1 /* $NetBSD: rtw.c,v 1.137 2021/11/10 16:17:34 msaitoh Exp $ */
2 /*-
3  * Copyright (c) 2004, 2005, 2006, 2007 David Young.  All rights
4  * reserved.
5  *
6  * Programmed for NetBSD by David Young.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY David Young ``AS IS'' AND ANY
18  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
19  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
20  * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL David
21  * Young BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
23  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
26  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
28  * OF SUCH DAMAGE.
29  */
30 /*
31  * Device driver for the Realtek RTL8180 802.11 MAC/BBP.
32  */
33 
34 #include <sys/cdefs.h>
35 __KERNEL_RCSID(0, "$NetBSD: rtw.c,v 1.137 2021/11/10 16:17:34 msaitoh Exp $");
36 
37 
38 #include <sys/param.h>
39 #include <sys/sysctl.h>
40 #include <sys/systm.h>
41 #include <sys/callout.h>
42 #include <sys/mbuf.h>
43 #include <sys/malloc.h>
44 #include <sys/kernel.h>
45 #include <sys/time.h>
46 #include <sys/types.h>
47 #include <sys/device.h>
48 #include <sys/sockio.h>
49 
50 #include <machine/endian.h>
51 #include <sys/bus.h>
52 #include <sys/intr.h>         /* splnet */
53 
54 #include <net/if.h>
55 #include <net/if_media.h>
56 #include <net/if_ether.h>
57 
58 #include <net80211/ieee80211_netbsd.h>
59 #include <net80211/ieee80211_var.h>
60 #include <net80211/ieee80211_radiotap.h>
61 
62 #include <net/bpf.h>
63 
64 #include <dev/ic/rtwreg.h>
65 #include <dev/ic/rtwvar.h>
66 #include <dev/ic/rtwphyio.h>
67 #include <dev/ic/rtwphy.h>
68 
69 #include <dev/ic/smc93cx6var.h>
70 
71 static int rtw_rfprog_fallback = 0;
72 static int rtw_host_rfio = 0;
73 
74 #ifdef RTW_DEBUG
75 int rtw_debug = 0;
76 static int rtw_rxbufs_limit = RTW_RXQLEN;
77 #endif /* RTW_DEBUG */
78 
79 #define NEXT_ATTACH_STATE(sc, state) do {                             \
80           DPRINTF(sc, RTW_DEBUG_ATTACH,                               \
81               ("%s: attach state %s\n", __func__, #state)); \
82           sc->sc_attach_state = state;                                \
83 } while (0)
84 
85 int rtw_dwelltime = 200;      /* milliseconds */
86 static struct ieee80211_cipher rtw_cipher_wep;
87 
88 static void rtw_disable_interrupts(struct rtw_regs *);
89 static void rtw_enable_interrupts(struct rtw_softc *);
90 
91 static int rtw_init(struct ifnet *);
92 static void rtw_softintr(void *);
93 
94 static void rtw_start(struct ifnet *);
95 static void rtw_reset_oactive(struct rtw_softc *);
96 static struct mbuf *rtw_beacon_alloc(struct rtw_softc *,
97     struct ieee80211_node *);
98 static u_int rtw_txring_next(struct rtw_regs *, struct rtw_txdesc_blk *);
99 
100 static void rtw_io_enable(struct rtw_softc *, uint8_t, int);
101 static int rtw_key_delete(struct ieee80211com *, const struct ieee80211_key *);
102 static int rtw_key_set(struct ieee80211com *, const struct ieee80211_key *,
103     const uint8_t[IEEE80211_ADDR_LEN]);
104 static void rtw_key_update_end(struct ieee80211com *);
105 static void rtw_key_update_begin(struct ieee80211com *);
106 static int rtw_wep_decap(struct ieee80211_key *, struct mbuf *, int);
107 static void rtw_wep_setkeys(struct rtw_softc *, struct ieee80211_key *, int);
108 
109 static void rtw_led_attach(struct rtw_led_state *, void *);
110 static void rtw_led_detach(struct rtw_led_state *);
111 static void rtw_led_init(struct rtw_regs *);
112 static void rtw_led_slowblink(void *);
113 static void rtw_led_fastblink(void *);
114 static void rtw_led_set(struct rtw_led_state *, struct rtw_regs *, int);
115 
116 static int rtw_sysctl_verify_rfio(SYSCTLFN_PROTO);
117 static int rtw_sysctl_verify_rfprog(SYSCTLFN_PROTO);
118 #ifdef RTW_DEBUG
119 static void rtw_dump_rings(struct rtw_softc *sc);
120 static void rtw_print_txdesc(struct rtw_softc *, const char *,
121     struct rtw_txsoft *, struct rtw_txdesc_blk *, int);
122 static int rtw_sysctl_verify_debug(SYSCTLFN_PROTO);
123 static int rtw_sysctl_verify_rxbufs_limit(SYSCTLFN_PROTO);
124 #endif /* RTW_DEBUG */
125 #ifdef RTW_DIAG
126 static void rtw_txring_fixup(struct rtw_softc *sc, const char *fn, int ln);
127 #endif /* RTW_DIAG */
128 
129 /*
130  * Setup sysctl(3) MIB, hw.rtw.*
131  *
132  * TBD condition CTLFLAG_PERMANENT on being a module or not
133  */
134 SYSCTL_SETUP(sysctl_rtw, "sysctl rtw(4) subtree setup")
135 {
136           int rc;
137           const struct sysctlnode *cnode, *rnode;
138 
139           if ((rc = sysctl_createv(clog, 0, NULL, &rnode,
140               CTLFLAG_PERMANENT, CTLTYPE_NODE, "rtw",
141               "Realtek RTL818x 802.11 controls",
142               NULL, 0, NULL, 0, CTL_HW, CTL_CREATE, CTL_EOL)) != 0)
143                     goto err;
144 
145 #ifdef RTW_DEBUG
146           /* control debugging printfs */
147           if ((rc = sysctl_createv(clog, 0, &rnode, &cnode,
148               CTLFLAG_PERMANENT | CTLFLAG_READWRITE, CTLTYPE_INT,
149               "debug", SYSCTL_DESCR("Enable RTL818x debugging output"),
150               rtw_sysctl_verify_debug, 0, &rtw_debug, 0,
151               CTL_CREATE, CTL_EOL)) != 0)
152                     goto err;
153 
154           /* Limit rx buffers, for simulating resource exhaustion. */
155           if ((rc = sysctl_createv(clog, 0, &rnode, &cnode,
156               CTLFLAG_PERMANENT | CTLFLAG_READWRITE, CTLTYPE_INT,
157               "rxbufs_limit",
158               SYSCTL_DESCR("Set rx buffers limit"),
159               rtw_sysctl_verify_rxbufs_limit, 0, &rtw_rxbufs_limit, 0,
160               CTL_CREATE, CTL_EOL)) != 0)
161                     goto err;
162 
163 #endif /* RTW_DEBUG */
164           /* set fallback RF programming method */
165           if ((rc = sysctl_createv(clog, 0, &rnode, &cnode,
166               CTLFLAG_PERMANENT | CTLFLAG_READWRITE, CTLTYPE_INT,
167               "rfprog_fallback",
168               SYSCTL_DESCR("Set fallback RF programming method"),
169               rtw_sysctl_verify_rfprog, 0, &rtw_rfprog_fallback, 0,
170               CTL_CREATE, CTL_EOL)) != 0)
171                     goto err;
172 
173           /* force host to control RF I/O bus */
174           if ((rc = sysctl_createv(clog, 0, &rnode, &cnode,
175               CTLFLAG_PERMANENT | CTLFLAG_READWRITE, CTLTYPE_INT,
176               "host_rfio", SYSCTL_DESCR("Enable host control of RF I/O"),
177               rtw_sysctl_verify_rfio, 0, &rtw_host_rfio, 0,
178               CTL_CREATE, CTL_EOL)) != 0)
179                     goto err;
180 
181           return;
182 err:
183           printf("%s: sysctl_createv failed (rc = %d)\n", __func__, rc);
184 }
185 
186 static int
rtw_sysctl_verify(SYSCTLFN_ARGS,int lower,int upper)187 rtw_sysctl_verify(SYSCTLFN_ARGS, int lower, int upper)
188 {
189           int error, t;
190           struct sysctlnode node;
191 
192           node = *rnode;
193           t = *(int*)rnode->sysctl_data;
194           node.sysctl_data = &t;
195           error = sysctl_lookup(SYSCTLFN_CALL(&node));
196           if (error || newp == NULL)
197                     return (error);
198 
199           if (t < lower || t > upper)
200                     return (EINVAL);
201 
202           *(int*)rnode->sysctl_data = t;
203 
204           return (0);
205 }
206 
207 static int
rtw_sysctl_verify_rfprog(SYSCTLFN_ARGS)208 rtw_sysctl_verify_rfprog(SYSCTLFN_ARGS)
209 {
210           return rtw_sysctl_verify(SYSCTLFN_CALL(__UNCONST(rnode)), 0,
211               __SHIFTOUT(RTW_CONFIG4_RFTYPE_MASK, RTW_CONFIG4_RFTYPE_MASK));
212 }
213 
214 static int
rtw_sysctl_verify_rfio(SYSCTLFN_ARGS)215 rtw_sysctl_verify_rfio(SYSCTLFN_ARGS)
216 {
217           return rtw_sysctl_verify(SYSCTLFN_CALL(__UNCONST(rnode)), 0, 1);
218 }
219 
220 #ifdef RTW_DEBUG
221 static int
rtw_sysctl_verify_debug(SYSCTLFN_ARGS)222 rtw_sysctl_verify_debug(SYSCTLFN_ARGS)
223 {
224           return rtw_sysctl_verify(SYSCTLFN_CALL(__UNCONST(rnode)),
225               0, RTW_DEBUG_MAX);
226 }
227 
228 static int
rtw_sysctl_verify_rxbufs_limit(SYSCTLFN_ARGS)229 rtw_sysctl_verify_rxbufs_limit(SYSCTLFN_ARGS)
230 {
231           return rtw_sysctl_verify(SYSCTLFN_CALL(__UNCONST(rnode)),
232               0, RTW_RXQLEN);
233 }
234 
235 static void
rtw_print_regs(struct rtw_regs * regs,const char * dvname,const char * where)236 rtw_print_regs(struct rtw_regs *regs, const char *dvname, const char *where)
237 {
238 #define PRINTREG32(sc, reg)                                 \
239           RTW_DPRINTF(RTW_DEBUG_REGDUMP,                              \
240               ("%s: reg[ " #reg " / %03x ] = %08x\n",       \
241               dvname, reg, RTW_READ(regs, reg)))
242 
243 #define PRINTREG16(sc, reg)                                 \
244           RTW_DPRINTF(RTW_DEBUG_REGDUMP,                              \
245               ("%s: reg[ " #reg " / %03x ] = %04x\n",       \
246               dvname, reg, RTW_READ16(regs, reg)))
247 
248 #define PRINTREG8(sc, reg)                                  \
249           RTW_DPRINTF(RTW_DEBUG_REGDUMP,                              \
250               ("%s: reg[ " #reg " / %03x ] = %02x\n",       \
251               dvname, reg, RTW_READ8(regs, reg)))
252 
253           RTW_DPRINTF(RTW_DEBUG_REGDUMP, ("%s: %s\n", dvname, where));
254 
255           PRINTREG32(regs, RTW_IDR0);
256           PRINTREG32(regs, RTW_IDR1);
257           PRINTREG32(regs, RTW_MAR0);
258           PRINTREG32(regs, RTW_MAR1);
259           PRINTREG32(regs, RTW_TSFTRL);
260           PRINTREG32(regs, RTW_TSFTRH);
261           PRINTREG32(regs, RTW_TLPDA);
262           PRINTREG32(regs, RTW_TNPDA);
263           PRINTREG32(regs, RTW_THPDA);
264           PRINTREG32(regs, RTW_TCR);
265           PRINTREG32(regs, RTW_RCR);
266           PRINTREG32(regs, RTW_TINT);
267           PRINTREG32(regs, RTW_TBDA);
268           PRINTREG32(regs, RTW_ANAPARM);
269           PRINTREG32(regs, RTW_BB);
270           PRINTREG32(regs, RTW_PHYCFG);
271           PRINTREG32(regs, RTW_WAKEUP0L);
272           PRINTREG32(regs, RTW_WAKEUP0H);
273           PRINTREG32(regs, RTW_WAKEUP1L);
274           PRINTREG32(regs, RTW_WAKEUP1H);
275           PRINTREG32(regs, RTW_WAKEUP2LL);
276           PRINTREG32(regs, RTW_WAKEUP2LH);
277           PRINTREG32(regs, RTW_WAKEUP2HL);
278           PRINTREG32(regs, RTW_WAKEUP2HH);
279           PRINTREG32(regs, RTW_WAKEUP3LL);
280           PRINTREG32(regs, RTW_WAKEUP3LH);
281           PRINTREG32(regs, RTW_WAKEUP3HL);
282           PRINTREG32(regs, RTW_WAKEUP3HH);
283           PRINTREG32(regs, RTW_WAKEUP4LL);
284           PRINTREG32(regs, RTW_WAKEUP4LH);
285           PRINTREG32(regs, RTW_WAKEUP4HL);
286           PRINTREG32(regs, RTW_WAKEUP4HH);
287           PRINTREG32(regs, RTW_DK0);
288           PRINTREG32(regs, RTW_DK1);
289           PRINTREG32(regs, RTW_DK2);
290           PRINTREG32(regs, RTW_DK3);
291           PRINTREG32(regs, RTW_RETRYCTR);
292           PRINTREG32(regs, RTW_RDSAR);
293           PRINTREG32(regs, RTW_FER);
294           PRINTREG32(regs, RTW_FEMR);
295           PRINTREG32(regs, RTW_FPSR);
296           PRINTREG32(regs, RTW_FFER);
297 
298           /* 16-bit registers */
299           PRINTREG16(regs, RTW_BRSR);
300           PRINTREG16(regs, RTW_IMR);
301           PRINTREG16(regs, RTW_ISR);
302           PRINTREG16(regs, RTW_BCNITV);
303           PRINTREG16(regs, RTW_ATIMWND);
304           PRINTREG16(regs, RTW_BINTRITV);
305           PRINTREG16(regs, RTW_ATIMTRITV);
306           PRINTREG16(regs, RTW_CRC16ERR);
307           PRINTREG16(regs, RTW_CRC0);
308           PRINTREG16(regs, RTW_CRC1);
309           PRINTREG16(regs, RTW_CRC2);
310           PRINTREG16(regs, RTW_CRC3);
311           PRINTREG16(regs, RTW_CRC4);
312           PRINTREG16(regs, RTW_CWR);
313 
314           /* 8-bit registers */
315           PRINTREG8(regs, RTW_CR);
316           PRINTREG8(regs, RTW_9346CR);
317           PRINTREG8(regs, RTW_CONFIG0);
318           PRINTREG8(regs, RTW_CONFIG1);
319           PRINTREG8(regs, RTW_CONFIG2);
320           PRINTREG8(regs, RTW_MSR);
321           PRINTREG8(regs, RTW_CONFIG3);
322           PRINTREG8(regs, RTW_CONFIG4);
323           PRINTREG8(regs, RTW_TESTR);
324           PRINTREG8(regs, RTW_PSR);
325           PRINTREG8(regs, RTW_SCR);
326           PRINTREG8(regs, RTW_PHYDELAY);
327           PRINTREG8(regs, RTW_CRCOUNT);
328           PRINTREG8(regs, RTW_PHYADDR);
329           PRINTREG8(regs, RTW_PHYDATAW);
330           PRINTREG8(regs, RTW_PHYDATAR);
331           PRINTREG8(regs, RTW_CONFIG5);
332           PRINTREG8(regs, RTW_TPPOLL);
333 
334           PRINTREG16(regs, RTW_BSSID16);
335           PRINTREG32(regs, RTW_BSSID32);
336 #undef PRINTREG32
337 #undef PRINTREG16
338 #undef PRINTREG8
339 }
340 #endif /* RTW_DEBUG */
341 
342 void
rtw_continuous_tx_enable(struct rtw_softc * sc,int enable)343 rtw_continuous_tx_enable(struct rtw_softc *sc, int enable)
344 {
345           struct rtw_regs *regs = &sc->sc_regs;
346 
347           uint32_t tcr;
348           tcr = RTW_READ(regs, RTW_TCR);
349           tcr &= ~RTW_TCR_LBK_MASK;
350           if (enable)
351                     tcr |= RTW_TCR_LBK_CONT;
352           else
353                     tcr |= RTW_TCR_LBK_NORMAL;
354           RTW_WRITE(regs, RTW_TCR, tcr);
355           RTW_SYNC(regs, RTW_TCR, RTW_TCR);
356           rtw_set_access(regs, RTW_ACCESS_ANAPARM);
357           rtw_txdac_enable(sc, !enable);
358           rtw_set_access(regs, RTW_ACCESS_ANAPARM);/* XXX Voodoo from Linux. */
359           rtw_set_access(regs, RTW_ACCESS_NONE);
360 }
361 
362 #ifdef RTW_DEBUG
363 static const char *
rtw_access_string(enum rtw_access access)364 rtw_access_string(enum rtw_access access)
365 {
366           switch (access) {
367           case RTW_ACCESS_NONE:
368                     return "none";
369           case RTW_ACCESS_CONFIG:
370                     return "config";
371           case RTW_ACCESS_ANAPARM:
372                     return "anaparm";
373           default:
374                     return "unknown";
375           }
376 }
377 #endif /* RTW_DEBUG */
378 
379 static void
rtw_set_access1(struct rtw_regs * regs,enum rtw_access naccess)380 rtw_set_access1(struct rtw_regs *regs, enum rtw_access naccess)
381 {
382           KASSERT(/* naccess >= RTW_ACCESS_NONE && */
383               naccess <= RTW_ACCESS_ANAPARM);
384           KASSERT(/* regs->r_access >= RTW_ACCESS_NONE && */
385               regs->r_access <= RTW_ACCESS_ANAPARM);
386 
387           if (naccess == regs->r_access)
388                     return;
389 
390           switch (naccess) {
391           case RTW_ACCESS_NONE:
392                     switch (regs->r_access) {
393                     case RTW_ACCESS_ANAPARM:
394                               rtw_anaparm_enable(regs, 0);
395                               /*FALLTHROUGH*/
396                     case RTW_ACCESS_CONFIG:
397                               rtw_config0123_enable(regs, 0);
398                               /*FALLTHROUGH*/
399                     case RTW_ACCESS_NONE:
400                               break;
401                     }
402                     break;
403           case RTW_ACCESS_CONFIG:
404                     switch (regs->r_access) {
405                     case RTW_ACCESS_NONE:
406                               rtw_config0123_enable(regs, 1);
407                               /*FALLTHROUGH*/
408                     case RTW_ACCESS_CONFIG:
409                               break;
410                     case RTW_ACCESS_ANAPARM:
411                               rtw_anaparm_enable(regs, 0);
412                               break;
413                     }
414                     break;
415           case RTW_ACCESS_ANAPARM:
416                     switch (regs->r_access) {
417                     case RTW_ACCESS_NONE:
418                               rtw_config0123_enable(regs, 1);
419                               /*FALLTHROUGH*/
420                     case RTW_ACCESS_CONFIG:
421                               rtw_anaparm_enable(regs, 1);
422                               /*FALLTHROUGH*/
423                     case RTW_ACCESS_ANAPARM:
424                               break;
425                     }
426                     break;
427           }
428 }
429 
430 void
rtw_set_access(struct rtw_regs * regs,enum rtw_access access)431 rtw_set_access(struct rtw_regs *regs, enum rtw_access access)
432 {
433           rtw_set_access1(regs, access);
434           RTW_DPRINTF(RTW_DEBUG_ACCESS,
435               ("%s: access %s -> %s\n", __func__,
436               rtw_access_string(regs->r_access),
437               rtw_access_string(access)));
438           regs->r_access = access;
439 }
440 
441 /*
442  * Enable registers, switch register banks.
443  */
444 void
rtw_config0123_enable(struct rtw_regs * regs,int enable)445 rtw_config0123_enable(struct rtw_regs *regs, int enable)
446 {
447           uint8_t ecr;
448           ecr = RTW_READ8(regs, RTW_9346CR);
449           ecr &= ~(RTW_9346CR_EEM_MASK | RTW_9346CR_EECS | RTW_9346CR_EESK);
450           if (enable)
451                     ecr |= RTW_9346CR_EEM_CONFIG;
452           else {
453                     RTW_WBW(regs, RTW_9346CR, MAX(RTW_CONFIG0, RTW_CONFIG3));
454                     ecr |= RTW_9346CR_EEM_NORMAL;
455           }
456           RTW_WRITE8(regs, RTW_9346CR, ecr);
457           RTW_SYNC(regs, RTW_9346CR, RTW_9346CR);
458 }
459 
460 /* requires rtw_config0123_enable(, 1) */
461 void
rtw_anaparm_enable(struct rtw_regs * regs,int enable)462 rtw_anaparm_enable(struct rtw_regs *regs, int enable)
463 {
464           uint8_t cfg3;
465 
466           cfg3 = RTW_READ8(regs, RTW_CONFIG3);
467           cfg3 |= RTW_CONFIG3_CLKRUNEN;
468           if (enable)
469                     cfg3 |= RTW_CONFIG3_PARMEN;
470           else
471                     cfg3 &= ~RTW_CONFIG3_PARMEN;
472           RTW_WRITE8(regs, RTW_CONFIG3, cfg3);
473           RTW_SYNC(regs, RTW_CONFIG3, RTW_CONFIG3);
474 }
475 
476 /* requires rtw_anaparm_enable(, 1) */
477 void
rtw_txdac_enable(struct rtw_softc * sc,int enable)478 rtw_txdac_enable(struct rtw_softc *sc, int enable)
479 {
480           uint32_t anaparm;
481           struct rtw_regs *regs = &sc->sc_regs;
482 
483           anaparm = RTW_READ(regs, RTW_ANAPARM);
484           if (enable)
485                     anaparm &= ~RTW_ANAPARM_TXDACOFF;
486           else
487                     anaparm |= RTW_ANAPARM_TXDACOFF;
488           RTW_WRITE(regs, RTW_ANAPARM, anaparm);
489           RTW_SYNC(regs, RTW_ANAPARM, RTW_ANAPARM);
490 }
491 
492 static inline int
rtw_chip_reset1(struct rtw_regs * regs,device_t dev)493 rtw_chip_reset1(struct rtw_regs *regs, device_t dev)
494 {
495           uint8_t cr;
496           int i;
497 
498           RTW_WRITE8(regs, RTW_CR, RTW_CR_RST);
499 
500           RTW_WBR(regs, RTW_CR, RTW_CR);
501 
502           for (i = 0; i < 1000; i++) {
503                     if ((cr = RTW_READ8(regs, RTW_CR) & RTW_CR_RST) == 0) {
504                               RTW_DPRINTF(RTW_DEBUG_RESET,
505                                   ("%s: reset in %dus\n", device_xname(dev), i));
506                               return 0;
507                     }
508                     RTW_RBR(regs, RTW_CR, RTW_CR);
509                     DELAY(10); /* 10us */
510           }
511 
512           aprint_error_dev(dev, "reset failed\n");
513           return ETIMEDOUT;
514 }
515 
516 static inline int
rtw_chip_reset(struct rtw_regs * regs,device_t dev)517 rtw_chip_reset(struct rtw_regs *regs, device_t dev)
518 {
519           uint32_t tcr;
520 
521           /* from Linux driver */
522           tcr = RTW_TCR_CWMIN | RTW_TCR_MXDMA_2048 |
523                 __SHIFTIN(7, RTW_TCR_SRL_MASK) | __SHIFTIN(7, RTW_TCR_LRL_MASK);
524 
525           RTW_WRITE(regs, RTW_TCR, tcr);
526 
527           RTW_WBW(regs, RTW_CR, RTW_TCR);
528 
529           return rtw_chip_reset1(regs, dev);
530 }
531 
532 static int
rtw_wep_decap(struct ieee80211_key * k,struct mbuf * m,int hdrlen)533 rtw_wep_decap(struct ieee80211_key *k, struct mbuf *m, int hdrlen)
534 {
535           struct ieee80211_key keycopy;
536 
537           RTW_DPRINTF(RTW_DEBUG_KEY, ("%s:\n", __func__));
538 
539           keycopy = *k;
540           keycopy.wk_flags &= ~IEEE80211_KEY_SWCRYPT;
541 
542           return (*ieee80211_cipher_wep.ic_decap)(&keycopy, m, hdrlen);
543 }
544 
545 static int
rtw_key_delete(struct ieee80211com * ic,const struct ieee80211_key * k)546 rtw_key_delete(struct ieee80211com *ic, const struct ieee80211_key *k)
547 {
548           struct rtw_softc *sc = ic->ic_ifp->if_softc;
549 
550           DPRINTF(sc, RTW_DEBUG_KEY, ("%s: delete key %u\n", __func__,
551               k->wk_keyix));
552 
553           KASSERT(k->wk_keyix < IEEE80211_WEP_NKID);
554 
555           if (k->wk_keylen != 0 &&
556               k->wk_cipher->ic_cipher == IEEE80211_CIPHER_WEP)
557                     sc->sc_flags &= ~RTW_F_DK_VALID;
558 
559           return 1;
560 }
561 
562 static int
rtw_key_set(struct ieee80211com * ic,const struct ieee80211_key * k,const uint8_t mac[IEEE80211_ADDR_LEN])563 rtw_key_set(struct ieee80211com *ic, const struct ieee80211_key *k,
564     const uint8_t mac[IEEE80211_ADDR_LEN])
565 {
566           struct rtw_softc *sc = ic->ic_ifp->if_softc;
567 
568           DPRINTF(sc, RTW_DEBUG_KEY, ("%s: set key %u\n", __func__, k->wk_keyix));
569 
570           KASSERT(k->wk_keyix < IEEE80211_WEP_NKID);
571 
572           sc->sc_flags &= ~RTW_F_DK_VALID;
573 
574           return 1;
575 }
576 
577 static void
rtw_key_update_begin(struct ieee80211com * ic)578 rtw_key_update_begin(struct ieee80211com *ic)
579 {
580 #ifdef RTW_DEBUG
581           struct ifnet *ifp = ic->ic_ifp;
582           struct rtw_softc *sc = ifp->if_softc;
583 #endif
584 
585           DPRINTF(sc, RTW_DEBUG_KEY, ("%s:\n", __func__));
586 }
587 
588 static void
rtw_tx_kick(struct rtw_regs * regs,uint8_t ringsel)589 rtw_tx_kick(struct rtw_regs *regs, uint8_t ringsel)
590 {
591           uint8_t tppoll;
592 
593           tppoll = RTW_READ8(regs, RTW_TPPOLL);
594           tppoll &= ~RTW_TPPOLL_SALL;
595           tppoll |= ringsel & RTW_TPPOLL_ALL;
596           RTW_WRITE8(regs, RTW_TPPOLL, tppoll);
597           RTW_SYNC(regs, RTW_TPPOLL, RTW_TPPOLL);
598 }
599 
600 static void
rtw_key_update_end(struct ieee80211com * ic)601 rtw_key_update_end(struct ieee80211com *ic)
602 {
603           struct ifnet *ifp = ic->ic_ifp;
604           struct rtw_softc *sc = ifp->if_softc;
605 
606           DPRINTF(sc, RTW_DEBUG_KEY, ("%s:\n", __func__));
607 
608           if ((sc->sc_flags & RTW_F_DK_VALID) != 0 ||
609               !device_is_active(sc->sc_dev))
610                     return;
611 
612           rtw_io_enable(sc, RTW_CR_RE | RTW_CR_TE, 0);
613           rtw_wep_setkeys(sc, ic->ic_nw_keys, ic->ic_def_txkey);
614           rtw_io_enable(sc, RTW_CR_RE | RTW_CR_TE,
615               (ifp->if_flags & IFF_RUNNING) != 0);
616 }
617 
618 static bool
rtw_key_hwsupp(uint32_t flags,const struct ieee80211_key * k)619 rtw_key_hwsupp(uint32_t flags, const struct ieee80211_key *k)
620 {
621           if (k->wk_cipher->ic_cipher != IEEE80211_CIPHER_WEP)
622                     return false;
623 
624           return    ((flags & RTW_C_RXWEP_40) != 0 && k->wk_keylen == 5) ||
625                     ((flags & RTW_C_RXWEP_104) != 0 && k->wk_keylen == 13);
626 }
627 
628 static void
rtw_wep_setkeys(struct rtw_softc * sc,struct ieee80211_key * wk,int txkey)629 rtw_wep_setkeys(struct rtw_softc *sc, struct ieee80211_key *wk, int txkey)
630 {
631           uint8_t psr, scr;
632           int i, keylen = 0;
633           struct rtw_regs *regs;
634           union rtw_keys *rk;
635 
636           regs = &sc->sc_regs;
637           rk = &sc->sc_keys;
638 
639           (void)memset(rk, 0, sizeof(*rk));
640 
641           /* Temporarily use software crypto for all keys. */
642           for (i = 0; i < IEEE80211_WEP_NKID; i++) {
643                     if (wk[i].wk_cipher == &rtw_cipher_wep)
644                               wk[i].wk_cipher = &ieee80211_cipher_wep;
645           }
646 
647           rtw_set_access(regs, RTW_ACCESS_CONFIG);
648 
649           psr = RTW_READ8(regs, RTW_PSR);
650           scr = RTW_READ8(regs, RTW_SCR);
651           scr &= ~(RTW_SCR_KM_MASK | RTW_SCR_TXSECON | RTW_SCR_RXSECON);
652 
653           if ((sc->sc_ic.ic_flags & IEEE80211_F_PRIVACY) == 0)
654                     goto out;
655 
656           for (i = 0; i < IEEE80211_WEP_NKID; i++) {
657                     if (!rtw_key_hwsupp(sc->sc_flags, &wk[i]))
658                               continue;
659                     if (i == txkey) {
660                               keylen = wk[i].wk_keylen;
661                               break;
662                     }
663                     keylen = MAX(keylen, wk[i].wk_keylen);
664           }
665 
666           if (keylen == 5)
667                     scr |= RTW_SCR_KM_WEP40 | RTW_SCR_RXSECON;
668           else if (keylen == 13)
669                     scr |= RTW_SCR_KM_WEP104 | RTW_SCR_RXSECON;
670 
671           for (i = 0; i < IEEE80211_WEP_NKID; i++) {
672                     if (wk[i].wk_keylen != keylen ||
673                         wk[i].wk_cipher->ic_cipher != IEEE80211_CIPHER_WEP)
674                               continue;
675                     /* h/w will decrypt, s/w still strips headers */
676                     wk[i].wk_cipher = &rtw_cipher_wep;
677                     (void)memcpy(rk->rk_keys[i], wk[i].wk_key, wk[i].wk_keylen);
678           }
679 
680 out:
681           RTW_WRITE8(regs, RTW_PSR, psr & ~RTW_PSR_PSEN);
682 
683           bus_space_write_region_stream_4(regs->r_bt, regs->r_bh,
684               RTW_DK0, rk->rk_words, __arraycount(rk->rk_words));
685 
686           bus_space_barrier(regs->r_bt, regs->r_bh, RTW_DK0, sizeof(rk->rk_words),
687               BUS_SPACE_BARRIER_READ | BUS_SPACE_BARRIER_WRITE);
688 
689           RTW_DPRINTF(RTW_DEBUG_KEY,
690               ("%s.%d: scr %02" PRIx8 ", keylen %d\n", __func__, __LINE__, scr,
691                keylen));
692 
693           RTW_WBW(regs, RTW_DK0, RTW_PSR);
694           RTW_WRITE8(regs, RTW_PSR, psr);
695           RTW_WBW(regs, RTW_PSR, RTW_SCR);
696           RTW_WRITE8(regs, RTW_SCR, scr);
697           RTW_SYNC(regs, RTW_SCR, RTW_SCR);
698           rtw_set_access(regs, RTW_ACCESS_NONE);
699           sc->sc_flags |= RTW_F_DK_VALID;
700 }
701 
702 static inline int
rtw_recall_eeprom(struct rtw_regs * regs,device_t dev)703 rtw_recall_eeprom(struct rtw_regs *regs, device_t dev)
704 {
705           int i;
706           uint8_t ecr;
707 
708           ecr = RTW_READ8(regs, RTW_9346CR);
709           ecr = (ecr & ~RTW_9346CR_EEM_MASK) | RTW_9346CR_EEM_AUTOLOAD;
710           RTW_WRITE8(regs, RTW_9346CR, ecr);
711 
712           RTW_WBR(regs, RTW_9346CR, RTW_9346CR);
713 
714           /* wait 25ms for completion */
715           for (i = 0; i < 250; i++) {
716                     ecr = RTW_READ8(regs, RTW_9346CR);
717                     if ((ecr & RTW_9346CR_EEM_MASK) == RTW_9346CR_EEM_NORMAL) {
718                               RTW_DPRINTF(RTW_DEBUG_RESET,
719                                   ("%s: recall EEPROM in %dus\n", device_xname(dev),
720                                   i * 100));
721                               return 0;
722                     }
723                     RTW_RBR(regs, RTW_9346CR, RTW_9346CR);
724                     DELAY(100);
725           }
726           aprint_error_dev(dev, "recall EEPROM failed\n");
727           return ETIMEDOUT;
728 }
729 
730 static inline int
rtw_reset(struct rtw_softc * sc)731 rtw_reset(struct rtw_softc *sc)
732 {
733           int rc;
734           uint8_t config1;
735 
736           sc->sc_flags &= ~RTW_F_DK_VALID;
737 
738           if ((rc = rtw_chip_reset(&sc->sc_regs, sc->sc_dev)) != 0)
739                     return rc;
740 
741           rc = rtw_recall_eeprom(&sc->sc_regs, sc->sc_dev);
742 
743           config1 = RTW_READ8(&sc->sc_regs, RTW_CONFIG1);
744           RTW_WRITE8(&sc->sc_regs, RTW_CONFIG1, config1 & ~RTW_CONFIG1_PMEN);
745           /* TBD turn off maximum power saving? */
746 
747           return 0;
748 }
749 
750 static inline int
rtw_txdesc_dmamaps_create(bus_dma_tag_t dmat,struct rtw_txsoft * descs,u_int ndescs)751 rtw_txdesc_dmamaps_create(bus_dma_tag_t dmat, struct rtw_txsoft *descs,
752     u_int ndescs)
753 {
754           int i, rc = 0;
755           for (i = 0; i < ndescs; i++) {
756                     rc = bus_dmamap_create(dmat, MCLBYTES, RTW_MAXPKTSEGS, MCLBYTES,
757                         0, 0, &descs[i].ts_dmamap);
758                     if (rc != 0)
759                               break;
760           }
761           return rc;
762 }
763 
764 static inline int
rtw_rxdesc_dmamaps_create(bus_dma_tag_t dmat,struct rtw_rxsoft * descs,u_int ndescs)765 rtw_rxdesc_dmamaps_create(bus_dma_tag_t dmat, struct rtw_rxsoft *descs,
766     u_int ndescs)
767 {
768           int i, rc = 0;
769           for (i = 0; i < ndescs; i++) {
770                     rc = bus_dmamap_create(dmat, MCLBYTES, 1, MCLBYTES, 0, 0,
771                         &descs[i].rs_dmamap);
772                     if (rc != 0)
773                               break;
774           }
775           return rc;
776 }
777 
778 static inline void
rtw_rxdesc_dmamaps_destroy(bus_dma_tag_t dmat,struct rtw_rxsoft * descs,u_int ndescs)779 rtw_rxdesc_dmamaps_destroy(bus_dma_tag_t dmat, struct rtw_rxsoft *descs,
780     u_int ndescs)
781 {
782           int i;
783           for (i = 0; i < ndescs; i++) {
784                     if (descs[i].rs_dmamap != NULL)
785                               bus_dmamap_destroy(dmat, descs[i].rs_dmamap);
786           }
787 }
788 
789 static inline void
rtw_txdesc_dmamaps_destroy(bus_dma_tag_t dmat,struct rtw_txsoft * descs,u_int ndescs)790 rtw_txdesc_dmamaps_destroy(bus_dma_tag_t dmat, struct rtw_txsoft *descs,
791     u_int ndescs)
792 {
793           int i;
794           for (i = 0; i < ndescs; i++) {
795                     if (descs[i].ts_dmamap != NULL)
796                               bus_dmamap_destroy(dmat, descs[i].ts_dmamap);
797           }
798 }
799 
800 static inline void
rtw_srom_free(struct rtw_srom * sr)801 rtw_srom_free(struct rtw_srom *sr)
802 {
803           sr->sr_size = 0;
804           if (sr->sr_content == NULL)
805                     return;
806           free(sr->sr_content, M_DEVBUF);
807           sr->sr_content = NULL;
808 }
809 
810 static void
rtw_srom_defaults(struct rtw_srom * sr,uint32_t * flags,uint8_t * cs_threshold,enum rtw_rfchipid * rfchipid,uint32_t * rcr)811 rtw_srom_defaults(struct rtw_srom *sr, uint32_t *flags,
812     uint8_t *cs_threshold, enum rtw_rfchipid *rfchipid, uint32_t *rcr)
813 {
814           *flags |= (RTW_F_DIGPHY | RTW_F_ANTDIV);
815           *cs_threshold = RTW_SR_ENERGYDETTHR_DEFAULT;
816           *rcr |= RTW_RCR_ENCS1;
817           *rfchipid = RTW_RFCHIPID_PHILIPS;
818 }
819 
820 static int
rtw_srom_parse(struct rtw_srom * sr,uint32_t * flags,uint8_t * cs_threshold,enum rtw_rfchipid * rfchipid,uint32_t * rcr,enum rtw_locale * locale,device_t dev)821 rtw_srom_parse(struct rtw_srom *sr, uint32_t *flags, uint8_t *cs_threshold,
822     enum rtw_rfchipid *rfchipid, uint32_t *rcr, enum rtw_locale *locale,
823     device_t dev)
824 {
825           int i;
826           const char *rfname, *paname;
827           char scratch[sizeof("unknown 0xXX")];
828           uint16_t srom_version;
829 
830           *flags &= ~(RTW_F_DIGPHY | RTW_F_DFLANTB | RTW_F_ANTDIV);
831           *rcr &= ~(RTW_RCR_ENCS1 | RTW_RCR_ENCS2);
832 
833           srom_version = RTW_SR_GET16(sr, RTW_SR_VERSION);
834 
835           if (srom_version <= 0x0101) {
836                     aprint_error_dev(dev,
837                         "SROM version %d.%d is not understood, "
838                         "limping along with defaults\n",
839                         srom_version >> 8, srom_version & 0xff);
840                     rtw_srom_defaults(sr, flags, cs_threshold, rfchipid, rcr);
841                     return 0;
842           } else {
843                     aprint_verbose_dev(dev, "SROM version %d.%d\n",
844                         srom_version >> 8, srom_version & 0xff);
845           }
846 
847           uint8_t mac[IEEE80211_ADDR_LEN];
848           for (i = 0; i < IEEE80211_ADDR_LEN; i++)
849                     mac[i] = RTW_SR_GET(sr, RTW_SR_MAC + i);
850           __USE(mac);
851 
852           RTW_DPRINTF(RTW_DEBUG_ATTACH,
853               ("%s: EEPROM MAC %s\n", device_xname(dev), ether_sprintf(mac)));
854 
855           *cs_threshold = RTW_SR_GET(sr, RTW_SR_ENERGYDETTHR);
856 
857           if ((RTW_SR_GET(sr, RTW_SR_CONFIG2) & RTW_CONFIG2_ANT) != 0)
858                     *flags |= RTW_F_ANTDIV;
859 
860           /* Note well: the sense of the RTW_SR_RFPARM_DIGPHY bit seems
861            * to be reversed.
862            */
863           if ((RTW_SR_GET(sr, RTW_SR_RFPARM) & RTW_SR_RFPARM_DIGPHY) == 0)
864                     *flags |= RTW_F_DIGPHY;
865           if ((RTW_SR_GET(sr, RTW_SR_RFPARM) & RTW_SR_RFPARM_DFLANTB) != 0)
866                     *flags |= RTW_F_DFLANTB;
867 
868           *rcr |= __SHIFTIN(__SHIFTOUT(RTW_SR_GET(sr, RTW_SR_RFPARM),
869               RTW_SR_RFPARM_CS_MASK), RTW_RCR_ENCS1);
870 
871           if ((RTW_SR_GET(sr, RTW_SR_CONFIG0) & RTW_CONFIG0_WEP104) != 0)
872                     *flags |= RTW_C_RXWEP_104;
873 
874           *flags |= RTW_C_RXWEP_40;     /* XXX */
875 
876           *rfchipid = RTW_SR_GET(sr, RTW_SR_RFCHIPID);
877           switch (*rfchipid) {
878           case RTW_RFCHIPID_GCT:                  /* this combo seen in the wild */
879                     rfname = "GCT GRF5101";
880                     paname = "Winspring WS9901";
881                     break;
882           case RTW_RFCHIPID_MAXIM:
883                     rfname = "Maxim MAX2820";     /* guess */
884                     paname = "Maxim MAX2422";     /* guess */
885                     break;
886           case RTW_RFCHIPID_INTERSIL:
887                     rfname = "Intersil HFA3873";  /* guess */
888                     paname = "Intersil <unknown>";
889                     break;
890           case RTW_RFCHIPID_PHILIPS:    /* this combo seen in the wild */
891                     rfname = "Philips SA2400A";
892                     paname = "Philips SA2411";
893                     break;
894           case RTW_RFCHIPID_RFMD:
895                     /* this is the same front-end as an atw(4)! */
896                     rfname = "RFMD RF2948B, "     /* mentioned in Realtek docs */
897                                "LNA: RFMD RF2494, "         /* mentioned in Realtek docs */
898                                "SYN: Silicon Labs Si4126";  /* inferred from
899                                                                        * reference driver
900                                                                        */
901                     paname = "RFMD RF2189";                 /* mentioned in Realtek docs */
902                     break;
903           case RTW_RFCHIPID_RESERVED:
904                     rfname = paname = "reserved";
905                     break;
906           default:
907                     snprintf(scratch, sizeof(scratch), "unknown 0x%02x", *rfchipid);
908                     rfname = paname = scratch;
909           }
910           aprint_normal_dev(dev, "RF: %s, PA: %s\n", rfname, paname);
911 
912           switch (RTW_SR_GET(sr, RTW_SR_CONFIG0) & RTW_CONFIG0_GL_MASK) {
913           case RTW_CONFIG0_GL_USA:
914           case _RTW_CONFIG0_GL_USA:
915                     *locale = RTW_LOCALE_USA;
916                     break;
917           case RTW_CONFIG0_GL_EUROPE:
918                     *locale = RTW_LOCALE_EUROPE;
919                     break;
920           case RTW_CONFIG0_GL_JAPAN:
921                     *locale = RTW_LOCALE_JAPAN;
922                     break;
923           default:
924                     *locale = RTW_LOCALE_UNKNOWN;
925                     break;
926           }
927           return 0;
928 }
929 
930 /* Returns -1 on failure. */
931 static int
rtw_srom_read(struct rtw_regs * regs,uint32_t flags,struct rtw_srom * sr,device_t dev)932 rtw_srom_read(struct rtw_regs *regs, uint32_t flags, struct rtw_srom *sr,
933     device_t dev)
934 {
935           int rc;
936           struct seeprom_descriptor sd;
937           uint8_t ecr;
938 
939           (void)memset(&sd, 0, sizeof(sd));
940 
941           ecr = RTW_READ8(regs, RTW_9346CR);
942 
943           if ((flags & RTW_F_9356SROM) != 0) {
944                     RTW_DPRINTF(RTW_DEBUG_ATTACH, ("%s: 93c56 SROM\n",
945                         device_xname(dev)));
946                     sr->sr_size = 256;
947                     sd.sd_chip = C56_66;
948           } else {
949                     RTW_DPRINTF(RTW_DEBUG_ATTACH, ("%s: 93c46 SROM\n",
950                         device_xname(dev)));
951                     sr->sr_size = 128;
952                     sd.sd_chip = C46;
953           }
954 
955           ecr &= ~(RTW_9346CR_EEDI | RTW_9346CR_EEDO | RTW_9346CR_EESK |
956               RTW_9346CR_EEM_MASK | RTW_9346CR_EECS);
957           ecr |= RTW_9346CR_EEM_PROGRAM;
958 
959           RTW_WRITE8(regs, RTW_9346CR, ecr);
960 
961           sr->sr_content = malloc(sr->sr_size, M_DEVBUF, M_WAITOK | M_ZERO);
962 
963           /* RTL8180 has a single 8-bit register for controlling the
964            * 93cx6 SROM.  There is no "ready" bit. The RTL8180
965            * input/output sense is the reverse of read_seeprom's.
966            */
967           sd.sd_tag = regs->r_bt;
968           sd.sd_bsh = regs->r_bh;
969           sd.sd_regsize = 1;
970           sd.sd_control_offset = RTW_9346CR;
971           sd.sd_status_offset = RTW_9346CR;
972           sd.sd_dataout_offset = RTW_9346CR;
973           sd.sd_CK = RTW_9346CR_EESK;
974           sd.sd_CS = RTW_9346CR_EECS;
975           sd.sd_DI = RTW_9346CR_EEDO;
976           sd.sd_DO = RTW_9346CR_EEDI;
977           /* make read_seeprom enter EEPROM read/write mode */
978           sd.sd_MS = ecr;
979           sd.sd_RDY = 0;
980 
981           /* TBD bus barriers */
982           if (!read_seeprom(&sd, sr->sr_content, 0, sr->sr_size/2)) {
983                     aprint_error_dev(dev, "could not read SROM\n");
984                     free(sr->sr_content, M_DEVBUF);
985                     sr->sr_content = NULL;
986                     return -1;          /* XXX */
987           }
988 
989           /* end EEPROM read/write mode */
990           RTW_WRITE8(regs, RTW_9346CR,
991               (ecr & ~RTW_9346CR_EEM_MASK) | RTW_9346CR_EEM_NORMAL);
992           RTW_WBRW(regs, RTW_9346CR, RTW_9346CR);
993 
994           if ((rc = rtw_recall_eeprom(regs, dev)) != 0)
995                     return rc;
996 
997 #ifdef RTW_DEBUG
998           {
999                     int i;
1000                     RTW_DPRINTF(RTW_DEBUG_ATTACH,
1001                         ("\n%s: serial ROM:\n\t", device_xname(dev)));
1002                     for (i = 0; i < sr->sr_size/2; i++) {
1003                               if (((i % 8) == 0) && (i != 0))
1004                                         RTW_DPRINTF(RTW_DEBUG_ATTACH, ("\n\t"));
1005                               RTW_DPRINTF(RTW_DEBUG_ATTACH,
1006                                   (" %04x", sr->sr_content[i]));
1007                     }
1008                     RTW_DPRINTF(RTW_DEBUG_ATTACH, ("\n"));
1009           }
1010 #endif /* RTW_DEBUG */
1011           return 0;
1012 }
1013 
1014 static void
rtw_set_rfprog(struct rtw_regs * regs,enum rtw_rfchipid rfchipid,device_t dev)1015 rtw_set_rfprog(struct rtw_regs *regs, enum rtw_rfchipid rfchipid,
1016     device_t dev)
1017 {
1018           uint8_t cfg4;
1019           const char *method;
1020 
1021           cfg4 = RTW_READ8(regs, RTW_CONFIG4) & ~RTW_CONFIG4_RFTYPE_MASK;
1022 
1023           switch (rfchipid) {
1024           default:
1025                     cfg4 |= __SHIFTIN(rtw_rfprog_fallback, RTW_CONFIG4_RFTYPE_MASK);
1026                     method = "fallback";
1027                     break;
1028           case RTW_RFCHIPID_INTERSIL:
1029                     cfg4 |= RTW_CONFIG4_RFTYPE_INTERSIL;
1030                     method = "Intersil";
1031                     break;
1032           case RTW_RFCHIPID_PHILIPS:
1033                     cfg4 |= RTW_CONFIG4_RFTYPE_PHILIPS;
1034                     method = "Philips";
1035                     break;
1036           case RTW_RFCHIPID_GCT:        /* XXX a guess */
1037           case RTW_RFCHIPID_RFMD:
1038                     cfg4 |= RTW_CONFIG4_RFTYPE_RFMD;
1039                     method = "RFMD";
1040                     break;
1041           }
1042 
1043           RTW_WRITE8(regs, RTW_CONFIG4, cfg4);
1044 
1045           RTW_WBR(regs, RTW_CONFIG4, RTW_CONFIG4);
1046 
1047 #ifdef RTW_DEBUG
1048           RTW_DPRINTF(RTW_DEBUG_INIT,
1049               ("%s: %s RF programming method, %#02x\n", device_xname(dev), method,
1050               RTW_READ8(regs, RTW_CONFIG4)));
1051 #else
1052           __USE(method);
1053 #endif
1054 }
1055 
1056 static inline void
rtw_init_channels(enum rtw_locale locale,struct ieee80211_channel (* chans)[IEEE80211_CHAN_MAX+1],device_t dev)1057 rtw_init_channels(enum rtw_locale locale,
1058     struct ieee80211_channel (*chans)[IEEE80211_CHAN_MAX+1], device_t dev)
1059 {
1060           int i;
1061           const char *name = NULL;
1062 #define ADD_CHANNEL(_chans, _chan) do {                     \
1063           (*_chans)[_chan].ic_flags = IEEE80211_CHAN_B;               \
1064           (*_chans)[_chan].ic_freq =                                  \
1065               ieee80211_ieee2mhz(_chan, (*_chans)[_chan].ic_flags);\
1066 } while (0)
1067 
1068           switch (locale) {
1069           case RTW_LOCALE_USA:          /* 1-11 */
1070                     name = "USA";
1071                     for (i = 1; i <= 11; i++)
1072                               ADD_CHANNEL(chans, i);
1073                     break;
1074           case RTW_LOCALE_JAPAN:        /* 1-14 */
1075                     name = "Japan";
1076                     ADD_CHANNEL(chans, 14);
1077                     for (i = 1; i <= 14; i++)
1078                               ADD_CHANNEL(chans, i);
1079                     break;
1080           case RTW_LOCALE_EUROPE:       /* 1-13 */
1081                     name = "Europe";
1082                     for (i = 1; i <= 13; i++)
1083                               ADD_CHANNEL(chans, i);
1084                     break;
1085           default:                      /* 10-11 allowed by most countries */
1086                     name = "<unknown>";
1087                     for (i = 10; i <= 11; i++)
1088                               ADD_CHANNEL(chans, i);
1089                     break;
1090           }
1091           aprint_normal_dev(dev, "Geographic Location %s\n", name);
1092 #undef ADD_CHANNEL
1093 }
1094 
1095 
1096 static inline void
rtw_identify_country(struct rtw_regs * regs,enum rtw_locale * locale)1097 rtw_identify_country(struct rtw_regs *regs, enum rtw_locale *locale)
1098 {
1099           uint8_t cfg0 = RTW_READ8(regs, RTW_CONFIG0);
1100 
1101           switch (cfg0 & RTW_CONFIG0_GL_MASK) {
1102           case RTW_CONFIG0_GL_USA:
1103           case _RTW_CONFIG0_GL_USA:
1104                     *locale = RTW_LOCALE_USA;
1105                     break;
1106           case RTW_CONFIG0_GL_JAPAN:
1107                     *locale = RTW_LOCALE_JAPAN;
1108                     break;
1109           case RTW_CONFIG0_GL_EUROPE:
1110                     *locale = RTW_LOCALE_EUROPE;
1111                     break;
1112           default:
1113                     *locale = RTW_LOCALE_UNKNOWN;
1114                     break;
1115           }
1116 }
1117 
1118 static inline int
rtw_identify_sta(struct rtw_regs * regs,uint8_t (* addr)[IEEE80211_ADDR_LEN],device_t dev)1119 rtw_identify_sta(struct rtw_regs *regs, uint8_t (*addr)[IEEE80211_ADDR_LEN],
1120     device_t dev)
1121 {
1122           static const uint8_t empty_macaddr[IEEE80211_ADDR_LEN] = {
1123                     0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1124           };
1125           uint32_t idr0 = RTW_READ(regs, RTW_IDR0),
1126                      idr1 = RTW_READ(regs, RTW_IDR1);
1127 
1128           (*addr)[0] = __SHIFTOUT(idr0, __BITS(0,  7));
1129           (*addr)[1] = __SHIFTOUT(idr0, __BITS(8,  15));
1130           (*addr)[2] = __SHIFTOUT(idr0, __BITS(16, 23));
1131           (*addr)[3] = __SHIFTOUT(idr0, __BITS(24, 31));
1132 
1133           (*addr)[4] = __SHIFTOUT(idr1, __BITS(0,  7));
1134           (*addr)[5] = __SHIFTOUT(idr1, __BITS(8, 15));
1135 
1136           if (IEEE80211_ADDR_EQ(addr, empty_macaddr)) {
1137                     aprint_error_dev(dev,
1138                         "could not get mac address, attach failed\n");
1139                     return ENXIO;
1140           }
1141 
1142           aprint_normal_dev(dev, "802.11 address %s\n", ether_sprintf(*addr));
1143 
1144           return 0;
1145 }
1146 
1147 static uint8_t
rtw_chan2txpower(struct rtw_srom * sr,struct ieee80211com * ic,struct ieee80211_channel * chan)1148 rtw_chan2txpower(struct rtw_srom *sr, struct ieee80211com *ic,
1149     struct ieee80211_channel *chan)
1150 {
1151           u_int idx = RTW_SR_TXPOWER1 + ieee80211_chan2ieee(ic, chan) - 1;
1152           KASSERT(idx >= RTW_SR_TXPOWER1 && idx <= RTW_SR_TXPOWER14);
1153           return RTW_SR_GET(sr, idx);
1154 }
1155 
1156 static void
rtw_txdesc_blk_init_all(struct rtw_txdesc_blk * tdb)1157 rtw_txdesc_blk_init_all(struct rtw_txdesc_blk *tdb)
1158 {
1159           int pri;
1160           /* nfree: the number of free descriptors in each ring.
1161            * The beacon ring is a special case: I do not let the
1162            * driver use all of the descriptors on the beacon ring.
1163            * The reasons are two-fold:
1164            *
1165            * (1) A BEACON descriptor's OWN bit is (apparently) not
1166            * updated, so the driver cannot easily know if the descriptor
1167            * belongs to it, or if it is racing the NIC.  If the NIC
1168            * does not OWN every descriptor, then the driver can safely
1169            * update the descriptors when RTW_TBDA points at tdb_next.
1170            *
1171            * (2) I hope that the NIC will process more than one BEACON
1172            * descriptor in a single beacon interval, since that will
1173            * enable multiple-BSS support.  Since the NIC does not
1174            * clear the OWN bit, there is no natural place for it to
1175            * stop processing BEACON descriptors.  Maybe it will *not*
1176            * stop processing them!  I do not want to chance the NIC
1177            * looping around and around a saturated beacon ring, so
1178            * I will leave one descriptor unOWNed at all times.
1179            */
1180           u_int nfree[RTW_NTXPRI] =
1181               {RTW_NTXDESCLO, RTW_NTXDESCMD, RTW_NTXDESCHI,
1182                RTW_NTXDESCBCN - 1};
1183 
1184           for (pri = 0; pri < RTW_NTXPRI; pri++) {
1185                     tdb[pri].tdb_nfree = nfree[pri];
1186                     tdb[pri].tdb_next = 0;
1187           }
1188 }
1189 
1190 static int
rtw_txsoft_blk_init(struct rtw_txsoft_blk * tsb)1191 rtw_txsoft_blk_init(struct rtw_txsoft_blk *tsb)
1192 {
1193           int i;
1194           struct rtw_txsoft *ts;
1195 
1196           SIMPLEQ_INIT(&tsb->tsb_dirtyq);
1197           SIMPLEQ_INIT(&tsb->tsb_freeq);
1198           for (i = 0; i < tsb->tsb_ndesc; i++) {
1199                     ts = &tsb->tsb_desc[i];
1200                     ts->ts_mbuf = NULL;
1201                     SIMPLEQ_INSERT_TAIL(&tsb->tsb_freeq, ts, ts_q);
1202           }
1203           tsb->tsb_tx_timer = 0;
1204           return 0;
1205 }
1206 
1207 static void
rtw_txsoft_blk_init_all(struct rtw_txsoft_blk * tsb)1208 rtw_txsoft_blk_init_all(struct rtw_txsoft_blk *tsb)
1209 {
1210           int pri;
1211           for (pri = 0; pri < RTW_NTXPRI; pri++)
1212                     rtw_txsoft_blk_init(&tsb[pri]);
1213 }
1214 
1215 static inline void
rtw_rxdescs_sync(struct rtw_rxdesc_blk * rdb,int desc0,int nsync,int ops)1216 rtw_rxdescs_sync(struct rtw_rxdesc_blk *rdb, int desc0, int nsync, int ops)
1217 {
1218           KASSERT(nsync <= rdb->rdb_ndesc);
1219           /* sync to end of ring */
1220           if (desc0 + nsync > rdb->rdb_ndesc) {
1221                     bus_dmamap_sync(rdb->rdb_dmat, rdb->rdb_dmamap,
1222                         offsetof(struct rtw_descs, hd_rx[desc0]),
1223                         sizeof(struct rtw_rxdesc) * (rdb->rdb_ndesc - desc0), ops);
1224                     nsync -= (rdb->rdb_ndesc - desc0);
1225                     desc0 = 0;
1226           }
1227 
1228           KASSERT(desc0 < rdb->rdb_ndesc);
1229           KASSERT(nsync <= rdb->rdb_ndesc);
1230           KASSERT(desc0 + nsync <= rdb->rdb_ndesc);
1231 
1232           /* sync what remains */
1233           bus_dmamap_sync(rdb->rdb_dmat, rdb->rdb_dmamap,
1234               offsetof(struct rtw_descs, hd_rx[desc0]),
1235               sizeof(struct rtw_rxdesc) * nsync, ops);
1236 }
1237 
1238 static void
rtw_txdescs_sync(struct rtw_txdesc_blk * tdb,u_int desc0,u_int nsync,int ops)1239 rtw_txdescs_sync(struct rtw_txdesc_blk *tdb, u_int desc0, u_int nsync, int ops)
1240 {
1241           /* sync to end of ring */
1242           if (desc0 + nsync > tdb->tdb_ndesc) {
1243                     bus_dmamap_sync(tdb->tdb_dmat, tdb->tdb_dmamap,
1244                         tdb->tdb_ofs + sizeof(struct rtw_txdesc) * desc0,
1245                         sizeof(struct rtw_txdesc) * (tdb->tdb_ndesc - desc0),
1246                         ops);
1247                     nsync -= (tdb->tdb_ndesc - desc0);
1248                     desc0 = 0;
1249           }
1250 
1251           /* sync what remains */
1252           bus_dmamap_sync(tdb->tdb_dmat, tdb->tdb_dmamap,
1253               tdb->tdb_ofs + sizeof(struct rtw_txdesc) * desc0,
1254               sizeof(struct rtw_txdesc) * nsync, ops);
1255 }
1256 
1257 static void
rtw_txdescs_sync_all(struct rtw_txdesc_blk * tdb)1258 rtw_txdescs_sync_all(struct rtw_txdesc_blk *tdb)
1259 {
1260           int pri;
1261           for (pri = 0; pri < RTW_NTXPRI; pri++) {
1262                     rtw_txdescs_sync(&tdb[pri], 0, tdb[pri].tdb_ndesc,
1263                         BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
1264           }
1265 }
1266 
1267 static void
rtw_rxbufs_release(bus_dma_tag_t dmat,struct rtw_rxsoft * desc)1268 rtw_rxbufs_release(bus_dma_tag_t dmat, struct rtw_rxsoft *desc)
1269 {
1270           int i;
1271           struct rtw_rxsoft *rs;
1272 
1273           for (i = 0; i < RTW_RXQLEN; i++) {
1274                     rs = &desc[i];
1275                     if (rs->rs_mbuf == NULL)
1276                               continue;
1277                     bus_dmamap_sync(dmat, rs->rs_dmamap, 0,
1278                         rs->rs_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD);
1279                     bus_dmamap_unload(dmat, rs->rs_dmamap);
1280                     m_freem(rs->rs_mbuf);
1281                     rs->rs_mbuf = NULL;
1282           }
1283 }
1284 
1285 static inline int
rtw_rxsoft_alloc(bus_dma_tag_t dmat,struct rtw_rxsoft * rs)1286 rtw_rxsoft_alloc(bus_dma_tag_t dmat, struct rtw_rxsoft *rs)
1287 {
1288           int rc;
1289           struct mbuf *m;
1290 
1291           MGETHDR(m, M_DONTWAIT, MT_DATA);
1292           if (m == NULL)
1293                     return ENOBUFS;
1294 
1295           MCLGET(m, M_DONTWAIT);
1296           if ((m->m_flags & M_EXT) == 0) {
1297                     m_freem(m);
1298                     return ENOBUFS;
1299           }
1300 
1301           m->m_pkthdr.len = m->m_len = m->m_ext.ext_size;
1302 
1303           if (rs->rs_mbuf != NULL)
1304                     bus_dmamap_unload(dmat, rs->rs_dmamap);
1305 
1306           rs->rs_mbuf = NULL;
1307 
1308           rc = bus_dmamap_load_mbuf(dmat, rs->rs_dmamap, m, BUS_DMA_NOWAIT);
1309           if (rc != 0) {
1310                     m_freem(m);
1311                     return -1;
1312           }
1313 
1314           rs->rs_mbuf = m;
1315 
1316           return 0;
1317 }
1318 
1319 static int
rtw_rxsoft_init_all(bus_dma_tag_t dmat,struct rtw_rxsoft * desc,int * ndesc,device_t dev)1320 rtw_rxsoft_init_all(bus_dma_tag_t dmat, struct rtw_rxsoft *desc,
1321     int *ndesc, device_t dev)
1322 {
1323           int i, rc = 0;
1324           struct rtw_rxsoft *rs;
1325 
1326           for (i = 0; i < RTW_RXQLEN; i++) {
1327                     rs = &desc[i];
1328                     /* we're in rtw_init, so there should be no mbufs allocated */
1329                     KASSERT(rs->rs_mbuf == NULL);
1330 #ifdef RTW_DEBUG
1331                     if (i == rtw_rxbufs_limit) {
1332                               aprint_error_dev(dev, "TEST hit %d-buffer limit\n", i);
1333                               rc = ENOBUFS;
1334                               break;
1335                     }
1336 #endif /* RTW_DEBUG */
1337                     if ((rc = rtw_rxsoft_alloc(dmat, rs)) != 0) {
1338                               aprint_error_dev(dev,
1339                                   "rtw_rxsoft_alloc failed, %d buffers, rc %d\n",
1340                                   i, rc);
1341                               break;
1342                     }
1343           }
1344           *ndesc = i;
1345           return rc;
1346 }
1347 
1348 static inline void
rtw_rxdesc_init(struct rtw_rxdesc_blk * rdb,struct rtw_rxsoft * rs,int idx,int kick)1349 rtw_rxdesc_init(struct rtw_rxdesc_blk *rdb, struct rtw_rxsoft *rs,
1350     int idx, int kick)
1351 {
1352           int is_last = (idx == rdb->rdb_ndesc - 1);
1353           uint32_t ctl, octl, obuf;
1354           struct rtw_rxdesc *rd = &rdb->rdb_desc[idx];
1355 
1356           /* sync the mbuf before the descriptor */
1357           bus_dmamap_sync(rdb->rdb_dmat, rs->rs_dmamap, 0,
1358               rs->rs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD);
1359 
1360           obuf = rd->rd_buf;
1361           rd->rd_buf = htole32(rs->rs_dmamap->dm_segs[0].ds_addr);
1362 
1363           ctl = __SHIFTIN(rs->rs_mbuf->m_len, RTW_RXCTL_LENGTH_MASK) |
1364               RTW_RXCTL_OWN | RTW_RXCTL_FS | RTW_RXCTL_LS;
1365 
1366           if (is_last)
1367                     ctl |= RTW_RXCTL_EOR;
1368 
1369           octl = rd->rd_ctl;
1370           rd->rd_ctl = htole32(ctl);
1371 
1372 #ifdef RTW_DEBUG
1373           RTW_DPRINTF(
1374               kick ? (RTW_DEBUG_RECV_DESC | RTW_DEBUG_IO_KICK)
1375                      : RTW_DEBUG_RECV_DESC,
1376               ("%s: rd %p buf %08x -> %08x ctl %08x -> %08x\n", __func__, rd,
1377                le32toh(obuf), le32toh(rd->rd_buf), le32toh(octl),
1378                le32toh(rd->rd_ctl)));
1379 #else
1380           __USE(octl);
1381           __USE(obuf);
1382 #endif
1383 
1384           /* sync the descriptor */
1385           bus_dmamap_sync(rdb->rdb_dmat, rdb->rdb_dmamap,
1386               RTW_DESC_OFFSET(hd_rx, idx), sizeof(struct rtw_rxdesc),
1387               BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
1388 }
1389 
1390 static void
rtw_rxdesc_init_all(struct rtw_rxdesc_blk * rdb,struct rtw_rxsoft * ctl,int kick)1391 rtw_rxdesc_init_all(struct rtw_rxdesc_blk *rdb, struct rtw_rxsoft *ctl, int kick)
1392 {
1393           int i;
1394           struct rtw_rxsoft *rs;
1395 
1396           for (i = 0; i < rdb->rdb_ndesc; i++) {
1397                     rs = &ctl[i];
1398                     rtw_rxdesc_init(rdb, rs, i, kick);
1399           }
1400 }
1401 
1402 static void
rtw_io_enable(struct rtw_softc * sc,uint8_t flags,int enable)1403 rtw_io_enable(struct rtw_softc *sc, uint8_t flags, int enable)
1404 {
1405           struct rtw_regs *regs = &sc->sc_regs;
1406           uint8_t cr;
1407 
1408           RTW_DPRINTF(RTW_DEBUG_IOSTATE, ("%s: %s 0x%02x\n", __func__,
1409               enable ? "enable" : "disable", flags));
1410 
1411           cr = RTW_READ8(regs, RTW_CR);
1412 
1413           /* XXX reference source does not enable MULRW */
1414           /* enable PCI Read/Write Multiple */
1415           cr |= RTW_CR_MULRW;
1416 
1417           /* The receive engine will always start at RDSAR.  */
1418           if (enable && (flags & ~cr & RTW_CR_RE)) {
1419                     struct rtw_rxdesc_blk *rdb;
1420                     rdb = &sc->sc_rxdesc_blk;
1421                     rdb->rdb_next = 0;
1422           }
1423 
1424           RTW_RBW(regs, RTW_CR, RTW_CR);          /* XXX paranoia? */
1425           if (enable)
1426                     cr |= flags;
1427           else
1428                     cr &= ~flags;
1429           RTW_WRITE8(regs, RTW_CR, cr);
1430           RTW_SYNC(regs, RTW_CR, RTW_CR);
1431 
1432 #ifdef RTW_DIAG
1433           if (cr & RTW_CR_TE)
1434                     rtw_txring_fixup(sc, __func__, __LINE__);
1435 #endif
1436           if (cr & RTW_CR_TE) {
1437                     rtw_tx_kick(&sc->sc_regs,
1438                         RTW_TPPOLL_HPQ | RTW_TPPOLL_NPQ | RTW_TPPOLL_LPQ);
1439           }
1440 }
1441 
1442 static void
rtw_intr_rx(struct rtw_softc * sc,uint16_t isr)1443 rtw_intr_rx(struct rtw_softc *sc, uint16_t isr)
1444 {
1445 #define   IS_BEACON(__fc0)                                                      \
1446     ((__fc0 & (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==\
1447      (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_BEACON))
1448 
1449           static const int ratetbl[4] = {2, 4, 11, 22};     /* convert rates:
1450                                                                        * hardware -> net80211
1451                                                                        */
1452           u_int next, nproc = 0;
1453           int hwrate, len, rate, rssi, sq, s;
1454           uint32_t hrssi, hstat, htsfth, htsftl;
1455           struct rtw_rxdesc *rd;
1456           struct rtw_rxsoft *rs;
1457           struct rtw_rxdesc_blk *rdb;
1458           struct mbuf *m;
1459           struct ifnet *ifp = &sc->sc_if;
1460 
1461           struct ieee80211_node *ni;
1462           struct ieee80211_frame_min *wh;
1463 
1464           rdb = &sc->sc_rxdesc_blk;
1465 
1466           for (next = rdb->rdb_next; ; next = rdb->rdb_next) {
1467                     KASSERT(next < rdb->rdb_ndesc);
1468 
1469                     rtw_rxdescs_sync(rdb, next, 1,
1470                         BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
1471                     rd = &rdb->rdb_desc[next];
1472                     rs = &sc->sc_rxsoft[next];
1473 
1474                     hstat = le32toh(rd->rd_stat);
1475                     hrssi = le32toh(rd->rd_rssi);
1476                     htsfth = le32toh(rd->rd_tsfth);
1477                     htsftl = le32toh(rd->rd_tsftl);
1478 
1479                     RTW_DPRINTF(RTW_DEBUG_RECV_DESC,
1480                         ("%s: rxdesc[%d] hstat %08x hrssi %08x htsft %08x%08x\n",
1481                         __func__, next, hstat, hrssi, htsfth, htsftl));
1482 
1483                     ++nproc;
1484 
1485                     /* still belongs to NIC */
1486                     if ((hstat & RTW_RXSTAT_OWN) != 0) {
1487                               rtw_rxdescs_sync(rdb, next, 1, BUS_DMASYNC_PREREAD);
1488                               break;
1489                     }
1490 
1491                     /* ieee80211_input() might reset the receive engine
1492                      * (e.g. by indirectly calling rtw_tune()), so save
1493                      * the next pointer here and retrieve it again on
1494                      * the next round.
1495                      */
1496                     rdb->rdb_next = (next + 1) % rdb->rdb_ndesc;
1497 
1498 #ifdef RTW_DEBUG
1499 #define PRINTSTAT(flag) do { \
1500           if ((hstat & flag) != 0) { \
1501                     printf("%s" #flag, delim); \
1502                     delim = ","; \
1503           } \
1504 } while (0)
1505                     if ((rtw_debug & RTW_DEBUG_RECV_DESC) != 0) {
1506                               const char *delim = "<";
1507                               printf("%s: ", device_xname(sc->sc_dev));
1508                               if ((hstat & RTW_RXSTAT_DEBUG) != 0) {
1509                                         printf("status %08x", hstat);
1510                                         PRINTSTAT(RTW_RXSTAT_SPLCP);
1511                                         PRINTSTAT(RTW_RXSTAT_MAR);
1512                                         PRINTSTAT(RTW_RXSTAT_PAR);
1513                                         PRINTSTAT(RTW_RXSTAT_BAR);
1514                                         PRINTSTAT(RTW_RXSTAT_PWRMGT);
1515                                         PRINTSTAT(RTW_RXSTAT_CRC32);
1516                                         PRINTSTAT(RTW_RXSTAT_ICV);
1517                                         printf(">, ");
1518                               }
1519                     }
1520 #endif /* RTW_DEBUG */
1521 
1522                     if ((hstat & RTW_RXSTAT_IOERROR) != 0) {
1523                               aprint_error_dev(sc->sc_dev,
1524                                   "DMA error/FIFO overflow %08" PRIx32 ", "
1525                                   "rx descriptor %d\n", hstat, next);
1526                               if_statinc(ifp, if_ierrors);
1527                               goto next;
1528                     }
1529 
1530                     len = __SHIFTOUT(hstat, RTW_RXSTAT_LENGTH_MASK);
1531                     if (len < IEEE80211_MIN_LEN) {
1532                               sc->sc_ic.ic_stats.is_rx_tooshort++;
1533                               goto next;
1534                     }
1535                     if (len > rs->rs_mbuf->m_len) {
1536                               aprint_error_dev(sc->sc_dev,
1537                                   "rx frame too long, %d > %d, %08" PRIx32
1538                                   ", desc %d\n",
1539                                   len, rs->rs_mbuf->m_len, hstat, next);
1540                               if_statinc(ifp, if_ierrors);
1541                               goto next;
1542                     }
1543 
1544                     hwrate = __SHIFTOUT(hstat, RTW_RXSTAT_RATE_MASK);
1545                     if (hwrate >= __arraycount(ratetbl)) {
1546                               aprint_error_dev(sc->sc_dev,
1547                                   "unknown rate #%" __PRIuBITS "\n",
1548                                   __SHIFTOUT(hstat, RTW_RXSTAT_RATE_MASK));
1549                               if_statinc(ifp, if_ierrors);
1550                               goto next;
1551                     }
1552                     rate = ratetbl[hwrate];
1553 
1554 #ifdef RTW_DEBUG
1555                     RTW_DPRINTF(RTW_DEBUG_RECV_DESC,
1556                         ("rate %d.%d Mb/s, time %08x%08x\n", (rate * 5) / 10,
1557                          (rate * 5) % 10, htsfth, htsftl));
1558 #endif /* RTW_DEBUG */
1559 
1560                     /* if bad flags, skip descriptor */
1561                     if ((hstat & RTW_RXSTAT_ONESEG) != RTW_RXSTAT_ONESEG) {
1562                               aprint_error_dev(sc->sc_dev, "too many rx segments, "
1563                                   "next=%d, %08" PRIx32 "\n", next, hstat);
1564                               goto next;
1565                     }
1566 
1567                     bus_dmamap_sync(sc->sc_dmat, rs->rs_dmamap, 0,
1568                         rs->rs_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD);
1569 
1570                     m = rs->rs_mbuf;
1571 
1572                     /* if temporarily out of memory, re-use mbuf */
1573                     switch (rtw_rxsoft_alloc(sc->sc_dmat, rs)) {
1574                     case 0:
1575                               break;
1576                     case ENOBUFS:
1577                               aprint_error_dev(sc->sc_dev,
1578                                   "rtw_rxsoft_alloc(, %d) failed, dropping packet\n",
1579                                   next);
1580                               goto next;
1581                     default:
1582                               /* XXX shorten rx ring, instead? */
1583                               aprint_error_dev(sc->sc_dev,
1584                                   "could not load DMA map\n");
1585                     }
1586 
1587                     sq = __SHIFTOUT(hrssi, RTW_RXRSSI_SQ);
1588 
1589                     if (sc->sc_rfchipid == RTW_RFCHIPID_PHILIPS)
1590                               rssi = UINT8_MAX - sq;
1591                     else {
1592                               rssi = __SHIFTOUT(hrssi, RTW_RXRSSI_IMR_RSSI);
1593                               /* TBD find out each front-end's LNA gain in the
1594                                * front-end's units
1595                                */
1596                               if ((hrssi & RTW_RXRSSI_IMR_LNA) == 0)
1597                                         rssi |= 0x80;
1598                     }
1599 
1600                     /* Note well: now we cannot recycle the rs_mbuf unless
1601                      * we restore its original length.
1602                      */
1603                     m_set_rcvif(m, ifp);
1604                     m->m_pkthdr.len = m->m_len = len;
1605 
1606                     wh = mtod(m, struct ieee80211_frame_min *);
1607 
1608                     s = splnet();
1609 
1610                     if (!IS_BEACON(wh->i_fc[0]))
1611                               sc->sc_led_state.ls_event |= RTW_LED_S_RX;
1612 
1613                     sc->sc_tsfth = htsfth;
1614 
1615 #ifdef RTW_DEBUG
1616                     if ((ifp->if_flags & (IFF_DEBUG | IFF_LINK2)) ==
1617                         (IFF_DEBUG | IFF_LINK2)) {
1618                               ieee80211_dump_pkt(mtod(m, uint8_t *), m->m_pkthdr.len,
1619                                   rate, rssi);
1620                     }
1621 #endif /* RTW_DEBUG */
1622 
1623                     if (sc->sc_radiobpf != NULL) {
1624                               struct rtw_rx_radiotap_header *rr = &sc->sc_rxtap;
1625 
1626                               rr->rr_tsft =
1627                                   htole64(((uint64_t)htsfth << 32) | htsftl);
1628 
1629                               rr->rr_flags = IEEE80211_RADIOTAP_F_FCS;
1630 
1631                               if ((hstat & RTW_RXSTAT_SPLCP) != 0)
1632                                         rr->rr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
1633                               if ((hstat & RTW_RXSTAT_CRC32) != 0)
1634                                         rr->rr_flags |= IEEE80211_RADIOTAP_F_BADFCS;
1635 
1636                               rr->rr_rate = rate;
1637 
1638                               if (sc->sc_rfchipid == RTW_RFCHIPID_PHILIPS)
1639                                         rr->rr_u.u_philips.p_antsignal = rssi;
1640                               else {
1641                                         rr->rr_u.u_other.o_antsignal = rssi;
1642                                         rr->rr_u.u_other.o_barker_lock =
1643                                             htole16(UINT8_MAX - sq);
1644                               }
1645 
1646                               bpf_mtap2(sc->sc_radiobpf,
1647                                   rr, sizeof(sc->sc_rxtapu), m, BPF_D_IN);
1648                     }
1649 
1650                     if ((hstat & RTW_RXSTAT_RES) != 0) {
1651                               m_freem(m);
1652                               splx(s);
1653                               goto next;
1654                     }
1655 
1656                     /* CRC is included with the packet; trim it off. */
1657                     m_adj(m, -IEEE80211_CRC_LEN);
1658 
1659                     /* TBD use _MAR, _BAR, _PAR flags as hints to _find_rxnode? */
1660                     ni = ieee80211_find_rxnode(&sc->sc_ic, wh);
1661                     ieee80211_input(&sc->sc_ic, m, ni, rssi, htsftl);
1662                     ieee80211_free_node(ni);
1663                     splx(s);
1664 next:
1665                     rtw_rxdesc_init(rdb, rs, next, 0);
1666           }
1667 #undef IS_BEACON
1668 }
1669 
1670 static void
rtw_txsoft_release(bus_dma_tag_t dmat,struct ieee80211com * ic,struct rtw_txsoft * ts)1671 rtw_txsoft_release(bus_dma_tag_t dmat, struct ieee80211com *ic,
1672     struct rtw_txsoft *ts)
1673 {
1674           struct mbuf *m;
1675           struct ieee80211_node *ni;
1676 
1677           m = ts->ts_mbuf;
1678           ni = ts->ts_ni;
1679           KASSERT(m != NULL);
1680           KASSERT(ni != NULL);
1681           ts->ts_mbuf = NULL;
1682           ts->ts_ni = NULL;
1683 
1684           bus_dmamap_sync(dmat, ts->ts_dmamap, 0, ts->ts_dmamap->dm_mapsize,
1685               BUS_DMASYNC_POSTWRITE);
1686           bus_dmamap_unload(dmat, ts->ts_dmamap);
1687           m_freem(m);
1688           ieee80211_free_node(ni);
1689 }
1690 
1691 static void
rtw_txsofts_release(bus_dma_tag_t dmat,struct ieee80211com * ic,struct rtw_txsoft_blk * tsb)1692 rtw_txsofts_release(bus_dma_tag_t dmat, struct ieee80211com *ic,
1693     struct rtw_txsoft_blk *tsb)
1694 {
1695           struct rtw_txsoft *ts;
1696 
1697           while ((ts = SIMPLEQ_FIRST(&tsb->tsb_dirtyq)) != NULL) {
1698                     rtw_txsoft_release(dmat, ic, ts);
1699                     SIMPLEQ_REMOVE_HEAD(&tsb->tsb_dirtyq, ts_q);
1700                     SIMPLEQ_INSERT_TAIL(&tsb->tsb_freeq, ts, ts_q);
1701           }
1702           tsb->tsb_tx_timer = 0;
1703 }
1704 
1705 static inline void
rtw_collect_txpkt(struct rtw_softc * sc,struct rtw_txdesc_blk * tdb,struct rtw_txsoft * ts,int ndesc)1706 rtw_collect_txpkt(struct rtw_softc *sc, struct rtw_txdesc_blk *tdb,
1707     struct rtw_txsoft *ts, int ndesc)
1708 {
1709           uint32_t hstat;
1710           int data_retry, rts_retry;
1711           struct rtw_txdesc *tdn;
1712           const char *condstring;
1713           struct ifnet *ifp = &sc->sc_if;
1714 
1715           rtw_txsoft_release(sc->sc_dmat, &sc->sc_ic, ts);
1716 
1717           tdb->tdb_nfree += ndesc;
1718 
1719           tdn = &tdb->tdb_desc[ts->ts_last];
1720 
1721           hstat = le32toh(tdn->td_stat);
1722           rts_retry = __SHIFTOUT(hstat, RTW_TXSTAT_RTSRETRY_MASK);
1723           data_retry = __SHIFTOUT(hstat, RTW_TXSTAT_DRC_MASK);
1724 
1725           if (rts_retry + data_retry)
1726                     if_statadd(ifp, if_collisions, rts_retry + data_retry);
1727 
1728           if ((hstat & RTW_TXSTAT_TOK) != 0)
1729                     condstring = "ok";
1730           else {
1731                     if_statinc(ifp, if_oerrors);
1732                     condstring = "error";
1733           }
1734 
1735 #ifdef RTW_DEBUG
1736           DPRINTF(sc, RTW_DEBUG_XMIT_DESC,
1737               ("%s: ts %p txdesc[%d, %d] %s tries rts %u data %u\n",
1738               device_xname(sc->sc_dev), ts, ts->ts_first, ts->ts_last,
1739               condstring, rts_retry, data_retry));
1740 #else
1741           __USE(condstring);
1742 #endif
1743 }
1744 
1745 static void
rtw_reset_oactive(struct rtw_softc * sc)1746 rtw_reset_oactive(struct rtw_softc *sc)
1747 {
1748           short oflags;
1749           int pri;
1750           struct rtw_txsoft_blk *tsb;
1751           struct rtw_txdesc_blk *tdb;
1752           oflags = sc->sc_if.if_flags;
1753           for (pri = 0; pri < RTW_NTXPRI; pri++) {
1754                     tsb = &sc->sc_txsoft_blk[pri];
1755                     tdb = &sc->sc_txdesc_blk[pri];
1756                     if (!SIMPLEQ_EMPTY(&tsb->tsb_freeq) && tdb->tdb_nfree > 0)
1757                               sc->sc_if.if_flags &= ~IFF_OACTIVE;
1758           }
1759           if (oflags != sc->sc_if.if_flags) {
1760                     DPRINTF(sc, RTW_DEBUG_OACTIVE,
1761                         ("%s: reset OACTIVE\n", __func__));
1762           }
1763 }
1764 
1765 /* Collect transmitted packets. */
1766 static bool
rtw_collect_txring(struct rtw_softc * sc,struct rtw_txsoft_blk * tsb,struct rtw_txdesc_blk * tdb,int force)1767 rtw_collect_txring(struct rtw_softc *sc, struct rtw_txsoft_blk *tsb,
1768     struct rtw_txdesc_blk *tdb, int force)
1769 {
1770           bool collected = false;
1771           int ndesc;
1772           struct rtw_txsoft *ts;
1773 
1774 #ifdef RTW_DEBUG
1775           rtw_dump_rings(sc);
1776 #endif
1777 
1778           while ((ts = SIMPLEQ_FIRST(&tsb->tsb_dirtyq)) != NULL) {
1779                     /* If we're clearing a failed transmission, only clear
1780                        up to the last packet the hardware has processed.  */
1781                     if (ts->ts_first == rtw_txring_next(&sc->sc_regs, tdb))
1782                               break;
1783 
1784                     ndesc = 1 + ts->ts_last - ts->ts_first;
1785                     if (ts->ts_last < ts->ts_first)
1786                               ndesc += tdb->tdb_ndesc;
1787 
1788                     KASSERT(ndesc > 0);
1789 
1790                     rtw_txdescs_sync(tdb, ts->ts_first, ndesc,
1791                         BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
1792 
1793                     if (force) {
1794                               int next;
1795 #ifdef RTW_DIAG
1796                               printf("%s: clearing packet, stats", __func__);
1797 #endif
1798                               for (next = ts->ts_first; ;
1799                                   next = RTW_NEXT_IDX(tdb, next)) {
1800 #ifdef RTW_DIAG
1801                                         printf(" %" PRIx32 "/%" PRIx32 "/%" PRIx32 "/%" PRIu32 "/%" PRIx32, le32toh(tdb->tdb_desc[next].td_stat), le32toh(tdb->tdb_desc[next].td_ctl1), le32toh(tdb->tdb_desc[next].td_buf), le32toh(tdb->tdb_desc[next].td_len), le32toh(tdb->tdb_desc[next].td_next));
1802 #endif
1803                                         tdb->tdb_desc[next].td_stat &=
1804                                             ~htole32(RTW_TXSTAT_OWN);
1805                                         if (next == ts->ts_last)
1806                                                   break;
1807                               }
1808                               rtw_txdescs_sync(tdb, ts->ts_first, ndesc,
1809                                   BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
1810 #ifdef RTW_DIAG
1811                               next = RTW_NEXT_IDX(tdb, next);
1812                               printf(" -> end %u stat %" PRIx32 ", was %u\n", next,
1813                                   le32toh(tdb->tdb_desc[next].td_stat),
1814                                   rtw_txring_next(&sc->sc_regs, tdb));
1815 #endif
1816                     } else if ((tdb->tdb_desc[ts->ts_last].td_stat &
1817                         htole32(RTW_TXSTAT_OWN)) != 0) {
1818                               rtw_txdescs_sync(tdb, ts->ts_last, 1,
1819                                   BUS_DMASYNC_PREREAD);
1820                               break;
1821                     }
1822 
1823                     collected = true;
1824 
1825                     rtw_collect_txpkt(sc, tdb, ts, ndesc);
1826                     SIMPLEQ_REMOVE_HEAD(&tsb->tsb_dirtyq, ts_q);
1827                     SIMPLEQ_INSERT_TAIL(&tsb->tsb_freeq, ts, ts_q);
1828           }
1829 
1830           /* no more pending transmissions, cancel watchdog */
1831           if (ts == NULL)
1832                     tsb->tsb_tx_timer = 0;
1833           rtw_reset_oactive(sc);
1834 
1835           return collected;
1836 }
1837 
1838 static void
rtw_intr_tx(struct rtw_softc * sc,uint16_t isr)1839 rtw_intr_tx(struct rtw_softc *sc, uint16_t isr)
1840 {
1841           int pri, s;
1842           struct rtw_txsoft_blk         *tsb;
1843           struct rtw_txdesc_blk         *tdb;
1844           struct ifnet *ifp = &sc->sc_if;
1845 
1846           s = splnet();
1847 
1848           for (pri = 0; pri < RTW_NTXPRI; pri++) {
1849                     tsb = &sc->sc_txsoft_blk[pri];
1850                     tdb = &sc->sc_txdesc_blk[pri];
1851                     rtw_collect_txring(sc, tsb, tdb, 0);
1852           }
1853 
1854           if ((isr & RTW_INTR_TX) != 0)
1855                     rtw_start(ifp); /* in softint */
1856 
1857           splx(s);
1858 }
1859 
1860 static void
rtw_intr_beacon(struct rtw_softc * sc,uint16_t isr)1861 rtw_intr_beacon(struct rtw_softc *sc, uint16_t isr)
1862 {
1863           u_int next;
1864           uint32_t tsfth, tsftl;
1865           struct ieee80211com *ic;
1866           struct rtw_txdesc_blk *tdb = &sc->sc_txdesc_blk[RTW_TXPRIBCN];
1867           struct rtw_txsoft_blk *tsb = &sc->sc_txsoft_blk[RTW_TXPRIBCN];
1868           struct mbuf *m;
1869           int s;
1870 
1871           s = splnet();
1872 
1873           tsfth = RTW_READ(&sc->sc_regs, RTW_TSFTRH);
1874           tsftl = RTW_READ(&sc->sc_regs, RTW_TSFTRL);
1875 
1876           if ((isr & (RTW_INTR_TBDOK | RTW_INTR_TBDER)) != 0) {
1877                     next = rtw_txring_next(&sc->sc_regs, tdb);
1878 #ifdef RTW_DEBUG
1879                     RTW_DPRINTF(RTW_DEBUG_BEACON,
1880                         ("%s: beacon ring %sprocessed, isr = %#04" PRIx16
1881                          ", next %u expected %u, %" PRIu64 "\n", __func__,
1882                          (next == tdb->tdb_next) ? "" : "un", isr, next,
1883                          tdb->tdb_next, (uint64_t)tsfth << 32 | tsftl));
1884 #else
1885                     __USE(next);
1886                     __USE(tsfth);
1887                     __USE(tsftl);
1888 #endif
1889                     if ((RTW_READ8(&sc->sc_regs, RTW_TPPOLL) & RTW_TPPOLL_BQ) == 0)
1890                               rtw_collect_txring(sc, tsb, tdb, 1);
1891           }
1892           /* Start beacon transmission. */
1893 
1894           if ((isr & RTW_INTR_BCNINT) != 0 &&
1895               sc->sc_ic.ic_state == IEEE80211_S_RUN &&
1896               SIMPLEQ_EMPTY(&tsb->tsb_dirtyq)) {
1897                     RTW_DPRINTF(RTW_DEBUG_BEACON,
1898                         ("%s: beacon prep. time, isr = %#04" PRIx16
1899                          ", %16" PRIu64 "\n", __func__, isr,
1900                          (uint64_t)tsfth << 32 | tsftl));
1901                     ic = &sc->sc_ic;
1902                     m = rtw_beacon_alloc(sc, ic->ic_bss);
1903 
1904                     if (m == NULL) {
1905                               aprint_error_dev(sc->sc_dev,
1906                                   "could not allocate beacon\n");
1907                               splx(s);
1908                               return;
1909                     }
1910                     M_SETCTX(m, ieee80211_ref_node(ic->ic_bss));
1911                     IF_ENQUEUE(&sc->sc_beaconq, m);
1912                     rtw_start(&sc->sc_if); /* in softint */
1913           }
1914 
1915           splx(s);
1916 }
1917 
1918 static void
rtw_intr_atim(struct rtw_softc * sc)1919 rtw_intr_atim(struct rtw_softc *sc)
1920 {
1921           /* TBD */
1922           return;
1923 }
1924 
1925 #ifdef RTW_DEBUG
1926 static void
rtw_dump_rings(struct rtw_softc * sc)1927 rtw_dump_rings(struct rtw_softc *sc)
1928 {
1929           struct rtw_txdesc_blk *tdb;
1930           struct rtw_rxdesc *rd;
1931           struct rtw_rxdesc_blk *rdb;
1932           int desc, pri;
1933 
1934           if ((rtw_debug & RTW_DEBUG_IO_KICK) == 0)
1935                     return;
1936 
1937           for (pri = 0; pri < RTW_NTXPRI; pri++) {
1938                     tdb = &sc->sc_txdesc_blk[pri];
1939                     printf("%s: txpri %d ndesc %d nfree %d\n", __func__, pri,
1940                         tdb->tdb_ndesc, tdb->tdb_nfree);
1941                     for (desc = 0; desc < tdb->tdb_ndesc; desc++)
1942                               rtw_print_txdesc(sc, ".", NULL, tdb, desc);
1943           }
1944 
1945           rdb = &sc->sc_rxdesc_blk;
1946 
1947           for (desc = 0; desc < RTW_RXQLEN; desc++) {
1948                     rd = &rdb->rdb_desc[desc];
1949                     printf("%s: %sctl %08x rsvd0/rssi %08x buf/tsftl %08x "
1950                         "rsvd1/tsfth %08x\n", __func__,
1951                         (desc >= rdb->rdb_ndesc) ? "UNUSED " : "",
1952                         le32toh(rd->rd_ctl), le32toh(rd->rd_rssi),
1953                         le32toh(rd->rd_buf), le32toh(rd->rd_tsfth));
1954           }
1955 }
1956 #endif /* RTW_DEBUG */
1957 
1958 static void
rtw_hwring_setup(struct rtw_softc * sc)1959 rtw_hwring_setup(struct rtw_softc *sc)
1960 {
1961           int pri;
1962           struct rtw_regs *regs = &sc->sc_regs;
1963           struct rtw_txdesc_blk *tdb;
1964 
1965           sc->sc_txdesc_blk[RTW_TXPRILO].tdb_basereg = RTW_TLPDA;
1966           sc->sc_txdesc_blk[RTW_TXPRILO].tdb_base = RTW_RING_BASE(sc, hd_txlo);
1967           sc->sc_txdesc_blk[RTW_TXPRIMD].tdb_basereg = RTW_TNPDA;
1968           sc->sc_txdesc_blk[RTW_TXPRIMD].tdb_base = RTW_RING_BASE(sc, hd_txmd);
1969           sc->sc_txdesc_blk[RTW_TXPRIHI].tdb_basereg = RTW_THPDA;
1970           sc->sc_txdesc_blk[RTW_TXPRIHI].tdb_base = RTW_RING_BASE(sc, hd_txhi);
1971           sc->sc_txdesc_blk[RTW_TXPRIBCN].tdb_basereg = RTW_TBDA;
1972           sc->sc_txdesc_blk[RTW_TXPRIBCN].tdb_base = RTW_RING_BASE(sc, hd_bcn);
1973 
1974           for (pri = 0; pri < RTW_NTXPRI; pri++) {
1975                     tdb = &sc->sc_txdesc_blk[pri];
1976                     RTW_WRITE(regs, tdb->tdb_basereg, tdb->tdb_base);
1977                     RTW_DPRINTF(RTW_DEBUG_XMIT_DESC,
1978                         ("%s: reg[tdb->tdb_basereg] <- %" PRIxPTR "\n", __func__,
1979                          (uintptr_t)tdb->tdb_base));
1980           }
1981 
1982           RTW_WRITE(regs, RTW_RDSAR, RTW_RING_BASE(sc, hd_rx));
1983 
1984           RTW_DPRINTF(RTW_DEBUG_RECV_DESC,
1985               ("%s: reg[RDSAR] <- %" PRIxPTR "\n", __func__,
1986                (uintptr_t)RTW_RING_BASE(sc, hd_rx)));
1987 
1988           RTW_SYNC(regs, RTW_TLPDA, RTW_RDSAR);
1989 
1990 }
1991 
1992 static int
rtw_swring_setup(struct rtw_softc * sc)1993 rtw_swring_setup(struct rtw_softc *sc)
1994 {
1995           int rc;
1996           struct rtw_rxdesc_blk *rdb;
1997 
1998           rtw_txdesc_blk_init_all(&sc->sc_txdesc_blk[0]);
1999 
2000           rtw_txsoft_blk_init_all(&sc->sc_txsoft_blk[0]);
2001 
2002           rdb = &sc->sc_rxdesc_blk;
2003           if ((rc = rtw_rxsoft_init_all(sc->sc_dmat, sc->sc_rxsoft, &rdb->rdb_ndesc,
2004                sc->sc_dev)) != 0 && rdb->rdb_ndesc == 0) {
2005                     aprint_error_dev(sc->sc_dev, "could not allocate rx buffers\n");
2006                     return rc;
2007           }
2008 
2009           rdb = &sc->sc_rxdesc_blk;
2010           rtw_rxdescs_sync(rdb, 0, rdb->rdb_ndesc,
2011               BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
2012           rtw_rxdesc_init_all(rdb, sc->sc_rxsoft, 1);
2013           rdb->rdb_next = 0;
2014 
2015           rtw_txdescs_sync_all(&sc->sc_txdesc_blk[0]);
2016           return 0;
2017 }
2018 
2019 static void
rtw_txdesc_blk_init(struct rtw_txdesc_blk * tdb)2020 rtw_txdesc_blk_init(struct rtw_txdesc_blk *tdb)
2021 {
2022           int i;
2023 
2024           (void)memset(tdb->tdb_desc, 0,
2025               sizeof(tdb->tdb_desc[0]) * tdb->tdb_ndesc);
2026           for (i = 0; i < tdb->tdb_ndesc; i++)
2027                     tdb->tdb_desc[i].td_next = htole32(RTW_NEXT_DESC(tdb, i));
2028 }
2029 
2030 static u_int
rtw_txring_next(struct rtw_regs * regs,struct rtw_txdesc_blk * tdb)2031 rtw_txring_next(struct rtw_regs *regs, struct rtw_txdesc_blk *tdb)
2032 {
2033           return (le32toh(RTW_READ(regs, tdb->tdb_basereg)) - tdb->tdb_base) /
2034               sizeof(struct rtw_txdesc);
2035 }
2036 
2037 #ifdef RTW_DIAG
2038 static void
rtw_txring_fixup(struct rtw_softc * sc,const char * fn,int ln)2039 rtw_txring_fixup(struct rtw_softc *sc, const char *fn, int ln)
2040 {
2041           int pri;
2042           u_int next;
2043           struct rtw_txdesc_blk *tdb;
2044           struct rtw_regs *regs = &sc->sc_regs;
2045 
2046           for (pri = 0; pri < RTW_NTXPRI; pri++) {
2047                     int i;
2048                     tdb = &sc->sc_txdesc_blk[pri];
2049                     next = rtw_txring_next(regs, tdb);
2050                     if (tdb->tdb_next == next)
2051                               continue;
2052                     for (i = 0; next != tdb->tdb_next;
2053                         next = RTW_NEXT_IDX(tdb, next), i++) {
2054                               if ((tdb->tdb_desc[next].td_stat & htole32(RTW_TXSTAT_OWN)) == 0)
2055                                         break;
2056                     }
2057                     printf("%s:%d: tx-ring %d expected next %u, read %u+%d -> %s\n", fn,
2058                         ln, pri, tdb->tdb_next, next, i, tdb->tdb_next == next ? "okay" : "BAD");
2059                     if (tdb->tdb_next == next)
2060                               continue;
2061                     tdb->tdb_next = MIN(next, tdb->tdb_ndesc - 1);
2062           }
2063 }
2064 #endif
2065 
2066 static void
rtw_txdescs_reset(struct rtw_softc * sc)2067 rtw_txdescs_reset(struct rtw_softc *sc)
2068 {
2069           int pri;
2070           struct rtw_txsoft_blk         *tsb;
2071           struct rtw_txdesc_blk         *tdb;
2072 
2073           for (pri = 0; pri < RTW_NTXPRI; pri++) {
2074                     tsb = &sc->sc_txsoft_blk[pri];
2075                     tdb = &sc->sc_txdesc_blk[pri];
2076                     rtw_collect_txring(sc, tsb, tdb, 1);
2077 #ifdef RTW_DIAG
2078                     if (!SIMPLEQ_EMPTY(&tsb->tsb_dirtyq))
2079                               printf("%s: packets left in ring %d\n", __func__, pri);
2080 #endif
2081           }
2082 }
2083 
2084 static void
rtw_intr_ioerror(struct rtw_softc * sc,uint16_t isr)2085 rtw_intr_ioerror(struct rtw_softc *sc, uint16_t isr)
2086 {
2087           int s;
2088 
2089           aprint_error_dev(sc->sc_dev, "tx fifo underflow\n");
2090 
2091           RTW_DPRINTF(RTW_DEBUG_BUGS, ("%s: cleaning up xmit, isr %" PRIx16
2092               "\n", device_xname(sc->sc_dev), isr));
2093 
2094           s = splnet();
2095 
2096 #ifdef RTW_DEBUG
2097           rtw_dump_rings(sc);
2098 #endif /* RTW_DEBUG */
2099 
2100           /* Collect tx'd packets.  XXX let's hope this stops the transmit
2101            * timeouts.
2102            */
2103           rtw_txdescs_reset(sc);
2104 
2105 #ifdef RTW_DEBUG
2106           rtw_dump_rings(sc);
2107 #endif /* RTW_DEBUG */
2108 
2109           splx(s);
2110 }
2111 
2112 static inline void
rtw_suspend_ticks(struct rtw_softc * sc)2113 rtw_suspend_ticks(struct rtw_softc *sc)
2114 {
2115           RTW_DPRINTF(RTW_DEBUG_TIMEOUT,
2116               ("%s: suspending ticks\n", device_xname(sc->sc_dev)));
2117           sc->sc_do_tick = 0;
2118 }
2119 
2120 static inline void
rtw_resume_ticks(struct rtw_softc * sc)2121 rtw_resume_ticks(struct rtw_softc *sc)
2122 {
2123           uint32_t tsftrl0, tsftrl1, next_tint;
2124 
2125           tsftrl0 = RTW_READ(&sc->sc_regs, RTW_TSFTRL);
2126 
2127           tsftrl1 = RTW_READ(&sc->sc_regs, RTW_TSFTRL);
2128           next_tint = tsftrl1 + 1000000;
2129           RTW_WRITE(&sc->sc_regs, RTW_TINT, next_tint);
2130 
2131           sc->sc_do_tick = 1;
2132 
2133 #ifdef RTW_DEBUG
2134           RTW_DPRINTF(RTW_DEBUG_TIMEOUT,
2135               ("%s: resume ticks delta %#08x now %#08x next %#08x\n",
2136               device_xname(sc->sc_dev), tsftrl1 - tsftrl0, tsftrl1, next_tint));
2137 #else
2138           __USE(tsftrl0);
2139 #endif
2140 }
2141 
2142 static void
rtw_intr_timeout(struct rtw_softc * sc)2143 rtw_intr_timeout(struct rtw_softc *sc)
2144 {
2145           int s;
2146 
2147           s = splnet();
2148           RTW_DPRINTF(RTW_DEBUG_TIMEOUT, ("%s: timeout\n", device_xname(sc->sc_dev)));
2149           if (sc->sc_do_tick)
2150                     rtw_resume_ticks(sc);
2151           splx(s);
2152 }
2153 
2154 int
rtw_intr(void * arg)2155 rtw_intr(void *arg)
2156 {
2157           struct rtw_softc *sc = arg;
2158           struct rtw_regs *regs = &sc->sc_regs;
2159           uint16_t isr;
2160           struct ifnet *ifp = &sc->sc_if;
2161 
2162           /*
2163            * If the interface isn't running, the interrupt couldn't
2164            * possibly have come from us.
2165            */
2166           if ((ifp->if_flags & IFF_RUNNING) == 0 ||
2167               !device_activation(sc->sc_dev, DEVACT_LEVEL_DRIVER)) {
2168                     RTW_DPRINTF(RTW_DEBUG_INTR, ("%s: stray interrupt\n",
2169                         device_xname(sc->sc_dev)));
2170                     return (0);
2171           }
2172 
2173           isr = RTW_READ16(regs, RTW_ISR);
2174           if (isr == 0)
2175                     return (0);
2176 
2177           /* Disable interrupts. */
2178           RTW_WRITE16(regs, RTW_IMR, 0);
2179           RTW_WBW(regs, RTW_IMR, RTW_IMR);
2180 
2181           softint_schedule(sc->sc_soft_ih);
2182           return (1);
2183 }
2184 
2185 static void
rtw_softintr(void * arg)2186 rtw_softintr(void *arg)
2187 {
2188           int i;
2189           struct rtw_softc *sc = arg;
2190           struct rtw_regs *regs = &sc->sc_regs;
2191           uint16_t isr;
2192           struct ifnet *ifp = &sc->sc_if;
2193 
2194           if ((ifp->if_flags & IFF_RUNNING) == 0 ||
2195               !device_activation(sc->sc_dev, DEVACT_LEVEL_DRIVER)) {
2196                     RTW_DPRINTF(RTW_DEBUG_INTR, ("%s: stray interrupt\n",
2197                         device_xname(sc->sc_dev)));
2198                     return;
2199           }
2200 
2201           for (i = 0; i < 10; i++) {
2202                     isr = RTW_READ16(regs, RTW_ISR);
2203 
2204                     RTW_WRITE16(regs, RTW_ISR, isr);
2205                     RTW_WBR(regs, RTW_ISR, RTW_ISR);
2206 
2207                     if (sc->sc_intr_ack != NULL)
2208                               (*sc->sc_intr_ack)(regs);
2209 
2210                     if (isr == 0)
2211                               break;
2212 
2213 #ifdef RTW_DEBUG
2214 #define PRINTINTR(flag) do { \
2215           if ((isr & flag) != 0) { \
2216                     printf("%s" #flag, delim); \
2217                     delim = ","; \
2218           } \
2219 } while (0)
2220 
2221                     if ((rtw_debug & RTW_DEBUG_INTR) != 0 && isr != 0) {
2222                               const char *delim = "<";
2223 
2224                               printf("%s: reg[ISR] = %x", device_xname(sc->sc_dev),
2225                                   isr);
2226 
2227                               PRINTINTR(RTW_INTR_TXFOVW);
2228                               PRINTINTR(RTW_INTR_TIMEOUT);
2229                               PRINTINTR(RTW_INTR_BCNINT);
2230                               PRINTINTR(RTW_INTR_ATIMINT);
2231                               PRINTINTR(RTW_INTR_TBDER);
2232                               PRINTINTR(RTW_INTR_TBDOK);
2233                               PRINTINTR(RTW_INTR_THPDER);
2234                               PRINTINTR(RTW_INTR_THPDOK);
2235                               PRINTINTR(RTW_INTR_TNPDER);
2236                               PRINTINTR(RTW_INTR_TNPDOK);
2237                               PRINTINTR(RTW_INTR_RXFOVW);
2238                               PRINTINTR(RTW_INTR_RDU);
2239                               PRINTINTR(RTW_INTR_TLPDER);
2240                               PRINTINTR(RTW_INTR_TLPDOK);
2241                               PRINTINTR(RTW_INTR_RER);
2242                               PRINTINTR(RTW_INTR_ROK);
2243 
2244                               printf(">\n");
2245                     }
2246 #undef PRINTINTR
2247 #endif /* RTW_DEBUG */
2248 
2249                     if ((isr & RTW_INTR_RX) != 0)
2250                               rtw_intr_rx(sc, isr);
2251                     if ((isr & RTW_INTR_TX) != 0)
2252                               rtw_intr_tx(sc, isr);
2253                     if ((isr & RTW_INTR_BEACON) != 0)
2254                               rtw_intr_beacon(sc, isr);
2255                     if ((isr & RTW_INTR_ATIMINT) != 0)
2256                               rtw_intr_atim(sc);
2257                     if ((isr & RTW_INTR_IOERROR) != 0)
2258                               rtw_intr_ioerror(sc, isr);
2259                     if ((isr & RTW_INTR_TIMEOUT) != 0)
2260                               rtw_intr_timeout(sc);
2261           }
2262           if (i == 10)
2263                     softint_schedule(sc->sc_soft_ih);
2264 
2265           /* Re-enable interrupts */
2266           RTW_WRITE16(regs, RTW_IMR, sc->sc_inten);
2267           RTW_WBW(regs, RTW_IMR, RTW_IMR);
2268 }
2269 
2270 /* Must be called at splnet. */
2271 static void
rtw_stop(struct ifnet * ifp,int disable)2272 rtw_stop(struct ifnet *ifp, int disable)
2273 {
2274           int pri;
2275           struct rtw_softc *sc = (struct rtw_softc *)ifp->if_softc;
2276           struct ieee80211com *ic = &sc->sc_ic;
2277           struct rtw_regs *regs = &sc->sc_regs;
2278 
2279           rtw_suspend_ticks(sc);
2280 
2281           ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
2282 
2283           if (device_has_power(sc->sc_dev)) {
2284                     /* Disable interrupts. */
2285                     RTW_WRITE16(regs, RTW_IMR, 0);
2286 
2287                     RTW_WBW(regs, RTW_TPPOLL, RTW_IMR);
2288 
2289                     /* Stop the transmit and receive processes. First stop DMA,
2290                      * then disable receiver and transmitter.
2291                      */
2292                     RTW_WRITE8(regs, RTW_TPPOLL, RTW_TPPOLL_SALL);
2293 
2294                     RTW_SYNC(regs, RTW_TPPOLL, RTW_IMR);
2295 
2296                     rtw_io_enable(sc, RTW_CR_RE | RTW_CR_TE, 0);
2297           }
2298 
2299           for (pri = 0; pri < RTW_NTXPRI; pri++) {
2300                     rtw_txsofts_release(sc->sc_dmat, &sc->sc_ic,
2301                         &sc->sc_txsoft_blk[pri]);
2302           }
2303 
2304           rtw_rxbufs_release(sc->sc_dmat, &sc->sc_rxsoft[0]);
2305 
2306           /* Mark the interface as not running.  Cancel the watchdog timer. */
2307           ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE);
2308           ifp->if_timer = 0;
2309 
2310           if (disable)
2311                     pmf_device_suspend(sc->sc_dev, &sc->sc_qual);
2312 
2313           return;
2314 }
2315 
2316 const char *
rtw_pwrstate_string(enum rtw_pwrstate power)2317 rtw_pwrstate_string(enum rtw_pwrstate power)
2318 {
2319           switch (power) {
2320           case RTW_ON:
2321                     return "on";
2322           case RTW_SLEEP:
2323                     return "sleep";
2324           case RTW_OFF:
2325                     return "off";
2326           default:
2327                     return "unknown";
2328           }
2329 }
2330 
2331 /* XXX For Maxim, I am using the RFMD settings gleaned from the
2332  * reference driver, plus a magic Maxim "ON" value that comes from
2333  * the Realtek document "Windows PG for Rtl8180."
2334  */
2335 static void
rtw_maxim_pwrstate(struct rtw_regs * regs,enum rtw_pwrstate power,int before_rf,int digphy)2336 rtw_maxim_pwrstate(struct rtw_regs *regs, enum rtw_pwrstate power,
2337     int before_rf, int digphy)
2338 {
2339           uint32_t anaparm;
2340 
2341           anaparm = RTW_READ(regs, RTW_ANAPARM);
2342           anaparm &= ~(RTW_ANAPARM_RFPOW_MASK | RTW_ANAPARM_TXDACOFF);
2343 
2344           switch (power) {
2345           case RTW_OFF:
2346                     if (before_rf)
2347                               return;
2348                     anaparm |= RTW_ANAPARM_RFPOW_MAXIM_OFF;
2349                     anaparm |= RTW_ANAPARM_TXDACOFF;
2350                     break;
2351           case RTW_SLEEP:
2352                     if (!before_rf)
2353                               return;
2354                     anaparm |= RTW_ANAPARM_RFPOW_MAXIM_SLEEP;
2355                     anaparm |= RTW_ANAPARM_TXDACOFF;
2356                     break;
2357           case RTW_ON:
2358                     if (!before_rf)
2359                               return;
2360                     anaparm |= RTW_ANAPARM_RFPOW_MAXIM_ON;
2361                     break;
2362           }
2363           RTW_DPRINTF(RTW_DEBUG_PWR,
2364               ("%s: power state %s, %s RF, reg[ANAPARM] <- %08x\n",
2365               __func__, rtw_pwrstate_string(power),
2366               (before_rf) ? "before" : "after", anaparm));
2367 
2368           RTW_WRITE(regs, RTW_ANAPARM, anaparm);
2369           RTW_SYNC(regs, RTW_ANAPARM, RTW_ANAPARM);
2370 }
2371 
2372 /* XXX I am using the RFMD settings gleaned from the reference
2373  * driver.  They agree
2374  */
2375 static void
rtw_rfmd_pwrstate(struct rtw_regs * regs,enum rtw_pwrstate power,int before_rf,int digphy)2376 rtw_rfmd_pwrstate(struct rtw_regs *regs, enum rtw_pwrstate power,
2377     int before_rf, int digphy)
2378 {
2379           uint32_t anaparm;
2380 
2381           anaparm = RTW_READ(regs, RTW_ANAPARM);
2382           anaparm &= ~(RTW_ANAPARM_RFPOW_MASK | RTW_ANAPARM_TXDACOFF);
2383 
2384           switch (power) {
2385           case RTW_OFF:
2386                     if (before_rf)
2387                               return;
2388                     anaparm |= RTW_ANAPARM_RFPOW_RFMD_OFF;
2389                     anaparm |= RTW_ANAPARM_TXDACOFF;
2390                     break;
2391           case RTW_SLEEP:
2392                     if (!before_rf)
2393                               return;
2394                     anaparm |= RTW_ANAPARM_RFPOW_RFMD_SLEEP;
2395                     anaparm |= RTW_ANAPARM_TXDACOFF;
2396                     break;
2397           case RTW_ON:
2398                     if (!before_rf)
2399                               return;
2400                     anaparm |= RTW_ANAPARM_RFPOW_RFMD_ON;
2401                     break;
2402           }
2403           RTW_DPRINTF(RTW_DEBUG_PWR,
2404               ("%s: power state %s, %s RF, reg[ANAPARM] <- %08x\n",
2405               __func__, rtw_pwrstate_string(power),
2406               (before_rf) ? "before" : "after", anaparm));
2407 
2408           RTW_WRITE(regs, RTW_ANAPARM, anaparm);
2409           RTW_SYNC(regs, RTW_ANAPARM, RTW_ANAPARM);
2410 }
2411 
2412 static void
rtw_philips_pwrstate(struct rtw_regs * regs,enum rtw_pwrstate power,int before_rf,int digphy)2413 rtw_philips_pwrstate(struct rtw_regs *regs, enum rtw_pwrstate power,
2414     int before_rf, int digphy)
2415 {
2416           uint32_t anaparm;
2417 
2418           anaparm = RTW_READ(regs, RTW_ANAPARM);
2419           anaparm &= ~(RTW_ANAPARM_RFPOW_MASK | RTW_ANAPARM_TXDACOFF);
2420 
2421           switch (power) {
2422           case RTW_OFF:
2423                     if (before_rf)
2424                               return;
2425                     anaparm |= RTW_ANAPARM_RFPOW_PHILIPS_OFF;
2426                     anaparm |= RTW_ANAPARM_TXDACOFF;
2427                     break;
2428           case RTW_SLEEP:
2429                     if (!before_rf)
2430                               return;
2431                     anaparm |= RTW_ANAPARM_RFPOW_PHILIPS_SLEEP;
2432                     anaparm |= RTW_ANAPARM_TXDACOFF;
2433                     break;
2434           case RTW_ON:
2435                     if (!before_rf)
2436                               return;
2437                     if (digphy) {
2438                               anaparm |= RTW_ANAPARM_RFPOW_DIG_PHILIPS_ON;
2439                               /* XXX guess */
2440                               anaparm |= RTW_ANAPARM_TXDACOFF;
2441                     } else
2442                               anaparm |= RTW_ANAPARM_RFPOW_ANA_PHILIPS_ON;
2443                     break;
2444           }
2445           RTW_DPRINTF(RTW_DEBUG_PWR,
2446               ("%s: power state %s, %s RF, reg[ANAPARM] <- %08x\n",
2447               __func__, rtw_pwrstate_string(power),
2448               (before_rf) ? "before" : "after", anaparm));
2449 
2450           RTW_WRITE(regs, RTW_ANAPARM, anaparm);
2451           RTW_SYNC(regs, RTW_ANAPARM, RTW_ANAPARM);
2452 }
2453 
2454 static void
rtw_pwrstate0(struct rtw_softc * sc,enum rtw_pwrstate power,int before_rf,int digphy)2455 rtw_pwrstate0(struct rtw_softc *sc, enum rtw_pwrstate power, int before_rf,
2456     int digphy)
2457 {
2458           struct rtw_regs *regs = &sc->sc_regs;
2459 
2460           rtw_set_access(regs, RTW_ACCESS_ANAPARM);
2461 
2462           (*sc->sc_pwrstate_cb)(regs, power, before_rf, digphy);
2463 
2464           rtw_set_access(regs, RTW_ACCESS_NONE);
2465 
2466           return;
2467 }
2468 
2469 static int
rtw_pwrstate(struct rtw_softc * sc,enum rtw_pwrstate power)2470 rtw_pwrstate(struct rtw_softc *sc, enum rtw_pwrstate power)
2471 {
2472           int rc;
2473 
2474           RTW_DPRINTF(RTW_DEBUG_PWR,
2475               ("%s: %s->%s\n", __func__,
2476               rtw_pwrstate_string(sc->sc_pwrstate), rtw_pwrstate_string(power)));
2477 
2478           if (sc->sc_pwrstate == power)
2479                     return 0;
2480 
2481           rtw_pwrstate0(sc, power, 1, sc->sc_flags & RTW_F_DIGPHY);
2482           rc = rtw_rf_pwrstate(sc->sc_rf, power);
2483           rtw_pwrstate0(sc, power, 0, sc->sc_flags & RTW_F_DIGPHY);
2484 
2485           switch (power) {
2486           case RTW_ON:
2487                     /* TBD set LEDs */
2488                     break;
2489           case RTW_SLEEP:
2490                     /* TBD */
2491                     break;
2492           case RTW_OFF:
2493                     /* TBD */
2494                     break;
2495           }
2496           if (rc == 0)
2497                     sc->sc_pwrstate = power;
2498           else
2499                     sc->sc_pwrstate = RTW_OFF;
2500           return rc;
2501 }
2502 
2503 static int
rtw_tune(struct rtw_softc * sc)2504 rtw_tune(struct rtw_softc *sc)
2505 {
2506           struct ieee80211com *ic = &sc->sc_ic;
2507           struct rtw_tx_radiotap_header *rt = &sc->sc_txtap;
2508           struct rtw_rx_radiotap_header *rr = &sc->sc_rxtap;
2509           u_int chan;
2510           int rc;
2511           int antdiv = sc->sc_flags & RTW_F_ANTDIV,
2512               dflantb = sc->sc_flags & RTW_F_DFLANTB;
2513 
2514           chan = ieee80211_chan2ieee(ic, ic->ic_curchan);
2515           KASSERT(chan != IEEE80211_CHAN_ANY);
2516 
2517           rt->rt_chan_freq = htole16(ic->ic_curchan->ic_freq);
2518           rt->rt_chan_flags = htole16(ic->ic_curchan->ic_flags);
2519 
2520           rr->rr_chan_freq = htole16(ic->ic_curchan->ic_freq);
2521           rr->rr_chan_flags = htole16(ic->ic_curchan->ic_flags);
2522 
2523           if (chan == sc->sc_cur_chan) {
2524                     RTW_DPRINTF(RTW_DEBUG_TUNE,
2525                         ("%s: already tuned chan #%d\n", __func__, chan));
2526                     return 0;
2527           }
2528 
2529           rtw_suspend_ticks(sc);
2530 
2531           rtw_io_enable(sc, RTW_CR_RE | RTW_CR_TE, 0);
2532 
2533           /* TBD wait for Tx to complete */
2534 
2535           KASSERT(device_has_power(sc->sc_dev));
2536 
2537           if ((rc = rtw_phy_init(&sc->sc_regs, sc->sc_rf,
2538               rtw_chan2txpower(&sc->sc_srom, ic, ic->ic_curchan), sc->sc_csthr,
2539                     ic->ic_curchan->ic_freq, antdiv, dflantb, RTW_ON)) != 0) {
2540                     /* XXX condition on powersaving */
2541                     aprint_error_dev(sc->sc_dev, "phy init failed\n");
2542           }
2543 
2544           sc->sc_cur_chan = chan;
2545 
2546           rtw_io_enable(sc, RTW_CR_RE | RTW_CR_TE, 1);
2547 
2548           rtw_resume_ticks(sc);
2549 
2550           return rc;
2551 }
2552 
2553 bool
rtw_suspend(device_t self,const pmf_qual_t * qual)2554 rtw_suspend(device_t self, const pmf_qual_t *qual)
2555 {
2556           int rc;
2557           struct rtw_softc *sc = device_private(self);
2558 
2559           sc->sc_flags &= ~RTW_F_DK_VALID;
2560 
2561           if (!device_has_power(self))
2562                     return false;
2563 
2564           /* turn off PHY */
2565           if ((rc = rtw_pwrstate(sc, RTW_OFF)) != 0) {
2566                     aprint_error_dev(self, "failed to turn off PHY (%d)\n", rc);
2567                     return false;
2568           }
2569 
2570           rtw_disable_interrupts(&sc->sc_regs);
2571 
2572           return true;
2573 }
2574 
2575 bool
rtw_resume(device_t self,const pmf_qual_t * qual)2576 rtw_resume(device_t self, const pmf_qual_t *qual)
2577 {
2578           struct rtw_softc *sc = device_private(self);
2579 
2580           /* Power may have been removed, resetting WEP keys.
2581            */
2582           sc->sc_flags &= ~RTW_F_DK_VALID;
2583           rtw_enable_interrupts(sc);
2584 
2585           return true;
2586 }
2587 
2588 static void
rtw_transmit_config(struct rtw_regs * regs)2589 rtw_transmit_config(struct rtw_regs *regs)
2590 {
2591           uint32_t tcr;
2592 
2593           tcr = RTW_READ(regs, RTW_TCR);
2594 
2595           tcr |= RTW_TCR_CWMIN;
2596           tcr &= ~RTW_TCR_MXDMA_MASK;
2597           tcr |= RTW_TCR_MXDMA_256;
2598           tcr |= RTW_TCR_SAT;           /* send ACK as fast as possible */
2599           tcr &= ~RTW_TCR_LBK_MASK;
2600           tcr |= RTW_TCR_LBK_NORMAL;    /* normal operating mode */
2601 
2602           /* set short/long retry limits */
2603           tcr &= ~(RTW_TCR_SRL_MASK | RTW_TCR_LRL_MASK);
2604           tcr |= __SHIFTIN(4, RTW_TCR_SRL_MASK) | __SHIFTIN(4, RTW_TCR_LRL_MASK);
2605 
2606           tcr &= ~RTW_TCR_CRC;          /* NIC appends CRC32 */
2607 
2608           RTW_WRITE(regs, RTW_TCR, tcr);
2609           RTW_SYNC(regs, RTW_TCR, RTW_TCR);
2610 }
2611 
2612 static void
rtw_disable_interrupts(struct rtw_regs * regs)2613 rtw_disable_interrupts(struct rtw_regs *regs)
2614 {
2615           RTW_WRITE16(regs, RTW_IMR, 0);
2616           RTW_WBW(regs, RTW_IMR, RTW_ISR);
2617           RTW_WRITE16(regs, RTW_ISR, 0xffff);
2618           RTW_SYNC(regs, RTW_IMR, RTW_ISR);
2619 }
2620 
2621 static void
rtw_enable_interrupts(struct rtw_softc * sc)2622 rtw_enable_interrupts(struct rtw_softc *sc)
2623 {
2624           struct rtw_regs *regs = &sc->sc_regs;
2625 
2626           sc->sc_inten = RTW_INTR_RX | RTW_INTR_TX | RTW_INTR_BEACON
2627               | RTW_INTR_ATIMINT;
2628           sc->sc_inten |= RTW_INTR_IOERROR | RTW_INTR_TIMEOUT;
2629 
2630           RTW_WRITE16(regs, RTW_IMR, sc->sc_inten);
2631           RTW_WBW(regs, RTW_IMR, RTW_ISR);
2632           RTW_WRITE16(regs, RTW_ISR, 0xffff);
2633           RTW_SYNC(regs, RTW_IMR, RTW_ISR);
2634 
2635           /* XXX necessary? */
2636           if (sc->sc_intr_ack != NULL)
2637                     (*sc->sc_intr_ack)(regs);
2638 }
2639 
2640 static void
rtw_set_nettype(struct rtw_softc * sc,enum ieee80211_opmode opmode)2641 rtw_set_nettype(struct rtw_softc *sc, enum ieee80211_opmode opmode)
2642 {
2643           uint8_t msr;
2644 
2645           /* I'm guessing that MSR is protected as CONFIG[0123] are. */
2646           rtw_set_access(&sc->sc_regs, RTW_ACCESS_CONFIG);
2647 
2648           msr = RTW_READ8(&sc->sc_regs, RTW_MSR) & ~RTW_MSR_NETYPE_MASK;
2649 
2650           switch (opmode) {
2651           case IEEE80211_M_AHDEMO:
2652           case IEEE80211_M_IBSS:
2653                     msr |= RTW_MSR_NETYPE_ADHOC_OK;
2654                     break;
2655           case IEEE80211_M_HOSTAP:
2656                     msr |= RTW_MSR_NETYPE_AP_OK;
2657                     break;
2658           case IEEE80211_M_MONITOR:
2659                     /* XXX */
2660                     msr |= RTW_MSR_NETYPE_NOLINK;
2661                     break;
2662           case IEEE80211_M_STA:
2663                     msr |= RTW_MSR_NETYPE_INFRA_OK;
2664                     break;
2665           }
2666           RTW_WRITE8(&sc->sc_regs, RTW_MSR, msr);
2667 
2668           rtw_set_access(&sc->sc_regs, RTW_ACCESS_NONE);
2669 }
2670 
2671 #define   rtw_calchash(addr) \
2672           (ether_crc32_be((addr), IEEE80211_ADDR_LEN) >> 26)
2673 
2674 static void
rtw_pktfilt_load(struct rtw_softc * sc)2675 rtw_pktfilt_load(struct rtw_softc *sc)
2676 {
2677           struct rtw_regs *regs = &sc->sc_regs;
2678           struct ieee80211com *ic = &sc->sc_ic;
2679           struct ethercom *ec = &sc->sc_ec;
2680           struct ifnet *ifp = &sc->sc_if;
2681           int hash;
2682           uint32_t hashes[2] = { 0, 0 };
2683           struct ether_multi *enm;
2684           struct ether_multistep step;
2685 
2686           /* XXX might be necessary to stop Rx/Tx engines while setting filters */
2687 
2688           sc->sc_rcr &= ~RTW_RCR_PKTFILTER_MASK;
2689           sc->sc_rcr &= ~(RTW_RCR_MXDMA_MASK | RTW_RCR_RXFTH_MASK);
2690 
2691           sc->sc_rcr |= RTW_RCR_PKTFILTER_DEFAULT;
2692           /* MAC auto-reset PHY (huh?) */
2693           sc->sc_rcr |= RTW_RCR_ENMARP;
2694           /* DMA whole Rx packets, only.  Set Tx DMA burst size to 1024 bytes. */
2695           sc->sc_rcr |= RTW_RCR_MXDMA_1024 | RTW_RCR_RXFTH_WHOLE;
2696 
2697           switch (ic->ic_opmode) {
2698           case IEEE80211_M_MONITOR:
2699                     sc->sc_rcr |= RTW_RCR_MONITOR;
2700                     break;
2701           case IEEE80211_M_AHDEMO:
2702           case IEEE80211_M_IBSS:
2703                     /* receive broadcasts in our BSS */
2704                     sc->sc_rcr |= RTW_RCR_ADD3;
2705                     break;
2706           default:
2707                     break;
2708           }
2709 
2710           ifp->if_flags &= ~IFF_ALLMULTI;
2711 
2712           /*
2713            * Program the 64-bit multicast hash filter.
2714            */
2715           ETHER_LOCK(ec);
2716           ETHER_FIRST_MULTI(step, ec, enm);
2717           while (enm != NULL) {
2718                     /* XXX */
2719                     if (memcmp(enm->enm_addrlo, enm->enm_addrhi,
2720                         ETHER_ADDR_LEN) != 0) {
2721                               ifp->if_flags |= IFF_ALLMULTI;
2722                               break;
2723                     }
2724 
2725                     hash = rtw_calchash(enm->enm_addrlo);
2726                     hashes[hash >> 5] |= (1 << (hash & 0x1f));
2727                     ETHER_NEXT_MULTI(step, enm);
2728           }
2729           ETHER_UNLOCK(ec);
2730 
2731           /* XXX accept all broadcast if scanning */
2732           if ((ifp->if_flags & IFF_BROADCAST) != 0)
2733                     sc->sc_rcr |= RTW_RCR_AB;     /* accept all broadcast */
2734 
2735           if (ifp->if_flags & IFF_PROMISC) {
2736                     sc->sc_rcr |= RTW_RCR_AB;     /* accept all broadcast */
2737                     sc->sc_rcr |= RTW_RCR_ACRC32; /* accept frames failing CRC */
2738                     sc->sc_rcr |= RTW_RCR_AICV;   /* accept frames failing ICV */
2739                     ifp->if_flags |= IFF_ALLMULTI;
2740           }
2741 
2742           if (ifp->if_flags & IFF_ALLMULTI)
2743                     hashes[0] = hashes[1] = 0xffffffff;
2744 
2745           if ((hashes[0] | hashes[1]) != 0)
2746                     sc->sc_rcr |= RTW_RCR_AM;     /* accept multicast */
2747 
2748           RTW_WRITE(regs, RTW_MAR0, hashes[0]);
2749           RTW_WRITE(regs, RTW_MAR1, hashes[1]);
2750           RTW_WRITE(regs, RTW_RCR, sc->sc_rcr);
2751           RTW_SYNC(regs, RTW_MAR0, RTW_RCR); /* RTW_MAR0 < RTW_MAR1 < RTW_RCR */
2752 
2753           DPRINTF(sc, RTW_DEBUG_PKTFILT,
2754               ("%s: RTW_MAR0 %08x RTW_MAR1 %08x RTW_RCR %08x\n",
2755               device_xname(sc->sc_dev), RTW_READ(regs, RTW_MAR0),
2756               RTW_READ(regs, RTW_MAR1), RTW_READ(regs, RTW_RCR)));
2757 }
2758 
2759 static struct mbuf *
rtw_beacon_alloc(struct rtw_softc * sc,struct ieee80211_node * ni)2760 rtw_beacon_alloc(struct rtw_softc *sc, struct ieee80211_node *ni)
2761 {
2762           struct ieee80211com *ic = &sc->sc_ic;
2763           struct mbuf *m;
2764           struct ieee80211_beacon_offsets         boff;
2765 
2766           if ((m = ieee80211_beacon_alloc(ic, ni, &boff)) != NULL) {
2767                     RTW_DPRINTF(RTW_DEBUG_BEACON,
2768                         ("%s: m %p len %u\n", __func__, m, m->m_len));
2769           }
2770           return m;
2771 }
2772 
2773 /* Must be called at splnet. */
2774 static int
rtw_init(struct ifnet * ifp)2775 rtw_init(struct ifnet *ifp)
2776 {
2777           struct rtw_softc *sc = (struct rtw_softc *)ifp->if_softc;
2778           struct ieee80211com *ic = &sc->sc_ic;
2779           struct rtw_regs *regs = &sc->sc_regs;
2780           int rc;
2781 
2782           if (device_is_active(sc->sc_dev)) {
2783                     /* Cancel pending I/O and reset. */
2784                     rtw_stop(ifp, 0);
2785           } else if (!pmf_device_resume(sc->sc_dev, &sc->sc_qual) ||
2786                        !device_is_active(sc->sc_dev))
2787                     return 0;
2788 
2789           DPRINTF(sc, RTW_DEBUG_TUNE, ("%s: channel %d freq %d flags 0x%04x\n",
2790               __func__, ieee80211_chan2ieee(ic, ic->ic_curchan),
2791               ic->ic_curchan->ic_freq, ic->ic_curchan->ic_flags));
2792 
2793           if ((rc = rtw_pwrstate(sc, RTW_OFF)) != 0)
2794                     goto out;
2795 
2796           if ((rc = rtw_swring_setup(sc)) != 0)
2797                     goto out;
2798 
2799           rtw_transmit_config(regs);
2800 
2801           rtw_set_access(regs, RTW_ACCESS_CONFIG);
2802 
2803           RTW_WRITE8(regs, RTW_MSR, 0x0);         /* no link */
2804           RTW_WBW(regs, RTW_MSR, RTW_BRSR);
2805 
2806           /* long PLCP header, 1Mb/2Mb basic rate */
2807           RTW_WRITE16(regs, RTW_BRSR, RTW_BRSR_MBR8180_2MBPS);
2808           RTW_SYNC(regs, RTW_BRSR, RTW_BRSR);
2809 
2810           rtw_set_access(regs, RTW_ACCESS_ANAPARM);
2811           rtw_set_access(regs, RTW_ACCESS_NONE);
2812 
2813           /* XXX from reference sources */
2814           RTW_WRITE(regs, RTW_FEMR, 0xffff);
2815           RTW_SYNC(regs, RTW_FEMR, RTW_FEMR);
2816 
2817           rtw_set_rfprog(regs, sc->sc_rfchipid, sc->sc_dev);
2818 
2819           RTW_WRITE8(regs, RTW_PHYDELAY, sc->sc_phydelay);
2820           /* from Linux driver */
2821           RTW_WRITE8(regs, RTW_CRCOUNT, RTW_CRCOUNT_MAGIC);
2822 
2823           RTW_SYNC(regs, RTW_PHYDELAY, RTW_CRCOUNT);
2824 
2825           rtw_enable_interrupts(sc);
2826 
2827           rtw_pktfilt_load(sc);
2828 
2829           rtw_hwring_setup(sc);
2830 
2831           rtw_wep_setkeys(sc, ic->ic_nw_keys, ic->ic_def_txkey);
2832 
2833           rtw_io_enable(sc, RTW_CR_RE | RTW_CR_TE, 1);
2834 
2835           ifp->if_flags |= IFF_RUNNING;
2836           ic->ic_state = IEEE80211_S_INIT;
2837 
2838           RTW_WRITE16(regs, RTW_BSSID16, 0x0);
2839           RTW_WRITE(regs, RTW_BSSID32, 0x0);
2840 
2841           rtw_resume_ticks(sc);
2842 
2843           rtw_set_nettype(sc, IEEE80211_M_MONITOR);
2844 
2845           if (ic->ic_opmode == IEEE80211_M_MONITOR)
2846                     return ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
2847           else
2848                     return ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2849 
2850 out:
2851           aprint_error_dev(sc->sc_dev, "interface not running\n");
2852           return rc;
2853 }
2854 
2855 static inline void
rtw_led_init(struct rtw_regs * regs)2856 rtw_led_init(struct rtw_regs *regs)
2857 {
2858           uint8_t cfg0, cfg1;
2859 
2860           rtw_set_access(regs, RTW_ACCESS_CONFIG);
2861 
2862           cfg0 = RTW_READ8(regs, RTW_CONFIG0);
2863           cfg0 |= RTW_CONFIG0_LEDGPOEN;
2864           RTW_WRITE8(regs, RTW_CONFIG0, cfg0);
2865 
2866           cfg1 = RTW_READ8(regs, RTW_CONFIG1);
2867           RTW_DPRINTF(RTW_DEBUG_LED,
2868               ("%s: read %" PRIx8 " from reg[CONFIG1]\n", __func__, cfg1));
2869 
2870           cfg1 &= ~RTW_CONFIG1_LEDS_MASK;
2871           cfg1 |= RTW_CONFIG1_LEDS_TX_RX;
2872           RTW_WRITE8(regs, RTW_CONFIG1, cfg1);
2873 
2874           rtw_set_access(regs, RTW_ACCESS_NONE);
2875 }
2876 
2877 /*
2878  * IEEE80211_S_INIT:                    LED1 off
2879  *
2880  * IEEE80211_S_AUTH,
2881  * IEEE80211_S_ASSOC,
2882  * IEEE80211_S_SCAN:                    LED1 blinks @ 1 Hz, blinks at 5Hz for tx/rx
2883  *
2884  * IEEE80211_S_RUN:           LED1 on, blinks @ 5Hz for tx/rx
2885  */
2886 static void
rtw_led_newstate(struct rtw_softc * sc,enum ieee80211_state nstate)2887 rtw_led_newstate(struct rtw_softc *sc, enum ieee80211_state nstate)
2888 {
2889           struct rtw_led_state *ls;
2890 
2891           ls = &sc->sc_led_state;
2892 
2893           switch (nstate) {
2894           case IEEE80211_S_INIT:
2895                     rtw_led_init(&sc->sc_regs);
2896                     aprint_debug_dev(sc->sc_dev, "stopping blink\n");
2897                     callout_stop(&ls->ls_slow_ch);
2898                     callout_stop(&ls->ls_fast_ch);
2899                     ls->ls_slowblink = 0;
2900                     ls->ls_actblink = 0;
2901                     ls->ls_default = 0;
2902                     break;
2903           case IEEE80211_S_SCAN:
2904                     aprint_debug_dev(sc->sc_dev, "scheduling blink\n");
2905                     callout_schedule(&ls->ls_slow_ch, RTW_LED_SLOW_TICKS);
2906                     callout_schedule(&ls->ls_fast_ch, RTW_LED_FAST_TICKS);
2907                     /*FALLTHROUGH*/
2908           case IEEE80211_S_AUTH:
2909           case IEEE80211_S_ASSOC:
2910                     ls->ls_default = RTW_LED1;
2911                     ls->ls_actblink = RTW_LED1;
2912                     ls->ls_slowblink = RTW_LED1;
2913                     break;
2914           case IEEE80211_S_RUN:
2915                     ls->ls_slowblink = 0;
2916                     break;
2917           }
2918           rtw_led_set(ls, &sc->sc_regs, sc->sc_hwverid);
2919 }
2920 
2921 static void
rtw_led_set(struct rtw_led_state * ls,struct rtw_regs * regs,int hwverid)2922 rtw_led_set(struct rtw_led_state *ls, struct rtw_regs *regs, int hwverid)
2923 {
2924           uint8_t led_condition;
2925           bus_size_t ofs;
2926           uint8_t mask, newval, val;
2927 
2928           led_condition = ls->ls_default;
2929 
2930           if (ls->ls_state & RTW_LED_S_SLOW)
2931                     led_condition ^= ls->ls_slowblink;
2932           if (ls->ls_state & (RTW_LED_S_RX | RTW_LED_S_TX))
2933                     led_condition ^= ls->ls_actblink;
2934 
2935           RTW_DPRINTF(RTW_DEBUG_LED,
2936               ("%s: LED condition %" PRIx8 "\n", __func__, led_condition));
2937 
2938           switch (hwverid) {
2939           default:
2940           case 'F':
2941                     ofs = RTW_PSR;
2942                     newval = mask = RTW_PSR_LEDGPO0 | RTW_PSR_LEDGPO1;
2943                     if (led_condition & RTW_LED0)
2944                               newval &= ~RTW_PSR_LEDGPO0;
2945                     if (led_condition & RTW_LED1)
2946                               newval &= ~RTW_PSR_LEDGPO1;
2947                     break;
2948           case 'D':
2949                     ofs = RTW_9346CR;
2950                     mask = RTW_9346CR_EEM_MASK | RTW_9346CR_EEDI | RTW_9346CR_EECS;
2951                     newval = RTW_9346CR_EEM_PROGRAM;
2952                     if (led_condition & RTW_LED0)
2953                               newval |= RTW_9346CR_EEDI;
2954                     if (led_condition & RTW_LED1)
2955                               newval |= RTW_9346CR_EECS;
2956                     break;
2957           }
2958           val = RTW_READ8(regs, ofs);
2959           RTW_DPRINTF(RTW_DEBUG_LED,
2960               ("%s: read %" PRIx8 " from reg[%#02" PRIxPTR "]\n", __func__, val,
2961                (uintptr_t)ofs));
2962           val &= ~mask;
2963           val |= newval;
2964           RTW_WRITE8(regs, ofs, val);
2965           RTW_DPRINTF(RTW_DEBUG_LED,
2966               ("%s: wrote %" PRIx8 " to reg[%#02" PRIxPTR "]\n", __func__, val,
2967                (uintptr_t)ofs));
2968           RTW_SYNC(regs, ofs, ofs);
2969 }
2970 
2971 static void
rtw_led_fastblink(void * arg)2972 rtw_led_fastblink(void *arg)
2973 {
2974           int ostate, s;
2975           struct rtw_softc *sc = (struct rtw_softc *)arg;
2976           struct rtw_led_state *ls = &sc->sc_led_state;
2977 
2978           s = splnet();
2979           ostate = ls->ls_state;
2980           ls->ls_state ^= ls->ls_event;
2981 
2982           if ((ls->ls_event & RTW_LED_S_TX) == 0)
2983                     ls->ls_state &= ~RTW_LED_S_TX;
2984 
2985           if ((ls->ls_event & RTW_LED_S_RX) == 0)
2986                     ls->ls_state &= ~RTW_LED_S_RX;
2987 
2988           ls->ls_event = 0;
2989 
2990           if (ostate != ls->ls_state)
2991                     rtw_led_set(ls, &sc->sc_regs, sc->sc_hwverid);
2992           splx(s);
2993 
2994           aprint_debug_dev(sc->sc_dev, "scheduling fast blink\n");
2995           callout_schedule(&ls->ls_fast_ch, RTW_LED_FAST_TICKS);
2996 }
2997 
2998 static void
rtw_led_slowblink(void * arg)2999 rtw_led_slowblink(void *arg)
3000 {
3001           int s;
3002           struct rtw_softc *sc = (struct rtw_softc *)arg;
3003           struct rtw_led_state *ls = &sc->sc_led_state;
3004 
3005           s = splnet();
3006           ls->ls_state ^= RTW_LED_S_SLOW;
3007           rtw_led_set(ls, &sc->sc_regs, sc->sc_hwverid);
3008           splx(s);
3009           aprint_debug_dev(sc->sc_dev, "scheduling slow blink\n");
3010           callout_schedule(&ls->ls_slow_ch, RTW_LED_SLOW_TICKS);
3011 }
3012 
3013 static void
rtw_led_detach(struct rtw_led_state * ls)3014 rtw_led_detach(struct rtw_led_state *ls)
3015 {
3016           callout_destroy(&ls->ls_fast_ch);
3017           callout_destroy(&ls->ls_slow_ch);
3018 }
3019 
3020 static void
rtw_led_attach(struct rtw_led_state * ls,void * arg)3021 rtw_led_attach(struct rtw_led_state *ls, void *arg)
3022 {
3023           callout_init(&ls->ls_fast_ch, 0);
3024           callout_init(&ls->ls_slow_ch, 0);
3025           callout_setfunc(&ls->ls_fast_ch, rtw_led_fastblink, arg);
3026           callout_setfunc(&ls->ls_slow_ch, rtw_led_slowblink, arg);
3027 }
3028 
3029 static int
rtw_ioctl(struct ifnet * ifp,u_long cmd,void * data)3030 rtw_ioctl(struct ifnet *ifp, u_long cmd, void *data)
3031 {
3032           int rc = 0, s;
3033           struct rtw_softc *sc = ifp->if_softc;
3034 
3035           s = splnet();
3036           if (cmd == SIOCSIFFLAGS) {
3037                     if ((rc = ifioctl_common(ifp, cmd, data)) != 0)
3038                               ;
3039                     else switch (ifp->if_flags & (IFF_UP | IFF_RUNNING)) {
3040                     case IFF_UP:
3041                               rc = rtw_init(ifp);
3042                               RTW_PRINT_REGS(&sc->sc_regs, ifp->if_xname, __func__);
3043                               break;
3044                     case IFF_UP | IFF_RUNNING:
3045                               if (device_activation(sc->sc_dev, DEVACT_LEVEL_DRIVER))
3046                                         rtw_pktfilt_load(sc);
3047                               RTW_PRINT_REGS(&sc->sc_regs, ifp->if_xname, __func__);
3048                               break;
3049                     case IFF_RUNNING:
3050                               RTW_PRINT_REGS(&sc->sc_regs, ifp->if_xname, __func__);
3051                               rtw_stop(ifp, 1);
3052                               break;
3053                     default:
3054                               break;
3055                     }
3056           } else if ((rc = ieee80211_ioctl(&sc->sc_ic, cmd, data)) != ENETRESET)
3057                     ;         /* nothing to do */
3058           else if (cmd == SIOCADDMULTI || cmd == SIOCDELMULTI) {
3059                     /* reload packet filter if running */
3060                     if (ifp->if_flags & IFF_RUNNING)
3061                               rtw_pktfilt_load(sc);
3062                     rc = 0;
3063           } else if ((ifp->if_flags & IFF_UP) != 0)
3064                     rc = rtw_init(ifp);
3065           else
3066                     rc = 0;
3067           splx(s);
3068           return rc;
3069 }
3070 
3071 /* Select a transmit ring with at least one h/w and s/w descriptor free.
3072  * Return 0 on success, -1 on failure.
3073  */
3074 static inline int
rtw_txring_choose(struct rtw_softc * sc,struct rtw_txsoft_blk ** tsbp,struct rtw_txdesc_blk ** tdbp,int pri)3075 rtw_txring_choose(struct rtw_softc *sc, struct rtw_txsoft_blk **tsbp,
3076     struct rtw_txdesc_blk **tdbp, int pri)
3077 {
3078           struct rtw_txsoft_blk *tsb;
3079           struct rtw_txdesc_blk *tdb;
3080 
3081           KASSERT(pri >= 0 && pri < RTW_NTXPRI);
3082 
3083           tsb = &sc->sc_txsoft_blk[pri];
3084           tdb = &sc->sc_txdesc_blk[pri];
3085 
3086           if (SIMPLEQ_EMPTY(&tsb->tsb_freeq) || tdb->tdb_nfree == 0) {
3087                     if (tsb->tsb_tx_timer == 0)
3088                               tsb->tsb_tx_timer = 5;
3089                     *tsbp = NULL;
3090                     *tdbp = NULL;
3091                     return -1;
3092           }
3093           *tsbp = tsb;
3094           *tdbp = tdb;
3095           return 0;
3096 }
3097 
3098 static inline struct mbuf *
rtw_80211_dequeue(struct rtw_softc * sc,struct ifqueue * ifq,int pri,struct rtw_txsoft_blk ** tsbp,struct rtw_txdesc_blk ** tdbp,struct ieee80211_node ** nip,short * if_flagsp)3099 rtw_80211_dequeue(struct rtw_softc *sc, struct ifqueue *ifq, int pri,
3100     struct rtw_txsoft_blk **tsbp, struct rtw_txdesc_blk **tdbp,
3101     struct ieee80211_node **nip, short *if_flagsp)
3102 {
3103           struct mbuf *m;
3104 
3105           if (IF_IS_EMPTY(ifq))
3106                     return NULL;
3107           if (rtw_txring_choose(sc, tsbp, tdbp, pri) == -1) {
3108                     DPRINTF(sc, RTW_DEBUG_XMIT_RSRC, ("%s: no ring %d descriptor\n",
3109                         __func__, pri));
3110                     *if_flagsp |= IFF_OACTIVE;
3111                     sc->sc_if.if_timer = 1;
3112                     return NULL;
3113           }
3114           IF_DEQUEUE(ifq, m);
3115           *nip = M_GETCTX(m, struct ieee80211_node *);
3116           M_SETCTX(m, NULL);
3117           KASSERT(*nip != NULL);
3118           return m;
3119 }
3120 
3121 /* Point *mp at the next 802.11 frame to transmit.  Point *tsbp
3122  * at the driver's selection of transmit control block for the packet.
3123  */
3124 static inline int
rtw_dequeue(struct ifnet * ifp,struct rtw_txsoft_blk ** tsbp,struct rtw_txdesc_blk ** tdbp,struct mbuf ** mp,struct ieee80211_node ** nip)3125 rtw_dequeue(struct ifnet *ifp, struct rtw_txsoft_blk **tsbp,
3126     struct rtw_txdesc_blk **tdbp, struct mbuf **mp,
3127     struct ieee80211_node **nip)
3128 {
3129           int pri;
3130           struct ether_header *eh;
3131           struct mbuf *m0;
3132           struct rtw_softc *sc;
3133           short *if_flagsp;
3134 
3135           *mp = NULL;
3136 
3137           sc = (struct rtw_softc *)ifp->if_softc;
3138 
3139           DPRINTF(sc, RTW_DEBUG_XMIT,
3140               ("%s: enter %s\n", device_xname(sc->sc_dev), __func__));
3141 
3142           if_flagsp = &ifp->if_flags;
3143 
3144           if (sc->sc_ic.ic_state == IEEE80211_S_RUN &&
3145               (*mp = rtw_80211_dequeue(sc, &sc->sc_beaconq, RTW_TXPRIBCN, tsbp,
3146                                              tdbp, nip, if_flagsp)) != NULL) {
3147                     DPRINTF(sc, RTW_DEBUG_XMIT, ("%s: dequeue beacon frame\n",
3148                         __func__));
3149                     return 0;
3150           }
3151 
3152           if ((*mp = rtw_80211_dequeue(sc, &sc->sc_ic.ic_mgtq, RTW_TXPRIMD, tsbp,
3153                                              tdbp, nip, if_flagsp)) != NULL) {
3154                     DPRINTF(sc, RTW_DEBUG_XMIT, ("%s: dequeue mgt frame\n",
3155                         __func__));
3156                     return 0;
3157           }
3158 
3159           if (sc->sc_ic.ic_state != IEEE80211_S_RUN) {
3160                     DPRINTF(sc, RTW_DEBUG_XMIT, ("%s: not running\n", __func__));
3161                     return 0;
3162           }
3163 
3164           IFQ_POLL(&ifp->if_snd, m0);
3165           if (m0 == NULL) {
3166                     DPRINTF(sc, RTW_DEBUG_XMIT, ("%s: no frame ready\n",
3167                         __func__));
3168                     return 0;
3169           }
3170 
3171           pri = ((m0->m_flags & M_PWR_SAV) != 0) ? RTW_TXPRIHI : RTW_TXPRIMD;
3172 
3173           if (rtw_txring_choose(sc, tsbp, tdbp, pri) == -1) {
3174                     DPRINTF(sc, RTW_DEBUG_XMIT_RSRC, ("%s: no ring %d descriptor\n",
3175                         __func__, pri));
3176                     *if_flagsp |= IFF_OACTIVE;
3177                     sc->sc_if.if_timer = 1;
3178                     return 0;
3179           }
3180 
3181           IFQ_DEQUEUE(&ifp->if_snd, m0);
3182           if (m0 == NULL) {
3183                     DPRINTF(sc, RTW_DEBUG_XMIT, ("%s: no frame ready\n",
3184                         __func__));
3185                     return 0;
3186           }
3187           DPRINTF(sc, RTW_DEBUG_XMIT, ("%s: dequeue data frame\n", __func__));
3188           if_statinc(ifp, if_opackets);
3189           bpf_mtap(ifp, m0, BPF_D_OUT);
3190           eh = mtod(m0, struct ether_header *);
3191           *nip = ieee80211_find_txnode(&sc->sc_ic, eh->ether_dhost);
3192           if (*nip == NULL) {
3193                     /* NB: ieee80211_find_txnode does stat+msg */
3194                     m_freem(m0);
3195                     return -1;
3196           }
3197           if ((m0 = ieee80211_encap(&sc->sc_ic, m0, *nip)) == NULL) {
3198                     DPRINTF(sc, RTW_DEBUG_XMIT, ("%s: encap error\n", __func__));
3199                     if_statinc(ifp, if_oerrors);
3200                     return -1;
3201           }
3202           DPRINTF(sc, RTW_DEBUG_XMIT, ("%s: leave\n", __func__));
3203           *mp = m0;
3204           return 0;
3205 }
3206 
3207 static int
rtw_seg_too_short(bus_dmamap_t dmamap)3208 rtw_seg_too_short(bus_dmamap_t dmamap)
3209 {
3210           int i;
3211           for (i = 0; i < dmamap->dm_nsegs; i++) {
3212                     if (dmamap->dm_segs[i].ds_len < 4)
3213                               return 1;
3214           }
3215           return 0;
3216 }
3217 
3218 /* TBD factor with atw_start */
3219 static struct mbuf *
rtw_dmamap_load_txbuf(bus_dma_tag_t dmat,bus_dmamap_t dmam,struct mbuf * chain,u_int ndescfree,device_t dev)3220 rtw_dmamap_load_txbuf(bus_dma_tag_t dmat, bus_dmamap_t dmam, struct mbuf *chain,
3221     u_int ndescfree, device_t dev)
3222 {
3223           int first, rc;
3224           struct mbuf *m, *m0;
3225 
3226           m0 = chain;
3227 
3228           /*
3229            * Load the DMA map.  Copy and try (once) again if the packet
3230            * didn't fit in the alloted number of segments.
3231            */
3232           for (first = 1;
3233                ((rc = bus_dmamap_load_mbuf(dmat, dmam, m0,
3234                                 BUS_DMA_WRITE | BUS_DMA_NOWAIT)) != 0 ||
3235                 dmam->dm_nsegs > ndescfree || rtw_seg_too_short(dmam)) && first;
3236                first = 0) {
3237                     if (rc == 0) {
3238 #ifdef RTW_DIAGxxx
3239                               if (rtw_seg_too_short(dmam)) {
3240                                         printf("%s: short segment, mbuf lengths:", __func__);
3241                                         for (m = m0; m; m = m->m_next)
3242                                                   printf(" %d", m->m_len);
3243                                         printf("\n");
3244                               }
3245 #endif
3246                               bus_dmamap_unload(dmat, dmam);
3247                     }
3248                     MGETHDR(m, M_DONTWAIT, MT_DATA);
3249                     if (m == NULL) {
3250                               aprint_error_dev(dev, "unable to allocate Tx mbuf\n");
3251                               break;
3252                     }
3253                     if (m0->m_pkthdr.len > MHLEN) {
3254                               MCLGET(m, M_DONTWAIT);
3255                               if ((m->m_flags & M_EXT) == 0) {
3256                                         aprint_error_dev(dev,
3257                                             "cannot allocate Tx cluster\n");
3258                                         m_freem(m);
3259                                         break;
3260                               }
3261                     }
3262                     m_copydata(m0, 0, m0->m_pkthdr.len, mtod(m, void *));
3263                     m->m_pkthdr.len = m->m_len = m0->m_pkthdr.len;
3264                     m_freem(m0);
3265                     m0 = m;
3266                     m = NULL;
3267           }
3268           if (rc != 0) {
3269                     aprint_error_dev(dev, "cannot load Tx buffer, rc = %d\n", rc);
3270                     m_freem(m0);
3271                     return NULL;
3272           } else if (rtw_seg_too_short(dmam)) {
3273                     aprint_error_dev(dev,
3274                         "cannot load Tx buffer, segment too short\n");
3275                     bus_dmamap_unload(dmat, dmam);
3276                     m_freem(m0);
3277                     return NULL;
3278           } else if (dmam->dm_nsegs > ndescfree) {
3279                     aprint_error_dev(dev, "too many tx segments\n");
3280                     bus_dmamap_unload(dmat, dmam);
3281                     m_freem(m0);
3282                     return NULL;
3283           }
3284           return m0;
3285 }
3286 
3287 #ifdef RTW_DEBUG
3288 static void
rtw_print_txdesc(struct rtw_softc * sc,const char * action,struct rtw_txsoft * ts,struct rtw_txdesc_blk * tdb,int desc)3289 rtw_print_txdesc(struct rtw_softc *sc, const char *action,
3290     struct rtw_txsoft *ts, struct rtw_txdesc_blk *tdb, int desc)
3291 {
3292           struct rtw_txdesc *td = &tdb->tdb_desc[desc];
3293           DPRINTF(sc, RTW_DEBUG_XMIT_DESC, ("%s: %p %s txdesc[%d] next %#08x "
3294               "buf %#08x ctl0 %#08x ctl1 %#08x len %#08x\n",
3295               device_xname(sc->sc_dev), ts, action, desc,
3296               le32toh(td->td_buf), le32toh(td->td_next),
3297               le32toh(td->td_ctl0), le32toh(td->td_ctl1),
3298               le32toh(td->td_len)));
3299 }
3300 #endif /* RTW_DEBUG */
3301 
3302 static void
rtw_start(struct ifnet * ifp)3303 rtw_start(struct ifnet *ifp)
3304 {
3305           int desc, i, lastdesc, npkt, rate;
3306           uint32_t proto_ctl0, ctl0, ctl1;
3307           bus_dmamap_t                  dmamap;
3308           struct ieee80211com *ic;
3309           struct ieee80211_duration *d0;
3310           struct ieee80211_frame_min    *wh;
3311           struct ieee80211_node         *ni = NULL;         /* XXX: GCC */
3312           struct mbuf                   *m0;
3313           struct rtw_softc    *sc;
3314           struct rtw_txsoft_blk         *tsb = NULL;        /* XXX: GCC */
3315           struct rtw_txdesc_blk         *tdb = NULL;        /* XXX: GCC */
3316           struct rtw_txsoft   *ts;
3317           struct rtw_txdesc   *td;
3318           struct ieee80211_key          *k;
3319 
3320           sc = (struct rtw_softc *)ifp->if_softc;
3321           ic = &sc->sc_ic;
3322 
3323           DPRINTF(sc, RTW_DEBUG_XMIT,
3324               ("%s: enter %s\n", device_xname(sc->sc_dev), __func__));
3325 
3326           if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING)
3327                     goto out;
3328 
3329           /* XXX do real rate control */
3330           proto_ctl0 = RTW_TXCTL0_RTSRATE_1MBPS;
3331 
3332           if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0)
3333                     proto_ctl0 |= RTW_TXCTL0_SPLCP;
3334 
3335           for (;;) {
3336                     if (rtw_dequeue(ifp, &tsb, &tdb, &m0, &ni) == -1)
3337                               continue;
3338                     if (m0 == NULL)
3339                               break;
3340 
3341                     wh = mtod(m0, struct ieee80211_frame_min *);
3342 
3343                     if ((wh->i_fc[1] & IEEE80211_FC1_WEP) != 0 &&
3344                         (k = ieee80211_crypto_encap(ic, ni, m0)) == NULL) {
3345                               m_freem(m0);
3346                               break;
3347                     } else
3348                               k = NULL;
3349 
3350                     ts = SIMPLEQ_FIRST(&tsb->tsb_freeq);
3351 
3352                     dmamap = ts->ts_dmamap;
3353 
3354                     m0 = rtw_dmamap_load_txbuf(sc->sc_dmat, dmamap, m0,
3355                         tdb->tdb_nfree, sc->sc_dev);
3356 
3357                     if (m0 == NULL || dmamap->dm_nsegs == 0) {
3358                               DPRINTF(sc, RTW_DEBUG_XMIT,
3359                                   ("%s: fail dmamap load\n", __func__));
3360                               goto post_dequeue_err;
3361                     }
3362 
3363                     /* Note well: rtw_dmamap_load_txbuf may have created
3364                      * a new chain, so we must find the header once
3365                      * more.
3366                      */
3367                     wh = mtod(m0, struct ieee80211_frame_min *);
3368 
3369                     /* XXX do real rate control */
3370                     if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
3371                         IEEE80211_FC0_TYPE_MGT)
3372                               rate = 2;
3373                     else
3374                               rate = MAX(2, ieee80211_get_rate(ni));
3375 
3376 #ifdef RTW_DEBUG
3377                     if ((ifp->if_flags & (IFF_DEBUG | IFF_LINK2)) ==
3378                         (IFF_DEBUG | IFF_LINK2)) {
3379                               ieee80211_dump_pkt(mtod(m0, uint8_t *),
3380                                   (dmamap->dm_nsegs == 1) ? m0->m_pkthdr.len
3381                                                                 : sizeof(wh),
3382                                   rate, 0);
3383                     }
3384 #endif /* RTW_DEBUG */
3385                     ctl0 = proto_ctl0 |
3386                         __SHIFTIN(m0->m_pkthdr.len, RTW_TXCTL0_TPKTSIZE_MASK);
3387 
3388                     switch (rate) {
3389                     default:
3390                     case 2:
3391                               ctl0 |= RTW_TXCTL0_RATE_1MBPS;
3392                               break;
3393                     case 4:
3394                               ctl0 |= RTW_TXCTL0_RATE_2MBPS;
3395                               break;
3396                     case 11:
3397                               ctl0 |= RTW_TXCTL0_RATE_5MBPS;
3398                               break;
3399                     case 22:
3400                               ctl0 |= RTW_TXCTL0_RATE_11MBPS;
3401                               break;
3402                     }
3403                     /* XXX >= ? Compare after fragmentation? */
3404                     if (m0->m_pkthdr.len > ic->ic_rtsthreshold)
3405                               ctl0 |= RTW_TXCTL0_RTSEN;
3406 
3407                     /* XXX Sometimes writes a bogus keyid; h/w doesn't
3408                      * seem to care, since we don't activate h/w Tx
3409                      * encryption.
3410                      */
3411                     if (k != NULL &&
3412                         k->wk_cipher->ic_cipher == IEEE80211_CIPHER_WEP) {
3413                               ctl0 |= __SHIFTIN(k->wk_keyix, RTW_TXCTL0_KEYID_MASK) &
3414                                   RTW_TXCTL0_KEYID_MASK;
3415                     }
3416 
3417                     if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
3418                         IEEE80211_FC0_TYPE_MGT) {
3419                               ctl0 &= ~(RTW_TXCTL0_SPLCP | RTW_TXCTL0_RTSEN);
3420                               if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) ==
3421                                   IEEE80211_FC0_SUBTYPE_BEACON)
3422                                         ctl0 |= RTW_TXCTL0_BEACON;
3423                     }
3424 
3425                     if (ieee80211_compute_duration(wh, k, m0->m_pkthdr.len,
3426                         ic->ic_flags, ic->ic_fragthreshold,
3427                         rate, &ts->ts_d0, &ts->ts_dn, &npkt,
3428                         (ifp->if_flags & (IFF_DEBUG | IFF_LINK2)) ==
3429                         (IFF_DEBUG | IFF_LINK2)) == -1) {
3430                               DPRINTF(sc, RTW_DEBUG_XMIT,
3431                                   ("%s: fail compute duration\n", __func__));
3432                               goto post_load_err;
3433                     }
3434 
3435                     d0 = &ts->ts_d0;
3436 
3437                     *(uint16_t*)wh->i_dur = htole16(d0->d_data_dur);
3438 
3439                     ctl1 = __SHIFTIN(d0->d_plcp_len, RTW_TXCTL1_LENGTH_MASK) |
3440                         __SHIFTIN(d0->d_rts_dur, RTW_TXCTL1_RTSDUR_MASK);
3441 
3442                     if (d0->d_residue)
3443                               ctl1 |= RTW_TXCTL1_LENGEXT;
3444 
3445                     /* TBD fragmentation */
3446 
3447                     ts->ts_first = tdb->tdb_next;
3448 
3449                     rtw_txdescs_sync(tdb, ts->ts_first, dmamap->dm_nsegs,
3450                         BUS_DMASYNC_PREWRITE);
3451 
3452                     KASSERT(ts->ts_first < tdb->tdb_ndesc);
3453 
3454                     bpf_mtap3(ic->ic_rawbpf, m0, BPF_D_OUT);
3455 
3456                     if (sc->sc_radiobpf != NULL) {
3457                               struct rtw_tx_radiotap_header *rt = &sc->sc_txtap;
3458 
3459                               rt->rt_rate = rate;
3460 
3461                               bpf_mtap2(sc->sc_radiobpf, rt, sizeof(sc->sc_txtapu),
3462                                   m0, BPF_D_OUT);
3463                     }
3464 
3465                     for (i = 0, lastdesc = desc = ts->ts_first;
3466                          i < dmamap->dm_nsegs;
3467                          i++, desc = RTW_NEXT_IDX(tdb, desc)) {
3468                               if (dmamap->dm_segs[i].ds_len > RTW_TXLEN_LENGTH_MASK) {
3469                                         DPRINTF(sc, RTW_DEBUG_XMIT_DESC,
3470                                             ("%s: seg too long\n", __func__));
3471                                         goto post_load_err;
3472                               }
3473                               td = &tdb->tdb_desc[desc];
3474                               td->td_ctl0 = htole32(ctl0);
3475                               td->td_ctl1 = htole32(ctl1);
3476                               td->td_buf = htole32(dmamap->dm_segs[i].ds_addr);
3477                               td->td_len = htole32(dmamap->dm_segs[i].ds_len);
3478                               td->td_next = htole32(RTW_NEXT_DESC(tdb, desc));
3479                               if (i != 0)
3480                                         td->td_ctl0 |= htole32(RTW_TXCTL0_OWN);
3481                               lastdesc = desc;
3482 #ifdef RTW_DEBUG
3483                               rtw_print_txdesc(sc, "load", ts, tdb, desc);
3484 #endif /* RTW_DEBUG */
3485                     }
3486 
3487                     KASSERT(desc < tdb->tdb_ndesc);
3488 
3489                     ts->ts_ni = ni;
3490                     KASSERT(ni != NULL);
3491                     ts->ts_mbuf = m0;
3492                     ts->ts_last = lastdesc;
3493                     tdb->tdb_desc[ts->ts_last].td_ctl0 |= htole32(RTW_TXCTL0_LS);
3494                     tdb->tdb_desc[ts->ts_first].td_ctl0 |=
3495                        htole32(RTW_TXCTL0_FS);
3496 
3497 #ifdef RTW_DEBUG
3498                     rtw_print_txdesc(sc, "FS on", ts, tdb, ts->ts_first);
3499                     rtw_print_txdesc(sc, "LS on", ts, tdb, ts->ts_last);
3500 #endif /* RTW_DEBUG */
3501 
3502                     tdb->tdb_nfree -= dmamap->dm_nsegs;
3503                     tdb->tdb_next = desc;
3504 
3505                     rtw_txdescs_sync(tdb, ts->ts_first, dmamap->dm_nsegs,
3506                         BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
3507 
3508                     tdb->tdb_desc[ts->ts_first].td_ctl0 |=
3509                         htole32(RTW_TXCTL0_OWN);
3510 
3511 #ifdef RTW_DEBUG
3512                     rtw_print_txdesc(sc, "OWN on", ts, tdb, ts->ts_first);
3513 #endif /* RTW_DEBUG */
3514 
3515                     rtw_txdescs_sync(tdb, ts->ts_first, 1,
3516                         BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
3517 
3518                     SIMPLEQ_REMOVE_HEAD(&tsb->tsb_freeq, ts_q);
3519                     SIMPLEQ_INSERT_TAIL(&tsb->tsb_dirtyq, ts, ts_q);
3520 
3521                     if (tsb != &sc->sc_txsoft_blk[RTW_TXPRIBCN])
3522                               sc->sc_led_state.ls_event |= RTW_LED_S_TX;
3523                     tsb->tsb_tx_timer = 5;
3524                     ifp->if_timer = 1;
3525                     rtw_tx_kick(&sc->sc_regs, tsb->tsb_poll);
3526           }
3527 out:
3528           DPRINTF(sc, RTW_DEBUG_XMIT, ("%s: leave\n", __func__));
3529           return;
3530 post_load_err:
3531           bus_dmamap_unload(sc->sc_dmat, dmamap);
3532           m_freem(m0);
3533 post_dequeue_err:
3534           ieee80211_free_node(ni);
3535           return;
3536 }
3537 
3538 static void
rtw_idle(struct rtw_regs * regs)3539 rtw_idle(struct rtw_regs *regs)
3540 {
3541           int active;
3542           uint8_t tppoll;
3543 
3544           /* request stop DMA; wait for packets to stop transmitting. */
3545 
3546           RTW_WRITE8(regs, RTW_TPPOLL, RTW_TPPOLL_SALL);
3547           RTW_WBR(regs, RTW_TPPOLL, RTW_TPPOLL);
3548 
3549           for (active = 0; active < 300 &&
3550                (tppoll = RTW_READ8(regs, RTW_TPPOLL) & RTW_TPPOLL_ACTIVE) != 0;
3551                active++)
3552                     DELAY(10);
3553           printf("%s: transmit DMA idle in %dus, tppoll %02" PRIx8 "\n", __func__,
3554               active * 10, tppoll);
3555 }
3556 
3557 static void
rtw_watchdog(struct ifnet * ifp)3558 rtw_watchdog(struct ifnet *ifp)
3559 {
3560           int pri, tx_timeouts = 0;
3561           struct rtw_softc *sc;
3562           struct rtw_txsoft_blk *tsb;
3563 
3564           sc = ifp->if_softc;
3565 
3566           ifp->if_timer = 0;
3567 
3568           if (!device_is_active(sc->sc_dev))
3569                     return;
3570 
3571           for (pri = 0; pri < RTW_NTXPRI; pri++) {
3572                     tsb = &sc->sc_txsoft_blk[pri];
3573 
3574                     if (tsb->tsb_tx_timer == 0)
3575                               continue;
3576                     else if (--tsb->tsb_tx_timer == 0) {
3577                               if (SIMPLEQ_EMPTY(&tsb->tsb_dirtyq))
3578                                         continue;
3579                               else if (rtw_collect_txring(sc, tsb,
3580                                   &sc->sc_txdesc_blk[pri], 0))
3581                                         continue;
3582                               printf("%s: transmit timeout, priority %d\n",
3583                                   ifp->if_xname, pri);
3584                               if_statinc(ifp, if_oerrors);
3585                               if (pri != RTW_TXPRIBCN)
3586                                         tx_timeouts++;
3587                     } else
3588                               ifp->if_timer = 1;
3589           }
3590 
3591           if (tx_timeouts > 0) {
3592                     /* Stop Tx DMA, disable xmtr, flush Tx rings, enable xmtr,
3593                      * reset s/w tx-ring pointers, and start transmission.
3594                      *
3595                      * TBD Stop/restart just the broken rings?
3596                      */
3597                     rtw_idle(&sc->sc_regs);
3598                     rtw_io_enable(sc, RTW_CR_RE | RTW_CR_TE, 0);
3599                     rtw_txdescs_reset(sc);
3600                     rtw_io_enable(sc, RTW_CR_RE | RTW_CR_TE, 1);
3601                     rtw_start(ifp);
3602           }
3603           ieee80211_watchdog(&sc->sc_ic);
3604           return;
3605 }
3606 
3607 static void
rtw_next_scan(void * arg)3608 rtw_next_scan(void *arg)
3609 {
3610           struct ieee80211com *ic = arg;
3611           int s;
3612 
3613           /* don't call rtw_start w/o network interrupts blocked */
3614           s = splnet();
3615           if (ic->ic_state == IEEE80211_S_SCAN)
3616                     ieee80211_next_scan(ic);
3617           splx(s);
3618 }
3619 
3620 static void
rtw_join_bss(struct rtw_softc * sc,uint8_t * bssid,uint16_t intval0)3621 rtw_join_bss(struct rtw_softc *sc, uint8_t *bssid, uint16_t intval0)
3622 {
3623           uint16_t bcnitv, bintritv, intval;
3624           int i;
3625           struct rtw_regs *regs = &sc->sc_regs;
3626 
3627           for (i = 0; i < IEEE80211_ADDR_LEN; i++)
3628                     RTW_WRITE8(regs, RTW_BSSID + i, bssid[i]);
3629 
3630           RTW_SYNC(regs, RTW_BSSID16, RTW_BSSID32);
3631 
3632           rtw_set_access(regs, RTW_ACCESS_CONFIG);
3633 
3634           intval = MIN(intval0, __SHIFTOUT_MASK(RTW_BCNITV_BCNITV_MASK));
3635 
3636           bcnitv = RTW_READ16(regs, RTW_BCNITV) & ~RTW_BCNITV_BCNITV_MASK;
3637           bcnitv |= __SHIFTIN(intval, RTW_BCNITV_BCNITV_MASK);
3638           RTW_WRITE16(regs, RTW_BCNITV, bcnitv);
3639           /* interrupt host 1ms before the TBTT */
3640           bintritv = RTW_READ16(regs, RTW_BINTRITV) & ~RTW_BINTRITV_BINTRITV;
3641           bintritv |= __SHIFTIN(1000, RTW_BINTRITV_BINTRITV);
3642           RTW_WRITE16(regs, RTW_BINTRITV, bintritv);
3643           /* magic from Linux */
3644           RTW_WRITE16(regs, RTW_ATIMWND, __SHIFTIN(1, RTW_ATIMWND_ATIMWND));
3645           RTW_WRITE16(regs, RTW_ATIMTRITV, __SHIFTIN(2, RTW_ATIMTRITV_ATIMTRITV));
3646           rtw_set_access(regs, RTW_ACCESS_NONE);
3647 
3648           rtw_io_enable(sc, RTW_CR_RE | RTW_CR_TE, 1);
3649 }
3650 
3651 /* Synchronize the hardware state with the software state. */
3652 static int
rtw_newstate(struct ieee80211com * ic,enum ieee80211_state nstate,int arg)3653 rtw_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
3654 {
3655           struct ifnet *ifp = ic->ic_ifp;
3656           struct rtw_softc *sc = (struct rtw_softc *)ifp->if_softc;
3657           enum ieee80211_state ostate;
3658           int error;
3659 
3660           ostate = ic->ic_state;
3661 
3662           aprint_debug_dev(sc->sc_dev, "%s: l.%d\n", __func__, __LINE__);
3663           rtw_led_newstate(sc, nstate);
3664 
3665           aprint_debug_dev(sc->sc_dev, "%s: l.%d\n", __func__, __LINE__);
3666           if (nstate == IEEE80211_S_INIT) {
3667                     callout_stop(&sc->sc_scan_ch);
3668                     sc->sc_cur_chan = IEEE80211_CHAN_ANY;
3669                     return (*sc->sc_mtbl.mt_newstate)(ic, nstate, arg);
3670           }
3671 
3672           if (ostate == IEEE80211_S_INIT && nstate != IEEE80211_S_INIT)
3673                     rtw_pwrstate(sc, RTW_ON);
3674 
3675           if ((error = rtw_tune(sc)) != 0)
3676                     return error;
3677 
3678           switch (nstate) {
3679           case IEEE80211_S_INIT:
3680                     panic("%s: unexpected state IEEE80211_S_INIT\n", __func__);
3681                     break;
3682           case IEEE80211_S_SCAN:
3683                     if (ostate != IEEE80211_S_SCAN) {
3684                               (void)memset(ic->ic_bss->ni_bssid, 0,
3685                                   IEEE80211_ADDR_LEN);
3686                               rtw_set_nettype(sc, IEEE80211_M_MONITOR);
3687                     }
3688 
3689                     callout_reset(&sc->sc_scan_ch, rtw_dwelltime * hz / 1000,
3690                         rtw_next_scan, ic);
3691 
3692                     break;
3693           case IEEE80211_S_RUN:
3694                     switch (ic->ic_opmode) {
3695                     case IEEE80211_M_HOSTAP:
3696                     case IEEE80211_M_IBSS:
3697                               rtw_set_nettype(sc, IEEE80211_M_MONITOR);
3698                               /*FALLTHROUGH*/
3699                     case IEEE80211_M_AHDEMO:
3700                     case IEEE80211_M_STA:
3701                               rtw_join_bss(sc, ic->ic_bss->ni_bssid,
3702                                   ic->ic_bss->ni_intval);
3703                               break;
3704                     case IEEE80211_M_MONITOR:
3705                               break;
3706                     }
3707                     rtw_set_nettype(sc, ic->ic_opmode);
3708                     break;
3709           case IEEE80211_S_ASSOC:
3710           case IEEE80211_S_AUTH:
3711                     break;
3712           }
3713 
3714           if (nstate != IEEE80211_S_SCAN)
3715                     callout_stop(&sc->sc_scan_ch);
3716 
3717           return (*sc->sc_mtbl.mt_newstate)(ic, nstate, arg);
3718 }
3719 
3720 /* Extend a 32-bit TSF timestamp to a 64-bit timestamp. */
3721 static uint64_t
rtw_tsf_extend(struct rtw_regs * regs,uint32_t rstamp)3722 rtw_tsf_extend(struct rtw_regs *regs, uint32_t rstamp)
3723 {
3724           uint32_t tsftl, tsfth;
3725 
3726           tsfth = RTW_READ(regs, RTW_TSFTRH);
3727           tsftl = RTW_READ(regs, RTW_TSFTRL);
3728           if (tsftl < rstamp) /* Compensate for rollover. */
3729                     tsfth--;
3730           return ((uint64_t)tsfth << 32) | rstamp;
3731 }
3732 
3733 static void
rtw_recv_mgmt(struct ieee80211com * ic,struct mbuf * m,struct ieee80211_node * ni,int subtype,int rssi,uint32_t rstamp)3734 rtw_recv_mgmt(struct ieee80211com *ic, struct mbuf *m,
3735     struct ieee80211_node *ni, int subtype, int rssi, uint32_t rstamp)
3736 {
3737           struct ifnet *ifp = ic->ic_ifp;
3738           struct rtw_softc *sc = (struct rtw_softc *)ifp->if_softc;
3739 
3740           (*sc->sc_mtbl.mt_recv_mgmt)(ic, m, ni, subtype, rssi, rstamp);
3741 
3742           switch (subtype) {
3743           case IEEE80211_FC0_SUBTYPE_PROBE_RESP:
3744           case IEEE80211_FC0_SUBTYPE_BEACON:
3745                     if (ic->ic_opmode == IEEE80211_M_IBSS &&
3746                         ic->ic_state == IEEE80211_S_RUN &&
3747                         device_is_active(sc->sc_dev)) {
3748                               uint64_t tsf = rtw_tsf_extend(&sc->sc_regs, rstamp);
3749                               if (le64toh(ni->ni_tstamp.tsf) >= tsf)
3750                                         (void)ieee80211_ibss_merge(ni);
3751                     }
3752                     break;
3753           default:
3754                     break;
3755           }
3756           return;
3757 }
3758 
3759 static struct ieee80211_node *
rtw_node_alloc(struct ieee80211_node_table * nt)3760 rtw_node_alloc(struct ieee80211_node_table *nt)
3761 {
3762           struct ifnet *ifp = nt->nt_ic->ic_ifp;
3763           struct rtw_softc *sc = (struct rtw_softc *)ifp->if_softc;
3764           struct ieee80211_node *ni = (*sc->sc_mtbl.mt_node_alloc)(nt);
3765 
3766           DPRINTF(sc, RTW_DEBUG_NODE,
3767               ("%s: alloc node %p\n", device_xname(sc->sc_dev), ni));
3768           return ni;
3769 }
3770 
3771 static void
rtw_node_free(struct ieee80211_node * ni)3772 rtw_node_free(struct ieee80211_node *ni)
3773 {
3774           struct ieee80211com *ic = ni->ni_ic;
3775           struct ifnet *ifp = ic->ic_ifp;
3776           struct rtw_softc *sc = (struct rtw_softc *)ifp->if_softc;
3777 
3778           DPRINTF(sc, RTW_DEBUG_NODE,
3779               ("%s: freeing node %p %s\n", device_xname(sc->sc_dev), ni,
3780               ether_sprintf(ni->ni_bssid)));
3781           (*sc->sc_mtbl.mt_node_free)(ni);
3782 }
3783 
3784 static int
rtw_media_change(struct ifnet * ifp)3785 rtw_media_change(struct ifnet *ifp)
3786 {
3787           int error;
3788 
3789           error = ieee80211_media_change(ifp);
3790           if (error == ENETRESET) {
3791                     if ((ifp->if_flags & (IFF_RUNNING | IFF_UP)) ==
3792                         (IFF_RUNNING | IFF_UP))
3793                               rtw_init(ifp);                /* XXX lose error */
3794                     error = 0;
3795           }
3796           return error;
3797 }
3798 
3799 static void
rtw_media_status(struct ifnet * ifp,struct ifmediareq * imr)3800 rtw_media_status(struct ifnet *ifp, struct ifmediareq *imr)
3801 {
3802           struct rtw_softc *sc = ifp->if_softc;
3803 
3804           if (!device_is_active(sc->sc_dev)) {
3805                     imr->ifm_active = IFM_IEEE80211 | IFM_NONE;
3806                     imr->ifm_status = 0;
3807                     return;
3808           }
3809           ieee80211_media_status(ifp, imr);
3810 }
3811 
3812 static inline void
rtw_setifprops(struct ifnet * ifp,const char * dvname,void * softc)3813 rtw_setifprops(struct ifnet *ifp, const char *dvname, void *softc)
3814 {
3815           (void)strlcpy(ifp->if_xname, dvname, IFNAMSIZ);
3816           ifp->if_softc = softc;
3817           ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST;
3818           ifp->if_ioctl = rtw_ioctl;
3819           ifp->if_start = rtw_start;
3820           ifp->if_watchdog = rtw_watchdog;
3821           ifp->if_init = rtw_init;
3822           ifp->if_stop = rtw_stop;
3823 }
3824 
3825 static inline void
rtw_set80211props(struct ieee80211com * ic)3826 rtw_set80211props(struct ieee80211com *ic)
3827 {
3828           int nrate;
3829           ic->ic_phytype = IEEE80211_T_DS;
3830           ic->ic_opmode = IEEE80211_M_STA;
3831           ic->ic_caps = IEEE80211_C_PMGT | IEEE80211_C_IBSS |
3832               IEEE80211_C_HOSTAP | IEEE80211_C_MONITOR | IEEE80211_C_WEP;
3833 
3834           nrate = 0;
3835           ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] =
3836               IEEE80211_RATE_BASIC | 2;
3837           ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] =
3838               IEEE80211_RATE_BASIC | 4;
3839           ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 11;
3840           ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 22;
3841           ic->ic_sup_rates[IEEE80211_MODE_11B].rs_nrates = nrate;
3842 }
3843 
3844 static inline void
rtw_set80211methods(struct rtw_mtbl * mtbl,struct ieee80211com * ic)3845 rtw_set80211methods(struct rtw_mtbl *mtbl, struct ieee80211com *ic)
3846 {
3847           mtbl->mt_newstate = ic->ic_newstate;
3848           ic->ic_newstate = rtw_newstate;
3849 
3850           mtbl->mt_recv_mgmt = ic->ic_recv_mgmt;
3851           ic->ic_recv_mgmt = rtw_recv_mgmt;
3852 
3853           mtbl->mt_node_free = ic->ic_node_free;
3854           ic->ic_node_free = rtw_node_free;
3855 
3856           mtbl->mt_node_alloc = ic->ic_node_alloc;
3857           ic->ic_node_alloc = rtw_node_alloc;
3858 
3859           ic->ic_crypto.cs_key_delete = rtw_key_delete;
3860           ic->ic_crypto.cs_key_set = rtw_key_set;
3861           ic->ic_crypto.cs_key_update_begin = rtw_key_update_begin;
3862           ic->ic_crypto.cs_key_update_end = rtw_key_update_end;
3863 }
3864 
3865 static inline void
rtw_init_radiotap(struct rtw_softc * sc)3866 rtw_init_radiotap(struct rtw_softc *sc)
3867 {
3868           uint32_t present;
3869 
3870           memset(&sc->sc_rxtapu, 0, sizeof(sc->sc_rxtapu));
3871           sc->sc_rxtap.rr_ihdr.it_len = htole16(sizeof(sc->sc_rxtapu));
3872 
3873           if (sc->sc_rfchipid == RTW_RFCHIPID_PHILIPS)
3874                     present = htole32(RTW_PHILIPS_RX_RADIOTAP_PRESENT);
3875           else
3876                     present = htole32(RTW_RX_RADIOTAP_PRESENT);
3877           sc->sc_rxtap.rr_ihdr.it_present = present;
3878 
3879           memset(&sc->sc_txtapu, 0, sizeof(sc->sc_txtapu));
3880           sc->sc_txtap.rt_ihdr.it_len = htole16(sizeof(sc->sc_txtapu));
3881           sc->sc_txtap.rt_ihdr.it_present = htole32(RTW_TX_RADIOTAP_PRESENT);
3882 }
3883 
3884 static int
rtw_txsoft_blk_setup(struct rtw_txsoft_blk * tsb,u_int qlen)3885 rtw_txsoft_blk_setup(struct rtw_txsoft_blk *tsb, u_int qlen)
3886 {
3887           SIMPLEQ_INIT(&tsb->tsb_dirtyq);
3888           SIMPLEQ_INIT(&tsb->tsb_freeq);
3889           tsb->tsb_ndesc = qlen;
3890           tsb->tsb_desc = malloc(qlen * sizeof(*tsb->tsb_desc), M_DEVBUF,
3891               M_WAITOK);
3892           return 0;
3893 }
3894 
3895 static void
rtw_txsoft_blk_cleanup_all(struct rtw_softc * sc)3896 rtw_txsoft_blk_cleanup_all(struct rtw_softc *sc)
3897 {
3898           int pri;
3899           struct rtw_txsoft_blk *tsb;
3900 
3901           for (pri = 0; pri < RTW_NTXPRI; pri++) {
3902                     tsb = &sc->sc_txsoft_blk[pri];
3903                     free(tsb->tsb_desc, M_DEVBUF);
3904                     tsb->tsb_desc = NULL;
3905           }
3906 }
3907 
3908 static int
rtw_txsoft_blk_setup_all(struct rtw_softc * sc)3909 rtw_txsoft_blk_setup_all(struct rtw_softc *sc)
3910 {
3911           int pri, rc = 0;
3912           int qlen[RTW_NTXPRI] =
3913                {RTW_TXQLENLO, RTW_TXQLENMD, RTW_TXQLENHI, RTW_TXQLENBCN};
3914           struct rtw_txsoft_blk *tsbs;
3915 
3916           tsbs = sc->sc_txsoft_blk;
3917 
3918           for (pri = 0; pri < RTW_NTXPRI; pri++) {
3919                     rc = rtw_txsoft_blk_setup(&tsbs[pri], qlen[pri]);
3920                     if (rc != 0)
3921                               break;
3922           }
3923           tsbs[RTW_TXPRILO].tsb_poll = RTW_TPPOLL_LPQ | RTW_TPPOLL_SLPQ;
3924           tsbs[RTW_TXPRIMD].tsb_poll = RTW_TPPOLL_NPQ | RTW_TPPOLL_SNPQ;
3925           tsbs[RTW_TXPRIHI].tsb_poll = RTW_TPPOLL_HPQ | RTW_TPPOLL_SHPQ;
3926           tsbs[RTW_TXPRIBCN].tsb_poll = RTW_TPPOLL_BQ | RTW_TPPOLL_SBQ;
3927           return rc;
3928 }
3929 
3930 static void
rtw_txdesc_blk_setup(struct rtw_txdesc_blk * tdb,struct rtw_txdesc * desc,u_int ndesc,bus_addr_t ofs,bus_addr_t physbase)3931 rtw_txdesc_blk_setup(struct rtw_txdesc_blk *tdb, struct rtw_txdesc *desc,
3932     u_int ndesc, bus_addr_t ofs, bus_addr_t physbase)
3933 {
3934           tdb->tdb_ndesc = ndesc;
3935           tdb->tdb_desc = desc;
3936           tdb->tdb_physbase = physbase;
3937           tdb->tdb_ofs = ofs;
3938 
3939           (void)memset(tdb->tdb_desc, 0,
3940               sizeof(tdb->tdb_desc[0]) * tdb->tdb_ndesc);
3941 
3942           rtw_txdesc_blk_init(tdb);
3943           tdb->tdb_next = 0;
3944 }
3945 
3946 static void
rtw_txdesc_blk_setup_all(struct rtw_softc * sc)3947 rtw_txdesc_blk_setup_all(struct rtw_softc *sc)
3948 {
3949           rtw_txdesc_blk_setup(&sc->sc_txdesc_blk[RTW_TXPRILO],
3950               &sc->sc_descs->hd_txlo[0], RTW_NTXDESCLO,
3951               RTW_RING_OFFSET(hd_txlo), RTW_RING_BASE(sc, hd_txlo));
3952 
3953           rtw_txdesc_blk_setup(&sc->sc_txdesc_blk[RTW_TXPRIMD],
3954               &sc->sc_descs->hd_txmd[0], RTW_NTXDESCMD,
3955               RTW_RING_OFFSET(hd_txmd), RTW_RING_BASE(sc, hd_txmd));
3956 
3957           rtw_txdesc_blk_setup(&sc->sc_txdesc_blk[RTW_TXPRIHI],
3958               &sc->sc_descs->hd_txhi[0], RTW_NTXDESCHI,
3959               RTW_RING_OFFSET(hd_txhi), RTW_RING_BASE(sc, hd_txhi));
3960 
3961           rtw_txdesc_blk_setup(&sc->sc_txdesc_blk[RTW_TXPRIBCN],
3962               &sc->sc_descs->hd_bcn[0], RTW_NTXDESCBCN,
3963               RTW_RING_OFFSET(hd_bcn), RTW_RING_BASE(sc, hd_bcn));
3964 }
3965 
3966 static struct rtw_rf *
rtw_rf_attach(struct rtw_softc * sc,enum rtw_rfchipid rfchipid,int digphy)3967 rtw_rf_attach(struct rtw_softc *sc, enum rtw_rfchipid rfchipid, int digphy)
3968 {
3969           rtw_rf_write_t rf_write;
3970           struct rtw_rf *rf;
3971 
3972           switch (rfchipid) {
3973           default:
3974                     rf_write = rtw_rf_hostwrite;
3975                     break;
3976           case RTW_RFCHIPID_INTERSIL:
3977           case RTW_RFCHIPID_PHILIPS:
3978           case RTW_RFCHIPID_GCT:        /* XXX a guess */
3979           case RTW_RFCHIPID_RFMD:
3980                     rf_write = (rtw_host_rfio) ? rtw_rf_hostwrite : rtw_rf_macwrite;
3981                     break;
3982           }
3983 
3984           switch (rfchipid) {
3985           case RTW_RFCHIPID_GCT:
3986                     rf = rtw_grf5101_create(&sc->sc_regs, rf_write, 0);
3987                     sc->sc_pwrstate_cb = rtw_maxim_pwrstate;
3988                     break;
3989           case RTW_RFCHIPID_MAXIM:
3990                     rf = rtw_max2820_create(&sc->sc_regs, rf_write, 0);
3991                     sc->sc_pwrstate_cb = rtw_maxim_pwrstate;
3992                     break;
3993           case RTW_RFCHIPID_PHILIPS:
3994                     rf = rtw_sa2400_create(&sc->sc_regs, rf_write, digphy);
3995                     sc->sc_pwrstate_cb = rtw_philips_pwrstate;
3996                     break;
3997           case RTW_RFCHIPID_RFMD:
3998                     /* XXX RFMD has no RF constructor */
3999                     sc->sc_pwrstate_cb = rtw_rfmd_pwrstate;
4000                     /*FALLTHROUGH*/
4001           default:
4002                     return NULL;
4003           }
4004           rf->rf_continuous_tx_cb =
4005               (rtw_continuous_tx_cb_t)rtw_continuous_tx_enable;
4006           rf->rf_continuous_tx_arg = (void *)sc;
4007           return rf;
4008 }
4009 
4010 /* Revision C and later use a different PHY delay setting than
4011  * revisions A and B.
4012  */
4013 static uint8_t
rtw_check_phydelay(struct rtw_regs * regs,uint32_t old_rcr)4014 rtw_check_phydelay(struct rtw_regs *regs, uint32_t old_rcr)
4015 {
4016 #define REVAB (RTW_RCR_MXDMA_UNLIMITED | RTW_RCR_AICV)
4017 #define REVC (REVAB | RTW_RCR_RXFTH_WHOLE)
4018 
4019           uint8_t phydelay = __SHIFTIN(0x6, RTW_PHYDELAY_PHYDELAY);
4020 
4021           RTW_WRITE(regs, RTW_RCR, REVAB);
4022           RTW_WBW(regs, RTW_RCR, RTW_RCR);
4023           RTW_WRITE(regs, RTW_RCR, REVC);
4024 
4025           RTW_WBR(regs, RTW_RCR, RTW_RCR);
4026           if ((RTW_READ(regs, RTW_RCR) & REVC) == REVC)
4027                     phydelay |= RTW_PHYDELAY_REVC_MAGIC;
4028 
4029           RTW_WRITE(regs, RTW_RCR, old_rcr);      /* restore RCR */
4030           RTW_SYNC(regs, RTW_RCR, RTW_RCR);
4031 
4032           return phydelay;
4033 #undef REVC
4034 }
4035 
4036 void
rtw_attach(struct rtw_softc * sc)4037 rtw_attach(struct rtw_softc *sc)
4038 {
4039           struct ifnet *ifp = &sc->sc_if;
4040           struct ieee80211com *ic = &sc->sc_ic;
4041           struct rtw_txsoft_blk *tsb;
4042           int pri, rc;
4043 
4044           pmf_self_suspensor_init(sc->sc_dev, &sc->sc_suspensor, &sc->sc_qual);
4045 
4046           rtw_cipher_wep = ieee80211_cipher_wep;
4047           rtw_cipher_wep.ic_decap = rtw_wep_decap;
4048 
4049           NEXT_ATTACH_STATE(sc, DETACHED);
4050 
4051           sc->sc_soft_ih = softint_establish(SOFTINT_NET, rtw_softintr, sc);
4052           if (sc->sc_soft_ih == NULL) {
4053                     aprint_error_dev(sc->sc_dev, "could not establish softint\n");
4054                     goto err;
4055           }
4056 
4057           switch (RTW_READ(&sc->sc_regs, RTW_TCR) & RTW_TCR_HWVERID_MASK) {
4058           case RTW_TCR_HWVERID_F:
4059                     sc->sc_hwverid = 'F';
4060                     break;
4061           case RTW_TCR_HWVERID_D:
4062                     sc->sc_hwverid = 'D';
4063                     break;
4064           default:
4065                     sc->sc_hwverid = '?';
4066                     break;
4067           }
4068           aprint_verbose_dev(sc->sc_dev, "hardware version %c\n",
4069               sc->sc_hwverid);
4070 
4071           rc = bus_dmamem_alloc(sc->sc_dmat, sizeof(struct rtw_descs),
4072               RTW_DESC_ALIGNMENT, 0, &sc->sc_desc_segs, 1, &sc->sc_desc_nsegs,
4073               0);
4074 
4075           if (rc != 0) {
4076                     aprint_error_dev(sc->sc_dev,
4077                         "could not allocate hw descriptors, error %d\n", rc);
4078                     goto err;
4079           }
4080 
4081           NEXT_ATTACH_STATE(sc, FINISH_DESC_ALLOC);
4082 
4083           rc = bus_dmamem_map(sc->sc_dmat, &sc->sc_desc_segs,
4084               sc->sc_desc_nsegs, sizeof(struct rtw_descs),
4085               (void **)&sc->sc_descs, BUS_DMA_COHERENT);
4086 
4087           if (rc != 0) {
4088                     aprint_error_dev(sc->sc_dev,
4089                         "could not map hw descriptors, error %d\n", rc);
4090                     goto err;
4091           }
4092           NEXT_ATTACH_STATE(sc, FINISH_DESC_MAP);
4093 
4094           rc = bus_dmamap_create(sc->sc_dmat, sizeof(struct rtw_descs), 1,
4095               sizeof(struct rtw_descs), 0, 0, &sc->sc_desc_dmamap);
4096 
4097           if (rc != 0) {
4098                     aprint_error_dev(sc->sc_dev,
4099                         "could not create DMA map for hw descriptors, error %d\n",
4100                         rc);
4101                     goto err;
4102           }
4103           NEXT_ATTACH_STATE(sc, FINISH_DESCMAP_CREATE);
4104 
4105           sc->sc_rxdesc_blk.rdb_dmat = sc->sc_dmat;
4106           sc->sc_rxdesc_blk.rdb_dmamap = sc->sc_desc_dmamap;
4107 
4108           for (pri = 0; pri < RTW_NTXPRI; pri++) {
4109                     sc->sc_txdesc_blk[pri].tdb_dmat = sc->sc_dmat;
4110                     sc->sc_txdesc_blk[pri].tdb_dmamap = sc->sc_desc_dmamap;
4111           }
4112 
4113           rc = bus_dmamap_load(sc->sc_dmat, sc->sc_desc_dmamap, sc->sc_descs,
4114               sizeof(struct rtw_descs), NULL, 0);
4115 
4116           if (rc != 0) {
4117                     aprint_error_dev(sc->sc_dev,
4118                         "could not load DMA map for hw descriptors, error %d\n",
4119                         rc);
4120                     goto err;
4121           }
4122           NEXT_ATTACH_STATE(sc, FINISH_DESCMAP_LOAD);
4123 
4124           if (rtw_txsoft_blk_setup_all(sc) != 0)
4125                     goto err;
4126           NEXT_ATTACH_STATE(sc, FINISH_TXCTLBLK_SETUP);
4127 
4128           rtw_txdesc_blk_setup_all(sc);
4129 
4130           NEXT_ATTACH_STATE(sc, FINISH_TXDESCBLK_SETUP);
4131 
4132           sc->sc_rxdesc_blk.rdb_desc = &sc->sc_descs->hd_rx[0];
4133 
4134           for (pri = 0; pri < RTW_NTXPRI; pri++) {
4135                     tsb = &sc->sc_txsoft_blk[pri];
4136 
4137                     if ((rc = rtw_txdesc_dmamaps_create(sc->sc_dmat,
4138                         &tsb->tsb_desc[0], tsb->tsb_ndesc)) != 0) {
4139                               aprint_error_dev(sc->sc_dev,
4140                                   "could not load DMA map for hw tx descriptors, "
4141                                   "error %d\n", rc);
4142                               goto err;
4143                     }
4144           }
4145 
4146           NEXT_ATTACH_STATE(sc, FINISH_TXMAPS_CREATE);
4147           if ((rc = rtw_rxdesc_dmamaps_create(sc->sc_dmat, &sc->sc_rxsoft[0],
4148                                                       RTW_RXQLEN)) != 0) {
4149                     aprint_error_dev(sc->sc_dev,
4150                         "could not load DMA map for hw rx descriptors, error %d\n",
4151                         rc);
4152                     goto err;
4153           }
4154           NEXT_ATTACH_STATE(sc, FINISH_RXMAPS_CREATE);
4155 
4156           /* Reset the chip to a known state. */
4157           if (rtw_reset(sc) != 0)
4158                     goto err;
4159           NEXT_ATTACH_STATE(sc, FINISH_RESET);
4160 
4161           sc->sc_rcr = RTW_READ(&sc->sc_regs, RTW_RCR);
4162 
4163           if ((sc->sc_rcr & RTW_RCR_9356SEL) != 0)
4164                     sc->sc_flags |= RTW_F_9356SROM;
4165 
4166           if (rtw_srom_read(&sc->sc_regs, sc->sc_flags, &sc->sc_srom,
4167               sc->sc_dev) != 0)
4168                     goto err;
4169 
4170           NEXT_ATTACH_STATE(sc, FINISH_READ_SROM);
4171 
4172           if (rtw_srom_parse(&sc->sc_srom, &sc->sc_flags, &sc->sc_csthr,
4173               &sc->sc_rfchipid, &sc->sc_rcr, &sc->sc_locale,
4174               sc->sc_dev) != 0) {
4175                     aprint_error_dev(sc->sc_dev,
4176                         "attach failed, malformed serial ROM\n");
4177                     goto err;
4178           }
4179 
4180           aprint_verbose_dev(sc->sc_dev, "%s PHY\n",
4181               ((sc->sc_flags & RTW_F_DIGPHY) != 0) ? "digital" : "analog");
4182 
4183           aprint_verbose_dev(sc->sc_dev, "carrier-sense threshold %u\n",
4184               sc->sc_csthr);
4185 
4186           NEXT_ATTACH_STATE(sc, FINISH_PARSE_SROM);
4187 
4188           sc->sc_rf = rtw_rf_attach(sc, sc->sc_rfchipid,
4189               sc->sc_flags & RTW_F_DIGPHY);
4190 
4191           if (sc->sc_rf == NULL) {
4192                     aprint_verbose_dev(sc->sc_dev,
4193                         "attach failed, could not attach RF\n");
4194                     goto err;
4195           }
4196 
4197           NEXT_ATTACH_STATE(sc, FINISH_RF_ATTACH);
4198 
4199           sc->sc_phydelay = rtw_check_phydelay(&sc->sc_regs, sc->sc_rcr);
4200 
4201           RTW_DPRINTF(RTW_DEBUG_ATTACH,
4202               ("%s: PHY delay %d\n", device_xname(sc->sc_dev), sc->sc_phydelay));
4203 
4204           if (sc->sc_locale == RTW_LOCALE_UNKNOWN)
4205                     rtw_identify_country(&sc->sc_regs, &sc->sc_locale);
4206 
4207           rtw_init_channels(sc->sc_locale, &sc->sc_ic.ic_channels, sc->sc_dev);
4208 
4209           if (rtw_identify_sta(&sc->sc_regs, &sc->sc_ic.ic_myaddr,
4210               sc->sc_dev) != 0)
4211                     goto err;
4212           NEXT_ATTACH_STATE(sc, FINISH_ID_STA);
4213 
4214           rtw_setifprops(ifp, device_xname(sc->sc_dev), (void*)sc);
4215 
4216           IFQ_SET_READY(&ifp->if_snd);
4217 
4218           sc->sc_ic.ic_ifp = ifp;
4219           rtw_set80211props(&sc->sc_ic);
4220 
4221           rtw_led_attach(&sc->sc_led_state, (void *)sc);
4222           NEXT_ATTACH_STATE(sc, FINISH_LED_ATTACH);
4223 
4224           /*
4225            * Call MI attach routines.
4226            */
4227           if_initialize(ifp);
4228           ieee80211_ifattach(ic);
4229           /* Use common softint-based if_input */
4230           ifp->if_percpuq = if_percpuq_create(ifp);
4231           if_register(ifp);
4232 
4233           rtw_set80211methods(&sc->sc_mtbl, &sc->sc_ic);
4234 
4235           /* possibly we should fill in our own sc_send_prresp, since
4236            * the RTL8180 is probably sending probe responses in ad hoc
4237            * mode.
4238            */
4239 
4240           /* complete initialization */
4241           ieee80211_media_init(&sc->sc_ic, rtw_media_change, rtw_media_status);
4242           callout_init(&sc->sc_scan_ch, 0);
4243 
4244           rtw_init_radiotap(sc);
4245 
4246           bpf_attach2(ifp, DLT_IEEE802_11_RADIO,
4247               sizeof(struct ieee80211_frame) + 64, &sc->sc_radiobpf);
4248 
4249           NEXT_ATTACH_STATE(sc, FINISHED);
4250 
4251           ieee80211_announce(ic);
4252           return;
4253 err:
4254           rtw_detach(sc);
4255           return;
4256 }
4257 
4258 int
rtw_detach(struct rtw_softc * sc)4259 rtw_detach(struct rtw_softc *sc)
4260 {
4261           struct ifnet *ifp = &sc->sc_if;
4262           int pri, s;
4263 
4264           s = splnet();
4265 
4266           switch (sc->sc_attach_state) {
4267           case FINISHED:
4268                     rtw_stop(ifp, 1);
4269 
4270                     pmf_device_deregister(sc->sc_dev);
4271                     callout_stop(&sc->sc_scan_ch);
4272                     ieee80211_ifdetach(&sc->sc_ic);
4273                     if_detach(ifp);
4274                     /*FALLTHROUGH*/
4275           case FINISH_LED_ATTACH:
4276                     rtw_led_detach(&sc->sc_led_state);
4277                     /*FALLTHROUGH*/
4278           case FINISH_ID_STA:
4279           case FINISH_RF_ATTACH:
4280                     rtw_rf_destroy(sc->sc_rf);
4281                     sc->sc_rf = NULL;
4282                     /*FALLTHROUGH*/
4283           case FINISH_PARSE_SROM:
4284           case FINISH_READ_SROM:
4285                     rtw_srom_free(&sc->sc_srom);
4286                     /*FALLTHROUGH*/
4287           case FINISH_RESET:
4288           case FINISH_RXMAPS_CREATE:
4289                     rtw_rxdesc_dmamaps_destroy(sc->sc_dmat, &sc->sc_rxsoft[0],
4290                         RTW_RXQLEN);
4291                     /*FALLTHROUGH*/
4292           case FINISH_TXMAPS_CREATE:
4293                     for (pri = 0; pri < RTW_NTXPRI; pri++) {
4294                               rtw_txdesc_dmamaps_destroy(sc->sc_dmat,
4295                                   sc->sc_txsoft_blk[pri].tsb_desc,
4296                                   sc->sc_txsoft_blk[pri].tsb_ndesc);
4297                     }
4298                     /*FALLTHROUGH*/
4299           case FINISH_TXDESCBLK_SETUP:
4300           case FINISH_TXCTLBLK_SETUP:
4301                     rtw_txsoft_blk_cleanup_all(sc);
4302                     /*FALLTHROUGH*/
4303           case FINISH_DESCMAP_LOAD:
4304                     bus_dmamap_unload(sc->sc_dmat, sc->sc_desc_dmamap);
4305                     /*FALLTHROUGH*/
4306           case FINISH_DESCMAP_CREATE:
4307                     bus_dmamap_destroy(sc->sc_dmat, sc->sc_desc_dmamap);
4308                     /*FALLTHROUGH*/
4309           case FINISH_DESC_MAP:
4310                     bus_dmamem_unmap(sc->sc_dmat, (void *)sc->sc_descs,
4311                         sizeof(struct rtw_descs));
4312                     /*FALLTHROUGH*/
4313           case FINISH_DESC_ALLOC:
4314                     bus_dmamem_free(sc->sc_dmat, &sc->sc_desc_segs,
4315                         sc->sc_desc_nsegs);
4316                     /*FALLTHROUGH*/
4317           case DETACHED:
4318                     if (sc->sc_soft_ih != NULL) {
4319                               softint_disestablish(sc->sc_soft_ih);
4320                               sc->sc_soft_ih = NULL;
4321                     }
4322                     NEXT_ATTACH_STATE(sc, DETACHED);
4323                     break;
4324           }
4325           splx(s);
4326           return 0;
4327 }
4328