2 * Copyright (c) 2006,2007
3 * Damien Bergamini <damien.bergamini@free.fr>
4 * Benjamin Close <Benjamin.Close@clearchain.com>
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 #define VERSION "20071127"
21 #include <sys/cdefs.h>
22 __FBSDID("$FreeBSD$");
25 * Driver for Intel PRO/Wireless 3945ABG 802.11 network adapters.
27 * The 3945ABG network adapter doesn't use traditional hardware as
28 * many other adaptors do. Instead at run time the eeprom is set into a known
29 * state and told to load boot firmware. The boot firmware loads an init and a
30 * main binary firmware image into SRAM on the card via DMA.
31 * Once the firmware is loaded, the driver/hw then
32 * communicate by way of circular dma rings via the SRAM to the firmware.
34 * There is 6 memory rings. 1 command ring, 1 rx data ring & 4 tx data rings.
35 * The 4 tx data rings allow for prioritization QoS.
37 * The rx data ring consists of 32 dma buffers. Two registers are used to
38 * indicate where in the ring the driver and the firmware are up to. The
39 * driver sets the initial read index (reg1) and the initial write index (reg2),
40 * the firmware updates the read index (reg1) on rx of a packet and fires an
41 * interrupt. The driver then processes the buffers starting at reg1 indicating
42 * to the firmware which buffers have been accessed by updating reg2. At the
43 * same time allocating new memory for the processed buffer.
45 * A similar thing happens with the tx rings. The difference is the firmware
46 * stop processing buffers once the queue is full and until confirmation
47 * of a successful transmition (tx_intr) has occurred.
49 * The command ring operates in the same manner as the tx queues.
51 * All communication direct to the card (ie eeprom) is classed as Stage1
54 * All communication via the firmware to the card is classed as State2.
55 * The firmware consists of 2 parts. A bootstrap firmware and a runtime
56 * firmware. The bootstrap firmware and runtime firmware are loaded
57 * from host memory via dma to the card then told to execute. From this point
58 * on the majority of communications between the driver and the card goes
64 #include <sys/param.h>
65 #include <sys/sysctl.h>
66 #include <sys/sockio.h>
68 #include <sys/kernel.h>
69 #include <sys/socket.h>
70 #include <sys/systm.h>
71 #include <sys/malloc.h>
72 #include <sys/queue.h>
73 #include <sys/taskqueue.h>
74 #include <sys/module.h>
76 #include <sys/endian.h>
77 #include <sys/linker.h>
78 #include <sys/firmware.h>
80 #include <sys/stdbool.h>
83 #include <bus/pci/pcireg.h>
84 #include <bus/pci/pcivar.h>
88 #include <net/if_var.h>
89 #include <net/if_arp.h>
90 #include <net/ethernet.h>
91 #include <net/if_dl.h>
92 #include <net/if_media.h>
93 #include <net/if_types.h>
94 #include <net/ifq_var.h>
96 #include <netproto/802_11/ieee80211_var.h>
97 #include <netproto/802_11/ieee80211_radiotap.h>
98 #include <netproto/802_11/ieee80211_regdomain.h>
99 #include <netproto/802_11/ieee80211_ratectl.h>
101 #include <netinet/in.h>
102 #include <netinet/in_systm.h>
103 #include <netinet/in_var.h>
104 #include <netinet/ip.h>
105 #include <netinet/if_ether.h>
107 #include <dev/netif/wpi/if_wpireg.h>
108 #include <dev/netif/wpi/if_wpivar.h>
113 #define DPRINTF(x) do { if (wpi_debug != 0) kprintf x; } while (0)
114 #define DPRINTFN(n, x) do { if (wpi_debug & n) kprintf x; } while (0)
115 #define WPI_DEBUG_SET (wpi_debug != 0)
118 WPI_DEBUG_UNUSED = 0x00000001, /* Unused */
119 WPI_DEBUG_HW = 0x00000002, /* Stage 1 (eeprom) debugging */
120 WPI_DEBUG_TX = 0x00000004, /* Stage 2 TX intrp debugging*/
121 WPI_DEBUG_RX = 0x00000008, /* Stage 2 RX intrp debugging */
122 WPI_DEBUG_CMD = 0x00000010, /* Stage 2 CMD intrp debugging*/
123 WPI_DEBUG_FIRMWARE = 0x00000020, /* firmware(9) loading debug */
124 WPI_DEBUG_DMA = 0x00000040, /* DMA (de)allocations/syncs */
125 WPI_DEBUG_SCANNING = 0x00000080, /* Stage 2 Scanning debugging */
126 WPI_DEBUG_NOTIFY = 0x00000100, /* State 2 Noftif intr debug */
127 WPI_DEBUG_TEMP = 0x00000200, /* TXPower/Temp Calibration */
128 WPI_DEBUG_OPS = 0x00000400, /* wpi_ops taskq debug */
129 WPI_DEBUG_WATCHDOG = 0x00000800, /* Watch dog debug */
130 WPI_DEBUG_ANY = 0xffffffff
133 static int wpi_debug;
134 SYSCTL_INT(_debug, OID_AUTO, wpi, CTLFLAG_RW, &wpi_debug, 0, "wpi debug level");
135 TUNABLE_INT("debug.wpi", &wpi_debug);
139 #define DPRINTFN(n, x)
140 #define WPI_DEBUG_SET 0
150 static const struct wpi_ident wpi_ident_table[] = {
151 /* The below entries support ABG regardless of the subid */
152 { 0x8086, 0x4222, 0x0, "Intel(R) PRO/Wireless 3945ABG" },
153 { 0x8086, 0x4227, 0x0, "Intel(R) PRO/Wireless 3945ABG" },
154 /* The below entries only support BG */
155 { 0x8086, 0x4222, 0x1005, "Intel(R) PRO/Wireless 3945BG" },
156 { 0x8086, 0x4222, 0x1034, "Intel(R) PRO/Wireless 3945BG" },
157 { 0x8086, 0x4227, 0x1014, "Intel(R) PRO/Wireless 3945BG" },
158 { 0x8086, 0x4222, 0x1044, "Intel(R) PRO/Wireless 3945BG" },
162 static struct ieee80211vap *wpi_vap_create(struct ieee80211com *,
163 const char [IFNAMSIZ], int, enum ieee80211_opmode, int,
164 const uint8_t [IEEE80211_ADDR_LEN],
165 const uint8_t [IEEE80211_ADDR_LEN]);
166 static void wpi_vap_delete(struct ieee80211vap *);
167 static int wpi_dma_contig_alloc(struct wpi_softc *, struct wpi_dma_info *,
168 void **, bus_size_t, bus_size_t, int);
169 static void wpi_dma_contig_free(struct wpi_dma_info *);
170 static void wpi_dma_map_addr(void *, bus_dma_segment_t *, int, int);
171 static int wpi_alloc_shared(struct wpi_softc *);
172 static void wpi_free_shared(struct wpi_softc *);
173 static int wpi_alloc_rx_ring(struct wpi_softc *, struct wpi_rx_ring *);
174 static void wpi_reset_rx_ring(struct wpi_softc *, struct wpi_rx_ring *);
175 static void wpi_free_rx_ring(struct wpi_softc *, struct wpi_rx_ring *);
176 static int wpi_alloc_tx_ring(struct wpi_softc *, struct wpi_tx_ring *,
178 static void wpi_reset_tx_ring(struct wpi_softc *, struct wpi_tx_ring *);
179 static void wpi_free_tx_ring(struct wpi_softc *, struct wpi_tx_ring *);
180 static int wpi_newstate(struct ieee80211vap *, enum ieee80211_state, int);
181 static void wpi_mem_lock(struct wpi_softc *);
182 static void wpi_mem_unlock(struct wpi_softc *);
183 static uint32_t wpi_mem_read(struct wpi_softc *, uint16_t);
184 static void wpi_mem_write(struct wpi_softc *, uint16_t, uint32_t);
185 static void wpi_mem_write_region_4(struct wpi_softc *, uint16_t,
186 const uint32_t *, int);
187 static uint16_t wpi_read_prom_data(struct wpi_softc *, uint32_t, void *, int);
188 static int wpi_alloc_fwmem(struct wpi_softc *);
189 static void wpi_free_fwmem(struct wpi_softc *);
190 static int wpi_load_firmware(struct wpi_softc *);
191 static void wpi_unload_firmware(struct wpi_softc *);
192 static int wpi_load_microcode(struct wpi_softc *, const uint8_t *, int);
193 static void wpi_rx_intr(struct wpi_softc *, struct wpi_rx_desc *,
194 struct wpi_rx_data *);
195 static void wpi_tx_intr(struct wpi_softc *, struct wpi_rx_desc *);
196 static void wpi_cmd_intr(struct wpi_softc *, struct wpi_rx_desc *);
197 static void wpi_notif_intr(struct wpi_softc *);
198 static void wpi_intr(void *);
199 static uint8_t wpi_plcp_signal(int);
200 static void wpi_watchdog(void *);
201 static int wpi_tx_data(struct wpi_softc *, struct mbuf *,
202 struct ieee80211_node *, int);
203 static void wpi_start(struct ifnet *, struct ifaltq_subque *);
204 static void wpi_start_locked(struct ifnet *);
205 static int wpi_raw_xmit(struct ieee80211_node *, struct mbuf *,
206 const struct ieee80211_bpf_params *);
207 static void wpi_scan_start(struct ieee80211com *);
208 static void wpi_scan_end(struct ieee80211com *);
209 static void wpi_set_channel(struct ieee80211com *);
210 static void wpi_scan_curchan(struct ieee80211_scan_state *, unsigned long);
211 static void wpi_scan_mindwell(struct ieee80211_scan_state *);
212 static int wpi_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
213 static void wpi_read_eeprom(struct wpi_softc *,
214 uint8_t macaddr[IEEE80211_ADDR_LEN]);
215 static void wpi_read_eeprom_channels(struct wpi_softc *, int);
216 static void wpi_read_eeprom_group(struct wpi_softc *, int);
217 static int wpi_cmd(struct wpi_softc *, int, const void *, int, int);
218 static int wpi_wme_update(struct ieee80211com *);
219 static int wpi_mrr_setup(struct wpi_softc *);
220 static void wpi_set_led(struct wpi_softc *, uint8_t, uint8_t, uint8_t);
221 static void wpi_enable_tsf(struct wpi_softc *, struct ieee80211_node *);
223 static int wpi_setup_beacon(struct wpi_softc *, struct ieee80211_node *);
225 static int wpi_auth(struct wpi_softc *, struct ieee80211vap *);
226 static int wpi_run(struct wpi_softc *, struct ieee80211vap *);
227 static int wpi_scan(struct wpi_softc *);
228 static int wpi_config(struct wpi_softc *);
229 static void wpi_stop_master(struct wpi_softc *);
230 static int wpi_power_up(struct wpi_softc *);
231 static int wpi_reset(struct wpi_softc *);
232 static void wpi_hwreset(void *, int);
233 static void wpi_rfreset(void *, int);
234 static void wpi_hw_config(struct wpi_softc *);
235 static void wpi_init(void *);
236 static void wpi_init_locked(struct wpi_softc *, int);
237 static void wpi_stop(struct wpi_softc *);
238 static void wpi_stop_locked(struct wpi_softc *);
240 static int wpi_set_txpower(struct wpi_softc *, struct ieee80211_channel *,
242 static void wpi_calib_timeout(void *);
243 static void wpi_power_calibration(struct wpi_softc *, int);
244 static int wpi_get_power_index(struct wpi_softc *,
245 struct wpi_power_group *, struct ieee80211_channel *, int);
247 static const char *wpi_cmd_str(int);
249 static int wpi_probe(device_t);
250 static int wpi_attach(device_t);
251 static int wpi_detach(device_t);
252 static int wpi_shutdown(device_t);
253 static int wpi_suspend(device_t);
254 static int wpi_resume(device_t);
256 #if defined(__DragonFly__)
257 static int wpi_sleep(struct wpi_softc *sc, void *wchan,
258 int flags, const char *wmsg, int timo);
261 static device_method_t wpi_methods[] = {
262 /* Device interface */
263 DEVMETHOD(device_probe, wpi_probe),
264 DEVMETHOD(device_attach, wpi_attach),
265 DEVMETHOD(device_detach, wpi_detach),
266 DEVMETHOD(device_shutdown, wpi_shutdown),
267 DEVMETHOD(device_suspend, wpi_suspend),
268 DEVMETHOD(device_resume, wpi_resume),
273 static driver_t wpi_driver = {
276 sizeof (struct wpi_softc)
279 static devclass_t wpi_devclass;
281 DRIVER_MODULE(wpi, pci, wpi_driver, wpi_devclass, NULL, NULL);
283 MODULE_VERSION(wpi, 1);
285 static const uint8_t wpi_ridx_to_plcp[] = {
286 /* OFDM: IEEE Std 802.11a-1999, pp. 14 Table 80 */
287 /* R1-R4 (ral/ural is R4-R1) */
288 0xd, 0xf, 0x5, 0x7, 0x9, 0xb, 0x1, 0x3,
289 /* CCK: device-dependent */
293 static const uint8_t wpi_ridx_to_rate[] = {
294 12, 18, 24, 36, 48, 72, 96, 108, /* OFDM */
295 2, 4, 11, 22 /*CCK */
299 wpi_probe(device_t dev)
301 const struct wpi_ident *ident;
303 for (ident = wpi_ident_table; ident->name != NULL; ident++) {
304 if (pci_get_vendor(dev) == ident->vendor &&
305 pci_get_device(dev) == ident->device) {
306 device_set_desc(dev, ident->name);
307 return (BUS_PROBE_DEFAULT);
314 * Load the firmare image from disk to the allocated dma buffer.
315 * we also maintain the reference to the firmware pointer as there
316 * is times where we may need to reload the firmware but we are not
317 * in a context that can access the filesystem (ie taskq cause by restart)
319 * @return 0 on success, an errno on failure
322 wpi_load_firmware(struct wpi_softc *sc)
324 const struct firmware *fp;
325 struct wpi_dma_info *dma = &sc->fw_dma;
326 const struct wpi_firmware_hdr *hdr;
327 const uint8_t *itext, *idata, *rtext, *rdata, *btext;
328 uint32_t itextsz, idatasz, rtextsz, rdatasz, btextsz;
331 DPRINTFN(WPI_DEBUG_FIRMWARE,
332 ("Attempting Loading Firmware from wpi_fw module\n"));
336 if (sc->fw_fp == NULL && (sc->fw_fp = firmware_get("wpifw")) == NULL) {
337 device_printf(sc->sc_dev,
338 "could not load firmware image 'wpifw'\n");
348 /* Validate the firmware is minimum a particular version */
349 if (fp->version < WPI_FW_MINVERSION) {
350 device_printf(sc->sc_dev,
351 "firmware version is too old. Need %d, got %d\n",
358 if (fp->datasize < sizeof (struct wpi_firmware_hdr)) {
359 device_printf(sc->sc_dev,
360 "firmware file too short: %zu bytes\n", fp->datasize);
365 hdr = (const struct wpi_firmware_hdr *)fp->data;
367 /* | RUNTIME FIRMWARE | INIT FIRMWARE | BOOT FW |
368 |HDR|<--TEXT-->|<--DATA-->|<--TEXT-->|<--DATA-->|<--TEXT-->| */
370 rtextsz = le32toh(hdr->rtextsz);
371 rdatasz = le32toh(hdr->rdatasz);
372 itextsz = le32toh(hdr->itextsz);
373 idatasz = le32toh(hdr->idatasz);
374 btextsz = le32toh(hdr->btextsz);
376 /* check that all firmware segments are present */
377 if (fp->datasize < sizeof (struct wpi_firmware_hdr) +
378 rtextsz + rdatasz + itextsz + idatasz + btextsz) {
379 device_printf(sc->sc_dev,
380 "firmware file too short: %zu bytes\n", fp->datasize);
381 error = ENXIO; /* XXX appropriate error code? */
385 /* get pointers to firmware segments */
386 rtext = (const uint8_t *)(hdr + 1);
387 rdata = rtext + rtextsz;
388 itext = rdata + rdatasz;
389 idata = itext + itextsz;
390 btext = idata + idatasz;
392 DPRINTFN(WPI_DEBUG_FIRMWARE,
393 ("Firmware Version: Major %d, Minor %d, Driver %d, \n"
394 "runtime (text: %u, data: %u) init (text: %u, data %u) boot (text %u)\n",
395 (le32toh(hdr->version) & 0xff000000) >> 24,
396 (le32toh(hdr->version) & 0x00ff0000) >> 16,
397 (le32toh(hdr->version) & 0x0000ffff),
399 itextsz, idatasz, btextsz));
401 DPRINTFN(WPI_DEBUG_FIRMWARE,("rtext 0x%x\n", *(const uint32_t *)rtext));
402 DPRINTFN(WPI_DEBUG_FIRMWARE,("rdata 0x%x\n", *(const uint32_t *)rdata));
403 DPRINTFN(WPI_DEBUG_FIRMWARE,("itext 0x%x\n", *(const uint32_t *)itext));
404 DPRINTFN(WPI_DEBUG_FIRMWARE,("idata 0x%x\n", *(const uint32_t *)idata));
405 DPRINTFN(WPI_DEBUG_FIRMWARE,("btext 0x%x\n", *(const uint32_t *)btext));
408 if (rtextsz > WPI_FW_MAIN_TEXT_MAXSZ ||
409 rdatasz > WPI_FW_MAIN_DATA_MAXSZ ||
410 itextsz > WPI_FW_INIT_TEXT_MAXSZ ||
411 idatasz > WPI_FW_INIT_DATA_MAXSZ ||
412 btextsz > WPI_FW_BOOT_TEXT_MAXSZ ||
413 (btextsz & 3) != 0) {
414 device_printf(sc->sc_dev, "firmware invalid\n");
419 /* copy initialization images into pre-allocated DMA-safe memory */
420 memcpy(dma->vaddr, idata, idatasz);
421 memcpy(dma->vaddr + WPI_FW_INIT_DATA_MAXSZ, itext, itextsz);
423 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE);
425 /* tell adapter where to find initialization images */
427 wpi_mem_write(sc, WPI_MEM_DATA_BASE, dma->paddr);
428 wpi_mem_write(sc, WPI_MEM_DATA_SIZE, idatasz);
429 wpi_mem_write(sc, WPI_MEM_TEXT_BASE,
430 dma->paddr + WPI_FW_INIT_DATA_MAXSZ);
431 wpi_mem_write(sc, WPI_MEM_TEXT_SIZE, itextsz);
434 /* load firmware boot code */
435 if ((error = wpi_load_microcode(sc, btext, btextsz)) != 0) {
436 device_printf(sc->sc_dev, "Failed to load microcode\n");
440 /* now press "execute" */
441 WPI_WRITE(sc, WPI_RESET, 0);
443 /* wait at most one second for the first alive notification */
444 #if defined(__DragonFly__)
445 if ((error = wpi_sleep(sc, sc, PCATCH, "wpiinit", hz)) != 0) {
446 device_printf(sc->sc_dev,
447 "timeout waiting for adapter to initialize\n");
451 if ((error = msleep(sc, &sc->sc_mtx, PCATCH, "wpiinit", hz)) != 0) {
452 device_printf(sc->sc_dev,
453 "timeout waiting for adapter to initialize\n");
458 /* copy runtime images into pre-allocated DMA-sage memory */
459 memcpy(dma->vaddr, rdata, rdatasz);
460 memcpy(dma->vaddr + WPI_FW_MAIN_DATA_MAXSZ, rtext, rtextsz);
461 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE);
463 /* tell adapter where to find runtime images */
465 wpi_mem_write(sc, WPI_MEM_DATA_BASE, dma->paddr);
466 wpi_mem_write(sc, WPI_MEM_DATA_SIZE, rdatasz);
467 wpi_mem_write(sc, WPI_MEM_TEXT_BASE,
468 dma->paddr + WPI_FW_MAIN_DATA_MAXSZ);
469 wpi_mem_write(sc, WPI_MEM_TEXT_SIZE, WPI_FW_UPDATED | rtextsz);
472 /* wait at most one second for the first alive notification */
473 #if defined(__DragonFly__)
474 if ((error = wpi_sleep(sc, sc, PCATCH, "wpiinit", hz)) != 0) {
475 device_printf(sc->sc_dev,
476 "timeout waiting for adapter to initialize2\n");
480 if ((error = msleep(sc, &sc->sc_mtx, PCATCH, "wpiinit", hz)) != 0) {
481 device_printf(sc->sc_dev,
482 "timeout waiting for adapter to initialize2\n");
487 DPRINTFN(WPI_DEBUG_FIRMWARE,
488 ("Firmware loaded to driver successfully\n"));
491 wpi_unload_firmware(sc);
496 * Free the referenced firmware image
499 wpi_unload_firmware(struct wpi_softc *sc)
504 firmware_put(sc->fw_fp, FIRMWARE_UNLOAD);
511 wpi_attach(device_t dev)
513 struct wpi_softc *sc = device_get_softc(dev);
515 struct ieee80211com *ic;
516 int ac, error, rid, supportsa = 1;
518 const struct wpi_ident *ident;
519 uint8_t macaddr[IEEE80211_ADDR_LEN];
523 if (bootverbose || WPI_DEBUG_SET)
524 device_printf(sc->sc_dev,"Driver Revision %s\n", VERSION);
527 * Some card's only support 802.11b/g not a, check to see if
528 * this is one such card. A 0x0 in the subdevice table indicates
529 * the entire subdevice range is to be ignored.
531 for (ident = wpi_ident_table; ident->name != NULL; ident++) {
532 if (ident->subdevice &&
533 pci_get_subdevice(dev) == ident->subdevice) {
539 /* Create the tasks that can be queued */
540 TASK_INIT(&sc->sc_restarttask, 0, wpi_hwreset, sc);
541 TASK_INIT(&sc->sc_radiotask, 0, wpi_rfreset, sc);
545 callout_init_mtx(&sc->calib_to, &sc->sc_mtx, 0);
546 callout_init_mtx(&sc->watchdog_to, &sc->sc_mtx, 0);
548 /* disable the retry timeout register */
549 pci_write_config(dev, 0x41, 0, 1);
551 /* enable bus-mastering */
552 pci_enable_busmaster(dev);
555 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &rid,
557 if (sc->mem == NULL) {
558 device_printf(dev, "could not allocate memory resource\n");
563 sc->sc_st = rman_get_bustag(sc->mem);
564 sc->sc_sh = rman_get_bushandle(sc->mem);
567 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid,
568 RF_ACTIVE | RF_SHAREABLE);
569 if (sc->irq == NULL) {
570 device_printf(dev, "could not allocate interrupt resource\n");
576 * Allocate DMA memory for firmware transfers.
578 if ((error = wpi_alloc_fwmem(sc)) != 0) {
579 kprintf(": could not allocate firmware memory\n");
585 * Put adapter into a known state.
587 if ((error = wpi_reset(sc)) != 0) {
588 device_printf(dev, "could not reset adapter\n");
593 tmp = wpi_mem_read(sc, WPI_MEM_PCIDEV);
594 if (bootverbose || WPI_DEBUG_SET)
595 device_printf(sc->sc_dev, "Hardware Revision (0x%X)\n", tmp);
599 /* Allocate shared page */
600 if ((error = wpi_alloc_shared(sc)) != 0) {
601 device_printf(dev, "could not allocate shared page\n");
605 /* tx data queues - 4 for QoS purposes */
606 for (ac = 0; ac < WME_NUM_AC; ac++) {
607 error = wpi_alloc_tx_ring(sc, &sc->txq[ac], WPI_TX_RING_COUNT, ac);
609 device_printf(dev, "could not allocate Tx ring %d\n",ac);
614 /* command queue to talk to the card's firmware */
615 error = wpi_alloc_tx_ring(sc, &sc->cmdq, WPI_CMD_RING_COUNT, 4);
617 device_printf(dev, "could not allocate command ring\n");
621 /* receive data queue */
622 error = wpi_alloc_rx_ring(sc, &sc->rxq);
624 device_printf(dev, "could not allocate Rx ring\n");
628 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211);
630 device_printf(dev, "can not if_alloc()\n");
637 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
638 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
640 /* set device capabilities */
642 IEEE80211_C_STA /* station mode supported */
643 | IEEE80211_C_MONITOR /* monitor mode supported */
644 | IEEE80211_C_TXPMGT /* tx power management */
645 | IEEE80211_C_SHSLOT /* short slot time supported */
646 | IEEE80211_C_SHPREAMBLE /* short preamble supported */
647 | IEEE80211_C_WPA /* 802.11i */
648 /* XXX looks like WME is partly supported? */
650 | IEEE80211_C_IBSS /* IBSS mode support */
651 | IEEE80211_C_BGSCAN /* capable of bg scanning */
652 | IEEE80211_C_WME /* 802.11e */
653 | IEEE80211_C_HOSTAP /* Host access point mode */
658 * Read in the eeprom and also setup the channels for
659 * net80211. We don't set the rates as net80211 does this for us
661 wpi_read_eeprom(sc, macaddr);
663 if (bootverbose || WPI_DEBUG_SET) {
664 device_printf(sc->sc_dev, "Regulatory Domain: %.4s\n", sc->domain);
665 device_printf(sc->sc_dev, "Hardware Type: %c\n",
666 sc->type > 1 ? 'B': '?');
667 device_printf(sc->sc_dev, "Hardware Revision: %c\n",
668 ((le16toh(sc->rev) & 0xf0) == 0xd0) ? 'D': '?');
669 device_printf(sc->sc_dev, "SKU %s support 802.11a\n",
670 supportsa ? "does" : "does not");
672 /* XXX hw_config uses the PCIDEV for the Hardware rev. Must check
673 what sc->rev really represents - benjsc 20070615 */
676 if_initname(ifp, device_get_name(dev), device_get_unit(dev));
678 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
679 ifp->if_init = wpi_init;
680 ifp->if_ioctl = wpi_ioctl;
681 ifp->if_start = wpi_start;
682 #if defined(__DragonFly__)
683 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen);
685 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen);
686 ifp->if_snd.ifq_drv_maxlen = ifqmaxlen;
687 IFQ_SET_READY(&ifp->if_snd);
690 /* ieee80211_ifattach() assumes that WLAN serializer is held */
691 wlan_serialize_enter();
692 ieee80211_ifattach(ic, macaddr);
693 wlan_serialize_exit();
694 /* override default methods */
695 ic->ic_raw_xmit = wpi_raw_xmit;
696 ic->ic_wme.wme_update = wpi_wme_update;
697 ic->ic_scan_start = wpi_scan_start;
698 ic->ic_scan_end = wpi_scan_end;
699 ic->ic_set_channel = wpi_set_channel;
700 ic->ic_scan_curchan = wpi_scan_curchan;
701 ic->ic_scan_mindwell = wpi_scan_mindwell;
703 ic->ic_vap_create = wpi_vap_create;
704 ic->ic_vap_delete = wpi_vap_delete;
706 ieee80211_radiotap_attach(ic,
707 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap),
708 WPI_TX_RADIOTAP_PRESENT,
709 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap),
710 WPI_RX_RADIOTAP_PRESENT);
713 * Hook our interrupt after all initialization is complete.
715 #if defined (__DragonFly__)
716 error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE,
717 wpi_intr, sc, &sc->sc_ih, &wlan_global_serializer);
719 error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET |INTR_MPSAFE,
720 NULL, wpi_intr, sc, &sc->sc_ih);
723 device_printf(dev, "could not set up interrupt\n");
728 ieee80211_announce(ic);
730 ieee80211_announce_channels(ic);
734 fail: wpi_detach(dev);
739 wpi_detach(device_t dev)
741 struct wpi_softc *sc = device_get_softc(dev);
742 struct ifnet *ifp = sc->sc_ifp;
743 struct ieee80211com *ic;
747 bus_teardown_intr(dev, sc->irq, sc->sc_ih);
752 ieee80211_draintask(ic, &sc->sc_restarttask);
753 ieee80211_draintask(ic, &sc->sc_radiotask);
755 callout_drain(&sc->watchdog_to);
756 callout_drain(&sc->calib_to);
757 ieee80211_ifdetach(ic);
761 if (sc->txq[0].data_dmat) {
762 for (ac = 0; ac < WME_NUM_AC; ac++)
763 wpi_free_tx_ring(sc, &sc->txq[ac]);
765 wpi_free_tx_ring(sc, &sc->cmdq);
766 wpi_free_rx_ring(sc, &sc->rxq);
770 if (sc->fw_fp != NULL) {
771 wpi_unload_firmware(sc);
779 bus_release_resource(dev, SYS_RES_IRQ, rman_get_rid(sc->irq),
782 bus_release_resource(dev, SYS_RES_MEMORY,
783 rman_get_rid(sc->mem), sc->mem);
788 WPI_LOCK_DESTROY(sc);
793 static struct ieee80211vap *
794 wpi_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit,
795 enum ieee80211_opmode opmode, int flags,
796 const uint8_t bssid[IEEE80211_ADDR_LEN],
797 const uint8_t mac[IEEE80211_ADDR_LEN])
800 struct ieee80211vap *vap;
802 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */
804 wvp = (struct wpi_vap *) kmalloc(sizeof(struct wpi_vap),
805 M_80211_VAP, M_INTWAIT | M_ZERO);
809 ieee80211_vap_setup(ic, vap, name, unit, opmode, flags, bssid, mac);
810 /* override with driver methods */
811 wvp->newstate = vap->iv_newstate;
812 vap->iv_newstate = wpi_newstate;
814 ieee80211_ratectl_init(vap);
816 ieee80211_vap_attach(vap, ieee80211_media_change, ieee80211_media_status);
817 ic->ic_opmode = opmode;
822 wpi_vap_delete(struct ieee80211vap *vap)
824 struct wpi_vap *wvp = WPI_VAP(vap);
826 ieee80211_ratectl_deinit(vap);
827 ieee80211_vap_detach(vap);
828 kfree(wvp, M_80211_VAP);
832 wpi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nsegs, int error)
837 KASSERT(nsegs == 1, ("too many DMA segments, %d should be 1", nsegs));
839 *(bus_addr_t *)arg = segs[0].ds_addr;
843 * Allocates a contiguous block of dma memory of the requested size and
844 * alignment. Due to limitations of the FreeBSD dma subsystem as of 20071217,
845 * allocations greater than 4096 may fail. Hence if the requested alignment is
846 * greater we allocate 'alignment' size extra memory and shift the vaddr and
847 * paddr after the dma load. This bypasses the problem at the cost of a little
851 wpi_dma_contig_alloc(struct wpi_softc *sc, struct wpi_dma_info *dma,
852 void **kvap, bus_size_t size, bus_size_t alignment, int flags)
858 DPRINTFN(WPI_DEBUG_DMA,
859 ("Size: %zd - alignment %zd\n", size, alignment));
864 if (alignment > 4096) {
866 reqsize = size + alignment;
871 #if defined(__DragonFly__)
872 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), align,
873 0, BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR,
878 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), align,
879 0, BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR,
882 NULL, NULL, &dma->tag);
885 device_printf(sc->sc_dev,
886 "could not create shared page DMA tag\n");
889 error = bus_dmamem_alloc(dma->tag, (void **)&dma->vaddr_start,
890 flags | BUS_DMA_ZERO, &dma->map);
892 device_printf(sc->sc_dev,
893 "could not allocate shared page DMA memory\n");
897 error = bus_dmamap_load(dma->tag, dma->map, dma->vaddr_start,
898 reqsize, wpi_dma_map_addr, &dma->paddr_start, flags);
900 /* Save the original pointers so we can free all the memory */
901 dma->paddr = dma->paddr_start;
902 dma->vaddr = dma->vaddr_start;
905 * Check the alignment and increment by 4096 until we get the
906 * requested alignment. Fail if can't obtain the alignment
909 if ((dma->paddr & (alignment -1 )) != 0) {
912 for (i = 0; i < alignment / 4096; i++) {
913 if ((dma->paddr & (alignment - 1 )) == 0)
918 if (i == alignment / 4096) {
919 device_printf(sc->sc_dev,
920 "alignment requirement was not satisfied\n");
926 device_printf(sc->sc_dev,
927 "could not load shared page DMA map\n");
937 wpi_dma_contig_free(dma);
942 wpi_dma_contig_free(struct wpi_dma_info *dma)
945 if (dma->vaddr_start != NULL) {
946 if (dma->paddr_start != 0) {
947 bus_dmamap_sync(dma->tag, dma->map,
948 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
949 bus_dmamap_unload(dma->tag, dma->map);
951 bus_dmamem_free(dma->tag, dma->vaddr_start, dma->map);
953 bus_dma_tag_destroy(dma->tag);
958 * Allocate a shared page between host and NIC.
961 wpi_alloc_shared(struct wpi_softc *sc)
965 error = wpi_dma_contig_alloc(sc, &sc->shared_dma,
966 (void **)&sc->shared, sizeof (struct wpi_shared),
971 device_printf(sc->sc_dev,
972 "could not allocate shared area DMA memory\n");
979 wpi_free_shared(struct wpi_softc *sc)
981 wpi_dma_contig_free(&sc->shared_dma);
985 wpi_alloc_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring)
992 error = wpi_dma_contig_alloc(sc, &ring->desc_dma,
993 (void **)&ring->desc, WPI_RX_RING_COUNT * sizeof (uint32_t),
994 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT);
997 device_printf(sc->sc_dev,
998 "%s: could not allocate rx ring DMA memory, error %d\n",
1003 #if defined(__DragonFly__)
1004 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0,
1005 BUS_SPACE_MAXADDR_32BIT,
1006 BUS_SPACE_MAXADDR, NULL, NULL, MJUMPAGESIZE, 1,
1007 MJUMPAGESIZE, BUS_DMA_NOWAIT, &ring->data_dmat);
1009 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0,
1010 BUS_SPACE_MAXADDR_32BIT,
1011 BUS_SPACE_MAXADDR, NULL, NULL, MJUMPAGESIZE, 1,
1012 MJUMPAGESIZE, BUS_DMA_NOWAIT, NULL, NULL, &ring->data_dmat);
1015 device_printf(sc->sc_dev,
1016 "%s: bus_dma_tag_create_failed, error %d\n",
1024 for (i = 0; i < WPI_RX_RING_COUNT; i++) {
1025 struct wpi_rx_data *data = &ring->data[i];
1029 error = bus_dmamap_create(ring->data_dmat, 0, &data->map);
1031 device_printf(sc->sc_dev,
1032 "%s: bus_dmamap_create failed, error %d\n",
1036 m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE);
1038 device_printf(sc->sc_dev,
1039 "%s: could not allocate rx mbuf\n", __func__);
1044 error = bus_dmamap_load(ring->data_dmat, data->map,
1045 mtod(m, caddr_t), MJUMPAGESIZE,
1046 wpi_dma_map_addr, &paddr, BUS_DMA_NOWAIT);
1047 if (error != 0 && error != EFBIG) {
1048 device_printf(sc->sc_dev,
1049 "%s: bus_dmamap_load failed, error %d\n",
1052 error = ENOMEM; /* XXX unique code */
1055 bus_dmamap_sync(ring->data_dmat, data->map,
1056 BUS_DMASYNC_PREWRITE);
1059 ring->desc[i] = htole32(paddr);
1061 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map,
1062 BUS_DMASYNC_PREWRITE);
1065 wpi_free_rx_ring(sc, ring);
1070 wpi_reset_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring)
1076 WPI_WRITE(sc, WPI_RX_CONFIG, 0);
1078 for (ntries = 0; ntries < 100; ntries++) {
1079 if (WPI_READ(sc, WPI_RX_STATUS) & WPI_RX_IDLE)
1087 if (ntries == 100 && wpi_debug > 0)
1088 device_printf(sc->sc_dev, "timeout resetting Rx ring\n");
1095 wpi_free_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring)
1099 wpi_dma_contig_free(&ring->desc_dma);
1101 for (i = 0; i < WPI_RX_RING_COUNT; i++) {
1102 struct wpi_rx_data *data = &ring->data[i];
1104 if (data->m != NULL) {
1105 bus_dmamap_sync(ring->data_dmat, data->map,
1106 BUS_DMASYNC_POSTREAD);
1107 bus_dmamap_unload(ring->data_dmat, data->map);
1110 if (data->map != NULL)
1111 bus_dmamap_destroy(ring->data_dmat, data->map);
1116 wpi_alloc_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring, int count,
1119 struct wpi_tx_data *data;
1123 ring->count = count;
1128 error = wpi_dma_contig_alloc(sc, &ring->desc_dma,
1129 (void **)&ring->desc, count * sizeof (struct wpi_tx_desc),
1130 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT);
1133 device_printf(sc->sc_dev, "could not allocate tx dma memory\n");
1137 /* update shared page with ring's base address */
1138 sc->shared->txbase[qid] = htole32(ring->desc_dma.paddr);
1140 error = wpi_dma_contig_alloc(sc, &ring->cmd_dma, (void **)&ring->cmd,
1141 count * sizeof (struct wpi_tx_cmd), WPI_RING_DMA_ALIGN,
1145 device_printf(sc->sc_dev,
1146 "could not allocate tx command DMA memory\n");
1150 ring->data = kmalloc(count * sizeof (struct wpi_tx_data), M_DEVBUF,
1151 M_INTWAIT | M_ZERO);
1152 if (ring->data == NULL) {
1153 device_printf(sc->sc_dev,
1154 "could not allocate tx data slots\n");
1158 #if defined(__DragonFly__)
1159 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0,
1160 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES,
1161 WPI_MAX_SCATTER - 1, MCLBYTES, BUS_DMA_NOWAIT,
1164 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0,
1165 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES,
1166 WPI_MAX_SCATTER - 1, MCLBYTES, BUS_DMA_NOWAIT, NULL, NULL,
1170 device_printf(sc->sc_dev, "could not create data DMA tag\n");
1174 for (i = 0; i < count; i++) {
1175 data = &ring->data[i];
1177 error = bus_dmamap_create(ring->data_dmat, 0, &data->map);
1179 device_printf(sc->sc_dev,
1180 "could not create tx buf DMA map\n");
1183 bus_dmamap_sync(ring->data_dmat, data->map,
1184 BUS_DMASYNC_PREWRITE);
1190 wpi_free_tx_ring(sc, ring);
1195 wpi_reset_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring)
1197 struct wpi_tx_data *data;
1202 WPI_WRITE(sc, WPI_TX_CONFIG(ring->qid), 0);
1203 for (ntries = 0; ntries < 100; ntries++) {
1204 if (WPI_READ(sc, WPI_TX_STATUS) & WPI_TX_IDLE(ring->qid))
1209 if (ntries == 100 && wpi_debug > 0)
1210 device_printf(sc->sc_dev, "timeout resetting Tx ring %d\n",
1215 for (i = 0; i < ring->count; i++) {
1216 data = &ring->data[i];
1218 if (data->m != NULL) {
1219 bus_dmamap_unload(ring->data_dmat, data->map);
1230 wpi_free_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring)
1232 struct wpi_tx_data *data;
1235 wpi_dma_contig_free(&ring->desc_dma);
1236 wpi_dma_contig_free(&ring->cmd_dma);
1238 if (ring->data != NULL) {
1239 for (i = 0; i < ring->count; i++) {
1240 data = &ring->data[i];
1242 if (data->m != NULL) {
1243 bus_dmamap_sync(ring->data_dmat, data->map,
1244 BUS_DMASYNC_POSTWRITE);
1245 bus_dmamap_unload(ring->data_dmat, data->map);
1250 kfree(ring->data, M_DEVBUF);
1253 if (ring->data_dmat != NULL)
1254 bus_dma_tag_destroy(ring->data_dmat);
1258 wpi_shutdown(device_t dev)
1260 struct wpi_softc *sc = device_get_softc(dev);
1263 wpi_stop_locked(sc);
1264 wpi_unload_firmware(sc);
1271 wpi_suspend(device_t dev)
1273 struct wpi_softc *sc = device_get_softc(dev);
1274 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
1276 ieee80211_suspend_all(ic);
1281 wpi_resume(device_t dev)
1283 struct wpi_softc *sc = device_get_softc(dev);
1284 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
1286 pci_write_config(dev, 0x41, 0, 1);
1288 ieee80211_resume_all(ic);
1293 * Called by net80211 when ever there is a change to 80211 state machine
1296 wpi_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
1298 struct wpi_vap *wvp = WPI_VAP(vap);
1299 struct ieee80211com *ic = vap->iv_ic;
1300 struct ifnet *ifp = ic->ic_ifp;
1301 struct wpi_softc *sc = ifp->if_softc;
1304 DPRINTF(("%s: %s -> %s flags 0x%x\n", __func__,
1305 ieee80211_state_name[vap->iv_state],
1306 ieee80211_state_name[nstate], sc->flags));
1308 IEEE80211_UNLOCK(ic);
1310 if (nstate == IEEE80211_S_SCAN && vap->iv_state != IEEE80211_S_INIT) {
1312 * On !INIT -> SCAN transitions, we need to clear any possible
1313 * knowledge about associations.
1315 error = wpi_config(sc);
1317 device_printf(sc->sc_dev,
1318 "%s: device config failed, error %d\n",
1322 if (nstate == IEEE80211_S_AUTH ||
1323 (nstate == IEEE80211_S_ASSOC && vap->iv_state == IEEE80211_S_RUN)) {
1325 * The node must be registered in the firmware before auth.
1326 * Also the associd must be cleared on RUN -> ASSOC
1329 error = wpi_auth(sc, vap);
1331 device_printf(sc->sc_dev,
1332 "%s: could not move to auth state, error %d\n",
1336 if (nstate == IEEE80211_S_RUN && vap->iv_state != IEEE80211_S_RUN) {
1337 error = wpi_run(sc, vap);
1339 device_printf(sc->sc_dev,
1340 "%s: could not move to run state, error %d\n",
1344 if (nstate == IEEE80211_S_RUN) {
1345 /* RUN -> RUN transition; just restart the timers */
1346 wpi_calib_timeout(sc);
1347 /* XXX split out rate control timer */
1351 return wvp->newstate(vap, nstate, arg);
1355 * Grab exclusive access to NIC memory.
1358 wpi_mem_lock(struct wpi_softc *sc)
1363 tmp = WPI_READ(sc, WPI_GPIO_CTL);
1364 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_MAC);
1366 /* spin until we actually get the lock */
1367 for (ntries = 0; ntries < 100; ntries++) {
1368 if ((WPI_READ(sc, WPI_GPIO_CTL) &
1369 (WPI_GPIO_CLOCK | WPI_GPIO_SLEEP)) == WPI_GPIO_CLOCK)
1374 device_printf(sc->sc_dev, "could not lock memory\n");
1378 * Release lock on NIC memory.
1381 wpi_mem_unlock(struct wpi_softc *sc)
1383 uint32_t tmp = WPI_READ(sc, WPI_GPIO_CTL);
1384 WPI_WRITE(sc, WPI_GPIO_CTL, tmp & ~WPI_GPIO_MAC);
1388 wpi_mem_read(struct wpi_softc *sc, uint16_t addr)
1390 WPI_WRITE(sc, WPI_READ_MEM_ADDR, WPI_MEM_4 | addr);
1391 return WPI_READ(sc, WPI_READ_MEM_DATA);
1395 wpi_mem_write(struct wpi_softc *sc, uint16_t addr, uint32_t data)
1397 WPI_WRITE(sc, WPI_WRITE_MEM_ADDR, WPI_MEM_4 | addr);
1398 WPI_WRITE(sc, WPI_WRITE_MEM_DATA, data);
1402 wpi_mem_write_region_4(struct wpi_softc *sc, uint16_t addr,
1403 const uint32_t *data, int wlen)
1405 for (; wlen > 0; wlen--, data++, addr+=4)
1406 wpi_mem_write(sc, addr, *data);
1410 * Read data from the EEPROM. We access EEPROM through the MAC instead of
1411 * using the traditional bit-bang method. Data is read up until len bytes have
1415 wpi_read_prom_data(struct wpi_softc *sc, uint32_t addr, void *data, int len)
1419 uint8_t *out = data;
1423 for (; len > 0; len -= 2, addr++) {
1424 WPI_WRITE(sc, WPI_EEPROM_CTL, addr << 2);
1426 for (ntries = 0; ntries < 10; ntries++) {
1427 if ((val = WPI_READ(sc, WPI_EEPROM_CTL)) & WPI_EEPROM_READY)
1433 device_printf(sc->sc_dev, "could not read EEPROM\n");
1448 * The firmware text and data segments are transferred to the NIC using DMA.
1449 * The driver just copies the firmware into DMA-safe memory and tells the NIC
1450 * where to find it. Once the NIC has copied the firmware into its internal
1451 * memory, we can free our local copy in the driver.
1454 wpi_load_microcode(struct wpi_softc *sc, const uint8_t *fw, int size)
1458 DPRINTFN(WPI_DEBUG_HW,("Loading microcode size 0x%x\n", size));
1460 size /= sizeof(uint32_t);
1464 wpi_mem_write_region_4(sc, WPI_MEM_UCODE_BASE,
1465 (const uint32_t *)fw, size);
1467 wpi_mem_write(sc, WPI_MEM_UCODE_SRC, 0);
1468 wpi_mem_write(sc, WPI_MEM_UCODE_DST, WPI_FW_TEXT);
1469 wpi_mem_write(sc, WPI_MEM_UCODE_SIZE, size);
1472 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_RUN);
1474 /* wait while the adapter is busy copying the firmware */
1475 for (error = 0, ntries = 0; ntries < 1000; ntries++) {
1476 uint32_t status = WPI_READ(sc, WPI_TX_STATUS);
1477 DPRINTFN(WPI_DEBUG_HW,
1478 ("firmware status=0x%x, val=0x%x, result=0x%x\n", status,
1479 WPI_TX_IDLE(6), status & WPI_TX_IDLE(6)));
1480 if (status & WPI_TX_IDLE(6)) {
1481 DPRINTFN(WPI_DEBUG_HW,
1482 ("Status Match! - ntries = %d\n", ntries));
1487 if (ntries == 1000) {
1488 device_printf(sc->sc_dev, "timeout transferring firmware\n");
1492 /* start the microcode executing */
1493 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_ENABLE);
1501 wpi_rx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc,
1502 struct wpi_rx_data *data)
1504 struct ifnet *ifp = sc->sc_ifp;
1505 struct ieee80211com *ic = ifp->if_l2com;
1506 struct wpi_rx_ring *ring = &sc->rxq;
1507 struct wpi_rx_stat *stat;
1508 struct wpi_rx_head *head;
1509 struct wpi_rx_tail *tail;
1510 struct ieee80211_node *ni;
1511 struct mbuf *m, *mnew;
1515 stat = (struct wpi_rx_stat *)(desc + 1);
1517 if (stat->len > WPI_STAT_MAXLEN) {
1518 device_printf(sc->sc_dev, "invalid rx statistic header\n");
1519 #if defined(__DragonFly__)
1520 IFNET_STAT_INC(ifp, ierrors, 1);
1522 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
1527 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_POSTREAD);
1528 head = (struct wpi_rx_head *)((caddr_t)(stat + 1) + stat->len);
1529 tail = (struct wpi_rx_tail *)((caddr_t)(head + 1) + le16toh(head->len));
1531 DPRINTFN(WPI_DEBUG_RX, ("rx intr: idx=%d len=%d stat len=%d rssi=%d "
1532 "rate=%x chan=%d tstamp=%ju\n", ring->cur, le32toh(desc->len),
1533 le16toh(head->len), (int8_t)stat->rssi, head->rate, head->chan,
1534 (uintmax_t)le64toh(tail->tstamp)));
1536 /* discard Rx frames with bad CRC early */
1537 if ((le32toh(tail->flags) & WPI_RX_NOERROR) != WPI_RX_NOERROR) {
1538 DPRINTFN(WPI_DEBUG_RX, ("%s: rx flags error %x\n", __func__,
1539 le32toh(tail->flags)));
1540 #if defined(__DragonFly__)
1541 IFNET_STAT_INC(ifp, ierrors, 1);
1543 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
1547 if (le16toh(head->len) < sizeof (struct ieee80211_frame)) {
1548 DPRINTFN(WPI_DEBUG_RX, ("%s: frame too short: %d\n", __func__,
1549 le16toh(head->len)));
1550 #if defined(__DragonFly__)
1551 IFNET_STAT_INC(ifp, ierrors, 1);
1553 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
1558 /* XXX don't need mbuf, just dma buffer */
1559 mnew = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE);
1561 DPRINTFN(WPI_DEBUG_RX, ("%s: no mbuf to restock ring\n",
1563 #if defined(__DragonFly__)
1564 IFNET_STAT_INC(ifp, ierrors, 1);
1566 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
1570 bus_dmamap_unload(ring->data_dmat, data->map);
1572 error = bus_dmamap_load(ring->data_dmat, data->map,
1573 mtod(mnew, caddr_t), MJUMPAGESIZE,
1574 wpi_dma_map_addr, &paddr, BUS_DMA_NOWAIT);
1575 if (error != 0 && error != EFBIG) {
1576 device_printf(sc->sc_dev,
1577 "%s: bus_dmamap_load failed, error %d\n", __func__, error);
1579 #if defined(__DragonFly__)
1580 IFNET_STAT_INC(ifp, ierrors, 1);
1582 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
1586 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1588 /* finalize mbuf and swap in new one */
1590 m->m_pkthdr.rcvif = ifp;
1591 m->m_data = (caddr_t)(head + 1);
1592 m->m_pkthdr.len = m->m_len = le16toh(head->len);
1595 /* update Rx descriptor */
1596 ring->desc[ring->cur] = htole32(paddr);
1598 if (ieee80211_radiotap_active(ic)) {
1599 struct wpi_rx_radiotap_header *tap = &sc->sc_rxtap;
1603 htole16(ic->ic_channels[head->chan].ic_freq);
1604 tap->wr_chan_flags =
1605 htole16(ic->ic_channels[head->chan].ic_flags);
1606 tap->wr_dbm_antsignal = (int8_t)(stat->rssi - WPI_RSSI_OFFSET);
1607 tap->wr_dbm_antnoise = (int8_t)le16toh(stat->noise);
1608 tap->wr_tsft = tail->tstamp;
1609 tap->wr_antenna = (le16toh(head->flags) >> 4) & 0xf;
1610 switch (head->rate) {
1612 case 10: tap->wr_rate = 2; break;
1613 case 20: tap->wr_rate = 4; break;
1614 case 55: tap->wr_rate = 11; break;
1615 case 110: tap->wr_rate = 22; break;
1617 case 0xd: tap->wr_rate = 12; break;
1618 case 0xf: tap->wr_rate = 18; break;
1619 case 0x5: tap->wr_rate = 24; break;
1620 case 0x7: tap->wr_rate = 36; break;
1621 case 0x9: tap->wr_rate = 48; break;
1622 case 0xb: tap->wr_rate = 72; break;
1623 case 0x1: tap->wr_rate = 96; break;
1624 case 0x3: tap->wr_rate = 108; break;
1625 /* unknown rate: should not happen */
1626 default: tap->wr_rate = 0;
1628 if (le16toh(head->flags) & 0x4)
1629 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
1634 ni = ieee80211_find_rxnode(ic, mtod(m, struct ieee80211_frame_min *));
1636 (void) ieee80211_input(ni, m, stat->rssi, 0);
1637 ieee80211_free_node(ni);
1639 (void) ieee80211_input_all(ic, m, stat->rssi, 0);
1645 wpi_tx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc)
1647 struct ifnet *ifp = sc->sc_ifp;
1648 struct wpi_tx_ring *ring = &sc->txq[desc->qid & 0x3];
1649 struct wpi_tx_data *txdata = &ring->data[desc->idx];
1650 struct wpi_tx_stat *stat = (struct wpi_tx_stat *)(desc + 1);
1651 struct ieee80211_node *ni = txdata->ni;
1652 struct ieee80211vap *vap = ni->ni_vap;
1655 DPRINTFN(WPI_DEBUG_TX, ("tx done: qid=%d idx=%d retries=%d nkill=%d "
1656 "rate=%x duration=%d status=%x\n", desc->qid, desc->idx,
1657 stat->ntries, stat->nkill, stat->rate, le32toh(stat->duration),
1658 le32toh(stat->status)));
1661 * Update rate control statistics for the node.
1662 * XXX we should not count mgmt frames since they're always sent at
1663 * the lowest available bit-rate.
1664 * XXX frames w/o ACK shouldn't be used either
1666 if (stat->ntries > 0) {
1667 DPRINTFN(WPI_DEBUG_TX, ("%d retries\n", stat->ntries));
1670 ieee80211_ratectl_tx_complete(vap, ni, IEEE80211_RATECTL_TX_SUCCESS,
1673 /* XXX oerrors should only count errors !maxtries */
1674 #if defined(__DragonFly__)
1675 if ((le32toh(stat->status) & 0xff) != 1)
1676 IFNET_STAT_INC(ifp, oerrors, 1);
1678 IFNET_STAT_INC(ifp, opackets, 1);
1680 if ((le32toh(stat->status) & 0xff) != 1)
1681 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1683 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1);
1686 bus_dmamap_sync(ring->data_dmat, txdata->map, BUS_DMASYNC_POSTWRITE);
1687 bus_dmamap_unload(ring->data_dmat, txdata->map);
1688 /* XXX handle M_TXCB? */
1691 ieee80211_free_node(txdata->ni);
1696 sc->sc_tx_timer = 0;
1697 #if defined(__DragonFly__)
1698 ifq_clr_oactive(&ifp->if_snd);
1700 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
1702 wpi_start_locked(ifp);
1706 wpi_cmd_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc)
1708 struct wpi_tx_ring *ring = &sc->cmdq;
1709 struct wpi_tx_data *data;
1711 DPRINTFN(WPI_DEBUG_CMD, ("cmd notification qid=%x idx=%d flags=%x "
1712 "type=%s len=%d\n", desc->qid, desc->idx,
1713 desc->flags, wpi_cmd_str(desc->type),
1714 le32toh(desc->len)));
1716 if ((desc->qid & 7) != 4)
1717 return; /* not a command ack */
1719 data = &ring->data[desc->idx];
1721 /* if the command was mapped in a mbuf, free it */
1722 if (data->m != NULL) {
1723 bus_dmamap_unload(ring->data_dmat, data->map);
1728 sc->flags &= ~WPI_FLAG_BUSY;
1729 wakeup(&ring->cmd[desc->idx]);
1733 wpi_notif_intr(struct wpi_softc *sc)
1735 struct ifnet *ifp = sc->sc_ifp;
1736 struct ieee80211com *ic = ifp->if_l2com;
1737 struct wpi_rx_desc *desc;
1738 struct wpi_rx_data *data;
1741 bus_dmamap_sync(sc->shared_dma.tag, sc->shared_dma.map,
1742 BUS_DMASYNC_POSTREAD);
1744 hw = le32toh(sc->shared->next);
1745 while (sc->rxq.cur != hw) {
1746 data = &sc->rxq.data[sc->rxq.cur];
1748 bus_dmamap_sync(sc->rxq.data_dmat, data->map,
1749 BUS_DMASYNC_POSTREAD);
1750 desc = (void *)data->m->m_ext.ext_buf;
1752 DPRINTFN(WPI_DEBUG_NOTIFY,
1753 ("notify qid=%x idx=%d flags=%x type=%d len=%d\n",
1758 le32toh(desc->len)));
1760 if (!(desc->qid & 0x80)) /* reply to a command */
1761 wpi_cmd_intr(sc, desc);
1763 switch (desc->type) {
1765 /* a 802.11 frame was received */
1766 wpi_rx_intr(sc, desc, data);
1770 /* a 802.11 frame has been transmitted */
1771 wpi_tx_intr(sc, desc);
1776 struct wpi_ucode_info *uc =
1777 (struct wpi_ucode_info *)(desc + 1);
1779 /* the microcontroller is ready */
1780 DPRINTF(("microcode alive notification version %x "
1781 "alive %x\n", le32toh(uc->version),
1782 le32toh(uc->valid)));
1784 if (le32toh(uc->valid) != 1) {
1785 device_printf(sc->sc_dev,
1786 "microcontroller initialization failed\n");
1787 wpi_stop_locked(sc);
1791 case WPI_STATE_CHANGED:
1793 uint32_t *status = (uint32_t *)(desc + 1);
1795 /* enabled/disabled notification */
1796 DPRINTF(("state changed to %x\n", le32toh(*status)));
1798 if (le32toh(*status) & 1) {
1799 device_printf(sc->sc_dev,
1800 "Radio transmitter is switched off\n");
1801 sc->flags |= WPI_FLAG_HW_RADIO_OFF;
1802 #if defined(__DragonFly__)
1803 ifp->if_flags &= ~IFF_RUNNING;
1805 ifp->if_drv_flags &= ~IFF_DRV_RUNNING;
1807 /* Disable firmware commands */
1808 WPI_WRITE(sc, WPI_UCODE_SET, WPI_DISABLE_CMD);
1812 case WPI_START_SCAN:
1815 struct wpi_start_scan *scan =
1816 (struct wpi_start_scan *)(desc + 1);
1819 DPRINTFN(WPI_DEBUG_SCANNING,
1820 ("scanning channel %d status %x\n",
1821 scan->chan, le32toh(scan->status)));
1827 struct wpi_stop_scan *scan =
1828 (struct wpi_stop_scan *)(desc + 1);
1830 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
1832 DPRINTFN(WPI_DEBUG_SCANNING,
1833 ("scan finished nchan=%d status=%d chan=%d\n",
1834 scan->nchan, scan->status, scan->chan));
1836 sc->sc_scan_timer = 0;
1837 ieee80211_scan_next(vap);
1840 case WPI_MISSED_BEACON:
1842 struct wpi_missed_beacon *beacon =
1843 (struct wpi_missed_beacon *)(desc + 1);
1844 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
1846 if (le32toh(beacon->consecutive) >=
1847 vap->iv_bmissthreshold) {
1848 DPRINTF(("Beacon miss: %u >= %u\n",
1849 le32toh(beacon->consecutive),
1850 vap->iv_bmissthreshold));
1851 ieee80211_beacon_miss(ic);
1857 sc->rxq.cur = (sc->rxq.cur + 1) % WPI_RX_RING_COUNT;
1860 /* tell the firmware what we have processed */
1861 hw = (hw == 0) ? WPI_RX_RING_COUNT - 1 : hw - 1;
1862 WPI_WRITE(sc, WPI_RX_WIDX, hw & ~7);
1868 struct wpi_softc *sc = arg;
1873 r = WPI_READ(sc, WPI_INTR);
1874 if (r == 0 || r == 0xffffffff) {
1879 /* disable interrupts */
1880 WPI_WRITE(sc, WPI_MASK, 0);
1881 /* ack interrupts */
1882 WPI_WRITE(sc, WPI_INTR, r);
1884 if (r & (WPI_SW_ERROR | WPI_HW_ERROR)) {
1885 struct ifnet *ifp = sc->sc_ifp;
1886 struct ieee80211com *ic = ifp->if_l2com;
1887 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
1889 device_printf(sc->sc_dev, "fatal firmware error\n");
1890 DPRINTFN(6,("(%s)\n", (r & WPI_SW_ERROR) ? "(Software Error)" :
1891 "(Hardware Error)"));
1893 ieee80211_cancel_scan(vap);
1894 ieee80211_runtask(ic, &sc->sc_restarttask);
1895 sc->flags &= ~WPI_FLAG_BUSY;
1900 if (r & WPI_RX_INTR)
1903 if (r & WPI_ALIVE_INTR) /* firmware initialized */
1906 /* re-enable interrupts */
1907 if (sc->sc_ifp->if_flags & IFF_UP)
1908 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK);
1914 wpi_plcp_signal(int rate)
1917 /* CCK rates (returned values are device-dependent) */
1921 case 22: return 110;
1923 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
1924 /* R1-R4 (ral/ural is R4-R1) */
1925 case 12: return 0xd;
1926 case 18: return 0xf;
1927 case 24: return 0x5;
1928 case 36: return 0x7;
1929 case 48: return 0x9;
1930 case 72: return 0xb;
1931 case 96: return 0x1;
1932 case 108: return 0x3;
1934 /* unsupported rates (should not get there) */
1939 /* quickly determine if a given rate is CCK or OFDM */
1940 #define WPI_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
1943 * Construct the data packet for a transmit buffer and acutally put
1944 * the buffer onto the transmit ring, kicking the card to process the
1948 wpi_tx_data(struct wpi_softc *sc, struct mbuf *m0, struct ieee80211_node *ni,
1951 struct ieee80211vap *vap = ni->ni_vap;
1952 struct ifnet *ifp = sc->sc_ifp;
1953 struct ieee80211com *ic = ifp->if_l2com;
1954 const struct chanAccParams *cap = &ic->ic_wme.wme_chanParams;
1955 struct wpi_tx_ring *ring = &sc->txq[ac];
1956 struct wpi_tx_desc *desc;
1957 struct wpi_tx_data *data;
1958 struct wpi_tx_cmd *cmd;
1959 struct wpi_cmd_data *tx;
1960 struct ieee80211_frame *wh;
1961 const struct ieee80211_txparam *tp;
1962 struct ieee80211_key *k;
1964 int i, error, nsegs, rate, hdrlen, ismcast;
1965 bus_dma_segment_t segs[WPI_MAX_SCATTER];
1967 desc = &ring->desc[ring->cur];
1968 data = &ring->data[ring->cur];
1970 wh = mtod(m0, struct ieee80211_frame *);
1972 hdrlen = ieee80211_hdrsize(wh);
1973 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1);
1975 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) {
1976 k = ieee80211_crypto_encap(ni, m0);
1981 /* packet header may have moved, reset our local pointer */
1982 wh = mtod(m0, struct ieee80211_frame *);
1985 cmd = &ring->cmd[ring->cur];
1986 cmd->code = WPI_CMD_TX_DATA;
1988 cmd->qid = ring->qid;
1989 cmd->idx = ring->cur;
1991 tx = (struct wpi_cmd_data *)cmd->data;
1992 tx->flags = htole32(WPI_TX_AUTO_SEQ);
1993 tx->timeout = htole16(0);
1994 tx->ofdm_mask = 0xff;
1995 tx->cck_mask = 0x0f;
1996 tx->lifetime = htole32(WPI_LIFETIME_INFINITE);
1997 tx->id = ismcast ? WPI_ID_BROADCAST : WPI_ID_BSS;
1998 tx->len = htole16(m0->m_pkthdr.len);
2001 if ((ni->ni_flags & IEEE80211_NODE_QOS) == 0 ||
2002 !cap->cap_wmeParams[ac].wmep_noackPolicy)
2003 tx->flags |= htole32(WPI_TX_NEED_ACK);
2004 if (m0->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold) {
2005 tx->flags |= htole32(WPI_TX_NEED_RTS|WPI_TX_FULL_TXOP);
2010 tp = &vap->iv_txparms[ieee80211_chan2mode(ni->ni_chan)];
2011 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == IEEE80211_FC0_TYPE_MGT) {
2012 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
2013 /* tell h/w to set timestamp in probe responses */
2014 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)
2015 tx->flags |= htole32(WPI_TX_INSERT_TSTAMP);
2016 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ ||
2017 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ)
2018 tx->timeout = htole16(3);
2020 tx->timeout = htole16(2);
2021 rate = tp->mgmtrate;
2022 } else if (ismcast) {
2023 rate = tp->mcastrate;
2024 } else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) {
2025 rate = tp->ucastrate;
2027 (void) ieee80211_ratectl_rate(ni, NULL, 0);
2028 rate = ni->ni_txrate;
2030 tx->rate = wpi_plcp_signal(rate);
2032 /* be very persistant at sending frames out */
2034 tx->data_ntries = tp->maxretry;
2036 tx->data_ntries = 15; /* XXX way too high */
2039 if (ieee80211_radiotap_active_vap(vap)) {
2040 struct wpi_tx_radiotap_header *tap = &sc->sc_txtap;
2042 tap->wt_rate = rate;
2043 tap->wt_hwqueue = ac;
2044 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED)
2045 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP;
2047 ieee80211_radiotap_tx(vap, m0);
2050 /* save and trim IEEE802.11 header */
2051 m_copydata(m0, 0, hdrlen, (caddr_t)&tx->wh);
2054 #if defined(__DragonFly__)
2055 error = bus_dmamap_load_mbuf_segment(ring->data_dmat, data->map,
2056 m0, segs, 1, &nsegs, BUS_DMA_NOWAIT);
2058 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, m0, segs,
2059 &nsegs, BUS_DMA_NOWAIT);
2061 if (error != 0 && error != EFBIG) {
2062 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
2068 /* XXX use m_collapse */
2069 mnew = m_defrag(m0, M_NOWAIT);
2071 device_printf(sc->sc_dev,
2072 "could not defragment mbuf\n");
2078 #if defined(__DragonFly__)
2079 error = bus_dmamap_load_mbuf_segment(ring->data_dmat,
2080 data->map, m0, segs, 1, &nsegs, BUS_DMA_NOWAIT);
2082 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map,
2083 m0, segs, &nsegs, BUS_DMA_NOWAIT);
2086 device_printf(sc->sc_dev,
2087 "could not map mbuf (error %d)\n", error);
2096 DPRINTFN(WPI_DEBUG_TX, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n",
2097 ring->qid, ring->cur, m0->m_pkthdr.len, nsegs));
2099 /* first scatter/gather segment is used by the tx data command */
2100 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 |
2102 desc->segs[0].addr = htole32(ring->cmd_dma.paddr +
2103 ring->cur * sizeof (struct wpi_tx_cmd));
2104 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_data));
2105 for (i = 1; i <= nsegs; i++) {
2106 desc->segs[i].addr = htole32(segs[i - 1].ds_addr);
2107 desc->segs[i].len = htole32(segs[i - 1].ds_len);
2110 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE);
2111 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map,
2112 BUS_DMASYNC_PREWRITE);
2117 ring->cur = (ring->cur + 1) % WPI_TX_RING_COUNT;
2118 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur);
2124 * Process data waiting to be sent on the IFNET output queue
2127 wpi_start(struct ifnet *ifp, struct ifaltq_subque *ifsq)
2129 struct wpi_softc *sc = ifp->if_softc;
2131 ASSERT_ALTQ_SQ_DEFAULT(ifp, ifsq);
2134 wpi_start_locked(ifp);
2139 wpi_start_locked(struct ifnet *ifp)
2141 struct wpi_softc *sc = ifp->if_softc;
2142 struct ieee80211_node *ni;
2146 WPI_LOCK_ASSERT(sc);
2148 #if defined(__DragonFly__)
2149 if ((ifp->if_flags & IFF_RUNNING) == 0)
2152 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0)
2157 #if defined(__DragonFly__)
2158 m = ifq_dequeue(&ifp->if_snd);
2160 IFQ_DRV_DEQUEUE(&ifp->if_snd, m);
2164 ac = M_WME_GETAC(m);
2165 if (sc->txq[ac].queued > sc->txq[ac].count - 8) {
2166 /* there is no place left in this ring */
2167 #if defined(__DragonFly__)
2168 ifq_prepend(&ifp->if_snd, m);
2169 ifq_set_oactive(&ifp->if_snd);
2171 IFQ_DRV_PREPEND(&ifp->if_snd, m);
2172 ifp->if_drv_flags |= IFF_DRV_OACTIVE;
2176 ni = (struct ieee80211_node *) m->m_pkthdr.rcvif;
2177 if (wpi_tx_data(sc, m, ni, ac) != 0) {
2178 ieee80211_free_node(ni);
2179 #if defined(__DragonFly__)
2180 IFNET_STAT_INC(ifp, oerrors, 1);
2182 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
2186 sc->sc_tx_timer = 5;
2191 wpi_raw_xmit(struct ieee80211_node *ni, struct mbuf *m,
2192 const struct ieee80211_bpf_params *params)
2194 struct ieee80211com *ic = ni->ni_ic;
2195 struct ifnet *ifp = ic->ic_ifp;
2196 struct wpi_softc *sc = ifp->if_softc;
2198 /* prevent management frames from being sent if we're not ready */
2199 #if defined(__DragonFly__)
2200 if (!(ifp->if_flags & IFF_RUNNING)) {
2202 ieee80211_free_node(ni);
2206 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) {
2208 ieee80211_free_node(ni);
2214 /* management frames go into ring 0 */
2215 if (sc->txq[0].queued > sc->txq[0].count - 8) {
2216 #if defined(__DragonFly__)
2217 ifq_set_oactive(&ifp->if_snd);
2219 ifp->if_drv_flags |= IFF_DRV_OACTIVE;
2223 ieee80211_free_node(ni);
2224 return ENOBUFS; /* XXX */
2227 #if defined(__DragonFly__)
2228 IFNET_STAT_INC(ifp, opackets, 1);
2230 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1);
2232 if (wpi_tx_data(sc, m, ni, 0) != 0)
2234 sc->sc_tx_timer = 5;
2235 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc);
2240 #if defined(__DragonFly__)
2241 IFNET_STAT_INC(ifp, oerrors, 1);
2243 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
2246 ieee80211_free_node(ni);
2247 return EIO; /* XXX */
2251 wpi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data,
2252 struct ucred *cred __unused)
2254 struct wpi_softc *sc = ifp->if_softc;
2255 struct ieee80211com *ic = ifp->if_l2com;
2256 struct ifreq *ifr = (struct ifreq *) data;
2257 int error = 0, startall = 0;
2262 #if defined(__DragonFly__)
2263 if ((ifp->if_flags & IFF_UP)) {
2264 if (!(ifp->if_flags & IFF_RUNNING)) {
2265 wpi_init_locked(sc, 0);
2268 } else if ((ifp->if_flags & IFF_RUNNING) ||
2269 (sc->flags & WPI_FLAG_HW_RADIO_OFF))
2270 wpi_stop_locked(sc);
2272 if ((ifp->if_flags & IFF_UP)) {
2273 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) {
2274 wpi_init_locked(sc, 0);
2277 } else if ((ifp->if_drv_flags & IFF_DRV_RUNNING) ||
2278 (sc->flags & WPI_FLAG_HW_RADIO_OFF))
2279 wpi_stop_locked(sc);
2283 ieee80211_start_all(ic);
2286 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd);
2289 error = ether_ioctl(ifp, cmd, data);
2299 * Extract various information from EEPROM.
2302 wpi_read_eeprom(struct wpi_softc *sc, uint8_t macaddr[IEEE80211_ADDR_LEN])
2306 /* read the hardware capabilities, revision and SKU type */
2307 wpi_read_prom_data(sc, WPI_EEPROM_CAPABILITIES, &sc->cap,1);
2308 wpi_read_prom_data(sc, WPI_EEPROM_REVISION, &sc->rev,2);
2309 wpi_read_prom_data(sc, WPI_EEPROM_TYPE, &sc->type, 1);
2311 /* read the regulatory domain */
2312 wpi_read_prom_data(sc, WPI_EEPROM_DOMAIN, sc->domain, 4);
2314 /* read in the hw MAC address */
2315 wpi_read_prom_data(sc, WPI_EEPROM_MAC, macaddr, 6);
2317 /* read the list of authorized channels */
2318 for (i = 0; i < WPI_CHAN_BANDS_COUNT; i++)
2319 wpi_read_eeprom_channels(sc,i);
2321 /* read the power level calibration info for each group */
2322 for (i = 0; i < WPI_POWER_GROUPS_COUNT; i++)
2323 wpi_read_eeprom_group(sc,i);
2327 * Send a command to the firmware.
2330 wpi_cmd(struct wpi_softc *sc, int code, const void *buf, int size, int async)
2332 struct wpi_tx_ring *ring = &sc->cmdq;
2333 struct wpi_tx_desc *desc;
2334 struct wpi_tx_cmd *cmd;
2338 WPI_LOCK_ASSERT(sc);
2342 DPRINTFN(WPI_DEBUG_CMD,("wpi_cmd %d size %d async %d\n", code, size,
2345 if (sc->flags & WPI_FLAG_BUSY) {
2346 device_printf(sc->sc_dev, "%s: cmd %d not sent, busy\n",
2350 sc->flags|= WPI_FLAG_BUSY;
2352 KASSERT(size <= sizeof cmd->data, ("command %d too large: %d bytes",
2355 desc = &ring->desc[ring->cur];
2356 cmd = &ring->cmd[ring->cur];
2360 cmd->qid = ring->qid;
2361 cmd->idx = ring->cur;
2362 memcpy(cmd->data, buf, size);
2364 desc->flags = htole32(WPI_PAD32(size) << 28 | 1 << 24);
2365 desc->segs[0].addr = htole32(ring->cmd_dma.paddr +
2366 ring->cur * sizeof (struct wpi_tx_cmd));
2367 desc->segs[0].len = htole32(4 + size);
2370 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT;
2371 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur);
2374 sc->flags &= ~ WPI_FLAG_BUSY;
2378 #if defined(__DragonFly__)
2379 return wpi_sleep(sc, cmd, PCATCH, "wpicmd", hz);
2381 return msleep(cmd, &sc->sc_mtx, PCATCH, "wpicmd", hz);
2386 wpi_wme_update(struct ieee80211com *ic)
2388 #define WPI_EXP2(v) htole16((1 << (v)) - 1)
2389 #define WPI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v))
2390 struct wpi_softc *sc = ic->ic_ifp->if_softc;
2391 const struct wmeParams *wmep;
2392 struct wpi_wme_setup wme;
2395 /* don't override default WME values if WME is not actually enabled */
2396 if (!(ic->ic_flags & IEEE80211_F_WME))
2400 for (ac = 0; ac < WME_NUM_AC; ac++) {
2401 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac];
2402 wme.ac[ac].aifsn = wmep->wmep_aifsn;
2403 wme.ac[ac].cwmin = WPI_EXP2(wmep->wmep_logcwmin);
2404 wme.ac[ac].cwmax = WPI_EXP2(wmep->wmep_logcwmax);
2405 wme.ac[ac].txop = WPI_USEC(wmep->wmep_txopLimit);
2407 DPRINTF(("setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d "
2408 "txop=%d\n", ac, wme.ac[ac].aifsn, wme.ac[ac].cwmin,
2409 wme.ac[ac].cwmax, wme.ac[ac].txop));
2411 return wpi_cmd(sc, WPI_CMD_SET_WME, &wme, sizeof wme, 1);
2417 * Configure h/w multi-rate retries.
2420 wpi_mrr_setup(struct wpi_softc *sc)
2422 struct ifnet *ifp = sc->sc_ifp;
2423 struct ieee80211com *ic = ifp->if_l2com;
2424 struct wpi_mrr_setup mrr;
2427 memset(&mrr, 0, sizeof (struct wpi_mrr_setup));
2429 /* CCK rates (not used with 802.11a) */
2430 for (i = WPI_CCK1; i <= WPI_CCK11; i++) {
2431 mrr.rates[i].flags = 0;
2432 mrr.rates[i].signal = wpi_ridx_to_plcp[i];
2433 /* fallback to the immediate lower CCK rate (if any) */
2434 mrr.rates[i].next = (i == WPI_CCK1) ? WPI_CCK1 : i - 1;
2435 /* try one time at this rate before falling back to "next" */
2436 mrr.rates[i].ntries = 1;
2439 /* OFDM rates (not used with 802.11b) */
2440 for (i = WPI_OFDM6; i <= WPI_OFDM54; i++) {
2441 mrr.rates[i].flags = 0;
2442 mrr.rates[i].signal = wpi_ridx_to_plcp[i];
2443 /* fallback to the immediate lower OFDM rate (if any) */
2444 /* we allow fallback from OFDM/6 to CCK/2 in 11b/g mode */
2445 mrr.rates[i].next = (i == WPI_OFDM6) ?
2446 ((ic->ic_curmode == IEEE80211_MODE_11A) ?
2447 WPI_OFDM6 : WPI_CCK2) :
2449 /* try one time at this rate before falling back to "next" */
2450 mrr.rates[i].ntries = 1;
2453 /* setup MRR for control frames */
2454 mrr.which = WPI_MRR_CTL;
2455 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0);
2457 device_printf(sc->sc_dev,
2458 "could not setup MRR for control frames\n");
2462 /* setup MRR for data frames */
2463 mrr.which = WPI_MRR_DATA;
2464 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0);
2466 device_printf(sc->sc_dev,
2467 "could not setup MRR for data frames\n");
2475 wpi_set_led(struct wpi_softc *sc, uint8_t which, uint8_t off, uint8_t on)
2477 struct wpi_cmd_led led;
2480 led.unit = htole32(100000); /* on/off in unit of 100ms */
2484 (void)wpi_cmd(sc, WPI_CMD_SET_LED, &led, sizeof led, 1);
2488 wpi_enable_tsf(struct wpi_softc *sc, struct ieee80211_node *ni)
2490 struct wpi_cmd_tsf tsf;
2493 memset(&tsf, 0, sizeof tsf);
2494 memcpy(&tsf.tstamp, ni->ni_tstamp.data, 8);
2495 tsf.bintval = htole16(ni->ni_intval);
2496 tsf.lintval = htole16(10);
2498 /* compute remaining time until next beacon */
2499 val = (uint64_t)ni->ni_intval * 1024; /* msec -> usec */
2500 mod = le64toh(tsf.tstamp) % val;
2501 tsf.binitval = htole32((uint32_t)(val - mod));
2503 if (wpi_cmd(sc, WPI_CMD_TSF, &tsf, sizeof tsf, 1) != 0)
2504 device_printf(sc->sc_dev, "could not enable TSF\n");
2509 * Build a beacon frame that the firmware will broadcast periodically in
2510 * IBSS or HostAP modes.
2513 wpi_setup_beacon(struct wpi_softc *sc, struct ieee80211_node *ni)
2515 struct ifnet *ifp = sc->sc_ifp;
2516 struct ieee80211com *ic = ifp->if_l2com;
2517 struct wpi_tx_ring *ring = &sc->cmdq;
2518 struct wpi_tx_desc *desc;
2519 struct wpi_tx_data *data;
2520 struct wpi_tx_cmd *cmd;
2521 struct wpi_cmd_beacon *bcn;
2522 struct ieee80211_beacon_offsets bo;
2524 bus_addr_t physaddr;
2527 desc = &ring->desc[ring->cur];
2528 data = &ring->data[ring->cur];
2530 m0 = ieee80211_beacon_alloc(ic, ni, &bo);
2532 device_printf(sc->sc_dev, "could not allocate beacon frame\n");
2536 cmd = &ring->cmd[ring->cur];
2537 cmd->code = WPI_CMD_SET_BEACON;
2539 cmd->qid = ring->qid;
2540 cmd->idx = ring->cur;
2542 bcn = (struct wpi_cmd_beacon *)cmd->data;
2543 memset(bcn, 0, sizeof (struct wpi_cmd_beacon));
2544 bcn->id = WPI_ID_BROADCAST;
2545 bcn->ofdm_mask = 0xff;
2546 bcn->cck_mask = 0x0f;
2547 bcn->lifetime = htole32(WPI_LIFETIME_INFINITE);
2548 bcn->len = htole16(m0->m_pkthdr.len);
2549 bcn->rate = (ic->ic_curmode == IEEE80211_MODE_11A) ?
2550 wpi_plcp_signal(12) : wpi_plcp_signal(2);
2551 bcn->flags = htole32(WPI_TX_AUTO_SEQ | WPI_TX_INSERT_TSTAMP);
2553 /* save and trim IEEE802.11 header */
2554 m_copydata(m0, 0, sizeof (struct ieee80211_frame), (caddr_t)&bcn->wh);
2555 m_adj(m0, sizeof (struct ieee80211_frame));
2557 /* assume beacon frame is contiguous */
2558 error = bus_dmamap_load(ring->data_dmat, data->map, mtod(m0, void *),
2559 m0->m_pkthdr.len, wpi_dma_map_addr, &physaddr, 0);
2561 device_printf(sc->sc_dev, "could not map beacon\n");
2568 /* first scatter/gather segment is used by the beacon command */
2569 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 2 << 24);
2570 desc->segs[0].addr = htole32(ring->cmd_dma.paddr +
2571 ring->cur * sizeof (struct wpi_tx_cmd));
2572 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_beacon));
2573 desc->segs[1].addr = htole32(physaddr);
2574 desc->segs[1].len = htole32(m0->m_pkthdr.len);
2577 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT;
2578 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur);
2585 wpi_auth(struct wpi_softc *sc, struct ieee80211vap *vap)
2587 struct ieee80211com *ic = vap->iv_ic;
2588 struct ieee80211_node *ni = vap->iv_bss;
2589 struct wpi_node_info node;
2593 /* update adapter's configuration */
2594 sc->config.associd = 0;
2595 sc->config.filter &= ~htole32(WPI_FILTER_BSS);
2596 IEEE80211_ADDR_COPY(sc->config.bssid, ni->ni_bssid);
2597 sc->config.chan = ieee80211_chan2ieee(ic, ni->ni_chan);
2598 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) {
2599 sc->config.flags |= htole32(WPI_CONFIG_AUTO |
2602 sc->config.flags &= ~htole32(WPI_CONFIG_AUTO |
2605 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) {
2606 sc->config.cck_mask = 0;
2607 sc->config.ofdm_mask = 0x15;
2608 } else if (IEEE80211_IS_CHAN_B(ni->ni_chan)) {
2609 sc->config.cck_mask = 0x03;
2610 sc->config.ofdm_mask = 0;
2612 /* XXX assume 802.11b/g */
2613 sc->config.cck_mask = 0x0f;
2614 sc->config.ofdm_mask = 0x15;
2617 DPRINTF(("config chan %d flags %x cck %x ofdm %x\n", sc->config.chan,
2618 sc->config.flags, sc->config.cck_mask, sc->config.ofdm_mask));
2619 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config,
2620 sizeof (struct wpi_config), 1);
2622 device_printf(sc->sc_dev, "could not configure\n");
2626 /* configuration has changed, set Tx power accordingly */
2627 if ((error = wpi_set_txpower(sc, ni->ni_chan, 1)) != 0) {
2628 device_printf(sc->sc_dev, "could not set Tx power\n");
2632 /* add default node */
2633 memset(&node, 0, sizeof node);
2634 IEEE80211_ADDR_COPY(node.bssid, ni->ni_bssid);
2635 node.id = WPI_ID_BSS;
2636 node.rate = (ic->ic_curmode == IEEE80211_MODE_11A) ?
2637 wpi_plcp_signal(12) : wpi_plcp_signal(2);
2638 node.action = htole32(WPI_ACTION_SET_RATE);
2639 node.antenna = WPI_ANTENNA_BOTH;
2640 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 1);
2642 device_printf(sc->sc_dev, "could not add BSS node\n");
2648 wpi_run(struct wpi_softc *sc, struct ieee80211vap *vap)
2650 struct ieee80211com *ic = vap->iv_ic;
2651 struct ieee80211_node *ni = vap->iv_bss;
2654 if (vap->iv_opmode == IEEE80211_M_MONITOR) {
2655 /* link LED blinks while monitoring */
2656 wpi_set_led(sc, WPI_LED_LINK, 5, 5);
2660 wpi_enable_tsf(sc, ni);
2662 /* update adapter's configuration */
2663 sc->config.associd = htole16(ni->ni_associd & ~0xc000);
2664 /* short preamble/slot time are negotiated when associating */
2665 sc->config.flags &= ~htole32(WPI_CONFIG_SHPREAMBLE |
2667 if (ic->ic_flags & IEEE80211_F_SHSLOT)
2668 sc->config.flags |= htole32(WPI_CONFIG_SHSLOT);
2669 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
2670 sc->config.flags |= htole32(WPI_CONFIG_SHPREAMBLE);
2671 sc->config.filter |= htole32(WPI_FILTER_BSS);
2673 /* XXX put somewhere HC_QOS_SUPPORT_ASSOC + HC_IBSS_START */
2675 DPRINTF(("config chan %d flags %x\n", sc->config.chan,
2677 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, sizeof (struct
2680 device_printf(sc->sc_dev, "could not update configuration\n");
2684 error = wpi_set_txpower(sc, ni->ni_chan, 1);
2686 device_printf(sc->sc_dev, "could set txpower\n");
2690 /* link LED always on while associated */
2691 wpi_set_led(sc, WPI_LED_LINK, 0, 1);
2693 /* start automatic rate control timer */
2694 callout_reset(&sc->calib_to, 60*hz, wpi_calib_timeout, sc);
2700 * Send a scan request to the firmware. Since this command is huge, we map it
2701 * into a mbufcluster instead of using the pre-allocated set of commands. Note,
2702 * much of this code is similar to that in wpi_cmd but because we must manually
2703 * construct the probe & channels, we duplicate what's needed here. XXX In the
2704 * future, this function should be modified to use wpi_cmd to help cleanup the
2708 wpi_scan(struct wpi_softc *sc)
2710 struct ifnet *ifp = sc->sc_ifp;
2711 struct ieee80211com *ic = ifp->if_l2com;
2712 struct ieee80211_scan_state *ss = ic->ic_scan;
2713 struct wpi_tx_ring *ring = &sc->cmdq;
2714 struct wpi_tx_desc *desc;
2715 struct wpi_tx_data *data;
2716 struct wpi_tx_cmd *cmd;
2717 struct wpi_scan_hdr *hdr;
2718 struct wpi_scan_chan *chan;
2719 struct ieee80211_frame *wh;
2720 struct ieee80211_rateset *rs;
2721 struct ieee80211_channel *c;
2722 enum ieee80211_phymode mode;
2724 int pktlen, error, i, nssid;
2725 bus_addr_t physaddr;
2727 desc = &ring->desc[ring->cur];
2728 data = &ring->data[ring->cur];
2730 data->m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
2731 if (data->m == NULL) {
2732 device_printf(sc->sc_dev,
2733 "could not allocate mbuf for scan command\n");
2737 cmd = mtod(data->m, struct wpi_tx_cmd *);
2738 cmd->code = WPI_CMD_SCAN;
2740 cmd->qid = ring->qid;
2741 cmd->idx = ring->cur;
2743 hdr = (struct wpi_scan_hdr *)cmd->data;
2744 memset(hdr, 0, sizeof(struct wpi_scan_hdr));
2747 * Move to the next channel if no packets are received within 5 msecs
2748 * after sending the probe request (this helps to reduce the duration
2751 hdr->quiet = htole16(5);
2752 hdr->threshold = htole16(1);
2754 if (IEEE80211_IS_CHAN_A(ic->ic_curchan)) {
2755 /* send probe requests at 6Mbps */
2756 hdr->tx.rate = wpi_ridx_to_plcp[WPI_OFDM6];
2758 /* Enable crc checking */
2759 hdr->promotion = htole16(1);
2761 hdr->flags = htole32(WPI_CONFIG_24GHZ | WPI_CONFIG_AUTO);
2762 /* send probe requests at 1Mbps */
2763 hdr->tx.rate = wpi_ridx_to_plcp[WPI_CCK1];
2765 hdr->tx.id = WPI_ID_BROADCAST;
2766 hdr->tx.lifetime = htole32(WPI_LIFETIME_INFINITE);
2767 hdr->tx.flags = htole32(WPI_TX_AUTO_SEQ);
2769 memset(hdr->scan_essids, 0, sizeof(hdr->scan_essids));
2770 nssid = MIN(ss->ss_nssid, WPI_SCAN_MAX_ESSIDS);
2771 for (i = 0; i < nssid; i++) {
2772 hdr->scan_essids[i].id = IEEE80211_ELEMID_SSID;
2773 hdr->scan_essids[i].esslen = MIN(ss->ss_ssid[i].len, IEEE80211_NWID_LEN);
2774 memcpy(hdr->scan_essids[i].essid, ss->ss_ssid[i].ssid,
2775 hdr->scan_essids[i].esslen);
2777 if (wpi_debug & WPI_DEBUG_SCANNING) {
2778 kprintf("Scanning Essid: ");
2779 ieee80211_print_essid(hdr->scan_essids[i].essid,
2780 hdr->scan_essids[i].esslen);
2787 * Build a probe request frame. Most of the following code is a
2788 * copy & paste of what is done in net80211.
2790 wh = (struct ieee80211_frame *)&hdr->scan_essids[WPI_SCAN_MAX_ESSIDS];
2791 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT |
2792 IEEE80211_FC0_SUBTYPE_PROBE_REQ;
2793 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS;
2794 IEEE80211_ADDR_COPY(wh->i_addr1, ifp->if_broadcastaddr);
2795 IEEE80211_ADDR_COPY(wh->i_addr2, IF_LLADDR(ifp));
2796 IEEE80211_ADDR_COPY(wh->i_addr3, ifp->if_broadcastaddr);
2797 *(u_int16_t *)&wh->i_dur[0] = 0; /* filled by h/w */
2798 *(u_int16_t *)&wh->i_seq[0] = 0; /* filled by h/w */
2800 frm = (uint8_t *)(wh + 1);
2802 mode = ieee80211_chan2mode(ic->ic_curchan);
2803 rs = &ic->ic_sup_rates[mode];
2805 frm = ieee80211_add_ssid(frm, NULL, 0);
2806 frm = ieee80211_add_rates(frm, rs);
2807 frm = ieee80211_add_xrates(frm, rs);
2809 /* setup length of probe request */
2810 hdr->tx.len = htole16(frm - (uint8_t *)wh);
2813 * Construct information about the channel that we
2814 * want to scan. The firmware expects this to be directly
2815 * after the scan probe request
2818 chan = (struct wpi_scan_chan *)frm;
2819 chan->chan = ieee80211_chan2ieee(ic, c);
2821 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) {
2822 chan->flags |= WPI_CHAN_ACTIVE;
2824 chan->flags |= WPI_CHAN_DIRECT;
2826 chan->gain_dsp = 0x6e; /* Default level */
2827 if (IEEE80211_IS_CHAN_5GHZ(c)) {
2828 chan->active = htole16(10);
2829 chan->passive = htole16(ss->ss_maxdwell);
2830 chan->gain_radio = 0x3b;
2832 chan->active = htole16(20);
2833 chan->passive = htole16(ss->ss_maxdwell);
2834 chan->gain_radio = 0x28;
2837 DPRINTFN(WPI_DEBUG_SCANNING,
2838 ("Scanning %u Passive: %d\n",
2840 c->ic_flags & IEEE80211_CHAN_PASSIVE));
2845 frm += sizeof (struct wpi_scan_chan);
2847 // XXX All Channels....
2848 for (c = &ic->ic_channels[1];
2849 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) {
2850 if ((c->ic_flags & ic->ic_curchan->ic_flags) != ic->ic_curchan->ic_flags)
2853 chan->chan = ieee80211_chan2ieee(ic, c);
2855 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) {
2856 chan->flags |= WPI_CHAN_ACTIVE;
2857 if (ic->ic_des_ssid[0].len != 0)
2858 chan->flags |= WPI_CHAN_DIRECT;
2860 chan->gain_dsp = 0x6e; /* Default level */
2861 if (IEEE80211_IS_CHAN_5GHZ(c)) {
2862 chan->active = htole16(10);
2863 chan->passive = htole16(110);
2864 chan->gain_radio = 0x3b;
2866 chan->active = htole16(20);
2867 chan->passive = htole16(120);
2868 chan->gain_radio = 0x28;
2871 DPRINTFN(WPI_DEBUG_SCANNING,
2872 ("Scanning %u Passive: %d\n",
2874 c->ic_flags & IEEE80211_CHAN_PASSIVE));
2879 frm += sizeof (struct wpi_scan_chan);
2883 hdr->len = htole16(frm - (uint8_t *)hdr);
2884 pktlen = frm - (uint8_t *)cmd;
2886 error = bus_dmamap_load(ring->data_dmat, data->map, cmd, pktlen,
2887 wpi_dma_map_addr, &physaddr, BUS_DMA_NOWAIT);
2889 device_printf(sc->sc_dev, "could not map scan command\n");
2895 desc->flags = htole32(WPI_PAD32(pktlen) << 28 | 1 << 24);
2896 desc->segs[0].addr = htole32(physaddr);
2897 desc->segs[0].len = htole32(pktlen);
2899 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map,
2900 BUS_DMASYNC_PREWRITE);
2901 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE);
2904 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT;
2905 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur);
2907 sc->sc_scan_timer = 5;
2908 return 0; /* will be notified async. of failure/success */
2912 * Configure the card to listen to a particular channel, this transisions the
2913 * card in to being able to receive frames from remote devices.
2916 wpi_config(struct wpi_softc *sc)
2918 struct ifnet *ifp = sc->sc_ifp;
2919 struct ieee80211com *ic = ifp->if_l2com;
2920 struct wpi_power power;
2921 struct wpi_bluetooth bluetooth;
2922 struct wpi_node_info node;
2925 /* set power mode */
2926 memset(&power, 0, sizeof power);
2927 power.flags = htole32(WPI_POWER_CAM|0x8);
2928 error = wpi_cmd(sc, WPI_CMD_SET_POWER_MODE, &power, sizeof power, 0);
2930 device_printf(sc->sc_dev, "could not set power mode\n");
2934 /* configure bluetooth coexistence */
2935 memset(&bluetooth, 0, sizeof bluetooth);
2936 bluetooth.flags = 3;
2937 bluetooth.lead = 0xaa;
2939 error = wpi_cmd(sc, WPI_CMD_BLUETOOTH, &bluetooth, sizeof bluetooth,
2942 device_printf(sc->sc_dev,
2943 "could not configure bluetooth coexistence\n");
2947 /* configure adapter */
2948 memset(&sc->config, 0, sizeof (struct wpi_config));
2949 IEEE80211_ADDR_COPY(sc->config.myaddr, IF_LLADDR(ifp));
2950 /*set default channel*/
2951 sc->config.chan = htole16(ieee80211_chan2ieee(ic, ic->ic_curchan));
2952 sc->config.flags = htole32(WPI_CONFIG_TSF);
2953 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) {
2954 sc->config.flags |= htole32(WPI_CONFIG_AUTO |
2957 sc->config.filter = 0;
2958 switch (ic->ic_opmode) {
2959 case IEEE80211_M_STA:
2960 case IEEE80211_M_WDS: /* No know setup, use STA for now */
2961 sc->config.mode = WPI_MODE_STA;
2962 sc->config.filter |= htole32(WPI_FILTER_MULTICAST);
2964 case IEEE80211_M_IBSS:
2965 case IEEE80211_M_AHDEMO:
2966 sc->config.mode = WPI_MODE_IBSS;
2967 sc->config.filter |= htole32(WPI_FILTER_BEACON |
2968 WPI_FILTER_MULTICAST);
2970 case IEEE80211_M_HOSTAP:
2971 sc->config.mode = WPI_MODE_HOSTAP;
2973 case IEEE80211_M_MONITOR:
2974 sc->config.mode = WPI_MODE_MONITOR;
2975 sc->config.filter |= htole32(WPI_FILTER_MULTICAST |
2976 WPI_FILTER_CTL | WPI_FILTER_PROMISC);
2979 device_printf(sc->sc_dev, "unknown opmode %d\n", ic->ic_opmode);
2982 sc->config.cck_mask = 0x0f; /* not yet negotiated */
2983 sc->config.ofdm_mask = 0xff; /* not yet negotiated */
2984 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config,
2985 sizeof (struct wpi_config), 0);
2987 device_printf(sc->sc_dev, "configure command failed\n");
2991 /* configuration has changed, set Tx power accordingly */
2992 if ((error = wpi_set_txpower(sc, ic->ic_curchan, 0)) != 0) {
2993 device_printf(sc->sc_dev, "could not set Tx power\n");
2997 /* add broadcast node */
2998 memset(&node, 0, sizeof node);
2999 IEEE80211_ADDR_COPY(node.bssid, ifp->if_broadcastaddr);
3000 node.id = WPI_ID_BROADCAST;
3001 node.rate = wpi_plcp_signal(2);
3002 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 0);
3004 device_printf(sc->sc_dev, "could not add broadcast node\n");
3008 /* Setup rate scalling */
3009 error = wpi_mrr_setup(sc);
3011 device_printf(sc->sc_dev, "could not setup MRR\n");
3019 wpi_stop_master(struct wpi_softc *sc)
3024 DPRINTFN(WPI_DEBUG_HW,("Disabling Firmware execution\n"));
3026 tmp = WPI_READ(sc, WPI_RESET);
3027 WPI_WRITE(sc, WPI_RESET, tmp | WPI_STOP_MASTER | WPI_NEVO_RESET);
3029 tmp = WPI_READ(sc, WPI_GPIO_CTL);
3030 if ((tmp & WPI_GPIO_PWR_STATUS) == WPI_GPIO_PWR_SLEEP)
3031 return; /* already asleep */
3033 for (ntries = 0; ntries < 100; ntries++) {
3034 if (WPI_READ(sc, WPI_RESET) & WPI_MASTER_DISABLED)
3038 if (ntries == 100) {
3039 device_printf(sc->sc_dev, "timeout waiting for master\n");
3044 wpi_power_up(struct wpi_softc *sc)
3050 tmp = wpi_mem_read(sc, WPI_MEM_POWER);
3051 wpi_mem_write(sc, WPI_MEM_POWER, tmp & ~0x03000000);
3054 for (ntries = 0; ntries < 5000; ntries++) {
3055 if (WPI_READ(sc, WPI_GPIO_STATUS) & WPI_POWERED)
3059 if (ntries == 5000) {
3060 device_printf(sc->sc_dev,
3061 "timeout waiting for NIC to power up\n");
3068 wpi_reset(struct wpi_softc *sc)
3073 DPRINTFN(WPI_DEBUG_HW,
3074 ("Resetting the card - clearing any uploaded firmware\n"));
3076 /* clear any pending interrupts */
3077 WPI_WRITE(sc, WPI_INTR, 0xffffffff);
3079 tmp = WPI_READ(sc, WPI_PLL_CTL);
3080 WPI_WRITE(sc, WPI_PLL_CTL, tmp | WPI_PLL_INIT);
3082 tmp = WPI_READ(sc, WPI_CHICKEN);
3083 WPI_WRITE(sc, WPI_CHICKEN, tmp | WPI_CHICKEN_RXNOLOS);
3085 tmp = WPI_READ(sc, WPI_GPIO_CTL);
3086 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_INIT);
3088 /* wait for clock stabilization */
3089 for (ntries = 0; ntries < 25000; ntries++) {
3090 if (WPI_READ(sc, WPI_GPIO_CTL) & WPI_GPIO_CLOCK)
3094 if (ntries == 25000) {
3095 device_printf(sc->sc_dev,
3096 "timeout waiting for clock stabilization\n");
3100 /* initialize EEPROM */
3101 tmp = WPI_READ(sc, WPI_EEPROM_STATUS);
3103 if ((tmp & WPI_EEPROM_VERSION) == 0) {
3104 device_printf(sc->sc_dev, "EEPROM not found\n");
3107 WPI_WRITE(sc, WPI_EEPROM_STATUS, tmp & ~WPI_EEPROM_LOCKED);
3113 wpi_hw_config(struct wpi_softc *sc)
3117 /* voodoo from the Linux "driver".. */
3118 hw = WPI_READ(sc, WPI_HWCONFIG);
3120 rev = pci_read_config(sc->sc_dev, PCIR_REVID, 1);
3121 if ((rev & 0xc0) == 0x40)
3122 hw |= WPI_HW_ALM_MB;
3123 else if (!(rev & 0x80))
3124 hw |= WPI_HW_ALM_MM;
3126 if (sc->cap == 0x80)
3127 hw |= WPI_HW_SKU_MRC;
3129 hw &= ~WPI_HW_REV_D;
3130 if ((le16toh(sc->rev) & 0xf0) == 0xd0)
3134 hw |= WPI_HW_TYPE_B;
3136 WPI_WRITE(sc, WPI_HWCONFIG, hw);
3140 wpi_rfkill_resume(struct wpi_softc *sc)
3142 struct ifnet *ifp = sc->sc_ifp;
3143 struct ieee80211com *ic = ifp->if_l2com;
3144 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
3147 /* enable firmware again */
3148 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF);
3149 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_DISABLE_CMD);
3151 /* wait for thermal sensors to calibrate */
3152 for (ntries = 0; ntries < 1000; ntries++) {
3153 if ((sc->temp = (int)WPI_READ(sc, WPI_TEMPERATURE)) != 0)
3158 if (ntries == 1000) {
3159 device_printf(sc->sc_dev,
3160 "timeout waiting for thermal calibration\n");
3163 DPRINTFN(WPI_DEBUG_TEMP,("temperature %d\n", sc->temp));
3165 if (wpi_config(sc) != 0) {
3166 device_printf(sc->sc_dev, "device config failed\n");
3170 #if defined(__DragonFly__)
3171 ifq_clr_oactive(&ifp->if_snd);
3172 ifp->if_flags |= IFF_RUNNING;
3174 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
3175 ifp->if_drv_flags |= IFF_DRV_RUNNING;
3177 sc->flags &= ~WPI_FLAG_HW_RADIO_OFF;
3180 if ((ic->ic_flags & IEEE80211_F_SCAN) == 0) {
3181 if (vap->iv_opmode != IEEE80211_M_MONITOR) {
3182 ieee80211_beacon_miss(ic);
3183 wpi_set_led(sc, WPI_LED_LINK, 0, 1);
3185 wpi_set_led(sc, WPI_LED_LINK, 5, 5);
3187 ieee80211_scan_next(vap);
3188 wpi_set_led(sc, WPI_LED_LINK, 20, 2);
3192 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc);
3196 wpi_init_locked(struct wpi_softc *sc, int force)
3198 struct ifnet *ifp = sc->sc_ifp;
3202 wpi_stop_locked(sc);
3203 (void)wpi_reset(sc);
3206 wpi_mem_write(sc, WPI_MEM_CLOCK1, 0xa00);
3208 tmp = wpi_mem_read(sc, WPI_MEM_PCIDEV);
3209 wpi_mem_write(sc, WPI_MEM_PCIDEV, tmp | 0x800);
3212 (void)wpi_power_up(sc);
3217 WPI_WRITE(sc, WPI_RX_BASE, sc->rxq.desc_dma.paddr);
3218 WPI_WRITE(sc, WPI_RX_RIDX_PTR, sc->shared_dma.paddr +
3219 offsetof(struct wpi_shared, next));
3220 WPI_WRITE(sc, WPI_RX_WIDX, (WPI_RX_RING_COUNT - 1) & ~7);
3221 WPI_WRITE(sc, WPI_RX_CONFIG, 0xa9601010);
3226 wpi_mem_write(sc, WPI_MEM_MODE, 2); /* bypass mode */
3227 wpi_mem_write(sc, WPI_MEM_RA, 1); /* enable RA0 */
3228 wpi_mem_write(sc, WPI_MEM_TXCFG, 0x3f); /* enable all 6 Tx rings */
3229 wpi_mem_write(sc, WPI_MEM_BYPASS1, 0x10000);
3230 wpi_mem_write(sc, WPI_MEM_BYPASS2, 0x30002);
3231 wpi_mem_write(sc, WPI_MEM_MAGIC4, 4);
3232 wpi_mem_write(sc, WPI_MEM_MAGIC5, 5);
3234 WPI_WRITE(sc, WPI_TX_BASE_PTR, sc->shared_dma.paddr);
3235 WPI_WRITE(sc, WPI_MSG_CONFIG, 0xffff05a5);
3237 for (qid = 0; qid < 6; qid++) {
3238 WPI_WRITE(sc, WPI_TX_CTL(qid), 0);
3239 WPI_WRITE(sc, WPI_TX_BASE(qid), 0);
3240 WPI_WRITE(sc, WPI_TX_CONFIG(qid), 0x80200008);
3244 /* clear "radio off" and "disable command" bits (reversed logic) */
3245 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF);
3246 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_DISABLE_CMD);
3247 sc->flags &= ~WPI_FLAG_HW_RADIO_OFF;
3249 /* clear any pending interrupts */
3250 WPI_WRITE(sc, WPI_INTR, 0xffffffff);
3252 /* enable interrupts */
3253 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK);
3255 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF);
3256 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF);
3258 if ((wpi_load_firmware(sc)) != 0) {
3259 device_printf(sc->sc_dev,
3260 "A problem occurred loading the firmware to the driver\n");
3264 /* At this point the firmware is up and running. If the hardware
3265 * RF switch is turned off thermal calibration will fail, though
3266 * the card is still happy to continue to accept commands, catch
3267 * this case and schedule a task to watch for it to be turned on.
3270 tmp = wpi_mem_read(sc, WPI_MEM_HW_RADIO_OFF);
3274 sc->flags |= WPI_FLAG_HW_RADIO_OFF;
3275 device_printf(sc->sc_dev,"Radio Transmitter is switched off\n");
3279 /* wait for thermal sensors to calibrate */
3280 for (ntries = 0; ntries < 1000; ntries++) {
3281 if ((sc->temp = (int)WPI_READ(sc, WPI_TEMPERATURE)) != 0)
3286 if (ntries == 1000) {
3287 device_printf(sc->sc_dev,
3288 "timeout waiting for thermal sensors calibration\n");
3291 DPRINTFN(WPI_DEBUG_TEMP,("temperature %d\n", sc->temp));
3293 if (wpi_config(sc) != 0) {
3294 device_printf(sc->sc_dev, "device config failed\n");
3298 #if defined(__DragonFly__)
3299 ifq_clr_oactive(&ifp->if_snd);
3300 ifp->if_flags |= IFF_RUNNING;
3302 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
3303 ifp->if_drv_flags |= IFF_DRV_RUNNING;
3306 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc);
3312 struct wpi_softc *sc = arg;
3313 struct ifnet *ifp = sc->sc_ifp;
3314 struct ieee80211com *ic = ifp->if_l2com;
3317 wpi_init_locked(sc, 0);
3320 #if defined(__DragonFly__)
3321 if (ifp->if_flags & IFF_RUNNING)
3322 ieee80211_start_all(ic); /* start all vaps */
3324 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
3325 ieee80211_start_all(ic); /* start all vaps */
3330 wpi_stop_locked(struct wpi_softc *sc)
3332 struct ifnet *ifp = sc->sc_ifp;
3336 sc->sc_tx_timer = 0;
3337 sc->sc_scan_timer = 0;
3338 #if defined(__DragonFly__)
3339 ifq_clr_oactive(&ifp->if_snd);
3340 ifp->if_flags &= ~IFF_RUNNING;
3342 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE);
3344 sc->flags &= ~WPI_FLAG_HW_RADIO_OFF;
3345 callout_stop_sync(&sc->watchdog_to);
3346 callout_stop_sync(&sc->calib_to);
3348 /* disable interrupts */
3349 WPI_WRITE(sc, WPI_MASK, 0);
3350 WPI_WRITE(sc, WPI_INTR, WPI_INTR_MASK);
3351 WPI_WRITE(sc, WPI_INTR_STATUS, 0xff);
3352 WPI_WRITE(sc, WPI_INTR_STATUS, 0x00070000);
3355 wpi_mem_write(sc, WPI_MEM_MODE, 0);
3358 /* reset all Tx rings */
3359 for (ac = 0; ac < 4; ac++)
3360 wpi_reset_tx_ring(sc, &sc->txq[ac]);
3361 wpi_reset_tx_ring(sc, &sc->cmdq);
3364 wpi_reset_rx_ring(sc, &sc->rxq);
3367 wpi_mem_write(sc, WPI_MEM_CLOCK2, 0x200);
3372 wpi_stop_master(sc);
3374 tmp = WPI_READ(sc, WPI_RESET);
3375 WPI_WRITE(sc, WPI_RESET, tmp | WPI_SW_RESET);
3376 sc->flags &= ~WPI_FLAG_BUSY;
3380 wpi_stop(struct wpi_softc *sc)
3383 wpi_stop_locked(sc);
3388 wpi_calib_timeout(void *arg)
3390 struct wpi_softc *sc = arg;
3391 struct ifnet *ifp = sc->sc_ifp;
3392 struct ieee80211com *ic = ifp->if_l2com;
3393 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
3396 if (vap->iv_state != IEEE80211_S_RUN)
3399 /* update sensor data */
3400 temp = (int)WPI_READ(sc, WPI_TEMPERATURE);
3401 DPRINTFN(WPI_DEBUG_TEMP,("Temp in calibration is: %d\n", temp));
3403 wpi_power_calibration(sc, temp);
3405 callout_reset(&sc->calib_to, 60*hz, wpi_calib_timeout, sc);
3409 * This function is called periodically (every 60 seconds) to adjust output
3410 * power to temperature changes.
3413 wpi_power_calibration(struct wpi_softc *sc, int temp)
3415 struct ifnet *ifp = sc->sc_ifp;
3416 struct ieee80211com *ic = ifp->if_l2com;
3417 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
3419 /* sanity-check read value */
3420 if (temp < -260 || temp > 25) {
3421 /* this can't be correct, ignore */
3422 DPRINTFN(WPI_DEBUG_TEMP,
3423 ("out-of-range temperature reported: %d\n", temp));
3427 DPRINTFN(WPI_DEBUG_TEMP,("temperature %d->%d\n", sc->temp, temp));
3429 /* adjust Tx power if need be */
3430 if (abs(temp - sc->temp) <= 6)
3435 if (wpi_set_txpower(sc, vap->iv_bss->ni_chan, 1) != 0) {
3436 /* just warn, too bad for the automatic calibration... */
3437 device_printf(sc->sc_dev,"could not adjust Tx power\n");
3442 * Read the eeprom to find out what channels are valid for the given
3443 * band and update net80211 with what we find.
3446 wpi_read_eeprom_channels(struct wpi_softc *sc, int n)
3448 struct ifnet *ifp = sc->sc_ifp;
3449 struct ieee80211com *ic = ifp->if_l2com;
3450 const struct wpi_chan_band *band = &wpi_bands[n];
3451 struct wpi_eeprom_chan channels[WPI_MAX_CHAN_PER_BAND];
3452 struct ieee80211_channel *c;
3453 int chan, i, passive;
3455 wpi_read_prom_data(sc, band->addr, channels,
3456 band->nchan * sizeof (struct wpi_eeprom_chan));
3458 for (i = 0; i < band->nchan; i++) {
3459 if (!(channels[i].flags & WPI_EEPROM_CHAN_VALID)) {
3460 DPRINTFN(WPI_DEBUG_HW,
3461 ("Channel Not Valid: %d, band %d\n",
3467 chan = band->chan[i];
3468 c = &ic->ic_channels[ic->ic_nchans++];
3470 /* is active scan allowed on this channel? */
3471 if (!(channels[i].flags & WPI_EEPROM_CHAN_ACTIVE)) {
3472 passive = IEEE80211_CHAN_PASSIVE;
3475 if (n == 0) { /* 2GHz band */
3477 c->ic_freq = ieee80211_ieee2mhz(chan,
3478 IEEE80211_CHAN_2GHZ);
3479 c->ic_flags = IEEE80211_CHAN_B | passive;
3481 c = &ic->ic_channels[ic->ic_nchans++];
3483 c->ic_freq = ieee80211_ieee2mhz(chan,
3484 IEEE80211_CHAN_2GHZ);
3485 c->ic_flags = IEEE80211_CHAN_G | passive;
3487 } else { /* 5GHz band */
3489 * Some 3945ABG adapters support channels 7, 8, 11
3490 * and 12 in the 2GHz *and* 5GHz bands.
3491 * Because of limitations in our net80211(9) stack,
3492 * we can't support these channels in 5GHz band.
3493 * XXX not true; just need to map to proper frequency
3499 c->ic_freq = ieee80211_ieee2mhz(chan,
3500 IEEE80211_CHAN_5GHZ);
3501 c->ic_flags = IEEE80211_CHAN_A | passive;
3504 /* save maximum allowed power for this channel */
3505 sc->maxpwr[chan] = channels[i].maxpwr;
3508 // XXX We can probably use this an get rid of maxpwr - ben 20070617
3509 ic->ic_channels[chan].ic_maxpower = channels[i].maxpwr;
3510 //ic->ic_channels[chan].ic_minpower...
3511 //ic->ic_channels[chan].ic_maxregtxpower...
3514 DPRINTF(("adding chan %d (%dMHz) flags=0x%x maxpwr=%d"
3515 " passive=%d, offset %d\n", chan, c->ic_freq,
3516 channels[i].flags, sc->maxpwr[chan],
3517 (c->ic_flags & IEEE80211_CHAN_PASSIVE) != 0,
3523 wpi_read_eeprom_group(struct wpi_softc *sc, int n)
3525 struct wpi_power_group *group = &sc->groups[n];
3526 struct wpi_eeprom_group rgroup;
3529 wpi_read_prom_data(sc, WPI_EEPROM_POWER_GRP + n * 32, &rgroup,
3532 /* save power group information */
3533 group->chan = rgroup.chan;
3534 group->maxpwr = rgroup.maxpwr;
3535 /* temperature at which the samples were taken */
3536 group->temp = (int16_t)le16toh(rgroup.temp);
3538 DPRINTF(("power group %d: chan=%d maxpwr=%d temp=%d\n", n,
3539 group->chan, group->maxpwr, group->temp));
3541 for (i = 0; i < WPI_SAMPLES_COUNT; i++) {
3542 group->samples[i].index = rgroup.samples[i].index;
3543 group->samples[i].power = rgroup.samples[i].power;
3545 DPRINTF(("\tsample %d: index=%d power=%d\n", i,
3546 group->samples[i].index, group->samples[i].power));
3551 * Update Tx power to match what is defined for channel `c'.
3554 wpi_set_txpower(struct wpi_softc *sc, struct ieee80211_channel *c, int async)
3556 struct ifnet *ifp = sc->sc_ifp;
3557 struct ieee80211com *ic = ifp->if_l2com;
3558 struct wpi_power_group *group;
3559 struct wpi_cmd_txpower txpower;
3563 /* get channel number */
3564 chan = ieee80211_chan2ieee(ic, c);
3566 /* find the power group to which this channel belongs */
3567 if (IEEE80211_IS_CHAN_5GHZ(c)) {
3568 for (group = &sc->groups[1]; group < &sc->groups[4]; group++)
3569 if (chan <= group->chan)
3572 group = &sc->groups[0];
3574 memset(&txpower, 0, sizeof txpower);
3575 txpower.band = IEEE80211_IS_CHAN_5GHZ(c) ? 0 : 1;
3576 txpower.channel = htole16(chan);
3578 /* set Tx power for all OFDM and CCK rates */
3579 for (i = 0; i <= 11 ; i++) {
3580 /* retrieve Tx power for this channel/rate combination */
3581 int idx = wpi_get_power_index(sc, group, c,
3582 wpi_ridx_to_rate[i]);
3584 txpower.rates[i].rate = wpi_ridx_to_plcp[i];
3586 if (IEEE80211_IS_CHAN_5GHZ(c)) {
3587 txpower.rates[i].gain_radio = wpi_rf_gain_5ghz[idx];
3588 txpower.rates[i].gain_dsp = wpi_dsp_gain_5ghz[idx];
3590 txpower.rates[i].gain_radio = wpi_rf_gain_2ghz[idx];
3591 txpower.rates[i].gain_dsp = wpi_dsp_gain_2ghz[idx];
3593 DPRINTFN(WPI_DEBUG_TEMP,("chan %d/rate %d: power index %d\n",
3594 chan, wpi_ridx_to_rate[i], idx));
3597 return wpi_cmd(sc, WPI_CMD_TXPOWER, &txpower, sizeof txpower, async);
3601 * Determine Tx power index for a given channel/rate combination.
3602 * This takes into account the regulatory information from EEPROM and the
3603 * current temperature.
3606 wpi_get_power_index(struct wpi_softc *sc, struct wpi_power_group *group,
3607 struct ieee80211_channel *c, int rate)
3609 /* fixed-point arithmetic division using a n-bit fractional part */
3610 #define fdivround(a, b, n) \
3611 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n))
3613 /* linear interpolation */
3614 #define interpolate(x, x1, y1, x2, y2, n) \
3615 ((y1) + fdivround(((x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n))
3617 struct ifnet *ifp = sc->sc_ifp;
3618 struct ieee80211com *ic = ifp->if_l2com;
3619 struct wpi_power_sample *sample;
3623 /* get channel number */
3624 chan = ieee80211_chan2ieee(ic, c);
3626 /* default power is group's maximum power - 3dB */
3627 pwr = group->maxpwr / 2;
3629 /* decrease power for highest OFDM rates to reduce distortion */
3631 case 72: /* 36Mb/s */
3632 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 0 : 5;
3634 case 96: /* 48Mb/s */
3635 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 7 : 10;
3637 case 108: /* 54Mb/s */
3638 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 9 : 12;
3642 /* never exceed channel's maximum allowed Tx power */
3643 pwr = min(pwr, sc->maxpwr[chan]);
3645 /* retrieve power index into gain tables from samples */
3646 for (sample = group->samples; sample < &group->samples[3]; sample++)
3647 if (pwr > sample[1].power)
3649 /* fixed-point linear interpolation using a 19-bit fractional part */
3650 idx = interpolate(pwr, sample[0].power, sample[0].index,
3651 sample[1].power, sample[1].index, 19);
3654 * Adjust power index based on current temperature
3655 * - if colder than factory-calibrated: decreate output power
3656 * - if warmer than factory-calibrated: increase output power
3658 idx -= (sc->temp - group->temp) * 11 / 100;
3660 /* decrease power for CCK rates (-5dB) */
3661 if (!WPI_RATE_IS_OFDM(rate))
3664 /* keep power index in a valid range */
3667 if (idx > WPI_MAX_PWR_INDEX)
3668 return WPI_MAX_PWR_INDEX;
3676 * Called by net80211 framework to indicate that a scan
3677 * is starting. This function doesn't actually do the scan,
3678 * wpi_scan_curchan starts things off. This function is more
3679 * of an early warning from the framework we should get ready
3683 wpi_scan_start(struct ieee80211com *ic)
3685 struct ifnet *ifp = ic->ic_ifp;
3686 struct wpi_softc *sc = ifp->if_softc;
3689 wpi_set_led(sc, WPI_LED_LINK, 20, 2);
3694 * Called by the net80211 framework, indicates that the
3695 * scan has ended. If there is a scan in progress on the card
3696 * then it should be aborted.
3699 wpi_scan_end(struct ieee80211com *ic)
3705 * Called by the net80211 framework to indicate to the driver
3706 * that the channel should be changed
3709 wpi_set_channel(struct ieee80211com *ic)
3711 struct ifnet *ifp = ic->ic_ifp;
3712 struct wpi_softc *sc = ifp->if_softc;
3716 * Only need to set the channel in Monitor mode. AP scanning and auth
3717 * are already taken care of by their respective firmware commands.
3719 if (ic->ic_opmode == IEEE80211_M_MONITOR) {
3721 error = wpi_config(sc);
3724 device_printf(sc->sc_dev,
3725 "error %d settting channel\n", error);
3730 * Called by net80211 to indicate that we need to scan the current
3731 * channel. The channel is previously be set via the wpi_set_channel
3735 wpi_scan_curchan(struct ieee80211_scan_state *ss, unsigned long maxdwell)
3737 struct ieee80211vap *vap = ss->ss_vap;
3738 struct ifnet *ifp = vap->iv_ic->ic_ifp;
3739 struct wpi_softc *sc = ifp->if_softc;
3743 ieee80211_cancel_scan(vap);
3748 * Called by the net80211 framework to indicate
3749 * the minimum dwell time has been met, terminate the scan.
3750 * We don't actually terminate the scan as the firmware will notify
3751 * us when it's finished and we have no way to interrupt it.
3754 wpi_scan_mindwell(struct ieee80211_scan_state *ss)
3756 /* NB: don't try to abort scan; wait for firmware to finish */
3760 wpi_hwreset(void *arg, int pending)
3762 struct wpi_softc *sc = arg;
3765 wpi_init_locked(sc, 0);
3770 wpi_rfreset(void *arg, int pending)
3772 struct wpi_softc *sc = arg;
3775 wpi_rfkill_resume(sc);
3780 * Allocate DMA-safe memory for firmware transfer.
3783 wpi_alloc_fwmem(struct wpi_softc *sc)
3785 /* allocate enough contiguous space to store text and data */
3786 return wpi_dma_contig_alloc(sc, &sc->fw_dma, NULL,
3787 WPI_FW_MAIN_TEXT_MAXSZ + WPI_FW_MAIN_DATA_MAXSZ, 1,
3792 wpi_free_fwmem(struct wpi_softc *sc)
3794 wpi_dma_contig_free(&sc->fw_dma);
3798 * Called every second, wpi_watchdog used by the watch dog timer
3799 * to check that the card is still alive
3802 wpi_watchdog(void *arg)
3804 struct wpi_softc *sc = arg;
3805 struct ifnet *ifp = sc->sc_ifp;
3806 struct ieee80211com *ic = ifp->if_l2com;
3809 DPRINTFN(WPI_DEBUG_WATCHDOG,("Watchdog: tick\n"));
3811 if (sc->flags & WPI_FLAG_HW_RADIO_OFF) {
3812 /* No need to lock firmware memory */
3813 tmp = wpi_mem_read(sc, WPI_MEM_HW_RADIO_OFF);
3815 if ((tmp & 0x1) == 0) {
3816 /* Radio kill switch is still off */
3817 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc);
3821 device_printf(sc->sc_dev, "Hardware Switch Enabled\n");
3822 ieee80211_runtask(ic, &sc->sc_radiotask);
3826 if (sc->sc_tx_timer > 0) {
3827 if (--sc->sc_tx_timer == 0) {
3828 device_printf(sc->sc_dev,"device timeout\n");
3829 #if defined(__DragonFly__)
3830 IFNET_STAT_INC(ifp, oerrors, 1);
3832 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
3834 ieee80211_runtask(ic, &sc->sc_restarttask);
3837 if (sc->sc_scan_timer > 0) {
3838 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
3839 if (--sc->sc_scan_timer == 0 && vap != NULL) {
3840 device_printf(sc->sc_dev,"scan timeout\n");
3841 ieee80211_cancel_scan(vap);
3842 ieee80211_runtask(ic, &sc->sc_restarttask);
3846 #if defined(__DragonFly__)
3847 if (ifp->if_flags & IFF_RUNNING)
3848 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc);
3850 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
3851 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc);
3855 #if defined(__DragonFly__)
3857 wpi_sleep(struct wpi_softc *sc, void *wchan,
3858 int flags, const char *wmsg, int timo)
3862 iws = wlan_is_serialized();
3864 wlan_serialize_exit();
3865 error = lksleep(wchan, &sc->sc_mtx, flags, wmsg, timo);
3867 wlan_serialize_enter();
3874 static const char *wpi_cmd_str(int cmd)
3877 case WPI_DISABLE_CMD: return "WPI_DISABLE_CMD";
3878 case WPI_CMD_CONFIGURE: return "WPI_CMD_CONFIGURE";
3879 case WPI_CMD_ASSOCIATE: return "WPI_CMD_ASSOCIATE";
3880 case WPI_CMD_SET_WME: return "WPI_CMD_SET_WME";
3881 case WPI_CMD_TSF: return "WPI_CMD_TSF";
3882 case WPI_CMD_ADD_NODE: return "WPI_CMD_ADD_NODE";
3883 case WPI_CMD_TX_DATA: return "WPI_CMD_TX_DATA";
3884 case WPI_CMD_MRR_SETUP: return "WPI_CMD_MRR_SETUP";
3885 case WPI_CMD_SET_LED: return "WPI_CMD_SET_LED";
3886 case WPI_CMD_SET_POWER_MODE: return "WPI_CMD_SET_POWER_MODE";
3887 case WPI_CMD_SCAN: return "WPI_CMD_SCAN";
3888 case WPI_CMD_SET_BEACON:return "WPI_CMD_SET_BEACON";
3889 case WPI_CMD_TXPOWER: return "WPI_CMD_TXPOWER";
3890 case WPI_CMD_BLUETOOTH: return "WPI_CMD_BLUETOOTH";
3893 KASSERT(1, ("Unknown Command: %d", cmd));
3894 return "UNKNOWN CMD"; /* Make the compiler happy */
3899 MODULE_DEPEND(wpi, pci, 1, 1, 1);
3900 MODULE_DEPEND(wpi, wlan, 1, 1, 1);
3901 MODULE_DEPEND(wpi, firmware, 1, 1, 1);
tuxillo's projects / dragonfly.git / blob