AMD64 - Fix format conversions and other warnings.
[dragonfly.git] / sys / dev / netif / iwi / if_iwi.c
CommitLineData
b50e4759 1/*
841ab66c 2 * Copyright (c) 2004-2006
b50e4759
MD
3 * Damien Bergamini <damien.bergamini@free.fr>.
4 * Copyright (c) 2004, 2005
5 * Andrew Atrens <atrens@nortelnetworks.com>.
6 *
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice unmodified, this list of conditions, and the following
14 * disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
841ab66c 31 * $FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.8.2.6 2006/02/23 02:06:46 sam Exp $
9db4b353 32 * $DragonFly: src/sys/dev/netif/iwi/if_iwi.c,v 1.21 2008/05/14 11:59:20 sephe Exp $
b50e4759
MD
33 */
34
b50e4759 35/*-
841ab66c 36 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver
b50e4759
MD
37 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm
38 */
39
40#include <sys/param.h>
41#include <sys/sysctl.h>
42#include <sys/sockio.h>
43#include <sys/mbuf.h>
114b4cbc 44#include <sys/firmware.h>
b50e4759
MD
45#include <sys/kernel.h>
46#include <sys/kthread.h>
9db4b353 47#include <sys/interrupt.h>
b50e4759
MD
48#include <sys/socket.h>
49#include <sys/systm.h>
50#include <sys/malloc.h>
51#include <sys/module.h>
b50e4759
MD
52#include <sys/endian.h>
53#include <sys/proc.h>
895c1f85 54#include <sys/priv.h>
b50e4759 55#include <sys/ucred.h>
1f7ab7c9 56#include <sys/bus.h>
b50e4759 57#include <sys/rman.h>
1f7ab7c9 58#include <sys/serialize.h>
b50e4759 59
776c0f99 60#include <bus/pci/pcidevs.h>
b50e4759
MD
61#include <bus/pci/pcireg.h>
62#include <bus/pci/pcivar.h>
63
64#include <net/bpf.h>
65#include <net/if.h>
66#include <net/if_arp.h>
b50e4759
MD
67#include <net/ethernet.h>
68#include <net/if_dl.h>
69#include <net/if_media.h>
70#include <net/if_types.h>
71#include <net/ifq_var.h>
72
841ab66c
SZ
73#include <netproto/802_11/ieee80211_var.h>
74#include <netproto/802_11/ieee80211_radiotap.h>
75
b50e4759
MD
76#include <netinet/in.h>
77#include <netinet/in_systm.h>
78#include <netinet/in_var.h>
79#include <netinet/ip.h>
80#include <netinet/if_ether.h>
81
841ab66c
SZ
82#include <dev/netif/iwi/if_iwireg.h>
83#include <dev/netif/iwi/if_iwivar.h>
b50e4759
MD
84
85#ifdef IWI_DEBUG
e3869ec7
SW
86#define DPRINTF(x) do { if (iwi_debug > 0) kprintf x; } while (0)
87#define DPRINTFN(n, x) do { if (iwi_debug >= (n)) kprintf x; } while (0)
841ab66c
SZ
88int iwi_debug = 0;
89SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level");
b50e4759
MD
90#else
91#define DPRINTF(x)
92#define DPRINTFN(n, x)
93#endif
94
776c0f99 95static struct iwi_ident {
841ab66c
SZ
96 uint16_t vendor;
97 uint16_t device;
b50e4759 98 const char *name;
776c0f99
SW
99} iwi_ident_table[] = {
100 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2200BG,
101 "Intel(R) PRO/Wireless 2200BG" },
102 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2225BG,
103 "Intel(R) PRO/Wireless 2225BG" },
104 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_1,
105 "Intel(R) PRO/Wireless 2915ABG" },
106 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_2915ABG_2,
107 "Intel(R) PRO/Wireless 2915ABG" },
b50e4759
MD
108 { 0, 0, NULL }
109};
110
3660cb22 111static void iwi_fw_monitor(void *);
841ab66c
SZ
112static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int);
113static void iwi_dma_map_mbuf(void *, bus_dma_segment_t *, int, bus_size_t,
114 int);
115static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *,
116 int);
117static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *);
118static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *);
119static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *,
120 int, bus_addr_t, bus_addr_t);
121static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *);
122static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *);
123static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *,
124 int);
125static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *);
126static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *);
127static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *);
128static void iwi_node_free(struct ieee80211_node *);
129static int iwi_media_change(struct ifnet *);
130static void iwi_media_status(struct ifnet *, struct ifmediareq *);
131static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int);
132static int iwi_wme_update(struct ieee80211com *);
133static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t);
134static void iwi_fix_channel(struct ieee80211com *, struct mbuf *);
135static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int,
136 struct iwi_frame *);
137static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *);
138static void iwi_rx_intr(struct iwi_softc *);
139static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *);
140static void iwi_intr(void *);
141static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t, int);
142static void iwi_write_ibssnode(struct iwi_softc *, const struct iwi_node *);
143static int iwi_tx_start(struct ifnet *, struct mbuf *,
144 struct ieee80211_node *, int);
145static void iwi_start(struct ifnet *);
146static void iwi_watchdog(struct ifnet *);
147static int iwi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
148static void iwi_stop_master(struct iwi_softc *);
149static int iwi_reset(struct iwi_softc *);
150static int iwi_load_ucode(struct iwi_softc *, void *, int);
114b4cbc
SZ
151static int iwi_alloc_firmware(struct iwi_softc *, enum ieee80211_opmode);
152static int iwi_free_firmware(struct iwi_softc *);
841ab66c 153static int iwi_load_firmware(struct iwi_softc *, void *, int);
841ab66c
SZ
154static int iwi_config(struct iwi_softc *);
155static int iwi_set_chan(struct iwi_softc *, struct ieee80211_channel *);
156static int iwi_scan(struct iwi_softc *);
157static int iwi_auth_and_assoc(struct iwi_softc *);
158static void iwi_init(void *);
159static void iwi_stop(void *);
160static int iwi_sysctl_stats(SYSCTL_HANDLER_ARGS);
161static int iwi_sysctl_radio(SYSCTL_HANDLER_ARGS);
162
163static int iwi_probe(device_t);
164static int iwi_attach(device_t);
165static int iwi_detach(device_t);
166static int iwi_shutdown(device_t);
167static int iwi_suspend(device_t);
168static int iwi_resume(device_t);
169
170static int iwi_alloc_ibss_node(struct iwi_softc *);
171static void iwi_free_ibss_node(struct iwi_softc *, int);
b50e4759
MD
172
173static device_method_t iwi_methods[] = {
174 /* Device interface */
175 DEVMETHOD(device_probe, iwi_probe),
176 DEVMETHOD(device_attach, iwi_attach),
177 DEVMETHOD(device_detach, iwi_detach),
178 DEVMETHOD(device_shutdown, iwi_shutdown),
179 DEVMETHOD(device_suspend, iwi_suspend),
180 DEVMETHOD(device_resume, iwi_resume),
181
182 { 0, 0 }
183};
184
185static driver_t iwi_driver = {
186 "iwi",
187 iwi_methods,
841ab66c 188 sizeof (struct iwi_softc)
b50e4759
MD
189};
190
191static devclass_t iwi_devclass;
192
193DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0);
194
841ab66c
SZ
195MODULE_DEPEND(iwi, pci, 1, 1, 1);
196MODULE_DEPEND(iwi, wlan, 1, 1, 1);
197
198/*
199 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
200 */
201static const struct ieee80211_rateset iwi_rateset_11a =
202 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } };
203
204static const struct ieee80211_rateset iwi_rateset_11b =
205 { 4, { 2, 4, 11, 22 } };
206
207static const struct ieee80211_rateset iwi_rateset_11g =
208 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
209
3660cb22
SZ
210static void
211iwi_fw_monitor(void *arg)
212{
213 struct iwi_softc *sc = arg;
214 struct ifnet *ifp = &sc->sc_ic.ic_if;
215
216 lwkt_serialize_enter(ifp->if_serializer);
217 for (;;) {
218 int error = 0;
219
220 /*
221 * Test to see whether we are detaching,
222 * this is used to avoid race condition
223 * especially when attaching fails.
224 */
225 if ((sc->flags & IWI_FLAG_EXIT) == 0) {
ae8e83e6 226 tsleep_interlock(IWI_FW_WAKE_MONITOR(sc), 0);
3660cb22
SZ
227 lwkt_serialize_exit(ifp->if_serializer);
228 error = tsleep(IWI_FW_WAKE_MONITOR(sc),
d9345d3a 229 PINTERLOCKED, "iwifwm", 0);
3660cb22
SZ
230 lwkt_serialize_enter(ifp->if_serializer);
231 }
232
233 if (error == 0) {
234 int boff;
235
236 if (sc->flags & IWI_FLAG_EXIT)
237 break;
238 else if ((sc->flags & IWI_FLAG_RESET) == 0)
239 continue;
240
241 if_printf(ifp, "reset firmware\n");
242 for (boff = 1; sc->flags & IWI_FLAG_RESET; boff++) {
243 iwi_init(sc);
244 if (sc->flags & IWI_FLAG_FW_INITED) {
245 sc->flags &= ~IWI_FLAG_RESET;
246 } else if (boff > 10) { /* XXX */
247 if_printf(ifp, "fw reset failed. "
248 "retrying...\n");
249
250 /* XXX avoid to sleep to long */
251 boff = 1;
252 }
253
254 /*
255 * Since this would be infinite loop,
256 * if reseting firmware never succeeded,
257 * we test to see whether we are detaching.
258 */
259 if (sc->flags & IWI_FLAG_EXIT)
260 break;
261
ae8e83e6 262 tsleep_interlock(IWI_FW_CMD_ACKED(sc), 0);
3660cb22 263 lwkt_serialize_exit(ifp->if_serializer);
d9345d3a
MD
264 error = tsleep(IWI_FW_CMD_ACKED(sc),
265 PINTERLOCKED,
3660cb22 266 "iwirun", boff * hz);
3660cb22
SZ
267 lwkt_serialize_enter(ifp->if_serializer);
268 }
269 }
270 }
271 lwkt_serialize_exit(ifp->if_serializer);
272
273 if_printf(ifp, "fw monitor exiting\n");
274 wakeup(IWI_FW_EXIT_MONITOR(sc));
275 kthread_exit();
276}
277
b50e4759
MD
278static int
279iwi_probe(device_t dev)
280{
281 const struct iwi_ident *ident;
841ab66c 282 uint16_t vid, did;
b50e4759 283
841ab66c
SZ
284 vid = pci_get_vendor(dev);
285 did = pci_get_device(dev);
b50e4759 286 for (ident = iwi_ident_table; ident->name != NULL; ident++) {
841ab66c 287 if (vid == ident->vendor && did == ident->device) {
b50e4759
MD
288 device_set_desc(dev, ident->name);
289 return 0;
290 }
291 }
292 return ENXIO;
293}
294
b50e4759
MD
295/* Base Address Register */
296#define IWI_PCI_BAR0 0x10
297
298static int
299iwi_attach(device_t dev)
300{
301 struct iwi_softc *sc = device_get_softc(dev);
302 struct ieee80211com *ic = &sc->sc_ic;
303 struct ifnet *ifp = &ic->ic_if;
841ab66c
SZ
304 uint16_t val;
305 int error, i;
b50e4759
MD
306
307 sc->sc_dev = dev;
841ab66c 308 if_initname(ifp, device_get_name(dev), device_get_unit(dev));
b50e4759 309
b50e4759
MD
310 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) {
311 device_printf(dev, "chip is in D%d power mode "
312 "-- setting to D0\n", pci_get_powerstate(dev));
313 pci_set_powerstate(dev, PCI_POWERSTATE_D0);
314 }
315
316 pci_write_config(dev, 0x41, 0, 1);
317
318 /* enable bus-mastering */
319 pci_enable_busmaster(dev);
320
841ab66c
SZ
321 sc->mem_rid = IWI_PCI_BAR0;
322 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid,
323 RF_ACTIVE);
b50e4759
MD
324 if (sc->mem == NULL) {
325 device_printf(dev, "could not allocate memory resource\n");
841ab66c 326 return ENXIO;
b50e4759 327 }
b50e4759
MD
328 sc->sc_st = rman_get_bustag(sc->mem);
329 sc->sc_sh = rman_get_bushandle(sc->mem);
330
841ab66c
SZ
331 sc->irq_rid = 0;
332 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid,
333 RF_ACTIVE | RF_SHAREABLE);
b50e4759
MD
334 if (sc->irq == NULL) {
335 device_printf(dev, "could not allocate interrupt resource\n");
336 goto fail;
337 }
338
841ab66c 339 if (iwi_reset(sc) != 0) {
b50e4759
MD
340 device_printf(dev, "could not reset adapter\n");
341 goto fail;
342 }
343
841ab66c
SZ
344 /*
345 * Allocate rings.
346 */
347 error = iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT);
348 if (error != 0) {
349 device_printf(dev, "could not allocate Cmd ring\n");
350 goto fail;
351 }
352
353 error = iwi_alloc_tx_ring(sc, &sc->txq[0], IWI_TX_RING_COUNT,
354 IWI_CSR_TX1_RIDX, IWI_CSR_TX1_WIDX);
355 if (error != 0) {
356 device_printf(dev, "could not allocate Tx ring 1\n");
357 goto fail;
358 }
359
360 error = iwi_alloc_tx_ring(sc, &sc->txq[1], IWI_TX_RING_COUNT,
361 IWI_CSR_TX2_RIDX, IWI_CSR_TX2_WIDX);
362 if (error != 0) {
363 device_printf(dev, "could not allocate Tx ring 2\n");
b50e4759
MD
364 goto fail;
365 }
366
841ab66c
SZ
367 error = iwi_alloc_tx_ring(sc, &sc->txq[2], IWI_TX_RING_COUNT,
368 IWI_CSR_TX3_RIDX, IWI_CSR_TX3_WIDX);
4ff3e076 369 if (error != 0) {
841ab66c 370 device_printf(dev, "could not allocate Tx ring 3\n");
b50e4759
MD
371 goto fail;
372 }
373
841ab66c
SZ
374 error = iwi_alloc_tx_ring(sc, &sc->txq[3], IWI_TX_RING_COUNT,
375 IWI_CSR_TX4_RIDX, IWI_CSR_TX4_WIDX);
376 if (error != 0) {
377 device_printf(dev, "could not allocate Tx ring 4\n");
378 goto fail;
379 }
380
381 error = iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT);
382 if (error != 0) {
383 device_printf(dev, "could not allocate Rx ring\n");
384 goto fail;
385 }
386
387 sysctl_ctx_init(&sc->sysctl_ctx);
388 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx,
389 SYSCTL_STATIC_CHILDREN(_hw),
390 OID_AUTO,
391 device_get_nameunit(dev),
392 CTLFLAG_RD,
393 0, "");
394 if (sc->sysctl_tree == NULL) {
395 device_printf(dev, "sysctl add node failed\n");
396 error = EIO;
397 goto fail;
398 }
399
400 ifp->if_softc = sc;
401 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
402 ifp->if_init = iwi_init;
403 ifp->if_ioctl = iwi_ioctl;
404 ifp->if_start = iwi_start;
405 ifp->if_watchdog = iwi_watchdog;
406 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN);
407 ifq_set_ready(&ifp->if_snd);
408
409 ic->ic_wme.wme_update = iwi_wme_update;
410 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
411 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
412 ic->ic_state = IEEE80211_S_INIT;
b50e4759
MD
413
414 /* set device capabilities */
841ab66c
SZ
415 ic->ic_caps =
416 IEEE80211_C_IBSS | /* IBSS mode supported */
417 IEEE80211_C_MONITOR | /* monitor mode supported */
418 IEEE80211_C_TXPMGT | /* tx power management */
419 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
841ab66c
SZ
420 IEEE80211_C_WPA | /* 802.11i */
421 IEEE80211_C_WME; /* 802.11e */
b50e4759
MD
422
423 /* read MAC address from EEPROM */
424 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0);
841ab66c
SZ
425 ic->ic_myaddr[0] = val & 0xff;
426 ic->ic_myaddr[1] = val >> 8;
b50e4759 427 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1);
841ab66c
SZ
428 ic->ic_myaddr[2] = val & 0xff;
429 ic->ic_myaddr[3] = val >> 8;
b50e4759 430 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2);
841ab66c
SZ
431 ic->ic_myaddr[4] = val & 0xff;
432 ic->ic_myaddr[5] = val >> 8;
b50e4759 433
841ab66c
SZ
434 if (pci_get_device(dev) >= 0x4223) {
435 /* set supported .11a rates (2915ABG only) */
b50e4759
MD
436 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwi_rateset_11a;
437
438 /* set supported .11a channels */
439 for (i = 36; i <= 64; i += 4) {
440 ic->ic_channels[i].ic_freq =
441 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
442 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
443 }
444 for (i = 149; i <= 165; i += 4) {
445 ic->ic_channels[i].ic_freq =
446 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
447 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
448 }
449 }
450
451 /* set supported .11b and .11g rates */
452 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwi_rateset_11b;
453 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwi_rateset_11g;
454
455 /* set supported .11b and .11g channels (1 through 14) */
456 for (i = 1; i <= 14; i++) {
457 ic->ic_channels[i].ic_freq =
458 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
459 ic->ic_channels[i].ic_flags =
460 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
461 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
462 }
463
841ab66c
SZ
464 ieee80211_ifattach(ic);
465 /* override default methods */
466 ic->ic_node_alloc = iwi_node_alloc;
467 sc->sc_node_free = ic->ic_node_free;
468 ic->ic_node_free = iwi_node_free;
b50e4759
MD
469 /* override state transition machine */
470 sc->sc_newstate = ic->ic_newstate;
471 ic->ic_newstate = iwi_newstate;
841ab66c 472 ieee80211_media_init(ic, iwi_media_change, iwi_media_status);
b50e4759
MD
473
474 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO,
475 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf);
476
477 sc->sc_rxtap_len = sizeof sc->sc_rxtapu;
478 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
479 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT);
480
481 sc->sc_txtap_len = sizeof sc->sc_txtapu;
482 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
483 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT);
484
b50e4759 485 /*
841ab66c 486 * Add a few sysctl knobs.
b50e4759 487 */
841ab66c
SZ
488 sc->dwelltime = 100;
489 sc->bluetooth = 1;
490 sc->antenna = 0;
b50e4759
MD
491
492 SYSCTL_ADD_PROC(&sc->sysctl_ctx,
841ab66c
SZ
493 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "radio",
494 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I",
495 "radio transmitter switch state (0=off, 1=on)");
b50e4759
MD
496
497 SYSCTL_ADD_PROC(&sc->sysctl_ctx,
841ab66c
SZ
498 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "stats",
499 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S",
500 "statistics");
b50e4759 501
841ab66c
SZ
502 SYSCTL_ADD_INT(&sc->sysctl_ctx,
503 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell",
504 CTLFLAG_RW, &sc->dwelltime, 0,
505 "channel dwell time (ms) for AP/station scanning");
b50e4759 506
841ab66c
SZ
507 SYSCTL_ADD_INT(&sc->sysctl_ctx,
508 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "bluetooth",
509 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence");
b50e4759 510
841ab66c
SZ
511 SYSCTL_ADD_INT(&sc->sysctl_ctx,
512 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "antenna",
513 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)");
b50e4759 514
3660cb22
SZ
515 /*
516 * Start firmware monitoring thread
517 *
518 * NOTE:
519 * This should be done only after serializer is initialized,
520 * i.e. after ieee80211_ifattach(), because serializer will be
521 * held once iwi_fw_monitor() is entered.
522 */
523 error = kthread_create(iwi_fw_monitor, sc, &sc->sc_fw_monitor,
524 "%s:fw-monitor", device_get_nameunit(dev));
525 if (error) {
526 device_printf(dev, "could not create fw monitor\n");
527 goto fail1;
528 }
529 sc->flags |= IWI_FLAG_MONITOR;
530
4ff3e076 531 /*
841ab66c 532 * Hook our interrupt after all initialization is complete.
4ff3e076 533 */
841ab66c
SZ
534 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, iwi_intr, sc,
535 &sc->sc_ih, ifp->if_serializer);
4ff3e076
JS
536 if (error != 0) {
537 device_printf(dev, "could not set up interrupt\n");
3660cb22 538 goto fail1;
4ff3e076
JS
539 }
540
9db4b353
SZ
541 ifp->if_cpuid = ithread_cpuid(rman_get_start(sc->irq));
542 KKASSERT(ifp->if_cpuid >= 0 && ifp->if_cpuid < ncpus);
543
841ab66c
SZ
544 if (bootverbose)
545 ieee80211_announce(ic);
b50e4759 546
841ab66c 547 return 0;
3660cb22
SZ
548
549fail1:
550 bpfdetach(ifp);
551 ieee80211_ifdetach(ic);
4ff3e076
JS
552fail:
553 iwi_detach(dev);
841ab66c 554 return ENXIO;
b50e4759
MD
555}
556
557static int
558iwi_detach(device_t dev)
559{
560 struct iwi_softc *sc = device_get_softc(dev);
841ab66c
SZ
561 struct ieee80211com *ic = &sc->sc_ic;
562 struct ifnet *ifp = ic->ic_ifp;
b50e4759 563
3660cb22
SZ
564 if (sc->flags & IWI_FLAG_MONITOR) {
565 lwkt_serialize_enter(ifp->if_serializer);
566 sc->flags |= IWI_FLAG_EXIT;
567 wakeup(IWI_FW_WAKE_MONITOR(sc));
568
ae8e83e6 569 tsleep_interlock(IWI_FW_EXIT_MONITOR(sc), 0);
3660cb22 570 lwkt_serialize_exit(ifp->if_serializer);
d9345d3a 571 tsleep(IWI_FW_EXIT_MONITOR(sc), PINTERLOCKED, "iwiexi", 0);
3660cb22
SZ
572 /* No need to hold serializer again */
573
574 if_printf(ifp, "fw monitor exited\n");
575 }
576
4ff3e076 577 if (device_is_attached(dev)) {
cdf89432 578 lwkt_serialize_enter(ifp->if_serializer);
841ab66c 579
4ff3e076 580 iwi_stop(sc);
cdf89432 581 bus_teardown_intr(dev, sc->irq, sc->sc_ih);
841ab66c
SZ
582 iwi_free_firmware(sc);
583
cdf89432
SZ
584 lwkt_serialize_exit(ifp->if_serializer);
585
4ff3e076 586 bpfdetach(ifp);
841ab66c 587 ieee80211_ifdetach(ic);
4ff3e076 588 }
b50e4759 589
841ab66c
SZ
590 iwi_free_cmd_ring(sc, &sc->cmdq);
591 iwi_free_tx_ring(sc, &sc->txq[0]);
592 iwi_free_tx_ring(sc, &sc->txq[1]);
593 iwi_free_tx_ring(sc, &sc->txq[2]);
594 iwi_free_tx_ring(sc, &sc->txq[3]);
595 iwi_free_rx_ring(sc, &sc->rxq);
b50e4759 596
4ff3e076 597 if (sc->irq != NULL)
841ab66c 598 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq);
b50e4759 599
841ab66c
SZ
600 if (sc->mem != NULL)
601 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem);
4ff3e076 602
841ab66c
SZ
603 if (sc->sysctl_tree != NULL)
604 sysctl_ctx_free(&sc->sysctl_ctx);
b50e4759 605
b50e4759
MD
606 return 0;
607}
608
841ab66c
SZ
609static void
610iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error)
611{
612 if (error != 0)
613 return;
614
615 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg));
616
617 *(bus_addr_t *)arg = segs[0].ds_addr;
618}
619
b50e4759 620static int
841ab66c 621iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count)
b50e4759 622{
841ab66c 623 int error;
b50e4759 624
841ab66c
SZ
625 ring->count = count;
626 ring->queued = 0;
627 ring->cur = ring->next = 0;
628
629 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
630 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_CMD_DESC_SIZE, 1,
631 count * IWI_CMD_DESC_SIZE, 0, &ring->desc_dmat);
b50e4759 632 if (error != 0) {
841ab66c 633 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
b50e4759
MD
634 goto fail;
635 }
841ab66c
SZ
636
637 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
638 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map);
b50e4759 639 if (error != 0) {
841ab66c 640 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
b50e4759
MD
641 goto fail;
642 }
643
841ab66c
SZ
644 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
645 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0);
b50e4759 646 if (error != 0) {
841ab66c
SZ
647 device_printf(sc->sc_dev, "could not load desc DMA map\n");
648 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
649 ring->desc = NULL;
650 return error;
b50e4759
MD
651 }
652
841ab66c
SZ
653 return 0;
654
655fail: iwi_free_cmd_ring(sc, ring);
656 return error;
657}
658
659static void
660iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring)
661{
662 ring->queued = 0;
663 ring->cur = ring->next = 0;
664}
665
666static void
667iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring)
668{
669 if (ring->desc != NULL) {
670 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
671 BUS_DMASYNC_POSTWRITE);
672 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
673 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
674 ring->desc = NULL;
b50e4759
MD
675 }
676
841ab66c
SZ
677 if (ring->desc_dmat != NULL) {
678 bus_dma_tag_destroy(ring->desc_dmat);
679 ring->desc_dmat = NULL;
680 }
681}
682
683static int
684iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count,
685 bus_addr_t csr_ridx, bus_addr_t csr_widx)
686{
687 int i, error;
688
689 ring->count = count;
690 ring->queued = 0;
691 ring->cur = ring->next = 0;
692 ring->csr_ridx = csr_ridx;
693 ring->csr_widx = csr_widx;
694
695 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
696 BUS_SPACE_MAXADDR, NULL, NULL, count * IWI_TX_DESC_SIZE, 1,
697 count * IWI_TX_DESC_SIZE, 0, &ring->desc_dmat);
b50e4759 698 if (error != 0) {
841ab66c 699 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
b50e4759
MD
700 goto fail;
701 }
702
841ab66c
SZ
703 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
704 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map);
b50e4759 705 if (error != 0) {
841ab66c 706 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
b50e4759
MD
707 goto fail;
708 }
709
841ab66c
SZ
710 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
711 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0);
b50e4759 712 if (error != 0) {
841ab66c
SZ
713 device_printf(sc->sc_dev, "could not load desc DMA map\n");
714
715 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
716 ring->desc = NULL;
b50e4759
MD
717 goto fail;
718 }
719
efda3bd0 720 ring->data = kmalloc(count * sizeof (struct iwi_tx_data), M_DEVBUF,
841ab66c
SZ
721 M_WAITOK | M_ZERO);
722
723 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT,
724 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, IWI_MAX_NSEG - 2,
725 MCLBYTES, 0, &ring->data_dmat);
b50e4759 726 if (error != 0) {
841ab66c 727 device_printf(sc->sc_dev, "could not create data DMA tag\n");
b50e4759
MD
728 goto fail;
729 }
730
841ab66c
SZ
731 for (i = 0; i < count; i++) {
732 error = bus_dmamap_create(ring->data_dmat, 0,
733 &ring->data[i].map);
b50e4759 734 if (error != 0) {
841ab66c 735 device_printf(sc->sc_dev, "could not create DMA map\n");
b50e4759
MD
736 goto fail;
737 }
738 }
739
841ab66c
SZ
740 return 0;
741
742fail: iwi_free_tx_ring(sc, ring);
743 return error;
744}
745
746static void
747iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring)
748{
749 struct iwi_tx_data *data;
750 int i;
751
752 for (i = 0; i < ring->count; i++) {
753 data = &ring->data[i];
754
755 if (data->m != NULL) {
756 bus_dmamap_sync(ring->data_dmat, data->map,
757 BUS_DMASYNC_POSTWRITE);
758 bus_dmamap_unload(ring->data_dmat, data->map);
759 m_freem(data->m);
760 data->m = NULL;
761 }
762
763 if (data->ni != NULL) {
764 ieee80211_free_node(data->ni);
765 data->ni = NULL;
766 }
767 }
768
769 ring->queued = 0;
770 ring->cur = ring->next = 0;
771}
772
773static void
774iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring)
775{
776 struct iwi_tx_data *data;
777 int i;
778
779 if (ring->desc != NULL) {
780 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
781 BUS_DMASYNC_POSTWRITE);
782 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
783 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
784 ring->desc = NULL;
785 }
786
787 if (ring->desc_dmat != NULL) {
788 bus_dma_tag_destroy(ring->desc_dmat);
789 ring->desc_dmat = NULL;
790 }
791
792 if (ring->data != NULL) {
793 for (i = 0; i < ring->count; i++) {
794 data = &ring->data[i];
795
796 if (data->m != NULL) {
797 bus_dmamap_sync(ring->data_dmat, data->map,
798 BUS_DMASYNC_POSTWRITE);
799 bus_dmamap_unload(ring->data_dmat, data->map);
800 m_freem(data->m);
801 data->m = NULL;
802 }
803
804 if (data->ni != NULL) {
805 ieee80211_free_node(data->ni);
806 data->ni = NULL;
807 }
808
809 if (data->map != NULL) {
810 bus_dmamap_destroy(ring->data_dmat, data->map);
811 data->map = NULL;
812 }
813 }
814
efda3bd0 815 kfree(ring->data, M_DEVBUF);
841ab66c
SZ
816 ring->data = NULL;
817 }
818
819 if (ring->data_dmat != NULL) {
820 bus_dma_tag_destroy(ring->data_dmat);
821 ring->data_dmat = NULL;
822 }
823}
824
825static int
826iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count)
827{
828 struct iwi_rx_data *data;
829 int i, error;
830
831 ring->count = count;
832 ring->cur = 0;
833
efda3bd0 834 ring->data = kmalloc(count * sizeof (struct iwi_rx_data), M_DEVBUF,
841ab66c
SZ
835 M_WAITOK | M_ZERO);
836
837 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT,
838 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0,
839 &ring->data_dmat);
b50e4759 840 if (error != 0) {
841ab66c 841 device_printf(sc->sc_dev, "could not create data DMA tag\n");
b50e4759
MD
842 goto fail;
843 }
844
841ab66c
SZ
845 for (i = 0; i < count; i++) {
846 data = &ring->data[i];
b50e4759 847
841ab66c 848 error = bus_dmamap_create(ring->data_dmat, 0, &data->map);
b50e4759 849 if (error != 0) {
841ab66c 850 device_printf(sc->sc_dev, "could not create DMA map\n");
b50e4759
MD
851 goto fail;
852 }
853
841ab66c
SZ
854 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR);
855 if (data->m == NULL) {
b50e4759
MD
856 device_printf(sc->sc_dev,
857 "could not allocate rx mbuf\n");
858 error = ENOMEM;
859 goto fail;
860 }
861
841ab66c
SZ
862 error = bus_dmamap_load(ring->data_dmat, data->map,
863 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr,
864 &data->physaddr, 0);
b50e4759
MD
865 if (error != 0) {
866 device_printf(sc->sc_dev,
867 "could not load rx buf DMA map");
841ab66c
SZ
868
869 m_freem(data->m);
870 data->m = NULL;
b50e4759
MD
871 goto fail;
872 }
841ab66c
SZ
873
874 data->reg = IWI_CSR_RX_BASE + i * 4;
b50e4759
MD
875 }
876
877 return 0;
878
841ab66c 879fail: iwi_free_rx_ring(sc, ring);
b50e4759
MD
880 return error;
881}
882
883static void
841ab66c 884iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring)
b50e4759 885{
841ab66c
SZ
886 ring->cur = 0;
887}
b50e4759 888
841ab66c
SZ
889static void
890iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring)
891{
892 struct iwi_rx_data *data;
893 int i;
b50e4759 894
841ab66c
SZ
895 if (ring->data != NULL) {
896 for (i = 0; i < ring->count; i++) {
897 data = &ring->data[i];
b50e4759 898
841ab66c
SZ
899 if (data->m != NULL) {
900 bus_dmamap_sync(ring->data_dmat, data->map,
901 BUS_DMASYNC_POSTREAD);
902 bus_dmamap_unload(ring->data_dmat, data->map);
903 m_freem(data->m);
904 data->m = NULL;
b50e4759 905 }
b50e4759 906
841ab66c
SZ
907 if (data->map != NULL) {
908 bus_dmamap_destroy(ring->data_dmat, data->map);
909 data->map = NULL;
b50e4759 910 }
b50e4759 911 }
841ab66c 912
efda3bd0 913 kfree(ring->data, M_DEVBUF);
841ab66c 914 ring->data = NULL;
b50e4759 915 }
841ab66c
SZ
916
917 if (ring->data_dmat != NULL) {
918 bus_dma_tag_destroy(ring->data_dmat);
919 ring->data_dmat = NULL;
b50e4759
MD
920 }
921}
922
923static int
924iwi_shutdown(device_t dev)
925{
926 struct iwi_softc *sc = device_get_softc(dev);
904b393f 927 struct ifnet *ifp = &sc->sc_ic.ic_if;
b50e4759 928
904b393f 929 lwkt_serialize_enter(ifp->if_serializer);
b50e4759 930 iwi_stop(sc);
904b393f 931 lwkt_serialize_exit(ifp->if_serializer);
b50e4759
MD
932
933 return 0;
934}
935
936static int
937iwi_suspend(device_t dev)
938{
939 struct iwi_softc *sc = device_get_softc(dev);
904b393f 940 struct ifnet *ifp = &sc->sc_ic.ic_if;
b50e4759 941
904b393f 942 lwkt_serialize_enter(ifp->if_serializer);
b50e4759 943 iwi_stop(sc);
904b393f 944 lwkt_serialize_exit(ifp->if_serializer);
b50e4759
MD
945
946 return 0;
947}
948
949static int
950iwi_resume(device_t dev)
951{
952 struct iwi_softc *sc = device_get_softc(dev);
841ab66c 953 struct ifnet *ifp = sc->sc_ic.ic_ifp;
b50e4759 954
904b393f 955 lwkt_serialize_enter(ifp->if_serializer);
841ab66c 956
b50e4759
MD
957 pci_write_config(dev, 0x41, 0, 1);
958
959 if (ifp->if_flags & IFF_UP) {
960 ifp->if_init(ifp->if_softc);
961 if (ifp->if_flags & IFF_RUNNING)
9db4b353 962 if_devstart(ifp);
b50e4759 963 }
841ab66c 964
904b393f 965 lwkt_serialize_exit(ifp->if_serializer);
841ab66c 966
b50e4759
MD
967 return 0;
968}
969
841ab66c
SZ
970static struct ieee80211_node *
971iwi_node_alloc(struct ieee80211_node_table *nt)
972{
973 struct iwi_node *in;
974
efda3bd0 975 in = kmalloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO);
841ab66c
SZ
976 if (in == NULL)
977 return NULL;
978
979 in->in_station = -1;
980
981 return &in->in_node;
982}
983
984static void
985iwi_node_free(struct ieee80211_node *ni)
986{
987 struct ieee80211com *ic = ni->ni_ic;
988 struct iwi_softc *sc = ic->ic_ifp->if_softc;
989 struct iwi_node *in = (struct iwi_node *)ni;
990
991 if (in->in_station != -1)
992 iwi_free_ibss_node(sc, in->in_station);
993
994 sc->sc_node_free(ni);
995}
996
b50e4759
MD
997static int
998iwi_media_change(struct ifnet *ifp)
999{
1000 struct iwi_softc *sc = ifp->if_softc;
841ab66c
SZ
1001 int error;
1002
1003 ASSERT_SERIALIZED(ifp->if_serializer);
b50e4759
MD
1004
1005 error = ieee80211_media_change(ifp);
841ab66c 1006 if (error != ENETRESET)
b50e4759 1007 return error;
b50e4759 1008
841ab66c 1009 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
b50e4759 1010 iwi_init(sc);
841ab66c 1011 return 0;
b50e4759
MD
1012}
1013
114b4cbc
SZ
1014/*
1015 * Convert h/w rate code to IEEE rate code.
1016 */
1017static int
1018iwi_cvtrate(int iwirate)
1019{
1020 switch (iwirate) {
1021 case IWI_RATE_DS1: return 2;
1022 case IWI_RATE_DS2: return 4;
1023 case IWI_RATE_DS5: return 11;
1024 case IWI_RATE_DS11: return 22;
1025 case IWI_RATE_OFDM6: return 12;
1026 case IWI_RATE_OFDM9: return 18;
1027 case IWI_RATE_OFDM12: return 24;
1028 case IWI_RATE_OFDM18: return 36;
1029 case IWI_RATE_OFDM24: return 48;
1030 case IWI_RATE_OFDM36: return 72;
1031 case IWI_RATE_OFDM48: return 96;
1032 case IWI_RATE_OFDM54: return 108;
1033 }
1034 return 0;
1035}
1036
841ab66c
SZ
1037/*
1038 * The firmware automatically adapts the transmit speed. We report its current
1039 * value here.
1040 */
b50e4759
MD
1041static void
1042iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr)
1043{
1044 struct iwi_softc *sc = ifp->if_softc;
1045 struct ieee80211com *ic = &sc->sc_ic;
114b4cbc 1046 int rate;
b50e4759
MD
1047
1048 imr->ifm_status = IFM_AVALID;
1049 imr->ifm_active = IFM_IEEE80211;
1050 if (ic->ic_state == IEEE80211_S_RUN)
1051 imr->ifm_status |= IFM_ACTIVE;
1052
1053 /* read current transmission rate from adapter */
114b4cbc 1054 rate = iwi_cvtrate(CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE));
b50e4759 1055 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode);
b50e4759 1056
114b4cbc 1057 if (ic->ic_opmode == IEEE80211_M_IBSS)
b50e4759 1058 imr->ifm_active |= IFM_IEEE80211_ADHOC;
114b4cbc 1059 else if (ic->ic_opmode == IEEE80211_M_MONITOR)
b50e4759 1060 imr->ifm_active |= IFM_IEEE80211_MONITOR;
b50e4759
MD
1061}
1062
1063static int
841ab66c 1064iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
b50e4759 1065{
841ab66c
SZ
1066 struct ifnet *ifp = ic->ic_ifp;
1067 struct iwi_softc *sc = ifp->if_softc;
1068 enum ieee80211_state ostate;
1069 uint32_t tmp;
904b393f 1070
841ab66c 1071 ostate = ic->ic_state;
b50e4759
MD
1072
1073 switch (nstate) {
1074 case IEEE80211_S_SCAN:
841ab66c
SZ
1075 if (sc->flags & IWI_FLAG_SCANNING)
1076 break;
1077
1078 ieee80211_node_table_reset(&ic->ic_scan);
1079 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN;
1080 sc->flags |= IWI_FLAG_SCANNING;
1081 iwi_scan(sc);
b50e4759
MD
1082 break;
1083
1084 case IEEE80211_S_AUTH:
841ab66c 1085 iwi_auth_and_assoc(sc);
b50e4759
MD
1086 break;
1087
1088 case IEEE80211_S_RUN:
841ab66c
SZ
1089 if (ic->ic_opmode == IEEE80211_M_IBSS)
1090 iwi_auth_and_assoc(sc);
1091 else if (ic->ic_opmode == IEEE80211_M_MONITOR)
1092 iwi_set_chan(sc, ic->ic_ibss_chan);
1093
1094 /* assoc led on */
1095 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK;
1096 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp | IWI_LED_ASSOC);
1097
1098 return sc->sc_newstate(ic, nstate,
1099 IEEE80211_FC0_SUBTYPE_ASSOC_RESP);
b50e4759
MD
1100
1101 case IEEE80211_S_ASSOC:
1102 break;
841ab66c 1103
b50e4759 1104 case IEEE80211_S_INIT:
841ab66c
SZ
1105 sc->flags &= ~IWI_FLAG_SCANNING;
1106
1107 if (ostate != IEEE80211_S_RUN)
1108 break;
1109
1110 /* assoc led off */
1111 tmp = MEM_READ_4(sc, IWI_MEM_EVENT_CTL) & IWI_LED_MASK;
1112 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, tmp & ~IWI_LED_ASSOC);
b50e4759
MD
1113 break;
1114 }
1115
1116 ic->ic_state = nstate;
841ab66c 1117
b50e4759
MD
1118 return 0;
1119}
1120
841ab66c
SZ
1121/*
1122 * WME parameters coming from IEEE 802.11e specification. These values are
1123 * already declared in ieee80211_proto.c, but they are static so they can't
1124 * be reused here.
1125 */
1126static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = {
1127 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */
1128 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */
1129 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */
1130 { 0, 2, 3, 4, 102 } /* WME_AC_VO */
1131};
1132
1133static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = {
1134 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */
1135 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */
1136 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */
1137 { 0, 2, 2, 3, 47 } /* WME_AC_VO */
1138};
1139
1140static int
1141iwi_wme_update(struct ieee80211com *ic)
1142{
1143#define IWI_EXP2(v) htole16((1 << (v)) - 1)
1144#define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v))
1145 struct iwi_softc *sc = ic->ic_ifp->if_softc;
1146 struct iwi_wme_params wme[3];
1147 const struct wmeParams *wmep;
1148 int ac;
1149
1150 /*
1151 * We shall not override firmware default WME values if WME is not
1152 * actually enabled.
1153 */
1154 if (!(ic->ic_flags & IEEE80211_F_WME))
1155 return 0;
1156
1157 for (ac = 0; ac < WME_NUM_AC; ac++) {
1158 /* set WME values for current operating mode */
1159 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac];
1160 wme[0].aifsn[ac] = wmep->wmep_aifsn;
1161 wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin);
1162 wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax);
1163 wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit);
1164 wme[0].acm[ac] = wmep->wmep_acm;
1165
1166 /* set WME values for CCK modulation */
1167 wmep = &iwi_wme_cck_params[ac];
1168 wme[1].aifsn[ac] = wmep->wmep_aifsn;
1169 wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin);
1170 wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax);
1171 wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit);
1172 wme[1].acm[ac] = wmep->wmep_acm;
1173
1174 /* set WME values for OFDM modulation */
1175 wmep = &iwi_wme_ofdm_params[ac];
1176 wme[2].aifsn[ac] = wmep->wmep_aifsn;
1177 wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin);
1178 wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax);
1179 wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit);
1180 wme[2].acm[ac] = wmep->wmep_acm;
1181 }
1182
1183 DPRINTF(("Setting WME parameters\n"));
1184 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, wme, sizeof wme, 1);
1185#undef IWI_USEC
1186#undef IWI_EXP2
1187}
1188
b50e4759
MD
1189/*
1190 * Read 16 bits at address 'addr' from the serial EEPROM.
b50e4759 1191 */
841ab66c
SZ
1192static uint16_t
1193iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr)
b50e4759 1194{
841ab66c
SZ
1195 uint32_t tmp;
1196 uint16_t val;
b50e4759
MD
1197 int n;
1198
1199 /* Clock C once before the first command */
1200 IWI_EEPROM_CTL(sc, 0);
1201 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1202 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C);
1203 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1204
1205 /* Write start bit (1) */
1206 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D);
1207 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C);
1208
1209 /* Write READ opcode (10) */
1210 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D);
1211 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C);
1212 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1213 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C);
1214
1215 /* Write address A7-A0 */
1216 for (n = 7; n >= 0; n--) {
1217 IWI_EEPROM_CTL(sc, IWI_EEPROM_S |
1218 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D));
1219 IWI_EEPROM_CTL(sc, IWI_EEPROM_S |
1220 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C);
1221 }
1222
1223 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1224
1225 /* Read data Q15-Q0 */
1226 val = 0;
1227 for (n = 15; n >= 0; n--) {
1228 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C);
1229 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1230 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL);
1231 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n;
1232 }
1233
1234 IWI_EEPROM_CTL(sc, 0);
1235
1236 /* Clear Chip Select and clock C */
1237 IWI_EEPROM_CTL(sc, IWI_EEPROM_S);
1238 IWI_EEPROM_CTL(sc, 0);
1239 IWI_EEPROM_CTL(sc, IWI_EEPROM_C);
1240
841ab66c 1241 return val;
b50e4759
MD
1242}
1243
1244/*
1245 * XXX: Hack to set the current channel to the value advertised in beacons or
1246 * probe responses. Only used during AP detection.
1247 */
1248static void
841ab66c 1249iwi_fix_channel(struct ieee80211com *ic, struct mbuf *m)
b50e4759 1250{
b50e4759 1251 struct ieee80211_frame *wh;
841ab66c
SZ
1252 uint8_t subtype;
1253 uint8_t *frm, *efrm;
b50e4759
MD
1254
1255 wh = mtod(m, struct ieee80211_frame *);
1256
1257 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT)
1258 return;
1259
1260 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
1261
1262 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON &&
841ab66c
SZ
1263 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP)
1264 return;
b50e4759 1265
841ab66c
SZ
1266 frm = (uint8_t *)(wh + 1);
1267 efrm = mtod(m, uint8_t *) + m->m_len;
b50e4759
MD
1268
1269 frm += 12; /* skip tstamp, bintval and capinfo fields */
b50e4759
MD
1270 while (frm < efrm) {
1271 if (*frm == IEEE80211_ELEMID_DSPARMS)
1272#if IEEE80211_CHAN_MAX < 255
1273 if (frm[2] <= IEEE80211_CHAN_MAX)
1274#endif
841ab66c 1275 ic->ic_curchan = &ic->ic_channels[frm[2]];
b50e4759 1276
841ab66c 1277 frm += frm[1] + 2;
b50e4759
MD
1278 }
1279}
1280
1281static void
841ab66c 1282iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i,
b50e4759
MD
1283 struct iwi_frame *frame)
1284{
1285 struct ieee80211com *ic = &sc->sc_ic;
841ab66c
SZ
1286 struct ifnet *ifp = ic->ic_ifp;
1287 struct mbuf *mnew, *m;
b50e4759
MD
1288 struct ieee80211_frame *wh;
1289 struct ieee80211_node *ni;
1290 int error;
1291
841ab66c
SZ
1292 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u\n",
1293 le16toh(frame->len), frame->chan, frame->rssi_dbm));
1294
1295 if (le16toh(frame->len) < sizeof (struct ieee80211_frame))
1296 return;
1297
1298 /*
1299 * Try to allocate a new mbuf for this ring element and load it before
1300 * processing the current mbuf. If the ring element cannot be loaded,
1301 * drop the received packet and reuse the old mbuf. In the unlikely
1302 * case that the old mbuf can't be reloaded either, explicitly panic.
1303 */
1304 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR);
1305 if (mnew == NULL) {
1306 ifp->if_ierrors++;
1307 return;
1308 }
1309
1310 bus_dmamap_unload(sc->rxq.data_dmat, data->map);
b50e4759 1311
841ab66c
SZ
1312 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1313 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr,
1314 0);
1315 if (error != 0) {
1316 m_freem(mnew);
1317
1318 /* try to reload the old mbuf */
1319 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1320 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr,
1321 &data->physaddr, 0);
1322 if (error != 0) {
1323 /* very unlikely that it will fail... */
1324 panic("%s: could not load old rx mbuf",
1325 device_get_name(sc->sc_dev));
1326 }
1327 ifp->if_ierrors++;
b50e4759
MD
1328 return;
1329 }
1330
841ab66c
SZ
1331 /*
1332 * New mbuf successfully loaded, update Rx ring and continue
1333 * processing.
1334 */
1335 m = data->m;
1336 data->m = mnew;
1337 CSR_WRITE_4(sc, data->reg, data->physaddr);
b50e4759
MD
1338
1339 /* Finalize mbuf */
b50e4759
MD
1340 m->m_pkthdr.rcvif = ifp;
1341 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) +
1342 sizeof (struct iwi_frame) + le16toh(frame->len);
1343
1344 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame));
1345
841ab66c
SZ
1346 if (ic->ic_state == IEEE80211_S_SCAN)
1347 iwi_fix_channel(ic, m);
b50e4759
MD
1348
1349 if (sc->sc_drvbpf != NULL) {
1350 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap;
1351
1352 tap->wr_flags = 0;
1353 tap->wr_rate = frame->rate;
1354 tap->wr_chan_freq =
1355 htole16(ic->ic_channels[frame->chan].ic_freq);
1356 tap->wr_chan_flags =
1357 htole16(ic->ic_channels[frame->chan].ic_flags);
1358 tap->wr_antsignal = frame->signal;
b50e4759
MD
1359 tap->wr_antenna = frame->antenna;
1360
1361 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len);
1362 }
1363
841ab66c
SZ
1364 wh = mtod(m, struct ieee80211_frame *);
1365 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh);
b50e4759 1366
841ab66c
SZ
1367 /* send the frame to the 802.11 layer */
1368 ieee80211_input(ic, m, ni, frame->rssi_dbm, 0);
b50e4759 1369
841ab66c
SZ
1370 /* node is no longer needed */
1371 ieee80211_free_node(ni);
b50e4759
MD
1372}
1373
1374static void
1375iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif)
1376{
1377 struct ieee80211com *ic = &sc->sc_ic;
b50e4759
MD
1378 struct iwi_notif_scan_channel *chan;
1379 struct iwi_notif_scan_complete *scan;
1380 struct iwi_notif_authentication *auth;
1381 struct iwi_notif_association *assoc;
1382
1383 switch (notif->type) {
1384 case IWI_NOTIF_TYPE_SCAN_CHANNEL:
1385 chan = (struct iwi_notif_scan_channel *)(notif + 1);
1386
841ab66c 1387 DPRINTFN(2, ("Scanning channel (%u)\n", chan->nchan));
b50e4759
MD
1388 break;
1389
1390 case IWI_NOTIF_TYPE_SCAN_COMPLETE:
1391 scan = (struct iwi_notif_scan_complete *)(notif + 1);
1392
1393 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan,
1394 scan->status));
1395
841ab66c
SZ
1396 /* monitor mode uses scan to set the channel ... */
1397 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1398 sc->flags &= ~IWI_FLAG_SCANNING;
1399 ieee80211_end_scan(ic);
1400 } else
1401 iwi_set_chan(sc, ic->ic_ibss_chan);
b50e4759
MD
1402 break;
1403
1404 case IWI_NOTIF_TYPE_AUTHENTICATION:
1405 auth = (struct iwi_notif_authentication *)(notif + 1);
1406
1407 DPRINTFN(2, ("Authentication (%u)\n", auth->state));
1408
1409 switch (auth->state) {
1410 case IWI_AUTHENTICATED:
841ab66c 1411 ieee80211_node_authorize(ic->ic_bss);
b50e4759
MD
1412 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1);
1413 break;
1414
1415 case IWI_DEAUTHENTICATED:
b50e4759
MD
1416 break;
1417
1418 default:
1419 device_printf(sc->sc_dev,
1420 "unknown authentication state %u\n", auth->state);
1421 }
1422 break;
1423
1424 case IWI_NOTIF_TYPE_ASSOCIATION:
1425 assoc = (struct iwi_notif_association *)(notif + 1);
1426
1427 DPRINTFN(2, ("Association (%u, %u)\n", assoc->state,
1428 assoc->status));
1429
1430 switch (assoc->state) {
841ab66c
SZ
1431 case IWI_AUTHENTICATED:
1432 /* re-association, do nothing */
1433 break;
1434
b50e4759 1435 case IWI_ASSOCIATED:
b50e4759
MD
1436 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
1437 break;
1438
1439 case IWI_DEASSOCIATED:
841ab66c 1440 ieee80211_begin_scan(ic, 1);
b50e4759
MD
1441 break;
1442
1443 default:
1444 device_printf(sc->sc_dev,
1445 "unknown association state %u\n", assoc->state);
1446 }
1447 break;
1448
b50e4759 1449 default:
841ab66c 1450 DPRINTFN(5, ("Notification (%u)\n", notif->type));
b50e4759
MD
1451 }
1452}
1453
1454static void
1455iwi_rx_intr(struct iwi_softc *sc)
1456{
841ab66c 1457 struct iwi_rx_data *data;
b50e4759 1458 struct iwi_hdr *hdr;
841ab66c 1459 uint32_t hw;
b50e4759 1460
841ab66c 1461 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX);
b50e4759 1462
841ab66c
SZ
1463 for (; sc->rxq.cur != hw;) {
1464 data = &sc->rxq.data[sc->rxq.cur];
b50e4759 1465
841ab66c 1466 bus_dmamap_sync(sc->rxq.data_dmat, data->map,
b50e4759
MD
1467 BUS_DMASYNC_POSTREAD);
1468
841ab66c 1469 hdr = mtod(data->m, struct iwi_hdr *);
b50e4759
MD
1470
1471 switch (hdr->type) {
1472 case IWI_HDR_TYPE_FRAME:
841ab66c 1473 iwi_frame_intr(sc, data, sc->rxq.cur,
b50e4759
MD
1474 (struct iwi_frame *)(hdr + 1));
1475 break;
1476
1477 case IWI_HDR_TYPE_NOTIF:
1478 iwi_notification_intr(sc,
1479 (struct iwi_notif *)(hdr + 1));
1480 break;
1481
1482 default:
1483 device_printf(sc->sc_dev, "unknown hdr type %u\n",
1484 hdr->type);
1485 }
841ab66c
SZ
1486
1487 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur));
1488
1489 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT;
b50e4759
MD
1490 }
1491
1492 /* Tell the firmware what we have processed */
841ab66c
SZ
1493 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1;
1494 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw);
b50e4759
MD
1495}
1496
1497static void
841ab66c 1498iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq)
b50e4759
MD
1499{
1500 struct ieee80211com *ic = &sc->sc_ic;
841ab66c
SZ
1501 struct ifnet *ifp = ic->ic_ifp;
1502 struct iwi_tx_data *data;
1503 uint32_t hw;
b50e4759 1504
841ab66c 1505 hw = CSR_READ_4(sc, txq->csr_ridx);
b50e4759 1506
841ab66c
SZ
1507 for (; txq->next != hw;) {
1508 data = &txq->data[txq->next];
b50e4759 1509
841ab66c 1510 bus_dmamap_sync(txq->data_dmat, data->map,
b50e4759 1511 BUS_DMASYNC_POSTWRITE);
841ab66c
SZ
1512 bus_dmamap_unload(txq->data_dmat, data->map);
1513 m_freem(data->m);
1514 data->m = NULL;
1515 ieee80211_free_node(data->ni);
1516 data->ni = NULL;
b50e4759 1517
841ab66c 1518 DPRINTFN(15, ("tx done idx=%u\n", txq->next));
b50e4759 1519
841ab66c 1520 ifp->if_opackets++;
b50e4759 1521
841ab66c
SZ
1522 txq->queued--;
1523 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT;
1524 }
b50e4759 1525
841ab66c 1526 sc->sc_tx_timer = 0;
b50e4759 1527 ifp->if_flags &= ~IFF_OACTIVE;
9db4b353 1528 if_devstart(ifp);
b50e4759
MD
1529}
1530
1531static void
1532iwi_intr(void *arg)
1533{
1534 struct iwi_softc *sc = arg;
841ab66c 1535 uint32_t r;
b50e4759 1536
841ab66c
SZ
1537 r = CSR_READ_4(sc, IWI_CSR_INTR);
1538 if (r == 0 || r == 0xffffffff)
b50e4759 1539 return;
b50e4759 1540
841ab66c 1541 /* disable interrupts */
b50e4759
MD
1542 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0);
1543
3660cb22 1544 if (r & IWI_INTR_FATAL_ERROR) {
904b393f 1545 device_printf(sc->sc_dev, "fatal error\n");
3660cb22
SZ
1546
1547 if ((sc->flags & (IWI_FLAG_EXIT | IWI_FLAG_RESET)) == 0) {
1548 sc->flags |= IWI_FLAG_RESET;
1549 device_printf(sc->sc_dev, "wake firmware monitor\n");
1550 wakeup(IWI_FW_WAKE_MONITOR(sc));
1551 }
1552 }
1553
1554 if (r & IWI_INTR_PARITY_ERROR) {
1555 device_printf(sc->sc_dev, "parity error\n");
841ab66c 1556 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP;
904b393f 1557 iwi_stop(sc);
b50e4759
MD
1558 }
1559
1560 if (r & IWI_INTR_FW_INITED) {
1561 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR)))
1562 wakeup(IWI_FW_INITIALIZED(sc));
1563 }
1564
1565 if (r & IWI_INTR_RADIO_OFF) {
841ab66c
SZ
1566 DPRINTF(("radio transmitter turned off\n"));
1567 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP;
b50e4759 1568 iwi_stop(sc);
b50e4759
MD
1569 }
1570
841ab66c 1571 if (r & IWI_INTR_CMD_DONE)
b50e4759
MD
1572 wakeup(IWI_FW_CMD_ACKED(sc));
1573
841ab66c
SZ
1574 if (r & IWI_INTR_TX1_DONE)
1575 iwi_tx_intr(sc, &sc->txq[0]);
b50e4759 1576
841ab66c
SZ
1577 if (r & IWI_INTR_TX2_DONE)
1578 iwi_tx_intr(sc, &sc->txq[1]);
b50e4759 1579
841ab66c
SZ
1580 if (r & IWI_INTR_TX3_DONE)
1581 iwi_tx_intr(sc, &sc->txq[2]);
b50e4759 1582
841ab66c
SZ
1583 if (r & IWI_INTR_TX4_DONE)
1584 iwi_tx_intr(sc, &sc->txq[3]);
b50e4759 1585
841ab66c
SZ
1586 if (r & IWI_INTR_RX_DONE)
1587 iwi_rx_intr(sc);
b50e4759 1588
841ab66c
SZ
1589 /* acknowledge interrupts */
1590 CSR_WRITE_4(sc, IWI_CSR_INTR, r);
b50e4759 1591
841ab66c
SZ
1592 /* re-enable interrupts */
1593 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK);
b50e4759
MD
1594}
1595
1596static int
841ab66c 1597iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len, int async)
b50e4759
MD
1598{
1599 struct iwi_cmd_desc *desc;
841ab66c 1600 struct ifnet *ifp = &sc->sc_ic.ic_if;
904b393f 1601 int ret;
b50e4759 1602
841ab66c 1603 desc = &sc->cmdq.desc[sc->cmdq.cur];
b50e4759 1604
b50e4759
MD
1605 desc->hdr.type = IWI_HDR_TYPE_COMMAND;
1606 desc->hdr.flags = IWI_HDR_FLAG_IRQ;
1607 desc->type = type;
1608 desc->len = len;
841ab66c 1609 memcpy(desc->data, data, len);
b50e4759 1610
841ab66c 1611 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map,
b50e4759
MD
1612 BUS_DMASYNC_PREWRITE);
1613
841ab66c
SZ
1614 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur,
1615 type, len));
1616
1617 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT;
1618 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur);
1619
904b393f 1620 if (!async) {
841ab66c 1621 ASSERT_SERIALIZED(ifp->if_serializer);
b50e4759 1622
ae8e83e6 1623 tsleep_interlock(IWI_FW_CMD_ACKED(sc), 0);
904b393f 1624 lwkt_serialize_exit(ifp->if_serializer);
d9345d3a 1625 ret = tsleep(IWI_FW_CMD_ACKED(sc), PINTERLOCKED, "iwicmd", hz);
904b393f
SZ
1626 lwkt_serialize_enter(ifp->if_serializer);
1627 } else {
904b393f
SZ
1628 ret = 0;
1629 }
1630
841ab66c
SZ
1631 return ret;
1632}
1633
1634static void
1635iwi_write_ibssnode(struct iwi_softc *sc, const struct iwi_node *in)
1636{
1637 struct iwi_ibssnode node;
1638
1639 /* write node information into NIC memory */
1640 memset(&node, 0, sizeof node);
1641 IEEE80211_ADDR_COPY(node.bssid, in->in_node.ni_macaddr);
1642
1643 CSR_WRITE_REGION_1(sc,
1644 IWI_CSR_NODE_BASE + in->in_station * sizeof node,
1645 (uint8_t *)&node, sizeof node);
1646}
1647
1648struct iwi_dma_mapping {
1649 bus_dma_segment_t segs[IWI_MAX_NSEG];
1650 int nseg;
1651 bus_size_t mapsize;
1652};
1653
1654static void
1655iwi_dma_map_mbuf(void *arg, bus_dma_segment_t *segs, int nseg,
1656 bus_size_t mapsize, int error)
1657{
1658 struct iwi_dma_mapping *map = arg;
1659
1660 if (error != 0)
1661 return;
1662
1663 KASSERT(nseg <= IWI_MAX_NSEG, ("too many DMA segments %d", nseg));
1664
1665 bcopy(segs, map->segs, nseg * sizeof(bus_dma_segment_t));
1666 map->nseg = nseg;
1667 map->mapsize = mapsize;
b50e4759
MD
1668}
1669
1670static int
841ab66c
SZ
1671iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni,
1672 int ac)
b50e4759
MD
1673{
1674 struct iwi_softc *sc = ifp->if_softc;
1675 struct ieee80211com *ic = &sc->sc_ic;
841ab66c 1676 struct iwi_node *in = (struct iwi_node *)ni;
b50e4759 1677 struct ieee80211_frame *wh;
841ab66c
SZ
1678 struct ieee80211_key *k;
1679 const struct chanAccParams *cap;
1680 struct iwi_tx_ring *txq = &sc->txq[ac];
1681 struct iwi_tx_data *data;
b50e4759 1682 struct iwi_tx_desc *desc;
b50e4759 1683 struct mbuf *mnew;
841ab66c
SZ
1684 struct iwi_dma_mapping map;
1685 int error, hdrlen, i, noack = 0;
1686
1687 wh = mtod(m0, struct ieee80211_frame *);
1688
1689 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) {
1690 hdrlen = sizeof (struct ieee80211_qosframe);
1691 cap = &ic->ic_wme.wme_chanParams;
1692 noack = cap->cap_wmeParams[ac].wmep_noackPolicy;
1693 } else
1694 hdrlen = sizeof (struct ieee80211_frame);
1695
1696 /*
1697 * This is only used in IBSS mode where the firmware expect an index
1698 * in a h/w table instead of a destination address.
1699 */
1700 if (ic->ic_opmode == IEEE80211_M_IBSS && in->in_station == -1) {
1701 in->in_station = iwi_alloc_ibss_node(sc);
1702 if (in->in_station == -1) { /* h/w table is full */
1703 m_freem(m0);
1704 ieee80211_free_node(ni);
1705 ifp->if_oerrors++;
1706 if_printf(ifp, "ibss table is full\n");
1707 return 0;
1708 }
1709 iwi_write_ibssnode(sc, in);
1710 }
1711
1712 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1713 k = ieee80211_crypto_encap(ic, ni, m0);
1714 if (k == NULL) {
1715 m_freem(m0);
1716 return ENOBUFS;
1717 }
1718
1719 /* packet header may have moved, reset our local pointer */
1720 wh = mtod(m0, struct ieee80211_frame *);
1721 }
b50e4759
MD
1722
1723 if (sc->sc_drvbpf != NULL) {
1724 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap;
1725
1726 tap->wt_flags = 0;
841ab66c
SZ
1727 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq);
1728 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags);
b50e4759
MD
1729
1730 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len);
1731 }
1732
841ab66c
SZ
1733 data = &txq->data[txq->cur];
1734 desc = &txq->desc[txq->cur];
b50e4759 1735
841ab66c
SZ
1736 /* save and trim IEEE802.11 header */
1737 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh);
1738 m_adj(m0, hdrlen);
b50e4759 1739
841ab66c
SZ
1740 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0,
1741 iwi_dma_map_mbuf, &map, BUS_DMA_NOWAIT);
b50e4759
MD
1742 if (error != 0 && error != EFBIG) {
1743 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1744 error);
1745 m_freem(m0);
b50e4759
MD
1746 return error;
1747 }
1748 if (error != 0) {
1749 mnew = m_defrag(m0, MB_DONTWAIT);
1750 if (mnew == NULL) {
1751 device_printf(sc->sc_dev,
1752 "could not defragment mbuf\n");
1753 m_freem(m0);
b50e4759
MD
1754 return ENOBUFS;
1755 }
1756 m0 = mnew;
1757
841ab66c
SZ
1758 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0,
1759 iwi_dma_map_mbuf, &map,
1760 BUS_DMA_NOWAIT);
b50e4759
MD
1761 if (error != 0) {
1762 device_printf(sc->sc_dev,
1763 "could not map mbuf (error %d)\n", error);
1764 m_freem(m0);
b50e4759
MD
1765 return error;
1766 }
1767 }
1768
841ab66c
SZ
1769 data->m = m0;
1770 data->ni = ni;
b50e4759
MD
1771
1772 desc->hdr.type = IWI_HDR_TYPE_DATA;
1773 desc->hdr.flags = IWI_HDR_FLAG_IRQ;
841ab66c
SZ
1774 desc->station =
1775 (ic->ic_opmode == IEEE80211_M_IBSS) ? in->in_station : 0;
b50e4759
MD
1776 desc->cmd = IWI_DATA_CMD_TX;
1777 desc->len = htole16(m0->m_pkthdr.len);
1778 desc->flags = 0;
841ab66c
SZ
1779 desc->xflags = 0;
1780
1781 if (!noack && !IEEE80211_IS_MULTICAST(desc->wh.i_addr1))
b50e4759
MD
1782 desc->flags |= IWI_DATA_FLAG_NEED_ACK;
1783
841ab66c
SZ
1784#if 0
1785 if (ic->ic_flags & IEEE80211_F_PRIVACY) {
1786 desc->wh.i_fc[1] |= IEEE80211_FC1_WEP;
1787 desc->weptxkey = ic->ic_crypto.cs_def_txkey;
b50e4759 1788 } else
841ab66c 1789#endif
b50e4759
MD
1790 desc->flags |= IWI_DATA_FLAG_NO_WEP;
1791
1792 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
1793 desc->flags |= IWI_DATA_FLAG_SHPREAMBLE;
1794
841ab66c
SZ
1795 if (desc->wh.i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS)
1796 desc->xflags |= IWI_DATA_XFLAG_QOS;
1797
b50e4759
MD
1798 desc->nseg = htole32(map.nseg);
1799 for (i = 0; i < map.nseg; i++) {
1800 desc->seg_addr[i] = htole32(map.segs[i].ds_addr);
841ab66c 1801 desc->seg_len[i] = htole16(map.segs[i].ds_len);
b50e4759
MD
1802 }
1803
841ab66c
SZ
1804 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1805 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE);
b50e4759 1806
841ab66c 1807 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n",
3660cb22 1808 ac, txq->cur, le16toh(desc->len), map.nseg));
b50e4759 1809
841ab66c
SZ
1810 txq->queued++;
1811 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT;
1812 CSR_WRITE_4(sc, txq->csr_widx, txq->cur);
b50e4759 1813
b50e4759
MD
1814 return 0;
1815}
1816
1817static void
1818iwi_start(struct ifnet *ifp)
1819{
1820 struct iwi_softc *sc = ifp->if_softc;
1821 struct ieee80211com *ic = &sc->sc_ic;
1822 struct mbuf *m0;
841ab66c 1823 struct ether_header *eh;
b50e4759 1824 struct ieee80211_node *ni;
841ab66c 1825 int ac;
b50e4759 1826
9db4b353
SZ
1827 ieee80211_drain_mgtq(&ic->ic_mgtq);
1828 if (ic->ic_state != IEEE80211_S_RUN) {
1829 ifq_purge(&ifp->if_snd);
b50e4759 1830 return;
9db4b353 1831 }
b866247b 1832
b50e4759 1833 for (;;) {
841ab66c 1834 m0 = ifq_dequeue(&ifp->if_snd, NULL);
b50e4759
MD
1835 if (m0 == NULL)
1836 break;
b50e4759 1837
841ab66c
SZ
1838 if (m0->m_len < sizeof (struct ether_header) &&
1839 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) {
1840 ifp->if_oerrors++;
1841 continue;
1842 }
1843 eh = mtod(m0, struct ether_header *);
1844 ni = ieee80211_find_txnode(ic, eh->ether_dhost);
1845 if (ni == NULL) {
1846 m_freem(m0);
1847 ifp->if_oerrors++;
1848 continue;
1849 }
1850
1851 /* classify mbuf so we can find which tx ring to use */
1852 if (ieee80211_classify(ic, m0, ni) != 0) {
1853 m_freem(m0);
1854 ieee80211_free_node(ni);
1855 ifp->if_oerrors++;
1856 continue;
1857 }
1858
1859 /* no QoS encapsulation for EAPOL frames */
1860 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ?
1861 M_WME_GETAC(m0) : WME_AC_BE;
1862
1863 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) {
1864 /* there is no place left in this ring */
1865 m_freem(m0);
1866 ieee80211_free_node(ni);
b50e4759
MD
1867 ifp->if_flags |= IFF_OACTIVE;
1868 break;
1869 }
1870
b50e4759 1871 BPF_MTAP(ifp, m0);
b50e4759 1872
841ab66c
SZ
1873 m0 = ieee80211_encap(ic, m0, ni);
1874 if (m0 == NULL) {
1875 ieee80211_free_node(ni);
1876 ifp->if_oerrors++;
b50e4759 1877 continue;
841ab66c 1878 }
b50e4759
MD
1879
1880 if (ic->ic_rawbpf != NULL)
1881 bpf_mtap(ic->ic_rawbpf, m0);
1882
841ab66c
SZ
1883 if (iwi_tx_start(ifp, m0, ni, ac) != 0) {
1884 ieee80211_free_node(ni);
1885 ifp->if_oerrors++;
b50e4759
MD
1886 break;
1887 }
1888
b50e4759
MD
1889 sc->sc_tx_timer = 5;
1890 ifp->if_timer = 1;
1891 }
b50e4759
MD
1892}
1893
1894static void
1895iwi_watchdog(struct ifnet *ifp)
1896{
1897 struct iwi_softc *sc = ifp->if_softc;
841ab66c 1898 struct ieee80211com *ic = &sc->sc_ic;
b50e4759
MD
1899
1900 ifp->if_timer = 0;
1901
1902 if (sc->sc_tx_timer > 0) {
1903 if (--sc->sc_tx_timer == 0) {
1904 if_printf(ifp, "device timeout\n");
841ab66c 1905 ifp->if_oerrors++;
3660cb22
SZ
1906 sc->flags |= IWI_FLAG_RESET;
1907 wakeup(IWI_FW_WAKE_MONITOR(sc));
b50e4759
MD
1908 return;
1909 }
1910 ifp->if_timer = 1;
1911 }
1912
841ab66c 1913 ieee80211_watchdog(ic);
b50e4759
MD
1914}
1915
b50e4759
MD
1916static int
1917iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
1918{
1919 struct iwi_softc *sc = ifp->if_softc;
841ab66c 1920 struct ieee80211com *ic = &sc->sc_ic;
b50e4759 1921 int error = 0;
b50e4759
MD
1922
1923 switch (cmd) {
b50e4759
MD
1924 case SIOCSIFFLAGS:
1925 if (ifp->if_flags & IFF_UP) {
841ab66c 1926 if (!(ifp->if_flags & IFF_RUNNING))
b50e4759 1927 iwi_init(sc);
b50e4759 1928 } else {
841ab66c 1929 if (ifp->if_flags & IFF_RUNNING)
b50e4759 1930 iwi_stop(sc);
b50e4759
MD
1931 }
1932 break;
1933
b50e4759 1934 default:
841ab66c 1935 error = ieee80211_ioctl(ic, cmd, data, cr);
b50e4759
MD
1936 }
1937
1938 if (error == ENETRESET) {
b50e4759 1939 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
841ab66c
SZ
1940 (IFF_UP | IFF_RUNNING) &&
1941 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL))
b50e4759 1942 iwi_init(sc);
841ab66c 1943 error = 0;
b50e4759 1944 }
b50e4759 1945
841ab66c 1946 return error;
b50e4759
MD
1947}
1948
1949static void
1950iwi_stop_master(struct iwi_softc *sc)
1951{
841ab66c 1952 uint32_t tmp;
b50e4759
MD
1953 int ntries;
1954
841ab66c 1955 /* disable interrupts */
b50e4759
MD
1956 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0);
1957
1958 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER);
1959 for (ntries = 0; ntries < 5; ntries++) {
1960 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED)
1961 break;
1962 DELAY(10);
1963 }
841ab66c
SZ
1964 if (ntries == 5)
1965 if_printf(&sc->sc_ic.ic_if, "timeout waiting for master\n");
b50e4759 1966
841ab66c
SZ
1967 tmp = CSR_READ_4(sc, IWI_CSR_RST);
1968 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET);
b50e4759
MD
1969
1970 sc->flags &= ~IWI_FLAG_FW_INITED;
1971}
1972
1973static int
1974iwi_reset(struct iwi_softc *sc)
1975{
841ab66c 1976 uint32_t tmp;
b50e4759
MD
1977 int i, ntries;
1978
1979 iwi_stop_master(sc);
1980
841ab66c
SZ
1981 tmp = CSR_READ_4(sc, IWI_CSR_CTL);
1982 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT);
b50e4759 1983
b50e4759
MD
1984 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST);
1985
1986 /* Wait for clock stabilization */
1987 for (ntries = 0; ntries < 1000; ntries++) {
1988 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY)
1989 break;
1990 DELAY(200);
1991 }
1992 if (ntries == 1000) {
841ab66c
SZ
1993 if_printf(&sc->sc_ic.ic_if,
1994 "timeout waiting for clock stabilization\n");
b50e4759
MD
1995 return EIO;
1996 }
1997
841ab66c
SZ
1998 tmp = CSR_READ_4(sc, IWI_CSR_RST);
1999 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET);
b50e4759
MD
2000
2001 DELAY(10);
2002
841ab66c
SZ
2003 tmp = CSR_READ_4(sc, IWI_CSR_CTL);
2004 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT);
b50e4759
MD
2005
2006 /* Clear NIC memory */
2007 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0);
841ab66c 2008 for (i = 0; i < 0xc000; i++)
b50e4759 2009 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0);
b50e4759 2010
b50e4759
MD
2011 return 0;
2012}
2013
2014static int
2015iwi_load_ucode(struct iwi_softc *sc, void *uc, int size)
2016{
841ab66c
SZ
2017 uint32_t tmp;
2018 uint16_t *w;
b50e4759
MD
2019 int ntries, i;
2020
2021 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) |
2022 IWI_RST_STOP_MASTER);
2023 for (ntries = 0; ntries < 5; ntries++) {
2024 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED)
2025 break;
2026 DELAY(10);
2027 }
2028 if (ntries == 5) {
2029 device_printf(sc->sc_dev, "timeout waiting for master\n");
2030 return EIO;
2031 }
2032
2033 MEM_WRITE_4(sc, 0x3000e0, 0x80000000);
2034 DELAY(5000);
841ab66c
SZ
2035
2036 tmp = CSR_READ_4(sc, IWI_CSR_RST);
2037 tmp &= ~IWI_RST_PRINCETON_RESET;
2038 CSR_WRITE_4(sc, IWI_CSR_RST, tmp);
2039
b50e4759
MD
2040 DELAY(5000);
2041 MEM_WRITE_4(sc, 0x3000e0, 0);
2042 DELAY(1000);
841ab66c 2043 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 1);
b50e4759 2044 DELAY(1000);
841ab66c 2045 MEM_WRITE_4(sc, IWI_MEM_EVENT_CTL, 0);
b50e4759
MD
2046 DELAY(1000);
2047 MEM_WRITE_1(sc, 0x200000, 0x00);
2048 MEM_WRITE_1(sc, 0x200000, 0x40);
2049 DELAY(1000);
2050
841ab66c 2051 /* write microcode into adapter memory */
b50e4759 2052 for (w = uc; size > 0; w++, size -= 2)
841ab66c 2053 MEM_WRITE_2(sc, 0x200010, htole16(*w));
b50e4759
MD
2054
2055 MEM_WRITE_1(sc, 0x200000, 0x00);
2056 MEM_WRITE_1(sc, 0x200000, 0x80);
2057
841ab66c 2058 /* wait until we get an answer */
b50e4759
MD
2059 for (ntries = 0; ntries < 100; ntries++) {
2060 if (MEM_READ_1(sc, 0x200000) & 1)
2061 break;
2062 DELAY(100);
2063 }
2064 if (ntries == 100) {
2065 device_printf(sc->sc_dev,
2066 "timeout waiting for ucode to initialize\n");
2067 return EIO;
2068 }
2069
841ab66c 2070 /* read the answer or the firmware will not initialize properly */
b50e4759
MD
2071 for (i = 0; i < 7; i++)
2072 MEM_READ_4(sc, 0x200004);
2073
2074 MEM_WRITE_1(sc, 0x200000, 0x00);
2075
2076 return 0;
2077}
2078
114b4cbc
SZ
2079static int
2080iwi_alloc_firmware(struct iwi_softc *sc, enum ieee80211_opmode opmode)
2081{
2082 struct {
2083 const char *suffix;
2084 enum ieee80211_opmode opmode;
2085 } fw_arr[] = {
2086 { "bss", IEEE80211_M_STA },
2087 { "ibss", IEEE80211_M_IBSS},
2088 { "sniffer", IEEE80211_M_MONITOR},
2089 { NULL, 0 }
2090 };
2091 struct ifnet *ifp = &sc->sc_ic.ic_if;
2092 struct iwi_firmware_hdr *hdr;
2093 struct iwi_firmware *fw = &sc->fw;
2094 struct fw_image *image;
2095 char filename[128];
2096 int i, error, length_sum;
2097
2098 for (i = 0; fw_arr[i].suffix != NULL; ++i) {
2099 if (fw_arr[i].opmode == opmode)
2100 break;
2101 }
2102
2103 KASSERT(fw_arr[i].suffix != NULL, ("unsupported opmode %u\n", opmode));
2104
2105 ksnprintf(filename, sizeof(filename), IWI_FW_PATH, fw_arr[i].suffix);
2106
2107 /*
2108 * Release the serializer to avoid possible dead lock
2109 */
2110 lwkt_serialize_exit(ifp->if_serializer);
2111 image = firmware_image_load(filename, NULL);
2112 lwkt_serialize_enter(ifp->if_serializer);
2113
2114 if (image == NULL)
2115 return ENOENT;
2116 fw->fw_image = image;
2117
2118 /*
2119 * Verify the image
2120 */
2121 error = EINVAL;
2122
2123 if (fw->fw_image->fw_imglen < sizeof(struct iwi_firmware_hdr)) {
2124 if_printf(ifp, "%s firmware too short", image->fw_name);
2125 goto back;
2126 }
2127
2128 hdr = (struct iwi_firmware_hdr *)image->fw_image;
2129 if (hdr->vermaj != 3) {
2130 if_printf(ifp, "%s unsupported firmware version %d.%d\n",
2131 image->fw_name, hdr->vermaj, hdr->vermin);
2132 goto back;
2133 }
2134
2135 length_sum = le32toh(hdr->bsize) + le32toh(hdr->usize) + le32toh(hdr->fsize);
2136 if (length_sum + sizeof(*hdr) != image->fw_imglen) {
bfc09ba0
MD
2137 if_printf(ifp,
2138 "%s size mismatch, %zu/hdr %zu\n",
2139 image->fw_name, fw->fw_image->fw_imglen,
2140 length_sum + sizeof(*hdr));
114b4cbc
SZ
2141 goto back;
2142 }
2143
2144 fw->boot = (uint8_t *)(hdr + 1);
2145 fw->boot_size = le32toh(hdr->bsize);
2146 fw->ucode = fw->boot + fw->boot_size;
2147 fw->ucode_size = le32toh(hdr->usize);
2148 fw->main = fw->ucode + fw->ucode_size;
2149 fw->main_size = le32toh(hdr->fsize);
2150
2151 error = 0;
2152
2153back:
2154 if (error) {
2155 firmware_image_unload(fw->fw_image);
2156 bzero(fw, sizeof(*fw));
2157 }
2158 return error;
2159}
2160
2161static int
2162iwi_free_firmware(struct iwi_softc *sc)
2163{
2164 if (sc->fw.fw_image != NULL)
2165 firmware_image_unload(sc->fw.fw_image);
2166 return 0;
2167}
2168
b50e4759
MD
2169/* macro to handle unaligned little endian data in firmware image */
2170#define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24)
841ab66c 2171
b50e4759
MD
2172static int
2173iwi_load_firmware(struct iwi_softc *sc, void *fw, int size)
2174{
2175 bus_dma_tag_t dmat;
2176 bus_dmamap_t map;
2177 bus_addr_t physaddr;
2178 void *virtaddr;
2179 u_char *p, *end;
841ab66c 2180 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp;
b50e4759 2181 int ntries, error = 0;
904b393f 2182 struct ifnet *ifp = &sc->sc_ic.ic_if;
b50e4759 2183
841ab66c 2184 ASSERT_SERIALIZED(ifp->if_serializer);
b50e4759 2185
841ab66c
SZ
2186 /* Allocate DMA memory for mapping firmware image */
2187 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
2188 BUS_SPACE_MAXADDR, NULL, NULL, size, 1, size, 0, &dmat);
b50e4759
MD
2189 if (error != 0) {
2190 device_printf(sc->sc_dev,
2191 "could not create firmware DMA tag\n");
2192 goto fail1;
2193 }
841ab66c 2194
b50e4759
MD
2195 error = bus_dmamem_alloc(dmat, &virtaddr, BUS_DMA_WAITOK, &map);
2196 if (error != 0) {
2197 device_printf(sc->sc_dev,
2198 "could not allocate firmware DMA memory\n");
2199 goto fail2;
2200 }
2201
2202 error = bus_dmamap_load(dmat, map, virtaddr, size, iwi_dma_map_addr,
2203 &physaddr, 0);
2204 if (error != 0) {
2205 device_printf(sc->sc_dev, "could not load firmware DMA map\n");
2206 goto fail3;
2207 }
2208
2209 /* Copy firmware image to DMA memory */
841ab66c 2210 memcpy(virtaddr, fw, size);
b50e4759
MD
2211
2212 /* Make sure the adapter will get up-to-date values */
2213 bus_dmamap_sync(dmat, map, BUS_DMASYNC_PREWRITE);
2214
2215 /* Tell the adapter where the command blocks are stored */
2216 MEM_WRITE_4(sc, 0x3000a0, 0x27000);
2217
2218 /*
2219 * Store command blocks into adapter's internal memory using register
2220 * indirections. The adapter will read the firmware image through DMA
2221 * using information stored in command blocks.
2222 */
2223 src = physaddr;
2224 p = virtaddr;
2225 end = p + size;
2226 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000);
2227
2228 while (p < end) {
2229 dst = GETLE32(p); p += 4; src += 4;
2230 len = GETLE32(p); p += 4; src += 4;
2231 p += len;
2232
2233 while (len > 0) {
2234 mlen = min(len, IWI_CB_MAXDATALEN);
2235
2236 ctl = IWI_CB_DEFAULT_CTL | mlen;
2237 sum = ctl ^ src ^ dst;
2238
2239 /* Write a command block */
2240 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl);
2241 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src);
2242 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst);
2243 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum);
2244
2245 src += mlen;
2246 dst += mlen;
2247 len -= mlen;
2248 }
2249 }
2250
2251 /* Write a fictive final command block (sentinel) */
2252 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR);
2253 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0);
2254
841ab66c
SZ
2255 tmp = CSR_READ_4(sc, IWI_CSR_RST);
2256 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER);
2257 CSR_WRITE_4(sc, IWI_CSR_RST, tmp);
b50e4759
MD
2258
2259 /* Tell the adapter to start processing command blocks */
2260 MEM_WRITE_4(sc, 0x3000a4, 0x540100);
2261
841ab66c 2262 /* Wait until the adapter reaches the sentinel */
b50e4759
MD
2263 for (ntries = 0; ntries < 400; ntries++) {
2264 if (MEM_READ_4(sc, 0x3000d0) >= sentinel)
2265 break;
2266 DELAY(100);
2267 }
2268 if (ntries == 400) {
2269 device_printf(sc->sc_dev,
2270 "timeout processing command blocks\n");
2271 error = EIO;
2272 goto fail4;
2273 }
2274
b50e4759
MD
2275 /* We're done with command blocks processing */
2276 MEM_WRITE_4(sc, 0x3000a4, 0x540c00);
2277
841ab66c 2278 /* Allow interrupts so we know when the firmware is ready */
b50e4759
MD
2279 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK);
2280
2281 /* Tell the adapter to initialize the firmware */
2282 CSR_WRITE_4(sc, IWI_CSR_RST, 0);
904b393f 2283
841ab66c
SZ
2284 tmp = CSR_READ_4(sc, IWI_CSR_CTL);
2285 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY);
2286
2287 /* wait at most one second for firmware initialization to complete */
ae8e83e6 2288 tsleep_interlock(IWI_FW_INITIALIZED(sc), 0);
904b393f 2289 lwkt_serialize_exit(ifp->if_serializer);
d9345d3a 2290 error = tsleep(IWI_FW_INITIALIZED(sc), PINTERLOCKED, "iwiinit", hz);
904b393f
SZ
2291 lwkt_serialize_enter(ifp->if_serializer);
2292 if (error != 0) {
b50e4759
MD
2293 device_printf(sc->sc_dev, "timeout waiting for firmware "
2294 "initialization to complete\n");
2295 goto fail4;
2296 }
2297
841ab66c 2298fail4: bus_dmamap_sync(dmat, map, BUS_DMASYNC_POSTWRITE);
b50e4759
MD
2299 bus_dmamap_unload(dmat, map);
2300fail3: bus_dmamem_free(dmat, virtaddr, map);
2301fail2: bus_dma_tag_destroy(dmat);
2302fail1:
2303 return error;
2304}
2305
b50e4759
MD
2306static int
2307iwi_config(struct iwi_softc *sc)
2308{
2309 struct ieee80211com *ic = &sc->sc_ic;
841ab66c
SZ
2310 struct ifnet *ifp = ic->ic_ifp;
2311 struct iwi_configuration config;
b50e4759
MD
2312 struct iwi_rateset rs;
2313 struct iwi_txpower power;
841ab66c 2314 struct ieee80211_key *wk;
b50e4759 2315 struct iwi_wep_key wepkey;
841ab66c 2316 uint32_t data;
b50e4759
MD
2317 int error, i;
2318
2319 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp));
2320 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":"));
2321 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr,
2322 IEEE80211_ADDR_LEN, 0);
2323 if (error != 0)
2324 return error;
2325
841ab66c
SZ
2326 memset(&config, 0, sizeof config);
2327 config.bluetooth_coexistence = sc->bluetooth;
2328 config.antenna = sc->antenna;
2329 config.multicast_enabled = 1;
2330 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0;
2331 config.disable_unicast_decryption = 1;
2332 config.disable_multicast_decryption = 1;
b50e4759 2333 DPRINTF(("Configuring adapter\n"));
841ab66c
SZ
2334 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config, 0);
2335 if (error != 0)
b50e4759
MD
2336 return error;
2337
2338 data = htole32(IWI_POWER_MODE_CAM);
2339 DPRINTF(("Setting power mode to %u\n", le32toh(data)));
2340 error = iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data, 0);
2341 if (error != 0)
2342 return error;
2343
2344 data = htole32(ic->ic_rtsthreshold);
2345 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data)));
2346 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data, 0);
2347 if (error != 0)
2348 return error;
2349
841ab66c
SZ
2350 data = htole32(ic->ic_fragthreshold);
2351 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data)));
2352 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data, 0);
2353 if (error != 0)
2354 return error;
2355
b50e4759
MD
2356 if (ic->ic_opmode == IEEE80211_M_IBSS) {
2357 power.mode = IWI_MODE_11B;
2358 power.nchan = 11;
2359 for (i = 0; i < 11; i++) {
2360 power.chan[i].chan = i + 1;
2361 power.chan[i].power = IWI_TXPOWER_MAX;
2362 }
2363 DPRINTF(("Setting .11b channels tx power\n"));
2364 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power,
2365 0);
2366 if (error != 0)
2367 return error;
2368
2369 power.mode = IWI_MODE_11G;
2370 DPRINTF(("Setting .11g channels tx power\n"));
2371 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power,
2372 0);
2373 if (error != 0)
2374 return error;
2375 }
2376
2377 rs.mode = IWI_MODE_11G;
2378 rs.type = IWI_RATESET_TYPE_SUPPORTED;
2379 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates;
841ab66c 2380 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates,
b50e4759
MD
2381 rs.nrates);
2382 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates));
2383 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0);
2384 if (error != 0)
2385 return error;
2386
2387 rs.mode = IWI_MODE_11A;
2388 rs.type = IWI_RATESET_TYPE_SUPPORTED;
2389 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates;
841ab66c 2390 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates,
b50e4759
MD
2391 rs.nrates);
2392 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates));
2393 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 0);
2394 if (error != 0)
2395 return error;
2396
841ab66c
SZ
2397 /* if we have a desired ESSID, set it now */
2398 if (ic->ic_des_esslen != 0) {
2399#ifdef IWI_DEBUG
2400 if (iwi_debug > 0) {
e3869ec7 2401 kprintf("Setting desired ESSID to ");
841ab66c
SZ
2402 ieee80211_print_essid(ic->ic_des_essid,
2403 ic->ic_des_esslen);
e3869ec7 2404 kprintf("\n");
841ab66c
SZ
2405 }
2406#endif
2407 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_essid,
2408 ic->ic_des_esslen, 0);
2409 if (error != 0)
2410 return error;
2411 }
2412
0ced1954 2413 data = htole32(karc4random());
b50e4759
MD
2414 DPRINTF(("Setting initialization vector to %u\n", le32toh(data)));
2415 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data, 0);
2416 if (error != 0)
2417 return error;
2418
841ab66c
SZ
2419 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
2420 wk = &ic->ic_crypto.cs_nw_keys[i];
2421
2422 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY;
2423 wepkey.idx = i;
2424 wepkey.len = wk->wk_keylen;
2425 memset(wepkey.key, 0, sizeof wepkey.key);
2426 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen);
2427 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx,
2428 wepkey.len));
2429 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey,
2430 sizeof wepkey, 0);
2431 if (error != 0)
2432 return error;
b50e4759
MD
2433 }
2434
2435 /* Enable adapter */
2436 DPRINTF(("Enabling adapter\n"));
2437 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0, 0);
2438}
2439
2440static int
841ab66c 2441iwi_set_chan(struct iwi_softc *sc, struct ieee80211_channel *chan)
b50e4759
MD
2442{
2443 struct ieee80211com *ic = &sc->sc_ic;
2444 struct iwi_scan scan;
b50e4759 2445
841ab66c
SZ
2446 memset(&scan, 0, sizeof scan);
2447 memset(scan.type, IWI_SCAN_TYPE_PASSIVE, sizeof scan.type);
2448 scan.passive = htole16(2000);
2449 scan.channels[0] = 1 |
2450 (IEEE80211_IS_CHAN_5GHZ(chan) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ);
2451 scan.channels[1] = ieee80211_chan2ieee(ic, chan);
2452
2453 DPRINTF(("Setting channel to %u\n", ieee80211_chan2ieee(ic, chan)));
2454 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1);
2455}
b50e4759 2456
841ab66c
SZ
2457static int
2458iwi_scan(struct iwi_softc *sc)
2459{
2460 struct ieee80211com *ic = &sc->sc_ic;
2461 struct iwi_scan scan;
2462 uint8_t *p;
2463 int i, count;
b50e4759 2464
841ab66c 2465 memset(&scan, 0, sizeof scan);
b50e4759 2466
841ab66c
SZ
2467 if (ic->ic_des_esslen != 0) {
2468 scan.bdirected = htole16(sc->dwelltime);
2469 memset(scan.type, IWI_SCAN_TYPE_BDIRECTED, sizeof scan.type);
b50e4759 2470 } else {
841ab66c
SZ
2471 scan.broadcast = htole16(sc->dwelltime);
2472 memset(scan.type, IWI_SCAN_TYPE_BROADCAST, sizeof scan.type);
b50e4759
MD
2473 }
2474
2475 p = scan.channels;
b50e4759 2476 count = 0;
841ab66c
SZ
2477 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) {
2478 if (IEEE80211_IS_CHAN_5GHZ(&ic->ic_channels[i]) &&
2479 isset(ic->ic_chan_active, i)) {
2480 *++p = i;
2481 count++;
b50e4759 2482 }
841ab66c
SZ
2483 }
2484 *(p - count) = IWI_CHAN_5GHZ | count;
2485
2486 p = (count > 0) ? p + 1 : scan.channels;
2487 count = 0;
2488 for (i = 0; i <= IEEE80211_CHAN_MAX; i++) {
2489 if (IEEE80211_IS_CHAN_2GHZ(&ic->ic_channels[i]) &&
2490 isset(ic->ic_chan_active, i)) {
2491 *++p = i;
2492 count++;
b50e4759 2493 }
b50e4759 2494 }
841ab66c
SZ
2495 *(p - count) = IWI_CHAN_2GHZ | count;
2496
2497 DPRINTF(("Start scanning\n"));
b50e4759
MD
2498 return iwi_cmd(sc, IWI_CMD_SCAN, &scan, sizeof scan, 1);
2499}
2500
2501static int
2502iwi_auth_and_assoc(struct iwi_softc *sc)
2503{
2504 struct ieee80211com *ic = &sc->sc_ic;
841ab66c 2505 struct ifnet *ifp = ic->ic_ifp;
b50e4759 2506 struct ieee80211_node *ni = ic->ic_bss;
841ab66c
SZ
2507 struct ieee80211_wme_info wme;
2508 struct iwi_configuration config;
2509 struct iwi_associate assoc;
b50e4759 2510 struct iwi_rateset rs;
841ab66c
SZ
2511 uint16_t capinfo;
2512 uint32_t data;
2513 int error;
b50e4759 2514
841ab66c
SZ
2515 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) {
2516 memset(&config, 0, sizeof config);
2517 config.bluetooth_coexistence = sc->bluetooth;
2518 config.antenna = sc->antenna;
2519 config.multicast_enabled = 1;
2520 config.use_protection = 1;
2521 config.answer_pbreq =
2522 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0;
2523 config.disable_unicast_decryption = 1;
2524 config.disable_multicast_decryption = 1;
2525 DPRINTF(("Configuring adapter\n"));
2526 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config,
2527 1);
2528 if (error != 0)
b50e4759 2529 return error;
841ab66c 2530 }
b50e4759
MD
2531
2532#ifdef IWI_DEBUG
841ab66c 2533 if (iwi_debug > 0) {
e3869ec7 2534 kprintf("Setting ESSID to ");
b50e4759 2535 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen);
e3869ec7 2536 kprintf("\n");
b50e4759
MD
2537 }
2538#endif
2539 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen, 1);
2540 if (error != 0)
2541 return error;
2542
2543 /* the rate set has already been "negotiated" */
2544 rs.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A :
2545 IWI_MODE_11G;
2546 rs.type = IWI_RATESET_TYPE_NEGOTIATED;
2547 rs.nrates = ni->ni_rates.rs_nrates;
7a6cfa11 2548 KKASSERT(rs.nrates <= IWI_RATESET_MAXSIZE);
841ab66c
SZ
2549 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates);
2550 DPRINTF(("Setting negociated rates (%u)\n", rs.nrates));
b50e4759
MD
2551 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs, 1);
2552 if (error != 0)
2553 return error;
2554
841ab66c
SZ
2555 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) {
2556 wme.wme_id = IEEE80211_ELEMID_VENDOR;
2557 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2;
2558 wme.wme_oui[0] = 0x00;
2559 wme.wme_oui[1] = 0x50;
2560 wme.wme_oui[2] = 0xf2;
2561 wme.wme_type = WME_OUI_TYPE;
2562 wme.wme_subtype = WME_INFO_OUI_SUBTYPE;
2563 wme.wme_version = WME_VERSION;
2564 wme.wme_info = 0;
2565
2566 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len));
2567 error = iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme, 1);
2568 if (error != 0)
2569 return error;
2570 }
2571
2572 if (ic->ic_opt_ie != NULL) {
2573 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len));
2574 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie,
2575 ic->ic_opt_ie_len, 1);
2576 if (error != 0)
2577 return error;
2578 }
2579
b50e4759
MD
2580 data = htole32(ni->ni_rssi);
2581 DPRINTF(("Setting sensitivity to %d\n", (int8_t)ni->ni_rssi));
2582 error = iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &data, sizeof data, 1);
2583 if (error != 0)
2584 return error;
2585
841ab66c
SZ
2586 memset(&assoc, 0, sizeof assoc);
2587 assoc.mode = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? IWI_MODE_11A :
b50e4759 2588 IWI_MODE_11G;
841ab66c
SZ
2589 assoc.chan = ieee80211_chan2ieee(ic, ni->ni_chan);
2590 if (ni->ni_authmode == IEEE80211_AUTH_SHARED)
2591 assoc.auth = ic->ic_crypto.cs_def_txkey << 4 | IWI_AUTH_SHARED;
2592 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL)
2593 assoc.policy |= htole16(IWI_POLICY_WME);
2594 if (ic->ic_flags & IEEE80211_F_WPA)
2595 assoc.policy |= htole16(IWI_POLICY_WPA);
2596 memcpy(assoc.tstamp, ni->ni_tstamp.data, 8);
2597
2598 if (ic->ic_opmode == IEEE80211_M_IBSS)
2599 capinfo = IEEE80211_CAPINFO_IBSS;
2600 else
2601 capinfo = IEEE80211_CAPINFO_ESS;
2602 if (ic->ic_flags & IEEE80211_F_PRIVACY)
2603 capinfo |= IEEE80211_CAPINFO_PRIVACY;
2604 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) &&
2605 IEEE80211_IS_CHAN_2GHZ(ni->ni_chan))
2606 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE;
2607 if (ic->ic_flags & IEEE80211_F_SHSLOT)
2608 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME;
2609 assoc.capinfo = htole16(capinfo);
2610
2611 assoc.lintval = htole16(ic->ic_lintval);
2612 assoc.intval = htole16(ni->ni_intval);
2613 IEEE80211_ADDR_COPY(assoc.bssid, ni->ni_bssid);
2614 if (ic->ic_opmode == IEEE80211_M_IBSS)
2615 IEEE80211_ADDR_COPY(assoc.dst, ifp->if_broadcastaddr);
b50e4759 2616 else
841ab66c 2617 IEEE80211_ADDR_COPY(assoc.dst, ni->ni_bssid);
b50e4759
MD
2618
2619 DPRINTF(("Trying to associate to %6D channel %u auth %u\n",
841ab66c
SZ
2620 assoc.bssid, ":", assoc.chan, assoc.auth));
2621 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, &assoc, sizeof assoc, 1);
b50e4759
MD
2622}
2623
2624static void
2625iwi_init(void *priv)
2626{
2627 struct iwi_softc *sc = priv;
2628 struct ieee80211com *ic = &sc->sc_ic;
841ab66c 2629 struct ifnet *ifp = ic->ic_ifp;
b50e4759 2630 struct iwi_firmware *fw = &sc->fw;
841ab66c 2631 struct iwi_rx_data *data;
b50e4759
MD
2632 int i;
2633
b50e4759
MD
2634 iwi_stop(sc);
2635
2636 if (iwi_reset(sc) != 0) {
2637 device_printf(sc->sc_dev, "could not reset adapter\n");
2638 goto fail;
2639 }
2640
114b4cbc
SZ
2641 if (iwi_alloc_firmware(sc, ic->ic_opmode) != 0) {
2642 device_printf(sc->sc_dev, "could not allocate firmware\n");
2643 goto fail;
2644 }
2645
b50e4759
MD
2646 if (iwi_load_firmware(sc, fw->boot, fw->boot_size) != 0) {
2647 device_printf(sc->sc_dev, "could not load boot firmware\n");
2648 goto fail;
2649 }
2650
2651 if (iwi_load_ucode(sc, fw->ucode, fw->ucode_size) != 0) {
2652 device_printf(sc->sc_dev, "could not load microcode\n");
2653 goto fail;
2654 }
2655
2656 iwi_stop_master(sc);
2657
841ab66c
SZ
2658 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr);
2659 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count);
2660 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur);
b50e4759 2661
841ab66c
SZ
2662 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr);
2663 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count);
2664 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur);
2665
2666 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr);
2667 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count);
2668 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur);
2669
2670 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr);
2671 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count);
2672 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur);
2673
2674 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr);
2675 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count);
2676 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur);
2677
2678 for (i = 0; i < sc->rxq.count; i++) {
2679 data = &sc->rxq.data[i];
2680 CSR_WRITE_4(sc, data->reg, data->physaddr);
2681 }
2682
2683 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1);
b50e4759
MD
2684
2685 if (iwi_load_firmware(sc, fw->main, fw->main_size) != 0) {
2686 device_printf(sc->sc_dev, "could not load main firmware\n");
2687 goto fail;
2688 }
2689
b50e4759
MD
2690 sc->flags |= IWI_FLAG_FW_INITED;
2691
b50e4759
MD
2692 if (iwi_config(sc) != 0) {
2693 device_printf(sc->sc_dev, "device configuration failed\n");
2694 goto fail;
2695 }
2696
841ab66c
SZ
2697 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2698 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)
2699 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2700 } else
2701 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
2702
2703 ifp->if_flags &= ~IFF_OACTIVE;
2704 ifp->if_flags |= IFF_RUNNING;
b50e4759
MD
2705
2706 return;
2707
841ab66c 2708fail: ifp->if_flags &= ~IFF_UP;
b50e4759
MD
2709 iwi_stop(sc);
2710}
2711
b50e4759
MD
2712static void
2713iwi_stop(void *priv)
2714{
2715 struct iwi_softc *sc = priv;
2716 struct ieee80211com *ic = &sc->sc_ic;
841ab66c
SZ
2717 struct ifnet *ifp = ic->ic_ifp;
2718
2719 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
b50e4759
MD
2720
2721 iwi_stop_master(sc);
b50e4759 2722
841ab66c 2723 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET);
b50e4759 2724
841ab66c
SZ
2725 /* reset rings */
2726 iwi_reset_cmd_ring(sc, &sc->cmdq);
2727 iwi_reset_tx_ring(sc, &sc->txq[0]);
2728 iwi_reset_tx_ring(sc, &sc->txq[1]);
2729 iwi_reset_tx_ring(sc, &sc->txq[2]);
2730 iwi_reset_tx_ring(sc, &sc->txq[3]);
2731 iwi_reset_rx_ring(sc, &sc->rxq);
b50e4759 2732
841ab66c 2733 sc->sc_tx_timer = 0;
b50e4759
MD
2734 ifp->if_timer = 0;
2735 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE);
b50e4759
MD
2736}
2737
2738static int
2739iwi_sysctl_stats(SYSCTL_HANDLER_ARGS)
2740{
2741 struct iwi_softc *sc = arg1;
841ab66c
SZ
2742 struct ifnet *ifp = &sc->sc_ic.ic_if;
2743 uint32_t size, buf[128];
b50e4759 2744
841ab66c 2745 lwkt_serialize_enter(ifp->if_serializer);
b50e4759
MD
2746
2747 if (!(sc->flags & IWI_FLAG_FW_INITED)) {
841ab66c
SZ
2748 memset(buf, 0, sizeof buf);
2749 goto back;
b50e4759
MD
2750 }
2751
2752 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1);
841ab66c
SZ
2753 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size);
2754back:
2755 lwkt_serialize_exit(ifp->if_serializer);
2756 return SYSCTL_OUT(req, buf, sizeof buf);
b50e4759
MD
2757}
2758
2759static int
2760iwi_sysctl_radio(SYSCTL_HANDLER_ARGS)
2761{
2762 struct iwi_softc *sc = arg1;
841ab66c 2763 struct ifnet *ifp = &sc->sc_ic.ic_if;
b50e4759
MD
2764 int val;
2765
841ab66c 2766 lwkt_serialize_enter(ifp->if_serializer);
b50e4759 2767 val = (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) ? 1 : 0;
841ab66c
SZ
2768 lwkt_serialize_exit(ifp->if_serializer);
2769
b50e4759
MD
2770 return SYSCTL_OUT(req, &val, sizeof val);
2771}
2772
841ab66c
SZ
2773static const int8_t iwi_bitmap[256] = {
2774 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2775 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5,
2776 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2777 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6,
2778 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2779 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5,
2780 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2781 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 7,
2782 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2783 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5,
2784 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2785 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 6,
2786 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2787 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 5,
2788 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 4,
2789 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, -1
2790};
b50e4759
MD
2791
2792static int
841ab66c 2793iwi_alloc_ibss_node(struct iwi_softc *sc)
b50e4759 2794{
841ab66c 2795 int i;
b50e4759 2796
841ab66c 2797 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer);
b50e4759 2798
841ab66c
SZ
2799 for (i = 0; i < IWI_MAX_IBSSNODE_NBYTE; ++i) {
2800 int ret;
2801
2802 ret = iwi_bitmap[sc->sc_ibss_node[i]];
2803 if (ret != -1) {
2804 sc->sc_ibss_node[i] |= (1 << ret);
2805 ret += (i * NBBY);
2806 return ret;
b50e4759
MD
2807 }
2808 }
841ab66c 2809 return -1;
b50e4759
MD
2810}
2811
841ab66c
SZ
2812static void
2813iwi_free_ibss_node(struct iwi_softc *sc, int ibss_node)
b50e4759 2814{
841ab66c 2815 int i, b;
b50e4759 2816
841ab66c
SZ
2817 ASSERT_SERIALIZED(sc->sc_ic.ic_if.if_serializer);
2818 KASSERT(ibss_node < IWI_MAX_IBSSNODE, ("free ibss node, out of range"));
b50e4759 2819
841ab66c
SZ
2820 i = ibss_node / NBBY;
2821 b = ibss_node % NBBY;
b50e4759 2822
841ab66c
SZ
2823 sc->sc_ibss_node[i] &= ~(1 << b);
2824}