rt2661.c revision 170530
1/* $FreeBSD: head/sys/dev/ral/rt2661.c 170530 2007-06-11 03:36:55Z sam $ */ 2 3/*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20#include <sys/cdefs.h> 21__FBSDID("$FreeBSD: head/sys/dev/ral/rt2661.c 170530 2007-06-11 03:36:55Z sam $"); 22 23/*- 24 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 25 * http://www.ralinktech.com/ 26 */ 27 28#include <sys/param.h> 29#include <sys/sysctl.h> 30#include <sys/sockio.h> 31#include <sys/mbuf.h> 32#include <sys/kernel.h> 33#include <sys/socket.h> 34#include <sys/systm.h> 35#include <sys/malloc.h> 36#include <sys/lock.h> 37#include <sys/mutex.h> 38#include <sys/module.h> 39#include <sys/bus.h> 40#include <sys/endian.h> 41 42#include <machine/bus.h> 43#include <machine/resource.h> 44#include <sys/rman.h> 45 46#include <net/bpf.h> 47#include <net/if.h> 48#include <net/if_arp.h> 49#include <net/ethernet.h> 50#include <net/if_dl.h> 51#include <net/if_media.h> 52#include <net/if_types.h> 53 54#include <net80211/ieee80211_var.h> 55#include <net80211/ieee80211_radiotap.h> 56#include <net80211/ieee80211_regdomain.h> 57 58#include <netinet/in.h> 59#include <netinet/in_systm.h> 60#include <netinet/in_var.h> 61#include <netinet/ip.h> 62#include <netinet/if_ether.h> 63 64#include <dev/ral/if_ralrate.h> 65#include <dev/ral/rt2661reg.h> 66#include <dev/ral/rt2661var.h> 67#include <dev/ral/rt2661_ucode.h> 68 69#ifdef RAL_DEBUG 70#define DPRINTF(x) do { if (ral_debug > 0) printf x; } while (0) 71#define DPRINTFN(n, x) do { if (ral_debug >= (n)) printf x; } while (0) 72int ral_debug = 0; 73SYSCTL_INT(_debug, OID_AUTO, ral, CTLFLAG_RW, &ral_debug, 0, "ral debug level"); 74#else 75#define DPRINTF(x) 76#define DPRINTFN(n, x) 77#endif 78 79static void rt2661_dma_map_addr(void *, bus_dma_segment_t *, int, 80 int); 81static int rt2661_alloc_tx_ring(struct rt2661_softc *, 82 struct rt2661_tx_ring *, int); 83static void rt2661_reset_tx_ring(struct rt2661_softc *, 84 struct rt2661_tx_ring *); 85static void rt2661_free_tx_ring(struct rt2661_softc *, 86 struct rt2661_tx_ring *); 87static int rt2661_alloc_rx_ring(struct rt2661_softc *, 88 struct rt2661_rx_ring *, int); 89static void rt2661_reset_rx_ring(struct rt2661_softc *, 90 struct rt2661_rx_ring *); 91static void rt2661_free_rx_ring(struct rt2661_softc *, 92 struct rt2661_rx_ring *); 93static struct ieee80211_node *rt2661_node_alloc( 94 struct ieee80211_node_table *); 95static int rt2661_media_change(struct ifnet *); 96static int rt2661_newstate(struct ieee80211com *, 97 enum ieee80211_state, int); 98static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 99static void rt2661_rx_intr(struct rt2661_softc *); 100static void rt2661_tx_intr(struct rt2661_softc *); 101static void rt2661_tx_dma_intr(struct rt2661_softc *, 102 struct rt2661_tx_ring *); 103static void rt2661_mcu_beacon_expire(struct rt2661_softc *); 104static void rt2661_mcu_wakeup(struct rt2661_softc *); 105static void rt2661_mcu_cmd_intr(struct rt2661_softc *); 106static int rt2661_ack_rate(struct ieee80211com *, int); 107static void rt2661_scan_start(struct ieee80211com *); 108static void rt2661_scan_end(struct ieee80211com *); 109static void rt2661_set_channel(struct ieee80211com *); 110static uint16_t rt2661_txtime(int, int, uint32_t); 111static uint8_t rt2661_rxrate(struct rt2661_rx_desc *); 112static uint8_t rt2661_plcp_signal(int); 113static void rt2661_setup_tx_desc(struct rt2661_softc *, 114 struct rt2661_tx_desc *, uint32_t, uint16_t, int, 115 int, const bus_dma_segment_t *, int, int); 116static struct mbuf * rt2661_get_rts(struct rt2661_softc *, 117 struct ieee80211_frame *, uint16_t); 118static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 119 struct ieee80211_node *, int); 120static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 121 struct ieee80211_node *); 122static void rt2661_start(struct ifnet *); 123static void rt2661_watchdog(void *); 124static int rt2661_reset(struct ifnet *); 125static int rt2661_ioctl(struct ifnet *, u_long, caddr_t); 126static void rt2661_bbp_write(struct rt2661_softc *, uint8_t, 127 uint8_t); 128static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 129static void rt2661_rf_write(struct rt2661_softc *, uint8_t, 130 uint32_t); 131static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, 132 uint16_t); 133static void rt2661_select_antenna(struct rt2661_softc *); 134static void rt2661_enable_mrr(struct rt2661_softc *); 135static void rt2661_set_txpreamble(struct rt2661_softc *); 136static void rt2661_set_basicrates(struct rt2661_softc *, 137 const struct ieee80211_rateset *); 138static void rt2661_select_band(struct rt2661_softc *, 139 struct ieee80211_channel *); 140static void rt2661_set_chan(struct rt2661_softc *, 141 struct ieee80211_channel *); 142static void rt2661_set_bssid(struct rt2661_softc *, 143 const uint8_t *); 144static void rt2661_set_macaddr(struct rt2661_softc *, 145 const uint8_t *); 146static void rt2661_update_promisc(struct rt2661_softc *); 147static int rt2661_wme_update(struct ieee80211com *) __unused; 148static void rt2661_update_slot(struct ifnet *); 149static const char *rt2661_get_rf(int); 150static void rt2661_read_eeprom(struct rt2661_softc *); 151static int rt2661_bbp_init(struct rt2661_softc *); 152static void rt2661_init(void *); 153static void rt2661_stop(void *); 154static void rt2661_stop_locked(struct rt2661_softc *); 155static int rt2661_load_microcode(struct rt2661_softc *, 156 const uint8_t *, int); 157#ifdef notyet 158static void rt2661_rx_tune(struct rt2661_softc *); 159static void rt2661_radar_start(struct rt2661_softc *); 160static int rt2661_radar_stop(struct rt2661_softc *); 161#endif 162static int rt2661_prepare_beacon(struct rt2661_softc *); 163static void rt2661_enable_tsf_sync(struct rt2661_softc *); 164static int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 165 166static const struct { 167 uint32_t reg; 168 uint32_t val; 169} rt2661_def_mac[] = { 170 RT2661_DEF_MAC 171}; 172 173static const struct { 174 uint8_t reg; 175 uint8_t val; 176} rt2661_def_bbp[] = { 177 RT2661_DEF_BBP 178}; 179 180static const struct rfprog { 181 uint8_t chan; 182 uint32_t r1, r2, r3, r4; 183} rt2661_rf5225_1[] = { 184 RT2661_RF5225_1 185}, rt2661_rf5225_2[] = { 186 RT2661_RF5225_2 187}; 188 189int 190rt2661_attach(device_t dev, int id) 191{ 192 struct rt2661_softc *sc = device_get_softc(dev); 193 struct ieee80211com *ic = &sc->sc_ic; 194 struct ifnet *ifp; 195 uint32_t val; 196 const uint8_t *ucode = NULL; 197 int bands, error, ac, ntries, size = 0; 198 199 sc->sc_dev = dev; 200 201 mtx_init(&sc->sc_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK, 202 MTX_DEF | MTX_RECURSE); 203 204 callout_init_mtx(&sc->watchdog_ch, &sc->sc_mtx, 0); 205 callout_init(&sc->rssadapt_ch, CALLOUT_MPSAFE); 206 207 /* wait for NIC to initialize */ 208 for (ntries = 0; ntries < 1000; ntries++) { 209 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 210 break; 211 DELAY(1000); 212 } 213 if (ntries == 1000) { 214 device_printf(sc->sc_dev, 215 "timeout waiting for NIC to initialize\n"); 216 error = EIO; 217 goto fail1; 218 } 219 220 /* retrieve RF rev. no and various other things from EEPROM */ 221 rt2661_read_eeprom(sc); 222 223 device_printf(dev, "MAC/BBP RT%X, RF %s\n", val, 224 rt2661_get_rf(sc->rf_rev)); 225 226 /* 227 * Load 8051 microcode into NIC. 228 */ 229 switch (id) { 230 case 0x0301: 231 ucode = rt2561s_ucode; 232 size = sizeof rt2561s_ucode; 233 break; 234 case 0x0302: 235 ucode = rt2561_ucode; 236 size = sizeof rt2561_ucode; 237 break; 238 case 0x0401: 239 ucode = rt2661_ucode; 240 size = sizeof rt2661_ucode; 241 break; 242 } 243 244 error = rt2661_load_microcode(sc, ucode, size); 245 if (error != 0) { 246 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 247 goto fail1; 248 } 249 250 /* 251 * Allocate Tx and Rx rings. 252 */ 253 for (ac = 0; ac < 4; ac++) { 254 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac], 255 RT2661_TX_RING_COUNT); 256 if (error != 0) { 257 device_printf(sc->sc_dev, 258 "could not allocate Tx ring %d\n", ac); 259 goto fail2; 260 } 261 } 262 263 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 264 if (error != 0) { 265 device_printf(sc->sc_dev, "could not allocate Mgt ring\n"); 266 goto fail2; 267 } 268 269 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 270 if (error != 0) { 271 device_printf(sc->sc_dev, "could not allocate Rx ring\n"); 272 goto fail3; 273 } 274 275 ifp = sc->sc_ifp = if_alloc(IFT_ETHER); 276 if (ifp == NULL) { 277 device_printf(sc->sc_dev, "can not if_alloc()\n"); 278 error = ENOMEM; 279 goto fail4; 280 } 281 282 ifp->if_softc = sc; 283 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 284 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 285 ifp->if_init = rt2661_init; 286 ifp->if_ioctl = rt2661_ioctl; 287 ifp->if_start = rt2661_start; 288 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 289 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN; 290 IFQ_SET_READY(&ifp->if_snd); 291 292 ic->ic_ifp = ifp; 293 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 294 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 295 ic->ic_state = IEEE80211_S_INIT; 296 297 /* set device capabilities */ 298 ic->ic_caps = 299 IEEE80211_C_IBSS | /* IBSS mode supported */ 300 IEEE80211_C_MONITOR | /* monitor mode supported */ 301 IEEE80211_C_HOSTAP | /* HostAp mode supported */ 302 IEEE80211_C_TXPMGT | /* tx power management */ 303 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 304 IEEE80211_C_SHSLOT | /* short slot time supported */ 305#ifdef notyet 306 IEEE80211_C_WME | /* 802.11e */ 307#endif 308 IEEE80211_C_BGSCAN | /* bg scanning support */ 309 IEEE80211_C_WPA; /* 802.11i */ 310 311 bands = 0; 312 setbit(&bands, IEEE80211_MODE_11B); 313 setbit(&bands, IEEE80211_MODE_11G); 314 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) 315 setbit(&bands, IEEE80211_MODE_11A); 316 ieee80211_init_channels(ic, 0, CTRY_DEFAULT, bands, 0, 1); 317 318 ieee80211_ifattach(ic); 319 ic->ic_node_alloc = rt2661_node_alloc; 320/* ic->ic_wme.wme_update = rt2661_wme_update;*/ 321 ic->ic_scan_start = rt2661_scan_start; 322 ic->ic_scan_end = rt2661_scan_end; 323 ic->ic_set_channel = rt2661_set_channel; 324 ic->ic_updateslot = rt2661_update_slot; 325 ic->ic_reset = rt2661_reset; 326 /* enable s/w bmiss handling in sta mode */ 327 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 328 329 /* override state transition machine */ 330 sc->sc_newstate = ic->ic_newstate; 331 ic->ic_newstate = rt2661_newstate; 332 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status); 333 334 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 335 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 336 337 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 338 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 339 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 340 341 sc->sc_txtap_len = sizeof sc->sc_txtapu; 342 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 343 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 344 345 346 /* 347 * Add a few sysctl knobs. 348 */ 349 sc->dwelltime = 200; 350 351 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev), 352 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO, "dwell", 353 CTLFLAG_RW, &sc->dwelltime, 0, 354 "channel dwell time (ms) for AP/station scanning"); 355 356 if (bootverbose) 357 ieee80211_announce(ic); 358 359 return 0; 360 361fail4: rt2661_free_rx_ring(sc, &sc->rxq); 362fail3: rt2661_free_tx_ring(sc, &sc->mgtq); 363fail2: while (--ac >= 0) 364 rt2661_free_tx_ring(sc, &sc->txq[ac]); 365fail1: mtx_destroy(&sc->sc_mtx); 366 return error; 367} 368 369int 370rt2661_detach(void *xsc) 371{ 372 struct rt2661_softc *sc = xsc; 373 struct ieee80211com *ic = &sc->sc_ic; 374 struct ifnet *ifp = ic->ic_ifp; 375 376 rt2661_stop(sc); 377 callout_stop(&sc->watchdog_ch); 378 callout_stop(&sc->rssadapt_ch); 379 380 bpfdetach(ifp); 381 ieee80211_ifdetach(ic); 382 383 rt2661_free_tx_ring(sc, &sc->txq[0]); 384 rt2661_free_tx_ring(sc, &sc->txq[1]); 385 rt2661_free_tx_ring(sc, &sc->txq[2]); 386 rt2661_free_tx_ring(sc, &sc->txq[3]); 387 rt2661_free_tx_ring(sc, &sc->mgtq); 388 rt2661_free_rx_ring(sc, &sc->rxq); 389 390 if_free(ifp); 391 392 mtx_destroy(&sc->sc_mtx); 393 394 return 0; 395} 396 397void 398rt2661_shutdown(void *xsc) 399{ 400 struct rt2661_softc *sc = xsc; 401 402 rt2661_stop(sc); 403} 404 405void 406rt2661_suspend(void *xsc) 407{ 408 struct rt2661_softc *sc = xsc; 409 410 rt2661_stop(sc); 411} 412 413void 414rt2661_resume(void *xsc) 415{ 416 struct rt2661_softc *sc = xsc; 417 struct ifnet *ifp = sc->sc_ic.ic_ifp; 418 419 if (ifp->if_flags & IFF_UP) { 420 ifp->if_init(ifp->if_softc); 421 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 422 ifp->if_start(ifp); 423 } 424} 425 426static void 427rt2661_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 428{ 429 if (error != 0) 430 return; 431 432 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 433 434 *(bus_addr_t *)arg = segs[0].ds_addr; 435} 436 437static int 438rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 439 int count) 440{ 441 int i, error; 442 443 ring->count = count; 444 ring->queued = 0; 445 ring->cur = ring->next = ring->stat = 0; 446 447 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 448 BUS_SPACE_MAXADDR, NULL, NULL, count * RT2661_TX_DESC_SIZE, 1, 449 count * RT2661_TX_DESC_SIZE, 0, NULL, NULL, &ring->desc_dmat); 450 if (error != 0) { 451 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 452 goto fail; 453 } 454 455 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 456 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 457 if (error != 0) { 458 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 459 goto fail; 460 } 461 462 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 463 count * RT2661_TX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 464 0); 465 if (error != 0) { 466 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 467 goto fail; 468 } 469 470 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF, 471 M_NOWAIT | M_ZERO); 472 if (ring->data == NULL) { 473 device_printf(sc->sc_dev, "could not allocate soft data\n"); 474 error = ENOMEM; 475 goto fail; 476 } 477 478 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 479 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, RT2661_MAX_SCATTER, 480 MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 481 if (error != 0) { 482 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 483 goto fail; 484 } 485 486 for (i = 0; i < count; i++) { 487 error = bus_dmamap_create(ring->data_dmat, 0, 488 &ring->data[i].map); 489 if (error != 0) { 490 device_printf(sc->sc_dev, "could not create DMA map\n"); 491 goto fail; 492 } 493 } 494 495 return 0; 496 497fail: rt2661_free_tx_ring(sc, ring); 498 return error; 499} 500 501static void 502rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 503{ 504 struct rt2661_tx_desc *desc; 505 struct rt2661_tx_data *data; 506 int i; 507 508 for (i = 0; i < ring->count; i++) { 509 desc = &ring->desc[i]; 510 data = &ring->data[i]; 511 512 if (data->m != NULL) { 513 bus_dmamap_sync(ring->data_dmat, data->map, 514 BUS_DMASYNC_POSTWRITE); 515 bus_dmamap_unload(ring->data_dmat, data->map); 516 m_freem(data->m); 517 data->m = NULL; 518 } 519 520 if (data->ni != NULL) { 521 ieee80211_free_node(data->ni); 522 data->ni = NULL; 523 } 524 525 desc->flags = 0; 526 } 527 528 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 529 530 ring->queued = 0; 531 ring->cur = ring->next = ring->stat = 0; 532} 533 534static void 535rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 536{ 537 struct rt2661_tx_data *data; 538 int i; 539 540 if (ring->desc != NULL) { 541 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 542 BUS_DMASYNC_POSTWRITE); 543 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 544 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 545 } 546 547 if (ring->desc_dmat != NULL) 548 bus_dma_tag_destroy(ring->desc_dmat); 549 550 if (ring->data != NULL) { 551 for (i = 0; i < ring->count; i++) { 552 data = &ring->data[i]; 553 554 if (data->m != NULL) { 555 bus_dmamap_sync(ring->data_dmat, data->map, 556 BUS_DMASYNC_POSTWRITE); 557 bus_dmamap_unload(ring->data_dmat, data->map); 558 m_freem(data->m); 559 } 560 561 if (data->ni != NULL) 562 ieee80211_free_node(data->ni); 563 564 if (data->map != NULL) 565 bus_dmamap_destroy(ring->data_dmat, data->map); 566 } 567 568 free(ring->data, M_DEVBUF); 569 } 570 571 if (ring->data_dmat != NULL) 572 bus_dma_tag_destroy(ring->data_dmat); 573} 574 575static int 576rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 577 int count) 578{ 579 struct rt2661_rx_desc *desc; 580 struct rt2661_rx_data *data; 581 bus_addr_t physaddr; 582 int i, error; 583 584 ring->count = count; 585 ring->cur = ring->next = 0; 586 587 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 588 BUS_SPACE_MAXADDR, NULL, NULL, count * RT2661_RX_DESC_SIZE, 1, 589 count * RT2661_RX_DESC_SIZE, 0, NULL, NULL, &ring->desc_dmat); 590 if (error != 0) { 591 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 592 goto fail; 593 } 594 595 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 596 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 597 if (error != 0) { 598 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 599 goto fail; 600 } 601 602 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 603 count * RT2661_RX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 604 0); 605 if (error != 0) { 606 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 607 goto fail; 608 } 609 610 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF, 611 M_NOWAIT | M_ZERO); 612 if (ring->data == NULL) { 613 device_printf(sc->sc_dev, "could not allocate soft data\n"); 614 error = ENOMEM; 615 goto fail; 616 } 617 618 /* 619 * Pre-allocate Rx buffers and populate Rx ring. 620 */ 621 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 622 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, NULL, 623 NULL, &ring->data_dmat); 624 if (error != 0) { 625 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 626 goto fail; 627 } 628 629 for (i = 0; i < count; i++) { 630 desc = &sc->rxq.desc[i]; 631 data = &sc->rxq.data[i]; 632 633 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 634 if (error != 0) { 635 device_printf(sc->sc_dev, "could not create DMA map\n"); 636 goto fail; 637 } 638 639 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 640 if (data->m == NULL) { 641 device_printf(sc->sc_dev, 642 "could not allocate rx mbuf\n"); 643 error = ENOMEM; 644 goto fail; 645 } 646 647 error = bus_dmamap_load(ring->data_dmat, data->map, 648 mtod(data->m, void *), MCLBYTES, rt2661_dma_map_addr, 649 &physaddr, 0); 650 if (error != 0) { 651 device_printf(sc->sc_dev, 652 "could not load rx buf DMA map"); 653 goto fail; 654 } 655 656 desc->flags = htole32(RT2661_RX_BUSY); 657 desc->physaddr = htole32(physaddr); 658 } 659 660 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 661 662 return 0; 663 664fail: rt2661_free_rx_ring(sc, ring); 665 return error; 666} 667 668static void 669rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 670{ 671 int i; 672 673 for (i = 0; i < ring->count; i++) 674 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 675 676 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 677 678 ring->cur = ring->next = 0; 679} 680 681static void 682rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 683{ 684 struct rt2661_rx_data *data; 685 int i; 686 687 if (ring->desc != NULL) { 688 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 689 BUS_DMASYNC_POSTWRITE); 690 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 691 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 692 } 693 694 if (ring->desc_dmat != NULL) 695 bus_dma_tag_destroy(ring->desc_dmat); 696 697 if (ring->data != NULL) { 698 for (i = 0; i < ring->count; i++) { 699 data = &ring->data[i]; 700 701 if (data->m != NULL) { 702 bus_dmamap_sync(ring->data_dmat, data->map, 703 BUS_DMASYNC_POSTREAD); 704 bus_dmamap_unload(ring->data_dmat, data->map); 705 m_freem(data->m); 706 } 707 708 if (data->map != NULL) 709 bus_dmamap_destroy(ring->data_dmat, data->map); 710 } 711 712 free(ring->data, M_DEVBUF); 713 } 714 715 if (ring->data_dmat != NULL) 716 bus_dma_tag_destroy(ring->data_dmat); 717} 718 719static struct ieee80211_node * 720rt2661_node_alloc(struct ieee80211_node_table *nt) 721{ 722 struct rt2661_node *rn; 723 724 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE, 725 M_NOWAIT | M_ZERO); 726 727 return (rn != NULL) ? &rn->ni : NULL; 728} 729 730static int 731rt2661_media_change(struct ifnet *ifp) 732{ 733 struct rt2661_softc *sc = ifp->if_softc; 734 int error; 735 736 error = ieee80211_media_change(ifp); 737 if (error != ENETRESET) 738 return error; 739 740 if ((ifp->if_flags & IFF_UP) && (ifp->if_drv_flags & IFF_DRV_RUNNING)) 741 rt2661_init(sc); 742 743 return 0; 744} 745 746/* 747 * This function is called for each node present in the node station table. 748 */ 749static void 750rt2661_iter_func(void *arg, struct ieee80211_node *ni) 751{ 752 struct rt2661_node *rn = (struct rt2661_node *)ni; 753 754 ral_rssadapt_updatestats(&rn->rssadapt); 755} 756 757/* 758 * This function is called periodically (every 100ms) in RUN state to update 759 * the rate adaptation statistics. 760 */ 761static void 762rt2661_update_rssadapt(void *arg) 763{ 764 struct rt2661_softc *sc = arg; 765 struct ieee80211com *ic = &sc->sc_ic; 766 767 RAL_LOCK(sc); 768 769 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg); 770 callout_reset(&sc->rssadapt_ch, hz / 10, rt2661_update_rssadapt, sc); 771 772 RAL_UNLOCK(sc); 773} 774 775static int 776rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 777{ 778 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 779 enum ieee80211_state ostate; 780 struct ieee80211_node *ni; 781 uint32_t tmp; 782 int error = 0; 783 784 ostate = ic->ic_state; 785 786 switch (nstate) { 787 case IEEE80211_S_INIT: 788 callout_stop(&sc->rssadapt_ch); 789 790 if (ostate == IEEE80211_S_RUN) { 791 /* abort TSF synchronization */ 792 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 793 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 794 } 795 break; 796 case IEEE80211_S_RUN: 797 ni = ic->ic_bss; 798 799 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 800 rt2661_enable_mrr(sc); 801 rt2661_set_txpreamble(sc); 802 rt2661_set_basicrates(sc, &ni->ni_rates); 803 rt2661_set_bssid(sc, ni->ni_bssid); 804 } 805 806 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 807 ic->ic_opmode == IEEE80211_M_IBSS) { 808 if ((error = rt2661_prepare_beacon(sc)) != 0) 809 break; 810 } 811 812 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 813 callout_reset(&sc->rssadapt_ch, hz / 10, 814 rt2661_update_rssadapt, sc); 815 rt2661_enable_tsf_sync(sc); 816 } 817 break; 818 case IEEE80211_S_SCAN: 819 case IEEE80211_S_AUTH: 820 case IEEE80211_S_ASSOC: 821 break; 822 } 823 824 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg); 825} 826 827/* 828 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 829 * 93C66). 830 */ 831static uint16_t 832rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 833{ 834 uint32_t tmp; 835 uint16_t val; 836 int n; 837 838 /* clock C once before the first command */ 839 RT2661_EEPROM_CTL(sc, 0); 840 841 RT2661_EEPROM_CTL(sc, RT2661_S); 842 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 843 RT2661_EEPROM_CTL(sc, RT2661_S); 844 845 /* write start bit (1) */ 846 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 847 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 848 849 /* write READ opcode (10) */ 850 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 851 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 852 RT2661_EEPROM_CTL(sc, RT2661_S); 853 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 854 855 /* write address (A5-A0 or A7-A0) */ 856 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 857 for (; n >= 0; n--) { 858 RT2661_EEPROM_CTL(sc, RT2661_S | 859 (((addr >> n) & 1) << RT2661_SHIFT_D)); 860 RT2661_EEPROM_CTL(sc, RT2661_S | 861 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 862 } 863 864 RT2661_EEPROM_CTL(sc, RT2661_S); 865 866 /* read data Q15-Q0 */ 867 val = 0; 868 for (n = 15; n >= 0; n--) { 869 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 870 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 871 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 872 RT2661_EEPROM_CTL(sc, RT2661_S); 873 } 874 875 RT2661_EEPROM_CTL(sc, 0); 876 877 /* clear Chip Select and clock C */ 878 RT2661_EEPROM_CTL(sc, RT2661_S); 879 RT2661_EEPROM_CTL(sc, 0); 880 RT2661_EEPROM_CTL(sc, RT2661_C); 881 882 return val; 883} 884 885static void 886rt2661_tx_intr(struct rt2661_softc *sc) 887{ 888 struct ieee80211com *ic = &sc->sc_ic; 889 struct ifnet *ifp = ic->ic_ifp; 890 struct rt2661_tx_ring *txq; 891 struct rt2661_tx_data *data; 892 struct rt2661_node *rn; 893 uint32_t val; 894 int qid, retrycnt; 895 896 for (;;) { 897 struct ieee80211_node *ni; 898 struct mbuf *m; 899 900 val = RAL_READ(sc, RT2661_STA_CSR4); 901 if (!(val & RT2661_TX_STAT_VALID)) 902 break; 903 904 /* retrieve the queue in which this frame was sent */ 905 qid = RT2661_TX_QID(val); 906 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq; 907 908 /* retrieve rate control algorithm context */ 909 data = &txq->data[txq->stat]; 910 m = data->m; 911 data->m = NULL; 912 ni = data->ni; 913 data->ni = NULL; 914 915 /* if no frame has been sent, ignore */ 916 if (ni == NULL) 917 continue; 918 919 rn = (struct rt2661_node *)ni; 920 921 switch (RT2661_TX_RESULT(val)) { 922 case RT2661_TX_SUCCESS: 923 retrycnt = RT2661_TX_RETRYCNT(val); 924 925 DPRINTFN(10, ("data frame sent successfully after " 926 "%d retries\n", retrycnt)); 927 if (retrycnt == 0 && data->id.id_node != NULL) { 928 ral_rssadapt_raise_rate(ic, &rn->rssadapt, 929 &data->id); 930 } 931 ifp->if_opackets++; 932 break; 933 934 case RT2661_TX_RETRY_FAIL: 935 DPRINTFN(9, ("sending data frame failed (too much " 936 "retries)\n")); 937 if (data->id.id_node != NULL) { 938 ral_rssadapt_lower_rate(ic, ni, 939 &rn->rssadapt, &data->id); 940 } 941 ifp->if_oerrors++; 942 break; 943 944 default: 945 /* other failure */ 946 device_printf(sc->sc_dev, 947 "sending data frame failed 0x%08x\n", val); 948 ifp->if_oerrors++; 949 } 950 951 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat)); 952 953 txq->queued--; 954 if (++txq->stat >= txq->count) /* faster than % count */ 955 txq->stat = 0; 956 957 if (m->m_flags & M_TXCB) 958 ieee80211_process_callback(ni, m, 959 RT2661_TX_RESULT(val) != RT2661_TX_SUCCESS); 960 m_freem(m); 961 ieee80211_free_node(ni); 962 } 963 964 sc->sc_tx_timer = 0; 965 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 966 rt2661_start(ifp); 967} 968 969static void 970rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 971{ 972 struct rt2661_tx_desc *desc; 973 struct rt2661_tx_data *data; 974 975 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_POSTREAD); 976 977 for (;;) { 978 desc = &txq->desc[txq->next]; 979 data = &txq->data[txq->next]; 980 981 if ((le32toh(desc->flags) & RT2661_TX_BUSY) || 982 !(le32toh(desc->flags) & RT2661_TX_VALID)) 983 break; 984 985 bus_dmamap_sync(txq->data_dmat, data->map, 986 BUS_DMASYNC_POSTWRITE); 987 bus_dmamap_unload(txq->data_dmat, data->map); 988 989 /* descriptor is no longer valid */ 990 desc->flags &= ~htole32(RT2661_TX_VALID); 991 992 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 993 994 if (++txq->next >= txq->count) /* faster than % count */ 995 txq->next = 0; 996 } 997 998 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 999} 1000 1001static void 1002rt2661_rx_intr(struct rt2661_softc *sc) 1003{ 1004 struct ieee80211com *ic = &sc->sc_ic; 1005 struct ifnet *ifp = ic->ic_ifp; 1006 struct rt2661_rx_desc *desc; 1007 struct rt2661_rx_data *data; 1008 bus_addr_t physaddr; 1009 struct ieee80211_frame *wh; 1010 struct ieee80211_node *ni; 1011 struct rt2661_node *rn; 1012 struct mbuf *mnew, *m; 1013 int error; 1014 1015 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1016 BUS_DMASYNC_POSTREAD); 1017 1018 for (;;) { 1019 int rssi; 1020 1021 desc = &sc->rxq.desc[sc->rxq.cur]; 1022 data = &sc->rxq.data[sc->rxq.cur]; 1023 1024 if (le32toh(desc->flags) & RT2661_RX_BUSY) 1025 break; 1026 1027 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) || 1028 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) { 1029 /* 1030 * This should not happen since we did not request 1031 * to receive those frames when we filled TXRX_CSR0. 1032 */ 1033 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1034 le32toh(desc->flags))); 1035 ifp->if_ierrors++; 1036 goto skip; 1037 } 1038 1039 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1040 ifp->if_ierrors++; 1041 goto skip; 1042 } 1043 1044 /* 1045 * Try to allocate a new mbuf for this ring element and load it 1046 * before processing the current mbuf. If the ring element 1047 * cannot be loaded, drop the received packet and reuse the old 1048 * mbuf. In the unlikely case that the old mbuf can't be 1049 * reloaded either, explicitly panic. 1050 */ 1051 mnew = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1052 if (mnew == NULL) { 1053 ifp->if_ierrors++; 1054 goto skip; 1055 } 1056 1057 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1058 BUS_DMASYNC_POSTREAD); 1059 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1060 1061 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1062 mtod(mnew, void *), MCLBYTES, rt2661_dma_map_addr, 1063 &physaddr, 0); 1064 if (error != 0) { 1065 m_freem(mnew); 1066 1067 /* try to reload the old mbuf */ 1068 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1069 mtod(data->m, void *), MCLBYTES, 1070 rt2661_dma_map_addr, &physaddr, 0); 1071 if (error != 0) { 1072 /* very unlikely that it will fail... */ 1073 panic("%s: could not load old rx mbuf", 1074 device_get_name(sc->sc_dev)); 1075 } 1076 ifp->if_ierrors++; 1077 goto skip; 1078 } 1079 1080 /* 1081 * New mbuf successfully loaded, update Rx ring and continue 1082 * processing. 1083 */ 1084 m = data->m; 1085 data->m = mnew; 1086 desc->physaddr = htole32(physaddr); 1087 1088 /* finalize mbuf */ 1089 m->m_pkthdr.rcvif = ifp; 1090 m->m_pkthdr.len = m->m_len = 1091 (le32toh(desc->flags) >> 16) & 0xfff; 1092 1093 rssi = rt2661_get_rssi(sc, desc->rssi); 1094 1095 if (bpf_peers_present(sc->sc_drvbpf)) { 1096 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1097 uint32_t tsf_lo, tsf_hi; 1098 1099 /* get timestamp (low and high 32 bits) */ 1100 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1101 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1102 1103 tap->wr_tsf = 1104 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1105 tap->wr_flags = 0; 1106 tap->wr_rate = rt2661_rxrate(desc); 1107 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 1108 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 1109 tap->wr_antsignal = rssi < 0 ? 0 : rssi; 1110 1111 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1112 } 1113 sc->sc_flags |= RAL_INPUT_RUNNING; 1114 RAL_UNLOCK(sc); 1115 wh = mtod(m, struct ieee80211_frame *); 1116 ni = ieee80211_find_rxnode(ic, 1117 (struct ieee80211_frame_min *)wh); 1118 1119 /* Error happened during RSSI conversion. */ 1120 if (rssi < 0) 1121 rssi = ni->ni_rssi; 1122 1123 /* send the frame to the 802.11 layer */ 1124 ieee80211_input(ic, m, ni, rssi, RT2661_NOISE_FLOOR, 0); 1125 1126 /* give rssi to the rate adatation algorithm */ 1127 rn = (struct rt2661_node *)ni; 1128 RAL_LOCK(sc); 1129 sc->sc_flags &= ~RAL_INPUT_RUNNING; 1130 ral_rssadapt_input(ic, ni, &rn->rssadapt, rssi); 1131 1132 /* node is no longer needed */ 1133 ieee80211_free_node(ni); 1134 1135skip: desc->flags |= htole32(RT2661_RX_BUSY); 1136 1137 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur)); 1138 1139 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1140 } 1141 1142 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1143 BUS_DMASYNC_PREWRITE); 1144} 1145 1146/* ARGSUSED */ 1147static void 1148rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1149{ 1150 /* do nothing */ 1151} 1152 1153static void 1154rt2661_mcu_wakeup(struct rt2661_softc *sc) 1155{ 1156 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1157 1158 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1159 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1160 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1161 1162 /* send wakeup command to MCU */ 1163 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1164} 1165 1166static void 1167rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1168{ 1169 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1170 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1171} 1172 1173void 1174rt2661_intr(void *arg) 1175{ 1176 struct rt2661_softc *sc = arg; 1177 struct ifnet *ifp = sc->sc_ifp; 1178 uint32_t r1, r2; 1179 1180 RAL_LOCK(sc); 1181 1182 /* disable MAC and MCU interrupts */ 1183 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1184 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1185 1186 /* don't re-enable interrupts if we're shutting down */ 1187 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 1188 RAL_UNLOCK(sc); 1189 return; 1190 } 1191 1192 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1193 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1194 1195 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1196 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1197 1198 if (r1 & RT2661_MGT_DONE) 1199 rt2661_tx_dma_intr(sc, &sc->mgtq); 1200 1201 if (r1 & RT2661_RX_DONE) 1202 rt2661_rx_intr(sc); 1203 1204 if (r1 & RT2661_TX0_DMA_DONE) 1205 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1206 1207 if (r1 & RT2661_TX1_DMA_DONE) 1208 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1209 1210 if (r1 & RT2661_TX2_DMA_DONE) 1211 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1212 1213 if (r1 & RT2661_TX3_DMA_DONE) 1214 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1215 1216 if (r1 & RT2661_TX_DONE) 1217 rt2661_tx_intr(sc); 1218 1219 if (r2 & RT2661_MCU_CMD_DONE) 1220 rt2661_mcu_cmd_intr(sc); 1221 1222 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1223 rt2661_mcu_beacon_expire(sc); 1224 1225 if (r2 & RT2661_MCU_WAKEUP) 1226 rt2661_mcu_wakeup(sc); 1227 1228 /* re-enable MAC and MCU interrupts */ 1229 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 1230 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 1231 1232 RAL_UNLOCK(sc); 1233} 1234 1235/* quickly determine if a given rate is CCK or OFDM */ 1236#define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1237 1238#define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1239#define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1240 1241#define RAL_SIFS 10 /* us */ 1242 1243/* 1244 * This function is only used by the Rx radiotap code. It returns the rate at 1245 * which a given frame was received. 1246 */ 1247static uint8_t 1248rt2661_rxrate(struct rt2661_rx_desc *desc) 1249{ 1250 if (le32toh(desc->flags) & RT2661_RX_OFDM) { 1251 /* reverse function of rt2661_plcp_signal */ 1252 switch (desc->rate & 0xf) { 1253 case 0xb: return 12; 1254 case 0xf: return 18; 1255 case 0xa: return 24; 1256 case 0xe: return 36; 1257 case 0x9: return 48; 1258 case 0xd: return 72; 1259 case 0x8: return 96; 1260 case 0xc: return 108; 1261 } 1262 } else { 1263 if (desc->rate == 10) 1264 return 2; 1265 if (desc->rate == 20) 1266 return 4; 1267 if (desc->rate == 55) 1268 return 11; 1269 if (desc->rate == 110) 1270 return 22; 1271 } 1272 return 2; /* should not get there */ 1273} 1274 1275/* 1276 * Return the expected ack rate for a frame transmitted at rate `rate'. 1277 * XXX: this should depend on the destination node basic rate set. 1278 */ 1279static int 1280rt2661_ack_rate(struct ieee80211com *ic, int rate) 1281{ 1282 switch (rate) { 1283 /* CCK rates */ 1284 case 2: 1285 return 2; 1286 case 4: 1287 case 11: 1288 case 22: 1289 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1290 1291 /* OFDM rates */ 1292 case 12: 1293 case 18: 1294 return 12; 1295 case 24: 1296 case 36: 1297 return 24; 1298 case 48: 1299 case 72: 1300 case 96: 1301 case 108: 1302 return 48; 1303 } 1304 1305 /* default to 1Mbps */ 1306 return 2; 1307} 1308 1309/* 1310 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1311 * The function automatically determines the operating mode depending on the 1312 * given rate. `flags' indicates whether short preamble is in use or not. 1313 */ 1314static uint16_t 1315rt2661_txtime(int len, int rate, uint32_t flags) 1316{ 1317 uint16_t txtime; 1318 1319 if (RAL_RATE_IS_OFDM(rate)) { 1320 /* IEEE Std 802.11a-1999, pp. 37 */ 1321 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1322 txtime = 16 + 4 + 4 * txtime + 6; 1323 } else { 1324 /* IEEE Std 802.11b-1999, pp. 28 */ 1325 txtime = (16 * len + rate - 1) / rate; 1326 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1327 txtime += 72 + 24; 1328 else 1329 txtime += 144 + 48; 1330 } 1331 1332 return txtime; 1333} 1334 1335static uint8_t 1336rt2661_plcp_signal(int rate) 1337{ 1338 switch (rate) { 1339 /* CCK rates (returned values are device-dependent) */ 1340 case 2: return 0x0; 1341 case 4: return 0x1; 1342 case 11: return 0x2; 1343 case 22: return 0x3; 1344 1345 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1346 case 12: return 0xb; 1347 case 18: return 0xf; 1348 case 24: return 0xa; 1349 case 36: return 0xe; 1350 case 48: return 0x9; 1351 case 72: return 0xd; 1352 case 96: return 0x8; 1353 case 108: return 0xc; 1354 1355 /* unsupported rates (should not get there) */ 1356 default: return 0xff; 1357 } 1358} 1359 1360static void 1361rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1362 uint32_t flags, uint16_t xflags, int len, int rate, 1363 const bus_dma_segment_t *segs, int nsegs, int ac) 1364{ 1365 struct ieee80211com *ic = &sc->sc_ic; 1366 uint16_t plcp_length; 1367 int i, remainder; 1368 1369 desc->flags = htole32(flags); 1370 desc->flags |= htole32(len << 16); 1371 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1372 1373 desc->xflags = htole16(xflags); 1374 desc->xflags |= htole16(nsegs << 13); 1375 1376 desc->wme = htole16( 1377 RT2661_QID(ac) | 1378 RT2661_AIFSN(2) | 1379 RT2661_LOGCWMIN(4) | 1380 RT2661_LOGCWMAX(10)); 1381 1382 /* 1383 * Remember in which queue this frame was sent. This field is driver 1384 * private data only. It will be made available by the NIC in STA_CSR4 1385 * on Tx interrupts. 1386 */ 1387 desc->qid = ac; 1388 1389 /* setup PLCP fields */ 1390 desc->plcp_signal = rt2661_plcp_signal(rate); 1391 desc->plcp_service = 4; 1392 1393 len += IEEE80211_CRC_LEN; 1394 if (RAL_RATE_IS_OFDM(rate)) { 1395 desc->flags |= htole32(RT2661_TX_OFDM); 1396 1397 plcp_length = len & 0xfff; 1398 desc->plcp_length_hi = plcp_length >> 6; 1399 desc->plcp_length_lo = plcp_length & 0x3f; 1400 } else { 1401 plcp_length = (16 * len + rate - 1) / rate; 1402 if (rate == 22) { 1403 remainder = (16 * len) % 22; 1404 if (remainder != 0 && remainder < 7) 1405 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1406 } 1407 desc->plcp_length_hi = plcp_length >> 8; 1408 desc->plcp_length_lo = plcp_length & 0xff; 1409 1410 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1411 desc->plcp_signal |= 0x08; 1412 } 1413 1414 /* RT2x61 supports scatter with up to 5 segments */ 1415 for (i = 0; i < nsegs; i++) { 1416 desc->addr[i] = htole32(segs[i].ds_addr); 1417 desc->len [i] = htole16(segs[i].ds_len); 1418 } 1419} 1420 1421static int 1422rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1423 struct ieee80211_node *ni) 1424{ 1425 struct ieee80211com *ic = &sc->sc_ic; 1426 struct rt2661_tx_desc *desc; 1427 struct rt2661_tx_data *data; 1428 struct ieee80211_frame *wh; 1429 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1430 uint16_t dur; 1431 uint32_t flags = 0; /* XXX HWSEQ */ 1432 int nsegs, rate, error; 1433 1434 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1435 data = &sc->mgtq.data[sc->mgtq.cur]; 1436 1437 /* send mgt frames at the lowest available rate */ 1438 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1439 1440 error = bus_dmamap_load_mbuf_sg(sc->mgtq.data_dmat, data->map, m0, 1441 segs, &nsegs, 0); 1442 if (error != 0) { 1443 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1444 error); 1445 m_freem(m0); 1446 return error; 1447 } 1448 1449 if (bpf_peers_present(sc->sc_drvbpf)) { 1450 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1451 1452 tap->wt_flags = 0; 1453 tap->wt_rate = rate; 1454 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1455 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1456 1457 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1458 } 1459 1460 data->m = m0; 1461 data->ni = ni; 1462 1463 wh = mtod(m0, struct ieee80211_frame *); 1464 1465 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1466 flags |= RT2661_TX_NEED_ACK; 1467 1468 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1469 RAL_SIFS; 1470 *(uint16_t *)wh->i_dur = htole16(dur); 1471 1472 /* tell hardware to add timestamp in probe responses */ 1473 if ((wh->i_fc[0] & 1474 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1475 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1476 flags |= RT2661_TX_TIMESTAMP; 1477 } 1478 1479 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1480 m0->m_pkthdr.len, rate, segs, nsegs, RT2661_QID_MGT); 1481 1482 bus_dmamap_sync(sc->mgtq.data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1483 bus_dmamap_sync(sc->mgtq.desc_dmat, sc->mgtq.desc_map, 1484 BUS_DMASYNC_PREWRITE); 1485 1486 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1487 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1488 1489 /* kick mgt */ 1490 sc->mgtq.queued++; 1491 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1492 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1493 1494 return 0; 1495} 1496 1497/* 1498 * Build a RTS control frame. 1499 */ 1500static struct mbuf * 1501rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh, 1502 uint16_t dur) 1503{ 1504 struct ieee80211_frame_rts *rts; 1505 struct mbuf *m; 1506 1507 MGETHDR(m, M_DONTWAIT, MT_DATA); 1508 if (m == NULL) { 1509 sc->sc_ic.ic_stats.is_tx_nobuf++; 1510 device_printf(sc->sc_dev, "could not allocate RTS frame\n"); 1511 return NULL; 1512 } 1513 1514 rts = mtod(m, struct ieee80211_frame_rts *); 1515 1516 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL | 1517 IEEE80211_FC0_SUBTYPE_RTS; 1518 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1519 *(uint16_t *)rts->i_dur = htole16(dur); 1520 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1); 1521 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2); 1522 1523 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts); 1524 1525 return m; 1526} 1527 1528static int 1529rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1530 struct ieee80211_node *ni, int ac) 1531{ 1532 struct ieee80211com *ic = &sc->sc_ic; 1533 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1534 struct rt2661_tx_desc *desc; 1535 struct rt2661_tx_data *data; 1536 struct rt2661_node *rn; 1537 struct ieee80211_frame *wh; 1538 struct ieee80211_key *k; 1539 const struct chanAccParams *cap; 1540 struct mbuf *mnew; 1541 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1542 uint16_t dur; 1543 uint32_t flags = 0; 1544 int error, nsegs, rate, noack = 0; 1545 1546 wh = mtod(m0, struct ieee80211_frame *); 1547 1548 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1549 rate = ic->ic_fixed_rate; 1550 } else { 1551 struct ieee80211_rateset *rs; 1552 1553 rs = &ni->ni_rates; 1554 rn = (struct rt2661_node *)ni; 1555 ni->ni_txrate = ral_rssadapt_choose(&rn->rssadapt, rs, 1556 wh, m0->m_pkthdr.len, NULL, 0); 1557 rate = rs->rs_rates[ni->ni_txrate]; 1558 } 1559 rate &= IEEE80211_RATE_VAL; 1560 1561 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1562 cap = &ic->ic_wme.wme_chanParams; 1563 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1564 } 1565 1566 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1567 k = ieee80211_crypto_encap(ic, ni, m0); 1568 if (k == NULL) { 1569 m_freem(m0); 1570 return ENOBUFS; 1571 } 1572 1573 /* packet header may have moved, reset our local pointer */ 1574 wh = mtod(m0, struct ieee80211_frame *); 1575 } 1576 1577 /* 1578 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange 1579 * for directed frames only when the length of the MPDU is greater 1580 * than the length threshold indicated by [...]" ic_rtsthreshold. 1581 */ 1582 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 1583 m0->m_pkthdr.len > ic->ic_rtsthreshold) { 1584 struct mbuf *m; 1585 uint16_t dur; 1586 int rtsrate, ackrate; 1587 1588 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1589 ackrate = rt2661_ack_rate(ic, rate); 1590 1591 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) + 1592 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) + 1593 /* XXX: noack (QoS)? */ 1594 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1595 3 * RAL_SIFS; 1596 1597 m = rt2661_get_rts(sc, wh, dur); 1598 1599 desc = &txq->desc[txq->cur]; 1600 data = &txq->data[txq->cur]; 1601 1602 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m, 1603 segs, &nsegs, 0); 1604 if (error != 0) { 1605 device_printf(sc->sc_dev, 1606 "could not map mbuf (error %d)\n", error); 1607 m_freem(m); 1608 m_freem(m0); 1609 return error; 1610 } 1611 1612 /* avoid multiple free() of the same node for each fragment */ 1613 ieee80211_ref_node(ni); 1614 1615 data->m = m; 1616 data->ni = ni; 1617 1618 /* RTS frames are not taken into account for rssadapt */ 1619 data->id.id_node = NULL; 1620 1621 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK | 1622 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate, segs, 1623 nsegs, ac); 1624 1625 bus_dmamap_sync(txq->data_dmat, data->map, 1626 BUS_DMASYNC_PREWRITE); 1627 1628 txq->queued++; 1629 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1630 1631 /* 1632 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the 1633 * asynchronous data frame shall be transmitted after the CTS 1634 * frame and a SIFS period. 1635 */ 1636 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS; 1637 } 1638 1639 data = &txq->data[txq->cur]; 1640 desc = &txq->desc[txq->cur]; 1641 1642 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, segs, 1643 &nsegs, 0); 1644 if (error != 0 && error != EFBIG) { 1645 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1646 error); 1647 m_freem(m0); 1648 return error; 1649 } 1650 if (error != 0) { 1651 mnew = m_defrag(m0, M_DONTWAIT); 1652 if (mnew == NULL) { 1653 device_printf(sc->sc_dev, 1654 "could not defragment mbuf\n"); 1655 m_freem(m0); 1656 return ENOBUFS; 1657 } 1658 m0 = mnew; 1659 1660 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, 1661 segs, &nsegs, 0); 1662 if (error != 0) { 1663 device_printf(sc->sc_dev, 1664 "could not map mbuf (error %d)\n", error); 1665 m_freem(m0); 1666 return error; 1667 } 1668 1669 /* packet header have moved, reset our local pointer */ 1670 wh = mtod(m0, struct ieee80211_frame *); 1671 } 1672 1673 if (bpf_peers_present(sc->sc_drvbpf)) { 1674 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1675 1676 tap->wt_flags = 0; 1677 tap->wt_rate = rate; 1678 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1679 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1680 1681 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1682 } 1683 1684 data->m = m0; 1685 data->ni = ni; 1686 1687 /* remember link conditions for rate adaptation algorithm */ 1688 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) { 1689 data->id.id_len = m0->m_pkthdr.len; 1690 data->id.id_rateidx = ni->ni_txrate; 1691 data->id.id_node = ni; 1692 data->id.id_rssi = ni->ni_rssi; 1693 } else 1694 data->id.id_node = NULL; 1695 1696 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1697 flags |= RT2661_TX_NEED_ACK; 1698 1699 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1700 ic->ic_flags) + RAL_SIFS; 1701 *(uint16_t *)wh->i_dur = htole16(dur); 1702 } 1703 1704 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, segs, 1705 nsegs, ac); 1706 1707 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1708 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1709 1710 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1711 m0->m_pkthdr.len, txq->cur, rate)); 1712 1713 /* kick Tx */ 1714 txq->queued++; 1715 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1716 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1 << ac); 1717 1718 return 0; 1719} 1720 1721static void 1722rt2661_start(struct ifnet *ifp) 1723{ 1724 struct rt2661_softc *sc = ifp->if_softc; 1725 struct ieee80211com *ic = &sc->sc_ic; 1726 struct mbuf *m0; 1727 struct ether_header *eh; 1728 struct ieee80211_node *ni; 1729 int ac; 1730 1731 RAL_LOCK(sc); 1732 1733 /* prevent management frames from being sent if we're not ready */ 1734 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING) || sc->sc_invalid) { 1735 RAL_UNLOCK(sc); 1736 return; 1737 } 1738 1739 for (;;) { 1740 IF_POLL(&ic->ic_mgtq, m0); 1741 if (m0 != NULL) { 1742 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1743 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1744 break; 1745 } 1746 IF_DEQUEUE(&ic->ic_mgtq, m0); 1747 1748 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1749 m0->m_pkthdr.rcvif = NULL; 1750 1751 if (bpf_peers_present(ic->ic_rawbpf)) 1752 bpf_mtap(ic->ic_rawbpf, m0); 1753 1754 if (rt2661_tx_mgt(sc, m0, ni) != 0) { 1755 ieee80211_free_node(ni); 1756 break; 1757 } 1758 } else { 1759 if (ic->ic_state != IEEE80211_S_RUN) 1760 break; 1761 1762 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0); 1763 if (m0 == NULL) 1764 break; 1765 1766 if (m0->m_len < sizeof (struct ether_header) && 1767 !(m0 = m_pullup(m0, sizeof (struct ether_header)))) 1768 continue; 1769 1770 eh = mtod(m0, struct ether_header *); 1771 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1772 if (ni == NULL) { 1773 m_freem(m0); 1774 ifp->if_oerrors++; 1775 continue; 1776 } 1777 1778 /* classify mbuf so we can find which tx ring to use */ 1779 if (ieee80211_classify(ic, m0, ni) != 0) { 1780 m_freem(m0); 1781 ieee80211_free_node(ni); 1782 ifp->if_oerrors++; 1783 continue; 1784 } 1785 1786 /* no QoS encapsulation for EAPOL frames */ 1787 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1788 M_WME_GETAC(m0) : WME_AC_BE; 1789 1790 if (sc->txq[ac].queued >= RT2661_TX_RING_COUNT - 1) { 1791 /* there is no place left in this ring */ 1792 IFQ_DRV_PREPEND(&ifp->if_snd, m0); 1793 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1794 ieee80211_free_node(ni); 1795 break; 1796 } 1797 1798 BPF_MTAP(ifp, m0); 1799 1800 m0 = ieee80211_encap(ic, m0, ni); 1801 if (m0 == NULL) { 1802 ieee80211_free_node(ni); 1803 ifp->if_oerrors++; 1804 continue; 1805 } 1806 1807 if (bpf_peers_present(ic->ic_rawbpf)) 1808 bpf_mtap(ic->ic_rawbpf, m0); 1809 1810 if (rt2661_tx_data(sc, m0, ni, ac) != 0) { 1811 ieee80211_free_node(ni); 1812 ifp->if_oerrors++; 1813 break; 1814 } 1815 } 1816 1817 sc->sc_tx_timer = 5; 1818 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1819 } 1820 1821 RAL_UNLOCK(sc); 1822} 1823 1824static void 1825rt2661_watchdog(void *arg) 1826{ 1827 struct rt2661_softc *sc = (struct rt2661_softc *)arg; 1828 1829 if (sc->sc_tx_timer > 0 && !sc->sc_invalid) { 1830 if (--sc->sc_tx_timer == 0) { 1831 device_printf(sc->sc_dev, "device timeout\n"); 1832 rt2661_init(sc); 1833 sc->sc_ifp->if_oerrors++; 1834 return; 1835 } 1836 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1837 } 1838} 1839 1840/* 1841 * This function allows for fast channel switching in monitor mode (used by 1842 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to 1843 * generate a new beacon frame. 1844 */ 1845static int 1846rt2661_reset(struct ifnet *ifp) 1847{ 1848 struct rt2661_softc *sc = ifp->if_softc; 1849 struct ieee80211com *ic = &sc->sc_ic; 1850 1851 if (ic->ic_opmode != IEEE80211_M_MONITOR) 1852 return ENETRESET; 1853 1854 rt2661_set_chan(sc, ic->ic_curchan); 1855 1856 return 0; 1857} 1858 1859static int 1860rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1861{ 1862 struct rt2661_softc *sc = ifp->if_softc; 1863 struct ieee80211com *ic = &sc->sc_ic; 1864 int error = 0; 1865 1866 switch (cmd) { 1867 case SIOCSIFFLAGS: 1868 if (ifp->if_flags & IFF_UP) { 1869 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1870 rt2661_update_promisc(sc); 1871 else 1872 rt2661_init(sc); 1873 } else { 1874 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1875 rt2661_stop(sc); 1876 } 1877 break; 1878 1879 default: 1880 error = ieee80211_ioctl(ic, cmd, data); 1881 } 1882 1883 if (error == ENETRESET) { 1884 if ((ifp->if_flags & IFF_UP) && 1885 (ifp->if_drv_flags & IFF_DRV_RUNNING) && 1886 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1887 rt2661_init(sc); 1888 error = 0; 1889 } 1890 1891 return error; 1892} 1893 1894static void 1895rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 1896{ 1897 uint32_t tmp; 1898 int ntries; 1899 1900 for (ntries = 0; ntries < 100; ntries++) { 1901 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1902 break; 1903 DELAY(1); 1904 } 1905 if (ntries == 100) { 1906 device_printf(sc->sc_dev, "could not write to BBP\n"); 1907 return; 1908 } 1909 1910 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 1911 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 1912 1913 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 1914} 1915 1916static uint8_t 1917rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 1918{ 1919 uint32_t val; 1920 int ntries; 1921 1922 for (ntries = 0; ntries < 100; ntries++) { 1923 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1924 break; 1925 DELAY(1); 1926 } 1927 if (ntries == 100) { 1928 device_printf(sc->sc_dev, "could not read from BBP\n"); 1929 return 0; 1930 } 1931 1932 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 1933 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 1934 1935 for (ntries = 0; ntries < 100; ntries++) { 1936 val = RAL_READ(sc, RT2661_PHY_CSR3); 1937 if (!(val & RT2661_BBP_BUSY)) 1938 return val & 0xff; 1939 DELAY(1); 1940 } 1941 1942 device_printf(sc->sc_dev, "could not read from BBP\n"); 1943 return 0; 1944} 1945 1946static void 1947rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 1948{ 1949 uint32_t tmp; 1950 int ntries; 1951 1952 for (ntries = 0; ntries < 100; ntries++) { 1953 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 1954 break; 1955 DELAY(1); 1956 } 1957 if (ntries == 100) { 1958 device_printf(sc->sc_dev, "could not write to RF\n"); 1959 return; 1960 } 1961 1962 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 1963 (reg & 3); 1964 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 1965 1966 /* remember last written value in sc */ 1967 sc->rf_regs[reg] = val; 1968 1969 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 1970} 1971 1972static int 1973rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 1974{ 1975 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 1976 return EIO; /* there is already a command pending */ 1977 1978 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 1979 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 1980 1981 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 1982 1983 return 0; 1984} 1985 1986static void 1987rt2661_select_antenna(struct rt2661_softc *sc) 1988{ 1989 uint8_t bbp4, bbp77; 1990 uint32_t tmp; 1991 1992 bbp4 = rt2661_bbp_read(sc, 4); 1993 bbp77 = rt2661_bbp_read(sc, 77); 1994 1995 /* TBD */ 1996 1997 /* make sure Rx is disabled before switching antenna */ 1998 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 1999 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2000 2001 rt2661_bbp_write(sc, 4, bbp4); 2002 rt2661_bbp_write(sc, 77, bbp77); 2003 2004 /* restore Rx filter */ 2005 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2006} 2007 2008/* 2009 * Enable multi-rate retries for frames sent at OFDM rates. 2010 * In 802.11b/g mode, allow fallback to CCK rates. 2011 */ 2012static void 2013rt2661_enable_mrr(struct rt2661_softc *sc) 2014{ 2015 struct ieee80211com *ic = &sc->sc_ic; 2016 uint32_t tmp; 2017 2018 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2019 2020 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2021 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2022 tmp |= RT2661_MRR_CCK_FALLBACK; 2023 tmp |= RT2661_MRR_ENABLED; 2024 2025 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2026} 2027 2028static void 2029rt2661_set_txpreamble(struct rt2661_softc *sc) 2030{ 2031 uint32_t tmp; 2032 2033 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2034 2035 tmp &= ~RT2661_SHORT_PREAMBLE; 2036 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2037 tmp |= RT2661_SHORT_PREAMBLE; 2038 2039 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2040} 2041 2042/* 2043 * Supported rates for 802.11g. XXX should use ic_sup_rates. 2044 */ 2045static const struct ieee80211_rateset rt2661_rateset_11g = 2046 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 2047 2048static void 2049rt2661_set_basicrates(struct rt2661_softc *sc, 2050 const struct ieee80211_rateset *rs) 2051{ 2052#define RV(r) ((r) & IEEE80211_RATE_VAL) 2053 struct ieee80211com *ic = &sc->sc_ic; 2054 uint32_t mask = 0; 2055 uint8_t rate; 2056 int i, j; 2057 2058 for (i = 0; i < rs->rs_nrates; i++) { 2059 rate = rs->rs_rates[i]; 2060 2061 if (!(rate & IEEE80211_RATE_BASIC)) 2062 continue; 2063 2064 /* 2065 * Find h/w rate index. We know it exists because the rate 2066 * set has already been negotiated. 2067 */ 2068 for (j = 0; ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates[j] != RV(rate); j++); 2069 2070 mask |= 1 << j; 2071 } 2072 2073 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask); 2074 2075 DPRINTF(("Setting basic rate mask to 0x%x\n", mask)); 2076#undef RV 2077} 2078 2079/* 2080 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2081 * driver. 2082 */ 2083static void 2084rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2085{ 2086 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2087 uint32_t tmp; 2088 2089 /* update all BBP registers that depend on the band */ 2090 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2091 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2092 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2093 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2094 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2095 } 2096 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2097 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2098 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2099 } 2100 2101 rt2661_bbp_write(sc, 17, bbp17); 2102 rt2661_bbp_write(sc, 96, bbp96); 2103 rt2661_bbp_write(sc, 104, bbp104); 2104 2105 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2106 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2107 rt2661_bbp_write(sc, 75, 0x80); 2108 rt2661_bbp_write(sc, 86, 0x80); 2109 rt2661_bbp_write(sc, 88, 0x80); 2110 } 2111 2112 rt2661_bbp_write(sc, 35, bbp35); 2113 rt2661_bbp_write(sc, 97, bbp97); 2114 rt2661_bbp_write(sc, 98, bbp98); 2115 2116 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2117 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2118 if (IEEE80211_IS_CHAN_2GHZ(c)) 2119 tmp |= RT2661_PA_PE_2GHZ; 2120 else 2121 tmp |= RT2661_PA_PE_5GHZ; 2122 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2123} 2124 2125static void 2126rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2127{ 2128 struct ieee80211com *ic = &sc->sc_ic; 2129 const struct rfprog *rfprog; 2130 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2131 int8_t power; 2132 u_int i, chan; 2133 2134 chan = ieee80211_chan2ieee(ic, c); 2135 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2136 return; 2137 2138 /* select the appropriate RF settings based on what EEPROM says */ 2139 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2140 2141 /* find the settings for this channel (we know it exists) */ 2142 for (i = 0; rfprog[i].chan != chan; i++); 2143 2144 power = sc->txpow[i]; 2145 if (power < 0) { 2146 bbp94 += power; 2147 power = 0; 2148 } else if (power > 31) { 2149 bbp94 += power - 31; 2150 power = 31; 2151 } 2152 2153 /* 2154 * If we are switching from the 2GHz band to the 5GHz band or 2155 * vice-versa, BBP registers need to be reprogrammed. 2156 */ 2157 if (c->ic_flags != sc->sc_curchan->ic_flags) { 2158 rt2661_select_band(sc, c); 2159 rt2661_select_antenna(sc); 2160 } 2161 sc->sc_curchan = c; 2162 2163 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2164 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2165 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2166 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2167 2168 DELAY(200); 2169 2170 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2171 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2172 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2173 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2174 2175 DELAY(200); 2176 2177 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2178 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2179 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2180 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2181 2182 /* enable smart mode for MIMO-capable RFs */ 2183 bbp3 = rt2661_bbp_read(sc, 3); 2184 2185 bbp3 &= ~RT2661_SMART_MODE; 2186 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2187 bbp3 |= RT2661_SMART_MODE; 2188 2189 rt2661_bbp_write(sc, 3, bbp3); 2190 2191 if (bbp94 != RT2661_BBPR94_DEFAULT) 2192 rt2661_bbp_write(sc, 94, bbp94); 2193 2194 /* 5GHz radio needs a 1ms delay here */ 2195 if (IEEE80211_IS_CHAN_5GHZ(c)) 2196 DELAY(1000); 2197} 2198 2199static void 2200rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2201{ 2202 uint32_t tmp; 2203 2204 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2205 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2206 2207 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2208 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2209} 2210 2211static void 2212rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2213{ 2214 uint32_t tmp; 2215 2216 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2217 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2218 2219 tmp = addr[4] | addr[5] << 8; 2220 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2221} 2222 2223static void 2224rt2661_update_promisc(struct rt2661_softc *sc) 2225{ 2226 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2227 uint32_t tmp; 2228 2229 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2230 2231 tmp &= ~RT2661_DROP_NOT_TO_ME; 2232 if (!(ifp->if_flags & IFF_PROMISC)) 2233 tmp |= RT2661_DROP_NOT_TO_ME; 2234 2235 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2236 2237 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2238 "entering" : "leaving")); 2239} 2240 2241/* 2242 * Update QoS (802.11e) settings for each h/w Tx ring. 2243 */ 2244static int 2245rt2661_wme_update(struct ieee80211com *ic) 2246{ 2247 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 2248 const struct wmeParams *wmep; 2249 2250 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams; 2251 2252 /* XXX: not sure about shifts. */ 2253 /* XXX: the reference driver plays with AC_VI settings too. */ 2254 2255 /* update TxOp */ 2256 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0, 2257 wmep[WME_AC_BE].wmep_txopLimit << 16 | 2258 wmep[WME_AC_BK].wmep_txopLimit); 2259 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1, 2260 wmep[WME_AC_VI].wmep_txopLimit << 16 | 2261 wmep[WME_AC_VO].wmep_txopLimit); 2262 2263 /* update CWmin */ 2264 RAL_WRITE(sc, RT2661_CWMIN_CSR, 2265 wmep[WME_AC_BE].wmep_logcwmin << 12 | 2266 wmep[WME_AC_BK].wmep_logcwmin << 8 | 2267 wmep[WME_AC_VI].wmep_logcwmin << 4 | 2268 wmep[WME_AC_VO].wmep_logcwmin); 2269 2270 /* update CWmax */ 2271 RAL_WRITE(sc, RT2661_CWMAX_CSR, 2272 wmep[WME_AC_BE].wmep_logcwmax << 12 | 2273 wmep[WME_AC_BK].wmep_logcwmax << 8 | 2274 wmep[WME_AC_VI].wmep_logcwmax << 4 | 2275 wmep[WME_AC_VO].wmep_logcwmax); 2276 2277 /* update Aifsn */ 2278 RAL_WRITE(sc, RT2661_AIFSN_CSR, 2279 wmep[WME_AC_BE].wmep_aifsn << 12 | 2280 wmep[WME_AC_BK].wmep_aifsn << 8 | 2281 wmep[WME_AC_VI].wmep_aifsn << 4 | 2282 wmep[WME_AC_VO].wmep_aifsn); 2283 2284 return 0; 2285} 2286 2287static void 2288rt2661_update_slot(struct ifnet *ifp) 2289{ 2290 struct rt2661_softc *sc = ifp->if_softc; 2291 struct ieee80211com *ic = &sc->sc_ic; 2292 uint8_t slottime; 2293 uint32_t tmp; 2294 2295 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2296 2297 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2298 tmp = (tmp & ~0xff) | slottime; 2299 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2300} 2301 2302static const char * 2303rt2661_get_rf(int rev) 2304{ 2305 switch (rev) { 2306 case RT2661_RF_5225: return "RT5225"; 2307 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2308 case RT2661_RF_2527: return "RT2527"; 2309 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2310 default: return "unknown"; 2311 } 2312} 2313 2314static void 2315rt2661_read_eeprom(struct rt2661_softc *sc) 2316{ 2317 struct ieee80211com *ic = &sc->sc_ic; 2318 uint16_t val; 2319 int i; 2320 2321 /* read MAC address */ 2322 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2323 ic->ic_myaddr[0] = val & 0xff; 2324 ic->ic_myaddr[1] = val >> 8; 2325 2326 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2327 ic->ic_myaddr[2] = val & 0xff; 2328 ic->ic_myaddr[3] = val >> 8; 2329 2330 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2331 ic->ic_myaddr[4] = val & 0xff; 2332 ic->ic_myaddr[5] = val >> 8; 2333 2334 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2335 /* XXX: test if different from 0xffff? */ 2336 sc->rf_rev = (val >> 11) & 0x1f; 2337 sc->hw_radio = (val >> 10) & 0x1; 2338 sc->rx_ant = (val >> 4) & 0x3; 2339 sc->tx_ant = (val >> 2) & 0x3; 2340 sc->nb_ant = val & 0x3; 2341 2342 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2343 2344 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2345 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2346 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2347 2348 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2349 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2350 2351 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2352 if ((val & 0xff) != 0xff) 2353 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2354 2355 /* Only [-10, 10] is valid */ 2356 if (sc->rssi_2ghz_corr < -10 || sc->rssi_2ghz_corr > 10) 2357 sc->rssi_2ghz_corr = 0; 2358 2359 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2360 if ((val & 0xff) != 0xff) 2361 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2362 2363 /* Only [-10, 10] is valid */ 2364 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10) 2365 sc->rssi_5ghz_corr = 0; 2366 2367 /* adjust RSSI correction for external low-noise amplifier */ 2368 if (sc->ext_2ghz_lna) 2369 sc->rssi_2ghz_corr -= 14; 2370 if (sc->ext_5ghz_lna) 2371 sc->rssi_5ghz_corr -= 14; 2372 2373 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2374 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2375 2376 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2377 if ((val >> 8) != 0xff) 2378 sc->rfprog = (val >> 8) & 0x3; 2379 if ((val & 0xff) != 0xff) 2380 sc->rffreq = val & 0xff; 2381 2382 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2383 2384 /* read Tx power for all a/b/g channels */ 2385 for (i = 0; i < 19; i++) { 2386 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2387 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2388 DPRINTF(("Channel=%d Tx power=%d\n", 2389 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2390 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2391 DPRINTF(("Channel=%d Tx power=%d\n", 2392 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2393 } 2394 2395 /* read vendor-specific BBP values */ 2396 for (i = 0; i < 16; i++) { 2397 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2398 if (val == 0 || val == 0xffff) 2399 continue; /* skip invalid entries */ 2400 sc->bbp_prom[i].reg = val >> 8; 2401 sc->bbp_prom[i].val = val & 0xff; 2402 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2403 sc->bbp_prom[i].val)); 2404 } 2405} 2406 2407static int 2408rt2661_bbp_init(struct rt2661_softc *sc) 2409{ 2410#define N(a) (sizeof (a) / sizeof ((a)[0])) 2411 int i, ntries; 2412 uint8_t val; 2413 2414 /* wait for BBP to be ready */ 2415 for (ntries = 0; ntries < 100; ntries++) { 2416 val = rt2661_bbp_read(sc, 0); 2417 if (val != 0 && val != 0xff) 2418 break; 2419 DELAY(100); 2420 } 2421 if (ntries == 100) { 2422 device_printf(sc->sc_dev, "timeout waiting for BBP\n"); 2423 return EIO; 2424 } 2425 2426 /* initialize BBP registers to default values */ 2427 for (i = 0; i < N(rt2661_def_bbp); i++) { 2428 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2429 rt2661_def_bbp[i].val); 2430 } 2431 2432 /* write vendor-specific BBP values (from EEPROM) */ 2433 for (i = 0; i < 16; i++) { 2434 if (sc->bbp_prom[i].reg == 0) 2435 continue; 2436 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2437 } 2438 2439 return 0; 2440#undef N 2441} 2442 2443static void 2444rt2661_init(void *priv) 2445{ 2446#define N(a) (sizeof (a) / sizeof ((a)[0])) 2447 struct rt2661_softc *sc = priv; 2448 struct ieee80211com *ic = &sc->sc_ic; 2449 struct ifnet *ifp = ic->ic_ifp; 2450 uint32_t tmp, sta[3]; 2451 int i, ntries; 2452 2453 RAL_LOCK(sc); 2454 2455 rt2661_stop_locked(sc); 2456 2457 /* initialize Tx rings */ 2458 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2459 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2460 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2461 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2462 2463 /* initialize Mgt ring */ 2464 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2465 2466 /* initialize Rx ring */ 2467 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2468 2469 /* initialize Tx rings sizes */ 2470 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2471 RT2661_TX_RING_COUNT << 24 | 2472 RT2661_TX_RING_COUNT << 16 | 2473 RT2661_TX_RING_COUNT << 8 | 2474 RT2661_TX_RING_COUNT); 2475 2476 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2477 RT2661_TX_DESC_WSIZE << 16 | 2478 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2479 RT2661_MGT_RING_COUNT); 2480 2481 /* initialize Rx rings */ 2482 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2483 RT2661_RX_DESC_BACK << 16 | 2484 RT2661_RX_DESC_WSIZE << 8 | 2485 RT2661_RX_RING_COUNT); 2486 2487 /* XXX: some magic here */ 2488 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2489 2490 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2491 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2492 2493 /* load base address of Rx ring */ 2494 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2495 2496 /* initialize MAC registers to default values */ 2497 for (i = 0; i < N(rt2661_def_mac); i++) 2498 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2499 2500 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2501 rt2661_set_macaddr(sc, ic->ic_myaddr); 2502 2503 /* set host ready */ 2504 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2505 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2506 2507 /* wait for BBP/RF to wakeup */ 2508 for (ntries = 0; ntries < 1000; ntries++) { 2509 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2510 break; 2511 DELAY(1000); 2512 } 2513 if (ntries == 1000) { 2514 printf("timeout waiting for BBP/RF to wakeup\n"); 2515 rt2661_stop_locked(sc); 2516 RAL_UNLOCK(sc); 2517 return; 2518 } 2519 2520 if (rt2661_bbp_init(sc) != 0) { 2521 rt2661_stop_locked(sc); 2522 RAL_UNLOCK(sc); 2523 return; 2524 } 2525 2526 /* select default channel */ 2527 sc->sc_curchan = ic->ic_curchan; 2528 rt2661_select_band(sc, sc->sc_curchan); 2529 rt2661_select_antenna(sc); 2530 rt2661_set_chan(sc, sc->sc_curchan); 2531 2532 /* update Rx filter */ 2533 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2534 2535 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2536 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2537 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2538 RT2661_DROP_ACKCTS; 2539 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2540 tmp |= RT2661_DROP_TODS; 2541 if (!(ifp->if_flags & IFF_PROMISC)) 2542 tmp |= RT2661_DROP_NOT_TO_ME; 2543 } 2544 2545 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2546 2547 /* clear STA registers */ 2548 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta)); 2549 2550 /* initialize ASIC */ 2551 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2552 2553 /* clear any pending interrupt */ 2554 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2555 2556 /* enable interrupts */ 2557 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2558 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2559 2560 /* kick Rx */ 2561 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2562 RAL_UNLOCK(sc); 2563 2564 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2565 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2566 2567 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2568 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2569 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2570 } else 2571 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2572 2573 2574#undef N 2575} 2576 2577void 2578rt2661_stop(void *priv) 2579{ 2580 struct rt2661_softc *sc = priv; 2581 2582 RAL_LOCK(sc); 2583 rt2661_stop_locked(sc); 2584 RAL_UNLOCK(sc); 2585} 2586 2587void 2588rt2661_stop_locked(struct rt2661_softc *sc) 2589{ 2590 struct ieee80211com *ic = &sc->sc_ic; 2591 struct ifnet *ifp = ic->ic_ifp; 2592 uint32_t tmp; 2593 volatile int *flags = &sc->sc_flags; 2594 2595 while (*flags & RAL_INPUT_RUNNING) { 2596 msleep(sc, &sc->sc_mtx, 0, "ralrunning", hz/10); 2597 } 2598 2599 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 2600 sc->sc_tx_timer = 0; 2601 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 2602 2603 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2604 2605 /* abort Tx (for all 5 Tx rings) */ 2606 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2607 2608 /* disable Rx (value remains after reset!) */ 2609 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2610 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2611 2612 /* reset ASIC */ 2613 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2614 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2615 2616 /* disable interrupts */ 2617 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffffff); 2618 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2619 2620 /* clear any pending interrupt */ 2621 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2622 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2623 2624 /* reset Tx and Rx rings */ 2625 rt2661_reset_tx_ring(sc, &sc->txq[0]); 2626 rt2661_reset_tx_ring(sc, &sc->txq[1]); 2627 rt2661_reset_tx_ring(sc, &sc->txq[2]); 2628 rt2661_reset_tx_ring(sc, &sc->txq[3]); 2629 rt2661_reset_tx_ring(sc, &sc->mgtq); 2630 rt2661_reset_rx_ring(sc, &sc->rxq); 2631 } 2632} 2633 2634static int 2635rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size) 2636{ 2637 int ntries; 2638 2639 /* reset 8051 */ 2640 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2641 2642 /* cancel any pending Host to MCU command */ 2643 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2644 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2645 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2646 2647 /* write 8051's microcode */ 2648 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2649 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size); 2650 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2651 2652 /* kick 8051's ass */ 2653 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2654 2655 /* wait for 8051 to initialize */ 2656 for (ntries = 0; ntries < 500; ntries++) { 2657 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2658 break; 2659 DELAY(100); 2660 } 2661 if (ntries == 500) { 2662 printf("timeout waiting for MCU to initialize\n"); 2663 return EIO; 2664 } 2665 return 0; 2666} 2667 2668#ifdef notyet 2669/* 2670 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2671 * false CCA count. This function is called periodically (every seconds) when 2672 * in the RUN state. Values taken from the reference driver. 2673 */ 2674static void 2675rt2661_rx_tune(struct rt2661_softc *sc) 2676{ 2677 uint8_t bbp17; 2678 uint16_t cca; 2679 int lo, hi, dbm; 2680 2681 /* 2682 * Tuning range depends on operating band and on the presence of an 2683 * external low-noise amplifier. 2684 */ 2685 lo = 0x20; 2686 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2687 lo += 0x08; 2688 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2689 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2690 lo += 0x10; 2691 hi = lo + 0x20; 2692 2693 /* retrieve false CCA count since last call (clear on read) */ 2694 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2695 2696 if (dbm >= -35) { 2697 bbp17 = 0x60; 2698 } else if (dbm >= -58) { 2699 bbp17 = hi; 2700 } else if (dbm >= -66) { 2701 bbp17 = lo + 0x10; 2702 } else if (dbm >= -74) { 2703 bbp17 = lo + 0x08; 2704 } else { 2705 /* RSSI < -74dBm, tune using false CCA count */ 2706 2707 bbp17 = sc->bbp17; /* current value */ 2708 2709 hi -= 2 * (-74 - dbm); 2710 if (hi < lo) 2711 hi = lo; 2712 2713 if (bbp17 > hi) { 2714 bbp17 = hi; 2715 2716 } else if (cca > 512) { 2717 if (++bbp17 > hi) 2718 bbp17 = hi; 2719 } else if (cca < 100) { 2720 if (--bbp17 < lo) 2721 bbp17 = lo; 2722 } 2723 } 2724 2725 if (bbp17 != sc->bbp17) { 2726 rt2661_bbp_write(sc, 17, bbp17); 2727 sc->bbp17 = bbp17; 2728 } 2729} 2730 2731/* 2732 * Enter/Leave radar detection mode. 2733 * This is for 802.11h additional regulatory domains. 2734 */ 2735static void 2736rt2661_radar_start(struct rt2661_softc *sc) 2737{ 2738 uint32_t tmp; 2739 2740 /* disable Rx */ 2741 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2742 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2743 2744 rt2661_bbp_write(sc, 82, 0x20); 2745 rt2661_bbp_write(sc, 83, 0x00); 2746 rt2661_bbp_write(sc, 84, 0x40); 2747 2748 /* save current BBP registers values */ 2749 sc->bbp18 = rt2661_bbp_read(sc, 18); 2750 sc->bbp21 = rt2661_bbp_read(sc, 21); 2751 sc->bbp22 = rt2661_bbp_read(sc, 22); 2752 sc->bbp16 = rt2661_bbp_read(sc, 16); 2753 sc->bbp17 = rt2661_bbp_read(sc, 17); 2754 sc->bbp64 = rt2661_bbp_read(sc, 64); 2755 2756 rt2661_bbp_write(sc, 18, 0xff); 2757 rt2661_bbp_write(sc, 21, 0x3f); 2758 rt2661_bbp_write(sc, 22, 0x3f); 2759 rt2661_bbp_write(sc, 16, 0xbd); 2760 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2761 rt2661_bbp_write(sc, 64, 0x21); 2762 2763 /* restore Rx filter */ 2764 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2765} 2766 2767static int 2768rt2661_radar_stop(struct rt2661_softc *sc) 2769{ 2770 uint8_t bbp66; 2771 2772 /* read radar detection result */ 2773 bbp66 = rt2661_bbp_read(sc, 66); 2774 2775 /* restore BBP registers values */ 2776 rt2661_bbp_write(sc, 16, sc->bbp16); 2777 rt2661_bbp_write(sc, 17, sc->bbp17); 2778 rt2661_bbp_write(sc, 18, sc->bbp18); 2779 rt2661_bbp_write(sc, 21, sc->bbp21); 2780 rt2661_bbp_write(sc, 22, sc->bbp22); 2781 rt2661_bbp_write(sc, 64, sc->bbp64); 2782 2783 return bbp66 == 1; 2784} 2785#endif 2786 2787static int 2788rt2661_prepare_beacon(struct rt2661_softc *sc) 2789{ 2790 struct ieee80211com *ic = &sc->sc_ic; 2791 struct ieee80211_beacon_offsets bo; 2792 struct rt2661_tx_desc desc; 2793 struct mbuf *m0; 2794 int rate; 2795 2796 m0 = ieee80211_beacon_alloc(ic, ic->ic_bss, &bo); 2797 if (m0 == NULL) { 2798 device_printf(sc->sc_dev, "could not allocate beacon frame\n"); 2799 return ENOBUFS; 2800 } 2801 2802 /* send beacons at the lowest available rate */ 2803 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2; 2804 2805 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2806 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT); 2807 2808 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2809 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2810 2811 /* copy beacon header and payload into NIC memory */ 2812 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2813 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2814 2815 m_freem(m0); 2816 2817 return 0; 2818} 2819 2820/* 2821 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 2822 * and HostAP operating modes. 2823 */ 2824static void 2825rt2661_enable_tsf_sync(struct rt2661_softc *sc) 2826{ 2827 struct ieee80211com *ic = &sc->sc_ic; 2828 uint32_t tmp; 2829 2830 if (ic->ic_opmode != IEEE80211_M_STA) { 2831 /* 2832 * Change default 16ms TBTT adjustment to 8ms. 2833 * Must be done before enabling beacon generation. 2834 */ 2835 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 2836 } 2837 2838 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 2839 2840 /* set beacon interval (in 1/16ms unit) */ 2841 tmp |= ic->ic_bss->ni_intval * 16; 2842 2843 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 2844 if (ic->ic_opmode == IEEE80211_M_STA) 2845 tmp |= RT2661_TSF_MODE(1); 2846 else 2847 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 2848 2849 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 2850} 2851 2852/* 2853 * Retrieve the "Received Signal Strength Indicator" from the raw values 2854 * contained in Rx descriptors. The computation depends on which band the 2855 * frame was received. Correction values taken from the reference driver. 2856 */ 2857static int 2858rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 2859{ 2860 int lna, agc, rssi; 2861 2862 lna = (raw >> 5) & 0x3; 2863 agc = raw & 0x1f; 2864 2865 if (lna == 0) { 2866 /* 2867 * No mapping available. 2868 * 2869 * NB: Since RSSI is relative to noise floor, -1 is 2870 * adequate for caller to know error happened. 2871 */ 2872 return -1; 2873 } 2874 2875 rssi = (2 * agc) - RT2661_NOISE_FLOOR; 2876 2877 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 2878 rssi += sc->rssi_2ghz_corr; 2879 2880 if (lna == 1) 2881 rssi -= 64; 2882 else if (lna == 2) 2883 rssi -= 74; 2884 else if (lna == 3) 2885 rssi -= 90; 2886 } else { 2887 rssi += sc->rssi_5ghz_corr; 2888 2889 if (lna == 1) 2890 rssi -= 64; 2891 else if (lna == 2) 2892 rssi -= 86; 2893 else if (lna == 3) 2894 rssi -= 100; 2895 } 2896 return rssi; 2897} 2898 2899static void 2900rt2661_scan_start(struct ieee80211com *ic) 2901{ 2902 struct ifnet *ifp = ic->ic_ifp; 2903 struct rt2661_softc *sc = ifp->if_softc; 2904 uint32_t tmp; 2905 2906 /* abort TSF synchronization */ 2907 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 2908 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0xffffff); 2909 rt2661_set_bssid(sc, ifp->if_broadcastaddr); 2910} 2911 2912static void 2913rt2661_scan_end(struct ieee80211com *ic) 2914{ 2915 struct ifnet *ifp = ic->ic_ifp; 2916 struct rt2661_softc *sc = ifp->if_softc; 2917 2918 rt2661_enable_tsf_sync(sc); 2919 /* XXX keep local copy */ 2920 rt2661_set_bssid(sc, ic->ic_bss->ni_bssid); 2921} 2922 2923static void 2924rt2661_set_channel(struct ieee80211com *ic) 2925{ 2926 struct ifnet *ifp = ic->ic_ifp; 2927 struct rt2661_softc *sc = ifp->if_softc; 2928 2929 RAL_LOCK(sc); 2930 rt2661_set_chan(sc, ic->ic_curchan); 2931 RAL_UNLOCK(sc); 2932 2933} 2934