2 * Copyright (c) 1997, 1998, 1999
3 * Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by Bill Paul.
16 * 4. Neither the name of the author nor the names of any co-contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
30 * THE POSSIBILITY OF SUCH DAMAGE.
36 * Lucent WaveLAN/IEEE 802.11 PCMCIA driver for FreeBSD.
38 * Written by Bill Paul <wpaul@ctr.columbia.edu>
39 * Electrical Engineering Department
40 * Columbia University, New York City
44 * The WaveLAN/IEEE adapter is the second generation of the WaveLAN
45 * from Lucent. Unlike the older cards, the new ones are programmed
46 * entirely via a firmware-driven controller called the Hermes.
47 * Unfortunately, Lucent will not release the Hermes programming manual
48 * without an NDA (if at all). What they do release is an API library
49 * called the HCF (Hardware Control Functions) which is supposed to
50 * do the device-specific operations of a device driver for you. The
51 * publically available version of the HCF library (the 'HCF Light') is
52 * a) extremely gross, b) lacks certain features, particularly support
53 * for 802.11 frames, and c) is contaminated by the GNU Public License.
55 * This driver does not use the HCF or HCF Light at all. Instead, it
56 * programs the Hermes controller directly, using information gleaned
57 * from the HCF Light code and corresponding documentation.
59 * This driver supports both the PCMCIA and ISA versions of the
60 * WaveLAN/IEEE cards. Note however that the ISA card isn't really
61 * anything of the sort: it's actually a PCMCIA bridge adapter
62 * that fits into an ISA slot, into which a PCMCIA WaveLAN card is
63 * inserted. Consequently, you need to use the pccard support for
64 * both the ISA and PCMCIA adapters.
67 #define WI_HERMES_AUTOINC_WAR /* Work around data write autoinc bug. */
68 #define WI_HERMES_STATS_WAR /* Work around stats counter bug. */
69 #define WICACHE /* turn on signal strength cache code */
71 #include <sys/param.h>
72 #include <sys/systm.h>
73 #include <sys/sockio.h>
75 #include <sys/malloc.h>
76 #include <sys/kernel.h>
77 #include <sys/socket.h>
78 #include <sys/module.h>
80 #include <sys/syslog.h>
81 #include <sys/sysctl.h>
83 #include <machine/bus.h>
84 #include <machine/resource.h>
85 #include <machine/clock.h>
86 #include <machine/md_var.h>
87 #include <machine/bus_pio.h>
91 #include <net/if_arp.h>
92 #include <net/ethernet.h>
93 #include <net/if_dl.h>
94 #include <net/if_media.h>
95 #include <net/if_types.h>
97 #include <netinet/in.h>
98 #include <netinet/in_systm.h>
99 #include <netinet/in_var.h>
100 #include <netinet/ip.h>
101 #include <netinet/if_ether.h>
105 #include <machine/if_wavelan_ieee.h>
106 #include <i386/isa/if_wireg.h>
109 static const char rcsid[] =
114 static u_int8_t wi_mcast_addr[6] = { 0x01, 0x60, 0x1D, 0x00, 0x01, 0x00 };
117 static void wi_intr __P((void *));
118 static void wi_reset __P((struct wi_softc *));
119 static int wi_ioctl __P((struct ifnet *, u_long, caddr_t));
120 static void wi_init __P((void *));
121 static void wi_start __P((struct ifnet *));
122 static void wi_stop __P((struct wi_softc *));
123 static void wi_watchdog __P((struct ifnet *));
124 static void wi_rxeof __P((struct wi_softc *));
125 static void wi_txeof __P((struct wi_softc *, int));
126 static void wi_update_stats __P((struct wi_softc *));
127 static void wi_setmulti __P((struct wi_softc *));
129 static int wi_cmd __P((struct wi_softc *, int, int));
130 static int wi_read_record __P((struct wi_softc *, struct wi_ltv_gen *));
131 static int wi_write_record __P((struct wi_softc *, struct wi_ltv_gen *));
132 static int wi_read_data __P((struct wi_softc *, int,
134 static int wi_write_data __P((struct wi_softc *, int,
136 static int wi_seek __P((struct wi_softc *, int, int, int));
137 static int wi_alloc_nicmem __P((struct wi_softc *, int, int *));
138 static void wi_inquire __P((void *));
139 static void wi_setdef __P((struct wi_softc *, struct wi_req *));
140 static int wi_mgmt_xmit __P((struct wi_softc *, caddr_t, int));
144 void wi_cache_store __P((struct wi_softc *, struct ether_header *,
145 struct mbuf *, unsigned short));
148 static int wi_pccard_probe __P((device_t));
149 static int wi_pccard_attach __P((device_t));
150 static int wi_pccard_detach __P((device_t));
151 static void wi_shutdown __P((device_t));
153 static int wi_alloc __P((device_t));
154 static void wi_free __P((device_t));
156 static device_method_t wi_pccard_methods[] = {
157 /* Device interface */
158 DEVMETHOD(device_probe, wi_pccard_probe),
159 DEVMETHOD(device_attach, wi_pccard_attach),
160 DEVMETHOD(device_detach, wi_pccard_detach),
161 DEVMETHOD(device_shutdown, wi_shutdown),
166 static driver_t wi_pccard_driver = {
169 sizeof(struct wi_softc)
172 static devclass_t wi_pccard_devclass;
174 DRIVER_MODULE(if_wi, pccard, wi_pccard_driver, wi_pccard_devclass, 0, 0);
176 static int wi_pccard_probe(dev)
182 sc = device_get_softc(dev);
185 error = wi_alloc(dev);
189 device_set_desc(dev, "WaveLAN/IEEE 802.11");
192 /* Make sure interrupts are disabled. */
193 CSR_WRITE_2(sc, WI_INT_EN, 0);
194 CSR_WRITE_2(sc, WI_EVENT_ACK, 0xFFFF);
199 static int wi_pccard_detach(dev)
208 sc = device_get_softc(dev);
209 ifp = &sc->arpcom.ac_if;
212 device_printf(dev, "already unloaded\n");
220 bus_teardown_intr(dev, sc->irq, sc->wi_intrhand);
225 device_printf(dev, "unload\n");
230 static int wi_pccard_attach(device_t dev)
233 struct wi_ltv_macaddr mac;
234 struct wi_ltv_gen gen;
238 sc = device_get_softc(dev);
239 ifp = &sc->arpcom.ac_if;
241 error = wi_alloc(dev);
243 device_printf(dev, "wi_alloc() failed! (%d)\n", error);
247 error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET,
248 wi_intr, sc, &sc->wi_intrhand);
251 device_printf(dev, "bus_setup_intr() failed! (%d)\n", error);
259 /* Read the station address. */
260 mac.wi_type = WI_RID_MAC_NODE;
262 wi_read_record(sc, (struct wi_ltv_gen *)&mac);
263 bcopy((char *)&mac.wi_mac_addr,
264 (char *)&sc->arpcom.ac_enaddr, ETHER_ADDR_LEN);
266 device_printf(dev, "Ethernet address: %6D\n",
267 sc->arpcom.ac_enaddr, ":");
270 ifp->if_unit = sc->wi_unit;
272 ifp->if_mtu = ETHERMTU;
273 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
274 ifp->if_ioctl = wi_ioctl;
275 ifp->if_output = ether_output;
276 ifp->if_start = wi_start;
277 ifp->if_watchdog = wi_watchdog;
278 ifp->if_init = wi_init;
279 ifp->if_baudrate = 10000000;
280 ifp->if_snd.ifq_maxlen = IFQ_MAXLEN;
282 bzero(sc->wi_node_name, sizeof(sc->wi_node_name));
283 bcopy(WI_DEFAULT_NODENAME, sc->wi_node_name,
284 sizeof(WI_DEFAULT_NODENAME) - 1);
286 bzero(sc->wi_net_name, sizeof(sc->wi_net_name));
287 bcopy(WI_DEFAULT_NETNAME, sc->wi_net_name,
288 sizeof(WI_DEFAULT_NETNAME) - 1);
290 bzero(sc->wi_ibss_name, sizeof(sc->wi_ibss_name));
291 bcopy(WI_DEFAULT_IBSS, sc->wi_ibss_name,
292 sizeof(WI_DEFAULT_IBSS) - 1);
294 sc->wi_portnum = WI_DEFAULT_PORT;
295 sc->wi_ptype = WI_PORTTYPE_ADHOC;
296 sc->wi_ap_density = WI_DEFAULT_AP_DENSITY;
297 sc->wi_rts_thresh = WI_DEFAULT_RTS_THRESH;
298 sc->wi_tx_rate = WI_DEFAULT_TX_RATE;
299 sc->wi_max_data_len = WI_DEFAULT_DATALEN;
300 sc->wi_create_ibss = WI_DEFAULT_CREATE_IBSS;
301 sc->wi_pm_enabled = WI_DEFAULT_PM_ENABLED;
302 sc->wi_max_sleep = WI_DEFAULT_MAX_SLEEP;
305 * Read the default channel from the NIC. This may vary
306 * depending on the country where the NIC was purchased, so
307 * we can't hard-code a default and expect it to work for
310 gen.wi_type = WI_RID_OWN_CHNL;
312 wi_read_record(sc, &gen);
313 sc->wi_channel = gen.wi_val;
316 * Find out if we support WEP on this card.
318 gen.wi_type = WI_RID_WEP_AVAIL;
320 wi_read_record(sc, &gen);
321 sc->wi_has_wep = gen.wi_val;
323 bzero((char *)&sc->wi_stats, sizeof(sc->wi_stats));
329 * Call MI attach routines.
333 callout_handle_init(&sc->wi_stat_ch);
334 bpfattach(ifp, DLT_EN10MB, sizeof(struct ether_header));
339 static void wi_rxeof(sc)
343 struct ether_header *eh;
344 struct wi_frame rx_frame;
348 ifp = &sc->arpcom.ac_if;
350 id = CSR_READ_2(sc, WI_RX_FID);
352 /* First read in the frame header */
353 if (wi_read_data(sc, id, 0, (caddr_t)&rx_frame, sizeof(rx_frame))) {
358 if (rx_frame.wi_status & WI_STAT_ERRSTAT) {
363 MGETHDR(m, M_DONTWAIT, MT_DATA);
368 MCLGET(m, M_DONTWAIT);
369 if (!(m->m_flags & M_EXT)) {
375 eh = mtod(m, struct ether_header *);
376 m->m_pkthdr.rcvif = ifp;
378 if (rx_frame.wi_status == WI_STAT_1042 ||
379 rx_frame.wi_status == WI_STAT_TUNNEL ||
380 rx_frame.wi_status == WI_STAT_WMP_MSG) {
381 if((rx_frame.wi_dat_len + WI_SNAPHDR_LEN) > MCLBYTES) {
382 device_printf(sc->dev, "oversized packet received "
383 "(wi_dat_len=%d, wi_status=0x%x)\n",
384 rx_frame.wi_dat_len, rx_frame.wi_status);
389 m->m_pkthdr.len = m->m_len =
390 rx_frame.wi_dat_len + WI_SNAPHDR_LEN;
392 bcopy((char *)&rx_frame.wi_addr1,
393 (char *)&eh->ether_dhost, ETHER_ADDR_LEN);
394 if (sc->wi_ptype == WI_PORTTYPE_ADHOC) {
395 bcopy((char *)&rx_frame.wi_addr2,
396 (char *)&eh->ether_shost, ETHER_ADDR_LEN);
398 bcopy((char *)&rx_frame.wi_addr3,
399 (char *)&eh->ether_shost, ETHER_ADDR_LEN);
401 bcopy((char *)&rx_frame.wi_type,
402 (char *)&eh->ether_type, sizeof(u_int16_t));
404 if (wi_read_data(sc, id, WI_802_11_OFFSET,
405 mtod(m, caddr_t) + sizeof(struct ether_header),
412 if((rx_frame.wi_dat_len +
413 sizeof(struct ether_header)) > MCLBYTES) {
414 device_printf(sc->dev, "oversized packet received "
415 "(wi_dat_len=%d, wi_status=0x%x)\n",
416 rx_frame.wi_dat_len, rx_frame.wi_status);
421 m->m_pkthdr.len = m->m_len =
422 rx_frame.wi_dat_len + sizeof(struct ether_header);
424 if (wi_read_data(sc, id, WI_802_3_OFFSET,
425 mtod(m, caddr_t), m->m_len + 2)) {
434 /* Handle BPF listeners. */
437 if (ifp->if_flags & IFF_PROMISC &&
438 (bcmp(eh->ether_dhost, sc->arpcom.ac_enaddr,
439 ETHER_ADDR_LEN) && (eh->ether_dhost[0] & 1) == 0)) {
445 /* Receive packet. */
446 m_adj(m, sizeof(struct ether_header));
448 wi_cache_store(sc, eh, m, rx_frame.wi_q_info);
450 ether_input(ifp, eh, m);
455 static void wi_txeof(sc, status)
461 ifp = &sc->arpcom.ac_if;
464 ifp->if_flags &= ~IFF_OACTIVE;
466 if (status & WI_EV_TX_EXC)
481 ifp = &sc->arpcom.ac_if;
483 sc->wi_stat_ch = timeout(wi_inquire, sc, hz * 60);
485 /* Don't do this while we're transmitting */
486 if (ifp->if_flags & IFF_OACTIVE)
489 wi_cmd(sc, WI_CMD_INQUIRE, WI_INFO_COUNTERS);
494 void wi_update_stats(sc)
497 struct wi_ltv_gen gen;
504 ifp = &sc->arpcom.ac_if;
506 id = CSR_READ_2(sc, WI_INFO_FID);
508 wi_read_data(sc, id, 0, (char *)&gen, 4);
510 if (gen.wi_type != WI_INFO_COUNTERS ||
511 gen.wi_len > (sizeof(sc->wi_stats) / 4) + 1)
514 ptr = (u_int32_t *)&sc->wi_stats;
516 for (i = 0; i < gen.wi_len - 1; i++) {
517 t = CSR_READ_2(sc, WI_DATA1);
518 #ifdef WI_HERMES_STATS_WAR
525 ifp->if_collisions = sc->wi_stats.wi_tx_single_retries +
526 sc->wi_stats.wi_tx_multi_retries +
527 sc->wi_stats.wi_tx_retry_limit;
532 static void wi_intr(xsc)
535 struct wi_softc *sc = xsc;
539 ifp = &sc->arpcom.ac_if;
541 if (!(ifp->if_flags & IFF_UP)) {
542 CSR_WRITE_2(sc, WI_EVENT_ACK, 0xFFFF);
543 CSR_WRITE_2(sc, WI_INT_EN, 0);
547 /* Disable interrupts. */
548 CSR_WRITE_2(sc, WI_INT_EN, 0);
550 status = CSR_READ_2(sc, WI_EVENT_STAT);
551 CSR_WRITE_2(sc, WI_EVENT_ACK, ~WI_INTRS);
553 if (status & WI_EV_RX) {
555 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_RX);
558 if (status & WI_EV_TX) {
559 wi_txeof(sc, status);
560 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_TX);
563 if (status & WI_EV_ALLOC) {
565 id = CSR_READ_2(sc, WI_ALLOC_FID);
566 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_ALLOC);
567 if (id == sc->wi_tx_data_id)
568 wi_txeof(sc, status);
571 if (status & WI_EV_INFO) {
573 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_INFO);
576 if (status & WI_EV_TX_EXC) {
577 wi_txeof(sc, status);
578 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_TX_EXC);
581 if (status & WI_EV_INFO_DROP) {
582 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_INFO_DROP);
585 /* Re-enable interrupts. */
586 CSR_WRITE_2(sc, WI_INT_EN, WI_INTRS);
588 if (ifp->if_snd.ifq_head != NULL)
594 static int wi_cmd(sc, cmd, val)
601 CSR_WRITE_2(sc, WI_PARAM0, val);
602 CSR_WRITE_2(sc, WI_COMMAND, cmd);
604 for (i = 0; i < WI_TIMEOUT; i++) {
606 * Wait for 'command complete' bit to be
607 * set in the event status register.
609 s = CSR_READ_2(sc, WI_EVENT_STAT) & WI_EV_CMD;
611 /* Ack the event and read result code. */
612 s = CSR_READ_2(sc, WI_STATUS);
613 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_CMD);
615 if ((s & WI_CMD_CODE_MASK) != (cmd & WI_CMD_CODE_MASK))
618 if (s & WI_STAT_CMD_RESULT)
630 static void wi_reset(sc)
633 wi_cmd(sc, WI_CMD_INI, 0);
635 wi_cmd(sc, WI_CMD_INI, 0);
638 if (wi_cmd(sc, WI_CMD_INI, 0))
639 device_printf(sc->dev, "init failed\n");
640 CSR_WRITE_2(sc, WI_INT_EN, 0);
641 CSR_WRITE_2(sc, WI_EVENT_ACK, 0xFFFF);
643 /* Calibrate timer. */
644 WI_SETVAL(WI_RID_TICK_TIME, 8);
650 * Read an LTV record from the NIC.
652 static int wi_read_record(sc, ltv)
654 struct wi_ltv_gen *ltv;
659 /* Tell the NIC to enter record read mode. */
660 if (wi_cmd(sc, WI_CMD_ACCESS|WI_ACCESS_READ, ltv->wi_type))
663 /* Seek to the record. */
664 if (wi_seek(sc, ltv->wi_type, 0, WI_BAP1))
668 * Read the length and record type and make sure they
669 * match what we expect (this verifies that we have enough
670 * room to hold all of the returned data).
672 len = CSR_READ_2(sc, WI_DATA1);
673 if (len > ltv->wi_len)
675 code = CSR_READ_2(sc, WI_DATA1);
676 if (code != ltv->wi_type)
682 /* Now read the data. */
684 for (i = 0; i < ltv->wi_len - 1; i++)
685 ptr[i] = CSR_READ_2(sc, WI_DATA1);
691 * Same as read, except we inject data instead of reading it.
693 static int wi_write_record(sc, ltv)
695 struct wi_ltv_gen *ltv;
700 if (wi_seek(sc, ltv->wi_type, 0, WI_BAP1))
703 CSR_WRITE_2(sc, WI_DATA1, ltv->wi_len);
704 CSR_WRITE_2(sc, WI_DATA1, ltv->wi_type);
707 for (i = 0; i < ltv->wi_len - 1; i++)
708 CSR_WRITE_2(sc, WI_DATA1, ptr[i]);
710 if (wi_cmd(sc, WI_CMD_ACCESS|WI_ACCESS_WRITE, ltv->wi_type))
716 static int wi_seek(sc, id, off, chan)
733 device_printf(sc->dev, "invalid data path: %x\n", chan);
737 CSR_WRITE_2(sc, selreg, id);
738 CSR_WRITE_2(sc, offreg, off);
740 for (i = 0; i < WI_TIMEOUT; i++) {
741 if (!(CSR_READ_2(sc, offreg) & (WI_OFF_BUSY|WI_OFF_ERR)))
751 static int wi_read_data(sc, id, off, buf, len)
760 if (wi_seek(sc, id, off, WI_BAP1))
763 ptr = (u_int16_t *)buf;
764 for (i = 0; i < len / 2; i++)
765 ptr[i] = CSR_READ_2(sc, WI_DATA1);
771 * According to the comments in the HCF Light code, there is a bug in
772 * the Hermes (or possibly in certain Hermes firmware revisions) where
773 * the chip's internal autoincrement counter gets thrown off during
774 * data writes: the autoincrement is missed, causing one data word to
775 * be overwritten and subsequent words to be written to the wrong memory
776 * locations. The end result is that we could end up transmitting bogus
777 * frames without realizing it. The workaround for this is to write a
778 * couple of extra guard words after the end of the transfer, then
779 * attempt to read then back. If we fail to locate the guard words where
780 * we expect them, we preform the transfer over again.
782 static int wi_write_data(sc, id, off, buf, len)
791 #ifdef WI_HERMES_AUTOINC_WAR
795 if (wi_seek(sc, id, off, WI_BAP0))
798 ptr = (u_int16_t *)buf;
799 for (i = 0; i < (len / 2); i++)
800 CSR_WRITE_2(sc, WI_DATA0, ptr[i]);
802 #ifdef WI_HERMES_AUTOINC_WAR
803 CSR_WRITE_2(sc, WI_DATA0, 0x1234);
804 CSR_WRITE_2(sc, WI_DATA0, 0x5678);
806 if (wi_seek(sc, id, off + len, WI_BAP0))
809 if (CSR_READ_2(sc, WI_DATA0) != 0x1234 ||
810 CSR_READ_2(sc, WI_DATA0) != 0x5678)
818 * Allocate a region of memory inside the NIC and zero
821 static int wi_alloc_nicmem(sc, len, id)
828 if (wi_cmd(sc, WI_CMD_ALLOC_MEM, len)) {
829 device_printf(sc->dev, "failed to allocate %d bytes on NIC\n", len);
833 for (i = 0; i < WI_TIMEOUT; i++) {
834 if (CSR_READ_2(sc, WI_EVENT_STAT) & WI_EV_ALLOC)
841 CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_ALLOC);
842 *id = CSR_READ_2(sc, WI_ALLOC_FID);
844 if (wi_seek(sc, *id, 0, WI_BAP0))
847 for (i = 0; i < len / 2; i++)
848 CSR_WRITE_2(sc, WI_DATA0, 0);
853 static void wi_setmulti(sc)
858 struct ifmultiaddr *ifma;
859 struct wi_ltv_mcast mcast;
861 ifp = &sc->arpcom.ac_if;
863 bzero((char *)&mcast, sizeof(mcast));
865 mcast.wi_type = WI_RID_MCAST;
866 mcast.wi_len = (3 * 16) + 1;
868 if (ifp->if_flags & IFF_ALLMULTI || ifp->if_flags & IFF_PROMISC) {
869 wi_write_record(sc, (struct wi_ltv_gen *)&mcast);
873 for (ifma = ifp->if_multiaddrs.lh_first; ifma != NULL;
874 ifma = ifma->ifma_link.le_next) {
875 if (ifma->ifma_addr->sa_family != AF_LINK)
878 bcopy(LLADDR((struct sockaddr_dl *)ifma->ifma_addr),
879 (char *)&mcast.wi_mcast[i], ETHER_ADDR_LEN);
882 bzero((char *)&mcast, sizeof(mcast));
887 mcast.wi_len = (i * 3) + 1;
888 wi_write_record(sc, (struct wi_ltv_gen *)&mcast);
893 static void wi_setdef(sc, wreq)
897 struct sockaddr_dl *sdl;
901 ifp = &sc->arpcom.ac_if;
903 switch(wreq->wi_type) {
904 case WI_RID_MAC_NODE:
905 ifa = ifnet_addrs[ifp->if_index - 1];
906 sdl = (struct sockaddr_dl *)ifa->ifa_addr;
907 bcopy((char *)&wreq->wi_val, (char *)&sc->arpcom.ac_enaddr,
909 bcopy((char *)&wreq->wi_val, LLADDR(sdl), ETHER_ADDR_LEN);
911 case WI_RID_PORTTYPE:
912 sc->wi_ptype = wreq->wi_val[0];
915 sc->wi_tx_rate = wreq->wi_val[0];
917 case WI_RID_MAX_DATALEN:
918 sc->wi_max_data_len = wreq->wi_val[0];
920 case WI_RID_RTS_THRESH:
921 sc->wi_rts_thresh = wreq->wi_val[0];
923 case WI_RID_SYSTEM_SCALE:
924 sc->wi_ap_density = wreq->wi_val[0];
926 case WI_RID_CREATE_IBSS:
927 sc->wi_create_ibss = wreq->wi_val[0];
929 case WI_RID_OWN_CHNL:
930 sc->wi_channel = wreq->wi_val[0];
932 case WI_RID_NODENAME:
933 bzero(sc->wi_node_name, sizeof(sc->wi_node_name));
934 bcopy((char *)&wreq->wi_val[1], sc->wi_node_name, 30);
936 case WI_RID_DESIRED_SSID:
937 bzero(sc->wi_net_name, sizeof(sc->wi_net_name));
938 bcopy((char *)&wreq->wi_val[1], sc->wi_net_name, 30);
940 case WI_RID_OWN_SSID:
941 bzero(sc->wi_ibss_name, sizeof(sc->wi_ibss_name));
942 bcopy((char *)&wreq->wi_val[1], sc->wi_ibss_name, 30);
944 case WI_RID_PM_ENABLED:
945 sc->wi_pm_enabled = wreq->wi_val[0];
947 case WI_RID_MAX_SLEEP:
948 sc->wi_max_sleep = wreq->wi_val[0];
950 case WI_RID_ENCRYPTION:
951 sc->wi_use_wep = wreq->wi_val[0];
953 case WI_RID_TX_CRYPT_KEY:
954 sc->wi_tx_key = wreq->wi_val[0];
956 case WI_RID_DEFLT_CRYPT_KEYS:
957 bcopy((char *)wreq, (char *)&sc->wi_keys,
958 sizeof(struct wi_ltv_keys));
964 /* Reinitialize WaveLAN. */
970 static int wi_ioctl(ifp, command, data)
983 ifr = (struct ifreq *)data;
992 error = ether_ioctl(ifp, command, data);
995 if (ifp->if_flags & IFF_UP) {
996 if (ifp->if_flags & IFF_RUNNING &&
997 ifp->if_flags & IFF_PROMISC &&
998 !(sc->wi_if_flags & IFF_PROMISC)) {
999 WI_SETVAL(WI_RID_PROMISC, 1);
1000 } else if (ifp->if_flags & IFF_RUNNING &&
1001 !(ifp->if_flags & IFF_PROMISC) &&
1002 sc->wi_if_flags & IFF_PROMISC) {
1003 WI_SETVAL(WI_RID_PROMISC, 0);
1007 if (ifp->if_flags & IFF_RUNNING) {
1011 sc->wi_if_flags = ifp->if_flags;
1020 error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
1023 if (wreq.wi_type == WI_RID_IFACE_STATS) {
1024 bcopy((char *)&sc->wi_stats, (char *)&wreq.wi_val,
1025 sizeof(sc->wi_stats));
1026 wreq.wi_len = (sizeof(sc->wi_stats) / 2) + 1;
1027 } else if (wreq.wi_type == WI_RID_DEFLT_CRYPT_KEYS) {
1028 bcopy((char *)&sc->wi_keys, (char *)&wreq,
1029 sizeof(struct wi_ltv_keys));
1032 else if (wreq.wi_type == WI_RID_ZERO_CACHE) {
1033 sc->wi_sigitems = sc->wi_nextitem = 0;
1034 } else if (wreq.wi_type == WI_RID_READ_CACHE) {
1035 char *pt = (char *)&wreq.wi_val;
1036 bcopy((char *)&sc->wi_sigitems,
1037 (char *)pt, sizeof(int));
1038 pt += (sizeof (int));
1039 wreq.wi_len = sizeof(int) / 2;
1040 bcopy((char *)&sc->wi_sigcache, (char *)pt,
1041 sizeof(struct wi_sigcache) * sc->wi_sigitems);
1042 wreq.wi_len += ((sizeof(struct wi_sigcache) *
1043 sc->wi_sigitems) / 2) + 1;
1047 if (wi_read_record(sc, (struct wi_ltv_gen *)&wreq)) {
1052 error = copyout(&wreq, ifr->ifr_data, sizeof(wreq));
1055 error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
1058 if (wreq.wi_type == WI_RID_IFACE_STATS) {
1061 } else if (wreq.wi_type == WI_RID_MGMT_XMIT) {
1062 error = wi_mgmt_xmit(sc, (caddr_t)&wreq.wi_val,
1065 error = wi_write_record(sc, (struct wi_ltv_gen *)&wreq);
1067 wi_setdef(sc, &wreq);
1080 static void wi_init(xsc)
1083 struct wi_softc *sc = xsc;
1084 struct ifnet *ifp = &sc->arpcom.ac_if;
1086 struct wi_ltv_macaddr mac;
1094 if (ifp->if_flags & IFF_RUNNING)
1099 /* Program max data length. */
1100 WI_SETVAL(WI_RID_MAX_DATALEN, sc->wi_max_data_len);
1102 /* Enable/disable IBSS creation. */
1103 WI_SETVAL(WI_RID_CREATE_IBSS, sc->wi_create_ibss);
1105 /* Set the port type. */
1106 WI_SETVAL(WI_RID_PORTTYPE, sc->wi_ptype);
1108 /* Program the RTS/CTS threshold. */
1109 WI_SETVAL(WI_RID_RTS_THRESH, sc->wi_rts_thresh);
1111 /* Program the TX rate */
1112 WI_SETVAL(WI_RID_TX_RATE, sc->wi_tx_rate);
1114 /* Access point density */
1115 WI_SETVAL(WI_RID_SYSTEM_SCALE, sc->wi_ap_density);
1117 /* Power Management Enabled */
1118 WI_SETVAL(WI_RID_PM_ENABLED, sc->wi_pm_enabled);
1120 /* Power Managment Max Sleep */
1121 WI_SETVAL(WI_RID_MAX_SLEEP, sc->wi_max_sleep);
1123 /* Specify the IBSS name */
1124 WI_SETSTR(WI_RID_OWN_SSID, sc->wi_ibss_name);
1126 /* Specify the network name */
1127 WI_SETSTR(WI_RID_DESIRED_SSID, sc->wi_net_name);
1129 /* Specify the frequency to use */
1130 WI_SETVAL(WI_RID_OWN_CHNL, sc->wi_channel);
1132 /* Program the nodename. */
1133 WI_SETSTR(WI_RID_NODENAME, sc->wi_node_name);
1135 /* Set our MAC address. */
1137 mac.wi_type = WI_RID_MAC_NODE;
1138 bcopy((char *)&sc->arpcom.ac_enaddr,
1139 (char *)&mac.wi_mac_addr, ETHER_ADDR_LEN);
1140 wi_write_record(sc, (struct wi_ltv_gen *)&mac);
1142 /* Configure WEP. */
1143 if (sc->wi_has_wep) {
1144 WI_SETVAL(WI_RID_ENCRYPTION, sc->wi_use_wep);
1145 WI_SETVAL(WI_RID_TX_CRYPT_KEY, sc->wi_tx_key);
1146 sc->wi_keys.wi_len = (sizeof(struct wi_ltv_keys) / 2) + 1;
1147 sc->wi_keys.wi_type = WI_RID_DEFLT_CRYPT_KEYS;
1148 wi_write_record(sc, (struct wi_ltv_gen *)&sc->wi_keys);
1151 /* Initialize promisc mode. */
1152 if (ifp->if_flags & IFF_PROMISC) {
1153 WI_SETVAL(WI_RID_PROMISC, 1);
1155 WI_SETVAL(WI_RID_PROMISC, 0);
1158 /* Set multicast filter. */
1161 /* Enable desired port */
1162 wi_cmd(sc, WI_CMD_ENABLE|sc->wi_portnum, 0);
1164 if (wi_alloc_nicmem(sc, 1518 + sizeof(struct wi_frame) + 8, &id))
1165 device_printf(sc->dev, "tx buffer allocation failed\n");
1166 sc->wi_tx_data_id = id;
1168 if (wi_alloc_nicmem(sc, 1518 + sizeof(struct wi_frame) + 8, &id))
1169 device_printf(sc->dev, "mgmt. buffer allocation failed\n");
1170 sc->wi_tx_mgmt_id = id;
1172 /* enable interrupts */
1173 CSR_WRITE_2(sc, WI_INT_EN, WI_INTRS);
1177 ifp->if_flags |= IFF_RUNNING;
1178 ifp->if_flags &= ~IFF_OACTIVE;
1180 sc->wi_stat_ch = timeout(wi_inquire, sc, hz * 60);
1185 static void wi_start(ifp)
1188 struct wi_softc *sc;
1190 struct wi_frame tx_frame;
1191 struct ether_header *eh;
1199 if (ifp->if_flags & IFF_OACTIVE)
1202 IF_DEQUEUE(&ifp->if_snd, m0);
1206 bzero((char *)&tx_frame, sizeof(tx_frame));
1207 id = sc->wi_tx_data_id;
1208 eh = mtod(m0, struct ether_header *);
1211 * Use RFC1042 encoding for IP and ARP datagrams,
1212 * 802.3 for anything else.
1214 if (ntohs(eh->ether_type) > 1518) {
1215 bcopy((char *)&eh->ether_dhost,
1216 (char *)&tx_frame.wi_addr1, ETHER_ADDR_LEN);
1217 bcopy((char *)&eh->ether_shost,
1218 (char *)&tx_frame.wi_addr2, ETHER_ADDR_LEN);
1219 bcopy((char *)&eh->ether_dhost,
1220 (char *)&tx_frame.wi_dst_addr, ETHER_ADDR_LEN);
1221 bcopy((char *)&eh->ether_shost,
1222 (char *)&tx_frame.wi_src_addr, ETHER_ADDR_LEN);
1224 tx_frame.wi_dat_len = m0->m_pkthdr.len - WI_SNAPHDR_LEN;
1225 tx_frame.wi_frame_ctl = WI_FTYPE_DATA;
1226 tx_frame.wi_dat[0] = htons(WI_SNAP_WORD0);
1227 tx_frame.wi_dat[1] = htons(WI_SNAP_WORD1);
1228 tx_frame.wi_len = htons(m0->m_pkthdr.len - WI_SNAPHDR_LEN);
1229 tx_frame.wi_type = eh->ether_type;
1231 m_copydata(m0, sizeof(struct ether_header),
1232 m0->m_pkthdr.len - sizeof(struct ether_header),
1233 (caddr_t)&sc->wi_txbuf);
1235 wi_write_data(sc, id, 0, (caddr_t)&tx_frame,
1236 sizeof(struct wi_frame));
1237 wi_write_data(sc, id, WI_802_11_OFFSET, (caddr_t)&sc->wi_txbuf,
1238 (m0->m_pkthdr.len - sizeof(struct ether_header)) + 2);
1240 tx_frame.wi_dat_len = m0->m_pkthdr.len;
1242 eh->ether_type = htons(m0->m_pkthdr.len - WI_SNAPHDR_LEN);
1243 m_copydata(m0, 0, m0->m_pkthdr.len, (caddr_t)&sc->wi_txbuf);
1245 wi_write_data(sc, id, 0, (caddr_t)&tx_frame,
1246 sizeof(struct wi_frame));
1247 wi_write_data(sc, id, WI_802_3_OFFSET, (caddr_t)&sc->wi_txbuf,
1248 m0->m_pkthdr.len + 2);
1252 * If there's a BPF listner, bounce a copy of
1253 * this frame to him.
1260 if (wi_cmd(sc, WI_CMD_TX|WI_RECLAIM, id))
1261 device_printf(sc->dev, "xmit failed\n");
1263 ifp->if_flags |= IFF_OACTIVE;
1266 * Set a timeout in case the chip goes out to lunch.
1273 static int wi_mgmt_xmit(sc, data, len)
1274 struct wi_softc *sc;
1278 struct wi_frame tx_frame;
1280 struct wi_80211_hdr *hdr;
1286 hdr = (struct wi_80211_hdr *)data;
1287 dptr = data + sizeof(struct wi_80211_hdr);
1289 bzero((char *)&tx_frame, sizeof(tx_frame));
1290 id = sc->wi_tx_mgmt_id;
1292 bcopy((char *)hdr, (char *)&tx_frame.wi_frame_ctl,
1293 sizeof(struct wi_80211_hdr));
1295 tx_frame.wi_dat_len = len - WI_SNAPHDR_LEN;
1296 tx_frame.wi_len = htons(len - WI_SNAPHDR_LEN);
1298 wi_write_data(sc, id, 0, (caddr_t)&tx_frame, sizeof(struct wi_frame));
1299 wi_write_data(sc, id, WI_802_11_OFFSET_RAW, dptr,
1300 (len - sizeof(struct wi_80211_hdr)) + 2);
1302 if (wi_cmd(sc, WI_CMD_TX|WI_RECLAIM, id)) {
1303 device_printf(sc->dev, "xmit failed\n");
1310 static void wi_stop(sc)
1311 struct wi_softc *sc;
1318 ifp = &sc->arpcom.ac_if;
1320 CSR_WRITE_2(sc, WI_INT_EN, 0);
1321 wi_cmd(sc, WI_CMD_DISABLE|sc->wi_portnum, 0);
1323 untimeout(wi_inquire, sc, sc->wi_stat_ch);
1325 ifp->if_flags &= ~(IFF_RUNNING|IFF_OACTIVE);
1330 static void wi_watchdog(ifp)
1333 struct wi_softc *sc;
1337 device_printf(sc->dev,"device timeout\n");
1346 static int wi_alloc(dev)
1349 struct wi_softc *sc = device_get_softc(dev);
1353 sc->iobase = bus_alloc_resource(dev, SYS_RES_IOPORT, &rid,
1354 0, ~0, 1, RF_ACTIVE);
1356 device_printf(dev, "No I/O space?!\n");
1361 sc->irq = bus_alloc_resource(dev, SYS_RES_IRQ, &rid,
1362 0, ~0, 1, RF_ACTIVE);
1364 device_printf(dev, "No irq?!\n");
1369 sc->wi_unit = device_get_unit(dev);
1370 sc->wi_io_addr = rman_get_start(sc->iobase);
1371 sc->wi_btag = rman_get_bustag(sc->iobase);
1372 sc->wi_bhandle = rman_get_bushandle(sc->iobase);
1377 static void wi_free(dev)
1380 struct wi_softc *sc = device_get_softc(dev);
1382 if (sc->iobase != NULL)
1383 bus_release_resource(dev, SYS_RES_IOPORT, 0, sc->iobase);
1384 if (sc->irq != NULL)
1385 bus_release_resource(dev, SYS_RES_IRQ, 0, sc->irq);
1390 static void wi_shutdown(dev)
1393 struct wi_softc *sc;
1395 sc = device_get_softc(dev);
1402 /* wavelan signal strength cache code.
1403 * store signal/noise/quality on per MAC src basis in
1404 * a small fixed cache. The cache wraps if > MAX slots
1405 * used. The cache may be zeroed out to start over.
1406 * Two simple filters exist to reduce computation:
1407 * 1. ip only (literally 0x800) which may be used
1408 * to ignore some packets. It defaults to ip only.
1409 * it could be used to focus on broadcast, non-IP 802.11 beacons.
1410 * 2. multicast/broadcast only. This may be used to
1411 * ignore unicast packets and only cache signal strength
1412 * for multicast/broadcast packets (beacons); e.g., Mobile-IP
1413 * beacons and not unicast traffic.
1415 * The cache stores (MAC src(index), IP src (major clue), signal,
1418 * No apologies for storing IP src here. It's easy and saves much
1419 * trouble elsewhere. The cache is assumed to be INET dependent,
1420 * although it need not be.
1423 #ifdef documentation
1425 int wi_sigitems; /* number of cached entries */
1426 struct wi_sigcache wi_sigcache[MAXWICACHE]; /* array of cache entries */
1427 int wi_nextitem; /* index/# of entries */
1432 /* control variables for cache filtering. Basic idea is
1433 * to reduce cost (e.g., to only Mobile-IP agent beacons
1434 * which are broadcast or multicast). Still you might
1435 * want to measure signal strength with unicast ping packets
1436 * on a pt. to pt. ant. setup.
1438 /* set true if you want to limit cache items to broadcast/mcast
1439 * only packets (not unicast). Useful for mobile-ip beacons which
1440 * are broadcast/multicast at network layer. Default is all packets
1441 * so ping/unicast will work say with pt. to pt. antennae setup.
1443 static int wi_cache_mcastonly = 0;
1444 SYSCTL_INT(_machdep, OID_AUTO, wi_cache_mcastonly, CTLFLAG_RW,
1445 &wi_cache_mcastonly, 0, "");
1447 /* set true if you want to limit cache items to IP packets only
1449 static int wi_cache_iponly = 1;
1450 SYSCTL_INT(_machdep, OID_AUTO, wi_cache_iponly, CTLFLAG_RW,
1451 &wi_cache_iponly, 0, "");
1454 * Original comments:
1456 * wi_cache_store, per rx packet store signal
1457 * strength in MAC (src) indexed cache.
1459 * follows linux driver in how signal strength is computed.
1460 * In ad hoc mode, we use the rx_quality field.
1461 * signal and noise are trimmed to fit in the range from 47..138.
1462 * rx_quality field MSB is signal strength.
1463 * rx_quality field LSB is noise.
1464 * "quality" is (signal - noise) as is log value.
1465 * note: quality CAN be negative.
1467 * In BSS mode, we use the RID for communication quality.
1468 * TBD: BSS mode is currently untested.
1472 * Actually, we use the rx_quality field all the time for both "ad-hoc"
1473 * and BSS modes. Why? Because reading an RID is really, really expensive:
1474 * there's a bunch of PIO operations that have to be done to read a record
1475 * from the NIC, and reading the comms quality RID each time a packet is
1476 * received can really hurt performance. We don't have to do this anyway:
1477 * the comms quality field only reflects the values in the rx_quality field
1478 * anyway. The comms quality RID is only meaningful in infrastructure mode,
1479 * but the values it contains are updated based on the rx_quality from
1480 * frames received from the access point.
1482 * Also, according to Lucent, the signal strength and noise level values
1483 * can be converted to dBms by subtracting 149, so I've modified the code
1484 * to do that instead of the scaling it did originally.
1487 void wi_cache_store (struct wi_softc *sc, struct ether_header *eh,
1488 struct mbuf *m, unsigned short rx_quality)
1492 static int cache_slot = 0; /* use this cache entry */
1493 static int wrapindex = 0; /* next "free" cache entry */
1499 * 2. configurable filter to throw out unicast packets,
1500 * keep multicast only.
1503 if ((ntohs(eh->ether_type) == 0x800)) {
1507 /* filter for ip packets only
1509 if (wi_cache_iponly && !sawip) {
1513 /* filter for broadcast/multicast only
1515 if (wi_cache_mcastonly && ((eh->ether_dhost[0] & 1) == 0)) {
1520 printf("wi%d: q value %x (MSB=0x%x, LSB=0x%x) \n", sc->wi_unit,
1521 rx_quality & 0xffff, rx_quality >> 8, rx_quality & 0xff);
1524 /* find the ip header. we want to store the ip_src
1528 ip = mtod(m, struct ip *);
1531 /* do a linear search for a matching MAC address
1532 * in the cache table
1533 * . MAC address is 6 bytes,
1534 * . var w_nextitem holds total number of entries already cached
1536 for(i = 0; i < sc->wi_nextitem; i++) {
1537 if (! bcmp(eh->ether_shost , sc->wi_sigcache[i].macsrc, 6 )) {
1539 * so we already have this entry,
1546 /* did we find a matching mac address?
1547 * if yes, then overwrite a previously existing cache entry
1549 if (i < sc->wi_nextitem ) {
1552 /* else, have a new address entry,so
1553 * add this new entry,
1554 * if table full, then we need to replace LRU entry
1558 /* check for space in cache table
1559 * note: wi_nextitem also holds number of entries
1560 * added in the cache table
1562 if ( sc->wi_nextitem < MAXWICACHE ) {
1563 cache_slot = sc->wi_nextitem;
1565 sc->wi_sigitems = sc->wi_nextitem;
1567 /* no space found, so simply wrap with wrap index
1568 * and "zap" the next entry
1571 if (wrapindex == MAXWICACHE) {
1574 cache_slot = wrapindex++;
1578 /* invariant: cache_slot now points at some slot
1581 if (cache_slot < 0 || cache_slot >= MAXWICACHE) {
1582 log(LOG_ERR, "wi_cache_store, bad index: %d of "
1583 "[0..%d], gross cache error\n",
1584 cache_slot, MAXWICACHE);
1588 /* store items in cache
1589 * .ip source address
1594 sc->wi_sigcache[cache_slot].ipsrc = ip->ip_src.s_addr;
1596 bcopy( eh->ether_shost, sc->wi_sigcache[cache_slot].macsrc, 6);
1598 sig = (rx_quality >> 8) & 0xFF;
1599 noise = rx_quality & 0xFF;
1600 sc->wi_sigcache[cache_slot].signal = sig - 149;
1601 sc->wi_sigcache[cache_slot].noise = noise - 149;
1602 sc->wi_sigcache[cache_slot].quality = sig - noise;