2 * Copyright (c) 2006 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
5 * by Sepherosa Ziehau <sepherosa@gmail.com>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * Copyright (c) 2003-2004 wlan.kewl.org Project
38 * All rights reserved.
40 * $Id: LICENSE,v 1.1.1.1 2004/07/01 12:20:39 darron Exp $
42 * Redistribution and use in source and binary forms, with or without
43 * modification, are permitted provided that the following conditions
46 * 1. Redistributions of source code must retain the above copyright
47 * notice, this list of conditions and the following disclaimer.
49 * 2. Redistributions in binary form must reproduce the above copyright
50 * notice, this list of conditions and the following disclaimer in the
51 * documentation and/or other materials provided with the distribution.
53 * 3. All advertising materials mentioning features or use of this software
54 * must display the following acknowledgement:
56 * This product includes software developed by the wlan.kewl.org Project.
58 * 4. Neither the name of the wlan.kewl.org Project nor the names of its
59 * contributors may be used to endorse or promote products derived from
60 * this software without specific prior written permission.
62 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
63 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
64 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
65 * THE wlan.kewl.org Project BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
66 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
67 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
68 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
69 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
70 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
71 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
74 #include <sys/param.h>
75 #include <sys/endian.h>
76 #include <sys/kernel.h>
78 #include <sys/firmware.h>
79 #include <sys/interrupt.h>
80 #include <sys/malloc.h>
83 #include <sys/serialize.h>
84 #include <sys/socket.h>
85 #include <sys/sockio.h>
86 #include <sys/sysctl.h>
88 #include <net/ethernet.h>
91 #include <net/if_arp.h>
92 #include <net/if_dl.h>
93 #include <net/if_media.h>
94 #include <net/ifq_var.h>
96 #include <netproto/802_11/ieee80211_var.h>
97 #include <netproto/802_11/ieee80211_radiotap.h>
98 #include <netproto/802_11/wlan_ratectl/amrr/ieee80211_amrr_param.h>
99 #include <netproto/802_11/wlan_ratectl/onoe/ieee80211_onoe_param.h>
101 #include <bus/pci/pcireg.h>
102 #include <bus/pci/pcivar.h>
103 #include <bus/pci/pcidevs.h>
107 #include <dev/netif/acx/if_acxreg.h>
108 #include <dev/netif/acx/if_acxvar.h>
109 #include <dev/netif/acx/acxcmd.h>
111 static int acx_probe(device_t);
112 static int acx_attach(device_t);
113 static int acx_detach(device_t);
114 static int acx_shutdown(device_t);
116 static void acx_init(void *);
117 static void acx_start(struct ifnet *, struct ifaltq_subque *);
118 static int acx_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
119 static void acx_watchdog(struct ifnet *);
121 static void acx_intr(void *);
122 static void acx_txeof(struct acx_softc *);
123 static void acx_txerr(struct acx_softc *, uint8_t);
124 static void acx_rxeof(struct acx_softc *);
125 static void acx_disable_intr(struct acx_softc *);
126 static void acx_enable_intr(struct acx_softc *);
128 static int acx_reset(struct acx_softc *);
129 static int acx_stop(struct acx_softc *);
130 static void acx_init_info_reg(struct acx_softc *);
131 static int acx_config(struct acx_softc *);
132 static int acx_read_config(struct acx_softc *, struct acx_config *);
133 static int acx_write_config(struct acx_softc *, struct acx_config *);
134 static int acx_rx_config(struct acx_softc *, int);
135 static int acx_set_crypt_keys(struct acx_softc *);
136 static void acx_calibrate(void *);
138 static int acx_dma_alloc(struct acx_softc *);
139 static void acx_dma_free(struct acx_softc *);
140 static int acx_init_tx_ring(struct acx_softc *);
141 static int acx_init_rx_ring(struct acx_softc *);
142 static int acx_newbuf(struct acx_softc *, struct acx_rxbuf *, int);
143 static int acx_encap(struct acx_softc *, struct acx_txbuf *,
144 struct mbuf *, struct ieee80211_node *);
146 static int acx_set_null_tmplt(struct acx_softc *);
147 static int acx_set_probe_req_tmplt(struct acx_softc *, const char *, int);
148 static int acx_set_probe_resp_tmplt(struct acx_softc *,
149 struct ieee80211_node *);
150 static int acx_set_beacon_tmplt(struct acx_softc *,
151 struct ieee80211_node *);
153 static int acx_read_eeprom(struct acx_softc *, uint32_t, uint8_t *);
154 static int acx_read_phyreg(struct acx_softc *, uint32_t, uint8_t *);
156 static int acx_alloc_firmware(struct acx_softc *);
157 static void acx_free_firmware(struct acx_softc *);
158 static int acx_setup_firmware(struct acx_softc *, struct fw_image *,
159 const uint8_t **, int *);
160 static int acx_load_firmware(struct acx_softc *, uint32_t,
161 const uint8_t *, int);
162 static int acx_load_radio_firmware(struct acx_softc *, const uint8_t *,
164 static int acx_load_base_firmware(struct acx_softc *, const uint8_t *,
167 static void acx_next_scan(void *);
168 static int acx_set_chan(struct acx_softc *, struct ieee80211_channel *);
170 static int acx_media_change(struct ifnet *);
171 static int acx_newstate(struct ieee80211com *, enum ieee80211_state, int);
173 static int acx_sysctl_msdu_lifetime(SYSCTL_HANDLER_ARGS);
174 static int acx_sysctl_free_firmware(SYSCTL_HANDLER_ARGS);
176 const struct ieee80211_rateset acx_rates_11b =
177 { 4, { 2, 4, 11, 22 } };
178 const struct ieee80211_rateset acx_rates_11g =
179 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
180 const struct ieee80211_rateset acx_rates_11b_pbcc =
181 { 5, { 2, 4, 11, 22, 44 } };
182 const struct ieee80211_rateset acx_rates_11g_pbcc =
183 { 13, { 2, 4, 11, 22, 44, 12, 18, 24, 36, 48, 72, 96, 108 } };
185 int acx_enable_pbcc = 1;
186 TUNABLE_INT("hw.acx.enable_pbcc", &acx_enable_pbcc);
188 static const struct acx_device {
191 void (*set_param)(device_t);
194 { PCI_VENDOR_TI, PCI_PRODUCT_TI_ACX100A, acx100_set_param,
195 "Texas Instruments TNETW1100A Wireless Adapter" },
196 { PCI_VENDOR_TI, PCI_PRODUCT_TI_ACX100B, acx100_set_param,
197 "Texas Instruments TNETW1100B Wireless Adapter" },
198 { PCI_VENDOR_TI, PCI_PRODUCT_TI_ACX111, acx111_set_param,
199 "Texas Instruments TNETW1130 Wireless Adapter" },
203 static device_method_t acx_methods[] = {
204 DEVMETHOD(device_probe, acx_probe),
205 DEVMETHOD(device_attach, acx_attach),
206 DEVMETHOD(device_detach, acx_detach),
207 DEVMETHOD(device_shutdown, acx_shutdown),
209 DEVMETHOD(device_suspend, acx_suspend),
210 DEVMETHOD(device_resume, acx_resume),
215 static driver_t acx_driver = {
218 sizeof(struct acx_softc)
221 static devclass_t acx_devclass;
223 DRIVER_MODULE(acx, pci, acx_driver, acx_devclass, NULL, NULL);
224 DRIVER_MODULE(acx, cardbus, acx_driver, acx_devclass, NULL, NULL);
226 MODULE_DEPEND(acx, wlan, 1, 1, 1);
227 MODULE_DEPEND(acx, wlan_ratectl_onoe, 1, 1, 1);
228 MODULE_DEPEND(acx, wlan_ratectl_amrr, 1, 1, 1);
229 MODULE_DEPEND(acx, pci, 1, 1, 1);
230 MODULE_DEPEND(acx, cardbus, 1, 1, 1);
233 acx_get_rssi(struct acx_softc *sc, uint8_t raw)
237 rssi = ((sc->chip_rssi_corr / 2) + (raw * 5)) / sc->chip_rssi_corr;
238 return rssi > 100 ? 100 : rssi;
242 acx_probe(device_t dev)
244 const struct acx_device *a;
247 vid = pci_get_vendor(dev);
248 did = pci_get_device(dev);
249 for (a = acx_devices; a->desc != NULL; ++a) {
250 if (vid == a->vid && did == a->did) {
252 device_set_desc(dev, a->desc);
260 acx_attach(device_t dev)
262 struct acx_softc *sc;
264 struct ieee80211com *ic;
267 sc = device_get_softc(dev);
271 if_initname(ifp, device_get_name(dev), device_get_unit(dev));
274 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) {
275 uint32_t mem1, mem2, irq;
277 mem1 = pci_read_config(dev, sc->chip_mem1_rid, 4);
278 mem2 = pci_read_config(dev, sc->chip_mem2_rid, 4);
279 irq = pci_read_config(dev, PCIR_INTLINE, 4);
281 device_printf(dev, "chip is in D%d power mode "
282 "-- setting to D0\n", pci_get_powerstate(dev));
284 pci_set_powerstate(dev, PCI_POWERSTATE_D0);
286 pci_write_config(dev, sc->chip_mem1_rid, mem1, 4);
287 pci_write_config(dev, sc->chip_mem2_rid, mem2, 4);
288 pci_write_config(dev, PCIR_INTLINE, irq, 4);
290 #endif /* !BURN_BRIDGE */
292 /* Enable bus mastering */
293 pci_enable_busmaster(dev);
295 /* Allocate IO memory 1 */
296 sc->sc_mem1_res = bus_alloc_resource_any(dev, SYS_RES_MEMORY,
299 if (sc->sc_mem1_res == NULL) {
301 device_printf(dev, "can't allocate IO mem1\n");
304 sc->sc_mem1_bt = rman_get_bustag(sc->sc_mem1_res);
305 sc->sc_mem1_bh = rman_get_bushandle(sc->sc_mem1_res);
307 /* Allocate IO memory 2 */
308 sc->sc_mem2_res = bus_alloc_resource_any(dev, SYS_RES_MEMORY,
311 if (sc->sc_mem2_res == NULL) {
313 device_printf(dev, "can't allocate IO mem2\n");
316 sc->sc_mem2_bt = rman_get_bustag(sc->sc_mem2_res);
317 sc->sc_mem2_bh = rman_get_bushandle(sc->sc_mem2_res);
320 sc->sc_irq_res = bus_alloc_resource_any(dev, SYS_RES_IRQ,
322 RF_SHAREABLE | RF_ACTIVE);
323 if (sc->sc_irq_res == NULL) {
325 device_printf(dev, "can't allocate intr\n");
329 /* Initialize channel scanning timer */
330 callout_init(&sc->sc_scan_timer);
332 /* Initialize calibration timer */
333 callout_init(&sc->sc_calibrate_timer);
335 /* Allocate busdma stuffs */
336 error = acx_dma_alloc(sc);
341 error = acx_reset(sc);
345 /* Disable interrupts before firmware is loaded */
346 acx_disable_intr(sc);
348 /* Get radio type and form factor */
349 #define EEINFO_RETRY_MAX 50
350 for (i = 0; i < EEINFO_RETRY_MAX; ++i) {
353 ee_info = CSR_READ_2(sc, ACXREG_EEPROM_INFO);
354 if (ACX_EEINFO_HAS_RADIO_TYPE(ee_info)) {
355 sc->sc_form_factor = ACX_EEINFO_FORM_FACTOR(ee_info);
356 sc->sc_radio_type = ACX_EEINFO_RADIO_TYPE(ee_info);
361 if (i == EEINFO_RETRY_MAX) {
365 #undef EEINFO_RETRY_MAX
367 DPRINTF((&sc->sc_ic.ic_if, "radio type %02x\n", sc->sc_radio_type));
370 for (i = 0; i < 0x40; ++i) {
373 error = acx_read_eeprom(sc, i, &val);
376 kprintf("%02x ", val);
379 #endif /* DUMP_EEPROM */
381 /* Get EEPROM version */
382 error = acx_read_eeprom(sc, ACX_EE_VERSION_OFS, &sc->sc_eeprom_ver);
385 DPRINTF((&sc->sc_ic.ic_if, "EEPROM version %u\n", sc->sc_eeprom_ver));
388 * Initialize device sysctl before ieee80211_ifattach()
390 sc->sc_long_retry_limit = 4;
391 sc->sc_msdu_lifetime = 4096;
392 sc->sc_scan_dwell = 200; /* 200 milliseconds */
393 sc->sc_calib_intvl = 3 * 60; /* 3 minutes */
395 sysctl_ctx_init(&sc->sc_sysctl_ctx);
396 sc->sc_sysctl_tree = SYSCTL_ADD_NODE(&sc->sc_sysctl_ctx,
397 SYSCTL_STATIC_CHILDREN(_hw),
399 device_get_nameunit(dev),
401 if (sc->sc_sysctl_tree == NULL) {
402 device_printf(dev, "can't add sysctl node\n");
406 SYSCTL_ADD_PROC(&sc->sc_sysctl_ctx,
407 SYSCTL_CHILDREN(sc->sc_sysctl_tree),
408 OID_AUTO, "msdu_lifetime",
409 CTLTYPE_INT | CTLFLAG_RW,
410 sc, 0, acx_sysctl_msdu_lifetime, "I",
412 SYSCTL_ADD_INT(&sc->sc_sysctl_ctx,
413 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
414 "long_retry_limit", CTLFLAG_RW,
415 &sc->sc_long_retry_limit, 0, "Long retry limit");
416 SYSCTL_ADD_INT(&sc->sc_sysctl_ctx,
417 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
418 "scan_dwell", CTLFLAG_RW,
419 &sc->sc_scan_dwell, 0, "Scan channel dwell time (ms)");
420 SYSCTL_ADD_INT(&sc->sc_sysctl_ctx,
421 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
422 "calib_intvl", CTLFLAG_RW,
423 &sc->sc_calib_intvl, 0, "Calibration interval (second)");
426 * Nodes for firmware operation
428 SYSCTL_ADD_INT(&sc->sc_sysctl_ctx,
429 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
430 "combined_radio_fw", CTLFLAG_RW,
431 &sc->sc_firmware.combined_radio_fw, 0,
432 "Radio and base firmwares are combined");
433 SYSCTL_ADD_PROC(&sc->sc_sysctl_ctx,
434 SYSCTL_CHILDREN(sc->sc_sysctl_tree),
436 CTLTYPE_INT | CTLFLAG_RW,
437 sc, 0, acx_sysctl_free_firmware, "I",
441 * Nodes for statistics
443 SYSCTL_ADD_UQUAD(&sc->sc_sysctl_ctx,
444 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
445 "frag_error", CTLFLAG_RW, &sc->sc_stats.err_oth_frag,
446 0, "Fragment errors");
447 SYSCTL_ADD_UQUAD(&sc->sc_sysctl_ctx,
448 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
449 "tx_abort", CTLFLAG_RW, &sc->sc_stats.err_abort,
451 SYSCTL_ADD_UQUAD(&sc->sc_sysctl_ctx,
452 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
453 "tx_invalid", CTLFLAG_RW, &sc->sc_stats.err_param,
454 0, "Invalid TX param in TX descriptor");
455 SYSCTL_ADD_UQUAD(&sc->sc_sysctl_ctx,
456 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
457 "no_wepkey", CTLFLAG_RW, &sc->sc_stats.err_no_wepkey,
458 0, "No WEP key exists");
459 SYSCTL_ADD_UQUAD(&sc->sc_sysctl_ctx,
460 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
461 "msdu_timeout", CTLFLAG_RW,
462 &sc->sc_stats.err_msdu_timeout,
464 SYSCTL_ADD_UQUAD(&sc->sc_sysctl_ctx,
465 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
466 "ex_txretry", CTLFLAG_RW, &sc->sc_stats.err_ex_retry,
467 0, "Excessive TX retries");
468 SYSCTL_ADD_UQUAD(&sc->sc_sysctl_ctx,
469 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
470 "buf_oflow", CTLFLAG_RW, &sc->sc_stats.err_buf_oflow,
471 0, "Buffer overflows");
472 SYSCTL_ADD_UQUAD(&sc->sc_sysctl_ctx,
473 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
474 "dma_error", CTLFLAG_RW, &sc->sc_stats.err_dma,
476 SYSCTL_ADD_UQUAD(&sc->sc_sysctl_ctx,
477 SYSCTL_CHILDREN(sc->sc_sysctl_tree), OID_AUTO,
478 "unkn_error", CTLFLAG_RW, &sc->sc_stats.err_unkn,
479 0, "Unknown errors");
482 ifp->if_init = acx_init;
483 ifp->if_ioctl = acx_ioctl;
484 ifp->if_start = acx_start;
485 ifp->if_watchdog = acx_watchdog;
486 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST;
487 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN);
488 ifq_set_ready(&ifp->if_snd);
491 for (i = 1; i <= 14; ++i) {
492 ic->ic_channels[i].ic_freq =
493 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
494 ic->ic_channels[i].ic_flags = sc->chip_chan_flags;
497 ic->ic_opmode = IEEE80211_M_STA;
498 ic->ic_state = IEEE80211_S_INIT;
501 * NOTE: Don't overwrite ic_caps set by chip specific code
503 ic->ic_caps |= IEEE80211_C_WEP | /* WEP */
504 IEEE80211_C_HOSTAP | /* HostAP mode */
505 IEEE80211_C_MONITOR | /* Monitor mode */
506 IEEE80211_C_IBSS | /* IBSS modes */
507 IEEE80211_C_SHPREAMBLE; /* Short preamble */
509 ic->ic_caps_ext = IEEE80211_CEXT_PBCC; /* PBCC modulation */
512 for (i = 0; i < IEEE80211_ADDR_LEN; ++i) {
513 error = acx_read_eeprom(sc, sc->chip_ee_eaddr_ofs - i,
517 ieee80211_ifattach(ic);
519 /* Enable software beacon missing */
520 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS;
522 /* Override newstate */
523 sc->sc_newstate = ic->ic_newstate;
524 ic->ic_newstate = acx_newstate;
526 ieee80211_media_init(ic, acx_media_change, ieee80211_media_status);
529 * Radio tap attaching
531 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO,
532 sizeof(struct ieee80211_frame) + sizeof(sc->sc_tx_th),
535 sc->sc_tx_th_len = roundup(sizeof(sc->sc_tx_th), sizeof(uint32_t));
536 sc->sc_tx_th.wt_ihdr.it_len = htole16(sc->sc_tx_th_len);
537 sc->sc_tx_th.wt_ihdr.it_present = htole32(ACX_TX_RADIOTAP_PRESENT);
539 sc->sc_rx_th_len = roundup(sizeof(sc->sc_rx_th), sizeof(uint32_t));
540 sc->sc_rx_th.wr_ihdr.it_len = htole16(sc->sc_rx_th_len);
541 sc->sc_rx_th.wr_ihdr.it_present = htole32(ACX_RX_RADIOTAP_PRESENT);
543 error = bus_setup_intr(dev, sc->sc_irq_res, INTR_MPSAFE, acx_intr, sc,
544 &sc->sc_irq_handle, ifp->if_serializer);
546 device_printf(dev, "can't set up interrupt\n");
548 ieee80211_ifdetach(ic);
552 ifq_set_cpuid(&ifp->if_snd, rman_get_cpuid(sc->sc_irq_res));
555 ieee80211_announce(ic);
564 acx_detach(device_t dev)
566 struct acx_softc *sc = device_get_softc(dev);
568 if (device_is_attached(dev)) {
569 struct ieee80211com *ic = &sc->sc_ic;
570 struct ifnet *ifp = &ic->ic_if;
572 lwkt_serialize_enter(ifp->if_serializer);
575 acx_free_firmware(sc);
576 bus_teardown_intr(dev, sc->sc_irq_res, sc->sc_irq_handle);
578 lwkt_serialize_exit(ifp->if_serializer);
581 ieee80211_ifdetach(ic);
584 if (sc->sc_sysctl_tree != NULL)
585 sysctl_ctx_free(&sc->sc_sysctl_ctx);
587 if (sc->sc_irq_res != NULL) {
588 bus_release_resource(dev, SYS_RES_IRQ, sc->sc_irq_rid,
591 if (sc->sc_mem1_res != NULL) {
592 bus_release_resource(dev, SYS_RES_MEMORY, sc->chip_mem1_rid,
595 if (sc->sc_mem2_res != NULL) {
596 bus_release_resource(dev, SYS_RES_MEMORY, sc->chip_mem2_rid,
605 acx_shutdown(device_t dev)
607 struct acx_softc *sc = device_get_softc(dev);
609 lwkt_serialize_enter(sc->sc_ic.ic_if.if_serializer);
611 lwkt_serialize_exit(sc->sc_ic.ic_if.if_serializer);
618 struct acx_softc *sc = arg;
619 struct ieee80211com *ic = &sc->sc_ic;
620 struct ifnet *ifp = &ic->ic_if;
621 struct acx_firmware *fw = &sc->sc_firmware;
624 error = acx_stop(sc);
628 error = acx_alloc_firmware(sc);
632 error = acx_init_tx_ring(sc);
634 if_printf(ifp, "can't initialize TX ring\n");
638 error = acx_init_rx_ring(sc);
640 if_printf(ifp, "can't initialize RX ring\n");
644 error = acx_load_base_firmware(sc, fw->base_fw, fw->base_fw_len);
649 * Initialize command and information registers
650 * NOTE: This should be done after base firmware is loaded
652 acx_init_cmd_reg(sc);
653 acx_init_info_reg(sc);
655 sc->sc_flags |= ACX_FLAG_FW_LOADED;
658 if (sc->chip_post_basefw != NULL) {
659 error = sc->chip_post_basefw(sc);
665 if (fw->radio_fw != NULL) {
666 error = acx_load_radio_firmware(sc, fw->radio_fw,
672 error = sc->chip_init(sc);
676 /* Get and set device various configuration */
677 error = acx_config(sc);
681 /* Setup crypto stuffs */
682 if (sc->sc_ic.ic_flags & IEEE80211_F_PRIVACY) {
683 error = acx_set_crypt_keys(sc);
686 sc->sc_ic.ic_flags &= ~IEEE80211_F_DROPUNENC;
689 /* Turn on power led */
690 CSR_CLRB_2(sc, ACXREG_GPIO_OUT, sc->chip_gpio_pled);
694 ifp->if_flags |= IFF_RUNNING;
695 ifq_clr_oactive(&ifp->if_snd);
697 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
698 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)
699 ieee80211_new_state(&sc->sc_ic, IEEE80211_S_SCAN, -1);
701 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
709 acx_init_info_reg(struct acx_softc *sc)
711 sc->sc_info = CSR_READ_4(sc, ACXREG_INFO_REG_OFFSET);
712 sc->sc_info_param = sc->sc_info + ACX_INFO_REG_SIZE;
716 acx_set_crypt_keys(struct acx_softc *sc)
718 struct ieee80211com *ic = &sc->sc_ic;
719 struct acx_conf_wep_txkey wep_txkey;
720 int i, error, got_wk = 0;
722 for (i = 0; i < IEEE80211_WEP_NKID; ++i) {
723 struct ieee80211_key *wk = &ic->ic_nw_keys[i];
725 if (wk->wk_keylen == 0)
728 if (sc->chip_hw_crypt) {
729 error = sc->chip_set_wepkey(sc, wk, i);
733 } else if (wk->wk_flags & IEEE80211_KEY_XMIT) {
734 wk->wk_flags |= IEEE80211_KEY_SWCRYPT;
738 if (!got_wk || sc->chip_hw_crypt ||
739 ic->ic_def_txkey == IEEE80211_KEYIX_NONE)
742 /* Set current WEP key index */
743 wep_txkey.wep_txkey = ic->ic_def_txkey;
744 if (acx_set_wep_txkey_conf(sc, &wep_txkey) != 0) {
745 if_printf(&ic->ic_if, "set WEP txkey failed\n");
752 acx_next_scan(void *arg)
754 struct acx_softc *sc = arg;
755 struct ieee80211com *ic = &sc->sc_ic;
756 struct ifnet *ifp = &ic->ic_if;
758 lwkt_serialize_enter(ifp->if_serializer);
760 if (ic->ic_state == IEEE80211_S_SCAN)
761 ieee80211_next_scan(ic);
763 lwkt_serialize_exit(ifp->if_serializer);
767 acx_stop(struct acx_softc *sc)
769 struct ieee80211com *ic = &sc->sc_ic;
770 struct ifnet *ifp = &ic->ic_if;
771 struct acx_buf_data *bd = &sc->sc_buf_data;
772 struct acx_ring_data *rd = &sc->sc_ring_data;
775 ASSERT_SERIALIZED(ifp->if_serializer);
777 ieee80211_new_state(&sc->sc_ic, IEEE80211_S_INIT, -1);
779 sc->sc_firmware_ver = 0;
780 sc->sc_hardware_id = 0;
783 error = acx_reset(sc);
787 /* Firmware no longer functions after hardware reset */
788 sc->sc_flags &= ~ACX_FLAG_FW_LOADED;
790 acx_disable_intr(sc);
792 /* Stop backgroud scanning */
793 callout_stop(&sc->sc_scan_timer);
795 /* Turn off power led */
796 CSR_SETB_2(sc, ACXREG_GPIO_OUT, sc->chip_gpio_pled);
799 for (i = 0; i < ACX_TX_DESC_CNT; ++i) {
800 struct acx_txbuf *buf;
802 buf = &bd->tx_buf[i];
804 if (buf->tb_mbuf != NULL) {
805 bus_dmamap_unload(bd->mbuf_dma_tag,
806 buf->tb_mbuf_dmamap);
807 m_freem(buf->tb_mbuf);
811 if (buf->tb_node != NULL)
812 ieee80211_free_node(buf->tb_node);
816 /* Clear TX host descriptors */
817 bzero(rd->tx_ring, ACX_TX_RING_SIZE);
820 for (i = 0; i < ACX_RX_DESC_CNT; ++i) {
821 if (bd->rx_buf[i].rb_mbuf != NULL) {
822 bus_dmamap_unload(bd->mbuf_dma_tag,
823 bd->rx_buf[i].rb_mbuf_dmamap);
824 m_freem(bd->rx_buf[i].rb_mbuf);
825 bd->rx_buf[i].rb_mbuf = NULL;
829 /* Clear RX host descriptors */
830 bzero(rd->rx_ring, ACX_RX_RING_SIZE);
834 ifp->if_flags &= ~IFF_RUNNING;
835 ifq_clr_oactive(&ifp->if_snd);
841 acx_config(struct acx_softc *sc)
843 struct acx_config conf;
846 error = acx_read_config(sc, &conf);
850 error = acx_write_config(sc, &conf);
854 error = acx_rx_config(sc, sc->sc_flags & ACX_FLAG_PROMISC);
858 if (acx_set_probe_req_tmplt(sc, "", 0) != 0) {
859 if_printf(&sc->sc_ic.ic_if, "can't set probe req template "
865 if (acx_set_null_tmplt(sc) != 0) {
866 if_printf(&sc->sc_ic.ic_if, "can't set null data template\n");
873 acx_read_config(struct acx_softc *sc, struct acx_config *conf)
875 struct acx_conf_eaddr addr;
876 struct acx_conf_regdom reg_dom;
877 struct acx_conf_antenna ant;
878 struct acx_conf_fwrev fw_rev;
879 char ethstr[ETHER_ADDRSTRLEN + 1];
885 if (acx_get_eaddr_conf(sc, &addr) != 0) {
886 if_printf(&sc->sc_ic.ic_if, "can't get station id\n");
891 * Get and print station id in case that EEPROM station id's
892 * offset is not correct
894 for (i = 0; i < IEEE80211_ADDR_LEN; ++i)
895 conf->eaddr[IEEE80211_ADDR_LEN - 1 - i] = addr.eaddr[i];
896 if_printf(&sc->sc_ic.ic_if, "MAC address (from firmware): %s\n",
897 kether_ntoa(conf->eaddr, ethstr));
899 /* Get region domain */
900 if (acx_get_regdom_conf(sc, ®_dom) != 0) {
901 if_printf(&sc->sc_ic.ic_if, "can't get region domain\n");
904 conf->regdom = reg_dom.regdom;
905 DPRINTF((&sc->sc_ic.ic_if, "regdom %02x\n", reg_dom.regdom));
908 if (acx_get_antenna_conf(sc, &ant) != 0) {
909 if_printf(&sc->sc_ic.ic_if, "can't get antenna\n");
912 conf->antenna = ant.antenna;
913 DPRINTF((&sc->sc_ic.ic_if, "antenna %02x\n", ant.antenna));
915 /* Get sensitivity XXX not used */
916 if (sc->sc_radio_type == ACX_RADIO_TYPE_MAXIM ||
917 sc->sc_radio_type == ACX_RADIO_TYPE_RFMD ||
918 sc->sc_radio_type == ACX_RADIO_TYPE_RALINK) {
919 error = acx_read_phyreg(sc, ACXRV_PHYREG_SENSITIVITY, &sen);
921 if_printf(&sc->sc_ic.ic_if, "can't get sensitivity\n");
927 DPRINTF((&sc->sc_ic.ic_if, "sensitivity %02x\n", sen));
929 /* Get firmware revision */
930 if (acx_get_fwrev_conf(sc, &fw_rev) != 0) {
931 if_printf(&sc->sc_ic.ic_if, "can't get firmware revision\n");
935 if (strncmp(fw_rev.fw_rev, "Rev ", 4) != 0) {
936 if_printf(&sc->sc_ic.ic_if, "strange revision string -- %s\n",
938 fw_rev_no = 0x01090407;
947 s = &fw_rev.fw_rev[4];
949 for (i = 0; i < 4; ++i) {
952 val = strtoul(s, &endp, 16);
953 fw_rev_no |= val << ((3 - i) * 8);
961 sc->sc_firmware_ver = fw_rev_no;
962 sc->sc_hardware_id = le32toh(fw_rev.hw_id);
963 DPRINTF((&sc->sc_ic.ic_if, "fw rev %08x, hw id %08x\n",
964 sc->sc_firmware_ver, sc->sc_hardware_id));
966 if (sc->chip_read_config != NULL) {
967 error = sc->chip_read_config(sc, conf);
975 acx_write_config(struct acx_softc *sc, struct acx_config *conf)
977 struct acx_conf_nretry_short sretry;
978 struct acx_conf_nretry_long lretry;
979 struct acx_conf_msdu_lifetime msdu_lifetime;
980 struct acx_conf_rate_fallback rate_fb;
981 struct acx_conf_antenna ant;
982 struct acx_conf_regdom reg_dom;
985 /* Set number of long/short retry */
986 KKASSERT(sc->chip_short_retry_limit > 0);
987 sretry.nretry = sc->chip_short_retry_limit;
988 if (acx_set_nretry_short_conf(sc, &sretry) != 0) {
989 if_printf(&sc->sc_ic.ic_if, "can't set short retry limit\n");
993 lretry.nretry = sc->sc_long_retry_limit;
994 if (acx_set_nretry_long_conf(sc, &lretry) != 0) {
995 if_printf(&sc->sc_ic.ic_if, "can't set long retry limit\n");
999 /* Set MSDU lifetime */
1000 msdu_lifetime.lifetime = htole32(sc->sc_msdu_lifetime);
1001 if (acx_set_msdu_lifetime_conf(sc, &msdu_lifetime) != 0) {
1002 if_printf(&sc->sc_ic.ic_if, "can't set MSDU lifetime\n");
1006 /* Enable rate fallback */
1007 rate_fb.ratefb_enable = 1;
1008 if (acx_set_rate_fallback_conf(sc, &rate_fb) != 0) {
1009 if_printf(&sc->sc_ic.ic_if, "can't enable rate fallback\n");
1014 ant.antenna = conf->antenna;
1015 if (acx_set_antenna_conf(sc, &ant) != 0) {
1016 if_printf(&sc->sc_ic.ic_if, "can't set antenna\n");
1020 /* Set region domain */
1021 reg_dom.regdom = conf->regdom;
1022 if (acx_set_regdom_conf(sc, ®_dom) != 0) {
1023 if_printf(&sc->sc_ic.ic_if, "can't set region domain\n");
1027 if (sc->chip_write_config != NULL) {
1028 error = sc->chip_write_config(sc, conf);
1037 acx_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
1039 struct acx_softc *sc = ifp->if_softc;
1040 struct ieee80211com *ic = &sc->sc_ic;
1047 if (ifp->if_flags & IFF_UP) {
1048 if ((ifp->if_flags & IFF_RUNNING)) {
1051 if ((ifp->if_flags & IFF_PROMISC) &&
1052 (sc->sc_flags & ACX_FLAG_PROMISC) == 0)
1054 else if ((ifp->if_flags & IFF_PROMISC) == 0 &&
1055 (sc->sc_flags & ACX_FLAG_PROMISC))
1059 * Promisc mode is always enabled when
1060 * operation mode is Monitor.
1062 if (ic->ic_opmode != IEEE80211_M_MONITOR &&
1064 error = acx_rx_config(sc, promisc);
1069 if (ifp->if_flags & IFF_RUNNING)
1073 if (ifp->if_flags & IFF_PROMISC)
1074 sc->sc_flags |= ACX_FLAG_PROMISC;
1076 sc->sc_flags &= ~ACX_FLAG_PROMISC;
1083 error = ieee80211_ioctl(ic, cmd, data, cr);
1087 if (error == ENETRESET) {
1088 if ((ifp->if_flags & (IFF_RUNNING | IFF_UP)) ==
1089 (IFF_RUNNING | IFF_UP))
1097 acx_start(struct ifnet *ifp, struct ifaltq_subque *ifsq)
1099 struct acx_softc *sc = ifp->if_softc;
1100 struct ieee80211com *ic = &sc->sc_ic;
1101 struct acx_buf_data *bd = &sc->sc_buf_data;
1102 struct acx_txbuf *buf;
1105 ASSERT_ALTQ_SQ_DEFAULT(ifp, ifsq);
1106 ASSERT_SERIALIZED(ifp->if_serializer);
1108 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0) {
1109 ifq_purge(&ifp->if_snd);
1110 ieee80211_drain_mgtq(&ic->ic_mgtq);
1114 if ((ifp->if_flags & IFF_RUNNING) == 0 || ifq_is_oactive(ifp->if_snd))
1119 * We can't start from a random position that TX descriptor
1120 * is free, since hardware will be confused by that.
1121 * We have to follow the order of the TX ring.
1123 idx = bd->tx_free_start;
1125 for (buf = &bd->tx_buf[idx]; buf->tb_mbuf == NULL;
1126 buf = &bd->tx_buf[idx]) {
1127 struct ieee80211_frame *f;
1128 struct ieee80211_node *ni = NULL;
1132 if (!IF_QEMPTY(&ic->ic_mgtq)) {
1133 IF_DEQUEUE(&ic->ic_mgtq, m);
1135 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
1136 m->m_pkthdr.rcvif = NULL;
1141 * Don't transmit probe response firmware will
1144 f = mtod(m, struct ieee80211_frame *);
1145 if ((f->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
1146 IEEE80211_FC0_TYPE_MGT &&
1147 (f->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) ==
1148 IEEE80211_FC0_SUBTYPE_PROBE_RESP) {
1150 ieee80211_free_node(ni);
1154 } else if (!ifq_is_empty(&ifp->if_snd)) {
1155 struct ether_header *eh;
1157 if (ic->ic_state != IEEE80211_S_RUN) {
1158 ifq_purge(&ifp->if_snd);
1162 m = ifq_dequeue(&ifp->if_snd, NULL);
1166 if (m->m_len < sizeof(struct ether_header)) {
1167 m = m_pullup(m, sizeof(struct ether_header));
1173 eh = mtod(m, struct ether_header *);
1175 ni = ieee80211_find_txnode(ic, eh->ether_dhost);
1182 /* TODO power save */
1186 m = ieee80211_encap(ic, m, ni);
1188 ieee80211_free_node(ni);
1196 if (ic->ic_rawbpf != NULL)
1197 bpf_mtap(ic->ic_rawbpf, m);
1199 f = mtod(m, struct ieee80211_frame *);
1200 if ((f->i_fc[1] & IEEE80211_FC1_WEP) && !sc->chip_hw_crypt) {
1201 KASSERT(ni != NULL, ("TX node is NULL (WEP)"));
1202 if (ieee80211_crypto_encap(ic, ni, m) == NULL) {
1203 ieee80211_free_node(ni);
1211 * Since mgmt data are transmitted at fixed rate
1212 * they will not be used to do rate control.
1214 if (mgmt_pkt && ni != NULL) {
1215 ieee80211_free_node(ni);
1219 if (acx_encap(sc, buf, m, ni) != 0) {
1221 * NOTE: `m' will be freed in acx_encap()
1225 ieee80211_free_node(ni);
1232 * 1) `m' should not be touched after acx_encap()
1233 * 2) `node' will be used to do TX rate control during
1234 * acx_txeof(), so it is not freed here. acx_txeof()
1235 * will free it for us
1239 bd->tx_used_count++;
1240 idx = (idx + 1) % ACX_TX_DESC_CNT;
1242 bd->tx_free_start = idx;
1244 if (bd->tx_used_count == ACX_TX_DESC_CNT)
1245 ifq_set_oactive(&ifp->if_snd);
1247 if (trans && sc->sc_tx_timer == 0)
1248 sc->sc_tx_timer = 5;
1253 acx_watchdog(struct ifnet *ifp)
1255 struct acx_softc *sc = ifp->if_softc;
1259 if ((ifp->if_flags & IFF_RUNNING) == 0)
1262 if (sc->sc_tx_timer) {
1263 if (--sc->sc_tx_timer == 0) {
1264 if_printf(ifp, "watchdog timeout\n");
1266 acx_txeof(ifp->if_softc);
1271 ieee80211_watchdog(&sc->sc_ic);
1277 struct acx_softc *sc = arg;
1278 uint16_t intr_status;
1280 if ((sc->sc_flags & ACX_FLAG_FW_LOADED) == 0)
1283 intr_status = CSR_READ_2(sc, ACXREG_INTR_STATUS_CLR);
1284 if (intr_status == ACXRV_INTR_ALL) {
1285 /* not our interrupt */
1289 intr_status &= sc->chip_intr_enable;
1290 if (intr_status == 0) {
1291 /* not interrupts we care about */
1295 /* Acknowledge all interrupts */
1296 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_ALL);
1298 if (intr_status & ACXRV_INTR_TX_FINI)
1301 if (intr_status & ACXRV_INTR_RX_FINI)
1306 acx_disable_intr(struct acx_softc *sc)
1308 CSR_WRITE_2(sc, ACXREG_INTR_MASK, sc->chip_intr_disable);
1309 CSR_WRITE_2(sc, ACXREG_EVENT_MASK, 0);
1313 acx_enable_intr(struct acx_softc *sc)
1315 /* Mask out interrupts that are not in the enable set */
1316 CSR_WRITE_2(sc, ACXREG_INTR_MASK, ~sc->chip_intr_enable);
1317 CSR_WRITE_2(sc, ACXREG_EVENT_MASK, ACXRV_EVENT_DISABLE);
1321 acx_txeof(struct acx_softc *sc)
1323 struct acx_buf_data *bd;
1324 struct acx_txbuf *buf;
1328 ifp = &sc->sc_ic.ic_if;
1329 ASSERT_SERIALIZED(ifp->if_serializer);
1331 bd = &sc->sc_buf_data;
1332 idx = bd->tx_used_start;
1333 for (buf = &bd->tx_buf[idx]; buf->tb_mbuf != NULL;
1334 buf = &bd->tx_buf[idx]) {
1335 uint8_t ctrl, error;
1338 ctrl = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_ctrl);
1339 if ((ctrl & (DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE)) !=
1340 (DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE))
1343 bus_dmamap_unload(bd->mbuf_dma_tag, buf->tb_mbuf_dmamap);
1344 frame_len = buf->tb_mbuf->m_pkthdr.len;
1345 m_freem(buf->tb_mbuf);
1346 buf->tb_mbuf = NULL;
1348 error = FW_TXDESC_GETFIELD_1(sc, buf, f_tx_error);
1350 acx_txerr(sc, error);
1356 if (buf->tb_node != NULL) {
1357 sc->chip_tx_complete(sc, buf, frame_len, error);
1358 ieee80211_free_node(buf->tb_node);
1359 buf->tb_node = NULL;
1362 FW_TXDESC_SETFIELD_1(sc, buf, f_tx_ctrl, DESC_CTRL_HOSTOWN);
1364 bd->tx_used_count--;
1366 idx = (idx + 1) % ACX_TX_DESC_CNT;
1368 bd->tx_used_start = idx;
1370 sc->sc_tx_timer = bd->tx_used_count == 0 ? 0 : 5;
1372 if (bd->tx_used_count != ACX_TX_DESC_CNT) {
1373 ifq_clr_oactive(&ifp->if_snd);
1379 acx_txerr(struct acx_softc *sc, uint8_t err)
1381 struct ifnet *ifp = &sc->sc_ic.ic_if;
1382 struct acx_stats *stats = &sc->sc_stats;
1384 if (err == DESC_ERR_EXCESSIVE_RETRY) {
1386 * This a common error (see comment below),
1387 * so print it using DPRINTF()
1389 DPRINTF((ifp, "TX failed -- excessive retry\n"));
1391 if_printf(ifp, "TX failed -- ");
1395 * Although `err' looks like bitmask, it never
1396 * has multiple bits set.
1400 case DESC_ERR_OTHER_FRAG:
1401 /* XXX what's this */
1402 kprintf("error in other fragment\n");
1403 stats->err_oth_frag++;
1406 case DESC_ERR_ABORT:
1407 kprintf("aborted\n");
1410 case DESC_ERR_PARAM:
1411 kprintf("wrong parameters in descriptor\n");
1414 case DESC_ERR_NO_WEPKEY:
1415 kprintf("WEP key missing\n");
1416 stats->err_no_wepkey++;
1418 case DESC_ERR_MSDU_TIMEOUT:
1419 kprintf("MSDU life timeout\n");
1420 stats->err_msdu_timeout++;
1422 case DESC_ERR_EXCESSIVE_RETRY:
1425 * 1) Distance is too long
1426 * 2) Transmit failed (e.g. no MAC level ACK)
1427 * 3) Chip overheated (this should be rare)
1429 stats->err_ex_retry++;
1431 case DESC_ERR_BUF_OVERFLOW:
1432 kprintf("buffer overflow\n");
1433 stats->err_buf_oflow++;
1436 kprintf("DMA error\n");
1440 kprintf("unknown error %d\n", err);
1447 acx_rxeof(struct acx_softc *sc)
1449 struct ieee80211com *ic = &sc->sc_ic;
1450 struct acx_ring_data *rd = &sc->sc_ring_data;
1451 struct acx_buf_data *bd = &sc->sc_buf_data;
1452 struct ifnet *ifp = &ic->ic_if;
1455 ASSERT_SERIALIZED(ic->ic_if.if_serializer);
1457 bus_dmamap_sync(rd->rx_ring_dma_tag, rd->rx_ring_dmamap,
1458 BUS_DMASYNC_POSTREAD);
1461 * Locate first "ready" rx buffer,
1462 * start from last stopped position
1464 idx = bd->rx_scan_start;
1467 struct acx_rxbuf *buf;
1469 buf = &bd->rx_buf[idx];
1470 if ((buf->rb_desc->h_ctrl & htole16(DESC_CTRL_HOSTOWN)) &&
1471 (buf->rb_desc->h_status & htole32(DESC_STATUS_FULL))) {
1475 idx = (idx + 1) % ACX_RX_DESC_CNT;
1476 } while (idx != bd->rx_scan_start);
1482 * NOTE: don't mess up `idx' here, it will
1483 * be used in the following code
1487 struct acx_rxbuf_hdr *head;
1488 struct acx_rxbuf *buf;
1489 struct ieee80211_frame_min *wh;
1491 uint32_t desc_status;
1493 int len, error, rssi, is_priv;
1495 buf = &bd->rx_buf[idx];
1497 desc_ctrl = le16toh(buf->rb_desc->h_ctrl);
1498 desc_status = le32toh(buf->rb_desc->h_status);
1499 if (!(desc_ctrl & DESC_CTRL_HOSTOWN) ||
1500 !(desc_status & DESC_STATUS_FULL))
1503 bus_dmamap_sync(bd->mbuf_dma_tag, buf->rb_mbuf_dmamap,
1504 BUS_DMASYNC_POSTREAD);
1508 error = acx_newbuf(sc, buf, 0);
1514 head = mtod(m, struct acx_rxbuf_hdr *);
1515 len = le16toh(head->rbh_len) & ACX_RXBUF_LEN_MASK;
1516 rssi = acx_get_rssi(sc, head->rbh_level);
1518 m_adj(m, sizeof(struct acx_rxbuf_hdr) + sc->chip_rxbuf_exhdr);
1519 m->m_len = m->m_pkthdr.len = len;
1520 m->m_pkthdr.rcvif = &ic->ic_if;
1522 wh = mtod(m, struct ieee80211_frame_min *);
1523 is_priv = (wh->i_fc[1] & IEEE80211_FC1_WEP);
1525 if (sc->sc_drvbpf != NULL) {
1526 sc->sc_rx_th.wr_tsf = htole32(head->rbh_time);
1528 sc->sc_rx_th.wr_flags = 0;
1530 sc->sc_rx_th.wr_flags |=
1531 IEEE80211_RADIOTAP_F_WEP;
1533 if (head->rbh_bbp_stat & ACX_RXBUF_STAT_SHPRE) {
1534 sc->sc_rx_th.wr_flags |=
1535 IEEE80211_RADIOTAP_F_SHORTPRE;
1538 if (sc->chip_phymode == IEEE80211_MODE_11G) {
1539 sc->sc_rx_th.wr_rate =
1540 ieee80211_plcp2rate(head->rbh_plcp,
1541 head->rbh_bbp_stat & ACX_RXBUF_STAT_OFDM);
1543 sc->sc_rx_th.wr_rate =
1544 ieee80211_plcp2rate(head->rbh_plcp, 0);
1547 sc->sc_rx_th.wr_antsignal = rssi;
1549 if (head->rbh_bbp_stat & ACX_RXBUF_STAT_ANT1)
1550 sc->sc_rx_th.wr_antenna = 1;
1552 sc->sc_rx_th.wr_antenna = 0;
1554 bpf_ptap(sc->sc_drvbpf, m, &sc->sc_rx_th,
1558 if (len >= sizeof(struct ieee80211_frame_min) &&
1560 struct ieee80211_node *ni;
1562 if (is_priv && sc->chip_hw_crypt) {
1563 /* Short circuit software WEP */
1564 wh->i_fc[1] &= ~IEEE80211_FC1_WEP;
1566 /* Do chip specific RX buffer processing */
1567 if (sc->chip_proc_wep_rxbuf != NULL) {
1568 sc->chip_proc_wep_rxbuf(sc, m, &len);
1570 struct ieee80211_frame_min *);
1573 m->m_len = m->m_pkthdr.len = len;
1575 ni = ieee80211_find_rxnode(ic, wh);
1576 ieee80211_input(ic, m, ni, rssi,
1577 le32toh(head->rbh_time));
1578 ieee80211_free_node(ni);
1582 if (len < sizeof(struct ieee80211_frame_min)) {
1583 if (ic->ic_rawbpf != NULL &&
1584 len >= sizeof(struct ieee80211_frame_ack))
1585 bpf_mtap(ic->ic_rawbpf, m);
1587 if (ic->ic_opmode != IEEE80211_M_MONITOR)
1588 ic->ic_stats.is_rx_tooshort++;
1593 buf->rb_desc->h_ctrl = htole16(desc_ctrl & ~DESC_CTRL_HOSTOWN);
1594 buf->rb_desc->h_status = 0;
1595 bus_dmamap_sync(rd->rx_ring_dma_tag, rd->rx_ring_dmamap,
1596 BUS_DMASYNC_PREWRITE);
1598 idx = (idx + 1) % ACX_RX_DESC_CNT;
1599 } while (idx != bd->rx_scan_start);
1602 * Record the position so that next
1603 * time we can start from it
1605 bd->rx_scan_start = idx;
1609 acx_reset(struct acx_softc *sc)
1614 CSR_SETB_2(sc, ACXREG_ECPU_CTRL, ACXRV_ECPU_HALT);
1616 /* Software reset */
1617 reg = CSR_READ_2(sc, ACXREG_SOFT_RESET);
1618 CSR_WRITE_2(sc, ACXREG_SOFT_RESET, reg | ACXRV_SOFT_RESET);
1620 CSR_WRITE_2(sc, ACXREG_SOFT_RESET, reg);
1622 /* Initialize EEPROM */
1623 CSR_SETB_2(sc, ACXREG_EEPROM_INIT, ACXRV_EEPROM_INIT);
1626 /* Test whether ECPU is stopped */
1627 reg = CSR_READ_2(sc, ACXREG_ECPU_CTRL);
1628 if (!(reg & ACXRV_ECPU_HALT)) {
1629 if_printf(&sc->sc_ic.ic_if, "can't halt ECPU\n");
1636 acx_read_eeprom(struct acx_softc *sc, uint32_t offset, uint8_t *val)
1640 CSR_WRITE_4(sc, ACXREG_EEPROM_CONF, 0);
1641 CSR_WRITE_4(sc, ACXREG_EEPROM_ADDR, offset);
1642 CSR_WRITE_4(sc, ACXREG_EEPROM_CTRL, ACXRV_EEPROM_READ);
1644 #define EE_READ_RETRY_MAX 100
1645 for (i = 0; i < EE_READ_RETRY_MAX; ++i) {
1646 if (CSR_READ_2(sc, ACXREG_EEPROM_CTRL) == 0)
1650 if (i == EE_READ_RETRY_MAX) {
1651 if_printf(&sc->sc_ic.ic_if, "can't read EEPROM offset %x "
1652 "(timeout)\n", offset);
1655 #undef EE_READ_RETRY_MAX
1657 *val = CSR_READ_1(sc, ACXREG_EEPROM_DATA);
1662 acx_read_phyreg(struct acx_softc *sc, uint32_t reg, uint8_t *val)
1666 CSR_WRITE_4(sc, ACXREG_PHY_ADDR, reg);
1667 CSR_WRITE_4(sc, ACXREG_PHY_CTRL, ACXRV_PHY_READ);
1669 #define PHY_READ_RETRY_MAX 100
1670 for (i = 0; i < PHY_READ_RETRY_MAX; ++i) {
1671 if (CSR_READ_4(sc, ACXREG_PHY_CTRL) == 0)
1675 if (i == PHY_READ_RETRY_MAX) {
1676 if_printf(&sc->sc_ic.ic_if, "can't read phy reg %x (timeout)\n",
1680 #undef PHY_READ_RETRY_MAX
1682 *val = CSR_READ_1(sc, ACXREG_PHY_DATA);
1687 acx_write_phyreg(struct acx_softc *sc, uint32_t reg, uint8_t val)
1689 CSR_WRITE_4(sc, ACXREG_PHY_DATA, val);
1690 CSR_WRITE_4(sc, ACXREG_PHY_ADDR, reg);
1691 CSR_WRITE_4(sc, ACXREG_PHY_CTRL, ACXRV_PHY_WRITE);
1695 acx_alloc_firmware(struct acx_softc *sc)
1697 struct acx_firmware *fw = &sc->sc_firmware;
1698 struct ifnet *ifp = &sc->sc_ic.ic_if;
1699 struct fw_image *img;
1704 * NB: serializer need to be released before loading firmware
1705 * image to avoid possible dead lock
1707 ASSERT_SERIALIZED(ifp->if_serializer);
1709 if (fw->base_fw_image == NULL) {
1710 if (fw->combined_radio_fw) {
1711 ksnprintf(filename, sizeof(filename),
1712 ACX_BASE_RADIO_FW_PATH,
1713 fw->fwdir, sc->sc_radio_type);
1715 ksnprintf(filename, sizeof(filename),
1716 ACX_BASE_FW_PATH, fw->fwdir);
1719 lwkt_serialize_exit(ifp->if_serializer);
1720 img = firmware_image_load(filename, NULL);
1721 lwkt_serialize_enter(ifp->if_serializer);
1723 fw->base_fw_image = img;
1724 if (fw->base_fw_image == NULL) {
1725 if_printf(ifp, "load %s base fw failed\n", filename);
1730 error = acx_setup_firmware(sc, fw->base_fw_image,
1731 &fw->base_fw, &fw->base_fw_len);
1736 if (!fw->combined_radio_fw && fw->radio_fw_image == NULL) {
1737 ksnprintf(filename, sizeof(filename), ACX_RADIO_FW_PATH,
1738 fw->fwdir, sc->sc_radio_type);
1740 lwkt_serialize_exit(ifp->if_serializer);
1741 img = firmware_image_load(filename, NULL);
1742 lwkt_serialize_enter(ifp->if_serializer);
1744 fw->radio_fw_image = img;
1745 if (fw->radio_fw_image == NULL) {
1746 if_printf(ifp, "load %s radio fw failed\n", filename);
1751 error = acx_setup_firmware(sc, fw->radio_fw_image,
1752 &fw->radio_fw, &fw->radio_fw_len);
1756 acx_free_firmware(sc);
1761 acx_setup_firmware(struct acx_softc *sc, struct fw_image *img,
1762 const uint8_t **ptr, int *len)
1764 const struct acx_firmware_hdr *hdr;
1773 * Make sure that the firmware image contains more than just a header
1775 if (img->fw_imglen <= sizeof(*hdr)) {
1776 if_printf(&sc->sc_ic.ic_if, "%s is invalid image, "
1777 "size %zu (too small)\n",
1778 img->fw_name, img->fw_imglen);
1781 hdr = (const struct acx_firmware_hdr *)img->fw_image;
1786 if (hdr->fwh_len != img->fw_imglen - sizeof(*hdr)) {
1787 if_printf(&sc->sc_ic.ic_if, "%s is invalid image, "
1788 "size in hdr %u and image size %zu mismatches\n",
1789 img->fw_name, hdr->fwh_len, img->fw_imglen);
1797 for (i = 0, p = (const uint8_t *)&hdr->fwh_len;
1798 i < img->fw_imglen - sizeof(hdr->fwh_cksum); ++i, ++p)
1800 if (cksum != hdr->fwh_cksum) {
1801 if_printf(&sc->sc_ic.ic_if, "%s is invalid image, "
1802 "checksum mismatch\n", img->fw_name);
1806 *ptr = ((const uint8_t *)img->fw_image + sizeof(*hdr));
1807 *len = img->fw_imglen - sizeof(*hdr);
1812 acx_free_firmware(struct acx_softc *sc)
1814 struct acx_firmware *fw = &sc->sc_firmware;
1816 if (fw->base_fw_image != NULL) {
1817 firmware_image_unload(fw->base_fw_image);
1818 fw->base_fw_image = NULL;
1820 fw->base_fw_len = 0;
1822 if (fw->radio_fw_image != NULL) {
1823 firmware_image_unload(fw->radio_fw_image);
1824 fw->radio_fw_image = NULL;
1825 fw->radio_fw = NULL;
1826 fw->radio_fw_len = 0;
1831 acx_load_base_firmware(struct acx_softc *sc, const uint8_t *base_fw,
1832 uint32_t base_fw_len)
1836 /* Load base firmware */
1837 error = acx_load_firmware(sc, 0, base_fw, base_fw_len);
1839 if_printf(&sc->sc_ic.ic_if, "can't load base firmware\n");
1842 DPRINTF((&sc->sc_ic.ic_if, "base firmware loaded\n"));
1845 CSR_WRITE_2(sc, ACXREG_ECPU_CTRL, ACXRV_ECPU_START);
1847 /* Wait for ECPU to be up */
1848 for (i = 0; i < 500; ++i) {
1851 reg = CSR_READ_2(sc, ACXREG_INTR_STATUS);
1852 if (reg & ACXRV_INTR_FCS_THRESH) {
1853 CSR_WRITE_2(sc, ACXREG_INTR_ACK, ACXRV_INTR_FCS_THRESH);
1859 if_printf(&sc->sc_ic.ic_if, "can't initialize ECPU (timeout)\n");
1864 acx_load_radio_firmware(struct acx_softc *sc, const uint8_t *radio_fw,
1865 uint32_t radio_fw_len)
1867 struct acx_conf_mmap mem_map;
1868 uint32_t radio_fw_ofs;
1872 * Get the position, where base firmware is loaded, so that
1873 * radio firmware can be loaded after it.
1875 if (acx_get_mmap_conf(sc, &mem_map) != 0)
1877 radio_fw_ofs = le32toh(mem_map.code_end);
1879 /* Put ECPU into sleeping state, before loading radio firmware */
1880 if (acx_sleep(sc) != 0)
1883 /* Load radio firmware */
1884 error = acx_load_firmware(sc, radio_fw_ofs, radio_fw, radio_fw_len);
1886 if_printf(&sc->sc_ic.ic_if, "can't load radio firmware\n");
1889 DPRINTF((&sc->sc_ic.ic_if, "radio firmware loaded\n"));
1891 /* Wake up sleeping ECPU, after radio firmware is loaded */
1892 if (acx_wakeup(sc) != 0)
1895 /* Initialize radio */
1896 if (acx_init_radio(sc, radio_fw_ofs, radio_fw_len) != 0)
1899 /* Verify radio firmware's loading position */
1900 if (acx_get_mmap_conf(sc, &mem_map) != 0)
1902 if (le32toh(mem_map.code_end) != radio_fw_ofs + radio_fw_len) {
1903 if_printf(&sc->sc_ic.ic_if, "loaded radio firmware position "
1908 DPRINTF((&sc->sc_ic.ic_if, "radio firmware initialized\n"));
1913 acx_load_firmware(struct acx_softc *sc, uint32_t offset, const uint8_t *data,
1919 fw = (const uint32_t *)data;
1920 fw_len = data_len / sizeof(uint32_t);
1923 * LOADFW_AUTO_INC only works with some older firmware:
1924 * 1) acx100's firmware
1925 * 2) acx111's firmware whose rev is 0x00010011
1929 CSR_WRITE_4(sc, ACXREG_FWMEM_START, ACXRV_FWMEM_START_OP);
1930 #ifndef LOADFW_AUTO_INC
1931 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, 0);
1933 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, ACXRV_FWMEM_ADDR_AUTOINC);
1934 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset);
1937 for (i = 0; i < fw_len; ++i) {
1938 #ifndef LOADFW_AUTO_INC
1939 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset + (i * 4));
1941 CSR_WRITE_4(sc, ACXREG_FWMEM_DATA, be32toh(fw[i]));
1944 /* Verify firmware */
1945 CSR_WRITE_4(sc, ACXREG_FWMEM_START, ACXRV_FWMEM_START_OP);
1946 #ifndef LOADFW_AUTO_INC
1947 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, 0);
1949 CSR_WRITE_4(sc, ACXREG_FWMEM_CTRL, ACXRV_FWMEM_ADDR_AUTOINC);
1950 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset);
1953 for (i = 0; i < fw_len; ++i) {
1956 #ifndef LOADFW_AUTO_INC
1957 CSR_WRITE_4(sc, ACXREG_FWMEM_ADDR, offset + (i * 4));
1959 val = CSR_READ_4(sc, ACXREG_FWMEM_DATA);
1960 if (be32toh(fw[i]) != val) {
1961 if_printf(&sc->sc_ic.ic_if, "fireware mismatch "
1962 "fw %08x loaded %08x\n", fw[i], val);
1970 acx_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
1972 struct ifnet *ifp = &ic->ic_if;
1973 struct acx_softc *sc = ifp->if_softc;
1974 struct ieee80211_node *ni = NULL;
1975 struct ieee80211_channel *c = NULL;
1976 int error = 1, mode = 0;
1978 ASSERT_SERIALIZED(ifp->if_serializer);
1980 ieee80211_ratectl_newstate(ic, nstate);
1981 callout_stop(&sc->sc_scan_timer);
1982 callout_stop(&sc->sc_calibrate_timer);
1985 case IEEE80211_S_SCAN:
1986 acx_set_chan(sc, ic->ic_curchan);
1987 callout_reset(&sc->sc_scan_timer,
1988 (hz * sc->sc_scan_dwell) / 1000,
1991 case IEEE80211_S_AUTH:
1992 if (ic->ic_opmode == IEEE80211_M_STA) {
1995 mode = ACX_MODE_STA;
1998 case IEEE80211_S_RUN:
1999 if (ic->ic_opmode == IEEE80211_M_IBSS ||
2000 ic->ic_opmode == IEEE80211_M_HOSTAP) {
2003 if (ic->ic_opmode == IEEE80211_M_IBSS)
2004 mode = ACX_MODE_ADHOC;
2008 if (acx_set_beacon_tmplt(sc, ni) != 0) {
2009 if_printf(ifp, "set bescon template failed\n");
2012 if (acx_set_probe_resp_tmplt(sc, ni) != 0) {
2013 if_printf(ifp, "set probe response template"
2017 } else if (ic->ic_opmode == IEEE80211_M_MONITOR) {
2020 mode = ACX_MODE_STA;
2028 KKASSERT(c != NULL);
2030 if (acx_set_chan(sc, c) != 0)
2033 if (acx_join_bss(sc, mode, ni, c) != 0) {
2034 if_printf(ifp, "join BSS failed\n");
2039 if (nstate == IEEE80211_S_RUN) {
2040 int interval = sc->sc_calib_intvl;
2042 if (sc->chip_calibrate != NULL) {
2043 error = sc->chip_calibrate(sc);
2046 * Restart calibration some time later
2050 callout_reset(&sc->sc_calibrate_timer,
2051 hz * interval, acx_calibrate, sc);
2058 nstate = IEEE80211_S_INIT;
2061 return sc->sc_newstate(ic, nstate, arg);
2065 acx_init_tmplt_ordered(struct acx_softc *sc)
2067 #define INIT_TMPLT(name) \
2069 if (acx_init_##name##_tmplt(sc) != 0) \
2075 * Order of templates initialization:
2081 * Above order is critical to get a correct memory map.
2083 INIT_TMPLT(probe_req);
2084 INIT_TMPLT(null_data);
2087 INIT_TMPLT(probe_resp);
2094 acx_ring_dma_addr(void *arg, bus_dma_segment_t *seg, int nseg, int error)
2096 *((uint32_t *)arg) = seg->ds_addr;
2100 acx_dma_alloc(struct acx_softc *sc)
2102 struct acx_ring_data *rd = &sc->sc_ring_data;
2103 struct acx_buf_data *bd = &sc->sc_buf_data;
2106 /* Allocate DMA stuffs for RX descriptors */
2107 error = bus_dma_tag_create(NULL, PAGE_SIZE, 0,
2108 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR,
2110 ACX_RX_RING_SIZE, 1, ACX_RX_RING_SIZE,
2111 0, &rd->rx_ring_dma_tag);
2113 if_printf(&sc->sc_ic.ic_if, "can't create rx ring dma tag\n");
2117 error = bus_dmamem_alloc(rd->rx_ring_dma_tag, (void **)&rd->rx_ring,
2118 BUS_DMA_WAITOK | BUS_DMA_ZERO,
2119 &rd->rx_ring_dmamap);
2121 if_printf(&sc->sc_ic.ic_if,
2122 "can't allocate rx ring dma memory\n");
2123 bus_dma_tag_destroy(rd->rx_ring_dma_tag);
2124 rd->rx_ring_dma_tag = NULL;
2128 error = bus_dmamap_load(rd->rx_ring_dma_tag, rd->rx_ring_dmamap,
2129 rd->rx_ring, ACX_RX_RING_SIZE,
2130 acx_ring_dma_addr, &rd->rx_ring_paddr,
2133 if_printf(&sc->sc_ic.ic_if, "can't get rx ring dma address\n");
2134 bus_dmamem_free(rd->rx_ring_dma_tag, rd->rx_ring,
2135 rd->rx_ring_dmamap);
2136 bus_dma_tag_destroy(rd->rx_ring_dma_tag);
2137 rd->rx_ring_dma_tag = NULL;
2141 /* Allocate DMA stuffs for TX descriptors */
2142 error = bus_dma_tag_create(NULL, PAGE_SIZE, 0,
2143 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR,
2145 ACX_TX_RING_SIZE, 1, ACX_TX_RING_SIZE,
2146 0, &rd->tx_ring_dma_tag);
2148 if_printf(&sc->sc_ic.ic_if, "can't create tx ring dma tag\n");
2152 error = bus_dmamem_alloc(rd->tx_ring_dma_tag, (void **)&rd->tx_ring,
2153 BUS_DMA_WAITOK | BUS_DMA_ZERO,
2154 &rd->tx_ring_dmamap);
2156 if_printf(&sc->sc_ic.ic_if,
2157 "can't allocate tx ring dma memory\n");
2158 bus_dma_tag_destroy(rd->tx_ring_dma_tag);
2159 rd->tx_ring_dma_tag = NULL;
2163 error = bus_dmamap_load(rd->tx_ring_dma_tag, rd->tx_ring_dmamap,
2164 rd->tx_ring, ACX_TX_RING_SIZE,
2165 acx_ring_dma_addr, &rd->tx_ring_paddr,
2168 if_printf(&sc->sc_ic.ic_if, "can't get tx ring dma address\n");
2169 bus_dmamem_free(rd->tx_ring_dma_tag, rd->tx_ring,
2170 rd->tx_ring_dmamap);
2171 bus_dma_tag_destroy(rd->tx_ring_dma_tag);
2172 rd->tx_ring_dma_tag = NULL;
2176 /* Create DMA tag for RX/TX mbuf map */
2177 error = bus_dma_tag_create(NULL, 1, 0,
2178 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR,
2180 MCLBYTES, 1, MCLBYTES,
2181 0, &bd->mbuf_dma_tag);
2183 if_printf(&sc->sc_ic.ic_if, "can't create mbuf dma tag\n");
2187 /* Create a spare RX DMA map */
2188 error = bus_dmamap_create(bd->mbuf_dma_tag, 0, &bd->mbuf_tmp_dmamap);
2190 if_printf(&sc->sc_ic.ic_if, "can't create tmp mbuf dma map\n");
2191 bus_dma_tag_destroy(bd->mbuf_dma_tag);
2192 bd->mbuf_dma_tag = NULL;
2196 /* Create DMA map for RX mbufs */
2197 for (i = 0; i < ACX_RX_DESC_CNT; ++i) {
2198 error = bus_dmamap_create(bd->mbuf_dma_tag, 0,
2199 &bd->rx_buf[i].rb_mbuf_dmamap);
2201 if_printf(&sc->sc_ic.ic_if, "can't create rx mbuf "
2202 "dma map (%d)\n", i);
2205 bd->rx_buf[i].rb_desc = &rd->rx_ring[i];
2208 /* Create DMA map for TX mbufs */
2209 for (i = 0; i < ACX_TX_DESC_CNT; ++i) {
2210 error = bus_dmamap_create(bd->mbuf_dma_tag, 0,
2211 &bd->tx_buf[i].tb_mbuf_dmamap);
2213 if_printf(&sc->sc_ic.ic_if, "can't create tx mbuf "
2214 "dma map (%d)\n", i);
2217 bd->tx_buf[i].tb_desc1 = &rd->tx_ring[i * 2];
2218 bd->tx_buf[i].tb_desc2 = &rd->tx_ring[(i * 2) + 1];
2225 acx_dma_free(struct acx_softc *sc)
2227 struct acx_ring_data *rd = &sc->sc_ring_data;
2228 struct acx_buf_data *bd = &sc->sc_buf_data;
2231 if (rd->rx_ring_dma_tag != NULL) {
2232 bus_dmamap_unload(rd->rx_ring_dma_tag, rd->rx_ring_dmamap);
2233 bus_dmamem_free(rd->rx_ring_dma_tag, rd->rx_ring,
2234 rd->rx_ring_dmamap);
2235 bus_dma_tag_destroy(rd->rx_ring_dma_tag);
2238 if (rd->tx_ring_dma_tag != NULL) {
2239 bus_dmamap_unload(rd->tx_ring_dma_tag, rd->tx_ring_dmamap);
2240 bus_dmamem_free(rd->tx_ring_dma_tag, rd->tx_ring,
2241 rd->tx_ring_dmamap);
2242 bus_dma_tag_destroy(rd->tx_ring_dma_tag);
2245 for (i = 0; i < ACX_RX_DESC_CNT; ++i) {
2246 if (bd->rx_buf[i].rb_desc != NULL) {
2247 if (bd->rx_buf[i].rb_mbuf != NULL) {
2248 bus_dmamap_unload(bd->mbuf_dma_tag,
2249 bd->rx_buf[i].rb_mbuf_dmamap);
2250 m_freem(bd->rx_buf[i].rb_mbuf);
2252 bus_dmamap_destroy(bd->mbuf_dma_tag,
2253 bd->rx_buf[i].rb_mbuf_dmamap);
2257 for (i = 0; i < ACX_TX_DESC_CNT; ++i) {
2258 if (bd->tx_buf[i].tb_desc1 != NULL) {
2259 if (bd->tx_buf[i].tb_mbuf != NULL) {
2260 bus_dmamap_unload(bd->mbuf_dma_tag,
2261 bd->tx_buf[i].tb_mbuf_dmamap);
2262 m_freem(bd->tx_buf[i].tb_mbuf);
2264 bus_dmamap_destroy(bd->mbuf_dma_tag,
2265 bd->tx_buf[i].tb_mbuf_dmamap);
2269 if (bd->mbuf_dma_tag != NULL) {
2270 bus_dmamap_destroy(bd->mbuf_dma_tag, bd->mbuf_tmp_dmamap);
2271 bus_dma_tag_destroy(bd->mbuf_dma_tag);
2276 acx_init_tx_ring(struct acx_softc *sc)
2278 struct acx_ring_data *rd;
2279 struct acx_buf_data *bd;
2283 rd = &sc->sc_ring_data;
2284 paddr = rd->tx_ring_paddr;
2285 for (i = 0; i < (ACX_TX_DESC_CNT * 2) - 1; ++i) {
2286 paddr += sizeof(struct acx_host_desc);
2288 rd->tx_ring[i].h_ctrl = htole16(DESC_CTRL_HOSTOWN);
2290 if (i == (ACX_TX_DESC_CNT * 2) - 1)
2291 rd->tx_ring[i].h_next_desc = htole32(rd->tx_ring_paddr);
2293 rd->tx_ring[i].h_next_desc = htole32(paddr);
2296 bus_dmamap_sync(rd->tx_ring_dma_tag, rd->tx_ring_dmamap,
2297 BUS_DMASYNC_PREWRITE);
2299 bd = &sc->sc_buf_data;
2300 bd->tx_free_start = 0;
2301 bd->tx_used_start = 0;
2302 bd->tx_used_count = 0;
2308 acx_init_rx_ring(struct acx_softc *sc)
2310 struct acx_ring_data *rd;
2311 struct acx_buf_data *bd;
2315 bd = &sc->sc_buf_data;
2316 rd = &sc->sc_ring_data;
2317 paddr = rd->rx_ring_paddr;
2319 for (i = 0; i < ACX_RX_DESC_CNT; ++i) {
2322 paddr += sizeof(struct acx_host_desc);
2324 error = acx_newbuf(sc, &bd->rx_buf[i], 1);
2328 if (i == ACX_RX_DESC_CNT - 1)
2329 rd->rx_ring[i].h_next_desc = htole32(rd->rx_ring_paddr);
2331 rd->rx_ring[i].h_next_desc = htole32(paddr);
2334 bus_dmamap_sync(rd->rx_ring_dma_tag, rd->rx_ring_dmamap,
2335 BUS_DMASYNC_PREWRITE);
2337 bd->rx_scan_start = 0;
2342 acx_buf_dma_addr(void *arg, bus_dma_segment_t *seg, int nseg,
2343 bus_size_t mapsz, int error)
2349 KASSERT(nseg == 1, ("too many RX dma segments"));
2350 *((uint32_t *)arg) = seg->ds_addr;
2354 acx_newbuf(struct acx_softc *sc, struct acx_rxbuf *rb, int wait)
2356 struct acx_buf_data *bd;
2362 bd = &sc->sc_buf_data;
2364 m = m_getcl(wait ? MB_WAIT : MB_DONTWAIT, MT_DATA, M_PKTHDR);
2368 m->m_len = m->m_pkthdr.len = MCLBYTES;
2370 error = bus_dmamap_load_mbuf(bd->mbuf_dma_tag, bd->mbuf_tmp_dmamap,
2371 m, acx_buf_dma_addr, &paddr,
2372 wait ? BUS_DMA_WAITOK : BUS_DMA_NOWAIT);
2375 if_printf(&sc->sc_ic.ic_if, "can't map rx mbuf %d\n", error);
2379 /* Unload originally mapped mbuf */
2380 bus_dmamap_unload(bd->mbuf_dma_tag, rb->rb_mbuf_dmamap);
2382 /* Swap this dmamap with tmp dmamap */
2383 map = rb->rb_mbuf_dmamap;
2384 rb->rb_mbuf_dmamap = bd->mbuf_tmp_dmamap;
2385 bd->mbuf_tmp_dmamap = map;
2388 rb->rb_desc->h_data_paddr = htole32(paddr);
2389 rb->rb_desc->h_data_len = htole16(m->m_len);
2391 bus_dmamap_sync(bd->mbuf_dma_tag, rb->rb_mbuf_dmamap,
2392 BUS_DMASYNC_PREREAD);
2397 acx_encap(struct acx_softc *sc, struct acx_txbuf *txbuf, struct mbuf *m,
2398 struct ieee80211_node *ni)
2400 struct acx_buf_data *bd = &sc->sc_buf_data;
2401 struct acx_ring_data *rd = &sc->sc_ring_data;
2406 KASSERT(txbuf->tb_mbuf == NULL, ("free TX buf has mbuf installed"));
2408 if (m->m_pkthdr.len > MCLBYTES) {
2409 if_printf(&sc->sc_ic.ic_if, "mbuf too big\n");
2412 } else if (m->m_pkthdr.len < ACX_FRAME_HDRLEN) {
2413 if_printf(&sc->sc_ic.ic_if, "mbuf too small\n");
2418 error = bus_dmamap_load_mbuf(bd->mbuf_dma_tag, txbuf->tb_mbuf_dmamap,
2419 m, acx_buf_dma_addr, &paddr,
2421 if (error && error != EFBIG) {
2422 if_printf(&sc->sc_ic.ic_if, "can't map tx mbuf1 %d\n", error);
2426 if (error) { /* error == EFBIG */
2429 m_new = m_defrag(m, MB_DONTWAIT);
2430 if (m_new == NULL) {
2431 if_printf(&sc->sc_ic.ic_if, "can't defrag tx mbuf\n");
2438 error = bus_dmamap_load_mbuf(bd->mbuf_dma_tag,
2439 txbuf->tb_mbuf_dmamap, m,
2440 acx_buf_dma_addr, &paddr,
2443 if_printf(&sc->sc_ic.ic_if, "can't map tx mbuf2 %d\n",
2451 bus_dmamap_sync(bd->mbuf_dma_tag, txbuf->tb_mbuf_dmamap,
2452 BUS_DMASYNC_PREWRITE);
2455 txbuf->tb_node = ni;
2458 * TX buffers are accessed in following way:
2459 * acx_fw_txdesc -> acx_host_desc -> buffer
2461 * It is quite strange that acx also querys acx_host_desc next to
2462 * the one we have assigned to acx_fw_txdesc even if first one's
2463 * acx_host_desc.h_data_len == acx_fw_txdesc.f_tx_len
2465 * So we allocate two acx_host_desc for one acx_fw_txdesc and
2466 * assign the first acx_host_desc to acx_fw_txdesc
2469 * host_desc1.h_data_len = buffer_len
2470 * host_desc2.h_data_len = buffer_len - mac_header_len
2473 * host_desc1.h_data_len = mac_header_len
2474 * host_desc2.h_data_len = buffer_len - mac_header_len
2477 txbuf->tb_desc1->h_data_paddr = htole32(paddr);
2478 txbuf->tb_desc2->h_data_paddr = htole32(paddr + ACX_FRAME_HDRLEN);
2480 txbuf->tb_desc1->h_data_len =
2481 htole16(sc->chip_txdesc1_len ? sc->chip_txdesc1_len
2483 txbuf->tb_desc2->h_data_len =
2484 htole16(m->m_pkthdr.len - ACX_FRAME_HDRLEN);
2488 * We can't simply assign f_tx_ctrl, we will first read it back
2489 * and change it bit by bit
2491 ctrl = FW_TXDESC_GETFIELD_1(sc, txbuf, f_tx_ctrl);
2492 ctrl |= sc->chip_fw_txdesc_ctrl; /* extra chip specific flags */
2493 ctrl &= ~(DESC_CTRL_HOSTOWN | DESC_CTRL_ACXDONE);
2495 FW_TXDESC_SETFIELD_2(sc, txbuf, f_tx_len, m->m_pkthdr.len);
2496 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_error, 0);
2497 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_data_nretry, 0);
2498 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_rts_nretry, 0);
2499 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_rts_ok, 0);
2500 rate = sc->chip_set_fw_txdesc_rate(sc, txbuf, ni, m->m_pkthdr.len);
2502 if (sc->sc_drvbpf != NULL) {
2503 struct ieee80211_frame_min *wh;
2505 wh = mtod(m, struct ieee80211_frame_min *);
2506 sc->sc_tx_th.wt_flags = 0;
2507 if (wh->i_fc[1] & IEEE80211_FC1_WEP)
2508 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP;
2509 sc->sc_tx_th.wt_rate = rate;
2511 bpf_ptap(sc->sc_drvbpf, m, &sc->sc_tx_th, sc->sc_tx_th_len);
2514 txbuf->tb_desc1->h_ctrl = 0;
2515 txbuf->tb_desc2->h_ctrl = 0;
2516 bus_dmamap_sync(rd->tx_ring_dma_tag, rd->tx_ring_dmamap,
2517 BUS_DMASYNC_PREWRITE);
2519 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ctrl2, 0);
2520 FW_TXDESC_SETFIELD_1(sc, txbuf, f_tx_ctrl, ctrl);
2522 /* Tell chip to inform us about TX completion */
2523 CSR_WRITE_2(sc, ACXREG_INTR_TRIG, ACXRV_TRIG_TX_FINI);
2531 acx_set_null_tmplt(struct acx_softc *sc)
2533 struct acx_tmplt_null_data n;
2534 struct ieee80211_frame *f;
2536 bzero(&n, sizeof(n));
2539 f->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_DATA |
2540 IEEE80211_FC0_SUBTYPE_NODATA;
2541 IEEE80211_ADDR_COPY(f->i_addr1, etherbroadcastaddr);
2542 IEEE80211_ADDR_COPY(f->i_addr2, IF_LLADDR(&sc->sc_ic.ic_if));
2543 IEEE80211_ADDR_COPY(f->i_addr3, etherbroadcastaddr);
2545 return _acx_set_null_data_tmplt(sc, &n, sizeof(n));
2549 acx_set_probe_req_tmplt(struct acx_softc *sc, const char *ssid, int ssid_len)
2551 struct acx_tmplt_probe_req req;
2552 struct ieee80211_frame *f;
2556 bzero(&req, sizeof(req));
2558 f = &req.data.u_data.f;
2559 f->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT |
2560 IEEE80211_FC0_SUBTYPE_PROBE_REQ;
2561 IEEE80211_ADDR_COPY(f->i_addr1, etherbroadcastaddr);
2562 IEEE80211_ADDR_COPY(f->i_addr2, IF_LLADDR(&sc->sc_ic.ic_if));
2563 IEEE80211_ADDR_COPY(f->i_addr3, etherbroadcastaddr);
2565 v = req.data.u_data.var;
2566 v = ieee80211_add_ssid(v, ssid, ssid_len);
2567 v = ieee80211_add_rates(v, &sc->sc_ic.ic_sup_rates[sc->chip_phymode]);
2568 v = ieee80211_add_xrates(v, &sc->sc_ic.ic_sup_rates[sc->chip_phymode]);
2569 vlen = v - req.data.u_data.var;
2571 return _acx_set_probe_req_tmplt(sc, &req,
2572 ACX_TMPLT_PROBE_REQ_SIZ(vlen));
2576 acx_set_probe_resp_tmplt(struct acx_softc *sc, struct ieee80211_node *ni)
2578 struct ieee80211com *ic = &sc->sc_ic;
2579 struct acx_tmplt_probe_resp resp;
2580 struct ieee80211_frame *f;
2584 m = ieee80211_probe_resp_alloc(ic, ni);
2587 DPRINTF((&ic->ic_if, "%s alloc probe resp size %d\n", __func__,
2590 f = mtod(m, struct ieee80211_frame *);
2591 IEEE80211_ADDR_COPY(f->i_addr1, etherbroadcastaddr);
2593 bzero(&resp, sizeof(resp));
2594 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&resp.data);
2595 len = m->m_pkthdr.len + sizeof(resp.size);
2598 return _acx_set_probe_resp_tmplt(sc, &resp, len);
2602 acx_set_beacon_tmplt(struct acx_softc *sc, struct ieee80211_node *ni)
2604 struct ieee80211com *ic = &sc->sc_ic;
2605 struct acx_tmplt_beacon beacon;
2606 struct acx_tmplt_tim tim;
2607 struct ieee80211_beacon_offsets bo;
2609 int beacon_tmplt_len = 0, tim_tmplt_len = 0;
2611 bzero(&bo, sizeof(bo));
2612 m = ieee80211_beacon_alloc(ic, ni, &bo);
2615 DPRINTF((&ic->ic_if, "%s alloc beacon size %d\n", __func__,
2618 if (bo.bo_tim_len == 0) {
2619 beacon_tmplt_len = m->m_pkthdr.len;
2621 beacon_tmplt_len = bo.bo_tim - mtod(m, uint8_t *);
2622 tim_tmplt_len = m->m_pkthdr.len - beacon_tmplt_len;
2625 bzero(&beacon, sizeof(beacon));
2626 bzero(&tim, sizeof(tim));
2628 m_copydata(m, 0, beacon_tmplt_len, (caddr_t)&beacon.data);
2629 if (tim_tmplt_len != 0) {
2630 m_copydata(m, beacon_tmplt_len, tim_tmplt_len,
2631 (caddr_t)&tim.data);
2635 beacon_tmplt_len += sizeof(beacon.size);
2636 if (_acx_set_beacon_tmplt(sc, &beacon, beacon_tmplt_len) != 0)
2639 if (tim_tmplt_len != 0) {
2640 tim_tmplt_len += sizeof(tim.size);
2641 if (_acx_set_tim_tmplt(sc, &tim, tim_tmplt_len) != 0)
2648 acx_sysctl_msdu_lifetime(SYSCTL_HANDLER_ARGS)
2650 struct acx_softc *sc = arg1;
2651 struct ifnet *ifp = &sc->sc_ic.ic_if;
2654 lwkt_serialize_enter(ifp->if_serializer);
2656 v = sc->sc_msdu_lifetime;
2657 error = sysctl_handle_int(oidp, &v, 0, req);
2658 if (error || req->newptr == NULL)
2665 if (sc->sc_flags & ACX_FLAG_FW_LOADED) {
2666 struct acx_conf_msdu_lifetime msdu_lifetime;
2668 msdu_lifetime.lifetime = htole32(v);
2669 if (acx_set_msdu_lifetime_conf(sc, &msdu_lifetime) != 0) {
2670 if_printf(&sc->sc_ic.ic_if,
2671 "can't set MSDU lifetime\n");
2676 sc->sc_msdu_lifetime = v;
2678 lwkt_serialize_exit(ifp->if_serializer);
2683 acx_sysctl_free_firmware(SYSCTL_HANDLER_ARGS)
2685 struct acx_softc *sc = arg1;
2686 struct ifnet *ifp = &sc->sc_ic.ic_if;
2689 lwkt_serialize_enter(ifp->if_serializer);
2692 error = sysctl_handle_int(oidp, &v, 0, req);
2693 if (error || req->newptr == NULL)
2695 if (v == 0) /* Do nothing */
2698 acx_free_firmware(sc);
2700 lwkt_serialize_exit(ifp->if_serializer);
2705 acx_media_change(struct ifnet *ifp)
2709 error = ieee80211_media_change(ifp);
2710 if (error != ENETRESET)
2713 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
2714 acx_init(ifp->if_softc);
2719 acx_rx_config(struct acx_softc *sc, int promisc)
2721 struct acx_conf_rxopt rx_opt;
2722 struct ieee80211com *ic = &sc->sc_ic;
2725 * What we want to receive and how to receive
2728 /* Common for all operational modes */
2729 rx_opt.opt1 = RXOPT1_INCL_RXBUF_HDR;
2730 rx_opt.opt2 = RXOPT2_RECV_ASSOC_REQ |
2732 RXOPT2_RECV_BEACON |
2737 RXOPT2_RECV_PROBE_REQ |
2738 RXOPT2_RECV_PROBE_RESP |
2741 if (ic->ic_opmode == IEEE80211_M_MONITOR) {
2742 rx_opt.opt1 |= RXOPT1_PROMISC;
2743 rx_opt.opt2 |= RXOPT2_RECV_BROKEN | RXOPT2_RECV_ACK;
2745 rx_opt.opt1 |= promisc ? RXOPT1_PROMISC : RXOPT1_FILT_FDEST;
2748 if (acx_set_rxopt_conf(sc, &rx_opt) != 0) {
2749 if_printf(&sc->sc_ic.ic_if, "can't config RX\n");
2756 acx_set_chan(struct acx_softc *sc, struct ieee80211_channel *c)
2758 struct ieee80211com *ic = &sc->sc_ic;
2762 chan = ieee80211_chan2ieee(ic, c);
2763 if (acx_enable_txchan(sc, chan) != 0) {
2764 if_printf(&ic->ic_if, "enable TX on channel %d failed\n", chan);
2767 if (acx_enable_rxchan(sc, chan) != 0) {
2768 if_printf(&ic->ic_if, "enable RX on channel %d failed\n", chan);
2772 if (IEEE80211_IS_CHAN_G(c))
2773 flags = IEEE80211_CHAN_G;
2775 flags = IEEE80211_CHAN_B;
2777 sc->sc_tx_th.wt_chan_freq = sc->sc_rx_th.wr_chan_freq =
2778 htole16(c->ic_freq);
2779 sc->sc_tx_th.wt_chan_flags = sc->sc_rx_th.wr_chan_flags =
2785 acx_calibrate(void *xsc)
2787 struct acx_softc *sc = xsc;
2788 struct ifnet *ifp = &sc->sc_ic.ic_if;
2790 lwkt_serialize_enter(ifp->if_serializer);
2791 if (sc->chip_calibrate != NULL &&
2792 sc->sc_ic.ic_state == IEEE80211_S_RUN) {
2793 sc->chip_calibrate(sc);
2794 callout_reset(&sc->sc_calibrate_timer, hz * sc->sc_calib_intvl,
2797 lwkt_serialize_exit(ifp->if_serializer);