2 * Copyright (c) 1997, 1998, 1999
3 * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by Bill Paul.
16 * 4. Neither the name of the author nor the names of any co-contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
30 * THE POSSIBILITY OF SUCH DAMAGE.
32 * $FreeBSD: src/sys/dev/wi/if_wi.c,v 1.103.2.2 2002/08/02 07:11:34 imp Exp $
33 * $DragonFly: src/sys/dev/netif/owi/Attic/if_owi.c,v 1.11 2005/10/12 17:35:52 dillon Exp $
37 * Lucent WaveLAN/IEEE 802.11 PCMCIA driver for FreeBSD.
39 * Written by Bill Paul <wpaul@ctr.columbia.edu>
40 * Electrical Engineering Department
41 * Columbia University, New York City
45 * The WaveLAN/IEEE adapter is the second generation of the WaveLAN
46 * from Lucent. Unlike the older cards, the new ones are programmed
47 * entirely via a firmware-driven controller called the Hermes.
48 * Unfortunately, Lucent will not release the Hermes programming manual
49 * without an NDA (if at all). What they do release is an API library
50 * called the HCF (Hardware Control Functions) which is supposed to
51 * do the device-specific operations of a device driver for you. The
52 * publically available version of the HCF library (the 'HCF Light') is
53 * a) extremely gross, b) lacks certain features, particularly support
54 * for 802.11 frames, and c) is contaminated by the GNU Public License.
56 * This driver does not use the HCF or HCF Light at all. Instead, it
57 * programs the Hermes controller directly, using information gleaned
58 * from the HCF Light code and corresponding documentation.
60 * This driver supports the ISA, PCMCIA and PCI versions of the Lucent
61 * WaveLan cards (based on the Hermes chipset), as well as the newer
62 * Prism 2 chipsets with firmware from Intersil and Symbol.
65 #include <sys/param.h>
66 #include <sys/systm.h>
67 #include <sys/endian.h>
68 #include <sys/sockio.h>
71 #include <sys/kernel.h>
72 #include <sys/socket.h>
73 #include <sys/module.h>
75 #include <sys/random.h>
76 #include <sys/syslog.h>
77 #include <sys/sysctl.h>
78 #include <sys/thread2.h>
80 #include <machine/bus.h>
81 #include <machine/resource.h>
82 #include <machine/clock.h>
86 #include <net/ifq_var.h>
87 #include <net/if_arp.h>
88 #include <net/ethernet.h>
89 #include <net/if_dl.h>
90 #include <net/if_media.h>
91 #include <net/if_types.h>
92 #include <netproto/802_11/ieee80211.h>
93 #include <netproto/802_11/ieee80211_ioctl.h>
94 #include <netproto/802_11/if_wavelan_ieee.h>
96 #include <netinet/in.h>
97 #include <netinet/in_systm.h>
98 #include <netinet/in_var.h>
99 #include <netinet/ip.h>
100 #include <netinet/if_ether.h>
104 #include "wi_hostap.h"
105 #include "if_wivar.h"
106 #include "if_wireg.h"
108 #define WI_CMD_DEBUG 0x0038 /* prism2 debug */
110 static void wi_intr(void *);
111 static void wi_reset(struct wi_softc *);
112 static int wi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
113 static void wi_init(void *);
114 static void wi_start(struct ifnet *);
115 static void wi_stop(struct wi_softc *);
116 static void wi_watchdog(struct ifnet *);
117 static void wi_rxeof(struct wi_softc *);
118 static void wi_txeof(struct wi_softc *, int);
119 static void wi_update_stats(struct wi_softc *);
120 static void wi_setmulti(struct wi_softc *);
122 static int wi_cmd(struct wi_softc *, int, int, int, int);
123 static int wi_read_record(struct wi_softc *, struct wi_ltv_gen *);
124 static int wi_write_record(struct wi_softc *, struct wi_ltv_gen *);
125 static int wi_read_data(struct wi_softc *, int, int, caddr_t, int);
126 static int wi_write_data(struct wi_softc *, int, int, caddr_t, int);
127 static int wi_seek(struct wi_softc *, int, int, int);
128 static int wi_alloc_nicmem(struct wi_softc *, int, int *);
129 static void wi_inquire(void *);
130 static void wi_setdef(struct wi_softc *, struct wi_req *);
134 void wi_cache_store(struct wi_softc *, struct mbuf *, unsigned short);
137 static int wi_get_cur_ssid(struct wi_softc *, char *, int *);
138 static void wi_get_id(struct wi_softc *);
139 static int wi_media_change(struct ifnet *);
140 static void wi_media_status(struct ifnet *, struct ifmediareq *);
142 static int wi_get_debug(struct wi_softc *, struct wi_req *);
143 static int wi_set_debug(struct wi_softc *, struct wi_req *);
145 DECLARE_DUMMY_MODULE(if_wi);
147 devclass_t owi_devclass;
149 static struct wi_card_ident wi_card_ident[] = {
150 /* CARD_ID CARD_NAME FIRM_TYPE */
151 { WI_NIC_LUCENT_ID, WI_NIC_LUCENT_STR, WI_LUCENT },
152 { WI_NIC_SONY_ID, WI_NIC_SONY_STR, WI_LUCENT },
153 { WI_NIC_LUCENT_EMB_ID, WI_NIC_LUCENT_EMB_STR, WI_LUCENT },
154 { WI_NIC_EVB2_ID, WI_NIC_EVB2_STR, WI_INTERSIL },
155 { WI_NIC_HWB3763_ID, WI_NIC_HWB3763_STR, WI_INTERSIL },
156 { WI_NIC_HWB3163_ID, WI_NIC_HWB3163_STR, WI_INTERSIL },
157 { WI_NIC_HWB3163B_ID, WI_NIC_HWB3163B_STR, WI_INTERSIL },
158 { WI_NIC_EVB3_ID, WI_NIC_EVB3_STR, WI_INTERSIL },
159 { WI_NIC_HWB1153_ID, WI_NIC_HWB1153_STR, WI_INTERSIL },
160 { WI_NIC_P2_SST_ID, WI_NIC_P2_SST_STR, WI_INTERSIL },
161 { WI_NIC_EVB2_SST_ID, WI_NIC_EVB2_SST_STR, WI_INTERSIL },
162 { WI_NIC_3842_EVA_ID, WI_NIC_3842_EVA_STR, WI_INTERSIL },
163 { WI_NIC_3842_PCMCIA_AMD_ID, WI_NIC_3842_PCMCIA_STR, WI_INTERSIL },
164 { WI_NIC_3842_PCMCIA_SST_ID, WI_NIC_3842_PCMCIA_STR, WI_INTERSIL },
165 { WI_NIC_3842_PCMCIA_ATM_ID, WI_NIC_3842_PCMCIA_STR, WI_INTERSIL },
166 { WI_NIC_3842_MINI_AMD_ID, WI_NIC_3842_MINI_STR, WI_INTERSIL },
167 { WI_NIC_3842_MINI_SST_ID, WI_NIC_3842_MINI_STR, WI_INTERSIL },
168 { WI_NIC_3842_MINI_ATM_ID, WI_NIC_3842_MINI_STR, WI_INTERSIL },
169 { WI_NIC_3842_PCI_AMD_ID, WI_NIC_3842_PCI_STR, WI_INTERSIL },
170 { WI_NIC_3842_PCI_SST_ID, WI_NIC_3842_PCI_STR, WI_INTERSIL },
171 { WI_NIC_3842_PCI_ATM_ID, WI_NIC_3842_PCI_STR, WI_INTERSIL },
172 { WI_NIC_P3_PCMCIA_AMD_ID, WI_NIC_P3_PCMCIA_STR, WI_INTERSIL },
173 { WI_NIC_P3_PCMCIA_SST_ID, WI_NIC_P3_PCMCIA_STR, WI_INTERSIL },
174 { WI_NIC_P3_MINI_AMD_ID, WI_NIC_P3_MINI_STR, WI_INTERSIL },
175 { WI_NIC_P3_MINI_SST_ID, WI_NIC_P3_MINI_STR, WI_INTERSIL },
180 owi_generic_detach(dev)
183 struct wi_softc *sc = device_get_softc(dev);
184 struct ifnet *ifp = &sc->arpcom.ac_if;
189 device_printf(dev, "already unloaded\n");
196 /* Delete all remaining media. */
197 ifmedia_removeall(&sc->ifmedia);
200 bus_teardown_intr(dev, sc->irq, sc->wi_intrhand);
211 owi_generic_attach(device_t dev)
214 struct wi_ltv_macaddr mac;
215 struct wi_ltv_gen gen;
219 /* XXX maybe we need the splimp stuff here XXX */
220 sc = device_get_softc(dev);
221 ifp = &sc->arpcom.ac_if;
222 callout_init(&sc->wi_stat_timer);
224 #if defined(__FreeBSD__) && __FreeBSD_version >= 500000
225 mtx_init(&sc->wi_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK,
226 MTX_DEF | MTX_RECURSE);
233 * Read the station address.
234 * And do it twice. I've seen PRISM-based cards that return
235 * an error when trying to read it the first time, which causes
238 mac.wi_type = WI_RID_MAC_NODE;
240 wi_read_record(sc, (struct wi_ltv_gen *)&mac);
241 if ((error = wi_read_record(sc, (struct wi_ltv_gen *)&mac)) != 0) {
242 device_printf(dev, "mac read failed %d\n", error);
246 bcopy((char *)&mac.wi_mac_addr,
247 (char *)&sc->arpcom.ac_enaddr, ETHER_ADDR_LEN);
252 if_initname(ifp, "wi", sc->wi_unit);
253 ifp->if_mtu = ETHERMTU;
254 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
255 ifp->if_ioctl = wi_ioctl;
256 ifp->if_start = wi_start;
257 ifp->if_watchdog = wi_watchdog;
258 ifp->if_init = wi_init;
259 ifp->if_baudrate = 10000000;
260 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN);
261 ifq_set_ready(&ifp->if_snd);
263 bzero(sc->wi_node_name, sizeof(sc->wi_node_name));
264 bcopy(WI_DEFAULT_NODENAME, sc->wi_node_name,
265 sizeof(WI_DEFAULT_NODENAME) - 1);
267 bzero(sc->wi_net_name, sizeof(sc->wi_net_name));
268 bcopy(WI_DEFAULT_NETNAME, sc->wi_net_name,
269 sizeof(WI_DEFAULT_NETNAME) - 1);
271 bzero(sc->wi_ibss_name, sizeof(sc->wi_ibss_name));
272 bcopy(WI_DEFAULT_IBSS, sc->wi_ibss_name,
273 sizeof(WI_DEFAULT_IBSS) - 1);
275 sc->wi_portnum = WI_DEFAULT_PORT;
276 sc->wi_ptype = WI_PORTTYPE_BSS;
277 sc->wi_ap_density = WI_DEFAULT_AP_DENSITY;
278 sc->wi_rts_thresh = WI_DEFAULT_RTS_THRESH;
279 sc->wi_tx_rate = WI_DEFAULT_TX_RATE;
280 sc->wi_max_data_len = WI_DEFAULT_DATALEN;
281 sc->wi_create_ibss = WI_DEFAULT_CREATE_IBSS;
282 sc->wi_pm_enabled = WI_DEFAULT_PM_ENABLED;
283 sc->wi_max_sleep = WI_DEFAULT_MAX_SLEEP;
284 sc->wi_roaming = WI_DEFAULT_ROAMING;
285 sc->wi_authtype = WI_DEFAULT_AUTHTYPE;
286 sc->wi_authmode = IEEE80211_AUTH_OPEN;
289 * Read the default channel from the NIC. This may vary
290 * depending on the country where the NIC was purchased, so
291 * we can't hard-code a default and expect it to work for
294 gen.wi_type = WI_RID_OWN_CHNL;
296 wi_read_record(sc, &gen);
297 sc->wi_channel = gen.wi_val;
300 * Set flags based on firmware version.
302 switch (sc->sc_firmware_type) {
304 sc->wi_flags |= WI_FLAGS_HAS_ROAMING;
305 if (sc->sc_sta_firmware_ver >= 60000)
306 sc->wi_flags |= WI_FLAGS_HAS_MOR;
307 if (sc->sc_sta_firmware_ver >= 60006) {
308 sc->wi_flags |= WI_FLAGS_HAS_IBSS;
309 sc->wi_flags |= WI_FLAGS_HAS_CREATE_IBSS;
311 sc->wi_ibss_port = htole16(1);
314 sc->wi_flags |= WI_FLAGS_HAS_ROAMING;
315 if (sc->sc_sta_firmware_ver >= 800) {
316 sc->wi_flags |= WI_FLAGS_HAS_IBSS;
317 sc->wi_flags |= WI_FLAGS_HAS_CREATE_IBSS;
320 * version 0.8.3 and newer are the only ones that are known
321 * to currently work. Earlier versions can be made to work,
322 * at least according to the Linux driver.
324 if (sc->sc_sta_firmware_ver >= 803)
325 sc->wi_flags |= WI_FLAGS_HAS_HOSTAP;
326 sc->wi_ibss_port = htole16(0);
329 sc->wi_flags |= WI_FLAGS_HAS_DIVERSITY;
330 if (sc->sc_sta_firmware_ver >= 20000)
331 sc->wi_flags |= WI_FLAGS_HAS_IBSS;
332 /* Older Symbol firmware does not support IBSS creation. */
333 if (sc->sc_sta_firmware_ver >= 25000)
334 sc->wi_flags |= WI_FLAGS_HAS_CREATE_IBSS;
335 sc->wi_ibss_port = htole16(4);
340 * Find out if we support WEP on this card.
342 gen.wi_type = WI_RID_WEP_AVAIL;
344 wi_read_record(sc, &gen);
345 sc->wi_has_wep = gen.wi_val;
348 device_printf(sc->dev, "wi_has_wep = %d\n", sc->wi_has_wep);
351 * Find supported rates.
353 gen.wi_type = WI_RID_DATA_RATES;
355 if (wi_read_record(sc, &gen))
356 sc->wi_supprates = WI_SUPPRATES_1M | WI_SUPPRATES_2M |
357 WI_SUPPRATES_5M | WI_SUPPRATES_11M;
359 sc->wi_supprates = gen.wi_val;
361 bzero((char *)&sc->wi_stats, sizeof(sc->wi_stats));
366 ifmedia_init(&sc->ifmedia, 0, wi_media_change, wi_media_status);
367 #define ADD(m, c) ifmedia_add(&sc->ifmedia, (m), (c), NULL)
368 if (sc->wi_supprates & WI_SUPPRATES_1M) {
369 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS1, 0, 0), 0);
370 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS1,
371 IFM_IEEE80211_ADHOC, 0), 0);
372 if (sc->wi_flags & WI_FLAGS_HAS_IBSS)
373 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS1,
374 IFM_IEEE80211_IBSS, 0), 0);
375 if (sc->wi_flags & WI_FLAGS_HAS_CREATE_IBSS)
376 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS1,
377 IFM_IEEE80211_IBSSMASTER, 0), 0);
378 if (sc->wi_flags & WI_FLAGS_HAS_HOSTAP)
379 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS1,
380 IFM_IEEE80211_HOSTAP, 0), 0);
382 if (sc->wi_supprates & WI_SUPPRATES_2M) {
383 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS2, 0, 0), 0);
384 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS2,
385 IFM_IEEE80211_ADHOC, 0), 0);
386 if (sc->wi_flags & WI_FLAGS_HAS_IBSS)
387 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS2,
388 IFM_IEEE80211_IBSS, 0), 0);
389 if (sc->wi_flags & WI_FLAGS_HAS_CREATE_IBSS)
390 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS2,
391 IFM_IEEE80211_IBSSMASTER, 0), 0);
392 if (sc->wi_flags & WI_FLAGS_HAS_HOSTAP)
393 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS2,
394 IFM_IEEE80211_HOSTAP, 0), 0);
396 if (sc->wi_supprates & WI_SUPPRATES_5M) {
397 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS5, 0, 0), 0);
398 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS5,
399 IFM_IEEE80211_ADHOC, 0), 0);
400 if (sc->wi_flags & WI_FLAGS_HAS_IBSS)
401 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS5,
402 IFM_IEEE80211_IBSS, 0), 0);
403 if (sc->wi_flags & WI_FLAGS_HAS_CREATE_IBSS)
404 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS5,
405 IFM_IEEE80211_IBSSMASTER, 0), 0);
406 if (sc->wi_flags & WI_FLAGS_HAS_HOSTAP)
407 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS5,
408 IFM_IEEE80211_HOSTAP, 0), 0);
410 if (sc->wi_supprates & WI_SUPPRATES_11M) {
411 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS11, 0, 0), 0);
412 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS11,
413 IFM_IEEE80211_ADHOC, 0), 0);
414 if (sc->wi_flags & WI_FLAGS_HAS_IBSS)
415 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS11,
416 IFM_IEEE80211_IBSS, 0), 0);
417 if (sc->wi_flags & WI_FLAGS_HAS_CREATE_IBSS)
418 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS11,
419 IFM_IEEE80211_IBSSMASTER, 0), 0);
420 if (sc->wi_flags & WI_FLAGS_HAS_HOSTAP)
421 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_IEEE80211_DS11,
422 IFM_IEEE80211_HOSTAP, 0), 0);
423 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_MANUAL, 0, 0), 0);
425 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_AUTO, IFM_IEEE80211_ADHOC, 0), 0);
426 if (sc->wi_flags & WI_FLAGS_HAS_IBSS)
427 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_AUTO, IFM_IEEE80211_IBSS,
429 if (sc->wi_flags & WI_FLAGS_HAS_CREATE_IBSS)
430 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_AUTO,
431 IFM_IEEE80211_IBSSMASTER, 0), 0);
432 if (sc->wi_flags & WI_FLAGS_HAS_HOSTAP)
433 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_AUTO,
434 IFM_IEEE80211_HOSTAP, 0), 0);
435 ADD(IFM_MAKEWORD(IFM_IEEE80211, IFM_AUTO, 0, 0), 0);
437 ifmedia_set(&sc->ifmedia, IFM_MAKEWORD(IFM_IEEE80211, IFM_AUTO, 0, 0));
440 * Call MI attach routine.
442 ether_ifattach(ifp, sc->arpcom.ac_enaddr);
444 error = bus_setup_intr(dev, sc->irq, 0,
445 wi_intr, sc, &sc->wi_intrhand, NULL);
448 device_printf(dev, "bus_setup_intr() failed! (%d)\n", error);
460 struct wi_ltv_ver ver;
461 struct wi_card_ident *id;
463 /* getting chip identity */
464 memset(&ver, 0, sizeof(ver));
465 ver.wi_type = WI_RID_CARD_ID;
467 wi_read_record(sc, (struct wi_ltv_gen *)&ver);
468 device_printf(sc->dev, "using ");
469 sc->sc_firmware_type = WI_NOTYPE;
470 for (id = wi_card_ident; id->card_name != NULL; id++) {
471 if (le16toh(ver.wi_ver[0]) == id->card_id) {
472 printf("%s", id->card_name);
473 sc->sc_firmware_type = id->firm_type;
477 if (sc->sc_firmware_type == WI_NOTYPE) {
478 if (le16toh(ver.wi_ver[0]) & 0x8000) {
479 printf("Unknown PRISM2 chip");
480 sc->sc_firmware_type = WI_INTERSIL;
482 printf("Unknown Lucent chip");
483 sc->sc_firmware_type = WI_LUCENT;
487 if (sc->sc_firmware_type != WI_LUCENT) {
488 /* get primary firmware version */
489 memset(&ver, 0, sizeof(ver));
490 ver.wi_type = WI_RID_PRI_IDENTITY;
492 wi_read_record(sc, (struct wi_ltv_gen *)&ver);
493 ver.wi_ver[1] = le16toh(ver.wi_ver[1]);
494 ver.wi_ver[2] = le16toh(ver.wi_ver[2]);
495 ver.wi_ver[3] = le16toh(ver.wi_ver[3]);
496 sc->sc_pri_firmware_ver = ver.wi_ver[2] * 10000 +
497 ver.wi_ver[3] * 100 + ver.wi_ver[1];
500 /* get station firmware version */
501 memset(&ver, 0, sizeof(ver));
502 ver.wi_type = WI_RID_STA_IDENTITY;
504 wi_read_record(sc, (struct wi_ltv_gen *)&ver);
505 ver.wi_ver[1] = le16toh(ver.wi_ver[1]);
506 ver.wi_ver[2] = le16toh(ver.wi_ver[2]);
507 ver.wi_ver[3] = le16toh(ver.wi_ver[3]);
508 sc->sc_sta_firmware_ver = ver.wi_ver[2] * 10000 +
509 ver.wi_ver[3] * 100 + ver.wi_ver[1];
510 if (sc->sc_firmware_type == WI_INTERSIL &&
511 (sc->sc_sta_firmware_ver == 10102 ||
512 sc->sc_sta_firmware_ver == 20102)) {
513 struct wi_ltv_str sver;
516 memset(&sver, 0, sizeof(sver));
517 sver.wi_type = WI_RID_SYMBOL_IDENTITY;
519 /* value should be the format like "V2.00-11" */
520 if (wi_read_record(sc, (struct wi_ltv_gen *)&sver) == 0 &&
521 *(p = (char *)sver.wi_str) >= 'A' &&
522 p[2] == '.' && p[5] == '-' && p[8] == '\0') {
523 sc->sc_firmware_type = WI_SYMBOL;
524 sc->sc_sta_firmware_ver = (p[1] - '0') * 10000 +
525 (p[3] - '0') * 1000 + (p[4] - '0') * 100 +
526 (p[6] - '0') * 10 + (p[7] - '0');
530 device_printf(sc->dev, "%s Firmware: ",
531 sc->sc_firmware_type == WI_LUCENT ? "Lucent" :
532 (sc->sc_firmware_type == WI_SYMBOL ? "Symbol" : "Intersil"));
535 * The primary firmware is only valid on Prism based chipsets
536 * (INTERSIL or SYMBOL).
538 if (sc->sc_firmware_type != WI_LUCENT)
539 printf("Primary %u.%02u.%02u, ", sc->sc_pri_firmware_ver / 10000,
540 (sc->sc_pri_firmware_ver % 10000) / 100,
541 sc->sc_pri_firmware_ver % 100);
542 printf("Station %u.%02u.%02u\n",
543 sc->sc_sta_firmware_ver / 10000, (sc->sc_sta_firmware_ver % 10000) / 100,
544 sc->sc_sta_firmware_ver % 100);
553 struct ether_header *eh;
557 ifp = &sc->arpcom.ac_if;
559 id = CSR_READ_2(sc, WI_RX_FID);
562 * if we have the procframe flag set, disregard all this and just
563 * read the data from the device.
565 if (sc->wi_procframe || sc->wi_debug.wi_monitor) {
566 struct wi_frame *rx_frame;
569 /* first allocate mbuf for packet storage */
570 MGETHDR(m, MB_DONTWAIT, MT_DATA);
575 MCLGET(m, MB_DONTWAIT);
576 if (!(m->m_flags & M_EXT)) {
582 m->m_pkthdr.rcvif = ifp;
584 /* now read wi_frame first so we know how much data to read */
585 if (wi_read_data(sc, id, 0, mtod(m, caddr_t),
586 sizeof(struct wi_frame))) {
592 rx_frame = mtod(m, struct wi_frame *);
594 switch ((rx_frame->wi_status & WI_STAT_MAC_PORT) >> 8) {
596 switch (rx_frame->wi_frame_ctl & WI_FCTL_FTYPE) {
598 hdrlen = WI_DATA_HDRLEN;
599 datlen = rx_frame->wi_dat_len + WI_FCS_LEN;
602 hdrlen = WI_MGMT_HDRLEN;
603 datlen = rx_frame->wi_dat_len + WI_FCS_LEN;
607 * prism2 cards don't pass control packets
608 * down properly or consistently, so we'll only
609 * pass down the header.
611 hdrlen = WI_CTL_HDRLEN;
615 device_printf(sc->dev, "received packet of "
616 "unknown type on port 7\n");
623 hdrlen = WI_DATA_HDRLEN;
624 datlen = rx_frame->wi_dat_len + WI_FCS_LEN;
627 device_printf(sc->dev, "received packet on invalid "
628 "port (wi_status=0x%x)\n", rx_frame->wi_status);
634 if ((hdrlen + datlen + 2) > MCLBYTES) {
635 device_printf(sc->dev, "oversized packet received "
636 "(wi_dat_len=%d, wi_status=0x%x)\n",
637 datlen, rx_frame->wi_status);
643 if (wi_read_data(sc, id, hdrlen, mtod(m, caddr_t) + hdrlen,
650 m->m_pkthdr.len = m->m_len = hdrlen + datlen;
654 /* Handle BPF listeners. */
659 struct wi_frame rx_frame;
661 /* First read in the frame header */
662 if (wi_read_data(sc, id, 0, (caddr_t)&rx_frame,
668 if (rx_frame.wi_status & WI_STAT_ERRSTAT) {
673 MGETHDR(m, MB_DONTWAIT, MT_DATA);
678 MCLGET(m, MB_DONTWAIT);
679 if (!(m->m_flags & M_EXT)) {
685 eh = mtod(m, struct ether_header *);
686 m->m_pkthdr.rcvif = ifp;
688 if (rx_frame.wi_status == WI_STAT_MGMT &&
689 sc->wi_ptype == WI_PORTTYPE_AP) {
690 if ((WI_802_11_OFFSET_RAW + rx_frame.wi_dat_len + 2) >
692 device_printf(sc->dev, "oversized mgmt packet "
693 "received in hostap mode "
694 "(wi_dat_len=%d, wi_status=0x%x)\n",
695 rx_frame.wi_dat_len, rx_frame.wi_status);
701 /* Put the whole header in there. */
702 bcopy(&rx_frame, mtod(m, void *),
703 sizeof(struct wi_frame));
704 if (wi_read_data(sc, id, WI_802_11_OFFSET_RAW,
705 mtod(m, caddr_t) + WI_802_11_OFFSET_RAW,
706 rx_frame.wi_dat_len + 2)) {
711 m->m_pkthdr.len = m->m_len =
712 WI_802_11_OFFSET_RAW + rx_frame.wi_dat_len;
713 /* XXX: consider giving packet to bhp? */
714 owihap_mgmt_input(sc, &rx_frame, m);
718 if (rx_frame.wi_status == WI_STAT_1042 ||
719 rx_frame.wi_status == WI_STAT_TUNNEL ||
720 rx_frame.wi_status == WI_STAT_WMP_MSG) {
721 if((rx_frame.wi_dat_len + WI_SNAPHDR_LEN) > MCLBYTES) {
722 device_printf(sc->dev,
723 "oversized packet received "
724 "(wi_dat_len=%d, wi_status=0x%x)\n",
725 rx_frame.wi_dat_len, rx_frame.wi_status);
730 m->m_pkthdr.len = m->m_len =
731 rx_frame.wi_dat_len + WI_SNAPHDR_LEN;
734 bcopy((char *)&rx_frame.wi_addr1,
735 (char *)&eh->ether_dhost, ETHER_ADDR_LEN);
736 if (sc->wi_ptype == WI_PORTTYPE_ADHOC) {
737 bcopy((char *)&rx_frame.wi_addr2,
738 (char *)&eh->ether_shost, ETHER_ADDR_LEN);
740 bcopy((char *)&rx_frame.wi_addr3,
741 (char *)&eh->ether_shost, ETHER_ADDR_LEN);
744 bcopy((char *)&rx_frame.wi_dst_addr,
745 (char *)&eh->ether_dhost, ETHER_ADDR_LEN);
746 bcopy((char *)&rx_frame.wi_src_addr,
747 (char *)&eh->ether_shost, ETHER_ADDR_LEN);
750 bcopy((char *)&rx_frame.wi_type,
751 (char *)&eh->ether_type, ETHER_TYPE_LEN);
753 if (wi_read_data(sc, id, WI_802_11_OFFSET,
754 mtod(m, caddr_t) + sizeof(struct ether_header),
761 if((rx_frame.wi_dat_len +
762 sizeof(struct ether_header)) > MCLBYTES) {
763 device_printf(sc->dev,
764 "oversized packet received "
765 "(wi_dat_len=%d, wi_status=0x%x)\n",
766 rx_frame.wi_dat_len, rx_frame.wi_status);
771 m->m_pkthdr.len = m->m_len =
772 rx_frame.wi_dat_len + sizeof(struct ether_header);
774 if (wi_read_data(sc, id, WI_802_3_OFFSET,
775 mtod(m, caddr_t), m->m_len + 2)) {
784 if (sc->wi_ptype == WI_PORTTYPE_AP) {
786 * Give host AP code first crack at data
787 * packets. If it decides to handle it (or
788 * drop it), it will return a non-zero.
789 * Otherwise, it is destined for this host.
791 if (owihap_data_input(sc, &rx_frame, m))
794 /* Receive packet. */
796 wi_cache_store(sc, m, rx_frame.wi_q_info);
798 (*ifp->if_input)(ifp, m);
809 ifp = &sc->arpcom.ac_if;
812 ifp->if_flags &= ~IFF_OACTIVE;
814 if (status & WI_EV_TX_EXC)
826 struct wi_softc *sc = xsc;
827 struct ifnet *ifp = &sc->arpcom.ac_if;
831 callout_reset(&sc->wi_stat_timer, hz* 60, wi_inquire, sc);
833 /* Don't do this while we're transmitting */
834 if (ifp->if_flags & IFF_OACTIVE) {
839 wi_cmd(sc, WI_CMD_INQUIRE, WI_INFO_COUNTERS, 0, 0);
848 struct wi_ltv_gen gen;
855 ifp = &sc->arpcom.ac_if;
857 id = CSR_READ_2(sc, WI_INFO_FID);
859 wi_read_data(sc, id, 0, (char *)&gen, 4);
862 * if we just got our scan results, copy it over into the scan buffer
863 * so we can return it to anyone that asks for it. (add a little
864 * compatibility with the prism2 scanning mechanism)
866 if (gen.wi_type == WI_INFO_SCAN_RESULTS)
868 sc->wi_scanbuf_len = gen.wi_len;
869 wi_read_data(sc, id, 4, (char *)sc->wi_scanbuf,
870 sc->wi_scanbuf_len * 2);
874 else if (gen.wi_type != WI_INFO_COUNTERS)
877 len = (gen.wi_len - 1 < sizeof(sc->wi_stats) / 4) ?
878 gen.wi_len - 1 : sizeof(sc->wi_stats) / 4;
879 ptr = (u_int32_t *)&sc->wi_stats;
881 for (i = 0; i < len - 1; i++) {
882 t = CSR_READ_2(sc, WI_DATA1);
883 #ifdef WI_HERMES_STATS_WAR
890 ifp->if_collisions = sc->wi_stats.wi_tx_single_retries +
891 sc->wi_stats.wi_tx_multi_retries +
892 sc->wi_stats.wi_tx_retry_limit;
901 struct wi_softc *sc = xsc;
902 struct ifnet *ifp = &sc->arpcom.ac_if;
905 if (sc->wi_gone || !(ifp->if_flags & IFF_UP)) {
906 CSR_WRITE_2(sc, WI_EVENT_ACK, 0xFFFF);
907 CSR_WRITE_2(sc, WI_INT_EN, 0);
911 /* Disable interrupts. */
912 CSR_WRITE_2(sc, WI_INT_EN, 0);
914 status = CSR_READ_2(sc, WI_EVENT_STAT);
915 CSR_WRITE_2(sc, WI_EVENT_ACK, ~WI_INTRS);
917 if (status & WI_EV_RX) {
919 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_RX);
922 if (status & WI_EV_TX) {
923 wi_txeof(sc, status);
924 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_TX);
927 if (status & WI_EV_ALLOC) {
930 id = CSR_READ_2(sc, WI_ALLOC_FID);
931 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_ALLOC);
932 if (id == sc->wi_tx_data_id)
933 wi_txeof(sc, status);
936 if (status & WI_EV_INFO) {
938 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_INFO);
941 if (status & WI_EV_TX_EXC) {
942 wi_txeof(sc, status);
943 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_TX_EXC);
946 if (status & WI_EV_INFO_DROP) {
947 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_INFO_DROP);
950 /* Re-enable interrupts. */
951 CSR_WRITE_2(sc, WI_INT_EN, WI_INTRS);
953 if (!ifq_is_empty(&ifp->if_snd)) {
959 wi_cmd(sc, cmd, val0, val1, val2)
967 static volatile int count = 0;
970 panic("Hey partner, hold on there!");
973 /* wait for the busy bit to clear */
974 for (i = 500; i > 0; i--) { /* 5s */
975 if (!(CSR_READ_2(sc, WI_COMMAND) & WI_CMD_BUSY)) {
978 DELAY(10*1000); /* 10 m sec */
981 device_printf(sc->dev, "wi_cmd: busy bit won't clear.\n" );
986 CSR_WRITE_2(sc, WI_PARAM0, val0);
987 CSR_WRITE_2(sc, WI_PARAM1, val1);
988 CSR_WRITE_2(sc, WI_PARAM2, val2);
989 CSR_WRITE_2(sc, WI_COMMAND, cmd);
991 for (i = 0; i < WI_TIMEOUT; i++) {
993 * Wait for 'command complete' bit to be
994 * set in the event status register.
996 s = CSR_READ_2(sc, WI_EVENT_STAT);
998 /* Ack the event and read result code. */
999 s = CSR_READ_2(sc, WI_STATUS);
1000 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_CMD);
1002 if ((s & WI_CMD_CODE_MASK) != (cmd & WI_CMD_CODE_MASK))
1005 if (s & WI_STAT_CMD_RESULT) {
1015 if (i == WI_TIMEOUT) {
1016 device_printf(sc->dev,
1017 "timeout in wi_cmd 0x%04x; event status 0x%04x\n", cmd, s);
1025 struct wi_softc *sc;
1027 #define WI_INIT_TRIES 3
1031 /* Symbol firmware cannot be initialized more than once */
1032 if (sc->sc_firmware_type == WI_SYMBOL && sc->sc_enabled)
1034 if (sc->sc_firmware_type == WI_SYMBOL)
1037 tries = WI_INIT_TRIES;
1039 for (i = 0; i < tries; i++) {
1040 if (wi_cmd(sc, WI_CMD_INI, 0, 0, 0) == 0)
1042 DELAY(WI_DELAY * 1000);
1047 device_printf(sc->dev, "init failed\n");
1051 CSR_WRITE_2(sc, WI_INT_EN, 0);
1052 CSR_WRITE_2(sc, WI_EVENT_ACK, 0xFFFF);
1054 /* Calibrate timer. */
1055 WI_SETVAL(WI_RID_TICK_TIME, 8);
1061 * Read an LTV record from the NIC.
1064 wi_read_record(sc, ltv)
1065 struct wi_softc *sc;
1066 struct wi_ltv_gen *ltv;
1070 struct wi_ltv_gen *oltv, p2ltv;
1073 if (sc->sc_firmware_type != WI_LUCENT) {
1074 switch (ltv->wi_type) {
1075 case WI_RID_ENCRYPTION:
1076 p2ltv.wi_type = WI_RID_P2_ENCRYPTION;
1080 case WI_RID_TX_CRYPT_KEY:
1081 p2ltv.wi_type = WI_RID_P2_TX_CRYPT_KEY;
1085 case WI_RID_ROAMING_MODE:
1086 if (sc->sc_firmware_type == WI_INTERSIL)
1091 case WI_RID_MICROWAVE_OVEN:
1098 /* Tell the NIC to enter record read mode. */
1099 if (wi_cmd(sc, WI_CMD_ACCESS|WI_ACCESS_READ, ltv->wi_type, 0, 0))
1102 /* Seek to the record. */
1103 if (wi_seek(sc, ltv->wi_type, 0, WI_BAP1))
1107 * Read the length and record type and make sure they
1108 * match what we expect (this verifies that we have enough
1109 * room to hold all of the returned data).
1111 len = CSR_READ_2(sc, WI_DATA1);
1112 if (len > ltv->wi_len)
1114 code = CSR_READ_2(sc, WI_DATA1);
1115 if (code != ltv->wi_type)
1119 ltv->wi_type = code;
1121 /* Now read the data. */
1123 for (i = 0; i < ltv->wi_len - 1; i++)
1124 ptr[i] = CSR_READ_2(sc, WI_DATA1);
1126 if (ltv->wi_type == WI_RID_PORTTYPE && sc->wi_ptype == WI_PORTTYPE_IBSS
1127 && ltv->wi_val == sc->wi_ibss_port) {
1129 * Convert vendor IBSS port type to WI_PORTTYPE_IBSS.
1130 * Since Lucent uses port type 1 for BSS *and* IBSS we
1131 * have to rely on wi_ptype to distinguish this for us.
1133 ltv->wi_val = htole16(WI_PORTTYPE_IBSS);
1134 } else if (sc->sc_firmware_type != WI_LUCENT) {
1135 switch (oltv->wi_type) {
1136 case WI_RID_TX_RATE:
1137 case WI_RID_CUR_TX_RATE:
1138 switch (ltv->wi_val) {
1139 case 1: oltv->wi_val = 1; break;
1140 case 2: oltv->wi_val = 2; break;
1141 case 3: oltv->wi_val = 6; break;
1142 case 4: oltv->wi_val = 5; break;
1143 case 7: oltv->wi_val = 7; break;
1144 case 8: oltv->wi_val = 11; break;
1145 case 15: oltv->wi_val = 3; break;
1146 default: oltv->wi_val = 0x100 + ltv->wi_val; break;
1149 case WI_RID_ENCRYPTION:
1151 if (ltv->wi_val & 0x01)
1156 case WI_RID_TX_CRYPT_KEY:
1158 oltv->wi_val = ltv->wi_val;
1160 case WI_RID_CNFAUTHMODE:
1162 if (le16toh(ltv->wi_val) & 0x01)
1163 oltv->wi_val = htole16(1);
1164 else if (le16toh(ltv->wi_val) & 0x02)
1165 oltv->wi_val = htole16(2);
1174 * Same as read, except we inject data instead of reading it.
1177 wi_write_record(sc, ltv)
1178 struct wi_softc *sc;
1179 struct wi_ltv_gen *ltv;
1183 struct wi_ltv_gen p2ltv;
1185 if (ltv->wi_type == WI_RID_PORTTYPE &&
1186 le16toh(ltv->wi_val) == WI_PORTTYPE_IBSS) {
1187 /* Convert WI_PORTTYPE_IBSS to vendor IBSS port type. */
1188 p2ltv.wi_type = WI_RID_PORTTYPE;
1190 p2ltv.wi_val = sc->wi_ibss_port;
1192 } else if (sc->sc_firmware_type != WI_LUCENT) {
1193 switch (ltv->wi_type) {
1194 case WI_RID_TX_RATE:
1195 p2ltv.wi_type = WI_RID_TX_RATE;
1197 switch (ltv->wi_val) {
1198 case 1: p2ltv.wi_val = 1; break;
1199 case 2: p2ltv.wi_val = 2; break;
1200 case 3: p2ltv.wi_val = 15; break;
1201 case 5: p2ltv.wi_val = 4; break;
1202 case 6: p2ltv.wi_val = 3; break;
1203 case 7: p2ltv.wi_val = 7; break;
1204 case 11: p2ltv.wi_val = 8; break;
1205 default: return EINVAL;
1209 case WI_RID_ENCRYPTION:
1210 p2ltv.wi_type = WI_RID_P2_ENCRYPTION;
1212 if (le16toh(ltv->wi_val)) {
1213 p2ltv.wi_val =htole16(PRIVACY_INVOKED |
1214 EXCLUDE_UNENCRYPTED);
1215 if (sc->wi_ptype == WI_PORTTYPE_AP)
1217 * Disable tx encryption...
1220 p2ltv.wi_val |= htole16(HOST_ENCRYPT);
1223 htole16(HOST_ENCRYPT | HOST_DECRYPT);
1226 case WI_RID_TX_CRYPT_KEY:
1227 p2ltv.wi_type = WI_RID_P2_TX_CRYPT_KEY;
1229 p2ltv.wi_val = ltv->wi_val;
1232 case WI_RID_DEFLT_CRYPT_KEYS:
1236 struct wi_ltv_str ws;
1237 struct wi_ltv_keys *wk =
1238 (struct wi_ltv_keys *)ltv;
1240 keylen = wk->wi_keys[sc->wi_tx_key].wi_keylen;
1242 for (i = 0; i < 4; i++) {
1243 bzero(&ws, sizeof(ws));
1244 ws.wi_len = (keylen > 5) ? 8 : 4;
1245 ws.wi_type = WI_RID_P2_CRYPT_KEY0 + i;
1247 &wk->wi_keys[i].wi_keydat, keylen);
1248 error = wi_write_record(sc,
1249 (struct wi_ltv_gen *)&ws);
1255 case WI_RID_CNFAUTHMODE:
1256 p2ltv.wi_type = WI_RID_CNFAUTHMODE;
1258 if (le16toh(ltv->wi_val) == 1)
1259 p2ltv.wi_val = htole16(0x01);
1260 else if (le16toh(ltv->wi_val) == 2)
1261 p2ltv.wi_val = htole16(0x02);
1264 case WI_RID_ROAMING_MODE:
1265 if (sc->sc_firmware_type == WI_INTERSIL)
1269 case WI_RID_MICROWAVE_OVEN:
1275 switch (ltv->wi_type) {
1276 case WI_RID_TX_RATE:
1277 switch (ltv->wi_val) {
1278 case 1: ltv->wi_val = 1; break; /* 1Mb/s fixed */
1279 case 2: ltv->wi_val = 2; break; /* 2Mb/s fixed */
1280 case 3: ltv->wi_val = 3; break; /* 11Mb/s auto */
1281 case 5: ltv->wi_val = 4; break; /* 5.5Mb/s fixed */
1282 case 6: ltv->wi_val = 6; break; /* 2Mb/s auto */
1283 case 7: ltv->wi_val = 7; break; /* 5.5Mb/s auto */
1284 case 11: ltv->wi_val = 5; break; /* 11Mb/s fixed */
1285 default: return EINVAL;
1290 if (wi_seek(sc, ltv->wi_type, 0, WI_BAP1))
1293 CSR_WRITE_2(sc, WI_DATA1, ltv->wi_len);
1294 CSR_WRITE_2(sc, WI_DATA1, ltv->wi_type);
1297 for (i = 0; i < ltv->wi_len - 1; i++)
1298 CSR_WRITE_2(sc, WI_DATA1, ptr[i]);
1300 if (wi_cmd(sc, WI_CMD_ACCESS|WI_ACCESS_WRITE, ltv->wi_type, 0, 0))
1307 wi_seek(sc, id, off, chan)
1308 struct wi_softc *sc;
1325 device_printf(sc->dev, "invalid data path: %x\n", chan);
1329 CSR_WRITE_2(sc, selreg, id);
1330 CSR_WRITE_2(sc, offreg, off);
1332 for (i = 0; i < WI_TIMEOUT; i++) {
1333 status = CSR_READ_2(sc, offreg);
1334 if (!(status & (WI_OFF_BUSY|WI_OFF_ERR)))
1339 if (i == WI_TIMEOUT) {
1340 device_printf(sc->dev, "timeout in wi_seek to %x/%x; last status %x\n",
1349 wi_read_data(sc, id, off, buf, len)
1350 struct wi_softc *sc;
1358 if (wi_seek(sc, id, off, WI_BAP1))
1361 ptr = (u_int16_t *)buf;
1362 for (i = 0; i < len / 2; i++)
1363 ptr[i] = CSR_READ_2(sc, WI_DATA1);
1369 * According to the comments in the HCF Light code, there is a bug in
1370 * the Hermes (or possibly in certain Hermes firmware revisions) where
1371 * the chip's internal autoincrement counter gets thrown off during
1372 * data writes: the autoincrement is missed, causing one data word to
1373 * be overwritten and subsequent words to be written to the wrong memory
1374 * locations. The end result is that we could end up transmitting bogus
1375 * frames without realizing it. The workaround for this is to write a
1376 * couple of extra guard words after the end of the transfer, then
1377 * attempt to read then back. If we fail to locate the guard words where
1378 * we expect them, we preform the transfer over again.
1381 wi_write_data(sc, id, off, buf, len)
1382 struct wi_softc *sc;
1389 #ifdef WI_HERMES_AUTOINC_WAR
1396 if (wi_seek(sc, id, off, WI_BAP0))
1399 ptr = (u_int16_t *)buf;
1400 for (i = 0; i < (len / 2); i++)
1401 CSR_WRITE_2(sc, WI_DATA0, ptr[i]);
1403 #ifdef WI_HERMES_AUTOINC_WAR
1404 CSR_WRITE_2(sc, WI_DATA0, 0x1234);
1405 CSR_WRITE_2(sc, WI_DATA0, 0x5678);
1407 if (wi_seek(sc, id, off + len, WI_BAP0))
1410 if (CSR_READ_2(sc, WI_DATA0) != 0x1234 ||
1411 CSR_READ_2(sc, WI_DATA0) != 0x5678) {
1414 device_printf(sc->dev, "wi_write_data device timeout\n");
1423 * Allocate a region of memory inside the NIC and zero
1427 wi_alloc_nicmem(sc, len, id)
1428 struct wi_softc *sc;
1434 if (wi_cmd(sc, WI_CMD_ALLOC_MEM, len, 0, 0)) {
1435 device_printf(sc->dev,
1436 "failed to allocate %d bytes on NIC\n", len);
1440 for (i = 0; i < WI_TIMEOUT; i++) {
1441 if (CSR_READ_2(sc, WI_EVENT_STAT) & WI_EV_ALLOC)
1446 if (i == WI_TIMEOUT) {
1447 device_printf(sc->dev, "time out allocating memory on card\n");
1451 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_ALLOC);
1452 *id = CSR_READ_2(sc, WI_ALLOC_FID);
1454 if (wi_seek(sc, *id, 0, WI_BAP0)) {
1455 device_printf(sc->dev, "seek failed while allocating memory on card\n");
1459 for (i = 0; i < len / 2; i++)
1460 CSR_WRITE_2(sc, WI_DATA0, 0);
1467 struct wi_softc *sc;
1471 struct ifmultiaddr *ifma;
1472 struct wi_ltv_mcast mcast;
1474 ifp = &sc->arpcom.ac_if;
1476 bzero((char *)&mcast, sizeof(mcast));
1478 mcast.wi_type = WI_RID_MCAST_LIST;
1479 mcast.wi_len = (3 * 16) + 1;
1481 if (ifp->if_flags & IFF_ALLMULTI || ifp->if_flags & IFF_PROMISC) {
1482 wi_write_record(sc, (struct wi_ltv_gen *)&mcast);
1486 #if defined(__DragonFly__) || __FreeBSD_version < 500000
1487 LIST_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
1489 TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
1491 if (ifma->ifma_addr->sa_family != AF_LINK)
1494 bcopy(LLADDR((struct sockaddr_dl *)ifma->ifma_addr),
1495 (char *)&mcast.wi_mcast[i], ETHER_ADDR_LEN);
1498 bzero((char *)&mcast, sizeof(mcast));
1503 mcast.wi_len = (i * 3) + 1;
1504 wi_write_record(sc, (struct wi_ltv_gen *)&mcast);
1511 struct wi_softc *sc;
1512 struct wi_req *wreq;
1516 ifp = &sc->arpcom.ac_if;
1518 switch(wreq->wi_type) {
1519 case WI_RID_MAC_NODE:
1520 bcopy((char *)&wreq->wi_val, (char *)&sc->arpcom.ac_enaddr,
1522 bcopy((char *)&wreq->wi_val, IF_LLADDR(ifp), ETHER_ADDR_LEN);
1524 case WI_RID_PORTTYPE:
1525 sc->wi_ptype = le16toh(wreq->wi_val[0]);
1527 case WI_RID_TX_RATE:
1528 sc->wi_tx_rate = le16toh(wreq->wi_val[0]);
1530 case WI_RID_MAX_DATALEN:
1531 sc->wi_max_data_len = le16toh(wreq->wi_val[0]);
1533 case WI_RID_RTS_THRESH:
1534 sc->wi_rts_thresh = le16toh(wreq->wi_val[0]);
1536 case WI_RID_SYSTEM_SCALE:
1537 sc->wi_ap_density = le16toh(wreq->wi_val[0]);
1539 case WI_RID_CREATE_IBSS:
1540 sc->wi_create_ibss = le16toh(wreq->wi_val[0]);
1542 case WI_RID_OWN_CHNL:
1543 sc->wi_channel = le16toh(wreq->wi_val[0]);
1545 case WI_RID_NODENAME:
1546 bzero(sc->wi_node_name, sizeof(sc->wi_node_name));
1547 bcopy((char *)&wreq->wi_val[1], sc->wi_node_name, 30);
1549 case WI_RID_DESIRED_SSID:
1550 bzero(sc->wi_net_name, sizeof(sc->wi_net_name));
1551 bcopy((char *)&wreq->wi_val[1], sc->wi_net_name, 30);
1553 case WI_RID_OWN_SSID:
1554 bzero(sc->wi_ibss_name, sizeof(sc->wi_ibss_name));
1555 bcopy((char *)&wreq->wi_val[1], sc->wi_ibss_name, 30);
1557 case WI_RID_PM_ENABLED:
1558 sc->wi_pm_enabled = le16toh(wreq->wi_val[0]);
1560 case WI_RID_MICROWAVE_OVEN:
1561 sc->wi_mor_enabled = le16toh(wreq->wi_val[0]);
1563 case WI_RID_MAX_SLEEP:
1564 sc->wi_max_sleep = le16toh(wreq->wi_val[0]);
1566 case WI_RID_CNFAUTHMODE:
1567 sc->wi_authtype = le16toh(wreq->wi_val[0]);
1569 case WI_RID_ROAMING_MODE:
1570 sc->wi_roaming = le16toh(wreq->wi_val[0]);
1572 case WI_RID_ENCRYPTION:
1573 sc->wi_use_wep = le16toh(wreq->wi_val[0]);
1575 case WI_RID_TX_CRYPT_KEY:
1576 sc->wi_tx_key = le16toh(wreq->wi_val[0]);
1578 case WI_RID_DEFLT_CRYPT_KEYS:
1579 bcopy((char *)wreq, (char *)&sc->wi_keys,
1580 sizeof(struct wi_ltv_keys));
1586 /* Reinitialize WaveLAN. */
1593 wi_ioctl(ifp, command, data, cr)
1601 u_int8_t tmpkey[14];
1602 char tmpssid[IEEE80211_NWID_LEN];
1603 struct wi_softc *sc = ifp->if_softc;
1606 struct ieee80211req *ireq;
1608 ifr = (struct ifreq *)data;
1609 ireq = (struct ieee80211req *)data;
1621 * Can't do promisc and hostap at the same time. If all that's
1622 * changing is the promisc flag, try to short-circuit a call to
1623 * wi_init() by just setting PROMISC in the hardware.
1625 if (ifp->if_flags & IFF_UP) {
1626 if (sc->wi_ptype != WI_PORTTYPE_AP &&
1627 ifp->if_flags & IFF_RUNNING) {
1628 if (ifp->if_flags & IFF_PROMISC &&
1629 !(sc->wi_if_flags & IFF_PROMISC)) {
1630 WI_SETVAL(WI_RID_PROMISC, 1);
1631 } else if (!(ifp->if_flags & IFF_PROMISC) &&
1632 sc->wi_if_flags & IFF_PROMISC) {
1633 WI_SETVAL(WI_RID_PROMISC, 0);
1641 if (ifp->if_flags & IFF_RUNNING) {
1645 sc->wi_if_flags = ifp->if_flags;
1650 error = ifmedia_ioctl(ifp, ifr, &sc->ifmedia, command);
1658 error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
1661 if (wreq.wi_len > WI_MAX_DATALEN) {
1665 /* Don't show WEP keys to non-root users. */
1666 if (wreq.wi_type == WI_RID_DEFLT_CRYPT_KEYS &&
1667 suser_cred(cr, NULL_CRED_OKAY))
1669 if (wreq.wi_type == WI_RID_IFACE_STATS) {
1670 bcopy((char *)&sc->wi_stats, (char *)&wreq.wi_val,
1671 sizeof(sc->wi_stats));
1672 wreq.wi_len = (sizeof(sc->wi_stats) / 2) + 1;
1673 } else if (wreq.wi_type == WI_RID_DEFLT_CRYPT_KEYS) {
1674 bcopy((char *)&sc->wi_keys, (char *)&wreq,
1675 sizeof(struct wi_ltv_keys));
1678 else if (wreq.wi_type == WI_RID_ZERO_CACHE) {
1679 sc->wi_sigitems = sc->wi_nextitem = 0;
1680 } else if (wreq.wi_type == WI_RID_READ_CACHE) {
1681 char *pt = (char *)&wreq.wi_val;
1682 bcopy((char *)&sc->wi_sigitems,
1683 (char *)pt, sizeof(int));
1684 pt += (sizeof (int));
1685 wreq.wi_len = sizeof(int) / 2;
1686 bcopy((char *)&sc->wi_sigcache, (char *)pt,
1687 sizeof(struct wi_sigcache) * sc->wi_sigitems);
1688 wreq.wi_len += ((sizeof(struct wi_sigcache) *
1689 sc->wi_sigitems) / 2) + 1;
1692 else if (wreq.wi_type == WI_RID_PROCFRAME) {
1694 wreq.wi_val[0] = sc->wi_procframe;
1695 } else if (wreq.wi_type == WI_RID_PRISM2) {
1697 wreq.wi_val[0] = sc->sc_firmware_type != WI_LUCENT;
1698 } else if (wreq.wi_type == WI_RID_SCAN_RES &&
1699 sc->sc_firmware_type == WI_LUCENT) {
1700 memcpy((char *)wreq.wi_val, (char *)sc->wi_scanbuf,
1701 sc->wi_scanbuf_len * 2);
1702 wreq.wi_len = sc->wi_scanbuf_len;
1704 if (wi_read_record(sc, (struct wi_ltv_gen *)&wreq)) {
1709 error = copyout(&wreq, ifr->ifr_data, sizeof(wreq));
1712 if ((error = suser_cred(cr, NULL_CRED_OKAY)))
1714 error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
1717 if (wreq.wi_len > WI_MAX_DATALEN) {
1721 if (wreq.wi_type == WI_RID_IFACE_STATS) {
1724 } else if (wreq.wi_type == WI_RID_MGMT_XMIT) {
1725 error = owi_mgmt_xmit(sc, (caddr_t)&wreq.wi_val,
1727 } else if (wreq.wi_type == WI_RID_PROCFRAME) {
1728 sc->wi_procframe = wreq.wi_val[0];
1730 * if we're getting a scan request from a wavelan card
1731 * (non-prism2), send out a cmd_inquire to the card to scan
1732 * results for the scan will be received through the info
1733 * interrupt handler. otherwise the scan request can be
1734 * directly handled by a prism2 card's rid interface.
1736 } else if (wreq.wi_type == WI_RID_SCAN_REQ &&
1737 sc->sc_firmware_type == WI_LUCENT) {
1738 wi_cmd(sc, WI_CMD_INQUIRE, WI_INFO_SCAN_RESULTS, 0, 0);
1740 error = wi_write_record(sc, (struct wi_ltv_gen *)&wreq);
1742 wi_setdef(sc, &wreq);
1745 case SIOCGPRISM2DEBUG:
1746 error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
1749 if (!(ifp->if_flags & IFF_RUNNING) ||
1750 sc->sc_firmware_type == WI_LUCENT) {
1754 error = wi_get_debug(sc, &wreq);
1756 error = copyout(&wreq, ifr->ifr_data, sizeof(wreq));
1758 case SIOCSPRISM2DEBUG:
1759 if ((error = suser_cred(cr, NULL_CRED_OKAY)))
1761 error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
1764 error = wi_set_debug(sc, &wreq);
1767 switch(ireq->i_type) {
1768 case IEEE80211_IOC_SSID:
1769 if(ireq->i_val == -1) {
1770 bzero(tmpssid, IEEE80211_NWID_LEN);
1771 error = wi_get_cur_ssid(sc, tmpssid, &len);
1774 error = copyout(tmpssid, ireq->i_data,
1775 IEEE80211_NWID_LEN);
1777 } else if (ireq->i_val == 0) {
1778 error = copyout(sc->wi_net_name,
1780 IEEE80211_NWID_LEN);
1781 ireq->i_len = IEEE80211_NWID_LEN;
1785 case IEEE80211_IOC_NUMSSIDS:
1788 case IEEE80211_IOC_WEP:
1789 if(!sc->wi_has_wep) {
1790 ireq->i_val = IEEE80211_WEP_NOSUP;
1792 if(sc->wi_use_wep) {
1794 IEEE80211_WEP_MIXED;
1801 case IEEE80211_IOC_WEPKEY:
1802 if(!sc->wi_has_wep ||
1803 ireq->i_val < 0 || ireq->i_val > 3) {
1807 len = sc->wi_keys.wi_keys[ireq->i_val].wi_keylen;
1808 if (suser_cred(cr, NULL_CRED_OKAY))
1809 bcopy(sc->wi_keys.wi_keys[ireq->i_val].wi_keydat,
1815 error = copyout(tmpkey, ireq->i_data, len);
1818 case IEEE80211_IOC_NUMWEPKEYS:
1824 case IEEE80211_IOC_WEPTXKEY:
1828 ireq->i_val = sc->wi_tx_key;
1830 case IEEE80211_IOC_AUTHMODE:
1831 ireq->i_val = sc->wi_authmode;
1833 case IEEE80211_IOC_STATIONNAME:
1834 error = copyout(sc->wi_node_name,
1835 ireq->i_data, IEEE80211_NWID_LEN);
1836 ireq->i_len = IEEE80211_NWID_LEN;
1838 case IEEE80211_IOC_CHANNEL:
1839 wreq.wi_type = WI_RID_CURRENT_CHAN;
1840 wreq.wi_len = WI_MAX_DATALEN;
1841 if (wi_read_record(sc, (struct wi_ltv_gen *)&wreq))
1844 ireq->i_val = wreq.wi_val[0];
1847 case IEEE80211_IOC_POWERSAVE:
1848 if(sc->wi_pm_enabled)
1849 ireq->i_val = IEEE80211_POWERSAVE_ON;
1851 ireq->i_val = IEEE80211_POWERSAVE_OFF;
1853 case IEEE80211_IOC_POWERSAVESLEEP:
1854 ireq->i_val = sc->wi_max_sleep;
1861 if ((error = suser_cred(cr, NULL_CRED_OKAY)))
1863 switch(ireq->i_type) {
1864 case IEEE80211_IOC_SSID:
1865 if (ireq->i_val != 0 ||
1866 ireq->i_len > IEEE80211_NWID_LEN) {
1870 /* We set both of them */
1871 bzero(sc->wi_net_name, IEEE80211_NWID_LEN);
1872 error = copyin(ireq->i_data,
1873 sc->wi_net_name, ireq->i_len);
1874 bcopy(sc->wi_net_name, sc->wi_ibss_name, IEEE80211_NWID_LEN);
1876 case IEEE80211_IOC_WEP:
1878 * These cards only support one mode so
1879 * we just turn wep on what ever is
1880 * passed in if it's not OFF.
1882 if (ireq->i_val == IEEE80211_WEP_OFF) {
1888 case IEEE80211_IOC_WEPKEY:
1889 if (ireq->i_val < 0 || ireq->i_val > 3 ||
1894 bzero(sc->wi_keys.wi_keys[ireq->i_val].wi_keydat, 13);
1895 error = copyin(ireq->i_data,
1896 sc->wi_keys.wi_keys[ireq->i_val].wi_keydat,
1900 sc->wi_keys.wi_keys[ireq->i_val].wi_keylen =
1903 case IEEE80211_IOC_WEPTXKEY:
1904 if (ireq->i_val < 0 || ireq->i_val > 3) {
1908 sc->wi_tx_key = ireq->i_val;
1910 case IEEE80211_IOC_AUTHMODE:
1911 sc->wi_authmode = ireq->i_val;
1913 case IEEE80211_IOC_STATIONNAME:
1914 if (ireq->i_len > 32) {
1918 bzero(sc->wi_node_name, 32);
1919 error = copyin(ireq->i_data,
1920 sc->wi_node_name, ireq->i_len);
1922 case IEEE80211_IOC_CHANNEL:
1924 * The actual range is 1-14, but if you
1925 * set it to 0 you get the default. So
1926 * we let that work too.
1928 if (ireq->i_val < 0 || ireq->i_val > 14) {
1932 sc->wi_channel = ireq->i_val;
1934 case IEEE80211_IOC_POWERSAVE:
1935 switch (ireq->i_val) {
1936 case IEEE80211_POWERSAVE_OFF:
1937 sc->wi_pm_enabled = 0;
1939 case IEEE80211_POWERSAVE_ON:
1940 sc->wi_pm_enabled = 1;
1947 case IEEE80211_IOC_POWERSAVESLEEP:
1948 if (ireq->i_val < 0) {
1952 sc->wi_max_sleep = ireq->i_val;
1959 /* Reinitialize WaveLAN. */
1963 case SIOCHOSTAP_ADD:
1964 case SIOCHOSTAP_DEL:
1965 case SIOCHOSTAP_GET:
1966 case SIOCHOSTAP_GETALL:
1967 case SIOCHOSTAP_GFLAGS:
1968 case SIOCHOSTAP_SFLAGS:
1969 /* Send all Host AP specific ioctl's to Host AP code. */
1970 error = owihap_ioctl(sc, command, data);
1973 error = ether_ioctl(ifp, command, data);
1986 struct wi_softc *sc = xsc;
1987 struct ifnet *ifp = &sc->arpcom.ac_if;
1988 struct wi_ltv_macaddr mac;
1998 if (ifp->if_flags & IFF_RUNNING)
2003 /* Program max data length. */
2004 WI_SETVAL(WI_RID_MAX_DATALEN, sc->wi_max_data_len);
2006 /* Set the port type. */
2007 WI_SETVAL(WI_RID_PORTTYPE, sc->wi_ptype);
2009 /* Enable/disable IBSS creation. */
2010 WI_SETVAL(WI_RID_CREATE_IBSS, sc->wi_create_ibss);
2012 /* Program the RTS/CTS threshold. */
2013 WI_SETVAL(WI_RID_RTS_THRESH, sc->wi_rts_thresh);
2015 /* Program the TX rate */
2016 WI_SETVAL(WI_RID_TX_RATE, sc->wi_tx_rate);
2018 /* Access point density */
2019 WI_SETVAL(WI_RID_SYSTEM_SCALE, sc->wi_ap_density);
2021 /* Power Management Enabled */
2022 WI_SETVAL(WI_RID_PM_ENABLED, sc->wi_pm_enabled);
2024 /* Power Managment Max Sleep */
2025 WI_SETVAL(WI_RID_MAX_SLEEP, sc->wi_max_sleep);
2028 WI_SETVAL(WI_RID_ROAMING_MODE, sc->wi_roaming);
2030 /* Specify the IBSS name */
2031 WI_SETSTR(WI_RID_OWN_SSID, sc->wi_ibss_name);
2033 /* Specify the network name */
2034 WI_SETSTR(WI_RID_DESIRED_SSID, sc->wi_net_name);
2036 /* Specify the frequency to use */
2037 WI_SETVAL(WI_RID_OWN_CHNL, sc->wi_channel);
2039 /* Program the nodename. */
2040 WI_SETSTR(WI_RID_NODENAME, sc->wi_node_name);
2042 /* Specify the authentication mode. */
2043 WI_SETVAL(WI_RID_CNFAUTHMODE, sc->wi_authmode);
2045 /* Set our MAC address. */
2047 mac.wi_type = WI_RID_MAC_NODE;
2048 bcopy((char *)&sc->arpcom.ac_enaddr,
2049 (char *)&mac.wi_mac_addr, ETHER_ADDR_LEN);
2050 wi_write_record(sc, (struct wi_ltv_gen *)&mac);
2053 * Initialize promisc mode.
2054 * Being in the Host-AP mode causes
2055 * great deal of pain if promisc mode is set.
2056 * Therefore we avoid confusing the firmware
2057 * and always reset promisc mode in Host-AP regime,
2058 * it shows us all the packets anyway.
2060 if (sc->wi_ptype != WI_PORTTYPE_AP && ifp->if_flags & IFF_PROMISC)
2061 WI_SETVAL(WI_RID_PROMISC, 1);
2063 WI_SETVAL(WI_RID_PROMISC, 0);
2065 /* Configure WEP. */
2066 if (sc->wi_has_wep) {
2067 WI_SETVAL(WI_RID_ENCRYPTION, sc->wi_use_wep);
2068 WI_SETVAL(WI_RID_TX_CRYPT_KEY, sc->wi_tx_key);
2069 sc->wi_keys.wi_len = (sizeof(struct wi_ltv_keys) / 2) + 1;
2070 sc->wi_keys.wi_type = WI_RID_DEFLT_CRYPT_KEYS;
2071 wi_write_record(sc, (struct wi_ltv_gen *)&sc->wi_keys);
2072 if (sc->sc_firmware_type != WI_LUCENT && sc->wi_use_wep) {
2074 * ONLY HWB3163 EVAL-CARD Firmware version
2075 * less than 0.8 variant2
2077 * If promiscuous mode disable, Prism2 chip
2078 * does not work with WEP.
2079 * It is under investigation for details.
2080 * (ichiro@netbsd.org)
2082 * And make sure that we don't need to do it
2083 * in hostap mode, since it interferes with
2084 * the above hostap workaround.
2086 if (sc->wi_ptype != WI_PORTTYPE_AP &&
2087 sc->sc_firmware_type == WI_INTERSIL &&
2088 sc->sc_sta_firmware_ver < 802 ) {
2089 /* firm ver < 0.8 variant 2 */
2090 WI_SETVAL(WI_RID_PROMISC, 1);
2092 WI_SETVAL(WI_RID_CNFAUTHMODE, sc->wi_authtype);
2096 /* Set multicast filter. */
2099 /* Enable desired port */
2100 wi_cmd(sc, WI_CMD_ENABLE | sc->wi_portnum, 0, 0, 0);
2102 if (wi_alloc_nicmem(sc, ETHER_MAX_LEN + sizeof(struct wi_frame) + 8, &id))
2103 device_printf(sc->dev, "tx buffer allocation failed\n");
2104 sc->wi_tx_data_id = id;
2106 if (wi_alloc_nicmem(sc, ETHER_MAX_LEN + sizeof(struct wi_frame) + 8, &id))
2107 device_printf(sc->dev, "mgmt. buffer allocation failed\n");
2108 sc->wi_tx_mgmt_id = id;
2110 /* enable interrupts */
2111 CSR_WRITE_2(sc, WI_INT_EN, WI_INTRS);
2115 ifp->if_flags |= IFF_RUNNING;
2116 ifp->if_flags &= ~IFF_OACTIVE;
2118 callout_reset(&sc->wi_stat_timer, hz * 60, wi_inquire, sc);
2123 #define RC4STATE 256
2124 #define RC4KEYLEN 16
2125 #define RC4SWAP(x,y) \
2126 do { u_int8_t t = state[x]; state[x] = state[y]; state[y] = t; } while(0)
2129 wi_do_hostencrypt(struct wi_softc *sc, caddr_t buf, int len)
2131 u_int32_t i, crc, klen;
2132 u_int8_t state[RC4STATE], key[RC4KEYLEN];
2133 u_int8_t x, y, *dat;
2135 if (!sc->wi_icv_flag) {
2136 sc->wi_icv = arc4random();
2141 * Skip 'bad' IVs from Fluhrer/Mantin/Shamir:
2142 * (B, 255, N) with 3 <= B < 8
2144 if (sc->wi_icv >= 0x03ff00 &&
2145 (sc->wi_icv & 0xf8ff00) == 0x00ff00)
2146 sc->wi_icv += 0x000100;
2148 /* prepend 24bit IV to tx key, byte order does not matter */
2149 key[0] = sc->wi_icv >> 16;
2150 key[1] = sc->wi_icv >> 8;
2151 key[2] = sc->wi_icv;
2153 klen = sc->wi_keys.wi_keys[sc->wi_tx_key].wi_keylen +
2154 IEEE80211_WEP_IVLEN;
2155 klen = (klen >= RC4KEYLEN) ? RC4KEYLEN : RC4KEYLEN/2;
2156 bcopy((char *)&sc->wi_keys.wi_keys[sc->wi_tx_key].wi_keydat,
2157 (char *)key + IEEE80211_WEP_IVLEN, klen - IEEE80211_WEP_IVLEN);
2161 for (i = 0; i < RC4STATE; i++)
2163 for (i = 0; i < RC4STATE; i++) {
2164 y = (key[x] + state[i] + y) % RC4STATE;
2169 /* output: IV, tx keyid, rc4(data), rc4(crc32(data)) */
2174 dat[3] = sc->wi_tx_key << 6; /* pad and keyid */
2177 /* compute rc4 over data, crc32 over data */
2180 for (i = 0; i < len; i++) {
2181 x = (x + 1) % RC4STATE;
2182 y = (state[x] + y) % RC4STATE;
2184 crc = crc32_tab[(crc ^ dat[i]) & 0xff] ^ (crc >> 8);
2185 dat[i] ^= state[(state[x] + state[y]) % RC4STATE];
2190 /* append little-endian crc32 and encrypt */
2195 for (i = 0; i < IEEE80211_WEP_CRCLEN; i++) {
2196 x = (x + 1) % RC4STATE;
2197 y = (state[x] + y) % RC4STATE;
2199 dat[i] ^= state[(state[x] + state[y]) % RC4STATE];
2207 struct wi_softc *sc = ifp->if_softc;
2209 struct wi_frame tx_frame;
2210 struct ether_header *eh;
2220 if (ifp->if_flags & IFF_OACTIVE) {
2226 m0 = ifq_dequeue(&ifp->if_snd);
2232 bzero((char *)&tx_frame, sizeof(tx_frame));
2233 tx_frame.wi_frame_ctl = htole16(WI_FTYPE_DATA);
2234 id = sc->wi_tx_data_id;
2235 eh = mtod(m0, struct ether_header *);
2237 if (sc->wi_ptype == WI_PORTTYPE_AP) {
2238 if (!owihap_check_tx(&sc->wi_hostap_info,
2239 eh->ether_dhost, &tx_frame.wi_tx_rate)) {
2240 if (ifp->if_flags & IFF_DEBUG)
2241 printf("wi_start: dropping unassoc "
2242 "dst %6D\n", eh->ether_dhost, ":");
2248 * Use RFC1042 encoding for IP and ARP datagrams,
2249 * 802.3 for anything else.
2251 if (ntohs(eh->ether_type) > ETHER_MAX_LEN) {
2252 bcopy((char *)&eh->ether_dhost,
2253 (char *)&tx_frame.wi_addr1, ETHER_ADDR_LEN);
2254 if (sc->wi_ptype == WI_PORTTYPE_AP) {
2255 tx_frame.wi_tx_ctl = WI_ENC_TX_MGMT; /* XXX */
2256 tx_frame.wi_frame_ctl |= WI_FCTL_FROMDS;
2258 tx_frame.wi_frame_ctl |= WI_FCTL_WEP;
2259 bcopy((char *)&sc->arpcom.ac_enaddr,
2260 (char *)&tx_frame.wi_addr2, ETHER_ADDR_LEN);
2261 bcopy((char *)&eh->ether_shost,
2262 (char *)&tx_frame.wi_addr3, ETHER_ADDR_LEN);
2265 bcopy((char *)&eh->ether_shost,
2266 (char *)&tx_frame.wi_addr2, ETHER_ADDR_LEN);
2267 bcopy((char *)&eh->ether_dhost,
2268 (char *)&tx_frame.wi_dst_addr, ETHER_ADDR_LEN);
2269 bcopy((char *)&eh->ether_shost,
2270 (char *)&tx_frame.wi_src_addr, ETHER_ADDR_LEN);
2272 tx_frame.wi_dat_len = m0->m_pkthdr.len - WI_SNAPHDR_LEN;
2273 tx_frame.wi_dat[0] = htons(WI_SNAP_WORD0);
2274 tx_frame.wi_dat[1] = htons(WI_SNAP_WORD1);
2275 tx_frame.wi_len = htons(m0->m_pkthdr.len - WI_SNAPHDR_LEN);
2276 tx_frame.wi_type = eh->ether_type;
2278 if (sc->wi_ptype == WI_PORTTYPE_AP && sc->wi_use_wep) {
2279 /* Do host encryption. */
2280 bcopy(&tx_frame.wi_dat[0], &sc->wi_txbuf[4], 8);
2281 m_copydata(m0, sizeof(struct ether_header),
2282 m0->m_pkthdr.len - sizeof(struct ether_header),
2283 (caddr_t)&sc->wi_txbuf[12]);
2284 wi_do_hostencrypt(sc, &sc->wi_txbuf[0],
2285 tx_frame.wi_dat_len);
2286 tx_frame.wi_dat_len += IEEE80211_WEP_IVLEN +
2287 IEEE80211_WEP_KIDLEN + IEEE80211_WEP_CRCLEN;
2288 wi_write_data(sc, id, 0, (caddr_t)&tx_frame,
2289 sizeof(struct wi_frame));
2290 wi_write_data(sc, id, WI_802_11_OFFSET_RAW,
2291 (caddr_t)&sc->wi_txbuf, (m0->m_pkthdr.len -
2292 sizeof(struct ether_header)) + 18);
2294 m_copydata(m0, sizeof(struct ether_header),
2295 m0->m_pkthdr.len - sizeof(struct ether_header),
2296 (caddr_t)&sc->wi_txbuf);
2297 wi_write_data(sc, id, 0, (caddr_t)&tx_frame,
2298 sizeof(struct wi_frame));
2299 wi_write_data(sc, id, WI_802_11_OFFSET,
2300 (caddr_t)&sc->wi_txbuf, (m0->m_pkthdr.len -
2301 sizeof(struct ether_header)) + 2);
2304 tx_frame.wi_dat_len = m0->m_pkthdr.len;
2306 if (sc->wi_ptype == WI_PORTTYPE_AP && sc->wi_use_wep) {
2307 /* Do host encryption. */
2308 printf( "XXX: host encrypt not implemented for 802.3\n" );
2310 eh->ether_type = htons(m0->m_pkthdr.len -
2312 m_copydata(m0, 0, m0->m_pkthdr.len,
2313 (caddr_t)&sc->wi_txbuf);
2315 wi_write_data(sc, id, 0, (caddr_t)&tx_frame,
2316 sizeof(struct wi_frame));
2317 wi_write_data(sc, id, WI_802_3_OFFSET,
2318 (caddr_t)&sc->wi_txbuf, m0->m_pkthdr.len + 2);
2323 * If there's a BPF listner, bounce a copy of
2324 * this frame to him. Also, don't send this to the bpf sniffer
2325 * if we're in procframe or monitor sniffing mode.
2327 if (!(sc->wi_procframe || sc->wi_debug.wi_monitor))
2332 if (wi_cmd(sc, WI_CMD_TX|WI_RECLAIM, id, 0, 0))
2333 device_printf(sc->dev, "xmit failed\n");
2335 ifp->if_flags |= IFF_OACTIVE;
2338 * Set a timeout in case the chip goes out to lunch.
2346 owi_mgmt_xmit(sc, data, len)
2347 struct wi_softc *sc;
2351 struct wi_frame tx_frame;
2353 struct wi_80211_hdr *hdr;
2359 hdr = (struct wi_80211_hdr *)data;
2360 dptr = data + sizeof(struct wi_80211_hdr);
2362 bzero((char *)&tx_frame, sizeof(tx_frame));
2363 id = sc->wi_tx_mgmt_id;
2365 bcopy((char *)hdr, (char *)&tx_frame.wi_frame_ctl,
2366 sizeof(struct wi_80211_hdr));
2368 tx_frame.wi_tx_ctl = WI_ENC_TX_MGMT;
2369 tx_frame.wi_dat_len = len - sizeof(struct wi_80211_hdr);
2370 tx_frame.wi_len = htons(tx_frame.wi_dat_len);
2372 wi_write_data(sc, id, 0, (caddr_t)&tx_frame, sizeof(struct wi_frame));
2373 wi_write_data(sc, id, WI_802_11_OFFSET_RAW, dptr,
2374 len - sizeof(struct wi_80211_hdr) + 2);
2376 if (wi_cmd(sc, WI_CMD_TX|WI_RECLAIM, id, 0, 0)) {
2377 device_printf(sc->dev, "xmit failed\n");
2386 struct wi_softc *sc;
2397 owihap_shutdown(sc);
2399 ifp = &sc->arpcom.ac_if;
2402 * If the card is gone and the memory port isn't mapped, we will
2403 * (hopefully) get 0xffff back from the status read, which is not
2404 * a valid status value.
2406 if (CSR_READ_2(sc, WI_STATUS) != 0xffff) {
2407 CSR_WRITE_2(sc, WI_INT_EN, 0);
2408 wi_cmd(sc, WI_CMD_DISABLE|sc->wi_portnum, 0, 0, 0);
2411 callout_stop(&sc->wi_stat_timer);
2413 ifp->if_flags &= ~(IFF_RUNNING|IFF_OACTIVE);
2422 struct wi_softc *sc;
2426 device_printf(sc->dev, "watchdog timeout\n");
2440 struct wi_softc *sc = device_get_softc(dev);
2442 if (sc->wi_bus_type != WI_BUS_PCI_NATIVE) {
2443 sc->iobase_rid = rid;
2444 sc->iobase = bus_alloc_resource(dev, SYS_RES_IOPORT,
2445 &sc->iobase_rid, 0, ~0, (1 << 6),
2446 rman_make_alignment_flags(1 << 6) | RF_ACTIVE);
2448 device_printf(dev, "No I/O space?!\n");
2452 sc->wi_io_addr = rman_get_start(sc->iobase);
2453 sc->wi_btag = rman_get_bustag(sc->iobase);
2454 sc->wi_bhandle = rman_get_bushandle(sc->iobase);
2457 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY,
2458 &sc->mem_rid, RF_ACTIVE);
2461 device_printf(dev, "No Mem space on prism2.5?\n");
2465 sc->wi_btag = rman_get_bustag(sc->mem);
2466 sc->wi_bhandle = rman_get_bushandle(sc->mem);
2471 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid,
2473 ((sc->wi_bus_type == WI_BUS_PCCARD) ? 0 : RF_SHAREABLE));
2477 device_printf(dev, "No irq?!\n");
2482 sc->wi_unit = device_get_unit(dev);
2491 struct wi_softc *sc = device_get_softc(dev);
2493 if (sc->iobase != NULL) {
2494 bus_release_resource(dev, SYS_RES_IOPORT, sc->iobase_rid, sc->iobase);
2497 if (sc->irq != NULL) {
2498 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq);
2501 if (sc->mem != NULL) {
2502 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem);
2513 struct wi_softc *sc;
2515 sc = device_get_softc(dev);
2522 /* wavelan signal strength cache code.
2523 * store signal/noise/quality on per MAC src basis in
2524 * a small fixed cache. The cache wraps if > MAX slots
2525 * used. The cache may be zeroed out to start over.
2526 * Two simple filters exist to reduce computation:
2527 * 1. ip only (literally 0x800) which may be used
2528 * to ignore some packets. It defaults to ip only.
2529 * it could be used to focus on broadcast, non-IP 802.11 beacons.
2530 * 2. multicast/broadcast only. This may be used to
2531 * ignore unicast packets and only cache signal strength
2532 * for multicast/broadcast packets (beacons); e.g., Mobile-IP
2533 * beacons and not unicast traffic.
2535 * The cache stores (MAC src(index), IP src (major clue), signal,
2538 * No apologies for storing IP src here. It's easy and saves much
2539 * trouble elsewhere. The cache is assumed to be INET dependent,
2540 * although it need not be.
2543 #ifdef documentation
2545 int owi_sigitems; /* number of cached entries */
2546 struct wi_sigcache owi_sigcache[MAXWICACHE]; /* array of cache entries */
2547 int owi_nextitem; /* index/# of entries */
2552 /* control variables for cache filtering. Basic idea is
2553 * to reduce cost (e.g., to only Mobile-IP agent beacons
2554 * which are broadcast or multicast). Still you might
2555 * want to measure signal strength with unicast ping packets
2556 * on a pt. to pt. ant. setup.
2558 /* set true if you want to limit cache items to broadcast/mcast
2559 * only packets (not unicast). Useful for mobile-ip beacons which
2560 * are broadcast/multicast at network layer. Default is all packets
2561 * so ping/unicast will work say with pt. to pt. antennae setup.
2563 static int wi_cache_mcastonly = 0;
2564 SYSCTL_INT(_machdep, OID_AUTO, owi_cache_mcastonly, CTLFLAG_RW,
2565 &wi_cache_mcastonly, 0, "");
2567 /* set true if you want to limit cache items to IP packets only
2569 static int wi_cache_iponly = 1;
2570 SYSCTL_INT(_machdep, OID_AUTO, owi_cache_iponly, CTLFLAG_RW,
2571 &wi_cache_iponly, 0, "");
2574 * Original comments:
2576 * wi_cache_store, per rx packet store signal
2577 * strength in MAC (src) indexed cache.
2579 * follows linux driver in how signal strength is computed.
2580 * In ad hoc mode, we use the rx_quality field.
2581 * signal and noise are trimmed to fit in the range from 47..138.
2582 * rx_quality field MSB is signal strength.
2583 * rx_quality field LSB is noise.
2584 * "quality" is (signal - noise) as is log value.
2585 * note: quality CAN be negative.
2587 * In BSS mode, we use the RID for communication quality.
2588 * TBD: BSS mode is currently untested.
2592 * Actually, we use the rx_quality field all the time for both "ad-hoc"
2593 * and BSS modes. Why? Because reading an RID is really, really expensive:
2594 * there's a bunch of PIO operations that have to be done to read a record
2595 * from the NIC, and reading the comms quality RID each time a packet is
2596 * received can really hurt performance. We don't have to do this anyway:
2597 * the comms quality field only reflects the values in the rx_quality field
2598 * anyway. The comms quality RID is only meaningful in infrastructure mode,
2599 * but the values it contains are updated based on the rx_quality from
2600 * frames received from the access point.
2602 * Also, according to Lucent, the signal strength and noise level values
2603 * can be converted to dBms by subtracting 149, so I've modified the code
2604 * to do that instead of the scaling it did originally.
2607 wi_cache_store(struct wi_softc *sc, struct mbuf *m, unsigned short rx_quality)
2609 struct ether_header *eh = mtod(m, struct ether_header *);
2610 struct ip *ip = NULL;
2612 static int cache_slot = 0; /* use this cache entry */
2613 static int wrapindex = 0; /* next "free" cache entry */
2619 * 2. configurable filter to throw out unicast packets,
2620 * keep multicast only.
2623 if ((ntohs(eh->ether_type) == ETHERTYPE_IP))
2624 ip = (struct ip *)(mtod(m, uint8_t *) + ETHER_HDR_LEN);
2625 else if (wi_cache_iponly)
2629 * filter for broadcast/multicast only
2631 if (wi_cache_mcastonly && ((eh->ether_dhost[0] & 1) == 0)) {
2636 printf("wi%d: q value %x (MSB=0x%x, LSB=0x%x) \n", sc->wi_unit,
2637 rx_quality & 0xffff, rx_quality >> 8, rx_quality & 0xff);
2642 * do a linear search for a matching MAC address
2643 * in the cache table
2644 * . MAC address is 6 bytes,
2645 * . var w_nextitem holds total number of entries already cached
2647 for(i = 0; i < sc->wi_nextitem; i++) {
2648 if (! bcmp(eh->ether_shost , sc->wi_sigcache[i].macsrc, 6 )) {
2651 * so we already have this entry,
2659 * did we find a matching mac address?
2660 * if yes, then overwrite a previously existing cache entry
2662 if (i < sc->wi_nextitem ) {
2666 * else, have a new address entry,so
2667 * add this new entry,
2668 * if table full, then we need to replace LRU entry
2673 * check for space in cache table
2674 * note: wi_nextitem also holds number of entries
2675 * added in the cache table
2677 if ( sc->wi_nextitem < MAXWICACHE ) {
2678 cache_slot = sc->wi_nextitem;
2680 sc->wi_sigitems = sc->wi_nextitem;
2682 /* no space found, so simply wrap with wrap index
2683 * and "zap" the next entry
2686 if (wrapindex == MAXWICACHE) {
2689 cache_slot = wrapindex++;
2694 * invariant: cache_slot now points at some slot
2697 if (cache_slot < 0 || cache_slot >= MAXWICACHE) {
2698 log(LOG_ERR, "wi_cache_store, bad index: %d of "
2699 "[0..%d], gross cache error\n",
2700 cache_slot, MAXWICACHE);
2705 * store items in cache
2706 * .ip source address
2711 sc->wi_sigcache[cache_slot].ipsrc = ip->ip_src.s_addr;
2712 bcopy( eh->ether_shost, sc->wi_sigcache[cache_slot].macsrc, 6);
2714 sig = (rx_quality >> 8) & 0xFF;
2715 noise = rx_quality & 0xFF;
2716 sc->wi_sigcache[cache_slot].signal = sig - 149;
2717 sc->wi_sigcache[cache_slot].noise = noise - 149;
2718 sc->wi_sigcache[cache_slot].quality = sig - noise;
2725 wi_get_cur_ssid(sc, ssid, len)
2726 struct wi_softc *sc;
2733 wreq.wi_len = WI_MAX_DATALEN;
2734 switch (sc->wi_ptype) {
2735 case WI_PORTTYPE_AP:
2736 *len = IEEE80211_NWID_LEN;
2737 bcopy(sc->wi_net_name, ssid, IEEE80211_NWID_LEN);
2739 case WI_PORTTYPE_ADHOC:
2740 wreq.wi_type = WI_RID_CURRENT_SSID;
2741 error = wi_read_record(sc, (struct wi_ltv_gen *)&wreq);
2744 if (wreq.wi_val[0] > IEEE80211_NWID_LEN) {
2748 *len = wreq.wi_val[0];
2749 bcopy(&wreq.wi_val[1], ssid, IEEE80211_NWID_LEN);
2751 case WI_PORTTYPE_BSS:
2752 wreq.wi_type = WI_RID_COMMQUAL;
2753 error = wi_read_record(sc, (struct wi_ltv_gen *)&wreq);
2756 if (wreq.wi_val[0] != 0) /* associated */ {
2757 wreq.wi_type = WI_RID_CURRENT_SSID;
2758 wreq.wi_len = WI_MAX_DATALEN;
2759 error = wi_read_record(sc, (struct wi_ltv_gen *)&wreq);
2762 if (wreq.wi_val[0] > IEEE80211_NWID_LEN) {
2766 *len = wreq.wi_val[0];
2767 bcopy(&wreq.wi_val[1], ssid, IEEE80211_NWID_LEN);
2769 *len = IEEE80211_NWID_LEN;
2770 bcopy(sc->wi_net_name, ssid, IEEE80211_NWID_LEN);
2782 wi_media_change(ifp)
2785 struct wi_softc *sc = ifp->if_softc;
2786 int otype = sc->wi_ptype;
2787 int orate = sc->wi_tx_rate;
2788 int ocreate_ibss = sc->wi_create_ibss;
2790 if ((sc->ifmedia.ifm_cur->ifm_media & IFM_IEEE80211_HOSTAP) &&
2791 sc->sc_firmware_type != WI_INTERSIL)
2794 sc->wi_create_ibss = 0;
2796 switch (sc->ifmedia.ifm_cur->ifm_media & IFM_OMASK) {
2798 sc->wi_ptype = WI_PORTTYPE_BSS;
2800 case IFM_IEEE80211_ADHOC:
2801 sc->wi_ptype = WI_PORTTYPE_ADHOC;
2803 case IFM_IEEE80211_HOSTAP:
2804 sc->wi_ptype = WI_PORTTYPE_AP;
2806 case IFM_IEEE80211_IBSSMASTER:
2807 case IFM_IEEE80211_IBSSMASTER|IFM_IEEE80211_IBSS:
2808 if (!(sc->wi_flags & WI_FLAGS_HAS_CREATE_IBSS))
2810 sc->wi_create_ibss = 1;
2812 case IFM_IEEE80211_IBSS:
2813 sc->wi_ptype = WI_PORTTYPE_IBSS;
2816 /* Invalid combination. */
2820 switch (IFM_SUBTYPE(sc->ifmedia.ifm_cur->ifm_media)) {
2821 case IFM_IEEE80211_DS1:
2824 case IFM_IEEE80211_DS2:
2827 case IFM_IEEE80211_DS5:
2830 case IFM_IEEE80211_DS11:
2831 sc->wi_tx_rate = 11;
2838 if (ocreate_ibss != sc->wi_create_ibss || otype != sc->wi_ptype ||
2839 orate != sc->wi_tx_rate)
2846 wi_media_status(ifp, imr)
2848 struct ifmediareq *imr;
2851 struct wi_softc *sc = ifp->if_softc;
2853 if (sc->wi_tx_rate == 3) {
2854 imr->ifm_active = IFM_IEEE80211|IFM_AUTO;
2855 if (sc->wi_ptype == WI_PORTTYPE_ADHOC)
2856 imr->ifm_active |= IFM_IEEE80211_ADHOC;
2857 else if (sc->wi_ptype == WI_PORTTYPE_AP)
2858 imr->ifm_active |= IFM_IEEE80211_HOSTAP;
2859 else if (sc->wi_ptype == WI_PORTTYPE_IBSS) {
2860 if (sc->wi_create_ibss)
2861 imr->ifm_active |= IFM_IEEE80211_IBSSMASTER;
2863 imr->ifm_active |= IFM_IEEE80211_IBSS;
2865 wreq.wi_type = WI_RID_CUR_TX_RATE;
2866 wreq.wi_len = WI_MAX_DATALEN;
2867 if (wi_read_record(sc, (struct wi_ltv_gen *)&wreq) == 0) {
2868 switch(wreq.wi_val[0]) {
2870 imr->ifm_active |= IFM_IEEE80211_DS1;
2873 imr->ifm_active |= IFM_IEEE80211_DS2;
2876 imr->ifm_active |= IFM_IEEE80211_DS5;
2879 imr->ifm_active |= IFM_IEEE80211_DS11;
2884 imr->ifm_active = sc->ifmedia.ifm_cur->ifm_media;
2887 imr->ifm_status = IFM_AVALID;
2888 if (sc->wi_ptype == WI_PORTTYPE_ADHOC ||
2889 sc->wi_ptype == WI_PORTTYPE_IBSS)
2891 * XXX: It would be nice if we could give some actually
2892 * useful status like whether we joined another IBSS or
2893 * created one ourselves.
2895 imr->ifm_status |= IFM_ACTIVE;
2896 else if (sc->wi_ptype == WI_PORTTYPE_AP)
2897 imr->ifm_status |= IFM_ACTIVE;
2899 wreq.wi_type = WI_RID_COMMQUAL;
2900 wreq.wi_len = WI_MAX_DATALEN;
2901 if (wi_read_record(sc, (struct wi_ltv_gen *)&wreq) == 0 &&
2902 wreq.wi_val[0] != 0)
2903 imr->ifm_status |= IFM_ACTIVE;
2908 wi_get_debug(sc, wreq)
2909 struct wi_softc *sc;
2910 struct wi_req *wreq;
2916 switch (wreq->wi_type) {
2917 case WI_DEBUG_SLEEP:
2919 wreq->wi_val[0] = sc->wi_debug.wi_sleep;
2921 case WI_DEBUG_DELAYSUPP:
2923 wreq->wi_val[0] = sc->wi_debug.wi_delaysupp;
2925 case WI_DEBUG_TXSUPP:
2927 wreq->wi_val[0] = sc->wi_debug.wi_txsupp;
2929 case WI_DEBUG_MONITOR:
2931 wreq->wi_val[0] = sc->wi_debug.wi_monitor;
2933 case WI_DEBUG_LEDTEST:
2935 wreq->wi_val[0] = sc->wi_debug.wi_ledtest;
2936 wreq->wi_val[1] = sc->wi_debug.wi_ledtest_param0;
2937 wreq->wi_val[2] = sc->wi_debug.wi_ledtest_param1;
2939 case WI_DEBUG_CONTTX:
2941 wreq->wi_val[0] = sc->wi_debug.wi_conttx;
2942 wreq->wi_val[1] = sc->wi_debug.wi_conttx_param0;
2944 case WI_DEBUG_CONTRX:
2946 wreq->wi_val[0] = sc->wi_debug.wi_contrx;
2948 case WI_DEBUG_SIGSTATE:
2950 wreq->wi_val[0] = sc->wi_debug.wi_sigstate;
2951 wreq->wi_val[1] = sc->wi_debug.wi_sigstate_param0;
2953 case WI_DEBUG_CONFBITS:
2955 wreq->wi_val[0] = sc->wi_debug.wi_confbits;
2956 wreq->wi_val[1] = sc->wi_debug.wi_confbits_param0;
2967 wi_set_debug(sc, wreq)
2968 struct wi_softc *sc;
2969 struct wi_req *wreq;
2972 u_int16_t cmd, param0 = 0, param1 = 0;
2974 switch (wreq->wi_type) {
2975 case WI_DEBUG_RESET:
2977 case WI_DEBUG_CALENABLE:
2979 case WI_DEBUG_SLEEP:
2980 sc->wi_debug.wi_sleep = 1;
2983 sc->wi_debug.wi_sleep = 0;
2986 param0 = wreq->wi_val[0];
2988 case WI_DEBUG_DELAYSUPP:
2989 sc->wi_debug.wi_delaysupp = 1;
2991 case WI_DEBUG_TXSUPP:
2992 sc->wi_debug.wi_txsupp = 1;
2994 case WI_DEBUG_MONITOR:
2995 sc->wi_debug.wi_monitor = 1;
2997 case WI_DEBUG_LEDTEST:
2998 param0 = wreq->wi_val[0];
2999 param1 = wreq->wi_val[1];
3000 sc->wi_debug.wi_ledtest = 1;
3001 sc->wi_debug.wi_ledtest_param0 = param0;
3002 sc->wi_debug.wi_ledtest_param1 = param1;
3004 case WI_DEBUG_CONTTX:
3005 param0 = wreq->wi_val[0];
3006 sc->wi_debug.wi_conttx = 1;
3007 sc->wi_debug.wi_conttx_param0 = param0;
3009 case WI_DEBUG_STOPTEST:
3010 sc->wi_debug.wi_delaysupp = 0;
3011 sc->wi_debug.wi_txsupp = 0;
3012 sc->wi_debug.wi_monitor = 0;
3013 sc->wi_debug.wi_ledtest = 0;
3014 sc->wi_debug.wi_ledtest_param0 = 0;
3015 sc->wi_debug.wi_ledtest_param1 = 0;
3016 sc->wi_debug.wi_conttx = 0;
3017 sc->wi_debug.wi_conttx_param0 = 0;
3018 sc->wi_debug.wi_contrx = 0;
3019 sc->wi_debug.wi_sigstate = 0;
3020 sc->wi_debug.wi_sigstate_param0 = 0;
3022 case WI_DEBUG_CONTRX:
3023 sc->wi_debug.wi_contrx = 1;
3025 case WI_DEBUG_SIGSTATE:
3026 param0 = wreq->wi_val[0];
3027 sc->wi_debug.wi_sigstate = 1;
3028 sc->wi_debug.wi_sigstate_param0 = param0;
3030 case WI_DEBUG_CONFBITS:
3031 param0 = wreq->wi_val[0];
3032 param1 = wreq->wi_val[1];
3033 sc->wi_debug.wi_confbits = param0;
3034 sc->wi_debug.wi_confbits_param0 = param1;
3044 cmd = WI_CMD_DEBUG | (wreq->wi_type << 8);
3045 error = wi_cmd(sc, cmd, param0, param1, 0);