Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/dev/iwn/if_iwn.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * Copyright (c) 2007-2009 Damien Bergamini <damien.bergamini@free.fr> 3 * Copyright (c) 2008 Benjamin Close <benjsc@FreeBSD.org> 4 * Copyright (c) 2008 Sam Leffler, Errno Consulting 5 * Copyright (c) 2011 Intel Corporation 6 * Copyright (c) 2013 Cedric GROSS <c.gross@kreiz-it.fr> 7 * Copyright (c) 2013 Adrian Chadd <adrian@FreeBSD.org> 8 * 9 * Permission to use, copy, modify, and distribute this software for any 10 * purpose with or without fee is hereby granted, provided that the above 11 * copyright notice and this permission notice appear in all copies. 12 * 13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20 */ 21 22 /* 23 * Driver for Intel WiFi Link 4965 and 1000/5000/6000 Series 802.11 network 24 * adapters. 25 */ 26 27 #include <sys/cdefs.h> 28 __FBSDID("$FreeBSD$"); 29 30 #include "opt_wlan.h" 31 #include "opt_iwn.h" 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/sysctl.h> 36 #include <sys/mbuf.h> 37 #include <sys/kernel.h> 38 #include <sys/socket.h> 39 #include <sys/systm.h> 40 #include <sys/malloc.h> 41 #include <sys/bus.h> 42 #include <sys/conf.h> 43 #include <sys/rman.h> 44 #include <sys/endian.h> 45 #include <sys/firmware.h> 46 #include <sys/limits.h> 47 #include <sys/module.h> 48 #include <sys/priv.h> 49 #include <sys/queue.h> 50 #include <sys/taskqueue.h> 51 52 #include <machine/bus.h> 53 #include <machine/resource.h> 54 #include <machine/clock.h> 55 56 #include <dev/pci/pcireg.h> 57 #include <dev/pci/pcivar.h> 58 59 #include <net/if.h> 60 #include <net/if_var.h> 61 #include <net/if_dl.h> 62 #include <net/if_media.h> 63 64 #include <netinet/in.h> 65 #include <netinet/if_ether.h> 66 67 #include <net80211/ieee80211_var.h> 68 #include <net80211/ieee80211_radiotap.h> 69 #include <net80211/ieee80211_regdomain.h> 70 #include <net80211/ieee80211_ratectl.h> 71 72 #include <dev/iwn/if_iwnreg.h> 73 #include <dev/iwn/if_iwnvar.h> 74 #include <dev/iwn/if_iwn_devid.h> 75 #include <dev/iwn/if_iwn_chip_cfg.h> 76 #include <dev/iwn/if_iwn_debug.h> 77 #include <dev/iwn/if_iwn_ioctl.h> 78 79 struct iwn_ident { 80 uint16_t vendor; 81 uint16_t device; 82 const char *name; 83 }; 84 85 static const struct iwn_ident iwn_ident_table[] = { 86 { 0x8086, IWN_DID_6x05_1, "Intel Centrino Advanced-N 6205" }, 87 { 0x8086, IWN_DID_1000_1, "Intel Centrino Wireless-N 1000" }, 88 { 0x8086, IWN_DID_1000_2, "Intel Centrino Wireless-N 1000" }, 89 { 0x8086, IWN_DID_6x05_2, "Intel Centrino Advanced-N 6205" }, 90 { 0x8086, IWN_DID_6050_1, "Intel Centrino Advanced-N + WiMAX 6250" }, 91 { 0x8086, IWN_DID_6050_2, "Intel Centrino Advanced-N + WiMAX 6250" }, 92 { 0x8086, IWN_DID_x030_1, "Intel Centrino Wireless-N 1030" }, 93 { 0x8086, IWN_DID_x030_2, "Intel Centrino Wireless-N 1030" }, 94 { 0x8086, IWN_DID_x030_3, "Intel Centrino Advanced-N 6230" }, 95 { 0x8086, IWN_DID_x030_4, "Intel Centrino Advanced-N 6230" }, 96 { 0x8086, IWN_DID_6150_1, "Intel Centrino Wireless-N + WiMAX 6150" }, 97 { 0x8086, IWN_DID_6150_2, "Intel Centrino Wireless-N + WiMAX 6150" }, 98 { 0x8086, IWN_DID_2x00_1, "Intel(R) Centrino(R) Wireless-N 2200 BGN" }, 99 { 0x8086, IWN_DID_2x00_2, "Intel(R) Centrino(R) Wireless-N 2200 BGN" }, 100 /* XXX 2200D is IWN_SDID_2x00_4; there's no way to express this here! */ 101 { 0x8086, IWN_DID_2x30_1, "Intel Centrino Wireless-N 2230" }, 102 { 0x8086, IWN_DID_2x30_2, "Intel Centrino Wireless-N 2230" }, 103 { 0x8086, IWN_DID_130_1, "Intel Centrino Wireless-N 130" }, 104 { 0x8086, IWN_DID_130_2, "Intel Centrino Wireless-N 130" }, 105 { 0x8086, IWN_DID_100_1, "Intel Centrino Wireless-N 100" }, 106 { 0x8086, IWN_DID_100_2, "Intel Centrino Wireless-N 100" }, 107 { 0x8086, IWN_DID_105_1, "Intel Centrino Wireless-N 105" }, 108 { 0x8086, IWN_DID_105_2, "Intel Centrino Wireless-N 105" }, 109 { 0x8086, IWN_DID_135_1, "Intel Centrino Wireless-N 135" }, 110 { 0x8086, IWN_DID_135_2, "Intel Centrino Wireless-N 135" }, 111 { 0x8086, IWN_DID_4965_1, "Intel Wireless WiFi Link 4965" }, 112 { 0x8086, IWN_DID_6x00_1, "Intel Centrino Ultimate-N 6300" }, 113 { 0x8086, IWN_DID_6x00_2, "Intel Centrino Advanced-N 6200" }, 114 { 0x8086, IWN_DID_4965_2, "Intel Wireless WiFi Link 4965" }, 115 { 0x8086, IWN_DID_4965_3, "Intel Wireless WiFi Link 4965" }, 116 { 0x8086, IWN_DID_5x00_1, "Intel WiFi Link 5100" }, 117 { 0x8086, IWN_DID_4965_4, "Intel Wireless WiFi Link 4965" }, 118 { 0x8086, IWN_DID_5x00_3, "Intel Ultimate N WiFi Link 5300" }, 119 { 0x8086, IWN_DID_5x00_4, "Intel Ultimate N WiFi Link 5300" }, 120 { 0x8086, IWN_DID_5x00_2, "Intel WiFi Link 5100" }, 121 { 0x8086, IWN_DID_6x00_3, "Intel Centrino Ultimate-N 6300" }, 122 { 0x8086, IWN_DID_6x00_4, "Intel Centrino Advanced-N 6200" }, 123 { 0x8086, IWN_DID_5x50_1, "Intel WiMAX/WiFi Link 5350" }, 124 { 0x8086, IWN_DID_5x50_2, "Intel WiMAX/WiFi Link 5350" }, 125 { 0x8086, IWN_DID_5x50_3, "Intel WiMAX/WiFi Link 5150" }, 126 { 0x8086, IWN_DID_5x50_4, "Intel WiMAX/WiFi Link 5150" }, 127 { 0x8086, IWN_DID_6035_1, "Intel Centrino Advanced 6235" }, 128 { 0x8086, IWN_DID_6035_2, "Intel Centrino Advanced 6235" }, 129 { 0, 0, NULL } 130 }; 131 132 static int iwn_probe(device_t); 133 static int iwn_attach(device_t); 134 static void iwn4965_attach(struct iwn_softc *, uint16_t); 135 static void iwn5000_attach(struct iwn_softc *, uint16_t); 136 static int iwn_config_specific(struct iwn_softc *, uint16_t); 137 static void iwn_radiotap_attach(struct iwn_softc *); 138 static void iwn_sysctlattach(struct iwn_softc *); 139 static struct ieee80211vap *iwn_vap_create(struct ieee80211com *, 140 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 141 const uint8_t [IEEE80211_ADDR_LEN], 142 const uint8_t [IEEE80211_ADDR_LEN]); 143 static void iwn_vap_delete(struct ieee80211vap *); 144 static int iwn_detach(device_t); 145 static int iwn_shutdown(device_t); 146 static int iwn_suspend(device_t); 147 static int iwn_resume(device_t); 148 static int iwn_nic_lock(struct iwn_softc *); 149 static int iwn_eeprom_lock(struct iwn_softc *); 150 static int iwn_init_otprom(struct iwn_softc *); 151 static int iwn_read_prom_data(struct iwn_softc *, uint32_t, void *, int); 152 static void iwn_dma_map_addr(void *, bus_dma_segment_t *, int, int); 153 static int iwn_dma_contig_alloc(struct iwn_softc *, struct iwn_dma_info *, 154 void **, bus_size_t, bus_size_t); 155 static void iwn_dma_contig_free(struct iwn_dma_info *); 156 static int iwn_alloc_sched(struct iwn_softc *); 157 static void iwn_free_sched(struct iwn_softc *); 158 static int iwn_alloc_kw(struct iwn_softc *); 159 static void iwn_free_kw(struct iwn_softc *); 160 static int iwn_alloc_ict(struct iwn_softc *); 161 static void iwn_free_ict(struct iwn_softc *); 162 static int iwn_alloc_fwmem(struct iwn_softc *); 163 static void iwn_free_fwmem(struct iwn_softc *); 164 static int iwn_alloc_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 165 static void iwn_reset_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 166 static void iwn_free_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 167 static int iwn_alloc_tx_ring(struct iwn_softc *, struct iwn_tx_ring *, 168 int); 169 static void iwn_reset_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 170 static void iwn_free_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 171 static void iwn5000_ict_reset(struct iwn_softc *); 172 static int iwn_read_eeprom(struct iwn_softc *, 173 uint8_t macaddr[IEEE80211_ADDR_LEN]); 174 static void iwn4965_read_eeprom(struct iwn_softc *); 175 #ifdef IWN_DEBUG 176 static void iwn4965_print_power_group(struct iwn_softc *, int); 177 #endif 178 static void iwn5000_read_eeprom(struct iwn_softc *); 179 static uint32_t iwn_eeprom_channel_flags(struct iwn_eeprom_chan *); 180 static void iwn_read_eeprom_band(struct iwn_softc *, int, int, int *, 181 struct ieee80211_channel[]); 182 static void iwn_read_eeprom_ht40(struct iwn_softc *, int, int, int *, 183 struct ieee80211_channel[]); 184 static void iwn_read_eeprom_channels(struct iwn_softc *, int, uint32_t); 185 static struct iwn_eeprom_chan *iwn_find_eeprom_channel(struct iwn_softc *, 186 struct ieee80211_channel *); 187 static void iwn_getradiocaps(struct ieee80211com *, int, int *, 188 struct ieee80211_channel[]); 189 static int iwn_setregdomain(struct ieee80211com *, 190 struct ieee80211_regdomain *, int, 191 struct ieee80211_channel[]); 192 static void iwn_read_eeprom_enhinfo(struct iwn_softc *); 193 static struct ieee80211_node *iwn_node_alloc(struct ieee80211vap *, 194 const uint8_t mac[IEEE80211_ADDR_LEN]); 195 static void iwn_newassoc(struct ieee80211_node *, int); 196 static int iwn_media_change(struct ifnet *); 197 static int iwn_newstate(struct ieee80211vap *, enum ieee80211_state, int); 198 static void iwn_calib_timeout(void *); 199 static void iwn_rx_phy(struct iwn_softc *, struct iwn_rx_desc *, 200 struct iwn_rx_data *); 201 static void iwn_rx_done(struct iwn_softc *, struct iwn_rx_desc *, 202 struct iwn_rx_data *); 203 static void iwn_rx_compressed_ba(struct iwn_softc *, struct iwn_rx_desc *, 204 struct iwn_rx_data *); 205 static void iwn5000_rx_calib_results(struct iwn_softc *, 206 struct iwn_rx_desc *, struct iwn_rx_data *); 207 static void iwn_rx_statistics(struct iwn_softc *, struct iwn_rx_desc *, 208 struct iwn_rx_data *); 209 static void iwn4965_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 210 struct iwn_rx_data *); 211 static void iwn5000_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 212 struct iwn_rx_data *); 213 static void iwn_tx_done(struct iwn_softc *, struct iwn_rx_desc *, int, 214 uint8_t); 215 static void iwn_ampdu_tx_done(struct iwn_softc *, int, int, int, int, void *); 216 static void iwn_cmd_done(struct iwn_softc *, struct iwn_rx_desc *); 217 static void iwn_notif_intr(struct iwn_softc *); 218 static void iwn_wakeup_intr(struct iwn_softc *); 219 static void iwn_rftoggle_intr(struct iwn_softc *); 220 static void iwn_fatal_intr(struct iwn_softc *); 221 static void iwn_intr(void *); 222 static void iwn4965_update_sched(struct iwn_softc *, int, int, uint8_t, 223 uint16_t); 224 static void iwn5000_update_sched(struct iwn_softc *, int, int, uint8_t, 225 uint16_t); 226 #ifdef notyet 227 static void iwn5000_reset_sched(struct iwn_softc *, int, int); 228 #endif 229 static int iwn_tx_data(struct iwn_softc *, struct mbuf *, 230 struct ieee80211_node *); 231 static int iwn_tx_data_raw(struct iwn_softc *, struct mbuf *, 232 struct ieee80211_node *, 233 const struct ieee80211_bpf_params *params); 234 static void iwn_xmit_task(void *arg0, int pending); 235 static int iwn_raw_xmit(struct ieee80211_node *, struct mbuf *, 236 const struct ieee80211_bpf_params *); 237 static int iwn_transmit(struct ieee80211com *, struct mbuf *); 238 static void iwn_scan_timeout(void *); 239 static void iwn_watchdog(void *); 240 static int iwn_ioctl(struct ieee80211com *, u_long , void *); 241 static void iwn_parent(struct ieee80211com *); 242 static int iwn_cmd(struct iwn_softc *, int, const void *, int, int); 243 static int iwn4965_add_node(struct iwn_softc *, struct iwn_node_info *, 244 int); 245 static int iwn5000_add_node(struct iwn_softc *, struct iwn_node_info *, 246 int); 247 static int iwn_set_link_quality(struct iwn_softc *, 248 struct ieee80211_node *); 249 static int iwn_add_broadcast_node(struct iwn_softc *, int); 250 static int iwn_updateedca(struct ieee80211com *); 251 static void iwn_update_mcast(struct ieee80211com *); 252 static void iwn_set_led(struct iwn_softc *, uint8_t, uint8_t, uint8_t); 253 static int iwn_set_critical_temp(struct iwn_softc *); 254 static int iwn_set_timing(struct iwn_softc *, struct ieee80211_node *); 255 static void iwn4965_power_calibration(struct iwn_softc *, int); 256 static int iwn4965_set_txpower(struct iwn_softc *, 257 struct ieee80211_channel *, int); 258 static int iwn5000_set_txpower(struct iwn_softc *, 259 struct ieee80211_channel *, int); 260 static int iwn4965_get_rssi(struct iwn_softc *, struct iwn_rx_stat *); 261 static int iwn5000_get_rssi(struct iwn_softc *, struct iwn_rx_stat *); 262 static int iwn_get_noise(const struct iwn_rx_general_stats *); 263 static int iwn4965_get_temperature(struct iwn_softc *); 264 static int iwn5000_get_temperature(struct iwn_softc *); 265 static int iwn_init_sensitivity(struct iwn_softc *); 266 static void iwn_collect_noise(struct iwn_softc *, 267 const struct iwn_rx_general_stats *); 268 static int iwn4965_init_gains(struct iwn_softc *); 269 static int iwn5000_init_gains(struct iwn_softc *); 270 static int iwn4965_set_gains(struct iwn_softc *); 271 static int iwn5000_set_gains(struct iwn_softc *); 272 static void iwn_tune_sensitivity(struct iwn_softc *, 273 const struct iwn_rx_stats *); 274 static void iwn_save_stats_counters(struct iwn_softc *, 275 const struct iwn_stats *); 276 static int iwn_send_sensitivity(struct iwn_softc *); 277 static void iwn_check_rx_recovery(struct iwn_softc *, struct iwn_stats *); 278 static int iwn_set_pslevel(struct iwn_softc *, int, int, int); 279 static int iwn_send_btcoex(struct iwn_softc *); 280 static int iwn_send_advanced_btcoex(struct iwn_softc *); 281 static int iwn5000_runtime_calib(struct iwn_softc *); 282 static int iwn_config(struct iwn_softc *); 283 static int iwn_scan(struct iwn_softc *, struct ieee80211vap *, 284 struct ieee80211_scan_state *, struct ieee80211_channel *); 285 static int iwn_auth(struct iwn_softc *, struct ieee80211vap *vap); 286 static int iwn_run(struct iwn_softc *, struct ieee80211vap *vap); 287 static int iwn_ampdu_rx_start(struct ieee80211_node *, 288 struct ieee80211_rx_ampdu *, int, int, int); 289 static void iwn_ampdu_rx_stop(struct ieee80211_node *, 290 struct ieee80211_rx_ampdu *); 291 static int iwn_addba_request(struct ieee80211_node *, 292 struct ieee80211_tx_ampdu *, int, int, int); 293 static int iwn_addba_response(struct ieee80211_node *, 294 struct ieee80211_tx_ampdu *, int, int, int); 295 static int iwn_ampdu_tx_start(struct ieee80211com *, 296 struct ieee80211_node *, uint8_t); 297 static void iwn_ampdu_tx_stop(struct ieee80211_node *, 298 struct ieee80211_tx_ampdu *); 299 static void iwn4965_ampdu_tx_start(struct iwn_softc *, 300 struct ieee80211_node *, int, uint8_t, uint16_t); 301 static void iwn4965_ampdu_tx_stop(struct iwn_softc *, int, 302 uint8_t, uint16_t); 303 static void iwn5000_ampdu_tx_start(struct iwn_softc *, 304 struct ieee80211_node *, int, uint8_t, uint16_t); 305 static void iwn5000_ampdu_tx_stop(struct iwn_softc *, int, 306 uint8_t, uint16_t); 307 static int iwn5000_query_calibration(struct iwn_softc *); 308 static int iwn5000_send_calibration(struct iwn_softc *); 309 static int iwn5000_send_wimax_coex(struct iwn_softc *); 310 static int iwn5000_crystal_calib(struct iwn_softc *); 311 static int iwn5000_temp_offset_calib(struct iwn_softc *); 312 static int iwn5000_temp_offset_calibv2(struct iwn_softc *); 313 static int iwn4965_post_alive(struct iwn_softc *); 314 static int iwn5000_post_alive(struct iwn_softc *); 315 static int iwn4965_load_bootcode(struct iwn_softc *, const uint8_t *, 316 int); 317 static int iwn4965_load_firmware(struct iwn_softc *); 318 static int iwn5000_load_firmware_section(struct iwn_softc *, uint32_t, 319 const uint8_t *, int); 320 static int iwn5000_load_firmware(struct iwn_softc *); 321 static int iwn_read_firmware_leg(struct iwn_softc *, 322 struct iwn_fw_info *); 323 static int iwn_read_firmware_tlv(struct iwn_softc *, 324 struct iwn_fw_info *, uint16_t); 325 static int iwn_read_firmware(struct iwn_softc *); 326 static void iwn_unload_firmware(struct iwn_softc *); 327 static int iwn_clock_wait(struct iwn_softc *); 328 static int iwn_apm_init(struct iwn_softc *); 329 static void iwn_apm_stop_master(struct iwn_softc *); 330 static void iwn_apm_stop(struct iwn_softc *); 331 static int iwn4965_nic_config(struct iwn_softc *); 332 static int iwn5000_nic_config(struct iwn_softc *); 333 static int iwn_hw_prepare(struct iwn_softc *); 334 static int iwn_hw_init(struct iwn_softc *); 335 static void iwn_hw_stop(struct iwn_softc *); 336 static void iwn_radio_on(void *, int); 337 static void iwn_radio_off(void *, int); 338 static void iwn_panicked(void *, int); 339 static void iwn_init_locked(struct iwn_softc *); 340 static void iwn_init(struct iwn_softc *); 341 static void iwn_stop_locked(struct iwn_softc *); 342 static void iwn_stop(struct iwn_softc *); 343 static void iwn_scan_start(struct ieee80211com *); 344 static void iwn_scan_end(struct ieee80211com *); 345 static void iwn_set_channel(struct ieee80211com *); 346 static void iwn_scan_curchan(struct ieee80211_scan_state *, unsigned long); 347 static void iwn_scan_mindwell(struct ieee80211_scan_state *); 348 #ifdef IWN_DEBUG 349 static char *iwn_get_csr_string(int); 350 static void iwn_debug_register(struct iwn_softc *); 351 #endif 352 353 static device_method_t iwn_methods[] = { 354 /* Device interface */ 355 DEVMETHOD(device_probe, iwn_probe), 356 DEVMETHOD(device_attach, iwn_attach), 357 DEVMETHOD(device_detach, iwn_detach), 358 DEVMETHOD(device_shutdown, iwn_shutdown), 359 DEVMETHOD(device_suspend, iwn_suspend), 360 DEVMETHOD(device_resume, iwn_resume), 361 362 DEVMETHOD_END 363 }; 364 365 static driver_t iwn_driver = { 366 "iwn", 367 iwn_methods, 368 sizeof(struct iwn_softc) 369 }; 370 static devclass_t iwn_devclass; 371 372 DRIVER_MODULE(iwn, pci, iwn_driver, iwn_devclass, NULL, NULL); 373 374 MODULE_VERSION(iwn, 1); 375 376 MODULE_DEPEND(iwn, firmware, 1, 1, 1); 377 MODULE_DEPEND(iwn, pci, 1, 1, 1); 378 MODULE_DEPEND(iwn, wlan, 1, 1, 1); 379 380 static d_ioctl_t iwn_cdev_ioctl; 381 static d_open_t iwn_cdev_open; 382 static d_close_t iwn_cdev_close; 383 384 static struct cdevsw iwn_cdevsw = { 385 .d_version = D_VERSION, 386 .d_flags = 0, 387 .d_open = iwn_cdev_open, 388 .d_close = iwn_cdev_close, 389 .d_ioctl = iwn_cdev_ioctl, 390 .d_name = "iwn", 391 }; 392 393 static int 394 iwn_probe(device_t dev) 395 { 396 const struct iwn_ident *ident; 397 398 for (ident = iwn_ident_table; ident->name != NULL; ident++) { 399 if (pci_get_vendor(dev) == ident->vendor && 400 pci_get_device(dev) == ident->device) { 401 device_set_desc(dev, ident->name); 402 return (BUS_PROBE_DEFAULT); 403 } 404 } 405 return ENXIO; 406 } 407 408 static int 409 iwn_is_3stream_device(struct iwn_softc *sc) 410 { 411 /* XXX for now only 5300, until the 5350 can be tested */ 412 if (sc->hw_type == IWN_HW_REV_TYPE_5300) 413 return (1); 414 return (0); 415 } 416 417 static int 418 iwn_attach(device_t dev) 419 { 420 struct iwn_softc *sc = device_get_softc(dev); 421 struct ieee80211com *ic; 422 int i, error, rid; 423 424 sc->sc_dev = dev; 425 426 #ifdef IWN_DEBUG 427 error = resource_int_value(device_get_name(sc->sc_dev), 428 device_get_unit(sc->sc_dev), "debug", &(sc->sc_debug)); 429 if (error != 0) 430 sc->sc_debug = 0; 431 #else 432 sc->sc_debug = 0; 433 #endif 434 435 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: begin\n",__func__); 436 437 /* 438 * Get the offset of the PCI Express Capability Structure in PCI 439 * Configuration Space. 440 */ 441 error = pci_find_cap(dev, PCIY_EXPRESS, &sc->sc_cap_off); 442 if (error != 0) { 443 device_printf(dev, "PCIe capability structure not found!\n"); 444 return error; 445 } 446 447 /* Clear device-specific "PCI retry timeout" register (41h). */ 448 pci_write_config(dev, 0x41, 0, 1); 449 450 /* Enable bus-mastering. */ 451 pci_enable_busmaster(dev); 452 453 rid = PCIR_BAR(0); 454 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &rid, 455 RF_ACTIVE); 456 if (sc->mem == NULL) { 457 device_printf(dev, "can't map mem space\n"); 458 error = ENOMEM; 459 return error; 460 } 461 sc->sc_st = rman_get_bustag(sc->mem); 462 sc->sc_sh = rman_get_bushandle(sc->mem); 463 464 i = 1; 465 rid = 0; 466 if (pci_alloc_msi(dev, &i) == 0) 467 rid = 1; 468 /* Install interrupt handler. */ 469 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid, RF_ACTIVE | 470 (rid != 0 ? 0 : RF_SHAREABLE)); 471 if (sc->irq == NULL) { 472 device_printf(dev, "can't map interrupt\n"); 473 error = ENOMEM; 474 goto fail; 475 } 476 477 IWN_LOCK_INIT(sc); 478 479 /* Read hardware revision and attach. */ 480 sc->hw_type = (IWN_READ(sc, IWN_HW_REV) >> IWN_HW_REV_TYPE_SHIFT) 481 & IWN_HW_REV_TYPE_MASK; 482 sc->subdevice_id = pci_get_subdevice(dev); 483 484 /* 485 * 4965 versus 5000 and later have different methods. 486 * Let's set those up first. 487 */ 488 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 489 iwn4965_attach(sc, pci_get_device(dev)); 490 else 491 iwn5000_attach(sc, pci_get_device(dev)); 492 493 /* 494 * Next, let's setup the various parameters of each NIC. 495 */ 496 error = iwn_config_specific(sc, pci_get_device(dev)); 497 if (error != 0) { 498 device_printf(dev, "could not attach device, error %d\n", 499 error); 500 goto fail; 501 } 502 503 if ((error = iwn_hw_prepare(sc)) != 0) { 504 device_printf(dev, "hardware not ready, error %d\n", error); 505 goto fail; 506 } 507 508 /* Allocate DMA memory for firmware transfers. */ 509 if ((error = iwn_alloc_fwmem(sc)) != 0) { 510 device_printf(dev, 511 "could not allocate memory for firmware, error %d\n", 512 error); 513 goto fail; 514 } 515 516 /* Allocate "Keep Warm" page. */ 517 if ((error = iwn_alloc_kw(sc)) != 0) { 518 device_printf(dev, 519 "could not allocate keep warm page, error %d\n", error); 520 goto fail; 521 } 522 523 /* Allocate ICT table for 5000 Series. */ 524 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 525 (error = iwn_alloc_ict(sc)) != 0) { 526 device_printf(dev, "could not allocate ICT table, error %d\n", 527 error); 528 goto fail; 529 } 530 531 /* Allocate TX scheduler "rings". */ 532 if ((error = iwn_alloc_sched(sc)) != 0) { 533 device_printf(dev, 534 "could not allocate TX scheduler rings, error %d\n", error); 535 goto fail; 536 } 537 538 /* Allocate TX rings (16 on 4965AGN, 20 on >=5000). */ 539 for (i = 0; i < sc->ntxqs; i++) { 540 if ((error = iwn_alloc_tx_ring(sc, &sc->txq[i], i)) != 0) { 541 device_printf(dev, 542 "could not allocate TX ring %d, error %d\n", i, 543 error); 544 goto fail; 545 } 546 } 547 548 /* Allocate RX ring. */ 549 if ((error = iwn_alloc_rx_ring(sc, &sc->rxq)) != 0) { 550 device_printf(dev, "could not allocate RX ring, error %d\n", 551 error); 552 goto fail; 553 } 554 555 /* Clear pending interrupts. */ 556 IWN_WRITE(sc, IWN_INT, 0xffffffff); 557 558 ic = &sc->sc_ic; 559 ic->ic_softc = sc; 560 ic->ic_name = device_get_nameunit(dev); 561 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 562 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 563 564 /* Set device capabilities. */ 565 ic->ic_caps = 566 IEEE80211_C_STA /* station mode supported */ 567 | IEEE80211_C_MONITOR /* monitor mode supported */ 568 #if 0 569 | IEEE80211_C_BGSCAN /* background scanning */ 570 #endif 571 | IEEE80211_C_TXPMGT /* tx power management */ 572 | IEEE80211_C_SHSLOT /* short slot time supported */ 573 | IEEE80211_C_WPA 574 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 575 #if 0 576 | IEEE80211_C_IBSS /* ibss/adhoc mode */ 577 #endif 578 | IEEE80211_C_WME /* WME */ 579 | IEEE80211_C_PMGT /* Station-side power mgmt */ 580 ; 581 582 /* Read MAC address, channels, etc from EEPROM. */ 583 if ((error = iwn_read_eeprom(sc, ic->ic_macaddr)) != 0) { 584 device_printf(dev, "could not read EEPROM, error %d\n", 585 error); 586 goto fail; 587 } 588 589 /* Count the number of available chains. */ 590 sc->ntxchains = 591 ((sc->txchainmask >> 2) & 1) + 592 ((sc->txchainmask >> 1) & 1) + 593 ((sc->txchainmask >> 0) & 1); 594 sc->nrxchains = 595 ((sc->rxchainmask >> 2) & 1) + 596 ((sc->rxchainmask >> 1) & 1) + 597 ((sc->rxchainmask >> 0) & 1); 598 if (bootverbose) { 599 device_printf(dev, "MIMO %dT%dR, %.4s, address %6D\n", 600 sc->ntxchains, sc->nrxchains, sc->eeprom_domain, 601 ic->ic_macaddr, ":"); 602 } 603 604 if (sc->sc_flags & IWN_FLAG_HAS_11N) { 605 ic->ic_rxstream = sc->nrxchains; 606 ic->ic_txstream = sc->ntxchains; 607 608 /* 609 * Some of the 3 antenna devices (ie, the 4965) only supports 610 * 2x2 operation. So correct the number of streams if 611 * it's not a 3-stream device. 612 */ 613 if (! iwn_is_3stream_device(sc)) { 614 if (ic->ic_rxstream > 2) 615 ic->ic_rxstream = 2; 616 if (ic->ic_txstream > 2) 617 ic->ic_txstream = 2; 618 } 619 620 ic->ic_htcaps = 621 IEEE80211_HTCAP_SMPS_OFF /* SMPS mode disabled */ 622 | IEEE80211_HTCAP_SHORTGI20 /* short GI in 20MHz */ 623 | IEEE80211_HTCAP_CHWIDTH40 /* 40MHz channel width*/ 624 | IEEE80211_HTCAP_SHORTGI40 /* short GI in 40MHz */ 625 #ifdef notyet 626 | IEEE80211_HTCAP_GREENFIELD 627 #if IWN_RBUF_SIZE == 8192 628 | IEEE80211_HTCAP_MAXAMSDU_7935 /* max A-MSDU length */ 629 #else 630 | IEEE80211_HTCAP_MAXAMSDU_3839 /* max A-MSDU length */ 631 #endif 632 #endif 633 /* s/w capabilities */ 634 | IEEE80211_HTC_HT /* HT operation */ 635 | IEEE80211_HTC_AMPDU /* tx A-MPDU */ 636 #ifdef notyet 637 | IEEE80211_HTC_AMSDU /* tx A-MSDU */ 638 #endif 639 ; 640 } 641 642 ieee80211_ifattach(ic); 643 ic->ic_vap_create = iwn_vap_create; 644 ic->ic_ioctl = iwn_ioctl; 645 ic->ic_parent = iwn_parent; 646 ic->ic_vap_delete = iwn_vap_delete; 647 ic->ic_transmit = iwn_transmit; 648 ic->ic_raw_xmit = iwn_raw_xmit; 649 ic->ic_node_alloc = iwn_node_alloc; 650 sc->sc_ampdu_rx_start = ic->ic_ampdu_rx_start; 651 ic->ic_ampdu_rx_start = iwn_ampdu_rx_start; 652 sc->sc_ampdu_rx_stop = ic->ic_ampdu_rx_stop; 653 ic->ic_ampdu_rx_stop = iwn_ampdu_rx_stop; 654 sc->sc_addba_request = ic->ic_addba_request; 655 ic->ic_addba_request = iwn_addba_request; 656 sc->sc_addba_response = ic->ic_addba_response; 657 ic->ic_addba_response = iwn_addba_response; 658 sc->sc_addba_stop = ic->ic_addba_stop; 659 ic->ic_addba_stop = iwn_ampdu_tx_stop; 660 ic->ic_newassoc = iwn_newassoc; 661 ic->ic_wme.wme_update = iwn_updateedca; 662 ic->ic_update_mcast = iwn_update_mcast; 663 ic->ic_scan_start = iwn_scan_start; 664 ic->ic_scan_end = iwn_scan_end; 665 ic->ic_set_channel = iwn_set_channel; 666 ic->ic_scan_curchan = iwn_scan_curchan; 667 ic->ic_scan_mindwell = iwn_scan_mindwell; 668 ic->ic_getradiocaps = iwn_getradiocaps; 669 ic->ic_setregdomain = iwn_setregdomain; 670 671 iwn_radiotap_attach(sc); 672 673 callout_init_mtx(&sc->calib_to, &sc->sc_mtx, 0); 674 callout_init_mtx(&sc->scan_timeout, &sc->sc_mtx, 0); 675 callout_init_mtx(&sc->watchdog_to, &sc->sc_mtx, 0); 676 TASK_INIT(&sc->sc_radioon_task, 0, iwn_radio_on, sc); 677 TASK_INIT(&sc->sc_radiooff_task, 0, iwn_radio_off, sc); 678 TASK_INIT(&sc->sc_panic_task, 0, iwn_panicked, sc); 679 TASK_INIT(&sc->sc_xmit_task, 0, iwn_xmit_task, sc); 680 681 mbufq_init(&sc->sc_xmit_queue, 1024); 682 683 sc->sc_tq = taskqueue_create("iwn_taskq", M_WAITOK, 684 taskqueue_thread_enqueue, &sc->sc_tq); 685 error = taskqueue_start_threads(&sc->sc_tq, 1, 0, "iwn_taskq"); 686 if (error != 0) { 687 device_printf(dev, "can't start threads, error %d\n", error); 688 goto fail; 689 } 690 691 iwn_sysctlattach(sc); 692 693 /* 694 * Hook our interrupt after all initialization is complete. 695 */ 696 error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET | INTR_MPSAFE, 697 NULL, iwn_intr, sc, &sc->sc_ih); 698 if (error != 0) { 699 device_printf(dev, "can't establish interrupt, error %d\n", 700 error); 701 goto fail; 702 } 703 704 #if 0 705 device_printf(sc->sc_dev, "%s: rx_stats=%d, rx_stats_bt=%d\n", 706 __func__, 707 sizeof(struct iwn_stats), 708 sizeof(struct iwn_stats_bt)); 709 #endif 710 711 if (bootverbose) 712 ieee80211_announce(ic); 713 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 714 715 /* Add debug ioctl right at the end */ 716 sc->sc_cdev = make_dev(&iwn_cdevsw, device_get_unit(dev), 717 UID_ROOT, GID_WHEEL, 0600, "%s", device_get_nameunit(dev)); 718 if (sc->sc_cdev == NULL) { 719 device_printf(dev, "failed to create debug character device\n"); 720 } else { 721 sc->sc_cdev->si_drv1 = sc; 722 } 723 return 0; 724 fail: 725 iwn_detach(dev); 726 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end in error\n",__func__); 727 return error; 728 } 729 730 /* 731 * Define specific configuration based on device id and subdevice id 732 * pid : PCI device id 733 */ 734 static int 735 iwn_config_specific(struct iwn_softc *sc, uint16_t pid) 736 { 737 738 switch (pid) { 739 /* 4965 series */ 740 case IWN_DID_4965_1: 741 case IWN_DID_4965_2: 742 case IWN_DID_4965_3: 743 case IWN_DID_4965_4: 744 sc->base_params = &iwn4965_base_params; 745 sc->limits = &iwn4965_sensitivity_limits; 746 sc->fwname = "iwn4965fw"; 747 /* Override chains masks, ROM is known to be broken. */ 748 sc->txchainmask = IWN_ANT_AB; 749 sc->rxchainmask = IWN_ANT_ABC; 750 /* Enable normal btcoex */ 751 sc->sc_flags |= IWN_FLAG_BTCOEX; 752 break; 753 /* 1000 Series */ 754 case IWN_DID_1000_1: 755 case IWN_DID_1000_2: 756 switch(sc->subdevice_id) { 757 case IWN_SDID_1000_1: 758 case IWN_SDID_1000_2: 759 case IWN_SDID_1000_3: 760 case IWN_SDID_1000_4: 761 case IWN_SDID_1000_5: 762 case IWN_SDID_1000_6: 763 case IWN_SDID_1000_7: 764 case IWN_SDID_1000_8: 765 case IWN_SDID_1000_9: 766 case IWN_SDID_1000_10: 767 case IWN_SDID_1000_11: 768 case IWN_SDID_1000_12: 769 sc->limits = &iwn1000_sensitivity_limits; 770 sc->base_params = &iwn1000_base_params; 771 sc->fwname = "iwn1000fw"; 772 break; 773 default: 774 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 775 "0x%04x rev %d not supported (subdevice)\n", pid, 776 sc->subdevice_id,sc->hw_type); 777 return ENOTSUP; 778 } 779 break; 780 /* 6x00 Series */ 781 case IWN_DID_6x00_2: 782 case IWN_DID_6x00_4: 783 case IWN_DID_6x00_1: 784 case IWN_DID_6x00_3: 785 sc->fwname = "iwn6000fw"; 786 sc->limits = &iwn6000_sensitivity_limits; 787 switch(sc->subdevice_id) { 788 case IWN_SDID_6x00_1: 789 case IWN_SDID_6x00_2: 790 case IWN_SDID_6x00_8: 791 //iwl6000_3agn_cfg 792 sc->base_params = &iwn_6000_base_params; 793 break; 794 case IWN_SDID_6x00_3: 795 case IWN_SDID_6x00_6: 796 case IWN_SDID_6x00_9: 797 ////iwl6000i_2agn 798 case IWN_SDID_6x00_4: 799 case IWN_SDID_6x00_7: 800 case IWN_SDID_6x00_10: 801 //iwl6000i_2abg_cfg 802 case IWN_SDID_6x00_5: 803 //iwl6000i_2bg_cfg 804 sc->base_params = &iwn_6000i_base_params; 805 sc->sc_flags |= IWN_FLAG_INTERNAL_PA; 806 sc->txchainmask = IWN_ANT_BC; 807 sc->rxchainmask = IWN_ANT_BC; 808 break; 809 default: 810 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 811 "0x%04x rev %d not supported (subdevice)\n", pid, 812 sc->subdevice_id,sc->hw_type); 813 return ENOTSUP; 814 } 815 break; 816 /* 6x05 Series */ 817 case IWN_DID_6x05_1: 818 case IWN_DID_6x05_2: 819 switch(sc->subdevice_id) { 820 case IWN_SDID_6x05_1: 821 case IWN_SDID_6x05_4: 822 case IWN_SDID_6x05_6: 823 //iwl6005_2agn_cfg 824 case IWN_SDID_6x05_2: 825 case IWN_SDID_6x05_5: 826 case IWN_SDID_6x05_7: 827 //iwl6005_2abg_cfg 828 case IWN_SDID_6x05_3: 829 //iwl6005_2bg_cfg 830 case IWN_SDID_6x05_8: 831 case IWN_SDID_6x05_9: 832 //iwl6005_2agn_sff_cfg 833 case IWN_SDID_6x05_10: 834 //iwl6005_2agn_d_cfg 835 case IWN_SDID_6x05_11: 836 //iwl6005_2agn_mow1_cfg 837 case IWN_SDID_6x05_12: 838 //iwl6005_2agn_mow2_cfg 839 sc->fwname = "iwn6000g2afw"; 840 sc->limits = &iwn6000_sensitivity_limits; 841 sc->base_params = &iwn_6000g2_base_params; 842 break; 843 default: 844 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 845 "0x%04x rev %d not supported (subdevice)\n", pid, 846 sc->subdevice_id,sc->hw_type); 847 return ENOTSUP; 848 } 849 break; 850 /* 6x35 Series */ 851 case IWN_DID_6035_1: 852 case IWN_DID_6035_2: 853 switch(sc->subdevice_id) { 854 case IWN_SDID_6035_1: 855 case IWN_SDID_6035_2: 856 case IWN_SDID_6035_3: 857 case IWN_SDID_6035_4: 858 case IWN_SDID_6035_5: 859 sc->fwname = "iwn6000g2bfw"; 860 sc->limits = &iwn6235_sensitivity_limits; 861 sc->base_params = &iwn_6235_base_params; 862 break; 863 default: 864 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 865 "0x%04x rev %d not supported (subdevice)\n", pid, 866 sc->subdevice_id,sc->hw_type); 867 return ENOTSUP; 868 } 869 break; 870 /* 6x50 WiFi/WiMax Series */ 871 case IWN_DID_6050_1: 872 case IWN_DID_6050_2: 873 switch(sc->subdevice_id) { 874 case IWN_SDID_6050_1: 875 case IWN_SDID_6050_3: 876 case IWN_SDID_6050_5: 877 //iwl6050_2agn_cfg 878 case IWN_SDID_6050_2: 879 case IWN_SDID_6050_4: 880 case IWN_SDID_6050_6: 881 //iwl6050_2abg_cfg 882 sc->fwname = "iwn6050fw"; 883 sc->txchainmask = IWN_ANT_AB; 884 sc->rxchainmask = IWN_ANT_AB; 885 sc->limits = &iwn6000_sensitivity_limits; 886 sc->base_params = &iwn_6050_base_params; 887 break; 888 default: 889 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 890 "0x%04x rev %d not supported (subdevice)\n", pid, 891 sc->subdevice_id,sc->hw_type); 892 return ENOTSUP; 893 } 894 break; 895 /* 6150 WiFi/WiMax Series */ 896 case IWN_DID_6150_1: 897 case IWN_DID_6150_2: 898 switch(sc->subdevice_id) { 899 case IWN_SDID_6150_1: 900 case IWN_SDID_6150_3: 901 case IWN_SDID_6150_5: 902 // iwl6150_bgn_cfg 903 case IWN_SDID_6150_2: 904 case IWN_SDID_6150_4: 905 case IWN_SDID_6150_6: 906 //iwl6150_bg_cfg 907 sc->fwname = "iwn6050fw"; 908 sc->limits = &iwn6000_sensitivity_limits; 909 sc->base_params = &iwn_6150_base_params; 910 break; 911 default: 912 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 913 "0x%04x rev %d not supported (subdevice)\n", pid, 914 sc->subdevice_id,sc->hw_type); 915 return ENOTSUP; 916 } 917 break; 918 /* 6030 Series and 1030 Series */ 919 case IWN_DID_x030_1: 920 case IWN_DID_x030_2: 921 case IWN_DID_x030_3: 922 case IWN_DID_x030_4: 923 switch(sc->subdevice_id) { 924 case IWN_SDID_x030_1: 925 case IWN_SDID_x030_3: 926 case IWN_SDID_x030_5: 927 // iwl1030_bgn_cfg 928 case IWN_SDID_x030_2: 929 case IWN_SDID_x030_4: 930 case IWN_SDID_x030_6: 931 //iwl1030_bg_cfg 932 case IWN_SDID_x030_7: 933 case IWN_SDID_x030_10: 934 case IWN_SDID_x030_14: 935 //iwl6030_2agn_cfg 936 case IWN_SDID_x030_8: 937 case IWN_SDID_x030_11: 938 case IWN_SDID_x030_15: 939 // iwl6030_2bgn_cfg 940 case IWN_SDID_x030_9: 941 case IWN_SDID_x030_12: 942 case IWN_SDID_x030_16: 943 // iwl6030_2abg_cfg 944 case IWN_SDID_x030_13: 945 //iwl6030_2bg_cfg 946 sc->fwname = "iwn6000g2bfw"; 947 sc->limits = &iwn6000_sensitivity_limits; 948 sc->base_params = &iwn_6000g2b_base_params; 949 break; 950 default: 951 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 952 "0x%04x rev %d not supported (subdevice)\n", pid, 953 sc->subdevice_id,sc->hw_type); 954 return ENOTSUP; 955 } 956 break; 957 /* 130 Series WiFi */ 958 /* XXX: This series will need adjustment for rate. 959 * see rx_with_siso_diversity in linux kernel 960 */ 961 case IWN_DID_130_1: 962 case IWN_DID_130_2: 963 switch(sc->subdevice_id) { 964 case IWN_SDID_130_1: 965 case IWN_SDID_130_3: 966 case IWN_SDID_130_5: 967 //iwl130_bgn_cfg 968 case IWN_SDID_130_2: 969 case IWN_SDID_130_4: 970 case IWN_SDID_130_6: 971 //iwl130_bg_cfg 972 sc->fwname = "iwn6000g2bfw"; 973 sc->limits = &iwn6000_sensitivity_limits; 974 sc->base_params = &iwn_6000g2b_base_params; 975 break; 976 default: 977 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 978 "0x%04x rev %d not supported (subdevice)\n", pid, 979 sc->subdevice_id,sc->hw_type); 980 return ENOTSUP; 981 } 982 break; 983 /* 100 Series WiFi */ 984 case IWN_DID_100_1: 985 case IWN_DID_100_2: 986 switch(sc->subdevice_id) { 987 case IWN_SDID_100_1: 988 case IWN_SDID_100_2: 989 case IWN_SDID_100_3: 990 case IWN_SDID_100_4: 991 case IWN_SDID_100_5: 992 case IWN_SDID_100_6: 993 sc->limits = &iwn1000_sensitivity_limits; 994 sc->base_params = &iwn1000_base_params; 995 sc->fwname = "iwn100fw"; 996 break; 997 default: 998 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 999 "0x%04x rev %d not supported (subdevice)\n", pid, 1000 sc->subdevice_id,sc->hw_type); 1001 return ENOTSUP; 1002 } 1003 break; 1004 1005 /* 105 Series */ 1006 /* XXX: This series will need adjustment for rate. 1007 * see rx_with_siso_diversity in linux kernel 1008 */ 1009 case IWN_DID_105_1: 1010 case IWN_DID_105_2: 1011 switch(sc->subdevice_id) { 1012 case IWN_SDID_105_1: 1013 case IWN_SDID_105_2: 1014 case IWN_SDID_105_3: 1015 //iwl105_bgn_cfg 1016 case IWN_SDID_105_4: 1017 //iwl105_bgn_d_cfg 1018 sc->limits = &iwn2030_sensitivity_limits; 1019 sc->base_params = &iwn2000_base_params; 1020 sc->fwname = "iwn105fw"; 1021 break; 1022 default: 1023 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1024 "0x%04x rev %d not supported (subdevice)\n", pid, 1025 sc->subdevice_id,sc->hw_type); 1026 return ENOTSUP; 1027 } 1028 break; 1029 1030 /* 135 Series */ 1031 /* XXX: This series will need adjustment for rate. 1032 * see rx_with_siso_diversity in linux kernel 1033 */ 1034 case IWN_DID_135_1: 1035 case IWN_DID_135_2: 1036 switch(sc->subdevice_id) { 1037 case IWN_SDID_135_1: 1038 case IWN_SDID_135_2: 1039 case IWN_SDID_135_3: 1040 sc->limits = &iwn2030_sensitivity_limits; 1041 sc->base_params = &iwn2030_base_params; 1042 sc->fwname = "iwn135fw"; 1043 break; 1044 default: 1045 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1046 "0x%04x rev %d not supported (subdevice)\n", pid, 1047 sc->subdevice_id,sc->hw_type); 1048 return ENOTSUP; 1049 } 1050 break; 1051 1052 /* 2x00 Series */ 1053 case IWN_DID_2x00_1: 1054 case IWN_DID_2x00_2: 1055 switch(sc->subdevice_id) { 1056 case IWN_SDID_2x00_1: 1057 case IWN_SDID_2x00_2: 1058 case IWN_SDID_2x00_3: 1059 //iwl2000_2bgn_cfg 1060 case IWN_SDID_2x00_4: 1061 //iwl2000_2bgn_d_cfg 1062 sc->limits = &iwn2030_sensitivity_limits; 1063 sc->base_params = &iwn2000_base_params; 1064 sc->fwname = "iwn2000fw"; 1065 break; 1066 default: 1067 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1068 "0x%04x rev %d not supported (subdevice) \n", 1069 pid, sc->subdevice_id, sc->hw_type); 1070 return ENOTSUP; 1071 } 1072 break; 1073 /* 2x30 Series */ 1074 case IWN_DID_2x30_1: 1075 case IWN_DID_2x30_2: 1076 switch(sc->subdevice_id) { 1077 case IWN_SDID_2x30_1: 1078 case IWN_SDID_2x30_3: 1079 case IWN_SDID_2x30_5: 1080 //iwl100_bgn_cfg 1081 case IWN_SDID_2x30_2: 1082 case IWN_SDID_2x30_4: 1083 case IWN_SDID_2x30_6: 1084 //iwl100_bg_cfg 1085 sc->limits = &iwn2030_sensitivity_limits; 1086 sc->base_params = &iwn2030_base_params; 1087 sc->fwname = "iwn2030fw"; 1088 break; 1089 default: 1090 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1091 "0x%04x rev %d not supported (subdevice)\n", pid, 1092 sc->subdevice_id,sc->hw_type); 1093 return ENOTSUP; 1094 } 1095 break; 1096 /* 5x00 Series */ 1097 case IWN_DID_5x00_1: 1098 case IWN_DID_5x00_2: 1099 case IWN_DID_5x00_3: 1100 case IWN_DID_5x00_4: 1101 sc->limits = &iwn5000_sensitivity_limits; 1102 sc->base_params = &iwn5000_base_params; 1103 sc->fwname = "iwn5000fw"; 1104 switch(sc->subdevice_id) { 1105 case IWN_SDID_5x00_1: 1106 case IWN_SDID_5x00_2: 1107 case IWN_SDID_5x00_3: 1108 case IWN_SDID_5x00_4: 1109 case IWN_SDID_5x00_9: 1110 case IWN_SDID_5x00_10: 1111 case IWN_SDID_5x00_11: 1112 case IWN_SDID_5x00_12: 1113 case IWN_SDID_5x00_17: 1114 case IWN_SDID_5x00_18: 1115 case IWN_SDID_5x00_19: 1116 case IWN_SDID_5x00_20: 1117 //iwl5100_agn_cfg 1118 sc->txchainmask = IWN_ANT_B; 1119 sc->rxchainmask = IWN_ANT_AB; 1120 break; 1121 case IWN_SDID_5x00_5: 1122 case IWN_SDID_5x00_6: 1123 case IWN_SDID_5x00_13: 1124 case IWN_SDID_5x00_14: 1125 case IWN_SDID_5x00_21: 1126 case IWN_SDID_5x00_22: 1127 //iwl5100_bgn_cfg 1128 sc->txchainmask = IWN_ANT_B; 1129 sc->rxchainmask = IWN_ANT_AB; 1130 break; 1131 case IWN_SDID_5x00_7: 1132 case IWN_SDID_5x00_8: 1133 case IWN_SDID_5x00_15: 1134 case IWN_SDID_5x00_16: 1135 case IWN_SDID_5x00_23: 1136 case IWN_SDID_5x00_24: 1137 //iwl5100_abg_cfg 1138 sc->txchainmask = IWN_ANT_B; 1139 sc->rxchainmask = IWN_ANT_AB; 1140 break; 1141 case IWN_SDID_5x00_25: 1142 case IWN_SDID_5x00_26: 1143 case IWN_SDID_5x00_27: 1144 case IWN_SDID_5x00_28: 1145 case IWN_SDID_5x00_29: 1146 case IWN_SDID_5x00_30: 1147 case IWN_SDID_5x00_31: 1148 case IWN_SDID_5x00_32: 1149 case IWN_SDID_5x00_33: 1150 case IWN_SDID_5x00_34: 1151 case IWN_SDID_5x00_35: 1152 case IWN_SDID_5x00_36: 1153 //iwl5300_agn_cfg 1154 sc->txchainmask = IWN_ANT_ABC; 1155 sc->rxchainmask = IWN_ANT_ABC; 1156 break; 1157 default: 1158 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1159 "0x%04x rev %d not supported (subdevice)\n", pid, 1160 sc->subdevice_id,sc->hw_type); 1161 return ENOTSUP; 1162 } 1163 break; 1164 /* 5x50 Series */ 1165 case IWN_DID_5x50_1: 1166 case IWN_DID_5x50_2: 1167 case IWN_DID_5x50_3: 1168 case IWN_DID_5x50_4: 1169 sc->limits = &iwn5000_sensitivity_limits; 1170 sc->base_params = &iwn5000_base_params; 1171 sc->fwname = "iwn5000fw"; 1172 switch(sc->subdevice_id) { 1173 case IWN_SDID_5x50_1: 1174 case IWN_SDID_5x50_2: 1175 case IWN_SDID_5x50_3: 1176 //iwl5350_agn_cfg 1177 sc->limits = &iwn5000_sensitivity_limits; 1178 sc->base_params = &iwn5000_base_params; 1179 sc->fwname = "iwn5000fw"; 1180 break; 1181 case IWN_SDID_5x50_4: 1182 case IWN_SDID_5x50_5: 1183 case IWN_SDID_5x50_8: 1184 case IWN_SDID_5x50_9: 1185 case IWN_SDID_5x50_10: 1186 case IWN_SDID_5x50_11: 1187 //iwl5150_agn_cfg 1188 case IWN_SDID_5x50_6: 1189 case IWN_SDID_5x50_7: 1190 case IWN_SDID_5x50_12: 1191 case IWN_SDID_5x50_13: 1192 //iwl5150_abg_cfg 1193 sc->limits = &iwn5000_sensitivity_limits; 1194 sc->fwname = "iwn5150fw"; 1195 sc->base_params = &iwn_5x50_base_params; 1196 break; 1197 default: 1198 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1199 "0x%04x rev %d not supported (subdevice)\n", pid, 1200 sc->subdevice_id,sc->hw_type); 1201 return ENOTSUP; 1202 } 1203 break; 1204 default: 1205 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id : 0x%04x" 1206 "rev 0x%08x not supported (device)\n", pid, sc->subdevice_id, 1207 sc->hw_type); 1208 return ENOTSUP; 1209 } 1210 return 0; 1211 } 1212 1213 static void 1214 iwn4965_attach(struct iwn_softc *sc, uint16_t pid) 1215 { 1216 struct iwn_ops *ops = &sc->ops; 1217 1218 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1219 1220 ops->load_firmware = iwn4965_load_firmware; 1221 ops->read_eeprom = iwn4965_read_eeprom; 1222 ops->post_alive = iwn4965_post_alive; 1223 ops->nic_config = iwn4965_nic_config; 1224 ops->update_sched = iwn4965_update_sched; 1225 ops->get_temperature = iwn4965_get_temperature; 1226 ops->get_rssi = iwn4965_get_rssi; 1227 ops->set_txpower = iwn4965_set_txpower; 1228 ops->init_gains = iwn4965_init_gains; 1229 ops->set_gains = iwn4965_set_gains; 1230 ops->add_node = iwn4965_add_node; 1231 ops->tx_done = iwn4965_tx_done; 1232 ops->ampdu_tx_start = iwn4965_ampdu_tx_start; 1233 ops->ampdu_tx_stop = iwn4965_ampdu_tx_stop; 1234 sc->ntxqs = IWN4965_NTXQUEUES; 1235 sc->firstaggqueue = IWN4965_FIRSTAGGQUEUE; 1236 sc->ndmachnls = IWN4965_NDMACHNLS; 1237 sc->broadcast_id = IWN4965_ID_BROADCAST; 1238 sc->rxonsz = IWN4965_RXONSZ; 1239 sc->schedsz = IWN4965_SCHEDSZ; 1240 sc->fw_text_maxsz = IWN4965_FW_TEXT_MAXSZ; 1241 sc->fw_data_maxsz = IWN4965_FW_DATA_MAXSZ; 1242 sc->fwsz = IWN4965_FWSZ; 1243 sc->sched_txfact_addr = IWN4965_SCHED_TXFACT; 1244 sc->limits = &iwn4965_sensitivity_limits; 1245 sc->fwname = "iwn4965fw"; 1246 /* Override chains masks, ROM is known to be broken. */ 1247 sc->txchainmask = IWN_ANT_AB; 1248 sc->rxchainmask = IWN_ANT_ABC; 1249 /* Enable normal btcoex */ 1250 sc->sc_flags |= IWN_FLAG_BTCOEX; 1251 1252 DPRINTF(sc, IWN_DEBUG_TRACE, "%s: end\n",__func__); 1253 } 1254 1255 static void 1256 iwn5000_attach(struct iwn_softc *sc, uint16_t pid) 1257 { 1258 struct iwn_ops *ops = &sc->ops; 1259 1260 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1261 1262 ops->load_firmware = iwn5000_load_firmware; 1263 ops->read_eeprom = iwn5000_read_eeprom; 1264 ops->post_alive = iwn5000_post_alive; 1265 ops->nic_config = iwn5000_nic_config; 1266 ops->update_sched = iwn5000_update_sched; 1267 ops->get_temperature = iwn5000_get_temperature; 1268 ops->get_rssi = iwn5000_get_rssi; 1269 ops->set_txpower = iwn5000_set_txpower; 1270 ops->init_gains = iwn5000_init_gains; 1271 ops->set_gains = iwn5000_set_gains; 1272 ops->add_node = iwn5000_add_node; 1273 ops->tx_done = iwn5000_tx_done; 1274 ops->ampdu_tx_start = iwn5000_ampdu_tx_start; 1275 ops->ampdu_tx_stop = iwn5000_ampdu_tx_stop; 1276 sc->ntxqs = IWN5000_NTXQUEUES; 1277 sc->firstaggqueue = IWN5000_FIRSTAGGQUEUE; 1278 sc->ndmachnls = IWN5000_NDMACHNLS; 1279 sc->broadcast_id = IWN5000_ID_BROADCAST; 1280 sc->rxonsz = IWN5000_RXONSZ; 1281 sc->schedsz = IWN5000_SCHEDSZ; 1282 sc->fw_text_maxsz = IWN5000_FW_TEXT_MAXSZ; 1283 sc->fw_data_maxsz = IWN5000_FW_DATA_MAXSZ; 1284 sc->fwsz = IWN5000_FWSZ; 1285 sc->sched_txfact_addr = IWN5000_SCHED_TXFACT; 1286 sc->reset_noise_gain = IWN5000_PHY_CALIB_RESET_NOISE_GAIN; 1287 sc->noise_gain = IWN5000_PHY_CALIB_NOISE_GAIN; 1288 1289 DPRINTF(sc, IWN_DEBUG_TRACE, "%s: end\n",__func__); 1290 } 1291 1292 /* 1293 * Attach the interface to 802.11 radiotap. 1294 */ 1295 static void 1296 iwn_radiotap_attach(struct iwn_softc *sc) 1297 { 1298 1299 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1300 ieee80211_radiotap_attach(&sc->sc_ic, 1301 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 1302 IWN_TX_RADIOTAP_PRESENT, 1303 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 1304 IWN_RX_RADIOTAP_PRESENT); 1305 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 1306 } 1307 1308 static void 1309 iwn_sysctlattach(struct iwn_softc *sc) 1310 { 1311 #ifdef IWN_DEBUG 1312 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 1313 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 1314 1315 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 1316 "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug, 1317 "control debugging printfs"); 1318 #endif 1319 } 1320 1321 static struct ieee80211vap * 1322 iwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 1323 enum ieee80211_opmode opmode, int flags, 1324 const uint8_t bssid[IEEE80211_ADDR_LEN], 1325 const uint8_t mac[IEEE80211_ADDR_LEN]) 1326 { 1327 struct iwn_softc *sc = ic->ic_softc; 1328 struct iwn_vap *ivp; 1329 struct ieee80211vap *vap; 1330 1331 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 1332 return NULL; 1333 1334 ivp = malloc(sizeof(struct iwn_vap), M_80211_VAP, M_WAITOK | M_ZERO); 1335 vap = &ivp->iv_vap; 1336 ieee80211_vap_setup(ic, vap, name, unit, opmode, flags, bssid); 1337 ivp->ctx = IWN_RXON_BSS_CTX; 1338 vap->iv_bmissthreshold = 10; /* override default */ 1339 /* Override with driver methods. */ 1340 ivp->iv_newstate = vap->iv_newstate; 1341 vap->iv_newstate = iwn_newstate; 1342 sc->ivap[IWN_RXON_BSS_CTX] = vap; 1343 1344 ieee80211_ratectl_init(vap); 1345 /* Complete setup. */ 1346 ieee80211_vap_attach(vap, iwn_media_change, ieee80211_media_status, 1347 mac); 1348 ic->ic_opmode = opmode; 1349 return vap; 1350 } 1351 1352 static void 1353 iwn_vap_delete(struct ieee80211vap *vap) 1354 { 1355 struct iwn_vap *ivp = IWN_VAP(vap); 1356 1357 ieee80211_ratectl_deinit(vap); 1358 ieee80211_vap_detach(vap); 1359 free(ivp, M_80211_VAP); 1360 } 1361 1362 static void 1363 iwn_xmit_queue_drain(struct iwn_softc *sc) 1364 { 1365 struct mbuf *m; 1366 struct ieee80211_node *ni; 1367 1368 IWN_LOCK_ASSERT(sc); 1369 while ((m = mbufq_dequeue(&sc->sc_xmit_queue)) != NULL) { 1370 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 1371 ieee80211_free_node(ni); 1372 m_freem(m); 1373 } 1374 } 1375 1376 static int 1377 iwn_xmit_queue_enqueue(struct iwn_softc *sc, struct mbuf *m) 1378 { 1379 1380 IWN_LOCK_ASSERT(sc); 1381 return (mbufq_enqueue(&sc->sc_xmit_queue, m)); 1382 } 1383 1384 static int 1385 iwn_detach(device_t dev) 1386 { 1387 struct iwn_softc *sc = device_get_softc(dev); 1388 int qid; 1389 1390 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1391 1392 if (sc->sc_ic.ic_softc != NULL) { 1393 /* Free the mbuf queue and node references */ 1394 IWN_LOCK(sc); 1395 iwn_xmit_queue_drain(sc); 1396 IWN_UNLOCK(sc); 1397 1398 ieee80211_draintask(&sc->sc_ic, &sc->sc_radioon_task); 1399 ieee80211_draintask(&sc->sc_ic, &sc->sc_radiooff_task); 1400 iwn_stop(sc); 1401 1402 taskqueue_drain_all(sc->sc_tq); 1403 taskqueue_free(sc->sc_tq); 1404 1405 callout_drain(&sc->watchdog_to); 1406 callout_drain(&sc->scan_timeout); 1407 callout_drain(&sc->calib_to); 1408 ieee80211_ifdetach(&sc->sc_ic); 1409 } 1410 1411 /* Uninstall interrupt handler. */ 1412 if (sc->irq != NULL) { 1413 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 1414 bus_release_resource(dev, SYS_RES_IRQ, rman_get_rid(sc->irq), 1415 sc->irq); 1416 pci_release_msi(dev); 1417 } 1418 1419 /* Free DMA resources. */ 1420 iwn_free_rx_ring(sc, &sc->rxq); 1421 for (qid = 0; qid < sc->ntxqs; qid++) 1422 iwn_free_tx_ring(sc, &sc->txq[qid]); 1423 iwn_free_sched(sc); 1424 iwn_free_kw(sc); 1425 if (sc->ict != NULL) 1426 iwn_free_ict(sc); 1427 iwn_free_fwmem(sc); 1428 1429 if (sc->mem != NULL) 1430 bus_release_resource(dev, SYS_RES_MEMORY, 1431 rman_get_rid(sc->mem), sc->mem); 1432 1433 if (sc->sc_cdev) { 1434 destroy_dev(sc->sc_cdev); 1435 sc->sc_cdev = NULL; 1436 } 1437 1438 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n", __func__); 1439 IWN_LOCK_DESTROY(sc); 1440 return 0; 1441 } 1442 1443 static int 1444 iwn_shutdown(device_t dev) 1445 { 1446 struct iwn_softc *sc = device_get_softc(dev); 1447 1448 iwn_stop(sc); 1449 return 0; 1450 } 1451 1452 static int 1453 iwn_suspend(device_t dev) 1454 { 1455 struct iwn_softc *sc = device_get_softc(dev); 1456 1457 ieee80211_suspend_all(&sc->sc_ic); 1458 return 0; 1459 } 1460 1461 static int 1462 iwn_resume(device_t dev) 1463 { 1464 struct iwn_softc *sc = device_get_softc(dev); 1465 1466 /* Clear device-specific "PCI retry timeout" register (41h). */ 1467 pci_write_config(dev, 0x41, 0, 1); 1468 1469 ieee80211_resume_all(&sc->sc_ic); 1470 return 0; 1471 } 1472 1473 static int 1474 iwn_nic_lock(struct iwn_softc *sc) 1475 { 1476 int ntries; 1477 1478 /* Request exclusive access to NIC. */ 1479 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 1480 1481 /* Spin until we actually get the lock. */ 1482 for (ntries = 0; ntries < 1000; ntries++) { 1483 if ((IWN_READ(sc, IWN_GP_CNTRL) & 1484 (IWN_GP_CNTRL_MAC_ACCESS_ENA | IWN_GP_CNTRL_SLEEP)) == 1485 IWN_GP_CNTRL_MAC_ACCESS_ENA) 1486 return 0; 1487 DELAY(10); 1488 } 1489 return ETIMEDOUT; 1490 } 1491 1492 static __inline void 1493 iwn_nic_unlock(struct iwn_softc *sc) 1494 { 1495 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 1496 } 1497 1498 static __inline uint32_t 1499 iwn_prph_read(struct iwn_softc *sc, uint32_t addr) 1500 { 1501 IWN_WRITE(sc, IWN_PRPH_RADDR, IWN_PRPH_DWORD | addr); 1502 IWN_BARRIER_READ_WRITE(sc); 1503 return IWN_READ(sc, IWN_PRPH_RDATA); 1504 } 1505 1506 static __inline void 1507 iwn_prph_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 1508 { 1509 IWN_WRITE(sc, IWN_PRPH_WADDR, IWN_PRPH_DWORD | addr); 1510 IWN_BARRIER_WRITE(sc); 1511 IWN_WRITE(sc, IWN_PRPH_WDATA, data); 1512 } 1513 1514 static __inline void 1515 iwn_prph_setbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 1516 { 1517 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) | mask); 1518 } 1519 1520 static __inline void 1521 iwn_prph_clrbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 1522 { 1523 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) & ~mask); 1524 } 1525 1526 static __inline void 1527 iwn_prph_write_region_4(struct iwn_softc *sc, uint32_t addr, 1528 const uint32_t *data, int count) 1529 { 1530 for (; count > 0; count--, data++, addr += 4) 1531 iwn_prph_write(sc, addr, *data); 1532 } 1533 1534 static __inline uint32_t 1535 iwn_mem_read(struct iwn_softc *sc, uint32_t addr) 1536 { 1537 IWN_WRITE(sc, IWN_MEM_RADDR, addr); 1538 IWN_BARRIER_READ_WRITE(sc); 1539 return IWN_READ(sc, IWN_MEM_RDATA); 1540 } 1541 1542 static __inline void 1543 iwn_mem_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 1544 { 1545 IWN_WRITE(sc, IWN_MEM_WADDR, addr); 1546 IWN_BARRIER_WRITE(sc); 1547 IWN_WRITE(sc, IWN_MEM_WDATA, data); 1548 } 1549 1550 static __inline void 1551 iwn_mem_write_2(struct iwn_softc *sc, uint32_t addr, uint16_t data) 1552 { 1553 uint32_t tmp; 1554 1555 tmp = iwn_mem_read(sc, addr & ~3); 1556 if (addr & 3) 1557 tmp = (tmp & 0x0000ffff) | data << 16; 1558 else 1559 tmp = (tmp & 0xffff0000) | data; 1560 iwn_mem_write(sc, addr & ~3, tmp); 1561 } 1562 1563 static __inline void 1564 iwn_mem_read_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t *data, 1565 int count) 1566 { 1567 for (; count > 0; count--, addr += 4) 1568 *data++ = iwn_mem_read(sc, addr); 1569 } 1570 1571 static __inline void 1572 iwn_mem_set_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t val, 1573 int count) 1574 { 1575 for (; count > 0; count--, addr += 4) 1576 iwn_mem_write(sc, addr, val); 1577 } 1578 1579 static int 1580 iwn_eeprom_lock(struct iwn_softc *sc) 1581 { 1582 int i, ntries; 1583 1584 for (i = 0; i < 100; i++) { 1585 /* Request exclusive access to EEPROM. */ 1586 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 1587 IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1588 1589 /* Spin until we actually get the lock. */ 1590 for (ntries = 0; ntries < 100; ntries++) { 1591 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 1592 IWN_HW_IF_CONFIG_EEPROM_LOCKED) 1593 return 0; 1594 DELAY(10); 1595 } 1596 } 1597 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end timeout\n", __func__); 1598 return ETIMEDOUT; 1599 } 1600 1601 static __inline void 1602 iwn_eeprom_unlock(struct iwn_softc *sc) 1603 { 1604 IWN_CLRBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1605 } 1606 1607 /* 1608 * Initialize access by host to One Time Programmable ROM. 1609 * NB: This kind of ROM can be found on 1000 or 6000 Series only. 1610 */ 1611 static int 1612 iwn_init_otprom(struct iwn_softc *sc) 1613 { 1614 uint16_t prev, base, next; 1615 int count, error; 1616 1617 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1618 1619 /* Wait for clock stabilization before accessing prph. */ 1620 if ((error = iwn_clock_wait(sc)) != 0) 1621 return error; 1622 1623 if ((error = iwn_nic_lock(sc)) != 0) 1624 return error; 1625 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1626 DELAY(5); 1627 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1628 iwn_nic_unlock(sc); 1629 1630 /* Set auto clock gate disable bit for HW with OTP shadow RAM. */ 1631 if (sc->base_params->shadow_ram_support) { 1632 IWN_SETBITS(sc, IWN_DBG_LINK_PWR_MGMT, 1633 IWN_RESET_LINK_PWR_MGMT_DIS); 1634 } 1635 IWN_CLRBITS(sc, IWN_EEPROM_GP, IWN_EEPROM_GP_IF_OWNER); 1636 /* Clear ECC status. */ 1637 IWN_SETBITS(sc, IWN_OTP_GP, 1638 IWN_OTP_GP_ECC_CORR_STTS | IWN_OTP_GP_ECC_UNCORR_STTS); 1639 1640 /* 1641 * Find the block before last block (contains the EEPROM image) 1642 * for HW without OTP shadow RAM. 1643 */ 1644 if (! sc->base_params->shadow_ram_support) { 1645 /* Switch to absolute addressing mode. */ 1646 IWN_CLRBITS(sc, IWN_OTP_GP, IWN_OTP_GP_RELATIVE_ACCESS); 1647 base = prev = 0; 1648 for (count = 0; count < sc->base_params->max_ll_items; 1649 count++) { 1650 error = iwn_read_prom_data(sc, base, &next, 2); 1651 if (error != 0) 1652 return error; 1653 if (next == 0) /* End of linked-list. */ 1654 break; 1655 prev = base; 1656 base = le16toh(next); 1657 } 1658 if (count == 0 || count == sc->base_params->max_ll_items) 1659 return EIO; 1660 /* Skip "next" word. */ 1661 sc->prom_base = prev + 1; 1662 } 1663 1664 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 1665 1666 return 0; 1667 } 1668 1669 static int 1670 iwn_read_prom_data(struct iwn_softc *sc, uint32_t addr, void *data, int count) 1671 { 1672 uint8_t *out = data; 1673 uint32_t val, tmp; 1674 int ntries; 1675 1676 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1677 1678 addr += sc->prom_base; 1679 for (; count > 0; count -= 2, addr++) { 1680 IWN_WRITE(sc, IWN_EEPROM, addr << 2); 1681 for (ntries = 0; ntries < 10; ntries++) { 1682 val = IWN_READ(sc, IWN_EEPROM); 1683 if (val & IWN_EEPROM_READ_VALID) 1684 break; 1685 DELAY(5); 1686 } 1687 if (ntries == 10) { 1688 device_printf(sc->sc_dev, 1689 "timeout reading ROM at 0x%x\n", addr); 1690 return ETIMEDOUT; 1691 } 1692 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 1693 /* OTPROM, check for ECC errors. */ 1694 tmp = IWN_READ(sc, IWN_OTP_GP); 1695 if (tmp & IWN_OTP_GP_ECC_UNCORR_STTS) { 1696 device_printf(sc->sc_dev, 1697 "OTPROM ECC error at 0x%x\n", addr); 1698 return EIO; 1699 } 1700 if (tmp & IWN_OTP_GP_ECC_CORR_STTS) { 1701 /* Correctable ECC error, clear bit. */ 1702 IWN_SETBITS(sc, IWN_OTP_GP, 1703 IWN_OTP_GP_ECC_CORR_STTS); 1704 } 1705 } 1706 *out++ = val >> 16; 1707 if (count > 1) 1708 *out++ = val >> 24; 1709 } 1710 1711 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 1712 1713 return 0; 1714 } 1715 1716 static void 1717 iwn_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nsegs, int error) 1718 { 1719 if (error != 0) 1720 return; 1721 KASSERT(nsegs == 1, ("too many DMA segments, %d should be 1", nsegs)); 1722 *(bus_addr_t *)arg = segs[0].ds_addr; 1723 } 1724 1725 static int 1726 iwn_dma_contig_alloc(struct iwn_softc *sc, struct iwn_dma_info *dma, 1727 void **kvap, bus_size_t size, bus_size_t alignment) 1728 { 1729 int error; 1730 1731 dma->tag = NULL; 1732 dma->size = size; 1733 1734 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), alignment, 1735 0, BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, size, 1736 1, size, 0, NULL, NULL, &dma->tag); 1737 if (error != 0) 1738 goto fail; 1739 1740 error = bus_dmamem_alloc(dma->tag, (void **)&dma->vaddr, 1741 BUS_DMA_NOWAIT | BUS_DMA_ZERO | BUS_DMA_COHERENT, &dma->map); 1742 if (error != 0) 1743 goto fail; 1744 1745 error = bus_dmamap_load(dma->tag, dma->map, dma->vaddr, size, 1746 iwn_dma_map_addr, &dma->paddr, BUS_DMA_NOWAIT); 1747 if (error != 0) 1748 goto fail; 1749 1750 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 1751 1752 if (kvap != NULL) 1753 *kvap = dma->vaddr; 1754 1755 return 0; 1756 1757 fail: iwn_dma_contig_free(dma); 1758 return error; 1759 } 1760 1761 static void 1762 iwn_dma_contig_free(struct iwn_dma_info *dma) 1763 { 1764 if (dma->vaddr != NULL) { 1765 bus_dmamap_sync(dma->tag, dma->map, 1766 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 1767 bus_dmamap_unload(dma->tag, dma->map); 1768 bus_dmamem_free(dma->tag, dma->vaddr, dma->map); 1769 dma->vaddr = NULL; 1770 } 1771 if (dma->tag != NULL) { 1772 bus_dma_tag_destroy(dma->tag); 1773 dma->tag = NULL; 1774 } 1775 } 1776 1777 static int 1778 iwn_alloc_sched(struct iwn_softc *sc) 1779 { 1780 /* TX scheduler rings must be aligned on a 1KB boundary. */ 1781 return iwn_dma_contig_alloc(sc, &sc->sched_dma, (void **)&sc->sched, 1782 sc->schedsz, 1024); 1783 } 1784 1785 static void 1786 iwn_free_sched(struct iwn_softc *sc) 1787 { 1788 iwn_dma_contig_free(&sc->sched_dma); 1789 } 1790 1791 static int 1792 iwn_alloc_kw(struct iwn_softc *sc) 1793 { 1794 /* "Keep Warm" page must be aligned on a 4KB boundary. */ 1795 return iwn_dma_contig_alloc(sc, &sc->kw_dma, NULL, 4096, 4096); 1796 } 1797 1798 static void 1799 iwn_free_kw(struct iwn_softc *sc) 1800 { 1801 iwn_dma_contig_free(&sc->kw_dma); 1802 } 1803 1804 static int 1805 iwn_alloc_ict(struct iwn_softc *sc) 1806 { 1807 /* ICT table must be aligned on a 4KB boundary. */ 1808 return iwn_dma_contig_alloc(sc, &sc->ict_dma, (void **)&sc->ict, 1809 IWN_ICT_SIZE, 4096); 1810 } 1811 1812 static void 1813 iwn_free_ict(struct iwn_softc *sc) 1814 { 1815 iwn_dma_contig_free(&sc->ict_dma); 1816 } 1817 1818 static int 1819 iwn_alloc_fwmem(struct iwn_softc *sc) 1820 { 1821 /* Must be aligned on a 16-byte boundary. */ 1822 return iwn_dma_contig_alloc(sc, &sc->fw_dma, NULL, sc->fwsz, 16); 1823 } 1824 1825 static void 1826 iwn_free_fwmem(struct iwn_softc *sc) 1827 { 1828 iwn_dma_contig_free(&sc->fw_dma); 1829 } 1830 1831 static int 1832 iwn_alloc_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1833 { 1834 bus_size_t size; 1835 int i, error; 1836 1837 ring->cur = 0; 1838 1839 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1840 1841 /* Allocate RX descriptors (256-byte aligned). */ 1842 size = IWN_RX_RING_COUNT * sizeof (uint32_t); 1843 error = iwn_dma_contig_alloc(sc, &ring->desc_dma, (void **)&ring->desc, 1844 size, 256); 1845 if (error != 0) { 1846 device_printf(sc->sc_dev, 1847 "%s: could not allocate RX ring DMA memory, error %d\n", 1848 __func__, error); 1849 goto fail; 1850 } 1851 1852 /* Allocate RX status area (16-byte aligned). */ 1853 error = iwn_dma_contig_alloc(sc, &ring->stat_dma, (void **)&ring->stat, 1854 sizeof (struct iwn_rx_status), 16); 1855 if (error != 0) { 1856 device_printf(sc->sc_dev, 1857 "%s: could not allocate RX status DMA memory, error %d\n", 1858 __func__, error); 1859 goto fail; 1860 } 1861 1862 /* Create RX buffer DMA tag. */ 1863 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 1864 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 1865 IWN_RBUF_SIZE, 1, IWN_RBUF_SIZE, 0, NULL, NULL, &ring->data_dmat); 1866 if (error != 0) { 1867 device_printf(sc->sc_dev, 1868 "%s: could not create RX buf DMA tag, error %d\n", 1869 __func__, error); 1870 goto fail; 1871 } 1872 1873 /* 1874 * Allocate and map RX buffers. 1875 */ 1876 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1877 struct iwn_rx_data *data = &ring->data[i]; 1878 bus_addr_t paddr; 1879 1880 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 1881 if (error != 0) { 1882 device_printf(sc->sc_dev, 1883 "%s: could not create RX buf DMA map, error %d\n", 1884 __func__, error); 1885 goto fail; 1886 } 1887 1888 data->m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 1889 IWN_RBUF_SIZE); 1890 if (data->m == NULL) { 1891 device_printf(sc->sc_dev, 1892 "%s: could not allocate RX mbuf\n", __func__); 1893 error = ENOBUFS; 1894 goto fail; 1895 } 1896 1897 error = bus_dmamap_load(ring->data_dmat, data->map, 1898 mtod(data->m, void *), IWN_RBUF_SIZE, iwn_dma_map_addr, 1899 &paddr, BUS_DMA_NOWAIT); 1900 if (error != 0 && error != EFBIG) { 1901 device_printf(sc->sc_dev, 1902 "%s: can't map mbuf, error %d\n", __func__, 1903 error); 1904 goto fail; 1905 } 1906 1907 bus_dmamap_sync(ring->data_dmat, data->map, 1908 BUS_DMASYNC_PREREAD); 1909 1910 /* Set physical address of RX buffer (256-byte aligned). */ 1911 ring->desc[i] = htole32(paddr >> 8); 1912 } 1913 1914 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 1915 BUS_DMASYNC_PREWRITE); 1916 1917 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 1918 1919 return 0; 1920 1921 fail: iwn_free_rx_ring(sc, ring); 1922 1923 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end in error\n",__func__); 1924 1925 return error; 1926 } 1927 1928 static void 1929 iwn_reset_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1930 { 1931 int ntries; 1932 1933 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 1934 1935 if (iwn_nic_lock(sc) == 0) { 1936 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 1937 for (ntries = 0; ntries < 1000; ntries++) { 1938 if (IWN_READ(sc, IWN_FH_RX_STATUS) & 1939 IWN_FH_RX_STATUS_IDLE) 1940 break; 1941 DELAY(10); 1942 } 1943 iwn_nic_unlock(sc); 1944 } 1945 ring->cur = 0; 1946 sc->last_rx_valid = 0; 1947 } 1948 1949 static void 1950 iwn_free_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1951 { 1952 int i; 1953 1954 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s \n", __func__); 1955 1956 iwn_dma_contig_free(&ring->desc_dma); 1957 iwn_dma_contig_free(&ring->stat_dma); 1958 1959 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1960 struct iwn_rx_data *data = &ring->data[i]; 1961 1962 if (data->m != NULL) { 1963 bus_dmamap_sync(ring->data_dmat, data->map, 1964 BUS_DMASYNC_POSTREAD); 1965 bus_dmamap_unload(ring->data_dmat, data->map); 1966 m_freem(data->m); 1967 data->m = NULL; 1968 } 1969 if (data->map != NULL) 1970 bus_dmamap_destroy(ring->data_dmat, data->map); 1971 } 1972 if (ring->data_dmat != NULL) { 1973 bus_dma_tag_destroy(ring->data_dmat); 1974 ring->data_dmat = NULL; 1975 } 1976 } 1977 1978 static int 1979 iwn_alloc_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring, int qid) 1980 { 1981 bus_addr_t paddr; 1982 bus_size_t size; 1983 int i, error; 1984 1985 ring->qid = qid; 1986 ring->queued = 0; 1987 ring->cur = 0; 1988 1989 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1990 1991 /* Allocate TX descriptors (256-byte aligned). */ 1992 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_desc); 1993 error = iwn_dma_contig_alloc(sc, &ring->desc_dma, (void **)&ring->desc, 1994 size, 256); 1995 if (error != 0) { 1996 device_printf(sc->sc_dev, 1997 "%s: could not allocate TX ring DMA memory, error %d\n", 1998 __func__, error); 1999 goto fail; 2000 } 2001 2002 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_cmd); 2003 error = iwn_dma_contig_alloc(sc, &ring->cmd_dma, (void **)&ring->cmd, 2004 size, 4); 2005 if (error != 0) { 2006 device_printf(sc->sc_dev, 2007 "%s: could not allocate TX cmd DMA memory, error %d\n", 2008 __func__, error); 2009 goto fail; 2010 } 2011 2012 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 2013 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 2014 IWN_MAX_SCATTER - 1, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 2015 if (error != 0) { 2016 device_printf(sc->sc_dev, 2017 "%s: could not create TX buf DMA tag, error %d\n", 2018 __func__, error); 2019 goto fail; 2020 } 2021 2022 paddr = ring->cmd_dma.paddr; 2023 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 2024 struct iwn_tx_data *data = &ring->data[i]; 2025 2026 data->cmd_paddr = paddr; 2027 data->scratch_paddr = paddr + 12; 2028 paddr += sizeof (struct iwn_tx_cmd); 2029 2030 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 2031 if (error != 0) { 2032 device_printf(sc->sc_dev, 2033 "%s: could not create TX buf DMA map, error %d\n", 2034 __func__, error); 2035 goto fail; 2036 } 2037 } 2038 2039 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2040 2041 return 0; 2042 2043 fail: iwn_free_tx_ring(sc, ring); 2044 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end in error\n", __func__); 2045 return error; 2046 } 2047 2048 static void 2049 iwn_reset_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 2050 { 2051 int i; 2052 2053 DPRINTF(sc, IWN_DEBUG_TRACE, "->doing %s \n", __func__); 2054 2055 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 2056 struct iwn_tx_data *data = &ring->data[i]; 2057 2058 if (data->m != NULL) { 2059 bus_dmamap_sync(ring->data_dmat, data->map, 2060 BUS_DMASYNC_POSTWRITE); 2061 bus_dmamap_unload(ring->data_dmat, data->map); 2062 m_freem(data->m); 2063 data->m = NULL; 2064 } 2065 if (data->ni != NULL) { 2066 ieee80211_free_node(data->ni); 2067 data->ni = NULL; 2068 } 2069 } 2070 /* Clear TX descriptors. */ 2071 memset(ring->desc, 0, ring->desc_dma.size); 2072 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 2073 BUS_DMASYNC_PREWRITE); 2074 sc->qfullmsk &= ~(1 << ring->qid); 2075 ring->queued = 0; 2076 ring->cur = 0; 2077 } 2078 2079 static void 2080 iwn_free_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 2081 { 2082 int i; 2083 2084 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s \n", __func__); 2085 2086 iwn_dma_contig_free(&ring->desc_dma); 2087 iwn_dma_contig_free(&ring->cmd_dma); 2088 2089 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 2090 struct iwn_tx_data *data = &ring->data[i]; 2091 2092 if (data->m != NULL) { 2093 bus_dmamap_sync(ring->data_dmat, data->map, 2094 BUS_DMASYNC_POSTWRITE); 2095 bus_dmamap_unload(ring->data_dmat, data->map); 2096 m_freem(data->m); 2097 } 2098 if (data->map != NULL) 2099 bus_dmamap_destroy(ring->data_dmat, data->map); 2100 } 2101 if (ring->data_dmat != NULL) { 2102 bus_dma_tag_destroy(ring->data_dmat); 2103 ring->data_dmat = NULL; 2104 } 2105 } 2106 2107 static void 2108 iwn5000_ict_reset(struct iwn_softc *sc) 2109 { 2110 /* Disable interrupts. */ 2111 IWN_WRITE(sc, IWN_INT_MASK, 0); 2112 2113 /* Reset ICT table. */ 2114 memset(sc->ict, 0, IWN_ICT_SIZE); 2115 sc->ict_cur = 0; 2116 2117 bus_dmamap_sync(sc->ict_dma.tag, sc->ict_dma.map, 2118 BUS_DMASYNC_PREWRITE); 2119 2120 /* Set physical address of ICT table (4KB aligned). */ 2121 DPRINTF(sc, IWN_DEBUG_RESET, "%s: enabling ICT\n", __func__); 2122 IWN_WRITE(sc, IWN_DRAM_INT_TBL, IWN_DRAM_INT_TBL_ENABLE | 2123 IWN_DRAM_INT_TBL_WRAP_CHECK | sc->ict_dma.paddr >> 12); 2124 2125 /* Enable periodic RX interrupt. */ 2126 sc->int_mask |= IWN_INT_RX_PERIODIC; 2127 /* Switch to ICT interrupt mode in driver. */ 2128 sc->sc_flags |= IWN_FLAG_USE_ICT; 2129 2130 /* Re-enable interrupts. */ 2131 IWN_WRITE(sc, IWN_INT, 0xffffffff); 2132 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 2133 } 2134 2135 static int 2136 iwn_read_eeprom(struct iwn_softc *sc, uint8_t macaddr[IEEE80211_ADDR_LEN]) 2137 { 2138 struct iwn_ops *ops = &sc->ops; 2139 uint16_t val; 2140 int error; 2141 2142 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2143 2144 /* Check whether adapter has an EEPROM or an OTPROM. */ 2145 if (sc->hw_type >= IWN_HW_REV_TYPE_1000 && 2146 (IWN_READ(sc, IWN_OTP_GP) & IWN_OTP_GP_DEV_SEL_OTP)) 2147 sc->sc_flags |= IWN_FLAG_HAS_OTPROM; 2148 DPRINTF(sc, IWN_DEBUG_RESET, "%s found\n", 2149 (sc->sc_flags & IWN_FLAG_HAS_OTPROM) ? "OTPROM" : "EEPROM"); 2150 2151 /* Adapter has to be powered on for EEPROM access to work. */ 2152 if ((error = iwn_apm_init(sc)) != 0) { 2153 device_printf(sc->sc_dev, 2154 "%s: could not power ON adapter, error %d\n", __func__, 2155 error); 2156 return error; 2157 } 2158 2159 if ((IWN_READ(sc, IWN_EEPROM_GP) & 0x7) == 0) { 2160 device_printf(sc->sc_dev, "%s: bad ROM signature\n", __func__); 2161 return EIO; 2162 } 2163 if ((error = iwn_eeprom_lock(sc)) != 0) { 2164 device_printf(sc->sc_dev, "%s: could not lock ROM, error %d\n", 2165 __func__, error); 2166 return error; 2167 } 2168 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 2169 if ((error = iwn_init_otprom(sc)) != 0) { 2170 device_printf(sc->sc_dev, 2171 "%s: could not initialize OTPROM, error %d\n", 2172 __func__, error); 2173 return error; 2174 } 2175 } 2176 2177 iwn_read_prom_data(sc, IWN_EEPROM_SKU_CAP, &val, 2); 2178 DPRINTF(sc, IWN_DEBUG_RESET, "SKU capabilities=0x%04x\n", le16toh(val)); 2179 /* Check if HT support is bonded out. */ 2180 if (val & htole16(IWN_EEPROM_SKU_CAP_11N)) 2181 sc->sc_flags |= IWN_FLAG_HAS_11N; 2182 2183 iwn_read_prom_data(sc, IWN_EEPROM_RFCFG, &val, 2); 2184 sc->rfcfg = le16toh(val); 2185 DPRINTF(sc, IWN_DEBUG_RESET, "radio config=0x%04x\n", sc->rfcfg); 2186 /* Read Tx/Rx chains from ROM unless it's known to be broken. */ 2187 if (sc->txchainmask == 0) 2188 sc->txchainmask = IWN_RFCFG_TXANTMSK(sc->rfcfg); 2189 if (sc->rxchainmask == 0) 2190 sc->rxchainmask = IWN_RFCFG_RXANTMSK(sc->rfcfg); 2191 2192 /* Read MAC address. */ 2193 iwn_read_prom_data(sc, IWN_EEPROM_MAC, macaddr, 6); 2194 2195 /* Read adapter-specific information from EEPROM. */ 2196 ops->read_eeprom(sc); 2197 2198 iwn_apm_stop(sc); /* Power OFF adapter. */ 2199 2200 iwn_eeprom_unlock(sc); 2201 2202 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2203 2204 return 0; 2205 } 2206 2207 static void 2208 iwn4965_read_eeprom(struct iwn_softc *sc) 2209 { 2210 uint32_t addr; 2211 uint16_t val; 2212 int i; 2213 2214 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2215 2216 /* Read regulatory domain (4 ASCII characters). */ 2217 iwn_read_prom_data(sc, IWN4965_EEPROM_DOMAIN, sc->eeprom_domain, 4); 2218 2219 /* Read the list of authorized channels (20MHz & 40MHz). */ 2220 for (i = 0; i < IWN_NBANDS - 1; i++) { 2221 addr = iwn4965_regulatory_bands[i]; 2222 iwn_read_eeprom_channels(sc, i, addr); 2223 } 2224 2225 /* Read maximum allowed TX power for 2GHz and 5GHz bands. */ 2226 iwn_read_prom_data(sc, IWN4965_EEPROM_MAXPOW, &val, 2); 2227 sc->maxpwr2GHz = val & 0xff; 2228 sc->maxpwr5GHz = val >> 8; 2229 /* Check that EEPROM values are within valid range. */ 2230 if (sc->maxpwr5GHz < 20 || sc->maxpwr5GHz > 50) 2231 sc->maxpwr5GHz = 38; 2232 if (sc->maxpwr2GHz < 20 || sc->maxpwr2GHz > 50) 2233 sc->maxpwr2GHz = 38; 2234 DPRINTF(sc, IWN_DEBUG_RESET, "maxpwr 2GHz=%d 5GHz=%d\n", 2235 sc->maxpwr2GHz, sc->maxpwr5GHz); 2236 2237 /* Read samples for each TX power group. */ 2238 iwn_read_prom_data(sc, IWN4965_EEPROM_BANDS, sc->bands, 2239 sizeof sc->bands); 2240 2241 /* Read voltage at which samples were taken. */ 2242 iwn_read_prom_data(sc, IWN4965_EEPROM_VOLTAGE, &val, 2); 2243 sc->eeprom_voltage = (int16_t)le16toh(val); 2244 DPRINTF(sc, IWN_DEBUG_RESET, "voltage=%d (in 0.3V)\n", 2245 sc->eeprom_voltage); 2246 2247 #ifdef IWN_DEBUG 2248 /* Print samples. */ 2249 if (sc->sc_debug & IWN_DEBUG_ANY) { 2250 for (i = 0; i < IWN_NBANDS - 1; i++) 2251 iwn4965_print_power_group(sc, i); 2252 } 2253 #endif 2254 2255 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2256 } 2257 2258 #ifdef IWN_DEBUG 2259 static void 2260 iwn4965_print_power_group(struct iwn_softc *sc, int i) 2261 { 2262 struct iwn4965_eeprom_band *band = &sc->bands[i]; 2263 struct iwn4965_eeprom_chan_samples *chans = band->chans; 2264 int j, c; 2265 2266 printf("===band %d===\n", i); 2267 printf("chan lo=%d, chan hi=%d\n", band->lo, band->hi); 2268 printf("chan1 num=%d\n", chans[0].num); 2269 for (c = 0; c < 2; c++) { 2270 for (j = 0; j < IWN_NSAMPLES; j++) { 2271 printf("chain %d, sample %d: temp=%d gain=%d " 2272 "power=%d pa_det=%d\n", c, j, 2273 chans[0].samples[c][j].temp, 2274 chans[0].samples[c][j].gain, 2275 chans[0].samples[c][j].power, 2276 chans[0].samples[c][j].pa_det); 2277 } 2278 } 2279 printf("chan2 num=%d\n", chans[1].num); 2280 for (c = 0; c < 2; c++) { 2281 for (j = 0; j < IWN_NSAMPLES; j++) { 2282 printf("chain %d, sample %d: temp=%d gain=%d " 2283 "power=%d pa_det=%d\n", c, j, 2284 chans[1].samples[c][j].temp, 2285 chans[1].samples[c][j].gain, 2286 chans[1].samples[c][j].power, 2287 chans[1].samples[c][j].pa_det); 2288 } 2289 } 2290 } 2291 #endif 2292 2293 static void 2294 iwn5000_read_eeprom(struct iwn_softc *sc) 2295 { 2296 struct iwn5000_eeprom_calib_hdr hdr; 2297 int32_t volt; 2298 uint32_t base, addr; 2299 uint16_t val; 2300 int i; 2301 2302 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2303 2304 /* Read regulatory domain (4 ASCII characters). */ 2305 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 2306 base = le16toh(val); 2307 iwn_read_prom_data(sc, base + IWN5000_EEPROM_DOMAIN, 2308 sc->eeprom_domain, 4); 2309 2310 /* Read the list of authorized channels (20MHz & 40MHz). */ 2311 for (i = 0; i < IWN_NBANDS - 1; i++) { 2312 addr = base + sc->base_params->regulatory_bands[i]; 2313 iwn_read_eeprom_channels(sc, i, addr); 2314 } 2315 2316 /* Read enhanced TX power information for 6000 Series. */ 2317 if (sc->base_params->enhanced_TX_power) 2318 iwn_read_eeprom_enhinfo(sc); 2319 2320 iwn_read_prom_data(sc, IWN5000_EEPROM_CAL, &val, 2); 2321 base = le16toh(val); 2322 iwn_read_prom_data(sc, base, &hdr, sizeof hdr); 2323 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 2324 "%s: calib version=%u pa type=%u voltage=%u\n", __func__, 2325 hdr.version, hdr.pa_type, le16toh(hdr.volt)); 2326 sc->calib_ver = hdr.version; 2327 2328 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2) { 2329 sc->eeprom_voltage = le16toh(hdr.volt); 2330 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 2331 sc->eeprom_temp_high=le16toh(val); 2332 iwn_read_prom_data(sc, base + IWN5000_EEPROM_VOLT, &val, 2); 2333 sc->eeprom_temp = le16toh(val); 2334 } 2335 2336 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 2337 /* Compute temperature offset. */ 2338 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 2339 sc->eeprom_temp = le16toh(val); 2340 iwn_read_prom_data(sc, base + IWN5000_EEPROM_VOLT, &val, 2); 2341 volt = le16toh(val); 2342 sc->temp_off = sc->eeprom_temp - (volt / -5); 2343 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "temp=%d volt=%d offset=%dK\n", 2344 sc->eeprom_temp, volt, sc->temp_off); 2345 } else { 2346 /* Read crystal calibration. */ 2347 iwn_read_prom_data(sc, base + IWN5000_EEPROM_CRYSTAL, 2348 &sc->eeprom_crystal, sizeof (uint32_t)); 2349 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "crystal calibration 0x%08x\n", 2350 le32toh(sc->eeprom_crystal)); 2351 } 2352 2353 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2354 2355 } 2356 2357 /* 2358 * Translate EEPROM flags to net80211. 2359 */ 2360 static uint32_t 2361 iwn_eeprom_channel_flags(struct iwn_eeprom_chan *channel) 2362 { 2363 uint32_t nflags; 2364 2365 nflags = 0; 2366 if ((channel->flags & IWN_EEPROM_CHAN_ACTIVE) == 0) 2367 nflags |= IEEE80211_CHAN_PASSIVE; 2368 if ((channel->flags & IWN_EEPROM_CHAN_IBSS) == 0) 2369 nflags |= IEEE80211_CHAN_NOADHOC; 2370 if (channel->flags & IWN_EEPROM_CHAN_RADAR) { 2371 nflags |= IEEE80211_CHAN_DFS; 2372 /* XXX apparently IBSS may still be marked */ 2373 nflags |= IEEE80211_CHAN_NOADHOC; 2374 } 2375 2376 return nflags; 2377 } 2378 2379 static void 2380 iwn_read_eeprom_band(struct iwn_softc *sc, int n, int maxchans, int *nchans, 2381 struct ieee80211_channel chans[]) 2382 { 2383 struct iwn_eeprom_chan *channels = sc->eeprom_channels[n]; 2384 const struct iwn_chan_band *band = &iwn_bands[n]; 2385 uint8_t bands[IEEE80211_MODE_BYTES]; 2386 uint8_t chan; 2387 int i, error, nflags; 2388 2389 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2390 2391 memset(bands, 0, sizeof(bands)); 2392 if (n == 0) { 2393 setbit(bands, IEEE80211_MODE_11B); 2394 setbit(bands, IEEE80211_MODE_11G); 2395 if (sc->sc_flags & IWN_FLAG_HAS_11N) 2396 setbit(bands, IEEE80211_MODE_11NG); 2397 } else { 2398 setbit(bands, IEEE80211_MODE_11A); 2399 if (sc->sc_flags & IWN_FLAG_HAS_11N) 2400 setbit(bands, IEEE80211_MODE_11NA); 2401 } 2402 2403 for (i = 0; i < band->nchan; i++) { 2404 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) { 2405 DPRINTF(sc, IWN_DEBUG_RESET, 2406 "skip chan %d flags 0x%x maxpwr %d\n", 2407 band->chan[i], channels[i].flags, 2408 channels[i].maxpwr); 2409 continue; 2410 } 2411 2412 chan = band->chan[i]; 2413 nflags = iwn_eeprom_channel_flags(&channels[i]); 2414 error = ieee80211_add_channel(chans, maxchans, nchans, 2415 chan, 0, channels[i].maxpwr, nflags, bands); 2416 if (error != 0) 2417 break; 2418 2419 /* Save maximum allowed TX power for this channel. */ 2420 /* XXX wrong */ 2421 sc->maxpwr[chan] = channels[i].maxpwr; 2422 2423 DPRINTF(sc, IWN_DEBUG_RESET, 2424 "add chan %d flags 0x%x maxpwr %d\n", chan, 2425 channels[i].flags, channels[i].maxpwr); 2426 } 2427 2428 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2429 2430 } 2431 2432 static void 2433 iwn_read_eeprom_ht40(struct iwn_softc *sc, int n, int maxchans, int *nchans, 2434 struct ieee80211_channel chans[]) 2435 { 2436 struct iwn_eeprom_chan *channels = sc->eeprom_channels[n]; 2437 const struct iwn_chan_band *band = &iwn_bands[n]; 2438 uint8_t chan; 2439 int i, error, nflags; 2440 2441 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s start\n", __func__); 2442 2443 if (!(sc->sc_flags & IWN_FLAG_HAS_11N)) { 2444 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end no 11n\n", __func__); 2445 return; 2446 } 2447 2448 for (i = 0; i < band->nchan; i++) { 2449 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) { 2450 DPRINTF(sc, IWN_DEBUG_RESET, 2451 "skip chan %d flags 0x%x maxpwr %d\n", 2452 band->chan[i], channels[i].flags, 2453 channels[i].maxpwr); 2454 continue; 2455 } 2456 2457 chan = band->chan[i]; 2458 nflags = iwn_eeprom_channel_flags(&channels[i]); 2459 nflags |= (n == 5 ? IEEE80211_CHAN_G : IEEE80211_CHAN_A); 2460 error = ieee80211_add_channel_ht40(chans, maxchans, nchans, 2461 chan, channels[i].maxpwr, nflags); 2462 switch (error) { 2463 case EINVAL: 2464 device_printf(sc->sc_dev, 2465 "%s: no entry for channel %d\n", __func__, chan); 2466 continue; 2467 case ENOENT: 2468 DPRINTF(sc, IWN_DEBUG_RESET, 2469 "%s: skip chan %d, extension channel not found\n", 2470 __func__, chan); 2471 continue; 2472 case ENOBUFS: 2473 device_printf(sc->sc_dev, 2474 "%s: channel table is full!\n", __func__); 2475 break; 2476 case 0: 2477 DPRINTF(sc, IWN_DEBUG_RESET, 2478 "add ht40 chan %d flags 0x%x maxpwr %d\n", 2479 chan, channels[i].flags, channels[i].maxpwr); 2480 /* FALLTHROUGH */ 2481 default: 2482 break; 2483 } 2484 } 2485 2486 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2487 2488 } 2489 2490 static void 2491 iwn_read_eeprom_channels(struct iwn_softc *sc, int n, uint32_t addr) 2492 { 2493 struct ieee80211com *ic = &sc->sc_ic; 2494 2495 iwn_read_prom_data(sc, addr, &sc->eeprom_channels[n], 2496 iwn_bands[n].nchan * sizeof (struct iwn_eeprom_chan)); 2497 2498 if (n < 5) { 2499 iwn_read_eeprom_band(sc, n, IEEE80211_CHAN_MAX, &ic->ic_nchans, 2500 ic->ic_channels); 2501 } else { 2502 iwn_read_eeprom_ht40(sc, n, IEEE80211_CHAN_MAX, &ic->ic_nchans, 2503 ic->ic_channels); 2504 } 2505 ieee80211_sort_channels(ic->ic_channels, ic->ic_nchans); 2506 } 2507 2508 static struct iwn_eeprom_chan * 2509 iwn_find_eeprom_channel(struct iwn_softc *sc, struct ieee80211_channel *c) 2510 { 2511 int band, chan, i, j; 2512 2513 if (IEEE80211_IS_CHAN_HT40(c)) { 2514 band = IEEE80211_IS_CHAN_5GHZ(c) ? 6 : 5; 2515 if (IEEE80211_IS_CHAN_HT40D(c)) 2516 chan = c->ic_extieee; 2517 else 2518 chan = c->ic_ieee; 2519 for (i = 0; i < iwn_bands[band].nchan; i++) { 2520 if (iwn_bands[band].chan[i] == chan) 2521 return &sc->eeprom_channels[band][i]; 2522 } 2523 } else { 2524 for (j = 0; j < 5; j++) { 2525 for (i = 0; i < iwn_bands[j].nchan; i++) { 2526 if (iwn_bands[j].chan[i] == c->ic_ieee && 2527 ((j == 0) ^ IEEE80211_IS_CHAN_A(c)) == 1) 2528 return &sc->eeprom_channels[j][i]; 2529 } 2530 } 2531 } 2532 return NULL; 2533 } 2534 2535 static void 2536 iwn_getradiocaps(struct ieee80211com *ic, 2537 int maxchans, int *nchans, struct ieee80211_channel chans[]) 2538 { 2539 struct iwn_softc *sc = ic->ic_softc; 2540 int i; 2541 2542 /* Parse the list of authorized channels. */ 2543 for (i = 0; i < 5 && *nchans < maxchans; i++) 2544 iwn_read_eeprom_band(sc, i, maxchans, nchans, chans); 2545 for (i = 5; i < IWN_NBANDS - 1 && *nchans < maxchans; i++) 2546 iwn_read_eeprom_ht40(sc, i, maxchans, nchans, chans); 2547 } 2548 2549 /* 2550 * Enforce flags read from EEPROM. 2551 */ 2552 static int 2553 iwn_setregdomain(struct ieee80211com *ic, struct ieee80211_regdomain *rd, 2554 int nchan, struct ieee80211_channel chans[]) 2555 { 2556 struct iwn_softc *sc = ic->ic_softc; 2557 int i; 2558 2559 for (i = 0; i < nchan; i++) { 2560 struct ieee80211_channel *c = &chans[i]; 2561 struct iwn_eeprom_chan *channel; 2562 2563 channel = iwn_find_eeprom_channel(sc, c); 2564 if (channel == NULL) { 2565 ic_printf(ic, "%s: invalid channel %u freq %u/0x%x\n", 2566 __func__, c->ic_ieee, c->ic_freq, c->ic_flags); 2567 return EINVAL; 2568 } 2569 c->ic_flags |= iwn_eeprom_channel_flags(channel); 2570 } 2571 2572 return 0; 2573 } 2574 2575 static void 2576 iwn_read_eeprom_enhinfo(struct iwn_softc *sc) 2577 { 2578 struct iwn_eeprom_enhinfo enhinfo[35]; 2579 struct ieee80211com *ic = &sc->sc_ic; 2580 struct ieee80211_channel *c; 2581 uint16_t val, base; 2582 int8_t maxpwr; 2583 uint8_t flags; 2584 int i, j; 2585 2586 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2587 2588 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 2589 base = le16toh(val); 2590 iwn_read_prom_data(sc, base + IWN6000_EEPROM_ENHINFO, 2591 enhinfo, sizeof enhinfo); 2592 2593 for (i = 0; i < nitems(enhinfo); i++) { 2594 flags = enhinfo[i].flags; 2595 if (!(flags & IWN_ENHINFO_VALID)) 2596 continue; /* Skip invalid entries. */ 2597 2598 maxpwr = 0; 2599 if (sc->txchainmask & IWN_ANT_A) 2600 maxpwr = MAX(maxpwr, enhinfo[i].chain[0]); 2601 if (sc->txchainmask & IWN_ANT_B) 2602 maxpwr = MAX(maxpwr, enhinfo[i].chain[1]); 2603 if (sc->txchainmask & IWN_ANT_C) 2604 maxpwr = MAX(maxpwr, enhinfo[i].chain[2]); 2605 if (sc->ntxchains == 2) 2606 maxpwr = MAX(maxpwr, enhinfo[i].mimo2); 2607 else if (sc->ntxchains == 3) 2608 maxpwr = MAX(maxpwr, enhinfo[i].mimo3); 2609 2610 for (j = 0; j < ic->ic_nchans; j++) { 2611 c = &ic->ic_channels[j]; 2612 if ((flags & IWN_ENHINFO_5GHZ)) { 2613 if (!IEEE80211_IS_CHAN_A(c)) 2614 continue; 2615 } else if ((flags & IWN_ENHINFO_OFDM)) { 2616 if (!IEEE80211_IS_CHAN_G(c)) 2617 continue; 2618 } else if (!IEEE80211_IS_CHAN_B(c)) 2619 continue; 2620 if ((flags & IWN_ENHINFO_HT40)) { 2621 if (!IEEE80211_IS_CHAN_HT40(c)) 2622 continue; 2623 } else { 2624 if (IEEE80211_IS_CHAN_HT40(c)) 2625 continue; 2626 } 2627 if (enhinfo[i].chan != 0 && 2628 enhinfo[i].chan != c->ic_ieee) 2629 continue; 2630 2631 DPRINTF(sc, IWN_DEBUG_RESET, 2632 "channel %d(%x), maxpwr %d\n", c->ic_ieee, 2633 c->ic_flags, maxpwr / 2); 2634 c->ic_maxregpower = maxpwr / 2; 2635 c->ic_maxpower = maxpwr; 2636 } 2637 } 2638 2639 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2640 2641 } 2642 2643 static struct ieee80211_node * 2644 iwn_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 2645 { 2646 return malloc(sizeof (struct iwn_node), M_80211_NODE,M_NOWAIT | M_ZERO); 2647 } 2648 2649 static __inline int 2650 rate2plcp(int rate) 2651 { 2652 switch (rate & 0xff) { 2653 case 12: return 0xd; 2654 case 18: return 0xf; 2655 case 24: return 0x5; 2656 case 36: return 0x7; 2657 case 48: return 0x9; 2658 case 72: return 0xb; 2659 case 96: return 0x1; 2660 case 108: return 0x3; 2661 case 2: return 10; 2662 case 4: return 20; 2663 case 11: return 55; 2664 case 22: return 110; 2665 } 2666 return 0; 2667 } 2668 2669 static int 2670 iwn_get_1stream_tx_antmask(struct iwn_softc *sc) 2671 { 2672 2673 return IWN_LSB(sc->txchainmask); 2674 } 2675 2676 static int 2677 iwn_get_2stream_tx_antmask(struct iwn_softc *sc) 2678 { 2679 int tx; 2680 2681 /* 2682 * The '2 stream' setup is a bit .. odd. 2683 * 2684 * For NICs that support only 1 antenna, default to IWN_ANT_AB or 2685 * the firmware panics (eg Intel 5100.) 2686 * 2687 * For NICs that support two antennas, we use ANT_AB. 2688 * 2689 * For NICs that support three antennas, we use the two that 2690 * wasn't the default one. 2691 * 2692 * XXX TODO: if bluetooth (full concurrent) is enabled, restrict 2693 * this to only one antenna. 2694 */ 2695 2696 /* Default - transmit on the other antennas */ 2697 tx = (sc->txchainmask & ~IWN_LSB(sc->txchainmask)); 2698 2699 /* Now, if it's zero, set it to IWN_ANT_AB, so to not panic firmware */ 2700 if (tx == 0) 2701 tx = IWN_ANT_AB; 2702 2703 /* 2704 * If the NIC is a two-stream TX NIC, configure the TX mask to 2705 * the default chainmask 2706 */ 2707 else if (sc->ntxchains == 2) 2708 tx = sc->txchainmask; 2709 2710 return (tx); 2711 } 2712 2713 2714 2715 /* 2716 * Calculate the required PLCP value from the given rate, 2717 * to the given node. 2718 * 2719 * This will take the node configuration (eg 11n, rate table 2720 * setup, etc) into consideration. 2721 */ 2722 static uint32_t 2723 iwn_rate_to_plcp(struct iwn_softc *sc, struct ieee80211_node *ni, 2724 uint8_t rate) 2725 { 2726 struct ieee80211com *ic = ni->ni_ic; 2727 uint32_t plcp = 0; 2728 int ridx; 2729 2730 /* 2731 * If it's an MCS rate, let's set the plcp correctly 2732 * and set the relevant flags based on the node config. 2733 */ 2734 if (rate & IEEE80211_RATE_MCS) { 2735 /* 2736 * Set the initial PLCP value to be between 0->31 for 2737 * MCS 0 -> MCS 31, then set the "I'm an MCS rate!" 2738 * flag. 2739 */ 2740 plcp = IEEE80211_RV(rate) | IWN_RFLAG_MCS; 2741 2742 /* 2743 * XXX the following should only occur if both 2744 * the local configuration _and_ the remote node 2745 * advertise these capabilities. Thus this code 2746 * may need fixing! 2747 */ 2748 2749 /* 2750 * Set the channel width and guard interval. 2751 */ 2752 if (IEEE80211_IS_CHAN_HT40(ni->ni_chan)) { 2753 plcp |= IWN_RFLAG_HT40; 2754 if (ni->ni_htcap & IEEE80211_HTCAP_SHORTGI40) 2755 plcp |= IWN_RFLAG_SGI; 2756 } else if (ni->ni_htcap & IEEE80211_HTCAP_SHORTGI20) { 2757 plcp |= IWN_RFLAG_SGI; 2758 } 2759 2760 /* 2761 * Ensure the selected rate matches the link quality 2762 * table entries being used. 2763 */ 2764 if (rate > 0x8f) 2765 plcp |= IWN_RFLAG_ANT(sc->txchainmask); 2766 else if (rate > 0x87) 2767 plcp |= IWN_RFLAG_ANT(iwn_get_2stream_tx_antmask(sc)); 2768 else 2769 plcp |= IWN_RFLAG_ANT(iwn_get_1stream_tx_antmask(sc)); 2770 } else { 2771 /* 2772 * Set the initial PLCP - fine for both 2773 * OFDM and CCK rates. 2774 */ 2775 plcp = rate2plcp(rate); 2776 2777 /* Set CCK flag if it's CCK */ 2778 2779 /* XXX It would be nice to have a method 2780 * to map the ridx -> phy table entry 2781 * so we could just query that, rather than 2782 * this hack to check against IWN_RIDX_OFDM6. 2783 */ 2784 ridx = ieee80211_legacy_rate_lookup(ic->ic_rt, 2785 rate & IEEE80211_RATE_VAL); 2786 if (ridx < IWN_RIDX_OFDM6 && 2787 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2788 plcp |= IWN_RFLAG_CCK; 2789 2790 /* Set antenna configuration */ 2791 /* XXX TODO: is this the right antenna to use for legacy? */ 2792 plcp |= IWN_RFLAG_ANT(iwn_get_1stream_tx_antmask(sc)); 2793 } 2794 2795 DPRINTF(sc, IWN_DEBUG_TXRATE, "%s: rate=0x%02x, plcp=0x%08x\n", 2796 __func__, 2797 rate, 2798 plcp); 2799 2800 return (htole32(plcp)); 2801 } 2802 2803 static void 2804 iwn_newassoc(struct ieee80211_node *ni, int isnew) 2805 { 2806 /* Doesn't do anything at the moment */ 2807 } 2808 2809 static int 2810 iwn_media_change(struct ifnet *ifp) 2811 { 2812 int error; 2813 2814 error = ieee80211_media_change(ifp); 2815 /* NB: only the fixed rate can change and that doesn't need a reset */ 2816 return (error == ENETRESET ? 0 : error); 2817 } 2818 2819 static int 2820 iwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2821 { 2822 struct iwn_vap *ivp = IWN_VAP(vap); 2823 struct ieee80211com *ic = vap->iv_ic; 2824 struct iwn_softc *sc = ic->ic_softc; 2825 int error = 0; 2826 2827 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2828 2829 DPRINTF(sc, IWN_DEBUG_STATE, "%s: %s -> %s\n", __func__, 2830 ieee80211_state_name[vap->iv_state], ieee80211_state_name[nstate]); 2831 2832 IEEE80211_UNLOCK(ic); 2833 IWN_LOCK(sc); 2834 callout_stop(&sc->calib_to); 2835 2836 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 2837 2838 switch (nstate) { 2839 case IEEE80211_S_ASSOC: 2840 if (vap->iv_state != IEEE80211_S_RUN) 2841 break; 2842 /* FALLTHROUGH */ 2843 case IEEE80211_S_AUTH: 2844 if (vap->iv_state == IEEE80211_S_AUTH) 2845 break; 2846 2847 /* 2848 * !AUTH -> AUTH transition requires state reset to handle 2849 * reassociations correctly. 2850 */ 2851 sc->rxon->associd = 0; 2852 sc->rxon->filter &= ~htole32(IWN_FILTER_BSS); 2853 sc->calib.state = IWN_CALIB_STATE_INIT; 2854 2855 /* Wait until we hear a beacon before we transmit */ 2856 if (IEEE80211_IS_CHAN_PASSIVE(ic->ic_curchan)) 2857 sc->sc_beacon_wait = 1; 2858 2859 if ((error = iwn_auth(sc, vap)) != 0) { 2860 device_printf(sc->sc_dev, 2861 "%s: could not move to auth state\n", __func__); 2862 } 2863 break; 2864 2865 case IEEE80211_S_RUN: 2866 /* 2867 * RUN -> RUN transition; Just restart the timers. 2868 */ 2869 if (vap->iv_state == IEEE80211_S_RUN) { 2870 sc->calib_cnt = 0; 2871 break; 2872 } 2873 2874 /* Wait until we hear a beacon before we transmit */ 2875 if (IEEE80211_IS_CHAN_PASSIVE(ic->ic_curchan)) 2876 sc->sc_beacon_wait = 1; 2877 2878 /* 2879 * !RUN -> RUN requires setting the association id 2880 * which is done with a firmware cmd. We also defer 2881 * starting the timers until that work is done. 2882 */ 2883 if ((error = iwn_run(sc, vap)) != 0) { 2884 device_printf(sc->sc_dev, 2885 "%s: could not move to run state\n", __func__); 2886 } 2887 break; 2888 2889 case IEEE80211_S_INIT: 2890 sc->calib.state = IWN_CALIB_STATE_INIT; 2891 /* 2892 * Purge the xmit queue so we don't have old frames 2893 * during a new association attempt. 2894 */ 2895 sc->sc_beacon_wait = 0; 2896 iwn_xmit_queue_drain(sc); 2897 break; 2898 2899 default: 2900 break; 2901 } 2902 IWN_UNLOCK(sc); 2903 IEEE80211_LOCK(ic); 2904 if (error != 0){ 2905 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end in error\n", __func__); 2906 return error; 2907 } 2908 2909 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 2910 2911 return ivp->iv_newstate(vap, nstate, arg); 2912 } 2913 2914 static void 2915 iwn_calib_timeout(void *arg) 2916 { 2917 struct iwn_softc *sc = arg; 2918 2919 IWN_LOCK_ASSERT(sc); 2920 2921 /* Force automatic TX power calibration every 60 secs. */ 2922 if (++sc->calib_cnt >= 120) { 2923 uint32_t flags = 0; 2924 2925 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s\n", 2926 "sending request for statistics"); 2927 (void)iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, 2928 sizeof flags, 1); 2929 sc->calib_cnt = 0; 2930 } 2931 callout_reset(&sc->calib_to, msecs_to_ticks(500), iwn_calib_timeout, 2932 sc); 2933 } 2934 2935 /* 2936 * Process an RX_PHY firmware notification. This is usually immediately 2937 * followed by an MPDU_RX_DONE notification. 2938 */ 2939 static void 2940 iwn_rx_phy(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2941 struct iwn_rx_data *data) 2942 { 2943 struct iwn_rx_stat *stat = (struct iwn_rx_stat *)(desc + 1); 2944 2945 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: received PHY stats\n", __func__); 2946 bus_dmamap_sync(sc->rxq.data_dmat, data->map, BUS_DMASYNC_POSTREAD); 2947 2948 /* Save RX statistics, they will be used on MPDU_RX_DONE. */ 2949 memcpy(&sc->last_rx_stat, stat, sizeof (*stat)); 2950 sc->last_rx_valid = 1; 2951 } 2952 2953 /* 2954 * Process an RX_DONE (4965AGN only) or MPDU_RX_DONE firmware notification. 2955 * Each MPDU_RX_DONE notification must be preceded by an RX_PHY one. 2956 */ 2957 static void 2958 iwn_rx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 2959 struct iwn_rx_data *data) 2960 { 2961 struct iwn_ops *ops = &sc->ops; 2962 struct ieee80211com *ic = &sc->sc_ic; 2963 struct iwn_rx_ring *ring = &sc->rxq; 2964 struct ieee80211_frame *wh; 2965 struct ieee80211_node *ni; 2966 struct mbuf *m, *m1; 2967 struct iwn_rx_stat *stat; 2968 caddr_t head; 2969 bus_addr_t paddr; 2970 uint32_t flags; 2971 int error, len, rssi, nf; 2972 2973 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2974 2975 if (desc->type == IWN_MPDU_RX_DONE) { 2976 /* Check for prior RX_PHY notification. */ 2977 if (!sc->last_rx_valid) { 2978 DPRINTF(sc, IWN_DEBUG_ANY, 2979 "%s: missing RX_PHY\n", __func__); 2980 return; 2981 } 2982 stat = &sc->last_rx_stat; 2983 } else 2984 stat = (struct iwn_rx_stat *)(desc + 1); 2985 2986 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_POSTREAD); 2987 2988 if (stat->cfg_phy_len > IWN_STAT_MAXLEN) { 2989 device_printf(sc->sc_dev, 2990 "%s: invalid RX statistic header, len %d\n", __func__, 2991 stat->cfg_phy_len); 2992 return; 2993 } 2994 if (desc->type == IWN_MPDU_RX_DONE) { 2995 struct iwn_rx_mpdu *mpdu = (struct iwn_rx_mpdu *)(desc + 1); 2996 head = (caddr_t)(mpdu + 1); 2997 len = le16toh(mpdu->len); 2998 } else { 2999 head = (caddr_t)(stat + 1) + stat->cfg_phy_len; 3000 len = le16toh(stat->len); 3001 } 3002 3003 flags = le32toh(*(uint32_t *)(head + len)); 3004 3005 /* Discard frames with a bad FCS early. */ 3006 if ((flags & IWN_RX_NOERROR) != IWN_RX_NOERROR) { 3007 DPRINTF(sc, IWN_DEBUG_RECV, "%s: RX flags error %x\n", 3008 __func__, flags); 3009 counter_u64_add(ic->ic_ierrors, 1); 3010 return; 3011 } 3012 /* Discard frames that are too short. */ 3013 if (len < sizeof (struct ieee80211_frame_ack)) { 3014 DPRINTF(sc, IWN_DEBUG_RECV, "%s: frame too short: %d\n", 3015 __func__, len); 3016 counter_u64_add(ic->ic_ierrors, 1); 3017 return; 3018 } 3019 3020 m1 = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, IWN_RBUF_SIZE); 3021 if (m1 == NULL) { 3022 DPRINTF(sc, IWN_DEBUG_ANY, "%s: no mbuf to restock ring\n", 3023 __func__); 3024 counter_u64_add(ic->ic_ierrors, 1); 3025 return; 3026 } 3027 bus_dmamap_unload(ring->data_dmat, data->map); 3028 3029 error = bus_dmamap_load(ring->data_dmat, data->map, mtod(m1, void *), 3030 IWN_RBUF_SIZE, iwn_dma_map_addr, &paddr, BUS_DMA_NOWAIT); 3031 if (error != 0 && error != EFBIG) { 3032 device_printf(sc->sc_dev, 3033 "%s: bus_dmamap_load failed, error %d\n", __func__, error); 3034 m_freem(m1); 3035 3036 /* Try to reload the old mbuf. */ 3037 error = bus_dmamap_load(ring->data_dmat, data->map, 3038 mtod(data->m, void *), IWN_RBUF_SIZE, iwn_dma_map_addr, 3039 &paddr, BUS_DMA_NOWAIT); 3040 if (error != 0 && error != EFBIG) { 3041 panic("%s: could not load old RX mbuf", __func__); 3042 } 3043 bus_dmamap_sync(ring->data_dmat, data->map, 3044 BUS_DMASYNC_PREREAD); 3045 /* Physical address may have changed. */ 3046 ring->desc[ring->cur] = htole32(paddr >> 8); 3047 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 3048 BUS_DMASYNC_PREWRITE); 3049 counter_u64_add(ic->ic_ierrors, 1); 3050 return; 3051 } 3052 3053 bus_dmamap_sync(ring->data_dmat, data->map, 3054 BUS_DMASYNC_PREREAD); 3055 3056 m = data->m; 3057 data->m = m1; 3058 /* Update RX descriptor. */ 3059 ring->desc[ring->cur] = htole32(paddr >> 8); 3060 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 3061 BUS_DMASYNC_PREWRITE); 3062 3063 /* Finalize mbuf. */ 3064 m->m_data = head; 3065 m->m_pkthdr.len = m->m_len = len; 3066 3067 /* Grab a reference to the source node. */ 3068 wh = mtod(m, struct ieee80211_frame *); 3069 if (len >= sizeof(struct ieee80211_frame_min)) 3070 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 3071 else 3072 ni = NULL; 3073 nf = (ni != NULL && ni->ni_vap->iv_state == IEEE80211_S_RUN && 3074 (ic->ic_flags & IEEE80211_F_SCAN) == 0) ? sc->noise : -95; 3075 3076 rssi = ops->get_rssi(sc, stat); 3077 3078 if (ieee80211_radiotap_active(ic)) { 3079 struct iwn_rx_radiotap_header *tap = &sc->sc_rxtap; 3080 3081 tap->wr_flags = 0; 3082 if (stat->flags & htole16(IWN_STAT_FLAG_SHPREAMBLE)) 3083 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3084 tap->wr_dbm_antsignal = (int8_t)rssi; 3085 tap->wr_dbm_antnoise = (int8_t)nf; 3086 tap->wr_tsft = stat->tstamp; 3087 switch (stat->rate) { 3088 /* CCK rates. */ 3089 case 10: tap->wr_rate = 2; break; 3090 case 20: tap->wr_rate = 4; break; 3091 case 55: tap->wr_rate = 11; break; 3092 case 110: tap->wr_rate = 22; break; 3093 /* OFDM rates. */ 3094 case 0xd: tap->wr_rate = 12; break; 3095 case 0xf: tap->wr_rate = 18; break; 3096 case 0x5: tap->wr_rate = 24; break; 3097 case 0x7: tap->wr_rate = 36; break; 3098 case 0x9: tap->wr_rate = 48; break; 3099 case 0xb: tap->wr_rate = 72; break; 3100 case 0x1: tap->wr_rate = 96; break; 3101 case 0x3: tap->wr_rate = 108; break; 3102 /* Unknown rate: should not happen. */ 3103 default: tap->wr_rate = 0; 3104 } 3105 } 3106 3107 /* 3108 * If it's a beacon and we're waiting, then do the 3109 * wakeup. This should unblock raw_xmit/start. 3110 */ 3111 if (sc->sc_beacon_wait) { 3112 uint8_t type, subtype; 3113 /* NB: Re-assign wh */ 3114 wh = mtod(m, struct ieee80211_frame *); 3115 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3116 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 3117 /* 3118 * This assumes at this point we've received our own 3119 * beacon. 3120 */ 3121 DPRINTF(sc, IWN_DEBUG_TRACE, 3122 "%s: beacon_wait, type=%d, subtype=%d\n", 3123 __func__, type, subtype); 3124 if (type == IEEE80211_FC0_TYPE_MGT && 3125 subtype == IEEE80211_FC0_SUBTYPE_BEACON) { 3126 DPRINTF(sc, IWN_DEBUG_TRACE | IWN_DEBUG_XMIT, 3127 "%s: waking things up\n", __func__); 3128 /* queue taskqueue to transmit! */ 3129 taskqueue_enqueue(sc->sc_tq, &sc->sc_xmit_task); 3130 } 3131 } 3132 3133 IWN_UNLOCK(sc); 3134 3135 /* Send the frame to the 802.11 layer. */ 3136 if (ni != NULL) { 3137 if (ni->ni_flags & IEEE80211_NODE_HT) 3138 m->m_flags |= M_AMPDU; 3139 (void)ieee80211_input(ni, m, rssi - nf, nf); 3140 /* Node is no longer needed. */ 3141 ieee80211_free_node(ni); 3142 } else 3143 (void)ieee80211_input_all(ic, m, rssi - nf, nf); 3144 3145 IWN_LOCK(sc); 3146 3147 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3148 3149 } 3150 3151 /* Process an incoming Compressed BlockAck. */ 3152 static void 3153 iwn_rx_compressed_ba(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3154 struct iwn_rx_data *data) 3155 { 3156 struct iwn_ops *ops = &sc->ops; 3157 struct iwn_node *wn; 3158 struct ieee80211_node *ni; 3159 struct iwn_compressed_ba *ba = (struct iwn_compressed_ba *)(desc + 1); 3160 struct iwn_tx_ring *txq; 3161 struct iwn_tx_data *txdata; 3162 struct ieee80211_tx_ampdu *tap; 3163 struct mbuf *m; 3164 uint64_t bitmap; 3165 uint16_t ssn; 3166 uint8_t tid; 3167 int ackfailcnt = 0, i, lastidx, qid, *res, shift; 3168 int tx_ok = 0, tx_err = 0; 3169 3170 DPRINTF(sc, IWN_DEBUG_TRACE | IWN_DEBUG_XMIT, "->%s begin\n", __func__); 3171 3172 bus_dmamap_sync(sc->rxq.data_dmat, data->map, BUS_DMASYNC_POSTREAD); 3173 3174 qid = le16toh(ba->qid); 3175 txq = &sc->txq[ba->qid]; 3176 tap = sc->qid2tap[ba->qid]; 3177 tid = tap->txa_tid; 3178 wn = (void *)tap->txa_ni; 3179 3180 res = NULL; 3181 ssn = 0; 3182 if (!IEEE80211_AMPDU_RUNNING(tap)) { 3183 res = tap->txa_private; 3184 ssn = tap->txa_start & 0xfff; 3185 } 3186 3187 for (lastidx = le16toh(ba->ssn) & 0xff; txq->read != lastidx;) { 3188 txdata = &txq->data[txq->read]; 3189 3190 /* Unmap and free mbuf. */ 3191 bus_dmamap_sync(txq->data_dmat, txdata->map, 3192 BUS_DMASYNC_POSTWRITE); 3193 bus_dmamap_unload(txq->data_dmat, txdata->map); 3194 m = txdata->m, txdata->m = NULL; 3195 ni = txdata->ni, txdata->ni = NULL; 3196 3197 KASSERT(ni != NULL, ("no node")); 3198 KASSERT(m != NULL, ("no mbuf")); 3199 3200 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: freeing m=%p\n", __func__, m); 3201 ieee80211_tx_complete(ni, m, 1); 3202 3203 txq->queued--; 3204 txq->read = (txq->read + 1) % IWN_TX_RING_COUNT; 3205 } 3206 3207 if (txq->queued == 0 && res != NULL) { 3208 iwn_nic_lock(sc); 3209 ops->ampdu_tx_stop(sc, qid, tid, ssn); 3210 iwn_nic_unlock(sc); 3211 sc->qid2tap[qid] = NULL; 3212 free(res, M_DEVBUF); 3213 return; 3214 } 3215 3216 if (wn->agg[tid].bitmap == 0) 3217 return; 3218 3219 shift = wn->agg[tid].startidx - ((le16toh(ba->seq) >> 4) & 0xff); 3220 if (shift < 0) 3221 shift += 0x100; 3222 3223 if (wn->agg[tid].nframes > (64 - shift)) 3224 return; 3225 3226 /* 3227 * Walk the bitmap and calculate how many successful and failed 3228 * attempts are made. 3229 * 3230 * Yes, the rate control code doesn't know these are A-MPDU 3231 * subframes and that it's okay to fail some of these. 3232 */ 3233 ni = tap->txa_ni; 3234 bitmap = (le64toh(ba->bitmap) >> shift) & wn->agg[tid].bitmap; 3235 for (i = 0; bitmap; i++) { 3236 if ((bitmap & 1) == 0) { 3237 tx_err ++; 3238 ieee80211_ratectl_tx_complete(ni->ni_vap, ni, 3239 IEEE80211_RATECTL_TX_FAILURE, &ackfailcnt, NULL); 3240 } else { 3241 tx_ok ++; 3242 ieee80211_ratectl_tx_complete(ni->ni_vap, ni, 3243 IEEE80211_RATECTL_TX_SUCCESS, &ackfailcnt, NULL); 3244 } 3245 bitmap >>= 1; 3246 } 3247 3248 DPRINTF(sc, IWN_DEBUG_TRACE | IWN_DEBUG_XMIT, 3249 "->%s: end; %d ok; %d err\n",__func__, tx_ok, tx_err); 3250 3251 } 3252 3253 /* 3254 * Process a CALIBRATION_RESULT notification sent by the initialization 3255 * firmware on response to a CMD_CALIB_CONFIG command (5000 only). 3256 */ 3257 static void 3258 iwn5000_rx_calib_results(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3259 struct iwn_rx_data *data) 3260 { 3261 struct iwn_phy_calib *calib = (struct iwn_phy_calib *)(desc + 1); 3262 int len, idx = -1; 3263 3264 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3265 3266 /* Runtime firmware should not send such a notification. */ 3267 if (sc->sc_flags & IWN_FLAG_CALIB_DONE){ 3268 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s received after clib done\n", 3269 __func__); 3270 return; 3271 } 3272 len = (le32toh(desc->len) & 0x3fff) - 4; 3273 bus_dmamap_sync(sc->rxq.data_dmat, data->map, BUS_DMASYNC_POSTREAD); 3274 3275 switch (calib->code) { 3276 case IWN5000_PHY_CALIB_DC: 3277 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_DC) 3278 idx = 0; 3279 break; 3280 case IWN5000_PHY_CALIB_LO: 3281 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_LO) 3282 idx = 1; 3283 break; 3284 case IWN5000_PHY_CALIB_TX_IQ: 3285 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TX_IQ) 3286 idx = 2; 3287 break; 3288 case IWN5000_PHY_CALIB_TX_IQ_PERIODIC: 3289 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TX_IQ_PERIODIC) 3290 idx = 3; 3291 break; 3292 case IWN5000_PHY_CALIB_BASE_BAND: 3293 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_BASE_BAND) 3294 idx = 4; 3295 break; 3296 } 3297 if (idx == -1) /* Ignore other results. */ 3298 return; 3299 3300 /* Save calibration result. */ 3301 if (sc->calibcmd[idx].buf != NULL) 3302 free(sc->calibcmd[idx].buf, M_DEVBUF); 3303 sc->calibcmd[idx].buf = malloc(len, M_DEVBUF, M_NOWAIT); 3304 if (sc->calibcmd[idx].buf == NULL) { 3305 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 3306 "not enough memory for calibration result %d\n", 3307 calib->code); 3308 return; 3309 } 3310 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 3311 "saving calibration result idx=%d, code=%d len=%d\n", idx, calib->code, len); 3312 sc->calibcmd[idx].len = len; 3313 memcpy(sc->calibcmd[idx].buf, calib, len); 3314 } 3315 3316 static void 3317 iwn_stats_update(struct iwn_softc *sc, struct iwn_calib_state *calib, 3318 struct iwn_stats *stats, int len) 3319 { 3320 struct iwn_stats_bt *stats_bt; 3321 struct iwn_stats *lstats; 3322 3323 /* 3324 * First - check whether the length is the bluetooth or normal. 3325 * 3326 * If it's normal - just copy it and bump out. 3327 * Otherwise we have to convert things. 3328 */ 3329 3330 if (len == sizeof(struct iwn_stats) + 4) { 3331 memcpy(&sc->last_stat, stats, sizeof(struct iwn_stats)); 3332 sc->last_stat_valid = 1; 3333 return; 3334 } 3335 3336 /* 3337 * If it's not the bluetooth size - log, then just copy. 3338 */ 3339 if (len != sizeof(struct iwn_stats_bt) + 4) { 3340 DPRINTF(sc, IWN_DEBUG_STATS, 3341 "%s: size of rx statistics (%d) not an expected size!\n", 3342 __func__, 3343 len); 3344 memcpy(&sc->last_stat, stats, sizeof(struct iwn_stats)); 3345 sc->last_stat_valid = 1; 3346 return; 3347 } 3348 3349 /* 3350 * Ok. Time to copy. 3351 */ 3352 stats_bt = (struct iwn_stats_bt *) stats; 3353 lstats = &sc->last_stat; 3354 3355 /* flags */ 3356 lstats->flags = stats_bt->flags; 3357 /* rx_bt */ 3358 memcpy(&lstats->rx.ofdm, &stats_bt->rx_bt.ofdm, 3359 sizeof(struct iwn_rx_phy_stats)); 3360 memcpy(&lstats->rx.cck, &stats_bt->rx_bt.cck, 3361 sizeof(struct iwn_rx_phy_stats)); 3362 memcpy(&lstats->rx.general, &stats_bt->rx_bt.general_bt.common, 3363 sizeof(struct iwn_rx_general_stats)); 3364 memcpy(&lstats->rx.ht, &stats_bt->rx_bt.ht, 3365 sizeof(struct iwn_rx_ht_phy_stats)); 3366 /* tx */ 3367 memcpy(&lstats->tx, &stats_bt->tx, 3368 sizeof(struct iwn_tx_stats)); 3369 /* general */ 3370 memcpy(&lstats->general, &stats_bt->general, 3371 sizeof(struct iwn_general_stats)); 3372 3373 /* XXX TODO: Squirrel away the extra bluetooth stats somewhere */ 3374 sc->last_stat_valid = 1; 3375 } 3376 3377 /* 3378 * Process an RX_STATISTICS or BEACON_STATISTICS firmware notification. 3379 * The latter is sent by the firmware after each received beacon. 3380 */ 3381 static void 3382 iwn_rx_statistics(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3383 struct iwn_rx_data *data) 3384 { 3385 struct iwn_ops *ops = &sc->ops; 3386 struct ieee80211com *ic = &sc->sc_ic; 3387 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3388 struct iwn_calib_state *calib = &sc->calib; 3389 struct iwn_stats *stats = (struct iwn_stats *)(desc + 1); 3390 struct iwn_stats *lstats; 3391 int temp; 3392 3393 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3394 3395 /* Ignore statistics received during a scan. */ 3396 if (vap->iv_state != IEEE80211_S_RUN || 3397 (ic->ic_flags & IEEE80211_F_SCAN)){ 3398 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s received during calib\n", 3399 __func__); 3400 return; 3401 } 3402 3403 bus_dmamap_sync(sc->rxq.data_dmat, data->map, BUS_DMASYNC_POSTREAD); 3404 3405 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_STATS, 3406 "%s: received statistics, cmd %d, len %d\n", 3407 __func__, desc->type, le16toh(desc->len)); 3408 sc->calib_cnt = 0; /* Reset TX power calibration timeout. */ 3409 3410 /* 3411 * Collect/track general statistics for reporting. 3412 * 3413 * This takes care of ensuring that the bluetooth sized message 3414 * will be correctly converted to the legacy sized message. 3415 */ 3416 iwn_stats_update(sc, calib, stats, le16toh(desc->len)); 3417 3418 /* 3419 * And now, let's take a reference of it to use! 3420 */ 3421 lstats = &sc->last_stat; 3422 3423 /* Test if temperature has changed. */ 3424 if (lstats->general.temp != sc->rawtemp) { 3425 /* Convert "raw" temperature to degC. */ 3426 sc->rawtemp = stats->general.temp; 3427 temp = ops->get_temperature(sc); 3428 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: temperature %d\n", 3429 __func__, temp); 3430 3431 /* Update TX power if need be (4965AGN only). */ 3432 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 3433 iwn4965_power_calibration(sc, temp); 3434 } 3435 3436 if (desc->type != IWN_BEACON_STATISTICS) 3437 return; /* Reply to a statistics request. */ 3438 3439 sc->noise = iwn_get_noise(&lstats->rx.general); 3440 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: noise %d\n", __func__, sc->noise); 3441 3442 /* Test that RSSI and noise are present in stats report. */ 3443 if (le32toh(lstats->rx.general.flags) != 1) { 3444 DPRINTF(sc, IWN_DEBUG_ANY, "%s\n", 3445 "received statistics without RSSI"); 3446 return; 3447 } 3448 3449 if (calib->state == IWN_CALIB_STATE_ASSOC) 3450 iwn_collect_noise(sc, &lstats->rx.general); 3451 else if (calib->state == IWN_CALIB_STATE_RUN) { 3452 iwn_tune_sensitivity(sc, &lstats->rx); 3453 /* 3454 * XXX TODO: Only run the RX recovery if we're associated! 3455 */ 3456 iwn_check_rx_recovery(sc, lstats); 3457 iwn_save_stats_counters(sc, lstats); 3458 } 3459 3460 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3461 } 3462 3463 /* 3464 * Save the relevant statistic counters for the next calibration 3465 * pass. 3466 */ 3467 static void 3468 iwn_save_stats_counters(struct iwn_softc *sc, const struct iwn_stats *rs) 3469 { 3470 struct iwn_calib_state *calib = &sc->calib; 3471 3472 /* Save counters values for next call. */ 3473 calib->bad_plcp_cck = le32toh(rs->rx.cck.bad_plcp); 3474 calib->fa_cck = le32toh(rs->rx.cck.fa); 3475 calib->bad_plcp_ht = le32toh(rs->rx.ht.bad_plcp); 3476 calib->bad_plcp_ofdm = le32toh(rs->rx.ofdm.bad_plcp); 3477 calib->fa_ofdm = le32toh(rs->rx.ofdm.fa); 3478 3479 /* Last time we received these tick values */ 3480 sc->last_calib_ticks = ticks; 3481 } 3482 3483 /* 3484 * Process a TX_DONE firmware notification. Unfortunately, the 4965AGN 3485 * and 5000 adapters have different incompatible TX status formats. 3486 */ 3487 static void 3488 iwn4965_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3489 struct iwn_rx_data *data) 3490 { 3491 struct iwn4965_tx_stat *stat = (struct iwn4965_tx_stat *)(desc + 1); 3492 struct iwn_tx_ring *ring; 3493 int qid; 3494 3495 qid = desc->qid & 0xf; 3496 ring = &sc->txq[qid]; 3497 3498 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: " 3499 "qid %d idx %d RTS retries %d ACK retries %d nkill %d rate %x duration %d status %x\n", 3500 __func__, desc->qid, desc->idx, 3501 stat->rtsfailcnt, 3502 stat->ackfailcnt, 3503 stat->btkillcnt, 3504 stat->rate, le16toh(stat->duration), 3505 le32toh(stat->status)); 3506 3507 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_POSTREAD); 3508 if (qid >= sc->firstaggqueue) { 3509 iwn_ampdu_tx_done(sc, qid, desc->idx, stat->nframes, 3510 stat->ackfailcnt, &stat->status); 3511 } else { 3512 iwn_tx_done(sc, desc, stat->ackfailcnt, 3513 le32toh(stat->status) & 0xff); 3514 } 3515 } 3516 3517 static void 3518 iwn5000_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3519 struct iwn_rx_data *data) 3520 { 3521 struct iwn5000_tx_stat *stat = (struct iwn5000_tx_stat *)(desc + 1); 3522 struct iwn_tx_ring *ring; 3523 int qid; 3524 3525 qid = desc->qid & 0xf; 3526 ring = &sc->txq[qid]; 3527 3528 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: " 3529 "qid %d idx %d RTS retries %d ACK retries %d nkill %d rate %x duration %d status %x\n", 3530 __func__, desc->qid, desc->idx, 3531 stat->rtsfailcnt, 3532 stat->ackfailcnt, 3533 stat->btkillcnt, 3534 stat->rate, le16toh(stat->duration), 3535 le32toh(stat->status)); 3536 3537 #ifdef notyet 3538 /* Reset TX scheduler slot. */ 3539 iwn5000_reset_sched(sc, desc->qid & 0xf, desc->idx); 3540 #endif 3541 3542 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_POSTREAD); 3543 if (qid >= sc->firstaggqueue) { 3544 iwn_ampdu_tx_done(sc, qid, desc->idx, stat->nframes, 3545 stat->ackfailcnt, &stat->status); 3546 } else { 3547 iwn_tx_done(sc, desc, stat->ackfailcnt, 3548 le16toh(stat->status) & 0xff); 3549 } 3550 } 3551 3552 /* 3553 * Adapter-independent backend for TX_DONE firmware notifications. 3554 */ 3555 static void 3556 iwn_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, int ackfailcnt, 3557 uint8_t status) 3558 { 3559 struct iwn_tx_ring *ring = &sc->txq[desc->qid & 0xf]; 3560 struct iwn_tx_data *data = &ring->data[desc->idx]; 3561 struct mbuf *m; 3562 struct ieee80211_node *ni; 3563 struct ieee80211vap *vap; 3564 3565 KASSERT(data->ni != NULL, ("no node")); 3566 3567 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3568 3569 /* Unmap and free mbuf. */ 3570 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_POSTWRITE); 3571 bus_dmamap_unload(ring->data_dmat, data->map); 3572 m = data->m, data->m = NULL; 3573 ni = data->ni, data->ni = NULL; 3574 vap = ni->ni_vap; 3575 3576 /* 3577 * Update rate control statistics for the node. 3578 */ 3579 if (status & IWN_TX_FAIL) 3580 ieee80211_ratectl_tx_complete(vap, ni, 3581 IEEE80211_RATECTL_TX_FAILURE, &ackfailcnt, NULL); 3582 else 3583 ieee80211_ratectl_tx_complete(vap, ni, 3584 IEEE80211_RATECTL_TX_SUCCESS, &ackfailcnt, NULL); 3585 3586 /* 3587 * Channels marked for "radar" require traffic to be received 3588 * to unlock before we can transmit. Until traffic is seen 3589 * any attempt to transmit is returned immediately with status 3590 * set to IWN_TX_FAIL_TX_LOCKED. Unfortunately this can easily 3591 * happen on first authenticate after scanning. To workaround 3592 * this we ignore a failure of this sort in AUTH state so the 3593 * 802.11 layer will fall back to using a timeout to wait for 3594 * the AUTH reply. This allows the firmware time to see 3595 * traffic so a subsequent retry of AUTH succeeds. It's 3596 * unclear why the firmware does not maintain state for 3597 * channels recently visited as this would allow immediate 3598 * use of the channel after a scan (where we see traffic). 3599 */ 3600 if (status == IWN_TX_FAIL_TX_LOCKED && 3601 ni->ni_vap->iv_state == IEEE80211_S_AUTH) 3602 ieee80211_tx_complete(ni, m, 0); 3603 else 3604 ieee80211_tx_complete(ni, m, 3605 (status & IWN_TX_FAIL) != 0); 3606 3607 sc->sc_tx_timer = 0; 3608 if (--ring->queued < IWN_TX_RING_LOMARK) 3609 sc->qfullmsk &= ~(1 << ring->qid); 3610 3611 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3612 } 3613 3614 /* 3615 * Process a "command done" firmware notification. This is where we wakeup 3616 * processes waiting for a synchronous command completion. 3617 */ 3618 static void 3619 iwn_cmd_done(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3620 { 3621 struct iwn_tx_ring *ring; 3622 struct iwn_tx_data *data; 3623 int cmd_queue_num; 3624 3625 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) 3626 cmd_queue_num = IWN_PAN_CMD_QUEUE; 3627 else 3628 cmd_queue_num = IWN_CMD_QUEUE_NUM; 3629 3630 if ((desc->qid & IWN_RX_DESC_QID_MSK) != cmd_queue_num) 3631 return; /* Not a command ack. */ 3632 3633 ring = &sc->txq[cmd_queue_num]; 3634 data = &ring->data[desc->idx]; 3635 3636 /* If the command was mapped in an mbuf, free it. */ 3637 if (data->m != NULL) { 3638 bus_dmamap_sync(ring->data_dmat, data->map, 3639 BUS_DMASYNC_POSTWRITE); 3640 bus_dmamap_unload(ring->data_dmat, data->map); 3641 m_freem(data->m); 3642 data->m = NULL; 3643 } 3644 wakeup(&ring->desc[desc->idx]); 3645 } 3646 3647 static void 3648 iwn_ampdu_tx_done(struct iwn_softc *sc, int qid, int idx, int nframes, 3649 int ackfailcnt, void *stat) 3650 { 3651 struct iwn_ops *ops = &sc->ops; 3652 struct iwn_tx_ring *ring = &sc->txq[qid]; 3653 struct iwn_tx_data *data; 3654 struct mbuf *m; 3655 struct iwn_node *wn; 3656 struct ieee80211_node *ni; 3657 struct ieee80211_tx_ampdu *tap; 3658 uint64_t bitmap; 3659 uint32_t *status = stat; 3660 uint16_t *aggstatus = stat; 3661 uint16_t ssn; 3662 uint8_t tid; 3663 int bit, i, lastidx, *res, seqno, shift, start; 3664 3665 /* XXX TODO: status is le16 field! Grr */ 3666 3667 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3668 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: nframes=%d, status=0x%08x\n", 3669 __func__, 3670 nframes, 3671 *status); 3672 3673 tap = sc->qid2tap[qid]; 3674 tid = tap->txa_tid; 3675 wn = (void *)tap->txa_ni; 3676 ni = tap->txa_ni; 3677 3678 /* 3679 * XXX TODO: ACK and RTS failures would be nice here! 3680 */ 3681 3682 /* 3683 * A-MPDU single frame status - if we failed to transmit it 3684 * in A-MPDU, then it may be a permanent failure. 3685 * 3686 * XXX TODO: check what the Linux iwlwifi driver does here; 3687 * there's some permanent and temporary failures that may be 3688 * handled differently. 3689 */ 3690 if (nframes == 1) { 3691 if ((*status & 0xff) != 1 && (*status & 0xff) != 2) { 3692 #ifdef NOT_YET 3693 printf("ieee80211_send_bar()\n"); 3694 #endif 3695 /* 3696 * If we completely fail a transmit, make sure a 3697 * notification is pushed up to the rate control 3698 * layer. 3699 */ 3700 ieee80211_ratectl_tx_complete(ni->ni_vap, 3701 ni, 3702 IEEE80211_RATECTL_TX_FAILURE, 3703 &ackfailcnt, 3704 NULL); 3705 } else { 3706 /* 3707 * If nframes=1, then we won't be getting a BA for 3708 * this frame. Ensure that we correctly update the 3709 * rate control code with how many retries were 3710 * needed to send it. 3711 */ 3712 ieee80211_ratectl_tx_complete(ni->ni_vap, 3713 ni, 3714 IEEE80211_RATECTL_TX_SUCCESS, 3715 &ackfailcnt, 3716 NULL); 3717 } 3718 } 3719 3720 bitmap = 0; 3721 start = idx; 3722 for (i = 0; i < nframes; i++) { 3723 if (le16toh(aggstatus[i * 2]) & 0xc) 3724 continue; 3725 3726 idx = le16toh(aggstatus[2*i + 1]) & 0xff; 3727 bit = idx - start; 3728 shift = 0; 3729 if (bit >= 64) { 3730 shift = 0x100 - idx + start; 3731 bit = 0; 3732 start = idx; 3733 } else if (bit <= -64) 3734 bit = 0x100 - start + idx; 3735 else if (bit < 0) { 3736 shift = start - idx; 3737 start = idx; 3738 bit = 0; 3739 } 3740 bitmap = bitmap << shift; 3741 bitmap |= 1ULL << bit; 3742 } 3743 tap = sc->qid2tap[qid]; 3744 tid = tap->txa_tid; 3745 wn = (void *)tap->txa_ni; 3746 wn->agg[tid].bitmap = bitmap; 3747 wn->agg[tid].startidx = start; 3748 wn->agg[tid].nframes = nframes; 3749 3750 res = NULL; 3751 ssn = 0; 3752 if (!IEEE80211_AMPDU_RUNNING(tap)) { 3753 res = tap->txa_private; 3754 ssn = tap->txa_start & 0xfff; 3755 } 3756 3757 /* This is going nframes DWORDS into the descriptor? */ 3758 seqno = le32toh(*(status + nframes)) & 0xfff; 3759 for (lastidx = (seqno & 0xff); ring->read != lastidx;) { 3760 data = &ring->data[ring->read]; 3761 3762 /* Unmap and free mbuf. */ 3763 bus_dmamap_sync(ring->data_dmat, data->map, 3764 BUS_DMASYNC_POSTWRITE); 3765 bus_dmamap_unload(ring->data_dmat, data->map); 3766 m = data->m, data->m = NULL; 3767 ni = data->ni, data->ni = NULL; 3768 3769 KASSERT(ni != NULL, ("no node")); 3770 KASSERT(m != NULL, ("no mbuf")); 3771 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: freeing m=%p\n", __func__, m); 3772 ieee80211_tx_complete(ni, m, 1); 3773 3774 ring->queued--; 3775 ring->read = (ring->read + 1) % IWN_TX_RING_COUNT; 3776 } 3777 3778 if (ring->queued == 0 && res != NULL) { 3779 iwn_nic_lock(sc); 3780 ops->ampdu_tx_stop(sc, qid, tid, ssn); 3781 iwn_nic_unlock(sc); 3782 sc->qid2tap[qid] = NULL; 3783 free(res, M_DEVBUF); 3784 return; 3785 } 3786 3787 sc->sc_tx_timer = 0; 3788 if (ring->queued < IWN_TX_RING_LOMARK) 3789 sc->qfullmsk &= ~(1 << ring->qid); 3790 3791 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3792 } 3793 3794 /* 3795 * Process an INT_FH_RX or INT_SW_RX interrupt. 3796 */ 3797 static void 3798 iwn_notif_intr(struct iwn_softc *sc) 3799 { 3800 struct iwn_ops *ops = &sc->ops; 3801 struct ieee80211com *ic = &sc->sc_ic; 3802 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3803 uint16_t hw; 3804 int is_stopped; 3805 3806 bus_dmamap_sync(sc->rxq.stat_dma.tag, sc->rxq.stat_dma.map, 3807 BUS_DMASYNC_POSTREAD); 3808 3809 hw = le16toh(sc->rxq.stat->closed_count) & 0xfff; 3810 while (sc->rxq.cur != hw) { 3811 struct iwn_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 3812 struct iwn_rx_desc *desc; 3813 3814 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 3815 BUS_DMASYNC_POSTREAD); 3816 desc = mtod(data->m, struct iwn_rx_desc *); 3817 3818 DPRINTF(sc, IWN_DEBUG_RECV, 3819 "%s: cur=%d; qid %x idx %d flags %x type %d(%s) len %d\n", 3820 __func__, sc->rxq.cur, desc->qid & 0xf, desc->idx, desc->flags, 3821 desc->type, iwn_intr_str(desc->type), 3822 le16toh(desc->len)); 3823 3824 if (!(desc->qid & IWN_UNSOLICITED_RX_NOTIF)) /* Reply to a command. */ 3825 iwn_cmd_done(sc, desc); 3826 3827 switch (desc->type) { 3828 case IWN_RX_PHY: 3829 iwn_rx_phy(sc, desc, data); 3830 break; 3831 3832 case IWN_RX_DONE: /* 4965AGN only. */ 3833 case IWN_MPDU_RX_DONE: 3834 /* An 802.11 frame has been received. */ 3835 iwn_rx_done(sc, desc, data); 3836 3837 is_stopped = (sc->sc_flags & IWN_FLAG_RUNNING) == 0; 3838 if (__predict_false(is_stopped)) 3839 return; 3840 3841 break; 3842 3843 case IWN_RX_COMPRESSED_BA: 3844 /* A Compressed BlockAck has been received. */ 3845 iwn_rx_compressed_ba(sc, desc, data); 3846 break; 3847 3848 case IWN_TX_DONE: 3849 /* An 802.11 frame has been transmitted. */ 3850 ops->tx_done(sc, desc, data); 3851 break; 3852 3853 case IWN_RX_STATISTICS: 3854 case IWN_BEACON_STATISTICS: 3855 iwn_rx_statistics(sc, desc, data); 3856 break; 3857 3858 case IWN_BEACON_MISSED: 3859 { 3860 struct iwn_beacon_missed *miss = 3861 (struct iwn_beacon_missed *)(desc + 1); 3862 int misses; 3863 3864 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 3865 BUS_DMASYNC_POSTREAD); 3866 misses = le32toh(miss->consecutive); 3867 3868 DPRINTF(sc, IWN_DEBUG_STATE, 3869 "%s: beacons missed %d/%d\n", __func__, 3870 misses, le32toh(miss->total)); 3871 /* 3872 * If more than 5 consecutive beacons are missed, 3873 * reinitialize the sensitivity state machine. 3874 */ 3875 if (vap->iv_state == IEEE80211_S_RUN && 3876 (ic->ic_flags & IEEE80211_F_SCAN) == 0) { 3877 if (misses > 5) 3878 (void)iwn_init_sensitivity(sc); 3879 if (misses >= vap->iv_bmissthreshold) { 3880 IWN_UNLOCK(sc); 3881 ieee80211_beacon_miss(ic); 3882 IWN_LOCK(sc); 3883 3884 is_stopped = (sc->sc_flags & 3885 IWN_FLAG_RUNNING) == 0; 3886 if (__predict_false(is_stopped)) 3887 return; 3888 } 3889 } 3890 break; 3891 } 3892 case IWN_UC_READY: 3893 { 3894 struct iwn_ucode_info *uc = 3895 (struct iwn_ucode_info *)(desc + 1); 3896 3897 /* The microcontroller is ready. */ 3898 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 3899 BUS_DMASYNC_POSTREAD); 3900 DPRINTF(sc, IWN_DEBUG_RESET, 3901 "microcode alive notification version=%d.%d " 3902 "subtype=%x alive=%x\n", uc->major, uc->minor, 3903 uc->subtype, le32toh(uc->valid)); 3904 3905 if (le32toh(uc->valid) != 1) { 3906 device_printf(sc->sc_dev, 3907 "microcontroller initialization failed"); 3908 break; 3909 } 3910 if (uc->subtype == IWN_UCODE_INIT) { 3911 /* Save microcontroller report. */ 3912 memcpy(&sc->ucode_info, uc, sizeof (*uc)); 3913 } 3914 /* Save the address of the error log in SRAM. */ 3915 sc->errptr = le32toh(uc->errptr); 3916 break; 3917 } 3918 case IWN_STATE_CHANGED: 3919 { 3920 /* 3921 * State change allows hardware switch change to be 3922 * noted. However, we handle this in iwn_intr as we 3923 * get both the enable/disble intr. 3924 */ 3925 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 3926 BUS_DMASYNC_POSTREAD); 3927 #ifdef IWN_DEBUG 3928 uint32_t *status = (uint32_t *)(desc + 1); 3929 DPRINTF(sc, IWN_DEBUG_INTR | IWN_DEBUG_STATE, 3930 "state changed to %x\n", 3931 le32toh(*status)); 3932 #endif 3933 break; 3934 } 3935 case IWN_START_SCAN: 3936 { 3937 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 3938 BUS_DMASYNC_POSTREAD); 3939 #ifdef IWN_DEBUG 3940 struct iwn_start_scan *scan = 3941 (struct iwn_start_scan *)(desc + 1); 3942 DPRINTF(sc, IWN_DEBUG_ANY, 3943 "%s: scanning channel %d status %x\n", 3944 __func__, scan->chan, le32toh(scan->status)); 3945 #endif 3946 break; 3947 } 3948 case IWN_STOP_SCAN: 3949 { 3950 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 3951 BUS_DMASYNC_POSTREAD); 3952 #ifdef IWN_DEBUG 3953 struct iwn_stop_scan *scan = 3954 (struct iwn_stop_scan *)(desc + 1); 3955 DPRINTF(sc, IWN_DEBUG_STATE | IWN_DEBUG_SCAN, 3956 "scan finished nchan=%d status=%d chan=%d\n", 3957 scan->nchan, scan->status, scan->chan); 3958 #endif 3959 sc->sc_is_scanning = 0; 3960 callout_stop(&sc->scan_timeout); 3961 IWN_UNLOCK(sc); 3962 ieee80211_scan_next(vap); 3963 IWN_LOCK(sc); 3964 3965 is_stopped = (sc->sc_flags & IWN_FLAG_RUNNING) == 0; 3966 if (__predict_false(is_stopped)) 3967 return; 3968 3969 break; 3970 } 3971 case IWN5000_CALIBRATION_RESULT: 3972 iwn5000_rx_calib_results(sc, desc, data); 3973 break; 3974 3975 case IWN5000_CALIBRATION_DONE: 3976 sc->sc_flags |= IWN_FLAG_CALIB_DONE; 3977 wakeup(sc); 3978 break; 3979 } 3980 3981 sc->rxq.cur = (sc->rxq.cur + 1) % IWN_RX_RING_COUNT; 3982 } 3983 3984 /* Tell the firmware what we have processed. */ 3985 hw = (hw == 0) ? IWN_RX_RING_COUNT - 1 : hw - 1; 3986 IWN_WRITE(sc, IWN_FH_RX_WPTR, hw & ~7); 3987 } 3988 3989 /* 3990 * Process an INT_WAKEUP interrupt raised when the microcontroller wakes up 3991 * from power-down sleep mode. 3992 */ 3993 static void 3994 iwn_wakeup_intr(struct iwn_softc *sc) 3995 { 3996 int qid; 3997 3998 DPRINTF(sc, IWN_DEBUG_RESET, "%s: ucode wakeup from power-down sleep\n", 3999 __func__); 4000 4001 /* Wakeup RX and TX rings. */ 4002 IWN_WRITE(sc, IWN_FH_RX_WPTR, sc->rxq.cur & ~7); 4003 for (qid = 0; qid < sc->ntxqs; qid++) { 4004 struct iwn_tx_ring *ring = &sc->txq[qid]; 4005 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | ring->cur); 4006 } 4007 } 4008 4009 static void 4010 iwn_rftoggle_intr(struct iwn_softc *sc) 4011 { 4012 struct ieee80211com *ic = &sc->sc_ic; 4013 uint32_t tmp = IWN_READ(sc, IWN_GP_CNTRL); 4014 4015 IWN_LOCK_ASSERT(sc); 4016 4017 device_printf(sc->sc_dev, "RF switch: radio %s\n", 4018 (tmp & IWN_GP_CNTRL_RFKILL) ? "enabled" : "disabled"); 4019 if (tmp & IWN_GP_CNTRL_RFKILL) 4020 ieee80211_runtask(ic, &sc->sc_radioon_task); 4021 else 4022 ieee80211_runtask(ic, &sc->sc_radiooff_task); 4023 } 4024 4025 /* 4026 * Dump the error log of the firmware when a firmware panic occurs. Although 4027 * we can't debug the firmware because it is neither open source nor free, it 4028 * can help us to identify certain classes of problems. 4029 */ 4030 static void 4031 iwn_fatal_intr(struct iwn_softc *sc) 4032 { 4033 struct iwn_fw_dump dump; 4034 int i; 4035 4036 IWN_LOCK_ASSERT(sc); 4037 4038 /* Force a complete recalibration on next init. */ 4039 sc->sc_flags &= ~IWN_FLAG_CALIB_DONE; 4040 4041 /* Check that the error log address is valid. */ 4042 if (sc->errptr < IWN_FW_DATA_BASE || 4043 sc->errptr + sizeof (dump) > 4044 IWN_FW_DATA_BASE + sc->fw_data_maxsz) { 4045 printf("%s: bad firmware error log address 0x%08x\n", __func__, 4046 sc->errptr); 4047 return; 4048 } 4049 if (iwn_nic_lock(sc) != 0) { 4050 printf("%s: could not read firmware error log\n", __func__); 4051 return; 4052 } 4053 /* Read firmware error log from SRAM. */ 4054 iwn_mem_read_region_4(sc, sc->errptr, (uint32_t *)&dump, 4055 sizeof (dump) / sizeof (uint32_t)); 4056 iwn_nic_unlock(sc); 4057 4058 if (dump.valid == 0) { 4059 printf("%s: firmware error log is empty\n", __func__); 4060 return; 4061 } 4062 printf("firmware error log:\n"); 4063 printf(" error type = \"%s\" (0x%08X)\n", 4064 (dump.id < nitems(iwn_fw_errmsg)) ? 4065 iwn_fw_errmsg[dump.id] : "UNKNOWN", 4066 dump.id); 4067 printf(" program counter = 0x%08X\n", dump.pc); 4068 printf(" source line = 0x%08X\n", dump.src_line); 4069 printf(" error data = 0x%08X%08X\n", 4070 dump.error_data[0], dump.error_data[1]); 4071 printf(" branch link = 0x%08X%08X\n", 4072 dump.branch_link[0], dump.branch_link[1]); 4073 printf(" interrupt link = 0x%08X%08X\n", 4074 dump.interrupt_link[0], dump.interrupt_link[1]); 4075 printf(" time = %u\n", dump.time[0]); 4076 4077 /* Dump driver status (TX and RX rings) while we're here. */ 4078 printf("driver status:\n"); 4079 for (i = 0; i < sc->ntxqs; i++) { 4080 struct iwn_tx_ring *ring = &sc->txq[i]; 4081 printf(" tx ring %2d: qid=%-2d cur=%-3d queued=%-3d\n", 4082 i, ring->qid, ring->cur, ring->queued); 4083 } 4084 printf(" rx ring: cur=%d\n", sc->rxq.cur); 4085 } 4086 4087 static void 4088 iwn_intr(void *arg) 4089 { 4090 struct iwn_softc *sc = arg; 4091 uint32_t r1, r2, tmp; 4092 4093 IWN_LOCK(sc); 4094 4095 /* Disable interrupts. */ 4096 IWN_WRITE(sc, IWN_INT_MASK, 0); 4097 4098 /* Read interrupts from ICT (fast) or from registers (slow). */ 4099 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 4100 bus_dmamap_sync(sc->ict_dma.tag, sc->ict_dma.map, 4101 BUS_DMASYNC_POSTREAD); 4102 tmp = 0; 4103 while (sc->ict[sc->ict_cur] != 0) { 4104 tmp |= sc->ict[sc->ict_cur]; 4105 sc->ict[sc->ict_cur] = 0; /* Acknowledge. */ 4106 sc->ict_cur = (sc->ict_cur + 1) % IWN_ICT_COUNT; 4107 } 4108 tmp = le32toh(tmp); 4109 if (tmp == 0xffffffff) /* Shouldn't happen. */ 4110 tmp = 0; 4111 else if (tmp & 0xc0000) /* Workaround a HW bug. */ 4112 tmp |= 0x8000; 4113 r1 = (tmp & 0xff00) << 16 | (tmp & 0xff); 4114 r2 = 0; /* Unused. */ 4115 } else { 4116 r1 = IWN_READ(sc, IWN_INT); 4117 if (r1 == 0xffffffff || (r1 & 0xfffffff0) == 0xa5a5a5a0) { 4118 IWN_UNLOCK(sc); 4119 return; /* Hardware gone! */ 4120 } 4121 r2 = IWN_READ(sc, IWN_FH_INT); 4122 } 4123 4124 DPRINTF(sc, IWN_DEBUG_INTR, "interrupt reg1=0x%08x reg2=0x%08x\n" 4125 , r1, r2); 4126 4127 if (r1 == 0 && r2 == 0) 4128 goto done; /* Interrupt not for us. */ 4129 4130 /* Acknowledge interrupts. */ 4131 IWN_WRITE(sc, IWN_INT, r1); 4132 if (!(sc->sc_flags & IWN_FLAG_USE_ICT)) 4133 IWN_WRITE(sc, IWN_FH_INT, r2); 4134 4135 if (r1 & IWN_INT_RF_TOGGLED) { 4136 iwn_rftoggle_intr(sc); 4137 goto done; 4138 } 4139 if (r1 & IWN_INT_CT_REACHED) { 4140 device_printf(sc->sc_dev, "%s: critical temperature reached!\n", 4141 __func__); 4142 } 4143 if (r1 & (IWN_INT_SW_ERR | IWN_INT_HW_ERR)) { 4144 device_printf(sc->sc_dev, "%s: fatal firmware error\n", 4145 __func__); 4146 #ifdef IWN_DEBUG 4147 iwn_debug_register(sc); 4148 #endif 4149 /* Dump firmware error log and stop. */ 4150 iwn_fatal_intr(sc); 4151 4152 taskqueue_enqueue(sc->sc_tq, &sc->sc_panic_task); 4153 goto done; 4154 } 4155 if ((r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX | IWN_INT_RX_PERIODIC)) || 4156 (r2 & IWN_FH_INT_RX)) { 4157 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 4158 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) 4159 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_RX); 4160 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 4161 IWN_INT_PERIODIC_DIS); 4162 iwn_notif_intr(sc); 4163 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) { 4164 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 4165 IWN_INT_PERIODIC_ENA); 4166 } 4167 } else 4168 iwn_notif_intr(sc); 4169 } 4170 4171 if ((r1 & IWN_INT_FH_TX) || (r2 & IWN_FH_INT_TX)) { 4172 if (sc->sc_flags & IWN_FLAG_USE_ICT) 4173 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_TX); 4174 wakeup(sc); /* FH DMA transfer completed. */ 4175 } 4176 4177 if (r1 & IWN_INT_ALIVE) 4178 wakeup(sc); /* Firmware is alive. */ 4179 4180 if (r1 & IWN_INT_WAKEUP) 4181 iwn_wakeup_intr(sc); 4182 4183 done: 4184 /* Re-enable interrupts. */ 4185 if (sc->sc_flags & IWN_FLAG_RUNNING) 4186 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 4187 4188 IWN_UNLOCK(sc); 4189 } 4190 4191 /* 4192 * Update TX scheduler ring when transmitting an 802.11 frame (4965AGN and 4193 * 5000 adapters use a slightly different format). 4194 */ 4195 static void 4196 iwn4965_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 4197 uint16_t len) 4198 { 4199 uint16_t *w = &sc->sched[qid * IWN4965_SCHED_COUNT + idx]; 4200 4201 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 4202 4203 *w = htole16(len + 8); 4204 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4205 BUS_DMASYNC_PREWRITE); 4206 if (idx < IWN_SCHED_WINSZ) { 4207 *(w + IWN_TX_RING_COUNT) = *w; 4208 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4209 BUS_DMASYNC_PREWRITE); 4210 } 4211 } 4212 4213 static void 4214 iwn5000_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 4215 uint16_t len) 4216 { 4217 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 4218 4219 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 4220 4221 *w = htole16(id << 12 | (len + 8)); 4222 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4223 BUS_DMASYNC_PREWRITE); 4224 if (idx < IWN_SCHED_WINSZ) { 4225 *(w + IWN_TX_RING_COUNT) = *w; 4226 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4227 BUS_DMASYNC_PREWRITE); 4228 } 4229 } 4230 4231 #ifdef notyet 4232 static void 4233 iwn5000_reset_sched(struct iwn_softc *sc, int qid, int idx) 4234 { 4235 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 4236 4237 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 4238 4239 *w = (*w & htole16(0xf000)) | htole16(1); 4240 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4241 BUS_DMASYNC_PREWRITE); 4242 if (idx < IWN_SCHED_WINSZ) { 4243 *(w + IWN_TX_RING_COUNT) = *w; 4244 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4245 BUS_DMASYNC_PREWRITE); 4246 } 4247 } 4248 #endif 4249 4250 /* 4251 * Check whether OFDM 11g protection will be enabled for the given rate. 4252 * 4253 * The original driver code only enabled protection for OFDM rates. 4254 * It didn't check to see whether it was operating in 11a or 11bg mode. 4255 */ 4256 static int 4257 iwn_check_rate_needs_protection(struct iwn_softc *sc, 4258 struct ieee80211vap *vap, uint8_t rate) 4259 { 4260 struct ieee80211com *ic = vap->iv_ic; 4261 4262 /* 4263 * Not in 2GHz mode? Then there's no need to enable OFDM 4264 * 11bg protection. 4265 */ 4266 if (! IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) { 4267 return (0); 4268 } 4269 4270 /* 4271 * 11bg protection not enabled? Then don't use it. 4272 */ 4273 if ((ic->ic_flags & IEEE80211_F_USEPROT) == 0) 4274 return (0); 4275 4276 /* 4277 * If it's an 11n rate - no protection. 4278 * We'll do it via a specific 11n check. 4279 */ 4280 if (rate & IEEE80211_RATE_MCS) { 4281 return (0); 4282 } 4283 4284 /* 4285 * Do a rate table lookup. If the PHY is CCK, 4286 * don't do protection. 4287 */ 4288 if (ieee80211_rate2phytype(ic->ic_rt, rate) == IEEE80211_T_CCK) 4289 return (0); 4290 4291 /* 4292 * Yup, enable protection. 4293 */ 4294 return (1); 4295 } 4296 4297 /* 4298 * return a value between 0 and IWN_MAX_TX_RETRIES-1 as an index into 4299 * the link quality table that reflects this particular entry. 4300 */ 4301 static int 4302 iwn_tx_rate_to_linkq_offset(struct iwn_softc *sc, struct ieee80211_node *ni, 4303 uint8_t rate) 4304 { 4305 struct ieee80211_rateset *rs; 4306 int is_11n; 4307 int nr; 4308 int i; 4309 uint8_t cmp_rate; 4310 4311 /* 4312 * Figure out if we're using 11n or not here. 4313 */ 4314 if (IEEE80211_IS_CHAN_HT(ni->ni_chan) && ni->ni_htrates.rs_nrates > 0) 4315 is_11n = 1; 4316 else 4317 is_11n = 0; 4318 4319 /* 4320 * Use the correct rate table. 4321 */ 4322 if (is_11n) { 4323 rs = (struct ieee80211_rateset *) &ni->ni_htrates; 4324 nr = ni->ni_htrates.rs_nrates; 4325 } else { 4326 rs = &ni->ni_rates; 4327 nr = rs->rs_nrates; 4328 } 4329 4330 /* 4331 * Find the relevant link quality entry in the table. 4332 */ 4333 for (i = 0; i < nr && i < IWN_MAX_TX_RETRIES - 1 ; i++) { 4334 /* 4335 * The link quality table index starts at 0 == highest 4336 * rate, so we walk the rate table backwards. 4337 */ 4338 cmp_rate = rs->rs_rates[(nr - 1) - i]; 4339 if (rate & IEEE80211_RATE_MCS) 4340 cmp_rate |= IEEE80211_RATE_MCS; 4341 4342 #if 0 4343 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: idx %d: nr=%d, rate=0x%02x, rateentry=0x%02x\n", 4344 __func__, 4345 i, 4346 nr, 4347 rate, 4348 cmp_rate); 4349 #endif 4350 4351 if (cmp_rate == rate) 4352 return (i); 4353 } 4354 4355 /* Failed? Start at the end */ 4356 return (IWN_MAX_TX_RETRIES - 1); 4357 } 4358 4359 static int 4360 iwn_tx_data(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 4361 { 4362 struct iwn_ops *ops = &sc->ops; 4363 const struct ieee80211_txparam *tp; 4364 struct ieee80211vap *vap = ni->ni_vap; 4365 struct ieee80211com *ic = ni->ni_ic; 4366 struct iwn_node *wn = (void *)ni; 4367 struct iwn_tx_ring *ring; 4368 struct iwn_tx_desc *desc; 4369 struct iwn_tx_data *data; 4370 struct iwn_tx_cmd *cmd; 4371 struct iwn_cmd_data *tx; 4372 struct ieee80211_frame *wh; 4373 struct ieee80211_key *k = NULL; 4374 struct mbuf *m1; 4375 uint32_t flags; 4376 uint16_t qos; 4377 u_int hdrlen; 4378 bus_dma_segment_t *seg, segs[IWN_MAX_SCATTER]; 4379 uint8_t tid, type; 4380 int ac, i, totlen, error, pad, nsegs = 0, rate; 4381 4382 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 4383 4384 IWN_LOCK_ASSERT(sc); 4385 4386 wh = mtod(m, struct ieee80211_frame *); 4387 hdrlen = ieee80211_anyhdrsize(wh); 4388 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 4389 4390 /* Select EDCA Access Category and TX ring for this frame. */ 4391 if (IEEE80211_QOS_HAS_SEQ(wh)) { 4392 qos = ((const struct ieee80211_qosframe *)wh)->i_qos[0]; 4393 tid = qos & IEEE80211_QOS_TID; 4394 } else { 4395 qos = 0; 4396 tid = 0; 4397 } 4398 ac = M_WME_GETAC(m); 4399 if (m->m_flags & M_AMPDU_MPDU) { 4400 uint16_t seqno; 4401 struct ieee80211_tx_ampdu *tap = &ni->ni_tx_ampdu[ac]; 4402 4403 if (!IEEE80211_AMPDU_RUNNING(tap)) { 4404 return EINVAL; 4405 } 4406 4407 /* 4408 * Queue this frame to the hardware ring that we've 4409 * negotiated AMPDU TX on. 4410 * 4411 * Note that the sequence number must match the TX slot 4412 * being used! 4413 */ 4414 ac = *(int *)tap->txa_private; 4415 seqno = ni->ni_txseqs[tid]; 4416 *(uint16_t *)wh->i_seq = 4417 htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT); 4418 ring = &sc->txq[ac]; 4419 if ((seqno % 256) != ring->cur) { 4420 device_printf(sc->sc_dev, 4421 "%s: m=%p: seqno (%d) (%d) != ring index (%d) !\n", 4422 __func__, 4423 m, 4424 seqno, 4425 seqno % 256, 4426 ring->cur); 4427 } 4428 ni->ni_txseqs[tid]++; 4429 } 4430 ring = &sc->txq[ac]; 4431 desc = &ring->desc[ring->cur]; 4432 data = &ring->data[ring->cur]; 4433 4434 /* Choose a TX rate index. */ 4435 tp = &vap->iv_txparms[ieee80211_chan2mode(ni->ni_chan)]; 4436 if (type == IEEE80211_FC0_TYPE_MGT) 4437 rate = tp->mgmtrate; 4438 else if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 4439 rate = tp->mcastrate; 4440 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 4441 rate = tp->ucastrate; 4442 else if (m->m_flags & M_EAPOL) 4443 rate = tp->mgmtrate; 4444 else { 4445 /* XXX pass pktlen */ 4446 (void) ieee80211_ratectl_rate(ni, NULL, 0); 4447 rate = ni->ni_txrate; 4448 } 4449 4450 /* Encrypt the frame if need be. */ 4451 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 4452 /* Retrieve key for TX. */ 4453 k = ieee80211_crypto_encap(ni, m); 4454 if (k == NULL) { 4455 return ENOBUFS; 4456 } 4457 /* 802.11 header may have moved. */ 4458 wh = mtod(m, struct ieee80211_frame *); 4459 } 4460 totlen = m->m_pkthdr.len; 4461 4462 if (ieee80211_radiotap_active_vap(vap)) { 4463 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 4464 4465 tap->wt_flags = 0; 4466 tap->wt_rate = rate; 4467 if (k != NULL) 4468 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 4469 4470 ieee80211_radiotap_tx(vap, m); 4471 } 4472 4473 /* Prepare TX firmware command. */ 4474 cmd = &ring->cmd[ring->cur]; 4475 cmd->code = IWN_CMD_TX_DATA; 4476 cmd->flags = 0; 4477 cmd->qid = ring->qid; 4478 cmd->idx = ring->cur; 4479 4480 tx = (struct iwn_cmd_data *)cmd->data; 4481 /* NB: No need to clear tx, all fields are reinitialized here. */ 4482 tx->scratch = 0; /* clear "scratch" area */ 4483 4484 flags = 0; 4485 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 4486 /* Unicast frame, check if an ACK is expected. */ 4487 if (!qos || (qos & IEEE80211_QOS_ACKPOLICY) != 4488 IEEE80211_QOS_ACKPOLICY_NOACK) 4489 flags |= IWN_TX_NEED_ACK; 4490 } 4491 if ((wh->i_fc[0] & 4492 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 4493 (IEEE80211_FC0_TYPE_CTL | IEEE80211_FC0_SUBTYPE_BAR)) 4494 flags |= IWN_TX_IMM_BA; /* Cannot happen yet. */ 4495 4496 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) 4497 flags |= IWN_TX_MORE_FRAG; /* Cannot happen yet. */ 4498 4499 /* Check if frame must be protected using RTS/CTS or CTS-to-self. */ 4500 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 4501 /* NB: Group frames are sent using CCK in 802.11b/g. */ 4502 if (totlen + IEEE80211_CRC_LEN > vap->iv_rtsthreshold) { 4503 flags |= IWN_TX_NEED_RTS; 4504 } else if (iwn_check_rate_needs_protection(sc, vap, rate)) { 4505 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 4506 flags |= IWN_TX_NEED_CTS; 4507 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 4508 flags |= IWN_TX_NEED_RTS; 4509 } else if ((rate & IEEE80211_RATE_MCS) && 4510 (ic->ic_htprotmode == IEEE80211_PROT_RTSCTS)) { 4511 flags |= IWN_TX_NEED_RTS; 4512 } 4513 4514 /* XXX HT protection? */ 4515 4516 if (flags & (IWN_TX_NEED_RTS | IWN_TX_NEED_CTS)) { 4517 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4518 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 4519 flags &= ~(IWN_TX_NEED_RTS | IWN_TX_NEED_CTS); 4520 flags |= IWN_TX_NEED_PROTECTION; 4521 } else 4522 flags |= IWN_TX_FULL_TXOP; 4523 } 4524 } 4525 4526 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 4527 type != IEEE80211_FC0_TYPE_DATA) 4528 tx->id = sc->broadcast_id; 4529 else 4530 tx->id = wn->id; 4531 4532 if (type == IEEE80211_FC0_TYPE_MGT) { 4533 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 4534 4535 /* Tell HW to set timestamp in probe responses. */ 4536 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 4537 flags |= IWN_TX_INSERT_TSTAMP; 4538 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 4539 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 4540 tx->timeout = htole16(3); 4541 else 4542 tx->timeout = htole16(2); 4543 } else 4544 tx->timeout = htole16(0); 4545 4546 if (hdrlen & 3) { 4547 /* First segment length must be a multiple of 4. */ 4548 flags |= IWN_TX_NEED_PADDING; 4549 pad = 4 - (hdrlen & 3); 4550 } else 4551 pad = 0; 4552 4553 tx->len = htole16(totlen); 4554 tx->tid = tid; 4555 tx->rts_ntries = 60; 4556 tx->data_ntries = 15; 4557 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 4558 tx->rate = iwn_rate_to_plcp(sc, ni, rate); 4559 if (tx->id == sc->broadcast_id) { 4560 /* Group or management frame. */ 4561 tx->linkq = 0; 4562 } else { 4563 tx->linkq = iwn_tx_rate_to_linkq_offset(sc, ni, rate); 4564 flags |= IWN_TX_LINKQ; /* enable MRR */ 4565 } 4566 4567 /* Set physical address of "scratch area". */ 4568 tx->loaddr = htole32(IWN_LOADDR(data->scratch_paddr)); 4569 tx->hiaddr = IWN_HIADDR(data->scratch_paddr); 4570 4571 /* Copy 802.11 header in TX command. */ 4572 memcpy((uint8_t *)(tx + 1), wh, hdrlen); 4573 4574 /* Trim 802.11 header. */ 4575 m_adj(m, hdrlen); 4576 tx->security = 0; 4577 tx->flags = htole32(flags); 4578 4579 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, m, segs, 4580 &nsegs, BUS_DMA_NOWAIT); 4581 if (error != 0) { 4582 if (error != EFBIG) { 4583 device_printf(sc->sc_dev, 4584 "%s: can't map mbuf (error %d)\n", __func__, error); 4585 return error; 4586 } 4587 /* Too many DMA segments, linearize mbuf. */ 4588 m1 = m_collapse(m, M_NOWAIT, IWN_MAX_SCATTER - 1); 4589 if (m1 == NULL) { 4590 device_printf(sc->sc_dev, 4591 "%s: could not defrag mbuf\n", __func__); 4592 return ENOBUFS; 4593 } 4594 m = m1; 4595 4596 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, m, 4597 segs, &nsegs, BUS_DMA_NOWAIT); 4598 if (error != 0) { 4599 device_printf(sc->sc_dev, 4600 "%s: can't map mbuf (error %d)\n", __func__, error); 4601 return error; 4602 } 4603 } 4604 4605 data->m = m; 4606 data->ni = ni; 4607 4608 DPRINTF(sc, IWN_DEBUG_XMIT, 4609 "%s: qid %d idx %d len %d nsegs %d flags 0x%08x rate 0x%04x plcp 0x%08x\n", 4610 __func__, 4611 ring->qid, 4612 ring->cur, 4613 m->m_pkthdr.len, 4614 nsegs, 4615 flags, 4616 rate, 4617 tx->rate); 4618 4619 /* Fill TX descriptor. */ 4620 desc->nsegs = 1; 4621 if (m->m_len != 0) 4622 desc->nsegs += nsegs; 4623 /* First DMA segment is used by the TX command. */ 4624 desc->segs[0].addr = htole32(IWN_LOADDR(data->cmd_paddr)); 4625 desc->segs[0].len = htole16(IWN_HIADDR(data->cmd_paddr) | 4626 (4 + sizeof (*tx) + hdrlen + pad) << 4); 4627 /* Other DMA segments are for data payload. */ 4628 seg = &segs[0]; 4629 for (i = 1; i <= nsegs; i++) { 4630 desc->segs[i].addr = htole32(IWN_LOADDR(seg->ds_addr)); 4631 desc->segs[i].len = htole16(IWN_HIADDR(seg->ds_addr) | 4632 seg->ds_len << 4); 4633 seg++; 4634 } 4635 4636 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 4637 bus_dmamap_sync(ring->cmd_dma.tag, ring->cmd_dma.map, 4638 BUS_DMASYNC_PREWRITE); 4639 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 4640 BUS_DMASYNC_PREWRITE); 4641 4642 /* Update TX scheduler. */ 4643 if (ring->qid >= sc->firstaggqueue) 4644 ops->update_sched(sc, ring->qid, ring->cur, tx->id, totlen); 4645 4646 /* Kick TX ring. */ 4647 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 4648 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 4649 4650 /* Mark TX ring as full if we reach a certain threshold. */ 4651 if (++ring->queued > IWN_TX_RING_HIMARK) 4652 sc->qfullmsk |= 1 << ring->qid; 4653 4654 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 4655 4656 return 0; 4657 } 4658 4659 static int 4660 iwn_tx_data_raw(struct iwn_softc *sc, struct mbuf *m, 4661 struct ieee80211_node *ni, const struct ieee80211_bpf_params *params) 4662 { 4663 struct iwn_ops *ops = &sc->ops; 4664 struct ieee80211vap *vap = ni->ni_vap; 4665 struct iwn_tx_cmd *cmd; 4666 struct iwn_cmd_data *tx; 4667 struct ieee80211_frame *wh; 4668 struct iwn_tx_ring *ring; 4669 struct iwn_tx_desc *desc; 4670 struct iwn_tx_data *data; 4671 struct mbuf *m1; 4672 bus_dma_segment_t *seg, segs[IWN_MAX_SCATTER]; 4673 uint32_t flags; 4674 u_int hdrlen; 4675 int ac, totlen, error, pad, nsegs = 0, i, rate; 4676 uint8_t type; 4677 4678 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 4679 4680 IWN_LOCK_ASSERT(sc); 4681 4682 wh = mtod(m, struct ieee80211_frame *); 4683 hdrlen = ieee80211_anyhdrsize(wh); 4684 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 4685 4686 ac = params->ibp_pri & 3; 4687 4688 ring = &sc->txq[ac]; 4689 desc = &ring->desc[ring->cur]; 4690 data = &ring->data[ring->cur]; 4691 4692 /* Choose a TX rate. */ 4693 rate = params->ibp_rate0; 4694 totlen = m->m_pkthdr.len; 4695 4696 /* Prepare TX firmware command. */ 4697 cmd = &ring->cmd[ring->cur]; 4698 cmd->code = IWN_CMD_TX_DATA; 4699 cmd->flags = 0; 4700 cmd->qid = ring->qid; 4701 cmd->idx = ring->cur; 4702 4703 tx = (struct iwn_cmd_data *)cmd->data; 4704 /* NB: No need to clear tx, all fields are reinitialized here. */ 4705 tx->scratch = 0; /* clear "scratch" area */ 4706 4707 flags = 0; 4708 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 4709 flags |= IWN_TX_NEED_ACK; 4710 if (params->ibp_flags & IEEE80211_BPF_RTS) { 4711 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4712 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 4713 flags &= ~IWN_TX_NEED_RTS; 4714 flags |= IWN_TX_NEED_PROTECTION; 4715 } else 4716 flags |= IWN_TX_NEED_RTS | IWN_TX_FULL_TXOP; 4717 } 4718 if (params->ibp_flags & IEEE80211_BPF_CTS) { 4719 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4720 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 4721 flags &= ~IWN_TX_NEED_CTS; 4722 flags |= IWN_TX_NEED_PROTECTION; 4723 } else 4724 flags |= IWN_TX_NEED_CTS | IWN_TX_FULL_TXOP; 4725 } 4726 if (type == IEEE80211_FC0_TYPE_MGT) { 4727 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 4728 4729 /* Tell HW to set timestamp in probe responses. */ 4730 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 4731 flags |= IWN_TX_INSERT_TSTAMP; 4732 4733 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 4734 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 4735 tx->timeout = htole16(3); 4736 else 4737 tx->timeout = htole16(2); 4738 } else 4739 tx->timeout = htole16(0); 4740 4741 if (hdrlen & 3) { 4742 /* First segment length must be a multiple of 4. */ 4743 flags |= IWN_TX_NEED_PADDING; 4744 pad = 4 - (hdrlen & 3); 4745 } else 4746 pad = 0; 4747 4748 if (ieee80211_radiotap_active_vap(vap)) { 4749 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 4750 4751 tap->wt_flags = 0; 4752 tap->wt_rate = rate; 4753 4754 ieee80211_radiotap_tx(vap, m); 4755 } 4756 4757 tx->len = htole16(totlen); 4758 tx->tid = 0; 4759 tx->id = sc->broadcast_id; 4760 tx->rts_ntries = params->ibp_try1; 4761 tx->data_ntries = params->ibp_try0; 4762 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 4763 tx->rate = iwn_rate_to_plcp(sc, ni, rate); 4764 4765 /* Group or management frame. */ 4766 tx->linkq = 0; 4767 4768 /* Set physical address of "scratch area". */ 4769 tx->loaddr = htole32(IWN_LOADDR(data->scratch_paddr)); 4770 tx->hiaddr = IWN_HIADDR(data->scratch_paddr); 4771 4772 /* Copy 802.11 header in TX command. */ 4773 memcpy((uint8_t *)(tx + 1), wh, hdrlen); 4774 4775 /* Trim 802.11 header. */ 4776 m_adj(m, hdrlen); 4777 tx->security = 0; 4778 tx->flags = htole32(flags); 4779 4780 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, m, segs, 4781 &nsegs, BUS_DMA_NOWAIT); 4782 if (error != 0) { 4783 if (error != EFBIG) { 4784 device_printf(sc->sc_dev, 4785 "%s: can't map mbuf (error %d)\n", __func__, error); 4786 return error; 4787 } 4788 /* Too many DMA segments, linearize mbuf. */ 4789 m1 = m_collapse(m, M_NOWAIT, IWN_MAX_SCATTER - 1); 4790 if (m1 == NULL) { 4791 device_printf(sc->sc_dev, 4792 "%s: could not defrag mbuf\n", __func__); 4793 return ENOBUFS; 4794 } 4795 m = m1; 4796 4797 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, m, 4798 segs, &nsegs, BUS_DMA_NOWAIT); 4799 if (error != 0) { 4800 device_printf(sc->sc_dev, 4801 "%s: can't map mbuf (error %d)\n", __func__, error); 4802 return error; 4803 } 4804 } 4805 4806 data->m = m; 4807 data->ni = ni; 4808 4809 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: qid %d idx %d len %d nsegs %d\n", 4810 __func__, ring->qid, ring->cur, m->m_pkthdr.len, nsegs); 4811 4812 /* Fill TX descriptor. */ 4813 desc->nsegs = 1; 4814 if (m->m_len != 0) 4815 desc->nsegs += nsegs; 4816 /* First DMA segment is used by the TX command. */ 4817 desc->segs[0].addr = htole32(IWN_LOADDR(data->cmd_paddr)); 4818 desc->segs[0].len = htole16(IWN_HIADDR(data->cmd_paddr) | 4819 (4 + sizeof (*tx) + hdrlen + pad) << 4); 4820 /* Other DMA segments are for data payload. */ 4821 seg = &segs[0]; 4822 for (i = 1; i <= nsegs; i++) { 4823 desc->segs[i].addr = htole32(IWN_LOADDR(seg->ds_addr)); 4824 desc->segs[i].len = htole16(IWN_HIADDR(seg->ds_addr) | 4825 seg->ds_len << 4); 4826 seg++; 4827 } 4828 4829 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 4830 bus_dmamap_sync(ring->cmd_dma.tag, ring->cmd_dma.map, 4831 BUS_DMASYNC_PREWRITE); 4832 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 4833 BUS_DMASYNC_PREWRITE); 4834 4835 /* Update TX scheduler. */ 4836 if (ring->qid >= sc->firstaggqueue) 4837 ops->update_sched(sc, ring->qid, ring->cur, tx->id, totlen); 4838 4839 /* Kick TX ring. */ 4840 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 4841 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 4842 4843 /* Mark TX ring as full if we reach a certain threshold. */ 4844 if (++ring->queued > IWN_TX_RING_HIMARK) 4845 sc->qfullmsk |= 1 << ring->qid; 4846 4847 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 4848 4849 return 0; 4850 } 4851 4852 static void 4853 iwn_xmit_task(void *arg0, int pending) 4854 { 4855 struct iwn_softc *sc = arg0; 4856 struct ieee80211_node *ni; 4857 struct mbuf *m; 4858 int error; 4859 struct ieee80211_bpf_params p; 4860 int have_p; 4861 4862 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: called\n", __func__); 4863 4864 IWN_LOCK(sc); 4865 /* 4866 * Dequeue frames, attempt to transmit, 4867 * then disable beaconwait when we're done. 4868 */ 4869 while ((m = mbufq_dequeue(&sc->sc_xmit_queue)) != NULL) { 4870 have_p = 0; 4871 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 4872 4873 /* Get xmit params if appropriate */ 4874 if (ieee80211_get_xmit_params(m, &p) == 0) 4875 have_p = 1; 4876 4877 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: m=%p, have_p=%d\n", 4878 __func__, m, have_p); 4879 4880 /* If we have xmit params, use them */ 4881 if (have_p) 4882 error = iwn_tx_data_raw(sc, m, ni, &p); 4883 else 4884 error = iwn_tx_data(sc, m, ni); 4885 4886 if (error != 0) { 4887 if_inc_counter(ni->ni_vap->iv_ifp, 4888 IFCOUNTER_OERRORS, 1); 4889 ieee80211_free_node(ni); 4890 m_freem(m); 4891 } 4892 } 4893 4894 sc->sc_beacon_wait = 0; 4895 IWN_UNLOCK(sc); 4896 } 4897 4898 /* 4899 * raw frame xmit - free node/reference if failed. 4900 */ 4901 static int 4902 iwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 4903 const struct ieee80211_bpf_params *params) 4904 { 4905 struct ieee80211com *ic = ni->ni_ic; 4906 struct iwn_softc *sc = ic->ic_softc; 4907 int error = 0; 4908 4909 DPRINTF(sc, IWN_DEBUG_XMIT | IWN_DEBUG_TRACE, "->%s begin\n", __func__); 4910 4911 IWN_LOCK(sc); 4912 if ((sc->sc_flags & IWN_FLAG_RUNNING) == 0) { 4913 m_freem(m); 4914 IWN_UNLOCK(sc); 4915 return (ENETDOWN); 4916 } 4917 4918 /* queue frame if we have to */ 4919 if (sc->sc_beacon_wait) { 4920 if (iwn_xmit_queue_enqueue(sc, m) != 0) { 4921 m_freem(m); 4922 IWN_UNLOCK(sc); 4923 return (ENOBUFS); 4924 } 4925 /* Queued, so just return OK */ 4926 IWN_UNLOCK(sc); 4927 return (0); 4928 } 4929 4930 if (params == NULL) { 4931 /* 4932 * Legacy path; interpret frame contents to decide 4933 * precisely how to send the frame. 4934 */ 4935 error = iwn_tx_data(sc, m, ni); 4936 } else { 4937 /* 4938 * Caller supplied explicit parameters to use in 4939 * sending the frame. 4940 */ 4941 error = iwn_tx_data_raw(sc, m, ni, params); 4942 } 4943 if (error == 0) 4944 sc->sc_tx_timer = 5; 4945 else 4946 m_freem(m); 4947 4948 IWN_UNLOCK(sc); 4949 4950 DPRINTF(sc, IWN_DEBUG_TRACE | IWN_DEBUG_XMIT, "->%s: end\n",__func__); 4951 4952 return (error); 4953 } 4954 4955 /* 4956 * transmit - don't free mbuf if failed; don't free node ref if failed. 4957 */ 4958 static int 4959 iwn_transmit(struct ieee80211com *ic, struct mbuf *m) 4960 { 4961 struct iwn_softc *sc = ic->ic_softc; 4962 struct ieee80211_node *ni; 4963 int error; 4964 4965 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 4966 4967 IWN_LOCK(sc); 4968 if ((sc->sc_flags & IWN_FLAG_RUNNING) == 0 || sc->sc_beacon_wait) { 4969 IWN_UNLOCK(sc); 4970 return (ENXIO); 4971 } 4972 4973 if (sc->qfullmsk) { 4974 IWN_UNLOCK(sc); 4975 return (ENOBUFS); 4976 } 4977 4978 error = iwn_tx_data(sc, m, ni); 4979 if (!error) 4980 sc->sc_tx_timer = 5; 4981 IWN_UNLOCK(sc); 4982 return (error); 4983 } 4984 4985 static void 4986 iwn_scan_timeout(void *arg) 4987 { 4988 struct iwn_softc *sc = arg; 4989 struct ieee80211com *ic = &sc->sc_ic; 4990 4991 ic_printf(ic, "scan timeout\n"); 4992 ieee80211_restart_all(ic); 4993 } 4994 4995 static void 4996 iwn_watchdog(void *arg) 4997 { 4998 struct iwn_softc *sc = arg; 4999 struct ieee80211com *ic = &sc->sc_ic; 5000 5001 IWN_LOCK_ASSERT(sc); 5002 5003 KASSERT(sc->sc_flags & IWN_FLAG_RUNNING, ("not running")); 5004 5005 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5006 5007 if (sc->sc_tx_timer > 0) { 5008 if (--sc->sc_tx_timer == 0) { 5009 ic_printf(ic, "device timeout\n"); 5010 ieee80211_restart_all(ic); 5011 return; 5012 } 5013 } 5014 callout_reset(&sc->watchdog_to, hz, iwn_watchdog, sc); 5015 } 5016 5017 static int 5018 iwn_cdev_open(struct cdev *dev, int flags, int type, struct thread *td) 5019 { 5020 5021 return (0); 5022 } 5023 5024 static int 5025 iwn_cdev_close(struct cdev *dev, int flags, int type, struct thread *td) 5026 { 5027 5028 return (0); 5029 } 5030 5031 static int 5032 iwn_cdev_ioctl(struct cdev *dev, unsigned long cmd, caddr_t data, int fflag, 5033 struct thread *td) 5034 { 5035 int rc; 5036 struct iwn_softc *sc = dev->si_drv1; 5037 struct iwn_ioctl_data *d; 5038 5039 rc = priv_check(td, PRIV_DRIVER); 5040 if (rc != 0) 5041 return (0); 5042 5043 switch (cmd) { 5044 case SIOCGIWNSTATS: 5045 d = (struct iwn_ioctl_data *) data; 5046 IWN_LOCK(sc); 5047 /* XXX validate permissions/memory/etc? */ 5048 rc = copyout(&sc->last_stat, d->dst_addr, sizeof(struct iwn_stats)); 5049 IWN_UNLOCK(sc); 5050 break; 5051 case SIOCZIWNSTATS: 5052 IWN_LOCK(sc); 5053 memset(&sc->last_stat, 0, sizeof(struct iwn_stats)); 5054 IWN_UNLOCK(sc); 5055 break; 5056 default: 5057 rc = EINVAL; 5058 break; 5059 } 5060 return (rc); 5061 } 5062 5063 static int 5064 iwn_ioctl(struct ieee80211com *ic, u_long cmd, void *data) 5065 { 5066 5067 return (ENOTTY); 5068 } 5069 5070 static void 5071 iwn_parent(struct ieee80211com *ic) 5072 { 5073 struct iwn_softc *sc = ic->ic_softc; 5074 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5075 int startall = 0, stop = 0; 5076 5077 IWN_LOCK(sc); 5078 if (ic->ic_nrunning > 0) { 5079 if (!(sc->sc_flags & IWN_FLAG_RUNNING)) { 5080 iwn_init_locked(sc); 5081 if (IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_RFKILL) 5082 startall = 1; 5083 else 5084 stop = 1; 5085 } 5086 } else if (sc->sc_flags & IWN_FLAG_RUNNING) 5087 iwn_stop_locked(sc); 5088 IWN_UNLOCK(sc); 5089 if (startall) 5090 ieee80211_start_all(ic); 5091 else if (vap != NULL && stop) 5092 ieee80211_stop(vap); 5093 } 5094 5095 /* 5096 * Send a command to the firmware. 5097 */ 5098 static int 5099 iwn_cmd(struct iwn_softc *sc, int code, const void *buf, int size, int async) 5100 { 5101 struct iwn_tx_ring *ring; 5102 struct iwn_tx_desc *desc; 5103 struct iwn_tx_data *data; 5104 struct iwn_tx_cmd *cmd; 5105 struct mbuf *m; 5106 bus_addr_t paddr; 5107 int totlen, error; 5108 int cmd_queue_num; 5109 5110 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5111 5112 if (async == 0) 5113 IWN_LOCK_ASSERT(sc); 5114 5115 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) 5116 cmd_queue_num = IWN_PAN_CMD_QUEUE; 5117 else 5118 cmd_queue_num = IWN_CMD_QUEUE_NUM; 5119 5120 ring = &sc->txq[cmd_queue_num]; 5121 desc = &ring->desc[ring->cur]; 5122 data = &ring->data[ring->cur]; 5123 totlen = 4 + size; 5124 5125 if (size > sizeof cmd->data) { 5126 /* Command is too large to fit in a descriptor. */ 5127 if (totlen > MCLBYTES) 5128 return EINVAL; 5129 m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE); 5130 if (m == NULL) 5131 return ENOMEM; 5132 cmd = mtod(m, struct iwn_tx_cmd *); 5133 error = bus_dmamap_load(ring->data_dmat, data->map, cmd, 5134 totlen, iwn_dma_map_addr, &paddr, BUS_DMA_NOWAIT); 5135 if (error != 0) { 5136 m_freem(m); 5137 return error; 5138 } 5139 data->m = m; 5140 } else { 5141 cmd = &ring->cmd[ring->cur]; 5142 paddr = data->cmd_paddr; 5143 } 5144 5145 cmd->code = code; 5146 cmd->flags = 0; 5147 cmd->qid = ring->qid; 5148 cmd->idx = ring->cur; 5149 memcpy(cmd->data, buf, size); 5150 5151 desc->nsegs = 1; 5152 desc->segs[0].addr = htole32(IWN_LOADDR(paddr)); 5153 desc->segs[0].len = htole16(IWN_HIADDR(paddr) | totlen << 4); 5154 5155 DPRINTF(sc, IWN_DEBUG_CMD, "%s: %s (0x%x) flags %d qid %d idx %d\n", 5156 __func__, iwn_intr_str(cmd->code), cmd->code, 5157 cmd->flags, cmd->qid, cmd->idx); 5158 5159 if (size > sizeof cmd->data) { 5160 bus_dmamap_sync(ring->data_dmat, data->map, 5161 BUS_DMASYNC_PREWRITE); 5162 } else { 5163 bus_dmamap_sync(ring->cmd_dma.tag, ring->cmd_dma.map, 5164 BUS_DMASYNC_PREWRITE); 5165 } 5166 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 5167 BUS_DMASYNC_PREWRITE); 5168 5169 /* Kick command ring. */ 5170 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 5171 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 5172 5173 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5174 5175 return async ? 0 : msleep(desc, &sc->sc_mtx, PCATCH, "iwncmd", hz); 5176 } 5177 5178 static int 5179 iwn4965_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 5180 { 5181 struct iwn4965_node_info hnode; 5182 caddr_t src, dst; 5183 5184 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5185 5186 /* 5187 * We use the node structure for 5000 Series internally (it is 5188 * a superset of the one for 4965AGN). We thus copy the common 5189 * fields before sending the command. 5190 */ 5191 src = (caddr_t)node; 5192 dst = (caddr_t)&hnode; 5193 memcpy(dst, src, 48); 5194 /* Skip TSC, RX MIC and TX MIC fields from ``src''. */ 5195 memcpy(dst + 48, src + 72, 20); 5196 return iwn_cmd(sc, IWN_CMD_ADD_NODE, &hnode, sizeof hnode, async); 5197 } 5198 5199 static int 5200 iwn5000_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 5201 { 5202 5203 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5204 5205 /* Direct mapping. */ 5206 return iwn_cmd(sc, IWN_CMD_ADD_NODE, node, sizeof (*node), async); 5207 } 5208 5209 static int 5210 iwn_set_link_quality(struct iwn_softc *sc, struct ieee80211_node *ni) 5211 { 5212 struct iwn_node *wn = (void *)ni; 5213 struct ieee80211_rateset *rs; 5214 struct iwn_cmd_link_quality linkq; 5215 int i, rate, txrate; 5216 int is_11n; 5217 5218 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5219 5220 memset(&linkq, 0, sizeof linkq); 5221 linkq.id = wn->id; 5222 linkq.antmsk_1stream = iwn_get_1stream_tx_antmask(sc); 5223 linkq.antmsk_2stream = iwn_get_2stream_tx_antmask(sc); 5224 5225 linkq.ampdu_max = 32; /* XXX negotiated? */ 5226 linkq.ampdu_threshold = 3; 5227 linkq.ampdu_limit = htole16(4000); /* 4ms */ 5228 5229 DPRINTF(sc, IWN_DEBUG_XMIT, 5230 "%s: 1stream antenna=0x%02x, 2stream antenna=0x%02x, ntxstreams=%d\n", 5231 __func__, 5232 linkq.antmsk_1stream, 5233 linkq.antmsk_2stream, 5234 sc->ntxchains); 5235 5236 /* 5237 * Are we using 11n rates? Ensure the channel is 5238 * 11n _and_ we have some 11n rates, or don't 5239 * try. 5240 */ 5241 if (IEEE80211_IS_CHAN_HT(ni->ni_chan) && ni->ni_htrates.rs_nrates > 0) { 5242 rs = (struct ieee80211_rateset *) &ni->ni_htrates; 5243 is_11n = 1; 5244 } else { 5245 rs = &ni->ni_rates; 5246 is_11n = 0; 5247 } 5248 5249 /* Start at highest available bit-rate. */ 5250 /* 5251 * XXX this is all very dirty! 5252 */ 5253 if (is_11n) 5254 txrate = ni->ni_htrates.rs_nrates - 1; 5255 else 5256 txrate = rs->rs_nrates - 1; 5257 for (i = 0; i < IWN_MAX_TX_RETRIES; i++) { 5258 uint32_t plcp; 5259 5260 /* 5261 * XXX TODO: ensure the last two slots are the two lowest 5262 * rate entries, just for now. 5263 */ 5264 if (i == 14 || i == 15) 5265 txrate = 0; 5266 5267 if (is_11n) 5268 rate = IEEE80211_RATE_MCS | rs->rs_rates[txrate]; 5269 else 5270 rate = IEEE80211_RV(rs->rs_rates[txrate]); 5271 5272 /* Do rate -> PLCP config mapping */ 5273 plcp = iwn_rate_to_plcp(sc, ni, rate); 5274 linkq.retry[i] = plcp; 5275 DPRINTF(sc, IWN_DEBUG_XMIT, 5276 "%s: i=%d, txrate=%d, rate=0x%02x, plcp=0x%08x\n", 5277 __func__, 5278 i, 5279 txrate, 5280 rate, 5281 le32toh(plcp)); 5282 5283 /* 5284 * The mimo field is an index into the table which 5285 * indicates the first index where it and subsequent entries 5286 * will not be using MIMO. 5287 * 5288 * Since we're filling linkq from 0..15 and we're filling 5289 * from the highest MCS rates to the lowest rates, if we 5290 * _are_ doing a dual-stream rate, set mimo to idx+1 (ie, 5291 * the next entry.) That way if the next entry is a non-MIMO 5292 * entry, we're already pointing at it. 5293 */ 5294 if ((le32toh(plcp) & IWN_RFLAG_MCS) && 5295 IEEE80211_RV(le32toh(plcp)) > 7) 5296 linkq.mimo = i + 1; 5297 5298 /* Next retry at immediate lower bit-rate. */ 5299 if (txrate > 0) 5300 txrate--; 5301 } 5302 /* 5303 * If we reached the end of the list and indeed we hit 5304 * all MIMO rates (eg 5300 doing MCS23-15) then yes, 5305 * set mimo to 15. Setting it to 16 panics the firmware. 5306 */ 5307 if (linkq.mimo > 15) 5308 linkq.mimo = 15; 5309 5310 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: mimo = %d\n", __func__, linkq.mimo); 5311 5312 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5313 5314 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, 1); 5315 } 5316 5317 /* 5318 * Broadcast node is used to send group-addressed and management frames. 5319 */ 5320 static int 5321 iwn_add_broadcast_node(struct iwn_softc *sc, int async) 5322 { 5323 struct iwn_ops *ops = &sc->ops; 5324 struct ieee80211com *ic = &sc->sc_ic; 5325 struct iwn_node_info node; 5326 struct iwn_cmd_link_quality linkq; 5327 uint8_t txant; 5328 int i, error; 5329 5330 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5331 5332 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 5333 5334 memset(&node, 0, sizeof node); 5335 IEEE80211_ADDR_COPY(node.macaddr, ieee80211broadcastaddr); 5336 node.id = sc->broadcast_id; 5337 DPRINTF(sc, IWN_DEBUG_RESET, "%s: adding broadcast node\n", __func__); 5338 if ((error = ops->add_node(sc, &node, async)) != 0) 5339 return error; 5340 5341 /* Use the first valid TX antenna. */ 5342 txant = IWN_LSB(sc->txchainmask); 5343 5344 memset(&linkq, 0, sizeof linkq); 5345 linkq.id = sc->broadcast_id; 5346 linkq.antmsk_1stream = iwn_get_1stream_tx_antmask(sc); 5347 linkq.antmsk_2stream = iwn_get_2stream_tx_antmask(sc); 5348 linkq.ampdu_max = 64; 5349 linkq.ampdu_threshold = 3; 5350 linkq.ampdu_limit = htole16(4000); /* 4ms */ 5351 5352 /* Use lowest mandatory bit-rate. */ 5353 /* XXX rate table lookup? */ 5354 if (IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan)) 5355 linkq.retry[0] = htole32(0xd); 5356 else 5357 linkq.retry[0] = htole32(10 | IWN_RFLAG_CCK); 5358 linkq.retry[0] |= htole32(IWN_RFLAG_ANT(txant)); 5359 /* Use same bit-rate for all TX retries. */ 5360 for (i = 1; i < IWN_MAX_TX_RETRIES; i++) { 5361 linkq.retry[i] = linkq.retry[0]; 5362 } 5363 5364 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5365 5366 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, async); 5367 } 5368 5369 static int 5370 iwn_updateedca(struct ieee80211com *ic) 5371 { 5372 #define IWN_EXP2(x) ((1 << (x)) - 1) /* CWmin = 2^ECWmin - 1 */ 5373 struct iwn_softc *sc = ic->ic_softc; 5374 struct iwn_edca_params cmd; 5375 int aci; 5376 5377 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5378 5379 memset(&cmd, 0, sizeof cmd); 5380 cmd.flags = htole32(IWN_EDCA_UPDATE); 5381 5382 IEEE80211_LOCK(ic); 5383 for (aci = 0; aci < WME_NUM_AC; aci++) { 5384 const struct wmeParams *ac = 5385 &ic->ic_wme.wme_chanParams.cap_wmeParams[aci]; 5386 cmd.ac[aci].aifsn = ac->wmep_aifsn; 5387 cmd.ac[aci].cwmin = htole16(IWN_EXP2(ac->wmep_logcwmin)); 5388 cmd.ac[aci].cwmax = htole16(IWN_EXP2(ac->wmep_logcwmax)); 5389 cmd.ac[aci].txoplimit = 5390 htole16(IEEE80211_TXOP_TO_US(ac->wmep_txopLimit)); 5391 } 5392 IEEE80211_UNLOCK(ic); 5393 5394 IWN_LOCK(sc); 5395 (void)iwn_cmd(sc, IWN_CMD_EDCA_PARAMS, &cmd, sizeof cmd, 1); 5396 IWN_UNLOCK(sc); 5397 5398 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5399 5400 return 0; 5401 #undef IWN_EXP2 5402 } 5403 5404 static void 5405 iwn_update_mcast(struct ieee80211com *ic) 5406 { 5407 /* Ignore */ 5408 } 5409 5410 static void 5411 iwn_set_led(struct iwn_softc *sc, uint8_t which, uint8_t off, uint8_t on) 5412 { 5413 struct iwn_cmd_led led; 5414 5415 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5416 5417 #if 0 5418 /* XXX don't set LEDs during scan? */ 5419 if (sc->sc_is_scanning) 5420 return; 5421 #endif 5422 5423 /* Clear microcode LED ownership. */ 5424 IWN_CLRBITS(sc, IWN_LED, IWN_LED_BSM_CTRL); 5425 5426 led.which = which; 5427 led.unit = htole32(10000); /* on/off in unit of 100ms */ 5428 led.off = off; 5429 led.on = on; 5430 (void)iwn_cmd(sc, IWN_CMD_SET_LED, &led, sizeof led, 1); 5431 } 5432 5433 /* 5434 * Set the critical temperature at which the firmware will stop the radio 5435 * and notify us. 5436 */ 5437 static int 5438 iwn_set_critical_temp(struct iwn_softc *sc) 5439 { 5440 struct iwn_critical_temp crit; 5441 int32_t temp; 5442 5443 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5444 5445 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CTEMP_STOP_RF); 5446 5447 if (sc->hw_type == IWN_HW_REV_TYPE_5150) 5448 temp = (IWN_CTOK(110) - sc->temp_off) * -5; 5449 else if (sc->hw_type == IWN_HW_REV_TYPE_4965) 5450 temp = IWN_CTOK(110); 5451 else 5452 temp = 110; 5453 memset(&crit, 0, sizeof crit); 5454 crit.tempR = htole32(temp); 5455 DPRINTF(sc, IWN_DEBUG_RESET, "setting critical temp to %d\n", temp); 5456 return iwn_cmd(sc, IWN_CMD_SET_CRITICAL_TEMP, &crit, sizeof crit, 0); 5457 } 5458 5459 static int 5460 iwn_set_timing(struct iwn_softc *sc, struct ieee80211_node *ni) 5461 { 5462 struct iwn_cmd_timing cmd; 5463 uint64_t val, mod; 5464 5465 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5466 5467 memset(&cmd, 0, sizeof cmd); 5468 memcpy(&cmd.tstamp, ni->ni_tstamp.data, sizeof (uint64_t)); 5469 cmd.bintval = htole16(ni->ni_intval); 5470 cmd.lintval = htole16(10); 5471 5472 /* Compute remaining time until next beacon. */ 5473 val = (uint64_t)ni->ni_intval * IEEE80211_DUR_TU; 5474 mod = le64toh(cmd.tstamp) % val; 5475 cmd.binitval = htole32((uint32_t)(val - mod)); 5476 5477 DPRINTF(sc, IWN_DEBUG_RESET, "timing bintval=%u tstamp=%ju, init=%u\n", 5478 ni->ni_intval, le64toh(cmd.tstamp), (uint32_t)(val - mod)); 5479 5480 return iwn_cmd(sc, IWN_CMD_TIMING, &cmd, sizeof cmd, 1); 5481 } 5482 5483 static void 5484 iwn4965_power_calibration(struct iwn_softc *sc, int temp) 5485 { 5486 struct ieee80211com *ic = &sc->sc_ic; 5487 5488 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5489 5490 /* Adjust TX power if need be (delta >= 3 degC). */ 5491 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: temperature %d->%d\n", 5492 __func__, sc->temp, temp); 5493 if (abs(temp - sc->temp) >= 3) { 5494 /* Record temperature of last calibration. */ 5495 sc->temp = temp; 5496 (void)iwn4965_set_txpower(sc, ic->ic_bsschan, 1); 5497 } 5498 } 5499 5500 /* 5501 * Set TX power for current channel (each rate has its own power settings). 5502 * This function takes into account the regulatory information from EEPROM, 5503 * the current temperature and the current voltage. 5504 */ 5505 static int 5506 iwn4965_set_txpower(struct iwn_softc *sc, struct ieee80211_channel *ch, 5507 int async) 5508 { 5509 /* Fixed-point arithmetic division using a n-bit fractional part. */ 5510 #define fdivround(a, b, n) \ 5511 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 5512 /* Linear interpolation. */ 5513 #define interpolate(x, x1, y1, x2, y2, n) \ 5514 ((y1) + fdivround(((int)(x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 5515 5516 static const int tdiv[IWN_NATTEN_GROUPS] = { 9, 8, 8, 8, 6 }; 5517 struct iwn_ucode_info *uc = &sc->ucode_info; 5518 struct iwn4965_cmd_txpower cmd; 5519 struct iwn4965_eeprom_chan_samples *chans; 5520 const uint8_t *rf_gain, *dsp_gain; 5521 int32_t vdiff, tdiff; 5522 int i, c, grp, maxpwr; 5523 uint8_t chan; 5524 5525 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 5526 /* Retrieve current channel from last RXON. */ 5527 chan = sc->rxon->chan; 5528 DPRINTF(sc, IWN_DEBUG_RESET, "setting TX power for channel %d\n", 5529 chan); 5530 5531 memset(&cmd, 0, sizeof cmd); 5532 cmd.band = IEEE80211_IS_CHAN_5GHZ(ch) ? 0 : 1; 5533 cmd.chan = chan; 5534 5535 if (IEEE80211_IS_CHAN_5GHZ(ch)) { 5536 maxpwr = sc->maxpwr5GHz; 5537 rf_gain = iwn4965_rf_gain_5ghz; 5538 dsp_gain = iwn4965_dsp_gain_5ghz; 5539 } else { 5540 maxpwr = sc->maxpwr2GHz; 5541 rf_gain = iwn4965_rf_gain_2ghz; 5542 dsp_gain = iwn4965_dsp_gain_2ghz; 5543 } 5544 5545 /* Compute voltage compensation. */ 5546 vdiff = ((int32_t)le32toh(uc->volt) - sc->eeprom_voltage) / 7; 5547 if (vdiff > 0) 5548 vdiff *= 2; 5549 if (abs(vdiff) > 2) 5550 vdiff = 0; 5551 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5552 "%s: voltage compensation=%d (UCODE=%d, EEPROM=%d)\n", 5553 __func__, vdiff, le32toh(uc->volt), sc->eeprom_voltage); 5554 5555 /* Get channel attenuation group. */ 5556 if (chan <= 20) /* 1-20 */ 5557 grp = 4; 5558 else if (chan <= 43) /* 34-43 */ 5559 grp = 0; 5560 else if (chan <= 70) /* 44-70 */ 5561 grp = 1; 5562 else if (chan <= 124) /* 71-124 */ 5563 grp = 2; 5564 else /* 125-200 */ 5565 grp = 3; 5566 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5567 "%s: chan %d, attenuation group=%d\n", __func__, chan, grp); 5568 5569 /* Get channel sub-band. */ 5570 for (i = 0; i < IWN_NBANDS; i++) 5571 if (sc->bands[i].lo != 0 && 5572 sc->bands[i].lo <= chan && chan <= sc->bands[i].hi) 5573 break; 5574 if (i == IWN_NBANDS) /* Can't happen in real-life. */ 5575 return EINVAL; 5576 chans = sc->bands[i].chans; 5577 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5578 "%s: chan %d sub-band=%d\n", __func__, chan, i); 5579 5580 for (c = 0; c < 2; c++) { 5581 uint8_t power, gain, temp; 5582 int maxchpwr, pwr, ridx, idx; 5583 5584 power = interpolate(chan, 5585 chans[0].num, chans[0].samples[c][1].power, 5586 chans[1].num, chans[1].samples[c][1].power, 1); 5587 gain = interpolate(chan, 5588 chans[0].num, chans[0].samples[c][1].gain, 5589 chans[1].num, chans[1].samples[c][1].gain, 1); 5590 temp = interpolate(chan, 5591 chans[0].num, chans[0].samples[c][1].temp, 5592 chans[1].num, chans[1].samples[c][1].temp, 1); 5593 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5594 "%s: Tx chain %d: power=%d gain=%d temp=%d\n", 5595 __func__, c, power, gain, temp); 5596 5597 /* Compute temperature compensation. */ 5598 tdiff = ((sc->temp - temp) * 2) / tdiv[grp]; 5599 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5600 "%s: temperature compensation=%d (current=%d, EEPROM=%d)\n", 5601 __func__, tdiff, sc->temp, temp); 5602 5603 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) { 5604 /* Convert dBm to half-dBm. */ 5605 maxchpwr = sc->maxpwr[chan] * 2; 5606 if ((ridx / 8) & 1) 5607 maxchpwr -= 6; /* MIMO 2T: -3dB */ 5608 5609 pwr = maxpwr; 5610 5611 /* Adjust TX power based on rate. */ 5612 if ((ridx % 8) == 5) 5613 pwr -= 15; /* OFDM48: -7.5dB */ 5614 else if ((ridx % 8) == 6) 5615 pwr -= 17; /* OFDM54: -8.5dB */ 5616 else if ((ridx % 8) == 7) 5617 pwr -= 20; /* OFDM60: -10dB */ 5618 else 5619 pwr -= 10; /* Others: -5dB */ 5620 5621 /* Do not exceed channel max TX power. */ 5622 if (pwr > maxchpwr) 5623 pwr = maxchpwr; 5624 5625 idx = gain - (pwr - power) - tdiff - vdiff; 5626 if ((ridx / 8) & 1) /* MIMO */ 5627 idx += (int32_t)le32toh(uc->atten[grp][c]); 5628 5629 if (cmd.band == 0) 5630 idx += 9; /* 5GHz */ 5631 if (ridx == IWN_RIDX_MAX) 5632 idx += 5; /* CCK */ 5633 5634 /* Make sure idx stays in a valid range. */ 5635 if (idx < 0) 5636 idx = 0; 5637 else if (idx > IWN4965_MAX_PWR_INDEX) 5638 idx = IWN4965_MAX_PWR_INDEX; 5639 5640 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5641 "%s: Tx chain %d, rate idx %d: power=%d\n", 5642 __func__, c, ridx, idx); 5643 cmd.power[ridx].rf_gain[c] = rf_gain[idx]; 5644 cmd.power[ridx].dsp_gain[c] = dsp_gain[idx]; 5645 } 5646 } 5647 5648 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5649 "%s: set tx power for chan %d\n", __func__, chan); 5650 return iwn_cmd(sc, IWN_CMD_TXPOWER, &cmd, sizeof cmd, async); 5651 5652 #undef interpolate 5653 #undef fdivround 5654 } 5655 5656 static int 5657 iwn5000_set_txpower(struct iwn_softc *sc, struct ieee80211_channel *ch, 5658 int async) 5659 { 5660 struct iwn5000_cmd_txpower cmd; 5661 int cmdid; 5662 5663 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5664 5665 /* 5666 * TX power calibration is handled automatically by the firmware 5667 * for 5000 Series. 5668 */ 5669 memset(&cmd, 0, sizeof cmd); 5670 cmd.global_limit = 2 * IWN5000_TXPOWER_MAX_DBM; /* 16 dBm */ 5671 cmd.flags = IWN5000_TXPOWER_NO_CLOSED; 5672 cmd.srv_limit = IWN5000_TXPOWER_AUTO; 5673 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_XMIT, 5674 "%s: setting TX power; rev=%d\n", 5675 __func__, 5676 IWN_UCODE_API(sc->ucode_rev)); 5677 if (IWN_UCODE_API(sc->ucode_rev) == 1) 5678 cmdid = IWN_CMD_TXPOWER_DBM_V1; 5679 else 5680 cmdid = IWN_CMD_TXPOWER_DBM; 5681 return iwn_cmd(sc, cmdid, &cmd, sizeof cmd, async); 5682 } 5683 5684 /* 5685 * Retrieve the maximum RSSI (in dBm) among receivers. 5686 */ 5687 static int 5688 iwn4965_get_rssi(struct iwn_softc *sc, struct iwn_rx_stat *stat) 5689 { 5690 struct iwn4965_rx_phystat *phy = (void *)stat->phybuf; 5691 uint8_t mask, agc; 5692 int rssi; 5693 5694 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5695 5696 mask = (le16toh(phy->antenna) >> 4) & IWN_ANT_ABC; 5697 agc = (le16toh(phy->agc) >> 7) & 0x7f; 5698 5699 rssi = 0; 5700 if (mask & IWN_ANT_A) 5701 rssi = MAX(rssi, phy->rssi[0]); 5702 if (mask & IWN_ANT_B) 5703 rssi = MAX(rssi, phy->rssi[2]); 5704 if (mask & IWN_ANT_C) 5705 rssi = MAX(rssi, phy->rssi[4]); 5706 5707 DPRINTF(sc, IWN_DEBUG_RECV, 5708 "%s: agc %d mask 0x%x rssi %d %d %d result %d\n", __func__, agc, 5709 mask, phy->rssi[0], phy->rssi[2], phy->rssi[4], 5710 rssi - agc - IWN_RSSI_TO_DBM); 5711 return rssi - agc - IWN_RSSI_TO_DBM; 5712 } 5713 5714 static int 5715 iwn5000_get_rssi(struct iwn_softc *sc, struct iwn_rx_stat *stat) 5716 { 5717 struct iwn5000_rx_phystat *phy = (void *)stat->phybuf; 5718 uint8_t agc; 5719 int rssi; 5720 5721 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5722 5723 agc = (le32toh(phy->agc) >> 9) & 0x7f; 5724 5725 rssi = MAX(le16toh(phy->rssi[0]) & 0xff, 5726 le16toh(phy->rssi[1]) & 0xff); 5727 rssi = MAX(le16toh(phy->rssi[2]) & 0xff, rssi); 5728 5729 DPRINTF(sc, IWN_DEBUG_RECV, 5730 "%s: agc %d rssi %d %d %d result %d\n", __func__, agc, 5731 phy->rssi[0], phy->rssi[1], phy->rssi[2], 5732 rssi - agc - IWN_RSSI_TO_DBM); 5733 return rssi - agc - IWN_RSSI_TO_DBM; 5734 } 5735 5736 /* 5737 * Retrieve the average noise (in dBm) among receivers. 5738 */ 5739 static int 5740 iwn_get_noise(const struct iwn_rx_general_stats *stats) 5741 { 5742 int i, total, nbant, noise; 5743 5744 total = nbant = 0; 5745 for (i = 0; i < 3; i++) { 5746 if ((noise = le32toh(stats->noise[i]) & 0xff) == 0) 5747 continue; 5748 total += noise; 5749 nbant++; 5750 } 5751 /* There should be at least one antenna but check anyway. */ 5752 return (nbant == 0) ? -127 : (total / nbant) - 107; 5753 } 5754 5755 /* 5756 * Compute temperature (in degC) from last received statistics. 5757 */ 5758 static int 5759 iwn4965_get_temperature(struct iwn_softc *sc) 5760 { 5761 struct iwn_ucode_info *uc = &sc->ucode_info; 5762 int32_t r1, r2, r3, r4, temp; 5763 5764 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5765 5766 r1 = le32toh(uc->temp[0].chan20MHz); 5767 r2 = le32toh(uc->temp[1].chan20MHz); 5768 r3 = le32toh(uc->temp[2].chan20MHz); 5769 r4 = le32toh(sc->rawtemp); 5770 5771 if (r1 == r3) /* Prevents division by 0 (should not happen). */ 5772 return 0; 5773 5774 /* Sign-extend 23-bit R4 value to 32-bit. */ 5775 r4 = ((r4 & 0xffffff) ^ 0x800000) - 0x800000; 5776 /* Compute temperature in Kelvin. */ 5777 temp = (259 * (r4 - r2)) / (r3 - r1); 5778 temp = (temp * 97) / 100 + 8; 5779 5780 DPRINTF(sc, IWN_DEBUG_ANY, "temperature %dK/%dC\n", temp, 5781 IWN_KTOC(temp)); 5782 return IWN_KTOC(temp); 5783 } 5784 5785 static int 5786 iwn5000_get_temperature(struct iwn_softc *sc) 5787 { 5788 int32_t temp; 5789 5790 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5791 5792 /* 5793 * Temperature is not used by the driver for 5000 Series because 5794 * TX power calibration is handled by firmware. 5795 */ 5796 temp = le32toh(sc->rawtemp); 5797 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 5798 temp = (temp / -5) + sc->temp_off; 5799 temp = IWN_KTOC(temp); 5800 } 5801 return temp; 5802 } 5803 5804 /* 5805 * Initialize sensitivity calibration state machine. 5806 */ 5807 static int 5808 iwn_init_sensitivity(struct iwn_softc *sc) 5809 { 5810 struct iwn_ops *ops = &sc->ops; 5811 struct iwn_calib_state *calib = &sc->calib; 5812 uint32_t flags; 5813 int error; 5814 5815 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5816 5817 /* Reset calibration state machine. */ 5818 memset(calib, 0, sizeof (*calib)); 5819 calib->state = IWN_CALIB_STATE_INIT; 5820 calib->cck_state = IWN_CCK_STATE_HIFA; 5821 /* Set initial correlation values. */ 5822 calib->ofdm_x1 = sc->limits->min_ofdm_x1; 5823 calib->ofdm_mrc_x1 = sc->limits->min_ofdm_mrc_x1; 5824 calib->ofdm_x4 = sc->limits->min_ofdm_x4; 5825 calib->ofdm_mrc_x4 = sc->limits->min_ofdm_mrc_x4; 5826 calib->cck_x4 = 125; 5827 calib->cck_mrc_x4 = sc->limits->min_cck_mrc_x4; 5828 calib->energy_cck = sc->limits->energy_cck; 5829 5830 /* Write initial sensitivity. */ 5831 if ((error = iwn_send_sensitivity(sc)) != 0) 5832 return error; 5833 5834 /* Write initial gains. */ 5835 if ((error = ops->init_gains(sc)) != 0) 5836 return error; 5837 5838 /* Request statistics at each beacon interval. */ 5839 flags = 0; 5840 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: sending request for statistics\n", 5841 __func__); 5842 return iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, sizeof flags, 1); 5843 } 5844 5845 /* 5846 * Collect noise and RSSI statistics for the first 20 beacons received 5847 * after association and use them to determine connected antennas and 5848 * to set differential gains. 5849 */ 5850 static void 5851 iwn_collect_noise(struct iwn_softc *sc, 5852 const struct iwn_rx_general_stats *stats) 5853 { 5854 struct iwn_ops *ops = &sc->ops; 5855 struct iwn_calib_state *calib = &sc->calib; 5856 struct ieee80211com *ic = &sc->sc_ic; 5857 uint32_t val; 5858 int i; 5859 5860 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5861 5862 /* Accumulate RSSI and noise for all 3 antennas. */ 5863 for (i = 0; i < 3; i++) { 5864 calib->rssi[i] += le32toh(stats->rssi[i]) & 0xff; 5865 calib->noise[i] += le32toh(stats->noise[i]) & 0xff; 5866 } 5867 /* NB: We update differential gains only once after 20 beacons. */ 5868 if (++calib->nbeacons < 20) 5869 return; 5870 5871 /* Determine highest average RSSI. */ 5872 val = MAX(calib->rssi[0], calib->rssi[1]); 5873 val = MAX(calib->rssi[2], val); 5874 5875 /* Determine which antennas are connected. */ 5876 sc->chainmask = sc->rxchainmask; 5877 for (i = 0; i < 3; i++) 5878 if (val - calib->rssi[i] > 15 * 20) 5879 sc->chainmask &= ~(1 << i); 5880 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_XMIT, 5881 "%s: RX chains mask: theoretical=0x%x, actual=0x%x\n", 5882 __func__, sc->rxchainmask, sc->chainmask); 5883 5884 /* If none of the TX antennas are connected, keep at least one. */ 5885 if ((sc->chainmask & sc->txchainmask) == 0) 5886 sc->chainmask |= IWN_LSB(sc->txchainmask); 5887 5888 (void)ops->set_gains(sc); 5889 calib->state = IWN_CALIB_STATE_RUN; 5890 5891 #ifdef notyet 5892 /* XXX Disable RX chains with no antennas connected. */ 5893 sc->rxon->rxchain = htole16(IWN_RXCHAIN_SEL(sc->chainmask)); 5894 if (sc->sc_is_scanning) 5895 device_printf(sc->sc_dev, 5896 "%s: is_scanning set, before RXON\n", 5897 __func__); 5898 (void)iwn_cmd(sc, IWN_CMD_RXON, sc->rxon, sc->rxonsz, 1); 5899 #endif 5900 5901 /* Enable power-saving mode if requested by user. */ 5902 if (ic->ic_flags & IEEE80211_F_PMGTON) 5903 (void)iwn_set_pslevel(sc, 0, 3, 1); 5904 5905 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5906 5907 } 5908 5909 static int 5910 iwn4965_init_gains(struct iwn_softc *sc) 5911 { 5912 struct iwn_phy_calib_gain cmd; 5913 5914 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5915 5916 memset(&cmd, 0, sizeof cmd); 5917 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 5918 /* Differential gains initially set to 0 for all 3 antennas. */ 5919 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 5920 "%s: setting initial differential gains\n", __func__); 5921 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 5922 } 5923 5924 static int 5925 iwn5000_init_gains(struct iwn_softc *sc) 5926 { 5927 struct iwn_phy_calib cmd; 5928 5929 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5930 5931 memset(&cmd, 0, sizeof cmd); 5932 cmd.code = sc->reset_noise_gain; 5933 cmd.ngroups = 1; 5934 cmd.isvalid = 1; 5935 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 5936 "%s: setting initial differential gains\n", __func__); 5937 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 5938 } 5939 5940 static int 5941 iwn4965_set_gains(struct iwn_softc *sc) 5942 { 5943 struct iwn_calib_state *calib = &sc->calib; 5944 struct iwn_phy_calib_gain cmd; 5945 int i, delta, noise; 5946 5947 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5948 5949 /* Get minimal noise among connected antennas. */ 5950 noise = INT_MAX; /* NB: There's at least one antenna. */ 5951 for (i = 0; i < 3; i++) 5952 if (sc->chainmask & (1 << i)) 5953 noise = MIN(calib->noise[i], noise); 5954 5955 memset(&cmd, 0, sizeof cmd); 5956 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 5957 /* Set differential gains for connected antennas. */ 5958 for (i = 0; i < 3; i++) { 5959 if (sc->chainmask & (1 << i)) { 5960 /* Compute attenuation (in unit of 1.5dB). */ 5961 delta = (noise - (int32_t)calib->noise[i]) / 30; 5962 /* NB: delta <= 0 */ 5963 /* Limit to [-4.5dB,0]. */ 5964 cmd.gain[i] = MIN(abs(delta), 3); 5965 if (delta < 0) 5966 cmd.gain[i] |= 1 << 2; /* sign bit */ 5967 } 5968 } 5969 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 5970 "setting differential gains Ant A/B/C: %x/%x/%x (%x)\n", 5971 cmd.gain[0], cmd.gain[1], cmd.gain[2], sc->chainmask); 5972 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 5973 } 5974 5975 static int 5976 iwn5000_set_gains(struct iwn_softc *sc) 5977 { 5978 struct iwn_calib_state *calib = &sc->calib; 5979 struct iwn_phy_calib_gain cmd; 5980 int i, ant, div, delta; 5981 5982 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5983 5984 /* We collected 20 beacons and !=6050 need a 1.5 factor. */ 5985 div = (sc->hw_type == IWN_HW_REV_TYPE_6050) ? 20 : 30; 5986 5987 memset(&cmd, 0, sizeof cmd); 5988 cmd.code = sc->noise_gain; 5989 cmd.ngroups = 1; 5990 cmd.isvalid = 1; 5991 /* Get first available RX antenna as referential. */ 5992 ant = IWN_LSB(sc->rxchainmask); 5993 /* Set differential gains for other antennas. */ 5994 for (i = ant + 1; i < 3; i++) { 5995 if (sc->chainmask & (1 << i)) { 5996 /* The delta is relative to antenna "ant". */ 5997 delta = ((int32_t)calib->noise[ant] - 5998 (int32_t)calib->noise[i]) / div; 5999 /* Limit to [-4.5dB,+4.5dB]. */ 6000 cmd.gain[i - 1] = MIN(abs(delta), 3); 6001 if (delta < 0) 6002 cmd.gain[i - 1] |= 1 << 2; /* sign bit */ 6003 } 6004 } 6005 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_XMIT, 6006 "setting differential gains Ant B/C: %x/%x (%x)\n", 6007 cmd.gain[0], cmd.gain[1], sc->chainmask); 6008 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 6009 } 6010 6011 /* 6012 * Tune RF RX sensitivity based on the number of false alarms detected 6013 * during the last beacon period. 6014 */ 6015 static void 6016 iwn_tune_sensitivity(struct iwn_softc *sc, const struct iwn_rx_stats *stats) 6017 { 6018 #define inc(val, inc, max) \ 6019 if ((val) < (max)) { \ 6020 if ((val) < (max) - (inc)) \ 6021 (val) += (inc); \ 6022 else \ 6023 (val) = (max); \ 6024 needs_update = 1; \ 6025 } 6026 #define dec(val, dec, min) \ 6027 if ((val) > (min)) { \ 6028 if ((val) > (min) + (dec)) \ 6029 (val) -= (dec); \ 6030 else \ 6031 (val) = (min); \ 6032 needs_update = 1; \ 6033 } 6034 6035 const struct iwn_sensitivity_limits *limits = sc->limits; 6036 struct iwn_calib_state *calib = &sc->calib; 6037 uint32_t val, rxena, fa; 6038 uint32_t energy[3], energy_min; 6039 uint8_t noise[3], noise_ref; 6040 int i, needs_update = 0; 6041 6042 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 6043 6044 /* Check that we've been enabled long enough. */ 6045 if ((rxena = le32toh(stats->general.load)) == 0){ 6046 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end not so long\n", __func__); 6047 return; 6048 } 6049 6050 /* Compute number of false alarms since last call for OFDM. */ 6051 fa = le32toh(stats->ofdm.bad_plcp) - calib->bad_plcp_ofdm; 6052 fa += le32toh(stats->ofdm.fa) - calib->fa_ofdm; 6053 fa *= 200 * IEEE80211_DUR_TU; /* 200TU */ 6054 6055 if (fa > 50 * rxena) { 6056 /* High false alarm count, decrease sensitivity. */ 6057 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6058 "%s: OFDM high false alarm count: %u\n", __func__, fa); 6059 inc(calib->ofdm_x1, 1, limits->max_ofdm_x1); 6060 inc(calib->ofdm_mrc_x1, 1, limits->max_ofdm_mrc_x1); 6061 inc(calib->ofdm_x4, 1, limits->max_ofdm_x4); 6062 inc(calib->ofdm_mrc_x4, 1, limits->max_ofdm_mrc_x4); 6063 6064 } else if (fa < 5 * rxena) { 6065 /* Low false alarm count, increase sensitivity. */ 6066 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6067 "%s: OFDM low false alarm count: %u\n", __func__, fa); 6068 dec(calib->ofdm_x1, 1, limits->min_ofdm_x1); 6069 dec(calib->ofdm_mrc_x1, 1, limits->min_ofdm_mrc_x1); 6070 dec(calib->ofdm_x4, 1, limits->min_ofdm_x4); 6071 dec(calib->ofdm_mrc_x4, 1, limits->min_ofdm_mrc_x4); 6072 } 6073 6074 /* Compute maximum noise among 3 receivers. */ 6075 for (i = 0; i < 3; i++) 6076 noise[i] = (le32toh(stats->general.noise[i]) >> 8) & 0xff; 6077 val = MAX(noise[0], noise[1]); 6078 val = MAX(noise[2], val); 6079 /* Insert it into our samples table. */ 6080 calib->noise_samples[calib->cur_noise_sample] = val; 6081 calib->cur_noise_sample = (calib->cur_noise_sample + 1) % 20; 6082 6083 /* Compute maximum noise among last 20 samples. */ 6084 noise_ref = calib->noise_samples[0]; 6085 for (i = 1; i < 20; i++) 6086 noise_ref = MAX(noise_ref, calib->noise_samples[i]); 6087 6088 /* Compute maximum energy among 3 receivers. */ 6089 for (i = 0; i < 3; i++) 6090 energy[i] = le32toh(stats->general.energy[i]); 6091 val = MIN(energy[0], energy[1]); 6092 val = MIN(energy[2], val); 6093 /* Insert it into our samples table. */ 6094 calib->energy_samples[calib->cur_energy_sample] = val; 6095 calib->cur_energy_sample = (calib->cur_energy_sample + 1) % 10; 6096 6097 /* Compute minimum energy among last 10 samples. */ 6098 energy_min = calib->energy_samples[0]; 6099 for (i = 1; i < 10; i++) 6100 energy_min = MAX(energy_min, calib->energy_samples[i]); 6101 energy_min += 6; 6102 6103 /* Compute number of false alarms since last call for CCK. */ 6104 fa = le32toh(stats->cck.bad_plcp) - calib->bad_plcp_cck; 6105 fa += le32toh(stats->cck.fa) - calib->fa_cck; 6106 fa *= 200 * IEEE80211_DUR_TU; /* 200TU */ 6107 6108 if (fa > 50 * rxena) { 6109 /* High false alarm count, decrease sensitivity. */ 6110 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6111 "%s: CCK high false alarm count: %u\n", __func__, fa); 6112 calib->cck_state = IWN_CCK_STATE_HIFA; 6113 calib->low_fa = 0; 6114 6115 if (calib->cck_x4 > 160) { 6116 calib->noise_ref = noise_ref; 6117 if (calib->energy_cck > 2) 6118 dec(calib->energy_cck, 2, energy_min); 6119 } 6120 if (calib->cck_x4 < 160) { 6121 calib->cck_x4 = 161; 6122 needs_update = 1; 6123 } else 6124 inc(calib->cck_x4, 3, limits->max_cck_x4); 6125 6126 inc(calib->cck_mrc_x4, 3, limits->max_cck_mrc_x4); 6127 6128 } else if (fa < 5 * rxena) { 6129 /* Low false alarm count, increase sensitivity. */ 6130 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6131 "%s: CCK low false alarm count: %u\n", __func__, fa); 6132 calib->cck_state = IWN_CCK_STATE_LOFA; 6133 calib->low_fa++; 6134 6135 if (calib->cck_state != IWN_CCK_STATE_INIT && 6136 (((int32_t)calib->noise_ref - (int32_t)noise_ref) > 2 || 6137 calib->low_fa > 100)) { 6138 inc(calib->energy_cck, 2, limits->min_energy_cck); 6139 dec(calib->cck_x4, 3, limits->min_cck_x4); 6140 dec(calib->cck_mrc_x4, 3, limits->min_cck_mrc_x4); 6141 } 6142 } else { 6143 /* Not worth to increase or decrease sensitivity. */ 6144 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6145 "%s: CCK normal false alarm count: %u\n", __func__, fa); 6146 calib->low_fa = 0; 6147 calib->noise_ref = noise_ref; 6148 6149 if (calib->cck_state == IWN_CCK_STATE_HIFA) { 6150 /* Previous interval had many false alarms. */ 6151 dec(calib->energy_cck, 8, energy_min); 6152 } 6153 calib->cck_state = IWN_CCK_STATE_INIT; 6154 } 6155 6156 if (needs_update) 6157 (void)iwn_send_sensitivity(sc); 6158 6159 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 6160 6161 #undef dec 6162 #undef inc 6163 } 6164 6165 static int 6166 iwn_send_sensitivity(struct iwn_softc *sc) 6167 { 6168 struct iwn_calib_state *calib = &sc->calib; 6169 struct iwn_enhanced_sensitivity_cmd cmd; 6170 int len; 6171 6172 memset(&cmd, 0, sizeof cmd); 6173 len = sizeof (struct iwn_sensitivity_cmd); 6174 cmd.which = IWN_SENSITIVITY_WORKTBL; 6175 /* OFDM modulation. */ 6176 cmd.corr_ofdm_x1 = htole16(calib->ofdm_x1); 6177 cmd.corr_ofdm_mrc_x1 = htole16(calib->ofdm_mrc_x1); 6178 cmd.corr_ofdm_x4 = htole16(calib->ofdm_x4); 6179 cmd.corr_ofdm_mrc_x4 = htole16(calib->ofdm_mrc_x4); 6180 cmd.energy_ofdm = htole16(sc->limits->energy_ofdm); 6181 cmd.energy_ofdm_th = htole16(62); 6182 /* CCK modulation. */ 6183 cmd.corr_cck_x4 = htole16(calib->cck_x4); 6184 cmd.corr_cck_mrc_x4 = htole16(calib->cck_mrc_x4); 6185 cmd.energy_cck = htole16(calib->energy_cck); 6186 /* Barker modulation: use default values. */ 6187 cmd.corr_barker = htole16(190); 6188 cmd.corr_barker_mrc = htole16(sc->limits->barker_mrc); 6189 6190 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6191 "%s: set sensitivity %d/%d/%d/%d/%d/%d/%d\n", __func__, 6192 calib->ofdm_x1, calib->ofdm_mrc_x1, calib->ofdm_x4, 6193 calib->ofdm_mrc_x4, calib->cck_x4, 6194 calib->cck_mrc_x4, calib->energy_cck); 6195 6196 if (!(sc->sc_flags & IWN_FLAG_ENH_SENS)) 6197 goto send; 6198 /* Enhanced sensitivity settings. */ 6199 len = sizeof (struct iwn_enhanced_sensitivity_cmd); 6200 cmd.ofdm_det_slope_mrc = htole16(668); 6201 cmd.ofdm_det_icept_mrc = htole16(4); 6202 cmd.ofdm_det_slope = htole16(486); 6203 cmd.ofdm_det_icept = htole16(37); 6204 cmd.cck_det_slope_mrc = htole16(853); 6205 cmd.cck_det_icept_mrc = htole16(4); 6206 cmd.cck_det_slope = htole16(476); 6207 cmd.cck_det_icept = htole16(99); 6208 send: 6209 return iwn_cmd(sc, IWN_CMD_SET_SENSITIVITY, &cmd, len, 1); 6210 } 6211 6212 /* 6213 * Look at the increase of PLCP errors over time; if it exceeds 6214 * a programmed threshold then trigger an RF retune. 6215 */ 6216 static void 6217 iwn_check_rx_recovery(struct iwn_softc *sc, struct iwn_stats *rs) 6218 { 6219 int32_t delta_ofdm, delta_ht, delta_cck; 6220 struct iwn_calib_state *calib = &sc->calib; 6221 int delta_ticks, cur_ticks; 6222 int delta_msec; 6223 int thresh; 6224 6225 /* 6226 * Calculate the difference between the current and 6227 * previous statistics. 6228 */ 6229 delta_cck = le32toh(rs->rx.cck.bad_plcp) - calib->bad_plcp_cck; 6230 delta_ofdm = le32toh(rs->rx.ofdm.bad_plcp) - calib->bad_plcp_ofdm; 6231 delta_ht = le32toh(rs->rx.ht.bad_plcp) - calib->bad_plcp_ht; 6232 6233 /* 6234 * Calculate the delta in time between successive statistics 6235 * messages. Yes, it can roll over; so we make sure that 6236 * this doesn't happen. 6237 * 6238 * XXX go figure out what to do about rollover 6239 * XXX go figure out what to do if ticks rolls over to -ve instead! 6240 * XXX go stab signed integer overflow undefined-ness in the face. 6241 */ 6242 cur_ticks = ticks; 6243 delta_ticks = cur_ticks - sc->last_calib_ticks; 6244 6245 /* 6246 * If any are negative, then the firmware likely reset; so just 6247 * bail. We'll pick this up next time. 6248 */ 6249 if (delta_cck < 0 || delta_ofdm < 0 || delta_ht < 0 || delta_ticks < 0) 6250 return; 6251 6252 /* 6253 * delta_ticks is in ticks; we need to convert it up to milliseconds 6254 * so we can do some useful math with it. 6255 */ 6256 delta_msec = ticks_to_msecs(delta_ticks); 6257 6258 /* 6259 * Calculate what our threshold is given the current delta_msec. 6260 */ 6261 thresh = sc->base_params->plcp_err_threshold * delta_msec; 6262 6263 DPRINTF(sc, IWN_DEBUG_STATE, 6264 "%s: time delta: %d; cck=%d, ofdm=%d, ht=%d, total=%d, thresh=%d\n", 6265 __func__, 6266 delta_msec, 6267 delta_cck, 6268 delta_ofdm, 6269 delta_ht, 6270 (delta_msec + delta_cck + delta_ofdm + delta_ht), 6271 thresh); 6272 6273 /* 6274 * If we need a retune, then schedule a single channel scan 6275 * to a channel that isn't the currently active one! 6276 * 6277 * The math from linux iwlwifi: 6278 * 6279 * if ((delta * 100 / msecs) > threshold) 6280 */ 6281 if (thresh > 0 && (delta_cck + delta_ofdm + delta_ht) * 100 > thresh) { 6282 DPRINTF(sc, IWN_DEBUG_ANY, 6283 "%s: PLCP error threshold raw (%d) comparison (%d) " 6284 "over limit (%d); retune!\n", 6285 __func__, 6286 (delta_cck + delta_ofdm + delta_ht), 6287 (delta_cck + delta_ofdm + delta_ht) * 100, 6288 thresh); 6289 } 6290 } 6291 6292 /* 6293 * Set STA mode power saving level (between 0 and 5). 6294 * Level 0 is CAM (Continuously Aware Mode), 5 is for maximum power saving. 6295 */ 6296 static int 6297 iwn_set_pslevel(struct iwn_softc *sc, int dtim, int level, int async) 6298 { 6299 struct iwn_pmgt_cmd cmd; 6300 const struct iwn_pmgt *pmgt; 6301 uint32_t max, skip_dtim; 6302 uint32_t reg; 6303 int i; 6304 6305 DPRINTF(sc, IWN_DEBUG_PWRSAVE, 6306 "%s: dtim=%d, level=%d, async=%d\n", 6307 __func__, 6308 dtim, 6309 level, 6310 async); 6311 6312 /* Select which PS parameters to use. */ 6313 if (dtim <= 2) 6314 pmgt = &iwn_pmgt[0][level]; 6315 else if (dtim <= 10) 6316 pmgt = &iwn_pmgt[1][level]; 6317 else 6318 pmgt = &iwn_pmgt[2][level]; 6319 6320 memset(&cmd, 0, sizeof cmd); 6321 if (level != 0) /* not CAM */ 6322 cmd.flags |= htole16(IWN_PS_ALLOW_SLEEP); 6323 if (level == 5) 6324 cmd.flags |= htole16(IWN_PS_FAST_PD); 6325 /* Retrieve PCIe Active State Power Management (ASPM). */ 6326 reg = pci_read_config(sc->sc_dev, sc->sc_cap_off + PCIER_LINK_CTL, 4); 6327 if (!(reg & PCIEM_LINK_CTL_ASPMC_L0S)) /* L0s Entry disabled. */ 6328 cmd.flags |= htole16(IWN_PS_PCI_PMGT); 6329 cmd.rxtimeout = htole32(pmgt->rxtimeout * 1024); 6330 cmd.txtimeout = htole32(pmgt->txtimeout * 1024); 6331 6332 if (dtim == 0) { 6333 dtim = 1; 6334 skip_dtim = 0; 6335 } else 6336 skip_dtim = pmgt->skip_dtim; 6337 if (skip_dtim != 0) { 6338 cmd.flags |= htole16(IWN_PS_SLEEP_OVER_DTIM); 6339 max = pmgt->intval[4]; 6340 if (max == (uint32_t)-1) 6341 max = dtim * (skip_dtim + 1); 6342 else if (max > dtim) 6343 max = rounddown(max, dtim); 6344 } else 6345 max = dtim; 6346 for (i = 0; i < 5; i++) 6347 cmd.intval[i] = htole32(MIN(max, pmgt->intval[i])); 6348 6349 DPRINTF(sc, IWN_DEBUG_RESET, "setting power saving level to %d\n", 6350 level); 6351 return iwn_cmd(sc, IWN_CMD_SET_POWER_MODE, &cmd, sizeof cmd, async); 6352 } 6353 6354 static int 6355 iwn_send_btcoex(struct iwn_softc *sc) 6356 { 6357 struct iwn_bluetooth cmd; 6358 6359 memset(&cmd, 0, sizeof cmd); 6360 cmd.flags = IWN_BT_COEX_CHAN_ANN | IWN_BT_COEX_BT_PRIO; 6361 cmd.lead_time = IWN_BT_LEAD_TIME_DEF; 6362 cmd.max_kill = IWN_BT_MAX_KILL_DEF; 6363 DPRINTF(sc, IWN_DEBUG_RESET, "%s: configuring bluetooth coexistence\n", 6364 __func__); 6365 return iwn_cmd(sc, IWN_CMD_BT_COEX, &cmd, sizeof(cmd), 0); 6366 } 6367 6368 static int 6369 iwn_send_advanced_btcoex(struct iwn_softc *sc) 6370 { 6371 static const uint32_t btcoex_3wire[12] = { 6372 0xaaaaaaaa, 0xaaaaaaaa, 0xaeaaaaaa, 0xaaaaaaaa, 6373 0xcc00ff28, 0x0000aaaa, 0xcc00aaaa, 0x0000aaaa, 6374 0xc0004000, 0x00004000, 0xf0005000, 0xf0005000, 6375 }; 6376 struct iwn6000_btcoex_config btconfig; 6377 struct iwn2000_btcoex_config btconfig2k; 6378 struct iwn_btcoex_priotable btprio; 6379 struct iwn_btcoex_prot btprot; 6380 int error, i; 6381 uint8_t flags; 6382 6383 memset(&btconfig, 0, sizeof btconfig); 6384 memset(&btconfig2k, 0, sizeof btconfig2k); 6385 6386 flags = IWN_BT_FLAG_COEX6000_MODE_3W << 6387 IWN_BT_FLAG_COEX6000_MODE_SHIFT; // Done as is in linux kernel 3.2 6388 6389 if (sc->base_params->bt_sco_disable) 6390 flags &= ~IWN_BT_FLAG_SYNC_2_BT_DISABLE; 6391 else 6392 flags |= IWN_BT_FLAG_SYNC_2_BT_DISABLE; 6393 6394 flags |= IWN_BT_FLAG_COEX6000_CHAN_INHIBITION; 6395 6396 /* Default flags result is 145 as old value */ 6397 6398 /* 6399 * Flags value has to be review. Values must change if we 6400 * which to disable it 6401 */ 6402 if (sc->base_params->bt_session_2) { 6403 btconfig2k.flags = flags; 6404 btconfig2k.max_kill = 5; 6405 btconfig2k.bt3_t7_timer = 1; 6406 btconfig2k.kill_ack = htole32(0xffff0000); 6407 btconfig2k.kill_cts = htole32(0xffff0000); 6408 btconfig2k.sample_time = 2; 6409 btconfig2k.bt3_t2_timer = 0xc; 6410 6411 for (i = 0; i < 12; i++) 6412 btconfig2k.lookup_table[i] = htole32(btcoex_3wire[i]); 6413 btconfig2k.valid = htole16(0xff); 6414 btconfig2k.prio_boost = htole32(0xf0); 6415 DPRINTF(sc, IWN_DEBUG_RESET, 6416 "%s: configuring advanced bluetooth coexistence" 6417 " session 2, flags : 0x%x\n", 6418 __func__, 6419 flags); 6420 error = iwn_cmd(sc, IWN_CMD_BT_COEX, &btconfig2k, 6421 sizeof(btconfig2k), 1); 6422 } else { 6423 btconfig.flags = flags; 6424 btconfig.max_kill = 5; 6425 btconfig.bt3_t7_timer = 1; 6426 btconfig.kill_ack = htole32(0xffff0000); 6427 btconfig.kill_cts = htole32(0xffff0000); 6428 btconfig.sample_time = 2; 6429 btconfig.bt3_t2_timer = 0xc; 6430 6431 for (i = 0; i < 12; i++) 6432 btconfig.lookup_table[i] = htole32(btcoex_3wire[i]); 6433 btconfig.valid = htole16(0xff); 6434 btconfig.prio_boost = 0xf0; 6435 DPRINTF(sc, IWN_DEBUG_RESET, 6436 "%s: configuring advanced bluetooth coexistence," 6437 " flags : 0x%x\n", 6438 __func__, 6439 flags); 6440 error = iwn_cmd(sc, IWN_CMD_BT_COEX, &btconfig, 6441 sizeof(btconfig), 1); 6442 } 6443 6444 if (error != 0) 6445 return error; 6446 6447 memset(&btprio, 0, sizeof btprio); 6448 btprio.calib_init1 = 0x6; 6449 btprio.calib_init2 = 0x7; 6450 btprio.calib_periodic_low1 = 0x2; 6451 btprio.calib_periodic_low2 = 0x3; 6452 btprio.calib_periodic_high1 = 0x4; 6453 btprio.calib_periodic_high2 = 0x5; 6454 btprio.dtim = 0x6; 6455 btprio.scan52 = 0x8; 6456 btprio.scan24 = 0xa; 6457 error = iwn_cmd(sc, IWN_CMD_BT_COEX_PRIOTABLE, &btprio, sizeof(btprio), 6458 1); 6459 if (error != 0) 6460 return error; 6461 6462 /* Force BT state machine change. */ 6463 memset(&btprot, 0, sizeof btprot); 6464 btprot.open = 1; 6465 btprot.type = 1; 6466 error = iwn_cmd(sc, IWN_CMD_BT_COEX_PROT, &btprot, sizeof(btprot), 1); 6467 if (error != 0) 6468 return error; 6469 btprot.open = 0; 6470 return iwn_cmd(sc, IWN_CMD_BT_COEX_PROT, &btprot, sizeof(btprot), 1); 6471 } 6472 6473 static int 6474 iwn5000_runtime_calib(struct iwn_softc *sc) 6475 { 6476 struct iwn5000_calib_config cmd; 6477 6478 memset(&cmd, 0, sizeof cmd); 6479 cmd.ucode.once.enable = 0xffffffff; 6480 cmd.ucode.once.start = IWN5000_CALIB_DC; 6481 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6482 "%s: configuring runtime calibration\n", __func__); 6483 return iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof(cmd), 0); 6484 } 6485 6486 static uint32_t 6487 iwn_get_rxon_ht_flags(struct iwn_softc *sc, struct ieee80211_channel *c) 6488 { 6489 struct ieee80211com *ic = &sc->sc_ic; 6490 uint32_t htflags = 0; 6491 6492 if (! IEEE80211_IS_CHAN_HT(c)) 6493 return (0); 6494 6495 htflags |= IWN_RXON_HT_PROTMODE(ic->ic_curhtprotmode); 6496 6497 if (IEEE80211_IS_CHAN_HT40(c)) { 6498 switch (ic->ic_curhtprotmode) { 6499 case IEEE80211_HTINFO_OPMODE_HT20PR: 6500 htflags |= IWN_RXON_HT_MODEPURE40; 6501 break; 6502 default: 6503 htflags |= IWN_RXON_HT_MODEMIXED; 6504 break; 6505 } 6506 } 6507 if (IEEE80211_IS_CHAN_HT40D(c)) 6508 htflags |= IWN_RXON_HT_HT40MINUS; 6509 6510 return (htflags); 6511 } 6512 6513 static int 6514 iwn_config(struct iwn_softc *sc) 6515 { 6516 struct iwn_ops *ops = &sc->ops; 6517 struct ieee80211com *ic = &sc->sc_ic; 6518 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 6519 const uint8_t *macaddr; 6520 uint32_t txmask; 6521 uint16_t rxchain; 6522 int error; 6523 6524 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 6525 6526 if ((sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSET) 6527 && (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2)) { 6528 device_printf(sc->sc_dev,"%s: temp_offset and temp_offsetv2 are" 6529 " exclusive each together. Review NIC config file. Conf" 6530 " : 0x%08x Flags : 0x%08x \n", __func__, 6531 sc->base_params->calib_need, 6532 (IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSET | 6533 IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2)); 6534 return (EINVAL); 6535 } 6536 6537 /* Compute temperature calib if needed. Will be send by send calib */ 6538 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSET) { 6539 error = iwn5000_temp_offset_calib(sc); 6540 if (error != 0) { 6541 device_printf(sc->sc_dev, 6542 "%s: could not set temperature offset\n", __func__); 6543 return (error); 6544 } 6545 } else if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2) { 6546 error = iwn5000_temp_offset_calibv2(sc); 6547 if (error != 0) { 6548 device_printf(sc->sc_dev, 6549 "%s: could not compute temperature offset v2\n", 6550 __func__); 6551 return (error); 6552 } 6553 } 6554 6555 if (sc->hw_type == IWN_HW_REV_TYPE_6050) { 6556 /* Configure runtime DC calibration. */ 6557 error = iwn5000_runtime_calib(sc); 6558 if (error != 0) { 6559 device_printf(sc->sc_dev, 6560 "%s: could not configure runtime calibration\n", 6561 __func__); 6562 return error; 6563 } 6564 } 6565 6566 /* Configure valid TX chains for >=5000 Series. */ 6567 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 6568 IWN_UCODE_API(sc->ucode_rev) > 1) { 6569 txmask = htole32(sc->txchainmask); 6570 DPRINTF(sc, IWN_DEBUG_RESET | IWN_DEBUG_XMIT, 6571 "%s: configuring valid TX chains 0x%x\n", __func__, txmask); 6572 error = iwn_cmd(sc, IWN5000_CMD_TX_ANT_CONFIG, &txmask, 6573 sizeof txmask, 0); 6574 if (error != 0) { 6575 device_printf(sc->sc_dev, 6576 "%s: could not configure valid TX chains, " 6577 "error %d\n", __func__, error); 6578 return error; 6579 } 6580 } 6581 6582 /* Configure bluetooth coexistence. */ 6583 error = 0; 6584 6585 /* Configure bluetooth coexistence if needed. */ 6586 if (sc->base_params->bt_mode == IWN_BT_ADVANCED) 6587 error = iwn_send_advanced_btcoex(sc); 6588 if (sc->base_params->bt_mode == IWN_BT_SIMPLE) 6589 error = iwn_send_btcoex(sc); 6590 6591 if (error != 0) { 6592 device_printf(sc->sc_dev, 6593 "%s: could not configure bluetooth coexistence, error %d\n", 6594 __func__, error); 6595 return error; 6596 } 6597 6598 /* Set mode, channel, RX filter and enable RX. */ 6599 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 6600 memset(sc->rxon, 0, sizeof (struct iwn_rxon)); 6601 macaddr = vap ? vap->iv_myaddr : ic->ic_macaddr; 6602 IEEE80211_ADDR_COPY(sc->rxon->myaddr, macaddr); 6603 IEEE80211_ADDR_COPY(sc->rxon->wlap, macaddr); 6604 sc->rxon->chan = ieee80211_chan2ieee(ic, ic->ic_curchan); 6605 sc->rxon->flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 6606 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) 6607 sc->rxon->flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 6608 switch (ic->ic_opmode) { 6609 case IEEE80211_M_STA: 6610 sc->rxon->mode = IWN_MODE_STA; 6611 sc->rxon->filter = htole32(IWN_FILTER_MULTICAST); 6612 break; 6613 case IEEE80211_M_MONITOR: 6614 sc->rxon->mode = IWN_MODE_MONITOR; 6615 sc->rxon->filter = htole32(IWN_FILTER_MULTICAST | 6616 IWN_FILTER_CTL | IWN_FILTER_PROMISC); 6617 break; 6618 default: 6619 /* Should not get there. */ 6620 break; 6621 } 6622 sc->rxon->cck_mask = 0x0f; /* not yet negotiated */ 6623 sc->rxon->ofdm_mask = 0xff; /* not yet negotiated */ 6624 sc->rxon->ht_single_mask = 0xff; 6625 sc->rxon->ht_dual_mask = 0xff; 6626 sc->rxon->ht_triple_mask = 0xff; 6627 /* 6628 * In active association mode, ensure that 6629 * all the receive chains are enabled. 6630 * 6631 * Since we're not yet doing SMPS, don't allow the 6632 * number of idle RX chains to be less than the active 6633 * number. 6634 */ 6635 rxchain = 6636 IWN_RXCHAIN_VALID(sc->rxchainmask) | 6637 IWN_RXCHAIN_MIMO_COUNT(sc->nrxchains) | 6638 IWN_RXCHAIN_IDLE_COUNT(sc->nrxchains); 6639 sc->rxon->rxchain = htole16(rxchain); 6640 DPRINTF(sc, IWN_DEBUG_RESET | IWN_DEBUG_XMIT, 6641 "%s: rxchainmask=0x%x, nrxchains=%d\n", 6642 __func__, 6643 sc->rxchainmask, 6644 sc->nrxchains); 6645 6646 sc->rxon->flags |= htole32(iwn_get_rxon_ht_flags(sc, ic->ic_curchan)); 6647 6648 DPRINTF(sc, IWN_DEBUG_RESET, 6649 "%s: setting configuration; flags=0x%08x\n", 6650 __func__, le32toh(sc->rxon->flags)); 6651 if (sc->sc_is_scanning) 6652 device_printf(sc->sc_dev, 6653 "%s: is_scanning set, before RXON\n", 6654 __func__); 6655 error = iwn_cmd(sc, IWN_CMD_RXON, sc->rxon, sc->rxonsz, 0); 6656 if (error != 0) { 6657 device_printf(sc->sc_dev, "%s: RXON command failed\n", 6658 __func__); 6659 return error; 6660 } 6661 6662 if ((error = iwn_add_broadcast_node(sc, 0)) != 0) { 6663 device_printf(sc->sc_dev, "%s: could not add broadcast node\n", 6664 __func__); 6665 return error; 6666 } 6667 6668 /* Configuration has changed, set TX power accordingly. */ 6669 if ((error = ops->set_txpower(sc, ic->ic_curchan, 0)) != 0) { 6670 device_printf(sc->sc_dev, "%s: could not set TX power\n", 6671 __func__); 6672 return error; 6673 } 6674 6675 if ((error = iwn_set_critical_temp(sc)) != 0) { 6676 device_printf(sc->sc_dev, 6677 "%s: could not set critical temperature\n", __func__); 6678 return error; 6679 } 6680 6681 /* Set power saving level to CAM during initialization. */ 6682 if ((error = iwn_set_pslevel(sc, 0, 0, 0)) != 0) { 6683 device_printf(sc->sc_dev, 6684 "%s: could not set power saving level\n", __func__); 6685 return error; 6686 } 6687 6688 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 6689 6690 return 0; 6691 } 6692 6693 static uint16_t 6694 iwn_get_active_dwell_time(struct iwn_softc *sc, 6695 struct ieee80211_channel *c, uint8_t n_probes) 6696 { 6697 /* No channel? Default to 2GHz settings */ 6698 if (c == NULL || IEEE80211_IS_CHAN_2GHZ(c)) { 6699 return (IWN_ACTIVE_DWELL_TIME_2GHZ + 6700 IWN_ACTIVE_DWELL_FACTOR_2GHZ * (n_probes + 1)); 6701 } 6702 6703 /* 5GHz dwell time */ 6704 return (IWN_ACTIVE_DWELL_TIME_5GHZ + 6705 IWN_ACTIVE_DWELL_FACTOR_5GHZ * (n_probes + 1)); 6706 } 6707 6708 /* 6709 * Limit the total dwell time to 85% of the beacon interval. 6710 * 6711 * Returns the dwell time in milliseconds. 6712 */ 6713 static uint16_t 6714 iwn_limit_dwell(struct iwn_softc *sc, uint16_t dwell_time) 6715 { 6716 struct ieee80211com *ic = &sc->sc_ic; 6717 struct ieee80211vap *vap = NULL; 6718 int bintval = 0; 6719 6720 /* bintval is in TU (1.024mS) */ 6721 if (! TAILQ_EMPTY(&ic->ic_vaps)) { 6722 vap = TAILQ_FIRST(&ic->ic_vaps); 6723 bintval = vap->iv_bss->ni_intval; 6724 } 6725 6726 /* 6727 * If it's non-zero, we should calculate the minimum of 6728 * it and the DWELL_BASE. 6729 * 6730 * XXX Yes, the math should take into account that bintval 6731 * is 1.024mS, not 1mS.. 6732 */ 6733 if (bintval > 0) { 6734 DPRINTF(sc, IWN_DEBUG_SCAN, 6735 "%s: bintval=%d\n", 6736 __func__, 6737 bintval); 6738 return (MIN(IWN_PASSIVE_DWELL_BASE, ((bintval * 85) / 100))); 6739 } 6740 6741 /* No association context? Default */ 6742 return (IWN_PASSIVE_DWELL_BASE); 6743 } 6744 6745 static uint16_t 6746 iwn_get_passive_dwell_time(struct iwn_softc *sc, struct ieee80211_channel *c) 6747 { 6748 uint16_t passive; 6749 6750 if (c == NULL || IEEE80211_IS_CHAN_2GHZ(c)) { 6751 passive = IWN_PASSIVE_DWELL_BASE + IWN_PASSIVE_DWELL_TIME_2GHZ; 6752 } else { 6753 passive = IWN_PASSIVE_DWELL_BASE + IWN_PASSIVE_DWELL_TIME_5GHZ; 6754 } 6755 6756 /* Clamp to the beacon interval if we're associated */ 6757 return (iwn_limit_dwell(sc, passive)); 6758 } 6759 6760 static int 6761 iwn_scan(struct iwn_softc *sc, struct ieee80211vap *vap, 6762 struct ieee80211_scan_state *ss, struct ieee80211_channel *c) 6763 { 6764 struct ieee80211com *ic = &sc->sc_ic; 6765 struct ieee80211_node *ni = vap->iv_bss; 6766 struct iwn_scan_hdr *hdr; 6767 struct iwn_cmd_data *tx; 6768 struct iwn_scan_essid *essid; 6769 struct iwn_scan_chan *chan; 6770 struct ieee80211_frame *wh; 6771 struct ieee80211_rateset *rs; 6772 uint8_t *buf, *frm; 6773 uint16_t rxchain; 6774 uint8_t txant; 6775 int buflen, error; 6776 int is_active; 6777 uint16_t dwell_active, dwell_passive; 6778 uint32_t extra, scan_service_time; 6779 6780 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 6781 6782 /* 6783 * We are absolutely not allowed to send a scan command when another 6784 * scan command is pending. 6785 */ 6786 if (sc->sc_is_scanning) { 6787 device_printf(sc->sc_dev, "%s: called whilst scanning!\n", 6788 __func__); 6789 return (EAGAIN); 6790 } 6791 6792 /* Assign the scan channel */ 6793 c = ic->ic_curchan; 6794 6795 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 6796 buf = malloc(IWN_SCAN_MAXSZ, M_DEVBUF, M_NOWAIT | M_ZERO); 6797 if (buf == NULL) { 6798 device_printf(sc->sc_dev, 6799 "%s: could not allocate buffer for scan command\n", 6800 __func__); 6801 return ENOMEM; 6802 } 6803 hdr = (struct iwn_scan_hdr *)buf; 6804 /* 6805 * Move to the next channel if no frames are received within 10ms 6806 * after sending the probe request. 6807 */ 6808 hdr->quiet_time = htole16(10); /* timeout in milliseconds */ 6809 hdr->quiet_threshold = htole16(1); /* min # of packets */ 6810 /* 6811 * Max needs to be greater than active and passive and quiet! 6812 * It's also in microseconds! 6813 */ 6814 hdr->max_svc = htole32(250 * 1024); 6815 6816 /* 6817 * Reset scan: interval=100 6818 * Normal scan: interval=becaon interval 6819 * suspend_time: 100 (TU) 6820 * 6821 */ 6822 extra = (100 /* suspend_time */ / 100 /* beacon interval */) << 22; 6823 //scan_service_time = extra | ((100 /* susp */ % 100 /* int */) * 1024); 6824 scan_service_time = (4 << 22) | (100 * 1024); /* Hardcode for now! */ 6825 hdr->pause_svc = htole32(scan_service_time); 6826 6827 /* Select antennas for scanning. */ 6828 rxchain = 6829 IWN_RXCHAIN_VALID(sc->rxchainmask) | 6830 IWN_RXCHAIN_FORCE_MIMO_SEL(sc->rxchainmask) | 6831 IWN_RXCHAIN_DRIVER_FORCE; 6832 if (IEEE80211_IS_CHAN_A(c) && 6833 sc->hw_type == IWN_HW_REV_TYPE_4965) { 6834 /* Ant A must be avoided in 5GHz because of an HW bug. */ 6835 rxchain |= IWN_RXCHAIN_FORCE_SEL(IWN_ANT_B); 6836 } else /* Use all available RX antennas. */ 6837 rxchain |= IWN_RXCHAIN_FORCE_SEL(sc->rxchainmask); 6838 hdr->rxchain = htole16(rxchain); 6839 hdr->filter = htole32(IWN_FILTER_MULTICAST | IWN_FILTER_BEACON); 6840 6841 tx = (struct iwn_cmd_data *)(hdr + 1); 6842 tx->flags = htole32(IWN_TX_AUTO_SEQ); 6843 tx->id = sc->broadcast_id; 6844 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 6845 6846 if (IEEE80211_IS_CHAN_5GHZ(c)) { 6847 /* Send probe requests at 6Mbps. */ 6848 tx->rate = htole32(0xd); 6849 rs = &ic->ic_sup_rates[IEEE80211_MODE_11A]; 6850 } else { 6851 hdr->flags = htole32(IWN_RXON_24GHZ | IWN_RXON_AUTO); 6852 if (sc->hw_type == IWN_HW_REV_TYPE_4965 && 6853 sc->rxon->associd && sc->rxon->chan > 14) 6854 tx->rate = htole32(0xd); 6855 else { 6856 /* Send probe requests at 1Mbps. */ 6857 tx->rate = htole32(10 | IWN_RFLAG_CCK); 6858 } 6859 rs = &ic->ic_sup_rates[IEEE80211_MODE_11G]; 6860 } 6861 /* Use the first valid TX antenna. */ 6862 txant = IWN_LSB(sc->txchainmask); 6863 tx->rate |= htole32(IWN_RFLAG_ANT(txant)); 6864 6865 /* 6866 * Only do active scanning if we're announcing a probe request 6867 * for a given SSID (or more, if we ever add it to the driver.) 6868 */ 6869 is_active = 0; 6870 6871 /* 6872 * If we're scanning for a specific SSID, add it to the command. 6873 * 6874 * XXX maybe look at adding support for scanning multiple SSIDs? 6875 */ 6876 essid = (struct iwn_scan_essid *)(tx + 1); 6877 if (ss != NULL) { 6878 if (ss->ss_ssid[0].len != 0) { 6879 essid[0].id = IEEE80211_ELEMID_SSID; 6880 essid[0].len = ss->ss_ssid[0].len; 6881 memcpy(essid[0].data, ss->ss_ssid[0].ssid, ss->ss_ssid[0].len); 6882 } 6883 6884 DPRINTF(sc, IWN_DEBUG_SCAN, "%s: ssid_len=%d, ssid=%*s\n", 6885 __func__, 6886 ss->ss_ssid[0].len, 6887 ss->ss_ssid[0].len, 6888 ss->ss_ssid[0].ssid); 6889 6890 if (ss->ss_nssid > 0) 6891 is_active = 1; 6892 } 6893 6894 /* 6895 * Build a probe request frame. Most of the following code is a 6896 * copy & paste of what is done in net80211. 6897 */ 6898 wh = (struct ieee80211_frame *)(essid + 20); 6899 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 6900 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 6901 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 6902 IEEE80211_ADDR_COPY(wh->i_addr1, vap->iv_ifp->if_broadcastaddr); 6903 IEEE80211_ADDR_COPY(wh->i_addr2, IF_LLADDR(vap->iv_ifp)); 6904 IEEE80211_ADDR_COPY(wh->i_addr3, vap->iv_ifp->if_broadcastaddr); 6905 *(uint16_t *)&wh->i_dur[0] = 0; /* filled by HW */ 6906 *(uint16_t *)&wh->i_seq[0] = 0; /* filled by HW */ 6907 6908 frm = (uint8_t *)(wh + 1); 6909 frm = ieee80211_add_ssid(frm, NULL, 0); 6910 frm = ieee80211_add_rates(frm, rs); 6911 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 6912 frm = ieee80211_add_xrates(frm, rs); 6913 if (ic->ic_htcaps & IEEE80211_HTC_HT) 6914 frm = ieee80211_add_htcap(frm, ni); 6915 6916 /* Set length of probe request. */ 6917 tx->len = htole16(frm - (uint8_t *)wh); 6918 6919 /* 6920 * If active scanning is requested but a certain channel is 6921 * marked passive, we can do active scanning if we detect 6922 * transmissions. 6923 * 6924 * There is an issue with some firmware versions that triggers 6925 * a sysassert on a "good CRC threshold" of zero (== disabled), 6926 * on a radar channel even though this means that we should NOT 6927 * send probes. 6928 * 6929 * The "good CRC threshold" is the number of frames that we 6930 * need to receive during our dwell time on a channel before 6931 * sending out probes -- setting this to a huge value will 6932 * mean we never reach it, but at the same time work around 6933 * the aforementioned issue. Thus use IWL_GOOD_CRC_TH_NEVER 6934 * here instead of IWL_GOOD_CRC_TH_DISABLED. 6935 * 6936 * This was fixed in later versions along with some other 6937 * scan changes, and the threshold behaves as a flag in those 6938 * versions. 6939 */ 6940 6941 /* 6942 * If we're doing active scanning, set the crc_threshold 6943 * to a suitable value. This is different to active veruss 6944 * passive scanning depending upon the channel flags; the 6945 * firmware will obey that particular check for us. 6946 */ 6947 if (sc->tlv_feature_flags & IWN_UCODE_TLV_FLAGS_NEWSCAN) 6948 hdr->crc_threshold = is_active ? 6949 IWN_GOOD_CRC_TH_DEFAULT : IWN_GOOD_CRC_TH_DISABLED; 6950 else 6951 hdr->crc_threshold = is_active ? 6952 IWN_GOOD_CRC_TH_DEFAULT : IWN_GOOD_CRC_TH_NEVER; 6953 6954 chan = (struct iwn_scan_chan *)frm; 6955 chan->chan = htole16(ieee80211_chan2ieee(ic, c)); 6956 chan->flags = 0; 6957 if (ss->ss_nssid > 0) 6958 chan->flags |= htole32(IWN_CHAN_NPBREQS(1)); 6959 chan->dsp_gain = 0x6e; 6960 6961 /* 6962 * Set the passive/active flag depending upon the channel mode. 6963 * XXX TODO: take the is_active flag into account as well? 6964 */ 6965 if (c->ic_flags & IEEE80211_CHAN_PASSIVE) 6966 chan->flags |= htole32(IWN_CHAN_PASSIVE); 6967 else 6968 chan->flags |= htole32(IWN_CHAN_ACTIVE); 6969 6970 /* 6971 * Calculate the active/passive dwell times. 6972 */ 6973 6974 dwell_active = iwn_get_active_dwell_time(sc, c, ss->ss_nssid); 6975 dwell_passive = iwn_get_passive_dwell_time(sc, c); 6976 6977 /* Make sure they're valid */ 6978 if (dwell_passive <= dwell_active) 6979 dwell_passive = dwell_active + 1; 6980 6981 chan->active = htole16(dwell_active); 6982 chan->passive = htole16(dwell_passive); 6983 6984 if (IEEE80211_IS_CHAN_5GHZ(c)) 6985 chan->rf_gain = 0x3b; 6986 else 6987 chan->rf_gain = 0x28; 6988 6989 DPRINTF(sc, IWN_DEBUG_STATE, 6990 "%s: chan %u flags 0x%x rf_gain 0x%x " 6991 "dsp_gain 0x%x active %d passive %d scan_svc_time %d crc 0x%x " 6992 "isactive=%d numssid=%d\n", __func__, 6993 chan->chan, chan->flags, chan->rf_gain, chan->dsp_gain, 6994 dwell_active, dwell_passive, scan_service_time, 6995 hdr->crc_threshold, is_active, ss->ss_nssid); 6996 6997 hdr->nchan++; 6998 chan++; 6999 buflen = (uint8_t *)chan - buf; 7000 hdr->len = htole16(buflen); 7001 7002 if (sc->sc_is_scanning) { 7003 device_printf(sc->sc_dev, 7004 "%s: called with is_scanning set!\n", 7005 __func__); 7006 } 7007 sc->sc_is_scanning = 1; 7008 7009 DPRINTF(sc, IWN_DEBUG_STATE, "sending scan command nchan=%d\n", 7010 hdr->nchan); 7011 error = iwn_cmd(sc, IWN_CMD_SCAN, buf, buflen, 1); 7012 free(buf, M_DEVBUF); 7013 if (error == 0) 7014 callout_reset(&sc->scan_timeout, 5*hz, iwn_scan_timeout, sc); 7015 7016 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 7017 7018 return error; 7019 } 7020 7021 static int 7022 iwn_auth(struct iwn_softc *sc, struct ieee80211vap *vap) 7023 { 7024 struct iwn_ops *ops = &sc->ops; 7025 struct ieee80211com *ic = &sc->sc_ic; 7026 struct ieee80211_node *ni = vap->iv_bss; 7027 int error; 7028 7029 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7030 7031 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 7032 /* Update adapter configuration. */ 7033 IEEE80211_ADDR_COPY(sc->rxon->bssid, ni->ni_bssid); 7034 sc->rxon->chan = ieee80211_chan2ieee(ic, ni->ni_chan); 7035 sc->rxon->flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 7036 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 7037 sc->rxon->flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 7038 if (ic->ic_flags & IEEE80211_F_SHSLOT) 7039 sc->rxon->flags |= htole32(IWN_RXON_SHSLOT); 7040 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 7041 sc->rxon->flags |= htole32(IWN_RXON_SHPREAMBLE); 7042 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) { 7043 sc->rxon->cck_mask = 0; 7044 sc->rxon->ofdm_mask = 0x15; 7045 } else if (IEEE80211_IS_CHAN_B(ni->ni_chan)) { 7046 sc->rxon->cck_mask = 0x03; 7047 sc->rxon->ofdm_mask = 0; 7048 } else { 7049 /* Assume 802.11b/g. */ 7050 sc->rxon->cck_mask = 0x03; 7051 sc->rxon->ofdm_mask = 0x15; 7052 } 7053 7054 /* try HT */ 7055 sc->rxon->flags |= htole32(iwn_get_rxon_ht_flags(sc, ic->ic_curchan)); 7056 7057 DPRINTF(sc, IWN_DEBUG_STATE, "rxon chan %d flags %x cck %x ofdm %x\n", 7058 sc->rxon->chan, sc->rxon->flags, sc->rxon->cck_mask, 7059 sc->rxon->ofdm_mask); 7060 if (sc->sc_is_scanning) 7061 device_printf(sc->sc_dev, 7062 "%s: is_scanning set, before RXON\n", 7063 __func__); 7064 error = iwn_cmd(sc, IWN_CMD_RXON, sc->rxon, sc->rxonsz, 1); 7065 if (error != 0) { 7066 device_printf(sc->sc_dev, "%s: RXON command failed, error %d\n", 7067 __func__, error); 7068 return error; 7069 } 7070 7071 /* Configuration has changed, set TX power accordingly. */ 7072 if ((error = ops->set_txpower(sc, ni->ni_chan, 1)) != 0) { 7073 device_printf(sc->sc_dev, 7074 "%s: could not set TX power, error %d\n", __func__, error); 7075 return error; 7076 } 7077 /* 7078 * Reconfiguring RXON clears the firmware nodes table so we must 7079 * add the broadcast node again. 7080 */ 7081 if ((error = iwn_add_broadcast_node(sc, 1)) != 0) { 7082 device_printf(sc->sc_dev, 7083 "%s: could not add broadcast node, error %d\n", __func__, 7084 error); 7085 return error; 7086 } 7087 7088 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 7089 7090 return 0; 7091 } 7092 7093 static int 7094 iwn_run(struct iwn_softc *sc, struct ieee80211vap *vap) 7095 { 7096 struct iwn_ops *ops = &sc->ops; 7097 struct ieee80211com *ic = &sc->sc_ic; 7098 struct ieee80211_node *ni = vap->iv_bss; 7099 struct iwn_node_info node; 7100 int error; 7101 7102 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7103 7104 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 7105 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 7106 /* Link LED blinks while monitoring. */ 7107 iwn_set_led(sc, IWN_LED_LINK, 5, 5); 7108 return 0; 7109 } 7110 if ((error = iwn_set_timing(sc, ni)) != 0) { 7111 device_printf(sc->sc_dev, 7112 "%s: could not set timing, error %d\n", __func__, error); 7113 return error; 7114 } 7115 7116 /* Update adapter configuration. */ 7117 IEEE80211_ADDR_COPY(sc->rxon->bssid, ni->ni_bssid); 7118 sc->rxon->associd = htole16(IEEE80211_AID(ni->ni_associd)); 7119 sc->rxon->chan = ieee80211_chan2ieee(ic, ni->ni_chan); 7120 sc->rxon->flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 7121 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 7122 sc->rxon->flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 7123 if (ic->ic_flags & IEEE80211_F_SHSLOT) 7124 sc->rxon->flags |= htole32(IWN_RXON_SHSLOT); 7125 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 7126 sc->rxon->flags |= htole32(IWN_RXON_SHPREAMBLE); 7127 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) { 7128 sc->rxon->cck_mask = 0; 7129 sc->rxon->ofdm_mask = 0x15; 7130 } else if (IEEE80211_IS_CHAN_B(ni->ni_chan)) { 7131 sc->rxon->cck_mask = 0x03; 7132 sc->rxon->ofdm_mask = 0; 7133 } else { 7134 /* Assume 802.11b/g. */ 7135 sc->rxon->cck_mask = 0x0f; 7136 sc->rxon->ofdm_mask = 0x15; 7137 } 7138 /* try HT */ 7139 sc->rxon->flags |= htole32(iwn_get_rxon_ht_flags(sc, ni->ni_chan)); 7140 sc->rxon->filter |= htole32(IWN_FILTER_BSS); 7141 DPRINTF(sc, IWN_DEBUG_STATE, "rxon chan %d flags %x, curhtprotmode=%d\n", 7142 sc->rxon->chan, le32toh(sc->rxon->flags), ic->ic_curhtprotmode); 7143 if (sc->sc_is_scanning) 7144 device_printf(sc->sc_dev, 7145 "%s: is_scanning set, before RXON\n", 7146 __func__); 7147 error = iwn_cmd(sc, IWN_CMD_RXON, sc->rxon, sc->rxonsz, 1); 7148 if (error != 0) { 7149 device_printf(sc->sc_dev, 7150 "%s: could not update configuration, error %d\n", __func__, 7151 error); 7152 return error; 7153 } 7154 7155 /* Configuration has changed, set TX power accordingly. */ 7156 if ((error = ops->set_txpower(sc, ni->ni_chan, 1)) != 0) { 7157 device_printf(sc->sc_dev, 7158 "%s: could not set TX power, error %d\n", __func__, error); 7159 return error; 7160 } 7161 7162 /* Fake a join to initialize the TX rate. */ 7163 ((struct iwn_node *)ni)->id = IWN_ID_BSS; 7164 iwn_newassoc(ni, 1); 7165 7166 /* Add BSS node. */ 7167 memset(&node, 0, sizeof node); 7168 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 7169 node.id = IWN_ID_BSS; 7170 if (IEEE80211_IS_CHAN_HT(ni->ni_chan)) { 7171 switch (ni->ni_htcap & IEEE80211_HTCAP_SMPS) { 7172 case IEEE80211_HTCAP_SMPS_ENA: 7173 node.htflags |= htole32(IWN_SMPS_MIMO_DIS); 7174 break; 7175 case IEEE80211_HTCAP_SMPS_DYNAMIC: 7176 node.htflags |= htole32(IWN_SMPS_MIMO_PROT); 7177 break; 7178 } 7179 node.htflags |= htole32(IWN_AMDPU_SIZE_FACTOR(3) | 7180 IWN_AMDPU_DENSITY(5)); /* 4us */ 7181 if (IEEE80211_IS_CHAN_HT40(ni->ni_chan)) 7182 node.htflags |= htole32(IWN_NODE_HT40); 7183 } 7184 DPRINTF(sc, IWN_DEBUG_STATE, "%s: adding BSS node\n", __func__); 7185 error = ops->add_node(sc, &node, 1); 7186 if (error != 0) { 7187 device_printf(sc->sc_dev, 7188 "%s: could not add BSS node, error %d\n", __func__, error); 7189 return error; 7190 } 7191 DPRINTF(sc, IWN_DEBUG_STATE, "%s: setting link quality for node %d\n", 7192 __func__, node.id); 7193 if ((error = iwn_set_link_quality(sc, ni)) != 0) { 7194 device_printf(sc->sc_dev, 7195 "%s: could not setup link quality for node %d, error %d\n", 7196 __func__, node.id, error); 7197 return error; 7198 } 7199 7200 if ((error = iwn_init_sensitivity(sc)) != 0) { 7201 device_printf(sc->sc_dev, 7202 "%s: could not set sensitivity, error %d\n", __func__, 7203 error); 7204 return error; 7205 } 7206 /* Start periodic calibration timer. */ 7207 sc->calib.state = IWN_CALIB_STATE_ASSOC; 7208 sc->calib_cnt = 0; 7209 callout_reset(&sc->calib_to, msecs_to_ticks(500), iwn_calib_timeout, 7210 sc); 7211 7212 /* Link LED always on while associated. */ 7213 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 7214 7215 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 7216 7217 return 0; 7218 } 7219 7220 /* 7221 * This function is called by upper layer when an ADDBA request is received 7222 * from another STA and before the ADDBA response is sent. 7223 */ 7224 static int 7225 iwn_ampdu_rx_start(struct ieee80211_node *ni, struct ieee80211_rx_ampdu *rap, 7226 int baparamset, int batimeout, int baseqctl) 7227 { 7228 #define MS(_v, _f) (((_v) & _f) >> _f##_S) 7229 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7230 struct iwn_ops *ops = &sc->ops; 7231 struct iwn_node *wn = (void *)ni; 7232 struct iwn_node_info node; 7233 uint16_t ssn; 7234 uint8_t tid; 7235 int error; 7236 7237 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7238 7239 tid = MS(le16toh(baparamset), IEEE80211_BAPS_TID); 7240 ssn = MS(le16toh(baseqctl), IEEE80211_BASEQ_START); 7241 7242 memset(&node, 0, sizeof node); 7243 node.id = wn->id; 7244 node.control = IWN_NODE_UPDATE; 7245 node.flags = IWN_FLAG_SET_ADDBA; 7246 node.addba_tid = tid; 7247 node.addba_ssn = htole16(ssn); 7248 DPRINTF(sc, IWN_DEBUG_RECV, "ADDBA RA=%d TID=%d SSN=%d\n", 7249 wn->id, tid, ssn); 7250 error = ops->add_node(sc, &node, 1); 7251 if (error != 0) 7252 return error; 7253 return sc->sc_ampdu_rx_start(ni, rap, baparamset, batimeout, baseqctl); 7254 #undef MS 7255 } 7256 7257 /* 7258 * This function is called by upper layer on teardown of an HT-immediate 7259 * Block Ack agreement (eg. uppon receipt of a DELBA frame). 7260 */ 7261 static void 7262 iwn_ampdu_rx_stop(struct ieee80211_node *ni, struct ieee80211_rx_ampdu *rap) 7263 { 7264 struct ieee80211com *ic = ni->ni_ic; 7265 struct iwn_softc *sc = ic->ic_softc; 7266 struct iwn_ops *ops = &sc->ops; 7267 struct iwn_node *wn = (void *)ni; 7268 struct iwn_node_info node; 7269 uint8_t tid; 7270 7271 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7272 7273 /* XXX: tid as an argument */ 7274 for (tid = 0; tid < WME_NUM_TID; tid++) { 7275 if (&ni->ni_rx_ampdu[tid] == rap) 7276 break; 7277 } 7278 7279 memset(&node, 0, sizeof node); 7280 node.id = wn->id; 7281 node.control = IWN_NODE_UPDATE; 7282 node.flags = IWN_FLAG_SET_DELBA; 7283 node.delba_tid = tid; 7284 DPRINTF(sc, IWN_DEBUG_RECV, "DELBA RA=%d TID=%d\n", wn->id, tid); 7285 (void)ops->add_node(sc, &node, 1); 7286 sc->sc_ampdu_rx_stop(ni, rap); 7287 } 7288 7289 static int 7290 iwn_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 7291 int dialogtoken, int baparamset, int batimeout) 7292 { 7293 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7294 int qid; 7295 7296 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7297 7298 for (qid = sc->firstaggqueue; qid < sc->ntxqs; qid++) { 7299 if (sc->qid2tap[qid] == NULL) 7300 break; 7301 } 7302 if (qid == sc->ntxqs) { 7303 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: not free aggregation queue\n", 7304 __func__); 7305 return 0; 7306 } 7307 tap->txa_private = malloc(sizeof(int), M_DEVBUF, M_NOWAIT); 7308 if (tap->txa_private == NULL) { 7309 device_printf(sc->sc_dev, 7310 "%s: failed to alloc TX aggregation structure\n", __func__); 7311 return 0; 7312 } 7313 sc->qid2tap[qid] = tap; 7314 *(int *)tap->txa_private = qid; 7315 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset, 7316 batimeout); 7317 } 7318 7319 static int 7320 iwn_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 7321 int code, int baparamset, int batimeout) 7322 { 7323 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7324 int qid = *(int *)tap->txa_private; 7325 uint8_t tid = tap->txa_tid; 7326 int ret; 7327 7328 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7329 7330 if (code == IEEE80211_STATUS_SUCCESS) { 7331 ni->ni_txseqs[tid] = tap->txa_start & 0xfff; 7332 ret = iwn_ampdu_tx_start(ni->ni_ic, ni, tid); 7333 if (ret != 1) 7334 return ret; 7335 } else { 7336 sc->qid2tap[qid] = NULL; 7337 free(tap->txa_private, M_DEVBUF); 7338 tap->txa_private = NULL; 7339 } 7340 return sc->sc_addba_response(ni, tap, code, baparamset, batimeout); 7341 } 7342 7343 /* 7344 * This function is called by upper layer when an ADDBA response is received 7345 * from another STA. 7346 */ 7347 static int 7348 iwn_ampdu_tx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 7349 uint8_t tid) 7350 { 7351 struct ieee80211_tx_ampdu *tap = &ni->ni_tx_ampdu[tid]; 7352 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7353 struct iwn_ops *ops = &sc->ops; 7354 struct iwn_node *wn = (void *)ni; 7355 struct iwn_node_info node; 7356 int error, qid; 7357 7358 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7359 7360 /* Enable TX for the specified RA/TID. */ 7361 wn->disable_tid &= ~(1 << tid); 7362 memset(&node, 0, sizeof node); 7363 node.id = wn->id; 7364 node.control = IWN_NODE_UPDATE; 7365 node.flags = IWN_FLAG_SET_DISABLE_TID; 7366 node.disable_tid = htole16(wn->disable_tid); 7367 error = ops->add_node(sc, &node, 1); 7368 if (error != 0) 7369 return 0; 7370 7371 if ((error = iwn_nic_lock(sc)) != 0) 7372 return 0; 7373 qid = *(int *)tap->txa_private; 7374 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: ra=%d tid=%d ssn=%d qid=%d\n", 7375 __func__, wn->id, tid, tap->txa_start, qid); 7376 ops->ampdu_tx_start(sc, ni, qid, tid, tap->txa_start & 0xfff); 7377 iwn_nic_unlock(sc); 7378 7379 iwn_set_link_quality(sc, ni); 7380 return 1; 7381 } 7382 7383 static void 7384 iwn_ampdu_tx_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 7385 { 7386 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7387 struct iwn_ops *ops = &sc->ops; 7388 uint8_t tid = tap->txa_tid; 7389 int qid; 7390 7391 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7392 7393 sc->sc_addba_stop(ni, tap); 7394 7395 if (tap->txa_private == NULL) 7396 return; 7397 7398 qid = *(int *)tap->txa_private; 7399 if (sc->txq[qid].queued != 0) 7400 return; 7401 if (iwn_nic_lock(sc) != 0) 7402 return; 7403 ops->ampdu_tx_stop(sc, qid, tid, tap->txa_start & 0xfff); 7404 iwn_nic_unlock(sc); 7405 sc->qid2tap[qid] = NULL; 7406 free(tap->txa_private, M_DEVBUF); 7407 tap->txa_private = NULL; 7408 } 7409 7410 static void 7411 iwn4965_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 7412 int qid, uint8_t tid, uint16_t ssn) 7413 { 7414 struct iwn_node *wn = (void *)ni; 7415 7416 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7417 7418 /* Stop TX scheduler while we're changing its configuration. */ 7419 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7420 IWN4965_TXQ_STATUS_CHGACT); 7421 7422 /* Assign RA/TID translation to the queue. */ 7423 iwn_mem_write_2(sc, sc->sched_base + IWN4965_SCHED_TRANS_TBL(qid), 7424 wn->id << 4 | tid); 7425 7426 /* Enable chain-building mode for the queue. */ 7427 iwn_prph_setbits(sc, IWN4965_SCHED_QCHAIN_SEL, 1 << qid); 7428 7429 /* Set starting sequence number from the ADDBA request. */ 7430 sc->txq[qid].cur = sc->txq[qid].read = (ssn & 0xff); 7431 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7432 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 7433 7434 /* Set scheduler window size. */ 7435 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid), 7436 IWN_SCHED_WINSZ); 7437 /* Set scheduler frame limit. */ 7438 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 7439 IWN_SCHED_LIMIT << 16); 7440 7441 /* Enable interrupts for the queue. */ 7442 iwn_prph_setbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 7443 7444 /* Mark the queue as active. */ 7445 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7446 IWN4965_TXQ_STATUS_ACTIVE | IWN4965_TXQ_STATUS_AGGR_ENA | 7447 iwn_tid2fifo[tid] << 1); 7448 } 7449 7450 static void 7451 iwn4965_ampdu_tx_stop(struct iwn_softc *sc, int qid, uint8_t tid, uint16_t ssn) 7452 { 7453 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7454 7455 /* Stop TX scheduler while we're changing its configuration. */ 7456 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7457 IWN4965_TXQ_STATUS_CHGACT); 7458 7459 /* Set starting sequence number from the ADDBA request. */ 7460 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7461 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 7462 7463 /* Disable interrupts for the queue. */ 7464 iwn_prph_clrbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 7465 7466 /* Mark the queue as inactive. */ 7467 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7468 IWN4965_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid] << 1); 7469 } 7470 7471 static void 7472 iwn5000_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 7473 int qid, uint8_t tid, uint16_t ssn) 7474 { 7475 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7476 7477 struct iwn_node *wn = (void *)ni; 7478 7479 /* Stop TX scheduler while we're changing its configuration. */ 7480 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7481 IWN5000_TXQ_STATUS_CHGACT); 7482 7483 /* Assign RA/TID translation to the queue. */ 7484 iwn_mem_write_2(sc, sc->sched_base + IWN5000_SCHED_TRANS_TBL(qid), 7485 wn->id << 4 | tid); 7486 7487 /* Enable chain-building mode for the queue. */ 7488 iwn_prph_setbits(sc, IWN5000_SCHED_QCHAIN_SEL, 1 << qid); 7489 7490 /* Enable aggregation for the queue. */ 7491 iwn_prph_setbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 7492 7493 /* Set starting sequence number from the ADDBA request. */ 7494 sc->txq[qid].cur = sc->txq[qid].read = (ssn & 0xff); 7495 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7496 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 7497 7498 /* Set scheduler window size and frame limit. */ 7499 iwn_mem_write(sc, sc->sched_base + IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 7500 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 7501 7502 /* Enable interrupts for the queue. */ 7503 iwn_prph_setbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 7504 7505 /* Mark the queue as active. */ 7506 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7507 IWN5000_TXQ_STATUS_ACTIVE | iwn_tid2fifo[tid]); 7508 } 7509 7510 static void 7511 iwn5000_ampdu_tx_stop(struct iwn_softc *sc, int qid, uint8_t tid, uint16_t ssn) 7512 { 7513 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7514 7515 /* Stop TX scheduler while we're changing its configuration. */ 7516 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7517 IWN5000_TXQ_STATUS_CHGACT); 7518 7519 /* Disable aggregation for the queue. */ 7520 iwn_prph_clrbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 7521 7522 /* Set starting sequence number from the ADDBA request. */ 7523 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7524 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 7525 7526 /* Disable interrupts for the queue. */ 7527 iwn_prph_clrbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 7528 7529 /* Mark the queue as inactive. */ 7530 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7531 IWN5000_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid]); 7532 } 7533 7534 /* 7535 * Query calibration tables from the initialization firmware. We do this 7536 * only once at first boot. Called from a process context. 7537 */ 7538 static int 7539 iwn5000_query_calibration(struct iwn_softc *sc) 7540 { 7541 struct iwn5000_calib_config cmd; 7542 int error; 7543 7544 memset(&cmd, 0, sizeof cmd); 7545 cmd.ucode.once.enable = htole32(0xffffffff); 7546 cmd.ucode.once.start = htole32(0xffffffff); 7547 cmd.ucode.once.send = htole32(0xffffffff); 7548 cmd.ucode.flags = htole32(0xffffffff); 7549 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: sending calibration query\n", 7550 __func__); 7551 error = iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof cmd, 0); 7552 if (error != 0) 7553 return error; 7554 7555 /* Wait at most two seconds for calibration to complete. */ 7556 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) 7557 error = msleep(sc, &sc->sc_mtx, PCATCH, "iwncal", 2 * hz); 7558 return error; 7559 } 7560 7561 /* 7562 * Send calibration results to the runtime firmware. These results were 7563 * obtained on first boot from the initialization firmware. 7564 */ 7565 static int 7566 iwn5000_send_calibration(struct iwn_softc *sc) 7567 { 7568 int idx, error; 7569 7570 for (idx = 0; idx < IWN5000_PHY_CALIB_MAX_RESULT; idx++) { 7571 if (!(sc->base_params->calib_need & (1<<idx))) { 7572 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7573 "No need of calib %d\n", 7574 idx); 7575 continue; /* no need for this calib */ 7576 } 7577 if (sc->calibcmd[idx].buf == NULL) { 7578 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7579 "Need calib idx : %d but no available data\n", 7580 idx); 7581 continue; 7582 } 7583 7584 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7585 "send calibration result idx=%d len=%d\n", idx, 7586 sc->calibcmd[idx].len); 7587 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, sc->calibcmd[idx].buf, 7588 sc->calibcmd[idx].len, 0); 7589 if (error != 0) { 7590 device_printf(sc->sc_dev, 7591 "%s: could not send calibration result, error %d\n", 7592 __func__, error); 7593 return error; 7594 } 7595 } 7596 return 0; 7597 } 7598 7599 static int 7600 iwn5000_send_wimax_coex(struct iwn_softc *sc) 7601 { 7602 struct iwn5000_wimax_coex wimax; 7603 7604 #if 0 7605 if (sc->hw_type == IWN_HW_REV_TYPE_6050) { 7606 /* Enable WiMAX coexistence for combo adapters. */ 7607 wimax.flags = 7608 IWN_WIMAX_COEX_ASSOC_WA_UNMASK | 7609 IWN_WIMAX_COEX_UNASSOC_WA_UNMASK | 7610 IWN_WIMAX_COEX_STA_TABLE_VALID | 7611 IWN_WIMAX_COEX_ENABLE; 7612 memcpy(wimax.events, iwn6050_wimax_events, 7613 sizeof iwn6050_wimax_events); 7614 } else 7615 #endif 7616 { 7617 /* Disable WiMAX coexistence. */ 7618 wimax.flags = 0; 7619 memset(wimax.events, 0, sizeof wimax.events); 7620 } 7621 DPRINTF(sc, IWN_DEBUG_RESET, "%s: Configuring WiMAX coexistence\n", 7622 __func__); 7623 return iwn_cmd(sc, IWN5000_CMD_WIMAX_COEX, &wimax, sizeof wimax, 0); 7624 } 7625 7626 static int 7627 iwn5000_crystal_calib(struct iwn_softc *sc) 7628 { 7629 struct iwn5000_phy_calib_crystal cmd; 7630 7631 memset(&cmd, 0, sizeof cmd); 7632 cmd.code = IWN5000_PHY_CALIB_CRYSTAL; 7633 cmd.ngroups = 1; 7634 cmd.isvalid = 1; 7635 cmd.cap_pin[0] = le32toh(sc->eeprom_crystal) & 0xff; 7636 cmd.cap_pin[1] = (le32toh(sc->eeprom_crystal) >> 16) & 0xff; 7637 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "sending crystal calibration %d, %d\n", 7638 cmd.cap_pin[0], cmd.cap_pin[1]); 7639 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 7640 } 7641 7642 static int 7643 iwn5000_temp_offset_calib(struct iwn_softc *sc) 7644 { 7645 struct iwn5000_phy_calib_temp_offset cmd; 7646 7647 memset(&cmd, 0, sizeof cmd); 7648 cmd.code = IWN5000_PHY_CALIB_TEMP_OFFSET; 7649 cmd.ngroups = 1; 7650 cmd.isvalid = 1; 7651 if (sc->eeprom_temp != 0) 7652 cmd.offset = htole16(sc->eeprom_temp); 7653 else 7654 cmd.offset = htole16(IWN_DEFAULT_TEMP_OFFSET); 7655 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "setting radio sensor offset to %d\n", 7656 le16toh(cmd.offset)); 7657 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 7658 } 7659 7660 static int 7661 iwn5000_temp_offset_calibv2(struct iwn_softc *sc) 7662 { 7663 struct iwn5000_phy_calib_temp_offsetv2 cmd; 7664 7665 memset(&cmd, 0, sizeof cmd); 7666 cmd.code = IWN5000_PHY_CALIB_TEMP_OFFSET; 7667 cmd.ngroups = 1; 7668 cmd.isvalid = 1; 7669 if (sc->eeprom_temp != 0) { 7670 cmd.offset_low = htole16(sc->eeprom_temp); 7671 cmd.offset_high = htole16(sc->eeprom_temp_high); 7672 } else { 7673 cmd.offset_low = htole16(IWN_DEFAULT_TEMP_OFFSET); 7674 cmd.offset_high = htole16(IWN_DEFAULT_TEMP_OFFSET); 7675 } 7676 cmd.burnt_voltage_ref = htole16(sc->eeprom_voltage); 7677 7678 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7679 "setting radio sensor low offset to %d, high offset to %d, voltage to %d\n", 7680 le16toh(cmd.offset_low), 7681 le16toh(cmd.offset_high), 7682 le16toh(cmd.burnt_voltage_ref)); 7683 7684 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 7685 } 7686 7687 /* 7688 * This function is called after the runtime firmware notifies us of its 7689 * readiness (called in a process context). 7690 */ 7691 static int 7692 iwn4965_post_alive(struct iwn_softc *sc) 7693 { 7694 int error, qid; 7695 7696 if ((error = iwn_nic_lock(sc)) != 0) 7697 return error; 7698 7699 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7700 7701 /* Clear TX scheduler state in SRAM. */ 7702 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 7703 iwn_mem_set_region_4(sc, sc->sched_base + IWN4965_SCHED_CTX_OFF, 0, 7704 IWN4965_SCHED_CTX_LEN / sizeof (uint32_t)); 7705 7706 /* Set physical address of TX scheduler rings (1KB aligned). */ 7707 iwn_prph_write(sc, IWN4965_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 7708 7709 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 7710 7711 /* Disable chain mode for all our 16 queues. */ 7712 iwn_prph_write(sc, IWN4965_SCHED_QCHAIN_SEL, 0); 7713 7714 for (qid = 0; qid < IWN4965_NTXQUEUES; qid++) { 7715 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), 0); 7716 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 7717 7718 /* Set scheduler window size. */ 7719 iwn_mem_write(sc, sc->sched_base + 7720 IWN4965_SCHED_QUEUE_OFFSET(qid), IWN_SCHED_WINSZ); 7721 /* Set scheduler frame limit. */ 7722 iwn_mem_write(sc, sc->sched_base + 7723 IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 7724 IWN_SCHED_LIMIT << 16); 7725 } 7726 7727 /* Enable interrupts for all our 16 queues. */ 7728 iwn_prph_write(sc, IWN4965_SCHED_INTR_MASK, 0xffff); 7729 /* Identify TX FIFO rings (0-7). */ 7730 iwn_prph_write(sc, IWN4965_SCHED_TXFACT, 0xff); 7731 7732 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 7733 for (qid = 0; qid < 7; qid++) { 7734 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 4, 5, 6 }; 7735 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7736 IWN4965_TXQ_STATUS_ACTIVE | qid2fifo[qid] << 1); 7737 } 7738 iwn_nic_unlock(sc); 7739 return 0; 7740 } 7741 7742 /* 7743 * This function is called after the initialization or runtime firmware 7744 * notifies us of its readiness (called in a process context). 7745 */ 7746 static int 7747 iwn5000_post_alive(struct iwn_softc *sc) 7748 { 7749 int error, qid; 7750 7751 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7752 7753 /* Switch to using ICT interrupt mode. */ 7754 iwn5000_ict_reset(sc); 7755 7756 if ((error = iwn_nic_lock(sc)) != 0){ 7757 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end in error\n", __func__); 7758 return error; 7759 } 7760 7761 /* Clear TX scheduler state in SRAM. */ 7762 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 7763 iwn_mem_set_region_4(sc, sc->sched_base + IWN5000_SCHED_CTX_OFF, 0, 7764 IWN5000_SCHED_CTX_LEN / sizeof (uint32_t)); 7765 7766 /* Set physical address of TX scheduler rings (1KB aligned). */ 7767 iwn_prph_write(sc, IWN5000_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 7768 7769 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 7770 7771 /* Enable chain mode for all queues, except command queue. */ 7772 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) 7773 iwn_prph_write(sc, IWN5000_SCHED_QCHAIN_SEL, 0xfffdf); 7774 else 7775 iwn_prph_write(sc, IWN5000_SCHED_QCHAIN_SEL, 0xfffef); 7776 iwn_prph_write(sc, IWN5000_SCHED_AGGR_SEL, 0); 7777 7778 for (qid = 0; qid < IWN5000_NTXQUEUES; qid++) { 7779 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), 0); 7780 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 7781 7782 iwn_mem_write(sc, sc->sched_base + 7783 IWN5000_SCHED_QUEUE_OFFSET(qid), 0); 7784 /* Set scheduler window size and frame limit. */ 7785 iwn_mem_write(sc, sc->sched_base + 7786 IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 7787 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 7788 } 7789 7790 /* Enable interrupts for all our 20 queues. */ 7791 iwn_prph_write(sc, IWN5000_SCHED_INTR_MASK, 0xfffff); 7792 /* Identify TX FIFO rings (0-7). */ 7793 iwn_prph_write(sc, IWN5000_SCHED_TXFACT, 0xff); 7794 7795 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 7796 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) { 7797 /* Mark TX rings as active. */ 7798 for (qid = 0; qid < 11; qid++) { 7799 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 0, 4, 2, 5, 4, 7, 5 }; 7800 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7801 IWN5000_TXQ_STATUS_ACTIVE | qid2fifo[qid]); 7802 } 7803 } else { 7804 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 7805 for (qid = 0; qid < 7; qid++) { 7806 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 7, 5, 6 }; 7807 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7808 IWN5000_TXQ_STATUS_ACTIVE | qid2fifo[qid]); 7809 } 7810 } 7811 iwn_nic_unlock(sc); 7812 7813 /* Configure WiMAX coexistence for combo adapters. */ 7814 error = iwn5000_send_wimax_coex(sc); 7815 if (error != 0) { 7816 device_printf(sc->sc_dev, 7817 "%s: could not configure WiMAX coexistence, error %d\n", 7818 __func__, error); 7819 return error; 7820 } 7821 if (sc->hw_type != IWN_HW_REV_TYPE_5150) { 7822 /* Perform crystal calibration. */ 7823 error = iwn5000_crystal_calib(sc); 7824 if (error != 0) { 7825 device_printf(sc->sc_dev, 7826 "%s: crystal calibration failed, error %d\n", 7827 __func__, error); 7828 return error; 7829 } 7830 } 7831 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) { 7832 /* Query calibration from the initialization firmware. */ 7833 if ((error = iwn5000_query_calibration(sc)) != 0) { 7834 device_printf(sc->sc_dev, 7835 "%s: could not query calibration, error %d\n", 7836 __func__, error); 7837 return error; 7838 } 7839 /* 7840 * We have the calibration results now, reboot with the 7841 * runtime firmware (call ourselves recursively!) 7842 */ 7843 iwn_hw_stop(sc); 7844 error = iwn_hw_init(sc); 7845 } else { 7846 /* Send calibration results to runtime firmware. */ 7847 error = iwn5000_send_calibration(sc); 7848 } 7849 7850 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 7851 7852 return error; 7853 } 7854 7855 /* 7856 * The firmware boot code is small and is intended to be copied directly into 7857 * the NIC internal memory (no DMA transfer). 7858 */ 7859 static int 7860 iwn4965_load_bootcode(struct iwn_softc *sc, const uint8_t *ucode, int size) 7861 { 7862 int error, ntries; 7863 7864 size /= sizeof (uint32_t); 7865 7866 if ((error = iwn_nic_lock(sc)) != 0) 7867 return error; 7868 7869 /* Copy microcode image into NIC memory. */ 7870 iwn_prph_write_region_4(sc, IWN_BSM_SRAM_BASE, 7871 (const uint32_t *)ucode, size); 7872 7873 iwn_prph_write(sc, IWN_BSM_WR_MEM_SRC, 0); 7874 iwn_prph_write(sc, IWN_BSM_WR_MEM_DST, IWN_FW_TEXT_BASE); 7875 iwn_prph_write(sc, IWN_BSM_WR_DWCOUNT, size); 7876 7877 /* Start boot load now. */ 7878 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START); 7879 7880 /* Wait for transfer to complete. */ 7881 for (ntries = 0; ntries < 1000; ntries++) { 7882 if (!(iwn_prph_read(sc, IWN_BSM_WR_CTRL) & 7883 IWN_BSM_WR_CTRL_START)) 7884 break; 7885 DELAY(10); 7886 } 7887 if (ntries == 1000) { 7888 device_printf(sc->sc_dev, "%s: could not load boot firmware\n", 7889 __func__); 7890 iwn_nic_unlock(sc); 7891 return ETIMEDOUT; 7892 } 7893 7894 /* Enable boot after power up. */ 7895 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START_EN); 7896 7897 iwn_nic_unlock(sc); 7898 return 0; 7899 } 7900 7901 static int 7902 iwn4965_load_firmware(struct iwn_softc *sc) 7903 { 7904 struct iwn_fw_info *fw = &sc->fw; 7905 struct iwn_dma_info *dma = &sc->fw_dma; 7906 int error; 7907 7908 /* Copy initialization sections into pre-allocated DMA-safe memory. */ 7909 memcpy(dma->vaddr, fw->init.data, fw->init.datasz); 7910 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 7911 memcpy(dma->vaddr + IWN4965_FW_DATA_MAXSZ, 7912 fw->init.text, fw->init.textsz); 7913 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 7914 7915 /* Tell adapter where to find initialization sections. */ 7916 if ((error = iwn_nic_lock(sc)) != 0) 7917 return error; 7918 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 7919 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->init.datasz); 7920 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 7921 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 7922 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, fw->init.textsz); 7923 iwn_nic_unlock(sc); 7924 7925 /* Load firmware boot code. */ 7926 error = iwn4965_load_bootcode(sc, fw->boot.text, fw->boot.textsz); 7927 if (error != 0) { 7928 device_printf(sc->sc_dev, "%s: could not load boot firmware\n", 7929 __func__); 7930 return error; 7931 } 7932 /* Now press "execute". */ 7933 IWN_WRITE(sc, IWN_RESET, 0); 7934 7935 /* Wait at most one second for first alive notification. */ 7936 if ((error = msleep(sc, &sc->sc_mtx, PCATCH, "iwninit", hz)) != 0) { 7937 device_printf(sc->sc_dev, 7938 "%s: timeout waiting for adapter to initialize, error %d\n", 7939 __func__, error); 7940 return error; 7941 } 7942 7943 /* Retrieve current temperature for initial TX power calibration. */ 7944 sc->rawtemp = sc->ucode_info.temp[3].chan20MHz; 7945 sc->temp = iwn4965_get_temperature(sc); 7946 7947 /* Copy runtime sections into pre-allocated DMA-safe memory. */ 7948 memcpy(dma->vaddr, fw->main.data, fw->main.datasz); 7949 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 7950 memcpy(dma->vaddr + IWN4965_FW_DATA_MAXSZ, 7951 fw->main.text, fw->main.textsz); 7952 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 7953 7954 /* Tell adapter where to find runtime sections. */ 7955 if ((error = iwn_nic_lock(sc)) != 0) 7956 return error; 7957 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 7958 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->main.datasz); 7959 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 7960 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 7961 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, 7962 IWN_FW_UPDATED | fw->main.textsz); 7963 iwn_nic_unlock(sc); 7964 7965 return 0; 7966 } 7967 7968 static int 7969 iwn5000_load_firmware_section(struct iwn_softc *sc, uint32_t dst, 7970 const uint8_t *section, int size) 7971 { 7972 struct iwn_dma_info *dma = &sc->fw_dma; 7973 int error; 7974 7975 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7976 7977 /* Copy firmware section into pre-allocated DMA-safe memory. */ 7978 memcpy(dma->vaddr, section, size); 7979 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 7980 7981 if ((error = iwn_nic_lock(sc)) != 0) 7982 return error; 7983 7984 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 7985 IWN_FH_TX_CONFIG_DMA_PAUSE); 7986 7987 IWN_WRITE(sc, IWN_FH_SRAM_ADDR(IWN_SRVC_DMACHNL), dst); 7988 IWN_WRITE(sc, IWN_FH_TFBD_CTRL0(IWN_SRVC_DMACHNL), 7989 IWN_LOADDR(dma->paddr)); 7990 IWN_WRITE(sc, IWN_FH_TFBD_CTRL1(IWN_SRVC_DMACHNL), 7991 IWN_HIADDR(dma->paddr) << 28 | size); 7992 IWN_WRITE(sc, IWN_FH_TXBUF_STATUS(IWN_SRVC_DMACHNL), 7993 IWN_FH_TXBUF_STATUS_TBNUM(1) | 7994 IWN_FH_TXBUF_STATUS_TBIDX(1) | 7995 IWN_FH_TXBUF_STATUS_TFBD_VALID); 7996 7997 /* Kick Flow Handler to start DMA transfer. */ 7998 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 7999 IWN_FH_TX_CONFIG_DMA_ENA | IWN_FH_TX_CONFIG_CIRQ_HOST_ENDTFD); 8000 8001 iwn_nic_unlock(sc); 8002 8003 /* Wait at most five seconds for FH DMA transfer to complete. */ 8004 return msleep(sc, &sc->sc_mtx, PCATCH, "iwninit", 5 * hz); 8005 } 8006 8007 static int 8008 iwn5000_load_firmware(struct iwn_softc *sc) 8009 { 8010 struct iwn_fw_part *fw; 8011 int error; 8012 8013 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8014 8015 /* Load the initialization firmware on first boot only. */ 8016 fw = (sc->sc_flags & IWN_FLAG_CALIB_DONE) ? 8017 &sc->fw.main : &sc->fw.init; 8018 8019 error = iwn5000_load_firmware_section(sc, IWN_FW_TEXT_BASE, 8020 fw->text, fw->textsz); 8021 if (error != 0) { 8022 device_printf(sc->sc_dev, 8023 "%s: could not load firmware %s section, error %d\n", 8024 __func__, ".text", error); 8025 return error; 8026 } 8027 error = iwn5000_load_firmware_section(sc, IWN_FW_DATA_BASE, 8028 fw->data, fw->datasz); 8029 if (error != 0) { 8030 device_printf(sc->sc_dev, 8031 "%s: could not load firmware %s section, error %d\n", 8032 __func__, ".data", error); 8033 return error; 8034 } 8035 8036 /* Now press "execute". */ 8037 IWN_WRITE(sc, IWN_RESET, 0); 8038 return 0; 8039 } 8040 8041 /* 8042 * Extract text and data sections from a legacy firmware image. 8043 */ 8044 static int 8045 iwn_read_firmware_leg(struct iwn_softc *sc, struct iwn_fw_info *fw) 8046 { 8047 const uint32_t *ptr; 8048 size_t hdrlen = 24; 8049 uint32_t rev; 8050 8051 ptr = (const uint32_t *)fw->data; 8052 rev = le32toh(*ptr++); 8053 8054 sc->ucode_rev = rev; 8055 8056 /* Check firmware API version. */ 8057 if (IWN_FW_API(rev) <= 1) { 8058 device_printf(sc->sc_dev, 8059 "%s: bad firmware, need API version >=2\n", __func__); 8060 return EINVAL; 8061 } 8062 if (IWN_FW_API(rev) >= 3) { 8063 /* Skip build number (version 2 header). */ 8064 hdrlen += 4; 8065 ptr++; 8066 } 8067 if (fw->size < hdrlen) { 8068 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8069 __func__, fw->size); 8070 return EINVAL; 8071 } 8072 fw->main.textsz = le32toh(*ptr++); 8073 fw->main.datasz = le32toh(*ptr++); 8074 fw->init.textsz = le32toh(*ptr++); 8075 fw->init.datasz = le32toh(*ptr++); 8076 fw->boot.textsz = le32toh(*ptr++); 8077 8078 /* Check that all firmware sections fit. */ 8079 if (fw->size < hdrlen + fw->main.textsz + fw->main.datasz + 8080 fw->init.textsz + fw->init.datasz + fw->boot.textsz) { 8081 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8082 __func__, fw->size); 8083 return EINVAL; 8084 } 8085 8086 /* Get pointers to firmware sections. */ 8087 fw->main.text = (const uint8_t *)ptr; 8088 fw->main.data = fw->main.text + fw->main.textsz; 8089 fw->init.text = fw->main.data + fw->main.datasz; 8090 fw->init.data = fw->init.text + fw->init.textsz; 8091 fw->boot.text = fw->init.data + fw->init.datasz; 8092 return 0; 8093 } 8094 8095 /* 8096 * Extract text and data sections from a TLV firmware image. 8097 */ 8098 static int 8099 iwn_read_firmware_tlv(struct iwn_softc *sc, struct iwn_fw_info *fw, 8100 uint16_t alt) 8101 { 8102 const struct iwn_fw_tlv_hdr *hdr; 8103 const struct iwn_fw_tlv *tlv; 8104 const uint8_t *ptr, *end; 8105 uint64_t altmask; 8106 uint32_t len, tmp; 8107 8108 if (fw->size < sizeof (*hdr)) { 8109 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8110 __func__, fw->size); 8111 return EINVAL; 8112 } 8113 hdr = (const struct iwn_fw_tlv_hdr *)fw->data; 8114 if (hdr->signature != htole32(IWN_FW_SIGNATURE)) { 8115 device_printf(sc->sc_dev, "%s: bad firmware signature 0x%08x\n", 8116 __func__, le32toh(hdr->signature)); 8117 return EINVAL; 8118 } 8119 DPRINTF(sc, IWN_DEBUG_RESET, "FW: \"%.64s\", build 0x%x\n", hdr->descr, 8120 le32toh(hdr->build)); 8121 sc->ucode_rev = le32toh(hdr->rev); 8122 8123 /* 8124 * Select the closest supported alternative that is less than 8125 * or equal to the specified one. 8126 */ 8127 altmask = le64toh(hdr->altmask); 8128 while (alt > 0 && !(altmask & (1ULL << alt))) 8129 alt--; /* Downgrade. */ 8130 DPRINTF(sc, IWN_DEBUG_RESET, "using alternative %d\n", alt); 8131 8132 ptr = (const uint8_t *)(hdr + 1); 8133 end = (const uint8_t *)(fw->data + fw->size); 8134 8135 /* Parse type-length-value fields. */ 8136 while (ptr + sizeof (*tlv) <= end) { 8137 tlv = (const struct iwn_fw_tlv *)ptr; 8138 len = le32toh(tlv->len); 8139 8140 ptr += sizeof (*tlv); 8141 if (ptr + len > end) { 8142 device_printf(sc->sc_dev, 8143 "%s: firmware too short: %zu bytes\n", __func__, 8144 fw->size); 8145 return EINVAL; 8146 } 8147 /* Skip other alternatives. */ 8148 if (tlv->alt != 0 && tlv->alt != htole16(alt)) 8149 goto next; 8150 8151 switch (le16toh(tlv->type)) { 8152 case IWN_FW_TLV_MAIN_TEXT: 8153 fw->main.text = ptr; 8154 fw->main.textsz = len; 8155 break; 8156 case IWN_FW_TLV_MAIN_DATA: 8157 fw->main.data = ptr; 8158 fw->main.datasz = len; 8159 break; 8160 case IWN_FW_TLV_INIT_TEXT: 8161 fw->init.text = ptr; 8162 fw->init.textsz = len; 8163 break; 8164 case IWN_FW_TLV_INIT_DATA: 8165 fw->init.data = ptr; 8166 fw->init.datasz = len; 8167 break; 8168 case IWN_FW_TLV_BOOT_TEXT: 8169 fw->boot.text = ptr; 8170 fw->boot.textsz = len; 8171 break; 8172 case IWN_FW_TLV_ENH_SENS: 8173 if (!len) 8174 sc->sc_flags |= IWN_FLAG_ENH_SENS; 8175 break; 8176 case IWN_FW_TLV_PHY_CALIB: 8177 tmp = le32toh(*ptr); 8178 if (tmp < 253) { 8179 sc->reset_noise_gain = tmp; 8180 sc->noise_gain = tmp + 1; 8181 } 8182 break; 8183 case IWN_FW_TLV_PAN: 8184 sc->sc_flags |= IWN_FLAG_PAN_SUPPORT; 8185 DPRINTF(sc, IWN_DEBUG_RESET, 8186 "PAN Support found: %d\n", 1); 8187 break; 8188 case IWN_FW_TLV_FLAGS: 8189 if (len < sizeof(uint32_t)) 8190 break; 8191 if (len % sizeof(uint32_t)) 8192 break; 8193 sc->tlv_feature_flags = le32toh(*ptr); 8194 DPRINTF(sc, IWN_DEBUG_RESET, 8195 "%s: feature: 0x%08x\n", 8196 __func__, 8197 sc->tlv_feature_flags); 8198 break; 8199 case IWN_FW_TLV_PBREQ_MAXLEN: 8200 case IWN_FW_TLV_RUNT_EVTLOG_PTR: 8201 case IWN_FW_TLV_RUNT_EVTLOG_SIZE: 8202 case IWN_FW_TLV_RUNT_ERRLOG_PTR: 8203 case IWN_FW_TLV_INIT_EVTLOG_PTR: 8204 case IWN_FW_TLV_INIT_EVTLOG_SIZE: 8205 case IWN_FW_TLV_INIT_ERRLOG_PTR: 8206 case IWN_FW_TLV_WOWLAN_INST: 8207 case IWN_FW_TLV_WOWLAN_DATA: 8208 DPRINTF(sc, IWN_DEBUG_RESET, 8209 "TLV type %d recognized but not handled\n", 8210 le16toh(tlv->type)); 8211 break; 8212 default: 8213 DPRINTF(sc, IWN_DEBUG_RESET, 8214 "TLV type %d not handled\n", le16toh(tlv->type)); 8215 break; 8216 } 8217 next: /* TLV fields are 32-bit aligned. */ 8218 ptr += (len + 3) & ~3; 8219 } 8220 return 0; 8221 } 8222 8223 static int 8224 iwn_read_firmware(struct iwn_softc *sc) 8225 { 8226 struct iwn_fw_info *fw = &sc->fw; 8227 int error; 8228 8229 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8230 8231 IWN_UNLOCK(sc); 8232 8233 memset(fw, 0, sizeof (*fw)); 8234 8235 /* Read firmware image from filesystem. */ 8236 sc->fw_fp = firmware_get(sc->fwname); 8237 if (sc->fw_fp == NULL) { 8238 device_printf(sc->sc_dev, "%s: could not read firmware %s\n", 8239 __func__, sc->fwname); 8240 IWN_LOCK(sc); 8241 return EINVAL; 8242 } 8243 IWN_LOCK(sc); 8244 8245 fw->size = sc->fw_fp->datasize; 8246 fw->data = (const uint8_t *)sc->fw_fp->data; 8247 if (fw->size < sizeof (uint32_t)) { 8248 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8249 __func__, fw->size); 8250 error = EINVAL; 8251 goto fail; 8252 } 8253 8254 /* Retrieve text and data sections. */ 8255 if (*(const uint32_t *)fw->data != 0) /* Legacy image. */ 8256 error = iwn_read_firmware_leg(sc, fw); 8257 else 8258 error = iwn_read_firmware_tlv(sc, fw, 1); 8259 if (error != 0) { 8260 device_printf(sc->sc_dev, 8261 "%s: could not read firmware sections, error %d\n", 8262 __func__, error); 8263 goto fail; 8264 } 8265 8266 device_printf(sc->sc_dev, "%s: ucode rev=0x%08x\n", __func__, sc->ucode_rev); 8267 8268 /* Make sure text and data sections fit in hardware memory. */ 8269 if (fw->main.textsz > sc->fw_text_maxsz || 8270 fw->main.datasz > sc->fw_data_maxsz || 8271 fw->init.textsz > sc->fw_text_maxsz || 8272 fw->init.datasz > sc->fw_data_maxsz || 8273 fw->boot.textsz > IWN_FW_BOOT_TEXT_MAXSZ || 8274 (fw->boot.textsz & 3) != 0) { 8275 device_printf(sc->sc_dev, "%s: firmware sections too large\n", 8276 __func__); 8277 error = EINVAL; 8278 goto fail; 8279 } 8280 8281 /* We can proceed with loading the firmware. */ 8282 return 0; 8283 8284 fail: iwn_unload_firmware(sc); 8285 return error; 8286 } 8287 8288 static void 8289 iwn_unload_firmware(struct iwn_softc *sc) 8290 { 8291 firmware_put(sc->fw_fp, FIRMWARE_UNLOAD); 8292 sc->fw_fp = NULL; 8293 } 8294 8295 static int 8296 iwn_clock_wait(struct iwn_softc *sc) 8297 { 8298 int ntries; 8299 8300 /* Set "initialization complete" bit. */ 8301 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 8302 8303 /* Wait for clock stabilization. */ 8304 for (ntries = 0; ntries < 2500; ntries++) { 8305 if (IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_MAC_CLOCK_READY) 8306 return 0; 8307 DELAY(10); 8308 } 8309 device_printf(sc->sc_dev, 8310 "%s: timeout waiting for clock stabilization\n", __func__); 8311 return ETIMEDOUT; 8312 } 8313 8314 static int 8315 iwn_apm_init(struct iwn_softc *sc) 8316 { 8317 uint32_t reg; 8318 int error; 8319 8320 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8321 8322 /* Disable L0s exit timer (NMI bug workaround). */ 8323 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_DIS_L0S_TIMER); 8324 /* Don't wait for ICH L0s (ICH bug workaround). */ 8325 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_L1A_NO_L0S_RX); 8326 8327 /* Set FH wait threshold to max (HW bug under stress workaround). */ 8328 IWN_SETBITS(sc, IWN_DBG_HPET_MEM, 0xffff0000); 8329 8330 /* Enable HAP INTA to move adapter from L1a to L0s. */ 8331 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_HAP_WAKE_L1A); 8332 8333 /* Retrieve PCIe Active State Power Management (ASPM). */ 8334 reg = pci_read_config(sc->sc_dev, sc->sc_cap_off + PCIER_LINK_CTL, 4); 8335 /* Workaround for HW instability in PCIe L0->L0s->L1 transition. */ 8336 if (reg & PCIEM_LINK_CTL_ASPMC_L1) /* L1 Entry enabled. */ 8337 IWN_SETBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 8338 else 8339 IWN_CLRBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 8340 8341 if (sc->base_params->pll_cfg_val) 8342 IWN_SETBITS(sc, IWN_ANA_PLL, sc->base_params->pll_cfg_val); 8343 8344 /* Wait for clock stabilization before accessing prph. */ 8345 if ((error = iwn_clock_wait(sc)) != 0) 8346 return error; 8347 8348 if ((error = iwn_nic_lock(sc)) != 0) 8349 return error; 8350 if (sc->hw_type == IWN_HW_REV_TYPE_4965) { 8351 /* Enable DMA and BSM (Bootstrap State Machine). */ 8352 iwn_prph_write(sc, IWN_APMG_CLK_EN, 8353 IWN_APMG_CLK_CTRL_DMA_CLK_RQT | 8354 IWN_APMG_CLK_CTRL_BSM_CLK_RQT); 8355 } else { 8356 /* Enable DMA. */ 8357 iwn_prph_write(sc, IWN_APMG_CLK_EN, 8358 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 8359 } 8360 DELAY(20); 8361 /* Disable L1-Active. */ 8362 iwn_prph_setbits(sc, IWN_APMG_PCI_STT, IWN_APMG_PCI_STT_L1A_DIS); 8363 iwn_nic_unlock(sc); 8364 8365 return 0; 8366 } 8367 8368 static void 8369 iwn_apm_stop_master(struct iwn_softc *sc) 8370 { 8371 int ntries; 8372 8373 /* Stop busmaster DMA activity. */ 8374 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_STOP_MASTER); 8375 for (ntries = 0; ntries < 100; ntries++) { 8376 if (IWN_READ(sc, IWN_RESET) & IWN_RESET_MASTER_DISABLED) 8377 return; 8378 DELAY(10); 8379 } 8380 device_printf(sc->sc_dev, "%s: timeout waiting for master\n", __func__); 8381 } 8382 8383 static void 8384 iwn_apm_stop(struct iwn_softc *sc) 8385 { 8386 iwn_apm_stop_master(sc); 8387 8388 /* Reset the entire device. */ 8389 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_SW); 8390 DELAY(10); 8391 /* Clear "initialization complete" bit. */ 8392 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 8393 } 8394 8395 static int 8396 iwn4965_nic_config(struct iwn_softc *sc) 8397 { 8398 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8399 8400 if (IWN_RFCFG_TYPE(sc->rfcfg) == 1) { 8401 /* 8402 * I don't believe this to be correct but this is what the 8403 * vendor driver is doing. Probably the bits should not be 8404 * shifted in IWN_RFCFG_*. 8405 */ 8406 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8407 IWN_RFCFG_TYPE(sc->rfcfg) | 8408 IWN_RFCFG_STEP(sc->rfcfg) | 8409 IWN_RFCFG_DASH(sc->rfcfg)); 8410 } 8411 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8412 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 8413 return 0; 8414 } 8415 8416 static int 8417 iwn5000_nic_config(struct iwn_softc *sc) 8418 { 8419 uint32_t tmp; 8420 int error; 8421 8422 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8423 8424 if (IWN_RFCFG_TYPE(sc->rfcfg) < 3) { 8425 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8426 IWN_RFCFG_TYPE(sc->rfcfg) | 8427 IWN_RFCFG_STEP(sc->rfcfg) | 8428 IWN_RFCFG_DASH(sc->rfcfg)); 8429 } 8430 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8431 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 8432 8433 if ((error = iwn_nic_lock(sc)) != 0) 8434 return error; 8435 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_EARLY_PWROFF_DIS); 8436 8437 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 8438 /* 8439 * Select first Switching Voltage Regulator (1.32V) to 8440 * solve a stability issue related to noisy DC2DC line 8441 * in the silicon of 1000 Series. 8442 */ 8443 tmp = iwn_prph_read(sc, IWN_APMG_DIGITAL_SVR); 8444 tmp &= ~IWN_APMG_DIGITAL_SVR_VOLTAGE_MASK; 8445 tmp |= IWN_APMG_DIGITAL_SVR_VOLTAGE_1_32; 8446 iwn_prph_write(sc, IWN_APMG_DIGITAL_SVR, tmp); 8447 } 8448 iwn_nic_unlock(sc); 8449 8450 if (sc->sc_flags & IWN_FLAG_INTERNAL_PA) { 8451 /* Use internal power amplifier only. */ 8452 IWN_WRITE(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_RADIO_2X2_IPA); 8453 } 8454 if (sc->base_params->additional_nic_config && sc->calib_ver >= 6) { 8455 /* Indicate that ROM calibration version is >=6. */ 8456 IWN_SETBITS(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_CALIB_VER6); 8457 } 8458 if (sc->base_params->additional_gp_drv_bit) 8459 IWN_SETBITS(sc, IWN_GP_DRIVER, 8460 sc->base_params->additional_gp_drv_bit); 8461 return 0; 8462 } 8463 8464 /* 8465 * Take NIC ownership over Intel Active Management Technology (AMT). 8466 */ 8467 static int 8468 iwn_hw_prepare(struct iwn_softc *sc) 8469 { 8470 int ntries; 8471 8472 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8473 8474 /* Check if hardware is ready. */ 8475 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 8476 for (ntries = 0; ntries < 5; ntries++) { 8477 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 8478 IWN_HW_IF_CONFIG_NIC_READY) 8479 return 0; 8480 DELAY(10); 8481 } 8482 8483 /* Hardware not ready, force into ready state. */ 8484 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_PREPARE); 8485 for (ntries = 0; ntries < 15000; ntries++) { 8486 if (!(IWN_READ(sc, IWN_HW_IF_CONFIG) & 8487 IWN_HW_IF_CONFIG_PREPARE_DONE)) 8488 break; 8489 DELAY(10); 8490 } 8491 if (ntries == 15000) 8492 return ETIMEDOUT; 8493 8494 /* Hardware should be ready now. */ 8495 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 8496 for (ntries = 0; ntries < 5; ntries++) { 8497 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 8498 IWN_HW_IF_CONFIG_NIC_READY) 8499 return 0; 8500 DELAY(10); 8501 } 8502 return ETIMEDOUT; 8503 } 8504 8505 static int 8506 iwn_hw_init(struct iwn_softc *sc) 8507 { 8508 struct iwn_ops *ops = &sc->ops; 8509 int error, chnl, qid; 8510 8511 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 8512 8513 /* Clear pending interrupts. */ 8514 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8515 8516 if ((error = iwn_apm_init(sc)) != 0) { 8517 device_printf(sc->sc_dev, 8518 "%s: could not power ON adapter, error %d\n", __func__, 8519 error); 8520 return error; 8521 } 8522 8523 /* Select VMAIN power source. */ 8524 if ((error = iwn_nic_lock(sc)) != 0) 8525 return error; 8526 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_PWR_SRC_MASK); 8527 iwn_nic_unlock(sc); 8528 8529 /* Perform adapter-specific initialization. */ 8530 if ((error = ops->nic_config(sc)) != 0) 8531 return error; 8532 8533 /* Initialize RX ring. */ 8534 if ((error = iwn_nic_lock(sc)) != 0) 8535 return error; 8536 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 8537 IWN_WRITE(sc, IWN_FH_RX_WPTR, 0); 8538 /* Set physical address of RX ring (256-byte aligned). */ 8539 IWN_WRITE(sc, IWN_FH_RX_BASE, sc->rxq.desc_dma.paddr >> 8); 8540 /* Set physical address of RX status (16-byte aligned). */ 8541 IWN_WRITE(sc, IWN_FH_STATUS_WPTR, sc->rxq.stat_dma.paddr >> 4); 8542 /* Enable RX. */ 8543 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 8544 IWN_FH_RX_CONFIG_ENA | 8545 IWN_FH_RX_CONFIG_IGN_RXF_EMPTY | /* HW bug workaround */ 8546 IWN_FH_RX_CONFIG_IRQ_DST_HOST | 8547 IWN_FH_RX_CONFIG_SINGLE_FRAME | 8548 IWN_FH_RX_CONFIG_RB_TIMEOUT(0) | 8549 IWN_FH_RX_CONFIG_NRBD(IWN_RX_RING_COUNT_LOG)); 8550 iwn_nic_unlock(sc); 8551 IWN_WRITE(sc, IWN_FH_RX_WPTR, (IWN_RX_RING_COUNT - 1) & ~7); 8552 8553 if ((error = iwn_nic_lock(sc)) != 0) 8554 return error; 8555 8556 /* Initialize TX scheduler. */ 8557 iwn_prph_write(sc, sc->sched_txfact_addr, 0); 8558 8559 /* Set physical address of "keep warm" page (16-byte aligned). */ 8560 IWN_WRITE(sc, IWN_FH_KW_ADDR, sc->kw_dma.paddr >> 4); 8561 8562 /* Initialize TX rings. */ 8563 for (qid = 0; qid < sc->ntxqs; qid++) { 8564 struct iwn_tx_ring *txq = &sc->txq[qid]; 8565 8566 /* Set physical address of TX ring (256-byte aligned). */ 8567 IWN_WRITE(sc, IWN_FH_CBBC_QUEUE(qid), 8568 txq->desc_dma.paddr >> 8); 8569 } 8570 iwn_nic_unlock(sc); 8571 8572 /* Enable DMA channels. */ 8573 for (chnl = 0; chnl < sc->ndmachnls; chnl++) { 8574 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 8575 IWN_FH_TX_CONFIG_DMA_ENA | 8576 IWN_FH_TX_CONFIG_DMA_CREDIT_ENA); 8577 } 8578 8579 /* Clear "radio off" and "commands blocked" bits. */ 8580 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 8581 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CMD_BLOCKED); 8582 8583 /* Clear pending interrupts. */ 8584 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8585 /* Enable interrupt coalescing. */ 8586 IWN_WRITE(sc, IWN_INT_COALESCING, 512 / 8); 8587 /* Enable interrupts. */ 8588 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 8589 8590 /* _Really_ make sure "radio off" bit is cleared! */ 8591 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 8592 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 8593 8594 /* Enable shadow registers. */ 8595 if (sc->base_params->shadow_reg_enable) 8596 IWN_SETBITS(sc, IWN_SHADOW_REG_CTRL, 0x800fffff); 8597 8598 if ((error = ops->load_firmware(sc)) != 0) { 8599 device_printf(sc->sc_dev, 8600 "%s: could not load firmware, error %d\n", __func__, 8601 error); 8602 return error; 8603 } 8604 /* Wait at most one second for firmware alive notification. */ 8605 if ((error = msleep(sc, &sc->sc_mtx, PCATCH, "iwninit", hz)) != 0) { 8606 device_printf(sc->sc_dev, 8607 "%s: timeout waiting for adapter to initialize, error %d\n", 8608 __func__, error); 8609 return error; 8610 } 8611 /* Do post-firmware initialization. */ 8612 8613 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 8614 8615 return ops->post_alive(sc); 8616 } 8617 8618 static void 8619 iwn_hw_stop(struct iwn_softc *sc) 8620 { 8621 int chnl, qid, ntries; 8622 8623 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8624 8625 IWN_WRITE(sc, IWN_RESET, IWN_RESET_NEVO); 8626 8627 /* Disable interrupts. */ 8628 IWN_WRITE(sc, IWN_INT_MASK, 0); 8629 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8630 IWN_WRITE(sc, IWN_FH_INT, 0xffffffff); 8631 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 8632 8633 /* Make sure we no longer hold the NIC lock. */ 8634 iwn_nic_unlock(sc); 8635 8636 /* Stop TX scheduler. */ 8637 iwn_prph_write(sc, sc->sched_txfact_addr, 0); 8638 8639 /* Stop all DMA channels. */ 8640 if (iwn_nic_lock(sc) == 0) { 8641 for (chnl = 0; chnl < sc->ndmachnls; chnl++) { 8642 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 0); 8643 for (ntries = 0; ntries < 200; ntries++) { 8644 if (IWN_READ(sc, IWN_FH_TX_STATUS) & 8645 IWN_FH_TX_STATUS_IDLE(chnl)) 8646 break; 8647 DELAY(10); 8648 } 8649 } 8650 iwn_nic_unlock(sc); 8651 } 8652 8653 /* Stop RX ring. */ 8654 iwn_reset_rx_ring(sc, &sc->rxq); 8655 8656 /* Reset all TX rings. */ 8657 for (qid = 0; qid < sc->ntxqs; qid++) 8658 iwn_reset_tx_ring(sc, &sc->txq[qid]); 8659 8660 if (iwn_nic_lock(sc) == 0) { 8661 iwn_prph_write(sc, IWN_APMG_CLK_DIS, 8662 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 8663 iwn_nic_unlock(sc); 8664 } 8665 DELAY(5); 8666 /* Power OFF adapter. */ 8667 iwn_apm_stop(sc); 8668 } 8669 8670 static void 8671 iwn_radio_on(void *arg0, int pending) 8672 { 8673 struct iwn_softc *sc = arg0; 8674 struct ieee80211com *ic = &sc->sc_ic; 8675 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 8676 8677 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8678 8679 if (vap != NULL) { 8680 iwn_init(sc); 8681 ieee80211_init(vap); 8682 } 8683 } 8684 8685 static void 8686 iwn_radio_off(void *arg0, int pending) 8687 { 8688 struct iwn_softc *sc = arg0; 8689 struct ieee80211com *ic = &sc->sc_ic; 8690 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 8691 8692 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8693 8694 iwn_stop(sc); 8695 if (vap != NULL) 8696 ieee80211_stop(vap); 8697 8698 /* Enable interrupts to get RF toggle notification. */ 8699 IWN_LOCK(sc); 8700 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8701 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 8702 IWN_UNLOCK(sc); 8703 } 8704 8705 static void 8706 iwn_panicked(void *arg0, int pending) 8707 { 8708 struct iwn_softc *sc = arg0; 8709 struct ieee80211com *ic = &sc->sc_ic; 8710 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 8711 #if 0 8712 int error; 8713 #endif 8714 8715 if (vap == NULL) { 8716 printf("%s: null vap\n", __func__); 8717 return; 8718 } 8719 8720 device_printf(sc->sc_dev, "%s: controller panicked, iv_state = %d; " 8721 "restarting\n", __func__, vap->iv_state); 8722 8723 /* 8724 * This is not enough work. We need to also reinitialise 8725 * the correct transmit state for aggregation enabled queues, 8726 * which has a very specific requirement of 8727 * ring index = 802.11 seqno % 256. If we don't do this (which 8728 * we definitely don't!) then the firmware will just panic again. 8729 */ 8730 #if 1 8731 ieee80211_restart_all(ic); 8732 #else 8733 IWN_LOCK(sc); 8734 8735 iwn_stop_locked(sc); 8736 iwn_init_locked(sc); 8737 if (vap->iv_state >= IEEE80211_S_AUTH && 8738 (error = iwn_auth(sc, vap)) != 0) { 8739 device_printf(sc->sc_dev, 8740 "%s: could not move to auth state\n", __func__); 8741 } 8742 if (vap->iv_state >= IEEE80211_S_RUN && 8743 (error = iwn_run(sc, vap)) != 0) { 8744 device_printf(sc->sc_dev, 8745 "%s: could not move to run state\n", __func__); 8746 } 8747 8748 IWN_UNLOCK(sc); 8749 #endif 8750 } 8751 8752 static void 8753 iwn_init_locked(struct iwn_softc *sc) 8754 { 8755 int error; 8756 8757 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 8758 8759 IWN_LOCK_ASSERT(sc); 8760 8761 sc->sc_flags |= IWN_FLAG_RUNNING; 8762 8763 if ((error = iwn_hw_prepare(sc)) != 0) { 8764 device_printf(sc->sc_dev, "%s: hardware not ready, error %d\n", 8765 __func__, error); 8766 goto fail; 8767 } 8768 8769 /* Initialize interrupt mask to default value. */ 8770 sc->int_mask = IWN_INT_MASK_DEF; 8771 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 8772 8773 /* Check that the radio is not disabled by hardware switch. */ 8774 if (!(IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_RFKILL)) { 8775 device_printf(sc->sc_dev, 8776 "radio is disabled by hardware switch\n"); 8777 /* Enable interrupts to get RF toggle notifications. */ 8778 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8779 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 8780 return; 8781 } 8782 8783 /* Read firmware images from the filesystem. */ 8784 if ((error = iwn_read_firmware(sc)) != 0) { 8785 device_printf(sc->sc_dev, 8786 "%s: could not read firmware, error %d\n", __func__, 8787 error); 8788 goto fail; 8789 } 8790 8791 /* Initialize hardware and upload firmware. */ 8792 error = iwn_hw_init(sc); 8793 iwn_unload_firmware(sc); 8794 if (error != 0) { 8795 device_printf(sc->sc_dev, 8796 "%s: could not initialize hardware, error %d\n", __func__, 8797 error); 8798 goto fail; 8799 } 8800 8801 /* Configure adapter now that it is ready. */ 8802 if ((error = iwn_config(sc)) != 0) { 8803 device_printf(sc->sc_dev, 8804 "%s: could not configure device, error %d\n", __func__, 8805 error); 8806 goto fail; 8807 } 8808 8809 callout_reset(&sc->watchdog_to, hz, iwn_watchdog, sc); 8810 8811 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 8812 8813 return; 8814 8815 fail: 8816 sc->sc_flags &= ~IWN_FLAG_RUNNING; 8817 iwn_stop_locked(sc); 8818 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end in error\n",__func__); 8819 } 8820 8821 static void 8822 iwn_init(struct iwn_softc *sc) 8823 { 8824 8825 IWN_LOCK(sc); 8826 iwn_init_locked(sc); 8827 IWN_UNLOCK(sc); 8828 8829 if (sc->sc_flags & IWN_FLAG_RUNNING) 8830 ieee80211_start_all(&sc->sc_ic); 8831 } 8832 8833 static void 8834 iwn_stop_locked(struct iwn_softc *sc) 8835 { 8836 8837 IWN_LOCK_ASSERT(sc); 8838 8839 sc->sc_is_scanning = 0; 8840 sc->sc_tx_timer = 0; 8841 callout_stop(&sc->watchdog_to); 8842 callout_stop(&sc->scan_timeout); 8843 callout_stop(&sc->calib_to); 8844 sc->sc_flags &= ~IWN_FLAG_RUNNING; 8845 8846 /* Power OFF hardware. */ 8847 iwn_hw_stop(sc); 8848 } 8849 8850 static void 8851 iwn_stop(struct iwn_softc *sc) 8852 { 8853 IWN_LOCK(sc); 8854 iwn_stop_locked(sc); 8855 IWN_UNLOCK(sc); 8856 } 8857 8858 /* 8859 * Callback from net80211 to start a scan. 8860 */ 8861 static void 8862 iwn_scan_start(struct ieee80211com *ic) 8863 { 8864 struct iwn_softc *sc = ic->ic_softc; 8865 8866 IWN_LOCK(sc); 8867 /* make the link LED blink while we're scanning */ 8868 iwn_set_led(sc, IWN_LED_LINK, 20, 2); 8869 IWN_UNLOCK(sc); 8870 } 8871 8872 /* 8873 * Callback from net80211 to terminate a scan. 8874 */ 8875 static void 8876 iwn_scan_end(struct ieee80211com *ic) 8877 { 8878 struct iwn_softc *sc = ic->ic_softc; 8879 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 8880 8881 IWN_LOCK(sc); 8882 if (vap->iv_state == IEEE80211_S_RUN) { 8883 /* Set link LED to ON status if we are associated */ 8884 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 8885 } 8886 IWN_UNLOCK(sc); 8887 } 8888 8889 /* 8890 * Callback from net80211 to force a channel change. 8891 */ 8892 static void 8893 iwn_set_channel(struct ieee80211com *ic) 8894 { 8895 struct iwn_softc *sc = ic->ic_softc; 8896 int error; 8897 8898 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8899 8900 IWN_LOCK(sc); 8901 /* 8902 * Only need to set the channel in Monitor mode. AP scanning and auth 8903 * are already taken care of by their respective firmware commands. 8904 */ 8905 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 8906 error = iwn_config(sc); 8907 if (error != 0) 8908 device_printf(sc->sc_dev, 8909 "%s: error %d settting channel\n", __func__, error); 8910 } 8911 IWN_UNLOCK(sc); 8912 } 8913 8914 /* 8915 * Callback from net80211 to start scanning of the current channel. 8916 */ 8917 static void 8918 iwn_scan_curchan(struct ieee80211_scan_state *ss, unsigned long maxdwell) 8919 { 8920 struct ieee80211vap *vap = ss->ss_vap; 8921 struct ieee80211com *ic = vap->iv_ic; 8922 struct iwn_softc *sc = ic->ic_softc; 8923 int error; 8924 8925 IWN_LOCK(sc); 8926 error = iwn_scan(sc, vap, ss, ic->ic_curchan); 8927 IWN_UNLOCK(sc); 8928 if (error != 0) 8929 ieee80211_cancel_scan(vap); 8930 } 8931 8932 /* 8933 * Callback from net80211 to handle the minimum dwell time being met. 8934 * The intent is to terminate the scan but we just let the firmware 8935 * notify us when it's finished as we have no safe way to abort it. 8936 */ 8937 static void 8938 iwn_scan_mindwell(struct ieee80211_scan_state *ss) 8939 { 8940 /* NB: don't try to abort scan; wait for firmware to finish */ 8941 } 8942 #ifdef IWN_DEBUG 8943 #define IWN_DESC(x) case x: return #x 8944 8945 /* 8946 * Translate CSR code to string 8947 */ 8948 static char *iwn_get_csr_string(int csr) 8949 { 8950 switch (csr) { 8951 IWN_DESC(IWN_HW_IF_CONFIG); 8952 IWN_DESC(IWN_INT_COALESCING); 8953 IWN_DESC(IWN_INT); 8954 IWN_DESC(IWN_INT_MASK); 8955 IWN_DESC(IWN_FH_INT); 8956 IWN_DESC(IWN_GPIO_IN); 8957 IWN_DESC(IWN_RESET); 8958 IWN_DESC(IWN_GP_CNTRL); 8959 IWN_DESC(IWN_HW_REV); 8960 IWN_DESC(IWN_EEPROM); 8961 IWN_DESC(IWN_EEPROM_GP); 8962 IWN_DESC(IWN_OTP_GP); 8963 IWN_DESC(IWN_GIO); 8964 IWN_DESC(IWN_GP_UCODE); 8965 IWN_DESC(IWN_GP_DRIVER); 8966 IWN_DESC(IWN_UCODE_GP1); 8967 IWN_DESC(IWN_UCODE_GP2); 8968 IWN_DESC(IWN_LED); 8969 IWN_DESC(IWN_DRAM_INT_TBL); 8970 IWN_DESC(IWN_GIO_CHICKEN); 8971 IWN_DESC(IWN_ANA_PLL); 8972 IWN_DESC(IWN_HW_REV_WA); 8973 IWN_DESC(IWN_DBG_HPET_MEM); 8974 default: 8975 return "UNKNOWN CSR"; 8976 } 8977 } 8978 8979 /* 8980 * This function print firmware register 8981 */ 8982 static void 8983 iwn_debug_register(struct iwn_softc *sc) 8984 { 8985 int i; 8986 static const uint32_t csr_tbl[] = { 8987 IWN_HW_IF_CONFIG, 8988 IWN_INT_COALESCING, 8989 IWN_INT, 8990 IWN_INT_MASK, 8991 IWN_FH_INT, 8992 IWN_GPIO_IN, 8993 IWN_RESET, 8994 IWN_GP_CNTRL, 8995 IWN_HW_REV, 8996 IWN_EEPROM, 8997 IWN_EEPROM_GP, 8998 IWN_OTP_GP, 8999 IWN_GIO, 9000 IWN_GP_UCODE, 9001 IWN_GP_DRIVER, 9002 IWN_UCODE_GP1, 9003 IWN_UCODE_GP2, 9004 IWN_LED, 9005 IWN_DRAM_INT_TBL, 9006 IWN_GIO_CHICKEN, 9007 IWN_ANA_PLL, 9008 IWN_HW_REV_WA, 9009 IWN_DBG_HPET_MEM, 9010 }; 9011 DPRINTF(sc, IWN_DEBUG_REGISTER, 9012 "CSR values: (2nd byte of IWN_INT_COALESCING is IWN_INT_PERIODIC)%s", 9013 "\n"); 9014 for (i = 0; i < nitems(csr_tbl); i++){ 9015 DPRINTF(sc, IWN_DEBUG_REGISTER," %10s: 0x%08x ", 9016 iwn_get_csr_string(csr_tbl[i]), IWN_READ(sc, csr_tbl[i])); 9017 if ((i+1) % 3 == 0) 9018 DPRINTF(sc, IWN_DEBUG_REGISTER,"%s","\n"); 9019 } 9020 DPRINTF(sc, IWN_DEBUG_REGISTER,"%s","\n"); 9021 } 9022 #endif 9023 9024
Cache object: d606f098ac6522c95536ca9367ec9f28
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]