1 /*
2 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5
6 /*
7 * Copyright (c) 2007-2009 Sam Leffler, Errno Consulting
8 * Copyright (c) 2007-2008 Marvell Semiconductor, Inc.
9 * All rights reserved.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer,
16 * without modification.
17 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
18 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any
19 * redistribution must be conditioned upon including a substantially
20 * similar Disclaimer requirement for further binary redistribution.
21 *
22 * NO WARRANTY
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY
26 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
27 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY,
28 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
31 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
33 * THE POSSIBILITY OF SUCH DAMAGES.
34 */
35
36 /*
37 * Copyright 2019 Joyent, Inc.
38 */
39
40 /*
41 * Driver for the Marvell 88W8363 Wireless LAN controller.
42 */
43 #include <sys/stat.h>
44 #include <sys/dlpi.h>
45 #include <inet/common.h>
46 #include <inet/mi.h>
47 #include <sys/stream.h>
48 #include <sys/errno.h>
49 #include <sys/stropts.h>
50 #include <sys/stat.h>
51 #include <sys/sunddi.h>
52 #include <sys/strsubr.h>
53 #include <sys/strsun.h>
54 #include <sys/pci.h>
55 #include <sys/mac_provider.h>
56 #include <sys/mac_wifi.h>
57 #include <sys/net80211.h>
58 #include <inet/wifi_ioctl.h>
59
60 #include "mwl_var.h"
61
62 static int mwl_attach(dev_info_t *devinfo, ddi_attach_cmd_t cmd);
63 static int mwl_detach(dev_info_t *devinfo, ddi_detach_cmd_t cmd);
64 static int mwl_quiesce(dev_info_t *devinfo);
65
66 DDI_DEFINE_STREAM_OPS(mwl_dev_ops, nulldev, nulldev, mwl_attach, mwl_detach,
67 nodev, NULL, D_MP, NULL, mwl_quiesce);
68
69 static struct modldrv mwl_modldrv = {
70 &mod_driverops, /* Type of module. This one is a driver */
71 "Marvell 88W8363 WiFi driver v1.1", /* short description */
72 &mwl_dev_ops /* driver specific ops */
73 };
74
75 static struct modlinkage modlinkage = {
76 MODREV_1, (void *)&mwl_modldrv, NULL
77 };
78
79 static void *mwl_soft_state_p = NULL;
80
81 static int mwl_m_stat(void *, uint_t, uint64_t *);
82 static int mwl_m_start(void *);
83 static void mwl_m_stop(void *);
84 static int mwl_m_promisc(void *, boolean_t);
85 static int mwl_m_multicst(void *, boolean_t, const uint8_t *);
86 static int mwl_m_unicst(void *, const uint8_t *);
87 static mblk_t *mwl_m_tx(void *, mblk_t *);
88 static void mwl_m_ioctl(void *, queue_t *, mblk_t *);
89 static int mwl_m_setprop(void *arg, const char *pr_name,
90 mac_prop_id_t wldp_pr_num,
91 uint_t wldp_length, const void *wldp_buf);
92 static int mwl_m_getprop(void *arg, const char *pr_name,
93 mac_prop_id_t wldp_pr_num, uint_t wldp_length,
94 void *wldp_buf);
95 static void mwl_m_propinfo(void *, const char *, mac_prop_id_t,
96 mac_prop_info_handle_t);
97
98 static mac_callbacks_t mwl_m_callbacks = {
99 MC_IOCTL | MC_SETPROP | MC_GETPROP | MC_PROPINFO,
100 mwl_m_stat,
101 mwl_m_start,
102 mwl_m_stop,
103 mwl_m_promisc,
104 mwl_m_multicst,
105 mwl_m_unicst,
106 mwl_m_tx,
107 NULL,
108 mwl_m_ioctl,
109 NULL,
110 NULL,
111 NULL,
112 mwl_m_setprop,
113 mwl_m_getprop,
114 mwl_m_propinfo
115 };
116
117 #define MWL_DBG_ATTACH (1 << 0)
118 #define MWL_DBG_DMA (1 << 1)
119 #define MWL_DBG_FW (1 << 2)
120 #define MWL_DBG_HW (1 << 3)
121 #define MWL_DBG_INTR (1 << 4)
122 #define MWL_DBG_RX (1 << 5)
123 #define MWL_DBG_TX (1 << 6)
124 #define MWL_DBG_CMD (1 << 7)
125 #define MWL_DBG_CRYPTO (1 << 8)
126 #define MWL_DBG_SR (1 << 9)
127 #define MWL_DBG_MSG (1 << 10)
128
129 uint32_t mwl_dbg_flags = 0x0;
130
131 #ifdef DEBUG
132 #define MWL_DBG \
133 mwl_debug
134 #else
135 #define MWL_DBG(...) (void)(0)
136 #endif
137
138 /*
139 * PIO access attributes for registers
140 */
141 static ddi_device_acc_attr_t mwl_reg_accattr = {
142 DDI_DEVICE_ATTR_V0,
143 DDI_STRUCTURE_LE_ACC,
144 DDI_STRICTORDER_ACC,
145 DDI_DEFAULT_ACC
146 };
147
148 static ddi_device_acc_attr_t mwl_cmdbuf_accattr = {
149 DDI_DEVICE_ATTR_V0,
150 DDI_NEVERSWAP_ACC,
151 DDI_STRICTORDER_ACC,
152 DDI_DEFAULT_ACC
153 };
154
155 /*
156 * DMA access attributes for descriptors and bufs: NOT to be byte swapped.
157 */
158 static ddi_device_acc_attr_t mwl_desc_accattr = {
159 DDI_DEVICE_ATTR_V0,
160 DDI_NEVERSWAP_ACC,
161 DDI_STRICTORDER_ACC,
162 DDI_DEFAULT_ACC
163 };
164
165 static ddi_device_acc_attr_t mwl_buf_accattr = {
166 DDI_DEVICE_ATTR_V0,
167 DDI_NEVERSWAP_ACC,
168 DDI_STRICTORDER_ACC,
169 DDI_DEFAULT_ACC
170 };
171
172 /*
173 * Describes the chip's DMA engine
174 */
175 static ddi_dma_attr_t mwl_dma_attr = {
176 DMA_ATTR_V0, /* dma_attr version */
177 0x0000000000000000ull, /* dma_attr_addr_lo */
178 0xFFFFFFFF, /* dma_attr_addr_hi */
179 0x00000000FFFFFFFFull, /* dma_attr_count_max */
180 0x0000000000000001ull, /* dma_attr_align */
181 0x00000FFF, /* dma_attr_burstsizes */
182 0x00000001, /* dma_attr_minxfer */
183 0x000000000000FFFFull, /* dma_attr_maxxfer */
184 0xFFFFFFFFFFFFFFFFull, /* dma_attr_seg */
185 1, /* dma_attr_sgllen */
186 0x00000001, /* dma_attr_granular */
187 0 /* dma_attr_flags */
188 };
189
190 /*
191 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
192 */
193 static const struct ieee80211_rateset mwl_rateset_11b =
194 { 4, { 2, 4, 11, 22 } };
195
196 static const struct ieee80211_rateset mwl_rateset_11g =
197 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
198
199 static int mwl_alloc_dma_mem(dev_info_t *, ddi_dma_attr_t *, size_t,
200 ddi_device_acc_attr_t *, uint_t, uint_t,
201 struct dma_area *);
202 static void mwl_free_dma_mem(struct dma_area *);
203 static int mwl_alloc_cmdbuf(struct mwl_softc *);
204 static void mwl_free_cmdbuf(struct mwl_softc *);
205 static int mwl_alloc_rx_ring(struct mwl_softc *, int);
206 static void mwl_free_rx_ring(struct mwl_softc *);
207 static int mwl_alloc_tx_ring(struct mwl_softc *, struct mwl_tx_ring *,
208 int);
209 static void mwl_free_tx_ring(struct mwl_softc *, struct mwl_tx_ring *);
210 static int mwl_setupdma(struct mwl_softc *);
211 static void mwl_txq_init(struct mwl_softc *, struct mwl_tx_ring *, int);
212 static int mwl_tx_setup(struct mwl_softc *, int, int);
213 static int mwl_setup_txq(struct mwl_softc *);
214 static int mwl_fwload(struct mwl_softc *, void *);
215 static int mwl_loadsym(ddi_modhandle_t, char *, char **, size_t *);
216 static void mwlFwReset(struct mwl_softc *);
217 static void mwlPokeSdramController(struct mwl_softc *, int);
218 static void mwlTriggerPciCmd(struct mwl_softc *);
219 static int mwlWaitFor(struct mwl_softc *, uint32_t);
220 static int mwlSendBlock(struct mwl_softc *, int, const void *, size_t);
221 static int mwlSendBlock2(struct mwl_softc *, const void *, size_t);
222 static void mwlSendCmd(struct mwl_softc *);
223 static int mwlExecuteCmd(struct mwl_softc *, unsigned short);
224 static int mwlWaitForCmdComplete(struct mwl_softc *, uint16_t);
225 static void dumpresult(struct mwl_softc *, int);
226 static int mwlResetHalState(struct mwl_softc *);
227 static int mwlGetPwrCalTable(struct mwl_softc *);
228 static int mwlGetCalTable(struct mwl_softc *, uint8_t, uint8_t);
229 static int mwlGetPwrCalTable(struct mwl_softc *);
230 static void dumpcaldata(const char *, const uint8_t *, int);
231 static void get2Ghz(MWL_HAL_CHANNELINFO *, const uint8_t *, int);
232 static void get5Ghz(MWL_HAL_CHANNELINFO *, const uint8_t *, int);
233 static void setmaxtxpow(struct mwl_hal_channel *, int, int);
234 static uint16_t ieee2mhz(int);
235 static const char *
236 mwlcmdname(int);
237 static int mwl_gethwspecs(struct mwl_softc *);
238 static int mwl_getchannels(struct mwl_softc *);
239 static void getchannels(struct mwl_softc *, int, int *,
240 struct mwl_channel *);
241 static void addchannels(struct mwl_channel *, int, int *,
242 const MWL_HAL_CHANNELINFO *, int);
243 static void addht40channels(struct mwl_channel *, int, int *,
244 const MWL_HAL_CHANNELINFO *, int);
245 static const struct mwl_channel *
246 findchannel(const struct mwl_channel *, int,
247 int, int);
248 static void addchan(struct mwl_channel *, int, int, int, int);
249
250 static int mwl_chan_set(struct mwl_softc *, struct mwl_channel *);
251 static void mwl_mapchan(MWL_HAL_CHANNEL *, const struct mwl_channel *);
252 static int mwl_setcurchanrates(struct mwl_softc *);
253 const struct ieee80211_rateset *
254 mwl_get_suprates(struct ieee80211com *,
255 const struct mwl_channel *);
256 static uint32_t cvtChannelFlags(const MWL_HAL_CHANNEL *);
257 static const struct mwl_hal_channel *
258 findhalchannel(const struct mwl_softc *,
259 const MWL_HAL_CHANNEL *);
260 enum ieee80211_phymode
261 mwl_chan2mode(const struct mwl_channel *);
262 static int mwl_map2regioncode(const struct mwl_regdomain *);
263 static int mwl_startrecv(struct mwl_softc *);
264 static int mwl_mode_init(struct mwl_softc *);
265 static void mwl_hal_intrset(struct mwl_softc *, uint32_t);
266 static void mwl_hal_getisr(struct mwl_softc *, uint32_t *);
267 static int mwl_hal_sethwdma(struct mwl_softc *,
268 const struct mwl_hal_txrxdma *);
269 static int mwl_hal_getchannelinfo(struct mwl_softc *, int, int,
270 const MWL_HAL_CHANNELINFO **);
271 static int mwl_hal_setmac_locked(struct mwl_softc *, const uint8_t *);
272 static int mwl_hal_keyreset(struct mwl_softc *, const MWL_HAL_KEYVAL *,
273 const uint8_t mac[IEEE80211_ADDR_LEN]);
274 static int mwl_hal_keyset(struct mwl_softc *, const MWL_HAL_KEYVAL *,
275 const uint8_t mac[IEEE80211_ADDR_LEN]);
276 static int mwl_hal_newstation(struct mwl_softc *, const uint8_t *,
277 uint16_t, uint16_t, const MWL_HAL_PEERINFO *, int, int);
278 static int mwl_hal_setantenna(struct mwl_softc *, MWL_HAL_ANTENNA, int);
279 static int mwl_hal_setradio(struct mwl_softc *, int, MWL_HAL_PREAMBLE);
280 static int mwl_hal_setwmm(struct mwl_softc *, int);
281 static int mwl_hal_setchannel(struct mwl_softc *, const MWL_HAL_CHANNEL *);
282 static int mwl_hal_settxpower(struct mwl_softc *, const MWL_HAL_CHANNEL *,
283 uint8_t);
284 static int mwl_hal_settxrate(struct mwl_softc *, MWL_HAL_TXRATE_HANDLING,
285 const MWL_HAL_TXRATE *);
286 static int mwl_hal_settxrate_auto(struct mwl_softc *,
287 const MWL_HAL_TXRATE *);
288 static int mwl_hal_setrateadaptmode(struct mwl_softc *, uint16_t);
289 static int mwl_hal_setoptimizationlevel(struct mwl_softc *, int);
290 static int mwl_hal_setregioncode(struct mwl_softc *, int);
291 static int mwl_hal_setassocid(struct mwl_softc *, const uint8_t *,
292 uint16_t);
293 static int mwl_setrates(struct ieee80211com *);
294 static int mwl_hal_setrtsthreshold(struct mwl_softc *, int);
295 static int mwl_hal_setcsmode(struct mwl_softc *, MWL_HAL_CSMODE);
296 static int mwl_hal_setpromisc(struct mwl_softc *, int);
297 static int mwl_hal_start(struct mwl_softc *);
298 static int mwl_hal_setinframode(struct mwl_softc *);
299 static int mwl_hal_stop(struct mwl_softc *);
300 static struct ieee80211_node *
301 mwl_node_alloc(struct ieee80211com *);
302 static void mwl_node_free(struct ieee80211_node *);
303 static int mwl_key_alloc(struct ieee80211com *,
304 const struct ieee80211_key *,
305 ieee80211_keyix *, ieee80211_keyix *);
306 static int mwl_key_delete(struct ieee80211com *,
307 const struct ieee80211_key *);
308 static int mwl_key_set(struct ieee80211com *, const struct ieee80211_key *,
309 const uint8_t mac[IEEE80211_ADDR_LEN]);
310 static void mwl_setanywepkey(struct ieee80211com *, const uint8_t *);
311 static void mwl_setglobalkeys(struct ieee80211com *c);
312 static int addgroupflags(MWL_HAL_KEYVAL *, const struct ieee80211_key *);
313 static void mwl_hal_txstart(struct mwl_softc *, int);
314 static int mwl_send(ieee80211com_t *, mblk_t *, uint8_t);
315 static void mwl_next_scan(void *);
316 static MWL_HAL_PEERINFO *
317 mkpeerinfo(MWL_HAL_PEERINFO *, const struct ieee80211_node *);
318 static uint32_t get_rate_bitmap(const struct ieee80211_rateset *);
319 static int mwl_newstate(struct ieee80211com *, enum ieee80211_state, int);
320 static int cvtrssi(uint8_t);
321 static uint_t mwl_intr(caddr_t, caddr_t);
322 static uint_t mwl_softintr(caddr_t, caddr_t);
323 static void mwl_tx_intr(struct mwl_softc *);
324 static void mwl_rx_intr(struct mwl_softc *);
325 static int mwl_init(struct mwl_softc *);
326 static void mwl_stop(struct mwl_softc *);
327 static int mwl_resume(struct mwl_softc *);
328
329
330 #ifdef DEBUG
331 static void
332 mwl_debug(uint32_t dbg_flags, const int8_t *fmt, ...)
333 {
334 va_list args;
335
336 if (dbg_flags & mwl_dbg_flags) {
337 va_start(args, fmt);
338 vcmn_err(CE_CONT, fmt, args);
339 va_end(args);
340 }
341 }
342 #endif
343
344 /*
345 * Allocate an DMA memory and a DMA handle for accessing it
346 */
347 static int
348 mwl_alloc_dma_mem(dev_info_t *devinfo, ddi_dma_attr_t *dma_attr,
349 size_t memsize, ddi_device_acc_attr_t *attr_p, uint_t alloc_flags,
350 uint_t bind_flags, struct dma_area *dma_p)
351 {
352 int err;
353
354 /*
355 * Allocate handle
356 */
357 err = ddi_dma_alloc_handle(devinfo, dma_attr,
358 DDI_DMA_SLEEP, NULL, &dma_p->dma_hdl);
359 if (err != DDI_SUCCESS) {
360 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_dma_mem(): "
361 "failed to alloc handle\n");
362 goto fail1;
363 }
364
365 /*
366 * Allocate memory
367 */
368 err = ddi_dma_mem_alloc(dma_p->dma_hdl, memsize, attr_p,
369 alloc_flags, DDI_DMA_SLEEP, NULL, &dma_p->mem_va,
370 &dma_p->alength, &dma_p->acc_hdl);
371 if (err != DDI_SUCCESS) {
372 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_dma_mem(): "
373 "failed to alloc mem\n");
374 goto fail2;
375 }
376
377 /*
378 * Bind the two together
379 */
380 err = ddi_dma_addr_bind_handle(dma_p->dma_hdl, NULL,
381 dma_p->mem_va, dma_p->alength, bind_flags,
382 DDI_DMA_SLEEP, NULL, &dma_p->cookie, &dma_p->ncookies);
383 if (err != DDI_DMA_MAPPED) {
384 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_dma_mem(): "
385 "failed to bind handle\n");
386 goto fail3;
387 }
388
389 if (dma_p->ncookies != 1) {
390 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_dma_mem(): "
391 "failed to alloc cookies\n");
392 goto fail4;
393 }
394
395 dma_p->nslots = ~0U;
396 dma_p->size = ~0U;
397 dma_p->token = ~0U;
398 dma_p->offset = 0;
399
400 return (DDI_SUCCESS);
401
402 fail4:
403 (void) ddi_dma_unbind_handle(dma_p->dma_hdl);
404 fail3:
405 ddi_dma_mem_free(&dma_p->acc_hdl);
406 fail2:
407 ddi_dma_free_handle(&dma_p->dma_hdl);
408 fail1:
409 return (err);
410 }
411
412 static void
413 mwl_free_dma_mem(struct dma_area *dma_p)
414 {
415 if (dma_p->dma_hdl != NULL) {
416 (void) ddi_dma_unbind_handle(dma_p->dma_hdl);
417 if (dma_p->acc_hdl != NULL) {
418 ddi_dma_mem_free(&dma_p->acc_hdl);
419 dma_p->acc_hdl = NULL;
420 }
421 ddi_dma_free_handle(&dma_p->dma_hdl);
422 dma_p->ncookies = 0;
423 dma_p->dma_hdl = NULL;
424 }
425 }
426
427 static int
428 mwl_alloc_cmdbuf(struct mwl_softc *sc)
429 {
430 int err;
431 size_t size;
432
433 size = MWL_CMDBUF_SIZE;
434
435 err = mwl_alloc_dma_mem(sc->sc_dev, &mwl_dma_attr, size,
436 &mwl_cmdbuf_accattr, DDI_DMA_CONSISTENT,
437 DDI_DMA_RDWR | DDI_DMA_CONSISTENT,
438 &sc->sc_cmd_dma);
439 if (err != DDI_SUCCESS) {
440 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_cmdbuf(): "
441 "failed to alloc dma mem\n");
442 return (DDI_FAILURE);
443 }
444
445 sc->sc_cmd_mem = (uint16_t *)sc->sc_cmd_dma.mem_va;
446 sc->sc_cmd_dmaaddr = sc->sc_cmd_dma.cookie.dmac_address;
447
448 return (DDI_SUCCESS);
449 }
450
451 static void
452 mwl_free_cmdbuf(struct mwl_softc *sc)
453 {
454 if (sc->sc_cmd_mem != NULL)
455 mwl_free_dma_mem(&sc->sc_cmd_dma);
456 }
457
458 static int
459 mwl_alloc_rx_ring(struct mwl_softc *sc, int count)
460 {
461 struct mwl_rx_ring *ring;
462 struct mwl_rxdesc *ds;
463 struct mwl_rxbuf *bf;
464 int i, err, datadlen;
465
466 ring = &sc->sc_rxring;
467 ring->count = count;
468 ring->cur = ring->next = 0;
469 err = mwl_alloc_dma_mem(sc->sc_dev, &mwl_dma_attr,
470 count * sizeof (struct mwl_rxdesc),
471 &mwl_desc_accattr,
472 DDI_DMA_CONSISTENT, DDI_DMA_RDWR | DDI_DMA_CONSISTENT,
473 &ring->rxdesc_dma);
474 if (err) {
475 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_rxring(): "
476 "alloc tx ring failed, size %d\n",
477 (uint32_t)(count * sizeof (struct mwl_rxdesc)));
478 return (DDI_FAILURE);
479 }
480
481 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_rx_ring(): "
482 "dma len = %d\n", (uint32_t)(ring->rxdesc_dma.alength));
483 ring->desc = (struct mwl_rxdesc *)ring->rxdesc_dma.mem_va;
484 ring->physaddr = ring->rxdesc_dma.cookie.dmac_address;
485 bzero(ring->desc, count * sizeof (struct mwl_rxdesc));
486
487 datadlen = count * sizeof (struct mwl_rxbuf);
488 ring->buf = (struct mwl_rxbuf *)kmem_zalloc(datadlen, KM_SLEEP);
489 if (ring->buf == NULL) {
490 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_rxring(): "
491 "could not alloc rx ring data buffer\n");
492 return (DDI_FAILURE);
493 }
494 bzero(ring->buf, count * sizeof (struct mwl_rxbuf));
495
496 /*
497 * Pre-allocate Rx buffers and populate Rx ring.
498 */
499 for (i = 0; i < count; i++) {
500 ds = &ring->desc[i];
501 bf = &ring->buf[i];
502 /* alloc DMA memory */
503 (void) mwl_alloc_dma_mem(sc->sc_dev, &mwl_dma_attr,
504 sc->sc_dmabuf_size,
505 &mwl_buf_accattr,
506 DDI_DMA_STREAMING,
507 DDI_DMA_READ | DDI_DMA_STREAMING,
508 &bf->rxbuf_dma);
509 bf->bf_mem = (uint8_t *)(bf->rxbuf_dma.mem_va);
510 bf->bf_baddr = bf->rxbuf_dma.cookie.dmac_address;
511 bf->bf_desc = ds;
512 bf->bf_daddr = ring->physaddr + _PTRDIFF(ds, ring->desc);
513 }
514
515 (void) ddi_dma_sync(ring->rxdesc_dma.dma_hdl,
516 0,
517 ring->rxdesc_dma.alength,
518 DDI_DMA_SYNC_FORDEV);
519
520 return (0);
521 }
522
523 static void
524 mwl_free_rx_ring(struct mwl_softc *sc)
525 {
526 struct mwl_rx_ring *ring;
527 struct mwl_rxbuf *bf;
528 int i;
529
530 ring = &sc->sc_rxring;
531
532 if (ring->desc != NULL) {
533 mwl_free_dma_mem(&ring->rxdesc_dma);
534 }
535
536 if (ring->buf != NULL) {
537 for (i = 0; i < ring->count; i++) {
538 bf = &ring->buf[i];
539 mwl_free_dma_mem(&bf->rxbuf_dma);
540 }
541 kmem_free(ring->buf,
542 (ring->count * sizeof (struct mwl_rxbuf)));
543 }
544 }
545
546 static int
547 mwl_alloc_tx_ring(struct mwl_softc *sc, struct mwl_tx_ring *ring,
548 int count)
549 {
550 struct mwl_txdesc *ds;
551 struct mwl_txbuf *bf;
552 int i, err, datadlen;
553
554 ring->count = count;
555 ring->queued = 0;
556 ring->cur = ring->next = ring->stat = 0;
557 err = mwl_alloc_dma_mem(sc->sc_dev, &mwl_dma_attr,
558 count * sizeof (struct mwl_txdesc), &mwl_desc_accattr,
559 DDI_DMA_CONSISTENT, DDI_DMA_RDWR | DDI_DMA_CONSISTENT,
560 &ring->txdesc_dma);
561 if (err) {
562 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_tx_ring(): "
563 "alloc tx ring failed, size %d\n",
564 (uint32_t)(count * sizeof (struct mwl_txdesc)));
565 return (DDI_FAILURE);
566 }
567
568 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_tx_ring(): "
569 "dma len = %d\n", (uint32_t)(ring->txdesc_dma.alength));
570 ring->desc = (struct mwl_txdesc *)ring->txdesc_dma.mem_va;
571 ring->physaddr = ring->txdesc_dma.cookie.dmac_address;
572 bzero(ring->desc, count * sizeof (struct mwl_txdesc));
573
574 datadlen = count * sizeof (struct mwl_txbuf);
575 ring->buf = kmem_zalloc(datadlen, KM_SLEEP);
576 if (ring->buf == NULL) {
577 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_alloc_tx_ring(): "
578 "could not alloc tx ring data buffer\n");
579 return (DDI_FAILURE);
580 }
581 bzero(ring->buf, count * sizeof (struct mwl_txbuf));
582
583 for (i = 0; i < count; i++) {
584 ds = &ring->desc[i];
585 bf = &ring->buf[i];
586 /* alloc DMA memory */
587 (void) mwl_alloc_dma_mem(sc->sc_dev, &mwl_dma_attr,
588 sc->sc_dmabuf_size,
589 &mwl_buf_accattr,
590 DDI_DMA_STREAMING,
591 DDI_DMA_WRITE | DDI_DMA_STREAMING,
592 &bf->txbuf_dma);
593 bf->bf_baddr = bf->txbuf_dma.cookie.dmac_address;
594 bf->bf_mem = (uint8_t *)(bf->txbuf_dma.mem_va);
595 bf->bf_daddr = ring->physaddr + _PTRDIFF(ds, ring->desc);
596 bf->bf_desc = ds;
597 }
598
599 (void) ddi_dma_sync(ring->txdesc_dma.dma_hdl,
600 0,
601 ring->txdesc_dma.alength,
602 DDI_DMA_SYNC_FORDEV);
603
604 return (0);
605 }
606
607 /* ARGSUSED */
608 static void
609 mwl_free_tx_ring(struct mwl_softc *sc, struct mwl_tx_ring *ring)
610 {
611 struct mwl_txbuf *bf;
612 int i;
613
614 if (ring->desc != NULL) {
615 mwl_free_dma_mem(&ring->txdesc_dma);
616 }
617
618 if (ring->buf != NULL) {
619 for (i = 0; i < ring->count; i++) {
620 bf = &ring->buf[i];
621 mwl_free_dma_mem(&bf->txbuf_dma);
622 }
623 kmem_free(ring->buf,
624 (ring->count * sizeof (struct mwl_txbuf)));
625 }
626 }
627
628 /*
629 * Inform the f/w about location of the tx/rx dma data structures
630 * and related state. This cmd must be done immediately after a
631 * mwl_hal_gethwspecs call or the f/w will lockup.
632 */
633 static int
634 mwl_hal_sethwdma(struct mwl_softc *sc, const struct mwl_hal_txrxdma *dma)
635 {
636 HostCmd_DS_SET_HW_SPEC *pCmd;
637 int retval;
638
639 _CMD_SETUP(pCmd, HostCmd_DS_SET_HW_SPEC, HostCmd_CMD_SET_HW_SPEC);
640 pCmd->WcbBase[0] = LE_32(dma->wcbBase[0]);
641 pCmd->WcbBase[1] = LE_32(dma->wcbBase[1]);
642 pCmd->WcbBase[2] = LE_32(dma->wcbBase[2]);
643 pCmd->WcbBase[3] = LE_32(dma->wcbBase[3]);
644 pCmd->TxWcbNumPerQueue = LE_32(dma->maxNumTxWcb);
645 pCmd->NumTxQueues = LE_32(dma->maxNumWCB);
646 pCmd->TotalRxWcb = LE_32(1); /* XXX */
647 pCmd->RxPdWrPtr = LE_32(dma->rxDescRead);
648 /*
649 * pCmd->Flags = LE_32(SET_HW_SPEC_HOSTFORM_BEACON
650 * #ifdef MWL_HOST_PS_SUPPORT
651 * | SET_HW_SPEC_HOST_POWERSAVE
652 * #endif
653 * | SET_HW_SPEC_HOSTFORM_PROBERESP);
654 */
655 pCmd->Flags = 0;
656 /* disable multi-bss operation for A1-A4 parts */
657 if (sc->sc_revs.mh_macRev < 5)
658 pCmd->Flags |= LE_32(SET_HW_SPEC_DISABLEMBSS);
659
660 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_HW_SPEC);
661 if (retval == 0) {
662 if (pCmd->Flags & LE_32(SET_HW_SPEC_DISABLEMBSS))
663 sc->sc_hw_flags &= ~MHF_MBSS;
664 else
665 sc->sc_hw_flags |= MHF_MBSS;
666 }
667
668 return (retval);
669 }
670
671 /*
672 * Inform firmware of our tx/rx dma setup. The BAR 0
673 * writes below are for compatibility with older firmware.
674 * For current firmware we send this information with a
675 * cmd block via mwl_hal_sethwdma.
676 */
677 static int
678 mwl_setupdma(struct mwl_softc *sc)
679 {
680 int i, err;
681
682 sc->sc_hwdma.rxDescRead = sc->sc_rxring.physaddr;
683 mwl_mem_write4(sc, sc->sc_hwspecs.rxDescRead, sc->sc_hwdma.rxDescRead);
684 mwl_mem_write4(sc, sc->sc_hwspecs.rxDescWrite, sc->sc_hwdma.rxDescRead);
685
686 for (i = 0; i < MWL_NUM_TX_QUEUES - MWL_NUM_ACK_QUEUES; i++) {
687 struct mwl_tx_ring *txring = &sc->sc_txring[i];
688 sc->sc_hwdma.wcbBase[i] = txring->physaddr;
689 mwl_mem_write4(sc, sc->sc_hwspecs.wcbBase[i],
690 sc->sc_hwdma.wcbBase[i]);
691 }
692 sc->sc_hwdma.maxNumTxWcb = MWL_TX_RING_COUNT;
693 sc->sc_hwdma.maxNumWCB = MWL_NUM_TX_QUEUES - MWL_NUM_ACK_QUEUES;
694
695 err = mwl_hal_sethwdma(sc, &sc->sc_hwdma);
696 if (err != 0) {
697 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_setupdma(): "
698 "unable to setup tx/rx dma; hal status %u\n", err);
699 /* XXX */
700 }
701
702 return (err);
703 }
704
705 /* ARGSUSED */
706 static void
707 mwl_txq_init(struct mwl_softc *sc, struct mwl_tx_ring *txring, int qnum)
708 {
709 struct mwl_txbuf *bf;
710 struct mwl_txdesc *ds;
711 int i;
712
713 txring->qnum = qnum;
714 txring->txpri = 0; /* XXX */
715
716 bf = txring->buf;
717 ds = txring->desc;
718 for (i = 0; i < MWL_TX_RING_COUNT - 1; i++) {
719 bf++;
720 ds->pPhysNext = bf->bf_daddr;
721 ds++;
722 }
723 bf = txring->buf;
724 ds->pPhysNext = LE_32(bf->bf_daddr);
725 }
726
727 /*
728 * Setup a hardware data transmit queue for the specified
729 * access control. We record the mapping from ac's
730 * to h/w queues for use by mwl_tx_start.
731 */
732 static int
733 mwl_tx_setup(struct mwl_softc *sc, int ac, int mvtype)
734 {
735 #define N(a) (sizeof (a)/sizeof (a[0]))
736 struct mwl_tx_ring *txring;
737
738 if (ac >= N(sc->sc_ac2q)) {
739 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_tx_setup(): "
740 "AC %u out of range, max %u!\n",
741 ac, (uint_t)N(sc->sc_ac2q));
742 return (0);
743 }
744 if (mvtype >= MWL_NUM_TX_QUEUES) {
745 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_tx_setup(): "
746 "mvtype %u out of range, max %u!\n",
747 mvtype, MWL_NUM_TX_QUEUES);
748 return (0);
749 }
750 txring = &sc->sc_txring[mvtype];
751 mwl_txq_init(sc, txring, mvtype);
752 sc->sc_ac2q[ac] = txring;
753 return (1);
754 #undef N
755 }
756
757 static int
758 mwl_setup_txq(struct mwl_softc *sc)
759 {
760 int err = 0;
761
762 /* NB: insure BK queue is the lowest priority h/w queue */
763 if (!mwl_tx_setup(sc, WME_AC_BK, MWL_WME_AC_BK)) {
764 MWL_DBG(MWL_DBG_DMA, "mwl: mwl_setup_txq(): "
765 "unable to setup xmit queue for %s traffic!\n",
766 mwl_wme_acnames[WME_AC_BK]);
767 err = EIO;
768 return (err);
769 }
770 if (!mwl_tx_setup(sc, WME_AC_BE, MWL_WME_AC_BE) ||
771 !mwl_tx_setup(sc, WME_AC_VI, MWL_WME_AC_VI) ||
772 !mwl_tx_setup(sc, WME_AC_VO, MWL_WME_AC_VO)) {
773 /*
774 * Not enough hardware tx queues to properly do WME;
775 * just punt and assign them all to the same h/w queue.
776 * We could do a better job of this if, for example,
777 * we allocate queues when we switch from station to
778 * AP mode.
779 */
780 sc->sc_ac2q[WME_AC_BE] = sc->sc_ac2q[WME_AC_BK];
781 sc->sc_ac2q[WME_AC_VI] = sc->sc_ac2q[WME_AC_BK];
782 sc->sc_ac2q[WME_AC_VO] = sc->sc_ac2q[WME_AC_BK];
783 }
784
785 return (err);
786 }
787
788 /*
789 * find mwl firmware module's "_start" "_end" symbols
790 * and get its size.
791 */
792 static int
793 mwl_loadsym(ddi_modhandle_t modp, char *sym, char **start, size_t *len)
794 {
795 char start_sym[64];
796 char end_sym[64];
797 char *p, *end;
798 int rv;
799 size_t n;
800
801 (void) snprintf(start_sym, sizeof (start_sym), "%s_start", sym);
802 (void) snprintf(end_sym, sizeof (end_sym), "%s_end", sym);
803
804 p = (char *)ddi_modsym(modp, start_sym, &rv);
805 if (p == NULL || rv != 0) {
806 MWL_DBG(MWL_DBG_FW, "mwl: mwl_loadsym(): "
807 "mod %s: symbol %s not found\n", sym, start_sym);
808 return (-1);
809 }
810
811 end = (char *)ddi_modsym(modp, end_sym, &rv);
812 if (end == NULL || rv != 0) {
813 MWL_DBG(MWL_DBG_FW, "mwl: mwl_loadsym(): "
814 "mod %s: symbol %s not found\n", sym, end_sym);
815 return (-1);
816 }
817
818 n = _PTRDIFF(end, p);
819 *start = p;
820 *len = n;
821
822 return (0);
823 }
824
825 static void
826 mwlFwReset(struct mwl_softc *sc)
827 {
828 if (mwl_ctl_read4(sc, MACREG_REG_INT_CODE) == 0xffffffff) {
829 MWL_DBG(MWL_DBG_FW, "mwl: mwlFWReset(): "
830 "device not present!\n");
831 return;
832 }
833
834 mwl_ctl_write4(sc, MACREG_REG_H2A_INTERRUPT_EVENTS, ISR_RESET);
835 sc->sc_hw_flags &= ~MHF_FWHANG;
836 }
837
838 static void
839 mwlPokeSdramController(struct mwl_softc *sc, int SDRAMSIZE_Addr)
840 {
841 /* Set up sdram controller for superflyv2 */
842 mwl_ctl_write4(sc, 0x00006014, 0x33);
843 mwl_ctl_write4(sc, 0x00006018, 0xa3a2632);
844 mwl_ctl_write4(sc, 0x00006010, SDRAMSIZE_Addr);
845 }
846
847 static void
848 mwlTriggerPciCmd(struct mwl_softc *sc)
849 {
850 (void) ddi_dma_sync(sc->sc_cmd_dma.dma_hdl,
851 0,
852 sc->sc_cmd_dma.alength,
853 DDI_DMA_SYNC_FORDEV);
854
855 mwl_ctl_write4(sc, MACREG_REG_GEN_PTR, sc->sc_cmd_dmaaddr);
856 (void) mwl_ctl_read4(sc, MACREG_REG_INT_CODE);
857
858 mwl_ctl_write4(sc, MACREG_REG_INT_CODE, 0x00);
859 (void) mwl_ctl_read4(sc, MACREG_REG_INT_CODE);
860
861 mwl_ctl_write4(sc, MACREG_REG_H2A_INTERRUPT_EVENTS,
862 MACREG_H2ARIC_BIT_DOOR_BELL);
863 (void) mwl_ctl_read4(sc, MACREG_REG_INT_CODE);
864 }
865
866 static int
867 mwlWaitFor(struct mwl_softc *sc, uint32_t val)
868 {
869 int i;
870
871 for (i = 0; i < FW_MAX_NUM_CHECKS; i++) {
872 DELAY(FW_CHECK_USECS);
873 if (mwl_ctl_read4(sc, MACREG_REG_INT_CODE) == val)
874 return (1);
875 }
876 return (0);
877 }
878
879 /*
880 * Firmware block xmit when talking to the boot-rom.
881 */
882 static int
883 mwlSendBlock(struct mwl_softc *sc, int bsize, const void *data, size_t dsize)
884 {
885 sc->sc_cmd_mem[0] = LE_16(HostCmd_CMD_CODE_DNLD);
886 sc->sc_cmd_mem[1] = LE_16(bsize);
887 (void) memcpy(&sc->sc_cmd_mem[4], data, dsize);
888 mwlTriggerPciCmd(sc);
889 /* XXX 2000 vs 200 */
890 if (mwlWaitFor(sc, MACREG_INT_CODE_CMD_FINISHED)) {
891 mwl_ctl_write4(sc, MACREG_REG_INT_CODE, 0);
892 return (1);
893 }
894
895 MWL_DBG(MWL_DBG_FW, "mwl: mwlSendBlock(): "
896 "timeout waiting for CMD_FINISHED, INT_CODE 0x%x\n",
897 mwl_ctl_read4(sc, MACREG_REG_INT_CODE));
898 return (0);
899 }
900
901 /*
902 * Firmware block xmit when talking to the 1st-stage loader.
903 */
904 static int
905 mwlSendBlock2(struct mwl_softc *sc, const void *data, size_t dsize)
906 {
907 (void) memcpy(&sc->sc_cmd_mem[0], data, dsize);
908 mwlTriggerPciCmd(sc);
909 if (mwlWaitFor(sc, MACREG_INT_CODE_CMD_FINISHED)) {
910 mwl_ctl_write4(sc, MACREG_REG_INT_CODE, 0);
911 return (1);
912 }
913
914 MWL_DBG(MWL_DBG_FW, "mwl: mwlSendBlock2(): "
915 "timeout waiting for CMD_FINISHED, INT_CODE 0x%x\n",
916 mwl_ctl_read4(sc, MACREG_REG_INT_CODE));
917 return (0);
918 }
919
920 /* ARGSUSED */
921 static int
922 mwl_fwload(struct mwl_softc *sc, void *fwargs)
923 {
924 char *fwname = "mwlfw";
925 char *fwbootname = "mwlboot";
926 char *fwbinname = "mw88W8363fw";
927 char *fwboot_index, *fw_index;
928 uint8_t *fw, *fwboot;
929 ddi_modhandle_t modfw;
930 /* XXX get from firmware header */
931 uint32_t FwReadySignature = HostCmd_SOFTAP_FWRDY_SIGNATURE;
932 uint32_t OpMode = HostCmd_SOFTAP_MODE;
933 const uint8_t *fp, *ep;
934 size_t fw_size, fwboot_size;
935 uint32_t blocksize, nbytes;
936 int i, rv, err, ntries;
937
938 rv = err = 0;
939 fw = fwboot = NULL;
940 fw_index = fwboot_index = NULL;
941
942 modfw = ddi_modopen(fwname, KRTLD_MODE_FIRST, &rv);
943 if (modfw == NULL) {
944 MWL_DBG(MWL_DBG_FW, "mwl: mwl_fwload(): "
945 "module %s not found\n", fwname);
946 err = -1;
947 goto bad2;
948 }
949
950 err = mwl_loadsym(modfw, fwbootname, &fwboot_index, &fwboot_size);
951 if (err != 0) {
952 MWL_DBG(MWL_DBG_FW, "mwl: mwl_fwload(): "
953 "could not get boot firmware\n");
954 err = -1;
955 goto bad2;
956 }
957
958 err = mwl_loadsym(modfw, fwbinname, &fw_index, &fw_size);
959 if (err != 0) {
960 MWL_DBG(MWL_DBG_FW, "mwl: mwl_fwload(): "
961 "could not get firmware\n");
962 err = -1;
963 goto bad2;
964 }
965
966 fwboot = (uint8_t *)kmem_alloc(fwboot_size, KM_SLEEP);
967 if (fwboot == NULL) {
968 MWL_DBG(MWL_DBG_FW, "mwl: mwl_loadfirmware(): "
969 "failed to alloc boot firmware memory\n");
970 err = -1;
971 goto bad2;
972 }
973 (void) memcpy(fwboot, fwboot_index, fwboot_size);
974
975 fw = (uint8_t *)kmem_alloc(fw_size, KM_SLEEP);
976 if (fw == NULL) {
977 MWL_DBG(MWL_DBG_FW, "mwl: mwl_loadfirmware(): "
978 "failed to alloc firmware memory\n");
979 err = -1;
980 goto bad2;
981 }
982 (void) memcpy(fw, fw_index, fw_size);
983
984 if (modfw != NULL)
985 (void) ddi_modclose(modfw);
986
987 if (fw_size < 4) {
988 MWL_DBG(MWL_DBG_FW, "mwl: mwl_fwload(): "
989 "could not load firmware image %s\n",
990 fwname);
991 err = ENXIO;
992 goto bad2;
993 }
994
995 if (fw[0] == 0x01 && fw[1] == 0x00 &&
996 fw[2] == 0x00 && fw[3] == 0x00) {
997 /*
998 * 2-stage load, get the boot firmware.
999 */
1000 if (fwboot == NULL) {
1001 MWL_DBG(MWL_DBG_FW, "mwl: mwl_fwload(): "
1002 "could not load firmware image %s\n",
1003 fwbootname);
1004 err = ENXIO;
1005 goto bad2;
1006 }
1007 } else
1008 fwboot = NULL;
1009
1010 mwlFwReset(sc);
1011
1012 mwl_ctl_write4(sc, MACREG_REG_A2H_INTERRUPT_CLEAR_SEL,
1013 MACREG_A2HRIC_BIT_MASK);
1014 mwl_ctl_write4(sc, MACREG_REG_A2H_INTERRUPT_CAUSE, 0x00);
1015 mwl_ctl_write4(sc, MACREG_REG_A2H_INTERRUPT_MASK, 0x00);
1016 mwl_ctl_write4(sc, MACREG_REG_A2H_INTERRUPT_STATUS_MASK,
1017 MACREG_A2HRIC_BIT_MASK);
1018 if (sc->sc_SDRAMSIZE_Addr != 0) {
1019 /* Set up sdram controller for superflyv2 */
1020 mwlPokeSdramController(sc, sc->sc_SDRAMSIZE_Addr);
1021 }
1022
1023 MWL_DBG(MWL_DBG_FW, "mwl: mwl_fwload(): "
1024 "load %s firmware image (%u bytes)\n",
1025 fwname, (unsigned int)fw_size);
1026
1027 if (fwboot != NULL) {
1028 /*
1029 * Do 2-stage load. The 1st stage loader is setup
1030 * with the bootrom loader then we load the real
1031 * image using a different handshake. With this
1032 * mechanism the firmware is segmented into chunks
1033 * that have a CRC. If a chunk is incorrect we'll
1034 * be told to retransmit.
1035 */
1036 /* XXX assumes hlpimage fits in a block */
1037 /* NB: zero size block indicates download is finished */
1038 if (!mwlSendBlock(sc, fwboot_size, fwboot, fwboot_size) ||
1039 !mwlSendBlock(sc, 0, NULL, 0)) {
1040 err = ETIMEDOUT;
1041 goto bad;
1042 }
1043 DELAY(200 * FW_CHECK_USECS);
1044 if (sc->sc_SDRAMSIZE_Addr != 0) {
1045 /* Set up sdram controller for superflyv2 */
1046 mwlPokeSdramController(sc, sc->sc_SDRAMSIZE_Addr);
1047 }
1048 nbytes = ntries = 0; /* NB: silence compiler */
1049 for (fp = fw, ep = fp + fw_size; fp < ep; ) {
1050 mwl_ctl_write4(sc, MACREG_REG_INT_CODE, 0);
1051 blocksize = mwl_ctl_read4(sc, MACREG_REG_SCRATCH);
1052 if (blocksize == 0) /* download complete */
1053 break;
1054 if (blocksize > 0x00000c00) {
1055 err = EINVAL;
1056 goto bad;
1057 }
1058 if ((blocksize & 0x1) == 0) {
1059 /* block successfully downloaded, advance */
1060 fp += nbytes;
1061 ntries = 0;
1062 } else {
1063 if (++ntries > 2) {
1064 /*
1065 * Guard against f/w telling us to
1066 * retry infinitely.
1067 */
1068 err = ELOOP;
1069 goto bad;
1070 }
1071 /* clear NAK bit/flag */
1072 blocksize &= ~0x1;
1073 }
1074 if (blocksize > _PTRDIFF(ep, fp)) {
1075 /* XXX this should not happen, what to do? */
1076 blocksize = _PTRDIFF(ep, fp);
1077 }
1078 nbytes = blocksize;
1079 if (!mwlSendBlock2(sc, fp, nbytes)) {
1080 err = ETIMEDOUT;
1081 goto bad;
1082 }
1083 }
1084 } else {
1085 for (fp = fw, ep = fp + fw_size; fp < ep; ) {
1086 nbytes = _PTRDIFF(ep, fp);
1087 if (nbytes > FW_DOWNLOAD_BLOCK_SIZE)
1088 nbytes = FW_DOWNLOAD_BLOCK_SIZE;
1089 if (!mwlSendBlock(sc, FW_DOWNLOAD_BLOCK_SIZE, fp,
1090 nbytes)) {
1091 err = EIO;
1092 goto bad;
1093 }
1094 fp += nbytes;
1095 }
1096 }
1097
1098 /*
1099 * Wait for firmware to startup; we monitor the
1100 * INT_CODE register waiting for a signature to
1101 * written back indicating it's ready to go.
1102 */
1103 sc->sc_cmd_mem[1] = 0;
1104 /*
1105 * XXX WAR for mfg fw download
1106 */
1107 if (OpMode != HostCmd_STA_MODE)
1108 mwlTriggerPciCmd(sc);
1109 for (i = 0; i < FW_MAX_NUM_CHECKS; i++) {
1110 mwl_ctl_write4(sc, MACREG_REG_GEN_PTR, OpMode);
1111 DELAY(FW_CHECK_USECS);
1112 if (mwl_ctl_read4(sc, MACREG_REG_INT_CODE) ==
1113 FwReadySignature) {
1114 mwl_ctl_write4(sc, MACREG_REG_INT_CODE, 0x00);
1115 return (mwlResetHalState(sc));
1116 }
1117 }
1118 MWL_DBG(MWL_DBG_FW, "mwl: mwl_fwload(): "
1119 "firmware download timeout\n");
1120 return (ETIMEDOUT);
1121 bad:
1122 mwlFwReset(sc);
1123 bad2:
1124 if (fw != NULL)
1125 kmem_free(fw, fw_size);
1126 if (fwboot != NULL)
1127 kmem_free(fwboot, fwboot_size);
1128 fwboot = fw = NULL;
1129 fwboot_index = fw_index = NULL;
1130 if (modfw != NULL)
1131 (void) ddi_modclose(modfw);
1132 return (err);
1133 }
1134
1135 /*
1136 * Low level firmware cmd block handshake support.
1137 */
1138 static void
1139 mwlSendCmd(struct mwl_softc *sc)
1140 {
1141 (void) ddi_dma_sync(sc->sc_cmd_dma.dma_hdl,
1142 0,
1143 sc->sc_cmd_dma.alength,
1144 DDI_DMA_SYNC_FORDEV);
1145
1146 mwl_ctl_write4(sc, MACREG_REG_GEN_PTR, sc->sc_cmd_dmaaddr);
1147 (void) mwl_ctl_read4(sc, MACREG_REG_INT_CODE);
1148
1149 mwl_ctl_write4(sc, MACREG_REG_H2A_INTERRUPT_EVENTS,
1150 MACREG_H2ARIC_BIT_DOOR_BELL);
1151 }
1152
1153 static int
1154 mwlExecuteCmd(struct mwl_softc *sc, unsigned short cmd)
1155 {
1156 if (mwl_ctl_read4(sc, MACREG_REG_INT_CODE) == 0xffffffff) {
1157 MWL_DBG(MWL_DBG_CMD, "mwl: mwlExecuteCmd(): "
1158 "device not present!\n");
1159 return (EIO);
1160 }
1161 mwlSendCmd(sc);
1162 if (!mwlWaitForCmdComplete(sc, 0x8000 | cmd)) {
1163 MWL_DBG(MWL_DBG_CMD, "mwl: mwlExecuteCmd(): "
1164 "timeout waiting for f/w cmd %s\n", mwlcmdname(cmd));
1165 return (ETIMEDOUT);
1166 }
1167 (void) ddi_dma_sync(sc->sc_cmd_dma.dma_hdl,
1168 0,
1169 sc->sc_cmd_dma.alength,
1170 DDI_DMA_SYNC_FORDEV);
1171
1172 MWL_DBG(MWL_DBG_CMD, "mwl: mwlExecuteCmd(): "
1173 "send cmd %s\n", mwlcmdname(cmd));
1174
1175 if (mwl_dbg_flags & MWL_DBG_CMD)
1176 dumpresult(sc, 1);
1177
1178 return (0);
1179 }
1180
1181 static int
1182 mwlWaitForCmdComplete(struct mwl_softc *sc, uint16_t cmdCode)
1183 {
1184 #define MAX_WAIT_FW_COMPLETE_ITERATIONS 10000
1185 int i;
1186
1187 for (i = 0; i < MAX_WAIT_FW_COMPLETE_ITERATIONS; i++) {
1188 if (sc->sc_cmd_mem[0] == LE_16(cmdCode))
1189 return (1);
1190 DELAY(1 * 1000);
1191 }
1192 return (0);
1193 #undef MAX_WAIT_FW_COMPLETE_ITERATIONS
1194 }
1195
1196 static const char *
1197 mwlcmdname(int cmd)
1198 {
1199 static char buf[12];
1200 #define CMD(x) case HostCmd_CMD_##x: return #x
1201 switch (cmd) {
1202 CMD(CODE_DNLD);
1203 CMD(GET_HW_SPEC);
1204 CMD(SET_HW_SPEC);
1205 CMD(MAC_MULTICAST_ADR);
1206 CMD(802_11_GET_STAT);
1207 CMD(MAC_REG_ACCESS);
1208 CMD(BBP_REG_ACCESS);
1209 CMD(RF_REG_ACCESS);
1210 CMD(802_11_RADIO_CONTROL);
1211 CMD(802_11_RF_TX_POWER);
1212 CMD(802_11_RF_ANTENNA);
1213 CMD(SET_BEACON);
1214 CMD(SET_RF_CHANNEL);
1215 CMD(SET_AID);
1216 CMD(SET_INFRA_MODE);
1217 CMD(SET_G_PROTECT_FLAG);
1218 CMD(802_11_RTS_THSD);
1219 CMD(802_11_SET_SLOT);
1220 CMD(SET_EDCA_PARAMS);
1221 CMD(802_11H_DETECT_RADAR);
1222 CMD(SET_WMM_MODE);
1223 CMD(HT_GUARD_INTERVAL);
1224 CMD(SET_FIXED_RATE);
1225 CMD(SET_LINKADAPT_CS_MODE);
1226 CMD(SET_MAC_ADDR);
1227 CMD(SET_RATE_ADAPT_MODE);
1228 CMD(BSS_START);
1229 CMD(SET_NEW_STN);
1230 CMD(SET_KEEP_ALIVE);
1231 CMD(SET_APMODE);
1232 CMD(SET_SWITCH_CHANNEL);
1233 CMD(UPDATE_ENCRYPTION);
1234 CMD(BASTREAM);
1235 CMD(SET_RIFS);
1236 CMD(SET_N_PROTECT_FLAG);
1237 CMD(SET_N_PROTECT_OPMODE);
1238 CMD(SET_OPTIMIZATION_LEVEL);
1239 CMD(GET_CALTABLE);
1240 CMD(SET_MIMOPSHT);
1241 CMD(GET_BEACON);
1242 CMD(SET_REGION_CODE);
1243 CMD(SET_POWERSAVESTATION);
1244 CMD(SET_TIM);
1245 CMD(GET_TIM);
1246 CMD(GET_SEQNO);
1247 CMD(DWDS_ENABLE);
1248 CMD(AMPDU_RETRY_RATEDROP_MODE);
1249 CMD(CFEND_ENABLE);
1250 }
1251 (void) snprintf(buf, sizeof (buf), "0x%x", cmd);
1252 return (buf);
1253 #undef CMD
1254 }
1255
1256 static void
1257 dumpresult(struct mwl_softc *sc, int showresult)
1258 {
1259 const FWCmdHdr *h = (const FWCmdHdr *)sc->sc_cmd_mem;
1260 int len;
1261
1262 len = LE_16(h->Length);
1263 #ifdef MWL_MBSS_SUPPORT
1264 MWL_DBG(MWL_DBG_CMD, "mwl: mwl_dumpresult(): "
1265 "Cmd %s Length %d SeqNum %d MacId %d",
1266 mwlcmdname(LE_16(h->Cmd) & ~0x8000), len, h->SeqNum, h->MacId);
1267 #else
1268 MWL_DBG(MWL_DBG_CMD, "mwl: mwl_dumpresult(): "
1269 "Cmd %s Length %d SeqNum %d",
1270 mwlcmdname(LE_16(h->Cmd) & ~0x8000), len, LE_16(h->SeqNum));
1271 #endif
1272 if (showresult) {
1273 const char *results[] =
1274 { "OK", "ERROR", "NOT_SUPPORT", "PENDING", "BUSY",
1275 "PARTIAL_DATA" };
1276 int result = LE_16(h->Result);
1277
1278 if (result <= HostCmd_RESULT_PARTIAL_DATA)
1279 MWL_DBG(MWL_DBG_CMD, "mwl: dumpresult(): "
1280 "Result %s", results[result]);
1281 else
1282 MWL_DBG(MWL_DBG_CMD, "mwl: dumpresult(): "
1283 "Result %d", result);
1284 }
1285 }
1286
1287 static int
1288 mwlGetCalTable(struct mwl_softc *sc, uint8_t annex, uint8_t index)
1289 {
1290 HostCmd_FW_GET_CALTABLE *pCmd;
1291 int retval;
1292
1293 _CMD_SETUP(pCmd, HostCmd_FW_GET_CALTABLE, HostCmd_CMD_GET_CALTABLE);
1294 pCmd->annex = annex;
1295 pCmd->index = index;
1296 (void) memset(pCmd->calTbl, 0, sizeof (pCmd->calTbl));
1297
1298 retval = mwlExecuteCmd(sc, HostCmd_CMD_GET_CALTABLE);
1299 if (retval == 0 &&
1300 pCmd->calTbl[0] != annex && annex != 0 && annex != 255)
1301 retval = EIO;
1302 return (retval);
1303 }
1304
1305 /*
1306 * Construct channel info for 2.4GHz channels from cal data.
1307 */
1308 static void
1309 get2Ghz(MWL_HAL_CHANNELINFO *ci, const uint8_t table[], int len)
1310 {
1311 int i, j;
1312
1313 j = 0;
1314 for (i = 0; i < len; i += 4) {
1315 struct mwl_hal_channel *hc = &ci->channels[j];
1316 hc->ieee = 1+j;
1317 hc->freq = ieee2mhz(1+j);
1318 (void) memcpy(hc->targetPowers, &table[i], 4);
1319 setmaxtxpow(hc, 0, 4);
1320 j++;
1321 }
1322 ci->nchannels = j;
1323 ci->freqLow = ieee2mhz(1);
1324 ci->freqHigh = ieee2mhz(j);
1325 }
1326
1327 /*
1328 * Construct channel info for 5GHz channels from cal data.
1329 */
1330 static void
1331 get5Ghz(MWL_HAL_CHANNELINFO *ci, const uint8_t table[], int len)
1332 {
1333 int i, j, f, l, h;
1334
1335 l = 32000;
1336 h = 0;
1337 j = 0;
1338 for (i = 0; i < len; i += 4) {
1339 struct mwl_hal_channel *hc;
1340
1341 if (table[i] == 0)
1342 continue;
1343 f = 5000 + 5*table[i];
1344 if (f < l)
1345 l = f;
1346 if (f > h)
1347 h = f;
1348 hc = &ci->channels[j];
1349 hc->freq = (uint16_t)f;
1350 hc->ieee = table[i];
1351 (void) memcpy(hc->targetPowers, &table[i], 4);
1352 setmaxtxpow(hc, 1, 4); /* NB: col 1 is the freq, skip */
1353 j++;
1354 }
1355 ci->nchannels = j;
1356 ci->freqLow = (uint16_t)((l == 32000) ? 0 : l);
1357 ci->freqHigh = (uint16_t)h;
1358 }
1359
1360 /*
1361 * Calculate the max tx power from the channel's cal data.
1362 */
1363 static void
1364 setmaxtxpow(struct mwl_hal_channel *hc, int i, int maxix)
1365 {
1366 hc->maxTxPow = hc->targetPowers[i];
1367 for (i++; i < maxix; i++)
1368 if (hc->targetPowers[i] > hc->maxTxPow)
1369 hc->maxTxPow = hc->targetPowers[i];
1370 }
1371
1372 static uint16_t
1373 ieee2mhz(int chan)
1374 {
1375 if (chan == 14)
1376 return (2484);
1377 if (chan < 14)
1378 return (2407 + chan * 5);
1379 return (2512 + (chan - 15) * 20);
1380 }
1381
1382 static void
1383 dumpcaldata(const char *name, const uint8_t *table, int n)
1384 {
1385 int i;
1386 MWL_DBG(MWL_DBG_HW, "\n%s:\n", name);
1387 for (i = 0; i < n; i += 4)
1388 MWL_DBG(MWL_DBG_HW, "[%2d] %3d %3d %3d %3d\n",
1389 i/4, table[i+0], table[i+1], table[i+2], table[i+3]);
1390 }
1391
1392 static int
1393 mwlGetPwrCalTable(struct mwl_softc *sc)
1394 {
1395 const uint8_t *data;
1396 MWL_HAL_CHANNELINFO *ci;
1397 int len;
1398
1399 /* NB: we hold the lock so it's ok to use cmdbuf */
1400 data = ((const HostCmd_FW_GET_CALTABLE *) sc->sc_cmd_mem)->calTbl;
1401 if (mwlGetCalTable(sc, 33, 0) == 0) {
1402 len = (data[2] | (data[3] << 8)) - 12;
1403 if (len > PWTAGETRATETABLE20M)
1404 len = PWTAGETRATETABLE20M;
1405 dumpcaldata("2.4G 20M", &data[12], len);
1406 get2Ghz(&sc->sc_20M, &data[12], len);
1407 }
1408 if (mwlGetCalTable(sc, 34, 0) == 0) {
1409 len = (data[2] | (data[3] << 8)) - 12;
1410 if (len > PWTAGETRATETABLE40M)
1411 len = PWTAGETRATETABLE40M;
1412 dumpcaldata("2.4G 40M", &data[12], len);
1413 ci = &sc->sc_40M;
1414 get2Ghz(ci, &data[12], len);
1415 }
1416 if (mwlGetCalTable(sc, 35, 0) == 0) {
1417 len = (data[2] | (data[3] << 8)) - 20;
1418 if (len > PWTAGETRATETABLE20M_5G)
1419 len = PWTAGETRATETABLE20M_5G;
1420 dumpcaldata("5G 20M", &data[20], len);
1421 get5Ghz(&sc->sc_20M_5G, &data[20], len);
1422 }
1423 if (mwlGetCalTable(sc, 36, 0) == 0) {
1424 len = (data[2] | (data[3] << 8)) - 20;
1425 if (len > PWTAGETRATETABLE40M_5G)
1426 len = PWTAGETRATETABLE40M_5G;
1427 dumpcaldata("5G 40M", &data[20], len);
1428 ci = &sc->sc_40M_5G;
1429 get5Ghz(ci, &data[20], len);
1430 }
1431 sc->sc_hw_flags |= MHF_CALDATA;
1432 return (0);
1433 }
1434
1435 /*
1436 * Reset internal state after a firmware download.
1437 */
1438 static int
1439 mwlResetHalState(struct mwl_softc *sc)
1440 {
1441 int err = 0;
1442
1443 /*
1444 * Fetch cal data for later use.
1445 * XXX may want to fetch other stuff too.
1446 */
1447 /* XXX check return */
1448 if ((sc->sc_hw_flags & MHF_CALDATA) == 0)
1449 err = mwlGetPwrCalTable(sc);
1450 return (err);
1451 }
1452
1453 #define IEEE80211_CHAN_HTG (IEEE80211_CHAN_HT|IEEE80211_CHAN_G)
1454 #define IEEE80211_CHAN_HTA (IEEE80211_CHAN_HT|IEEE80211_CHAN_A)
1455
1456 static void
1457 addchan(struct mwl_channel *c, int freq, int flags, int ieee, int txpow)
1458 {
1459 c->ic_freq = (uint16_t)freq;
1460 c->ic_flags = flags;
1461 c->ic_ieee = (uint8_t)ieee;
1462 c->ic_minpower = 0;
1463 c->ic_maxpower = 2*txpow;
1464 c->ic_maxregpower = (uint8_t)txpow;
1465 }
1466
1467 static const struct mwl_channel *
1468 findchannel(const struct mwl_channel chans[], int nchans,
1469 int freq, int flags)
1470 {
1471 const struct mwl_channel *c;
1472 int i;
1473
1474 for (i = 0; i < nchans; i++) {
1475 c = &chans[i];
1476 if (c->ic_freq == freq && c->ic_flags == flags)
1477 return (c);
1478 }
1479 return (NULL);
1480 }
1481
1482 static void
1483 addht40channels(struct mwl_channel chans[], int maxchans, int *nchans,
1484 const MWL_HAL_CHANNELINFO *ci, int flags)
1485 {
1486 struct mwl_channel *c;
1487 const struct mwl_channel *extc;
1488 const struct mwl_hal_channel *hc;
1489 int i;
1490
1491 c = &chans[*nchans];
1492
1493 flags &= ~IEEE80211_CHAN_HT;
1494 for (i = 0; i < ci->nchannels; i++) {
1495 /*
1496 * Each entry defines an HT40 channel pair; find the
1497 * extension channel above and the insert the pair.
1498 */
1499 hc = &ci->channels[i];
1500 extc = findchannel(chans, *nchans, hc->freq+20,
1501 flags | IEEE80211_CHAN_HT20);
1502 if (extc != NULL) {
1503 if (*nchans >= maxchans)
1504 break;
1505 addchan(c, hc->freq, flags | IEEE80211_CHAN_HT40U,
1506 hc->ieee, hc->maxTxPow);
1507 c->ic_extieee = extc->ic_ieee;
1508 c++, (*nchans)++;
1509 if (*nchans >= maxchans)
1510 break;
1511 addchan(c, extc->ic_freq, flags | IEEE80211_CHAN_HT40D,
1512 extc->ic_ieee, hc->maxTxPow);
1513 c->ic_extieee = hc->ieee;
1514 c++, (*nchans)++;
1515 }
1516 }
1517 }
1518
1519 static void
1520 addchannels(struct mwl_channel chans[], int maxchans, int *nchans,
1521 const MWL_HAL_CHANNELINFO *ci, int flags)
1522 {
1523 struct mwl_channel *c;
1524 int i;
1525
1526 c = &chans[*nchans];
1527
1528 for (i = 0; i < ci->nchannels; i++) {
1529 const struct mwl_hal_channel *hc;
1530
1531 hc = &ci->channels[i];
1532 if (*nchans >= maxchans)
1533 break;
1534 addchan(c, hc->freq, flags, hc->ieee, hc->maxTxPow);
1535 c++, (*nchans)++;
1536
1537 if (flags == IEEE80211_CHAN_G || flags == IEEE80211_CHAN_HTG) {
1538 /* g channel have a separate b-only entry */
1539 if (*nchans >= maxchans)
1540 break;
1541 c[0] = c[-1];
1542 c[-1].ic_flags = IEEE80211_CHAN_B;
1543 c++, (*nchans)++;
1544 }
1545 if (flags == IEEE80211_CHAN_HTG) {
1546 /* HT g channel have a separate g-only entry */
1547 if (*nchans >= maxchans)
1548 break;
1549 c[-1].ic_flags = IEEE80211_CHAN_G;
1550 c[0] = c[-1];
1551 c[0].ic_flags &= ~IEEE80211_CHAN_HT;
1552 c[0].ic_flags |= IEEE80211_CHAN_HT20; /* HT20 */
1553 c++, (*nchans)++;
1554 }
1555 if (flags == IEEE80211_CHAN_HTA) {
1556 /* HT a channel have a separate a-only entry */
1557 if (*nchans >= maxchans)
1558 break;
1559 c[-1].ic_flags = IEEE80211_CHAN_A;
1560 c[0] = c[-1];
1561 c[0].ic_flags &= ~IEEE80211_CHAN_HT;
1562 c[0].ic_flags |= IEEE80211_CHAN_HT20; /* HT20 */
1563 c++, (*nchans)++;
1564 }
1565 }
1566 }
1567
1568 static int
1569 mwl_hal_getchannelinfo(struct mwl_softc *sc, int band, int chw,
1570 const MWL_HAL_CHANNELINFO **ci)
1571 {
1572 switch (band) {
1573 case MWL_FREQ_BAND_2DOT4GHZ:
1574 *ci = (chw == MWL_CH_20_MHz_WIDTH) ? &sc->sc_20M : &sc->sc_40M;
1575 break;
1576 case MWL_FREQ_BAND_5GHZ:
1577 *ci = (chw == MWL_CH_20_MHz_WIDTH) ?
1578 &sc->sc_20M_5G : &sc->sc_40M_5G;
1579 break;
1580 default:
1581 return (EINVAL);
1582 }
1583 return (((*ci)->freqLow == (*ci)->freqHigh) ? EINVAL : 0);
1584 }
1585
1586 static void
1587 getchannels(struct mwl_softc *sc, int maxchans, int *nchans,
1588 struct mwl_channel chans[])
1589 {
1590 const MWL_HAL_CHANNELINFO *ci;
1591
1592 /*
1593 * Use the channel info from the hal to craft the
1594 * channel list. Note that we pass back an unsorted
1595 * list; the caller is required to sort it for us
1596 * (if desired).
1597 */
1598 *nchans = 0;
1599 if (mwl_hal_getchannelinfo(sc,
1600 MWL_FREQ_BAND_2DOT4GHZ, MWL_CH_20_MHz_WIDTH, &ci) == 0)
1601 addchannels(chans, maxchans, nchans, ci, IEEE80211_CHAN_HTG);
1602 if (mwl_hal_getchannelinfo(sc,
1603 MWL_FREQ_BAND_5GHZ, MWL_CH_20_MHz_WIDTH, &ci) == 0)
1604 addchannels(chans, maxchans, nchans, ci, IEEE80211_CHAN_HTA);
1605 if (mwl_hal_getchannelinfo(sc,
1606 MWL_FREQ_BAND_2DOT4GHZ, MWL_CH_40_MHz_WIDTH, &ci) == 0)
1607 addht40channels(chans, maxchans, nchans, ci,
1608 IEEE80211_CHAN_HTG);
1609 if (mwl_hal_getchannelinfo(sc,
1610 MWL_FREQ_BAND_5GHZ, MWL_CH_40_MHz_WIDTH, &ci) == 0)
1611 addht40channels(chans, maxchans, nchans, ci,
1612 IEEE80211_CHAN_HTA);
1613 }
1614
1615 static int
1616 mwl_getchannels(struct mwl_softc *sc)
1617 {
1618 /*
1619 * Use the channel info from the hal to craft the
1620 * channel list for net80211. Note that we pass up
1621 * an unsorted list; net80211 will sort it for us.
1622 */
1623 (void) memset(sc->sc_channels, 0, sizeof (sc->sc_channels));
1624 sc->sc_nchans = 0;
1625 getchannels(sc, IEEE80211_CHAN_MAX, &sc->sc_nchans, sc->sc_channels);
1626
1627 sc->sc_regdomain.regdomain = SKU_DEBUG;
1628 sc->sc_regdomain.country = CTRY_DEFAULT;
1629 sc->sc_regdomain.location = 'I';
1630 sc->sc_regdomain.isocc[0] = ' '; /* XXX? */
1631 sc->sc_regdomain.isocc[1] = ' ';
1632 return (sc->sc_nchans == 0 ? EIO : 0);
1633 }
1634
1635 #undef IEEE80211_CHAN_HTA
1636 #undef IEEE80211_CHAN_HTG
1637
1638 /*
1639 * Return "hw specs". Note this must be the first
1640 * cmd MUST be done after a firmware download or the
1641 * f/w will lockup.
1642 * XXX move into the hal so driver doesn't need to be responsible
1643 */
1644 static int
1645 mwl_gethwspecs(struct mwl_softc *sc)
1646 {
1647 struct mwl_hal_hwspec *hw;
1648 HostCmd_DS_GET_HW_SPEC *pCmd;
1649 int retval;
1650
1651 hw = &sc->sc_hwspecs;
1652 _CMD_SETUP(pCmd, HostCmd_DS_GET_HW_SPEC, HostCmd_CMD_GET_HW_SPEC);
1653 (void) memset(&pCmd->PermanentAddr[0], 0xff, IEEE80211_ADDR_LEN);
1654 pCmd->ulFwAwakeCookie = LE_32((unsigned int)sc->sc_cmd_dmaaddr + 2048);
1655
1656 retval = mwlExecuteCmd(sc, HostCmd_CMD_GET_HW_SPEC);
1657 if (retval == 0) {
1658 IEEE80211_ADDR_COPY(hw->macAddr, pCmd->PermanentAddr);
1659 hw->wcbBase[0] = LE_32(pCmd->WcbBase0) & 0x0000ffff;
1660 hw->wcbBase[1] = LE_32(pCmd->WcbBase1[0]) & 0x0000ffff;
1661 hw->wcbBase[2] = LE_32(pCmd->WcbBase1[1]) & 0x0000ffff;
1662 hw->wcbBase[3] = LE_32(pCmd->WcbBase1[2]) & 0x0000ffff;
1663 hw->rxDescRead = LE_32(pCmd->RxPdRdPtr)& 0x0000ffff;
1664 hw->rxDescWrite = LE_32(pCmd->RxPdWrPtr)& 0x0000ffff;
1665 hw->regionCode = LE_16(pCmd->RegionCode) & 0x00ff;
1666 hw->fwReleaseNumber = LE_32(pCmd->FWReleaseNumber);
1667 hw->maxNumWCB = LE_16(pCmd->NumOfWCB);
1668 hw->maxNumMCAddr = LE_16(pCmd->NumOfMCastAddr);
1669 hw->numAntennas = LE_16(pCmd->NumberOfAntenna);
1670 hw->hwVersion = pCmd->Version;
1671 hw->hostInterface = pCmd->HostIf;
1672
1673 sc->sc_revs.mh_macRev = hw->hwVersion; /* XXX */
1674 sc->sc_revs.mh_phyRev = hw->hostInterface; /* XXX */
1675 }
1676
1677 return (retval);
1678 }
1679
1680 static int
1681 mwl_hal_setmac_locked(struct mwl_softc *sc,
1682 const uint8_t addr[IEEE80211_ADDR_LEN])
1683 {
1684 HostCmd_DS_SET_MAC *pCmd;
1685
1686 _VCMD_SETUP(pCmd, HostCmd_DS_SET_MAC, HostCmd_CMD_SET_MAC_ADDR);
1687 IEEE80211_ADDR_COPY(&pCmd->MacAddr[0], addr);
1688 #ifdef MWL_MBSS_SUPPORT
1689 /* NB: already byte swapped */
1690 pCmd->MacType = WL_MAC_TYPE_PRIMARY_CLIENT;
1691 #endif
1692 return (mwlExecuteCmd(sc, HostCmd_CMD_SET_MAC_ADDR));
1693 }
1694
1695 static void
1696 cvtPeerInfo(PeerInfo_t *to, const MWL_HAL_PEERINFO *from)
1697 {
1698 to->LegacyRateBitMap = LE_32(from->LegacyRateBitMap);
1699 to->HTRateBitMap = LE_32(from->HTRateBitMap);
1700 to->CapInfo = LE_16(from->CapInfo);
1701 to->HTCapabilitiesInfo = LE_16(from->HTCapabilitiesInfo);
1702 to->MacHTParamInfo = from->MacHTParamInfo;
1703 to->AddHtInfo.ControlChan = from->AddHtInfo.ControlChan;
1704 to->AddHtInfo.AddChan = from->AddHtInfo.AddChan;
1705 to->AddHtInfo.OpMode = LE_16(from->AddHtInfo.OpMode);
1706 to->AddHtInfo.stbc = LE_16(from->AddHtInfo.stbc);
1707 }
1708
1709 /* XXX station id must be in [0..63] */
1710 static int
1711 mwl_hal_newstation(struct mwl_softc *sc,
1712 const uint8_t addr[IEEE80211_ADDR_LEN], uint16_t aid, uint16_t sid,
1713 const MWL_HAL_PEERINFO *peer, int isQosSta, int wmeInfo)
1714 {
1715 HostCmd_FW_SET_NEW_STN *pCmd;
1716 int retval;
1717
1718 _VCMD_SETUP(pCmd, HostCmd_FW_SET_NEW_STN, HostCmd_CMD_SET_NEW_STN);
1719 pCmd->AID = LE_16(aid);
1720 pCmd->StnId = LE_16(sid);
1721 pCmd->Action = LE_16(0); /* SET */
1722 if (peer != NULL) {
1723 /* NB: must fix up byte order */
1724 cvtPeerInfo(&pCmd->PeerInfo, peer);
1725 }
1726 IEEE80211_ADDR_COPY(&pCmd->MacAddr[0], addr);
1727 pCmd->Qosinfo = (uint8_t)wmeInfo;
1728 pCmd->isQosSta = (isQosSta != 0);
1729
1730 MWL_DBG(MWL_DBG_HW, "mwl: mwl_hal_newstation(): "
1731 "LegacyRateBitMap %x, CapInfo %x\n",
1732 pCmd->PeerInfo.LegacyRateBitMap, pCmd->PeerInfo.CapInfo);
1733
1734 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_NEW_STN);
1735 return (retval);
1736 }
1737
1738 /*
1739 * Configure antenna use.
1740 * Takes effect immediately.
1741 * XXX tx antenna setting ignored
1742 * XXX rx antenna setting should always be 3 (for now)
1743 */
1744 static int
1745 mwl_hal_setantenna(struct mwl_softc *sc, MWL_HAL_ANTENNA dirSet, int ant)
1746 {
1747 HostCmd_DS_802_11_RF_ANTENNA *pCmd;
1748 int retval;
1749
1750 if (!(dirSet == WL_ANTENNATYPE_RX || dirSet == WL_ANTENNATYPE_TX))
1751 return (EINVAL);
1752
1753 _CMD_SETUP(pCmd, HostCmd_DS_802_11_RF_ANTENNA,
1754 HostCmd_CMD_802_11_RF_ANTENNA);
1755 pCmd->Action = LE_16(dirSet);
1756 if (ant == 0) /* default to all/both antennae */
1757 ant = 3;
1758 pCmd->AntennaMode = LE_16(ant);
1759
1760 retval = mwlExecuteCmd(sc, HostCmd_CMD_802_11_RF_ANTENNA);
1761 return (retval);
1762 }
1763
1764 /*
1765 * Configure radio.
1766 * Takes effect immediately.
1767 * XXX preamble installed after set fixed rate cmd
1768 */
1769 static int
1770 mwl_hal_setradio(struct mwl_softc *sc, int onoff, MWL_HAL_PREAMBLE preamble)
1771 {
1772 HostCmd_DS_802_11_RADIO_CONTROL *pCmd;
1773 int retval;
1774
1775 _CMD_SETUP(pCmd, HostCmd_DS_802_11_RADIO_CONTROL,
1776 HostCmd_CMD_802_11_RADIO_CONTROL);
1777 pCmd->Action = LE_16(HostCmd_ACT_GEN_SET);
1778 if (onoff == 0)
1779 pCmd->Control = 0;
1780 else
1781 pCmd->Control = LE_16(preamble);
1782 pCmd->RadioOn = LE_16(onoff);
1783
1784 retval = mwlExecuteCmd(sc, HostCmd_CMD_802_11_RADIO_CONTROL);
1785 return (retval);
1786 }
1787
1788 static int
1789 mwl_hal_setwmm(struct mwl_softc *sc, int onoff)
1790 {
1791 HostCmd_FW_SetWMMMode *pCmd;
1792 int retval;
1793
1794 _CMD_SETUP(pCmd, HostCmd_FW_SetWMMMode,
1795 HostCmd_CMD_SET_WMM_MODE);
1796 pCmd->Action = LE_16(onoff);
1797
1798 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_WMM_MODE);
1799 return (retval);
1800 }
1801
1802 /*
1803 * Convert public channel flags definition to a
1804 * value suitable for feeding to the firmware.
1805 * Note this includes byte swapping.
1806 */
1807 static uint32_t
1808 cvtChannelFlags(const MWL_HAL_CHANNEL *chan)
1809 {
1810 uint32_t w;
1811
1812 /*
1813 * NB: f/w only understands FREQ_BAND_5GHZ, supplying the more
1814 * precise band info causes it to lockup (sometimes).
1815 */
1816 w = (chan->channelFlags.FreqBand == MWL_FREQ_BAND_2DOT4GHZ) ?
1817 FREQ_BAND_2DOT4GHZ : FREQ_BAND_5GHZ;
1818 switch (chan->channelFlags.ChnlWidth) {
1819 case MWL_CH_10_MHz_WIDTH:
1820 w |= CH_10_MHz_WIDTH;
1821 break;
1822 case MWL_CH_20_MHz_WIDTH:
1823 w |= CH_20_MHz_WIDTH;
1824 break;
1825 case MWL_CH_40_MHz_WIDTH:
1826 default:
1827 w |= CH_40_MHz_WIDTH;
1828 break;
1829 }
1830 switch (chan->channelFlags.ExtChnlOffset) {
1831 case MWL_EXT_CH_NONE:
1832 w |= EXT_CH_NONE;
1833 break;
1834 case MWL_EXT_CH_ABOVE_CTRL_CH:
1835 w |= EXT_CH_ABOVE_CTRL_CH;
1836 break;
1837 case MWL_EXT_CH_BELOW_CTRL_CH:
1838 w |= EXT_CH_BELOW_CTRL_CH;
1839 break;
1840 }
1841 return (LE_32(w));
1842 }
1843
1844 static int
1845 mwl_hal_setchannel(struct mwl_softc *sc, const MWL_HAL_CHANNEL *chan)
1846 {
1847 HostCmd_FW_SET_RF_CHANNEL *pCmd;
1848 int retval;
1849
1850 _CMD_SETUP(pCmd, HostCmd_FW_SET_RF_CHANNEL, HostCmd_CMD_SET_RF_CHANNEL);
1851 pCmd->Action = LE_16(HostCmd_ACT_GEN_SET);
1852 pCmd->CurrentChannel = chan->channel;
1853 pCmd->ChannelFlags = cvtChannelFlags(chan); /* NB: byte-swapped */
1854
1855 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_RF_CHANNEL);
1856 return (retval);
1857 }
1858
1859 static int
1860 mwl_hal_settxpower(struct mwl_softc *sc,
1861 const MWL_HAL_CHANNEL *c, uint8_t maxtxpow)
1862 {
1863 HostCmd_DS_802_11_RF_TX_POWER *pCmd;
1864 const struct mwl_hal_channel *hc;
1865 int i = 0, retval;
1866
1867 hc = findhalchannel(sc, c);
1868 if (hc == NULL) {
1869 /* XXX temp while testing */
1870 MWL_DBG(MWL_DBG_HW, "mwl: mwl_hal_settxpower(): "
1871 "no cal data for channel %u band %u width %u ext %u\n",
1872 c->channel, c->channelFlags.FreqBand,
1873 c->channelFlags.ChnlWidth, c->channelFlags.ExtChnlOffset);
1874 return (EINVAL);
1875 }
1876
1877 _CMD_SETUP(pCmd, HostCmd_DS_802_11_RF_TX_POWER,
1878 HostCmd_CMD_802_11_RF_TX_POWER);
1879 pCmd->Action = LE_16(HostCmd_ACT_GEN_SET_LIST);
1880 /* NB: 5Ghz cal data have the channel # in [0]; don't truncate */
1881 if (c->channelFlags.FreqBand == MWL_FREQ_BAND_5GHZ)
1882 pCmd->PowerLevelList[i++] = LE_16(hc->targetPowers[0]);
1883 for (; i < 4; i++) {
1884 uint16_t pow = hc->targetPowers[i];
1885 if (pow > maxtxpow)
1886 pow = maxtxpow;
1887 pCmd->PowerLevelList[i] = LE_16(pow);
1888 }
1889 retval = mwlExecuteCmd(sc, HostCmd_CMD_802_11_RF_TX_POWER);
1890 return (retval);
1891 }
1892
1893 #define RATEVAL(r) ((r) &~ RATE_MCS)
1894 #define RATETYPE(r) (((r) & RATE_MCS) ? HT_RATE_TYPE : LEGACY_RATE_TYPE)
1895
1896 static int
1897 mwl_hal_settxrate(struct mwl_softc *sc, MWL_HAL_TXRATE_HANDLING handling,
1898 const MWL_HAL_TXRATE *rate)
1899 {
1900 HostCmd_FW_USE_FIXED_RATE *pCmd;
1901 FIXED_RATE_ENTRY *fp;
1902 int retval, i, n;
1903
1904 _VCMD_SETUP(pCmd, HostCmd_FW_USE_FIXED_RATE,
1905 HostCmd_CMD_SET_FIXED_RATE);
1906
1907 pCmd->MulticastRate = RATEVAL(rate->McastRate);
1908 pCmd->MultiRateTxType = RATETYPE(rate->McastRate);
1909 /* NB: no rate type field */
1910 pCmd->ManagementRate = RATEVAL(rate->MgtRate);
1911 (void) memset(pCmd->FixedRateTable, 0, sizeof (pCmd->FixedRateTable));
1912 if (handling == RATE_FIXED) {
1913 pCmd->Action = LE_32(HostCmd_ACT_GEN_SET);
1914 pCmd->AllowRateDrop = LE_32(FIXED_RATE_WITHOUT_AUTORATE_DROP);
1915 fp = pCmd->FixedRateTable;
1916 fp->FixedRate =
1917 LE_32(RATEVAL(rate->RateSeries[0].Rate));
1918 fp->FixRateTypeFlags.FixRateType =
1919 LE_32(RATETYPE(rate->RateSeries[0].Rate));
1920 pCmd->EntryCount = LE_32(1);
1921 } else if (handling == RATE_FIXED_DROP) {
1922 pCmd->Action = LE_32(HostCmd_ACT_GEN_SET);
1923 pCmd->AllowRateDrop = LE_32(FIXED_RATE_WITH_AUTO_RATE_DROP);
1924 n = 0;
1925 fp = pCmd->FixedRateTable;
1926 for (i = 0; i < 4; i++) {
1927 if (rate->RateSeries[0].TryCount == 0)
1928 break;
1929 fp->FixRateTypeFlags.FixRateType =
1930 LE_32(RATETYPE(rate->RateSeries[i].Rate));
1931 fp->FixedRate =
1932 LE_32(RATEVAL(rate->RateSeries[i].Rate));
1933 fp->FixRateTypeFlags.RetryCountValid =
1934 LE_32(RETRY_COUNT_VALID);
1935 fp->RetryCount =
1936 LE_32(rate->RateSeries[i].TryCount-1);
1937 n++;
1938 }
1939 pCmd->EntryCount = LE_32(n);
1940 } else
1941 pCmd->Action = LE_32(HostCmd_ACT_NOT_USE_FIXED_RATE);
1942
1943 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_FIXED_RATE);
1944 return (retval);
1945 }
1946
1947 static int
1948 mwl_hal_settxrate_auto(struct mwl_softc *sc, const MWL_HAL_TXRATE *rate)
1949 {
1950 HostCmd_FW_USE_FIXED_RATE *pCmd;
1951 int retval;
1952
1953 _CMD_SETUP(pCmd, HostCmd_FW_USE_FIXED_RATE,
1954 HostCmd_CMD_SET_FIXED_RATE);
1955
1956 pCmd->MulticastRate = RATEVAL(rate->McastRate);
1957 pCmd->MultiRateTxType = RATETYPE(rate->McastRate);
1958 /* NB: no rate type field */
1959 pCmd->ManagementRate = RATEVAL(rate->MgtRate);
1960 (void) memset(pCmd->FixedRateTable, 0, sizeof (pCmd->FixedRateTable));
1961 pCmd->Action = LE_32(HostCmd_ACT_NOT_USE_FIXED_RATE);
1962
1963 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_FIXED_RATE);
1964 return (retval);
1965 }
1966
1967 #undef RATEVAL
1968 #undef RATETYPE
1969
1970 /* XXX 0 = indoor, 1 = outdoor */
1971 static int
1972 mwl_hal_setrateadaptmode(struct mwl_softc *sc, uint16_t mode)
1973 {
1974 HostCmd_DS_SET_RATE_ADAPT_MODE *pCmd;
1975 int retval;
1976
1977 _CMD_SETUP(pCmd, HostCmd_DS_SET_RATE_ADAPT_MODE,
1978 HostCmd_CMD_SET_RATE_ADAPT_MODE);
1979 pCmd->Action = LE_16(HostCmd_ACT_GEN_SET);
1980 pCmd->RateAdaptMode = LE_16(mode);
1981
1982 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_RATE_ADAPT_MODE);
1983 return (retval);
1984 }
1985
1986 static int
1987 mwl_hal_setoptimizationlevel(struct mwl_softc *sc, int level)
1988 {
1989 HostCmd_FW_SET_OPTIMIZATION_LEVEL *pCmd;
1990 int retval;
1991
1992 _CMD_SETUP(pCmd, HostCmd_FW_SET_OPTIMIZATION_LEVEL,
1993 HostCmd_CMD_SET_OPTIMIZATION_LEVEL);
1994 pCmd->OptLevel = (uint8_t)level;
1995
1996 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_OPTIMIZATION_LEVEL);
1997 return (retval);
1998 }
1999
2000 /*
2001 * Set the region code that selects the radar bin'ing agorithm.
2002 */
2003 static int
2004 mwl_hal_setregioncode(struct mwl_softc *sc, int regionCode)
2005 {
2006 HostCmd_SET_REGIONCODE_INFO *pCmd;
2007 int retval;
2008
2009 _CMD_SETUP(pCmd, HostCmd_SET_REGIONCODE_INFO,
2010 HostCmd_CMD_SET_REGION_CODE);
2011 /* XXX map pseudo-codes to fw codes */
2012 switch (regionCode) {
2013 case DOMAIN_CODE_ETSI_131:
2014 pCmd->regionCode = LE_16(DOMAIN_CODE_ETSI);
2015 break;
2016 default:
2017 pCmd->regionCode = LE_16(regionCode);
2018 break;
2019 }
2020
2021 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_REGION_CODE);
2022 return (retval);
2023 }
2024
2025 static int
2026 mwl_hal_setassocid(struct mwl_softc *sc,
2027 const uint8_t bssId[IEEE80211_ADDR_LEN], uint16_t assocId)
2028 {
2029 HostCmd_FW_SET_AID *pCmd = (HostCmd_FW_SET_AID *) &sc->sc_cmd_mem[0];
2030 int retval;
2031
2032 _VCMD_SETUP(pCmd, HostCmd_FW_SET_AID, HostCmd_CMD_SET_AID);
2033 pCmd->AssocID = LE_16(assocId);
2034 IEEE80211_ADDR_COPY(&pCmd->MacAddr[0], bssId);
2035
2036 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_AID);
2037 return (retval);
2038 }
2039
2040 /*
2041 * Inform firmware of tx rate parameters. Called whenever
2042 * user-settable params change and after a channel change.
2043 */
2044 static int
2045 mwl_setrates(struct ieee80211com *ic)
2046 {
2047 struct mwl_softc *sc = (struct mwl_softc *)ic;
2048 MWL_HAL_TXRATE rates;
2049
2050 const struct ieee80211_rateset *rs;
2051 rs = &ic->ic_bss->in_rates;
2052
2053 /*
2054 * Update the h/w rate map.
2055 * NB: 0x80 for MCS is passed through unchanged
2056 */
2057 (void) memset(&rates, 0, sizeof (rates));
2058 /* rate used to send management frames */
2059 rates.MgtRate = rs->ir_rates[0] & IEEE80211_RATE_VAL;
2060 /* rate used to send multicast frames */
2061 rates.McastRate = rates.MgtRate;
2062
2063 return (mwl_hal_settxrate(sc, RATE_AUTO, &rates));
2064 }
2065
2066 /*
2067 * Set packet size threshold for implicit use of RTS.
2068 * Takes effect immediately.
2069 * XXX packet length > threshold =>'s RTS
2070 */
2071 static int
2072 mwl_hal_setrtsthreshold(struct mwl_softc *sc, int threshold)
2073 {
2074 HostCmd_DS_802_11_RTS_THSD *pCmd;
2075 int retval;
2076
2077 _VCMD_SETUP(pCmd, HostCmd_DS_802_11_RTS_THSD,
2078 HostCmd_CMD_802_11_RTS_THSD);
2079 pCmd->Action = LE_16(HostCmd_ACT_GEN_SET);
2080 pCmd->Threshold = LE_16(threshold);
2081
2082 retval = mwlExecuteCmd(sc, HostCmd_CMD_802_11_RTS_THSD);
2083 return (retval);
2084 }
2085
2086 static int
2087 mwl_hal_setcsmode(struct mwl_softc *sc, MWL_HAL_CSMODE csmode)
2088 {
2089 HostCmd_DS_SET_LINKADAPT_CS_MODE *pCmd;
2090 int retval;
2091
2092 _CMD_SETUP(pCmd, HostCmd_DS_SET_LINKADAPT_CS_MODE,
2093 HostCmd_CMD_SET_LINKADAPT_CS_MODE);
2094 pCmd->Action = LE_16(HostCmd_ACT_GEN_SET);
2095 pCmd->CSMode = LE_16(csmode);
2096
2097 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_LINKADAPT_CS_MODE);
2098 return (retval);
2099 }
2100
2101 static int
2102 mwl_hal_setpromisc(struct mwl_softc *sc, int ena)
2103 {
2104 uint32_t v;
2105
2106 v = mwl_ctl_read4(sc, MACREG_REG_PROMISCUOUS);
2107 mwl_ctl_write4(sc, MACREG_REG_PROMISCUOUS, ena ? v | 1 : v & ~1);
2108
2109 return (0);
2110 }
2111
2112 static int
2113 mwl_hal_start(struct mwl_softc *sc)
2114 {
2115 HostCmd_DS_BSS_START *pCmd;
2116 int retval;
2117
2118 _VCMD_SETUP(pCmd, HostCmd_DS_BSS_START, HostCmd_CMD_BSS_START);
2119 pCmd->Enable = LE_32(HostCmd_ACT_GEN_ON);
2120
2121 retval = mwlExecuteCmd(sc, HostCmd_CMD_BSS_START);
2122 return (retval);
2123 }
2124
2125 /*
2126 * Enable sta-mode operation (disables beacon frame xmit).
2127 */
2128 static int
2129 mwl_hal_setinframode(struct mwl_softc *sc)
2130 {
2131 HostCmd_FW_SET_INFRA_MODE *pCmd;
2132 int retval;
2133
2134 _VCMD_SETUP(pCmd, HostCmd_FW_SET_INFRA_MODE,
2135 HostCmd_CMD_SET_INFRA_MODE);
2136
2137 retval = mwlExecuteCmd(sc, HostCmd_CMD_SET_INFRA_MODE);
2138 return (retval);
2139 }
2140
2141 static int
2142 mwl_hal_stop(struct mwl_softc *sc)
2143 {
2144 HostCmd_DS_BSS_START *pCmd;
2145 int retval;
2146
2147 _VCMD_SETUP(pCmd, HostCmd_DS_BSS_START,
2148 HostCmd_CMD_BSS_START);
2149 pCmd->Enable = LE_32(HostCmd_ACT_GEN_OFF);
2150 retval = mwlExecuteCmd(sc, HostCmd_CMD_BSS_START);
2151
2152 return (retval);
2153 }
2154
2155 static int
2156 mwl_hal_keyset(struct mwl_softc *sc, const MWL_HAL_KEYVAL *kv,
2157 const uint8_t mac[IEEE80211_ADDR_LEN])
2158 {
2159 HostCmd_FW_UPDATE_ENCRYPTION_SET_KEY *pCmd;
2160 int retval;
2161
2162 _VCMD_SETUP(pCmd, HostCmd_FW_UPDATE_ENCRYPTION_SET_KEY,
2163 HostCmd_CMD_UPDATE_ENCRYPTION);
2164 if (kv->keyFlags & (KEY_FLAG_TXGROUPKEY|KEY_FLAG_RXGROUPKEY))
2165 pCmd->ActionType = LE_32(EncrActionTypeSetGroupKey);
2166 else
2167 pCmd->ActionType = LE_32(EncrActionTypeSetKey);
2168 pCmd->KeyParam.Length = LE_16(sizeof (pCmd->KeyParam));
2169 pCmd->KeyParam.KeyTypeId = LE_16(kv->keyTypeId);
2170 pCmd->KeyParam.KeyInfo = LE_32(kv->keyFlags);
2171 pCmd->KeyParam.KeyIndex = LE_32(kv->keyIndex);
2172 /* NB: includes TKIP MIC keys */
2173 (void) memcpy(&pCmd->KeyParam.Key, &kv->key, kv->keyLen);
2174 switch (kv->keyTypeId) {
2175 case KEY_TYPE_ID_WEP:
2176 pCmd->KeyParam.KeyLen = LE_16(kv->keyLen);
2177 break;
2178 case KEY_TYPE_ID_TKIP:
2179 pCmd->KeyParam.KeyLen = LE_16(sizeof (TKIP_TYPE_KEY));
2180 pCmd->KeyParam.Key.TkipKey.TkipRsc.low =
2181 LE_16(kv->key.tkip.rsc.low);
2182 pCmd->KeyParam.Key.TkipKey.TkipRsc.high =
2183 LE_32(kv->key.tkip.rsc.high);
2184 pCmd->KeyParam.Key.TkipKey.TkipTsc.low =
2185 LE_16(kv->key.tkip.tsc.low);
2186 pCmd->KeyParam.Key.TkipKey.TkipTsc.high =
2187 LE_32(kv->key.tkip.tsc.high);
2188 break;
2189 case KEY_TYPE_ID_AES:
2190 pCmd->KeyParam.KeyLen = LE_16(sizeof (AES_TYPE_KEY));
2191 break;
2192 }
2193 #ifdef MWL_MBSS_SUPPORT
2194 IEEE80211_ADDR_COPY(pCmd->KeyParam.Macaddr, mac);
2195 #else
2196 IEEE80211_ADDR_COPY(pCmd->Macaddr, mac);
2197 #endif
2198
2199 retval = mwlExecuteCmd(sc, HostCmd_CMD_UPDATE_ENCRYPTION);
2200 return (retval);
2201 }
2202
2203 static int
2204 mwl_hal_keyreset(struct mwl_softc *sc, const MWL_HAL_KEYVAL *kv,
2205 const uint8_t mac[IEEE80211_ADDR_LEN])
2206 {
2207 HostCmd_FW_UPDATE_ENCRYPTION_SET_KEY *pCmd;
2208 int retval;
2209
2210 _VCMD_SETUP(pCmd, HostCmd_FW_UPDATE_ENCRYPTION_SET_KEY,
2211 HostCmd_CMD_UPDATE_ENCRYPTION);
2212 pCmd->ActionType = LE_16(EncrActionTypeRemoveKey);
2213 pCmd->KeyParam.Length = LE_16(sizeof (pCmd->KeyParam));
2214 pCmd->KeyParam.KeyTypeId = LE_16(kv->keyTypeId);
2215 pCmd->KeyParam.KeyInfo = LE_32(kv->keyFlags);
2216 pCmd->KeyParam.KeyIndex = LE_32(kv->keyIndex);
2217 #ifdef MWL_MBSS_SUPPORT
2218 IEEE80211_ADDR_COPY(pCmd->KeyParam.Macaddr, mac);
2219 #else
2220 IEEE80211_ADDR_COPY(pCmd->Macaddr, mac);
2221 #endif
2222 retval = mwlExecuteCmd(sc, HostCmd_CMD_UPDATE_ENCRYPTION);
2223 return (retval);
2224 }
2225
2226 /* ARGSUSED */
2227 static struct ieee80211_node *
2228 mwl_node_alloc(struct ieee80211com *ic)
2229 {
2230 struct mwl_node *mn;
2231
2232 mn = kmem_zalloc(sizeof (struct mwl_node), KM_SLEEP);
2233 if (mn == NULL) {
2234 /* XXX stat+msg */
2235 MWL_DBG(MWL_DBG_MSG, "mwl: mwl_node_alloc(): "
2236 "alloc node failed\n");
2237 return (NULL);
2238 }
2239 return (&mn->mn_node);
2240 }
2241
2242 static void
2243 mwl_node_free(struct ieee80211_node *ni)
2244 {
2245 struct ieee80211com *ic = ni->in_ic;
2246 struct mwl_node *mn = MWL_NODE(ni);
2247
2248 if (mn->mn_staid != 0) {
2249 // mwl_hal_delstation(mn->mn_hvap, vap->iv_myaddr);
2250 // delstaid(sc, mn->mn_staid);
2251 mn->mn_staid = 0;
2252 }
2253 ic->ic_node_cleanup(ni);
2254 kmem_free(ni, sizeof (struct mwl_node));
2255 }
2256
2257 /*
2258 * Allocate a key cache slot for a unicast key. The
2259 * firmware handles key allocation and every station is
2260 * guaranteed key space so we are always successful.
2261 */
2262 static int
2263 mwl_key_alloc(struct ieee80211com *ic, const struct ieee80211_key *k,
2264 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix)
2265 {
2266 if (k->wk_keyix != IEEE80211_KEYIX_NONE ||
2267 (k->wk_flags & IEEE80211_KEY_GROUP)) {
2268 if (!(&ic->ic_nw_keys[0] <= k &&
2269 k < &ic->ic_nw_keys[IEEE80211_WEP_NKID])) {
2270 /* should not happen */
2271 MWL_DBG(MWL_DBG_CRYPTO, "mwl: mwl_key_alloc(): "
2272 "bogus group key\n");
2273 return (0);
2274 }
2275 /* give the caller what they requested */
2276 *keyix = *rxkeyix = k - ic->ic_nw_keys;
2277 MWL_DBG(MWL_DBG_CRYPTO, "mwl: mwl_key_alloc(): "
2278 "alloc GROUP key keyix %x, rxkeyix %x\n",
2279 *keyix, *rxkeyix);
2280 } else {
2281 /*
2282 * Firmware handles key allocation.
2283 */
2284 *keyix = *rxkeyix = 0;
2285 MWL_DBG(MWL_DBG_CRYPTO, "mwl: mwl_key_alloc(): "
2286 "reset key index in key allocation\n");
2287 }
2288
2289 return (1);
2290 }
2291
2292 /*
2293 * Delete a key entry allocated by mwl_key_alloc.
2294 */
2295 static int
2296 mwl_key_delete(struct ieee80211com *ic, const struct ieee80211_key *k)
2297 {
2298 struct mwl_softc *sc = (struct mwl_softc *)ic;
2299 MWL_HAL_KEYVAL hk;
2300 const uint8_t bcastaddr[IEEE80211_ADDR_LEN] =
2301 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
2302
2303 (void) memset(&hk, 0, sizeof (hk));
2304 hk.keyIndex = k->wk_keyix;
2305 switch (k->wk_cipher->ic_cipher) {
2306 case IEEE80211_CIPHER_WEP:
2307 hk.keyTypeId = KEY_TYPE_ID_WEP;
2308 break;
2309 case IEEE80211_CIPHER_TKIP:
2310 hk.keyTypeId = KEY_TYPE_ID_TKIP;
2311 break;
2312 case IEEE80211_CIPHER_AES_CCM:
2313 hk.keyTypeId = KEY_TYPE_ID_AES;
2314 break;
2315 default:
2316 /* XXX should not happen */
2317 MWL_DBG(MWL_DBG_CRYPTO, "mwl: mwl_key_delete(): "
2318 "unknown cipher %d\n", k->wk_cipher->ic_cipher);
2319 return (0);
2320 }
2321 return (mwl_hal_keyreset(sc, &hk, bcastaddr) == 0);
2322 }
2323
2324 /*
2325 * Set the key cache contents for the specified key. Key cache
2326 * slot(s) must already have been allocated by mwl_key_alloc.
2327 */
2328 /* ARGSUSED */
2329 static int
2330 mwl_key_set(struct ieee80211com *ic, const struct ieee80211_key *k,
2331 const uint8_t mac[IEEE80211_ADDR_LEN])
2332 {
2333 #define GRPXMIT (IEEE80211_KEY_XMIT | IEEE80211_KEY_GROUP)
2334 /* NB: static wep keys are marked GROUP+tx/rx; GTK will be tx or rx */
2335 #define IEEE80211_IS_STATICKEY(k) \
2336 (((k)->wk_flags & (GRPXMIT|IEEE80211_KEY_RECV)) == \
2337 (GRPXMIT|IEEE80211_KEY_RECV))
2338 struct mwl_softc *sc = (struct mwl_softc *)ic;
2339 const struct ieee80211_cipher *cip = k->wk_cipher;
2340 const uint8_t *macaddr;
2341 MWL_HAL_KEYVAL hk;
2342
2343 (void) memset(&hk, 0, sizeof (hk));
2344 hk.keyIndex = k->wk_keyix;
2345 switch (cip->ic_cipher) {
2346 case IEEE80211_CIPHER_WEP:
2347 hk.keyTypeId = KEY_TYPE_ID_WEP;
2348 hk.keyLen = k->wk_keylen;
2349 if (k->wk_keyix == ic->ic_def_txkey)
2350 hk.keyFlags = KEY_FLAG_WEP_TXKEY;
2351 if (!IEEE80211_IS_STATICKEY(k)) {
2352 /* NB: WEP is never used for the PTK */
2353 (void) addgroupflags(&hk, k);
2354 }
2355 break;
2356 case IEEE80211_CIPHER_TKIP:
2357 hk.keyTypeId = KEY_TYPE_ID_TKIP;
2358 hk.key.tkip.tsc.high = (uint32_t)(k->wk_keytsc >> 16);
2359 hk.key.tkip.tsc.low = (uint16_t)k->wk_keytsc;
2360 hk.keyFlags = KEY_FLAG_TSC_VALID | KEY_FLAG_MICKEY_VALID;
2361 hk.keyLen = k->wk_keylen + IEEE80211_MICBUF_SIZE;
2362 if (!addgroupflags(&hk, k))
2363 hk.keyFlags |= KEY_FLAG_PAIRWISE;
2364 break;
2365 case IEEE80211_CIPHER_AES_CCM:
2366 hk.keyTypeId = KEY_TYPE_ID_AES;
2367 hk.keyLen = k->wk_keylen;
2368 if (!addgroupflags(&hk, k))
2369 hk.keyFlags |= KEY_FLAG_PAIRWISE;
2370 break;
2371 default:
2372 /* XXX should not happen */
2373 MWL_DBG(MWL_DBG_CRYPTO, "mwl: mwl_key_set(): "
2374 "unknown cipher %d\n",
2375 k->wk_cipher->ic_cipher);
2376 return (0);
2377 }
2378 /*
2379 * NB: tkip mic keys get copied here too; the layout
2380 * just happens to match that in ieee80211_key.
2381 */
2382 (void) memcpy(hk.key.aes, k->wk_key, hk.keyLen);
2383
2384 /*
2385 * Locate address of sta db entry for writing key;
2386 * the convention unfortunately is somewhat different
2387 * than how net80211, hostapd, and wpa_supplicant think.
2388 */
2389
2390 /*
2391 * NB: keys plumbed before the sta reaches AUTH state
2392 * will be discarded or written to the wrong sta db
2393 * entry because iv_bss is meaningless. This is ok
2394 * (right now) because we handle deferred plumbing of
2395 * WEP keys when the sta reaches AUTH state.
2396 */
2397 macaddr = ic->ic_bss->in_bssid;
2398 if (k->wk_flags & IEEE80211_KEY_XMIT) {
2399 /* XXX plumb to local sta db too for static key wep */
2400 (void) mwl_hal_keyset(sc, &hk, ic->ic_macaddr);
2401 }
2402 return (mwl_hal_keyset(sc, &hk, macaddr) == 0);
2403 #undef IEEE80211_IS_STATICKEY
2404 #undef GRPXMIT
2405 }
2406
2407 /*
2408 * Plumb any static WEP key for the station. This is
2409 * necessary as we must propagate the key from the
2410 * global key table of the vap to each sta db entry.
2411 */
2412 static void
2413 mwl_setanywepkey(struct ieee80211com *ic, const uint8_t mac[IEEE80211_ADDR_LEN])
2414 {
2415 if ((ic->ic_flags & (IEEE80211_F_PRIVACY|IEEE80211_F_WPA)) ==
2416 IEEE80211_F_PRIVACY &&
2417 ic->ic_def_txkey != IEEE80211_KEYIX_NONE &&
2418 ic->ic_nw_keys[ic->ic_def_txkey].wk_keyix != IEEE80211_KEYIX_NONE)
2419 (void) mwl_key_set(ic, &ic->ic_nw_keys[ic->ic_def_txkey], mac);
2420 }
2421
2422 static void
2423 mwl_setglobalkeys(struct ieee80211com *ic)
2424 {
2425 struct ieee80211_key *wk;
2426
2427 wk = &ic->ic_nw_keys[0];
2428 for (; wk < &ic->ic_nw_keys[IEEE80211_WEP_NKID]; wk++)
2429 if (wk->wk_keyix != IEEE80211_KEYIX_NONE)
2430 (void) mwl_key_set(ic, wk, ic->ic_macaddr);
2431 }
2432
2433 static int
2434 addgroupflags(MWL_HAL_KEYVAL *hk, const struct ieee80211_key *k)
2435 {
2436 if (k->wk_flags & IEEE80211_KEY_GROUP) {
2437 if (k->wk_flags & IEEE80211_KEY_XMIT)
2438 hk->keyFlags |= KEY_FLAG_TXGROUPKEY;
2439 if (k->wk_flags & IEEE80211_KEY_RECV)
2440 hk->keyFlags |= KEY_FLAG_RXGROUPKEY;
2441 return (1);
2442 } else
2443 return (0);
2444 }
2445
2446 /*
2447 * Set/change channels.
2448 */
2449 static int
2450 mwl_chan_set(struct mwl_softc *sc, struct mwl_channel *chan)
2451 {
2452 MWL_HAL_CHANNEL hchan;
2453 int maxtxpow;
2454
2455 MWL_DBG(MWL_DBG_HW, "mwl: mwl_chan_set(): "
2456 "chan %u MHz/flags 0x%x\n",
2457 chan->ic_freq, chan->ic_flags);
2458
2459 /*
2460 * Convert to a HAL channel description with
2461 * the flags constrained to reflect the current
2462 * operating mode.
2463 */
2464 mwl_mapchan(&hchan, chan);
2465 mwl_hal_intrset(sc, 0); /* disable interrupts */
2466
2467 (void) mwl_hal_setchannel(sc, &hchan);
2468 /*
2469 * Tx power is cap'd by the regulatory setting and
2470 * possibly a user-set limit. We pass the min of
2471 * these to the hal to apply them to the cal data
2472 * for this channel.
2473 * XXX min bound?
2474 */
2475 maxtxpow = 2 * chan->ic_maxregpower;
2476 if (maxtxpow > 100)
2477 maxtxpow = 100;
2478 (void) mwl_hal_settxpower(sc, &hchan, maxtxpow / 2);
2479 /* NB: potentially change mcast/mgt rates */
2480 (void) mwl_setcurchanrates(sc);
2481
2482 sc->sc_curchan = hchan;
2483 mwl_hal_intrset(sc, sc->sc_imask);
2484
2485 return (0);
2486 }
2487
2488 /*
2489 * Convert net80211 channel to a HAL channel.
2490 */
2491 static void
2492 mwl_mapchan(MWL_HAL_CHANNEL *hc, const struct mwl_channel *chan)
2493 {
2494 hc->channel = chan->ic_ieee;
2495
2496 *(uint32_t *)&hc->channelFlags = 0;
2497 if (((chan)->ic_flags & IEEE80211_CHAN_2GHZ) != 0)
2498 hc->channelFlags.FreqBand = MWL_FREQ_BAND_2DOT4GHZ;
2499 else if (((chan)->ic_flags & IEEE80211_CHAN_5GHZ) != 0)
2500 hc->channelFlags.FreqBand = MWL_FREQ_BAND_5GHZ;
2501 if (((chan)->ic_flags & IEEE80211_CHAN_HT40) != 0) {
2502 hc->channelFlags.ChnlWidth = MWL_CH_40_MHz_WIDTH;
2503 if (((chan)->ic_flags & IEEE80211_CHAN_HT40U) != 0)
2504 hc->channelFlags.ExtChnlOffset =
2505 MWL_EXT_CH_ABOVE_CTRL_CH;
2506 else
2507 hc->channelFlags.ExtChnlOffset =
2508 MWL_EXT_CH_BELOW_CTRL_CH;
2509 } else
2510 hc->channelFlags.ChnlWidth = MWL_CH_20_MHz_WIDTH;
2511 /* XXX 10MHz channels */
2512 }
2513
2514 /*
2515 * Return the phy mode for with the specified channel.
2516 */
2517 enum ieee80211_phymode
2518 mwl_chan2mode(const struct mwl_channel *chan)
2519 {
2520
2521 if (IEEE80211_IS_CHAN_HTA(chan))
2522 return (IEEE80211_MODE_11NA);
2523 else if (IEEE80211_IS_CHAN_HTG(chan))
2524 return (IEEE80211_MODE_11NG);
2525 else if (IEEE80211_IS_CHAN_108G(chan))
2526 return (IEEE80211_MODE_TURBO_G);
2527 else if (IEEE80211_IS_CHAN_ST(chan))
2528 return (IEEE80211_MODE_STURBO_A);
2529 else if (IEEE80211_IS_CHAN_TURBO(chan))
2530 return (IEEE80211_MODE_TURBO_A);
2531 else if (IEEE80211_IS_CHAN_HALF(chan))
2532 return (IEEE80211_MODE_HALF);
2533 else if (IEEE80211_IS_CHAN_QUARTER(chan))
2534 return (IEEE80211_MODE_QUARTER);
2535 else if (IEEE80211_IS_CHAN_A(chan))
2536 return (IEEE80211_MODE_11A);
2537 else if (IEEE80211_IS_CHAN_ANYG(chan))
2538 return (IEEE80211_MODE_11G);
2539 else if (IEEE80211_IS_CHAN_B(chan))
2540 return (IEEE80211_MODE_11B);
2541 else if (IEEE80211_IS_CHAN_FHSS(chan))
2542 return (IEEE80211_MODE_FH);
2543
2544 /* NB: should not get here */
2545 MWL_DBG(MWL_DBG_HW, "mwl: mwl_chan2mode(): "
2546 "cannot map channel to mode; freq %u flags 0x%x\n",
2547 chan->ic_freq, chan->ic_flags);
2548 return (IEEE80211_MODE_11B);
2549 }
2550
2551 /* XXX inline or eliminate? */
2552 const struct ieee80211_rateset *
2553 mwl_get_suprates(struct ieee80211com *ic, const struct mwl_channel *c)
2554 {
2555 /* XXX does this work for 11ng basic rates? */
2556 return (&ic->ic_sup_rates[mwl_chan2mode(c)]);
2557 }
2558
2559 /*
2560 * Inform firmware of tx rate parameters.
2561 * Called after a channel change.
2562 */
2563 static int
2564 mwl_setcurchanrates(struct mwl_softc *sc)
2565 {
2566 struct ieee80211com *ic = &sc->sc_ic;
2567 const struct ieee80211_rateset *rs;
2568 MWL_HAL_TXRATE rates;
2569
2570 (void) memset(&rates, 0, sizeof (rates));
2571 rs = mwl_get_suprates(ic, sc->sc_cur_chan);
2572 /* rate used to send management frames */
2573 rates.MgtRate = rs->ir_rates[0] & IEEE80211_RATE_VAL;
2574 /* rate used to send multicast frames */
2575 rates.McastRate = rates.MgtRate;
2576
2577 return (mwl_hal_settxrate_auto(sc, &rates));
2578 }
2579
2580 static const struct mwl_hal_channel *
2581 findhalchannel(const struct mwl_softc *sc, const MWL_HAL_CHANNEL *c)
2582 {
2583 const struct mwl_hal_channel *hc;
2584 const MWL_HAL_CHANNELINFO *ci;
2585 int chan = c->channel, i;
2586
2587 if (c->channelFlags.FreqBand == MWL_FREQ_BAND_2DOT4GHZ) {
2588 i = chan - 1;
2589 if (c->channelFlags.ChnlWidth == MWL_CH_40_MHz_WIDTH) {
2590 ci = &sc->sc_40M;
2591 if (c->channelFlags.ExtChnlOffset ==
2592 MWL_EXT_CH_BELOW_CTRL_CH)
2593 i -= 4;
2594 } else
2595 ci = &sc->sc_20M;
2596 /* 2.4G channel table is directly indexed */
2597 hc = ((unsigned)i < ci->nchannels) ? &ci->channels[i] : NULL;
2598 } else if (c->channelFlags.FreqBand == MWL_FREQ_BAND_5GHZ) {
2599 if (c->channelFlags.ChnlWidth == MWL_CH_40_MHz_WIDTH) {
2600 ci = &sc->sc_40M_5G;
2601 if (c->channelFlags.ExtChnlOffset ==
2602 MWL_EXT_CH_BELOW_CTRL_CH)
2603 chan -= 4;
2604 } else
2605 ci = &sc->sc_20M_5G;
2606 /* 5GHz channel table is sparse and must be searched */
2607 for (i = 0; i < ci->nchannels; i++)
2608 if (ci->channels[i].ieee == chan)
2609 break;
2610 hc = (i < ci->nchannels) ? &ci->channels[i] : NULL;
2611 } else
2612 hc = NULL;
2613 return (hc);
2614 }
2615
2616 /*
2617 * Map SKU+country code to region code for radar bin'ing.
2618 */
2619 static int
2620 mwl_map2regioncode(const struct mwl_regdomain *rd)
2621 {
2622 switch (rd->regdomain) {
2623 case SKU_FCC:
2624 case SKU_FCC3:
2625 return (DOMAIN_CODE_FCC);
2626 case SKU_CA:
2627 return (DOMAIN_CODE_IC);
2628 case SKU_ETSI:
2629 case SKU_ETSI2:
2630 case SKU_ETSI3:
2631 if (rd->country == CTRY_SPAIN)
2632 return (DOMAIN_CODE_SPAIN);
2633 if (rd->country == CTRY_FRANCE || rd->country == CTRY_FRANCE2)
2634 return (DOMAIN_CODE_FRANCE);
2635 /* XXX force 1.3.1 radar type */
2636 return (DOMAIN_CODE_ETSI_131);
2637 case SKU_JAPAN:
2638 return (DOMAIN_CODE_MKK);
2639 case SKU_ROW:
2640 return (DOMAIN_CODE_DGT); /* Taiwan */
2641 case SKU_APAC:
2642 case SKU_APAC2:
2643 case SKU_APAC3:
2644 return (DOMAIN_CODE_AUS); /* Australia */
2645 }
2646 /* XXX KOREA? */
2647 return (DOMAIN_CODE_FCC); /* XXX? */
2648 }
2649
2650 /*
2651 * Setup the rx data structures. This should only be
2652 * done once or we may get out of sync with the firmware.
2653 */
2654 static int
2655 mwl_startrecv(struct mwl_softc *sc)
2656 {
2657 struct mwl_rx_ring *ring;
2658 struct mwl_rxdesc *ds;
2659 struct mwl_rxbuf *bf, *prev;
2660
2661 int i;
2662
2663 ring = &sc->sc_rxring;
2664 bf = ring->buf;
2665
2666 prev = NULL;
2667 for (i = 0; i < MWL_RX_RING_COUNT; i++, bf++) {
2668 ds = bf->bf_desc;
2669 /*
2670 * NB: DMA buffer contents is known to be unmodified
2671 * so there's no need to flush the data cache.
2672 */
2673
2674 /*
2675 * Setup descriptor.
2676 */
2677 ds->QosCtrl = 0;
2678 ds->RSSI = 0;
2679 ds->Status = EAGLE_RXD_STATUS_IDLE;
2680 ds->Channel = 0;
2681 ds->PktLen = LE_16(MWL_AGGR_SIZE);
2682 ds->SQ2 = 0;
2683 ds->pPhysBuffData = LE_32(bf->bf_baddr);
2684 /* NB: don't touch pPhysNext, set once */
2685 ds->RxControl = EAGLE_RXD_CTRL_DRIVER_OWN;
2686
2687 (void) ddi_dma_sync(ring->rxdesc_dma.dma_hdl,
2688 i * sizeof (struct mwl_rxdesc),
2689 sizeof (struct mwl_rxdesc),
2690 DDI_DMA_SYNC_FORDEV);
2691
2692 if (prev != NULL) {
2693 ds = prev->bf_desc;
2694 ds->pPhysNext = LE_32(bf->bf_daddr);
2695 }
2696 prev = bf;
2697 }
2698
2699 if (prev != NULL) {
2700 ds = prev->bf_desc;
2701 ds->pPhysNext = ring->physaddr;
2702 }
2703
2704 /* set filters, etc. */
2705 (void) mwl_mode_init(sc);
2706
2707 return (0);
2708 }
2709
2710 static int
2711 mwl_mode_init(struct mwl_softc *sc)
2712 {
2713 /*
2714 * NB: Ignore promisc in hostap mode; it's set by the
2715 * bridge. This is wrong but we have no way to
2716 * identify internal requests (from the bridge)
2717 * versus external requests such as for tcpdump.
2718 */
2719 /* mwl_setmcastfilter - not support now */
2720 (void) mwl_hal_setpromisc(sc, 0);
2721
2722 return (0);
2723 }
2724
2725 /*
2726 * Kick the firmware to tell it there are new tx descriptors
2727 * for processing. The driver says what h/w q has work in
2728 * case the f/w ever gets smarter.
2729 */
2730 /* ARGSUSED */
2731 static void
2732 mwl_hal_txstart(struct mwl_softc *sc, int qnum)
2733 {
2734
2735 mwl_ctl_write4(sc, MACREG_REG_H2A_INTERRUPT_EVENTS,
2736 MACREG_H2ARIC_BIT_PPA_READY);
2737 (void) mwl_ctl_read4(sc, MACREG_REG_INT_CODE);
2738 }
2739
2740 static int
2741 mwl_send(ieee80211com_t *ic, mblk_t *mp, uint8_t type)
2742 {
2743 struct mwl_softc *sc = (struct mwl_softc *)ic;
2744 struct mwl_tx_ring *ring;
2745 struct mwl_txdesc *ds;
2746 struct mwl_txbuf *bf;
2747 struct ieee80211_frame *wh, *wh1;
2748 struct ieee80211_node *ni = NULL;
2749
2750 int err, off;
2751 int mblen, pktlen, hdrlen;
2752 mblk_t *m, *m0;
2753 uint8_t *addr_4, *txbuf;
2754 uint16_t *pfwlen;
2755
2756 MWL_TXLOCK(sc);
2757
2758 err = DDI_SUCCESS;
2759 if (!MWL_IS_RUNNING(sc) || MWL_IS_SUSPEND(sc)) {
2760 err = ENXIO;
2761 goto fail1;
2762 }
2763
2764 ring = &sc->sc_txring[1];
2765 if (ring->queued > 15) {
2766 MWL_DBG(MWL_DBG_TX, "mwl: mwl_send(): "
2767 "no txbuf, %d\n", ring->queued);
2768 sc->sc_need_sched = 1;
2769 sc->sc_tx_nobuf++;
2770 err = ENOMEM;
2771 goto fail1;
2772 }
2773
2774 m = allocb(msgdsize(mp) + 32, BPRI_MED);
2775 if (m == NULL) {
2776 MWL_DBG(MWL_DBG_TX, "mwl: mwl_send():"
2777 "can't alloc mblk.\n");
2778 err = DDI_FAILURE;
2779 goto fail1;
2780 }
2781
2782 for (off = 0, m0 = mp; m0 != NULL; m0 = m0->b_cont) {
2783 mblen = MBLKL(m0);
2784 (void) bcopy(m0->b_rptr, m->b_rptr + off, mblen);
2785 off += mblen;
2786 }
2787 m->b_wptr += off;
2788
2789 wh = (struct ieee80211_frame *)m->b_rptr;
2790 ni = ieee80211_find_txnode(ic, wh->i_addr1);
2791 if (ni == NULL) {
2792 err = DDI_FAILURE;
2793 sc->sc_tx_err++;
2794 goto fail2;
2795 }
2796
2797 hdrlen = sizeof (*wh);
2798 pktlen = msgdsize(m);
2799
2800 (void) ieee80211_encap(ic, m, ni);
2801
2802 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
2803 const struct ieee80211_cipher *cip;
2804 struct ieee80211_key *k;
2805 k = ieee80211_crypto_encap(ic, m);
2806 if (k == NULL) {
2807 sc->sc_tx_err++;
2808 err = DDI_FAILURE;
2809 goto fail3;
2810 }
2811
2812 /*
2813 * Adjust the packet length for the crypto additions
2814 * done during encap and any other bits that the f/w
2815 * will add later on.
2816 */
2817 cip = k->wk_cipher;
2818 pktlen += cip->ic_header + cip->ic_miclen + cip->ic_trailer;
2819 /* packet header may have moved, reset our local pointer */
2820 wh = (struct ieee80211_frame *)m->b_rptr;
2821 }
2822
2823 ds = &ring->desc[ring->cur];
2824 bf = &ring->buf[ring->cur];
2825
2826 bf->bf_node = ieee80211_ref_node(ni);
2827 txbuf = (uint8_t *)bf->bf_mem;
2828
2829 /*
2830 * inject FW specific fields into the 802.11 frame
2831 *
2832 * 2 bytes FW len (inject)
2833 * 24 bytes 802.11 frame header
2834 * 6 bytes addr4 (inject)
2835 * n bytes 802.11 frame body
2836 */
2837 pfwlen = (uint16_t *)txbuf;
2838 *pfwlen = pktlen - hdrlen;
2839 wh1 = (struct ieee80211_frame *)(txbuf + 2);
2840 bcopy(wh, wh1, sizeof (struct ieee80211_frame));
2841 addr_4 = txbuf + (sizeof (struct ieee80211_frame) + sizeof (uint16_t));
2842 (void) memset(addr_4, 0, 6);
2843 bcopy(m->b_rptr + sizeof (struct ieee80211_frame), txbuf + 32, *pfwlen);
2844 pktlen += 8;
2845
2846 (void) ddi_dma_sync(bf->txbuf_dma.dma_hdl,
2847 0,
2848 pktlen,
2849 DDI_DMA_SYNC_FORDEV);
2850
2851 ds->QosCtrl = 0;
2852 ds->PktLen = (uint16_t)pktlen;
2853 ds->PktPtr = bf->bf_baddr;
2854 ds->Status = LE_32(EAGLE_TXD_STATUS_FW_OWNED);
2855 ds->Format = 0;
2856 ds->pad = 0;
2857 ds->ack_wcb_addr = 0;
2858 ds->TxPriority = 1;
2859
2860 MWL_DBG(MWL_DBG_TX, "mwl: mwl_send(): "
2861 "tx desc Status %x, DataRate %x, TxPriority %x, QosCtrl %x, "
2862 "PktLen %x, SapPktInfo %x, Format %x, Pad %x, ack_wcb_addr %x\n",
2863 ds->Status, ds->DataRate, ds->TxPriority, ds->QosCtrl, ds->PktLen,
2864 ds->SapPktInfo, ds->Format, ds->pad, ds->ack_wcb_addr);
2865
2866 (void) ddi_dma_sync(ring->txdesc_dma.dma_hdl,
2867 ring->cur * sizeof (struct mwl_txdesc),
2868 sizeof (struct mwl_txdesc),
2869 DDI_DMA_SYNC_FORDEV);
2870
2871 MWL_DBG(MWL_DBG_TX, "mwl: mwl_send(): "
2872 "pktlen = %u, slot = %u, queued = %x\n",
2873 mblen, ring->cur, ring->queued);
2874
2875 ring->queued++;
2876 ring->cur = (ring->cur + 1) % MWL_TX_RING_COUNT;
2877
2878 /*
2879 * NB: We don't need to lock against tx done because
2880 * this just prods the firmware to check the transmit
2881 * descriptors. The firmware will also start fetching
2882 * descriptors by itself if it notices new ones are
2883 * present when it goes to deliver a tx done interrupt
2884 * to the host. So if we race with tx done processing
2885 * it's ok. Delivering the kick here rather than in
2886 * mwl_tx_start is an optimization to avoid poking the
2887 * firmware for each packet.
2888 *
2889 * NB: the queue id isn't used so 0 is ok.
2890 */
2891 mwl_hal_txstart(sc, 0);
2892
2893 ic->ic_stats.is_tx_frags++;
2894 ic->ic_stats.is_tx_bytes += pktlen;
2895
2896 fail3:
2897 ieee80211_free_node(ni);
2898 fail2:
2899 freemsg(m);
2900 fail1:
2901 if ((type & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_DATA ||
2902 err == DDI_SUCCESS)
2903 freemsg(mp);
2904 MWL_TXUNLOCK(sc);
2905 return (err);
2906 }
2907
2908 /*
2909 * This function is called periodically (every 200ms) during scanning to
2910 * switch from one channel to another.
2911 */
2912 static void
2913 mwl_next_scan(void *arg)
2914 {
2915 struct mwl_softc *sc = (struct mwl_softc *)arg;
2916 struct ieee80211com *ic = &sc->sc_ic;
2917
2918 if (ic->ic_state == IEEE80211_S_SCAN)
2919 (void) ieee80211_next_scan(ic);
2920
2921 sc->sc_scan_id = 0;
2922 }
2923
2924 /*
2925 * Convert a legacy rate set to a firmware bitmask.
2926 */
2927 static uint32_t
2928 get_rate_bitmap(const struct ieee80211_rateset *rs)
2929 {
2930 uint32_t rates;
2931 int i;
2932
2933 rates = 0;
2934 for (i = 0; i < rs->ir_nrates; i++)
2935 switch (rs->ir_rates[i] & IEEE80211_RATE_VAL) {
2936 case 2: rates |= 0x001; break;
2937 case 4: rates |= 0x002; break;
2938 case 11: rates |= 0x004; break;
2939 case 22: rates |= 0x008; break;
2940 case 44: rates |= 0x010; break;
2941 case 12: rates |= 0x020; break;
2942 case 18: rates |= 0x040; break;
2943 case 24: rates |= 0x080; break;
2944 case 36: rates |= 0x100; break;
2945 case 48: rates |= 0x200; break;
2946 case 72: rates |= 0x400; break;
2947 case 96: rates |= 0x800; break;
2948 case 108: rates |= 0x1000; break;
2949 }
2950 return (rates);
2951 }
2952
2953 /*
2954 * Craft station database entry for station.
2955 * NB: use host byte order here, the hal handles byte swapping.
2956 */
2957 static MWL_HAL_PEERINFO *
2958 mkpeerinfo(MWL_HAL_PEERINFO *pi, const struct ieee80211_node *ni)
2959 {
2960 (void) memset(pi, 0, sizeof (*pi));
2961 pi->LegacyRateBitMap = get_rate_bitmap(&ni->in_rates);
2962 pi->CapInfo = ni->in_capinfo;
2963 return (pi);
2964 }
2965
2966 static int
2967 mwl_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
2968 {
2969 struct mwl_softc *sc = (struct mwl_softc *)ic;
2970 enum ieee80211_state ostate;
2971 struct ieee80211_channel *ic_chan;
2972 struct ieee80211_node *ni = NULL;
2973 MWL_HAL_PEERINFO pi;
2974 uint32_t chan;
2975
2976 if (sc->sc_scan_id != 0) {
2977 (void) untimeout(sc->sc_scan_id);
2978 sc->sc_scan_id = 0;
2979 }
2980
2981 MWL_GLOCK(sc);
2982
2983 ostate = ic->ic_state;
2984 MWL_DBG(MWL_DBG_MSG, "mwl: mwl_newstate(): "
2985 "ostate %x -> nstate %x\n",
2986 ostate, nstate);
2987
2988 switch (nstate) {
2989 case IEEE80211_S_INIT:
2990 break;
2991 case IEEE80211_S_SCAN:
2992 if (ostate != IEEE80211_S_INIT) {
2993 ic_chan = ic->ic_curchan;
2994 chan = ieee80211_chan2ieee(ic, ic_chan);
2995 if (chan != 0 && chan != IEEE80211_CHAN_ANY) {
2996 sc->sc_cur_chan =
2997 &sc->sc_channels[3 * chan - 2];
2998 MWL_DBG(MWL_DBG_MSG, "mwl: mwl_newstate(): "
2999 "chan num is %u, sc chan is %u\n",
3000 chan, sc->sc_cur_chan->ic_ieee);
3001 (void) mwl_chan_set(sc, sc->sc_cur_chan);
3002 }
3003 }
3004 sc->sc_scan_id = timeout(mwl_next_scan, (void *)sc,
3005 drv_usectohz(250000));
3006 break;
3007 case IEEE80211_S_AUTH:
3008 ic_chan = ic->ic_curchan;
3009 chan = ieee80211_chan2ieee(ic, ic_chan);
3010 sc->sc_cur_chan = &sc->sc_channels[3 * chan - 2];
3011 MWL_DBG(MWL_DBG_MSG, "mwl: mwl_newstate(): "
3012 "chan num is %u, sc chan is %u\n",
3013 chan, sc->sc_cur_chan->ic_ieee);
3014 (void) mwl_chan_set(sc, sc->sc_cur_chan);
3015 ni = ic->ic_bss;
3016 (void) mwl_hal_newstation(sc, ic->ic_macaddr, 0, 0, NULL, 0, 0);
3017 mwl_setanywepkey(ic, ni->in_macaddr);
3018 break;
3019 case IEEE80211_S_ASSOC:
3020 break;
3021 case IEEE80211_S_RUN:
3022 ni = ic->ic_bss;
3023 (void) mwl_hal_newstation(sc,
3024 ic->ic_macaddr, 0, 0, mkpeerinfo(&pi, ni), 0, 0);
3025 mwl_setglobalkeys(ic);
3026 (void) mwl_hal_setassocid(sc,
3027 ic->ic_bss->in_bssid, ic->ic_bss->in_associd);
3028 (void) mwl_setrates(ic);
3029 (void) mwl_hal_setrtsthreshold(sc, ic->ic_rtsthreshold);
3030 (void) mwl_hal_setcsmode(sc, CSMODE_AUTO_ENA);
3031 break;
3032 default:
3033 break;
3034 }
3035
3036 MWL_GUNLOCK(sc);
3037
3038 return (sc->sc_newstate(ic, nstate, arg));
3039 }
3040
3041 /*
3042 * Set the interrupt mask.
3043 */
3044 static void
3045 mwl_hal_intrset(struct mwl_softc *sc, uint32_t mask)
3046 {
3047 mwl_ctl_write4(sc, MACREG_REG_A2H_INTERRUPT_MASK, 0);
3048 (void) mwl_ctl_read4(sc, MACREG_REG_INT_CODE);
3049
3050 sc->sc_hal_imask = mask;
3051 mwl_ctl_write4(sc, MACREG_REG_A2H_INTERRUPT_MASK, mask);
3052 (void) mwl_ctl_read4(sc, MACREG_REG_INT_CODE);
3053 }
3054
3055 /*
3056 * Return the current ISR setting and clear the cause.
3057 */
3058 static void
3059 mwl_hal_getisr(struct mwl_softc *sc, uint32_t *status)
3060 {
3061 uint32_t cause;
3062
3063 cause = mwl_ctl_read4(sc, MACREG_REG_A2H_INTERRUPT_CAUSE);
3064 if (cause == 0xffffffff) { /* card removed */
3065 cause = 0;
3066 } else if (cause != 0) {
3067 /* clear cause bits */
3068 mwl_ctl_write4(sc, MACREG_REG_A2H_INTERRUPT_CAUSE,
3069 cause & ~sc->sc_hal_imask);
3070 (void) mwl_ctl_read4(sc, MACREG_REG_INT_CODE);
3071 cause &= sc->sc_hal_imask;
3072 }
3073 *status = cause;
3074 }
3075
3076 static void
3077 mwl_tx_intr(struct mwl_softc *sc)
3078 {
3079 struct ieee80211com *ic = &sc->sc_ic;
3080 struct mwl_tx_ring *ring;
3081 struct mwl_txdesc *ds;
3082
3083 uint32_t status;
3084
3085 MWL_TXLOCK(sc);
3086
3087 ring = &sc->sc_txring[1];
3088
3089 if (!(ring->queued)) {
3090 MWL_TXUNLOCK(sc);
3091 return;
3092 }
3093
3094 (void) ddi_dma_sync(ring->txdesc_dma.dma_hdl,
3095 0,
3096 ring->txdesc_dma.alength,
3097 DDI_DMA_SYNC_FORCPU);
3098
3099 for (;;) {
3100 ds = &ring->desc[ring->next];
3101
3102 status = LE_32(ds->Status);
3103
3104 if (status & LE_32(EAGLE_TXD_STATUS_FW_OWNED)) {
3105 break;
3106 }
3107
3108 if (status == LE_32(EAGLE_TXD_STATUS_IDLE)) {
3109 break;
3110 }
3111
3112 MWL_DBG(MWL_DBG_TX, "mwl: mwl_tx_intr(): "
3113 "recv tx desc status %x, datarate %x, txpriority %x, "
3114 "QosCtrl %x, pktLen %x, SapPktInfo %x, Format %x, "
3115 "pad %x, ack_wcb_addr %x\n",
3116 ds->Status, ds->DataRate, ds->TxPriority,
3117 ds->QosCtrl, ds->PktLen, ds->SapPktInfo,
3118 ds->Format, ds->pad, ds->ack_wcb_addr);
3119
3120 /* descriptor is no longer valid */
3121 ds->Status = LE_32(EAGLE_TXD_STATUS_IDLE);
3122
3123 (void) ddi_dma_sync(ring->txdesc_dma.dma_hdl,
3124 ring->next * sizeof (struct mwl_txdesc),
3125 sizeof (struct mwl_txdesc),
3126 DDI_DMA_SYNC_FORDEV);
3127
3128 ring->queued--;
3129 ring->next = (ring->next + 1) % MWL_TX_RING_COUNT;
3130 MWL_DBG(MWL_DBG_TX, "mwl: mwl_tx_intr(): "
3131 " tx done idx=%u, queued= %d\n",
3132 ring->next, ring->queued);
3133
3134 if (sc->sc_need_sched &&
3135 (ring->queued < MWL_TX_RING_COUNT)) {
3136 sc->sc_need_sched = 0;
3137 mac_tx_update(ic->ic_mach);
3138 }
3139
3140 }
3141
3142 MWL_TXUNLOCK(sc);
3143 }
3144
3145 /*
3146 * Convert hardware signal strength to rssi. The value
3147 * provided by the device has the noise floor added in;
3148 * we need to compensate for this but we don't have that
3149 * so we use a fixed value.
3150 *
3151 * The offset of 8 is good for both 2.4 and 5GHz. The LNA
3152 * offset is already set as part of the initial gain. This
3153 * will give at least +/- 3dB for 2.4GHz and +/- 5dB for 5GHz.
3154 */
3155 static int
3156 cvtrssi(uint8_t ssi)
3157 {
3158 int rssi = (int)ssi + 8;
3159 /* XXX hack guess until we have a real noise floor */
3160 rssi = 2 * (87 - rssi); /* NB: .5 dBm units */
3161 return (rssi < 0 ? 0 : rssi > 127 ? 127 : rssi);
3162 }
3163
3164 static void
3165 mwl_rx_intr(struct mwl_softc *sc)
3166 {
3167 struct ieee80211com *ic = &sc->sc_ic;
3168 struct mwl_rx_ring *ring;
3169 struct ieee80211_node *ni;
3170 struct ieee80211_frame *wh;
3171
3172 struct mwl_rxbuf *bf;
3173 struct mwl_rxdesc *ds;
3174 mblk_t *mp0;
3175
3176 int ntodo, len, rssi;
3177 uint8_t *data, status;
3178
3179 MWL_RXLOCK(sc);
3180
3181 ring = &sc->sc_rxring;
3182 for (ntodo = MWL_RX_RING_COUNT; ntodo > 0; ntodo--) {
3183 bf = &ring->buf[ring->cur];
3184 ds = bf->bf_desc;
3185 data = bf->bf_mem;
3186
3187 (void) ddi_dma_sync(ring->rxdesc_dma.dma_hdl,
3188 ring->cur * sizeof (struct mwl_rxdesc),
3189 sizeof (struct mwl_rxdesc),
3190 DDI_DMA_SYNC_FORCPU);
3191
3192 if (ds->RxControl != EAGLE_RXD_CTRL_DMA_OWN)
3193 break;
3194
3195 status = ds->Status;
3196 if (status & EAGLE_RXD_STATUS_DECRYPT_ERR_MASK) {
3197 MWL_DBG(MWL_DBG_CRYPTO, "mwl: mwl_rx_intr(): "
3198 "rx decrypt error\n");
3199 sc->sc_rx_err++;
3200 }
3201
3202 /*
3203 * Sync the data buffer.
3204 */
3205 len = LE_16(ds->PktLen);
3206
3207 (void) ddi_dma_sync(bf->rxbuf_dma.dma_hdl,
3208 0,
3209 bf->rxbuf_dma.alength,
3210 DDI_DMA_SYNC_FORCPU);
3211
3212 if (len < 32 || len > sc->sc_dmabuf_size) {
3213 MWL_DBG(MWL_DBG_RX, "mwl: mwl_rx_intr(): "
3214 "packet len error %d\n", len);
3215 sc->sc_rx_err++;
3216 goto rxnext;
3217 }
3218
3219 mp0 = allocb(sc->sc_dmabuf_size, BPRI_MED);
3220 if (mp0 == NULL) {
3221 MWL_DBG(MWL_DBG_RX, "mwl: mwl_rx_intr(): "
3222 "alloc mblk error\n");
3223 sc->sc_rx_nobuf++;
3224 goto rxnext;
3225 }
3226 bcopy(data+ 2, mp0->b_wptr, 24);
3227 mp0->b_wptr += 24;
3228 bcopy(data + 32, mp0->b_wptr, len - 32);
3229 mp0->b_wptr += (len - 32);
3230
3231 wh = (struct ieee80211_frame *)mp0->b_rptr;
3232 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
3233 IEEE80211_FC0_TYPE_CTL) {
3234 freemsg(mp0);
3235 goto rxnext;
3236 }
3237
3238 /*
3239 * The f/w strips WEP header but doesn't clear
3240 * the WEP bit; mark the packet with M_WEP so
3241 * net80211 will treat the data as decrypted.
3242 * While here also clear the PWR_MGT bit since
3243 * power save is handled by the firmware and
3244 * passing this up will potentially cause the
3245 * upper layer to put a station in power save
3246 * (except when configured with MWL_HOST_PS_SUPPORT).
3247 */
3248 #ifdef MWL_HOST_PS_SUPPORT
3249 wh->i_fc[1] &= ~IEEE80211_FC1_WEP;
3250 #else
3251 wh->i_fc[1] &= ~(IEEE80211_FC1_WEP | IEEE80211_FC1_PWR_MGT);
3252 #endif
3253
3254 /* calculate rssi early so we can re-use for each aggregate */
3255 rssi = cvtrssi(ds->RSSI);
3256
3257 ni = ieee80211_find_rxnode(ic, wh);
3258
3259 /* send the frame to the 802.11 layer */
3260 (void) ieee80211_input(ic, mp0, ni, rssi, 0);
3261 ieee80211_free_node(ni);
3262 rxnext:
3263 /*
3264 * Setup descriptor.
3265 */
3266 ds->QosCtrl = 0;
3267 ds->RSSI = 0;
3268 ds->Status = EAGLE_RXD_STATUS_IDLE;
3269 ds->Channel = 0;
3270 ds->PktLen = LE_16(MWL_AGGR_SIZE);
3271 ds->SQ2 = 0;
3272 ds->pPhysBuffData = bf->bf_baddr;
3273 /* NB: don't touch pPhysNext, set once */
3274 ds->RxControl = EAGLE_RXD_CTRL_DRIVER_OWN;
3275
3276 (void) ddi_dma_sync(ring->rxdesc_dma.dma_hdl,
3277 ring->cur * sizeof (struct mwl_rxdesc),
3278 sizeof (struct mwl_rxdesc),
3279 DDI_DMA_SYNC_FORDEV);
3280
3281 /* NB: ignore ENOMEM so we process more descriptors */
3282 ring->cur = (ring->cur + 1) % MWL_RX_RING_COUNT;
3283 }
3284
3285 MWL_RXUNLOCK(sc);
3286 }
3287
3288 /*ARGSUSED*/
3289 static uint_t
3290 mwl_softintr(caddr_t data, caddr_t unused)
3291 {
3292 struct mwl_softc *sc = (struct mwl_softc *)data;
3293
3294 /*
3295 * Check if the soft interrupt is triggered by another
3296 * driver at the same level.
3297 */
3298 MWL_GLOCK(sc);
3299 if (sc->sc_rx_pend) {
3300 sc->sc_rx_pend = 0;
3301 MWL_GUNLOCK(sc);
3302 mwl_rx_intr(sc);
3303 return (DDI_INTR_CLAIMED);
3304 }
3305 MWL_GUNLOCK(sc);
3306
3307 return (DDI_INTR_UNCLAIMED);
3308 }
3309
3310 /*ARGSUSED*/
3311 static uint_t
3312 mwl_intr(caddr_t arg, caddr_t unused)
3313 {
3314 struct mwl_softc *sc = (struct mwl_softc *)arg;
3315 uint32_t status;
3316
3317 MWL_GLOCK(sc);
3318
3319 if (!MWL_IS_RUNNING(sc) || MWL_IS_SUSPEND(sc)) {
3320 MWL_GUNLOCK(sc);
3321 return (DDI_INTR_UNCLAIMED);
3322 }
3323
3324 /*
3325 * Figure out the reason(s) for the interrupt.
3326 */
3327 mwl_hal_getisr(sc, &status); /* NB: clears ISR too */
3328 if (status == 0) {
3329 MWL_GUNLOCK(sc);
3330 return (DDI_INTR_UNCLAIMED);
3331 }
3332
3333 if (status & MACREG_A2HRIC_BIT_RX_RDY) {
3334 sc->sc_rx_pend = 1;
3335 (void) ddi_intr_trigger_softint(sc->sc_softintr_hdl, NULL);
3336 }
3337 if (status & MACREG_A2HRIC_BIT_TX_DONE) {
3338 mwl_tx_intr(sc);
3339 }
3340 if (status & MACREG_A2HRIC_BIT_BA_WATCHDOG) {
3341 MWL_DBG(MWL_DBG_INTR, "mwl: mwl_intr(): "
3342 "ba watchdog\n");
3343 }
3344 if (status & MACREG_A2HRIC_BIT_OPC_DONE) {
3345 MWL_DBG(MWL_DBG_INTR, "mwl: mwl_intr(): "
3346 "opc done\n");
3347 }
3348 if (status & MACREG_A2HRIC_BIT_MAC_EVENT) {
3349 MWL_DBG(MWL_DBG_INTR, "mwl: mwl_intr(): "
3350 "mac event\n");
3351 }
3352 if (status & MACREG_A2HRIC_BIT_ICV_ERROR) {
3353 MWL_DBG(MWL_DBG_INTR, "mwl: mwl_intr(): "
3354 "ICV error\n");
3355 }
3356 if (status & MACREG_A2HRIC_BIT_QUEUE_EMPTY) {
3357 MWL_DBG(MWL_DBG_INTR, "mwl: mwl_intr(): "
3358 "queue empty\n");
3359 }
3360 if (status & MACREG_A2HRIC_BIT_QUEUE_FULL) {
3361 MWL_DBG(MWL_DBG_INTR, "mwl: mwl_intr(): "
3362 "queue full\n");
3363 }
3364 if (status & MACREG_A2HRIC_BIT_RADAR_DETECT) {
3365 MWL_DBG(MWL_DBG_INTR, "mwl: mwl_intr(): "
3366 "radar detect\n");
3367 }
3368 if (status & MACREG_A2HRIC_BIT_CHAN_SWITCH) {
3369 MWL_DBG(MWL_DBG_INTR, "mwl: mwl_intr(): "
3370 "chan switch\n");
3371 }
3372
3373 MWL_GUNLOCK(sc);
3374
3375 return (DDI_INTR_CLAIMED);
3376 }
3377
3378 static int
3379 mwl_init(struct mwl_softc *sc)
3380 {
3381 struct ieee80211com *ic = &sc->sc_ic;
3382 int err = 0;
3383
3384 mwl_hal_intrset(sc, 0);
3385
3386 sc->sc_txantenna = 0; /* h/w default */
3387 sc->sc_rxantenna = 0; /* h/w default */
3388
3389 err = mwl_hal_setantenna(sc, WL_ANTENNATYPE_RX, sc->sc_rxantenna);
3390 if (err != 0) {
3391 MWL_DBG(MWL_DBG_HW, "mwl: mwl_init(): "
3392 "could not set rx antenna\n");
3393 goto fail;
3394 }
3395
3396 err = mwl_hal_setantenna(sc, WL_ANTENNATYPE_TX, sc->sc_txantenna);
3397 if (err != 0) {
3398 MWL_DBG(MWL_DBG_HW, "mwl: init(): "
3399 "could not set tx antenna\n");
3400 goto fail;
3401 }
3402
3403 err = mwl_hal_setradio(sc, 1, WL_AUTO_PREAMBLE);
3404 if (err != 0) {
3405 MWL_DBG(MWL_DBG_HW, "mwl: init(): "
3406 "could not set radio\n");
3407 goto fail;
3408 }
3409
3410 err = mwl_hal_setwmm(sc, (ic->ic_flags & IEEE80211_F_WME) != 0);
3411 if (err != 0) {
3412 MWL_DBG(MWL_DBG_HW, "mwl: init(): "
3413 "could not set wme\n");
3414 goto fail;
3415 }
3416
3417 /* select default channel */
3418 ic->ic_ibss_chan = &ic->ic_sup_channels[0];
3419 ic->ic_curchan = ic->ic_ibss_chan;
3420 sc->sc_cur_chan = &sc->sc_channels[1];
3421
3422 err = mwl_chan_set(sc, sc->sc_cur_chan);
3423 if (err != 0) {
3424 MWL_DBG(MWL_DBG_HW, "mwl: init(): "
3425 "could not set wme\n");
3426 goto fail;
3427 }
3428
3429 err = mwl_hal_setrateadaptmode(sc, 0);
3430 if (err != 0) {
3431 MWL_DBG(MWL_DBG_HW, "mwl: init(): "
3432 "could not set rate adapt mode\n");
3433 goto fail;
3434 }
3435
3436 err = mwl_hal_setoptimizationlevel(sc,
3437 (ic->ic_flags & IEEE80211_F_BURST) != 0);
3438 if (err != 0) {
3439 MWL_DBG(MWL_DBG_HW, "mwl: init(): "
3440 "could not set optimization level\n");
3441 goto fail;
3442 }
3443
3444 err = mwl_hal_setregioncode(sc, mwl_map2regioncode(&sc->sc_regdomain));
3445 if (err != 0) {
3446 MWL_DBG(MWL_DBG_HW, "mwl: init(): "
3447 "could not set regioncode\n");
3448 goto fail;
3449 }
3450
3451 err = mwl_startrecv(sc);
3452 if (err != 0) {
3453 MWL_DBG(MWL_DBG_HW, "mwl: init(): "
3454 "could not set start recv logic\n");
3455 goto fail;
3456 }
3457
3458 /*
3459 * Enable interrupts.
3460 */
3461 sc->sc_imask = MACREG_A2HRIC_BIT_RX_RDY
3462 | MACREG_A2HRIC_BIT_TX_DONE
3463 | MACREG_A2HRIC_BIT_OPC_DONE
3464 | MACREG_A2HRIC_BIT_ICV_ERROR
3465 | MACREG_A2HRIC_BIT_RADAR_DETECT
3466 | MACREG_A2HRIC_BIT_CHAN_SWITCH
3467 | MACREG_A2HRIC_BIT_BA_WATCHDOG
3468 | MACREQ_A2HRIC_BIT_TX_ACK;
3469
3470 mwl_hal_intrset(sc, sc->sc_imask);
3471
3472 err = mwl_hal_start(sc);
3473 if (err != 0) {
3474 MWL_DBG(MWL_DBG_HW, "mwl: init(): "
3475 "could not get hal start\n");
3476 goto fail;
3477 }
3478
3479 err = mwl_hal_setinframode(sc);
3480 if (err != 0) {
3481 MWL_DBG(MWL_DBG_HW, "mwl: init(): "
3482 "could not set infra mode\n");
3483 goto fail;
3484 }
3485
3486 fail:
3487 return (err);
3488 }
3489
3490 static int
3491 mwl_resume(struct mwl_softc *sc)
3492 {
3493 int qid, err = 0;
3494
3495 err = mwl_fwload(sc, NULL);
3496 if (err != 0) {
3497 MWL_DBG(MWL_DBG_SR, "mwl: mwl_resume(): "
3498 "failed to load fw\n");
3499 goto fail;
3500 }
3501
3502 err = mwl_gethwspecs(sc);
3503 if (err != 0) {
3504 MWL_DBG(MWL_DBG_SR, "mwl: mwl_resume(): "
3505 "failed to get hw spec\n");
3506 goto fail;
3507 }
3508
3509 err = mwl_alloc_rx_ring(sc, MWL_RX_RING_COUNT);
3510 if (err != 0) {
3511 MWL_DBG(MWL_DBG_SR, "mwl: mwl_resume(): "
3512 "could not alloc cmd dma buffer\n");
3513 goto fail;
3514 }
3515
3516 for (qid = 0; qid < MWL_NUM_TX_QUEUES; qid++) {
3517 err = mwl_alloc_tx_ring(sc,
3518 &sc->sc_txring[qid], MWL_TX_RING_COUNT);
3519 if (err != 0) {
3520 MWL_DBG(MWL_DBG_SR, "mwl: mwl_resume(): "
3521 "could not alloc tx ring %d\n", qid);
3522 goto fail;
3523 }
3524 }
3525
3526 err = mwl_setupdma(sc);
3527 if (err != 0) {
3528 MWL_DBG(MWL_DBG_SR, "mwl: mwl_resume(): "
3529 "could not setup dma\n");
3530 goto fail;
3531 }
3532
3533 err = mwl_setup_txq(sc);
3534 if (err != 0) {
3535 MWL_DBG(MWL_DBG_SR, "mwl: mwl_resume(): "
3536 "could not setup txq\n");
3537 goto fail;
3538 }
3539
3540 fail:
3541 return (err);
3542 }
3543
3544 static void
3545 mwl_stop(struct mwl_softc *sc)
3546 {
3547 int err;
3548
3549 /* by pass if it's quiesced */
3550 if (!MWL_IS_QUIESCE(sc))
3551 MWL_GLOCK(sc);
3552
3553 err = mwl_hal_stop(sc);
3554 if (err != 0) {
3555 MWL_DBG(MWL_DBG_HW, "mwl: mwl_stop(): "
3556 "could not stop hw\n");
3557 }
3558
3559 /* by pass if it's quiesced */
3560 if (!MWL_IS_QUIESCE(sc))
3561 MWL_GUNLOCK(sc);
3562 }
3563
3564 static int
3565 mwl_m_stat(void *arg, uint_t stat, uint64_t *val)
3566 {
3567 struct mwl_softc *sc = (struct mwl_softc *)arg;
3568 struct ieee80211com *ic = &sc->sc_ic;
3569 struct ieee80211_node *ni = NULL;
3570 struct ieee80211_rateset *rs = NULL;
3571
3572 MWL_GLOCK(sc);
3573 switch (stat) {
3574 case MAC_STAT_IFSPEED:
3575 ni = ic->ic_bss;
3576 rs = &ni->in_rates;
3577 *val = ((ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) ?
3578 (rs->ir_rates[ni->in_txrate] & IEEE80211_RATE_VAL)
3579 : ic->ic_fixed_rate) / 2 * 1000000;
3580 break;
3581 case MAC_STAT_NOXMTBUF:
3582 *val = sc->sc_tx_nobuf;
3583 break;
3584 case MAC_STAT_NORCVBUF:
3585 *val = sc->sc_rx_nobuf;
3586 break;
3587 case MAC_STAT_IERRORS:
3588 *val = sc->sc_rx_err;
3589 break;
3590 case MAC_STAT_RBYTES:
3591 *val = ic->ic_stats.is_rx_bytes;
3592 break;
3593 case MAC_STAT_IPACKETS:
3594 *val = ic->ic_stats.is_rx_frags;
3595 break;
3596 case MAC_STAT_OBYTES:
3597 *val = ic->ic_stats.is_tx_bytes;
3598 break;
3599 case MAC_STAT_OPACKETS:
3600 *val = ic->ic_stats.is_tx_frags;
3601 break;
3602 case MAC_STAT_OERRORS:
3603 case WIFI_STAT_TX_FAILED:
3604 *val = sc->sc_tx_err;
3605 break;
3606 case WIFI_STAT_TX_RETRANS:
3607 *val = sc->sc_tx_retries;
3608 break;
3609 case WIFI_STAT_FCS_ERRORS:
3610 case WIFI_STAT_WEP_ERRORS:
3611 case WIFI_STAT_TX_FRAGS:
3612 case WIFI_STAT_MCAST_TX:
3613 case WIFI_STAT_RTS_SUCCESS:
3614 case WIFI_STAT_RTS_FAILURE:
3615 case WIFI_STAT_ACK_FAILURE:
3616 case WIFI_STAT_RX_FRAGS:
3617 case WIFI_STAT_MCAST_RX:
3618 case WIFI_STAT_RX_DUPS:
3619 MWL_GUNLOCK(sc);
3620 return (ieee80211_stat(ic, stat, val));
3621 default:
3622 MWL_GUNLOCK(sc);
3623 return (ENOTSUP);
3624 }
3625
3626 MWL_GUNLOCK(sc);
3627 return (0);
3628 }
3629
3630 static int
3631 mwl_m_start(void *arg)
3632 {
3633 struct mwl_softc *sc = (struct mwl_softc *)arg;
3634 struct ieee80211com *ic = &sc->sc_ic;
3635 int err;
3636
3637 err = mwl_init(sc);
3638 if (err != DDI_SUCCESS) {
3639 MWL_DBG(MWL_DBG_HW, "mwl: mwl_m_start():"
3640 "Hardware initialization failed\n");
3641 goto fail1;
3642 }
3643
3644 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
3645
3646 MWL_GLOCK(sc);
3647 sc->sc_flags |= MWL_F_RUNNING;
3648 MWL_GUNLOCK(sc);
3649
3650 return (0);
3651 fail1:
3652 mwl_stop(sc);
3653 return (err);
3654 }
3655
3656 static void
3657 mwl_m_stop(void *arg)
3658 {
3659 struct mwl_softc *sc = (struct mwl_softc *)arg;
3660
3661 mwl_stop(sc);
3662
3663 ieee80211_new_state(&sc->sc_ic, IEEE80211_S_INIT, -1);
3664
3665 MWL_GLOCK(sc);
3666 sc->sc_flags &= ~MWL_F_RUNNING;
3667 MWL_GUNLOCK(sc);
3668 }
3669
3670 /*ARGSUSED*/
3671 static int
3672 mwl_m_promisc(void *arg, boolean_t on)
3673 {
3674 struct mwl_softc *sc = (struct mwl_softc *)arg;
3675 int err;
3676
3677 err = mwl_hal_setpromisc(sc, on);
3678
3679 return (err);
3680 }
3681
3682 /*ARGSUSED*/
3683 static int
3684 mwl_m_multicst(void *arg, boolean_t add, const uint8_t *mca)
3685 {
3686 return (ENOTSUP);
3687 }
3688
3689 /*ARGSUSED*/
3690 static int
3691 mwl_m_unicst(void *arg, const uint8_t *macaddr)
3692 {
3693 return (ENOTSUP);
3694 }
3695
3696 static mblk_t *
3697 mwl_m_tx(void *arg, mblk_t *mp)
3698 {
3699 struct mwl_softc *sc = (struct mwl_softc *)arg;
3700 struct ieee80211com *ic = &sc->sc_ic;
3701 mblk_t *next;
3702
3703 if (MWL_IS_SUSPEND(sc)) {
3704 freemsgchain(mp);
3705 return (NULL);
3706 }
3707
3708 /*
3709 * No data frames go out unless we're associated; this
3710 * should not happen as the 802.11 layer does not enable
3711 * the xmit queue until we enter the RUN state.
3712 */
3713 if (ic->ic_state != IEEE80211_S_RUN) {
3714 MWL_DBG(MWL_DBG_TX, "mwl: mwl_m_tx(): "
3715 "discard, state %u\n", ic->ic_state);
3716 freemsgchain(mp);
3717 return (NULL);
3718 }
3719
3720 while (mp != NULL) {
3721 next = mp->b_next;
3722 mp->b_next = NULL;
3723 if (mwl_send(ic, mp, IEEE80211_FC0_TYPE_DATA) !=
3724 DDI_SUCCESS) {
3725 mp->b_next = next;
3726 break;
3727 }
3728 mp = next;
3729 }
3730 return (mp);
3731 }
3732
3733 static void
3734 mwl_m_ioctl(void* arg, queue_t *wq, mblk_t *mp)
3735 {
3736 struct mwl_softc *sc = (struct mwl_softc *)arg;
3737 struct ieee80211com *ic = &sc->sc_ic;
3738 int err;
3739
3740 err = ieee80211_ioctl(ic, wq, mp);
3741 if (err == ENETRESET) {
3742 if (ic->ic_des_esslen) {
3743 if (MWL_IS_RUNNING(sc)) {
3744 (void) mwl_init(sc);
3745 (void) ieee80211_new_state(ic,
3746 IEEE80211_S_SCAN, -1);
3747 }
3748 }
3749 }
3750 }
3751
3752 /*
3753 * Call back function for get/set proporty
3754 */
3755 static int
3756 mwl_m_getprop(void *arg, const char *pr_name, mac_prop_id_t wldp_pr_num,
3757 uint_t wldp_length, void *wldp_buf)
3758 {
3759 struct mwl_softc *sc = (struct mwl_softc *)arg;
3760 int err = 0;
3761
3762 err = ieee80211_getprop(&sc->sc_ic, pr_name, wldp_pr_num,
3763 wldp_length, wldp_buf);
3764
3765 return (err);
3766 }
3767
3768 static void
3769 mwl_m_propinfo(void *arg, const char *pr_name, mac_prop_id_t wldp_pr_num,
3770 mac_prop_info_handle_t prh)
3771 {
3772 struct mwl_softc *sc = (struct mwl_softc *)arg;
3773
3774 ieee80211_propinfo(&sc->sc_ic, pr_name, wldp_pr_num, prh);
3775 }
3776
3777 static int
3778 mwl_m_setprop(void *arg, const char *pr_name, mac_prop_id_t wldp_pr_num,
3779 uint_t wldp_length, const void *wldp_buf)
3780 {
3781 struct mwl_softc *sc = (struct mwl_softc *)arg;
3782 ieee80211com_t *ic = &sc->sc_ic;
3783 int err;
3784
3785 err = ieee80211_setprop(ic, pr_name, wldp_pr_num, wldp_length,
3786 wldp_buf);
3787 if (err == ENETRESET) {
3788 if (ic->ic_des_esslen) {
3789 if (MWL_IS_RUNNING(sc)) {
3790 (void) mwl_init(sc);
3791 (void) ieee80211_new_state(ic,
3792 IEEE80211_S_SCAN, -1);
3793 }
3794 }
3795 err = 0;
3796 }
3797 return (err);
3798 }
3799
3800 static int
3801 mwl_attach(dev_info_t *devinfo, ddi_attach_cmd_t cmd)
3802 {
3803 struct mwl_softc *sc;
3804 struct ieee80211com *ic;
3805 int i, err, qid, instance;
3806 int intr_type, intr_count, intr_actual;
3807 char strbuf[32];
3808 uint8_t csz;
3809 uint16_t vendor_id, device_id, command;
3810
3811 wifi_data_t wd = { 0 };
3812 mac_register_t *macp;
3813
3814 switch (cmd) {
3815 case DDI_ATTACH:
3816 break;
3817 case DDI_RESUME:
3818 sc = ddi_get_soft_state(mwl_soft_state_p,
3819 ddi_get_instance(devinfo));
3820 ASSERT(sc != NULL);
3821 MWL_GLOCK(sc);
3822 sc->sc_flags &= ~MWL_F_SUSPEND;
3823 MWL_GUNLOCK(sc);
3824 if (mwl_resume(sc) != 0) {
3825 MWL_DBG(MWL_DBG_SR, "mwl: mwl_attach(): "
3826 "failed to resume\n");
3827 return (DDI_FAILURE);
3828 }
3829 if (MWL_IS_RUNNING(sc)) {
3830 (void) mwl_init(sc);
3831 ieee80211_new_state(&sc->sc_ic, IEEE80211_S_INIT, -1);
3832 }
3833 MWL_DBG(MWL_DBG_SR, "mwl: mwl_attach(): "
3834 "resume now\n");
3835 return (DDI_SUCCESS);
3836 default:
3837 return (DDI_FAILURE);
3838 }
3839
3840 instance = ddi_get_instance(devinfo);
3841 if (ddi_soft_state_zalloc(mwl_soft_state_p,
3842 ddi_get_instance(devinfo)) != DDI_SUCCESS) {
3843 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3844 "Unable to alloc soft state\n");
3845 return (DDI_FAILURE);
3846 }
3847
3848 sc = ddi_get_soft_state(mwl_soft_state_p, ddi_get_instance(devinfo));
3849 ic = &sc->sc_ic;
3850 sc->sc_dev = devinfo;
3851
3852 /* PCI configuration space */
3853 err = ddi_regs_map_setup(devinfo, 0, (caddr_t *)&sc->sc_cfg_base, 0, 0,
3854 &mwl_reg_accattr, &sc->sc_cfg_handle);
3855 if (err != DDI_SUCCESS) {
3856 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3857 "ddi_regs_map_setup() failed");
3858 goto attach_fail0;
3859 }
3860 csz = ddi_get8(sc->sc_cfg_handle,
3861 (uint8_t *)(sc->sc_cfg_base + PCI_CONF_CACHE_LINESZ));
3862 if (!csz)
3863 csz = 16;
3864 sc->sc_cachelsz = csz << 2;
3865 sc->sc_dmabuf_size = roundup(IEEE80211_MAX_LEN, sc->sc_cachelsz);
3866 vendor_id = ddi_get16(sc->sc_cfg_handle,
3867 (uint16_t *)(sc->sc_cfg_base + PCI_CONF_VENID));
3868 device_id = ddi_get16(sc->sc_cfg_handle,
3869 (uint16_t *)(sc->sc_cfg_base + PCI_CONF_DEVID));
3870 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3871 "vendor 0x%x, device id 0x%x, cache size %d\n",
3872 vendor_id, device_id, csz);
3873
3874 /*
3875 * Enable response to memory space accesses,
3876 * and enabe bus master.
3877 */
3878 command = PCI_COMM_MAE | PCI_COMM_ME;
3879 ddi_put16(sc->sc_cfg_handle,
3880 (uint16_t *)((uintptr_t)(sc->sc_cfg_base) + PCI_CONF_COMM),
3881 command);
3882 ddi_put8(sc->sc_cfg_handle,
3883 (uint8_t *)(sc->sc_cfg_base + PCI_CONF_LATENCY_TIMER), 0xa8);
3884 ddi_put8(sc->sc_cfg_handle,
3885 (uint8_t *)(sc->sc_cfg_base + PCI_CONF_ILINE), 0x10);
3886
3887 /* BAR0 */
3888 err = ddi_regs_map_setup(devinfo, 1,
3889 &sc->sc_mem_base, 0, 0, &mwl_reg_accattr, &sc->sc_mem_handle);
3890 if (err != DDI_SUCCESS) {
3891 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3892 "i/o space failed");
3893 goto attach_fail1;
3894 }
3895
3896 /* BAR1 */
3897 err = ddi_regs_map_setup(devinfo, 2,
3898 &sc->sc_io_base, 0, 0, &mwl_reg_accattr, &sc->sc_io_handle);
3899 if (err != DDI_SUCCESS) {
3900 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3901 "memory space failed");
3902 goto attach_fail2;
3903 }
3904
3905 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3906 "PCI configuration is done successfully\n");
3907
3908 /*
3909 * Alloc cmd DMA buffer for firmware download
3910 */
3911 err = mwl_alloc_cmdbuf(sc);
3912 if (err != 0) {
3913 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3914 "could not alloc cmd dma buffer\n");
3915 goto attach_fail3;
3916 }
3917
3918 sc->sc_imask = 0;
3919 sc->sc_hw_flags = 0;
3920 sc->sc_flags = 0;
3921
3922 /*
3923 * Some cards have SDRAM. When loading firmware we need
3924 * to reset the SDRAM controller prior to doing this.
3925 * When the SDRAMSIZE is non-zero we do that work in
3926 * mwl_hal_fwload.
3927 */
3928 switch (device_id) {
3929 case 0x2a02: /* CB82 */
3930 case 0x2a03: /* CB85 */
3931 case 0x2a08: /* MC85_B1 */
3932 case 0x2a0b: /* CB85AP */
3933 case 0x2a24:
3934 sc->sc_SDRAMSIZE_Addr = 0x40fe70b7; /* 8M SDRAM */
3935 break;
3936 case 0x2a04: /* MC85 */
3937 sc->sc_SDRAMSIZE_Addr = 0x40fc70b7; /* 16M SDRAM */
3938 break;
3939 default:
3940 break;
3941 }
3942
3943 err = mwl_fwload(sc, NULL);
3944 if (err != 0) {
3945 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3946 "firmware download failed\n");
3947 goto attach_fail4;
3948 }
3949
3950 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3951 "firmware download successfully\n");
3952
3953 err = mwl_gethwspecs(sc);
3954 if (err != 0) {
3955 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3956 "failed to get hw spec\n");
3957 goto attach_fail4;
3958 }
3959
3960 err = mwl_getchannels(sc);
3961 if (err != 0) {
3962 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3963 "failed to get channels\n");
3964 goto attach_fail4;
3965 }
3966
3967 /*
3968 * Alloc rx DMA buffer
3969 */
3970 err = mwl_alloc_rx_ring(sc, MWL_RX_RING_COUNT);
3971 if (err != 0) {
3972 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3973 "could not alloc cmd dma buffer\n");
3974 goto attach_fail5;
3975 }
3976
3977 /*
3978 * Alloc rx DMA buffer
3979 */
3980 for (qid = 0; qid < MWL_NUM_TX_QUEUES; qid++) {
3981 err = mwl_alloc_tx_ring(sc,
3982 &sc->sc_txring[qid], MWL_TX_RING_COUNT);
3983 if (err != 0) {
3984 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3985 "could not alloc tx ring %d\n", qid);
3986 goto attach_fail6;
3987 }
3988 }
3989
3990 err = mwl_setupdma(sc);
3991 if (err != 0) {
3992 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
3993 "could not setup dma\n");
3994 goto attach_fail6;
3995 }
3996
3997 err = mwl_setup_txq(sc);
3998 if (err != 0) {
3999 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4000 "could not setup txq\n");
4001 goto attach_fail6;
4002 }
4003
4004 IEEE80211_ADDR_COPY(ic->ic_macaddr, sc->sc_hwspecs.macAddr);
4005 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4006 "mwl MAC:%2x:%2x:%2x:%2x:%2x:%2x\n",
4007 ic->ic_macaddr[0],
4008 ic->ic_macaddr[1],
4009 ic->ic_macaddr[2],
4010 ic->ic_macaddr[3],
4011 ic->ic_macaddr[4],
4012 ic->ic_macaddr[5]);
4013
4014 err = mwl_hal_setmac_locked(sc, ic->ic_macaddr);
4015 if (err != 0) { /* NB: mwl_setupdma prints msg */
4016 MWL_DBG(MWL_DBG_ATTACH, "mwl: attach(): "
4017 "could not set mac\n");
4018 goto attach_fail6;
4019 }
4020
4021 mutex_init(&sc->sc_glock, NULL, MUTEX_DRIVER, NULL);
4022 mutex_init(&sc->sc_rxlock, NULL, MUTEX_DRIVER, NULL);
4023 mutex_init(&sc->sc_txlock, NULL, MUTEX_DRIVER, NULL);
4024
4025
4026 /* set supported rates */
4027 ic->ic_sup_rates[IEEE80211_MODE_11B] = mwl_rateset_11b;
4028 ic->ic_sup_rates[IEEE80211_MODE_11G] = mwl_rateset_11g;
4029
4030 /* set supported .11b and .11g channels (1 through 14) */
4031 for (i = 1; i <= 14; i++) {
4032 ic->ic_sup_channels[i].ich_freq =
4033 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
4034 ic->ic_sup_channels[i].ich_flags =
4035 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
4036 }
4037
4038 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
4039 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
4040 ic->ic_state = IEEE80211_S_INIT;
4041
4042 /* set device capabilities */
4043 ic->ic_caps =
4044 IEEE80211_C_TXPMGT | /* tx power management */
4045 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
4046 IEEE80211_C_SHSLOT; /* short slot time supported */
4047
4048 /* WPA/WPA2 support */
4049 ic->ic_caps |= IEEE80211_C_WPA; /* Support WPA/WPA2 */
4050
4051 /* Enable hardware encryption */
4052 ic->ic_caps |= IEEE80211_C_WEP | IEEE80211_C_TKIP | IEEE80211_C_AES_CCM;
4053
4054 ic->ic_xmit = mwl_send;
4055
4056 ieee80211_attach(ic);
4057
4058 /* register WPA door */
4059 ieee80211_register_door(ic, ddi_driver_name(devinfo),
4060 ddi_get_instance(devinfo));
4061
4062 /* override state transition machine */
4063 sc->sc_newstate = ic->ic_newstate;
4064 ic->ic_newstate = mwl_newstate;
4065 ic->ic_node_alloc = mwl_node_alloc;
4066 ic->ic_node_free = mwl_node_free;
4067 ic->ic_crypto.cs_max_keyix = 0;
4068 ic->ic_crypto.cs_key_alloc = mwl_key_alloc;
4069 ic->ic_crypto.cs_key_delete = mwl_key_delete;
4070 ic->ic_crypto.cs_key_set = mwl_key_set;
4071
4072 ieee80211_media_init(ic);
4073
4074 ic->ic_def_txkey = 0;
4075
4076 err = mwl_hal_newstation(sc, ic->ic_macaddr, 0, 0, NULL, 0, 0);
4077 if (err != 0) {
4078 MWL_DBG(MWL_DBG_ATTACH, "mwl: attach(): "
4079 "could not create new station\n");
4080 goto attach_fail7;
4081 }
4082
4083 IEEE80211_ADDR_COPY(ic->ic_bss->in_bssid, ic->ic_macaddr);
4084 // mwl_setglobalkeys(ic);
4085
4086 err = ddi_intr_get_supported_types(devinfo, &intr_type);
4087 if ((err != DDI_SUCCESS) || (!(intr_type & DDI_INTR_TYPE_FIXED))) {
4088 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4089 "fixed type interrupt is not supported\n");
4090 goto attach_fail7;
4091 }
4092
4093 err = ddi_intr_get_nintrs(devinfo, DDI_INTR_TYPE_FIXED, &intr_count);
4094 if ((err != DDI_SUCCESS) || (intr_count != 1)) {
4095 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4096 "no fixed interrupts\n");
4097 goto attach_fail7;
4098 }
4099
4100 sc->sc_intr_htable = kmem_zalloc(sizeof (ddi_intr_handle_t), KM_SLEEP);
4101
4102 err = ddi_intr_alloc(devinfo, sc->sc_intr_htable,
4103 DDI_INTR_TYPE_FIXED, 0, intr_count, &intr_actual, 0);
4104 if ((err != DDI_SUCCESS) || (intr_actual != 1)) {
4105 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4106 "ddi_intr_alloc() failed 0x%x\n", err);
4107 goto attach_fail8;
4108 }
4109
4110 err = ddi_intr_get_pri(sc->sc_intr_htable[0], &sc->sc_intr_pri);
4111 if (err != DDI_SUCCESS) {
4112 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4113 "ddi_intr_get_pri() failed 0x%x\n", err);
4114 goto attach_fail9;
4115 }
4116
4117 err = ddi_intr_add_softint(devinfo, &sc->sc_softintr_hdl,
4118 DDI_INTR_SOFTPRI_MAX, mwl_softintr, (caddr_t)sc);
4119 if (err != DDI_SUCCESS) {
4120 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4121 "ddi_add_softintr() failed");
4122 goto attach_fail9;
4123 }
4124
4125 err = ddi_intr_add_handler(sc->sc_intr_htable[0], mwl_intr,
4126 (caddr_t)sc, NULL);
4127 if (err != DDI_SUCCESS) {
4128 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4129 "ddi_intr_addr_handle() failed\n");
4130 goto attach_fail10;
4131 }
4132
4133 err = ddi_intr_enable(sc->sc_intr_htable[0]);
4134 if (err != DDI_SUCCESS) {
4135 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4136 "ddi_intr_enable() failed\n");
4137 goto attach_fail11;
4138 }
4139
4140 /*
4141 * Provide initial settings for the WiFi plugin; whenever this
4142 * information changes, we need to call mac_plugindata_update()
4143 */
4144 wd.wd_opmode = ic->ic_opmode;
4145 wd.wd_secalloc = WIFI_SEC_NONE;
4146 IEEE80211_ADDR_COPY(wd.wd_bssid, ic->ic_bss->in_bssid);
4147
4148 if ((macp = mac_alloc(MAC_VERSION)) == NULL) {
4149 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4150 "MAC version mismatch\n");
4151 goto attach_fail12;
4152 }
4153
4154 macp->m_type_ident = MAC_PLUGIN_IDENT_WIFI;
4155 macp->m_driver = sc;
4156 macp->m_dip = devinfo;
4157 macp->m_src_addr = ic->ic_macaddr;
4158 macp->m_callbacks = &mwl_m_callbacks;
4159 macp->m_min_sdu = 0;
4160 macp->m_max_sdu = IEEE80211_MTU;
4161 macp->m_pdata = &wd;
4162 macp->m_pdata_size = sizeof (wd);
4163
4164 err = mac_register(macp, &ic->ic_mach);
4165 mac_free(macp);
4166 if (err != 0) {
4167 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4168 "mac_register err %x\n", err);
4169 goto attach_fail12;
4170 }
4171
4172 /*
4173 * Create minor node of type DDI_NT_NET_WIFI
4174 */
4175 (void) snprintf(strbuf, sizeof (strbuf), "%s%d",
4176 "mwl", instance);
4177 err = ddi_create_minor_node(devinfo, strbuf, S_IFCHR,
4178 instance + 1, DDI_NT_NET_WIFI, 0);
4179 if (err != 0) {
4180 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4181 "create minor node error\n");
4182 goto attach_fail13;
4183 }
4184
4185 /*
4186 * Notify link is down now
4187 */
4188 mac_link_update(ic->ic_mach, LINK_STATE_DOWN);
4189
4190 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_attach(): "
4191 "driver attach successfully\n");
4192 return (DDI_SUCCESS);
4193
4194 attach_fail13:
4195 (void) mac_disable(ic->ic_mach);
4196 (void) mac_unregister(ic->ic_mach);
4197 attach_fail12:
4198 (void) ddi_intr_disable(sc->sc_intr_htable[0]);
4199 attach_fail11:
4200 (void) ddi_intr_remove_handler(sc->sc_intr_htable[0]);
4201 attach_fail10:
4202 (void) ddi_intr_remove_softint(sc->sc_softintr_hdl);
4203 sc->sc_softintr_hdl = NULL;
4204 attach_fail9:
4205 (void) ddi_intr_free(sc->sc_intr_htable[0]);
4206 attach_fail8:
4207 kmem_free(sc->sc_intr_htable, sizeof (ddi_intr_handle_t));
4208 attach_fail7:
4209 mutex_destroy(&sc->sc_txlock);
4210 mutex_destroy(&sc->sc_rxlock);
4211 mutex_destroy(&sc->sc_glock);
4212 attach_fail6:
4213 while (--qid >= 0)
4214 mwl_free_tx_ring(sc, &sc->sc_txring[qid]);
4215 attach_fail5:
4216 mwl_free_rx_ring(sc);
4217 attach_fail4:
4218 mwl_free_cmdbuf(sc);
4219 attach_fail3:
4220 ddi_regs_map_free(&sc->sc_mem_handle);
4221 attach_fail2:
4222 ddi_regs_map_free(&sc->sc_io_handle);
4223 attach_fail1:
4224 ddi_regs_map_free(&sc->sc_cfg_handle);
4225 attach_fail0:
4226 ddi_soft_state_free(mwl_soft_state_p, ddi_get_instance(devinfo));
4227 return (DDI_FAILURE);
4228 }
4229
4230 static int32_t
4231 mwl_detach(dev_info_t *devinfo, ddi_detach_cmd_t cmd)
4232 {
4233 struct mwl_softc *sc;
4234 int qid;
4235
4236 sc = ddi_get_soft_state(mwl_soft_state_p, ddi_get_instance(devinfo));
4237 ASSERT(sc != NULL);
4238
4239 switch (cmd) {
4240 case DDI_DETACH:
4241 break;
4242 case DDI_SUSPEND:
4243 if (MWL_IS_RUNNING(sc))
4244 mwl_stop(sc);
4245 for (qid = 0; qid < MWL_NUM_TX_QUEUES; qid++)
4246 mwl_free_tx_ring(sc, &sc->sc_txring[qid]);
4247 mwl_free_rx_ring(sc);
4248 MWL_GLOCK(sc);
4249 sc->sc_flags |= MWL_F_SUSPEND;
4250 MWL_GUNLOCK(sc);
4251 MWL_DBG(MWL_DBG_SR, "mwl: mwl_detach(): "
4252 "suspend now\n");
4253 return (DDI_SUCCESS);
4254 default:
4255 return (DDI_FAILURE);
4256 }
4257
4258 if (mac_disable(sc->sc_ic.ic_mach) != 0)
4259 return (DDI_FAILURE);
4260
4261 /*
4262 * Unregister from the MAC layer subsystem
4263 */
4264 (void) mac_unregister(sc->sc_ic.ic_mach);
4265
4266 (void) ddi_intr_remove_softint(sc->sc_softintr_hdl);
4267 sc->sc_softintr_hdl = NULL;
4268 (void) ddi_intr_disable(sc->sc_intr_htable[0]);
4269 (void) ddi_intr_remove_handler(sc->sc_intr_htable[0]);
4270 (void) ddi_intr_free(sc->sc_intr_htable[0]);
4271 kmem_free(sc->sc_intr_htable, sizeof (ddi_intr_handle_t));
4272
4273 /*
4274 * detach ieee80211 layer
4275 */
4276 ieee80211_detach(&sc->sc_ic);
4277
4278
4279 for (qid = 0; qid < MWL_NUM_TX_QUEUES; qid++)
4280 mwl_free_tx_ring(sc, &sc->sc_txring[qid]);
4281 mwl_free_rx_ring(sc);
4282 mwl_free_cmdbuf(sc);
4283
4284 mutex_destroy(&sc->sc_txlock);
4285 mutex_destroy(&sc->sc_rxlock);
4286 mutex_destroy(&sc->sc_glock);
4287
4288 ddi_regs_map_free(&sc->sc_mem_handle);
4289 ddi_regs_map_free(&sc->sc_io_handle);
4290 ddi_regs_map_free(&sc->sc_cfg_handle);
4291
4292 ddi_remove_minor_node(devinfo, NULL);
4293 ddi_soft_state_free(mwl_soft_state_p, ddi_get_instance(devinfo));
4294
4295 MWL_DBG(MWL_DBG_ATTACH, "mwl: mwl_detach(): "
4296 "detach successfully\n");
4297 return (DDI_SUCCESS);
4298 }
4299
4300 /*
4301 * quiesce(9E) entry point.
4302 *
4303 * This function is called when the system is single-threaded at high
4304 * PIL with preemption disabled. Therefore, this function must not be
4305 * blocked.
4306 *
4307 * This function returns DDI_SUCCESS on success, or DDI_FAILURE on failure.
4308 * DDI_FAILURE indicates an error condition and should almost never happen.
4309 */
4310 int
4311 mwl_quiesce(dev_info_t *dip)
4312 {
4313 struct mwl_softc *sc;
4314
4315 sc = ddi_get_soft_state(mwl_soft_state_p, ddi_get_instance(dip));
4316 if (sc == NULL)
4317 return (DDI_FAILURE);
4318
4319 #ifdef DEBUG
4320 mwl_dbg_flags = 0;
4321 #endif
4322
4323 /*
4324 * No more blocking is allowed while we are in quiesce(9E) entry point
4325 */
4326 sc->sc_flags |= MWL_F_QUIESCE;
4327
4328 /*
4329 * Disable all interrupts
4330 */
4331 mwl_stop(sc);
4332 return (DDI_SUCCESS);
4333 }
4334
4335 int
4336 _init(void)
4337 {
4338 int status;
4339
4340 status = ddi_soft_state_init(&mwl_soft_state_p,
4341 sizeof (struct mwl_softc), 1);
4342 if (status != 0)
4343 return (status);
4344
4345 mac_init_ops(&mwl_dev_ops, "mwl");
4346 status = mod_install(&modlinkage);
4347 if (status != 0) {
4348 mac_fini_ops(&mwl_dev_ops);
4349 ddi_soft_state_fini(&mwl_soft_state_p);
4350 }
4351 return (status);
4352 }
4353
4354 int
4355 _info(struct modinfo *modinfop)
4356 {
4357 return (mod_info(&modlinkage, modinfop));
4358 }
4359
4360 int
4361 _fini(void)
4362 {
4363 int status;
4364
4365 status = mod_remove(&modlinkage);
4366 if (status == 0) {
4367 mac_fini_ops(&mwl_dev_ops);
4368 ddi_soft_state_fini(&mwl_soft_state_p);
4369 }
4370 return (status);
4371 }