Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/dev/iwn/if_iwn.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * Copyright (c) 2007-2009 Damien Bergamini <damien.bergamini@free.fr> 3 * Copyright (c) 2008 Benjamin Close <benjsc@FreeBSD.org> 4 * Copyright (c) 2008 Sam Leffler, Errno Consulting 5 * Copyright (c) 2011 Intel Corporation 6 * Copyright (c) 2013 Cedric GROSS <c.gross@kreiz-it.fr> 7 * Copyright (c) 2013 Adrian Chadd <adrian@FreeBSD.org> 8 * 9 * Permission to use, copy, modify, and distribute this software for any 10 * purpose with or without fee is hereby granted, provided that the above 11 * copyright notice and this permission notice appear in all copies. 12 * 13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20 */ 21 22 /* 23 * Driver for Intel WiFi Link 4965 and 1000/5000/6000 Series 802.11 network 24 * adapters. 25 */ 26 27 #include <sys/cdefs.h> 28 __FBSDID("$FreeBSD$"); 29 30 #include "opt_wlan.h" 31 #include "opt_iwn.h" 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/sysctl.h> 36 #include <sys/mbuf.h> 37 #include <sys/kernel.h> 38 #include <sys/socket.h> 39 #include <sys/systm.h> 40 #include <sys/malloc.h> 41 #include <sys/bus.h> 42 #include <sys/conf.h> 43 #include <sys/rman.h> 44 #include <sys/endian.h> 45 #include <sys/firmware.h> 46 #include <sys/limits.h> 47 #include <sys/module.h> 48 #include <sys/priv.h> 49 #include <sys/queue.h> 50 #include <sys/taskqueue.h> 51 52 #include <machine/bus.h> 53 #include <machine/resource.h> 54 #include <machine/clock.h> 55 56 #include <dev/pci/pcireg.h> 57 #include <dev/pci/pcivar.h> 58 59 #include <net/if.h> 60 #include <net/if_var.h> 61 #include <net/if_dl.h> 62 #include <net/if_media.h> 63 64 #include <netinet/in.h> 65 #include <netinet/if_ether.h> 66 67 #include <net80211/ieee80211_var.h> 68 #include <net80211/ieee80211_radiotap.h> 69 #include <net80211/ieee80211_regdomain.h> 70 #include <net80211/ieee80211_ratectl.h> 71 72 #include <dev/iwn/if_iwnreg.h> 73 #include <dev/iwn/if_iwnvar.h> 74 #include <dev/iwn/if_iwn_devid.h> 75 #include <dev/iwn/if_iwn_chip_cfg.h> 76 #include <dev/iwn/if_iwn_debug.h> 77 #include <dev/iwn/if_iwn_ioctl.h> 78 79 struct iwn_ident { 80 uint16_t vendor; 81 uint16_t device; 82 const char *name; 83 }; 84 85 static const struct iwn_ident iwn_ident_table[] = { 86 { 0x8086, IWN_DID_6x05_1, "Intel Centrino Advanced-N 6205" }, 87 { 0x8086, IWN_DID_1000_1, "Intel Centrino Wireless-N 1000" }, 88 { 0x8086, IWN_DID_1000_2, "Intel Centrino Wireless-N 1000" }, 89 { 0x8086, IWN_DID_6x05_2, "Intel Centrino Advanced-N 6205" }, 90 { 0x8086, IWN_DID_6050_1, "Intel Centrino Advanced-N + WiMAX 6250" }, 91 { 0x8086, IWN_DID_6050_2, "Intel Centrino Advanced-N + WiMAX 6250" }, 92 { 0x8086, IWN_DID_x030_1, "Intel Centrino Wireless-N 1030" }, 93 { 0x8086, IWN_DID_x030_2, "Intel Centrino Wireless-N 1030" }, 94 { 0x8086, IWN_DID_x030_3, "Intel Centrino Advanced-N 6230" }, 95 { 0x8086, IWN_DID_x030_4, "Intel Centrino Advanced-N 6230" }, 96 { 0x8086, IWN_DID_6150_1, "Intel Centrino Wireless-N + WiMAX 6150" }, 97 { 0x8086, IWN_DID_6150_2, "Intel Centrino Wireless-N + WiMAX 6150" }, 98 { 0x8086, IWN_DID_2x00_1, "Intel(R) Centrino(R) Wireless-N 2200 BGN" }, 99 { 0x8086, IWN_DID_2x00_2, "Intel(R) Centrino(R) Wireless-N 2200 BGN" }, 100 /* XXX 2200D is IWN_SDID_2x00_4; there's no way to express this here! */ 101 { 0x8086, IWN_DID_2x30_1, "Intel Centrino Wireless-N 2230" }, 102 { 0x8086, IWN_DID_2x30_2, "Intel Centrino Wireless-N 2230" }, 103 { 0x8086, IWN_DID_130_1, "Intel Centrino Wireless-N 130" }, 104 { 0x8086, IWN_DID_130_2, "Intel Centrino Wireless-N 130" }, 105 { 0x8086, IWN_DID_100_1, "Intel Centrino Wireless-N 100" }, 106 { 0x8086, IWN_DID_100_2, "Intel Centrino Wireless-N 100" }, 107 { 0x8086, IWN_DID_105_1, "Intel Centrino Wireless-N 105" }, 108 { 0x8086, IWN_DID_105_2, "Intel Centrino Wireless-N 105" }, 109 { 0x8086, IWN_DID_135_1, "Intel Centrino Wireless-N 135" }, 110 { 0x8086, IWN_DID_135_2, "Intel Centrino Wireless-N 135" }, 111 { 0x8086, IWN_DID_4965_1, "Intel Wireless WiFi Link 4965" }, 112 { 0x8086, IWN_DID_6x00_1, "Intel Centrino Ultimate-N 6300" }, 113 { 0x8086, IWN_DID_6x00_2, "Intel Centrino Advanced-N 6200" }, 114 { 0x8086, IWN_DID_4965_2, "Intel Wireless WiFi Link 4965" }, 115 { 0x8086, IWN_DID_4965_3, "Intel Wireless WiFi Link 4965" }, 116 { 0x8086, IWN_DID_5x00_1, "Intel WiFi Link 5100" }, 117 { 0x8086, IWN_DID_4965_4, "Intel Wireless WiFi Link 4965" }, 118 { 0x8086, IWN_DID_5x00_3, "Intel Ultimate N WiFi Link 5300" }, 119 { 0x8086, IWN_DID_5x00_4, "Intel Ultimate N WiFi Link 5300" }, 120 { 0x8086, IWN_DID_5x00_2, "Intel WiFi Link 5100" }, 121 { 0x8086, IWN_DID_6x00_3, "Intel Centrino Ultimate-N 6300" }, 122 { 0x8086, IWN_DID_6x00_4, "Intel Centrino Advanced-N 6200" }, 123 { 0x8086, IWN_DID_5x50_1, "Intel WiMAX/WiFi Link 5350" }, 124 { 0x8086, IWN_DID_5x50_2, "Intel WiMAX/WiFi Link 5350" }, 125 { 0x8086, IWN_DID_5x50_3, "Intel WiMAX/WiFi Link 5150" }, 126 { 0x8086, IWN_DID_5x50_4, "Intel WiMAX/WiFi Link 5150" }, 127 { 0x8086, IWN_DID_6035_1, "Intel Centrino Advanced 6235" }, 128 { 0x8086, IWN_DID_6035_2, "Intel Centrino Advanced 6235" }, 129 { 0, 0, NULL } 130 }; 131 132 static int iwn_probe(device_t); 133 static int iwn_attach(device_t); 134 static void iwn4965_attach(struct iwn_softc *, uint16_t); 135 static void iwn5000_attach(struct iwn_softc *, uint16_t); 136 static int iwn_config_specific(struct iwn_softc *, uint16_t); 137 static void iwn_radiotap_attach(struct iwn_softc *); 138 static void iwn_sysctlattach(struct iwn_softc *); 139 static struct ieee80211vap *iwn_vap_create(struct ieee80211com *, 140 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 141 const uint8_t [IEEE80211_ADDR_LEN], 142 const uint8_t [IEEE80211_ADDR_LEN]); 143 static void iwn_vap_delete(struct ieee80211vap *); 144 static int iwn_detach(device_t); 145 static int iwn_shutdown(device_t); 146 static int iwn_suspend(device_t); 147 static int iwn_resume(device_t); 148 static int iwn_nic_lock(struct iwn_softc *); 149 static int iwn_eeprom_lock(struct iwn_softc *); 150 static int iwn_init_otprom(struct iwn_softc *); 151 static int iwn_read_prom_data(struct iwn_softc *, uint32_t, void *, int); 152 static void iwn_dma_map_addr(void *, bus_dma_segment_t *, int, int); 153 static int iwn_dma_contig_alloc(struct iwn_softc *, struct iwn_dma_info *, 154 void **, bus_size_t, bus_size_t); 155 static void iwn_dma_contig_free(struct iwn_dma_info *); 156 static int iwn_alloc_sched(struct iwn_softc *); 157 static void iwn_free_sched(struct iwn_softc *); 158 static int iwn_alloc_kw(struct iwn_softc *); 159 static void iwn_free_kw(struct iwn_softc *); 160 static int iwn_alloc_ict(struct iwn_softc *); 161 static void iwn_free_ict(struct iwn_softc *); 162 static int iwn_alloc_fwmem(struct iwn_softc *); 163 static void iwn_free_fwmem(struct iwn_softc *); 164 static int iwn_alloc_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 165 static void iwn_reset_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 166 static void iwn_free_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 167 static int iwn_alloc_tx_ring(struct iwn_softc *, struct iwn_tx_ring *, 168 int); 169 static void iwn_reset_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 170 static void iwn_free_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 171 static void iwn_check_tx_ring(struct iwn_softc *, int); 172 static void iwn5000_ict_reset(struct iwn_softc *); 173 static int iwn_read_eeprom(struct iwn_softc *, 174 uint8_t macaddr[IEEE80211_ADDR_LEN]); 175 static void iwn4965_read_eeprom(struct iwn_softc *); 176 #ifdef IWN_DEBUG 177 static void iwn4965_print_power_group(struct iwn_softc *, int); 178 #endif 179 static void iwn5000_read_eeprom(struct iwn_softc *); 180 static uint32_t iwn_eeprom_channel_flags(struct iwn_eeprom_chan *); 181 static void iwn_read_eeprom_band(struct iwn_softc *, int, int, int *, 182 struct ieee80211_channel[]); 183 static void iwn_read_eeprom_ht40(struct iwn_softc *, int, int, int *, 184 struct ieee80211_channel[]); 185 static void iwn_read_eeprom_channels(struct iwn_softc *, int, uint32_t); 186 static struct iwn_eeprom_chan *iwn_find_eeprom_channel(struct iwn_softc *, 187 struct ieee80211_channel *); 188 static void iwn_getradiocaps(struct ieee80211com *, int, int *, 189 struct ieee80211_channel[]); 190 static int iwn_setregdomain(struct ieee80211com *, 191 struct ieee80211_regdomain *, int, 192 struct ieee80211_channel[]); 193 static void iwn_read_eeprom_enhinfo(struct iwn_softc *); 194 static struct ieee80211_node *iwn_node_alloc(struct ieee80211vap *, 195 const uint8_t mac[IEEE80211_ADDR_LEN]); 196 static void iwn_newassoc(struct ieee80211_node *, int); 197 static int iwn_newstate(struct ieee80211vap *, enum ieee80211_state, int); 198 static void iwn_calib_timeout(void *); 199 static void iwn_rx_phy(struct iwn_softc *, struct iwn_rx_desc *); 200 static void iwn_rx_done(struct iwn_softc *, struct iwn_rx_desc *, 201 struct iwn_rx_data *); 202 static void iwn_agg_tx_complete(struct iwn_softc *, struct iwn_tx_ring *, 203 int, int, int); 204 static void iwn_rx_compressed_ba(struct iwn_softc *, struct iwn_rx_desc *); 205 static void iwn5000_rx_calib_results(struct iwn_softc *, 206 struct iwn_rx_desc *); 207 static void iwn_rx_statistics(struct iwn_softc *, struct iwn_rx_desc *); 208 static void iwn4965_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 209 struct iwn_rx_data *); 210 static void iwn5000_tx_done(struct iwn_softc *, struct iwn_rx_desc *, 211 struct iwn_rx_data *); 212 static void iwn_adj_ampdu_ptr(struct iwn_softc *, struct iwn_tx_ring *); 213 static void iwn_tx_done(struct iwn_softc *, struct iwn_rx_desc *, int, int, 214 uint8_t); 215 static int iwn_ampdu_check_bitmap(uint64_t, int, int); 216 static int iwn_ampdu_index_check(struct iwn_softc *, struct iwn_tx_ring *, 217 uint64_t, int, int); 218 static void iwn_ampdu_tx_done(struct iwn_softc *, int, int, int, void *); 219 static void iwn_cmd_done(struct iwn_softc *, struct iwn_rx_desc *); 220 static void iwn_notif_intr(struct iwn_softc *); 221 static void iwn_wakeup_intr(struct iwn_softc *); 222 static void iwn_rftoggle_task(void *, int); 223 static void iwn_fatal_intr(struct iwn_softc *); 224 static void iwn_intr(void *); 225 static void iwn4965_update_sched(struct iwn_softc *, int, int, uint8_t, 226 uint16_t); 227 static void iwn5000_update_sched(struct iwn_softc *, int, int, uint8_t, 228 uint16_t); 229 #ifdef notyet 230 static void iwn5000_reset_sched(struct iwn_softc *, int, int); 231 #endif 232 static int iwn_tx_data(struct iwn_softc *, struct mbuf *, 233 struct ieee80211_node *); 234 static int iwn_tx_data_raw(struct iwn_softc *, struct mbuf *, 235 struct ieee80211_node *, 236 const struct ieee80211_bpf_params *params); 237 static int iwn_tx_cmd(struct iwn_softc *, struct mbuf *, 238 struct ieee80211_node *, struct iwn_tx_ring *); 239 static void iwn_xmit_task(void *arg0, int pending); 240 static int iwn_raw_xmit(struct ieee80211_node *, struct mbuf *, 241 const struct ieee80211_bpf_params *); 242 static int iwn_transmit(struct ieee80211com *, struct mbuf *); 243 static void iwn_scan_timeout(void *); 244 static void iwn_watchdog(void *); 245 static int iwn_ioctl(struct ieee80211com *, u_long , void *); 246 static void iwn_parent(struct ieee80211com *); 247 static int iwn_cmd(struct iwn_softc *, int, const void *, int, int); 248 static int iwn4965_add_node(struct iwn_softc *, struct iwn_node_info *, 249 int); 250 static int iwn5000_add_node(struct iwn_softc *, struct iwn_node_info *, 251 int); 252 static int iwn_set_link_quality(struct iwn_softc *, 253 struct ieee80211_node *); 254 static int iwn_add_broadcast_node(struct iwn_softc *, int); 255 static int iwn_updateedca(struct ieee80211com *); 256 static void iwn_set_promisc(struct iwn_softc *); 257 static void iwn_update_promisc(struct ieee80211com *); 258 static void iwn_update_mcast(struct ieee80211com *); 259 static void iwn_set_led(struct iwn_softc *, uint8_t, uint8_t, uint8_t); 260 static int iwn_set_critical_temp(struct iwn_softc *); 261 static int iwn_set_timing(struct iwn_softc *, struct ieee80211_node *); 262 static void iwn4965_power_calibration(struct iwn_softc *, int); 263 static int iwn4965_set_txpower(struct iwn_softc *, int); 264 static int iwn5000_set_txpower(struct iwn_softc *, int); 265 static int iwn4965_get_rssi(struct iwn_softc *, struct iwn_rx_stat *); 266 static int iwn5000_get_rssi(struct iwn_softc *, struct iwn_rx_stat *); 267 static int iwn_get_noise(const struct iwn_rx_general_stats *); 268 static int iwn4965_get_temperature(struct iwn_softc *); 269 static int iwn5000_get_temperature(struct iwn_softc *); 270 static int iwn_init_sensitivity(struct iwn_softc *); 271 static void iwn_collect_noise(struct iwn_softc *, 272 const struct iwn_rx_general_stats *); 273 static int iwn4965_init_gains(struct iwn_softc *); 274 static int iwn5000_init_gains(struct iwn_softc *); 275 static int iwn4965_set_gains(struct iwn_softc *); 276 static int iwn5000_set_gains(struct iwn_softc *); 277 static void iwn_tune_sensitivity(struct iwn_softc *, 278 const struct iwn_rx_stats *); 279 static void iwn_save_stats_counters(struct iwn_softc *, 280 const struct iwn_stats *); 281 static int iwn_send_sensitivity(struct iwn_softc *); 282 static void iwn_check_rx_recovery(struct iwn_softc *, struct iwn_stats *); 283 static int iwn_set_pslevel(struct iwn_softc *, int, int, int); 284 static int iwn_send_btcoex(struct iwn_softc *); 285 static int iwn_send_advanced_btcoex(struct iwn_softc *); 286 static int iwn5000_runtime_calib(struct iwn_softc *); 287 static int iwn_check_bss_filter(struct iwn_softc *); 288 static int iwn4965_rxon_assoc(struct iwn_softc *, int); 289 static int iwn5000_rxon_assoc(struct iwn_softc *, int); 290 static int iwn_send_rxon(struct iwn_softc *, int, int); 291 static int iwn_config(struct iwn_softc *); 292 static int iwn_scan(struct iwn_softc *, struct ieee80211vap *, 293 struct ieee80211_scan_state *, struct ieee80211_channel *); 294 static int iwn_auth(struct iwn_softc *, struct ieee80211vap *vap); 295 static int iwn_run(struct iwn_softc *, struct ieee80211vap *vap); 296 static int iwn_ampdu_rx_start(struct ieee80211_node *, 297 struct ieee80211_rx_ampdu *, int, int, int); 298 static void iwn_ampdu_rx_stop(struct ieee80211_node *, 299 struct ieee80211_rx_ampdu *); 300 static int iwn_addba_request(struct ieee80211_node *, 301 struct ieee80211_tx_ampdu *, int, int, int); 302 static int iwn_addba_response(struct ieee80211_node *, 303 struct ieee80211_tx_ampdu *, int, int, int); 304 static int iwn_ampdu_tx_start(struct ieee80211com *, 305 struct ieee80211_node *, uint8_t); 306 static void iwn_ampdu_tx_stop(struct ieee80211_node *, 307 struct ieee80211_tx_ampdu *); 308 static void iwn4965_ampdu_tx_start(struct iwn_softc *, 309 struct ieee80211_node *, int, uint8_t, uint16_t); 310 static void iwn4965_ampdu_tx_stop(struct iwn_softc *, int, 311 uint8_t, uint16_t); 312 static void iwn5000_ampdu_tx_start(struct iwn_softc *, 313 struct ieee80211_node *, int, uint8_t, uint16_t); 314 static void iwn5000_ampdu_tx_stop(struct iwn_softc *, int, 315 uint8_t, uint16_t); 316 static int iwn5000_query_calibration(struct iwn_softc *); 317 static int iwn5000_send_calibration(struct iwn_softc *); 318 static int iwn5000_send_wimax_coex(struct iwn_softc *); 319 static int iwn5000_crystal_calib(struct iwn_softc *); 320 static int iwn5000_temp_offset_calib(struct iwn_softc *); 321 static int iwn5000_temp_offset_calibv2(struct iwn_softc *); 322 static int iwn4965_post_alive(struct iwn_softc *); 323 static int iwn5000_post_alive(struct iwn_softc *); 324 static int iwn4965_load_bootcode(struct iwn_softc *, const uint8_t *, 325 int); 326 static int iwn4965_load_firmware(struct iwn_softc *); 327 static int iwn5000_load_firmware_section(struct iwn_softc *, uint32_t, 328 const uint8_t *, int); 329 static int iwn5000_load_firmware(struct iwn_softc *); 330 static int iwn_read_firmware_leg(struct iwn_softc *, 331 struct iwn_fw_info *); 332 static int iwn_read_firmware_tlv(struct iwn_softc *, 333 struct iwn_fw_info *, uint16_t); 334 static int iwn_read_firmware(struct iwn_softc *); 335 static void iwn_unload_firmware(struct iwn_softc *); 336 static int iwn_clock_wait(struct iwn_softc *); 337 static int iwn_apm_init(struct iwn_softc *); 338 static void iwn_apm_stop_master(struct iwn_softc *); 339 static void iwn_apm_stop(struct iwn_softc *); 340 static int iwn4965_nic_config(struct iwn_softc *); 341 static int iwn5000_nic_config(struct iwn_softc *); 342 static int iwn_hw_prepare(struct iwn_softc *); 343 static int iwn_hw_init(struct iwn_softc *); 344 static void iwn_hw_stop(struct iwn_softc *); 345 static void iwn_panicked(void *, int); 346 static int iwn_init_locked(struct iwn_softc *); 347 static int iwn_init(struct iwn_softc *); 348 static void iwn_stop_locked(struct iwn_softc *); 349 static void iwn_stop(struct iwn_softc *); 350 static void iwn_scan_start(struct ieee80211com *); 351 static void iwn_scan_end(struct ieee80211com *); 352 static void iwn_set_channel(struct ieee80211com *); 353 static void iwn_scan_curchan(struct ieee80211_scan_state *, unsigned long); 354 static void iwn_scan_mindwell(struct ieee80211_scan_state *); 355 #ifdef IWN_DEBUG 356 static char *iwn_get_csr_string(int); 357 static void iwn_debug_register(struct iwn_softc *); 358 #endif 359 360 static device_method_t iwn_methods[] = { 361 /* Device interface */ 362 DEVMETHOD(device_probe, iwn_probe), 363 DEVMETHOD(device_attach, iwn_attach), 364 DEVMETHOD(device_detach, iwn_detach), 365 DEVMETHOD(device_shutdown, iwn_shutdown), 366 DEVMETHOD(device_suspend, iwn_suspend), 367 DEVMETHOD(device_resume, iwn_resume), 368 369 DEVMETHOD_END 370 }; 371 372 static driver_t iwn_driver = { 373 "iwn", 374 iwn_methods, 375 sizeof(struct iwn_softc) 376 }; 377 static devclass_t iwn_devclass; 378 379 DRIVER_MODULE(iwn, pci, iwn_driver, iwn_devclass, NULL, NULL); 380 MODULE_PNP_INFO("U16:vendor;U16:device;D:#", pci, iwn, iwn_ident_table, 381 nitems(iwn_ident_table) - 1); 382 MODULE_VERSION(iwn, 1); 383 384 MODULE_DEPEND(iwn, firmware, 1, 1, 1); 385 MODULE_DEPEND(iwn, pci, 1, 1, 1); 386 MODULE_DEPEND(iwn, wlan, 1, 1, 1); 387 388 static d_ioctl_t iwn_cdev_ioctl; 389 static d_open_t iwn_cdev_open; 390 static d_close_t iwn_cdev_close; 391 392 static struct cdevsw iwn_cdevsw = { 393 .d_version = D_VERSION, 394 .d_flags = 0, 395 .d_open = iwn_cdev_open, 396 .d_close = iwn_cdev_close, 397 .d_ioctl = iwn_cdev_ioctl, 398 .d_name = "iwn", 399 }; 400 401 static int 402 iwn_probe(device_t dev) 403 { 404 const struct iwn_ident *ident; 405 406 for (ident = iwn_ident_table; ident->name != NULL; ident++) { 407 if (pci_get_vendor(dev) == ident->vendor && 408 pci_get_device(dev) == ident->device) { 409 device_set_desc(dev, ident->name); 410 return (BUS_PROBE_DEFAULT); 411 } 412 } 413 return ENXIO; 414 } 415 416 static int 417 iwn_is_3stream_device(struct iwn_softc *sc) 418 { 419 /* XXX for now only 5300, until the 5350 can be tested */ 420 if (sc->hw_type == IWN_HW_REV_TYPE_5300) 421 return (1); 422 return (0); 423 } 424 425 static int 426 iwn_attach(device_t dev) 427 { 428 struct iwn_softc *sc = device_get_softc(dev); 429 struct ieee80211com *ic; 430 int i, error, rid; 431 432 sc->sc_dev = dev; 433 434 #ifdef IWN_DEBUG 435 error = resource_int_value(device_get_name(sc->sc_dev), 436 device_get_unit(sc->sc_dev), "debug", &(sc->sc_debug)); 437 if (error != 0) 438 sc->sc_debug = 0; 439 #else 440 sc->sc_debug = 0; 441 #endif 442 443 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: begin\n",__func__); 444 445 /* 446 * Get the offset of the PCI Express Capability Structure in PCI 447 * Configuration Space. 448 */ 449 error = pci_find_cap(dev, PCIY_EXPRESS, &sc->sc_cap_off); 450 if (error != 0) { 451 device_printf(dev, "PCIe capability structure not found!\n"); 452 return error; 453 } 454 455 /* Clear device-specific "PCI retry timeout" register (41h). */ 456 pci_write_config(dev, 0x41, 0, 1); 457 458 /* Enable bus-mastering. */ 459 pci_enable_busmaster(dev); 460 461 rid = PCIR_BAR(0); 462 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &rid, 463 RF_ACTIVE); 464 if (sc->mem == NULL) { 465 device_printf(dev, "can't map mem space\n"); 466 error = ENOMEM; 467 return error; 468 } 469 sc->sc_st = rman_get_bustag(sc->mem); 470 sc->sc_sh = rman_get_bushandle(sc->mem); 471 472 i = 1; 473 rid = 0; 474 if (pci_alloc_msi(dev, &i) == 0) 475 rid = 1; 476 /* Install interrupt handler. */ 477 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid, RF_ACTIVE | 478 (rid != 0 ? 0 : RF_SHAREABLE)); 479 if (sc->irq == NULL) { 480 device_printf(dev, "can't map interrupt\n"); 481 error = ENOMEM; 482 goto fail; 483 } 484 485 IWN_LOCK_INIT(sc); 486 487 /* Read hardware revision and attach. */ 488 sc->hw_type = (IWN_READ(sc, IWN_HW_REV) >> IWN_HW_REV_TYPE_SHIFT) 489 & IWN_HW_REV_TYPE_MASK; 490 sc->subdevice_id = pci_get_subdevice(dev); 491 492 /* 493 * 4965 versus 5000 and later have different methods. 494 * Let's set those up first. 495 */ 496 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 497 iwn4965_attach(sc, pci_get_device(dev)); 498 else 499 iwn5000_attach(sc, pci_get_device(dev)); 500 501 /* 502 * Next, let's setup the various parameters of each NIC. 503 */ 504 error = iwn_config_specific(sc, pci_get_device(dev)); 505 if (error != 0) { 506 device_printf(dev, "could not attach device, error %d\n", 507 error); 508 goto fail; 509 } 510 511 if ((error = iwn_hw_prepare(sc)) != 0) { 512 device_printf(dev, "hardware not ready, error %d\n", error); 513 goto fail; 514 } 515 516 /* Allocate DMA memory for firmware transfers. */ 517 if ((error = iwn_alloc_fwmem(sc)) != 0) { 518 device_printf(dev, 519 "could not allocate memory for firmware, error %d\n", 520 error); 521 goto fail; 522 } 523 524 /* Allocate "Keep Warm" page. */ 525 if ((error = iwn_alloc_kw(sc)) != 0) { 526 device_printf(dev, 527 "could not allocate keep warm page, error %d\n", error); 528 goto fail; 529 } 530 531 /* Allocate ICT table for 5000 Series. */ 532 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 533 (error = iwn_alloc_ict(sc)) != 0) { 534 device_printf(dev, "could not allocate ICT table, error %d\n", 535 error); 536 goto fail; 537 } 538 539 /* Allocate TX scheduler "rings". */ 540 if ((error = iwn_alloc_sched(sc)) != 0) { 541 device_printf(dev, 542 "could not allocate TX scheduler rings, error %d\n", error); 543 goto fail; 544 } 545 546 /* Allocate TX rings (16 on 4965AGN, 20 on >=5000). */ 547 for (i = 0; i < sc->ntxqs; i++) { 548 if ((error = iwn_alloc_tx_ring(sc, &sc->txq[i], i)) != 0) { 549 device_printf(dev, 550 "could not allocate TX ring %d, error %d\n", i, 551 error); 552 goto fail; 553 } 554 } 555 556 /* Allocate RX ring. */ 557 if ((error = iwn_alloc_rx_ring(sc, &sc->rxq)) != 0) { 558 device_printf(dev, "could not allocate RX ring, error %d\n", 559 error); 560 goto fail; 561 } 562 563 /* Clear pending interrupts. */ 564 IWN_WRITE(sc, IWN_INT, 0xffffffff); 565 566 ic = &sc->sc_ic; 567 ic->ic_softc = sc; 568 ic->ic_name = device_get_nameunit(dev); 569 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 570 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 571 572 /* Set device capabilities. */ 573 ic->ic_caps = 574 IEEE80211_C_STA /* station mode supported */ 575 | IEEE80211_C_MONITOR /* monitor mode supported */ 576 #if 0 577 | IEEE80211_C_BGSCAN /* background scanning */ 578 #endif 579 | IEEE80211_C_TXPMGT /* tx power management */ 580 | IEEE80211_C_SHSLOT /* short slot time supported */ 581 | IEEE80211_C_WPA 582 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 583 #if 0 584 | IEEE80211_C_IBSS /* ibss/adhoc mode */ 585 #endif 586 | IEEE80211_C_WME /* WME */ 587 | IEEE80211_C_PMGT /* Station-side power mgmt */ 588 ; 589 590 /* Read MAC address, channels, etc from EEPROM. */ 591 if ((error = iwn_read_eeprom(sc, ic->ic_macaddr)) != 0) { 592 device_printf(dev, "could not read EEPROM, error %d\n", 593 error); 594 goto fail; 595 } 596 597 /* Count the number of available chains. */ 598 sc->ntxchains = 599 ((sc->txchainmask >> 2) & 1) + 600 ((sc->txchainmask >> 1) & 1) + 601 ((sc->txchainmask >> 0) & 1); 602 sc->nrxchains = 603 ((sc->rxchainmask >> 2) & 1) + 604 ((sc->rxchainmask >> 1) & 1) + 605 ((sc->rxchainmask >> 0) & 1); 606 if (bootverbose) { 607 device_printf(dev, "MIMO %dT%dR, %.4s, address %6D\n", 608 sc->ntxchains, sc->nrxchains, sc->eeprom_domain, 609 ic->ic_macaddr, ":"); 610 } 611 612 if (sc->sc_flags & IWN_FLAG_HAS_11N) { 613 ic->ic_rxstream = sc->nrxchains; 614 ic->ic_txstream = sc->ntxchains; 615 616 /* 617 * Some of the 3 antenna devices (ie, the 4965) only supports 618 * 2x2 operation. So correct the number of streams if 619 * it's not a 3-stream device. 620 */ 621 if (! iwn_is_3stream_device(sc)) { 622 if (ic->ic_rxstream > 2) 623 ic->ic_rxstream = 2; 624 if (ic->ic_txstream > 2) 625 ic->ic_txstream = 2; 626 } 627 628 ic->ic_htcaps = 629 IEEE80211_HTCAP_SMPS_OFF /* SMPS mode disabled */ 630 | IEEE80211_HTCAP_SHORTGI20 /* short GI in 20MHz */ 631 | IEEE80211_HTCAP_CHWIDTH40 /* 40MHz channel width*/ 632 | IEEE80211_HTCAP_SHORTGI40 /* short GI in 40MHz */ 633 #ifdef notyet 634 | IEEE80211_HTCAP_GREENFIELD 635 #if IWN_RBUF_SIZE == 8192 636 | IEEE80211_HTCAP_MAXAMSDU_7935 /* max A-MSDU length */ 637 #else 638 | IEEE80211_HTCAP_MAXAMSDU_3839 /* max A-MSDU length */ 639 #endif 640 #endif 641 /* s/w capabilities */ 642 | IEEE80211_HTC_HT /* HT operation */ 643 | IEEE80211_HTC_AMPDU /* tx A-MPDU */ 644 #ifdef notyet 645 | IEEE80211_HTC_AMSDU /* tx A-MSDU */ 646 #endif 647 ; 648 } 649 650 ieee80211_ifattach(ic); 651 ic->ic_vap_create = iwn_vap_create; 652 ic->ic_ioctl = iwn_ioctl; 653 ic->ic_parent = iwn_parent; 654 ic->ic_vap_delete = iwn_vap_delete; 655 ic->ic_transmit = iwn_transmit; 656 ic->ic_raw_xmit = iwn_raw_xmit; 657 ic->ic_node_alloc = iwn_node_alloc; 658 sc->sc_ampdu_rx_start = ic->ic_ampdu_rx_start; 659 ic->ic_ampdu_rx_start = iwn_ampdu_rx_start; 660 sc->sc_ampdu_rx_stop = ic->ic_ampdu_rx_stop; 661 ic->ic_ampdu_rx_stop = iwn_ampdu_rx_stop; 662 sc->sc_addba_request = ic->ic_addba_request; 663 ic->ic_addba_request = iwn_addba_request; 664 sc->sc_addba_response = ic->ic_addba_response; 665 ic->ic_addba_response = iwn_addba_response; 666 sc->sc_addba_stop = ic->ic_addba_stop; 667 ic->ic_addba_stop = iwn_ampdu_tx_stop; 668 ic->ic_newassoc = iwn_newassoc; 669 ic->ic_wme.wme_update = iwn_updateedca; 670 ic->ic_update_promisc = iwn_update_promisc; 671 ic->ic_update_mcast = iwn_update_mcast; 672 ic->ic_scan_start = iwn_scan_start; 673 ic->ic_scan_end = iwn_scan_end; 674 ic->ic_set_channel = iwn_set_channel; 675 ic->ic_scan_curchan = iwn_scan_curchan; 676 ic->ic_scan_mindwell = iwn_scan_mindwell; 677 ic->ic_getradiocaps = iwn_getradiocaps; 678 ic->ic_setregdomain = iwn_setregdomain; 679 680 iwn_radiotap_attach(sc); 681 682 callout_init_mtx(&sc->calib_to, &sc->sc_mtx, 0); 683 callout_init_mtx(&sc->scan_timeout, &sc->sc_mtx, 0); 684 callout_init_mtx(&sc->watchdog_to, &sc->sc_mtx, 0); 685 TASK_INIT(&sc->sc_rftoggle_task, 0, iwn_rftoggle_task, sc); 686 TASK_INIT(&sc->sc_panic_task, 0, iwn_panicked, sc); 687 TASK_INIT(&sc->sc_xmit_task, 0, iwn_xmit_task, sc); 688 689 mbufq_init(&sc->sc_xmit_queue, 1024); 690 691 sc->sc_tq = taskqueue_create("iwn_taskq", M_WAITOK, 692 taskqueue_thread_enqueue, &sc->sc_tq); 693 error = taskqueue_start_threads(&sc->sc_tq, 1, 0, "iwn_taskq"); 694 if (error != 0) { 695 device_printf(dev, "can't start threads, error %d\n", error); 696 goto fail; 697 } 698 699 iwn_sysctlattach(sc); 700 701 /* 702 * Hook our interrupt after all initialization is complete. 703 */ 704 error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET | INTR_MPSAFE, 705 NULL, iwn_intr, sc, &sc->sc_ih); 706 if (error != 0) { 707 device_printf(dev, "can't establish interrupt, error %d\n", 708 error); 709 goto fail; 710 } 711 712 #if 0 713 device_printf(sc->sc_dev, "%s: rx_stats=%d, rx_stats_bt=%d\n", 714 __func__, 715 sizeof(struct iwn_stats), 716 sizeof(struct iwn_stats_bt)); 717 #endif 718 719 if (bootverbose) 720 ieee80211_announce(ic); 721 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 722 723 /* Add debug ioctl right at the end */ 724 sc->sc_cdev = make_dev(&iwn_cdevsw, device_get_unit(dev), 725 UID_ROOT, GID_WHEEL, 0600, "%s", device_get_nameunit(dev)); 726 if (sc->sc_cdev == NULL) { 727 device_printf(dev, "failed to create debug character device\n"); 728 } else { 729 sc->sc_cdev->si_drv1 = sc; 730 } 731 return 0; 732 fail: 733 iwn_detach(dev); 734 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end in error\n",__func__); 735 return error; 736 } 737 738 /* 739 * Define specific configuration based on device id and subdevice id 740 * pid : PCI device id 741 */ 742 static int 743 iwn_config_specific(struct iwn_softc *sc, uint16_t pid) 744 { 745 746 switch (pid) { 747 /* 4965 series */ 748 case IWN_DID_4965_1: 749 case IWN_DID_4965_2: 750 case IWN_DID_4965_3: 751 case IWN_DID_4965_4: 752 sc->base_params = &iwn4965_base_params; 753 sc->limits = &iwn4965_sensitivity_limits; 754 sc->fwname = "iwn4965fw"; 755 /* Override chains masks, ROM is known to be broken. */ 756 sc->txchainmask = IWN_ANT_AB; 757 sc->rxchainmask = IWN_ANT_ABC; 758 /* Enable normal btcoex */ 759 sc->sc_flags |= IWN_FLAG_BTCOEX; 760 break; 761 /* 1000 Series */ 762 case IWN_DID_1000_1: 763 case IWN_DID_1000_2: 764 switch(sc->subdevice_id) { 765 case IWN_SDID_1000_1: 766 case IWN_SDID_1000_2: 767 case IWN_SDID_1000_3: 768 case IWN_SDID_1000_4: 769 case IWN_SDID_1000_5: 770 case IWN_SDID_1000_6: 771 case IWN_SDID_1000_7: 772 case IWN_SDID_1000_8: 773 case IWN_SDID_1000_9: 774 case IWN_SDID_1000_10: 775 case IWN_SDID_1000_11: 776 case IWN_SDID_1000_12: 777 sc->limits = &iwn1000_sensitivity_limits; 778 sc->base_params = &iwn1000_base_params; 779 sc->fwname = "iwn1000fw"; 780 break; 781 default: 782 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 783 "0x%04x rev %d not supported (subdevice)\n", pid, 784 sc->subdevice_id,sc->hw_type); 785 return ENOTSUP; 786 } 787 break; 788 /* 6x00 Series */ 789 case IWN_DID_6x00_2: 790 case IWN_DID_6x00_4: 791 case IWN_DID_6x00_1: 792 case IWN_DID_6x00_3: 793 sc->fwname = "iwn6000fw"; 794 sc->limits = &iwn6000_sensitivity_limits; 795 switch(sc->subdevice_id) { 796 case IWN_SDID_6x00_1: 797 case IWN_SDID_6x00_2: 798 case IWN_SDID_6x00_8: 799 //iwl6000_3agn_cfg 800 sc->base_params = &iwn_6000_base_params; 801 break; 802 case IWN_SDID_6x00_3: 803 case IWN_SDID_6x00_6: 804 case IWN_SDID_6x00_9: 805 ////iwl6000i_2agn 806 case IWN_SDID_6x00_4: 807 case IWN_SDID_6x00_7: 808 case IWN_SDID_6x00_10: 809 //iwl6000i_2abg_cfg 810 case IWN_SDID_6x00_5: 811 //iwl6000i_2bg_cfg 812 sc->base_params = &iwn_6000i_base_params; 813 sc->sc_flags |= IWN_FLAG_INTERNAL_PA; 814 sc->txchainmask = IWN_ANT_BC; 815 sc->rxchainmask = IWN_ANT_BC; 816 break; 817 default: 818 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 819 "0x%04x rev %d not supported (subdevice)\n", pid, 820 sc->subdevice_id,sc->hw_type); 821 return ENOTSUP; 822 } 823 break; 824 /* 6x05 Series */ 825 case IWN_DID_6x05_1: 826 case IWN_DID_6x05_2: 827 switch(sc->subdevice_id) { 828 case IWN_SDID_6x05_1: 829 case IWN_SDID_6x05_4: 830 case IWN_SDID_6x05_6: 831 //iwl6005_2agn_cfg 832 case IWN_SDID_6x05_2: 833 case IWN_SDID_6x05_5: 834 case IWN_SDID_6x05_7: 835 //iwl6005_2abg_cfg 836 case IWN_SDID_6x05_3: 837 //iwl6005_2bg_cfg 838 case IWN_SDID_6x05_8: 839 case IWN_SDID_6x05_9: 840 //iwl6005_2agn_sff_cfg 841 case IWN_SDID_6x05_10: 842 //iwl6005_2agn_d_cfg 843 case IWN_SDID_6x05_11: 844 //iwl6005_2agn_mow1_cfg 845 case IWN_SDID_6x05_12: 846 //iwl6005_2agn_mow2_cfg 847 sc->fwname = "iwn6000g2afw"; 848 sc->limits = &iwn6000_sensitivity_limits; 849 sc->base_params = &iwn_6000g2_base_params; 850 break; 851 default: 852 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 853 "0x%04x rev %d not supported (subdevice)\n", pid, 854 sc->subdevice_id,sc->hw_type); 855 return ENOTSUP; 856 } 857 break; 858 /* 6x35 Series */ 859 case IWN_DID_6035_1: 860 case IWN_DID_6035_2: 861 switch(sc->subdevice_id) { 862 case IWN_SDID_6035_1: 863 case IWN_SDID_6035_2: 864 case IWN_SDID_6035_3: 865 case IWN_SDID_6035_4: 866 case IWN_SDID_6035_5: 867 sc->fwname = "iwn6000g2bfw"; 868 sc->limits = &iwn6235_sensitivity_limits; 869 sc->base_params = &iwn_6235_base_params; 870 break; 871 default: 872 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 873 "0x%04x rev %d not supported (subdevice)\n", pid, 874 sc->subdevice_id,sc->hw_type); 875 return ENOTSUP; 876 } 877 break; 878 /* 6x50 WiFi/WiMax Series */ 879 case IWN_DID_6050_1: 880 case IWN_DID_6050_2: 881 switch(sc->subdevice_id) { 882 case IWN_SDID_6050_1: 883 case IWN_SDID_6050_3: 884 case IWN_SDID_6050_5: 885 //iwl6050_2agn_cfg 886 case IWN_SDID_6050_2: 887 case IWN_SDID_6050_4: 888 case IWN_SDID_6050_6: 889 //iwl6050_2abg_cfg 890 sc->fwname = "iwn6050fw"; 891 sc->txchainmask = IWN_ANT_AB; 892 sc->rxchainmask = IWN_ANT_AB; 893 sc->limits = &iwn6000_sensitivity_limits; 894 sc->base_params = &iwn_6050_base_params; 895 break; 896 default: 897 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 898 "0x%04x rev %d not supported (subdevice)\n", pid, 899 sc->subdevice_id,sc->hw_type); 900 return ENOTSUP; 901 } 902 break; 903 /* 6150 WiFi/WiMax Series */ 904 case IWN_DID_6150_1: 905 case IWN_DID_6150_2: 906 switch(sc->subdevice_id) { 907 case IWN_SDID_6150_1: 908 case IWN_SDID_6150_3: 909 case IWN_SDID_6150_5: 910 // iwl6150_bgn_cfg 911 case IWN_SDID_6150_2: 912 case IWN_SDID_6150_4: 913 case IWN_SDID_6150_6: 914 //iwl6150_bg_cfg 915 sc->fwname = "iwn6050fw"; 916 sc->limits = &iwn6000_sensitivity_limits; 917 sc->base_params = &iwn_6150_base_params; 918 break; 919 default: 920 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 921 "0x%04x rev %d not supported (subdevice)\n", pid, 922 sc->subdevice_id,sc->hw_type); 923 return ENOTSUP; 924 } 925 break; 926 /* 6030 Series and 1030 Series */ 927 case IWN_DID_x030_1: 928 case IWN_DID_x030_2: 929 case IWN_DID_x030_3: 930 case IWN_DID_x030_4: 931 switch(sc->subdevice_id) { 932 case IWN_SDID_x030_1: 933 case IWN_SDID_x030_3: 934 case IWN_SDID_x030_5: 935 // iwl1030_bgn_cfg 936 case IWN_SDID_x030_2: 937 case IWN_SDID_x030_4: 938 case IWN_SDID_x030_6: 939 //iwl1030_bg_cfg 940 case IWN_SDID_x030_7: 941 case IWN_SDID_x030_10: 942 case IWN_SDID_x030_14: 943 //iwl6030_2agn_cfg 944 case IWN_SDID_x030_8: 945 case IWN_SDID_x030_11: 946 case IWN_SDID_x030_15: 947 // iwl6030_2bgn_cfg 948 case IWN_SDID_x030_9: 949 case IWN_SDID_x030_12: 950 case IWN_SDID_x030_16: 951 // iwl6030_2abg_cfg 952 case IWN_SDID_x030_13: 953 //iwl6030_2bg_cfg 954 sc->fwname = "iwn6000g2bfw"; 955 sc->limits = &iwn6000_sensitivity_limits; 956 sc->base_params = &iwn_6000g2b_base_params; 957 break; 958 default: 959 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 960 "0x%04x rev %d not supported (subdevice)\n", pid, 961 sc->subdevice_id,sc->hw_type); 962 return ENOTSUP; 963 } 964 break; 965 /* 130 Series WiFi */ 966 /* XXX: This series will need adjustment for rate. 967 * see rx_with_siso_diversity in linux kernel 968 */ 969 case IWN_DID_130_1: 970 case IWN_DID_130_2: 971 switch(sc->subdevice_id) { 972 case IWN_SDID_130_1: 973 case IWN_SDID_130_3: 974 case IWN_SDID_130_5: 975 //iwl130_bgn_cfg 976 case IWN_SDID_130_2: 977 case IWN_SDID_130_4: 978 case IWN_SDID_130_6: 979 //iwl130_bg_cfg 980 sc->fwname = "iwn6000g2bfw"; 981 sc->limits = &iwn6000_sensitivity_limits; 982 sc->base_params = &iwn_6000g2b_base_params; 983 break; 984 default: 985 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 986 "0x%04x rev %d not supported (subdevice)\n", pid, 987 sc->subdevice_id,sc->hw_type); 988 return ENOTSUP; 989 } 990 break; 991 /* 100 Series WiFi */ 992 case IWN_DID_100_1: 993 case IWN_DID_100_2: 994 switch(sc->subdevice_id) { 995 case IWN_SDID_100_1: 996 case IWN_SDID_100_2: 997 case IWN_SDID_100_3: 998 case IWN_SDID_100_4: 999 case IWN_SDID_100_5: 1000 case IWN_SDID_100_6: 1001 sc->limits = &iwn1000_sensitivity_limits; 1002 sc->base_params = &iwn1000_base_params; 1003 sc->fwname = "iwn100fw"; 1004 break; 1005 default: 1006 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1007 "0x%04x rev %d not supported (subdevice)\n", pid, 1008 sc->subdevice_id,sc->hw_type); 1009 return ENOTSUP; 1010 } 1011 break; 1012 1013 /* 105 Series */ 1014 /* XXX: This series will need adjustment for rate. 1015 * see rx_with_siso_diversity in linux kernel 1016 */ 1017 case IWN_DID_105_1: 1018 case IWN_DID_105_2: 1019 switch(sc->subdevice_id) { 1020 case IWN_SDID_105_1: 1021 case IWN_SDID_105_2: 1022 case IWN_SDID_105_3: 1023 //iwl105_bgn_cfg 1024 case IWN_SDID_105_4: 1025 //iwl105_bgn_d_cfg 1026 sc->limits = &iwn2030_sensitivity_limits; 1027 sc->base_params = &iwn2000_base_params; 1028 sc->fwname = "iwn105fw"; 1029 break; 1030 default: 1031 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1032 "0x%04x rev %d not supported (subdevice)\n", pid, 1033 sc->subdevice_id,sc->hw_type); 1034 return ENOTSUP; 1035 } 1036 break; 1037 1038 /* 135 Series */ 1039 /* XXX: This series will need adjustment for rate. 1040 * see rx_with_siso_diversity in linux kernel 1041 */ 1042 case IWN_DID_135_1: 1043 case IWN_DID_135_2: 1044 switch(sc->subdevice_id) { 1045 case IWN_SDID_135_1: 1046 case IWN_SDID_135_2: 1047 case IWN_SDID_135_3: 1048 sc->limits = &iwn2030_sensitivity_limits; 1049 sc->base_params = &iwn2030_base_params; 1050 sc->fwname = "iwn135fw"; 1051 break; 1052 default: 1053 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1054 "0x%04x rev %d not supported (subdevice)\n", pid, 1055 sc->subdevice_id,sc->hw_type); 1056 return ENOTSUP; 1057 } 1058 break; 1059 1060 /* 2x00 Series */ 1061 case IWN_DID_2x00_1: 1062 case IWN_DID_2x00_2: 1063 switch(sc->subdevice_id) { 1064 case IWN_SDID_2x00_1: 1065 case IWN_SDID_2x00_2: 1066 case IWN_SDID_2x00_3: 1067 //iwl2000_2bgn_cfg 1068 case IWN_SDID_2x00_4: 1069 //iwl2000_2bgn_d_cfg 1070 sc->limits = &iwn2030_sensitivity_limits; 1071 sc->base_params = &iwn2000_base_params; 1072 sc->fwname = "iwn2000fw"; 1073 break; 1074 default: 1075 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1076 "0x%04x rev %d not supported (subdevice) \n", 1077 pid, sc->subdevice_id, sc->hw_type); 1078 return ENOTSUP; 1079 } 1080 break; 1081 /* 2x30 Series */ 1082 case IWN_DID_2x30_1: 1083 case IWN_DID_2x30_2: 1084 switch(sc->subdevice_id) { 1085 case IWN_SDID_2x30_1: 1086 case IWN_SDID_2x30_3: 1087 case IWN_SDID_2x30_5: 1088 //iwl100_bgn_cfg 1089 case IWN_SDID_2x30_2: 1090 case IWN_SDID_2x30_4: 1091 case IWN_SDID_2x30_6: 1092 //iwl100_bg_cfg 1093 sc->limits = &iwn2030_sensitivity_limits; 1094 sc->base_params = &iwn2030_base_params; 1095 sc->fwname = "iwn2030fw"; 1096 break; 1097 default: 1098 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1099 "0x%04x rev %d not supported (subdevice)\n", pid, 1100 sc->subdevice_id,sc->hw_type); 1101 return ENOTSUP; 1102 } 1103 break; 1104 /* 5x00 Series */ 1105 case IWN_DID_5x00_1: 1106 case IWN_DID_5x00_2: 1107 case IWN_DID_5x00_3: 1108 case IWN_DID_5x00_4: 1109 sc->limits = &iwn5000_sensitivity_limits; 1110 sc->base_params = &iwn5000_base_params; 1111 sc->fwname = "iwn5000fw"; 1112 switch(sc->subdevice_id) { 1113 case IWN_SDID_5x00_1: 1114 case IWN_SDID_5x00_2: 1115 case IWN_SDID_5x00_3: 1116 case IWN_SDID_5x00_4: 1117 case IWN_SDID_5x00_9: 1118 case IWN_SDID_5x00_10: 1119 case IWN_SDID_5x00_11: 1120 case IWN_SDID_5x00_12: 1121 case IWN_SDID_5x00_17: 1122 case IWN_SDID_5x00_18: 1123 case IWN_SDID_5x00_19: 1124 case IWN_SDID_5x00_20: 1125 //iwl5100_agn_cfg 1126 sc->txchainmask = IWN_ANT_B; 1127 sc->rxchainmask = IWN_ANT_AB; 1128 break; 1129 case IWN_SDID_5x00_5: 1130 case IWN_SDID_5x00_6: 1131 case IWN_SDID_5x00_13: 1132 case IWN_SDID_5x00_14: 1133 case IWN_SDID_5x00_21: 1134 case IWN_SDID_5x00_22: 1135 //iwl5100_bgn_cfg 1136 sc->txchainmask = IWN_ANT_B; 1137 sc->rxchainmask = IWN_ANT_AB; 1138 break; 1139 case IWN_SDID_5x00_7: 1140 case IWN_SDID_5x00_8: 1141 case IWN_SDID_5x00_15: 1142 case IWN_SDID_5x00_16: 1143 case IWN_SDID_5x00_23: 1144 case IWN_SDID_5x00_24: 1145 //iwl5100_abg_cfg 1146 sc->txchainmask = IWN_ANT_B; 1147 sc->rxchainmask = IWN_ANT_AB; 1148 break; 1149 case IWN_SDID_5x00_25: 1150 case IWN_SDID_5x00_26: 1151 case IWN_SDID_5x00_27: 1152 case IWN_SDID_5x00_28: 1153 case IWN_SDID_5x00_29: 1154 case IWN_SDID_5x00_30: 1155 case IWN_SDID_5x00_31: 1156 case IWN_SDID_5x00_32: 1157 case IWN_SDID_5x00_33: 1158 case IWN_SDID_5x00_34: 1159 case IWN_SDID_5x00_35: 1160 case IWN_SDID_5x00_36: 1161 //iwl5300_agn_cfg 1162 sc->txchainmask = IWN_ANT_ABC; 1163 sc->rxchainmask = IWN_ANT_ABC; 1164 break; 1165 default: 1166 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1167 "0x%04x rev %d not supported (subdevice)\n", pid, 1168 sc->subdevice_id,sc->hw_type); 1169 return ENOTSUP; 1170 } 1171 break; 1172 /* 5x50 Series */ 1173 case IWN_DID_5x50_1: 1174 case IWN_DID_5x50_2: 1175 case IWN_DID_5x50_3: 1176 case IWN_DID_5x50_4: 1177 sc->limits = &iwn5000_sensitivity_limits; 1178 sc->base_params = &iwn5000_base_params; 1179 sc->fwname = "iwn5000fw"; 1180 switch(sc->subdevice_id) { 1181 case IWN_SDID_5x50_1: 1182 case IWN_SDID_5x50_2: 1183 case IWN_SDID_5x50_3: 1184 //iwl5350_agn_cfg 1185 sc->limits = &iwn5000_sensitivity_limits; 1186 sc->base_params = &iwn5000_base_params; 1187 sc->fwname = "iwn5000fw"; 1188 break; 1189 case IWN_SDID_5x50_4: 1190 case IWN_SDID_5x50_5: 1191 case IWN_SDID_5x50_8: 1192 case IWN_SDID_5x50_9: 1193 case IWN_SDID_5x50_10: 1194 case IWN_SDID_5x50_11: 1195 //iwl5150_agn_cfg 1196 case IWN_SDID_5x50_6: 1197 case IWN_SDID_5x50_7: 1198 case IWN_SDID_5x50_12: 1199 case IWN_SDID_5x50_13: 1200 //iwl5150_abg_cfg 1201 sc->limits = &iwn5000_sensitivity_limits; 1202 sc->fwname = "iwn5150fw"; 1203 sc->base_params = &iwn_5x50_base_params; 1204 break; 1205 default: 1206 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id :" 1207 "0x%04x rev %d not supported (subdevice)\n", pid, 1208 sc->subdevice_id,sc->hw_type); 1209 return ENOTSUP; 1210 } 1211 break; 1212 default: 1213 device_printf(sc->sc_dev, "adapter type id : 0x%04x sub id : 0x%04x" 1214 "rev 0x%08x not supported (device)\n", pid, sc->subdevice_id, 1215 sc->hw_type); 1216 return ENOTSUP; 1217 } 1218 return 0; 1219 } 1220 1221 static void 1222 iwn4965_attach(struct iwn_softc *sc, uint16_t pid) 1223 { 1224 struct iwn_ops *ops = &sc->ops; 1225 1226 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1227 1228 ops->load_firmware = iwn4965_load_firmware; 1229 ops->read_eeprom = iwn4965_read_eeprom; 1230 ops->post_alive = iwn4965_post_alive; 1231 ops->nic_config = iwn4965_nic_config; 1232 ops->update_sched = iwn4965_update_sched; 1233 ops->get_temperature = iwn4965_get_temperature; 1234 ops->get_rssi = iwn4965_get_rssi; 1235 ops->set_txpower = iwn4965_set_txpower; 1236 ops->init_gains = iwn4965_init_gains; 1237 ops->set_gains = iwn4965_set_gains; 1238 ops->rxon_assoc = iwn4965_rxon_assoc; 1239 ops->add_node = iwn4965_add_node; 1240 ops->tx_done = iwn4965_tx_done; 1241 ops->ampdu_tx_start = iwn4965_ampdu_tx_start; 1242 ops->ampdu_tx_stop = iwn4965_ampdu_tx_stop; 1243 sc->ntxqs = IWN4965_NTXQUEUES; 1244 sc->firstaggqueue = IWN4965_FIRSTAGGQUEUE; 1245 sc->ndmachnls = IWN4965_NDMACHNLS; 1246 sc->broadcast_id = IWN4965_ID_BROADCAST; 1247 sc->rxonsz = IWN4965_RXONSZ; 1248 sc->schedsz = IWN4965_SCHEDSZ; 1249 sc->fw_text_maxsz = IWN4965_FW_TEXT_MAXSZ; 1250 sc->fw_data_maxsz = IWN4965_FW_DATA_MAXSZ; 1251 sc->fwsz = IWN4965_FWSZ; 1252 sc->sched_txfact_addr = IWN4965_SCHED_TXFACT; 1253 sc->limits = &iwn4965_sensitivity_limits; 1254 sc->fwname = "iwn4965fw"; 1255 /* Override chains masks, ROM is known to be broken. */ 1256 sc->txchainmask = IWN_ANT_AB; 1257 sc->rxchainmask = IWN_ANT_ABC; 1258 /* Enable normal btcoex */ 1259 sc->sc_flags |= IWN_FLAG_BTCOEX; 1260 1261 DPRINTF(sc, IWN_DEBUG_TRACE, "%s: end\n",__func__); 1262 } 1263 1264 static void 1265 iwn5000_attach(struct iwn_softc *sc, uint16_t pid) 1266 { 1267 struct iwn_ops *ops = &sc->ops; 1268 1269 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1270 1271 ops->load_firmware = iwn5000_load_firmware; 1272 ops->read_eeprom = iwn5000_read_eeprom; 1273 ops->post_alive = iwn5000_post_alive; 1274 ops->nic_config = iwn5000_nic_config; 1275 ops->update_sched = iwn5000_update_sched; 1276 ops->get_temperature = iwn5000_get_temperature; 1277 ops->get_rssi = iwn5000_get_rssi; 1278 ops->set_txpower = iwn5000_set_txpower; 1279 ops->init_gains = iwn5000_init_gains; 1280 ops->set_gains = iwn5000_set_gains; 1281 ops->rxon_assoc = iwn5000_rxon_assoc; 1282 ops->add_node = iwn5000_add_node; 1283 ops->tx_done = iwn5000_tx_done; 1284 ops->ampdu_tx_start = iwn5000_ampdu_tx_start; 1285 ops->ampdu_tx_stop = iwn5000_ampdu_tx_stop; 1286 sc->ntxqs = IWN5000_NTXQUEUES; 1287 sc->firstaggqueue = IWN5000_FIRSTAGGQUEUE; 1288 sc->ndmachnls = IWN5000_NDMACHNLS; 1289 sc->broadcast_id = IWN5000_ID_BROADCAST; 1290 sc->rxonsz = IWN5000_RXONSZ; 1291 sc->schedsz = IWN5000_SCHEDSZ; 1292 sc->fw_text_maxsz = IWN5000_FW_TEXT_MAXSZ; 1293 sc->fw_data_maxsz = IWN5000_FW_DATA_MAXSZ; 1294 sc->fwsz = IWN5000_FWSZ; 1295 sc->sched_txfact_addr = IWN5000_SCHED_TXFACT; 1296 sc->reset_noise_gain = IWN5000_PHY_CALIB_RESET_NOISE_GAIN; 1297 sc->noise_gain = IWN5000_PHY_CALIB_NOISE_GAIN; 1298 1299 DPRINTF(sc, IWN_DEBUG_TRACE, "%s: end\n",__func__); 1300 } 1301 1302 /* 1303 * Attach the interface to 802.11 radiotap. 1304 */ 1305 static void 1306 iwn_radiotap_attach(struct iwn_softc *sc) 1307 { 1308 1309 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1310 ieee80211_radiotap_attach(&sc->sc_ic, 1311 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 1312 IWN_TX_RADIOTAP_PRESENT, 1313 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 1314 IWN_RX_RADIOTAP_PRESENT); 1315 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 1316 } 1317 1318 static void 1319 iwn_sysctlattach(struct iwn_softc *sc) 1320 { 1321 #ifdef IWN_DEBUG 1322 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 1323 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 1324 1325 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 1326 "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug, 1327 "control debugging printfs"); 1328 #endif 1329 } 1330 1331 static struct ieee80211vap * 1332 iwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 1333 enum ieee80211_opmode opmode, int flags, 1334 const uint8_t bssid[IEEE80211_ADDR_LEN], 1335 const uint8_t mac[IEEE80211_ADDR_LEN]) 1336 { 1337 struct iwn_softc *sc = ic->ic_softc; 1338 struct iwn_vap *ivp; 1339 struct ieee80211vap *vap; 1340 1341 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 1342 return NULL; 1343 1344 ivp = malloc(sizeof(struct iwn_vap), M_80211_VAP, M_WAITOK | M_ZERO); 1345 vap = &ivp->iv_vap; 1346 ieee80211_vap_setup(ic, vap, name, unit, opmode, flags, bssid); 1347 ivp->ctx = IWN_RXON_BSS_CTX; 1348 vap->iv_bmissthreshold = 10; /* override default */ 1349 /* Override with driver methods. */ 1350 ivp->iv_newstate = vap->iv_newstate; 1351 vap->iv_newstate = iwn_newstate; 1352 sc->ivap[IWN_RXON_BSS_CTX] = vap; 1353 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K; 1354 vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_4; /* 4uS */ 1355 1356 ieee80211_ratectl_init(vap); 1357 /* Complete setup. */ 1358 ieee80211_vap_attach(vap, ieee80211_media_change, 1359 ieee80211_media_status, mac); 1360 ic->ic_opmode = opmode; 1361 return vap; 1362 } 1363 1364 static void 1365 iwn_vap_delete(struct ieee80211vap *vap) 1366 { 1367 struct iwn_vap *ivp = IWN_VAP(vap); 1368 1369 ieee80211_ratectl_deinit(vap); 1370 ieee80211_vap_detach(vap); 1371 free(ivp, M_80211_VAP); 1372 } 1373 1374 static void 1375 iwn_xmit_queue_drain(struct iwn_softc *sc) 1376 { 1377 struct mbuf *m; 1378 struct ieee80211_node *ni; 1379 1380 IWN_LOCK_ASSERT(sc); 1381 while ((m = mbufq_dequeue(&sc->sc_xmit_queue)) != NULL) { 1382 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 1383 ieee80211_free_node(ni); 1384 m_freem(m); 1385 } 1386 } 1387 1388 static int 1389 iwn_xmit_queue_enqueue(struct iwn_softc *sc, struct mbuf *m) 1390 { 1391 1392 IWN_LOCK_ASSERT(sc); 1393 return (mbufq_enqueue(&sc->sc_xmit_queue, m)); 1394 } 1395 1396 static int 1397 iwn_detach(device_t dev) 1398 { 1399 struct iwn_softc *sc = device_get_softc(dev); 1400 int qid; 1401 1402 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1403 1404 if (sc->sc_ic.ic_softc != NULL) { 1405 /* Free the mbuf queue and node references */ 1406 IWN_LOCK(sc); 1407 iwn_xmit_queue_drain(sc); 1408 IWN_UNLOCK(sc); 1409 1410 iwn_stop(sc); 1411 1412 taskqueue_drain_all(sc->sc_tq); 1413 taskqueue_free(sc->sc_tq); 1414 1415 callout_drain(&sc->watchdog_to); 1416 callout_drain(&sc->scan_timeout); 1417 callout_drain(&sc->calib_to); 1418 ieee80211_ifdetach(&sc->sc_ic); 1419 } 1420 1421 /* Uninstall interrupt handler. */ 1422 if (sc->irq != NULL) { 1423 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 1424 bus_release_resource(dev, SYS_RES_IRQ, rman_get_rid(sc->irq), 1425 sc->irq); 1426 pci_release_msi(dev); 1427 } 1428 1429 /* Free DMA resources. */ 1430 iwn_free_rx_ring(sc, &sc->rxq); 1431 for (qid = 0; qid < sc->ntxqs; qid++) 1432 iwn_free_tx_ring(sc, &sc->txq[qid]); 1433 iwn_free_sched(sc); 1434 iwn_free_kw(sc); 1435 if (sc->ict != NULL) 1436 iwn_free_ict(sc); 1437 iwn_free_fwmem(sc); 1438 1439 if (sc->mem != NULL) 1440 bus_release_resource(dev, SYS_RES_MEMORY, 1441 rman_get_rid(sc->mem), sc->mem); 1442 1443 if (sc->sc_cdev) { 1444 destroy_dev(sc->sc_cdev); 1445 sc->sc_cdev = NULL; 1446 } 1447 1448 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n", __func__); 1449 IWN_LOCK_DESTROY(sc); 1450 return 0; 1451 } 1452 1453 static int 1454 iwn_shutdown(device_t dev) 1455 { 1456 struct iwn_softc *sc = device_get_softc(dev); 1457 1458 iwn_stop(sc); 1459 return 0; 1460 } 1461 1462 static int 1463 iwn_suspend(device_t dev) 1464 { 1465 struct iwn_softc *sc = device_get_softc(dev); 1466 1467 ieee80211_suspend_all(&sc->sc_ic); 1468 return 0; 1469 } 1470 1471 static int 1472 iwn_resume(device_t dev) 1473 { 1474 struct iwn_softc *sc = device_get_softc(dev); 1475 1476 /* Clear device-specific "PCI retry timeout" register (41h). */ 1477 pci_write_config(dev, 0x41, 0, 1); 1478 1479 ieee80211_resume_all(&sc->sc_ic); 1480 return 0; 1481 } 1482 1483 static int 1484 iwn_nic_lock(struct iwn_softc *sc) 1485 { 1486 int ntries; 1487 1488 /* Request exclusive access to NIC. */ 1489 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 1490 1491 /* Spin until we actually get the lock. */ 1492 for (ntries = 0; ntries < 1000; ntries++) { 1493 if ((IWN_READ(sc, IWN_GP_CNTRL) & 1494 (IWN_GP_CNTRL_MAC_ACCESS_ENA | IWN_GP_CNTRL_SLEEP)) == 1495 IWN_GP_CNTRL_MAC_ACCESS_ENA) 1496 return 0; 1497 DELAY(10); 1498 } 1499 return ETIMEDOUT; 1500 } 1501 1502 static __inline void 1503 iwn_nic_unlock(struct iwn_softc *sc) 1504 { 1505 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_MAC_ACCESS_REQ); 1506 } 1507 1508 static __inline uint32_t 1509 iwn_prph_read(struct iwn_softc *sc, uint32_t addr) 1510 { 1511 IWN_WRITE(sc, IWN_PRPH_RADDR, IWN_PRPH_DWORD | addr); 1512 IWN_BARRIER_READ_WRITE(sc); 1513 return IWN_READ(sc, IWN_PRPH_RDATA); 1514 } 1515 1516 static __inline void 1517 iwn_prph_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 1518 { 1519 IWN_WRITE(sc, IWN_PRPH_WADDR, IWN_PRPH_DWORD | addr); 1520 IWN_BARRIER_WRITE(sc); 1521 IWN_WRITE(sc, IWN_PRPH_WDATA, data); 1522 } 1523 1524 static __inline void 1525 iwn_prph_setbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 1526 { 1527 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) | mask); 1528 } 1529 1530 static __inline void 1531 iwn_prph_clrbits(struct iwn_softc *sc, uint32_t addr, uint32_t mask) 1532 { 1533 iwn_prph_write(sc, addr, iwn_prph_read(sc, addr) & ~mask); 1534 } 1535 1536 static __inline void 1537 iwn_prph_write_region_4(struct iwn_softc *sc, uint32_t addr, 1538 const uint32_t *data, int count) 1539 { 1540 for (; count > 0; count--, data++, addr += 4) 1541 iwn_prph_write(sc, addr, *data); 1542 } 1543 1544 static __inline uint32_t 1545 iwn_mem_read(struct iwn_softc *sc, uint32_t addr) 1546 { 1547 IWN_WRITE(sc, IWN_MEM_RADDR, addr); 1548 IWN_BARRIER_READ_WRITE(sc); 1549 return IWN_READ(sc, IWN_MEM_RDATA); 1550 } 1551 1552 static __inline void 1553 iwn_mem_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 1554 { 1555 IWN_WRITE(sc, IWN_MEM_WADDR, addr); 1556 IWN_BARRIER_WRITE(sc); 1557 IWN_WRITE(sc, IWN_MEM_WDATA, data); 1558 } 1559 1560 static __inline void 1561 iwn_mem_write_2(struct iwn_softc *sc, uint32_t addr, uint16_t data) 1562 { 1563 uint32_t tmp; 1564 1565 tmp = iwn_mem_read(sc, addr & ~3); 1566 if (addr & 3) 1567 tmp = (tmp & 0x0000ffff) | data << 16; 1568 else 1569 tmp = (tmp & 0xffff0000) | data; 1570 iwn_mem_write(sc, addr & ~3, tmp); 1571 } 1572 1573 static __inline void 1574 iwn_mem_read_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t *data, 1575 int count) 1576 { 1577 for (; count > 0; count--, addr += 4) 1578 *data++ = iwn_mem_read(sc, addr); 1579 } 1580 1581 static __inline void 1582 iwn_mem_set_region_4(struct iwn_softc *sc, uint32_t addr, uint32_t val, 1583 int count) 1584 { 1585 for (; count > 0; count--, addr += 4) 1586 iwn_mem_write(sc, addr, val); 1587 } 1588 1589 static int 1590 iwn_eeprom_lock(struct iwn_softc *sc) 1591 { 1592 int i, ntries; 1593 1594 for (i = 0; i < 100; i++) { 1595 /* Request exclusive access to EEPROM. */ 1596 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 1597 IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1598 1599 /* Spin until we actually get the lock. */ 1600 for (ntries = 0; ntries < 100; ntries++) { 1601 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 1602 IWN_HW_IF_CONFIG_EEPROM_LOCKED) 1603 return 0; 1604 DELAY(10); 1605 } 1606 } 1607 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end timeout\n", __func__); 1608 return ETIMEDOUT; 1609 } 1610 1611 static __inline void 1612 iwn_eeprom_unlock(struct iwn_softc *sc) 1613 { 1614 IWN_CLRBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_EEPROM_LOCKED); 1615 } 1616 1617 /* 1618 * Initialize access by host to One Time Programmable ROM. 1619 * NB: This kind of ROM can be found on 1000 or 6000 Series only. 1620 */ 1621 static int 1622 iwn_init_otprom(struct iwn_softc *sc) 1623 { 1624 uint16_t prev, base, next; 1625 int count, error; 1626 1627 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1628 1629 /* Wait for clock stabilization before accessing prph. */ 1630 if ((error = iwn_clock_wait(sc)) != 0) 1631 return error; 1632 1633 if ((error = iwn_nic_lock(sc)) != 0) 1634 return error; 1635 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1636 DELAY(5); 1637 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_RESET_REQ); 1638 iwn_nic_unlock(sc); 1639 1640 /* Set auto clock gate disable bit for HW with OTP shadow RAM. */ 1641 if (sc->base_params->shadow_ram_support) { 1642 IWN_SETBITS(sc, IWN_DBG_LINK_PWR_MGMT, 1643 IWN_RESET_LINK_PWR_MGMT_DIS); 1644 } 1645 IWN_CLRBITS(sc, IWN_EEPROM_GP, IWN_EEPROM_GP_IF_OWNER); 1646 /* Clear ECC status. */ 1647 IWN_SETBITS(sc, IWN_OTP_GP, 1648 IWN_OTP_GP_ECC_CORR_STTS | IWN_OTP_GP_ECC_UNCORR_STTS); 1649 1650 /* 1651 * Find the block before last block (contains the EEPROM image) 1652 * for HW without OTP shadow RAM. 1653 */ 1654 if (! sc->base_params->shadow_ram_support) { 1655 /* Switch to absolute addressing mode. */ 1656 IWN_CLRBITS(sc, IWN_OTP_GP, IWN_OTP_GP_RELATIVE_ACCESS); 1657 base = prev = 0; 1658 for (count = 0; count < sc->base_params->max_ll_items; 1659 count++) { 1660 error = iwn_read_prom_data(sc, base, &next, 2); 1661 if (error != 0) 1662 return error; 1663 if (next == 0) /* End of linked-list. */ 1664 break; 1665 prev = base; 1666 base = le16toh(next); 1667 } 1668 if (count == 0 || count == sc->base_params->max_ll_items) 1669 return EIO; 1670 /* Skip "next" word. */ 1671 sc->prom_base = prev + 1; 1672 } 1673 1674 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 1675 1676 return 0; 1677 } 1678 1679 static int 1680 iwn_read_prom_data(struct iwn_softc *sc, uint32_t addr, void *data, int count) 1681 { 1682 uint8_t *out = data; 1683 uint32_t val, tmp; 1684 int ntries; 1685 1686 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1687 1688 addr += sc->prom_base; 1689 for (; count > 0; count -= 2, addr++) { 1690 IWN_WRITE(sc, IWN_EEPROM, addr << 2); 1691 for (ntries = 0; ntries < 20; ntries++) { 1692 val = IWN_READ(sc, IWN_EEPROM); 1693 if (val & IWN_EEPROM_READ_VALID) 1694 break; 1695 DELAY(5); 1696 } 1697 if (ntries == 20) { 1698 device_printf(sc->sc_dev, 1699 "timeout reading ROM at 0x%x\n", addr); 1700 return ETIMEDOUT; 1701 } 1702 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 1703 /* OTPROM, check for ECC errors. */ 1704 tmp = IWN_READ(sc, IWN_OTP_GP); 1705 if (tmp & IWN_OTP_GP_ECC_UNCORR_STTS) { 1706 device_printf(sc->sc_dev, 1707 "OTPROM ECC error at 0x%x\n", addr); 1708 return EIO; 1709 } 1710 if (tmp & IWN_OTP_GP_ECC_CORR_STTS) { 1711 /* Correctable ECC error, clear bit. */ 1712 IWN_SETBITS(sc, IWN_OTP_GP, 1713 IWN_OTP_GP_ECC_CORR_STTS); 1714 } 1715 } 1716 *out++ = val >> 16; 1717 if (count > 1) 1718 *out++ = val >> 24; 1719 } 1720 1721 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 1722 1723 return 0; 1724 } 1725 1726 static void 1727 iwn_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nsegs, int error) 1728 { 1729 if (error != 0) 1730 return; 1731 KASSERT(nsegs == 1, ("too many DMA segments, %d should be 1", nsegs)); 1732 *(bus_addr_t *)arg = segs[0].ds_addr; 1733 } 1734 1735 static int 1736 iwn_dma_contig_alloc(struct iwn_softc *sc, struct iwn_dma_info *dma, 1737 void **kvap, bus_size_t size, bus_size_t alignment) 1738 { 1739 int error; 1740 1741 dma->tag = NULL; 1742 dma->size = size; 1743 1744 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), alignment, 1745 0, BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, size, 1746 1, size, 0, NULL, NULL, &dma->tag); 1747 if (error != 0) 1748 goto fail; 1749 1750 error = bus_dmamem_alloc(dma->tag, (void **)&dma->vaddr, 1751 BUS_DMA_NOWAIT | BUS_DMA_ZERO | BUS_DMA_COHERENT, &dma->map); 1752 if (error != 0) 1753 goto fail; 1754 1755 error = bus_dmamap_load(dma->tag, dma->map, dma->vaddr, size, 1756 iwn_dma_map_addr, &dma->paddr, BUS_DMA_NOWAIT); 1757 if (error != 0) 1758 goto fail; 1759 1760 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 1761 1762 if (kvap != NULL) 1763 *kvap = dma->vaddr; 1764 1765 return 0; 1766 1767 fail: iwn_dma_contig_free(dma); 1768 return error; 1769 } 1770 1771 static void 1772 iwn_dma_contig_free(struct iwn_dma_info *dma) 1773 { 1774 if (dma->vaddr != NULL) { 1775 bus_dmamap_sync(dma->tag, dma->map, 1776 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 1777 bus_dmamap_unload(dma->tag, dma->map); 1778 bus_dmamem_free(dma->tag, dma->vaddr, dma->map); 1779 dma->vaddr = NULL; 1780 } 1781 if (dma->tag != NULL) { 1782 bus_dma_tag_destroy(dma->tag); 1783 dma->tag = NULL; 1784 } 1785 } 1786 1787 static int 1788 iwn_alloc_sched(struct iwn_softc *sc) 1789 { 1790 /* TX scheduler rings must be aligned on a 1KB boundary. */ 1791 return iwn_dma_contig_alloc(sc, &sc->sched_dma, (void **)&sc->sched, 1792 sc->schedsz, 1024); 1793 } 1794 1795 static void 1796 iwn_free_sched(struct iwn_softc *sc) 1797 { 1798 iwn_dma_contig_free(&sc->sched_dma); 1799 } 1800 1801 static int 1802 iwn_alloc_kw(struct iwn_softc *sc) 1803 { 1804 /* "Keep Warm" page must be aligned on a 4KB boundary. */ 1805 return iwn_dma_contig_alloc(sc, &sc->kw_dma, NULL, 4096, 4096); 1806 } 1807 1808 static void 1809 iwn_free_kw(struct iwn_softc *sc) 1810 { 1811 iwn_dma_contig_free(&sc->kw_dma); 1812 } 1813 1814 static int 1815 iwn_alloc_ict(struct iwn_softc *sc) 1816 { 1817 /* ICT table must be aligned on a 4KB boundary. */ 1818 return iwn_dma_contig_alloc(sc, &sc->ict_dma, (void **)&sc->ict, 1819 IWN_ICT_SIZE, 4096); 1820 } 1821 1822 static void 1823 iwn_free_ict(struct iwn_softc *sc) 1824 { 1825 iwn_dma_contig_free(&sc->ict_dma); 1826 } 1827 1828 static int 1829 iwn_alloc_fwmem(struct iwn_softc *sc) 1830 { 1831 /* Must be aligned on a 16-byte boundary. */ 1832 return iwn_dma_contig_alloc(sc, &sc->fw_dma, NULL, sc->fwsz, 16); 1833 } 1834 1835 static void 1836 iwn_free_fwmem(struct iwn_softc *sc) 1837 { 1838 iwn_dma_contig_free(&sc->fw_dma); 1839 } 1840 1841 static int 1842 iwn_alloc_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1843 { 1844 bus_size_t size; 1845 int i, error; 1846 1847 ring->cur = 0; 1848 1849 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 1850 1851 /* Allocate RX descriptors (256-byte aligned). */ 1852 size = IWN_RX_RING_COUNT * sizeof (uint32_t); 1853 error = iwn_dma_contig_alloc(sc, &ring->desc_dma, (void **)&ring->desc, 1854 size, 256); 1855 if (error != 0) { 1856 device_printf(sc->sc_dev, 1857 "%s: could not allocate RX ring DMA memory, error %d\n", 1858 __func__, error); 1859 goto fail; 1860 } 1861 1862 /* Allocate RX status area (16-byte aligned). */ 1863 error = iwn_dma_contig_alloc(sc, &ring->stat_dma, (void **)&ring->stat, 1864 sizeof (struct iwn_rx_status), 16); 1865 if (error != 0) { 1866 device_printf(sc->sc_dev, 1867 "%s: could not allocate RX status DMA memory, error %d\n", 1868 __func__, error); 1869 goto fail; 1870 } 1871 1872 /* Create RX buffer DMA tag. */ 1873 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 1874 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 1875 IWN_RBUF_SIZE, 1, IWN_RBUF_SIZE, 0, NULL, NULL, &ring->data_dmat); 1876 if (error != 0) { 1877 device_printf(sc->sc_dev, 1878 "%s: could not create RX buf DMA tag, error %d\n", 1879 __func__, error); 1880 goto fail; 1881 } 1882 1883 /* 1884 * Allocate and map RX buffers. 1885 */ 1886 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1887 struct iwn_rx_data *data = &ring->data[i]; 1888 bus_addr_t paddr; 1889 1890 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 1891 if (error != 0) { 1892 device_printf(sc->sc_dev, 1893 "%s: could not create RX buf DMA map, error %d\n", 1894 __func__, error); 1895 goto fail; 1896 } 1897 1898 data->m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 1899 IWN_RBUF_SIZE); 1900 if (data->m == NULL) { 1901 device_printf(sc->sc_dev, 1902 "%s: could not allocate RX mbuf\n", __func__); 1903 error = ENOBUFS; 1904 goto fail; 1905 } 1906 1907 error = bus_dmamap_load(ring->data_dmat, data->map, 1908 mtod(data->m, void *), IWN_RBUF_SIZE, iwn_dma_map_addr, 1909 &paddr, BUS_DMA_NOWAIT); 1910 if (error != 0 && error != EFBIG) { 1911 device_printf(sc->sc_dev, 1912 "%s: can't map mbuf, error %d\n", __func__, 1913 error); 1914 goto fail; 1915 } 1916 1917 bus_dmamap_sync(ring->data_dmat, data->map, 1918 BUS_DMASYNC_PREREAD); 1919 1920 /* Set physical address of RX buffer (256-byte aligned). */ 1921 ring->desc[i] = htole32(paddr >> 8); 1922 } 1923 1924 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 1925 BUS_DMASYNC_PREWRITE); 1926 1927 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 1928 1929 return 0; 1930 1931 fail: iwn_free_rx_ring(sc, ring); 1932 1933 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end in error\n",__func__); 1934 1935 return error; 1936 } 1937 1938 static void 1939 iwn_reset_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1940 { 1941 int ntries; 1942 1943 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 1944 1945 if (iwn_nic_lock(sc) == 0) { 1946 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 1947 for (ntries = 0; ntries < 1000; ntries++) { 1948 if (IWN_READ(sc, IWN_FH_RX_STATUS) & 1949 IWN_FH_RX_STATUS_IDLE) 1950 break; 1951 DELAY(10); 1952 } 1953 iwn_nic_unlock(sc); 1954 } 1955 ring->cur = 0; 1956 sc->last_rx_valid = 0; 1957 } 1958 1959 static void 1960 iwn_free_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 1961 { 1962 int i; 1963 1964 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s \n", __func__); 1965 1966 iwn_dma_contig_free(&ring->desc_dma); 1967 iwn_dma_contig_free(&ring->stat_dma); 1968 1969 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 1970 struct iwn_rx_data *data = &ring->data[i]; 1971 1972 if (data->m != NULL) { 1973 bus_dmamap_sync(ring->data_dmat, data->map, 1974 BUS_DMASYNC_POSTREAD); 1975 bus_dmamap_unload(ring->data_dmat, data->map); 1976 m_freem(data->m); 1977 data->m = NULL; 1978 } 1979 if (data->map != NULL) 1980 bus_dmamap_destroy(ring->data_dmat, data->map); 1981 } 1982 if (ring->data_dmat != NULL) { 1983 bus_dma_tag_destroy(ring->data_dmat); 1984 ring->data_dmat = NULL; 1985 } 1986 } 1987 1988 static int 1989 iwn_alloc_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring, int qid) 1990 { 1991 bus_addr_t paddr; 1992 bus_size_t size; 1993 int i, error; 1994 1995 ring->qid = qid; 1996 ring->queued = 0; 1997 ring->cur = 0; 1998 1999 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2000 2001 /* Allocate TX descriptors (256-byte aligned). */ 2002 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_desc); 2003 error = iwn_dma_contig_alloc(sc, &ring->desc_dma, (void **)&ring->desc, 2004 size, 256); 2005 if (error != 0) { 2006 device_printf(sc->sc_dev, 2007 "%s: could not allocate TX ring DMA memory, error %d\n", 2008 __func__, error); 2009 goto fail; 2010 } 2011 2012 size = IWN_TX_RING_COUNT * sizeof (struct iwn_tx_cmd); 2013 error = iwn_dma_contig_alloc(sc, &ring->cmd_dma, (void **)&ring->cmd, 2014 size, 4); 2015 if (error != 0) { 2016 device_printf(sc->sc_dev, 2017 "%s: could not allocate TX cmd DMA memory, error %d\n", 2018 __func__, error); 2019 goto fail; 2020 } 2021 2022 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 2023 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 2024 IWN_MAX_SCATTER - 1, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 2025 if (error != 0) { 2026 device_printf(sc->sc_dev, 2027 "%s: could not create TX buf DMA tag, error %d\n", 2028 __func__, error); 2029 goto fail; 2030 } 2031 2032 paddr = ring->cmd_dma.paddr; 2033 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 2034 struct iwn_tx_data *data = &ring->data[i]; 2035 2036 data->cmd_paddr = paddr; 2037 data->scratch_paddr = paddr + 12; 2038 paddr += sizeof (struct iwn_tx_cmd); 2039 2040 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 2041 if (error != 0) { 2042 device_printf(sc->sc_dev, 2043 "%s: could not create TX buf DMA map, error %d\n", 2044 __func__, error); 2045 goto fail; 2046 } 2047 } 2048 2049 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2050 2051 return 0; 2052 2053 fail: iwn_free_tx_ring(sc, ring); 2054 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end in error\n", __func__); 2055 return error; 2056 } 2057 2058 static void 2059 iwn_reset_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 2060 { 2061 int i; 2062 2063 DPRINTF(sc, IWN_DEBUG_TRACE, "->doing %s \n", __func__); 2064 2065 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 2066 struct iwn_tx_data *data = &ring->data[i]; 2067 2068 if (data->m != NULL) { 2069 bus_dmamap_sync(ring->data_dmat, data->map, 2070 BUS_DMASYNC_POSTWRITE); 2071 bus_dmamap_unload(ring->data_dmat, data->map); 2072 m_freem(data->m); 2073 data->m = NULL; 2074 } 2075 if (data->ni != NULL) { 2076 ieee80211_free_node(data->ni); 2077 data->ni = NULL; 2078 } 2079 data->remapped = 0; 2080 data->long_retries = 0; 2081 } 2082 /* Clear TX descriptors. */ 2083 memset(ring->desc, 0, ring->desc_dma.size); 2084 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 2085 BUS_DMASYNC_PREWRITE); 2086 sc->qfullmsk &= ~(1 << ring->qid); 2087 ring->queued = 0; 2088 ring->cur = 0; 2089 } 2090 2091 static void 2092 iwn_free_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 2093 { 2094 int i; 2095 2096 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s \n", __func__); 2097 2098 iwn_dma_contig_free(&ring->desc_dma); 2099 iwn_dma_contig_free(&ring->cmd_dma); 2100 2101 for (i = 0; i < IWN_TX_RING_COUNT; i++) { 2102 struct iwn_tx_data *data = &ring->data[i]; 2103 2104 if (data->m != NULL) { 2105 bus_dmamap_sync(ring->data_dmat, data->map, 2106 BUS_DMASYNC_POSTWRITE); 2107 bus_dmamap_unload(ring->data_dmat, data->map); 2108 m_freem(data->m); 2109 } 2110 if (data->map != NULL) 2111 bus_dmamap_destroy(ring->data_dmat, data->map); 2112 } 2113 if (ring->data_dmat != NULL) { 2114 bus_dma_tag_destroy(ring->data_dmat); 2115 ring->data_dmat = NULL; 2116 } 2117 } 2118 2119 static void 2120 iwn_check_tx_ring(struct iwn_softc *sc, int qid) 2121 { 2122 struct iwn_tx_ring *ring = &sc->txq[qid]; 2123 2124 KASSERT(ring->queued >= 0, ("%s: ring->queued (%d) for queue %d < 0!", 2125 __func__, ring->queued, qid)); 2126 2127 if (qid >= sc->firstaggqueue) { 2128 struct iwn_ops *ops = &sc->ops; 2129 struct ieee80211_tx_ampdu *tap = sc->qid2tap[qid]; 2130 2131 if (ring->queued == 0 && !IEEE80211_AMPDU_RUNNING(tap)) { 2132 uint16_t ssn = tap->txa_start & 0xfff; 2133 uint8_t tid = tap->txa_tid; 2134 int *res = tap->txa_private; 2135 2136 iwn_nic_lock(sc); 2137 ops->ampdu_tx_stop(sc, qid, tid, ssn); 2138 iwn_nic_unlock(sc); 2139 2140 sc->qid2tap[qid] = NULL; 2141 free(res, M_DEVBUF); 2142 } 2143 } 2144 2145 if (ring->queued < IWN_TX_RING_LOMARK) { 2146 sc->qfullmsk &= ~(1 << qid); 2147 2148 if (ring->queued == 0) 2149 sc->sc_tx_timer = 0; 2150 else 2151 sc->sc_tx_timer = 5; 2152 } 2153 } 2154 2155 static void 2156 iwn5000_ict_reset(struct iwn_softc *sc) 2157 { 2158 /* Disable interrupts. */ 2159 IWN_WRITE(sc, IWN_INT_MASK, 0); 2160 2161 /* Reset ICT table. */ 2162 memset(sc->ict, 0, IWN_ICT_SIZE); 2163 sc->ict_cur = 0; 2164 2165 bus_dmamap_sync(sc->ict_dma.tag, sc->ict_dma.map, 2166 BUS_DMASYNC_PREWRITE); 2167 2168 /* Set physical address of ICT table (4KB aligned). */ 2169 DPRINTF(sc, IWN_DEBUG_RESET, "%s: enabling ICT\n", __func__); 2170 IWN_WRITE(sc, IWN_DRAM_INT_TBL, IWN_DRAM_INT_TBL_ENABLE | 2171 IWN_DRAM_INT_TBL_WRAP_CHECK | sc->ict_dma.paddr >> 12); 2172 2173 /* Enable periodic RX interrupt. */ 2174 sc->int_mask |= IWN_INT_RX_PERIODIC; 2175 /* Switch to ICT interrupt mode in driver. */ 2176 sc->sc_flags |= IWN_FLAG_USE_ICT; 2177 2178 /* Re-enable interrupts. */ 2179 IWN_WRITE(sc, IWN_INT, 0xffffffff); 2180 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 2181 } 2182 2183 static int 2184 iwn_read_eeprom(struct iwn_softc *sc, uint8_t macaddr[IEEE80211_ADDR_LEN]) 2185 { 2186 struct iwn_ops *ops = &sc->ops; 2187 uint16_t val; 2188 int error; 2189 2190 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2191 2192 /* Check whether adapter has an EEPROM or an OTPROM. */ 2193 if (sc->hw_type >= IWN_HW_REV_TYPE_1000 && 2194 (IWN_READ(sc, IWN_OTP_GP) & IWN_OTP_GP_DEV_SEL_OTP)) 2195 sc->sc_flags |= IWN_FLAG_HAS_OTPROM; 2196 DPRINTF(sc, IWN_DEBUG_RESET, "%s found\n", 2197 (sc->sc_flags & IWN_FLAG_HAS_OTPROM) ? "OTPROM" : "EEPROM"); 2198 2199 /* Adapter has to be powered on for EEPROM access to work. */ 2200 if ((error = iwn_apm_init(sc)) != 0) { 2201 device_printf(sc->sc_dev, 2202 "%s: could not power ON adapter, error %d\n", __func__, 2203 error); 2204 return error; 2205 } 2206 2207 if ((IWN_READ(sc, IWN_EEPROM_GP) & 0x7) == 0) { 2208 device_printf(sc->sc_dev, "%s: bad ROM signature\n", __func__); 2209 return EIO; 2210 } 2211 if ((error = iwn_eeprom_lock(sc)) != 0) { 2212 device_printf(sc->sc_dev, "%s: could not lock ROM, error %d\n", 2213 __func__, error); 2214 return error; 2215 } 2216 if (sc->sc_flags & IWN_FLAG_HAS_OTPROM) { 2217 if ((error = iwn_init_otprom(sc)) != 0) { 2218 device_printf(sc->sc_dev, 2219 "%s: could not initialize OTPROM, error %d\n", 2220 __func__, error); 2221 return error; 2222 } 2223 } 2224 2225 iwn_read_prom_data(sc, IWN_EEPROM_SKU_CAP, &val, 2); 2226 DPRINTF(sc, IWN_DEBUG_RESET, "SKU capabilities=0x%04x\n", le16toh(val)); 2227 /* Check if HT support is bonded out. */ 2228 if (val & htole16(IWN_EEPROM_SKU_CAP_11N)) 2229 sc->sc_flags |= IWN_FLAG_HAS_11N; 2230 2231 iwn_read_prom_data(sc, IWN_EEPROM_RFCFG, &val, 2); 2232 sc->rfcfg = le16toh(val); 2233 DPRINTF(sc, IWN_DEBUG_RESET, "radio config=0x%04x\n", sc->rfcfg); 2234 /* Read Tx/Rx chains from ROM unless it's known to be broken. */ 2235 if (sc->txchainmask == 0) 2236 sc->txchainmask = IWN_RFCFG_TXANTMSK(sc->rfcfg); 2237 if (sc->rxchainmask == 0) 2238 sc->rxchainmask = IWN_RFCFG_RXANTMSK(sc->rfcfg); 2239 2240 /* Read MAC address. */ 2241 iwn_read_prom_data(sc, IWN_EEPROM_MAC, macaddr, 6); 2242 2243 /* Read adapter-specific information from EEPROM. */ 2244 ops->read_eeprom(sc); 2245 2246 iwn_apm_stop(sc); /* Power OFF adapter. */ 2247 2248 iwn_eeprom_unlock(sc); 2249 2250 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2251 2252 return 0; 2253 } 2254 2255 static void 2256 iwn4965_read_eeprom(struct iwn_softc *sc) 2257 { 2258 uint32_t addr; 2259 uint16_t val; 2260 int i; 2261 2262 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2263 2264 /* Read regulatory domain (4 ASCII characters). */ 2265 iwn_read_prom_data(sc, IWN4965_EEPROM_DOMAIN, sc->eeprom_domain, 4); 2266 2267 /* Read the list of authorized channels (20MHz & 40MHz). */ 2268 for (i = 0; i < IWN_NBANDS - 1; i++) { 2269 addr = iwn4965_regulatory_bands[i]; 2270 iwn_read_eeprom_channels(sc, i, addr); 2271 } 2272 2273 /* Read maximum allowed TX power for 2GHz and 5GHz bands. */ 2274 iwn_read_prom_data(sc, IWN4965_EEPROM_MAXPOW, &val, 2); 2275 sc->maxpwr2GHz = val & 0xff; 2276 sc->maxpwr5GHz = val >> 8; 2277 /* Check that EEPROM values are within valid range. */ 2278 if (sc->maxpwr5GHz < 20 || sc->maxpwr5GHz > 50) 2279 sc->maxpwr5GHz = 38; 2280 if (sc->maxpwr2GHz < 20 || sc->maxpwr2GHz > 50) 2281 sc->maxpwr2GHz = 38; 2282 DPRINTF(sc, IWN_DEBUG_RESET, "maxpwr 2GHz=%d 5GHz=%d\n", 2283 sc->maxpwr2GHz, sc->maxpwr5GHz); 2284 2285 /* Read samples for each TX power group. */ 2286 iwn_read_prom_data(sc, IWN4965_EEPROM_BANDS, sc->bands, 2287 sizeof sc->bands); 2288 2289 /* Read voltage at which samples were taken. */ 2290 iwn_read_prom_data(sc, IWN4965_EEPROM_VOLTAGE, &val, 2); 2291 sc->eeprom_voltage = (int16_t)le16toh(val); 2292 DPRINTF(sc, IWN_DEBUG_RESET, "voltage=%d (in 0.3V)\n", 2293 sc->eeprom_voltage); 2294 2295 #ifdef IWN_DEBUG 2296 /* Print samples. */ 2297 if (sc->sc_debug & IWN_DEBUG_ANY) { 2298 for (i = 0; i < IWN_NBANDS - 1; i++) 2299 iwn4965_print_power_group(sc, i); 2300 } 2301 #endif 2302 2303 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2304 } 2305 2306 #ifdef IWN_DEBUG 2307 static void 2308 iwn4965_print_power_group(struct iwn_softc *sc, int i) 2309 { 2310 struct iwn4965_eeprom_band *band = &sc->bands[i]; 2311 struct iwn4965_eeprom_chan_samples *chans = band->chans; 2312 int j, c; 2313 2314 printf("===band %d===\n", i); 2315 printf("chan lo=%d, chan hi=%d\n", band->lo, band->hi); 2316 printf("chan1 num=%d\n", chans[0].num); 2317 for (c = 0; c < 2; c++) { 2318 for (j = 0; j < IWN_NSAMPLES; j++) { 2319 printf("chain %d, sample %d: temp=%d gain=%d " 2320 "power=%d pa_det=%d\n", c, j, 2321 chans[0].samples[c][j].temp, 2322 chans[0].samples[c][j].gain, 2323 chans[0].samples[c][j].power, 2324 chans[0].samples[c][j].pa_det); 2325 } 2326 } 2327 printf("chan2 num=%d\n", chans[1].num); 2328 for (c = 0; c < 2; c++) { 2329 for (j = 0; j < IWN_NSAMPLES; j++) { 2330 printf("chain %d, sample %d: temp=%d gain=%d " 2331 "power=%d pa_det=%d\n", c, j, 2332 chans[1].samples[c][j].temp, 2333 chans[1].samples[c][j].gain, 2334 chans[1].samples[c][j].power, 2335 chans[1].samples[c][j].pa_det); 2336 } 2337 } 2338 } 2339 #endif 2340 2341 static void 2342 iwn5000_read_eeprom(struct iwn_softc *sc) 2343 { 2344 struct iwn5000_eeprom_calib_hdr hdr; 2345 int32_t volt; 2346 uint32_t base, addr; 2347 uint16_t val; 2348 int i; 2349 2350 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2351 2352 /* Read regulatory domain (4 ASCII characters). */ 2353 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 2354 base = le16toh(val); 2355 iwn_read_prom_data(sc, base + IWN5000_EEPROM_DOMAIN, 2356 sc->eeprom_domain, 4); 2357 2358 /* Read the list of authorized channels (20MHz & 40MHz). */ 2359 for (i = 0; i < IWN_NBANDS - 1; i++) { 2360 addr = base + sc->base_params->regulatory_bands[i]; 2361 iwn_read_eeprom_channels(sc, i, addr); 2362 } 2363 2364 /* Read enhanced TX power information for 6000 Series. */ 2365 if (sc->base_params->enhanced_TX_power) 2366 iwn_read_eeprom_enhinfo(sc); 2367 2368 iwn_read_prom_data(sc, IWN5000_EEPROM_CAL, &val, 2); 2369 base = le16toh(val); 2370 iwn_read_prom_data(sc, base, &hdr, sizeof hdr); 2371 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 2372 "%s: calib version=%u pa type=%u voltage=%u\n", __func__, 2373 hdr.version, hdr.pa_type, le16toh(hdr.volt)); 2374 sc->calib_ver = hdr.version; 2375 2376 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2) { 2377 sc->eeprom_voltage = le16toh(hdr.volt); 2378 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 2379 sc->eeprom_temp_high=le16toh(val); 2380 iwn_read_prom_data(sc, base + IWN5000_EEPROM_VOLT, &val, 2); 2381 sc->eeprom_temp = le16toh(val); 2382 } 2383 2384 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 2385 /* Compute temperature offset. */ 2386 iwn_read_prom_data(sc, base + IWN5000_EEPROM_TEMP, &val, 2); 2387 sc->eeprom_temp = le16toh(val); 2388 iwn_read_prom_data(sc, base + IWN5000_EEPROM_VOLT, &val, 2); 2389 volt = le16toh(val); 2390 sc->temp_off = sc->eeprom_temp - (volt / -5); 2391 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "temp=%d volt=%d offset=%dK\n", 2392 sc->eeprom_temp, volt, sc->temp_off); 2393 } else { 2394 /* Read crystal calibration. */ 2395 iwn_read_prom_data(sc, base + IWN5000_EEPROM_CRYSTAL, 2396 &sc->eeprom_crystal, sizeof (uint32_t)); 2397 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "crystal calibration 0x%08x\n", 2398 le32toh(sc->eeprom_crystal)); 2399 } 2400 2401 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2402 2403 } 2404 2405 /* 2406 * Translate EEPROM flags to net80211. 2407 */ 2408 static uint32_t 2409 iwn_eeprom_channel_flags(struct iwn_eeprom_chan *channel) 2410 { 2411 uint32_t nflags; 2412 2413 nflags = 0; 2414 if ((channel->flags & IWN_EEPROM_CHAN_ACTIVE) == 0) 2415 nflags |= IEEE80211_CHAN_PASSIVE; 2416 if ((channel->flags & IWN_EEPROM_CHAN_IBSS) == 0) 2417 nflags |= IEEE80211_CHAN_NOADHOC; 2418 if (channel->flags & IWN_EEPROM_CHAN_RADAR) { 2419 nflags |= IEEE80211_CHAN_DFS; 2420 /* XXX apparently IBSS may still be marked */ 2421 nflags |= IEEE80211_CHAN_NOADHOC; 2422 } 2423 2424 return nflags; 2425 } 2426 2427 static void 2428 iwn_read_eeprom_band(struct iwn_softc *sc, int n, int maxchans, int *nchans, 2429 struct ieee80211_channel chans[]) 2430 { 2431 struct iwn_eeprom_chan *channels = sc->eeprom_channels[n]; 2432 const struct iwn_chan_band *band = &iwn_bands[n]; 2433 uint8_t bands[IEEE80211_MODE_BYTES]; 2434 uint8_t chan; 2435 int i, error, nflags; 2436 2437 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2438 2439 memset(bands, 0, sizeof(bands)); 2440 if (n == 0) { 2441 setbit(bands, IEEE80211_MODE_11B); 2442 setbit(bands, IEEE80211_MODE_11G); 2443 if (sc->sc_flags & IWN_FLAG_HAS_11N) 2444 setbit(bands, IEEE80211_MODE_11NG); 2445 } else { 2446 setbit(bands, IEEE80211_MODE_11A); 2447 if (sc->sc_flags & IWN_FLAG_HAS_11N) 2448 setbit(bands, IEEE80211_MODE_11NA); 2449 } 2450 2451 for (i = 0; i < band->nchan; i++) { 2452 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) { 2453 DPRINTF(sc, IWN_DEBUG_RESET, 2454 "skip chan %d flags 0x%x maxpwr %d\n", 2455 band->chan[i], channels[i].flags, 2456 channels[i].maxpwr); 2457 continue; 2458 } 2459 2460 chan = band->chan[i]; 2461 nflags = iwn_eeprom_channel_flags(&channels[i]); 2462 error = ieee80211_add_channel(chans, maxchans, nchans, 2463 chan, 0, channels[i].maxpwr, nflags, bands); 2464 if (error != 0) 2465 break; 2466 2467 /* Save maximum allowed TX power for this channel. */ 2468 /* XXX wrong */ 2469 sc->maxpwr[chan] = channels[i].maxpwr; 2470 2471 DPRINTF(sc, IWN_DEBUG_RESET, 2472 "add chan %d flags 0x%x maxpwr %d\n", chan, 2473 channels[i].flags, channels[i].maxpwr); 2474 } 2475 2476 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2477 2478 } 2479 2480 static void 2481 iwn_read_eeprom_ht40(struct iwn_softc *sc, int n, int maxchans, int *nchans, 2482 struct ieee80211_channel chans[]) 2483 { 2484 struct iwn_eeprom_chan *channels = sc->eeprom_channels[n]; 2485 const struct iwn_chan_band *band = &iwn_bands[n]; 2486 uint8_t chan; 2487 int i, error, nflags; 2488 2489 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s start\n", __func__); 2490 2491 if (!(sc->sc_flags & IWN_FLAG_HAS_11N)) { 2492 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end no 11n\n", __func__); 2493 return; 2494 } 2495 2496 for (i = 0; i < band->nchan; i++) { 2497 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) { 2498 DPRINTF(sc, IWN_DEBUG_RESET, 2499 "skip chan %d flags 0x%x maxpwr %d\n", 2500 band->chan[i], channels[i].flags, 2501 channels[i].maxpwr); 2502 continue; 2503 } 2504 2505 chan = band->chan[i]; 2506 nflags = iwn_eeprom_channel_flags(&channels[i]); 2507 nflags |= (n == 5 ? IEEE80211_CHAN_G : IEEE80211_CHAN_A); 2508 error = ieee80211_add_channel_ht40(chans, maxchans, nchans, 2509 chan, channels[i].maxpwr, nflags); 2510 switch (error) { 2511 case EINVAL: 2512 device_printf(sc->sc_dev, 2513 "%s: no entry for channel %d\n", __func__, chan); 2514 continue; 2515 case ENOENT: 2516 DPRINTF(sc, IWN_DEBUG_RESET, 2517 "%s: skip chan %d, extension channel not found\n", 2518 __func__, chan); 2519 continue; 2520 case ENOBUFS: 2521 device_printf(sc->sc_dev, 2522 "%s: channel table is full!\n", __func__); 2523 break; 2524 case 0: 2525 DPRINTF(sc, IWN_DEBUG_RESET, 2526 "add ht40 chan %d flags 0x%x maxpwr %d\n", 2527 chan, channels[i].flags, channels[i].maxpwr); 2528 /* FALLTHROUGH */ 2529 default: 2530 break; 2531 } 2532 } 2533 2534 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2535 2536 } 2537 2538 static void 2539 iwn_read_eeprom_channels(struct iwn_softc *sc, int n, uint32_t addr) 2540 { 2541 struct ieee80211com *ic = &sc->sc_ic; 2542 2543 iwn_read_prom_data(sc, addr, &sc->eeprom_channels[n], 2544 iwn_bands[n].nchan * sizeof (struct iwn_eeprom_chan)); 2545 2546 if (n < 5) { 2547 iwn_read_eeprom_band(sc, n, IEEE80211_CHAN_MAX, &ic->ic_nchans, 2548 ic->ic_channels); 2549 } else { 2550 iwn_read_eeprom_ht40(sc, n, IEEE80211_CHAN_MAX, &ic->ic_nchans, 2551 ic->ic_channels); 2552 } 2553 ieee80211_sort_channels(ic->ic_channels, ic->ic_nchans); 2554 } 2555 2556 static struct iwn_eeprom_chan * 2557 iwn_find_eeprom_channel(struct iwn_softc *sc, struct ieee80211_channel *c) 2558 { 2559 int band, chan, i, j; 2560 2561 if (IEEE80211_IS_CHAN_HT40(c)) { 2562 band = IEEE80211_IS_CHAN_5GHZ(c) ? 6 : 5; 2563 if (IEEE80211_IS_CHAN_HT40D(c)) 2564 chan = c->ic_extieee; 2565 else 2566 chan = c->ic_ieee; 2567 for (i = 0; i < iwn_bands[band].nchan; i++) { 2568 if (iwn_bands[band].chan[i] == chan) 2569 return &sc->eeprom_channels[band][i]; 2570 } 2571 } else { 2572 for (j = 0; j < 5; j++) { 2573 for (i = 0; i < iwn_bands[j].nchan; i++) { 2574 if (iwn_bands[j].chan[i] == c->ic_ieee && 2575 ((j == 0) ^ IEEE80211_IS_CHAN_A(c)) == 1) 2576 return &sc->eeprom_channels[j][i]; 2577 } 2578 } 2579 } 2580 return NULL; 2581 } 2582 2583 static void 2584 iwn_getradiocaps(struct ieee80211com *ic, 2585 int maxchans, int *nchans, struct ieee80211_channel chans[]) 2586 { 2587 struct iwn_softc *sc = ic->ic_softc; 2588 int i; 2589 2590 /* Parse the list of authorized channels. */ 2591 for (i = 0; i < 5 && *nchans < maxchans; i++) 2592 iwn_read_eeprom_band(sc, i, maxchans, nchans, chans); 2593 for (i = 5; i < IWN_NBANDS - 1 && *nchans < maxchans; i++) 2594 iwn_read_eeprom_ht40(sc, i, maxchans, nchans, chans); 2595 } 2596 2597 /* 2598 * Enforce flags read from EEPROM. 2599 */ 2600 static int 2601 iwn_setregdomain(struct ieee80211com *ic, struct ieee80211_regdomain *rd, 2602 int nchan, struct ieee80211_channel chans[]) 2603 { 2604 struct iwn_softc *sc = ic->ic_softc; 2605 int i; 2606 2607 for (i = 0; i < nchan; i++) { 2608 struct ieee80211_channel *c = &chans[i]; 2609 struct iwn_eeprom_chan *channel; 2610 2611 channel = iwn_find_eeprom_channel(sc, c); 2612 if (channel == NULL) { 2613 ic_printf(ic, "%s: invalid channel %u freq %u/0x%x\n", 2614 __func__, c->ic_ieee, c->ic_freq, c->ic_flags); 2615 return EINVAL; 2616 } 2617 c->ic_flags |= iwn_eeprom_channel_flags(channel); 2618 } 2619 2620 return 0; 2621 } 2622 2623 static void 2624 iwn_read_eeprom_enhinfo(struct iwn_softc *sc) 2625 { 2626 struct iwn_eeprom_enhinfo enhinfo[35]; 2627 struct ieee80211com *ic = &sc->sc_ic; 2628 struct ieee80211_channel *c; 2629 uint16_t val, base; 2630 int8_t maxpwr; 2631 uint8_t flags; 2632 int i, j; 2633 2634 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2635 2636 iwn_read_prom_data(sc, IWN5000_EEPROM_REG, &val, 2); 2637 base = le16toh(val); 2638 iwn_read_prom_data(sc, base + IWN6000_EEPROM_ENHINFO, 2639 enhinfo, sizeof enhinfo); 2640 2641 for (i = 0; i < nitems(enhinfo); i++) { 2642 flags = enhinfo[i].flags; 2643 if (!(flags & IWN_ENHINFO_VALID)) 2644 continue; /* Skip invalid entries. */ 2645 2646 maxpwr = 0; 2647 if (sc->txchainmask & IWN_ANT_A) 2648 maxpwr = MAX(maxpwr, enhinfo[i].chain[0]); 2649 if (sc->txchainmask & IWN_ANT_B) 2650 maxpwr = MAX(maxpwr, enhinfo[i].chain[1]); 2651 if (sc->txchainmask & IWN_ANT_C) 2652 maxpwr = MAX(maxpwr, enhinfo[i].chain[2]); 2653 if (sc->ntxchains == 2) 2654 maxpwr = MAX(maxpwr, enhinfo[i].mimo2); 2655 else if (sc->ntxchains == 3) 2656 maxpwr = MAX(maxpwr, enhinfo[i].mimo3); 2657 2658 for (j = 0; j < ic->ic_nchans; j++) { 2659 c = &ic->ic_channels[j]; 2660 if ((flags & IWN_ENHINFO_5GHZ)) { 2661 if (!IEEE80211_IS_CHAN_A(c)) 2662 continue; 2663 } else if ((flags & IWN_ENHINFO_OFDM)) { 2664 if (!IEEE80211_IS_CHAN_G(c)) 2665 continue; 2666 } else if (!IEEE80211_IS_CHAN_B(c)) 2667 continue; 2668 if ((flags & IWN_ENHINFO_HT40)) { 2669 if (!IEEE80211_IS_CHAN_HT40(c)) 2670 continue; 2671 } else { 2672 if (IEEE80211_IS_CHAN_HT40(c)) 2673 continue; 2674 } 2675 if (enhinfo[i].chan != 0 && 2676 enhinfo[i].chan != c->ic_ieee) 2677 continue; 2678 2679 DPRINTF(sc, IWN_DEBUG_RESET, 2680 "channel %d(%x), maxpwr %d\n", c->ic_ieee, 2681 c->ic_flags, maxpwr / 2); 2682 c->ic_maxregpower = maxpwr / 2; 2683 c->ic_maxpower = maxpwr; 2684 } 2685 } 2686 2687 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end\n", __func__); 2688 2689 } 2690 2691 static struct ieee80211_node * 2692 iwn_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 2693 { 2694 struct iwn_node *wn; 2695 2696 wn = malloc(sizeof (struct iwn_node), M_80211_NODE, M_NOWAIT | M_ZERO); 2697 if (wn == NULL) 2698 return (NULL); 2699 2700 wn->id = IWN_ID_UNDEFINED; 2701 2702 return (&wn->ni); 2703 } 2704 2705 static __inline int 2706 rate2plcp(int rate) 2707 { 2708 switch (rate & 0xff) { 2709 case 12: return 0xd; 2710 case 18: return 0xf; 2711 case 24: return 0x5; 2712 case 36: return 0x7; 2713 case 48: return 0x9; 2714 case 72: return 0xb; 2715 case 96: return 0x1; 2716 case 108: return 0x3; 2717 case 2: return 10; 2718 case 4: return 20; 2719 case 11: return 55; 2720 case 22: return 110; 2721 } 2722 return 0; 2723 } 2724 2725 static __inline uint8_t 2726 plcp2rate(const uint8_t rate_plcp) 2727 { 2728 switch (rate_plcp) { 2729 case 0xd: return 12; 2730 case 0xf: return 18; 2731 case 0x5: return 24; 2732 case 0x7: return 36; 2733 case 0x9: return 48; 2734 case 0xb: return 72; 2735 case 0x1: return 96; 2736 case 0x3: return 108; 2737 case 10: return 2; 2738 case 20: return 4; 2739 case 55: return 11; 2740 case 110: return 22; 2741 default: return 0; 2742 } 2743 } 2744 2745 static int 2746 iwn_get_1stream_tx_antmask(struct iwn_softc *sc) 2747 { 2748 2749 return IWN_LSB(sc->txchainmask); 2750 } 2751 2752 static int 2753 iwn_get_2stream_tx_antmask(struct iwn_softc *sc) 2754 { 2755 int tx; 2756 2757 /* 2758 * The '2 stream' setup is a bit .. odd. 2759 * 2760 * For NICs that support only 1 antenna, default to IWN_ANT_AB or 2761 * the firmware panics (eg Intel 5100.) 2762 * 2763 * For NICs that support two antennas, we use ANT_AB. 2764 * 2765 * For NICs that support three antennas, we use the two that 2766 * wasn't the default one. 2767 * 2768 * XXX TODO: if bluetooth (full concurrent) is enabled, restrict 2769 * this to only one antenna. 2770 */ 2771 2772 /* Default - transmit on the other antennas */ 2773 tx = (sc->txchainmask & ~IWN_LSB(sc->txchainmask)); 2774 2775 /* Now, if it's zero, set it to IWN_ANT_AB, so to not panic firmware */ 2776 if (tx == 0) 2777 tx = IWN_ANT_AB; 2778 2779 /* 2780 * If the NIC is a two-stream TX NIC, configure the TX mask to 2781 * the default chainmask 2782 */ 2783 else if (sc->ntxchains == 2) 2784 tx = sc->txchainmask; 2785 2786 return (tx); 2787 } 2788 2789 2790 2791 /* 2792 * Calculate the required PLCP value from the given rate, 2793 * to the given node. 2794 * 2795 * This will take the node configuration (eg 11n, rate table 2796 * setup, etc) into consideration. 2797 */ 2798 static uint32_t 2799 iwn_rate_to_plcp(struct iwn_softc *sc, struct ieee80211_node *ni, 2800 uint8_t rate) 2801 { 2802 struct ieee80211com *ic = ni->ni_ic; 2803 uint32_t plcp = 0; 2804 int ridx; 2805 2806 /* 2807 * If it's an MCS rate, let's set the plcp correctly 2808 * and set the relevant flags based on the node config. 2809 */ 2810 if (rate & IEEE80211_RATE_MCS) { 2811 /* 2812 * Set the initial PLCP value to be between 0->31 for 2813 * MCS 0 -> MCS 31, then set the "I'm an MCS rate!" 2814 * flag. 2815 */ 2816 plcp = IEEE80211_RV(rate) | IWN_RFLAG_MCS; 2817 2818 /* 2819 * XXX the following should only occur if both 2820 * the local configuration _and_ the remote node 2821 * advertise these capabilities. Thus this code 2822 * may need fixing! 2823 */ 2824 2825 /* 2826 * Set the channel width and guard interval. 2827 */ 2828 if (IEEE80211_IS_CHAN_HT40(ni->ni_chan)) { 2829 plcp |= IWN_RFLAG_HT40; 2830 if (ni->ni_htcap & IEEE80211_HTCAP_SHORTGI40) 2831 plcp |= IWN_RFLAG_SGI; 2832 } else if (ni->ni_htcap & IEEE80211_HTCAP_SHORTGI20) { 2833 plcp |= IWN_RFLAG_SGI; 2834 } 2835 2836 /* 2837 * Ensure the selected rate matches the link quality 2838 * table entries being used. 2839 */ 2840 if (rate > 0x8f) 2841 plcp |= IWN_RFLAG_ANT(sc->txchainmask); 2842 else if (rate > 0x87) 2843 plcp |= IWN_RFLAG_ANT(iwn_get_2stream_tx_antmask(sc)); 2844 else 2845 plcp |= IWN_RFLAG_ANT(iwn_get_1stream_tx_antmask(sc)); 2846 } else { 2847 /* 2848 * Set the initial PLCP - fine for both 2849 * OFDM and CCK rates. 2850 */ 2851 plcp = rate2plcp(rate); 2852 2853 /* Set CCK flag if it's CCK */ 2854 2855 /* XXX It would be nice to have a method 2856 * to map the ridx -> phy table entry 2857 * so we could just query that, rather than 2858 * this hack to check against IWN_RIDX_OFDM6. 2859 */ 2860 ridx = ieee80211_legacy_rate_lookup(ic->ic_rt, 2861 rate & IEEE80211_RATE_VAL); 2862 if (ridx < IWN_RIDX_OFDM6 && 2863 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 2864 plcp |= IWN_RFLAG_CCK; 2865 2866 /* Set antenna configuration */ 2867 /* XXX TODO: is this the right antenna to use for legacy? */ 2868 plcp |= IWN_RFLAG_ANT(iwn_get_1stream_tx_antmask(sc)); 2869 } 2870 2871 DPRINTF(sc, IWN_DEBUG_TXRATE, "%s: rate=0x%02x, plcp=0x%08x\n", 2872 __func__, 2873 rate, 2874 plcp); 2875 2876 return (htole32(plcp)); 2877 } 2878 2879 static void 2880 iwn_newassoc(struct ieee80211_node *ni, int isnew) 2881 { 2882 /* Doesn't do anything at the moment */ 2883 } 2884 2885 static int 2886 iwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2887 { 2888 struct iwn_vap *ivp = IWN_VAP(vap); 2889 struct ieee80211com *ic = vap->iv_ic; 2890 struct iwn_softc *sc = ic->ic_softc; 2891 int error = 0; 2892 2893 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 2894 2895 DPRINTF(sc, IWN_DEBUG_STATE, "%s: %s -> %s\n", __func__, 2896 ieee80211_state_name[vap->iv_state], ieee80211_state_name[nstate]); 2897 2898 IEEE80211_UNLOCK(ic); 2899 IWN_LOCK(sc); 2900 callout_stop(&sc->calib_to); 2901 2902 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 2903 2904 switch (nstate) { 2905 case IEEE80211_S_ASSOC: 2906 if (vap->iv_state != IEEE80211_S_RUN) 2907 break; 2908 /* FALLTHROUGH */ 2909 case IEEE80211_S_AUTH: 2910 if (vap->iv_state == IEEE80211_S_AUTH) 2911 break; 2912 2913 /* 2914 * !AUTH -> AUTH transition requires state reset to handle 2915 * reassociations correctly. 2916 */ 2917 sc->rxon->associd = 0; 2918 sc->rxon->filter &= ~htole32(IWN_FILTER_BSS); 2919 sc->calib.state = IWN_CALIB_STATE_INIT; 2920 2921 /* Wait until we hear a beacon before we transmit */ 2922 if (IEEE80211_IS_CHAN_PASSIVE(ic->ic_curchan)) 2923 sc->sc_beacon_wait = 1; 2924 2925 if ((error = iwn_auth(sc, vap)) != 0) { 2926 device_printf(sc->sc_dev, 2927 "%s: could not move to auth state\n", __func__); 2928 } 2929 break; 2930 2931 case IEEE80211_S_RUN: 2932 /* 2933 * RUN -> RUN transition; Just restart the timers. 2934 */ 2935 if (vap->iv_state == IEEE80211_S_RUN) { 2936 sc->calib_cnt = 0; 2937 break; 2938 } 2939 2940 /* Wait until we hear a beacon before we transmit */ 2941 if (IEEE80211_IS_CHAN_PASSIVE(ic->ic_curchan)) 2942 sc->sc_beacon_wait = 1; 2943 2944 /* 2945 * !RUN -> RUN requires setting the association id 2946 * which is done with a firmware cmd. We also defer 2947 * starting the timers until that work is done. 2948 */ 2949 if ((error = iwn_run(sc, vap)) != 0) { 2950 device_printf(sc->sc_dev, 2951 "%s: could not move to run state\n", __func__); 2952 } 2953 break; 2954 2955 case IEEE80211_S_INIT: 2956 sc->calib.state = IWN_CALIB_STATE_INIT; 2957 /* 2958 * Purge the xmit queue so we don't have old frames 2959 * during a new association attempt. 2960 */ 2961 sc->sc_beacon_wait = 0; 2962 iwn_xmit_queue_drain(sc); 2963 break; 2964 2965 default: 2966 break; 2967 } 2968 IWN_UNLOCK(sc); 2969 IEEE80211_LOCK(ic); 2970 if (error != 0){ 2971 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end in error\n", __func__); 2972 return error; 2973 } 2974 2975 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 2976 2977 return ivp->iv_newstate(vap, nstate, arg); 2978 } 2979 2980 static void 2981 iwn_calib_timeout(void *arg) 2982 { 2983 struct iwn_softc *sc = arg; 2984 2985 IWN_LOCK_ASSERT(sc); 2986 2987 /* Force automatic TX power calibration every 60 secs. */ 2988 if (++sc->calib_cnt >= 120) { 2989 uint32_t flags = 0; 2990 2991 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s\n", 2992 "sending request for statistics"); 2993 (void)iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, 2994 sizeof flags, 1); 2995 sc->calib_cnt = 0; 2996 } 2997 callout_reset(&sc->calib_to, msecs_to_ticks(500), iwn_calib_timeout, 2998 sc); 2999 } 3000 3001 /* 3002 * Process an RX_PHY firmware notification. This is usually immediately 3003 * followed by an MPDU_RX_DONE notification. 3004 */ 3005 static void 3006 iwn_rx_phy(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3007 { 3008 struct iwn_rx_stat *stat = (struct iwn_rx_stat *)(desc + 1); 3009 3010 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: received PHY stats\n", __func__); 3011 3012 /* Save RX statistics, they will be used on MPDU_RX_DONE. */ 3013 memcpy(&sc->last_rx_stat, stat, sizeof (*stat)); 3014 sc->last_rx_valid = 1; 3015 } 3016 3017 /* 3018 * Process an RX_DONE (4965AGN only) or MPDU_RX_DONE firmware notification. 3019 * Each MPDU_RX_DONE notification must be preceded by an RX_PHY one. 3020 */ 3021 static void 3022 iwn_rx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3023 struct iwn_rx_data *data) 3024 { 3025 struct iwn_ops *ops = &sc->ops; 3026 struct ieee80211com *ic = &sc->sc_ic; 3027 struct iwn_rx_ring *ring = &sc->rxq; 3028 struct ieee80211_frame_min *wh; 3029 struct ieee80211_node *ni; 3030 struct mbuf *m, *m1; 3031 struct iwn_rx_stat *stat; 3032 caddr_t head; 3033 bus_addr_t paddr; 3034 uint32_t flags; 3035 int error, len, rssi, nf; 3036 3037 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3038 3039 if (desc->type == IWN_MPDU_RX_DONE) { 3040 /* Check for prior RX_PHY notification. */ 3041 if (!sc->last_rx_valid) { 3042 DPRINTF(sc, IWN_DEBUG_ANY, 3043 "%s: missing RX_PHY\n", __func__); 3044 return; 3045 } 3046 stat = &sc->last_rx_stat; 3047 } else 3048 stat = (struct iwn_rx_stat *)(desc + 1); 3049 3050 if (stat->cfg_phy_len > IWN_STAT_MAXLEN) { 3051 device_printf(sc->sc_dev, 3052 "%s: invalid RX statistic header, len %d\n", __func__, 3053 stat->cfg_phy_len); 3054 return; 3055 } 3056 if (desc->type == IWN_MPDU_RX_DONE) { 3057 struct iwn_rx_mpdu *mpdu = (struct iwn_rx_mpdu *)(desc + 1); 3058 head = (caddr_t)(mpdu + 1); 3059 len = le16toh(mpdu->len); 3060 } else { 3061 head = (caddr_t)(stat + 1) + stat->cfg_phy_len; 3062 len = le16toh(stat->len); 3063 } 3064 3065 flags = le32toh(*(uint32_t *)(head + len)); 3066 3067 /* Discard frames with a bad FCS early. */ 3068 if ((flags & IWN_RX_NOERROR) != IWN_RX_NOERROR) { 3069 DPRINTF(sc, IWN_DEBUG_RECV, "%s: RX flags error %x\n", 3070 __func__, flags); 3071 counter_u64_add(ic->ic_ierrors, 1); 3072 return; 3073 } 3074 /* Discard frames that are too short. */ 3075 if (len < sizeof (struct ieee80211_frame_ack)) { 3076 DPRINTF(sc, IWN_DEBUG_RECV, "%s: frame too short: %d\n", 3077 __func__, len); 3078 counter_u64_add(ic->ic_ierrors, 1); 3079 return; 3080 } 3081 3082 m1 = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, IWN_RBUF_SIZE); 3083 if (m1 == NULL) { 3084 DPRINTF(sc, IWN_DEBUG_ANY, "%s: no mbuf to restock ring\n", 3085 __func__); 3086 counter_u64_add(ic->ic_ierrors, 1); 3087 return; 3088 } 3089 bus_dmamap_unload(ring->data_dmat, data->map); 3090 3091 error = bus_dmamap_load(ring->data_dmat, data->map, mtod(m1, void *), 3092 IWN_RBUF_SIZE, iwn_dma_map_addr, &paddr, BUS_DMA_NOWAIT); 3093 if (error != 0 && error != EFBIG) { 3094 device_printf(sc->sc_dev, 3095 "%s: bus_dmamap_load failed, error %d\n", __func__, error); 3096 m_freem(m1); 3097 3098 /* Try to reload the old mbuf. */ 3099 error = bus_dmamap_load(ring->data_dmat, data->map, 3100 mtod(data->m, void *), IWN_RBUF_SIZE, iwn_dma_map_addr, 3101 &paddr, BUS_DMA_NOWAIT); 3102 if (error != 0 && error != EFBIG) { 3103 panic("%s: could not load old RX mbuf", __func__); 3104 } 3105 bus_dmamap_sync(ring->data_dmat, data->map, 3106 BUS_DMASYNC_PREREAD); 3107 /* Physical address may have changed. */ 3108 ring->desc[ring->cur] = htole32(paddr >> 8); 3109 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 3110 BUS_DMASYNC_PREWRITE); 3111 counter_u64_add(ic->ic_ierrors, 1); 3112 return; 3113 } 3114 3115 bus_dmamap_sync(ring->data_dmat, data->map, 3116 BUS_DMASYNC_PREREAD); 3117 3118 m = data->m; 3119 data->m = m1; 3120 /* Update RX descriptor. */ 3121 ring->desc[ring->cur] = htole32(paddr >> 8); 3122 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 3123 BUS_DMASYNC_PREWRITE); 3124 3125 /* Finalize mbuf. */ 3126 m->m_data = head; 3127 m->m_pkthdr.len = m->m_len = len; 3128 3129 /* Grab a reference to the source node. */ 3130 wh = mtod(m, struct ieee80211_frame_min *); 3131 if (len >= sizeof(struct ieee80211_frame_min)) 3132 ni = ieee80211_find_rxnode(ic, wh); 3133 else 3134 ni = NULL; 3135 nf = (ni != NULL && ni->ni_vap->iv_state == IEEE80211_S_RUN && 3136 (ic->ic_flags & IEEE80211_F_SCAN) == 0) ? sc->noise : -95; 3137 3138 rssi = ops->get_rssi(sc, stat); 3139 3140 if (ieee80211_radiotap_active(ic)) { 3141 struct iwn_rx_radiotap_header *tap = &sc->sc_rxtap; 3142 uint32_t rate = le32toh(stat->rate); 3143 3144 tap->wr_flags = 0; 3145 if (stat->flags & htole16(IWN_STAT_FLAG_SHPREAMBLE)) 3146 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3147 tap->wr_dbm_antsignal = (int8_t)rssi; 3148 tap->wr_dbm_antnoise = (int8_t)nf; 3149 tap->wr_tsft = stat->tstamp; 3150 if (rate & IWN_RFLAG_MCS) { 3151 tap->wr_rate = rate & IWN_RFLAG_RATE_MCS; 3152 tap->wr_rate |= IEEE80211_RATE_MCS; 3153 } else 3154 tap->wr_rate = plcp2rate(rate & IWN_RFLAG_RATE); 3155 } 3156 3157 /* 3158 * If it's a beacon and we're waiting, then do the 3159 * wakeup. This should unblock raw_xmit/start. 3160 */ 3161 if (sc->sc_beacon_wait) { 3162 uint8_t type, subtype; 3163 /* NB: Re-assign wh */ 3164 wh = mtod(m, struct ieee80211_frame_min *); 3165 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3166 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 3167 /* 3168 * This assumes at this point we've received our own 3169 * beacon. 3170 */ 3171 DPRINTF(sc, IWN_DEBUG_TRACE, 3172 "%s: beacon_wait, type=%d, subtype=%d\n", 3173 __func__, type, subtype); 3174 if (type == IEEE80211_FC0_TYPE_MGT && 3175 subtype == IEEE80211_FC0_SUBTYPE_BEACON) { 3176 DPRINTF(sc, IWN_DEBUG_TRACE | IWN_DEBUG_XMIT, 3177 "%s: waking things up\n", __func__); 3178 /* queue taskqueue to transmit! */ 3179 taskqueue_enqueue(sc->sc_tq, &sc->sc_xmit_task); 3180 } 3181 } 3182 3183 IWN_UNLOCK(sc); 3184 3185 /* Send the frame to the 802.11 layer. */ 3186 if (ni != NULL) { 3187 if (ni->ni_flags & IEEE80211_NODE_HT) 3188 m->m_flags |= M_AMPDU; 3189 (void)ieee80211_input(ni, m, rssi - nf, nf); 3190 /* Node is no longer needed. */ 3191 ieee80211_free_node(ni); 3192 } else 3193 (void)ieee80211_input_all(ic, m, rssi - nf, nf); 3194 3195 IWN_LOCK(sc); 3196 3197 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3198 3199 } 3200 3201 static void 3202 iwn_agg_tx_complete(struct iwn_softc *sc, struct iwn_tx_ring *ring, int tid, 3203 int idx, int success) 3204 { 3205 struct ieee80211_ratectl_tx_status *txs = &sc->sc_txs; 3206 struct iwn_tx_data *data = &ring->data[idx]; 3207 struct iwn_node *wn; 3208 struct mbuf *m; 3209 struct ieee80211_node *ni; 3210 3211 KASSERT(data->ni != NULL, ("idx %d: no node", idx)); 3212 KASSERT(data->m != NULL, ("idx %d: no mbuf", idx)); 3213 3214 /* Unmap and free mbuf. */ 3215 bus_dmamap_sync(ring->data_dmat, data->map, 3216 BUS_DMASYNC_POSTWRITE); 3217 bus_dmamap_unload(ring->data_dmat, data->map); 3218 m = data->m, data->m = NULL; 3219 ni = data->ni, data->ni = NULL; 3220 wn = (void *)ni; 3221 3222 #if 0 3223 /* XXX causes significant performance degradation. */ 3224 txs->flags = IEEE80211_RATECTL_STATUS_SHORT_RETRY | 3225 IEEE80211_RATECTL_STATUS_LONG_RETRY; 3226 txs->long_retries = data->long_retries - 1; 3227 #else 3228 txs->flags = IEEE80211_RATECTL_STATUS_SHORT_RETRY; 3229 #endif 3230 txs->short_retries = wn->agg[tid].short_retries; 3231 if (success) 3232 txs->status = IEEE80211_RATECTL_TX_SUCCESS; 3233 else 3234 txs->status = IEEE80211_RATECTL_TX_FAIL_UNSPECIFIED; 3235 3236 wn->agg[tid].short_retries = 0; 3237 data->long_retries = 0; 3238 3239 DPRINTF(sc, IWN_DEBUG_AMPDU, "%s: freeing m %p ni %p idx %d qid %d\n", 3240 __func__, m, ni, idx, ring->qid); 3241 ieee80211_ratectl_tx_complete(ni, txs); 3242 ieee80211_tx_complete(ni, m, !success); 3243 } 3244 3245 /* Process an incoming Compressed BlockAck. */ 3246 static void 3247 iwn_rx_compressed_ba(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3248 { 3249 struct iwn_tx_ring *ring; 3250 struct iwn_tx_data *data; 3251 struct iwn_node *wn; 3252 struct iwn_compressed_ba *ba = (struct iwn_compressed_ba *)(desc + 1); 3253 struct ieee80211_tx_ampdu *tap; 3254 uint64_t bitmap; 3255 uint8_t tid; 3256 int i, qid, shift; 3257 int tx_ok = 0; 3258 3259 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3260 3261 qid = le16toh(ba->qid); 3262 tap = sc->qid2tap[qid]; 3263 ring = &sc->txq[qid]; 3264 tid = tap->txa_tid; 3265 wn = (void *)tap->txa_ni; 3266 3267 DPRINTF(sc, IWN_DEBUG_AMPDU, "%s: qid %d tid %d seq %04X ssn %04X\n" 3268 "bitmap: ba %016jX wn %016jX, start %d\n", 3269 __func__, qid, tid, le16toh(ba->seq), le16toh(ba->ssn), 3270 (uintmax_t)le64toh(ba->bitmap), (uintmax_t)wn->agg[tid].bitmap, 3271 wn->agg[tid].startidx); 3272 3273 if (wn->agg[tid].bitmap == 0) 3274 return; 3275 3276 shift = wn->agg[tid].startidx - ((le16toh(ba->seq) >> 4) & 0xff); 3277 if (shift <= -64) 3278 shift += 0x100; 3279 3280 /* 3281 * Walk the bitmap and calculate how many successful attempts 3282 * are made. 3283 * 3284 * Yes, the rate control code doesn't know these are A-MPDU 3285 * subframes; due to that long_retries stats are not used here. 3286 */ 3287 bitmap = le64toh(ba->bitmap); 3288 if (shift >= 0) 3289 bitmap >>= shift; 3290 else 3291 bitmap <<= -shift; 3292 bitmap &= wn->agg[tid].bitmap; 3293 wn->agg[tid].bitmap = 0; 3294 3295 for (i = wn->agg[tid].startidx; 3296 bitmap; 3297 bitmap >>= 1, i = (i + 1) % IWN_TX_RING_COUNT) { 3298 if ((bitmap & 1) == 0) 3299 continue; 3300 3301 data = &ring->data[i]; 3302 if (__predict_false(data->m == NULL)) { 3303 /* 3304 * There is no frame; skip this entry. 3305 * 3306 * NB: it is "ok" to have both 3307 * 'tx done' + 'compressed BA' replies for frame 3308 * with STATE_SCD_QUERY status. 3309 */ 3310 DPRINTF(sc, IWN_DEBUG_AMPDU, 3311 "%s: ring %d: no entry %d\n", __func__, qid, i); 3312 continue; 3313 } 3314 3315 tx_ok++; 3316 iwn_agg_tx_complete(sc, ring, tid, i, 1); 3317 } 3318 3319 ring->queued -= tx_ok; 3320 iwn_check_tx_ring(sc, qid); 3321 3322 DPRINTF(sc, IWN_DEBUG_TRACE | IWN_DEBUG_AMPDU, 3323 "->%s: end; %d ok\n",__func__, tx_ok); 3324 } 3325 3326 /* 3327 * Process a CALIBRATION_RESULT notification sent by the initialization 3328 * firmware on response to a CMD_CALIB_CONFIG command (5000 only). 3329 */ 3330 static void 3331 iwn5000_rx_calib_results(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3332 { 3333 struct iwn_phy_calib *calib = (struct iwn_phy_calib *)(desc + 1); 3334 int len, idx = -1; 3335 3336 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3337 3338 /* Runtime firmware should not send such a notification. */ 3339 if (sc->sc_flags & IWN_FLAG_CALIB_DONE){ 3340 DPRINTF(sc, IWN_DEBUG_TRACE, 3341 "->%s received after calib done\n", __func__); 3342 return; 3343 } 3344 len = (le32toh(desc->len) & 0x3fff) - 4; 3345 3346 switch (calib->code) { 3347 case IWN5000_PHY_CALIB_DC: 3348 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_DC) 3349 idx = 0; 3350 break; 3351 case IWN5000_PHY_CALIB_LO: 3352 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_LO) 3353 idx = 1; 3354 break; 3355 case IWN5000_PHY_CALIB_TX_IQ: 3356 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TX_IQ) 3357 idx = 2; 3358 break; 3359 case IWN5000_PHY_CALIB_TX_IQ_PERIODIC: 3360 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TX_IQ_PERIODIC) 3361 idx = 3; 3362 break; 3363 case IWN5000_PHY_CALIB_BASE_BAND: 3364 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_BASE_BAND) 3365 idx = 4; 3366 break; 3367 } 3368 if (idx == -1) /* Ignore other results. */ 3369 return; 3370 3371 /* Save calibration result. */ 3372 if (sc->calibcmd[idx].buf != NULL) 3373 free(sc->calibcmd[idx].buf, M_DEVBUF); 3374 sc->calibcmd[idx].buf = malloc(len, M_DEVBUF, M_NOWAIT); 3375 if (sc->calibcmd[idx].buf == NULL) { 3376 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 3377 "not enough memory for calibration result %d\n", 3378 calib->code); 3379 return; 3380 } 3381 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 3382 "saving calibration result idx=%d, code=%d len=%d\n", idx, calib->code, len); 3383 sc->calibcmd[idx].len = len; 3384 memcpy(sc->calibcmd[idx].buf, calib, len); 3385 } 3386 3387 static void 3388 iwn_stats_update(struct iwn_softc *sc, struct iwn_calib_state *calib, 3389 struct iwn_stats *stats, int len) 3390 { 3391 struct iwn_stats_bt *stats_bt; 3392 struct iwn_stats *lstats; 3393 3394 /* 3395 * First - check whether the length is the bluetooth or normal. 3396 * 3397 * If it's normal - just copy it and bump out. 3398 * Otherwise we have to convert things. 3399 */ 3400 3401 if (len == sizeof(struct iwn_stats) + 4) { 3402 memcpy(&sc->last_stat, stats, sizeof(struct iwn_stats)); 3403 sc->last_stat_valid = 1; 3404 return; 3405 } 3406 3407 /* 3408 * If it's not the bluetooth size - log, then just copy. 3409 */ 3410 if (len != sizeof(struct iwn_stats_bt) + 4) { 3411 DPRINTF(sc, IWN_DEBUG_STATS, 3412 "%s: size of rx statistics (%d) not an expected size!\n", 3413 __func__, 3414 len); 3415 memcpy(&sc->last_stat, stats, sizeof(struct iwn_stats)); 3416 sc->last_stat_valid = 1; 3417 return; 3418 } 3419 3420 /* 3421 * Ok. Time to copy. 3422 */ 3423 stats_bt = (struct iwn_stats_bt *) stats; 3424 lstats = &sc->last_stat; 3425 3426 /* flags */ 3427 lstats->flags = stats_bt->flags; 3428 /* rx_bt */ 3429 memcpy(&lstats->rx.ofdm, &stats_bt->rx_bt.ofdm, 3430 sizeof(struct iwn_rx_phy_stats)); 3431 memcpy(&lstats->rx.cck, &stats_bt->rx_bt.cck, 3432 sizeof(struct iwn_rx_phy_stats)); 3433 memcpy(&lstats->rx.general, &stats_bt->rx_bt.general_bt.common, 3434 sizeof(struct iwn_rx_general_stats)); 3435 memcpy(&lstats->rx.ht, &stats_bt->rx_bt.ht, 3436 sizeof(struct iwn_rx_ht_phy_stats)); 3437 /* tx */ 3438 memcpy(&lstats->tx, &stats_bt->tx, 3439 sizeof(struct iwn_tx_stats)); 3440 /* general */ 3441 memcpy(&lstats->general, &stats_bt->general, 3442 sizeof(struct iwn_general_stats)); 3443 3444 /* XXX TODO: Squirrel away the extra bluetooth stats somewhere */ 3445 sc->last_stat_valid = 1; 3446 } 3447 3448 /* 3449 * Process an RX_STATISTICS or BEACON_STATISTICS firmware notification. 3450 * The latter is sent by the firmware after each received beacon. 3451 */ 3452 static void 3453 iwn_rx_statistics(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3454 { 3455 struct iwn_ops *ops = &sc->ops; 3456 struct ieee80211com *ic = &sc->sc_ic; 3457 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3458 struct iwn_calib_state *calib = &sc->calib; 3459 struct iwn_stats *stats = (struct iwn_stats *)(desc + 1); 3460 struct iwn_stats *lstats; 3461 int temp; 3462 3463 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3464 3465 /* Ignore statistics received during a scan. */ 3466 if (vap->iv_state != IEEE80211_S_RUN || 3467 (ic->ic_flags & IEEE80211_F_SCAN)){ 3468 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s received during calib\n", 3469 __func__); 3470 return; 3471 } 3472 3473 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_STATS, 3474 "%s: received statistics, cmd %d, len %d\n", 3475 __func__, desc->type, le16toh(desc->len)); 3476 sc->calib_cnt = 0; /* Reset TX power calibration timeout. */ 3477 3478 /* 3479 * Collect/track general statistics for reporting. 3480 * 3481 * This takes care of ensuring that the bluetooth sized message 3482 * will be correctly converted to the legacy sized message. 3483 */ 3484 iwn_stats_update(sc, calib, stats, le16toh(desc->len)); 3485 3486 /* 3487 * And now, let's take a reference of it to use! 3488 */ 3489 lstats = &sc->last_stat; 3490 3491 /* Test if temperature has changed. */ 3492 if (lstats->general.temp != sc->rawtemp) { 3493 /* Convert "raw" temperature to degC. */ 3494 sc->rawtemp = stats->general.temp; 3495 temp = ops->get_temperature(sc); 3496 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: temperature %d\n", 3497 __func__, temp); 3498 3499 /* Update TX power if need be (4965AGN only). */ 3500 if (sc->hw_type == IWN_HW_REV_TYPE_4965) 3501 iwn4965_power_calibration(sc, temp); 3502 } 3503 3504 if (desc->type != IWN_BEACON_STATISTICS) 3505 return; /* Reply to a statistics request. */ 3506 3507 sc->noise = iwn_get_noise(&lstats->rx.general); 3508 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: noise %d\n", __func__, sc->noise); 3509 3510 /* Test that RSSI and noise are present in stats report. */ 3511 if (le32toh(lstats->rx.general.flags) != 1) { 3512 DPRINTF(sc, IWN_DEBUG_ANY, "%s\n", 3513 "received statistics without RSSI"); 3514 return; 3515 } 3516 3517 if (calib->state == IWN_CALIB_STATE_ASSOC) 3518 iwn_collect_noise(sc, &lstats->rx.general); 3519 else if (calib->state == IWN_CALIB_STATE_RUN) { 3520 iwn_tune_sensitivity(sc, &lstats->rx); 3521 /* 3522 * XXX TODO: Only run the RX recovery if we're associated! 3523 */ 3524 iwn_check_rx_recovery(sc, lstats); 3525 iwn_save_stats_counters(sc, lstats); 3526 } 3527 3528 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3529 } 3530 3531 /* 3532 * Save the relevant statistic counters for the next calibration 3533 * pass. 3534 */ 3535 static void 3536 iwn_save_stats_counters(struct iwn_softc *sc, const struct iwn_stats *rs) 3537 { 3538 struct iwn_calib_state *calib = &sc->calib; 3539 3540 /* Save counters values for next call. */ 3541 calib->bad_plcp_cck = le32toh(rs->rx.cck.bad_plcp); 3542 calib->fa_cck = le32toh(rs->rx.cck.fa); 3543 calib->bad_plcp_ht = le32toh(rs->rx.ht.bad_plcp); 3544 calib->bad_plcp_ofdm = le32toh(rs->rx.ofdm.bad_plcp); 3545 calib->fa_ofdm = le32toh(rs->rx.ofdm.fa); 3546 3547 /* Last time we received these tick values */ 3548 sc->last_calib_ticks = ticks; 3549 } 3550 3551 /* 3552 * Process a TX_DONE firmware notification. Unfortunately, the 4965AGN 3553 * and 5000 adapters have different incompatible TX status formats. 3554 */ 3555 static void 3556 iwn4965_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3557 struct iwn_rx_data *data) 3558 { 3559 struct iwn4965_tx_stat *stat = (struct iwn4965_tx_stat *)(desc + 1); 3560 int qid = desc->qid & IWN_RX_DESC_QID_MSK; 3561 3562 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: " 3563 "qid %d idx %d RTS retries %d ACK retries %d nkill %d rate %x duration %d status %x\n", 3564 __func__, desc->qid, desc->idx, 3565 stat->rtsfailcnt, 3566 stat->ackfailcnt, 3567 stat->btkillcnt, 3568 stat->rate, le16toh(stat->duration), 3569 le32toh(stat->status)); 3570 3571 if (qid >= sc->firstaggqueue && stat->nframes != 1) { 3572 iwn_ampdu_tx_done(sc, qid, stat->nframes, stat->rtsfailcnt, 3573 &stat->status); 3574 } else { 3575 iwn_tx_done(sc, desc, stat->rtsfailcnt, stat->ackfailcnt, 3576 le32toh(stat->status) & 0xff); 3577 } 3578 } 3579 3580 static void 3581 iwn5000_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, 3582 struct iwn_rx_data *data) 3583 { 3584 struct iwn5000_tx_stat *stat = (struct iwn5000_tx_stat *)(desc + 1); 3585 int qid = desc->qid & IWN_RX_DESC_QID_MSK; 3586 3587 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: " 3588 "qid %d idx %d RTS retries %d ACK retries %d nkill %d rate %x duration %d status %x\n", 3589 __func__, desc->qid, desc->idx, 3590 stat->rtsfailcnt, 3591 stat->ackfailcnt, 3592 stat->btkillcnt, 3593 stat->rate, le16toh(stat->duration), 3594 le32toh(stat->status)); 3595 3596 #ifdef notyet 3597 /* Reset TX scheduler slot. */ 3598 iwn5000_reset_sched(sc, qid, desc->idx); 3599 #endif 3600 3601 if (qid >= sc->firstaggqueue && stat->nframes != 1) { 3602 iwn_ampdu_tx_done(sc, qid, stat->nframes, stat->rtsfailcnt, 3603 &stat->status); 3604 } else { 3605 iwn_tx_done(sc, desc, stat->rtsfailcnt, stat->ackfailcnt, 3606 le16toh(stat->status) & 0xff); 3607 } 3608 } 3609 3610 static void 3611 iwn_adj_ampdu_ptr(struct iwn_softc *sc, struct iwn_tx_ring *ring) 3612 { 3613 int i; 3614 3615 for (i = ring->read; i != ring->cur; i = (i + 1) % IWN_TX_RING_COUNT) { 3616 struct iwn_tx_data *data = &ring->data[i]; 3617 3618 if (data->m != NULL) 3619 break; 3620 3621 data->remapped = 0; 3622 } 3623 3624 ring->read = i; 3625 } 3626 3627 /* 3628 * Adapter-independent backend for TX_DONE firmware notifications. 3629 */ 3630 static void 3631 iwn_tx_done(struct iwn_softc *sc, struct iwn_rx_desc *desc, int rtsfailcnt, 3632 int ackfailcnt, uint8_t status) 3633 { 3634 struct ieee80211_ratectl_tx_status *txs = &sc->sc_txs; 3635 struct iwn_tx_ring *ring = &sc->txq[desc->qid & IWN_RX_DESC_QID_MSK]; 3636 struct iwn_tx_data *data = &ring->data[desc->idx]; 3637 struct mbuf *m; 3638 struct ieee80211_node *ni; 3639 3640 if (__predict_false(data->m == NULL && 3641 ring->qid >= sc->firstaggqueue)) { 3642 /* 3643 * There is no frame; skip this entry. 3644 */ 3645 DPRINTF(sc, IWN_DEBUG_AMPDU, "%s: ring %d: no entry %d\n", 3646 __func__, ring->qid, desc->idx); 3647 return; 3648 } 3649 3650 KASSERT(data->ni != NULL, ("no node")); 3651 KASSERT(data->m != NULL, ("no mbuf")); 3652 3653 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3654 3655 /* Unmap and free mbuf. */ 3656 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_POSTWRITE); 3657 bus_dmamap_unload(ring->data_dmat, data->map); 3658 m = data->m, data->m = NULL; 3659 ni = data->ni, data->ni = NULL; 3660 3661 data->long_retries = 0; 3662 3663 if (ring->qid >= sc->firstaggqueue) 3664 iwn_adj_ampdu_ptr(sc, ring); 3665 3666 /* 3667 * XXX f/w may hang (device timeout) when desc->idx - ring->read == 64 3668 * (aggregation queues only). 3669 */ 3670 3671 ring->queued--; 3672 iwn_check_tx_ring(sc, ring->qid); 3673 3674 /* 3675 * Update rate control statistics for the node. 3676 */ 3677 txs->flags = IEEE80211_RATECTL_STATUS_SHORT_RETRY | 3678 IEEE80211_RATECTL_STATUS_LONG_RETRY; 3679 txs->short_retries = rtsfailcnt; 3680 txs->long_retries = ackfailcnt; 3681 if (!(status & IWN_TX_FAIL)) 3682 txs->status = IEEE80211_RATECTL_TX_SUCCESS; 3683 else { 3684 switch (status) { 3685 case IWN_TX_FAIL_SHORT_LIMIT: 3686 txs->status = IEEE80211_RATECTL_TX_FAIL_SHORT; 3687 break; 3688 case IWN_TX_FAIL_LONG_LIMIT: 3689 txs->status = IEEE80211_RATECTL_TX_FAIL_LONG; 3690 break; 3691 case IWN_TX_STATUS_FAIL_LIFE_EXPIRE: 3692 txs->status = IEEE80211_RATECTL_TX_FAIL_EXPIRED; 3693 break; 3694 default: 3695 txs->status = IEEE80211_RATECTL_TX_FAIL_UNSPECIFIED; 3696 break; 3697 } 3698 } 3699 ieee80211_ratectl_tx_complete(ni, txs); 3700 3701 /* 3702 * Channels marked for "radar" require traffic to be received 3703 * to unlock before we can transmit. Until traffic is seen 3704 * any attempt to transmit is returned immediately with status 3705 * set to IWN_TX_FAIL_TX_LOCKED. Unfortunately this can easily 3706 * happen on first authenticate after scanning. To workaround 3707 * this we ignore a failure of this sort in AUTH state so the 3708 * 802.11 layer will fall back to using a timeout to wait for 3709 * the AUTH reply. This allows the firmware time to see 3710 * traffic so a subsequent retry of AUTH succeeds. It's 3711 * unclear why the firmware does not maintain state for 3712 * channels recently visited as this would allow immediate 3713 * use of the channel after a scan (where we see traffic). 3714 */ 3715 if (status == IWN_TX_FAIL_TX_LOCKED && 3716 ni->ni_vap->iv_state == IEEE80211_S_AUTH) 3717 ieee80211_tx_complete(ni, m, 0); 3718 else 3719 ieee80211_tx_complete(ni, m, 3720 (status & IWN_TX_FAIL) != 0); 3721 3722 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3723 } 3724 3725 /* 3726 * Process a "command done" firmware notification. This is where we wakeup 3727 * processes waiting for a synchronous command completion. 3728 */ 3729 static void 3730 iwn_cmd_done(struct iwn_softc *sc, struct iwn_rx_desc *desc) 3731 { 3732 struct iwn_tx_ring *ring; 3733 struct iwn_tx_data *data; 3734 int cmd_queue_num; 3735 3736 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) 3737 cmd_queue_num = IWN_PAN_CMD_QUEUE; 3738 else 3739 cmd_queue_num = IWN_CMD_QUEUE_NUM; 3740 3741 if ((desc->qid & IWN_RX_DESC_QID_MSK) != cmd_queue_num) 3742 return; /* Not a command ack. */ 3743 3744 ring = &sc->txq[cmd_queue_num]; 3745 data = &ring->data[desc->idx]; 3746 3747 /* If the command was mapped in an mbuf, free it. */ 3748 if (data->m != NULL) { 3749 bus_dmamap_sync(ring->data_dmat, data->map, 3750 BUS_DMASYNC_POSTWRITE); 3751 bus_dmamap_unload(ring->data_dmat, data->map); 3752 m_freem(data->m); 3753 data->m = NULL; 3754 } 3755 wakeup(&ring->desc[desc->idx]); 3756 } 3757 3758 static int 3759 iwn_ampdu_check_bitmap(uint64_t bitmap, int start, int idx) 3760 { 3761 int bit, shift; 3762 3763 bit = idx - start; 3764 shift = 0; 3765 if (bit >= 64) { 3766 shift = 0x100 - bit; 3767 bit = 0; 3768 } else if (bit <= -64) 3769 bit = 0x100 + bit; 3770 else if (bit < 0) { 3771 shift = -bit; 3772 bit = 0; 3773 } 3774 3775 if (bit - shift >= 64) 3776 return (0); 3777 3778 return ((bitmap & (1ULL << (bit - shift))) != 0); 3779 } 3780 3781 /* 3782 * Firmware bug workaround: in case if 'retries' counter 3783 * overflows 'seqno' field will be incremented: 3784 * status|sequence|status|sequence|status|sequence 3785 * 0000 0A48 0001 0A49 0000 0A6A 3786 * 1000 0A48 1000 0A49 1000 0A6A 3787 * 2000 0A48 2000 0A49 2000 0A6A 3788 * ... 3789 * E000 0A48 E000 0A49 E000 0A6A 3790 * F000 0A48 F000 0A49 F000 0A6A 3791 * 0000 0A49 0000 0A49 0000 0A6B 3792 * 1000 0A49 1000 0A49 1000 0A6B 3793 * ... 3794 * D000 0A49 D000 0A49 D000 0A6B 3795 * E000 0A49 E001 0A49 E000 0A6B 3796 * F000 0A49 F001 0A49 F000 0A6B 3797 * 0000 0A4A 0000 0A4B 0000 0A6A 3798 * 1000 0A4A 1000 0A4B 1000 0A6A 3799 * ... 3800 * 3801 * Odd 'seqno' numbers are incremened by 2 every 2 overflows. 3802 * For even 'seqno' % 4 != 0 overflow is cyclic (0 -> +1 -> 0). 3803 * Not checked with nretries >= 64. 3804 * 3805 */ 3806 static int 3807 iwn_ampdu_index_check(struct iwn_softc *sc, struct iwn_tx_ring *ring, 3808 uint64_t bitmap, int start, int idx) 3809 { 3810 struct ieee80211com *ic = &sc->sc_ic; 3811 struct iwn_tx_data *data; 3812 int diff, min_retries, max_retries, new_idx, loop_end; 3813 3814 new_idx = idx - IWN_LONG_RETRY_LIMIT_LOG; 3815 if (new_idx < 0) 3816 new_idx += IWN_TX_RING_COUNT; 3817 3818 /* 3819 * Corner case: check if retry count is not too big; 3820 * reset device otherwise. 3821 */ 3822 if (!iwn_ampdu_check_bitmap(bitmap, start, new_idx)) { 3823 data = &ring->data[new_idx]; 3824 if (data->long_retries > IWN_LONG_RETRY_LIMIT) { 3825 device_printf(sc->sc_dev, 3826 "%s: retry count (%d) for idx %d/%d overflow, " 3827 "resetting...\n", __func__, data->long_retries, 3828 ring->qid, new_idx); 3829 ieee80211_restart_all(ic); 3830 return (-1); 3831 } 3832 } 3833 3834 /* Correct index if needed. */ 3835 loop_end = idx; 3836 do { 3837 data = &ring->data[new_idx]; 3838 diff = idx - new_idx; 3839 if (diff < 0) 3840 diff += IWN_TX_RING_COUNT; 3841 3842 min_retries = IWN_LONG_RETRY_FW_OVERFLOW * diff; 3843 if ((new_idx % 2) == 0) 3844 max_retries = IWN_LONG_RETRY_FW_OVERFLOW * (diff + 1); 3845 else 3846 max_retries = IWN_LONG_RETRY_FW_OVERFLOW * (diff + 2); 3847 3848 if (!iwn_ampdu_check_bitmap(bitmap, start, new_idx) && 3849 ((data->long_retries >= min_retries && 3850 data->long_retries < max_retries) || 3851 (diff == 1 && 3852 (new_idx & 0x03) == 0x02 && 3853 data->long_retries >= IWN_LONG_RETRY_FW_OVERFLOW))) { 3854 DPRINTF(sc, IWN_DEBUG_AMPDU, 3855 "%s: correcting index %d -> %d in queue %d" 3856 " (retries %d)\n", __func__, idx, new_idx, 3857 ring->qid, data->long_retries); 3858 return (new_idx); 3859 } 3860 3861 new_idx = (new_idx + 1) % IWN_TX_RING_COUNT; 3862 } while (new_idx != loop_end); 3863 3864 return (idx); 3865 } 3866 3867 static void 3868 iwn_ampdu_tx_done(struct iwn_softc *sc, int qid, int nframes, int rtsfailcnt, 3869 void *stat) 3870 { 3871 struct iwn_tx_ring *ring = &sc->txq[qid]; 3872 struct ieee80211_tx_ampdu *tap = sc->qid2tap[qid]; 3873 struct iwn_node *wn = (void *)tap->txa_ni; 3874 struct iwn_tx_data *data; 3875 uint64_t bitmap = 0; 3876 uint16_t *aggstatus = stat; 3877 uint8_t tid = tap->txa_tid; 3878 int bit, i, idx, shift, start, tx_err; 3879 3880 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 3881 3882 start = le16toh(*(aggstatus + nframes * 2)) & 0xff; 3883 3884 for (i = 0; i < nframes; i++) { 3885 uint16_t status = le16toh(aggstatus[i * 2]); 3886 3887 if (status & IWN_AGG_TX_STATE_IGNORE_MASK) 3888 continue; 3889 3890 idx = le16toh(aggstatus[i * 2 + 1]) & 0xff; 3891 data = &ring->data[idx]; 3892 if (data->remapped) { 3893 idx = iwn_ampdu_index_check(sc, ring, bitmap, start, idx); 3894 if (idx == -1) { 3895 /* skip error (device will be restarted anyway). */ 3896 continue; 3897 } 3898 3899 /* Index may have changed. */ 3900 data = &ring->data[idx]; 3901 } 3902 3903 /* 3904 * XXX Sometimes (rarely) some frames are excluded from events. 3905 * XXX Due to that long_retries counter may be wrong. 3906 */ 3907 data->long_retries &= ~0x0f; 3908 data->long_retries += IWN_AGG_TX_TRY_COUNT(status) + 1; 3909 3910 if (data->long_retries >= IWN_LONG_RETRY_FW_OVERFLOW) { 3911 int diff, wrong_idx; 3912 3913 diff = data->long_retries / IWN_LONG_RETRY_FW_OVERFLOW; 3914 wrong_idx = (idx + diff) % IWN_TX_RING_COUNT; 3915 3916 /* 3917 * Mark the entry so the above code will check it 3918 * next time. 3919 */ 3920 ring->data[wrong_idx].remapped = 1; 3921 } 3922 3923 if (status & IWN_AGG_TX_STATE_UNDERRUN_MSK) { 3924 /* 3925 * NB: count retries but postpone - it was not 3926 * transmitted. 3927 */ 3928 continue; 3929 } 3930 3931 bit = idx - start; 3932 shift = 0; 3933 if (bit >= 64) { 3934 shift = 0x100 - bit; 3935 bit = 0; 3936 } else if (bit <= -64) 3937 bit = 0x100 + bit; 3938 else if (bit < 0) { 3939 shift = -bit; 3940 bit = 0; 3941 } 3942 bitmap = bitmap << shift; 3943 bitmap |= 1ULL << bit; 3944 } 3945 wn->agg[tid].startidx = start; 3946 wn->agg[tid].bitmap = bitmap; 3947 wn->agg[tid].short_retries = rtsfailcnt; 3948 3949 DPRINTF(sc, IWN_DEBUG_AMPDU, "%s: nframes %d start %d bitmap %016jX\n", 3950 __func__, nframes, start, (uintmax_t)bitmap); 3951 3952 i = ring->read; 3953 3954 for (tx_err = 0; 3955 i != wn->agg[tid].startidx; 3956 i = (i + 1) % IWN_TX_RING_COUNT) { 3957 data = &ring->data[i]; 3958 data->remapped = 0; 3959 if (data->m == NULL) 3960 continue; 3961 3962 tx_err++; 3963 iwn_agg_tx_complete(sc, ring, tid, i, 0); 3964 } 3965 3966 ring->read = wn->agg[tid].startidx; 3967 ring->queued -= tx_err; 3968 3969 iwn_check_tx_ring(sc, qid); 3970 3971 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 3972 } 3973 3974 /* 3975 * Process an INT_FH_RX or INT_SW_RX interrupt. 3976 */ 3977 static void 3978 iwn_notif_intr(struct iwn_softc *sc) 3979 { 3980 struct iwn_ops *ops = &sc->ops; 3981 struct ieee80211com *ic = &sc->sc_ic; 3982 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3983 uint16_t hw; 3984 int is_stopped; 3985 3986 bus_dmamap_sync(sc->rxq.stat_dma.tag, sc->rxq.stat_dma.map, 3987 BUS_DMASYNC_POSTREAD); 3988 3989 hw = le16toh(sc->rxq.stat->closed_count) & 0xfff; 3990 while (sc->rxq.cur != hw) { 3991 struct iwn_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 3992 struct iwn_rx_desc *desc; 3993 3994 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 3995 BUS_DMASYNC_POSTREAD); 3996 desc = mtod(data->m, struct iwn_rx_desc *); 3997 3998 DPRINTF(sc, IWN_DEBUG_RECV, 3999 "%s: cur=%d; qid %x idx %d flags %x type %d(%s) len %d\n", 4000 __func__, sc->rxq.cur, desc->qid & IWN_RX_DESC_QID_MSK, 4001 desc->idx, desc->flags, desc->type, 4002 iwn_intr_str(desc->type), le16toh(desc->len)); 4003 4004 if (!(desc->qid & IWN_UNSOLICITED_RX_NOTIF)) /* Reply to a command. */ 4005 iwn_cmd_done(sc, desc); 4006 4007 switch (desc->type) { 4008 case IWN_RX_PHY: 4009 iwn_rx_phy(sc, desc); 4010 break; 4011 4012 case IWN_RX_DONE: /* 4965AGN only. */ 4013 case IWN_MPDU_RX_DONE: 4014 /* An 802.11 frame has been received. */ 4015 iwn_rx_done(sc, desc, data); 4016 4017 is_stopped = (sc->sc_flags & IWN_FLAG_RUNNING) == 0; 4018 if (__predict_false(is_stopped)) 4019 return; 4020 4021 break; 4022 4023 case IWN_RX_COMPRESSED_BA: 4024 /* A Compressed BlockAck has been received. */ 4025 iwn_rx_compressed_ba(sc, desc); 4026 break; 4027 4028 case IWN_TX_DONE: 4029 /* An 802.11 frame has been transmitted. */ 4030 ops->tx_done(sc, desc, data); 4031 break; 4032 4033 case IWN_RX_STATISTICS: 4034 case IWN_BEACON_STATISTICS: 4035 iwn_rx_statistics(sc, desc); 4036 break; 4037 4038 case IWN_BEACON_MISSED: 4039 { 4040 struct iwn_beacon_missed *miss = 4041 (struct iwn_beacon_missed *)(desc + 1); 4042 int misses; 4043 4044 misses = le32toh(miss->consecutive); 4045 4046 DPRINTF(sc, IWN_DEBUG_STATE, 4047 "%s: beacons missed %d/%d\n", __func__, 4048 misses, le32toh(miss->total)); 4049 /* 4050 * If more than 5 consecutive beacons are missed, 4051 * reinitialize the sensitivity state machine. 4052 */ 4053 if (vap->iv_state == IEEE80211_S_RUN && 4054 (ic->ic_flags & IEEE80211_F_SCAN) == 0) { 4055 if (misses > 5) 4056 (void)iwn_init_sensitivity(sc); 4057 if (misses >= vap->iv_bmissthreshold) { 4058 IWN_UNLOCK(sc); 4059 ieee80211_beacon_miss(ic); 4060 IWN_LOCK(sc); 4061 4062 is_stopped = (sc->sc_flags & 4063 IWN_FLAG_RUNNING) == 0; 4064 if (__predict_false(is_stopped)) 4065 return; 4066 } 4067 } 4068 break; 4069 } 4070 case IWN_UC_READY: 4071 { 4072 struct iwn_ucode_info *uc = 4073 (struct iwn_ucode_info *)(desc + 1); 4074 4075 /* The microcontroller is ready. */ 4076 DPRINTF(sc, IWN_DEBUG_RESET, 4077 "microcode alive notification version=%d.%d " 4078 "subtype=%x alive=%x\n", uc->major, uc->minor, 4079 uc->subtype, le32toh(uc->valid)); 4080 4081 if (le32toh(uc->valid) != 1) { 4082 device_printf(sc->sc_dev, 4083 "microcontroller initialization failed"); 4084 break; 4085 } 4086 if (uc->subtype == IWN_UCODE_INIT) { 4087 /* Save microcontroller report. */ 4088 memcpy(&sc->ucode_info, uc, sizeof (*uc)); 4089 } 4090 /* Save the address of the error log in SRAM. */ 4091 sc->errptr = le32toh(uc->errptr); 4092 break; 4093 } 4094 #ifdef IWN_DEBUG 4095 case IWN_STATE_CHANGED: 4096 { 4097 /* 4098 * State change allows hardware switch change to be 4099 * noted. However, we handle this in iwn_intr as we 4100 * get both the enable/disble intr. 4101 */ 4102 uint32_t *status = (uint32_t *)(desc + 1); 4103 DPRINTF(sc, IWN_DEBUG_INTR | IWN_DEBUG_STATE, 4104 "state changed to %x\n", 4105 le32toh(*status)); 4106 break; 4107 } 4108 case IWN_START_SCAN: 4109 { 4110 struct iwn_start_scan *scan = 4111 (struct iwn_start_scan *)(desc + 1); 4112 DPRINTF(sc, IWN_DEBUG_ANY, 4113 "%s: scanning channel %d status %x\n", 4114 __func__, scan->chan, le32toh(scan->status)); 4115 break; 4116 } 4117 #endif 4118 case IWN_STOP_SCAN: 4119 { 4120 #ifdef IWN_DEBUG 4121 struct iwn_stop_scan *scan = 4122 (struct iwn_stop_scan *)(desc + 1); 4123 DPRINTF(sc, IWN_DEBUG_STATE | IWN_DEBUG_SCAN, 4124 "scan finished nchan=%d status=%d chan=%d\n", 4125 scan->nchan, scan->status, scan->chan); 4126 #endif 4127 sc->sc_is_scanning = 0; 4128 callout_stop(&sc->scan_timeout); 4129 IWN_UNLOCK(sc); 4130 ieee80211_scan_next(vap); 4131 IWN_LOCK(sc); 4132 4133 is_stopped = (sc->sc_flags & IWN_FLAG_RUNNING) == 0; 4134 if (__predict_false(is_stopped)) 4135 return; 4136 4137 break; 4138 } 4139 case IWN5000_CALIBRATION_RESULT: 4140 iwn5000_rx_calib_results(sc, desc); 4141 break; 4142 4143 case IWN5000_CALIBRATION_DONE: 4144 sc->sc_flags |= IWN_FLAG_CALIB_DONE; 4145 wakeup(sc); 4146 break; 4147 } 4148 4149 sc->rxq.cur = (sc->rxq.cur + 1) % IWN_RX_RING_COUNT; 4150 } 4151 4152 /* Tell the firmware what we have processed. */ 4153 hw = (hw == 0) ? IWN_RX_RING_COUNT - 1 : hw - 1; 4154 IWN_WRITE(sc, IWN_FH_RX_WPTR, hw & ~7); 4155 } 4156 4157 /* 4158 * Process an INT_WAKEUP interrupt raised when the microcontroller wakes up 4159 * from power-down sleep mode. 4160 */ 4161 static void 4162 iwn_wakeup_intr(struct iwn_softc *sc) 4163 { 4164 int qid; 4165 4166 DPRINTF(sc, IWN_DEBUG_RESET, "%s: ucode wakeup from power-down sleep\n", 4167 __func__); 4168 4169 /* Wakeup RX and TX rings. */ 4170 IWN_WRITE(sc, IWN_FH_RX_WPTR, sc->rxq.cur & ~7); 4171 for (qid = 0; qid < sc->ntxqs; qid++) { 4172 struct iwn_tx_ring *ring = &sc->txq[qid]; 4173 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | ring->cur); 4174 } 4175 } 4176 4177 static void 4178 iwn_rftoggle_task(void *arg, int npending) 4179 { 4180 struct iwn_softc *sc = arg; 4181 struct ieee80211com *ic = &sc->sc_ic; 4182 uint32_t tmp; 4183 4184 IWN_LOCK(sc); 4185 tmp = IWN_READ(sc, IWN_GP_CNTRL); 4186 IWN_UNLOCK(sc); 4187 4188 device_printf(sc->sc_dev, "RF switch: radio %s\n", 4189 (tmp & IWN_GP_CNTRL_RFKILL) ? "enabled" : "disabled"); 4190 if (!(tmp & IWN_GP_CNTRL_RFKILL)) { 4191 ieee80211_suspend_all(ic); 4192 4193 /* Enable interrupts to get RF toggle notification. */ 4194 IWN_LOCK(sc); 4195 IWN_WRITE(sc, IWN_INT, 0xffffffff); 4196 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 4197 IWN_UNLOCK(sc); 4198 } else 4199 ieee80211_resume_all(ic); 4200 } 4201 4202 /* 4203 * Dump the error log of the firmware when a firmware panic occurs. Although 4204 * we can't debug the firmware because it is neither open source nor free, it 4205 * can help us to identify certain classes of problems. 4206 */ 4207 static void 4208 iwn_fatal_intr(struct iwn_softc *sc) 4209 { 4210 struct iwn_fw_dump dump; 4211 int i; 4212 4213 IWN_LOCK_ASSERT(sc); 4214 4215 /* Force a complete recalibration on next init. */ 4216 sc->sc_flags &= ~IWN_FLAG_CALIB_DONE; 4217 4218 /* Check that the error log address is valid. */ 4219 if (sc->errptr < IWN_FW_DATA_BASE || 4220 sc->errptr + sizeof (dump) > 4221 IWN_FW_DATA_BASE + sc->fw_data_maxsz) { 4222 printf("%s: bad firmware error log address 0x%08x\n", __func__, 4223 sc->errptr); 4224 return; 4225 } 4226 if (iwn_nic_lock(sc) != 0) { 4227 printf("%s: could not read firmware error log\n", __func__); 4228 return; 4229 } 4230 /* Read firmware error log from SRAM. */ 4231 iwn_mem_read_region_4(sc, sc->errptr, (uint32_t *)&dump, 4232 sizeof (dump) / sizeof (uint32_t)); 4233 iwn_nic_unlock(sc); 4234 4235 if (dump.valid == 0) { 4236 printf("%s: firmware error log is empty\n", __func__); 4237 return; 4238 } 4239 printf("firmware error log:\n"); 4240 printf(" error type = \"%s\" (0x%08X)\n", 4241 (dump.id < nitems(iwn_fw_errmsg)) ? 4242 iwn_fw_errmsg[dump.id] : "UNKNOWN", 4243 dump.id); 4244 printf(" program counter = 0x%08X\n", dump.pc); 4245 printf(" source line = 0x%08X\n", dump.src_line); 4246 printf(" error data = 0x%08X%08X\n", 4247 dump.error_data[0], dump.error_data[1]); 4248 printf(" branch link = 0x%08X%08X\n", 4249 dump.branch_link[0], dump.branch_link[1]); 4250 printf(" interrupt link = 0x%08X%08X\n", 4251 dump.interrupt_link[0], dump.interrupt_link[1]); 4252 printf(" time = %u\n", dump.time[0]); 4253 4254 /* Dump driver status (TX and RX rings) while we're here. */ 4255 printf("driver status:\n"); 4256 for (i = 0; i < sc->ntxqs; i++) { 4257 struct iwn_tx_ring *ring = &sc->txq[i]; 4258 printf(" tx ring %2d: qid=%-2d cur=%-3d queued=%-3d\n", 4259 i, ring->qid, ring->cur, ring->queued); 4260 } 4261 printf(" rx ring: cur=%d\n", sc->rxq.cur); 4262 } 4263 4264 static void 4265 iwn_intr(void *arg) 4266 { 4267 struct iwn_softc *sc = arg; 4268 uint32_t r1, r2, tmp; 4269 4270 IWN_LOCK(sc); 4271 4272 /* Disable interrupts. */ 4273 IWN_WRITE(sc, IWN_INT_MASK, 0); 4274 4275 /* Read interrupts from ICT (fast) or from registers (slow). */ 4276 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 4277 bus_dmamap_sync(sc->ict_dma.tag, sc->ict_dma.map, 4278 BUS_DMASYNC_POSTREAD); 4279 tmp = 0; 4280 while (sc->ict[sc->ict_cur] != 0) { 4281 tmp |= sc->ict[sc->ict_cur]; 4282 sc->ict[sc->ict_cur] = 0; /* Acknowledge. */ 4283 sc->ict_cur = (sc->ict_cur + 1) % IWN_ICT_COUNT; 4284 } 4285 tmp = le32toh(tmp); 4286 if (tmp == 0xffffffff) /* Shouldn't happen. */ 4287 tmp = 0; 4288 else if (tmp & 0xc0000) /* Workaround a HW bug. */ 4289 tmp |= 0x8000; 4290 r1 = (tmp & 0xff00) << 16 | (tmp & 0xff); 4291 r2 = 0; /* Unused. */ 4292 } else { 4293 r1 = IWN_READ(sc, IWN_INT); 4294 if (r1 == 0xffffffff || (r1 & 0xfffffff0) == 0xa5a5a5a0) { 4295 IWN_UNLOCK(sc); 4296 return; /* Hardware gone! */ 4297 } 4298 r2 = IWN_READ(sc, IWN_FH_INT); 4299 } 4300 4301 DPRINTF(sc, IWN_DEBUG_INTR, "interrupt reg1=0x%08x reg2=0x%08x\n" 4302 , r1, r2); 4303 4304 if (r1 == 0 && r2 == 0) 4305 goto done; /* Interrupt not for us. */ 4306 4307 /* Acknowledge interrupts. */ 4308 IWN_WRITE(sc, IWN_INT, r1); 4309 if (!(sc->sc_flags & IWN_FLAG_USE_ICT)) 4310 IWN_WRITE(sc, IWN_FH_INT, r2); 4311 4312 if (r1 & IWN_INT_RF_TOGGLED) { 4313 taskqueue_enqueue(sc->sc_tq, &sc->sc_rftoggle_task); 4314 goto done; 4315 } 4316 if (r1 & IWN_INT_CT_REACHED) { 4317 device_printf(sc->sc_dev, "%s: critical temperature reached!\n", 4318 __func__); 4319 } 4320 if (r1 & (IWN_INT_SW_ERR | IWN_INT_HW_ERR)) { 4321 device_printf(sc->sc_dev, "%s: fatal firmware error\n", 4322 __func__); 4323 #ifdef IWN_DEBUG 4324 iwn_debug_register(sc); 4325 #endif 4326 /* Dump firmware error log and stop. */ 4327 iwn_fatal_intr(sc); 4328 4329 taskqueue_enqueue(sc->sc_tq, &sc->sc_panic_task); 4330 goto done; 4331 } 4332 if ((r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX | IWN_INT_RX_PERIODIC)) || 4333 (r2 & IWN_FH_INT_RX)) { 4334 if (sc->sc_flags & IWN_FLAG_USE_ICT) { 4335 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) 4336 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_RX); 4337 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 4338 IWN_INT_PERIODIC_DIS); 4339 iwn_notif_intr(sc); 4340 if (r1 & (IWN_INT_FH_RX | IWN_INT_SW_RX)) { 4341 IWN_WRITE_1(sc, IWN_INT_PERIODIC, 4342 IWN_INT_PERIODIC_ENA); 4343 } 4344 } else 4345 iwn_notif_intr(sc); 4346 } 4347 4348 if ((r1 & IWN_INT_FH_TX) || (r2 & IWN_FH_INT_TX)) { 4349 if (sc->sc_flags & IWN_FLAG_USE_ICT) 4350 IWN_WRITE(sc, IWN_FH_INT, IWN_FH_INT_TX); 4351 wakeup(sc); /* FH DMA transfer completed. */ 4352 } 4353 4354 if (r1 & IWN_INT_ALIVE) 4355 wakeup(sc); /* Firmware is alive. */ 4356 4357 if (r1 & IWN_INT_WAKEUP) 4358 iwn_wakeup_intr(sc); 4359 4360 done: 4361 /* Re-enable interrupts. */ 4362 if (sc->sc_flags & IWN_FLAG_RUNNING) 4363 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 4364 4365 IWN_UNLOCK(sc); 4366 } 4367 4368 /* 4369 * Update TX scheduler ring when transmitting an 802.11 frame (4965AGN and 4370 * 5000 adapters use a slightly different format). 4371 */ 4372 static void 4373 iwn4965_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 4374 uint16_t len) 4375 { 4376 uint16_t *w = &sc->sched[qid * IWN4965_SCHED_COUNT + idx]; 4377 4378 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 4379 4380 *w = htole16(len + 8); 4381 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4382 BUS_DMASYNC_PREWRITE); 4383 if (idx < IWN_SCHED_WINSZ) { 4384 *(w + IWN_TX_RING_COUNT) = *w; 4385 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4386 BUS_DMASYNC_PREWRITE); 4387 } 4388 } 4389 4390 static void 4391 iwn5000_update_sched(struct iwn_softc *sc, int qid, int idx, uint8_t id, 4392 uint16_t len) 4393 { 4394 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 4395 4396 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 4397 4398 *w = htole16(id << 12 | (len + 8)); 4399 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4400 BUS_DMASYNC_PREWRITE); 4401 if (idx < IWN_SCHED_WINSZ) { 4402 *(w + IWN_TX_RING_COUNT) = *w; 4403 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4404 BUS_DMASYNC_PREWRITE); 4405 } 4406 } 4407 4408 #ifdef notyet 4409 static void 4410 iwn5000_reset_sched(struct iwn_softc *sc, int qid, int idx) 4411 { 4412 uint16_t *w = &sc->sched[qid * IWN5000_SCHED_COUNT + idx]; 4413 4414 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 4415 4416 *w = (*w & htole16(0xf000)) | htole16(1); 4417 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4418 BUS_DMASYNC_PREWRITE); 4419 if (idx < IWN_SCHED_WINSZ) { 4420 *(w + IWN_TX_RING_COUNT) = *w; 4421 bus_dmamap_sync(sc->sched_dma.tag, sc->sched_dma.map, 4422 BUS_DMASYNC_PREWRITE); 4423 } 4424 } 4425 #endif 4426 4427 /* 4428 * Check whether OFDM 11g protection will be enabled for the given rate. 4429 * 4430 * The original driver code only enabled protection for OFDM rates. 4431 * It didn't check to see whether it was operating in 11a or 11bg mode. 4432 */ 4433 static int 4434 iwn_check_rate_needs_protection(struct iwn_softc *sc, 4435 struct ieee80211vap *vap, uint8_t rate) 4436 { 4437 struct ieee80211com *ic = vap->iv_ic; 4438 4439 /* 4440 * Not in 2GHz mode? Then there's no need to enable OFDM 4441 * 11bg protection. 4442 */ 4443 if (! IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) { 4444 return (0); 4445 } 4446 4447 /* 4448 * 11bg protection not enabled? Then don't use it. 4449 */ 4450 if ((ic->ic_flags & IEEE80211_F_USEPROT) == 0) 4451 return (0); 4452 4453 /* 4454 * If it's an 11n rate - no protection. 4455 * We'll do it via a specific 11n check. 4456 */ 4457 if (rate & IEEE80211_RATE_MCS) { 4458 return (0); 4459 } 4460 4461 /* 4462 * Do a rate table lookup. If the PHY is CCK, 4463 * don't do protection. 4464 */ 4465 if (ieee80211_rate2phytype(ic->ic_rt, rate) == IEEE80211_T_CCK) 4466 return (0); 4467 4468 /* 4469 * Yup, enable protection. 4470 */ 4471 return (1); 4472 } 4473 4474 /* 4475 * return a value between 0 and IWN_MAX_TX_RETRIES-1 as an index into 4476 * the link quality table that reflects this particular entry. 4477 */ 4478 static int 4479 iwn_tx_rate_to_linkq_offset(struct iwn_softc *sc, struct ieee80211_node *ni, 4480 uint8_t rate) 4481 { 4482 struct ieee80211_rateset *rs; 4483 int is_11n; 4484 int nr; 4485 int i; 4486 uint8_t cmp_rate; 4487 4488 /* 4489 * Figure out if we're using 11n or not here. 4490 */ 4491 if (IEEE80211_IS_CHAN_HT(ni->ni_chan) && ni->ni_htrates.rs_nrates > 0) 4492 is_11n = 1; 4493 else 4494 is_11n = 0; 4495 4496 /* 4497 * Use the correct rate table. 4498 */ 4499 if (is_11n) { 4500 rs = (struct ieee80211_rateset *) &ni->ni_htrates; 4501 nr = ni->ni_htrates.rs_nrates; 4502 } else { 4503 rs = &ni->ni_rates; 4504 nr = rs->rs_nrates; 4505 } 4506 4507 /* 4508 * Find the relevant link quality entry in the table. 4509 */ 4510 for (i = 0; i < nr && i < IWN_MAX_TX_RETRIES - 1 ; i++) { 4511 /* 4512 * The link quality table index starts at 0 == highest 4513 * rate, so we walk the rate table backwards. 4514 */ 4515 cmp_rate = rs->rs_rates[(nr - 1) - i]; 4516 if (rate & IEEE80211_RATE_MCS) 4517 cmp_rate |= IEEE80211_RATE_MCS; 4518 4519 #if 0 4520 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: idx %d: nr=%d, rate=0x%02x, rateentry=0x%02x\n", 4521 __func__, 4522 i, 4523 nr, 4524 rate, 4525 cmp_rate); 4526 #endif 4527 4528 if (cmp_rate == rate) 4529 return (i); 4530 } 4531 4532 /* Failed? Start at the end */ 4533 return (IWN_MAX_TX_RETRIES - 1); 4534 } 4535 4536 static int 4537 iwn_tx_data(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 4538 { 4539 const struct ieee80211_txparam *tp = ni->ni_txparms; 4540 struct ieee80211vap *vap = ni->ni_vap; 4541 struct ieee80211com *ic = ni->ni_ic; 4542 struct iwn_node *wn = (void *)ni; 4543 struct iwn_tx_ring *ring; 4544 struct iwn_tx_cmd *cmd; 4545 struct iwn_cmd_data *tx; 4546 struct ieee80211_frame *wh; 4547 struct ieee80211_key *k = NULL; 4548 uint32_t flags; 4549 uint16_t qos; 4550 uint8_t tid, type; 4551 int ac, totlen, rate; 4552 4553 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 4554 4555 IWN_LOCK_ASSERT(sc); 4556 4557 wh = mtod(m, struct ieee80211_frame *); 4558 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 4559 4560 /* Select EDCA Access Category and TX ring for this frame. */ 4561 if (IEEE80211_QOS_HAS_SEQ(wh)) { 4562 qos = ((const struct ieee80211_qosframe *)wh)->i_qos[0]; 4563 tid = qos & IEEE80211_QOS_TID; 4564 } else { 4565 qos = 0; 4566 tid = 0; 4567 } 4568 4569 /* Choose a TX rate index. */ 4570 if (type == IEEE80211_FC0_TYPE_MGT || 4571 type == IEEE80211_FC0_TYPE_CTL || 4572 (m->m_flags & M_EAPOL) != 0) 4573 rate = tp->mgmtrate; 4574 else if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 4575 rate = tp->mcastrate; 4576 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 4577 rate = tp->ucastrate; 4578 else { 4579 /* XXX pass pktlen */ 4580 (void) ieee80211_ratectl_rate(ni, NULL, 0); 4581 rate = ni->ni_txrate; 4582 } 4583 4584 /* 4585 * XXX TODO: Group addressed frames aren't aggregated and must 4586 * go to the normal non-aggregation queue, and have a NONQOS TID 4587 * assigned from net80211. 4588 */ 4589 4590 ac = M_WME_GETAC(m); 4591 if (m->m_flags & M_AMPDU_MPDU) { 4592 struct ieee80211_tx_ampdu *tap = &ni->ni_tx_ampdu[ac]; 4593 4594 if (!IEEE80211_AMPDU_RUNNING(tap)) 4595 return (EINVAL); 4596 4597 ac = *(int *)tap->txa_private; 4598 } 4599 4600 /* Encrypt the frame if need be. */ 4601 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 4602 /* Retrieve key for TX. */ 4603 k = ieee80211_crypto_encap(ni, m); 4604 if (k == NULL) { 4605 return ENOBUFS; 4606 } 4607 /* 802.11 header may have moved. */ 4608 wh = mtod(m, struct ieee80211_frame *); 4609 } 4610 totlen = m->m_pkthdr.len; 4611 4612 if (ieee80211_radiotap_active_vap(vap)) { 4613 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 4614 4615 tap->wt_flags = 0; 4616 tap->wt_rate = rate; 4617 if (k != NULL) 4618 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 4619 4620 ieee80211_radiotap_tx(vap, m); 4621 } 4622 4623 flags = 0; 4624 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 4625 /* Unicast frame, check if an ACK is expected. */ 4626 if (!qos || (qos & IEEE80211_QOS_ACKPOLICY) != 4627 IEEE80211_QOS_ACKPOLICY_NOACK) 4628 flags |= IWN_TX_NEED_ACK; 4629 } 4630 if ((wh->i_fc[0] & 4631 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 4632 (IEEE80211_FC0_TYPE_CTL | IEEE80211_FC0_SUBTYPE_BAR)) 4633 flags |= IWN_TX_IMM_BA; /* Cannot happen yet. */ 4634 4635 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) 4636 flags |= IWN_TX_MORE_FRAG; /* Cannot happen yet. */ 4637 4638 /* Check if frame must be protected using RTS/CTS or CTS-to-self. */ 4639 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 4640 /* NB: Group frames are sent using CCK in 802.11b/g. */ 4641 if (totlen + IEEE80211_CRC_LEN > vap->iv_rtsthreshold) { 4642 flags |= IWN_TX_NEED_RTS; 4643 } else if (iwn_check_rate_needs_protection(sc, vap, rate)) { 4644 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 4645 flags |= IWN_TX_NEED_CTS; 4646 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 4647 flags |= IWN_TX_NEED_RTS; 4648 } else if ((rate & IEEE80211_RATE_MCS) && 4649 (ic->ic_htprotmode == IEEE80211_PROT_RTSCTS)) { 4650 flags |= IWN_TX_NEED_RTS; 4651 } 4652 4653 /* XXX HT protection? */ 4654 4655 if (flags & (IWN_TX_NEED_RTS | IWN_TX_NEED_CTS)) { 4656 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4657 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 4658 flags &= ~(IWN_TX_NEED_RTS | IWN_TX_NEED_CTS); 4659 flags |= IWN_TX_NEED_PROTECTION; 4660 } else 4661 flags |= IWN_TX_FULL_TXOP; 4662 } 4663 } 4664 4665 ring = &sc->txq[ac]; 4666 if (m->m_flags & M_AMPDU_MPDU) { 4667 uint16_t seqno = ni->ni_txseqs[tid]; 4668 4669 if (ring->queued > IWN_TX_RING_COUNT / 2 && 4670 (ring->cur + 1) % IWN_TX_RING_COUNT == ring->read) { 4671 DPRINTF(sc, IWN_DEBUG_AMPDU, "%s: no more space " 4672 "(queued %d) left in %d queue!\n", 4673 __func__, ring->queued, ac); 4674 return (ENOBUFS); 4675 } 4676 4677 /* 4678 * Queue this frame to the hardware ring that we've 4679 * negotiated AMPDU TX on. 4680 * 4681 * Note that the sequence number must match the TX slot 4682 * being used! 4683 */ 4684 if ((seqno % 256) != ring->cur) { 4685 device_printf(sc->sc_dev, 4686 "%s: m=%p: seqno (%d) (%d) != ring index (%d) !\n", 4687 __func__, 4688 m, 4689 seqno, 4690 seqno % 256, 4691 ring->cur); 4692 4693 /* XXX until D9195 will not be committed */ 4694 ni->ni_txseqs[tid] &= ~0xff; 4695 ni->ni_txseqs[tid] += ring->cur; 4696 seqno = ni->ni_txseqs[tid]; 4697 } 4698 4699 *(uint16_t *)wh->i_seq = 4700 htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT); 4701 ni->ni_txseqs[tid]++; 4702 } 4703 4704 /* Prepare TX firmware command. */ 4705 cmd = &ring->cmd[ring->cur]; 4706 tx = (struct iwn_cmd_data *)cmd->data; 4707 4708 /* NB: No need to clear tx, all fields are reinitialized here. */ 4709 tx->scratch = 0; /* clear "scratch" area */ 4710 4711 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 4712 type != IEEE80211_FC0_TYPE_DATA) 4713 tx->id = sc->broadcast_id; 4714 else 4715 tx->id = wn->id; 4716 4717 if (type == IEEE80211_FC0_TYPE_MGT) { 4718 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 4719 4720 /* Tell HW to set timestamp in probe responses. */ 4721 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 4722 flags |= IWN_TX_INSERT_TSTAMP; 4723 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 4724 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 4725 tx->timeout = htole16(3); 4726 else 4727 tx->timeout = htole16(2); 4728 } else 4729 tx->timeout = htole16(0); 4730 4731 if (tx->id == sc->broadcast_id) { 4732 /* Group or management frame. */ 4733 tx->linkq = 0; 4734 } else { 4735 tx->linkq = iwn_tx_rate_to_linkq_offset(sc, ni, rate); 4736 flags |= IWN_TX_LINKQ; /* enable MRR */ 4737 } 4738 4739 tx->tid = tid; 4740 tx->rts_ntries = 60; 4741 tx->data_ntries = 15; 4742 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 4743 tx->rate = iwn_rate_to_plcp(sc, ni, rate); 4744 tx->security = 0; 4745 tx->flags = htole32(flags); 4746 4747 return (iwn_tx_cmd(sc, m, ni, ring)); 4748 } 4749 4750 static int 4751 iwn_tx_data_raw(struct iwn_softc *sc, struct mbuf *m, 4752 struct ieee80211_node *ni, const struct ieee80211_bpf_params *params) 4753 { 4754 struct ieee80211vap *vap = ni->ni_vap; 4755 struct iwn_tx_cmd *cmd; 4756 struct iwn_cmd_data *tx; 4757 struct ieee80211_frame *wh; 4758 struct iwn_tx_ring *ring; 4759 uint32_t flags; 4760 int ac, rate; 4761 uint8_t type; 4762 4763 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 4764 4765 IWN_LOCK_ASSERT(sc); 4766 4767 wh = mtod(m, struct ieee80211_frame *); 4768 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 4769 4770 ac = params->ibp_pri & 3; 4771 4772 /* Choose a TX rate. */ 4773 rate = params->ibp_rate0; 4774 4775 flags = 0; 4776 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 4777 flags |= IWN_TX_NEED_ACK; 4778 if (params->ibp_flags & IEEE80211_BPF_RTS) { 4779 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4780 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 4781 flags &= ~IWN_TX_NEED_RTS; 4782 flags |= IWN_TX_NEED_PROTECTION; 4783 } else 4784 flags |= IWN_TX_NEED_RTS | IWN_TX_FULL_TXOP; 4785 } 4786 if (params->ibp_flags & IEEE80211_BPF_CTS) { 4787 if (sc->hw_type != IWN_HW_REV_TYPE_4965) { 4788 /* 5000 autoselects RTS/CTS or CTS-to-self. */ 4789 flags &= ~IWN_TX_NEED_CTS; 4790 flags |= IWN_TX_NEED_PROTECTION; 4791 } else 4792 flags |= IWN_TX_NEED_CTS | IWN_TX_FULL_TXOP; 4793 } 4794 4795 if (ieee80211_radiotap_active_vap(vap)) { 4796 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 4797 4798 tap->wt_flags = 0; 4799 tap->wt_rate = rate; 4800 4801 ieee80211_radiotap_tx(vap, m); 4802 } 4803 4804 ring = &sc->txq[ac]; 4805 cmd = &ring->cmd[ring->cur]; 4806 4807 tx = (struct iwn_cmd_data *)cmd->data; 4808 /* NB: No need to clear tx, all fields are reinitialized here. */ 4809 tx->scratch = 0; /* clear "scratch" area */ 4810 4811 if (type == IEEE80211_FC0_TYPE_MGT) { 4812 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 4813 4814 /* Tell HW to set timestamp in probe responses. */ 4815 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 4816 flags |= IWN_TX_INSERT_TSTAMP; 4817 4818 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 4819 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 4820 tx->timeout = htole16(3); 4821 else 4822 tx->timeout = htole16(2); 4823 } else 4824 tx->timeout = htole16(0); 4825 4826 tx->tid = 0; 4827 tx->id = sc->broadcast_id; 4828 tx->rts_ntries = params->ibp_try1; 4829 tx->data_ntries = params->ibp_try0; 4830 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 4831 tx->rate = iwn_rate_to_plcp(sc, ni, rate); 4832 tx->security = 0; 4833 tx->flags = htole32(flags); 4834 4835 /* Group or management frame. */ 4836 tx->linkq = 0; 4837 4838 return (iwn_tx_cmd(sc, m, ni, ring)); 4839 } 4840 4841 static int 4842 iwn_tx_cmd(struct iwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 4843 struct iwn_tx_ring *ring) 4844 { 4845 struct iwn_ops *ops = &sc->ops; 4846 struct iwn_tx_cmd *cmd; 4847 struct iwn_cmd_data *tx; 4848 struct ieee80211_frame *wh; 4849 struct iwn_tx_desc *desc; 4850 struct iwn_tx_data *data; 4851 bus_dma_segment_t *seg, segs[IWN_MAX_SCATTER]; 4852 struct mbuf *m1; 4853 u_int hdrlen; 4854 int totlen, error, pad, nsegs = 0, i; 4855 4856 wh = mtod(m, struct ieee80211_frame *); 4857 hdrlen = ieee80211_anyhdrsize(wh); 4858 totlen = m->m_pkthdr.len; 4859 4860 desc = &ring->desc[ring->cur]; 4861 data = &ring->data[ring->cur]; 4862 4863 if (__predict_false(data->m != NULL || data->ni != NULL)) { 4864 device_printf(sc->sc_dev, "%s: ni (%p) or m (%p) for idx %d " 4865 "in queue %d is not NULL!\n", __func__, data->ni, data->m, 4866 ring->cur, ring->qid); 4867 return EIO; 4868 } 4869 4870 /* Prepare TX firmware command. */ 4871 cmd = &ring->cmd[ring->cur]; 4872 cmd->code = IWN_CMD_TX_DATA; 4873 cmd->flags = 0; 4874 cmd->qid = ring->qid; 4875 cmd->idx = ring->cur; 4876 4877 tx = (struct iwn_cmd_data *)cmd->data; 4878 tx->len = htole16(totlen); 4879 4880 /* Set physical address of "scratch area". */ 4881 tx->loaddr = htole32(IWN_LOADDR(data->scratch_paddr)); 4882 tx->hiaddr = IWN_HIADDR(data->scratch_paddr); 4883 if (hdrlen & 3) { 4884 /* First segment length must be a multiple of 4. */ 4885 tx->flags |= htole32(IWN_TX_NEED_PADDING); 4886 pad = 4 - (hdrlen & 3); 4887 } else 4888 pad = 0; 4889 4890 /* Copy 802.11 header in TX command. */ 4891 memcpy((uint8_t *)(tx + 1), wh, hdrlen); 4892 4893 /* Trim 802.11 header. */ 4894 m_adj(m, hdrlen); 4895 4896 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, m, segs, 4897 &nsegs, BUS_DMA_NOWAIT); 4898 if (error != 0) { 4899 if (error != EFBIG) { 4900 device_printf(sc->sc_dev, 4901 "%s: can't map mbuf (error %d)\n", __func__, error); 4902 return error; 4903 } 4904 /* Too many DMA segments, linearize mbuf. */ 4905 m1 = m_collapse(m, M_NOWAIT, IWN_MAX_SCATTER - 1); 4906 if (m1 == NULL) { 4907 device_printf(sc->sc_dev, 4908 "%s: could not defrag mbuf\n", __func__); 4909 return ENOBUFS; 4910 } 4911 m = m1; 4912 4913 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, m, 4914 segs, &nsegs, BUS_DMA_NOWAIT); 4915 if (error != 0) { 4916 /* XXX fix this */ 4917 /* 4918 * NB: Do not return error; 4919 * original mbuf does not exist anymore. 4920 */ 4921 device_printf(sc->sc_dev, 4922 "%s: can't map mbuf (error %d)\n", 4923 __func__, error); 4924 if_inc_counter(ni->ni_vap->iv_ifp, 4925 IFCOUNTER_OERRORS, 1); 4926 ieee80211_free_node(ni); 4927 m_freem(m); 4928 return 0; 4929 } 4930 } 4931 4932 data->m = m; 4933 data->ni = ni; 4934 4935 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: qid %d idx %d len %d nsegs %d " 4936 "plcp %d\n", 4937 __func__, ring->qid, ring->cur, totlen, nsegs, tx->rate); 4938 4939 /* Fill TX descriptor. */ 4940 desc->nsegs = 1; 4941 if (m->m_len != 0) 4942 desc->nsegs += nsegs; 4943 /* First DMA segment is used by the TX command. */ 4944 desc->segs[0].addr = htole32(IWN_LOADDR(data->cmd_paddr)); 4945 desc->segs[0].len = htole16(IWN_HIADDR(data->cmd_paddr) | 4946 (4 + sizeof (*tx) + hdrlen + pad) << 4); 4947 /* Other DMA segments are for data payload. */ 4948 seg = &segs[0]; 4949 for (i = 1; i <= nsegs; i++) { 4950 desc->segs[i].addr = htole32(IWN_LOADDR(seg->ds_addr)); 4951 desc->segs[i].len = htole16(IWN_HIADDR(seg->ds_addr) | 4952 seg->ds_len << 4); 4953 seg++; 4954 } 4955 4956 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 4957 bus_dmamap_sync(ring->cmd_dma.tag, ring->cmd_dma.map, 4958 BUS_DMASYNC_PREWRITE); 4959 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 4960 BUS_DMASYNC_PREWRITE); 4961 4962 /* Update TX scheduler. */ 4963 if (ring->qid >= sc->firstaggqueue) 4964 ops->update_sched(sc, ring->qid, ring->cur, tx->id, totlen); 4965 4966 /* Kick TX ring. */ 4967 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 4968 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 4969 4970 /* Mark TX ring as full if we reach a certain threshold. */ 4971 if (++ring->queued > IWN_TX_RING_HIMARK) 4972 sc->qfullmsk |= 1 << ring->qid; 4973 4974 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 4975 4976 return 0; 4977 } 4978 4979 static void 4980 iwn_xmit_task(void *arg0, int pending) 4981 { 4982 struct iwn_softc *sc = arg0; 4983 struct ieee80211_node *ni; 4984 struct mbuf *m; 4985 int error; 4986 struct ieee80211_bpf_params p; 4987 int have_p; 4988 4989 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: called\n", __func__); 4990 4991 IWN_LOCK(sc); 4992 /* 4993 * Dequeue frames, attempt to transmit, 4994 * then disable beaconwait when we're done. 4995 */ 4996 while ((m = mbufq_dequeue(&sc->sc_xmit_queue)) != NULL) { 4997 have_p = 0; 4998 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 4999 5000 /* Get xmit params if appropriate */ 5001 if (ieee80211_get_xmit_params(m, &p) == 0) 5002 have_p = 1; 5003 5004 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: m=%p, have_p=%d\n", 5005 __func__, m, have_p); 5006 5007 /* If we have xmit params, use them */ 5008 if (have_p) 5009 error = iwn_tx_data_raw(sc, m, ni, &p); 5010 else 5011 error = iwn_tx_data(sc, m, ni); 5012 5013 if (error != 0) { 5014 if_inc_counter(ni->ni_vap->iv_ifp, 5015 IFCOUNTER_OERRORS, 1); 5016 ieee80211_free_node(ni); 5017 m_freem(m); 5018 } 5019 } 5020 5021 sc->sc_beacon_wait = 0; 5022 IWN_UNLOCK(sc); 5023 } 5024 5025 /* 5026 * raw frame xmit - free node/reference if failed. 5027 */ 5028 static int 5029 iwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 5030 const struct ieee80211_bpf_params *params) 5031 { 5032 struct ieee80211com *ic = ni->ni_ic; 5033 struct iwn_softc *sc = ic->ic_softc; 5034 int error = 0; 5035 5036 DPRINTF(sc, IWN_DEBUG_XMIT | IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5037 5038 IWN_LOCK(sc); 5039 if ((sc->sc_flags & IWN_FLAG_RUNNING) == 0) { 5040 m_freem(m); 5041 IWN_UNLOCK(sc); 5042 return (ENETDOWN); 5043 } 5044 5045 /* queue frame if we have to */ 5046 if (sc->sc_beacon_wait) { 5047 if (iwn_xmit_queue_enqueue(sc, m) != 0) { 5048 m_freem(m); 5049 IWN_UNLOCK(sc); 5050 return (ENOBUFS); 5051 } 5052 /* Queued, so just return OK */ 5053 IWN_UNLOCK(sc); 5054 return (0); 5055 } 5056 5057 if (params == NULL) { 5058 /* 5059 * Legacy path; interpret frame contents to decide 5060 * precisely how to send the frame. 5061 */ 5062 error = iwn_tx_data(sc, m, ni); 5063 } else { 5064 /* 5065 * Caller supplied explicit parameters to use in 5066 * sending the frame. 5067 */ 5068 error = iwn_tx_data_raw(sc, m, ni, params); 5069 } 5070 if (error == 0) 5071 sc->sc_tx_timer = 5; 5072 else 5073 m_freem(m); 5074 5075 IWN_UNLOCK(sc); 5076 5077 DPRINTF(sc, IWN_DEBUG_TRACE | IWN_DEBUG_XMIT, "->%s: end\n",__func__); 5078 5079 return (error); 5080 } 5081 5082 /* 5083 * transmit - don't free mbuf if failed; don't free node ref if failed. 5084 */ 5085 static int 5086 iwn_transmit(struct ieee80211com *ic, struct mbuf *m) 5087 { 5088 struct iwn_softc *sc = ic->ic_softc; 5089 struct ieee80211_node *ni; 5090 int error; 5091 5092 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 5093 5094 IWN_LOCK(sc); 5095 if ((sc->sc_flags & IWN_FLAG_RUNNING) == 0 || sc->sc_beacon_wait) { 5096 IWN_UNLOCK(sc); 5097 return (ENXIO); 5098 } 5099 5100 if (sc->qfullmsk) { 5101 IWN_UNLOCK(sc); 5102 return (ENOBUFS); 5103 } 5104 5105 error = iwn_tx_data(sc, m, ni); 5106 if (!error) 5107 sc->sc_tx_timer = 5; 5108 IWN_UNLOCK(sc); 5109 return (error); 5110 } 5111 5112 static void 5113 iwn_scan_timeout(void *arg) 5114 { 5115 struct iwn_softc *sc = arg; 5116 struct ieee80211com *ic = &sc->sc_ic; 5117 5118 ic_printf(ic, "scan timeout\n"); 5119 ieee80211_restart_all(ic); 5120 } 5121 5122 static void 5123 iwn_watchdog(void *arg) 5124 { 5125 struct iwn_softc *sc = arg; 5126 struct ieee80211com *ic = &sc->sc_ic; 5127 5128 IWN_LOCK_ASSERT(sc); 5129 5130 KASSERT(sc->sc_flags & IWN_FLAG_RUNNING, ("not running")); 5131 5132 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5133 5134 if (sc->sc_tx_timer > 0) { 5135 if (--sc->sc_tx_timer == 0) { 5136 ic_printf(ic, "device timeout\n"); 5137 ieee80211_restart_all(ic); 5138 return; 5139 } 5140 } 5141 callout_reset(&sc->watchdog_to, hz, iwn_watchdog, sc); 5142 } 5143 5144 static int 5145 iwn_cdev_open(struct cdev *dev, int flags, int type, struct thread *td) 5146 { 5147 5148 return (0); 5149 } 5150 5151 static int 5152 iwn_cdev_close(struct cdev *dev, int flags, int type, struct thread *td) 5153 { 5154 5155 return (0); 5156 } 5157 5158 static int 5159 iwn_cdev_ioctl(struct cdev *dev, unsigned long cmd, caddr_t data, int fflag, 5160 struct thread *td) 5161 { 5162 int rc; 5163 struct iwn_softc *sc = dev->si_drv1; 5164 struct iwn_ioctl_data *d; 5165 5166 rc = priv_check(td, PRIV_DRIVER); 5167 if (rc != 0) 5168 return (0); 5169 5170 switch (cmd) { 5171 case SIOCGIWNSTATS: 5172 d = (struct iwn_ioctl_data *) data; 5173 IWN_LOCK(sc); 5174 /* XXX validate permissions/memory/etc? */ 5175 rc = copyout(&sc->last_stat, d->dst_addr, sizeof(struct iwn_stats)); 5176 IWN_UNLOCK(sc); 5177 break; 5178 case SIOCZIWNSTATS: 5179 IWN_LOCK(sc); 5180 memset(&sc->last_stat, 0, sizeof(struct iwn_stats)); 5181 IWN_UNLOCK(sc); 5182 break; 5183 default: 5184 rc = EINVAL; 5185 break; 5186 } 5187 return (rc); 5188 } 5189 5190 static int 5191 iwn_ioctl(struct ieee80211com *ic, u_long cmd, void *data) 5192 { 5193 5194 return (ENOTTY); 5195 } 5196 5197 static void 5198 iwn_parent(struct ieee80211com *ic) 5199 { 5200 struct iwn_softc *sc = ic->ic_softc; 5201 struct ieee80211vap *vap; 5202 int error; 5203 5204 if (ic->ic_nrunning > 0) { 5205 error = iwn_init(sc); 5206 5207 switch (error) { 5208 case 0: 5209 ieee80211_start_all(ic); 5210 break; 5211 case 1: 5212 /* radio is disabled via RFkill switch */ 5213 taskqueue_enqueue(sc->sc_tq, &sc->sc_rftoggle_task); 5214 break; 5215 default: 5216 vap = TAILQ_FIRST(&ic->ic_vaps); 5217 if (vap != NULL) 5218 ieee80211_stop(vap); 5219 break; 5220 } 5221 } else 5222 iwn_stop(sc); 5223 } 5224 5225 /* 5226 * Send a command to the firmware. 5227 */ 5228 static int 5229 iwn_cmd(struct iwn_softc *sc, int code, const void *buf, int size, int async) 5230 { 5231 struct iwn_tx_ring *ring; 5232 struct iwn_tx_desc *desc; 5233 struct iwn_tx_data *data; 5234 struct iwn_tx_cmd *cmd; 5235 struct mbuf *m; 5236 bus_addr_t paddr; 5237 int totlen, error; 5238 int cmd_queue_num; 5239 5240 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5241 5242 if (async == 0) 5243 IWN_LOCK_ASSERT(sc); 5244 5245 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) 5246 cmd_queue_num = IWN_PAN_CMD_QUEUE; 5247 else 5248 cmd_queue_num = IWN_CMD_QUEUE_NUM; 5249 5250 ring = &sc->txq[cmd_queue_num]; 5251 desc = &ring->desc[ring->cur]; 5252 data = &ring->data[ring->cur]; 5253 totlen = 4 + size; 5254 5255 if (size > sizeof cmd->data) { 5256 /* Command is too large to fit in a descriptor. */ 5257 if (totlen > MCLBYTES) 5258 return EINVAL; 5259 m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE); 5260 if (m == NULL) 5261 return ENOMEM; 5262 cmd = mtod(m, struct iwn_tx_cmd *); 5263 error = bus_dmamap_load(ring->data_dmat, data->map, cmd, 5264 totlen, iwn_dma_map_addr, &paddr, BUS_DMA_NOWAIT); 5265 if (error != 0) { 5266 m_freem(m); 5267 return error; 5268 } 5269 data->m = m; 5270 } else { 5271 cmd = &ring->cmd[ring->cur]; 5272 paddr = data->cmd_paddr; 5273 } 5274 5275 cmd->code = code; 5276 cmd->flags = 0; 5277 cmd->qid = ring->qid; 5278 cmd->idx = ring->cur; 5279 memcpy(cmd->data, buf, size); 5280 5281 desc->nsegs = 1; 5282 desc->segs[0].addr = htole32(IWN_LOADDR(paddr)); 5283 desc->segs[0].len = htole16(IWN_HIADDR(paddr) | totlen << 4); 5284 5285 DPRINTF(sc, IWN_DEBUG_CMD, "%s: %s (0x%x) flags %d qid %d idx %d\n", 5286 __func__, iwn_intr_str(cmd->code), cmd->code, 5287 cmd->flags, cmd->qid, cmd->idx); 5288 5289 if (size > sizeof cmd->data) { 5290 bus_dmamap_sync(ring->data_dmat, data->map, 5291 BUS_DMASYNC_PREWRITE); 5292 } else { 5293 bus_dmamap_sync(ring->cmd_dma.tag, ring->cmd_dma.map, 5294 BUS_DMASYNC_PREWRITE); 5295 } 5296 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 5297 BUS_DMASYNC_PREWRITE); 5298 5299 /* Kick command ring. */ 5300 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 5301 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 5302 5303 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5304 5305 return async ? 0 : msleep(desc, &sc->sc_mtx, PCATCH, "iwncmd", hz); 5306 } 5307 5308 static int 5309 iwn4965_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 5310 { 5311 struct iwn4965_node_info hnode; 5312 caddr_t src, dst; 5313 5314 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5315 5316 /* 5317 * We use the node structure for 5000 Series internally (it is 5318 * a superset of the one for 4965AGN). We thus copy the common 5319 * fields before sending the command. 5320 */ 5321 src = (caddr_t)node; 5322 dst = (caddr_t)&hnode; 5323 memcpy(dst, src, 48); 5324 /* Skip TSC, RX MIC and TX MIC fields from ``src''. */ 5325 memcpy(dst + 48, src + 72, 20); 5326 return iwn_cmd(sc, IWN_CMD_ADD_NODE, &hnode, sizeof hnode, async); 5327 } 5328 5329 static int 5330 iwn5000_add_node(struct iwn_softc *sc, struct iwn_node_info *node, int async) 5331 { 5332 5333 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5334 5335 /* Direct mapping. */ 5336 return iwn_cmd(sc, IWN_CMD_ADD_NODE, node, sizeof (*node), async); 5337 } 5338 5339 static int 5340 iwn_set_link_quality(struct iwn_softc *sc, struct ieee80211_node *ni) 5341 { 5342 struct iwn_node *wn = (void *)ni; 5343 struct ieee80211_rateset *rs; 5344 struct iwn_cmd_link_quality linkq; 5345 int i, rate, txrate; 5346 int is_11n; 5347 5348 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5349 5350 memset(&linkq, 0, sizeof linkq); 5351 linkq.id = wn->id; 5352 linkq.antmsk_1stream = iwn_get_1stream_tx_antmask(sc); 5353 linkq.antmsk_2stream = iwn_get_2stream_tx_antmask(sc); 5354 5355 linkq.ampdu_max = 32; /* XXX negotiated? */ 5356 linkq.ampdu_threshold = 3; 5357 linkq.ampdu_limit = htole16(4000); /* 4ms */ 5358 5359 DPRINTF(sc, IWN_DEBUG_XMIT, 5360 "%s: 1stream antenna=0x%02x, 2stream antenna=0x%02x, ntxstreams=%d\n", 5361 __func__, 5362 linkq.antmsk_1stream, 5363 linkq.antmsk_2stream, 5364 sc->ntxchains); 5365 5366 /* 5367 * Are we using 11n rates? Ensure the channel is 5368 * 11n _and_ we have some 11n rates, or don't 5369 * try. 5370 */ 5371 if (IEEE80211_IS_CHAN_HT(ni->ni_chan) && ni->ni_htrates.rs_nrates > 0) { 5372 rs = (struct ieee80211_rateset *) &ni->ni_htrates; 5373 is_11n = 1; 5374 } else { 5375 rs = &ni->ni_rates; 5376 is_11n = 0; 5377 } 5378 5379 /* Start at highest available bit-rate. */ 5380 /* 5381 * XXX this is all very dirty! 5382 */ 5383 if (is_11n) 5384 txrate = ni->ni_htrates.rs_nrates - 1; 5385 else 5386 txrate = rs->rs_nrates - 1; 5387 for (i = 0; i < IWN_MAX_TX_RETRIES; i++) { 5388 uint32_t plcp; 5389 5390 /* 5391 * XXX TODO: ensure the last two slots are the two lowest 5392 * rate entries, just for now. 5393 */ 5394 if (i == 14 || i == 15) 5395 txrate = 0; 5396 5397 if (is_11n) 5398 rate = IEEE80211_RATE_MCS | rs->rs_rates[txrate]; 5399 else 5400 rate = IEEE80211_RV(rs->rs_rates[txrate]); 5401 5402 /* Do rate -> PLCP config mapping */ 5403 plcp = iwn_rate_to_plcp(sc, ni, rate); 5404 linkq.retry[i] = plcp; 5405 DPRINTF(sc, IWN_DEBUG_XMIT, 5406 "%s: i=%d, txrate=%d, rate=0x%02x, plcp=0x%08x\n", 5407 __func__, 5408 i, 5409 txrate, 5410 rate, 5411 le32toh(plcp)); 5412 5413 /* 5414 * The mimo field is an index into the table which 5415 * indicates the first index where it and subsequent entries 5416 * will not be using MIMO. 5417 * 5418 * Since we're filling linkq from 0..15 and we're filling 5419 * from the highest MCS rates to the lowest rates, if we 5420 * _are_ doing a dual-stream rate, set mimo to idx+1 (ie, 5421 * the next entry.) That way if the next entry is a non-MIMO 5422 * entry, we're already pointing at it. 5423 */ 5424 if ((le32toh(plcp) & IWN_RFLAG_MCS) && 5425 IEEE80211_RV(le32toh(plcp)) > 7) 5426 linkq.mimo = i + 1; 5427 5428 /* Next retry at immediate lower bit-rate. */ 5429 if (txrate > 0) 5430 txrate--; 5431 } 5432 /* 5433 * If we reached the end of the list and indeed we hit 5434 * all MIMO rates (eg 5300 doing MCS23-15) then yes, 5435 * set mimo to 15. Setting it to 16 panics the firmware. 5436 */ 5437 if (linkq.mimo > 15) 5438 linkq.mimo = 15; 5439 5440 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: mimo = %d\n", __func__, linkq.mimo); 5441 5442 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5443 5444 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, 1); 5445 } 5446 5447 /* 5448 * Broadcast node is used to send group-addressed and management frames. 5449 */ 5450 static int 5451 iwn_add_broadcast_node(struct iwn_softc *sc, int async) 5452 { 5453 struct iwn_ops *ops = &sc->ops; 5454 struct ieee80211com *ic = &sc->sc_ic; 5455 struct iwn_node_info node; 5456 struct iwn_cmd_link_quality linkq; 5457 uint8_t txant; 5458 int i, error; 5459 5460 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5461 5462 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 5463 5464 memset(&node, 0, sizeof node); 5465 IEEE80211_ADDR_COPY(node.macaddr, ieee80211broadcastaddr); 5466 node.id = sc->broadcast_id; 5467 DPRINTF(sc, IWN_DEBUG_RESET, "%s: adding broadcast node\n", __func__); 5468 if ((error = ops->add_node(sc, &node, async)) != 0) 5469 return error; 5470 5471 /* Use the first valid TX antenna. */ 5472 txant = IWN_LSB(sc->txchainmask); 5473 5474 memset(&linkq, 0, sizeof linkq); 5475 linkq.id = sc->broadcast_id; 5476 linkq.antmsk_1stream = iwn_get_1stream_tx_antmask(sc); 5477 linkq.antmsk_2stream = iwn_get_2stream_tx_antmask(sc); 5478 linkq.ampdu_max = 64; 5479 linkq.ampdu_threshold = 3; 5480 linkq.ampdu_limit = htole16(4000); /* 4ms */ 5481 5482 /* Use lowest mandatory bit-rate. */ 5483 /* XXX rate table lookup? */ 5484 if (IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan)) 5485 linkq.retry[0] = htole32(0xd); 5486 else 5487 linkq.retry[0] = htole32(10 | IWN_RFLAG_CCK); 5488 linkq.retry[0] |= htole32(IWN_RFLAG_ANT(txant)); 5489 /* Use same bit-rate for all TX retries. */ 5490 for (i = 1; i < IWN_MAX_TX_RETRIES; i++) { 5491 linkq.retry[i] = linkq.retry[0]; 5492 } 5493 5494 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5495 5496 return iwn_cmd(sc, IWN_CMD_LINK_QUALITY, &linkq, sizeof linkq, async); 5497 } 5498 5499 static int 5500 iwn_updateedca(struct ieee80211com *ic) 5501 { 5502 #define IWN_EXP2(x) ((1 << (x)) - 1) /* CWmin = 2^ECWmin - 1 */ 5503 struct iwn_softc *sc = ic->ic_softc; 5504 struct iwn_edca_params cmd; 5505 struct chanAccParams chp; 5506 int aci; 5507 5508 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 5509 5510 ieee80211_wme_ic_getparams(ic, &chp); 5511 5512 memset(&cmd, 0, sizeof cmd); 5513 cmd.flags = htole32(IWN_EDCA_UPDATE); 5514 5515 IEEE80211_LOCK(ic); 5516 for (aci = 0; aci < WME_NUM_AC; aci++) { 5517 const struct wmeParams *ac = &chp.cap_wmeParams[aci]; 5518 cmd.ac[aci].aifsn = ac->wmep_aifsn; 5519 cmd.ac[aci].cwmin = htole16(IWN_EXP2(ac->wmep_logcwmin)); 5520 cmd.ac[aci].cwmax = htole16(IWN_EXP2(ac->wmep_logcwmax)); 5521 cmd.ac[aci].txoplimit = 5522 htole16(IEEE80211_TXOP_TO_US(ac->wmep_txopLimit)); 5523 } 5524 IEEE80211_UNLOCK(ic); 5525 5526 IWN_LOCK(sc); 5527 (void)iwn_cmd(sc, IWN_CMD_EDCA_PARAMS, &cmd, sizeof cmd, 1); 5528 IWN_UNLOCK(sc); 5529 5530 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 5531 5532 return 0; 5533 #undef IWN_EXP2 5534 } 5535 5536 static void 5537 iwn_set_promisc(struct iwn_softc *sc) 5538 { 5539 struct ieee80211com *ic = &sc->sc_ic; 5540 uint32_t promisc_filter; 5541 5542 promisc_filter = IWN_FILTER_CTL | IWN_FILTER_PROMISC; 5543 if (ic->ic_promisc > 0 || ic->ic_opmode == IEEE80211_M_MONITOR) 5544 sc->rxon->filter |= htole32(promisc_filter); 5545 else 5546 sc->rxon->filter &= ~htole32(promisc_filter); 5547 } 5548 5549 static void 5550 iwn_update_promisc(struct ieee80211com *ic) 5551 { 5552 struct iwn_softc *sc = ic->ic_softc; 5553 int error; 5554 5555 if (ic->ic_opmode == IEEE80211_M_MONITOR) 5556 return; /* nothing to do */ 5557 5558 IWN_LOCK(sc); 5559 if (!(sc->sc_flags & IWN_FLAG_RUNNING)) { 5560 IWN_UNLOCK(sc); 5561 return; 5562 } 5563 5564 iwn_set_promisc(sc); 5565 if ((error = iwn_send_rxon(sc, 1, 1)) != 0) { 5566 device_printf(sc->sc_dev, 5567 "%s: could not send RXON, error %d\n", 5568 __func__, error); 5569 } 5570 IWN_UNLOCK(sc); 5571 } 5572 5573 static void 5574 iwn_update_mcast(struct ieee80211com *ic) 5575 { 5576 /* Ignore */ 5577 } 5578 5579 static void 5580 iwn_set_led(struct iwn_softc *sc, uint8_t which, uint8_t off, uint8_t on) 5581 { 5582 struct iwn_cmd_led led; 5583 5584 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5585 5586 #if 0 5587 /* XXX don't set LEDs during scan? */ 5588 if (sc->sc_is_scanning) 5589 return; 5590 #endif 5591 5592 /* Clear microcode LED ownership. */ 5593 IWN_CLRBITS(sc, IWN_LED, IWN_LED_BSM_CTRL); 5594 5595 led.which = which; 5596 led.unit = htole32(10000); /* on/off in unit of 100ms */ 5597 led.off = off; 5598 led.on = on; 5599 (void)iwn_cmd(sc, IWN_CMD_SET_LED, &led, sizeof led, 1); 5600 } 5601 5602 /* 5603 * Set the critical temperature at which the firmware will stop the radio 5604 * and notify us. 5605 */ 5606 static int 5607 iwn_set_critical_temp(struct iwn_softc *sc) 5608 { 5609 struct iwn_critical_temp crit; 5610 int32_t temp; 5611 5612 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5613 5614 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CTEMP_STOP_RF); 5615 5616 if (sc->hw_type == IWN_HW_REV_TYPE_5150) 5617 temp = (IWN_CTOK(110) - sc->temp_off) * -5; 5618 else if (sc->hw_type == IWN_HW_REV_TYPE_4965) 5619 temp = IWN_CTOK(110); 5620 else 5621 temp = 110; 5622 memset(&crit, 0, sizeof crit); 5623 crit.tempR = htole32(temp); 5624 DPRINTF(sc, IWN_DEBUG_RESET, "setting critical temp to %d\n", temp); 5625 return iwn_cmd(sc, IWN_CMD_SET_CRITICAL_TEMP, &crit, sizeof crit, 0); 5626 } 5627 5628 static int 5629 iwn_set_timing(struct iwn_softc *sc, struct ieee80211_node *ni) 5630 { 5631 struct iwn_cmd_timing cmd; 5632 uint64_t val, mod; 5633 5634 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5635 5636 memset(&cmd, 0, sizeof cmd); 5637 memcpy(&cmd.tstamp, ni->ni_tstamp.data, sizeof (uint64_t)); 5638 cmd.bintval = htole16(ni->ni_intval); 5639 cmd.lintval = htole16(10); 5640 5641 /* Compute remaining time until next beacon. */ 5642 val = (uint64_t)ni->ni_intval * IEEE80211_DUR_TU; 5643 mod = le64toh(cmd.tstamp) % val; 5644 cmd.binitval = htole32((uint32_t)(val - mod)); 5645 5646 DPRINTF(sc, IWN_DEBUG_RESET, "timing bintval=%u tstamp=%ju, init=%u\n", 5647 ni->ni_intval, le64toh(cmd.tstamp), (uint32_t)(val - mod)); 5648 5649 return iwn_cmd(sc, IWN_CMD_TIMING, &cmd, sizeof cmd, 1); 5650 } 5651 5652 static void 5653 iwn4965_power_calibration(struct iwn_softc *sc, int temp) 5654 { 5655 5656 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5657 5658 /* Adjust TX power if need be (delta >= 3 degC). */ 5659 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: temperature %d->%d\n", 5660 __func__, sc->temp, temp); 5661 if (abs(temp - sc->temp) >= 3) { 5662 /* Record temperature of last calibration. */ 5663 sc->temp = temp; 5664 (void)iwn4965_set_txpower(sc, 1); 5665 } 5666 } 5667 5668 /* 5669 * Set TX power for current channel (each rate has its own power settings). 5670 * This function takes into account the regulatory information from EEPROM, 5671 * the current temperature and the current voltage. 5672 */ 5673 static int 5674 iwn4965_set_txpower(struct iwn_softc *sc, int async) 5675 { 5676 /* Fixed-point arithmetic division using a n-bit fractional part. */ 5677 #define fdivround(a, b, n) \ 5678 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 5679 /* Linear interpolation. */ 5680 #define interpolate(x, x1, y1, x2, y2, n) \ 5681 ((y1) + fdivround(((int)(x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 5682 5683 static const int tdiv[IWN_NATTEN_GROUPS] = { 9, 8, 8, 8, 6 }; 5684 struct iwn_ucode_info *uc = &sc->ucode_info; 5685 struct iwn4965_cmd_txpower cmd; 5686 struct iwn4965_eeprom_chan_samples *chans; 5687 const uint8_t *rf_gain, *dsp_gain; 5688 int32_t vdiff, tdiff; 5689 int i, is_chan_5ghz, c, grp, maxpwr; 5690 uint8_t chan; 5691 5692 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 5693 /* Retrieve current channel from last RXON. */ 5694 chan = sc->rxon->chan; 5695 is_chan_5ghz = (sc->rxon->flags & htole32(IWN_RXON_24GHZ)) == 0; 5696 DPRINTF(sc, IWN_DEBUG_RESET, "setting TX power for channel %d\n", 5697 chan); 5698 5699 memset(&cmd, 0, sizeof cmd); 5700 cmd.band = is_chan_5ghz ? 0 : 1; 5701 cmd.chan = chan; 5702 5703 if (is_chan_5ghz) { 5704 maxpwr = sc->maxpwr5GHz; 5705 rf_gain = iwn4965_rf_gain_5ghz; 5706 dsp_gain = iwn4965_dsp_gain_5ghz; 5707 } else { 5708 maxpwr = sc->maxpwr2GHz; 5709 rf_gain = iwn4965_rf_gain_2ghz; 5710 dsp_gain = iwn4965_dsp_gain_2ghz; 5711 } 5712 5713 /* Compute voltage compensation. */ 5714 vdiff = ((int32_t)le32toh(uc->volt) - sc->eeprom_voltage) / 7; 5715 if (vdiff > 0) 5716 vdiff *= 2; 5717 if (abs(vdiff) > 2) 5718 vdiff = 0; 5719 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5720 "%s: voltage compensation=%d (UCODE=%d, EEPROM=%d)\n", 5721 __func__, vdiff, le32toh(uc->volt), sc->eeprom_voltage); 5722 5723 /* Get channel attenuation group. */ 5724 if (chan <= 20) /* 1-20 */ 5725 grp = 4; 5726 else if (chan <= 43) /* 34-43 */ 5727 grp = 0; 5728 else if (chan <= 70) /* 44-70 */ 5729 grp = 1; 5730 else if (chan <= 124) /* 71-124 */ 5731 grp = 2; 5732 else /* 125-200 */ 5733 grp = 3; 5734 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5735 "%s: chan %d, attenuation group=%d\n", __func__, chan, grp); 5736 5737 /* Get channel sub-band. */ 5738 for (i = 0; i < IWN_NBANDS; i++) 5739 if (sc->bands[i].lo != 0 && 5740 sc->bands[i].lo <= chan && chan <= sc->bands[i].hi) 5741 break; 5742 if (i == IWN_NBANDS) /* Can't happen in real-life. */ 5743 return EINVAL; 5744 chans = sc->bands[i].chans; 5745 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5746 "%s: chan %d sub-band=%d\n", __func__, chan, i); 5747 5748 for (c = 0; c < 2; c++) { 5749 uint8_t power, gain, temp; 5750 int maxchpwr, pwr, ridx, idx; 5751 5752 power = interpolate(chan, 5753 chans[0].num, chans[0].samples[c][1].power, 5754 chans[1].num, chans[1].samples[c][1].power, 1); 5755 gain = interpolate(chan, 5756 chans[0].num, chans[0].samples[c][1].gain, 5757 chans[1].num, chans[1].samples[c][1].gain, 1); 5758 temp = interpolate(chan, 5759 chans[0].num, chans[0].samples[c][1].temp, 5760 chans[1].num, chans[1].samples[c][1].temp, 1); 5761 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5762 "%s: Tx chain %d: power=%d gain=%d temp=%d\n", 5763 __func__, c, power, gain, temp); 5764 5765 /* Compute temperature compensation. */ 5766 tdiff = ((sc->temp - temp) * 2) / tdiv[grp]; 5767 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5768 "%s: temperature compensation=%d (current=%d, EEPROM=%d)\n", 5769 __func__, tdiff, sc->temp, temp); 5770 5771 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) { 5772 /* Convert dBm to half-dBm. */ 5773 maxchpwr = sc->maxpwr[chan] * 2; 5774 if ((ridx / 8) & 1) 5775 maxchpwr -= 6; /* MIMO 2T: -3dB */ 5776 5777 pwr = maxpwr; 5778 5779 /* Adjust TX power based on rate. */ 5780 if ((ridx % 8) == 5) 5781 pwr -= 15; /* OFDM48: -7.5dB */ 5782 else if ((ridx % 8) == 6) 5783 pwr -= 17; /* OFDM54: -8.5dB */ 5784 else if ((ridx % 8) == 7) 5785 pwr -= 20; /* OFDM60: -10dB */ 5786 else 5787 pwr -= 10; /* Others: -5dB */ 5788 5789 /* Do not exceed channel max TX power. */ 5790 if (pwr > maxchpwr) 5791 pwr = maxchpwr; 5792 5793 idx = gain - (pwr - power) - tdiff - vdiff; 5794 if ((ridx / 8) & 1) /* MIMO */ 5795 idx += (int32_t)le32toh(uc->atten[grp][c]); 5796 5797 if (cmd.band == 0) 5798 idx += 9; /* 5GHz */ 5799 if (ridx == IWN_RIDX_MAX) 5800 idx += 5; /* CCK */ 5801 5802 /* Make sure idx stays in a valid range. */ 5803 if (idx < 0) 5804 idx = 0; 5805 else if (idx > IWN4965_MAX_PWR_INDEX) 5806 idx = IWN4965_MAX_PWR_INDEX; 5807 5808 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5809 "%s: Tx chain %d, rate idx %d: power=%d\n", 5810 __func__, c, ridx, idx); 5811 cmd.power[ridx].rf_gain[c] = rf_gain[idx]; 5812 cmd.power[ridx].dsp_gain[c] = dsp_gain[idx]; 5813 } 5814 } 5815 5816 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_TXPOW, 5817 "%s: set tx power for chan %d\n", __func__, chan); 5818 return iwn_cmd(sc, IWN_CMD_TXPOWER, &cmd, sizeof cmd, async); 5819 5820 #undef interpolate 5821 #undef fdivround 5822 } 5823 5824 static int 5825 iwn5000_set_txpower(struct iwn_softc *sc, int async) 5826 { 5827 struct iwn5000_cmd_txpower cmd; 5828 int cmdid; 5829 5830 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5831 5832 /* 5833 * TX power calibration is handled automatically by the firmware 5834 * for 5000 Series. 5835 */ 5836 memset(&cmd, 0, sizeof cmd); 5837 cmd.global_limit = 2 * IWN5000_TXPOWER_MAX_DBM; /* 16 dBm */ 5838 cmd.flags = IWN5000_TXPOWER_NO_CLOSED; 5839 cmd.srv_limit = IWN5000_TXPOWER_AUTO; 5840 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_XMIT, 5841 "%s: setting TX power; rev=%d\n", 5842 __func__, 5843 IWN_UCODE_API(sc->ucode_rev)); 5844 if (IWN_UCODE_API(sc->ucode_rev) == 1) 5845 cmdid = IWN_CMD_TXPOWER_DBM_V1; 5846 else 5847 cmdid = IWN_CMD_TXPOWER_DBM; 5848 return iwn_cmd(sc, cmdid, &cmd, sizeof cmd, async); 5849 } 5850 5851 /* 5852 * Retrieve the maximum RSSI (in dBm) among receivers. 5853 */ 5854 static int 5855 iwn4965_get_rssi(struct iwn_softc *sc, struct iwn_rx_stat *stat) 5856 { 5857 struct iwn4965_rx_phystat *phy = (void *)stat->phybuf; 5858 uint8_t mask, agc; 5859 int rssi; 5860 5861 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5862 5863 mask = (le16toh(phy->antenna) >> 4) & IWN_ANT_ABC; 5864 agc = (le16toh(phy->agc) >> 7) & 0x7f; 5865 5866 rssi = 0; 5867 if (mask & IWN_ANT_A) 5868 rssi = MAX(rssi, phy->rssi[0]); 5869 if (mask & IWN_ANT_B) 5870 rssi = MAX(rssi, phy->rssi[2]); 5871 if (mask & IWN_ANT_C) 5872 rssi = MAX(rssi, phy->rssi[4]); 5873 5874 DPRINTF(sc, IWN_DEBUG_RECV, 5875 "%s: agc %d mask 0x%x rssi %d %d %d result %d\n", __func__, agc, 5876 mask, phy->rssi[0], phy->rssi[2], phy->rssi[4], 5877 rssi - agc - IWN_RSSI_TO_DBM); 5878 return rssi - agc - IWN_RSSI_TO_DBM; 5879 } 5880 5881 static int 5882 iwn5000_get_rssi(struct iwn_softc *sc, struct iwn_rx_stat *stat) 5883 { 5884 struct iwn5000_rx_phystat *phy = (void *)stat->phybuf; 5885 uint8_t agc; 5886 int rssi; 5887 5888 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5889 5890 agc = (le32toh(phy->agc) >> 9) & 0x7f; 5891 5892 rssi = MAX(le16toh(phy->rssi[0]) & 0xff, 5893 le16toh(phy->rssi[1]) & 0xff); 5894 rssi = MAX(le16toh(phy->rssi[2]) & 0xff, rssi); 5895 5896 DPRINTF(sc, IWN_DEBUG_RECV, 5897 "%s: agc %d rssi %d %d %d result %d\n", __func__, agc, 5898 phy->rssi[0], phy->rssi[1], phy->rssi[2], 5899 rssi - agc - IWN_RSSI_TO_DBM); 5900 return rssi - agc - IWN_RSSI_TO_DBM; 5901 } 5902 5903 /* 5904 * Retrieve the average noise (in dBm) among receivers. 5905 */ 5906 static int 5907 iwn_get_noise(const struct iwn_rx_general_stats *stats) 5908 { 5909 int i, total, nbant, noise; 5910 5911 total = nbant = 0; 5912 for (i = 0; i < 3; i++) { 5913 if ((noise = le32toh(stats->noise[i]) & 0xff) == 0) 5914 continue; 5915 total += noise; 5916 nbant++; 5917 } 5918 /* There should be at least one antenna but check anyway. */ 5919 return (nbant == 0) ? -127 : (total / nbant) - 107; 5920 } 5921 5922 /* 5923 * Compute temperature (in degC) from last received statistics. 5924 */ 5925 static int 5926 iwn4965_get_temperature(struct iwn_softc *sc) 5927 { 5928 struct iwn_ucode_info *uc = &sc->ucode_info; 5929 int32_t r1, r2, r3, r4, temp; 5930 5931 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5932 5933 r1 = le32toh(uc->temp[0].chan20MHz); 5934 r2 = le32toh(uc->temp[1].chan20MHz); 5935 r3 = le32toh(uc->temp[2].chan20MHz); 5936 r4 = le32toh(sc->rawtemp); 5937 5938 if (r1 == r3) /* Prevents division by 0 (should not happen). */ 5939 return 0; 5940 5941 /* Sign-extend 23-bit R4 value to 32-bit. */ 5942 r4 = ((r4 & 0xffffff) ^ 0x800000) - 0x800000; 5943 /* Compute temperature in Kelvin. */ 5944 temp = (259 * (r4 - r2)) / (r3 - r1); 5945 temp = (temp * 97) / 100 + 8; 5946 5947 DPRINTF(sc, IWN_DEBUG_ANY, "temperature %dK/%dC\n", temp, 5948 IWN_KTOC(temp)); 5949 return IWN_KTOC(temp); 5950 } 5951 5952 static int 5953 iwn5000_get_temperature(struct iwn_softc *sc) 5954 { 5955 int32_t temp; 5956 5957 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5958 5959 /* 5960 * Temperature is not used by the driver for 5000 Series because 5961 * TX power calibration is handled by firmware. 5962 */ 5963 temp = le32toh(sc->rawtemp); 5964 if (sc->hw_type == IWN_HW_REV_TYPE_5150) { 5965 temp = (temp / -5) + sc->temp_off; 5966 temp = IWN_KTOC(temp); 5967 } 5968 return temp; 5969 } 5970 5971 /* 5972 * Initialize sensitivity calibration state machine. 5973 */ 5974 static int 5975 iwn_init_sensitivity(struct iwn_softc *sc) 5976 { 5977 struct iwn_ops *ops = &sc->ops; 5978 struct iwn_calib_state *calib = &sc->calib; 5979 uint32_t flags; 5980 int error; 5981 5982 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 5983 5984 /* Reset calibration state machine. */ 5985 memset(calib, 0, sizeof (*calib)); 5986 calib->state = IWN_CALIB_STATE_INIT; 5987 calib->cck_state = IWN_CCK_STATE_HIFA; 5988 /* Set initial correlation values. */ 5989 calib->ofdm_x1 = sc->limits->min_ofdm_x1; 5990 calib->ofdm_mrc_x1 = sc->limits->min_ofdm_mrc_x1; 5991 calib->ofdm_x4 = sc->limits->min_ofdm_x4; 5992 calib->ofdm_mrc_x4 = sc->limits->min_ofdm_mrc_x4; 5993 calib->cck_x4 = 125; 5994 calib->cck_mrc_x4 = sc->limits->min_cck_mrc_x4; 5995 calib->energy_cck = sc->limits->energy_cck; 5996 5997 /* Write initial sensitivity. */ 5998 if ((error = iwn_send_sensitivity(sc)) != 0) 5999 return error; 6000 6001 /* Write initial gains. */ 6002 if ((error = ops->init_gains(sc)) != 0) 6003 return error; 6004 6005 /* Request statistics at each beacon interval. */ 6006 flags = 0; 6007 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: sending request for statistics\n", 6008 __func__); 6009 return iwn_cmd(sc, IWN_CMD_GET_STATISTICS, &flags, sizeof flags, 1); 6010 } 6011 6012 /* 6013 * Collect noise and RSSI statistics for the first 20 beacons received 6014 * after association and use them to determine connected antennas and 6015 * to set differential gains. 6016 */ 6017 static void 6018 iwn_collect_noise(struct iwn_softc *sc, 6019 const struct iwn_rx_general_stats *stats) 6020 { 6021 struct iwn_ops *ops = &sc->ops; 6022 struct iwn_calib_state *calib = &sc->calib; 6023 struct ieee80211com *ic = &sc->sc_ic; 6024 uint32_t val; 6025 int i; 6026 6027 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 6028 6029 /* Accumulate RSSI and noise for all 3 antennas. */ 6030 for (i = 0; i < 3; i++) { 6031 calib->rssi[i] += le32toh(stats->rssi[i]) & 0xff; 6032 calib->noise[i] += le32toh(stats->noise[i]) & 0xff; 6033 } 6034 /* NB: We update differential gains only once after 20 beacons. */ 6035 if (++calib->nbeacons < 20) 6036 return; 6037 6038 /* Determine highest average RSSI. */ 6039 val = MAX(calib->rssi[0], calib->rssi[1]); 6040 val = MAX(calib->rssi[2], val); 6041 6042 /* Determine which antennas are connected. */ 6043 sc->chainmask = sc->rxchainmask; 6044 for (i = 0; i < 3; i++) 6045 if (val - calib->rssi[i] > 15 * 20) 6046 sc->chainmask &= ~(1 << i); 6047 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_XMIT, 6048 "%s: RX chains mask: theoretical=0x%x, actual=0x%x\n", 6049 __func__, sc->rxchainmask, sc->chainmask); 6050 6051 /* If none of the TX antennas are connected, keep at least one. */ 6052 if ((sc->chainmask & sc->txchainmask) == 0) 6053 sc->chainmask |= IWN_LSB(sc->txchainmask); 6054 6055 (void)ops->set_gains(sc); 6056 calib->state = IWN_CALIB_STATE_RUN; 6057 6058 #ifdef notyet 6059 /* XXX Disable RX chains with no antennas connected. */ 6060 sc->rxon->rxchain = htole16(IWN_RXCHAIN_SEL(sc->chainmask)); 6061 if (sc->sc_is_scanning) 6062 device_printf(sc->sc_dev, 6063 "%s: is_scanning set, before RXON\n", 6064 __func__); 6065 (void)iwn_cmd(sc, IWN_CMD_RXON, sc->rxon, sc->rxonsz, 1); 6066 #endif 6067 6068 /* Enable power-saving mode if requested by user. */ 6069 if (ic->ic_flags & IEEE80211_F_PMGTON) 6070 (void)iwn_set_pslevel(sc, 0, 3, 1); 6071 6072 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 6073 6074 } 6075 6076 static int 6077 iwn4965_init_gains(struct iwn_softc *sc) 6078 { 6079 struct iwn_phy_calib_gain cmd; 6080 6081 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 6082 6083 memset(&cmd, 0, sizeof cmd); 6084 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 6085 /* Differential gains initially set to 0 for all 3 antennas. */ 6086 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6087 "%s: setting initial differential gains\n", __func__); 6088 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 6089 } 6090 6091 static int 6092 iwn5000_init_gains(struct iwn_softc *sc) 6093 { 6094 struct iwn_phy_calib cmd; 6095 6096 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 6097 6098 memset(&cmd, 0, sizeof cmd); 6099 cmd.code = sc->reset_noise_gain; 6100 cmd.ngroups = 1; 6101 cmd.isvalid = 1; 6102 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6103 "%s: setting initial differential gains\n", __func__); 6104 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 6105 } 6106 6107 static int 6108 iwn4965_set_gains(struct iwn_softc *sc) 6109 { 6110 struct iwn_calib_state *calib = &sc->calib; 6111 struct iwn_phy_calib_gain cmd; 6112 int i, delta, noise; 6113 6114 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 6115 6116 /* Get minimal noise among connected antennas. */ 6117 noise = INT_MAX; /* NB: There's at least one antenna. */ 6118 for (i = 0; i < 3; i++) 6119 if (sc->chainmask & (1 << i)) 6120 noise = MIN(calib->noise[i], noise); 6121 6122 memset(&cmd, 0, sizeof cmd); 6123 cmd.code = IWN4965_PHY_CALIB_DIFF_GAIN; 6124 /* Set differential gains for connected antennas. */ 6125 for (i = 0; i < 3; i++) { 6126 if (sc->chainmask & (1 << i)) { 6127 /* Compute attenuation (in unit of 1.5dB). */ 6128 delta = (noise - (int32_t)calib->noise[i]) / 30; 6129 /* NB: delta <= 0 */ 6130 /* Limit to [-4.5dB,0]. */ 6131 cmd.gain[i] = MIN(abs(delta), 3); 6132 if (delta < 0) 6133 cmd.gain[i] |= 1 << 2; /* sign bit */ 6134 } 6135 } 6136 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6137 "setting differential gains Ant A/B/C: %x/%x/%x (%x)\n", 6138 cmd.gain[0], cmd.gain[1], cmd.gain[2], sc->chainmask); 6139 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 6140 } 6141 6142 static int 6143 iwn5000_set_gains(struct iwn_softc *sc) 6144 { 6145 struct iwn_calib_state *calib = &sc->calib; 6146 struct iwn_phy_calib_gain cmd; 6147 int i, ant, div, delta; 6148 6149 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 6150 6151 /* We collected 20 beacons and !=6050 need a 1.5 factor. */ 6152 div = (sc->hw_type == IWN_HW_REV_TYPE_6050) ? 20 : 30; 6153 6154 memset(&cmd, 0, sizeof cmd); 6155 cmd.code = sc->noise_gain; 6156 cmd.ngroups = 1; 6157 cmd.isvalid = 1; 6158 /* Get first available RX antenna as referential. */ 6159 ant = IWN_LSB(sc->rxchainmask); 6160 /* Set differential gains for other antennas. */ 6161 for (i = ant + 1; i < 3; i++) { 6162 if (sc->chainmask & (1 << i)) { 6163 /* The delta is relative to antenna "ant". */ 6164 delta = ((int32_t)calib->noise[ant] - 6165 (int32_t)calib->noise[i]) / div; 6166 /* Limit to [-4.5dB,+4.5dB]. */ 6167 cmd.gain[i - 1] = MIN(abs(delta), 3); 6168 if (delta < 0) 6169 cmd.gain[i - 1] |= 1 << 2; /* sign bit */ 6170 } 6171 } 6172 DPRINTF(sc, IWN_DEBUG_CALIBRATE | IWN_DEBUG_XMIT, 6173 "setting differential gains Ant B/C: %x/%x (%x)\n", 6174 cmd.gain[0], cmd.gain[1], sc->chainmask); 6175 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 1); 6176 } 6177 6178 /* 6179 * Tune RF RX sensitivity based on the number of false alarms detected 6180 * during the last beacon period. 6181 */ 6182 static void 6183 iwn_tune_sensitivity(struct iwn_softc *sc, const struct iwn_rx_stats *stats) 6184 { 6185 #define inc(val, inc, max) \ 6186 if ((val) < (max)) { \ 6187 if ((val) < (max) - (inc)) \ 6188 (val) += (inc); \ 6189 else \ 6190 (val) = (max); \ 6191 needs_update = 1; \ 6192 } 6193 #define dec(val, dec, min) \ 6194 if ((val) > (min)) { \ 6195 if ((val) > (min) + (dec)) \ 6196 (val) -= (dec); \ 6197 else \ 6198 (val) = (min); \ 6199 needs_update = 1; \ 6200 } 6201 6202 const struct iwn_sensitivity_limits *limits = sc->limits; 6203 struct iwn_calib_state *calib = &sc->calib; 6204 uint32_t val, rxena, fa; 6205 uint32_t energy[3], energy_min; 6206 uint8_t noise[3], noise_ref; 6207 int i, needs_update = 0; 6208 6209 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 6210 6211 /* Check that we've been enabled long enough. */ 6212 if ((rxena = le32toh(stats->general.load)) == 0){ 6213 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end not so long\n", __func__); 6214 return; 6215 } 6216 6217 /* Compute number of false alarms since last call for OFDM. */ 6218 fa = le32toh(stats->ofdm.bad_plcp) - calib->bad_plcp_ofdm; 6219 fa += le32toh(stats->ofdm.fa) - calib->fa_ofdm; 6220 fa *= 200 * IEEE80211_DUR_TU; /* 200TU */ 6221 6222 if (fa > 50 * rxena) { 6223 /* High false alarm count, decrease sensitivity. */ 6224 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6225 "%s: OFDM high false alarm count: %u\n", __func__, fa); 6226 inc(calib->ofdm_x1, 1, limits->max_ofdm_x1); 6227 inc(calib->ofdm_mrc_x1, 1, limits->max_ofdm_mrc_x1); 6228 inc(calib->ofdm_x4, 1, limits->max_ofdm_x4); 6229 inc(calib->ofdm_mrc_x4, 1, limits->max_ofdm_mrc_x4); 6230 6231 } else if (fa < 5 * rxena) { 6232 /* Low false alarm count, increase sensitivity. */ 6233 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6234 "%s: OFDM low false alarm count: %u\n", __func__, fa); 6235 dec(calib->ofdm_x1, 1, limits->min_ofdm_x1); 6236 dec(calib->ofdm_mrc_x1, 1, limits->min_ofdm_mrc_x1); 6237 dec(calib->ofdm_x4, 1, limits->min_ofdm_x4); 6238 dec(calib->ofdm_mrc_x4, 1, limits->min_ofdm_mrc_x4); 6239 } 6240 6241 /* Compute maximum noise among 3 receivers. */ 6242 for (i = 0; i < 3; i++) 6243 noise[i] = (le32toh(stats->general.noise[i]) >> 8) & 0xff; 6244 val = MAX(noise[0], noise[1]); 6245 val = MAX(noise[2], val); 6246 /* Insert it into our samples table. */ 6247 calib->noise_samples[calib->cur_noise_sample] = val; 6248 calib->cur_noise_sample = (calib->cur_noise_sample + 1) % 20; 6249 6250 /* Compute maximum noise among last 20 samples. */ 6251 noise_ref = calib->noise_samples[0]; 6252 for (i = 1; i < 20; i++) 6253 noise_ref = MAX(noise_ref, calib->noise_samples[i]); 6254 6255 /* Compute maximum energy among 3 receivers. */ 6256 for (i = 0; i < 3; i++) 6257 energy[i] = le32toh(stats->general.energy[i]); 6258 val = MIN(energy[0], energy[1]); 6259 val = MIN(energy[2], val); 6260 /* Insert it into our samples table. */ 6261 calib->energy_samples[calib->cur_energy_sample] = val; 6262 calib->cur_energy_sample = (calib->cur_energy_sample + 1) % 10; 6263 6264 /* Compute minimum energy among last 10 samples. */ 6265 energy_min = calib->energy_samples[0]; 6266 for (i = 1; i < 10; i++) 6267 energy_min = MAX(energy_min, calib->energy_samples[i]); 6268 energy_min += 6; 6269 6270 /* Compute number of false alarms since last call for CCK. */ 6271 fa = le32toh(stats->cck.bad_plcp) - calib->bad_plcp_cck; 6272 fa += le32toh(stats->cck.fa) - calib->fa_cck; 6273 fa *= 200 * IEEE80211_DUR_TU; /* 200TU */ 6274 6275 if (fa > 50 * rxena) { 6276 /* High false alarm count, decrease sensitivity. */ 6277 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6278 "%s: CCK high false alarm count: %u\n", __func__, fa); 6279 calib->cck_state = IWN_CCK_STATE_HIFA; 6280 calib->low_fa = 0; 6281 6282 if (calib->cck_x4 > 160) { 6283 calib->noise_ref = noise_ref; 6284 if (calib->energy_cck > 2) 6285 dec(calib->energy_cck, 2, energy_min); 6286 } 6287 if (calib->cck_x4 < 160) { 6288 calib->cck_x4 = 161; 6289 needs_update = 1; 6290 } else 6291 inc(calib->cck_x4, 3, limits->max_cck_x4); 6292 6293 inc(calib->cck_mrc_x4, 3, limits->max_cck_mrc_x4); 6294 6295 } else if (fa < 5 * rxena) { 6296 /* Low false alarm count, increase sensitivity. */ 6297 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6298 "%s: CCK low false alarm count: %u\n", __func__, fa); 6299 calib->cck_state = IWN_CCK_STATE_LOFA; 6300 calib->low_fa++; 6301 6302 if (calib->cck_state != IWN_CCK_STATE_INIT && 6303 (((int32_t)calib->noise_ref - (int32_t)noise_ref) > 2 || 6304 calib->low_fa > 100)) { 6305 inc(calib->energy_cck, 2, limits->min_energy_cck); 6306 dec(calib->cck_x4, 3, limits->min_cck_x4); 6307 dec(calib->cck_mrc_x4, 3, limits->min_cck_mrc_x4); 6308 } 6309 } else { 6310 /* Not worth to increase or decrease sensitivity. */ 6311 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6312 "%s: CCK normal false alarm count: %u\n", __func__, fa); 6313 calib->low_fa = 0; 6314 calib->noise_ref = noise_ref; 6315 6316 if (calib->cck_state == IWN_CCK_STATE_HIFA) { 6317 /* Previous interval had many false alarms. */ 6318 dec(calib->energy_cck, 8, energy_min); 6319 } 6320 calib->cck_state = IWN_CCK_STATE_INIT; 6321 } 6322 6323 if (needs_update) 6324 (void)iwn_send_sensitivity(sc); 6325 6326 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 6327 6328 #undef dec 6329 #undef inc 6330 } 6331 6332 static int 6333 iwn_send_sensitivity(struct iwn_softc *sc) 6334 { 6335 struct iwn_calib_state *calib = &sc->calib; 6336 struct iwn_enhanced_sensitivity_cmd cmd; 6337 int len; 6338 6339 memset(&cmd, 0, sizeof cmd); 6340 len = sizeof (struct iwn_sensitivity_cmd); 6341 cmd.which = IWN_SENSITIVITY_WORKTBL; 6342 /* OFDM modulation. */ 6343 cmd.corr_ofdm_x1 = htole16(calib->ofdm_x1); 6344 cmd.corr_ofdm_mrc_x1 = htole16(calib->ofdm_mrc_x1); 6345 cmd.corr_ofdm_x4 = htole16(calib->ofdm_x4); 6346 cmd.corr_ofdm_mrc_x4 = htole16(calib->ofdm_mrc_x4); 6347 cmd.energy_ofdm = htole16(sc->limits->energy_ofdm); 6348 cmd.energy_ofdm_th = htole16(62); 6349 /* CCK modulation. */ 6350 cmd.corr_cck_x4 = htole16(calib->cck_x4); 6351 cmd.corr_cck_mrc_x4 = htole16(calib->cck_mrc_x4); 6352 cmd.energy_cck = htole16(calib->energy_cck); 6353 /* Barker modulation: use default values. */ 6354 cmd.corr_barker = htole16(190); 6355 cmd.corr_barker_mrc = htole16(sc->limits->barker_mrc); 6356 6357 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6358 "%s: set sensitivity %d/%d/%d/%d/%d/%d/%d\n", __func__, 6359 calib->ofdm_x1, calib->ofdm_mrc_x1, calib->ofdm_x4, 6360 calib->ofdm_mrc_x4, calib->cck_x4, 6361 calib->cck_mrc_x4, calib->energy_cck); 6362 6363 if (!(sc->sc_flags & IWN_FLAG_ENH_SENS)) 6364 goto send; 6365 /* Enhanced sensitivity settings. */ 6366 len = sizeof (struct iwn_enhanced_sensitivity_cmd); 6367 cmd.ofdm_det_slope_mrc = htole16(668); 6368 cmd.ofdm_det_icept_mrc = htole16(4); 6369 cmd.ofdm_det_slope = htole16(486); 6370 cmd.ofdm_det_icept = htole16(37); 6371 cmd.cck_det_slope_mrc = htole16(853); 6372 cmd.cck_det_icept_mrc = htole16(4); 6373 cmd.cck_det_slope = htole16(476); 6374 cmd.cck_det_icept = htole16(99); 6375 send: 6376 return iwn_cmd(sc, IWN_CMD_SET_SENSITIVITY, &cmd, len, 1); 6377 } 6378 6379 /* 6380 * Look at the increase of PLCP errors over time; if it exceeds 6381 * a programmed threshold then trigger an RF retune. 6382 */ 6383 static void 6384 iwn_check_rx_recovery(struct iwn_softc *sc, struct iwn_stats *rs) 6385 { 6386 int32_t delta_ofdm, delta_ht, delta_cck; 6387 struct iwn_calib_state *calib = &sc->calib; 6388 int delta_ticks, cur_ticks; 6389 int delta_msec; 6390 int thresh; 6391 6392 /* 6393 * Calculate the difference between the current and 6394 * previous statistics. 6395 */ 6396 delta_cck = le32toh(rs->rx.cck.bad_plcp) - calib->bad_plcp_cck; 6397 delta_ofdm = le32toh(rs->rx.ofdm.bad_plcp) - calib->bad_plcp_ofdm; 6398 delta_ht = le32toh(rs->rx.ht.bad_plcp) - calib->bad_plcp_ht; 6399 6400 /* 6401 * Calculate the delta in time between successive statistics 6402 * messages. Yes, it can roll over; so we make sure that 6403 * this doesn't happen. 6404 * 6405 * XXX go figure out what to do about rollover 6406 * XXX go figure out what to do if ticks rolls over to -ve instead! 6407 * XXX go stab signed integer overflow undefined-ness in the face. 6408 */ 6409 cur_ticks = ticks; 6410 delta_ticks = cur_ticks - sc->last_calib_ticks; 6411 6412 /* 6413 * If any are negative, then the firmware likely reset; so just 6414 * bail. We'll pick this up next time. 6415 */ 6416 if (delta_cck < 0 || delta_ofdm < 0 || delta_ht < 0 || delta_ticks < 0) 6417 return; 6418 6419 /* 6420 * delta_ticks is in ticks; we need to convert it up to milliseconds 6421 * so we can do some useful math with it. 6422 */ 6423 delta_msec = ticks_to_msecs(delta_ticks); 6424 6425 /* 6426 * Calculate what our threshold is given the current delta_msec. 6427 */ 6428 thresh = sc->base_params->plcp_err_threshold * delta_msec; 6429 6430 DPRINTF(sc, IWN_DEBUG_STATE, 6431 "%s: time delta: %d; cck=%d, ofdm=%d, ht=%d, total=%d, thresh=%d\n", 6432 __func__, 6433 delta_msec, 6434 delta_cck, 6435 delta_ofdm, 6436 delta_ht, 6437 (delta_msec + delta_cck + delta_ofdm + delta_ht), 6438 thresh); 6439 6440 /* 6441 * If we need a retune, then schedule a single channel scan 6442 * to a channel that isn't the currently active one! 6443 * 6444 * The math from linux iwlwifi: 6445 * 6446 * if ((delta * 100 / msecs) > threshold) 6447 */ 6448 if (thresh > 0 && (delta_cck + delta_ofdm + delta_ht) * 100 > thresh) { 6449 DPRINTF(sc, IWN_DEBUG_ANY, 6450 "%s: PLCP error threshold raw (%d) comparison (%d) " 6451 "over limit (%d); retune!\n", 6452 __func__, 6453 (delta_cck + delta_ofdm + delta_ht), 6454 (delta_cck + delta_ofdm + delta_ht) * 100, 6455 thresh); 6456 } 6457 } 6458 6459 /* 6460 * Set STA mode power saving level (between 0 and 5). 6461 * Level 0 is CAM (Continuously Aware Mode), 5 is for maximum power saving. 6462 */ 6463 static int 6464 iwn_set_pslevel(struct iwn_softc *sc, int dtim, int level, int async) 6465 { 6466 struct iwn_pmgt_cmd cmd; 6467 const struct iwn_pmgt *pmgt; 6468 uint32_t max, skip_dtim; 6469 uint32_t reg; 6470 int i; 6471 6472 DPRINTF(sc, IWN_DEBUG_PWRSAVE, 6473 "%s: dtim=%d, level=%d, async=%d\n", 6474 __func__, 6475 dtim, 6476 level, 6477 async); 6478 6479 /* Select which PS parameters to use. */ 6480 if (dtim <= 2) 6481 pmgt = &iwn_pmgt[0][level]; 6482 else if (dtim <= 10) 6483 pmgt = &iwn_pmgt[1][level]; 6484 else 6485 pmgt = &iwn_pmgt[2][level]; 6486 6487 memset(&cmd, 0, sizeof cmd); 6488 if (level != 0) /* not CAM */ 6489 cmd.flags |= htole16(IWN_PS_ALLOW_SLEEP); 6490 if (level == 5) 6491 cmd.flags |= htole16(IWN_PS_FAST_PD); 6492 /* Retrieve PCIe Active State Power Management (ASPM). */ 6493 reg = pci_read_config(sc->sc_dev, sc->sc_cap_off + PCIER_LINK_CTL, 4); 6494 if (!(reg & PCIEM_LINK_CTL_ASPMC_L0S)) /* L0s Entry disabled. */ 6495 cmd.flags |= htole16(IWN_PS_PCI_PMGT); 6496 cmd.rxtimeout = htole32(pmgt->rxtimeout * 1024); 6497 cmd.txtimeout = htole32(pmgt->txtimeout * 1024); 6498 6499 if (dtim == 0) { 6500 dtim = 1; 6501 skip_dtim = 0; 6502 } else 6503 skip_dtim = pmgt->skip_dtim; 6504 if (skip_dtim != 0) { 6505 cmd.flags |= htole16(IWN_PS_SLEEP_OVER_DTIM); 6506 max = pmgt->intval[4]; 6507 if (max == (uint32_t)-1) 6508 max = dtim * (skip_dtim + 1); 6509 else if (max > dtim) 6510 max = rounddown(max, dtim); 6511 } else 6512 max = dtim; 6513 for (i = 0; i < 5; i++) 6514 cmd.intval[i] = htole32(MIN(max, pmgt->intval[i])); 6515 6516 DPRINTF(sc, IWN_DEBUG_RESET, "setting power saving level to %d\n", 6517 level); 6518 return iwn_cmd(sc, IWN_CMD_SET_POWER_MODE, &cmd, sizeof cmd, async); 6519 } 6520 6521 static int 6522 iwn_send_btcoex(struct iwn_softc *sc) 6523 { 6524 struct iwn_bluetooth cmd; 6525 6526 memset(&cmd, 0, sizeof cmd); 6527 cmd.flags = IWN_BT_COEX_CHAN_ANN | IWN_BT_COEX_BT_PRIO; 6528 cmd.lead_time = IWN_BT_LEAD_TIME_DEF; 6529 cmd.max_kill = IWN_BT_MAX_KILL_DEF; 6530 DPRINTF(sc, IWN_DEBUG_RESET, "%s: configuring bluetooth coexistence\n", 6531 __func__); 6532 return iwn_cmd(sc, IWN_CMD_BT_COEX, &cmd, sizeof(cmd), 0); 6533 } 6534 6535 static int 6536 iwn_send_advanced_btcoex(struct iwn_softc *sc) 6537 { 6538 static const uint32_t btcoex_3wire[12] = { 6539 0xaaaaaaaa, 0xaaaaaaaa, 0xaeaaaaaa, 0xaaaaaaaa, 6540 0xcc00ff28, 0x0000aaaa, 0xcc00aaaa, 0x0000aaaa, 6541 0xc0004000, 0x00004000, 0xf0005000, 0xf0005000, 6542 }; 6543 struct iwn6000_btcoex_config btconfig; 6544 struct iwn2000_btcoex_config btconfig2k; 6545 struct iwn_btcoex_priotable btprio; 6546 struct iwn_btcoex_prot btprot; 6547 int error, i; 6548 uint8_t flags; 6549 6550 memset(&btconfig, 0, sizeof btconfig); 6551 memset(&btconfig2k, 0, sizeof btconfig2k); 6552 6553 flags = IWN_BT_FLAG_COEX6000_MODE_3W << 6554 IWN_BT_FLAG_COEX6000_MODE_SHIFT; // Done as is in linux kernel 3.2 6555 6556 if (sc->base_params->bt_sco_disable) 6557 flags &= ~IWN_BT_FLAG_SYNC_2_BT_DISABLE; 6558 else 6559 flags |= IWN_BT_FLAG_SYNC_2_BT_DISABLE; 6560 6561 flags |= IWN_BT_FLAG_COEX6000_CHAN_INHIBITION; 6562 6563 /* Default flags result is 145 as old value */ 6564 6565 /* 6566 * Flags value has to be review. Values must change if we 6567 * which to disable it 6568 */ 6569 if (sc->base_params->bt_session_2) { 6570 btconfig2k.flags = flags; 6571 btconfig2k.max_kill = 5; 6572 btconfig2k.bt3_t7_timer = 1; 6573 btconfig2k.kill_ack = htole32(0xffff0000); 6574 btconfig2k.kill_cts = htole32(0xffff0000); 6575 btconfig2k.sample_time = 2; 6576 btconfig2k.bt3_t2_timer = 0xc; 6577 6578 for (i = 0; i < 12; i++) 6579 btconfig2k.lookup_table[i] = htole32(btcoex_3wire[i]); 6580 btconfig2k.valid = htole16(0xff); 6581 btconfig2k.prio_boost = htole32(0xf0); 6582 DPRINTF(sc, IWN_DEBUG_RESET, 6583 "%s: configuring advanced bluetooth coexistence" 6584 " session 2, flags : 0x%x\n", 6585 __func__, 6586 flags); 6587 error = iwn_cmd(sc, IWN_CMD_BT_COEX, &btconfig2k, 6588 sizeof(btconfig2k), 1); 6589 } else { 6590 btconfig.flags = flags; 6591 btconfig.max_kill = 5; 6592 btconfig.bt3_t7_timer = 1; 6593 btconfig.kill_ack = htole32(0xffff0000); 6594 btconfig.kill_cts = htole32(0xffff0000); 6595 btconfig.sample_time = 2; 6596 btconfig.bt3_t2_timer = 0xc; 6597 6598 for (i = 0; i < 12; i++) 6599 btconfig.lookup_table[i] = htole32(btcoex_3wire[i]); 6600 btconfig.valid = htole16(0xff); 6601 btconfig.prio_boost = 0xf0; 6602 DPRINTF(sc, IWN_DEBUG_RESET, 6603 "%s: configuring advanced bluetooth coexistence," 6604 " flags : 0x%x\n", 6605 __func__, 6606 flags); 6607 error = iwn_cmd(sc, IWN_CMD_BT_COEX, &btconfig, 6608 sizeof(btconfig), 1); 6609 } 6610 6611 if (error != 0) 6612 return error; 6613 6614 memset(&btprio, 0, sizeof btprio); 6615 btprio.calib_init1 = 0x6; 6616 btprio.calib_init2 = 0x7; 6617 btprio.calib_periodic_low1 = 0x2; 6618 btprio.calib_periodic_low2 = 0x3; 6619 btprio.calib_periodic_high1 = 0x4; 6620 btprio.calib_periodic_high2 = 0x5; 6621 btprio.dtim = 0x6; 6622 btprio.scan52 = 0x8; 6623 btprio.scan24 = 0xa; 6624 error = iwn_cmd(sc, IWN_CMD_BT_COEX_PRIOTABLE, &btprio, sizeof(btprio), 6625 1); 6626 if (error != 0) 6627 return error; 6628 6629 /* Force BT state machine change. */ 6630 memset(&btprot, 0, sizeof btprot); 6631 btprot.open = 1; 6632 btprot.type = 1; 6633 error = iwn_cmd(sc, IWN_CMD_BT_COEX_PROT, &btprot, sizeof(btprot), 1); 6634 if (error != 0) 6635 return error; 6636 btprot.open = 0; 6637 return iwn_cmd(sc, IWN_CMD_BT_COEX_PROT, &btprot, sizeof(btprot), 1); 6638 } 6639 6640 static int 6641 iwn5000_runtime_calib(struct iwn_softc *sc) 6642 { 6643 struct iwn5000_calib_config cmd; 6644 6645 memset(&cmd, 0, sizeof cmd); 6646 cmd.ucode.once.enable = 0xffffffff; 6647 cmd.ucode.once.start = IWN5000_CALIB_DC; 6648 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 6649 "%s: configuring runtime calibration\n", __func__); 6650 return iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof(cmd), 0); 6651 } 6652 6653 static uint32_t 6654 iwn_get_rxon_ht_flags(struct iwn_softc *sc, struct ieee80211_channel *c) 6655 { 6656 struct ieee80211com *ic = &sc->sc_ic; 6657 uint32_t htflags = 0; 6658 6659 if (! IEEE80211_IS_CHAN_HT(c)) 6660 return (0); 6661 6662 htflags |= IWN_RXON_HT_PROTMODE(ic->ic_curhtprotmode); 6663 6664 if (IEEE80211_IS_CHAN_HT40(c)) { 6665 switch (ic->ic_curhtprotmode) { 6666 case IEEE80211_HTINFO_OPMODE_HT20PR: 6667 htflags |= IWN_RXON_HT_MODEPURE40; 6668 break; 6669 default: 6670 htflags |= IWN_RXON_HT_MODEMIXED; 6671 break; 6672 } 6673 } 6674 if (IEEE80211_IS_CHAN_HT40D(c)) 6675 htflags |= IWN_RXON_HT_HT40MINUS; 6676 6677 return (htflags); 6678 } 6679 6680 static int 6681 iwn_check_bss_filter(struct iwn_softc *sc) 6682 { 6683 return ((sc->rxon->filter & htole32(IWN_FILTER_BSS)) != 0); 6684 } 6685 6686 static int 6687 iwn4965_rxon_assoc(struct iwn_softc *sc, int async) 6688 { 6689 struct iwn4965_rxon_assoc cmd; 6690 struct iwn_rxon *rxon = sc->rxon; 6691 6692 cmd.flags = rxon->flags; 6693 cmd.filter = rxon->filter; 6694 cmd.ofdm_mask = rxon->ofdm_mask; 6695 cmd.cck_mask = rxon->cck_mask; 6696 cmd.ht_single_mask = rxon->ht_single_mask; 6697 cmd.ht_dual_mask = rxon->ht_dual_mask; 6698 cmd.rxchain = rxon->rxchain; 6699 cmd.reserved = 0; 6700 6701 return (iwn_cmd(sc, IWN_CMD_RXON_ASSOC, &cmd, sizeof(cmd), async)); 6702 } 6703 6704 static int 6705 iwn5000_rxon_assoc(struct iwn_softc *sc, int async) 6706 { 6707 struct iwn5000_rxon_assoc cmd; 6708 struct iwn_rxon *rxon = sc->rxon; 6709 6710 cmd.flags = rxon->flags; 6711 cmd.filter = rxon->filter; 6712 cmd.ofdm_mask = rxon->ofdm_mask; 6713 cmd.cck_mask = rxon->cck_mask; 6714 cmd.reserved1 = 0; 6715 cmd.ht_single_mask = rxon->ht_single_mask; 6716 cmd.ht_dual_mask = rxon->ht_dual_mask; 6717 cmd.ht_triple_mask = rxon->ht_triple_mask; 6718 cmd.reserved2 = 0; 6719 cmd.rxchain = rxon->rxchain; 6720 cmd.acquisition = rxon->acquisition; 6721 cmd.reserved3 = 0; 6722 6723 return (iwn_cmd(sc, IWN_CMD_RXON_ASSOC, &cmd, sizeof(cmd), async)); 6724 } 6725 6726 static int 6727 iwn_send_rxon(struct iwn_softc *sc, int assoc, int async) 6728 { 6729 struct iwn_ops *ops = &sc->ops; 6730 int error; 6731 6732 IWN_LOCK_ASSERT(sc); 6733 6734 if (assoc && iwn_check_bss_filter(sc) != 0) { 6735 error = ops->rxon_assoc(sc, async); 6736 if (error != 0) { 6737 device_printf(sc->sc_dev, 6738 "%s: RXON_ASSOC command failed, error %d\n", 6739 __func__, error); 6740 return (error); 6741 } 6742 } else { 6743 if (sc->sc_is_scanning) 6744 device_printf(sc->sc_dev, 6745 "%s: is_scanning set, before RXON\n", 6746 __func__); 6747 6748 error = iwn_cmd(sc, IWN_CMD_RXON, sc->rxon, sc->rxonsz, async); 6749 if (error != 0) { 6750 device_printf(sc->sc_dev, 6751 "%s: RXON command failed, error %d\n", 6752 __func__, error); 6753 return (error); 6754 } 6755 6756 /* 6757 * Reconfiguring RXON clears the firmware nodes table so 6758 * we must add the broadcast node again. 6759 */ 6760 if (iwn_check_bss_filter(sc) == 0 && 6761 (error = iwn_add_broadcast_node(sc, async)) != 0) { 6762 device_printf(sc->sc_dev, 6763 "%s: could not add broadcast node, error %d\n", 6764 __func__, error); 6765 return (error); 6766 } 6767 } 6768 6769 /* Configuration has changed, set TX power accordingly. */ 6770 if ((error = ops->set_txpower(sc, async)) != 0) { 6771 device_printf(sc->sc_dev, 6772 "%s: could not set TX power, error %d\n", 6773 __func__, error); 6774 return (error); 6775 } 6776 6777 return (0); 6778 } 6779 6780 static int 6781 iwn_config(struct iwn_softc *sc) 6782 { 6783 struct ieee80211com *ic = &sc->sc_ic; 6784 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 6785 const uint8_t *macaddr; 6786 uint32_t txmask; 6787 uint16_t rxchain; 6788 int error; 6789 6790 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 6791 6792 if ((sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSET) 6793 && (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2)) { 6794 device_printf(sc->sc_dev,"%s: temp_offset and temp_offsetv2 are" 6795 " exclusive each together. Review NIC config file. Conf" 6796 " : 0x%08x Flags : 0x%08x \n", __func__, 6797 sc->base_params->calib_need, 6798 (IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSET | 6799 IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2)); 6800 return (EINVAL); 6801 } 6802 6803 /* Compute temperature calib if needed. Will be send by send calib */ 6804 if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSET) { 6805 error = iwn5000_temp_offset_calib(sc); 6806 if (error != 0) { 6807 device_printf(sc->sc_dev, 6808 "%s: could not set temperature offset\n", __func__); 6809 return (error); 6810 } 6811 } else if (sc->base_params->calib_need & IWN_FLG_NEED_PHY_CALIB_TEMP_OFFSETv2) { 6812 error = iwn5000_temp_offset_calibv2(sc); 6813 if (error != 0) { 6814 device_printf(sc->sc_dev, 6815 "%s: could not compute temperature offset v2\n", 6816 __func__); 6817 return (error); 6818 } 6819 } 6820 6821 if (sc->hw_type == IWN_HW_REV_TYPE_6050) { 6822 /* Configure runtime DC calibration. */ 6823 error = iwn5000_runtime_calib(sc); 6824 if (error != 0) { 6825 device_printf(sc->sc_dev, 6826 "%s: could not configure runtime calibration\n", 6827 __func__); 6828 return error; 6829 } 6830 } 6831 6832 /* Configure valid TX chains for >=5000 Series. */ 6833 if (sc->hw_type != IWN_HW_REV_TYPE_4965 && 6834 IWN_UCODE_API(sc->ucode_rev) > 1) { 6835 txmask = htole32(sc->txchainmask); 6836 DPRINTF(sc, IWN_DEBUG_RESET | IWN_DEBUG_XMIT, 6837 "%s: configuring valid TX chains 0x%x\n", __func__, txmask); 6838 error = iwn_cmd(sc, IWN5000_CMD_TX_ANT_CONFIG, &txmask, 6839 sizeof txmask, 0); 6840 if (error != 0) { 6841 device_printf(sc->sc_dev, 6842 "%s: could not configure valid TX chains, " 6843 "error %d\n", __func__, error); 6844 return error; 6845 } 6846 } 6847 6848 /* Configure bluetooth coexistence. */ 6849 error = 0; 6850 6851 /* Configure bluetooth coexistence if needed. */ 6852 if (sc->base_params->bt_mode == IWN_BT_ADVANCED) 6853 error = iwn_send_advanced_btcoex(sc); 6854 if (sc->base_params->bt_mode == IWN_BT_SIMPLE) 6855 error = iwn_send_btcoex(sc); 6856 6857 if (error != 0) { 6858 device_printf(sc->sc_dev, 6859 "%s: could not configure bluetooth coexistence, error %d\n", 6860 __func__, error); 6861 return error; 6862 } 6863 6864 /* Set mode, channel, RX filter and enable RX. */ 6865 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 6866 memset(sc->rxon, 0, sizeof (struct iwn_rxon)); 6867 macaddr = vap ? vap->iv_myaddr : ic->ic_macaddr; 6868 IEEE80211_ADDR_COPY(sc->rxon->myaddr, macaddr); 6869 IEEE80211_ADDR_COPY(sc->rxon->wlap, macaddr); 6870 sc->rxon->chan = ieee80211_chan2ieee(ic, ic->ic_curchan); 6871 sc->rxon->flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 6872 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) 6873 sc->rxon->flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 6874 6875 sc->rxon->filter = htole32(IWN_FILTER_MULTICAST); 6876 switch (ic->ic_opmode) { 6877 case IEEE80211_M_STA: 6878 sc->rxon->mode = IWN_MODE_STA; 6879 break; 6880 case IEEE80211_M_MONITOR: 6881 sc->rxon->mode = IWN_MODE_MONITOR; 6882 break; 6883 default: 6884 /* Should not get there. */ 6885 break; 6886 } 6887 iwn_set_promisc(sc); 6888 sc->rxon->cck_mask = 0x0f; /* not yet negotiated */ 6889 sc->rxon->ofdm_mask = 0xff; /* not yet negotiated */ 6890 sc->rxon->ht_single_mask = 0xff; 6891 sc->rxon->ht_dual_mask = 0xff; 6892 sc->rxon->ht_triple_mask = 0xff; 6893 /* 6894 * In active association mode, ensure that 6895 * all the receive chains are enabled. 6896 * 6897 * Since we're not yet doing SMPS, don't allow the 6898 * number of idle RX chains to be less than the active 6899 * number. 6900 */ 6901 rxchain = 6902 IWN_RXCHAIN_VALID(sc->rxchainmask) | 6903 IWN_RXCHAIN_MIMO_COUNT(sc->nrxchains) | 6904 IWN_RXCHAIN_IDLE_COUNT(sc->nrxchains); 6905 sc->rxon->rxchain = htole16(rxchain); 6906 DPRINTF(sc, IWN_DEBUG_RESET | IWN_DEBUG_XMIT, 6907 "%s: rxchainmask=0x%x, nrxchains=%d\n", 6908 __func__, 6909 sc->rxchainmask, 6910 sc->nrxchains); 6911 6912 sc->rxon->flags |= htole32(iwn_get_rxon_ht_flags(sc, ic->ic_curchan)); 6913 6914 DPRINTF(sc, IWN_DEBUG_RESET, 6915 "%s: setting configuration; flags=0x%08x\n", 6916 __func__, le32toh(sc->rxon->flags)); 6917 if ((error = iwn_send_rxon(sc, 0, 0)) != 0) { 6918 device_printf(sc->sc_dev, "%s: could not send RXON\n", 6919 __func__); 6920 return error; 6921 } 6922 6923 if ((error = iwn_set_critical_temp(sc)) != 0) { 6924 device_printf(sc->sc_dev, 6925 "%s: could not set critical temperature\n", __func__); 6926 return error; 6927 } 6928 6929 /* Set power saving level to CAM during initialization. */ 6930 if ((error = iwn_set_pslevel(sc, 0, 0, 0)) != 0) { 6931 device_printf(sc->sc_dev, 6932 "%s: could not set power saving level\n", __func__); 6933 return error; 6934 } 6935 6936 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 6937 6938 return 0; 6939 } 6940 6941 static uint16_t 6942 iwn_get_active_dwell_time(struct iwn_softc *sc, 6943 struct ieee80211_channel *c, uint8_t n_probes) 6944 { 6945 /* No channel? Default to 2GHz settings */ 6946 if (c == NULL || IEEE80211_IS_CHAN_2GHZ(c)) { 6947 return (IWN_ACTIVE_DWELL_TIME_2GHZ + 6948 IWN_ACTIVE_DWELL_FACTOR_2GHZ * (n_probes + 1)); 6949 } 6950 6951 /* 5GHz dwell time */ 6952 return (IWN_ACTIVE_DWELL_TIME_5GHZ + 6953 IWN_ACTIVE_DWELL_FACTOR_5GHZ * (n_probes + 1)); 6954 } 6955 6956 /* 6957 * Limit the total dwell time to 85% of the beacon interval. 6958 * 6959 * Returns the dwell time in milliseconds. 6960 */ 6961 static uint16_t 6962 iwn_limit_dwell(struct iwn_softc *sc, uint16_t dwell_time) 6963 { 6964 struct ieee80211com *ic = &sc->sc_ic; 6965 struct ieee80211vap *vap = NULL; 6966 int bintval = 0; 6967 6968 /* bintval is in TU (1.024mS) */ 6969 if (! TAILQ_EMPTY(&ic->ic_vaps)) { 6970 vap = TAILQ_FIRST(&ic->ic_vaps); 6971 bintval = vap->iv_bss->ni_intval; 6972 } 6973 6974 /* 6975 * If it's non-zero, we should calculate the minimum of 6976 * it and the DWELL_BASE. 6977 * 6978 * XXX Yes, the math should take into account that bintval 6979 * is 1.024mS, not 1mS.. 6980 */ 6981 if (bintval > 0) { 6982 DPRINTF(sc, IWN_DEBUG_SCAN, 6983 "%s: bintval=%d\n", 6984 __func__, 6985 bintval); 6986 return (MIN(IWN_PASSIVE_DWELL_BASE, ((bintval * 85) / 100))); 6987 } 6988 6989 /* No association context? Default */ 6990 return (IWN_PASSIVE_DWELL_BASE); 6991 } 6992 6993 static uint16_t 6994 iwn_get_passive_dwell_time(struct iwn_softc *sc, struct ieee80211_channel *c) 6995 { 6996 uint16_t passive; 6997 6998 if (c == NULL || IEEE80211_IS_CHAN_2GHZ(c)) { 6999 passive = IWN_PASSIVE_DWELL_BASE + IWN_PASSIVE_DWELL_TIME_2GHZ; 7000 } else { 7001 passive = IWN_PASSIVE_DWELL_BASE + IWN_PASSIVE_DWELL_TIME_5GHZ; 7002 } 7003 7004 /* Clamp to the beacon interval if we're associated */ 7005 return (iwn_limit_dwell(sc, passive)); 7006 } 7007 7008 static int 7009 iwn_scan(struct iwn_softc *sc, struct ieee80211vap *vap, 7010 struct ieee80211_scan_state *ss, struct ieee80211_channel *c) 7011 { 7012 struct ieee80211com *ic = &sc->sc_ic; 7013 struct ieee80211_node *ni = vap->iv_bss; 7014 struct iwn_scan_hdr *hdr; 7015 struct iwn_cmd_data *tx; 7016 struct iwn_scan_essid *essid; 7017 struct iwn_scan_chan *chan; 7018 struct ieee80211_frame *wh; 7019 struct ieee80211_rateset *rs; 7020 uint8_t *buf, *frm; 7021 uint16_t rxchain; 7022 uint8_t txant; 7023 int buflen, error; 7024 int is_active; 7025 uint16_t dwell_active, dwell_passive; 7026 uint32_t extra, scan_service_time; 7027 7028 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7029 7030 /* 7031 * We are absolutely not allowed to send a scan command when another 7032 * scan command is pending. 7033 */ 7034 if (sc->sc_is_scanning) { 7035 device_printf(sc->sc_dev, "%s: called whilst scanning!\n", 7036 __func__); 7037 return (EAGAIN); 7038 } 7039 7040 /* Assign the scan channel */ 7041 c = ic->ic_curchan; 7042 7043 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 7044 buf = malloc(IWN_SCAN_MAXSZ, M_DEVBUF, M_NOWAIT | M_ZERO); 7045 if (buf == NULL) { 7046 device_printf(sc->sc_dev, 7047 "%s: could not allocate buffer for scan command\n", 7048 __func__); 7049 return ENOMEM; 7050 } 7051 hdr = (struct iwn_scan_hdr *)buf; 7052 /* 7053 * Move to the next channel if no frames are received within 10ms 7054 * after sending the probe request. 7055 */ 7056 hdr->quiet_time = htole16(10); /* timeout in milliseconds */ 7057 hdr->quiet_threshold = htole16(1); /* min # of packets */ 7058 /* 7059 * Max needs to be greater than active and passive and quiet! 7060 * It's also in microseconds! 7061 */ 7062 hdr->max_svc = htole32(250 * 1024); 7063 7064 /* 7065 * Reset scan: interval=100 7066 * Normal scan: interval=becaon interval 7067 * suspend_time: 100 (TU) 7068 * 7069 */ 7070 extra = (100 /* suspend_time */ / 100 /* beacon interval */) << 22; 7071 //scan_service_time = extra | ((100 /* susp */ % 100 /* int */) * 1024); 7072 scan_service_time = (4 << 22) | (100 * 1024); /* Hardcode for now! */ 7073 hdr->pause_svc = htole32(scan_service_time); 7074 7075 /* Select antennas for scanning. */ 7076 rxchain = 7077 IWN_RXCHAIN_VALID(sc->rxchainmask) | 7078 IWN_RXCHAIN_FORCE_MIMO_SEL(sc->rxchainmask) | 7079 IWN_RXCHAIN_DRIVER_FORCE; 7080 if (IEEE80211_IS_CHAN_A(c) && 7081 sc->hw_type == IWN_HW_REV_TYPE_4965) { 7082 /* Ant A must be avoided in 5GHz because of an HW bug. */ 7083 rxchain |= IWN_RXCHAIN_FORCE_SEL(IWN_ANT_B); 7084 } else /* Use all available RX antennas. */ 7085 rxchain |= IWN_RXCHAIN_FORCE_SEL(sc->rxchainmask); 7086 hdr->rxchain = htole16(rxchain); 7087 hdr->filter = htole32(IWN_FILTER_MULTICAST | IWN_FILTER_BEACON); 7088 7089 tx = (struct iwn_cmd_data *)(hdr + 1); 7090 tx->flags = htole32(IWN_TX_AUTO_SEQ); 7091 tx->id = sc->broadcast_id; 7092 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 7093 7094 if (IEEE80211_IS_CHAN_5GHZ(c)) { 7095 /* Send probe requests at 6Mbps. */ 7096 tx->rate = htole32(0xd); 7097 rs = &ic->ic_sup_rates[IEEE80211_MODE_11A]; 7098 } else { 7099 hdr->flags = htole32(IWN_RXON_24GHZ | IWN_RXON_AUTO); 7100 if (sc->hw_type == IWN_HW_REV_TYPE_4965 && 7101 sc->rxon->associd && sc->rxon->chan > 14) 7102 tx->rate = htole32(0xd); 7103 else { 7104 /* Send probe requests at 1Mbps. */ 7105 tx->rate = htole32(10 | IWN_RFLAG_CCK); 7106 } 7107 rs = &ic->ic_sup_rates[IEEE80211_MODE_11G]; 7108 } 7109 /* Use the first valid TX antenna. */ 7110 txant = IWN_LSB(sc->txchainmask); 7111 tx->rate |= htole32(IWN_RFLAG_ANT(txant)); 7112 7113 /* 7114 * Only do active scanning if we're announcing a probe request 7115 * for a given SSID (or more, if we ever add it to the driver.) 7116 */ 7117 is_active = 0; 7118 7119 /* 7120 * If we're scanning for a specific SSID, add it to the command. 7121 * 7122 * XXX maybe look at adding support for scanning multiple SSIDs? 7123 */ 7124 essid = (struct iwn_scan_essid *)(tx + 1); 7125 if (ss != NULL) { 7126 if (ss->ss_ssid[0].len != 0) { 7127 essid[0].id = IEEE80211_ELEMID_SSID; 7128 essid[0].len = ss->ss_ssid[0].len; 7129 memcpy(essid[0].data, ss->ss_ssid[0].ssid, ss->ss_ssid[0].len); 7130 } 7131 7132 DPRINTF(sc, IWN_DEBUG_SCAN, "%s: ssid_len=%d, ssid=%*s\n", 7133 __func__, 7134 ss->ss_ssid[0].len, 7135 ss->ss_ssid[0].len, 7136 ss->ss_ssid[0].ssid); 7137 7138 if (ss->ss_nssid > 0) 7139 is_active = 1; 7140 } 7141 7142 /* 7143 * Build a probe request frame. Most of the following code is a 7144 * copy & paste of what is done in net80211. 7145 */ 7146 wh = (struct ieee80211_frame *)(essid + 20); 7147 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 7148 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 7149 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 7150 IEEE80211_ADDR_COPY(wh->i_addr1, vap->iv_ifp->if_broadcastaddr); 7151 IEEE80211_ADDR_COPY(wh->i_addr2, IF_LLADDR(vap->iv_ifp)); 7152 IEEE80211_ADDR_COPY(wh->i_addr3, vap->iv_ifp->if_broadcastaddr); 7153 *(uint16_t *)&wh->i_dur[0] = 0; /* filled by HW */ 7154 *(uint16_t *)&wh->i_seq[0] = 0; /* filled by HW */ 7155 7156 frm = (uint8_t *)(wh + 1); 7157 frm = ieee80211_add_ssid(frm, NULL, 0); 7158 frm = ieee80211_add_rates(frm, rs); 7159 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 7160 frm = ieee80211_add_xrates(frm, rs); 7161 if (ic->ic_htcaps & IEEE80211_HTC_HT) 7162 frm = ieee80211_add_htcap(frm, ni); 7163 7164 /* Set length of probe request. */ 7165 tx->len = htole16(frm - (uint8_t *)wh); 7166 7167 /* 7168 * If active scanning is requested but a certain channel is 7169 * marked passive, we can do active scanning if we detect 7170 * transmissions. 7171 * 7172 * There is an issue with some firmware versions that triggers 7173 * a sysassert on a "good CRC threshold" of zero (== disabled), 7174 * on a radar channel even though this means that we should NOT 7175 * send probes. 7176 * 7177 * The "good CRC threshold" is the number of frames that we 7178 * need to receive during our dwell time on a channel before 7179 * sending out probes -- setting this to a huge value will 7180 * mean we never reach it, but at the same time work around 7181 * the aforementioned issue. Thus use IWL_GOOD_CRC_TH_NEVER 7182 * here instead of IWL_GOOD_CRC_TH_DISABLED. 7183 * 7184 * This was fixed in later versions along with some other 7185 * scan changes, and the threshold behaves as a flag in those 7186 * versions. 7187 */ 7188 7189 /* 7190 * If we're doing active scanning, set the crc_threshold 7191 * to a suitable value. This is different to active veruss 7192 * passive scanning depending upon the channel flags; the 7193 * firmware will obey that particular check for us. 7194 */ 7195 if (sc->tlv_feature_flags & IWN_UCODE_TLV_FLAGS_NEWSCAN) 7196 hdr->crc_threshold = is_active ? 7197 IWN_GOOD_CRC_TH_DEFAULT : IWN_GOOD_CRC_TH_DISABLED; 7198 else 7199 hdr->crc_threshold = is_active ? 7200 IWN_GOOD_CRC_TH_DEFAULT : IWN_GOOD_CRC_TH_NEVER; 7201 7202 chan = (struct iwn_scan_chan *)frm; 7203 chan->chan = htole16(ieee80211_chan2ieee(ic, c)); 7204 chan->flags = 0; 7205 if (ss->ss_nssid > 0) 7206 chan->flags |= htole32(IWN_CHAN_NPBREQS(1)); 7207 chan->dsp_gain = 0x6e; 7208 7209 /* 7210 * Set the passive/active flag depending upon the channel mode. 7211 * XXX TODO: take the is_active flag into account as well? 7212 */ 7213 if (c->ic_flags & IEEE80211_CHAN_PASSIVE) 7214 chan->flags |= htole32(IWN_CHAN_PASSIVE); 7215 else 7216 chan->flags |= htole32(IWN_CHAN_ACTIVE); 7217 7218 /* 7219 * Calculate the active/passive dwell times. 7220 */ 7221 7222 dwell_active = iwn_get_active_dwell_time(sc, c, ss->ss_nssid); 7223 dwell_passive = iwn_get_passive_dwell_time(sc, c); 7224 7225 /* Make sure they're valid */ 7226 if (dwell_passive <= dwell_active) 7227 dwell_passive = dwell_active + 1; 7228 7229 chan->active = htole16(dwell_active); 7230 chan->passive = htole16(dwell_passive); 7231 7232 if (IEEE80211_IS_CHAN_5GHZ(c)) 7233 chan->rf_gain = 0x3b; 7234 else 7235 chan->rf_gain = 0x28; 7236 7237 DPRINTF(sc, IWN_DEBUG_STATE, 7238 "%s: chan %u flags 0x%x rf_gain 0x%x " 7239 "dsp_gain 0x%x active %d passive %d scan_svc_time %d crc 0x%x " 7240 "isactive=%d numssid=%d\n", __func__, 7241 chan->chan, chan->flags, chan->rf_gain, chan->dsp_gain, 7242 dwell_active, dwell_passive, scan_service_time, 7243 hdr->crc_threshold, is_active, ss->ss_nssid); 7244 7245 hdr->nchan++; 7246 chan++; 7247 buflen = (uint8_t *)chan - buf; 7248 hdr->len = htole16(buflen); 7249 7250 if (sc->sc_is_scanning) { 7251 device_printf(sc->sc_dev, 7252 "%s: called with is_scanning set!\n", 7253 __func__); 7254 } 7255 sc->sc_is_scanning = 1; 7256 7257 DPRINTF(sc, IWN_DEBUG_STATE, "sending scan command nchan=%d\n", 7258 hdr->nchan); 7259 error = iwn_cmd(sc, IWN_CMD_SCAN, buf, buflen, 1); 7260 free(buf, M_DEVBUF); 7261 if (error == 0) 7262 callout_reset(&sc->scan_timeout, 5*hz, iwn_scan_timeout, sc); 7263 7264 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 7265 7266 return error; 7267 } 7268 7269 static int 7270 iwn_auth(struct iwn_softc *sc, struct ieee80211vap *vap) 7271 { 7272 struct ieee80211com *ic = &sc->sc_ic; 7273 struct ieee80211_node *ni = vap->iv_bss; 7274 int error; 7275 7276 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7277 7278 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 7279 /* Update adapter configuration. */ 7280 IEEE80211_ADDR_COPY(sc->rxon->bssid, ni->ni_bssid); 7281 sc->rxon->chan = ieee80211_chan2ieee(ic, ni->ni_chan); 7282 sc->rxon->flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 7283 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 7284 sc->rxon->flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 7285 if (ic->ic_flags & IEEE80211_F_SHSLOT) 7286 sc->rxon->flags |= htole32(IWN_RXON_SHSLOT); 7287 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 7288 sc->rxon->flags |= htole32(IWN_RXON_SHPREAMBLE); 7289 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) { 7290 sc->rxon->cck_mask = 0; 7291 sc->rxon->ofdm_mask = 0x15; 7292 } else if (IEEE80211_IS_CHAN_B(ni->ni_chan)) { 7293 sc->rxon->cck_mask = 0x03; 7294 sc->rxon->ofdm_mask = 0; 7295 } else { 7296 /* Assume 802.11b/g. */ 7297 sc->rxon->cck_mask = 0x03; 7298 sc->rxon->ofdm_mask = 0x15; 7299 } 7300 7301 /* try HT */ 7302 sc->rxon->flags |= htole32(iwn_get_rxon_ht_flags(sc, ic->ic_curchan)); 7303 7304 DPRINTF(sc, IWN_DEBUG_STATE, "rxon chan %d flags %x cck %x ofdm %x\n", 7305 sc->rxon->chan, sc->rxon->flags, sc->rxon->cck_mask, 7306 sc->rxon->ofdm_mask); 7307 7308 if ((error = iwn_send_rxon(sc, 0, 1)) != 0) { 7309 device_printf(sc->sc_dev, "%s: could not send RXON\n", 7310 __func__); 7311 return (error); 7312 } 7313 7314 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 7315 7316 return (0); 7317 } 7318 7319 static int 7320 iwn_run(struct iwn_softc *sc, struct ieee80211vap *vap) 7321 { 7322 struct iwn_ops *ops = &sc->ops; 7323 struct ieee80211com *ic = &sc->sc_ic; 7324 struct ieee80211_node *ni = vap->iv_bss; 7325 struct iwn_node_info node; 7326 int error; 7327 7328 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7329 7330 sc->rxon = &sc->rx_on[IWN_RXON_BSS_CTX]; 7331 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 7332 /* Link LED blinks while monitoring. */ 7333 iwn_set_led(sc, IWN_LED_LINK, 5, 5); 7334 return 0; 7335 } 7336 if ((error = iwn_set_timing(sc, ni)) != 0) { 7337 device_printf(sc->sc_dev, 7338 "%s: could not set timing, error %d\n", __func__, error); 7339 return error; 7340 } 7341 7342 /* Update adapter configuration. */ 7343 IEEE80211_ADDR_COPY(sc->rxon->bssid, ni->ni_bssid); 7344 sc->rxon->associd = htole16(IEEE80211_AID(ni->ni_associd)); 7345 sc->rxon->chan = ieee80211_chan2ieee(ic, ni->ni_chan); 7346 sc->rxon->flags = htole32(IWN_RXON_TSF | IWN_RXON_CTS_TO_SELF); 7347 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 7348 sc->rxon->flags |= htole32(IWN_RXON_AUTO | IWN_RXON_24GHZ); 7349 if (ic->ic_flags & IEEE80211_F_SHSLOT) 7350 sc->rxon->flags |= htole32(IWN_RXON_SHSLOT); 7351 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 7352 sc->rxon->flags |= htole32(IWN_RXON_SHPREAMBLE); 7353 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) { 7354 sc->rxon->cck_mask = 0; 7355 sc->rxon->ofdm_mask = 0x15; 7356 } else if (IEEE80211_IS_CHAN_B(ni->ni_chan)) { 7357 sc->rxon->cck_mask = 0x03; 7358 sc->rxon->ofdm_mask = 0; 7359 } else { 7360 /* Assume 802.11b/g. */ 7361 sc->rxon->cck_mask = 0x0f; 7362 sc->rxon->ofdm_mask = 0x15; 7363 } 7364 /* try HT */ 7365 sc->rxon->flags |= htole32(iwn_get_rxon_ht_flags(sc, ni->ni_chan)); 7366 sc->rxon->filter |= htole32(IWN_FILTER_BSS); 7367 DPRINTF(sc, IWN_DEBUG_STATE, "rxon chan %d flags %x, curhtprotmode=%d\n", 7368 sc->rxon->chan, le32toh(sc->rxon->flags), ic->ic_curhtprotmode); 7369 7370 if ((error = iwn_send_rxon(sc, 0, 1)) != 0) { 7371 device_printf(sc->sc_dev, "%s: could not send RXON\n", 7372 __func__); 7373 return error; 7374 } 7375 7376 /* Fake a join to initialize the TX rate. */ 7377 ((struct iwn_node *)ni)->id = IWN_ID_BSS; 7378 iwn_newassoc(ni, 1); 7379 7380 /* Add BSS node. */ 7381 memset(&node, 0, sizeof node); 7382 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 7383 node.id = IWN_ID_BSS; 7384 if (IEEE80211_IS_CHAN_HT(ni->ni_chan)) { 7385 switch (ni->ni_htcap & IEEE80211_HTCAP_SMPS) { 7386 case IEEE80211_HTCAP_SMPS_ENA: 7387 node.htflags |= htole32(IWN_SMPS_MIMO_DIS); 7388 break; 7389 case IEEE80211_HTCAP_SMPS_DYNAMIC: 7390 node.htflags |= htole32(IWN_SMPS_MIMO_PROT); 7391 break; 7392 } 7393 node.htflags |= htole32(IWN_AMDPU_SIZE_FACTOR(3) | 7394 IWN_AMDPU_DENSITY(5)); /* 4us */ 7395 if (IEEE80211_IS_CHAN_HT40(ni->ni_chan)) 7396 node.htflags |= htole32(IWN_NODE_HT40); 7397 } 7398 DPRINTF(sc, IWN_DEBUG_STATE, "%s: adding BSS node\n", __func__); 7399 error = ops->add_node(sc, &node, 1); 7400 if (error != 0) { 7401 device_printf(sc->sc_dev, 7402 "%s: could not add BSS node, error %d\n", __func__, error); 7403 return error; 7404 } 7405 DPRINTF(sc, IWN_DEBUG_STATE, "%s: setting link quality for node %d\n", 7406 __func__, node.id); 7407 if ((error = iwn_set_link_quality(sc, ni)) != 0) { 7408 device_printf(sc->sc_dev, 7409 "%s: could not setup link quality for node %d, error %d\n", 7410 __func__, node.id, error); 7411 return error; 7412 } 7413 7414 if ((error = iwn_init_sensitivity(sc)) != 0) { 7415 device_printf(sc->sc_dev, 7416 "%s: could not set sensitivity, error %d\n", __func__, 7417 error); 7418 return error; 7419 } 7420 /* Start periodic calibration timer. */ 7421 sc->calib.state = IWN_CALIB_STATE_ASSOC; 7422 sc->calib_cnt = 0; 7423 callout_reset(&sc->calib_to, msecs_to_ticks(500), iwn_calib_timeout, 7424 sc); 7425 7426 /* Link LED always on while associated. */ 7427 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 7428 7429 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 7430 7431 return 0; 7432 } 7433 7434 /* 7435 * This function is called by upper layer when an ADDBA request is received 7436 * from another STA and before the ADDBA response is sent. 7437 */ 7438 static int 7439 iwn_ampdu_rx_start(struct ieee80211_node *ni, struct ieee80211_rx_ampdu *rap, 7440 int baparamset, int batimeout, int baseqctl) 7441 { 7442 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7443 struct iwn_ops *ops = &sc->ops; 7444 struct iwn_node *wn = (void *)ni; 7445 struct iwn_node_info node; 7446 uint16_t ssn; 7447 uint8_t tid; 7448 int error; 7449 7450 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7451 7452 tid = _IEEE80211_MASKSHIFT(le16toh(baparamset), IEEE80211_BAPS_TID); 7453 ssn = _IEEE80211_MASKSHIFT(le16toh(baseqctl), IEEE80211_BASEQ_START); 7454 7455 if (wn->id == IWN_ID_UNDEFINED) 7456 return (ENOENT); 7457 7458 memset(&node, 0, sizeof node); 7459 node.id = wn->id; 7460 node.control = IWN_NODE_UPDATE; 7461 node.flags = IWN_FLAG_SET_ADDBA; 7462 node.addba_tid = tid; 7463 node.addba_ssn = htole16(ssn); 7464 DPRINTF(sc, IWN_DEBUG_RECV, "ADDBA RA=%d TID=%d SSN=%d\n", 7465 wn->id, tid, ssn); 7466 error = ops->add_node(sc, &node, 1); 7467 if (error != 0) 7468 return error; 7469 return sc->sc_ampdu_rx_start(ni, rap, baparamset, batimeout, baseqctl); 7470 } 7471 7472 /* 7473 * This function is called by upper layer on teardown of an HT-immediate 7474 * Block Ack agreement (eg. uppon receipt of a DELBA frame). 7475 */ 7476 static void 7477 iwn_ampdu_rx_stop(struct ieee80211_node *ni, struct ieee80211_rx_ampdu *rap) 7478 { 7479 struct ieee80211com *ic = ni->ni_ic; 7480 struct iwn_softc *sc = ic->ic_softc; 7481 struct iwn_ops *ops = &sc->ops; 7482 struct iwn_node *wn = (void *)ni; 7483 struct iwn_node_info node; 7484 uint8_t tid; 7485 7486 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7487 7488 if (wn->id == IWN_ID_UNDEFINED) 7489 goto end; 7490 7491 /* XXX: tid as an argument */ 7492 for (tid = 0; tid < WME_NUM_TID; tid++) { 7493 if (&ni->ni_rx_ampdu[tid] == rap) 7494 break; 7495 } 7496 7497 memset(&node, 0, sizeof node); 7498 node.id = wn->id; 7499 node.control = IWN_NODE_UPDATE; 7500 node.flags = IWN_FLAG_SET_DELBA; 7501 node.delba_tid = tid; 7502 DPRINTF(sc, IWN_DEBUG_RECV, "DELBA RA=%d TID=%d\n", wn->id, tid); 7503 (void)ops->add_node(sc, &node, 1); 7504 end: 7505 sc->sc_ampdu_rx_stop(ni, rap); 7506 } 7507 7508 static int 7509 iwn_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 7510 int dialogtoken, int baparamset, int batimeout) 7511 { 7512 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7513 int qid; 7514 7515 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7516 7517 for (qid = sc->firstaggqueue; qid < sc->ntxqs; qid++) { 7518 if (sc->qid2tap[qid] == NULL) 7519 break; 7520 } 7521 if (qid == sc->ntxqs) { 7522 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: not free aggregation queue\n", 7523 __func__); 7524 return 0; 7525 } 7526 tap->txa_private = malloc(sizeof(int), M_DEVBUF, M_NOWAIT); 7527 if (tap->txa_private == NULL) { 7528 device_printf(sc->sc_dev, 7529 "%s: failed to alloc TX aggregation structure\n", __func__); 7530 return 0; 7531 } 7532 sc->qid2tap[qid] = tap; 7533 *(int *)tap->txa_private = qid; 7534 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset, 7535 batimeout); 7536 } 7537 7538 static int 7539 iwn_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 7540 int code, int baparamset, int batimeout) 7541 { 7542 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7543 int qid = *(int *)tap->txa_private; 7544 uint8_t tid = tap->txa_tid; 7545 int ret; 7546 7547 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7548 7549 if (code == IEEE80211_STATUS_SUCCESS) { 7550 ni->ni_txseqs[tid] = tap->txa_start & 0xfff; 7551 ret = iwn_ampdu_tx_start(ni->ni_ic, ni, tid); 7552 if (ret != 1) 7553 return ret; 7554 } else { 7555 sc->qid2tap[qid] = NULL; 7556 free(tap->txa_private, M_DEVBUF); 7557 tap->txa_private = NULL; 7558 } 7559 return sc->sc_addba_response(ni, tap, code, baparamset, batimeout); 7560 } 7561 7562 /* 7563 * This function is called by upper layer when an ADDBA response is received 7564 * from another STA. 7565 */ 7566 static int 7567 iwn_ampdu_tx_start(struct ieee80211com *ic, struct ieee80211_node *ni, 7568 uint8_t tid) 7569 { 7570 struct ieee80211_tx_ampdu *tap = &ni->ni_tx_ampdu[tid]; 7571 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7572 struct iwn_ops *ops = &sc->ops; 7573 struct iwn_node *wn = (void *)ni; 7574 struct iwn_node_info node; 7575 int error, qid; 7576 7577 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7578 7579 if (wn->id == IWN_ID_UNDEFINED) 7580 return (0); 7581 7582 /* Enable TX for the specified RA/TID. */ 7583 wn->disable_tid &= ~(1 << tid); 7584 memset(&node, 0, sizeof node); 7585 node.id = wn->id; 7586 node.control = IWN_NODE_UPDATE; 7587 node.flags = IWN_FLAG_SET_DISABLE_TID; 7588 node.disable_tid = htole16(wn->disable_tid); 7589 error = ops->add_node(sc, &node, 1); 7590 if (error != 0) 7591 return 0; 7592 7593 if ((error = iwn_nic_lock(sc)) != 0) 7594 return 0; 7595 qid = *(int *)tap->txa_private; 7596 DPRINTF(sc, IWN_DEBUG_XMIT, "%s: ra=%d tid=%d ssn=%d qid=%d\n", 7597 __func__, wn->id, tid, tap->txa_start, qid); 7598 ops->ampdu_tx_start(sc, ni, qid, tid, tap->txa_start & 0xfff); 7599 iwn_nic_unlock(sc); 7600 7601 iwn_set_link_quality(sc, ni); 7602 return 1; 7603 } 7604 7605 static void 7606 iwn_ampdu_tx_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 7607 { 7608 struct iwn_softc *sc = ni->ni_ic->ic_softc; 7609 struct iwn_ops *ops = &sc->ops; 7610 uint8_t tid = tap->txa_tid; 7611 int qid; 7612 7613 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7614 7615 sc->sc_addba_stop(ni, tap); 7616 7617 if (tap->txa_private == NULL) 7618 return; 7619 7620 qid = *(int *)tap->txa_private; 7621 if (sc->txq[qid].queued != 0) 7622 return; 7623 if (iwn_nic_lock(sc) != 0) 7624 return; 7625 ops->ampdu_tx_stop(sc, qid, tid, tap->txa_start & 0xfff); 7626 iwn_nic_unlock(sc); 7627 sc->qid2tap[qid] = NULL; 7628 free(tap->txa_private, M_DEVBUF); 7629 tap->txa_private = NULL; 7630 } 7631 7632 static void 7633 iwn4965_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 7634 int qid, uint8_t tid, uint16_t ssn) 7635 { 7636 struct iwn_node *wn = (void *)ni; 7637 7638 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7639 7640 /* Stop TX scheduler while we're changing its configuration. */ 7641 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7642 IWN4965_TXQ_STATUS_CHGACT); 7643 7644 /* Assign RA/TID translation to the queue. */ 7645 iwn_mem_write_2(sc, sc->sched_base + IWN4965_SCHED_TRANS_TBL(qid), 7646 wn->id << 4 | tid); 7647 7648 /* Enable chain-building mode for the queue. */ 7649 iwn_prph_setbits(sc, IWN4965_SCHED_QCHAIN_SEL, 1 << qid); 7650 7651 /* Set starting sequence number from the ADDBA request. */ 7652 sc->txq[qid].cur = sc->txq[qid].read = (ssn & 0xff); 7653 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7654 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 7655 7656 /* Set scheduler window size. */ 7657 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid), 7658 IWN_SCHED_WINSZ); 7659 /* Set scheduler frame limit. */ 7660 iwn_mem_write(sc, sc->sched_base + IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 7661 IWN_SCHED_LIMIT << 16); 7662 7663 /* Enable interrupts for the queue. */ 7664 iwn_prph_setbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 7665 7666 /* Mark the queue as active. */ 7667 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7668 IWN4965_TXQ_STATUS_ACTIVE | IWN4965_TXQ_STATUS_AGGR_ENA | 7669 iwn_tid2fifo[tid] << 1); 7670 } 7671 7672 static void 7673 iwn4965_ampdu_tx_stop(struct iwn_softc *sc, int qid, uint8_t tid, uint16_t ssn) 7674 { 7675 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7676 7677 /* Stop TX scheduler while we're changing its configuration. */ 7678 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7679 IWN4965_TXQ_STATUS_CHGACT); 7680 7681 /* Set starting sequence number from the ADDBA request. */ 7682 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7683 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), ssn); 7684 7685 /* Disable interrupts for the queue. */ 7686 iwn_prph_clrbits(sc, IWN4965_SCHED_INTR_MASK, 1 << qid); 7687 7688 /* Mark the queue as inactive. */ 7689 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7690 IWN4965_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid] << 1); 7691 } 7692 7693 static void 7694 iwn5000_ampdu_tx_start(struct iwn_softc *sc, struct ieee80211_node *ni, 7695 int qid, uint8_t tid, uint16_t ssn) 7696 { 7697 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7698 7699 struct iwn_node *wn = (void *)ni; 7700 7701 /* Stop TX scheduler while we're changing its configuration. */ 7702 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7703 IWN5000_TXQ_STATUS_CHGACT); 7704 7705 /* Assign RA/TID translation to the queue. */ 7706 iwn_mem_write_2(sc, sc->sched_base + IWN5000_SCHED_TRANS_TBL(qid), 7707 wn->id << 4 | tid); 7708 7709 /* Enable chain-building mode for the queue. */ 7710 iwn_prph_setbits(sc, IWN5000_SCHED_QCHAIN_SEL, 1 << qid); 7711 7712 /* Enable aggregation for the queue. */ 7713 iwn_prph_setbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 7714 7715 /* Set starting sequence number from the ADDBA request. */ 7716 sc->txq[qid].cur = sc->txq[qid].read = (ssn & 0xff); 7717 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7718 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 7719 7720 /* Set scheduler window size and frame limit. */ 7721 iwn_mem_write(sc, sc->sched_base + IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 7722 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 7723 7724 /* Enable interrupts for the queue. */ 7725 iwn_prph_setbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 7726 7727 /* Mark the queue as active. */ 7728 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7729 IWN5000_TXQ_STATUS_ACTIVE | iwn_tid2fifo[tid]); 7730 } 7731 7732 static void 7733 iwn5000_ampdu_tx_stop(struct iwn_softc *sc, int qid, uint8_t tid, uint16_t ssn) 7734 { 7735 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7736 7737 /* Stop TX scheduler while we're changing its configuration. */ 7738 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7739 IWN5000_TXQ_STATUS_CHGACT); 7740 7741 /* Disable aggregation for the queue. */ 7742 iwn_prph_clrbits(sc, IWN5000_SCHED_AGGR_SEL, 1 << qid); 7743 7744 /* Set starting sequence number from the ADDBA request. */ 7745 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | (ssn & 0xff)); 7746 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), ssn); 7747 7748 /* Disable interrupts for the queue. */ 7749 iwn_prph_clrbits(sc, IWN5000_SCHED_INTR_MASK, 1 << qid); 7750 7751 /* Mark the queue as inactive. */ 7752 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 7753 IWN5000_TXQ_STATUS_INACTIVE | iwn_tid2fifo[tid]); 7754 } 7755 7756 /* 7757 * Query calibration tables from the initialization firmware. We do this 7758 * only once at first boot. Called from a process context. 7759 */ 7760 static int 7761 iwn5000_query_calibration(struct iwn_softc *sc) 7762 { 7763 struct iwn5000_calib_config cmd; 7764 int error; 7765 7766 memset(&cmd, 0, sizeof cmd); 7767 cmd.ucode.once.enable = htole32(0xffffffff); 7768 cmd.ucode.once.start = htole32(0xffffffff); 7769 cmd.ucode.once.send = htole32(0xffffffff); 7770 cmd.ucode.flags = htole32(0xffffffff); 7771 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "%s: sending calibration query\n", 7772 __func__); 7773 error = iwn_cmd(sc, IWN5000_CMD_CALIB_CONFIG, &cmd, sizeof cmd, 0); 7774 if (error != 0) 7775 return error; 7776 7777 /* Wait at most two seconds for calibration to complete. */ 7778 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) 7779 error = msleep(sc, &sc->sc_mtx, PCATCH, "iwncal", 2 * hz); 7780 return error; 7781 } 7782 7783 /* 7784 * Send calibration results to the runtime firmware. These results were 7785 * obtained on first boot from the initialization firmware. 7786 */ 7787 static int 7788 iwn5000_send_calibration(struct iwn_softc *sc) 7789 { 7790 int idx, error; 7791 7792 for (idx = 0; idx < IWN5000_PHY_CALIB_MAX_RESULT; idx++) { 7793 if (!(sc->base_params->calib_need & (1<<idx))) { 7794 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7795 "No need of calib %d\n", 7796 idx); 7797 continue; /* no need for this calib */ 7798 } 7799 if (sc->calibcmd[idx].buf == NULL) { 7800 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7801 "Need calib idx : %d but no available data\n", 7802 idx); 7803 continue; 7804 } 7805 7806 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7807 "send calibration result idx=%d len=%d\n", idx, 7808 sc->calibcmd[idx].len); 7809 error = iwn_cmd(sc, IWN_CMD_PHY_CALIB, sc->calibcmd[idx].buf, 7810 sc->calibcmd[idx].len, 0); 7811 if (error != 0) { 7812 device_printf(sc->sc_dev, 7813 "%s: could not send calibration result, error %d\n", 7814 __func__, error); 7815 return error; 7816 } 7817 } 7818 return 0; 7819 } 7820 7821 static int 7822 iwn5000_send_wimax_coex(struct iwn_softc *sc) 7823 { 7824 struct iwn5000_wimax_coex wimax; 7825 7826 #if 0 7827 if (sc->hw_type == IWN_HW_REV_TYPE_6050) { 7828 /* Enable WiMAX coexistence for combo adapters. */ 7829 wimax.flags = 7830 IWN_WIMAX_COEX_ASSOC_WA_UNMASK | 7831 IWN_WIMAX_COEX_UNASSOC_WA_UNMASK | 7832 IWN_WIMAX_COEX_STA_TABLE_VALID | 7833 IWN_WIMAX_COEX_ENABLE; 7834 memcpy(wimax.events, iwn6050_wimax_events, 7835 sizeof iwn6050_wimax_events); 7836 } else 7837 #endif 7838 { 7839 /* Disable WiMAX coexistence. */ 7840 wimax.flags = 0; 7841 memset(wimax.events, 0, sizeof wimax.events); 7842 } 7843 DPRINTF(sc, IWN_DEBUG_RESET, "%s: Configuring WiMAX coexistence\n", 7844 __func__); 7845 return iwn_cmd(sc, IWN5000_CMD_WIMAX_COEX, &wimax, sizeof wimax, 0); 7846 } 7847 7848 static int 7849 iwn5000_crystal_calib(struct iwn_softc *sc) 7850 { 7851 struct iwn5000_phy_calib_crystal cmd; 7852 7853 memset(&cmd, 0, sizeof cmd); 7854 cmd.code = IWN5000_PHY_CALIB_CRYSTAL; 7855 cmd.ngroups = 1; 7856 cmd.isvalid = 1; 7857 cmd.cap_pin[0] = le32toh(sc->eeprom_crystal) & 0xff; 7858 cmd.cap_pin[1] = (le32toh(sc->eeprom_crystal) >> 16) & 0xff; 7859 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "sending crystal calibration %d, %d\n", 7860 cmd.cap_pin[0], cmd.cap_pin[1]); 7861 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 7862 } 7863 7864 static int 7865 iwn5000_temp_offset_calib(struct iwn_softc *sc) 7866 { 7867 struct iwn5000_phy_calib_temp_offset cmd; 7868 7869 memset(&cmd, 0, sizeof cmd); 7870 cmd.code = IWN5000_PHY_CALIB_TEMP_OFFSET; 7871 cmd.ngroups = 1; 7872 cmd.isvalid = 1; 7873 if (sc->eeprom_temp != 0) 7874 cmd.offset = htole16(sc->eeprom_temp); 7875 else 7876 cmd.offset = htole16(IWN_DEFAULT_TEMP_OFFSET); 7877 DPRINTF(sc, IWN_DEBUG_CALIBRATE, "setting radio sensor offset to %d\n", 7878 le16toh(cmd.offset)); 7879 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 7880 } 7881 7882 static int 7883 iwn5000_temp_offset_calibv2(struct iwn_softc *sc) 7884 { 7885 struct iwn5000_phy_calib_temp_offsetv2 cmd; 7886 7887 memset(&cmd, 0, sizeof cmd); 7888 cmd.code = IWN5000_PHY_CALIB_TEMP_OFFSET; 7889 cmd.ngroups = 1; 7890 cmd.isvalid = 1; 7891 if (sc->eeprom_temp != 0) { 7892 cmd.offset_low = htole16(sc->eeprom_temp); 7893 cmd.offset_high = htole16(sc->eeprom_temp_high); 7894 } else { 7895 cmd.offset_low = htole16(IWN_DEFAULT_TEMP_OFFSET); 7896 cmd.offset_high = htole16(IWN_DEFAULT_TEMP_OFFSET); 7897 } 7898 cmd.burnt_voltage_ref = htole16(sc->eeprom_voltage); 7899 7900 DPRINTF(sc, IWN_DEBUG_CALIBRATE, 7901 "setting radio sensor low offset to %d, high offset to %d, voltage to %d\n", 7902 le16toh(cmd.offset_low), 7903 le16toh(cmd.offset_high), 7904 le16toh(cmd.burnt_voltage_ref)); 7905 7906 return iwn_cmd(sc, IWN_CMD_PHY_CALIB, &cmd, sizeof cmd, 0); 7907 } 7908 7909 /* 7910 * This function is called after the runtime firmware notifies us of its 7911 * readiness (called in a process context). 7912 */ 7913 static int 7914 iwn4965_post_alive(struct iwn_softc *sc) 7915 { 7916 int error, qid; 7917 7918 if ((error = iwn_nic_lock(sc)) != 0) 7919 return error; 7920 7921 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 7922 7923 /* Clear TX scheduler state in SRAM. */ 7924 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 7925 iwn_mem_set_region_4(sc, sc->sched_base + IWN4965_SCHED_CTX_OFF, 0, 7926 IWN4965_SCHED_CTX_LEN / sizeof (uint32_t)); 7927 7928 /* Set physical address of TX scheduler rings (1KB aligned). */ 7929 iwn_prph_write(sc, IWN4965_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 7930 7931 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 7932 7933 /* Disable chain mode for all our 16 queues. */ 7934 iwn_prph_write(sc, IWN4965_SCHED_QCHAIN_SEL, 0); 7935 7936 for (qid = 0; qid < IWN4965_NTXQUEUES; qid++) { 7937 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_RDPTR(qid), 0); 7938 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 7939 7940 /* Set scheduler window size. */ 7941 iwn_mem_write(sc, sc->sched_base + 7942 IWN4965_SCHED_QUEUE_OFFSET(qid), IWN_SCHED_WINSZ); 7943 /* Set scheduler frame limit. */ 7944 iwn_mem_write(sc, sc->sched_base + 7945 IWN4965_SCHED_QUEUE_OFFSET(qid) + 4, 7946 IWN_SCHED_LIMIT << 16); 7947 } 7948 7949 /* Enable interrupts for all our 16 queues. */ 7950 iwn_prph_write(sc, IWN4965_SCHED_INTR_MASK, 0xffff); 7951 /* Identify TX FIFO rings (0-7). */ 7952 iwn_prph_write(sc, IWN4965_SCHED_TXFACT, 0xff); 7953 7954 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 7955 for (qid = 0; qid < 7; qid++) { 7956 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 4, 5, 6 }; 7957 iwn_prph_write(sc, IWN4965_SCHED_QUEUE_STATUS(qid), 7958 IWN4965_TXQ_STATUS_ACTIVE | qid2fifo[qid] << 1); 7959 } 7960 iwn_nic_unlock(sc); 7961 return 0; 7962 } 7963 7964 /* 7965 * This function is called after the initialization or runtime firmware 7966 * notifies us of its readiness (called in a process context). 7967 */ 7968 static int 7969 iwn5000_post_alive(struct iwn_softc *sc) 7970 { 7971 int error, qid; 7972 7973 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 7974 7975 /* Switch to using ICT interrupt mode. */ 7976 iwn5000_ict_reset(sc); 7977 7978 if ((error = iwn_nic_lock(sc)) != 0){ 7979 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s end in error\n", __func__); 7980 return error; 7981 } 7982 7983 /* Clear TX scheduler state in SRAM. */ 7984 sc->sched_base = iwn_prph_read(sc, IWN_SCHED_SRAM_ADDR); 7985 iwn_mem_set_region_4(sc, sc->sched_base + IWN5000_SCHED_CTX_OFF, 0, 7986 IWN5000_SCHED_CTX_LEN / sizeof (uint32_t)); 7987 7988 /* Set physical address of TX scheduler rings (1KB aligned). */ 7989 iwn_prph_write(sc, IWN5000_SCHED_DRAM_ADDR, sc->sched_dma.paddr >> 10); 7990 7991 IWN_SETBITS(sc, IWN_FH_TX_CHICKEN, IWN_FH_TX_CHICKEN_SCHED_RETRY); 7992 7993 /* Enable chain mode for all queues, except command queue. */ 7994 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) 7995 iwn_prph_write(sc, IWN5000_SCHED_QCHAIN_SEL, 0xfffdf); 7996 else 7997 iwn_prph_write(sc, IWN5000_SCHED_QCHAIN_SEL, 0xfffef); 7998 iwn_prph_write(sc, IWN5000_SCHED_AGGR_SEL, 0); 7999 8000 for (qid = 0; qid < IWN5000_NTXQUEUES; qid++) { 8001 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_RDPTR(qid), 0); 8002 IWN_WRITE(sc, IWN_HBUS_TARG_WRPTR, qid << 8 | 0); 8003 8004 iwn_mem_write(sc, sc->sched_base + 8005 IWN5000_SCHED_QUEUE_OFFSET(qid), 0); 8006 /* Set scheduler window size and frame limit. */ 8007 iwn_mem_write(sc, sc->sched_base + 8008 IWN5000_SCHED_QUEUE_OFFSET(qid) + 4, 8009 IWN_SCHED_LIMIT << 16 | IWN_SCHED_WINSZ); 8010 } 8011 8012 /* Enable interrupts for all our 20 queues. */ 8013 iwn_prph_write(sc, IWN5000_SCHED_INTR_MASK, 0xfffff); 8014 /* Identify TX FIFO rings (0-7). */ 8015 iwn_prph_write(sc, IWN5000_SCHED_TXFACT, 0xff); 8016 8017 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 8018 if (sc->sc_flags & IWN_FLAG_PAN_SUPPORT) { 8019 /* Mark TX rings as active. */ 8020 for (qid = 0; qid < 11; qid++) { 8021 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 0, 4, 2, 5, 4, 7, 5 }; 8022 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 8023 IWN5000_TXQ_STATUS_ACTIVE | qid2fifo[qid]); 8024 } 8025 } else { 8026 /* Mark TX rings (4 EDCA + cmd + 2 HCCA) as active. */ 8027 for (qid = 0; qid < 7; qid++) { 8028 static uint8_t qid2fifo[] = { 3, 2, 1, 0, 7, 5, 6 }; 8029 iwn_prph_write(sc, IWN5000_SCHED_QUEUE_STATUS(qid), 8030 IWN5000_TXQ_STATUS_ACTIVE | qid2fifo[qid]); 8031 } 8032 } 8033 iwn_nic_unlock(sc); 8034 8035 /* Configure WiMAX coexistence for combo adapters. */ 8036 error = iwn5000_send_wimax_coex(sc); 8037 if (error != 0) { 8038 device_printf(sc->sc_dev, 8039 "%s: could not configure WiMAX coexistence, error %d\n", 8040 __func__, error); 8041 return error; 8042 } 8043 if (sc->hw_type != IWN_HW_REV_TYPE_5150) { 8044 /* Perform crystal calibration. */ 8045 error = iwn5000_crystal_calib(sc); 8046 if (error != 0) { 8047 device_printf(sc->sc_dev, 8048 "%s: crystal calibration failed, error %d\n", 8049 __func__, error); 8050 return error; 8051 } 8052 } 8053 if (!(sc->sc_flags & IWN_FLAG_CALIB_DONE)) { 8054 /* Query calibration from the initialization firmware. */ 8055 if ((error = iwn5000_query_calibration(sc)) != 0) { 8056 device_printf(sc->sc_dev, 8057 "%s: could not query calibration, error %d\n", 8058 __func__, error); 8059 return error; 8060 } 8061 /* 8062 * We have the calibration results now, reboot with the 8063 * runtime firmware (call ourselves recursively!) 8064 */ 8065 iwn_hw_stop(sc); 8066 error = iwn_hw_init(sc); 8067 } else { 8068 /* Send calibration results to runtime firmware. */ 8069 error = iwn5000_send_calibration(sc); 8070 } 8071 8072 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 8073 8074 return error; 8075 } 8076 8077 /* 8078 * The firmware boot code is small and is intended to be copied directly into 8079 * the NIC internal memory (no DMA transfer). 8080 */ 8081 static int 8082 iwn4965_load_bootcode(struct iwn_softc *sc, const uint8_t *ucode, int size) 8083 { 8084 int error, ntries; 8085 8086 size /= sizeof (uint32_t); 8087 8088 if ((error = iwn_nic_lock(sc)) != 0) 8089 return error; 8090 8091 /* Copy microcode image into NIC memory. */ 8092 iwn_prph_write_region_4(sc, IWN_BSM_SRAM_BASE, 8093 (const uint32_t *)ucode, size); 8094 8095 iwn_prph_write(sc, IWN_BSM_WR_MEM_SRC, 0); 8096 iwn_prph_write(sc, IWN_BSM_WR_MEM_DST, IWN_FW_TEXT_BASE); 8097 iwn_prph_write(sc, IWN_BSM_WR_DWCOUNT, size); 8098 8099 /* Start boot load now. */ 8100 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START); 8101 8102 /* Wait for transfer to complete. */ 8103 for (ntries = 0; ntries < 1000; ntries++) { 8104 if (!(iwn_prph_read(sc, IWN_BSM_WR_CTRL) & 8105 IWN_BSM_WR_CTRL_START)) 8106 break; 8107 DELAY(10); 8108 } 8109 if (ntries == 1000) { 8110 device_printf(sc->sc_dev, "%s: could not load boot firmware\n", 8111 __func__); 8112 iwn_nic_unlock(sc); 8113 return ETIMEDOUT; 8114 } 8115 8116 /* Enable boot after power up. */ 8117 iwn_prph_write(sc, IWN_BSM_WR_CTRL, IWN_BSM_WR_CTRL_START_EN); 8118 8119 iwn_nic_unlock(sc); 8120 return 0; 8121 } 8122 8123 static int 8124 iwn4965_load_firmware(struct iwn_softc *sc) 8125 { 8126 struct iwn_fw_info *fw = &sc->fw; 8127 struct iwn_dma_info *dma = &sc->fw_dma; 8128 int error; 8129 8130 /* Copy initialization sections into pre-allocated DMA-safe memory. */ 8131 memcpy(dma->vaddr, fw->init.data, fw->init.datasz); 8132 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 8133 memcpy(dma->vaddr + IWN4965_FW_DATA_MAXSZ, 8134 fw->init.text, fw->init.textsz); 8135 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 8136 8137 /* Tell adapter where to find initialization sections. */ 8138 if ((error = iwn_nic_lock(sc)) != 0) 8139 return error; 8140 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 8141 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->init.datasz); 8142 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 8143 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 8144 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, fw->init.textsz); 8145 iwn_nic_unlock(sc); 8146 8147 /* Load firmware boot code. */ 8148 error = iwn4965_load_bootcode(sc, fw->boot.text, fw->boot.textsz); 8149 if (error != 0) { 8150 device_printf(sc->sc_dev, "%s: could not load boot firmware\n", 8151 __func__); 8152 return error; 8153 } 8154 /* Now press "execute". */ 8155 IWN_WRITE(sc, IWN_RESET, 0); 8156 8157 /* Wait at most one second for first alive notification. */ 8158 if ((error = msleep(sc, &sc->sc_mtx, PCATCH, "iwninit", hz)) != 0) { 8159 device_printf(sc->sc_dev, 8160 "%s: timeout waiting for adapter to initialize, error %d\n", 8161 __func__, error); 8162 return error; 8163 } 8164 8165 /* Retrieve current temperature for initial TX power calibration. */ 8166 sc->rawtemp = sc->ucode_info.temp[3].chan20MHz; 8167 sc->temp = iwn4965_get_temperature(sc); 8168 8169 /* Copy runtime sections into pre-allocated DMA-safe memory. */ 8170 memcpy(dma->vaddr, fw->main.data, fw->main.datasz); 8171 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 8172 memcpy(dma->vaddr + IWN4965_FW_DATA_MAXSZ, 8173 fw->main.text, fw->main.textsz); 8174 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 8175 8176 /* Tell adapter where to find runtime sections. */ 8177 if ((error = iwn_nic_lock(sc)) != 0) 8178 return error; 8179 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_ADDR, dma->paddr >> 4); 8180 iwn_prph_write(sc, IWN_BSM_DRAM_DATA_SIZE, fw->main.datasz); 8181 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_ADDR, 8182 (dma->paddr + IWN4965_FW_DATA_MAXSZ) >> 4); 8183 iwn_prph_write(sc, IWN_BSM_DRAM_TEXT_SIZE, 8184 IWN_FW_UPDATED | fw->main.textsz); 8185 iwn_nic_unlock(sc); 8186 8187 return 0; 8188 } 8189 8190 static int 8191 iwn5000_load_firmware_section(struct iwn_softc *sc, uint32_t dst, 8192 const uint8_t *section, int size) 8193 { 8194 struct iwn_dma_info *dma = &sc->fw_dma; 8195 int error; 8196 8197 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8198 8199 /* Copy firmware section into pre-allocated DMA-safe memory. */ 8200 memcpy(dma->vaddr, section, size); 8201 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 8202 8203 if ((error = iwn_nic_lock(sc)) != 0) 8204 return error; 8205 8206 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 8207 IWN_FH_TX_CONFIG_DMA_PAUSE); 8208 8209 IWN_WRITE(sc, IWN_FH_SRAM_ADDR(IWN_SRVC_DMACHNL), dst); 8210 IWN_WRITE(sc, IWN_FH_TFBD_CTRL0(IWN_SRVC_DMACHNL), 8211 IWN_LOADDR(dma->paddr)); 8212 IWN_WRITE(sc, IWN_FH_TFBD_CTRL1(IWN_SRVC_DMACHNL), 8213 IWN_HIADDR(dma->paddr) << 28 | size); 8214 IWN_WRITE(sc, IWN_FH_TXBUF_STATUS(IWN_SRVC_DMACHNL), 8215 IWN_FH_TXBUF_STATUS_TBNUM(1) | 8216 IWN_FH_TXBUF_STATUS_TBIDX(1) | 8217 IWN_FH_TXBUF_STATUS_TFBD_VALID); 8218 8219 /* Kick Flow Handler to start DMA transfer. */ 8220 IWN_WRITE(sc, IWN_FH_TX_CONFIG(IWN_SRVC_DMACHNL), 8221 IWN_FH_TX_CONFIG_DMA_ENA | IWN_FH_TX_CONFIG_CIRQ_HOST_ENDTFD); 8222 8223 iwn_nic_unlock(sc); 8224 8225 /* Wait at most five seconds for FH DMA transfer to complete. */ 8226 return msleep(sc, &sc->sc_mtx, PCATCH, "iwninit", 5 * hz); 8227 } 8228 8229 static int 8230 iwn5000_load_firmware(struct iwn_softc *sc) 8231 { 8232 struct iwn_fw_part *fw; 8233 int error; 8234 8235 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8236 8237 /* Load the initialization firmware on first boot only. */ 8238 fw = (sc->sc_flags & IWN_FLAG_CALIB_DONE) ? 8239 &sc->fw.main : &sc->fw.init; 8240 8241 error = iwn5000_load_firmware_section(sc, IWN_FW_TEXT_BASE, 8242 fw->text, fw->textsz); 8243 if (error != 0) { 8244 device_printf(sc->sc_dev, 8245 "%s: could not load firmware %s section, error %d\n", 8246 __func__, ".text", error); 8247 return error; 8248 } 8249 error = iwn5000_load_firmware_section(sc, IWN_FW_DATA_BASE, 8250 fw->data, fw->datasz); 8251 if (error != 0) { 8252 device_printf(sc->sc_dev, 8253 "%s: could not load firmware %s section, error %d\n", 8254 __func__, ".data", error); 8255 return error; 8256 } 8257 8258 /* Now press "execute". */ 8259 IWN_WRITE(sc, IWN_RESET, 0); 8260 return 0; 8261 } 8262 8263 /* 8264 * Extract text and data sections from a legacy firmware image. 8265 */ 8266 static int 8267 iwn_read_firmware_leg(struct iwn_softc *sc, struct iwn_fw_info *fw) 8268 { 8269 const uint32_t *ptr; 8270 size_t hdrlen = 24; 8271 uint32_t rev; 8272 8273 ptr = (const uint32_t *)fw->data; 8274 rev = le32toh(*ptr++); 8275 8276 sc->ucode_rev = rev; 8277 8278 /* Check firmware API version. */ 8279 if (IWN_FW_API(rev) <= 1) { 8280 device_printf(sc->sc_dev, 8281 "%s: bad firmware, need API version >=2\n", __func__); 8282 return EINVAL; 8283 } 8284 if (IWN_FW_API(rev) >= 3) { 8285 /* Skip build number (version 2 header). */ 8286 hdrlen += 4; 8287 ptr++; 8288 } 8289 if (fw->size < hdrlen) { 8290 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8291 __func__, fw->size); 8292 return EINVAL; 8293 } 8294 fw->main.textsz = le32toh(*ptr++); 8295 fw->main.datasz = le32toh(*ptr++); 8296 fw->init.textsz = le32toh(*ptr++); 8297 fw->init.datasz = le32toh(*ptr++); 8298 fw->boot.textsz = le32toh(*ptr++); 8299 8300 /* Check that all firmware sections fit. */ 8301 if (fw->size < hdrlen + fw->main.textsz + fw->main.datasz + 8302 fw->init.textsz + fw->init.datasz + fw->boot.textsz) { 8303 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8304 __func__, fw->size); 8305 return EINVAL; 8306 } 8307 8308 /* Get pointers to firmware sections. */ 8309 fw->main.text = (const uint8_t *)ptr; 8310 fw->main.data = fw->main.text + fw->main.textsz; 8311 fw->init.text = fw->main.data + fw->main.datasz; 8312 fw->init.data = fw->init.text + fw->init.textsz; 8313 fw->boot.text = fw->init.data + fw->init.datasz; 8314 return 0; 8315 } 8316 8317 /* 8318 * Extract text and data sections from a TLV firmware image. 8319 */ 8320 static int 8321 iwn_read_firmware_tlv(struct iwn_softc *sc, struct iwn_fw_info *fw, 8322 uint16_t alt) 8323 { 8324 const struct iwn_fw_tlv_hdr *hdr; 8325 const struct iwn_fw_tlv *tlv; 8326 const uint8_t *ptr, *end; 8327 uint64_t altmask; 8328 uint32_t len, tmp; 8329 8330 if (fw->size < sizeof (*hdr)) { 8331 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8332 __func__, fw->size); 8333 return EINVAL; 8334 } 8335 hdr = (const struct iwn_fw_tlv_hdr *)fw->data; 8336 if (hdr->signature != htole32(IWN_FW_SIGNATURE)) { 8337 device_printf(sc->sc_dev, "%s: bad firmware signature 0x%08x\n", 8338 __func__, le32toh(hdr->signature)); 8339 return EINVAL; 8340 } 8341 DPRINTF(sc, IWN_DEBUG_RESET, "FW: \"%.64s\", build 0x%x\n", hdr->descr, 8342 le32toh(hdr->build)); 8343 sc->ucode_rev = le32toh(hdr->rev); 8344 8345 /* 8346 * Select the closest supported alternative that is less than 8347 * or equal to the specified one. 8348 */ 8349 altmask = le64toh(hdr->altmask); 8350 while (alt > 0 && !(altmask & (1ULL << alt))) 8351 alt--; /* Downgrade. */ 8352 DPRINTF(sc, IWN_DEBUG_RESET, "using alternative %d\n", alt); 8353 8354 ptr = (const uint8_t *)(hdr + 1); 8355 end = (const uint8_t *)(fw->data + fw->size); 8356 8357 /* Parse type-length-value fields. */ 8358 while (ptr + sizeof (*tlv) <= end) { 8359 tlv = (const struct iwn_fw_tlv *)ptr; 8360 len = le32toh(tlv->len); 8361 8362 ptr += sizeof (*tlv); 8363 if (ptr + len > end) { 8364 device_printf(sc->sc_dev, 8365 "%s: firmware too short: %zu bytes\n", __func__, 8366 fw->size); 8367 return EINVAL; 8368 } 8369 /* Skip other alternatives. */ 8370 if (tlv->alt != 0 && tlv->alt != htole16(alt)) 8371 goto next; 8372 8373 switch (le16toh(tlv->type)) { 8374 case IWN_FW_TLV_MAIN_TEXT: 8375 fw->main.text = ptr; 8376 fw->main.textsz = len; 8377 break; 8378 case IWN_FW_TLV_MAIN_DATA: 8379 fw->main.data = ptr; 8380 fw->main.datasz = len; 8381 break; 8382 case IWN_FW_TLV_INIT_TEXT: 8383 fw->init.text = ptr; 8384 fw->init.textsz = len; 8385 break; 8386 case IWN_FW_TLV_INIT_DATA: 8387 fw->init.data = ptr; 8388 fw->init.datasz = len; 8389 break; 8390 case IWN_FW_TLV_BOOT_TEXT: 8391 fw->boot.text = ptr; 8392 fw->boot.textsz = len; 8393 break; 8394 case IWN_FW_TLV_ENH_SENS: 8395 if (!len) 8396 sc->sc_flags |= IWN_FLAG_ENH_SENS; 8397 break; 8398 case IWN_FW_TLV_PHY_CALIB: 8399 tmp = le32toh(*ptr); 8400 if (tmp < 253) { 8401 sc->reset_noise_gain = tmp; 8402 sc->noise_gain = tmp + 1; 8403 } 8404 break; 8405 case IWN_FW_TLV_PAN: 8406 sc->sc_flags |= IWN_FLAG_PAN_SUPPORT; 8407 DPRINTF(sc, IWN_DEBUG_RESET, 8408 "PAN Support found: %d\n", 1); 8409 break; 8410 case IWN_FW_TLV_FLAGS: 8411 if (len < sizeof(uint32_t)) 8412 break; 8413 if (len % sizeof(uint32_t)) 8414 break; 8415 sc->tlv_feature_flags = le32toh(*ptr); 8416 DPRINTF(sc, IWN_DEBUG_RESET, 8417 "%s: feature: 0x%08x\n", 8418 __func__, 8419 sc->tlv_feature_flags); 8420 break; 8421 case IWN_FW_TLV_PBREQ_MAXLEN: 8422 case IWN_FW_TLV_RUNT_EVTLOG_PTR: 8423 case IWN_FW_TLV_RUNT_EVTLOG_SIZE: 8424 case IWN_FW_TLV_RUNT_ERRLOG_PTR: 8425 case IWN_FW_TLV_INIT_EVTLOG_PTR: 8426 case IWN_FW_TLV_INIT_EVTLOG_SIZE: 8427 case IWN_FW_TLV_INIT_ERRLOG_PTR: 8428 case IWN_FW_TLV_WOWLAN_INST: 8429 case IWN_FW_TLV_WOWLAN_DATA: 8430 DPRINTF(sc, IWN_DEBUG_RESET, 8431 "TLV type %d recognized but not handled\n", 8432 le16toh(tlv->type)); 8433 break; 8434 default: 8435 DPRINTF(sc, IWN_DEBUG_RESET, 8436 "TLV type %d not handled\n", le16toh(tlv->type)); 8437 break; 8438 } 8439 next: /* TLV fields are 32-bit aligned. */ 8440 ptr += (len + 3) & ~3; 8441 } 8442 return 0; 8443 } 8444 8445 static int 8446 iwn_read_firmware(struct iwn_softc *sc) 8447 { 8448 struct iwn_fw_info *fw = &sc->fw; 8449 int error; 8450 8451 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8452 8453 IWN_UNLOCK(sc); 8454 8455 memset(fw, 0, sizeof (*fw)); 8456 8457 /* Read firmware image from filesystem. */ 8458 sc->fw_fp = firmware_get(sc->fwname); 8459 if (sc->fw_fp == NULL) { 8460 device_printf(sc->sc_dev, "%s: could not read firmware %s\n", 8461 __func__, sc->fwname); 8462 IWN_LOCK(sc); 8463 return EINVAL; 8464 } 8465 IWN_LOCK(sc); 8466 8467 fw->size = sc->fw_fp->datasize; 8468 fw->data = (const uint8_t *)sc->fw_fp->data; 8469 if (fw->size < sizeof (uint32_t)) { 8470 device_printf(sc->sc_dev, "%s: firmware too short: %zu bytes\n", 8471 __func__, fw->size); 8472 error = EINVAL; 8473 goto fail; 8474 } 8475 8476 /* Retrieve text and data sections. */ 8477 if (*(const uint32_t *)fw->data != 0) /* Legacy image. */ 8478 error = iwn_read_firmware_leg(sc, fw); 8479 else 8480 error = iwn_read_firmware_tlv(sc, fw, 1); 8481 if (error != 0) { 8482 device_printf(sc->sc_dev, 8483 "%s: could not read firmware sections, error %d\n", 8484 __func__, error); 8485 goto fail; 8486 } 8487 8488 device_printf(sc->sc_dev, "%s: ucode rev=0x%08x\n", __func__, sc->ucode_rev); 8489 8490 /* Make sure text and data sections fit in hardware memory. */ 8491 if (fw->main.textsz > sc->fw_text_maxsz || 8492 fw->main.datasz > sc->fw_data_maxsz || 8493 fw->init.textsz > sc->fw_text_maxsz || 8494 fw->init.datasz > sc->fw_data_maxsz || 8495 fw->boot.textsz > IWN_FW_BOOT_TEXT_MAXSZ || 8496 (fw->boot.textsz & 3) != 0) { 8497 device_printf(sc->sc_dev, "%s: firmware sections too large\n", 8498 __func__); 8499 error = EINVAL; 8500 goto fail; 8501 } 8502 8503 /* We can proceed with loading the firmware. */ 8504 return 0; 8505 8506 fail: iwn_unload_firmware(sc); 8507 return error; 8508 } 8509 8510 static void 8511 iwn_unload_firmware(struct iwn_softc *sc) 8512 { 8513 firmware_put(sc->fw_fp, FIRMWARE_UNLOAD); 8514 sc->fw_fp = NULL; 8515 } 8516 8517 static int 8518 iwn_clock_wait(struct iwn_softc *sc) 8519 { 8520 int ntries; 8521 8522 /* Set "initialization complete" bit. */ 8523 IWN_SETBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 8524 8525 /* Wait for clock stabilization. */ 8526 for (ntries = 0; ntries < 2500; ntries++) { 8527 if (IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_MAC_CLOCK_READY) 8528 return 0; 8529 DELAY(10); 8530 } 8531 device_printf(sc->sc_dev, 8532 "%s: timeout waiting for clock stabilization\n", __func__); 8533 return ETIMEDOUT; 8534 } 8535 8536 static int 8537 iwn_apm_init(struct iwn_softc *sc) 8538 { 8539 uint32_t reg; 8540 int error; 8541 8542 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8543 8544 /* Disable L0s exit timer (NMI bug workaround). */ 8545 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_DIS_L0S_TIMER); 8546 /* Don't wait for ICH L0s (ICH bug workaround). */ 8547 IWN_SETBITS(sc, IWN_GIO_CHICKEN, IWN_GIO_CHICKEN_L1A_NO_L0S_RX); 8548 8549 /* Set FH wait threshold to max (HW bug under stress workaround). */ 8550 IWN_SETBITS(sc, IWN_DBG_HPET_MEM, 0xffff0000); 8551 8552 /* Enable HAP INTA to move adapter from L1a to L0s. */ 8553 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_HAP_WAKE_L1A); 8554 8555 /* Retrieve PCIe Active State Power Management (ASPM). */ 8556 reg = pci_read_config(sc->sc_dev, sc->sc_cap_off + PCIER_LINK_CTL, 4); 8557 /* Workaround for HW instability in PCIe L0->L0s->L1 transition. */ 8558 if (reg & PCIEM_LINK_CTL_ASPMC_L1) /* L1 Entry enabled. */ 8559 IWN_SETBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 8560 else 8561 IWN_CLRBITS(sc, IWN_GIO, IWN_GIO_L0S_ENA); 8562 8563 if (sc->base_params->pll_cfg_val) 8564 IWN_SETBITS(sc, IWN_ANA_PLL, sc->base_params->pll_cfg_val); 8565 8566 /* Wait for clock stabilization before accessing prph. */ 8567 if ((error = iwn_clock_wait(sc)) != 0) 8568 return error; 8569 8570 if ((error = iwn_nic_lock(sc)) != 0) 8571 return error; 8572 if (sc->hw_type == IWN_HW_REV_TYPE_4965) { 8573 /* Enable DMA and BSM (Bootstrap State Machine). */ 8574 iwn_prph_write(sc, IWN_APMG_CLK_EN, 8575 IWN_APMG_CLK_CTRL_DMA_CLK_RQT | 8576 IWN_APMG_CLK_CTRL_BSM_CLK_RQT); 8577 } else { 8578 /* Enable DMA. */ 8579 iwn_prph_write(sc, IWN_APMG_CLK_EN, 8580 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 8581 } 8582 DELAY(20); 8583 /* Disable L1-Active. */ 8584 iwn_prph_setbits(sc, IWN_APMG_PCI_STT, IWN_APMG_PCI_STT_L1A_DIS); 8585 iwn_nic_unlock(sc); 8586 8587 return 0; 8588 } 8589 8590 static void 8591 iwn_apm_stop_master(struct iwn_softc *sc) 8592 { 8593 int ntries; 8594 8595 /* Stop busmaster DMA activity. */ 8596 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_STOP_MASTER); 8597 for (ntries = 0; ntries < 100; ntries++) { 8598 if (IWN_READ(sc, IWN_RESET) & IWN_RESET_MASTER_DISABLED) 8599 return; 8600 DELAY(10); 8601 } 8602 device_printf(sc->sc_dev, "%s: timeout waiting for master\n", __func__); 8603 } 8604 8605 static void 8606 iwn_apm_stop(struct iwn_softc *sc) 8607 { 8608 iwn_apm_stop_master(sc); 8609 8610 /* Reset the entire device. */ 8611 IWN_SETBITS(sc, IWN_RESET, IWN_RESET_SW); 8612 DELAY(10); 8613 /* Clear "initialization complete" bit. */ 8614 IWN_CLRBITS(sc, IWN_GP_CNTRL, IWN_GP_CNTRL_INIT_DONE); 8615 } 8616 8617 static int 8618 iwn4965_nic_config(struct iwn_softc *sc) 8619 { 8620 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8621 8622 if (IWN_RFCFG_TYPE(sc->rfcfg) == 1) { 8623 /* 8624 * I don't believe this to be correct but this is what the 8625 * vendor driver is doing. Probably the bits should not be 8626 * shifted in IWN_RFCFG_*. 8627 */ 8628 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8629 IWN_RFCFG_TYPE(sc->rfcfg) | 8630 IWN_RFCFG_STEP(sc->rfcfg) | 8631 IWN_RFCFG_DASH(sc->rfcfg)); 8632 } 8633 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8634 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 8635 return 0; 8636 } 8637 8638 static int 8639 iwn5000_nic_config(struct iwn_softc *sc) 8640 { 8641 uint32_t tmp; 8642 int error; 8643 8644 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8645 8646 if (IWN_RFCFG_TYPE(sc->rfcfg) < 3) { 8647 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8648 IWN_RFCFG_TYPE(sc->rfcfg) | 8649 IWN_RFCFG_STEP(sc->rfcfg) | 8650 IWN_RFCFG_DASH(sc->rfcfg)); 8651 } 8652 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, 8653 IWN_HW_IF_CONFIG_RADIO_SI | IWN_HW_IF_CONFIG_MAC_SI); 8654 8655 if ((error = iwn_nic_lock(sc)) != 0) 8656 return error; 8657 iwn_prph_setbits(sc, IWN_APMG_PS, IWN_APMG_PS_EARLY_PWROFF_DIS); 8658 8659 if (sc->hw_type == IWN_HW_REV_TYPE_1000) { 8660 /* 8661 * Select first Switching Voltage Regulator (1.32V) to 8662 * solve a stability issue related to noisy DC2DC line 8663 * in the silicon of 1000 Series. 8664 */ 8665 tmp = iwn_prph_read(sc, IWN_APMG_DIGITAL_SVR); 8666 tmp &= ~IWN_APMG_DIGITAL_SVR_VOLTAGE_MASK; 8667 tmp |= IWN_APMG_DIGITAL_SVR_VOLTAGE_1_32; 8668 iwn_prph_write(sc, IWN_APMG_DIGITAL_SVR, tmp); 8669 } 8670 iwn_nic_unlock(sc); 8671 8672 if (sc->sc_flags & IWN_FLAG_INTERNAL_PA) { 8673 /* Use internal power amplifier only. */ 8674 IWN_WRITE(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_RADIO_2X2_IPA); 8675 } 8676 if (sc->base_params->additional_nic_config && sc->calib_ver >= 6) { 8677 /* Indicate that ROM calibration version is >=6. */ 8678 IWN_SETBITS(sc, IWN_GP_DRIVER, IWN_GP_DRIVER_CALIB_VER6); 8679 } 8680 if (sc->base_params->additional_gp_drv_bit) 8681 IWN_SETBITS(sc, IWN_GP_DRIVER, 8682 sc->base_params->additional_gp_drv_bit); 8683 return 0; 8684 } 8685 8686 /* 8687 * Take NIC ownership over Intel Active Management Technology (AMT). 8688 */ 8689 static int 8690 iwn_hw_prepare(struct iwn_softc *sc) 8691 { 8692 int ntries; 8693 8694 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8695 8696 /* Check if hardware is ready. */ 8697 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 8698 for (ntries = 0; ntries < 5; ntries++) { 8699 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 8700 IWN_HW_IF_CONFIG_NIC_READY) 8701 return 0; 8702 DELAY(10); 8703 } 8704 8705 /* Hardware not ready, force into ready state. */ 8706 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_PREPARE); 8707 for (ntries = 0; ntries < 15000; ntries++) { 8708 if (!(IWN_READ(sc, IWN_HW_IF_CONFIG) & 8709 IWN_HW_IF_CONFIG_PREPARE_DONE)) 8710 break; 8711 DELAY(10); 8712 } 8713 if (ntries == 15000) 8714 return ETIMEDOUT; 8715 8716 /* Hardware should be ready now. */ 8717 IWN_SETBITS(sc, IWN_HW_IF_CONFIG, IWN_HW_IF_CONFIG_NIC_READY); 8718 for (ntries = 0; ntries < 5; ntries++) { 8719 if (IWN_READ(sc, IWN_HW_IF_CONFIG) & 8720 IWN_HW_IF_CONFIG_NIC_READY) 8721 return 0; 8722 DELAY(10); 8723 } 8724 return ETIMEDOUT; 8725 } 8726 8727 static int 8728 iwn_hw_init(struct iwn_softc *sc) 8729 { 8730 struct iwn_ops *ops = &sc->ops; 8731 int error, chnl, qid; 8732 8733 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 8734 8735 /* Clear pending interrupts. */ 8736 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8737 8738 if ((error = iwn_apm_init(sc)) != 0) { 8739 device_printf(sc->sc_dev, 8740 "%s: could not power ON adapter, error %d\n", __func__, 8741 error); 8742 return error; 8743 } 8744 8745 /* Select VMAIN power source. */ 8746 if ((error = iwn_nic_lock(sc)) != 0) 8747 return error; 8748 iwn_prph_clrbits(sc, IWN_APMG_PS, IWN_APMG_PS_PWR_SRC_MASK); 8749 iwn_nic_unlock(sc); 8750 8751 /* Perform adapter-specific initialization. */ 8752 if ((error = ops->nic_config(sc)) != 0) 8753 return error; 8754 8755 /* Initialize RX ring. */ 8756 if ((error = iwn_nic_lock(sc)) != 0) 8757 return error; 8758 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 0); 8759 IWN_WRITE(sc, IWN_FH_RX_WPTR, 0); 8760 /* Set physical address of RX ring (256-byte aligned). */ 8761 IWN_WRITE(sc, IWN_FH_RX_BASE, sc->rxq.desc_dma.paddr >> 8); 8762 /* Set physical address of RX status (16-byte aligned). */ 8763 IWN_WRITE(sc, IWN_FH_STATUS_WPTR, sc->rxq.stat_dma.paddr >> 4); 8764 /* Enable RX. */ 8765 IWN_WRITE(sc, IWN_FH_RX_CONFIG, 8766 IWN_FH_RX_CONFIG_ENA | 8767 IWN_FH_RX_CONFIG_IGN_RXF_EMPTY | /* HW bug workaround */ 8768 IWN_FH_RX_CONFIG_IRQ_DST_HOST | 8769 IWN_FH_RX_CONFIG_SINGLE_FRAME | 8770 IWN_FH_RX_CONFIG_RB_TIMEOUT(0) | 8771 IWN_FH_RX_CONFIG_NRBD(IWN_RX_RING_COUNT_LOG)); 8772 iwn_nic_unlock(sc); 8773 IWN_WRITE(sc, IWN_FH_RX_WPTR, (IWN_RX_RING_COUNT - 1) & ~7); 8774 8775 if ((error = iwn_nic_lock(sc)) != 0) 8776 return error; 8777 8778 /* Initialize TX scheduler. */ 8779 iwn_prph_write(sc, sc->sched_txfact_addr, 0); 8780 8781 /* Set physical address of "keep warm" page (16-byte aligned). */ 8782 IWN_WRITE(sc, IWN_FH_KW_ADDR, sc->kw_dma.paddr >> 4); 8783 8784 /* Initialize TX rings. */ 8785 for (qid = 0; qid < sc->ntxqs; qid++) { 8786 struct iwn_tx_ring *txq = &sc->txq[qid]; 8787 8788 /* Set physical address of TX ring (256-byte aligned). */ 8789 IWN_WRITE(sc, IWN_FH_CBBC_QUEUE(qid), 8790 txq->desc_dma.paddr >> 8); 8791 } 8792 iwn_nic_unlock(sc); 8793 8794 /* Enable DMA channels. */ 8795 for (chnl = 0; chnl < sc->ndmachnls; chnl++) { 8796 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 8797 IWN_FH_TX_CONFIG_DMA_ENA | 8798 IWN_FH_TX_CONFIG_DMA_CREDIT_ENA); 8799 } 8800 8801 /* Clear "radio off" and "commands blocked" bits. */ 8802 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 8803 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_CMD_BLOCKED); 8804 8805 /* Clear pending interrupts. */ 8806 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8807 /* Enable interrupt coalescing. */ 8808 IWN_WRITE(sc, IWN_INT_COALESCING, 512 / 8); 8809 /* Enable interrupts. */ 8810 IWN_WRITE(sc, IWN_INT_MASK, sc->int_mask); 8811 8812 /* _Really_ make sure "radio off" bit is cleared! */ 8813 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 8814 IWN_WRITE(sc, IWN_UCODE_GP1_CLR, IWN_UCODE_GP1_RFKILL); 8815 8816 /* Enable shadow registers. */ 8817 if (sc->base_params->shadow_reg_enable) 8818 IWN_SETBITS(sc, IWN_SHADOW_REG_CTRL, 0x800fffff); 8819 8820 if ((error = ops->load_firmware(sc)) != 0) { 8821 device_printf(sc->sc_dev, 8822 "%s: could not load firmware, error %d\n", __func__, 8823 error); 8824 return error; 8825 } 8826 /* Wait at most one second for firmware alive notification. */ 8827 if ((error = msleep(sc, &sc->sc_mtx, PCATCH, "iwninit", hz)) != 0) { 8828 device_printf(sc->sc_dev, 8829 "%s: timeout waiting for adapter to initialize, error %d\n", 8830 __func__, error); 8831 return error; 8832 } 8833 /* Do post-firmware initialization. */ 8834 8835 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 8836 8837 return ops->post_alive(sc); 8838 } 8839 8840 static void 8841 iwn_hw_stop(struct iwn_softc *sc) 8842 { 8843 int chnl, qid, ntries; 8844 8845 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 8846 8847 IWN_WRITE(sc, IWN_RESET, IWN_RESET_NEVO); 8848 8849 /* Disable interrupts. */ 8850 IWN_WRITE(sc, IWN_INT_MASK, 0); 8851 IWN_WRITE(sc, IWN_INT, 0xffffffff); 8852 IWN_WRITE(sc, IWN_FH_INT, 0xffffffff); 8853 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 8854 8855 /* Make sure we no longer hold the NIC lock. */ 8856 iwn_nic_unlock(sc); 8857 8858 /* Stop TX scheduler. */ 8859 iwn_prph_write(sc, sc->sched_txfact_addr, 0); 8860 8861 /* Stop all DMA channels. */ 8862 if (iwn_nic_lock(sc) == 0) { 8863 for (chnl = 0; chnl < sc->ndmachnls; chnl++) { 8864 IWN_WRITE(sc, IWN_FH_TX_CONFIG(chnl), 0); 8865 for (ntries = 0; ntries < 200; ntries++) { 8866 if (IWN_READ(sc, IWN_FH_TX_STATUS) & 8867 IWN_FH_TX_STATUS_IDLE(chnl)) 8868 break; 8869 DELAY(10); 8870 } 8871 } 8872 iwn_nic_unlock(sc); 8873 } 8874 8875 /* Stop RX ring. */ 8876 iwn_reset_rx_ring(sc, &sc->rxq); 8877 8878 /* Reset all TX rings. */ 8879 for (qid = 0; qid < sc->ntxqs; qid++) 8880 iwn_reset_tx_ring(sc, &sc->txq[qid]); 8881 8882 if (iwn_nic_lock(sc) == 0) { 8883 iwn_prph_write(sc, IWN_APMG_CLK_DIS, 8884 IWN_APMG_CLK_CTRL_DMA_CLK_RQT); 8885 iwn_nic_unlock(sc); 8886 } 8887 DELAY(5); 8888 /* Power OFF adapter. */ 8889 iwn_apm_stop(sc); 8890 } 8891 8892 static void 8893 iwn_panicked(void *arg0, int pending) 8894 { 8895 struct iwn_softc *sc = arg0; 8896 struct ieee80211com *ic = &sc->sc_ic; 8897 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 8898 #if 0 8899 int error; 8900 #endif 8901 8902 if (vap == NULL) { 8903 printf("%s: null vap\n", __func__); 8904 return; 8905 } 8906 8907 device_printf(sc->sc_dev, "%s: controller panicked, iv_state = %d; " 8908 "restarting\n", __func__, vap->iv_state); 8909 8910 /* 8911 * This is not enough work. We need to also reinitialise 8912 * the correct transmit state for aggregation enabled queues, 8913 * which has a very specific requirement of 8914 * ring index = 802.11 seqno % 256. If we don't do this (which 8915 * we definitely don't!) then the firmware will just panic again. 8916 */ 8917 #if 1 8918 ieee80211_restart_all(ic); 8919 #else 8920 IWN_LOCK(sc); 8921 8922 iwn_stop_locked(sc); 8923 if ((error = iwn_init_locked(sc)) != 0) { 8924 device_printf(sc->sc_dev, 8925 "%s: could not init hardware\n", __func__); 8926 goto unlock; 8927 } 8928 if (vap->iv_state >= IEEE80211_S_AUTH && 8929 (error = iwn_auth(sc, vap)) != 0) { 8930 device_printf(sc->sc_dev, 8931 "%s: could not move to auth state\n", __func__); 8932 } 8933 if (vap->iv_state >= IEEE80211_S_RUN && 8934 (error = iwn_run(sc, vap)) != 0) { 8935 device_printf(sc->sc_dev, 8936 "%s: could not move to run state\n", __func__); 8937 } 8938 8939 unlock: 8940 IWN_UNLOCK(sc); 8941 #endif 8942 } 8943 8944 static int 8945 iwn_init_locked(struct iwn_softc *sc) 8946 { 8947 int error; 8948 8949 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s begin\n", __func__); 8950 8951 IWN_LOCK_ASSERT(sc); 8952 8953 if (sc->sc_flags & IWN_FLAG_RUNNING) 8954 goto end; 8955 8956 sc->sc_flags |= IWN_FLAG_RUNNING; 8957 8958 if ((error = iwn_hw_prepare(sc)) != 0) { 8959 device_printf(sc->sc_dev, "%s: hardware not ready, error %d\n", 8960 __func__, error); 8961 goto fail; 8962 } 8963 8964 /* Initialize interrupt mask to default value. */ 8965 sc->int_mask = IWN_INT_MASK_DEF; 8966 sc->sc_flags &= ~IWN_FLAG_USE_ICT; 8967 8968 /* Check that the radio is not disabled by hardware switch. */ 8969 if (!(IWN_READ(sc, IWN_GP_CNTRL) & IWN_GP_CNTRL_RFKILL)) { 8970 iwn_stop_locked(sc); 8971 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 8972 8973 return (1); 8974 } 8975 8976 /* Read firmware images from the filesystem. */ 8977 if ((error = iwn_read_firmware(sc)) != 0) { 8978 device_printf(sc->sc_dev, 8979 "%s: could not read firmware, error %d\n", __func__, 8980 error); 8981 goto fail; 8982 } 8983 8984 /* Initialize hardware and upload firmware. */ 8985 error = iwn_hw_init(sc); 8986 iwn_unload_firmware(sc); 8987 if (error != 0) { 8988 device_printf(sc->sc_dev, 8989 "%s: could not initialize hardware, error %d\n", __func__, 8990 error); 8991 goto fail; 8992 } 8993 8994 /* Configure adapter now that it is ready. */ 8995 if ((error = iwn_config(sc)) != 0) { 8996 device_printf(sc->sc_dev, 8997 "%s: could not configure device, error %d\n", __func__, 8998 error); 8999 goto fail; 9000 } 9001 9002 callout_reset(&sc->watchdog_to, hz, iwn_watchdog, sc); 9003 9004 end: 9005 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end\n",__func__); 9006 9007 return (0); 9008 9009 fail: 9010 iwn_stop_locked(sc); 9011 9012 DPRINTF(sc, IWN_DEBUG_TRACE, "->%s: end in error\n",__func__); 9013 9014 return (-1); 9015 } 9016 9017 static int 9018 iwn_init(struct iwn_softc *sc) 9019 { 9020 int error; 9021 9022 IWN_LOCK(sc); 9023 error = iwn_init_locked(sc); 9024 IWN_UNLOCK(sc); 9025 9026 return (error); 9027 } 9028 9029 static void 9030 iwn_stop_locked(struct iwn_softc *sc) 9031 { 9032 9033 IWN_LOCK_ASSERT(sc); 9034 9035 if (!(sc->sc_flags & IWN_FLAG_RUNNING)) 9036 return; 9037 9038 sc->sc_is_scanning = 0; 9039 sc->sc_tx_timer = 0; 9040 callout_stop(&sc->watchdog_to); 9041 callout_stop(&sc->scan_timeout); 9042 callout_stop(&sc->calib_to); 9043 sc->sc_flags &= ~IWN_FLAG_RUNNING; 9044 9045 /* Power OFF hardware. */ 9046 iwn_hw_stop(sc); 9047 } 9048 9049 static void 9050 iwn_stop(struct iwn_softc *sc) 9051 { 9052 IWN_LOCK(sc); 9053 iwn_stop_locked(sc); 9054 IWN_UNLOCK(sc); 9055 } 9056 9057 /* 9058 * Callback from net80211 to start a scan. 9059 */ 9060 static void 9061 iwn_scan_start(struct ieee80211com *ic) 9062 { 9063 struct iwn_softc *sc = ic->ic_softc; 9064 9065 IWN_LOCK(sc); 9066 /* make the link LED blink while we're scanning */ 9067 iwn_set_led(sc, IWN_LED_LINK, 20, 2); 9068 IWN_UNLOCK(sc); 9069 } 9070 9071 /* 9072 * Callback from net80211 to terminate a scan. 9073 */ 9074 static void 9075 iwn_scan_end(struct ieee80211com *ic) 9076 { 9077 struct iwn_softc *sc = ic->ic_softc; 9078 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 9079 9080 IWN_LOCK(sc); 9081 if (vap->iv_state == IEEE80211_S_RUN) { 9082 /* Set link LED to ON status if we are associated */ 9083 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 9084 } 9085 IWN_UNLOCK(sc); 9086 } 9087 9088 /* 9089 * Callback from net80211 to force a channel change. 9090 */ 9091 static void 9092 iwn_set_channel(struct ieee80211com *ic) 9093 { 9094 struct iwn_softc *sc = ic->ic_softc; 9095 int error; 9096 9097 DPRINTF(sc, IWN_DEBUG_TRACE, "->Doing %s\n", __func__); 9098 9099 IWN_LOCK(sc); 9100 /* 9101 * Only need to set the channel in Monitor mode. AP scanning and auth 9102 * are already taken care of by their respective firmware commands. 9103 */ 9104 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 9105 error = iwn_config(sc); 9106 if (error != 0) 9107 device_printf(sc->sc_dev, 9108 "%s: error %d setting channel\n", __func__, error); 9109 } 9110 IWN_UNLOCK(sc); 9111 } 9112 9113 /* 9114 * Callback from net80211 to start scanning of the current channel. 9115 */ 9116 static void 9117 iwn_scan_curchan(struct ieee80211_scan_state *ss, unsigned long maxdwell) 9118 { 9119 struct ieee80211vap *vap = ss->ss_vap; 9120 struct ieee80211com *ic = vap->iv_ic; 9121 struct iwn_softc *sc = ic->ic_softc; 9122 int error; 9123 9124 IWN_LOCK(sc); 9125 error = iwn_scan(sc, vap, ss, ic->ic_curchan); 9126 IWN_UNLOCK(sc); 9127 if (error != 0) 9128 ieee80211_cancel_scan(vap); 9129 } 9130 9131 /* 9132 * Callback from net80211 to handle the minimum dwell time being met. 9133 * The intent is to terminate the scan but we just let the firmware 9134 * notify us when it's finished as we have no safe way to abort it. 9135 */ 9136 static void 9137 iwn_scan_mindwell(struct ieee80211_scan_state *ss) 9138 { 9139 /* NB: don't try to abort scan; wait for firmware to finish */ 9140 } 9141 #ifdef IWN_DEBUG 9142 #define IWN_DESC(x) case x: return #x 9143 9144 /* 9145 * Translate CSR code to string 9146 */ 9147 static char *iwn_get_csr_string(int csr) 9148 { 9149 switch (csr) { 9150 IWN_DESC(IWN_HW_IF_CONFIG); 9151 IWN_DESC(IWN_INT_COALESCING); 9152 IWN_DESC(IWN_INT); 9153 IWN_DESC(IWN_INT_MASK); 9154 IWN_DESC(IWN_FH_INT); 9155 IWN_DESC(IWN_GPIO_IN); 9156 IWN_DESC(IWN_RESET); 9157 IWN_DESC(IWN_GP_CNTRL); 9158 IWN_DESC(IWN_HW_REV); 9159 IWN_DESC(IWN_EEPROM); 9160 IWN_DESC(IWN_EEPROM_GP); 9161 IWN_DESC(IWN_OTP_GP); 9162 IWN_DESC(IWN_GIO); 9163 IWN_DESC(IWN_GP_UCODE); 9164 IWN_DESC(IWN_GP_DRIVER); 9165 IWN_DESC(IWN_UCODE_GP1); 9166 IWN_DESC(IWN_UCODE_GP2); 9167 IWN_DESC(IWN_LED); 9168 IWN_DESC(IWN_DRAM_INT_TBL); 9169 IWN_DESC(IWN_GIO_CHICKEN); 9170 IWN_DESC(IWN_ANA_PLL); 9171 IWN_DESC(IWN_HW_REV_WA); 9172 IWN_DESC(IWN_DBG_HPET_MEM); 9173 default: 9174 return "UNKNOWN CSR"; 9175 } 9176 } 9177 9178 /* 9179 * This function print firmware register 9180 */ 9181 static void 9182 iwn_debug_register(struct iwn_softc *sc) 9183 { 9184 int i; 9185 static const uint32_t csr_tbl[] = { 9186 IWN_HW_IF_CONFIG, 9187 IWN_INT_COALESCING, 9188 IWN_INT, 9189 IWN_INT_MASK, 9190 IWN_FH_INT, 9191 IWN_GPIO_IN, 9192 IWN_RESET, 9193 IWN_GP_CNTRL, 9194 IWN_HW_REV, 9195 IWN_EEPROM, 9196 IWN_EEPROM_GP, 9197 IWN_OTP_GP, 9198 IWN_GIO, 9199 IWN_GP_UCODE, 9200 IWN_GP_DRIVER, 9201 IWN_UCODE_GP1, 9202 IWN_UCODE_GP2, 9203 IWN_LED, 9204 IWN_DRAM_INT_TBL, 9205 IWN_GIO_CHICKEN, 9206 IWN_ANA_PLL, 9207 IWN_HW_REV_WA, 9208 IWN_DBG_HPET_MEM, 9209 }; 9210 DPRINTF(sc, IWN_DEBUG_REGISTER, 9211 "CSR values: (2nd byte of IWN_INT_COALESCING is IWN_INT_PERIODIC)%s", 9212 "\n"); 9213 for (i = 0; i < nitems(csr_tbl); i++){ 9214 DPRINTF(sc, IWN_DEBUG_REGISTER," %10s: 0x%08x ", 9215 iwn_get_csr_string(csr_tbl[i]), IWN_READ(sc, csr_tbl[i])); 9216 if ((i+1) % 3 == 0) 9217 DPRINTF(sc, IWN_DEBUG_REGISTER,"%s","\n"); 9218 } 9219 DPRINTF(sc, IWN_DEBUG_REGISTER,"%s","\n"); 9220 } 9221 #endif 9222 9223
Cache object: d104ac774d2b4a1ab00b1dedf8d9acf5
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]