rt2661.c revision 171086
1/* $FreeBSD: head/sys/dev/ral/rt2661.c 171086 2007-06-29 02:43:13Z kevlo $ */ 2 3/*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20#include <sys/cdefs.h> 21__FBSDID("$FreeBSD: head/sys/dev/ral/rt2661.c 171086 2007-06-29 02:43:13Z kevlo $"); 22 23/*- 24 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 25 * http://www.ralinktech.com/ 26 */ 27 28#include <sys/param.h> 29#include <sys/sysctl.h> 30#include <sys/sockio.h> 31#include <sys/mbuf.h> 32#include <sys/kernel.h> 33#include <sys/socket.h> 34#include <sys/systm.h> 35#include <sys/malloc.h> 36#include <sys/lock.h> 37#include <sys/mutex.h> 38#include <sys/module.h> 39#include <sys/bus.h> 40#include <sys/endian.h> 41 42#include <machine/bus.h> 43#include <machine/resource.h> 44#include <sys/rman.h> 45 46#include <net/bpf.h> 47#include <net/if.h> 48#include <net/if_arp.h> 49#include <net/ethernet.h> 50#include <net/if_dl.h> 51#include <net/if_media.h> 52#include <net/if_types.h> 53 54#include <net80211/ieee80211_var.h> 55#include <net80211/ieee80211_radiotap.h> 56#include <net80211/ieee80211_regdomain.h> 57 58#include <netinet/in.h> 59#include <netinet/in_systm.h> 60#include <netinet/in_var.h> 61#include <netinet/ip.h> 62#include <netinet/if_ether.h> 63 64#include <dev/ral/if_ralrate.h> 65#include <dev/ral/rt2661reg.h> 66#include <dev/ral/rt2661var.h> 67#include <dev/ral/rt2661_ucode.h> 68 69#ifdef RAL_DEBUG 70#define DPRINTF(x) do { if (ral_debug > 0) printf x; } while (0) 71#define DPRINTFN(n, x) do { if (ral_debug >= (n)) printf x; } while (0) 72int ral_debug = 0; 73SYSCTL_INT(_debug, OID_AUTO, ral, CTLFLAG_RW, &ral_debug, 0, "ral debug level"); 74#else 75#define DPRINTF(x) 76#define DPRINTFN(n, x) 77#endif 78 79static void rt2661_dma_map_addr(void *, bus_dma_segment_t *, int, 80 int); 81static int rt2661_alloc_tx_ring(struct rt2661_softc *, 82 struct rt2661_tx_ring *, int); 83static void rt2661_reset_tx_ring(struct rt2661_softc *, 84 struct rt2661_tx_ring *); 85static void rt2661_free_tx_ring(struct rt2661_softc *, 86 struct rt2661_tx_ring *); 87static int rt2661_alloc_rx_ring(struct rt2661_softc *, 88 struct rt2661_rx_ring *, int); 89static void rt2661_reset_rx_ring(struct rt2661_softc *, 90 struct rt2661_rx_ring *); 91static void rt2661_free_rx_ring(struct rt2661_softc *, 92 struct rt2661_rx_ring *); 93static struct ieee80211_node *rt2661_node_alloc( 94 struct ieee80211_node_table *); 95static int rt2661_media_change(struct ifnet *); 96static int rt2661_newstate(struct ieee80211com *, 97 enum ieee80211_state, int); 98static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 99static void rt2661_rx_intr(struct rt2661_softc *); 100static void rt2661_tx_intr(struct rt2661_softc *); 101static void rt2661_tx_dma_intr(struct rt2661_softc *, 102 struct rt2661_tx_ring *); 103static void rt2661_mcu_beacon_expire(struct rt2661_softc *); 104static void rt2661_mcu_wakeup(struct rt2661_softc *); 105static void rt2661_mcu_cmd_intr(struct rt2661_softc *); 106static int rt2661_ack_rate(struct ieee80211com *, int); 107static void rt2661_scan_start(struct ieee80211com *); 108static void rt2661_scan_end(struct ieee80211com *); 109static void rt2661_set_channel(struct ieee80211com *); 110static uint16_t rt2661_txtime(int, int, uint32_t); 111static uint8_t rt2661_rxrate(struct rt2661_rx_desc *); 112static uint8_t rt2661_plcp_signal(int); 113static void rt2661_setup_tx_desc(struct rt2661_softc *, 114 struct rt2661_tx_desc *, uint32_t, uint16_t, int, 115 int, const bus_dma_segment_t *, int, int); 116static struct mbuf * rt2661_get_rts(struct rt2661_softc *, 117 struct ieee80211_frame *, uint16_t); 118static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 119 struct ieee80211_node *, int); 120static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 121 struct ieee80211_node *); 122static void rt2661_start(struct ifnet *); 123static void rt2661_watchdog(void *); 124static int rt2661_reset(struct ifnet *); 125static int rt2661_ioctl(struct ifnet *, u_long, caddr_t); 126static void rt2661_bbp_write(struct rt2661_softc *, uint8_t, 127 uint8_t); 128static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 129static void rt2661_rf_write(struct rt2661_softc *, uint8_t, 130 uint32_t); 131static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, 132 uint16_t); 133static void rt2661_select_antenna(struct rt2661_softc *); 134static void rt2661_enable_mrr(struct rt2661_softc *); 135static void rt2661_set_txpreamble(struct rt2661_softc *); 136static void rt2661_set_basicrates(struct rt2661_softc *, 137 const struct ieee80211_rateset *); 138static void rt2661_select_band(struct rt2661_softc *, 139 struct ieee80211_channel *); 140static void rt2661_set_chan(struct rt2661_softc *, 141 struct ieee80211_channel *); 142static void rt2661_set_bssid(struct rt2661_softc *, 143 const uint8_t *); 144static void rt2661_set_macaddr(struct rt2661_softc *, 145 const uint8_t *); 146static void rt2661_update_promisc(struct rt2661_softc *); 147static int rt2661_wme_update(struct ieee80211com *) __unused; 148static void rt2661_update_slot(struct ifnet *); 149static const char *rt2661_get_rf(int); 150static void rt2661_read_eeprom(struct rt2661_softc *); 151static int rt2661_bbp_init(struct rt2661_softc *); 152static void rt2661_init(void *); 153static void rt2661_stop(void *); 154static void rt2661_stop_locked(struct rt2661_softc *); 155static int rt2661_load_microcode(struct rt2661_softc *, 156 const uint8_t *, int); 157#ifdef notyet 158static void rt2661_rx_tune(struct rt2661_softc *); 159static void rt2661_radar_start(struct rt2661_softc *); 160static int rt2661_radar_stop(struct rt2661_softc *); 161#endif 162static int rt2661_prepare_beacon(struct rt2661_softc *); 163static void rt2661_enable_tsf_sync(struct rt2661_softc *); 164static int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 165 166static const struct { 167 uint32_t reg; 168 uint32_t val; 169} rt2661_def_mac[] = { 170 RT2661_DEF_MAC 171}; 172 173static const struct { 174 uint8_t reg; 175 uint8_t val; 176} rt2661_def_bbp[] = { 177 RT2661_DEF_BBP 178}; 179 180static const struct rfprog { 181 uint8_t chan; 182 uint32_t r1, r2, r3, r4; 183} rt2661_rf5225_1[] = { 184 RT2661_RF5225_1 185}, rt2661_rf5225_2[] = { 186 RT2661_RF5225_2 187}; 188 189int 190rt2661_attach(device_t dev, int id) 191{ 192 struct rt2661_softc *sc = device_get_softc(dev); 193 struct ieee80211com *ic = &sc->sc_ic; 194 struct ifnet *ifp; 195 uint32_t val; 196 const uint8_t *ucode = NULL; 197 int bands, error, ac, ntries, size = 0; 198 199 sc->sc_dev = dev; 200 201 mtx_init(&sc->sc_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK, 202 MTX_DEF | MTX_RECURSE); 203 204 callout_init_mtx(&sc->watchdog_ch, &sc->sc_mtx, 0); 205 callout_init(&sc->rssadapt_ch, CALLOUT_MPSAFE); 206 207 /* wait for NIC to initialize */ 208 for (ntries = 0; ntries < 1000; ntries++) { 209 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 210 break; 211 DELAY(1000); 212 } 213 if (ntries == 1000) { 214 device_printf(sc->sc_dev, 215 "timeout waiting for NIC to initialize\n"); 216 error = EIO; 217 goto fail1; 218 } 219 220 /* retrieve RF rev. no and various other things from EEPROM */ 221 rt2661_read_eeprom(sc); 222 223 device_printf(dev, "MAC/BBP RT%X, RF %s\n", val, 224 rt2661_get_rf(sc->rf_rev)); 225 226 /* 227 * Load 8051 microcode into NIC. 228 */ 229 switch (id) { 230 case 0x0301: 231 ucode = rt2561s_ucode; 232 size = sizeof rt2561s_ucode; 233 break; 234 case 0x0302: 235 ucode = rt2561_ucode; 236 size = sizeof rt2561_ucode; 237 break; 238 case 0x0401: 239 ucode = rt2661_ucode; 240 size = sizeof rt2661_ucode; 241 break; 242 } 243 244 error = rt2661_load_microcode(sc, ucode, size); 245 if (error != 0) { 246 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 247 goto fail1; 248 } 249 250 /* 251 * Allocate Tx and Rx rings. 252 */ 253 for (ac = 0; ac < 4; ac++) { 254 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac], 255 RT2661_TX_RING_COUNT); 256 if (error != 0) { 257 device_printf(sc->sc_dev, 258 "could not allocate Tx ring %d\n", ac); 259 goto fail2; 260 } 261 } 262 263 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 264 if (error != 0) { 265 device_printf(sc->sc_dev, "could not allocate Mgt ring\n"); 266 goto fail2; 267 } 268 269 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 270 if (error != 0) { 271 device_printf(sc->sc_dev, "could not allocate Rx ring\n"); 272 goto fail3; 273 } 274 275 ifp = sc->sc_ifp = if_alloc(IFT_ETHER); 276 if (ifp == NULL) { 277 device_printf(sc->sc_dev, "can not if_alloc()\n"); 278 error = ENOMEM; 279 goto fail4; 280 } 281 282 ifp->if_softc = sc; 283 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 284 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 285 ifp->if_init = rt2661_init; 286 ifp->if_ioctl = rt2661_ioctl; 287 ifp->if_start = rt2661_start; 288 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 289 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN; 290 IFQ_SET_READY(&ifp->if_snd); 291 292 ic->ic_ifp = ifp; 293 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 294 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 295 ic->ic_state = IEEE80211_S_INIT; 296 297 /* set device capabilities */ 298 ic->ic_caps = 299 IEEE80211_C_IBSS | /* IBSS mode supported */ 300 IEEE80211_C_MONITOR | /* monitor mode supported */ 301 IEEE80211_C_HOSTAP | /* HostAp mode supported */ 302 IEEE80211_C_TXPMGT | /* tx power management */ 303 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 304 IEEE80211_C_SHSLOT | /* short slot time supported */ 305#ifdef notyet 306 IEEE80211_C_WME | /* 802.11e */ 307#endif 308 IEEE80211_C_BGSCAN | /* bg scanning support */ 309 IEEE80211_C_WPA; /* 802.11i */ 310 311 bands = 0; 312 setbit(&bands, IEEE80211_MODE_11B); 313 setbit(&bands, IEEE80211_MODE_11G); 314 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) 315 setbit(&bands, IEEE80211_MODE_11A); 316 ieee80211_init_channels(ic, 0, CTRY_DEFAULT, bands, 0, 1); 317 318 ieee80211_ifattach(ic); 319 ic->ic_node_alloc = rt2661_node_alloc; 320/* ic->ic_wme.wme_update = rt2661_wme_update;*/ 321 ic->ic_scan_start = rt2661_scan_start; 322 ic->ic_scan_end = rt2661_scan_end; 323 ic->ic_set_channel = rt2661_set_channel; 324 ic->ic_updateslot = rt2661_update_slot; 325 ic->ic_reset = rt2661_reset; 326 /* enable s/w bmiss handling in sta mode */ 327 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 328 329 /* override state transition machine */ 330 sc->sc_newstate = ic->ic_newstate; 331 ic->ic_newstate = rt2661_newstate; 332 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status); 333 334 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 335 sizeof (struct ieee80211_frame) + sizeof (sc->sc_txtap), 336 &sc->sc_drvbpf); 337 338 sc->sc_rxtap_len = sizeof sc->sc_rxtap; 339 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 340 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 341 342 sc->sc_txtap_len = sizeof sc->sc_txtap; 343 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 344 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 345 346 347 /* 348 * Add a few sysctl knobs. 349 */ 350 sc->dwelltime = 200; 351 352 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev), 353 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO, "dwell", 354 CTLFLAG_RW, &sc->dwelltime, 0, 355 "channel dwell time (ms) for AP/station scanning"); 356 357 if (bootverbose) 358 ieee80211_announce(ic); 359 360 return 0; 361 362fail4: rt2661_free_rx_ring(sc, &sc->rxq); 363fail3: rt2661_free_tx_ring(sc, &sc->mgtq); 364fail2: while (--ac >= 0) 365 rt2661_free_tx_ring(sc, &sc->txq[ac]); 366fail1: mtx_destroy(&sc->sc_mtx); 367 return error; 368} 369 370int 371rt2661_detach(void *xsc) 372{ 373 struct rt2661_softc *sc = xsc; 374 struct ieee80211com *ic = &sc->sc_ic; 375 struct ifnet *ifp = ic->ic_ifp; 376 377 rt2661_stop(sc); 378 callout_stop(&sc->watchdog_ch); 379 callout_stop(&sc->rssadapt_ch); 380 381 bpfdetach(ifp); 382 ieee80211_ifdetach(ic); 383 384 rt2661_free_tx_ring(sc, &sc->txq[0]); 385 rt2661_free_tx_ring(sc, &sc->txq[1]); 386 rt2661_free_tx_ring(sc, &sc->txq[2]); 387 rt2661_free_tx_ring(sc, &sc->txq[3]); 388 rt2661_free_tx_ring(sc, &sc->mgtq); 389 rt2661_free_rx_ring(sc, &sc->rxq); 390 391 if_free(ifp); 392 393 mtx_destroy(&sc->sc_mtx); 394 395 return 0; 396} 397 398void 399rt2661_shutdown(void *xsc) 400{ 401 struct rt2661_softc *sc = xsc; 402 403 rt2661_stop(sc); 404} 405 406void 407rt2661_suspend(void *xsc) 408{ 409 struct rt2661_softc *sc = xsc; 410 411 rt2661_stop(sc); 412} 413 414void 415rt2661_resume(void *xsc) 416{ 417 struct rt2661_softc *sc = xsc; 418 struct ifnet *ifp = sc->sc_ic.ic_ifp; 419 420 if (ifp->if_flags & IFF_UP) { 421 ifp->if_init(ifp->if_softc); 422 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 423 ifp->if_start(ifp); 424 } 425} 426 427static void 428rt2661_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 429{ 430 if (error != 0) 431 return; 432 433 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 434 435 *(bus_addr_t *)arg = segs[0].ds_addr; 436} 437 438static int 439rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 440 int count) 441{ 442 int i, error; 443 444 ring->count = count; 445 ring->queued = 0; 446 ring->cur = ring->next = ring->stat = 0; 447 448 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 449 BUS_SPACE_MAXADDR, NULL, NULL, count * RT2661_TX_DESC_SIZE, 1, 450 count * RT2661_TX_DESC_SIZE, 0, NULL, NULL, &ring->desc_dmat); 451 if (error != 0) { 452 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 453 goto fail; 454 } 455 456 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 457 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 458 if (error != 0) { 459 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 460 goto fail; 461 } 462 463 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 464 count * RT2661_TX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 465 0); 466 if (error != 0) { 467 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 468 goto fail; 469 } 470 471 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF, 472 M_NOWAIT | M_ZERO); 473 if (ring->data == NULL) { 474 device_printf(sc->sc_dev, "could not allocate soft data\n"); 475 error = ENOMEM; 476 goto fail; 477 } 478 479 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 480 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, RT2661_MAX_SCATTER, 481 MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 482 if (error != 0) { 483 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 484 goto fail; 485 } 486 487 for (i = 0; i < count; i++) { 488 error = bus_dmamap_create(ring->data_dmat, 0, 489 &ring->data[i].map); 490 if (error != 0) { 491 device_printf(sc->sc_dev, "could not create DMA map\n"); 492 goto fail; 493 } 494 } 495 496 return 0; 497 498fail: rt2661_free_tx_ring(sc, ring); 499 return error; 500} 501 502static void 503rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 504{ 505 struct rt2661_tx_desc *desc; 506 struct rt2661_tx_data *data; 507 int i; 508 509 for (i = 0; i < ring->count; i++) { 510 desc = &ring->desc[i]; 511 data = &ring->data[i]; 512 513 if (data->m != NULL) { 514 bus_dmamap_sync(ring->data_dmat, data->map, 515 BUS_DMASYNC_POSTWRITE); 516 bus_dmamap_unload(ring->data_dmat, data->map); 517 m_freem(data->m); 518 data->m = NULL; 519 } 520 521 if (data->ni != NULL) { 522 ieee80211_free_node(data->ni); 523 data->ni = NULL; 524 } 525 526 desc->flags = 0; 527 } 528 529 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 530 531 ring->queued = 0; 532 ring->cur = ring->next = ring->stat = 0; 533} 534 535static void 536rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 537{ 538 struct rt2661_tx_data *data; 539 int i; 540 541 if (ring->desc != NULL) { 542 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 543 BUS_DMASYNC_POSTWRITE); 544 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 545 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 546 } 547 548 if (ring->desc_dmat != NULL) 549 bus_dma_tag_destroy(ring->desc_dmat); 550 551 if (ring->data != NULL) { 552 for (i = 0; i < ring->count; i++) { 553 data = &ring->data[i]; 554 555 if (data->m != NULL) { 556 bus_dmamap_sync(ring->data_dmat, data->map, 557 BUS_DMASYNC_POSTWRITE); 558 bus_dmamap_unload(ring->data_dmat, data->map); 559 m_freem(data->m); 560 } 561 562 if (data->ni != NULL) 563 ieee80211_free_node(data->ni); 564 565 if (data->map != NULL) 566 bus_dmamap_destroy(ring->data_dmat, data->map); 567 } 568 569 free(ring->data, M_DEVBUF); 570 } 571 572 if (ring->data_dmat != NULL) 573 bus_dma_tag_destroy(ring->data_dmat); 574} 575 576static int 577rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 578 int count) 579{ 580 struct rt2661_rx_desc *desc; 581 struct rt2661_rx_data *data; 582 bus_addr_t physaddr; 583 int i, error; 584 585 ring->count = count; 586 ring->cur = ring->next = 0; 587 588 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 589 BUS_SPACE_MAXADDR, NULL, NULL, count * RT2661_RX_DESC_SIZE, 1, 590 count * RT2661_RX_DESC_SIZE, 0, NULL, NULL, &ring->desc_dmat); 591 if (error != 0) { 592 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 593 goto fail; 594 } 595 596 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 597 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 598 if (error != 0) { 599 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 600 goto fail; 601 } 602 603 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 604 count * RT2661_RX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 605 0); 606 if (error != 0) { 607 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 608 goto fail; 609 } 610 611 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF, 612 M_NOWAIT | M_ZERO); 613 if (ring->data == NULL) { 614 device_printf(sc->sc_dev, "could not allocate soft data\n"); 615 error = ENOMEM; 616 goto fail; 617 } 618 619 /* 620 * Pre-allocate Rx buffers and populate Rx ring. 621 */ 622 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 623 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, NULL, 624 NULL, &ring->data_dmat); 625 if (error != 0) { 626 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 627 goto fail; 628 } 629 630 for (i = 0; i < count; i++) { 631 desc = &sc->rxq.desc[i]; 632 data = &sc->rxq.data[i]; 633 634 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 635 if (error != 0) { 636 device_printf(sc->sc_dev, "could not create DMA map\n"); 637 goto fail; 638 } 639 640 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 641 if (data->m == NULL) { 642 device_printf(sc->sc_dev, 643 "could not allocate rx mbuf\n"); 644 error = ENOMEM; 645 goto fail; 646 } 647 648 error = bus_dmamap_load(ring->data_dmat, data->map, 649 mtod(data->m, void *), MCLBYTES, rt2661_dma_map_addr, 650 &physaddr, 0); 651 if (error != 0) { 652 device_printf(sc->sc_dev, 653 "could not load rx buf DMA map"); 654 goto fail; 655 } 656 657 desc->flags = htole32(RT2661_RX_BUSY); 658 desc->physaddr = htole32(physaddr); 659 } 660 661 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 662 663 return 0; 664 665fail: rt2661_free_rx_ring(sc, ring); 666 return error; 667} 668 669static void 670rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 671{ 672 int i; 673 674 for (i = 0; i < ring->count; i++) 675 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 676 677 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 678 679 ring->cur = ring->next = 0; 680} 681 682static void 683rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 684{ 685 struct rt2661_rx_data *data; 686 int i; 687 688 if (ring->desc != NULL) { 689 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 690 BUS_DMASYNC_POSTWRITE); 691 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 692 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 693 } 694 695 if (ring->desc_dmat != NULL) 696 bus_dma_tag_destroy(ring->desc_dmat); 697 698 if (ring->data != NULL) { 699 for (i = 0; i < ring->count; i++) { 700 data = &ring->data[i]; 701 702 if (data->m != NULL) { 703 bus_dmamap_sync(ring->data_dmat, data->map, 704 BUS_DMASYNC_POSTREAD); 705 bus_dmamap_unload(ring->data_dmat, data->map); 706 m_freem(data->m); 707 } 708 709 if (data->map != NULL) 710 bus_dmamap_destroy(ring->data_dmat, data->map); 711 } 712 713 free(ring->data, M_DEVBUF); 714 } 715 716 if (ring->data_dmat != NULL) 717 bus_dma_tag_destroy(ring->data_dmat); 718} 719 720static struct ieee80211_node * 721rt2661_node_alloc(struct ieee80211_node_table *nt) 722{ 723 struct rt2661_node *rn; 724 725 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE, 726 M_NOWAIT | M_ZERO); 727 728 return (rn != NULL) ? &rn->ni : NULL; 729} 730 731static int 732rt2661_media_change(struct ifnet *ifp) 733{ 734 struct rt2661_softc *sc = ifp->if_softc; 735 int error; 736 737 error = ieee80211_media_change(ifp); 738 if (error != ENETRESET) 739 return error; 740 741 if ((ifp->if_flags & IFF_UP) && (ifp->if_drv_flags & IFF_DRV_RUNNING)) 742 rt2661_init(sc); 743 744 return 0; 745} 746 747/* 748 * This function is called for each node present in the node station table. 749 */ 750static void 751rt2661_iter_func(void *arg, struct ieee80211_node *ni) 752{ 753 struct rt2661_node *rn = (struct rt2661_node *)ni; 754 755 ral_rssadapt_updatestats(&rn->rssadapt); 756} 757 758/* 759 * This function is called periodically (every 100ms) in RUN state to update 760 * the rate adaptation statistics. 761 */ 762static void 763rt2661_update_rssadapt(void *arg) 764{ 765 struct rt2661_softc *sc = arg; 766 struct ieee80211com *ic = &sc->sc_ic; 767 768 RAL_LOCK(sc); 769 770 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg); 771 callout_reset(&sc->rssadapt_ch, hz / 10, rt2661_update_rssadapt, sc); 772 773 RAL_UNLOCK(sc); 774} 775 776static int 777rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 778{ 779 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 780 enum ieee80211_state ostate; 781 struct ieee80211_node *ni; 782 uint32_t tmp; 783 int error = 0; 784 785 ostate = ic->ic_state; 786 787 switch (nstate) { 788 case IEEE80211_S_INIT: 789 callout_stop(&sc->rssadapt_ch); 790 791 if (ostate == IEEE80211_S_RUN) { 792 /* abort TSF synchronization */ 793 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 794 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 795 } 796 break; 797 case IEEE80211_S_RUN: 798 ni = ic->ic_bss; 799 800 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 801 rt2661_enable_mrr(sc); 802 rt2661_set_txpreamble(sc); 803 rt2661_set_basicrates(sc, &ni->ni_rates); 804 rt2661_set_bssid(sc, ni->ni_bssid); 805 } 806 807 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 808 ic->ic_opmode == IEEE80211_M_IBSS) { 809 if ((error = rt2661_prepare_beacon(sc)) != 0) 810 break; 811 } 812 813 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 814 callout_reset(&sc->rssadapt_ch, hz / 10, 815 rt2661_update_rssadapt, sc); 816 rt2661_enable_tsf_sync(sc); 817 } 818 break; 819 case IEEE80211_S_SCAN: 820 case IEEE80211_S_AUTH: 821 case IEEE80211_S_ASSOC: 822 break; 823 } 824 825 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg); 826} 827 828/* 829 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 830 * 93C66). 831 */ 832static uint16_t 833rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 834{ 835 uint32_t tmp; 836 uint16_t val; 837 int n; 838 839 /* clock C once before the first command */ 840 RT2661_EEPROM_CTL(sc, 0); 841 842 RT2661_EEPROM_CTL(sc, RT2661_S); 843 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 844 RT2661_EEPROM_CTL(sc, RT2661_S); 845 846 /* write start bit (1) */ 847 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 848 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 849 850 /* write READ opcode (10) */ 851 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 852 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 853 RT2661_EEPROM_CTL(sc, RT2661_S); 854 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 855 856 /* write address (A5-A0 or A7-A0) */ 857 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 858 for (; n >= 0; n--) { 859 RT2661_EEPROM_CTL(sc, RT2661_S | 860 (((addr >> n) & 1) << RT2661_SHIFT_D)); 861 RT2661_EEPROM_CTL(sc, RT2661_S | 862 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 863 } 864 865 RT2661_EEPROM_CTL(sc, RT2661_S); 866 867 /* read data Q15-Q0 */ 868 val = 0; 869 for (n = 15; n >= 0; n--) { 870 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 871 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 872 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 873 RT2661_EEPROM_CTL(sc, RT2661_S); 874 } 875 876 RT2661_EEPROM_CTL(sc, 0); 877 878 /* clear Chip Select and clock C */ 879 RT2661_EEPROM_CTL(sc, RT2661_S); 880 RT2661_EEPROM_CTL(sc, 0); 881 RT2661_EEPROM_CTL(sc, RT2661_C); 882 883 return val; 884} 885 886static void 887rt2661_tx_intr(struct rt2661_softc *sc) 888{ 889 struct ieee80211com *ic = &sc->sc_ic; 890 struct ifnet *ifp = ic->ic_ifp; 891 struct rt2661_tx_ring *txq; 892 struct rt2661_tx_data *data; 893 struct rt2661_node *rn; 894 uint32_t val; 895 int qid, retrycnt; 896 897 for (;;) { 898 struct ieee80211_node *ni; 899 struct mbuf *m; 900 901 val = RAL_READ(sc, RT2661_STA_CSR4); 902 if (!(val & RT2661_TX_STAT_VALID)) 903 break; 904 905 /* retrieve the queue in which this frame was sent */ 906 qid = RT2661_TX_QID(val); 907 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq; 908 909 /* retrieve rate control algorithm context */ 910 data = &txq->data[txq->stat]; 911 m = data->m; 912 data->m = NULL; 913 ni = data->ni; 914 data->ni = NULL; 915 916 /* if no frame has been sent, ignore */ 917 if (ni == NULL) 918 continue; 919 920 rn = (struct rt2661_node *)ni; 921 922 switch (RT2661_TX_RESULT(val)) { 923 case RT2661_TX_SUCCESS: 924 retrycnt = RT2661_TX_RETRYCNT(val); 925 926 DPRINTFN(10, ("data frame sent successfully after " 927 "%d retries\n", retrycnt)); 928 if (retrycnt == 0 && data->id.id_node != NULL) { 929 ral_rssadapt_raise_rate(ic, &rn->rssadapt, 930 &data->id); 931 } 932 ifp->if_opackets++; 933 break; 934 935 case RT2661_TX_RETRY_FAIL: 936 DPRINTFN(9, ("sending data frame failed (too much " 937 "retries)\n")); 938 if (data->id.id_node != NULL) { 939 ral_rssadapt_lower_rate(ic, ni, 940 &rn->rssadapt, &data->id); 941 } 942 ifp->if_oerrors++; 943 break; 944 945 default: 946 /* other failure */ 947 device_printf(sc->sc_dev, 948 "sending data frame failed 0x%08x\n", val); 949 ifp->if_oerrors++; 950 } 951 952 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat)); 953 954 txq->queued--; 955 if (++txq->stat >= txq->count) /* faster than % count */ 956 txq->stat = 0; 957 958 if (m->m_flags & M_TXCB) 959 ieee80211_process_callback(ni, m, 960 RT2661_TX_RESULT(val) != RT2661_TX_SUCCESS); 961 m_freem(m); 962 ieee80211_free_node(ni); 963 } 964 965 sc->sc_tx_timer = 0; 966 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 967 rt2661_start(ifp); 968} 969 970static void 971rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 972{ 973 struct rt2661_tx_desc *desc; 974 struct rt2661_tx_data *data; 975 976 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_POSTREAD); 977 978 for (;;) { 979 desc = &txq->desc[txq->next]; 980 data = &txq->data[txq->next]; 981 982 if ((le32toh(desc->flags) & RT2661_TX_BUSY) || 983 !(le32toh(desc->flags) & RT2661_TX_VALID)) 984 break; 985 986 bus_dmamap_sync(txq->data_dmat, data->map, 987 BUS_DMASYNC_POSTWRITE); 988 bus_dmamap_unload(txq->data_dmat, data->map); 989 990 /* descriptor is no longer valid */ 991 desc->flags &= ~htole32(RT2661_TX_VALID); 992 993 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 994 995 if (++txq->next >= txq->count) /* faster than % count */ 996 txq->next = 0; 997 } 998 999 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1000} 1001 1002static void 1003rt2661_rx_intr(struct rt2661_softc *sc) 1004{ 1005 struct ieee80211com *ic = &sc->sc_ic; 1006 struct ifnet *ifp = ic->ic_ifp; 1007 struct rt2661_rx_desc *desc; 1008 struct rt2661_rx_data *data; 1009 bus_addr_t physaddr; 1010 struct ieee80211_frame *wh; 1011 struct ieee80211_node *ni; 1012 struct rt2661_node *rn; 1013 struct mbuf *mnew, *m; 1014 int error; 1015 1016 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1017 BUS_DMASYNC_POSTREAD); 1018 1019 for (;;) { 1020 int rssi; 1021 1022 desc = &sc->rxq.desc[sc->rxq.cur]; 1023 data = &sc->rxq.data[sc->rxq.cur]; 1024 1025 if (le32toh(desc->flags) & RT2661_RX_BUSY) 1026 break; 1027 1028 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) || 1029 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) { 1030 /* 1031 * This should not happen since we did not request 1032 * to receive those frames when we filled TXRX_CSR0. 1033 */ 1034 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1035 le32toh(desc->flags))); 1036 ifp->if_ierrors++; 1037 goto skip; 1038 } 1039 1040 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1041 ifp->if_ierrors++; 1042 goto skip; 1043 } 1044 1045 /* 1046 * Try to allocate a new mbuf for this ring element and load it 1047 * before processing the current mbuf. If the ring element 1048 * cannot be loaded, drop the received packet and reuse the old 1049 * mbuf. In the unlikely case that the old mbuf can't be 1050 * reloaded either, explicitly panic. 1051 */ 1052 mnew = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1053 if (mnew == NULL) { 1054 ifp->if_ierrors++; 1055 goto skip; 1056 } 1057 1058 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1059 BUS_DMASYNC_POSTREAD); 1060 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1061 1062 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1063 mtod(mnew, void *), MCLBYTES, rt2661_dma_map_addr, 1064 &physaddr, 0); 1065 if (error != 0) { 1066 m_freem(mnew); 1067 1068 /* try to reload the old mbuf */ 1069 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1070 mtod(data->m, void *), MCLBYTES, 1071 rt2661_dma_map_addr, &physaddr, 0); 1072 if (error != 0) { 1073 /* very unlikely that it will fail... */ 1074 panic("%s: could not load old rx mbuf", 1075 device_get_name(sc->sc_dev)); 1076 } 1077 ifp->if_ierrors++; 1078 goto skip; 1079 } 1080 1081 /* 1082 * New mbuf successfully loaded, update Rx ring and continue 1083 * processing. 1084 */ 1085 m = data->m; 1086 data->m = mnew; 1087 desc->physaddr = htole32(physaddr); 1088 1089 /* finalize mbuf */ 1090 m->m_pkthdr.rcvif = ifp; 1091 m->m_pkthdr.len = m->m_len = 1092 (le32toh(desc->flags) >> 16) & 0xfff; 1093 1094 rssi = rt2661_get_rssi(sc, desc->rssi); 1095 1096 if (bpf_peers_present(sc->sc_drvbpf)) { 1097 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1098 uint32_t tsf_lo, tsf_hi; 1099 1100 /* get timestamp (low and high 32 bits) */ 1101 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1102 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1103 1104 tap->wr_tsf = 1105 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1106 tap->wr_flags = 0; 1107 tap->wr_rate = rt2661_rxrate(desc); 1108 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 1109 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 1110 tap->wr_antsignal = rssi < 0 ? 0 : rssi; 1111 1112 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1113 } 1114 sc->sc_flags |= RAL_INPUT_RUNNING; 1115 RAL_UNLOCK(sc); 1116 wh = mtod(m, struct ieee80211_frame *); 1117 ni = ieee80211_find_rxnode(ic, 1118 (struct ieee80211_frame_min *)wh); 1119 1120 /* Error happened during RSSI conversion. */ 1121 if (rssi < 0) 1122 rssi = ni->ni_rssi; 1123 1124 /* send the frame to the 802.11 layer */ 1125 ieee80211_input(ic, m, ni, rssi, RT2661_NOISE_FLOOR, 0); 1126 1127 /* give rssi to the rate adatation algorithm */ 1128 rn = (struct rt2661_node *)ni; 1129 RAL_LOCK(sc); 1130 sc->sc_flags &= ~RAL_INPUT_RUNNING; 1131 ral_rssadapt_input(ic, ni, &rn->rssadapt, rssi); 1132 1133 /* node is no longer needed */ 1134 ieee80211_free_node(ni); 1135 1136skip: desc->flags |= htole32(RT2661_RX_BUSY); 1137 1138 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur)); 1139 1140 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1141 } 1142 1143 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1144 BUS_DMASYNC_PREWRITE); 1145} 1146 1147/* ARGSUSED */ 1148static void 1149rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1150{ 1151 /* do nothing */ 1152} 1153 1154static void 1155rt2661_mcu_wakeup(struct rt2661_softc *sc) 1156{ 1157 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1158 1159 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1160 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1161 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1162 1163 /* send wakeup command to MCU */ 1164 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1165} 1166 1167static void 1168rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1169{ 1170 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1171 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1172} 1173 1174void 1175rt2661_intr(void *arg) 1176{ 1177 struct rt2661_softc *sc = arg; 1178 struct ifnet *ifp = sc->sc_ifp; 1179 uint32_t r1, r2; 1180 1181 RAL_LOCK(sc); 1182 1183 /* disable MAC and MCU interrupts */ 1184 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1185 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1186 1187 /* don't re-enable interrupts if we're shutting down */ 1188 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 1189 RAL_UNLOCK(sc); 1190 return; 1191 } 1192 1193 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1194 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1195 1196 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1197 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1198 1199 if (r1 & RT2661_MGT_DONE) 1200 rt2661_tx_dma_intr(sc, &sc->mgtq); 1201 1202 if (r1 & RT2661_RX_DONE) 1203 rt2661_rx_intr(sc); 1204 1205 if (r1 & RT2661_TX0_DMA_DONE) 1206 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1207 1208 if (r1 & RT2661_TX1_DMA_DONE) 1209 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1210 1211 if (r1 & RT2661_TX2_DMA_DONE) 1212 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1213 1214 if (r1 & RT2661_TX3_DMA_DONE) 1215 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1216 1217 if (r1 & RT2661_TX_DONE) 1218 rt2661_tx_intr(sc); 1219 1220 if (r2 & RT2661_MCU_CMD_DONE) 1221 rt2661_mcu_cmd_intr(sc); 1222 1223 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1224 rt2661_mcu_beacon_expire(sc); 1225 1226 if (r2 & RT2661_MCU_WAKEUP) 1227 rt2661_mcu_wakeup(sc); 1228 1229 /* re-enable MAC and MCU interrupts */ 1230 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 1231 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 1232 1233 RAL_UNLOCK(sc); 1234} 1235 1236/* quickly determine if a given rate is CCK or OFDM */ 1237#define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1238 1239#define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1240#define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1241 1242#define RAL_SIFS 10 /* us */ 1243 1244/* 1245 * This function is only used by the Rx radiotap code. It returns the rate at 1246 * which a given frame was received. 1247 */ 1248static uint8_t 1249rt2661_rxrate(struct rt2661_rx_desc *desc) 1250{ 1251 if (le32toh(desc->flags) & RT2661_RX_OFDM) { 1252 /* reverse function of rt2661_plcp_signal */ 1253 switch (desc->rate & 0xf) { 1254 case 0xb: return 12; 1255 case 0xf: return 18; 1256 case 0xa: return 24; 1257 case 0xe: return 36; 1258 case 0x9: return 48; 1259 case 0xd: return 72; 1260 case 0x8: return 96; 1261 case 0xc: return 108; 1262 } 1263 } else { 1264 if (desc->rate == 10) 1265 return 2; 1266 if (desc->rate == 20) 1267 return 4; 1268 if (desc->rate == 55) 1269 return 11; 1270 if (desc->rate == 110) 1271 return 22; 1272 } 1273 return 2; /* should not get there */ 1274} 1275 1276/* 1277 * Return the expected ack rate for a frame transmitted at rate `rate'. 1278 * XXX: this should depend on the destination node basic rate set. 1279 */ 1280static int 1281rt2661_ack_rate(struct ieee80211com *ic, int rate) 1282{ 1283 switch (rate) { 1284 /* CCK rates */ 1285 case 2: 1286 return 2; 1287 case 4: 1288 case 11: 1289 case 22: 1290 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1291 1292 /* OFDM rates */ 1293 case 12: 1294 case 18: 1295 return 12; 1296 case 24: 1297 case 36: 1298 return 24; 1299 case 48: 1300 case 72: 1301 case 96: 1302 case 108: 1303 return 48; 1304 } 1305 1306 /* default to 1Mbps */ 1307 return 2; 1308} 1309 1310/* 1311 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1312 * The function automatically determines the operating mode depending on the 1313 * given rate. `flags' indicates whether short preamble is in use or not. 1314 */ 1315static uint16_t 1316rt2661_txtime(int len, int rate, uint32_t flags) 1317{ 1318 uint16_t txtime; 1319 1320 if (RAL_RATE_IS_OFDM(rate)) { 1321 /* IEEE Std 802.11a-1999, pp. 37 */ 1322 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1323 txtime = 16 + 4 + 4 * txtime + 6; 1324 } else { 1325 /* IEEE Std 802.11b-1999, pp. 28 */ 1326 txtime = (16 * len + rate - 1) / rate; 1327 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1328 txtime += 72 + 24; 1329 else 1330 txtime += 144 + 48; 1331 } 1332 1333 return txtime; 1334} 1335 1336static uint8_t 1337rt2661_plcp_signal(int rate) 1338{ 1339 switch (rate) { 1340 /* CCK rates (returned values are device-dependent) */ 1341 case 2: return 0x0; 1342 case 4: return 0x1; 1343 case 11: return 0x2; 1344 case 22: return 0x3; 1345 1346 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1347 case 12: return 0xb; 1348 case 18: return 0xf; 1349 case 24: return 0xa; 1350 case 36: return 0xe; 1351 case 48: return 0x9; 1352 case 72: return 0xd; 1353 case 96: return 0x8; 1354 case 108: return 0xc; 1355 1356 /* unsupported rates (should not get there) */ 1357 default: return 0xff; 1358 } 1359} 1360 1361static void 1362rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1363 uint32_t flags, uint16_t xflags, int len, int rate, 1364 const bus_dma_segment_t *segs, int nsegs, int ac) 1365{ 1366 struct ieee80211com *ic = &sc->sc_ic; 1367 uint16_t plcp_length; 1368 int i, remainder; 1369 1370 desc->flags = htole32(flags); 1371 desc->flags |= htole32(len << 16); 1372 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1373 1374 desc->xflags = htole16(xflags); 1375 desc->xflags |= htole16(nsegs << 13); 1376 1377 desc->wme = htole16( 1378 RT2661_QID(ac) | 1379 RT2661_AIFSN(2) | 1380 RT2661_LOGCWMIN(4) | 1381 RT2661_LOGCWMAX(10)); 1382 1383 /* 1384 * Remember in which queue this frame was sent. This field is driver 1385 * private data only. It will be made available by the NIC in STA_CSR4 1386 * on Tx interrupts. 1387 */ 1388 desc->qid = ac; 1389 1390 /* setup PLCP fields */ 1391 desc->plcp_signal = rt2661_plcp_signal(rate); 1392 desc->plcp_service = 4; 1393 1394 len += IEEE80211_CRC_LEN; 1395 if (RAL_RATE_IS_OFDM(rate)) { 1396 desc->flags |= htole32(RT2661_TX_OFDM); 1397 1398 plcp_length = len & 0xfff; 1399 desc->plcp_length_hi = plcp_length >> 6; 1400 desc->plcp_length_lo = plcp_length & 0x3f; 1401 } else { 1402 plcp_length = (16 * len + rate - 1) / rate; 1403 if (rate == 22) { 1404 remainder = (16 * len) % 22; 1405 if (remainder != 0 && remainder < 7) 1406 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1407 } 1408 desc->plcp_length_hi = plcp_length >> 8; 1409 desc->plcp_length_lo = plcp_length & 0xff; 1410 1411 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1412 desc->plcp_signal |= 0x08; 1413 } 1414 1415 /* RT2x61 supports scatter with up to 5 segments */ 1416 for (i = 0; i < nsegs; i++) { 1417 desc->addr[i] = htole32(segs[i].ds_addr); 1418 desc->len [i] = htole16(segs[i].ds_len); 1419 } 1420} 1421 1422static int 1423rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1424 struct ieee80211_node *ni) 1425{ 1426 struct ieee80211com *ic = &sc->sc_ic; 1427 struct rt2661_tx_desc *desc; 1428 struct rt2661_tx_data *data; 1429 struct ieee80211_frame *wh; 1430 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1431 uint16_t dur; 1432 uint32_t flags = 0; /* XXX HWSEQ */ 1433 int nsegs, rate, error; 1434 1435 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1436 data = &sc->mgtq.data[sc->mgtq.cur]; 1437 1438 /* send mgt frames at the lowest available rate */ 1439 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1440 1441 error = bus_dmamap_load_mbuf_sg(sc->mgtq.data_dmat, data->map, m0, 1442 segs, &nsegs, 0); 1443 if (error != 0) { 1444 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1445 error); 1446 m_freem(m0); 1447 return error; 1448 } 1449 1450 if (bpf_peers_present(sc->sc_drvbpf)) { 1451 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1452 1453 tap->wt_flags = 0; 1454 tap->wt_rate = rate; 1455 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1456 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1457 1458 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1459 } 1460 1461 data->m = m0; 1462 data->ni = ni; 1463 1464 wh = mtod(m0, struct ieee80211_frame *); 1465 1466 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1467 flags |= RT2661_TX_NEED_ACK; 1468 1469 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1470 RAL_SIFS; 1471 *(uint16_t *)wh->i_dur = htole16(dur); 1472 1473 /* tell hardware to add timestamp in probe responses */ 1474 if ((wh->i_fc[0] & 1475 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1476 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1477 flags |= RT2661_TX_TIMESTAMP; 1478 } 1479 1480 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1481 m0->m_pkthdr.len, rate, segs, nsegs, RT2661_QID_MGT); 1482 1483 bus_dmamap_sync(sc->mgtq.data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1484 bus_dmamap_sync(sc->mgtq.desc_dmat, sc->mgtq.desc_map, 1485 BUS_DMASYNC_PREWRITE); 1486 1487 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1488 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1489 1490 /* kick mgt */ 1491 sc->mgtq.queued++; 1492 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1493 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1494 1495 return 0; 1496} 1497 1498/* 1499 * Build a RTS control frame. 1500 */ 1501static struct mbuf * 1502rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh, 1503 uint16_t dur) 1504{ 1505 struct ieee80211_frame_rts *rts; 1506 struct mbuf *m; 1507 1508 MGETHDR(m, M_DONTWAIT, MT_DATA); 1509 if (m == NULL) { 1510 sc->sc_ic.ic_stats.is_tx_nobuf++; 1511 device_printf(sc->sc_dev, "could not allocate RTS frame\n"); 1512 return NULL; 1513 } 1514 1515 rts = mtod(m, struct ieee80211_frame_rts *); 1516 1517 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL | 1518 IEEE80211_FC0_SUBTYPE_RTS; 1519 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1520 *(uint16_t *)rts->i_dur = htole16(dur); 1521 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1); 1522 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2); 1523 1524 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts); 1525 1526 return m; 1527} 1528 1529static int 1530rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1531 struct ieee80211_node *ni, int ac) 1532{ 1533 struct ieee80211com *ic = &sc->sc_ic; 1534 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1535 struct rt2661_tx_desc *desc; 1536 struct rt2661_tx_data *data; 1537 struct rt2661_node *rn; 1538 struct ieee80211_frame *wh; 1539 struct ieee80211_key *k; 1540 const struct chanAccParams *cap; 1541 struct mbuf *mnew; 1542 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1543 uint16_t dur; 1544 uint32_t flags = 0; 1545 int error, nsegs, rate, noack = 0; 1546 1547 wh = mtod(m0, struct ieee80211_frame *); 1548 1549 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1550 rate = ic->ic_fixed_rate; 1551 } else { 1552 struct ieee80211_rateset *rs; 1553 1554 rs = &ni->ni_rates; 1555 rn = (struct rt2661_node *)ni; 1556 ni->ni_txrate = ral_rssadapt_choose(&rn->rssadapt, rs, 1557 wh, m0->m_pkthdr.len, NULL, 0); 1558 rate = rs->rs_rates[ni->ni_txrate]; 1559 } 1560 rate &= IEEE80211_RATE_VAL; 1561 1562 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1563 cap = &ic->ic_wme.wme_chanParams; 1564 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1565 } 1566 1567 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1568 k = ieee80211_crypto_encap(ic, ni, m0); 1569 if (k == NULL) { 1570 m_freem(m0); 1571 return ENOBUFS; 1572 } 1573 1574 /* packet header may have moved, reset our local pointer */ 1575 wh = mtod(m0, struct ieee80211_frame *); 1576 } 1577 1578 /* 1579 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange 1580 * for directed frames only when the length of the MPDU is greater 1581 * than the length threshold indicated by [...]" ic_rtsthreshold. 1582 */ 1583 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 1584 m0->m_pkthdr.len > ic->ic_rtsthreshold) { 1585 struct mbuf *m; 1586 uint16_t dur; 1587 int rtsrate, ackrate; 1588 1589 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1590 ackrate = rt2661_ack_rate(ic, rate); 1591 1592 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) + 1593 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) + 1594 /* XXX: noack (QoS)? */ 1595 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1596 3 * RAL_SIFS; 1597 1598 m = rt2661_get_rts(sc, wh, dur); 1599 1600 desc = &txq->desc[txq->cur]; 1601 data = &txq->data[txq->cur]; 1602 1603 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m, 1604 segs, &nsegs, 0); 1605 if (error != 0) { 1606 device_printf(sc->sc_dev, 1607 "could not map mbuf (error %d)\n", error); 1608 m_freem(m); 1609 m_freem(m0); 1610 return error; 1611 } 1612 1613 /* avoid multiple free() of the same node for each fragment */ 1614 ieee80211_ref_node(ni); 1615 1616 data->m = m; 1617 data->ni = ni; 1618 1619 /* RTS frames are not taken into account for rssadapt */ 1620 data->id.id_node = NULL; 1621 1622 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK | 1623 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate, segs, 1624 nsegs, ac); 1625 1626 bus_dmamap_sync(txq->data_dmat, data->map, 1627 BUS_DMASYNC_PREWRITE); 1628 1629 txq->queued++; 1630 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1631 1632 /* 1633 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the 1634 * asynchronous data frame shall be transmitted after the CTS 1635 * frame and a SIFS period. 1636 */ 1637 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS; 1638 } 1639 1640 data = &txq->data[txq->cur]; 1641 desc = &txq->desc[txq->cur]; 1642 1643 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, segs, 1644 &nsegs, 0); 1645 if (error != 0 && error != EFBIG) { 1646 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1647 error); 1648 m_freem(m0); 1649 return error; 1650 } 1651 if (error != 0) { 1652 mnew = m_defrag(m0, M_DONTWAIT); 1653 if (mnew == NULL) { 1654 device_printf(sc->sc_dev, 1655 "could not defragment mbuf\n"); 1656 m_freem(m0); 1657 return ENOBUFS; 1658 } 1659 m0 = mnew; 1660 1661 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, 1662 segs, &nsegs, 0); 1663 if (error != 0) { 1664 device_printf(sc->sc_dev, 1665 "could not map mbuf (error %d)\n", error); 1666 m_freem(m0); 1667 return error; 1668 } 1669 1670 /* packet header have moved, reset our local pointer */ 1671 wh = mtod(m0, struct ieee80211_frame *); 1672 } 1673 1674 if (bpf_peers_present(sc->sc_drvbpf)) { 1675 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1676 1677 tap->wt_flags = 0; 1678 tap->wt_rate = rate; 1679 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1680 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1681 1682 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1683 } 1684 1685 data->m = m0; 1686 data->ni = ni; 1687 1688 /* remember link conditions for rate adaptation algorithm */ 1689 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) { 1690 data->id.id_len = m0->m_pkthdr.len; 1691 data->id.id_rateidx = ni->ni_txrate; 1692 data->id.id_node = ni; 1693 data->id.id_rssi = ni->ni_rssi; 1694 } else 1695 data->id.id_node = NULL; 1696 1697 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1698 flags |= RT2661_TX_NEED_ACK; 1699 1700 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1701 ic->ic_flags) + RAL_SIFS; 1702 *(uint16_t *)wh->i_dur = htole16(dur); 1703 } 1704 1705 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, segs, 1706 nsegs, ac); 1707 1708 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1709 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1710 1711 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1712 m0->m_pkthdr.len, txq->cur, rate)); 1713 1714 /* kick Tx */ 1715 txq->queued++; 1716 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1717 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1 << ac); 1718 1719 return 0; 1720} 1721 1722static void 1723rt2661_start(struct ifnet *ifp) 1724{ 1725 struct rt2661_softc *sc = ifp->if_softc; 1726 struct ieee80211com *ic = &sc->sc_ic; 1727 struct mbuf *m0; 1728 struct ether_header *eh; 1729 struct ieee80211_node *ni; 1730 int ac; 1731 1732 RAL_LOCK(sc); 1733 1734 /* prevent management frames from being sent if we're not ready */ 1735 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING) || sc->sc_invalid) { 1736 RAL_UNLOCK(sc); 1737 return; 1738 } 1739 1740 for (;;) { 1741 IF_POLL(&ic->ic_mgtq, m0); 1742 if (m0 != NULL) { 1743 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1744 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1745 break; 1746 } 1747 IF_DEQUEUE(&ic->ic_mgtq, m0); 1748 1749 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1750 m0->m_pkthdr.rcvif = NULL; 1751 1752 if (bpf_peers_present(ic->ic_rawbpf)) 1753 bpf_mtap(ic->ic_rawbpf, m0); 1754 1755 if (rt2661_tx_mgt(sc, m0, ni) != 0) { 1756 ieee80211_free_node(ni); 1757 break; 1758 } 1759 } else { 1760 if (ic->ic_state != IEEE80211_S_RUN) 1761 break; 1762 1763 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0); 1764 if (m0 == NULL) 1765 break; 1766 1767 if (m0->m_len < sizeof (struct ether_header) && 1768 !(m0 = m_pullup(m0, sizeof (struct ether_header)))) 1769 continue; 1770 1771 eh = mtod(m0, struct ether_header *); 1772 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1773 if (ni == NULL) { 1774 m_freem(m0); 1775 ifp->if_oerrors++; 1776 continue; 1777 } 1778 1779 /* classify mbuf so we can find which tx ring to use */ 1780 if (ieee80211_classify(ic, m0, ni) != 0) { 1781 m_freem(m0); 1782 ieee80211_free_node(ni); 1783 ifp->if_oerrors++; 1784 continue; 1785 } 1786 1787 /* no QoS encapsulation for EAPOL frames */ 1788 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1789 M_WME_GETAC(m0) : WME_AC_BE; 1790 1791 if (sc->txq[ac].queued >= RT2661_TX_RING_COUNT - 1) { 1792 /* there is no place left in this ring */ 1793 IFQ_DRV_PREPEND(&ifp->if_snd, m0); 1794 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1795 ieee80211_free_node(ni); 1796 break; 1797 } 1798 1799 BPF_MTAP(ifp, m0); 1800 1801 m0 = ieee80211_encap(ic, m0, ni); 1802 if (m0 == NULL) { 1803 ieee80211_free_node(ni); 1804 ifp->if_oerrors++; 1805 continue; 1806 } 1807 1808 if (bpf_peers_present(ic->ic_rawbpf)) 1809 bpf_mtap(ic->ic_rawbpf, m0); 1810 1811 if (rt2661_tx_data(sc, m0, ni, ac) != 0) { 1812 ieee80211_free_node(ni); 1813 ifp->if_oerrors++; 1814 break; 1815 } 1816 } 1817 1818 sc->sc_tx_timer = 5; 1819 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1820 } 1821 1822 RAL_UNLOCK(sc); 1823} 1824 1825static void 1826rt2661_watchdog(void *arg) 1827{ 1828 struct rt2661_softc *sc = (struct rt2661_softc *)arg; 1829 1830 if (sc->sc_tx_timer > 0 && !sc->sc_invalid) { 1831 if (--sc->sc_tx_timer == 0) { 1832 device_printf(sc->sc_dev, "device timeout\n"); 1833 rt2661_init(sc); 1834 sc->sc_ifp->if_oerrors++; 1835 return; 1836 } 1837 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1838 } 1839} 1840 1841/* 1842 * This function allows for fast channel switching in monitor mode (used by 1843 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to 1844 * generate a new beacon frame. 1845 */ 1846static int 1847rt2661_reset(struct ifnet *ifp) 1848{ 1849 struct rt2661_softc *sc = ifp->if_softc; 1850 struct ieee80211com *ic = &sc->sc_ic; 1851 1852 if (ic->ic_opmode != IEEE80211_M_MONITOR) 1853 return ENETRESET; 1854 1855 rt2661_set_chan(sc, ic->ic_curchan); 1856 1857 return 0; 1858} 1859 1860static int 1861rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1862{ 1863 struct rt2661_softc *sc = ifp->if_softc; 1864 struct ieee80211com *ic = &sc->sc_ic; 1865 int error = 0; 1866 1867 switch (cmd) { 1868 case SIOCSIFFLAGS: 1869 if (ifp->if_flags & IFF_UP) { 1870 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1871 rt2661_update_promisc(sc); 1872 else 1873 rt2661_init(sc); 1874 } else { 1875 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1876 rt2661_stop(sc); 1877 } 1878 break; 1879 1880 default: 1881 error = ieee80211_ioctl(ic, cmd, data); 1882 } 1883 1884 if (error == ENETRESET) { 1885 if ((ifp->if_flags & IFF_UP) && 1886 (ifp->if_drv_flags & IFF_DRV_RUNNING) && 1887 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1888 rt2661_init(sc); 1889 error = 0; 1890 } 1891 1892 return error; 1893} 1894 1895static void 1896rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 1897{ 1898 uint32_t tmp; 1899 int ntries; 1900 1901 for (ntries = 0; ntries < 100; ntries++) { 1902 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1903 break; 1904 DELAY(1); 1905 } 1906 if (ntries == 100) { 1907 device_printf(sc->sc_dev, "could not write to BBP\n"); 1908 return; 1909 } 1910 1911 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 1912 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 1913 1914 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 1915} 1916 1917static uint8_t 1918rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 1919{ 1920 uint32_t val; 1921 int ntries; 1922 1923 for (ntries = 0; ntries < 100; ntries++) { 1924 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1925 break; 1926 DELAY(1); 1927 } 1928 if (ntries == 100) { 1929 device_printf(sc->sc_dev, "could not read from BBP\n"); 1930 return 0; 1931 } 1932 1933 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 1934 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 1935 1936 for (ntries = 0; ntries < 100; ntries++) { 1937 val = RAL_READ(sc, RT2661_PHY_CSR3); 1938 if (!(val & RT2661_BBP_BUSY)) 1939 return val & 0xff; 1940 DELAY(1); 1941 } 1942 1943 device_printf(sc->sc_dev, "could not read from BBP\n"); 1944 return 0; 1945} 1946 1947static void 1948rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 1949{ 1950 uint32_t tmp; 1951 int ntries; 1952 1953 for (ntries = 0; ntries < 100; ntries++) { 1954 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 1955 break; 1956 DELAY(1); 1957 } 1958 if (ntries == 100) { 1959 device_printf(sc->sc_dev, "could not write to RF\n"); 1960 return; 1961 } 1962 1963 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 1964 (reg & 3); 1965 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 1966 1967 /* remember last written value in sc */ 1968 sc->rf_regs[reg] = val; 1969 1970 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 1971} 1972 1973static int 1974rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 1975{ 1976 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 1977 return EIO; /* there is already a command pending */ 1978 1979 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 1980 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 1981 1982 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 1983 1984 return 0; 1985} 1986 1987static void 1988rt2661_select_antenna(struct rt2661_softc *sc) 1989{ 1990 uint8_t bbp4, bbp77; 1991 uint32_t tmp; 1992 1993 bbp4 = rt2661_bbp_read(sc, 4); 1994 bbp77 = rt2661_bbp_read(sc, 77); 1995 1996 /* TBD */ 1997 1998 /* make sure Rx is disabled before switching antenna */ 1999 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2000 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2001 2002 rt2661_bbp_write(sc, 4, bbp4); 2003 rt2661_bbp_write(sc, 77, bbp77); 2004 2005 /* restore Rx filter */ 2006 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2007} 2008 2009/* 2010 * Enable multi-rate retries for frames sent at OFDM rates. 2011 * In 802.11b/g mode, allow fallback to CCK rates. 2012 */ 2013static void 2014rt2661_enable_mrr(struct rt2661_softc *sc) 2015{ 2016 struct ieee80211com *ic = &sc->sc_ic; 2017 uint32_t tmp; 2018 2019 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2020 2021 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2022 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2023 tmp |= RT2661_MRR_CCK_FALLBACK; 2024 tmp |= RT2661_MRR_ENABLED; 2025 2026 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2027} 2028 2029static void 2030rt2661_set_txpreamble(struct rt2661_softc *sc) 2031{ 2032 uint32_t tmp; 2033 2034 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2035 2036 tmp &= ~RT2661_SHORT_PREAMBLE; 2037 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2038 tmp |= RT2661_SHORT_PREAMBLE; 2039 2040 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2041} 2042 2043/* 2044 * Supported rates for 802.11g. XXX should use ic_sup_rates. 2045 */ 2046static const struct ieee80211_rateset rt2661_rateset_11g = 2047 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 2048 2049static void 2050rt2661_set_basicrates(struct rt2661_softc *sc, 2051 const struct ieee80211_rateset *rs) 2052{ 2053#define RV(r) ((r) & IEEE80211_RATE_VAL) 2054 struct ieee80211com *ic = &sc->sc_ic; 2055 uint32_t mask = 0; 2056 uint8_t rate; 2057 int i, j; 2058 2059 for (i = 0; i < rs->rs_nrates; i++) { 2060 rate = rs->rs_rates[i]; 2061 2062 if (!(rate & IEEE80211_RATE_BASIC)) 2063 continue; 2064 2065 /* 2066 * Find h/w rate index. We know it exists because the rate 2067 * set has already been negotiated. 2068 */ 2069 for (j = 0; ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates[j] != RV(rate); j++); 2070 2071 mask |= 1 << j; 2072 } 2073 2074 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask); 2075 2076 DPRINTF(("Setting basic rate mask to 0x%x\n", mask)); 2077#undef RV 2078} 2079 2080/* 2081 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2082 * driver. 2083 */ 2084static void 2085rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2086{ 2087 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2088 uint32_t tmp; 2089 2090 /* update all BBP registers that depend on the band */ 2091 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2092 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2093 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2094 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2095 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2096 } 2097 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2098 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2099 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2100 } 2101 2102 rt2661_bbp_write(sc, 17, bbp17); 2103 rt2661_bbp_write(sc, 96, bbp96); 2104 rt2661_bbp_write(sc, 104, bbp104); 2105 2106 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2107 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2108 rt2661_bbp_write(sc, 75, 0x80); 2109 rt2661_bbp_write(sc, 86, 0x80); 2110 rt2661_bbp_write(sc, 88, 0x80); 2111 } 2112 2113 rt2661_bbp_write(sc, 35, bbp35); 2114 rt2661_bbp_write(sc, 97, bbp97); 2115 rt2661_bbp_write(sc, 98, bbp98); 2116 2117 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2118 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2119 if (IEEE80211_IS_CHAN_2GHZ(c)) 2120 tmp |= RT2661_PA_PE_2GHZ; 2121 else 2122 tmp |= RT2661_PA_PE_5GHZ; 2123 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2124} 2125 2126static void 2127rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2128{ 2129 struct ieee80211com *ic = &sc->sc_ic; 2130 const struct rfprog *rfprog; 2131 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2132 int8_t power; 2133 u_int i, chan; 2134 2135 chan = ieee80211_chan2ieee(ic, c); 2136 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2137 return; 2138 2139 /* select the appropriate RF settings based on what EEPROM says */ 2140 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2141 2142 /* find the settings for this channel (we know it exists) */ 2143 for (i = 0; rfprog[i].chan != chan; i++); 2144 2145 power = sc->txpow[i]; 2146 if (power < 0) { 2147 bbp94 += power; 2148 power = 0; 2149 } else if (power > 31) { 2150 bbp94 += power - 31; 2151 power = 31; 2152 } 2153 2154 /* 2155 * If we are switching from the 2GHz band to the 5GHz band or 2156 * vice-versa, BBP registers need to be reprogrammed. 2157 */ 2158 if (c->ic_flags != sc->sc_curchan->ic_flags) { 2159 rt2661_select_band(sc, c); 2160 rt2661_select_antenna(sc); 2161 } 2162 sc->sc_curchan = c; 2163 2164 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2165 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2166 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2167 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2168 2169 DELAY(200); 2170 2171 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2172 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2173 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2174 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2175 2176 DELAY(200); 2177 2178 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2179 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2180 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2181 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2182 2183 /* enable smart mode for MIMO-capable RFs */ 2184 bbp3 = rt2661_bbp_read(sc, 3); 2185 2186 bbp3 &= ~RT2661_SMART_MODE; 2187 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2188 bbp3 |= RT2661_SMART_MODE; 2189 2190 rt2661_bbp_write(sc, 3, bbp3); 2191 2192 if (bbp94 != RT2661_BBPR94_DEFAULT) 2193 rt2661_bbp_write(sc, 94, bbp94); 2194 2195 /* 5GHz radio needs a 1ms delay here */ 2196 if (IEEE80211_IS_CHAN_5GHZ(c)) 2197 DELAY(1000); 2198} 2199 2200static void 2201rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2202{ 2203 uint32_t tmp; 2204 2205 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2206 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2207 2208 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2209 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2210} 2211 2212static void 2213rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2214{ 2215 uint32_t tmp; 2216 2217 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2218 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2219 2220 tmp = addr[4] | addr[5] << 8; 2221 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2222} 2223 2224static void 2225rt2661_update_promisc(struct rt2661_softc *sc) 2226{ 2227 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2228 uint32_t tmp; 2229 2230 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2231 2232 tmp &= ~RT2661_DROP_NOT_TO_ME; 2233 if (!(ifp->if_flags & IFF_PROMISC)) 2234 tmp |= RT2661_DROP_NOT_TO_ME; 2235 2236 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2237 2238 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2239 "entering" : "leaving")); 2240} 2241 2242/* 2243 * Update QoS (802.11e) settings for each h/w Tx ring. 2244 */ 2245static int 2246rt2661_wme_update(struct ieee80211com *ic) 2247{ 2248 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 2249 const struct wmeParams *wmep; 2250 2251 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams; 2252 2253 /* XXX: not sure about shifts. */ 2254 /* XXX: the reference driver plays with AC_VI settings too. */ 2255 2256 /* update TxOp */ 2257 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0, 2258 wmep[WME_AC_BE].wmep_txopLimit << 16 | 2259 wmep[WME_AC_BK].wmep_txopLimit); 2260 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1, 2261 wmep[WME_AC_VI].wmep_txopLimit << 16 | 2262 wmep[WME_AC_VO].wmep_txopLimit); 2263 2264 /* update CWmin */ 2265 RAL_WRITE(sc, RT2661_CWMIN_CSR, 2266 wmep[WME_AC_BE].wmep_logcwmin << 12 | 2267 wmep[WME_AC_BK].wmep_logcwmin << 8 | 2268 wmep[WME_AC_VI].wmep_logcwmin << 4 | 2269 wmep[WME_AC_VO].wmep_logcwmin); 2270 2271 /* update CWmax */ 2272 RAL_WRITE(sc, RT2661_CWMAX_CSR, 2273 wmep[WME_AC_BE].wmep_logcwmax << 12 | 2274 wmep[WME_AC_BK].wmep_logcwmax << 8 | 2275 wmep[WME_AC_VI].wmep_logcwmax << 4 | 2276 wmep[WME_AC_VO].wmep_logcwmax); 2277 2278 /* update Aifsn */ 2279 RAL_WRITE(sc, RT2661_AIFSN_CSR, 2280 wmep[WME_AC_BE].wmep_aifsn << 12 | 2281 wmep[WME_AC_BK].wmep_aifsn << 8 | 2282 wmep[WME_AC_VI].wmep_aifsn << 4 | 2283 wmep[WME_AC_VO].wmep_aifsn); 2284 2285 return 0; 2286} 2287 2288static void 2289rt2661_update_slot(struct ifnet *ifp) 2290{ 2291 struct rt2661_softc *sc = ifp->if_softc; 2292 struct ieee80211com *ic = &sc->sc_ic; 2293 uint8_t slottime; 2294 uint32_t tmp; 2295 2296 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2297 2298 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2299 tmp = (tmp & ~0xff) | slottime; 2300 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2301} 2302 2303static const char * 2304rt2661_get_rf(int rev) 2305{ 2306 switch (rev) { 2307 case RT2661_RF_5225: return "RT5225"; 2308 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2309 case RT2661_RF_2527: return "RT2527"; 2310 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2311 default: return "unknown"; 2312 } 2313} 2314 2315static void 2316rt2661_read_eeprom(struct rt2661_softc *sc) 2317{ 2318 struct ieee80211com *ic = &sc->sc_ic; 2319 uint16_t val; 2320 int i; 2321 2322 /* read MAC address */ 2323 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2324 ic->ic_myaddr[0] = val & 0xff; 2325 ic->ic_myaddr[1] = val >> 8; 2326 2327 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2328 ic->ic_myaddr[2] = val & 0xff; 2329 ic->ic_myaddr[3] = val >> 8; 2330 2331 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2332 ic->ic_myaddr[4] = val & 0xff; 2333 ic->ic_myaddr[5] = val >> 8; 2334 2335 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2336 /* XXX: test if different from 0xffff? */ 2337 sc->rf_rev = (val >> 11) & 0x1f; 2338 sc->hw_radio = (val >> 10) & 0x1; 2339 sc->rx_ant = (val >> 4) & 0x3; 2340 sc->tx_ant = (val >> 2) & 0x3; 2341 sc->nb_ant = val & 0x3; 2342 2343 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2344 2345 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2346 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2347 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2348 2349 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2350 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2351 2352 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2353 if ((val & 0xff) != 0xff) 2354 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2355 2356 /* Only [-10, 10] is valid */ 2357 if (sc->rssi_2ghz_corr < -10 || sc->rssi_2ghz_corr > 10) 2358 sc->rssi_2ghz_corr = 0; 2359 2360 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2361 if ((val & 0xff) != 0xff) 2362 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2363 2364 /* Only [-10, 10] is valid */ 2365 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10) 2366 sc->rssi_5ghz_corr = 0; 2367 2368 /* adjust RSSI correction for external low-noise amplifier */ 2369 if (sc->ext_2ghz_lna) 2370 sc->rssi_2ghz_corr -= 14; 2371 if (sc->ext_5ghz_lna) 2372 sc->rssi_5ghz_corr -= 14; 2373 2374 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2375 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2376 2377 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2378 if ((val >> 8) != 0xff) 2379 sc->rfprog = (val >> 8) & 0x3; 2380 if ((val & 0xff) != 0xff) 2381 sc->rffreq = val & 0xff; 2382 2383 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2384 2385 /* read Tx power for all a/b/g channels */ 2386 for (i = 0; i < 19; i++) { 2387 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2388 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2389 DPRINTF(("Channel=%d Tx power=%d\n", 2390 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2391 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2392 DPRINTF(("Channel=%d Tx power=%d\n", 2393 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2394 } 2395 2396 /* read vendor-specific BBP values */ 2397 for (i = 0; i < 16; i++) { 2398 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2399 if (val == 0 || val == 0xffff) 2400 continue; /* skip invalid entries */ 2401 sc->bbp_prom[i].reg = val >> 8; 2402 sc->bbp_prom[i].val = val & 0xff; 2403 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2404 sc->bbp_prom[i].val)); 2405 } 2406} 2407 2408static int 2409rt2661_bbp_init(struct rt2661_softc *sc) 2410{ 2411#define N(a) (sizeof (a) / sizeof ((a)[0])) 2412 int i, ntries; 2413 uint8_t val; 2414 2415 /* wait for BBP to be ready */ 2416 for (ntries = 0; ntries < 100; ntries++) { 2417 val = rt2661_bbp_read(sc, 0); 2418 if (val != 0 && val != 0xff) 2419 break; 2420 DELAY(100); 2421 } 2422 if (ntries == 100) { 2423 device_printf(sc->sc_dev, "timeout waiting for BBP\n"); 2424 return EIO; 2425 } 2426 2427 /* initialize BBP registers to default values */ 2428 for (i = 0; i < N(rt2661_def_bbp); i++) { 2429 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2430 rt2661_def_bbp[i].val); 2431 } 2432 2433 /* write vendor-specific BBP values (from EEPROM) */ 2434 for (i = 0; i < 16; i++) { 2435 if (sc->bbp_prom[i].reg == 0) 2436 continue; 2437 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2438 } 2439 2440 return 0; 2441#undef N 2442} 2443 2444static void 2445rt2661_init(void *priv) 2446{ 2447#define N(a) (sizeof (a) / sizeof ((a)[0])) 2448 struct rt2661_softc *sc = priv; 2449 struct ieee80211com *ic = &sc->sc_ic; 2450 struct ifnet *ifp = ic->ic_ifp; 2451 uint32_t tmp, sta[3]; 2452 int i, ntries; 2453 2454 RAL_LOCK(sc); 2455 2456 rt2661_stop_locked(sc); 2457 2458 /* initialize Tx rings */ 2459 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2460 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2461 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2462 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2463 2464 /* initialize Mgt ring */ 2465 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2466 2467 /* initialize Rx ring */ 2468 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2469 2470 /* initialize Tx rings sizes */ 2471 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2472 RT2661_TX_RING_COUNT << 24 | 2473 RT2661_TX_RING_COUNT << 16 | 2474 RT2661_TX_RING_COUNT << 8 | 2475 RT2661_TX_RING_COUNT); 2476 2477 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2478 RT2661_TX_DESC_WSIZE << 16 | 2479 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2480 RT2661_MGT_RING_COUNT); 2481 2482 /* initialize Rx rings */ 2483 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2484 RT2661_RX_DESC_BACK << 16 | 2485 RT2661_RX_DESC_WSIZE << 8 | 2486 RT2661_RX_RING_COUNT); 2487 2488 /* XXX: some magic here */ 2489 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2490 2491 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2492 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2493 2494 /* load base address of Rx ring */ 2495 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2496 2497 /* initialize MAC registers to default values */ 2498 for (i = 0; i < N(rt2661_def_mac); i++) 2499 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2500 2501 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2502 rt2661_set_macaddr(sc, ic->ic_myaddr); 2503 2504 /* set host ready */ 2505 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2506 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2507 2508 /* wait for BBP/RF to wakeup */ 2509 for (ntries = 0; ntries < 1000; ntries++) { 2510 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2511 break; 2512 DELAY(1000); 2513 } 2514 if (ntries == 1000) { 2515 printf("timeout waiting for BBP/RF to wakeup\n"); 2516 rt2661_stop_locked(sc); 2517 RAL_UNLOCK(sc); 2518 return; 2519 } 2520 2521 if (rt2661_bbp_init(sc) != 0) { 2522 rt2661_stop_locked(sc); 2523 RAL_UNLOCK(sc); 2524 return; 2525 } 2526 2527 /* select default channel */ 2528 sc->sc_curchan = ic->ic_curchan; 2529 rt2661_select_band(sc, sc->sc_curchan); 2530 rt2661_select_antenna(sc); 2531 rt2661_set_chan(sc, sc->sc_curchan); 2532 2533 /* update Rx filter */ 2534 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2535 2536 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2537 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2538 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2539 RT2661_DROP_ACKCTS; 2540 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2541 tmp |= RT2661_DROP_TODS; 2542 if (!(ifp->if_flags & IFF_PROMISC)) 2543 tmp |= RT2661_DROP_NOT_TO_ME; 2544 } 2545 2546 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2547 2548 /* clear STA registers */ 2549 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta)); 2550 2551 /* initialize ASIC */ 2552 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2553 2554 /* clear any pending interrupt */ 2555 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2556 2557 /* enable interrupts */ 2558 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2559 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2560 2561 /* kick Rx */ 2562 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2563 RAL_UNLOCK(sc); 2564 2565 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2566 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2567 2568 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2569 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2570 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2571 } else 2572 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2573 2574 2575#undef N 2576} 2577 2578void 2579rt2661_stop(void *priv) 2580{ 2581 struct rt2661_softc *sc = priv; 2582 2583 RAL_LOCK(sc); 2584 rt2661_stop_locked(sc); 2585 RAL_UNLOCK(sc); 2586} 2587 2588void 2589rt2661_stop_locked(struct rt2661_softc *sc) 2590{ 2591 struct ieee80211com *ic = &sc->sc_ic; 2592 struct ifnet *ifp = ic->ic_ifp; 2593 uint32_t tmp; 2594 volatile int *flags = &sc->sc_flags; 2595 2596 while (*flags & RAL_INPUT_RUNNING) { 2597 msleep(sc, &sc->sc_mtx, 0, "ralrunning", hz/10); 2598 } 2599 2600 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 2601 sc->sc_tx_timer = 0; 2602 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 2603 2604 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2605 2606 /* abort Tx (for all 5 Tx rings) */ 2607 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2608 2609 /* disable Rx (value remains after reset!) */ 2610 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2611 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2612 2613 /* reset ASIC */ 2614 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2615 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2616 2617 /* disable interrupts */ 2618 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffffff); 2619 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2620 2621 /* clear any pending interrupt */ 2622 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2623 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2624 2625 /* reset Tx and Rx rings */ 2626 rt2661_reset_tx_ring(sc, &sc->txq[0]); 2627 rt2661_reset_tx_ring(sc, &sc->txq[1]); 2628 rt2661_reset_tx_ring(sc, &sc->txq[2]); 2629 rt2661_reset_tx_ring(sc, &sc->txq[3]); 2630 rt2661_reset_tx_ring(sc, &sc->mgtq); 2631 rt2661_reset_rx_ring(sc, &sc->rxq); 2632 } 2633} 2634 2635static int 2636rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size) 2637{ 2638 int ntries; 2639 2640 /* reset 8051 */ 2641 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2642 2643 /* cancel any pending Host to MCU command */ 2644 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2645 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2646 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2647 2648 /* write 8051's microcode */ 2649 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2650 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size); 2651 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2652 2653 /* kick 8051's ass */ 2654 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2655 2656 /* wait for 8051 to initialize */ 2657 for (ntries = 0; ntries < 500; ntries++) { 2658 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2659 break; 2660 DELAY(100); 2661 } 2662 if (ntries == 500) { 2663 printf("timeout waiting for MCU to initialize\n"); 2664 return EIO; 2665 } 2666 return 0; 2667} 2668 2669#ifdef notyet 2670/* 2671 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2672 * false CCA count. This function is called periodically (every seconds) when 2673 * in the RUN state. Values taken from the reference driver. 2674 */ 2675static void 2676rt2661_rx_tune(struct rt2661_softc *sc) 2677{ 2678 uint8_t bbp17; 2679 uint16_t cca; 2680 int lo, hi, dbm; 2681 2682 /* 2683 * Tuning range depends on operating band and on the presence of an 2684 * external low-noise amplifier. 2685 */ 2686 lo = 0x20; 2687 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2688 lo += 0x08; 2689 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2690 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2691 lo += 0x10; 2692 hi = lo + 0x20; 2693 2694 /* retrieve false CCA count since last call (clear on read) */ 2695 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2696 2697 if (dbm >= -35) { 2698 bbp17 = 0x60; 2699 } else if (dbm >= -58) { 2700 bbp17 = hi; 2701 } else if (dbm >= -66) { 2702 bbp17 = lo + 0x10; 2703 } else if (dbm >= -74) { 2704 bbp17 = lo + 0x08; 2705 } else { 2706 /* RSSI < -74dBm, tune using false CCA count */ 2707 2708 bbp17 = sc->bbp17; /* current value */ 2709 2710 hi -= 2 * (-74 - dbm); 2711 if (hi < lo) 2712 hi = lo; 2713 2714 if (bbp17 > hi) { 2715 bbp17 = hi; 2716 2717 } else if (cca > 512) { 2718 if (++bbp17 > hi) 2719 bbp17 = hi; 2720 } else if (cca < 100) { 2721 if (--bbp17 < lo) 2722 bbp17 = lo; 2723 } 2724 } 2725 2726 if (bbp17 != sc->bbp17) { 2727 rt2661_bbp_write(sc, 17, bbp17); 2728 sc->bbp17 = bbp17; 2729 } 2730} 2731 2732/* 2733 * Enter/Leave radar detection mode. 2734 * This is for 802.11h additional regulatory domains. 2735 */ 2736static void 2737rt2661_radar_start(struct rt2661_softc *sc) 2738{ 2739 uint32_t tmp; 2740 2741 /* disable Rx */ 2742 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2743 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2744 2745 rt2661_bbp_write(sc, 82, 0x20); 2746 rt2661_bbp_write(sc, 83, 0x00); 2747 rt2661_bbp_write(sc, 84, 0x40); 2748 2749 /* save current BBP registers values */ 2750 sc->bbp18 = rt2661_bbp_read(sc, 18); 2751 sc->bbp21 = rt2661_bbp_read(sc, 21); 2752 sc->bbp22 = rt2661_bbp_read(sc, 22); 2753 sc->bbp16 = rt2661_bbp_read(sc, 16); 2754 sc->bbp17 = rt2661_bbp_read(sc, 17); 2755 sc->bbp64 = rt2661_bbp_read(sc, 64); 2756 2757 rt2661_bbp_write(sc, 18, 0xff); 2758 rt2661_bbp_write(sc, 21, 0x3f); 2759 rt2661_bbp_write(sc, 22, 0x3f); 2760 rt2661_bbp_write(sc, 16, 0xbd); 2761 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2762 rt2661_bbp_write(sc, 64, 0x21); 2763 2764 /* restore Rx filter */ 2765 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2766} 2767 2768static int 2769rt2661_radar_stop(struct rt2661_softc *sc) 2770{ 2771 uint8_t bbp66; 2772 2773 /* read radar detection result */ 2774 bbp66 = rt2661_bbp_read(sc, 66); 2775 2776 /* restore BBP registers values */ 2777 rt2661_bbp_write(sc, 16, sc->bbp16); 2778 rt2661_bbp_write(sc, 17, sc->bbp17); 2779 rt2661_bbp_write(sc, 18, sc->bbp18); 2780 rt2661_bbp_write(sc, 21, sc->bbp21); 2781 rt2661_bbp_write(sc, 22, sc->bbp22); 2782 rt2661_bbp_write(sc, 64, sc->bbp64); 2783 2784 return bbp66 == 1; 2785} 2786#endif 2787 2788static int 2789rt2661_prepare_beacon(struct rt2661_softc *sc) 2790{ 2791 struct ieee80211com *ic = &sc->sc_ic; 2792 struct ieee80211_beacon_offsets bo; 2793 struct rt2661_tx_desc desc; 2794 struct mbuf *m0; 2795 int rate; 2796 2797 m0 = ieee80211_beacon_alloc(ic, ic->ic_bss, &bo); 2798 if (m0 == NULL) { 2799 device_printf(sc->sc_dev, "could not allocate beacon frame\n"); 2800 return ENOBUFS; 2801 } 2802 2803 /* send beacons at the lowest available rate */ 2804 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2; 2805 2806 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2807 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT); 2808 2809 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2810 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2811 2812 /* copy beacon header and payload into NIC memory */ 2813 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2814 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2815 2816 m_freem(m0); 2817 2818 return 0; 2819} 2820 2821/* 2822 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 2823 * and HostAP operating modes. 2824 */ 2825static void 2826rt2661_enable_tsf_sync(struct rt2661_softc *sc) 2827{ 2828 struct ieee80211com *ic = &sc->sc_ic; 2829 uint32_t tmp; 2830 2831 if (ic->ic_opmode != IEEE80211_M_STA) { 2832 /* 2833 * Change default 16ms TBTT adjustment to 8ms. 2834 * Must be done before enabling beacon generation. 2835 */ 2836 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 2837 } 2838 2839 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 2840 2841 /* set beacon interval (in 1/16ms unit) */ 2842 tmp |= ic->ic_bss->ni_intval * 16; 2843 2844 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 2845 if (ic->ic_opmode == IEEE80211_M_STA) 2846 tmp |= RT2661_TSF_MODE(1); 2847 else 2848 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 2849 2850 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 2851} 2852 2853/* 2854 * Retrieve the "Received Signal Strength Indicator" from the raw values 2855 * contained in Rx descriptors. The computation depends on which band the 2856 * frame was received. Correction values taken from the reference driver. 2857 */ 2858static int 2859rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 2860{ 2861 int lna, agc, rssi; 2862 2863 lna = (raw >> 5) & 0x3; 2864 agc = raw & 0x1f; 2865 2866 if (lna == 0) { 2867 /* 2868 * No mapping available. 2869 * 2870 * NB: Since RSSI is relative to noise floor, -1 is 2871 * adequate for caller to know error happened. 2872 */ 2873 return -1; 2874 } 2875 2876 rssi = (2 * agc) - RT2661_NOISE_FLOOR; 2877 2878 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 2879 rssi += sc->rssi_2ghz_corr; 2880 2881 if (lna == 1) 2882 rssi -= 64; 2883 else if (lna == 2) 2884 rssi -= 74; 2885 else if (lna == 3) 2886 rssi -= 90; 2887 } else { 2888 rssi += sc->rssi_5ghz_corr; 2889 2890 if (lna == 1) 2891 rssi -= 64; 2892 else if (lna == 2) 2893 rssi -= 86; 2894 else if (lna == 3) 2895 rssi -= 100; 2896 } 2897 return rssi; 2898} 2899 2900static void 2901rt2661_scan_start(struct ieee80211com *ic) 2902{ 2903 struct ifnet *ifp = ic->ic_ifp; 2904 struct rt2661_softc *sc = ifp->if_softc; 2905 uint32_t tmp; 2906 2907 /* abort TSF synchronization */ 2908 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 2909 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0xffffff); 2910 rt2661_set_bssid(sc, ifp->if_broadcastaddr); 2911} 2912 2913static void 2914rt2661_scan_end(struct ieee80211com *ic) 2915{ 2916 struct ifnet *ifp = ic->ic_ifp; 2917 struct rt2661_softc *sc = ifp->if_softc; 2918 2919 rt2661_enable_tsf_sync(sc); 2920 /* XXX keep local copy */ 2921 rt2661_set_bssid(sc, ic->ic_bss->ni_bssid); 2922} 2923 2924static void 2925rt2661_set_channel(struct ieee80211com *ic) 2926{ 2927 struct ifnet *ifp = ic->ic_ifp; 2928 struct rt2661_softc *sc = ifp->if_softc; 2929 2930 RAL_LOCK(sc); 2931 rt2661_set_chan(sc, ic->ic_curchan); 2932 RAL_UNLOCK(sc); 2933 2934} 2935