this is what the 8643 * vendor driver is doing. Probably the bits should not be 8644 * shifted in IWN_RFCFG_*. 8645 */ 8646 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8647 IWN_RFCFG_TYPE(sc->rfcfg) | 8648 IWN_RFCFG_STEP(sc->rfcfg) | 8649 IWN_RFCFG_DASH(sc->rfcfg)); 8650 } 8651 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8652 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 8653 return 0; 8654 } 8655 8656 static int 8657 iwn5000_nic_config(struct iwn_softc *sc) 8658 { 8659 uint32_t tmp; 8660 int error; 8661 8662 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8663 8664 if (IWN_RFCFG_TYPE(sc->rfcfg) < 3) { 8665 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8666 IWN_RFCFG_TYPE(sc->rfcfg) | 8667 IWN_RFCFG_STEP(sc->rfcfg) | 8668 IWN_RFCFG_DASH(sc->rfcfg)); 8669 } 8670 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8671 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 8672 8673 if ((error = iwn_nic_lock(sc)) != 0) 8674 return error; 8675 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_EARLY_PWROFF_DIS); 8676 8677 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 8678 /* 8679 * Select first Switching Voltage Regulator (1.32V) to 8680 * solve a stability issue related to noisy DC2DC line 8681 * in the silicon of 1000 Series. 8682 */ 8683 tmp = iwn_prph_read(sc, IWN_APMG_DIGITAL_SVR); 8684 tmp &= ~IWN_APMG_DIGITAL_SVR_VOLTAGE_MASK; 8685 tmp |= IWN_APMG_DIGITAL_SVR_VOLTAGE_1_32; 8686 iwn_prph_write(sc, IWN_APMG_DIGITAL_SVR, tmp); 8687 } 8688 iwn_nic_unlock(sc); 8689 8690 if (sc->sc_flags & IWN_FLAG_INTERNAL_PA) { 8691 /* Use internal power amplifier only. */ 8692 IWN_WRITE(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_RADIO_2X2_IPA); 8693 } 8694 if (sc->base_params->additional_nic_config && sc->calib_ver >= 6) { 8695 /* Indicate that ROM calibration version is >=6. */ 8696 IWN_SETBITS(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_CALIB_VER6); 8697 } 8698 if (sc->base_params->additional_gp_drv_bit) 8699 IWN_SETBITS(sc, IWN_GP_DRIVER, 8700 sc->base_params->additional_gp_drv_bit); 8701 return 0; 8702 } 8703 8704 /* 8705 * Take NIC ownership over Intel Active Management Technology (AMT). 8706 */ 8707 static int 8708 iwn_hw_prepare(struct iwn_softc *sc) 8709 { 8710 int ntries; 8711 8712 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8713 8714 /* Check if hardware is ready. */ 8715 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 8716 for (ntries = 0; ntries < 5; ntries++) { 8717 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 8718 IWN_HW_IF_CONFIG_NIC_READY) 8719 return 0; 8720 DELAY(10); 8721 } 8722 8723 /* Hardware not ready, force into ready state. */ 8724 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_PREPARE); 8725 for (ntries = 0; ntries < 15000; ntries++) { 8726 if (!(IWN_READ(sc, IWN_HW_IF_CONFIG) & 8727 IWN_HW_IF_CONFIG_PREPARE_DONE)) 8728 break; 8729 DELAY(10); 8730 } 8731 if (ntries == 15000) 8732 return ETIMEDOUT; 8733 8734 /* Hardware should be ready now. */ 8735 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 8736 for (ntries = 0; ntries < 5; ntries++) { 8737 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 8738 IWN_HW_IF_CONFIG_NIC_READY) 8739 return 0; 8740 DELAY(10); 8741 } 8742 return ETIMEDOUT; 8743 } 8744 8745 static int 8746 iwn_hw_init(struct iwn_softc *sc) 8747 { 8748 struct iwn_ops *ops = &sc->ops; 8749 int error, chnl, qid; 8750 8751 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 8752 8753 /* Clear pending interrupts. */ 8754 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8755 8756 if ((error = iwn_apm_init(sc)) != 0) { 8757 device_printf(sc->sc_dev, 8758 "%s: could not power ON adapter, error %d\n", __func__, 8759 error); 8760 return error; 8761 } 8762 8763 /* Select VMAIN power source. */ 8764 if ((error = iwn_nic_lock(sc)) != 0) 8765 return error; 8766 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_PWR_SRC_MASK); 8767 iwn_nic_unlock(sc); 8768 8769 /* Perform adapter-specific initialization. */ 8770 if ((error = ops->nic_config(sc)) != 0) 8771 return error; 8772 8773 /* Initialize RX ring. */ 8774 if ((error = iwn_nic_lock(sc)) != 0) 8775 return error; 8776 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 8777 IWN_WRITE(sc, IWN_FH_RX_WPTR, 0); 8778 /* Set physical address of RX ring (256-byte aligned). */ 8779 IWN_WRITE(sc, IWN_FH_RX_BASE, sc->rxq.desc_dma.paddr >> 8); 8780 /* Set physical address of RX status (16-byte aligned). */ 8781 IWN_WRITE(sc, IWN_FH_STATUS_WPTR, sc->rxq.stat_dma.paddr >> 4); 8782 /* Enable RX. */ 8783 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 8784 IWN_FH_RX_CONFIG_ENA | 8785 IWN_FH_RX_CONFIG_IGN_RXF_EMPTY | /* HW bug workaround */ 8786 IWN_FH_RX_CONFIG_IRQ_DST_HOST | 8787 IWN_FH_RX_CONFIG_SINGLE_FRAME | 8788 IWN_FH_RX_CONFIG_RB_TIMEOUT(0) | 8789 IWN_FH_RX_CONFIG_NRBD(IWN_RX_RING_COUNT_LOG)); 8790 iwn_nic_unlock(sc); 8791 IWN_WRITE(sc, IWN_FH_RX_WPTR, (IWN_RX_RING_COUNT - 1) & ~7); 8792 8793 if ((error = iwn_nic_lock(sc)) != 0) 8794 return error; 8795 8796 /* Initialize TX scheduler. */ 8797 iwn_prph_write(sc, sc->sched_txfact_addr, 0); 8798 8799 /* Set physical address of "keep warm" page (16-byte aligned). */ 8800 IWN_WRITE(sc, IWN_FH_KW_ADDR, sc->kw_dma.paddr >> 4); 8801 8802 /* Initialize TX rings. */ 8803 for (qid = 0; qid < sc->ntxqs; qid++) { 8804 struct iwn_tx_ring *txq = &sc->txq[qid]; 8805 8806 /* Set physical address of TX ring (256-byte aligned). */ 8807 IWN_WRITE(sc, IWN_FH_CBBC_QUEUE(qid), 8808 txq->desc_dma.paddr >> 8); 8809 } 8810 iwn_nic_unlock(sc); 8811 8812 /* Enable DMA channels. */ 8813 for (chnl = 0; chnl < sc->ndmachnls; chnl++) { 8814 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 8815 IWN_FH_TX_CONFIG_DMA_ENA | 8816 IWN_FH_TX_CONFIG_DMA_CREDIT_ENA); 8817 } 8818 8819 /* Clear "radio off" and "commands blocked" bits. */ 8820 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 8821 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CMD_BLOCKED); 8822 8823 /* Clear pending interrupts. */ 8824 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8825 /* Enable interrupt coalescing. */ 8826 IWN_WRITE(sc, IWN_INT_COALESCING, 512 / 8); 8827 /* Enable interrupts. */ 8828 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 8829 8830 /* _Really_ make sure "radio off" bit is cleared! */ 8831 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 8832 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 8833 8834 /* Enable shadow registers. */ 8835 if (sc->base_params->shadow_reg_enable) 8836 IWN_SETBITS(sc, IWN_SHADOW_REG_CTRL, 0x800fffff); 8837 8838 if ((error = ops->load_firmware(sc)) != 0) { 8839 device_printf(sc->sc_dev, 8840 "%s: could not load firmware, error %d\n", __func__, 8841 error); 8842 return error; 8843 } 8844 /* Wait at most one second for firmware alive notification. */ 8845 if ((error = msleep(sc, &sc->sc_mtx, PCATCH, "iwninit", hz)) != 0) { 8846 device_printf(sc->sc_dev, 8847 "%s: timeout waiting for adapter to initialize, error %d\n", 8848 __func__, error); 8849 return error; 8850 } 8851 /* Do post-firmware initialization. */ 8852 8853 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 8854 8855 return ops->post_alive(sc); 8856 } 8857 8858 static void 8859 iwn_hw_stop(struct iwn_softc *sc) 8860 { 8861 int chnl, qid, ntries; 8862 8863 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8864 8865 IWN_WRITE(sc, IWN_RESET, IWN_RESET_NEVO); 8866 8867 /* Disable interrupts. */ 8868 IWN_WRITE(sc, IWN_INT_MASK, 0); 8869 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8870 IWN_WRITE(sc, IWN_FH_INT, 0xffffffff); 8871 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 8872 8873 /* Make sure we no longer hold the NIC lock. */ 8874 iwn_nic_unlock(sc); 8875 8876 /* Stop TX scheduler. */ 8877 iwn_prph_write(sc, sc->sched_txfact_addr, 0); 8878 8879 /* Stop all DMA channels. */ 8880 if (iwn_nic_lock(sc) == 0) { 8881 for (chnl = 0; chnl < sc->ndmachnls; chnl++) { 8882 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 0); 8883 for (ntries = 0; ntries < 200; ntries++) { 8884 if (IWN_READ(sc, IWN_FH_TX_STATUS) & 8885 IWN_FH_TX_STATUS_IDLE(chnl)) 8886 break; 8887 DELAY(10); 8888 } 8889 } 8890 iwn_nic_unlock(sc); 8891 } 8892 8893 /* Stop RX ring. */ 8894 iwn_reset_rx_ring(sc, &sc->rxq); 8895 8896 /* Reset all TX rings. */ 8897 for (qid = 0; qid < sc->ntxqs; qid++) 8898 iwn_reset_tx_ring(sc, &sc->txq[qid]); 8899 8900 if (iwn_nic_lock(sc) == 0) { 8901 iwn_prph_write(sc, IWN_APMG_CLK_DIS, 8902 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 8903 iwn_nic_unlock(sc); 8904 } 8905 DELAY(5); 8906 /* Power OFF adapter. */ 8907 iwn_apm_stop(sc); 8908 } 8909 8910 static void 8911 iwn_panicked(void *arg0, int pending) 8912 { 8913 struct iwn_softc *sc = arg0; 8914 struct ieee80211com *ic = &sc->sc_ic; 8915 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 8916 #if 0 8917 int error; 8918 #endif 8919 8920 if (vap == NULL) { 8921 printf("%s: null vap\n", __func__); 8922 return; 8923 } 8924 8925 device_printf(sc->sc_dev, "%s: controller panicked, iv_state = %d; " 8926 "restarting\n", __func__, vap->iv_state); 8927 8928 /* 8929 * This is not enough work. We need to also reinitialise 8930 * the correct transmit state for aggregation enabled queues, 8931 * which has a very specific requirement of 8932 * ring index = 802.11 seqno % 256. If we don't do this (which 8933 * we definitely don't!) then the firmware will just panic again. 8934 */ 8935 #if 1 8936 ieee80211_restart_all(ic); 8937 #else 8938 IWN_LOCK(sc); 8939 8940 iwn_stop_locked(sc); 8941 if ((error = iwn_init_locked(sc)) != 0) { 8942 device_printf(sc->sc_dev, 8943 "%s: could not init hardware\n", __func__); 8944 goto unlock; 8945 } 8946 if (vap->iv_state >= IEEE80211_S_AUTH && 8947 (error = iwn_auth(sc, vap)) != 0) { 8948 device_printf(sc->sc_dev, 8949 "%s: could not move to auth state\n", __func__); 8950 } 8951 if (vap->iv_state >= IEEE80211_S_RUN && 8952 (error = iwn_run(sc, vap)) != 0) { 8953 device_printf(sc->sc_dev, 8954 "%s: could not move to run state\n", __func__); 8955 } 8956 8957 unlock: 8958 IWN_UNLOCK(sc); 8959 #endif 8960 } 8961 8962 static int 8963 iwn_init_locked(struct iwn_softc *sc) 8964 { 8965 int error; 8966 8967 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 8968 8969 IWN_LOCK_ASSERT(sc); 8970 8971 if (sc->sc_flags & IWN_FLAG_RUNNING) 8972 goto end; 8973 8974 sc->sc_flags |= IWN_FLAG_RUNNING; 8975 8976 if ((error = iwn_hw_prepare(sc)) != 0) { 8977 device_printf(sc->sc_dev, "%s: hardware not ready, error %d\n", 8978 __func__, error); 8979 goto fail; 8980 } 8981 8982 /* Initialize interrupt mask to default value. */ 8983 sc->int_mask = IWN_INT_MASK_DEF; 8984 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 8985 8986 /* Check that the radio is not disabled by hardware switch. */ 8987 if (!(IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_RFKILL)) { 8988 iwn_stop_locked(sc); 8989 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 8990 8991 return (1); 8992 } 8993 8994 /* Read firmware images from the filesystem. */ 8995 if ((error = iwn_read_firmware(sc)) != 0) { 8996 device_printf(sc->sc_dev, 8997 "%s: could not read firmware, error %d\n", __func__, 8998 error); 8999 goto fail; 9000 } 9001 9002 /* Initialize hardware and upload firmware. */ 9003 error = iwn_hw_init(sc); 9004 iwn_unload_firmware(sc); 9005 if (error != 0) { 9006 device_printf(sc->sc_dev, 9007 "%s: could not initialize hardware, error %d\n", __func__, 9008 error); 9009 goto fail; 9010 } 9011 9012 /* Configure adapter now that it is ready. */ 9013 if ((error = iwn_config(sc)) != 0) { 9014 device_printf(sc->sc_dev, 9015 "%s: could not configure device, error %d\n", __func__, 9016 error); 9017 goto fail; 9018 } 9019 9020 callout_reset(&sc->watchdog_to, hz, iwn_watchdog, sc); 9021 9022 end: 9023 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 9024 9025 return (0); 9026 9027 fail: 9028 iwn_stop_locked(sc); 9029 9030 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end in error\n",__func__); 9031 9032 return (-1); 9033 } 9034 9035 static int 9036 iwn_init(struct iwn_softc *sc) 9037 { 9038 int error; 9039 9040 IWN_LOCK(sc); 9041 error = iwn_init_locked(sc); 9042 IWN_UNLOCK(sc); 9043 9044 return (error); 9045 } 9046 9047 static void 9048 iwn_stop_locked(struct iwn_softc *sc) 9049 { 9050 9051 IWN_LOCK_ASSERT(sc); 9052 9053 if (!(sc->sc_flags & IWN_FLAG_RUNNING)) 9054 return; 9055 9056 sc->sc_is_scanning = 0; 9057 sc->sc_tx_timer = 0; 9058 callout_stop(&sc->watchdog_to); 9059 callout_stop(&sc->scan_timeout); 9060 callout_stop(&sc->calib_to); 9061 sc->sc_flags &= ~IWN_FLAG_RUNNING; 9062 9063 /* Power OFF hardware. */ 9064 iwn_hw_stop(sc); 9065 } 9066 9067 static void 9068 iwn_stop(struct iwn_softc *sc) 9069 { 9070 IWN_LOCK(sc); 9071 iwn_stop_locked(sc); 9072 IWN_UNLOCK(sc); 9073 } 9074 9075 /* 9076 * Callback from net80211 to start a scan. 9077 */ 9078 static void 9079 iwn_scan_start(struct ieee80211com *ic) 9080 { 9081 struct iwn_softc *sc = ic->ic_softc; 9082 9083 IWN_LOCK(sc); 9084 /* make the link LED blink while we're scanning */ 9085 iwn_set_led(sc, IWN_LED_LINK, 20, 2); 9086 IWN_UNLOCK(sc); 9087 } 9088 9089 /* 9090 * Callback from net80211 to terminate a scan. 9091 */ 9092 static void 9093 iwn_scan_end(struct ieee80211com *ic) 9094 { 9095 struct iwn_softc *sc = ic->ic_softc; 9096 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 9097 9098 IWN_LOCK(sc); 9099 if (vap->iv_state == IEEE80211_S_RUN) { 9100 /* Set link LED to ON status if we are associated */ 9101 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 9102 } 9103 IWN_UNLOCK(sc); 9104 } 9105 9106 /* 9107 * Callback from net80211 to force a channel change. 9108 */ 9109 static void 9110 iwn_set_channel(struct ieee80211com *ic) 9111 { 9112 struct iwn_softc *sc = ic->ic_softc; 9113 int error; 9114 9115 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 9116 9117 IWN_LOCK(sc); 9118 /* 9119 * Only need to set the channel in Monitor mode. AP scanning and auth 9120 * are already taken care of by their respective firmware commands. 9121 */ 9122 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 9123 error = iwn_config(sc); 9124 if (error != 0) 9125 device_printf(sc->sc_dev, 9126 "%s: error %d setting channel\n", __func__, error); 9127 } 9128 IWN_UNLOCK(sc); 9129 } 9130 9131 /* 9132 * Callback from net80211 to start scanning of the current channel. 9133 */ 9134 static void 9135 iwn_scan_curchan(struct ieee80211_scan_state *ss, unsigned long maxdwell) 9136 { 9137 struct ieee80211vap *vap = ss->ss_vap; 9138 struct ieee80211com *ic = vap->iv_ic; 9139 struct iwn_softc *sc = ic->ic_softc; 9140 int error; 9141 9142 IWN_LOCK(sc); 9143 error = iwn_scan(sc, vap, ss, ic->ic_curchan); 9144 IWN_UNLOCK(sc); 9145 if (error != 0) 9146 ieee80211_cancel_scan(vap); 9147 } 9148 9149 /* 9150 * Callback from net80211 to handle the minimum dwell time being met. 9151 * The intent is to terminate the scan but we just let the firmware 9152 * notify us when it's finished as we have no safe way to abort it. 9153 */ 9154 static void 9155 iwn_scan_mindwell(struct ieee80211_scan_state *ss) 9156 { 9157 /* NB: don't try to abort scan; wait for firmware to finish */ 9158 } 9159 #ifdef IWN_DEBUG 9160 #define IWN_DESC(x) case x: return #x 9161 9162 /* 9163 * Translate CSR code to string 9164 */ 9165 static char *iwn_get_csr_string(int csr) 9166 { 9167 switch (csr) { 9168 IWN_DESC(IWN_HW_IF_CONFIG); 9169 IWN_DESC(IWN_INT_COALESCING); 9170 IWN_DESC(IWN_INT); 9171 IWN_DESC(IWN_INT_MASK); 9172 IWN_DESC(IWN_FH_INT); 9173 IWN_DESC(IWN_GPIO_IN); 9174 IWN_DESC(IWN_RESET); 9175 IWN_DESC(IWN_GP_CNTRL); 9176 IWN_DESC(IWN_HW_REV); 9177 IWN_DESC(IWN_EEPROM); 9178 IWN_DESC(IWN_EEPROM_GP); 9179 IWN_DESC(IWN_OTP_GP); 9180 IWN_DESC(IWN_GIO); 9181 IWN_DESC(IWN_GP_UCODE); 9182 IWN_DESC(IWN_GP_DRIVER); 9183 IWN_DESC(IWN_UCODE_GP1); 9184 IWN_DESC(IWN_UCODE_GP2); 9185 IWN_DESC(IWN_LED); 9186 IWN_DESC(IWN_DRAM_INT_TBL); 9187 IWN_DESC(IWN_GIO_CHICKEN); 9188 IWN_DESC(IWN_ANA_PLL); 9189 IWN_DESC(IWN_HW_REV_WA); 9190 IWN_DESC(IWN_DBG_HPET_MEM); 9191 default: 9192 return "UNKNOWN CSR"; 9193 } 9194 } 9195 9196 /* 9197 * This function print firmware register 9198 */ 9199 static void 9200 iwn_debug_register(struct iwn_softc *sc) 9201 { 9202 int i; 9203 static const uint32_t csr_tbl[] = { 9204 IWN_HW_IF_CONFIG, 9205 IWN_INT_COALESCING, 9206 IWN_INT, 9207 IWN_INT_MASK, 9208 IWN_FH_INT, 9209 IWN_GPIO_IN, 9210 IWN_RESET, 9211 IWN_GP_CNTRL, 9212 IWN_HW_REV, 9213 IWN_EEPROM, 9214 IWN_EEPROM_GP, 9215 IWN_OTP_GP, 9216 IWN_GIO, 9217 IWN_GP_UCODE, 9218 IWN_GP_DRIVER, 9219 IWN_UCODE_GP1, 9220 IWN_UCODE_GP2, 9221 IWN_LED, 9222 IWN_DRAM_INT_TBL, 9223 IWN_GIO_CHICKEN, 9224 IWN_ANA_PLL, 9225 IWN_HW_REV_WA, 9226 IWN_DBG_HPET_MEM, 9227 }; 9228 DPRINTF(sc, IWN_DEBUG_REGISTER, 9229 "CSR values: (2nd byte of IWN_INT_COALESCING is IWN_INT_PERIODIC)%s", 9230 "\n"); 9231 for (i = 0; i < nitems(csr_tbl); i++){ 9232 DPRINTF(sc, IWN_DEBUG_REGISTER," %10s: 0x%08x ", 9233 iwn_get_csr_string(csr_tbl[i]), IWN_READ(sc, csr_tbl[i])); 9234 if ((i+1) % 3 == 0) 9235 DPRINTF(sc, IWN_DEBUG_REGISTER,"%s","\n"); 9236 } 9237 DPRINTF(sc, IWN_DEBUG_REGISTER,"%s","\n"); 9238 } 9239 #endif 9240 9241
Cache object: 648b63969bdf226757c6596d3fa9b08d
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]