rt2661.c revision 178038
1/* $FreeBSD: head/sys/dev/ral/rt2661.c 178038 2008-04-09 18:40:10Z sam $ */ 2 3/*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20#include <sys/cdefs.h> 21__FBSDID("$FreeBSD: head/sys/dev/ral/rt2661.c 178038 2008-04-09 18:40:10Z sam $"); 22 23/*- 24 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 25 * http://www.ralinktech.com/ 26 */ 27 28#include <sys/param.h> 29#include <sys/sysctl.h> 30#include <sys/sockio.h> 31#include <sys/mbuf.h> 32#include <sys/kernel.h> 33#include <sys/socket.h> 34#include <sys/systm.h> 35#include <sys/malloc.h> 36#include <sys/lock.h> 37#include <sys/mutex.h> 38#include <sys/module.h> 39#include <sys/bus.h> 40#include <sys/endian.h> 41 42#include <machine/bus.h> 43#include <machine/resource.h> 44#include <sys/rman.h> 45 46#include <net/bpf.h> 47#include <net/if.h> 48#include <net/if_arp.h> 49#include <net/ethernet.h> 50#include <net/if_dl.h> 51#include <net/if_media.h> 52#include <net/if_types.h> 53 54#include <net80211/ieee80211_var.h> 55#include <net80211/ieee80211_radiotap.h> 56#include <net80211/ieee80211_regdomain.h> 57 58#include <netinet/in.h> 59#include <netinet/in_systm.h> 60#include <netinet/in_var.h> 61#include <netinet/ip.h> 62#include <netinet/if_ether.h> 63 64#include <dev/ral/if_ralrate.h> 65#include <dev/ral/rt2661reg.h> 66#include <dev/ral/rt2661var.h> 67#include <dev/ral/rt2661_ucode.h> 68 69#ifdef RAL_DEBUG 70#define DPRINTF(x) do { if (ral_debug > 0) printf x; } while (0) 71#define DPRINTFN(n, x) do { if (ral_debug >= (n)) printf x; } while (0) 72int ral_debug = 0; 73SYSCTL_INT(_debug, OID_AUTO, ral, CTLFLAG_RW, &ral_debug, 0, "ral debug level"); 74#else 75#define DPRINTF(x) 76#define DPRINTFN(n, x) 77#endif 78 79static void rt2661_dma_map_addr(void *, bus_dma_segment_t *, int, 80 int); 81static int rt2661_alloc_tx_ring(struct rt2661_softc *, 82 struct rt2661_tx_ring *, int); 83static void rt2661_reset_tx_ring(struct rt2661_softc *, 84 struct rt2661_tx_ring *); 85static void rt2661_free_tx_ring(struct rt2661_softc *, 86 struct rt2661_tx_ring *); 87static int rt2661_alloc_rx_ring(struct rt2661_softc *, 88 struct rt2661_rx_ring *, int); 89static void rt2661_reset_rx_ring(struct rt2661_softc *, 90 struct rt2661_rx_ring *); 91static void rt2661_free_rx_ring(struct rt2661_softc *, 92 struct rt2661_rx_ring *); 93static struct ieee80211_node *rt2661_node_alloc( 94 struct ieee80211_node_table *); 95static int rt2661_media_change(struct ifnet *); 96static int rt2661_newstate(struct ieee80211com *, 97 enum ieee80211_state, int); 98static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 99static void rt2661_rx_intr(struct rt2661_softc *); 100static void rt2661_tx_intr(struct rt2661_softc *); 101static void rt2661_tx_dma_intr(struct rt2661_softc *, 102 struct rt2661_tx_ring *); 103static void rt2661_mcu_beacon_expire(struct rt2661_softc *); 104static void rt2661_mcu_wakeup(struct rt2661_softc *); 105static void rt2661_mcu_cmd_intr(struct rt2661_softc *); 106static int rt2661_ack_rate(struct ieee80211com *, int); 107static void rt2661_scan_start(struct ieee80211com *); 108static void rt2661_scan_end(struct ieee80211com *); 109static void rt2661_set_channel(struct ieee80211com *); 110static uint16_t rt2661_txtime(int, int, uint32_t); 111static uint8_t rt2661_rxrate(struct rt2661_rx_desc *); 112static uint8_t rt2661_plcp_signal(int); 113static void rt2661_setup_tx_desc(struct rt2661_softc *, 114 struct rt2661_tx_desc *, uint32_t, uint16_t, int, 115 int, const bus_dma_segment_t *, int, int); 116static struct mbuf * rt2661_get_rts(struct rt2661_softc *, 117 struct ieee80211_frame *, uint16_t); 118static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 119 struct ieee80211_node *, int); 120static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 121 struct ieee80211_node *); 122static void rt2661_start(struct ifnet *); 123static void rt2661_watchdog(void *); 124static int rt2661_reset(struct ifnet *); 125static int rt2661_ioctl(struct ifnet *, u_long, caddr_t); 126static void rt2661_bbp_write(struct rt2661_softc *, uint8_t, 127 uint8_t); 128static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 129static void rt2661_rf_write(struct rt2661_softc *, uint8_t, 130 uint32_t); 131static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, 132 uint16_t); 133static void rt2661_select_antenna(struct rt2661_softc *); 134static void rt2661_enable_mrr(struct rt2661_softc *); 135static void rt2661_set_txpreamble(struct rt2661_softc *); 136static void rt2661_set_basicrates(struct rt2661_softc *, 137 const struct ieee80211_rateset *); 138static void rt2661_select_band(struct rt2661_softc *, 139 struct ieee80211_channel *); 140static void rt2661_set_chan(struct rt2661_softc *, 141 struct ieee80211_channel *); 142static void rt2661_set_bssid(struct rt2661_softc *, 143 const uint8_t *); 144static void rt2661_set_macaddr(struct rt2661_softc *, 145 const uint8_t *); 146static void rt2661_update_promisc(struct rt2661_softc *); 147static int rt2661_wme_update(struct ieee80211com *) __unused; 148static void rt2661_update_slot(struct ifnet *); 149static const char *rt2661_get_rf(int); 150static void rt2661_read_eeprom(struct rt2661_softc *); 151static int rt2661_bbp_init(struct rt2661_softc *); 152static void rt2661_init(void *); 153static void rt2661_stop(void *); 154static void rt2661_stop_locked(struct rt2661_softc *); 155static int rt2661_load_microcode(struct rt2661_softc *, 156 const uint8_t *, int); 157#ifdef notyet 158static void rt2661_rx_tune(struct rt2661_softc *); 159static void rt2661_radar_start(struct rt2661_softc *); 160static int rt2661_radar_stop(struct rt2661_softc *); 161#endif 162static int rt2661_prepare_beacon(struct rt2661_softc *); 163static void rt2661_enable_tsf_sync(struct rt2661_softc *); 164static int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 165 166static const struct { 167 uint32_t reg; 168 uint32_t val; 169} rt2661_def_mac[] = { 170 RT2661_DEF_MAC 171}; 172 173static const struct { 174 uint8_t reg; 175 uint8_t val; 176} rt2661_def_bbp[] = { 177 RT2661_DEF_BBP 178}; 179 180static const struct rfprog { 181 uint8_t chan; 182 uint32_t r1, r2, r3, r4; 183} rt2661_rf5225_1[] = { 184 RT2661_RF5225_1 185}, rt2661_rf5225_2[] = { 186 RT2661_RF5225_2 187}; 188 189int 190rt2661_attach(device_t dev, int id) 191{ 192 struct rt2661_softc *sc = device_get_softc(dev); 193 struct ieee80211com *ic = &sc->sc_ic; 194 struct ifnet *ifp; 195 uint32_t val; 196 const uint8_t *ucode = NULL; 197 int bands, error, ac, ntries, size = 0; 198 199 sc->sc_dev = dev; 200 201 mtx_init(&sc->sc_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK, 202 MTX_DEF | MTX_RECURSE); 203 204 callout_init_mtx(&sc->watchdog_ch, &sc->sc_mtx, 0); 205 callout_init(&sc->rssadapt_ch, CALLOUT_MPSAFE); 206 207 /* wait for NIC to initialize */ 208 for (ntries = 0; ntries < 1000; ntries++) { 209 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 210 break; 211 DELAY(1000); 212 } 213 if (ntries == 1000) { 214 device_printf(sc->sc_dev, 215 "timeout waiting for NIC to initialize\n"); 216 error = EIO; 217 goto fail1; 218 } 219 220 /* retrieve RF rev. no and various other things from EEPROM */ 221 rt2661_read_eeprom(sc); 222 223 device_printf(dev, "MAC/BBP RT%X, RF %s\n", val, 224 rt2661_get_rf(sc->rf_rev)); 225 226 /* 227 * Load 8051 microcode into NIC. 228 */ 229 switch (id) { 230 case 0x0301: 231 ucode = rt2561s_ucode; 232 size = sizeof rt2561s_ucode; 233 break; 234 case 0x0302: 235 ucode = rt2561_ucode; 236 size = sizeof rt2561_ucode; 237 break; 238 case 0x0401: 239 ucode = rt2661_ucode; 240 size = sizeof rt2661_ucode; 241 break; 242 } 243 244 error = rt2661_load_microcode(sc, ucode, size); 245 if (error != 0) { 246 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 247 goto fail1; 248 } 249 250 /* 251 * Allocate Tx and Rx rings. 252 */ 253 for (ac = 0; ac < 4; ac++) { 254 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac], 255 RT2661_TX_RING_COUNT); 256 if (error != 0) { 257 device_printf(sc->sc_dev, 258 "could not allocate Tx ring %d\n", ac); 259 goto fail2; 260 } 261 } 262 263 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 264 if (error != 0) { 265 device_printf(sc->sc_dev, "could not allocate Mgt ring\n"); 266 goto fail2; 267 } 268 269 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 270 if (error != 0) { 271 device_printf(sc->sc_dev, "could not allocate Rx ring\n"); 272 goto fail3; 273 } 274 275 ifp = sc->sc_ifp = if_alloc(IFT_ETHER); 276 if (ifp == NULL) { 277 device_printf(sc->sc_dev, "can not if_alloc()\n"); 278 error = ENOMEM; 279 goto fail4; 280 } 281 282 ifp->if_softc = sc; 283 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 284 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 285 ifp->if_init = rt2661_init; 286 ifp->if_ioctl = rt2661_ioctl; 287 ifp->if_start = rt2661_start; 288 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 289 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN; 290 IFQ_SET_READY(&ifp->if_snd); 291 292 ic->ic_ifp = ifp; 293 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 294 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 295 ic->ic_state = IEEE80211_S_INIT; 296 297 /* set device capabilities */ 298 ic->ic_caps = 299 IEEE80211_C_IBSS | /* IBSS mode supported */ 300 IEEE80211_C_MONITOR | /* monitor mode supported */ 301 IEEE80211_C_HOSTAP | /* HostAp mode supported */ 302 IEEE80211_C_TXPMGT | /* tx power management */ 303 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 304 IEEE80211_C_SHSLOT | /* short slot time supported */ 305#ifdef notyet 306 IEEE80211_C_WME | /* 802.11e */ 307#endif 308 IEEE80211_C_BGSCAN | /* bg scanning support */ 309 IEEE80211_C_WPA; /* 802.11i */ 310 311 bands = 0; 312 setbit(&bands, IEEE80211_MODE_11B); 313 setbit(&bands, IEEE80211_MODE_11G); 314 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) 315 setbit(&bands, IEEE80211_MODE_11A); 316 ieee80211_init_channels(ic, 0, CTRY_DEFAULT, bands, 0, 1); 317 318 ieee80211_ifattach(ic); 319 ic->ic_node_alloc = rt2661_node_alloc; 320/* ic->ic_wme.wme_update = rt2661_wme_update;*/ 321 ic->ic_scan_start = rt2661_scan_start; 322 ic->ic_scan_end = rt2661_scan_end; 323 ic->ic_set_channel = rt2661_set_channel; 324 ic->ic_updateslot = rt2661_update_slot; 325 ic->ic_reset = rt2661_reset; 326 /* enable s/w bmiss handling in sta mode */ 327 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 328 329 /* override state transition machine */ 330 sc->sc_newstate = ic->ic_newstate; 331 ic->ic_newstate = rt2661_newstate; 332 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status); 333 334 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 335 sizeof (struct ieee80211_frame) + sizeof (sc->sc_txtap), 336 &sc->sc_drvbpf); 337 338 sc->sc_rxtap_len = sizeof sc->sc_rxtap; 339 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 340 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 341 342 sc->sc_txtap_len = sizeof sc->sc_txtap; 343 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 344 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 345 346 347 /* 348 * Add a few sysctl knobs. 349 */ 350 sc->dwelltime = 200; 351 352 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev), 353 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO, "dwell", 354 CTLFLAG_RW, &sc->dwelltime, 0, 355 "channel dwell time (ms) for AP/station scanning"); 356 357 if (bootverbose) 358 ieee80211_announce(ic); 359 360 return 0; 361 362fail4: rt2661_free_rx_ring(sc, &sc->rxq); 363fail3: rt2661_free_tx_ring(sc, &sc->mgtq); 364fail2: while (--ac >= 0) 365 rt2661_free_tx_ring(sc, &sc->txq[ac]); 366fail1: mtx_destroy(&sc->sc_mtx); 367 return error; 368} 369 370int 371rt2661_detach(void *xsc) 372{ 373 struct rt2661_softc *sc = xsc; 374 struct ieee80211com *ic = &sc->sc_ic; 375 struct ifnet *ifp = ic->ic_ifp; 376 377 RAL_LOCK(sc); 378 rt2661_stop_locked(sc); 379 callout_stop(&sc->watchdog_ch); 380 RAL_UNLOCK(sc); 381 callout_stop(&sc->rssadapt_ch); 382 383 bpfdetach(ifp); 384 ieee80211_ifdetach(ic); 385 386 rt2661_free_tx_ring(sc, &sc->txq[0]); 387 rt2661_free_tx_ring(sc, &sc->txq[1]); 388 rt2661_free_tx_ring(sc, &sc->txq[2]); 389 rt2661_free_tx_ring(sc, &sc->txq[3]); 390 rt2661_free_tx_ring(sc, &sc->mgtq); 391 rt2661_free_rx_ring(sc, &sc->rxq); 392 393 if_free(ifp); 394 395 mtx_destroy(&sc->sc_mtx); 396 397 return 0; 398} 399 400void 401rt2661_shutdown(void *xsc) 402{ 403 struct rt2661_softc *sc = xsc; 404 405 rt2661_stop(sc); 406} 407 408void 409rt2661_suspend(void *xsc) 410{ 411 struct rt2661_softc *sc = xsc; 412 413 rt2661_stop(sc); 414} 415 416void 417rt2661_resume(void *xsc) 418{ 419 struct rt2661_softc *sc = xsc; 420 struct ifnet *ifp = sc->sc_ic.ic_ifp; 421 422 if (ifp->if_flags & IFF_UP) { 423 ifp->if_init(ifp->if_softc); 424 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 425 ifp->if_start(ifp); 426 } 427} 428 429static void 430rt2661_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 431{ 432 if (error != 0) 433 return; 434 435 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 436 437 *(bus_addr_t *)arg = segs[0].ds_addr; 438} 439 440static int 441rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 442 int count) 443{ 444 int i, error; 445 446 ring->count = count; 447 ring->queued = 0; 448 ring->cur = ring->next = ring->stat = 0; 449 450 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 451 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 452 count * RT2661_TX_DESC_SIZE, 1, count * RT2661_TX_DESC_SIZE, 453 0, NULL, NULL, &ring->desc_dmat); 454 if (error != 0) { 455 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 456 goto fail; 457 } 458 459 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 460 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 461 if (error != 0) { 462 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 463 goto fail; 464 } 465 466 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 467 count * RT2661_TX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 468 0); 469 if (error != 0) { 470 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 471 goto fail; 472 } 473 474 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF, 475 M_NOWAIT | M_ZERO); 476 if (ring->data == NULL) { 477 device_printf(sc->sc_dev, "could not allocate soft data\n"); 478 error = ENOMEM; 479 goto fail; 480 } 481 482 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 483 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 484 RT2661_MAX_SCATTER, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 485 if (error != 0) { 486 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 487 goto fail; 488 } 489 490 for (i = 0; i < count; i++) { 491 error = bus_dmamap_create(ring->data_dmat, 0, 492 &ring->data[i].map); 493 if (error != 0) { 494 device_printf(sc->sc_dev, "could not create DMA map\n"); 495 goto fail; 496 } 497 } 498 499 return 0; 500 501fail: rt2661_free_tx_ring(sc, ring); 502 return error; 503} 504 505static void 506rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 507{ 508 struct rt2661_tx_desc *desc; 509 struct rt2661_tx_data *data; 510 int i; 511 512 for (i = 0; i < ring->count; i++) { 513 desc = &ring->desc[i]; 514 data = &ring->data[i]; 515 516 if (data->m != NULL) { 517 bus_dmamap_sync(ring->data_dmat, data->map, 518 BUS_DMASYNC_POSTWRITE); 519 bus_dmamap_unload(ring->data_dmat, data->map); 520 m_freem(data->m); 521 data->m = NULL; 522 } 523 524 if (data->ni != NULL) { 525 ieee80211_free_node(data->ni); 526 data->ni = NULL; 527 } 528 529 desc->flags = 0; 530 } 531 532 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 533 534 ring->queued = 0; 535 ring->cur = ring->next = ring->stat = 0; 536} 537 538static void 539rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 540{ 541 struct rt2661_tx_data *data; 542 int i; 543 544 if (ring->desc != NULL) { 545 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 546 BUS_DMASYNC_POSTWRITE); 547 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 548 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 549 } 550 551 if (ring->desc_dmat != NULL) 552 bus_dma_tag_destroy(ring->desc_dmat); 553 554 if (ring->data != NULL) { 555 for (i = 0; i < ring->count; i++) { 556 data = &ring->data[i]; 557 558 if (data->m != NULL) { 559 bus_dmamap_sync(ring->data_dmat, data->map, 560 BUS_DMASYNC_POSTWRITE); 561 bus_dmamap_unload(ring->data_dmat, data->map); 562 m_freem(data->m); 563 } 564 565 if (data->ni != NULL) 566 ieee80211_free_node(data->ni); 567 568 if (data->map != NULL) 569 bus_dmamap_destroy(ring->data_dmat, data->map); 570 } 571 572 free(ring->data, M_DEVBUF); 573 } 574 575 if (ring->data_dmat != NULL) 576 bus_dma_tag_destroy(ring->data_dmat); 577} 578 579static int 580rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 581 int count) 582{ 583 struct rt2661_rx_desc *desc; 584 struct rt2661_rx_data *data; 585 bus_addr_t physaddr; 586 int i, error; 587 588 ring->count = count; 589 ring->cur = ring->next = 0; 590 591 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 592 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 593 count * RT2661_RX_DESC_SIZE, 1, count * RT2661_RX_DESC_SIZE, 594 0, NULL, NULL, &ring->desc_dmat); 595 if (error != 0) { 596 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 597 goto fail; 598 } 599 600 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 601 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 602 if (error != 0) { 603 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 604 goto fail; 605 } 606 607 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 608 count * RT2661_RX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 609 0); 610 if (error != 0) { 611 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 612 goto fail; 613 } 614 615 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF, 616 M_NOWAIT | M_ZERO); 617 if (ring->data == NULL) { 618 device_printf(sc->sc_dev, "could not allocate soft data\n"); 619 error = ENOMEM; 620 goto fail; 621 } 622 623 /* 624 * Pre-allocate Rx buffers and populate Rx ring. 625 */ 626 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 627 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 628 1, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 629 if (error != 0) { 630 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 631 goto fail; 632 } 633 634 for (i = 0; i < count; i++) { 635 desc = &sc->rxq.desc[i]; 636 data = &sc->rxq.data[i]; 637 638 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 639 if (error != 0) { 640 device_printf(sc->sc_dev, "could not create DMA map\n"); 641 goto fail; 642 } 643 644 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 645 if (data->m == NULL) { 646 device_printf(sc->sc_dev, 647 "could not allocate rx mbuf\n"); 648 error = ENOMEM; 649 goto fail; 650 } 651 652 error = bus_dmamap_load(ring->data_dmat, data->map, 653 mtod(data->m, void *), MCLBYTES, rt2661_dma_map_addr, 654 &physaddr, 0); 655 if (error != 0) { 656 device_printf(sc->sc_dev, 657 "could not load rx buf DMA map"); 658 goto fail; 659 } 660 661 desc->flags = htole32(RT2661_RX_BUSY); 662 desc->physaddr = htole32(physaddr); 663 } 664 665 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 666 667 return 0; 668 669fail: rt2661_free_rx_ring(sc, ring); 670 return error; 671} 672 673static void 674rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 675{ 676 int i; 677 678 for (i = 0; i < ring->count; i++) 679 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 680 681 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 682 683 ring->cur = ring->next = 0; 684} 685 686static void 687rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 688{ 689 struct rt2661_rx_data *data; 690 int i; 691 692 if (ring->desc != NULL) { 693 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 694 BUS_DMASYNC_POSTWRITE); 695 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 696 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 697 } 698 699 if (ring->desc_dmat != NULL) 700 bus_dma_tag_destroy(ring->desc_dmat); 701 702 if (ring->data != NULL) { 703 for (i = 0; i < ring->count; i++) { 704 data = &ring->data[i]; 705 706 if (data->m != NULL) { 707 bus_dmamap_sync(ring->data_dmat, data->map, 708 BUS_DMASYNC_POSTREAD); 709 bus_dmamap_unload(ring->data_dmat, data->map); 710 m_freem(data->m); 711 } 712 713 if (data->map != NULL) 714 bus_dmamap_destroy(ring->data_dmat, data->map); 715 } 716 717 free(ring->data, M_DEVBUF); 718 } 719 720 if (ring->data_dmat != NULL) 721 bus_dma_tag_destroy(ring->data_dmat); 722} 723 724static struct ieee80211_node * 725rt2661_node_alloc(struct ieee80211_node_table *nt) 726{ 727 struct rt2661_node *rn; 728 729 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE, 730 M_NOWAIT | M_ZERO); 731 732 return (rn != NULL) ? &rn->ni : NULL; 733} 734 735static int 736rt2661_media_change(struct ifnet *ifp) 737{ 738 struct rt2661_softc *sc = ifp->if_softc; 739 int error; 740 741 error = ieee80211_media_change(ifp); 742 if (error != ENETRESET) 743 return error; 744 745 if ((ifp->if_flags & IFF_UP) && (ifp->if_drv_flags & IFF_DRV_RUNNING)) 746 rt2661_init(sc); 747 748 return 0; 749} 750 751/* 752 * This function is called for each node present in the node station table. 753 */ 754static void 755rt2661_iter_func(void *arg, struct ieee80211_node *ni) 756{ 757 struct rt2661_node *rn = (struct rt2661_node *)ni; 758 759 ral_rssadapt_updatestats(&rn->rssadapt); 760} 761 762/* 763 * This function is called periodically (every 100ms) in RUN state to update 764 * the rate adaptation statistics. 765 */ 766static void 767rt2661_update_rssadapt(void *arg) 768{ 769 struct rt2661_softc *sc = arg; 770 struct ieee80211com *ic = &sc->sc_ic; 771 772 RAL_LOCK(sc); 773 774 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg); 775 callout_reset(&sc->rssadapt_ch, hz / 10, rt2661_update_rssadapt, sc); 776 777 RAL_UNLOCK(sc); 778} 779 780static int 781rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 782{ 783 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 784 enum ieee80211_state ostate; 785 struct ieee80211_node *ni; 786 uint32_t tmp; 787 int error = 0; 788 789 ostate = ic->ic_state; 790 791 switch (nstate) { 792 case IEEE80211_S_INIT: 793 callout_stop(&sc->rssadapt_ch); 794 795 if (ostate == IEEE80211_S_RUN) { 796 /* abort TSF synchronization */ 797 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 798 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 799 } 800 break; 801 case IEEE80211_S_RUN: 802 ni = ic->ic_bss; 803 804 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 805 rt2661_enable_mrr(sc); 806 rt2661_set_txpreamble(sc); 807 rt2661_set_basicrates(sc, &ni->ni_rates); 808 rt2661_set_bssid(sc, ni->ni_bssid); 809 } 810 811 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 812 ic->ic_opmode == IEEE80211_M_IBSS) { 813 if ((error = rt2661_prepare_beacon(sc)) != 0) 814 break; 815 } 816 817 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 818 callout_reset(&sc->rssadapt_ch, hz / 10, 819 rt2661_update_rssadapt, sc); 820 rt2661_enable_tsf_sync(sc); 821 } 822 break; 823 case IEEE80211_S_SCAN: 824 case IEEE80211_S_AUTH: 825 case IEEE80211_S_ASSOC: 826 default: 827 break; 828 } 829 830 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg); 831} 832 833/* 834 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 835 * 93C66). 836 */ 837static uint16_t 838rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 839{ 840 uint32_t tmp; 841 uint16_t val; 842 int n; 843 844 /* clock C once before the first command */ 845 RT2661_EEPROM_CTL(sc, 0); 846 847 RT2661_EEPROM_CTL(sc, RT2661_S); 848 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 849 RT2661_EEPROM_CTL(sc, RT2661_S); 850 851 /* write start bit (1) */ 852 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 853 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 854 855 /* write READ opcode (10) */ 856 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 857 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 858 RT2661_EEPROM_CTL(sc, RT2661_S); 859 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 860 861 /* write address (A5-A0 or A7-A0) */ 862 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 863 for (; n >= 0; n--) { 864 RT2661_EEPROM_CTL(sc, RT2661_S | 865 (((addr >> n) & 1) << RT2661_SHIFT_D)); 866 RT2661_EEPROM_CTL(sc, RT2661_S | 867 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 868 } 869 870 RT2661_EEPROM_CTL(sc, RT2661_S); 871 872 /* read data Q15-Q0 */ 873 val = 0; 874 for (n = 15; n >= 0; n--) { 875 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 876 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 877 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 878 RT2661_EEPROM_CTL(sc, RT2661_S); 879 } 880 881 RT2661_EEPROM_CTL(sc, 0); 882 883 /* clear Chip Select and clock C */ 884 RT2661_EEPROM_CTL(sc, RT2661_S); 885 RT2661_EEPROM_CTL(sc, 0); 886 RT2661_EEPROM_CTL(sc, RT2661_C); 887 888 return val; 889} 890 891static void 892rt2661_tx_intr(struct rt2661_softc *sc) 893{ 894 struct ieee80211com *ic = &sc->sc_ic; 895 struct ifnet *ifp = ic->ic_ifp; 896 struct rt2661_tx_ring *txq; 897 struct rt2661_tx_data *data; 898 struct rt2661_node *rn; 899 uint32_t val; 900 int qid, retrycnt; 901 902 for (;;) { 903 struct ieee80211_node *ni; 904 struct mbuf *m; 905 906 val = RAL_READ(sc, RT2661_STA_CSR4); 907 if (!(val & RT2661_TX_STAT_VALID)) 908 break; 909 910 /* retrieve the queue in which this frame was sent */ 911 qid = RT2661_TX_QID(val); 912 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq; 913 914 /* retrieve rate control algorithm context */ 915 data = &txq->data[txq->stat]; 916 m = data->m; 917 data->m = NULL; 918 ni = data->ni; 919 data->ni = NULL; 920 921 /* if no frame has been sent, ignore */ 922 if (ni == NULL) 923 continue; 924 925 rn = (struct rt2661_node *)ni; 926 927 switch (RT2661_TX_RESULT(val)) { 928 case RT2661_TX_SUCCESS: 929 retrycnt = RT2661_TX_RETRYCNT(val); 930 931 DPRINTFN(10, ("data frame sent successfully after " 932 "%d retries\n", retrycnt)); 933 if (retrycnt == 0 && data->id.id_node != NULL) { 934 ral_rssadapt_raise_rate(ic, &rn->rssadapt, 935 &data->id); 936 } 937 ifp->if_opackets++; 938 break; 939 940 case RT2661_TX_RETRY_FAIL: 941 DPRINTFN(9, ("sending data frame failed (too much " 942 "retries)\n")); 943 if (data->id.id_node != NULL) { 944 ral_rssadapt_lower_rate(ic, ni, 945 &rn->rssadapt, &data->id); 946 } 947 ifp->if_oerrors++; 948 break; 949 950 default: 951 /* other failure */ 952 device_printf(sc->sc_dev, 953 "sending data frame failed 0x%08x\n", val); 954 ifp->if_oerrors++; 955 } 956 957 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat)); 958 959 txq->queued--; 960 if (++txq->stat >= txq->count) /* faster than % count */ 961 txq->stat = 0; 962 963 if (m->m_flags & M_TXCB) 964 ieee80211_process_callback(ni, m, 965 RT2661_TX_RESULT(val) != RT2661_TX_SUCCESS); 966 m_freem(m); 967 ieee80211_free_node(ni); 968 } 969 970 sc->sc_tx_timer = 0; 971 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 972 rt2661_start(ifp); 973} 974 975static void 976rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 977{ 978 struct rt2661_tx_desc *desc; 979 struct rt2661_tx_data *data; 980 981 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_POSTREAD); 982 983 for (;;) { 984 desc = &txq->desc[txq->next]; 985 data = &txq->data[txq->next]; 986 987 if ((le32toh(desc->flags) & RT2661_TX_BUSY) || 988 !(le32toh(desc->flags) & RT2661_TX_VALID)) 989 break; 990 991 bus_dmamap_sync(txq->data_dmat, data->map, 992 BUS_DMASYNC_POSTWRITE); 993 bus_dmamap_unload(txq->data_dmat, data->map); 994 995 /* descriptor is no longer valid */ 996 desc->flags &= ~htole32(RT2661_TX_VALID); 997 998 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 999 1000 if (++txq->next >= txq->count) /* faster than % count */ 1001 txq->next = 0; 1002 } 1003 1004 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1005} 1006 1007static void 1008rt2661_rx_intr(struct rt2661_softc *sc) 1009{ 1010 struct ieee80211com *ic = &sc->sc_ic; 1011 struct ifnet *ifp = ic->ic_ifp; 1012 struct rt2661_rx_desc *desc; 1013 struct rt2661_rx_data *data; 1014 bus_addr_t physaddr; 1015 struct ieee80211_frame *wh; 1016 struct ieee80211_node *ni; 1017 struct rt2661_node *rn; 1018 struct mbuf *mnew, *m; 1019 int error; 1020 1021 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1022 BUS_DMASYNC_POSTREAD); 1023 1024 for (;;) { 1025 int rssi; 1026 1027 desc = &sc->rxq.desc[sc->rxq.cur]; 1028 data = &sc->rxq.data[sc->rxq.cur]; 1029 1030 if (le32toh(desc->flags) & RT2661_RX_BUSY) 1031 break; 1032 1033 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) || 1034 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) { 1035 /* 1036 * This should not happen since we did not request 1037 * to receive those frames when we filled TXRX_CSR0. 1038 */ 1039 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1040 le32toh(desc->flags))); 1041 ifp->if_ierrors++; 1042 goto skip; 1043 } 1044 1045 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1046 ifp->if_ierrors++; 1047 goto skip; 1048 } 1049 1050 /* 1051 * Try to allocate a new mbuf for this ring element and load it 1052 * before processing the current mbuf. If the ring element 1053 * cannot be loaded, drop the received packet and reuse the old 1054 * mbuf. In the unlikely case that the old mbuf can't be 1055 * reloaded either, explicitly panic. 1056 */ 1057 mnew = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1058 if (mnew == NULL) { 1059 ifp->if_ierrors++; 1060 goto skip; 1061 } 1062 1063 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1064 BUS_DMASYNC_POSTREAD); 1065 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1066 1067 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1068 mtod(mnew, void *), MCLBYTES, rt2661_dma_map_addr, 1069 &physaddr, 0); 1070 if (error != 0) { 1071 m_freem(mnew); 1072 1073 /* try to reload the old mbuf */ 1074 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1075 mtod(data->m, void *), MCLBYTES, 1076 rt2661_dma_map_addr, &physaddr, 0); 1077 if (error != 0) { 1078 /* very unlikely that it will fail... */ 1079 panic("%s: could not load old rx mbuf", 1080 device_get_name(sc->sc_dev)); 1081 } 1082 ifp->if_ierrors++; 1083 goto skip; 1084 } 1085 1086 /* 1087 * New mbuf successfully loaded, update Rx ring and continue 1088 * processing. 1089 */ 1090 m = data->m; 1091 data->m = mnew; 1092 desc->physaddr = htole32(physaddr); 1093 1094 /* finalize mbuf */ 1095 m->m_pkthdr.rcvif = ifp; 1096 m->m_pkthdr.len = m->m_len = 1097 (le32toh(desc->flags) >> 16) & 0xfff; 1098 1099 rssi = rt2661_get_rssi(sc, desc->rssi); 1100 1101 if (bpf_peers_present(sc->sc_drvbpf)) { 1102 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1103 uint32_t tsf_lo, tsf_hi; 1104 1105 /* get timestamp (low and high 32 bits) */ 1106 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1107 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1108 1109 tap->wr_tsf = 1110 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1111 tap->wr_flags = 0; 1112 tap->wr_rate = rt2661_rxrate(desc); 1113 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 1114 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 1115 tap->wr_antsignal = rssi < 0 ? 0 : rssi; 1116 1117 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1118 } 1119 sc->sc_flags |= RAL_INPUT_RUNNING; 1120 RAL_UNLOCK(sc); 1121 wh = mtod(m, struct ieee80211_frame *); 1122 ni = ieee80211_find_rxnode(ic, 1123 (struct ieee80211_frame_min *)wh); 1124 1125 /* Error happened during RSSI conversion. */ 1126 if (rssi < 0) 1127 rssi = ni->ni_rssi; 1128 1129 /* send the frame to the 802.11 layer */ 1130 ieee80211_input(ic, m, ni, rssi, RT2661_NOISE_FLOOR, 0); 1131 1132 /* give rssi to the rate adatation algorithm */ 1133 rn = (struct rt2661_node *)ni; 1134 RAL_LOCK(sc); 1135 sc->sc_flags &= ~RAL_INPUT_RUNNING; 1136 ral_rssadapt_input(ic, ni, &rn->rssadapt, rssi); 1137 1138 /* node is no longer needed */ 1139 ieee80211_free_node(ni); 1140 1141skip: desc->flags |= htole32(RT2661_RX_BUSY); 1142 1143 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur)); 1144 1145 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1146 } 1147 1148 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1149 BUS_DMASYNC_PREWRITE); 1150} 1151 1152/* ARGSUSED */ 1153static void 1154rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1155{ 1156 /* do nothing */ 1157} 1158 1159static void 1160rt2661_mcu_wakeup(struct rt2661_softc *sc) 1161{ 1162 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1163 1164 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1165 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1166 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1167 1168 /* send wakeup command to MCU */ 1169 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1170} 1171 1172static void 1173rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1174{ 1175 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1176 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1177} 1178 1179void 1180rt2661_intr(void *arg) 1181{ 1182 struct rt2661_softc *sc = arg; 1183 struct ifnet *ifp = sc->sc_ifp; 1184 uint32_t r1, r2; 1185 1186 RAL_LOCK(sc); 1187 1188 /* disable MAC and MCU interrupts */ 1189 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1190 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1191 1192 /* don't re-enable interrupts if we're shutting down */ 1193 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 1194 RAL_UNLOCK(sc); 1195 return; 1196 } 1197 1198 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1199 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1200 1201 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1202 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1203 1204 if (r1 & RT2661_MGT_DONE) 1205 rt2661_tx_dma_intr(sc, &sc->mgtq); 1206 1207 if (r1 & RT2661_RX_DONE) 1208 rt2661_rx_intr(sc); 1209 1210 if (r1 & RT2661_TX0_DMA_DONE) 1211 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1212 1213 if (r1 & RT2661_TX1_DMA_DONE) 1214 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1215 1216 if (r1 & RT2661_TX2_DMA_DONE) 1217 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1218 1219 if (r1 & RT2661_TX3_DMA_DONE) 1220 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1221 1222 if (r1 & RT2661_TX_DONE) 1223 rt2661_tx_intr(sc); 1224 1225 if (r2 & RT2661_MCU_CMD_DONE) 1226 rt2661_mcu_cmd_intr(sc); 1227 1228 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1229 rt2661_mcu_beacon_expire(sc); 1230 1231 if (r2 & RT2661_MCU_WAKEUP) 1232 rt2661_mcu_wakeup(sc); 1233 1234 /* re-enable MAC and MCU interrupts */ 1235 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 1236 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 1237 1238 RAL_UNLOCK(sc); 1239} 1240 1241/* quickly determine if a given rate is CCK or OFDM */ 1242#define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1243 1244#define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1245#define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1246 1247#define RAL_SIFS 10 /* us */ 1248 1249/* 1250 * This function is only used by the Rx radiotap code. It returns the rate at 1251 * which a given frame was received. 1252 */ 1253static uint8_t 1254rt2661_rxrate(struct rt2661_rx_desc *desc) 1255{ 1256 if (le32toh(desc->flags) & RT2661_RX_OFDM) { 1257 /* reverse function of rt2661_plcp_signal */ 1258 switch (desc->rate & 0xf) { 1259 case 0xb: return 12; 1260 case 0xf: return 18; 1261 case 0xa: return 24; 1262 case 0xe: return 36; 1263 case 0x9: return 48; 1264 case 0xd: return 72; 1265 case 0x8: return 96; 1266 case 0xc: return 108; 1267 } 1268 } else { 1269 if (desc->rate == 10) 1270 return 2; 1271 if (desc->rate == 20) 1272 return 4; 1273 if (desc->rate == 55) 1274 return 11; 1275 if (desc->rate == 110) 1276 return 22; 1277 } 1278 return 2; /* should not get there */ 1279} 1280 1281/* 1282 * Return the expected ack rate for a frame transmitted at rate `rate'. 1283 * XXX: this should depend on the destination node basic rate set. 1284 */ 1285static int 1286rt2661_ack_rate(struct ieee80211com *ic, int rate) 1287{ 1288 switch (rate) { 1289 /* CCK rates */ 1290 case 2: 1291 return 2; 1292 case 4: 1293 case 11: 1294 case 22: 1295 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1296 1297 /* OFDM rates */ 1298 case 12: 1299 case 18: 1300 return 12; 1301 case 24: 1302 case 36: 1303 return 24; 1304 case 48: 1305 case 72: 1306 case 96: 1307 case 108: 1308 return 48; 1309 } 1310 1311 /* default to 1Mbps */ 1312 return 2; 1313} 1314 1315/* 1316 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1317 * The function automatically determines the operating mode depending on the 1318 * given rate. `flags' indicates whether short preamble is in use or not. 1319 */ 1320static uint16_t 1321rt2661_txtime(int len, int rate, uint32_t flags) 1322{ 1323 uint16_t txtime; 1324 1325 if (RAL_RATE_IS_OFDM(rate)) { 1326 /* IEEE Std 802.11a-1999, pp. 37 */ 1327 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1328 txtime = 16 + 4 + 4 * txtime + 6; 1329 } else { 1330 /* IEEE Std 802.11b-1999, pp. 28 */ 1331 txtime = (16 * len + rate - 1) / rate; 1332 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1333 txtime += 72 + 24; 1334 else 1335 txtime += 144 + 48; 1336 } 1337 1338 return txtime; 1339} 1340 1341static uint8_t 1342rt2661_plcp_signal(int rate) 1343{ 1344 switch (rate) { 1345 /* CCK rates (returned values are device-dependent) */ 1346 case 2: return 0x0; 1347 case 4: return 0x1; 1348 case 11: return 0x2; 1349 case 22: return 0x3; 1350 1351 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1352 case 12: return 0xb; 1353 case 18: return 0xf; 1354 case 24: return 0xa; 1355 case 36: return 0xe; 1356 case 48: return 0x9; 1357 case 72: return 0xd; 1358 case 96: return 0x8; 1359 case 108: return 0xc; 1360 1361 /* unsupported rates (should not get there) */ 1362 default: return 0xff; 1363 } 1364} 1365 1366static void 1367rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1368 uint32_t flags, uint16_t xflags, int len, int rate, 1369 const bus_dma_segment_t *segs, int nsegs, int ac) 1370{ 1371 struct ieee80211com *ic = &sc->sc_ic; 1372 uint16_t plcp_length; 1373 int i, remainder; 1374 1375 desc->flags = htole32(flags); 1376 desc->flags |= htole32(len << 16); 1377 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1378 1379 desc->xflags = htole16(xflags); 1380 desc->xflags |= htole16(nsegs << 13); 1381 1382 desc->wme = htole16( 1383 RT2661_QID(ac) | 1384 RT2661_AIFSN(2) | 1385 RT2661_LOGCWMIN(4) | 1386 RT2661_LOGCWMAX(10)); 1387 1388 /* 1389 * Remember in which queue this frame was sent. This field is driver 1390 * private data only. It will be made available by the NIC in STA_CSR4 1391 * on Tx interrupts. 1392 */ 1393 desc->qid = ac; 1394 1395 /* setup PLCP fields */ 1396 desc->plcp_signal = rt2661_plcp_signal(rate); 1397 desc->plcp_service = 4; 1398 1399 len += IEEE80211_CRC_LEN; 1400 if (RAL_RATE_IS_OFDM(rate)) { 1401 desc->flags |= htole32(RT2661_TX_OFDM); 1402 1403 plcp_length = len & 0xfff; 1404 desc->plcp_length_hi = plcp_length >> 6; 1405 desc->plcp_length_lo = plcp_length & 0x3f; 1406 } else { 1407 plcp_length = (16 * len + rate - 1) / rate; 1408 if (rate == 22) { 1409 remainder = (16 * len) % 22; 1410 if (remainder != 0 && remainder < 7) 1411 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1412 } 1413 desc->plcp_length_hi = plcp_length >> 8; 1414 desc->plcp_length_lo = plcp_length & 0xff; 1415 1416 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1417 desc->plcp_signal |= 0x08; 1418 } 1419 1420 /* RT2x61 supports scatter with up to 5 segments */ 1421 for (i = 0; i < nsegs; i++) { 1422 desc->addr[i] = htole32(segs[i].ds_addr); 1423 desc->len [i] = htole16(segs[i].ds_len); 1424 } 1425} 1426 1427static int 1428rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1429 struct ieee80211_node *ni) 1430{ 1431 struct ieee80211com *ic = &sc->sc_ic; 1432 struct rt2661_tx_desc *desc; 1433 struct rt2661_tx_data *data; 1434 struct ieee80211_frame *wh; 1435 struct ieee80211_key *k; 1436 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1437 uint16_t dur; 1438 uint32_t flags = 0; /* XXX HWSEQ */ 1439 int nsegs, rate, error; 1440 1441 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1442 data = &sc->mgtq.data[sc->mgtq.cur]; 1443 1444 /* send mgt frames at the lowest available rate */ 1445 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1446 1447 wh = mtod(m0, struct ieee80211_frame *); 1448 1449 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1450 k = ieee80211_crypto_encap(ic, ni, m0); 1451 if (k == NULL) { 1452 m_freem(m0); 1453 return ENOBUFS; 1454 } 1455 } 1456 1457 error = bus_dmamap_load_mbuf_sg(sc->mgtq.data_dmat, data->map, m0, 1458 segs, &nsegs, 0); 1459 if (error != 0) { 1460 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1461 error); 1462 m_freem(m0); 1463 return error; 1464 } 1465 1466 if (bpf_peers_present(sc->sc_drvbpf)) { 1467 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1468 1469 tap->wt_flags = 0; 1470 tap->wt_rate = rate; 1471 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1472 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1473 1474 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1475 } 1476 1477 data->m = m0; 1478 data->ni = ni; 1479 1480 wh = mtod(m0, struct ieee80211_frame *); 1481 1482 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1483 flags |= RT2661_TX_NEED_ACK; 1484 1485 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1486 RAL_SIFS; 1487 *(uint16_t *)wh->i_dur = htole16(dur); 1488 1489 /* tell hardware to add timestamp in probe responses */ 1490 if ((wh->i_fc[0] & 1491 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1492 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1493 flags |= RT2661_TX_TIMESTAMP; 1494 } 1495 1496 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1497 m0->m_pkthdr.len, rate, segs, nsegs, RT2661_QID_MGT); 1498 1499 bus_dmamap_sync(sc->mgtq.data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1500 bus_dmamap_sync(sc->mgtq.desc_dmat, sc->mgtq.desc_map, 1501 BUS_DMASYNC_PREWRITE); 1502 1503 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1504 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1505 1506 /* kick mgt */ 1507 sc->mgtq.queued++; 1508 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1509 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1510 1511 return 0; 1512} 1513 1514/* 1515 * Build a RTS control frame. 1516 */ 1517static struct mbuf * 1518rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh, 1519 uint16_t dur) 1520{ 1521 struct ieee80211_frame_rts *rts; 1522 struct mbuf *m; 1523 1524 MGETHDR(m, M_DONTWAIT, MT_DATA); 1525 if (m == NULL) { 1526 sc->sc_ic.ic_stats.is_tx_nobuf++; 1527 device_printf(sc->sc_dev, "could not allocate RTS frame\n"); 1528 return NULL; 1529 } 1530 1531 rts = mtod(m, struct ieee80211_frame_rts *); 1532 1533 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL | 1534 IEEE80211_FC0_SUBTYPE_RTS; 1535 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1536 *(uint16_t *)rts->i_dur = htole16(dur); 1537 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1); 1538 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2); 1539 1540 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts); 1541 1542 return m; 1543} 1544 1545static int 1546rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1547 struct ieee80211_node *ni, int ac) 1548{ 1549 struct ieee80211com *ic = &sc->sc_ic; 1550 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1551 struct rt2661_tx_desc *desc; 1552 struct rt2661_tx_data *data; 1553 struct rt2661_node *rn; 1554 struct ieee80211_frame *wh; 1555 struct ieee80211_key *k; 1556 const struct chanAccParams *cap; 1557 struct mbuf *mnew; 1558 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1559 uint16_t dur; 1560 uint32_t flags = 0; 1561 int error, nsegs, rate, noack = 0; 1562 1563 wh = mtod(m0, struct ieee80211_frame *); 1564 1565 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1566 rate = ic->ic_fixed_rate; 1567 } else { 1568 struct ieee80211_rateset *rs; 1569 1570 rs = &ni->ni_rates; 1571 rn = (struct rt2661_node *)ni; 1572 ni->ni_txrate = ral_rssadapt_choose(&rn->rssadapt, rs, 1573 wh, m0->m_pkthdr.len, NULL, 0); 1574 rate = rs->rs_rates[ni->ni_txrate]; 1575 } 1576 rate &= IEEE80211_RATE_VAL; 1577 1578 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1579 cap = &ic->ic_wme.wme_chanParams; 1580 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1581 } 1582 1583 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1584 k = ieee80211_crypto_encap(ic, ni, m0); 1585 if (k == NULL) { 1586 m_freem(m0); 1587 return ENOBUFS; 1588 } 1589 1590 /* packet header may have moved, reset our local pointer */ 1591 wh = mtod(m0, struct ieee80211_frame *); 1592 } 1593 1594 /* 1595 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange 1596 * for directed frames only when the length of the MPDU is greater 1597 * than the length threshold indicated by [...]" ic_rtsthreshold. 1598 */ 1599 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 1600 m0->m_pkthdr.len > ic->ic_rtsthreshold) { 1601 struct mbuf *m; 1602 uint16_t dur; 1603 int rtsrate, ackrate; 1604 1605 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1606 ackrate = rt2661_ack_rate(ic, rate); 1607 1608 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) + 1609 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) + 1610 /* XXX: noack (QoS)? */ 1611 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1612 3 * RAL_SIFS; 1613 1614 m = rt2661_get_rts(sc, wh, dur); 1615 1616 desc = &txq->desc[txq->cur]; 1617 data = &txq->data[txq->cur]; 1618 1619 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m, 1620 segs, &nsegs, 0); 1621 if (error != 0) { 1622 device_printf(sc->sc_dev, 1623 "could not map mbuf (error %d)\n", error); 1624 m_freem(m); 1625 m_freem(m0); 1626 return error; 1627 } 1628 1629 /* avoid multiple free() of the same node for each fragment */ 1630 ieee80211_ref_node(ni); 1631 1632 data->m = m; 1633 data->ni = ni; 1634 1635 /* RTS frames are not taken into account for rssadapt */ 1636 data->id.id_node = NULL; 1637 1638 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK | 1639 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate, segs, 1640 nsegs, ac); 1641 1642 bus_dmamap_sync(txq->data_dmat, data->map, 1643 BUS_DMASYNC_PREWRITE); 1644 1645 txq->queued++; 1646 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1647 1648 /* 1649 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the 1650 * asynchronous data frame shall be transmitted after the CTS 1651 * frame and a SIFS period. 1652 */ 1653 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS; 1654 } 1655 1656 data = &txq->data[txq->cur]; 1657 desc = &txq->desc[txq->cur]; 1658 1659 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, segs, 1660 &nsegs, 0); 1661 if (error != 0 && error != EFBIG) { 1662 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1663 error); 1664 m_freem(m0); 1665 return error; 1666 } 1667 if (error != 0) { 1668 mnew = m_defrag(m0, M_DONTWAIT); 1669 if (mnew == NULL) { 1670 device_printf(sc->sc_dev, 1671 "could not defragment mbuf\n"); 1672 m_freem(m0); 1673 return ENOBUFS; 1674 } 1675 m0 = mnew; 1676 1677 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, 1678 segs, &nsegs, 0); 1679 if (error != 0) { 1680 device_printf(sc->sc_dev, 1681 "could not map mbuf (error %d)\n", error); 1682 m_freem(m0); 1683 return error; 1684 } 1685 1686 /* packet header have moved, reset our local pointer */ 1687 wh = mtod(m0, struct ieee80211_frame *); 1688 } 1689 1690 if (bpf_peers_present(sc->sc_drvbpf)) { 1691 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1692 1693 tap->wt_flags = 0; 1694 tap->wt_rate = rate; 1695 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1696 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1697 1698 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1699 } 1700 1701 data->m = m0; 1702 data->ni = ni; 1703 1704 /* remember link conditions for rate adaptation algorithm */ 1705 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) { 1706 data->id.id_len = m0->m_pkthdr.len; 1707 data->id.id_rateidx = ni->ni_txrate; 1708 data->id.id_node = ni; 1709 data->id.id_rssi = ni->ni_rssi; 1710 } else 1711 data->id.id_node = NULL; 1712 1713 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1714 flags |= RT2661_TX_NEED_ACK; 1715 1716 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1717 ic->ic_flags) + RAL_SIFS; 1718 *(uint16_t *)wh->i_dur = htole16(dur); 1719 } 1720 1721 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, segs, 1722 nsegs, ac); 1723 1724 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1725 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1726 1727 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1728 m0->m_pkthdr.len, txq->cur, rate)); 1729 1730 /* kick Tx */ 1731 txq->queued++; 1732 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1733 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1 << ac); 1734 1735 return 0; 1736} 1737 1738static void 1739rt2661_start(struct ifnet *ifp) 1740{ 1741 struct rt2661_softc *sc = ifp->if_softc; 1742 struct ieee80211com *ic = &sc->sc_ic; 1743 struct mbuf *m0; 1744 struct ether_header *eh; 1745 struct ieee80211_node *ni; 1746 int ac; 1747 1748 RAL_LOCK(sc); 1749 1750 /* prevent management frames from being sent if we're not ready */ 1751 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING) || sc->sc_invalid) { 1752 RAL_UNLOCK(sc); 1753 return; 1754 } 1755 1756 for (;;) { 1757 IF_POLL(&ic->ic_mgtq, m0); 1758 if (m0 != NULL) { 1759 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1760 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1761 break; 1762 } 1763 IF_DEQUEUE(&ic->ic_mgtq, m0); 1764 1765 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1766 m0->m_pkthdr.rcvif = NULL; 1767 1768 if (bpf_peers_present(ic->ic_rawbpf)) 1769 bpf_mtap(ic->ic_rawbpf, m0); 1770 1771 if (rt2661_tx_mgt(sc, m0, ni) != 0) { 1772 ieee80211_free_node(ni); 1773 break; 1774 } 1775 } else { 1776 if (ic->ic_state != IEEE80211_S_RUN) 1777 break; 1778 1779 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0); 1780 if (m0 == NULL) 1781 break; 1782 /* 1783 * Cancel any background scan. 1784 */ 1785 if (ic->ic_flags & IEEE80211_F_SCAN) 1786 ieee80211_cancel_scan(ic); 1787 1788 if (m0->m_len < sizeof (struct ether_header) && 1789 !(m0 = m_pullup(m0, sizeof (struct ether_header)))) 1790 continue; 1791 1792 eh = mtod(m0, struct ether_header *); 1793 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1794 if (ni == NULL) { 1795 m_freem(m0); 1796 ifp->if_oerrors++; 1797 continue; 1798 } 1799 1800 /* classify mbuf so we can find which tx ring to use */ 1801 if (ieee80211_classify(ic, m0, ni) != 0) { 1802 m_freem(m0); 1803 ieee80211_free_node(ni); 1804 ifp->if_oerrors++; 1805 continue; 1806 } 1807 1808 /* no QoS encapsulation for EAPOL frames */ 1809 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1810 M_WME_GETAC(m0) : WME_AC_BE; 1811 1812 if (sc->txq[ac].queued >= RT2661_TX_RING_COUNT - 1) { 1813 /* there is no place left in this ring */ 1814 IFQ_DRV_PREPEND(&ifp->if_snd, m0); 1815 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1816 ieee80211_free_node(ni); 1817 break; 1818 } 1819 1820 BPF_MTAP(ifp, m0); 1821 1822 m0 = ieee80211_encap(ic, m0, ni); 1823 if (m0 == NULL) { 1824 ieee80211_free_node(ni); 1825 ifp->if_oerrors++; 1826 continue; 1827 } 1828 1829 if (bpf_peers_present(ic->ic_rawbpf)) 1830 bpf_mtap(ic->ic_rawbpf, m0); 1831 1832 if (rt2661_tx_data(sc, m0, ni, ac) != 0) { 1833 ieee80211_free_node(ni); 1834 ifp->if_oerrors++; 1835 break; 1836 } 1837 } 1838 1839 sc->sc_tx_timer = 5; 1840 ic->ic_lastdata = ticks; 1841 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1842 } 1843 1844 RAL_UNLOCK(sc); 1845} 1846 1847static void 1848rt2661_watchdog(void *arg) 1849{ 1850 struct rt2661_softc *sc = (struct rt2661_softc *)arg; 1851 1852 if (sc->sc_tx_timer > 0 && !sc->sc_invalid) { 1853 if (--sc->sc_tx_timer == 0) { 1854 device_printf(sc->sc_dev, "device timeout\n"); 1855 rt2661_init(sc); 1856 sc->sc_ifp->if_oerrors++; 1857 return; 1858 } 1859 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1860 } 1861} 1862 1863/* 1864 * This function allows for fast channel switching in monitor mode (used by 1865 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to 1866 * generate a new beacon frame. 1867 */ 1868static int 1869rt2661_reset(struct ifnet *ifp) 1870{ 1871 struct rt2661_softc *sc = ifp->if_softc; 1872 struct ieee80211com *ic = &sc->sc_ic; 1873 1874 if (ic->ic_opmode != IEEE80211_M_MONITOR) 1875 return ENETRESET; 1876 1877 rt2661_set_chan(sc, ic->ic_curchan); 1878 1879 return 0; 1880} 1881 1882static int 1883rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1884{ 1885 struct rt2661_softc *sc = ifp->if_softc; 1886 struct ieee80211com *ic = &sc->sc_ic; 1887 int error = 0; 1888 1889 switch (cmd) { 1890 case SIOCSIFFLAGS: 1891 if (ifp->if_flags & IFF_UP) { 1892 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1893 rt2661_update_promisc(sc); 1894 else 1895 rt2661_init(sc); 1896 } else { 1897 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1898 rt2661_stop(sc); 1899 } 1900 break; 1901 1902 default: 1903 error = ieee80211_ioctl(ic, cmd, data); 1904 } 1905 1906 if (error == ENETRESET) { 1907 if ((ifp->if_flags & IFF_UP) && 1908 (ifp->if_drv_flags & IFF_DRV_RUNNING) && 1909 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1910 rt2661_init(sc); 1911 error = 0; 1912 } 1913 1914 return error; 1915} 1916 1917static void 1918rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 1919{ 1920 uint32_t tmp; 1921 int ntries; 1922 1923 for (ntries = 0; ntries < 100; ntries++) { 1924 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1925 break; 1926 DELAY(1); 1927 } 1928 if (ntries == 100) { 1929 device_printf(sc->sc_dev, "could not write to BBP\n"); 1930 return; 1931 } 1932 1933 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 1934 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 1935 1936 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 1937} 1938 1939static uint8_t 1940rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 1941{ 1942 uint32_t val; 1943 int ntries; 1944 1945 for (ntries = 0; ntries < 100; ntries++) { 1946 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1947 break; 1948 DELAY(1); 1949 } 1950 if (ntries == 100) { 1951 device_printf(sc->sc_dev, "could not read from BBP\n"); 1952 return 0; 1953 } 1954 1955 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 1956 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 1957 1958 for (ntries = 0; ntries < 100; ntries++) { 1959 val = RAL_READ(sc, RT2661_PHY_CSR3); 1960 if (!(val & RT2661_BBP_BUSY)) 1961 return val & 0xff; 1962 DELAY(1); 1963 } 1964 1965 device_printf(sc->sc_dev, "could not read from BBP\n"); 1966 return 0; 1967} 1968 1969static void 1970rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 1971{ 1972 uint32_t tmp; 1973 int ntries; 1974 1975 for (ntries = 0; ntries < 100; ntries++) { 1976 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 1977 break; 1978 DELAY(1); 1979 } 1980 if (ntries == 100) { 1981 device_printf(sc->sc_dev, "could not write to RF\n"); 1982 return; 1983 } 1984 1985 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 1986 (reg & 3); 1987 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 1988 1989 /* remember last written value in sc */ 1990 sc->rf_regs[reg] = val; 1991 1992 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 1993} 1994 1995static int 1996rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 1997{ 1998 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 1999 return EIO; /* there is already a command pending */ 2000 2001 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 2002 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 2003 2004 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 2005 2006 return 0; 2007} 2008 2009static void 2010rt2661_select_antenna(struct rt2661_softc *sc) 2011{ 2012 uint8_t bbp4, bbp77; 2013 uint32_t tmp; 2014 2015 bbp4 = rt2661_bbp_read(sc, 4); 2016 bbp77 = rt2661_bbp_read(sc, 77); 2017 2018 /* TBD */ 2019 2020 /* make sure Rx is disabled before switching antenna */ 2021 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2022 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2023 2024 rt2661_bbp_write(sc, 4, bbp4); 2025 rt2661_bbp_write(sc, 77, bbp77); 2026 2027 /* restore Rx filter */ 2028 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2029} 2030 2031/* 2032 * Enable multi-rate retries for frames sent at OFDM rates. 2033 * In 802.11b/g mode, allow fallback to CCK rates. 2034 */ 2035static void 2036rt2661_enable_mrr(struct rt2661_softc *sc) 2037{ 2038 struct ieee80211com *ic = &sc->sc_ic; 2039 uint32_t tmp; 2040 2041 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2042 2043 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2044 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2045 tmp |= RT2661_MRR_CCK_FALLBACK; 2046 tmp |= RT2661_MRR_ENABLED; 2047 2048 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2049} 2050 2051static void 2052rt2661_set_txpreamble(struct rt2661_softc *sc) 2053{ 2054 uint32_t tmp; 2055 2056 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2057 2058 tmp &= ~RT2661_SHORT_PREAMBLE; 2059 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2060 tmp |= RT2661_SHORT_PREAMBLE; 2061 2062 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2063} 2064 2065/* 2066 * Supported rates for 802.11g. XXX should use ic_sup_rates. 2067 */ 2068static const struct ieee80211_rateset rt2661_rateset_11g = 2069 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 2070 2071static void 2072rt2661_set_basicrates(struct rt2661_softc *sc, 2073 const struct ieee80211_rateset *rs) 2074{ 2075#define RV(r) ((r) & IEEE80211_RATE_VAL) 2076 struct ieee80211com *ic = &sc->sc_ic; 2077 uint32_t mask = 0; 2078 uint8_t rate; 2079 int i, j; 2080 2081 for (i = 0; i < rs->rs_nrates; i++) { 2082 rate = rs->rs_rates[i]; 2083 2084 if (!(rate & IEEE80211_RATE_BASIC)) 2085 continue; 2086 2087 /* 2088 * Find h/w rate index. We know it exists because the rate 2089 * set has already been negotiated. 2090 */ 2091 for (j = 0; ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates[j] != RV(rate); j++); 2092 2093 mask |= 1 << j; 2094 } 2095 2096 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask); 2097 2098 DPRINTF(("Setting basic rate mask to 0x%x\n", mask)); 2099#undef RV 2100} 2101 2102/* 2103 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2104 * driver. 2105 */ 2106static void 2107rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2108{ 2109 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2110 uint32_t tmp; 2111 2112 /* update all BBP registers that depend on the band */ 2113 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2114 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2115 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2116 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2117 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2118 } 2119 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2120 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2121 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2122 } 2123 2124 rt2661_bbp_write(sc, 17, bbp17); 2125 rt2661_bbp_write(sc, 96, bbp96); 2126 rt2661_bbp_write(sc, 104, bbp104); 2127 2128 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2129 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2130 rt2661_bbp_write(sc, 75, 0x80); 2131 rt2661_bbp_write(sc, 86, 0x80); 2132 rt2661_bbp_write(sc, 88, 0x80); 2133 } 2134 2135 rt2661_bbp_write(sc, 35, bbp35); 2136 rt2661_bbp_write(sc, 97, bbp97); 2137 rt2661_bbp_write(sc, 98, bbp98); 2138 2139 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2140 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2141 if (IEEE80211_IS_CHAN_2GHZ(c)) 2142 tmp |= RT2661_PA_PE_2GHZ; 2143 else 2144 tmp |= RT2661_PA_PE_5GHZ; 2145 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2146} 2147 2148static void 2149rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2150{ 2151 struct ieee80211com *ic = &sc->sc_ic; 2152 const struct rfprog *rfprog; 2153 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2154 int8_t power; 2155 u_int i, chan; 2156 2157 chan = ieee80211_chan2ieee(ic, c); 2158 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2159 return; 2160 2161 /* select the appropriate RF settings based on what EEPROM says */ 2162 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2163 2164 /* find the settings for this channel (we know it exists) */ 2165 for (i = 0; rfprog[i].chan != chan; i++); 2166 2167 power = sc->txpow[i]; 2168 if (power < 0) { 2169 bbp94 += power; 2170 power = 0; 2171 } else if (power > 31) { 2172 bbp94 += power - 31; 2173 power = 31; 2174 } 2175 2176 /* 2177 * If we are switching from the 2GHz band to the 5GHz band or 2178 * vice-versa, BBP registers need to be reprogrammed. 2179 */ 2180 if (c->ic_flags != sc->sc_curchan->ic_flags) { 2181 rt2661_select_band(sc, c); 2182 rt2661_select_antenna(sc); 2183 } 2184 sc->sc_curchan = c; 2185 2186 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2187 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2188 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2189 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2190 2191 DELAY(200); 2192 2193 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2194 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2195 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2196 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2197 2198 DELAY(200); 2199 2200 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2201 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2202 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2203 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2204 2205 /* enable smart mode for MIMO-capable RFs */ 2206 bbp3 = rt2661_bbp_read(sc, 3); 2207 2208 bbp3 &= ~RT2661_SMART_MODE; 2209 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2210 bbp3 |= RT2661_SMART_MODE; 2211 2212 rt2661_bbp_write(sc, 3, bbp3); 2213 2214 if (bbp94 != RT2661_BBPR94_DEFAULT) 2215 rt2661_bbp_write(sc, 94, bbp94); 2216 2217 /* 5GHz radio needs a 1ms delay here */ 2218 if (IEEE80211_IS_CHAN_5GHZ(c)) 2219 DELAY(1000); 2220} 2221 2222static void 2223rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2224{ 2225 uint32_t tmp; 2226 2227 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2228 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2229 2230 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2231 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2232} 2233 2234static void 2235rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2236{ 2237 uint32_t tmp; 2238 2239 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2240 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2241 2242 tmp = addr[4] | addr[5] << 8; 2243 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2244} 2245 2246static void 2247rt2661_update_promisc(struct rt2661_softc *sc) 2248{ 2249 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2250 uint32_t tmp; 2251 2252 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2253 2254 tmp &= ~RT2661_DROP_NOT_TO_ME; 2255 if (!(ifp->if_flags & IFF_PROMISC)) 2256 tmp |= RT2661_DROP_NOT_TO_ME; 2257 2258 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2259 2260 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2261 "entering" : "leaving")); 2262} 2263 2264/* 2265 * Update QoS (802.11e) settings for each h/w Tx ring. 2266 */ 2267static int 2268rt2661_wme_update(struct ieee80211com *ic) 2269{ 2270 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 2271 const struct wmeParams *wmep; 2272 2273 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams; 2274 2275 /* XXX: not sure about shifts. */ 2276 /* XXX: the reference driver plays with AC_VI settings too. */ 2277 2278 /* update TxOp */ 2279 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0, 2280 wmep[WME_AC_BE].wmep_txopLimit << 16 | 2281 wmep[WME_AC_BK].wmep_txopLimit); 2282 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1, 2283 wmep[WME_AC_VI].wmep_txopLimit << 16 | 2284 wmep[WME_AC_VO].wmep_txopLimit); 2285 2286 /* update CWmin */ 2287 RAL_WRITE(sc, RT2661_CWMIN_CSR, 2288 wmep[WME_AC_BE].wmep_logcwmin << 12 | 2289 wmep[WME_AC_BK].wmep_logcwmin << 8 | 2290 wmep[WME_AC_VI].wmep_logcwmin << 4 | 2291 wmep[WME_AC_VO].wmep_logcwmin); 2292 2293 /* update CWmax */ 2294 RAL_WRITE(sc, RT2661_CWMAX_CSR, 2295 wmep[WME_AC_BE].wmep_logcwmax << 12 | 2296 wmep[WME_AC_BK].wmep_logcwmax << 8 | 2297 wmep[WME_AC_VI].wmep_logcwmax << 4 | 2298 wmep[WME_AC_VO].wmep_logcwmax); 2299 2300 /* update Aifsn */ 2301 RAL_WRITE(sc, RT2661_AIFSN_CSR, 2302 wmep[WME_AC_BE].wmep_aifsn << 12 | 2303 wmep[WME_AC_BK].wmep_aifsn << 8 | 2304 wmep[WME_AC_VI].wmep_aifsn << 4 | 2305 wmep[WME_AC_VO].wmep_aifsn); 2306 2307 return 0; 2308} 2309 2310static void 2311rt2661_update_slot(struct ifnet *ifp) 2312{ 2313 struct rt2661_softc *sc = ifp->if_softc; 2314 struct ieee80211com *ic = &sc->sc_ic; 2315 uint8_t slottime; 2316 uint32_t tmp; 2317 2318 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2319 2320 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2321 tmp = (tmp & ~0xff) | slottime; 2322 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2323} 2324 2325static const char * 2326rt2661_get_rf(int rev) 2327{ 2328 switch (rev) { 2329 case RT2661_RF_5225: return "RT5225"; 2330 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2331 case RT2661_RF_2527: return "RT2527"; 2332 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2333 default: return "unknown"; 2334 } 2335} 2336 2337static void 2338rt2661_read_eeprom(struct rt2661_softc *sc) 2339{ 2340 struct ieee80211com *ic = &sc->sc_ic; 2341 uint16_t val; 2342 int i; 2343 2344 /* read MAC address */ 2345 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2346 ic->ic_myaddr[0] = val & 0xff; 2347 ic->ic_myaddr[1] = val >> 8; 2348 2349 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2350 ic->ic_myaddr[2] = val & 0xff; 2351 ic->ic_myaddr[3] = val >> 8; 2352 2353 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2354 ic->ic_myaddr[4] = val & 0xff; 2355 ic->ic_myaddr[5] = val >> 8; 2356 2357 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2358 /* XXX: test if different from 0xffff? */ 2359 sc->rf_rev = (val >> 11) & 0x1f; 2360 sc->hw_radio = (val >> 10) & 0x1; 2361 sc->rx_ant = (val >> 4) & 0x3; 2362 sc->tx_ant = (val >> 2) & 0x3; 2363 sc->nb_ant = val & 0x3; 2364 2365 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2366 2367 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2368 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2369 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2370 2371 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2372 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2373 2374 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2375 if ((val & 0xff) != 0xff) 2376 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2377 2378 /* Only [-10, 10] is valid */ 2379 if (sc->rssi_2ghz_corr < -10 || sc->rssi_2ghz_corr > 10) 2380 sc->rssi_2ghz_corr = 0; 2381 2382 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2383 if ((val & 0xff) != 0xff) 2384 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2385 2386 /* Only [-10, 10] is valid */ 2387 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10) 2388 sc->rssi_5ghz_corr = 0; 2389 2390 /* adjust RSSI correction for external low-noise amplifier */ 2391 if (sc->ext_2ghz_lna) 2392 sc->rssi_2ghz_corr -= 14; 2393 if (sc->ext_5ghz_lna) 2394 sc->rssi_5ghz_corr -= 14; 2395 2396 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2397 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2398 2399 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2400 if ((val >> 8) != 0xff) 2401 sc->rfprog = (val >> 8) & 0x3; 2402 if ((val & 0xff) != 0xff) 2403 sc->rffreq = val & 0xff; 2404 2405 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2406 2407 /* read Tx power for all a/b/g channels */ 2408 for (i = 0; i < 19; i++) { 2409 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2410 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2411 DPRINTF(("Channel=%d Tx power=%d\n", 2412 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2413 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2414 DPRINTF(("Channel=%d Tx power=%d\n", 2415 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2416 } 2417 2418 /* read vendor-specific BBP values */ 2419 for (i = 0; i < 16; i++) { 2420 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2421 if (val == 0 || val == 0xffff) 2422 continue; /* skip invalid entries */ 2423 sc->bbp_prom[i].reg = val >> 8; 2424 sc->bbp_prom[i].val = val & 0xff; 2425 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2426 sc->bbp_prom[i].val)); 2427 } 2428} 2429 2430static int 2431rt2661_bbp_init(struct rt2661_softc *sc) 2432{ 2433#define N(a) (sizeof (a) / sizeof ((a)[0])) 2434 int i, ntries; 2435 uint8_t val; 2436 2437 /* wait for BBP to be ready */ 2438 for (ntries = 0; ntries < 100; ntries++) { 2439 val = rt2661_bbp_read(sc, 0); 2440 if (val != 0 && val != 0xff) 2441 break; 2442 DELAY(100); 2443 } 2444 if (ntries == 100) { 2445 device_printf(sc->sc_dev, "timeout waiting for BBP\n"); 2446 return EIO; 2447 } 2448 2449 /* initialize BBP registers to default values */ 2450 for (i = 0; i < N(rt2661_def_bbp); i++) { 2451 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2452 rt2661_def_bbp[i].val); 2453 } 2454 2455 /* write vendor-specific BBP values (from EEPROM) */ 2456 for (i = 0; i < 16; i++) { 2457 if (sc->bbp_prom[i].reg == 0) 2458 continue; 2459 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2460 } 2461 2462 return 0; 2463#undef N 2464} 2465 2466static void 2467rt2661_init(void *priv) 2468{ 2469#define N(a) (sizeof (a) / sizeof ((a)[0])) 2470 struct rt2661_softc *sc = priv; 2471 struct ieee80211com *ic = &sc->sc_ic; 2472 struct ifnet *ifp = ic->ic_ifp; 2473 uint32_t tmp, sta[3]; 2474 int i, ntries; 2475 2476 RAL_LOCK(sc); 2477 2478 rt2661_stop_locked(sc); 2479 2480 /* initialize Tx rings */ 2481 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2482 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2483 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2484 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2485 2486 /* initialize Mgt ring */ 2487 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2488 2489 /* initialize Rx ring */ 2490 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2491 2492 /* initialize Tx rings sizes */ 2493 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2494 RT2661_TX_RING_COUNT << 24 | 2495 RT2661_TX_RING_COUNT << 16 | 2496 RT2661_TX_RING_COUNT << 8 | 2497 RT2661_TX_RING_COUNT); 2498 2499 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2500 RT2661_TX_DESC_WSIZE << 16 | 2501 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2502 RT2661_MGT_RING_COUNT); 2503 2504 /* initialize Rx rings */ 2505 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2506 RT2661_RX_DESC_BACK << 16 | 2507 RT2661_RX_DESC_WSIZE << 8 | 2508 RT2661_RX_RING_COUNT); 2509 2510 /* XXX: some magic here */ 2511 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2512 2513 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2514 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2515 2516 /* load base address of Rx ring */ 2517 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2518 2519 /* initialize MAC registers to default values */ 2520 for (i = 0; i < N(rt2661_def_mac); i++) 2521 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2522 2523 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2524 rt2661_set_macaddr(sc, ic->ic_myaddr); 2525 2526 /* set host ready */ 2527 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2528 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2529 2530 /* wait for BBP/RF to wakeup */ 2531 for (ntries = 0; ntries < 1000; ntries++) { 2532 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2533 break; 2534 DELAY(1000); 2535 } 2536 if (ntries == 1000) { 2537 printf("timeout waiting for BBP/RF to wakeup\n"); 2538 rt2661_stop_locked(sc); 2539 RAL_UNLOCK(sc); 2540 return; 2541 } 2542 2543 if (rt2661_bbp_init(sc) != 0) { 2544 rt2661_stop_locked(sc); 2545 RAL_UNLOCK(sc); 2546 return; 2547 } 2548 2549 /* select default channel */ 2550 sc->sc_curchan = ic->ic_curchan; 2551 rt2661_select_band(sc, sc->sc_curchan); 2552 rt2661_select_antenna(sc); 2553 rt2661_set_chan(sc, sc->sc_curchan); 2554 2555 /* update Rx filter */ 2556 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2557 2558 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2559 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2560 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2561 RT2661_DROP_ACKCTS; 2562 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2563 tmp |= RT2661_DROP_TODS; 2564 if (!(ifp->if_flags & IFF_PROMISC)) 2565 tmp |= RT2661_DROP_NOT_TO_ME; 2566 } 2567 2568 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2569 2570 /* clear STA registers */ 2571 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta)); 2572 2573 /* initialize ASIC */ 2574 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2575 2576 /* clear any pending interrupt */ 2577 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2578 2579 /* enable interrupts */ 2580 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2581 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2582 2583 /* kick Rx */ 2584 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2585 RAL_UNLOCK(sc); 2586 2587 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2588 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2589 2590 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2591 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2592 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2593 } else 2594 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2595 2596 2597#undef N 2598} 2599 2600void 2601rt2661_stop(void *priv) 2602{ 2603 struct rt2661_softc *sc = priv; 2604 2605 RAL_LOCK(sc); 2606 rt2661_stop_locked(sc); 2607 RAL_UNLOCK(sc); 2608} 2609 2610void 2611rt2661_stop_locked(struct rt2661_softc *sc) 2612{ 2613 struct ieee80211com *ic = &sc->sc_ic; 2614 struct ifnet *ifp = ic->ic_ifp; 2615 uint32_t tmp; 2616 volatile int *flags = &sc->sc_flags; 2617 2618 while (*flags & RAL_INPUT_RUNNING) { 2619 msleep(sc, &sc->sc_mtx, 0, "ralrunning", hz/10); 2620 } 2621 2622 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 2623 sc->sc_tx_timer = 0; 2624 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 2625 2626 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2627 2628 /* abort Tx (for all 5 Tx rings) */ 2629 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2630 2631 /* disable Rx (value remains after reset!) */ 2632 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2633 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2634 2635 /* reset ASIC */ 2636 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2637 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2638 2639 /* disable interrupts */ 2640 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffffff); 2641 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2642 2643 /* clear any pending interrupt */ 2644 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2645 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2646 2647 /* reset Tx and Rx rings */ 2648 rt2661_reset_tx_ring(sc, &sc->txq[0]); 2649 rt2661_reset_tx_ring(sc, &sc->txq[1]); 2650 rt2661_reset_tx_ring(sc, &sc->txq[2]); 2651 rt2661_reset_tx_ring(sc, &sc->txq[3]); 2652 rt2661_reset_tx_ring(sc, &sc->mgtq); 2653 rt2661_reset_rx_ring(sc, &sc->rxq); 2654 } 2655} 2656 2657static int 2658rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size) 2659{ 2660 int ntries; 2661 2662 /* reset 8051 */ 2663 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2664 2665 /* cancel any pending Host to MCU command */ 2666 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2667 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2668 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2669 2670 /* write 8051's microcode */ 2671 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2672 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size); 2673 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2674 2675 /* kick 8051's ass */ 2676 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2677 2678 /* wait for 8051 to initialize */ 2679 for (ntries = 0; ntries < 500; ntries++) { 2680 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2681 break; 2682 DELAY(100); 2683 } 2684 if (ntries == 500) { 2685 printf("timeout waiting for MCU to initialize\n"); 2686 return EIO; 2687 } 2688 return 0; 2689} 2690 2691#ifdef notyet 2692/* 2693 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2694 * false CCA count. This function is called periodically (every seconds) when 2695 * in the RUN state. Values taken from the reference driver. 2696 */ 2697static void 2698rt2661_rx_tune(struct rt2661_softc *sc) 2699{ 2700 uint8_t bbp17; 2701 uint16_t cca; 2702 int lo, hi, dbm; 2703 2704 /* 2705 * Tuning range depends on operating band and on the presence of an 2706 * external low-noise amplifier. 2707 */ 2708 lo = 0x20; 2709 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2710 lo += 0x08; 2711 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2712 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2713 lo += 0x10; 2714 hi = lo + 0x20; 2715 2716 /* retrieve false CCA count since last call (clear on read) */ 2717 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2718 2719 if (dbm >= -35) { 2720 bbp17 = 0x60; 2721 } else if (dbm >= -58) { 2722 bbp17 = hi; 2723 } else if (dbm >= -66) { 2724 bbp17 = lo + 0x10; 2725 } else if (dbm >= -74) { 2726 bbp17 = lo + 0x08; 2727 } else { 2728 /* RSSI < -74dBm, tune using false CCA count */ 2729 2730 bbp17 = sc->bbp17; /* current value */ 2731 2732 hi -= 2 * (-74 - dbm); 2733 if (hi < lo) 2734 hi = lo; 2735 2736 if (bbp17 > hi) { 2737 bbp17 = hi; 2738 2739 } else if (cca > 512) { 2740 if (++bbp17 > hi) 2741 bbp17 = hi; 2742 } else if (cca < 100) { 2743 if (--bbp17 < lo) 2744 bbp17 = lo; 2745 } 2746 } 2747 2748 if (bbp17 != sc->bbp17) { 2749 rt2661_bbp_write(sc, 17, bbp17); 2750 sc->bbp17 = bbp17; 2751 } 2752} 2753 2754/* 2755 * Enter/Leave radar detection mode. 2756 * This is for 802.11h additional regulatory domains. 2757 */ 2758static void 2759rt2661_radar_start(struct rt2661_softc *sc) 2760{ 2761 uint32_t tmp; 2762 2763 /* disable Rx */ 2764 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2765 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2766 2767 rt2661_bbp_write(sc, 82, 0x20); 2768 rt2661_bbp_write(sc, 83, 0x00); 2769 rt2661_bbp_write(sc, 84, 0x40); 2770 2771 /* save current BBP registers values */ 2772 sc->bbp18 = rt2661_bbp_read(sc, 18); 2773 sc->bbp21 = rt2661_bbp_read(sc, 21); 2774 sc->bbp22 = rt2661_bbp_read(sc, 22); 2775 sc->bbp16 = rt2661_bbp_read(sc, 16); 2776 sc->bbp17 = rt2661_bbp_read(sc, 17); 2777 sc->bbp64 = rt2661_bbp_read(sc, 64); 2778 2779 rt2661_bbp_write(sc, 18, 0xff); 2780 rt2661_bbp_write(sc, 21, 0x3f); 2781 rt2661_bbp_write(sc, 22, 0x3f); 2782 rt2661_bbp_write(sc, 16, 0xbd); 2783 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2784 rt2661_bbp_write(sc, 64, 0x21); 2785 2786 /* restore Rx filter */ 2787 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2788} 2789 2790static int 2791rt2661_radar_stop(struct rt2661_softc *sc) 2792{ 2793 uint8_t bbp66; 2794 2795 /* read radar detection result */ 2796 bbp66 = rt2661_bbp_read(sc, 66); 2797 2798 /* restore BBP registers values */ 2799 rt2661_bbp_write(sc, 16, sc->bbp16); 2800 rt2661_bbp_write(sc, 17, sc->bbp17); 2801 rt2661_bbp_write(sc, 18, sc->bbp18); 2802 rt2661_bbp_write(sc, 21, sc->bbp21); 2803 rt2661_bbp_write(sc, 22, sc->bbp22); 2804 rt2661_bbp_write(sc, 64, sc->bbp64); 2805 2806 return bbp66 == 1; 2807} 2808#endif 2809 2810static int 2811rt2661_prepare_beacon(struct rt2661_softc *sc) 2812{ 2813 struct ieee80211com *ic = &sc->sc_ic; 2814 struct ieee80211_beacon_offsets bo; 2815 struct rt2661_tx_desc desc; 2816 struct mbuf *m0; 2817 int rate; 2818 2819 m0 = ieee80211_beacon_alloc(ic->ic_bss, &bo); 2820 if (m0 == NULL) { 2821 device_printf(sc->sc_dev, "could not allocate beacon frame\n"); 2822 return ENOBUFS; 2823 } 2824 2825 /* send beacons at the lowest available rate */ 2826 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2; 2827 2828 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2829 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT); 2830 2831 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2832 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2833 2834 /* copy beacon header and payload into NIC memory */ 2835 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2836 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2837 2838 m_freem(m0); 2839 2840 return 0; 2841} 2842 2843/* 2844 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 2845 * and HostAP operating modes. 2846 */ 2847static void 2848rt2661_enable_tsf_sync(struct rt2661_softc *sc) 2849{ 2850 struct ieee80211com *ic = &sc->sc_ic; 2851 uint32_t tmp; 2852 2853 if (ic->ic_opmode != IEEE80211_M_STA) { 2854 /* 2855 * Change default 16ms TBTT adjustment to 8ms. 2856 * Must be done before enabling beacon generation. 2857 */ 2858 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 2859 } 2860 2861 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 2862 2863 /* set beacon interval (in 1/16ms unit) */ 2864 tmp |= ic->ic_bss->ni_intval * 16; 2865 2866 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 2867 if (ic->ic_opmode == IEEE80211_M_STA) 2868 tmp |= RT2661_TSF_MODE(1); 2869 else 2870 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 2871 2872 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 2873} 2874 2875/* 2876 * Retrieve the "Received Signal Strength Indicator" from the raw values 2877 * contained in Rx descriptors. The computation depends on which band the 2878 * frame was received. Correction values taken from the reference driver. 2879 */ 2880static int 2881rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 2882{ 2883 int lna, agc, rssi; 2884 2885 lna = (raw >> 5) & 0x3; 2886 agc = raw & 0x1f; 2887 2888 if (lna == 0) { 2889 /* 2890 * No mapping available. 2891 * 2892 * NB: Since RSSI is relative to noise floor, -1 is 2893 * adequate for caller to know error happened. 2894 */ 2895 return -1; 2896 } 2897 2898 rssi = (2 * agc) - RT2661_NOISE_FLOOR; 2899 2900 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 2901 rssi += sc->rssi_2ghz_corr; 2902 2903 if (lna == 1) 2904 rssi -= 64; 2905 else if (lna == 2) 2906 rssi -= 74; 2907 else if (lna == 3) 2908 rssi -= 90; 2909 } else { 2910 rssi += sc->rssi_5ghz_corr; 2911 2912 if (lna == 1) 2913 rssi -= 64; 2914 else if (lna == 2) 2915 rssi -= 86; 2916 else if (lna == 3) 2917 rssi -= 100; 2918 } 2919 return rssi; 2920} 2921 2922static void 2923rt2661_scan_start(struct ieee80211com *ic) 2924{ 2925 struct ifnet *ifp = ic->ic_ifp; 2926 struct rt2661_softc *sc = ifp->if_softc; 2927 uint32_t tmp; 2928 2929 /* abort TSF synchronization */ 2930 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 2931 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0xffffff); 2932 rt2661_set_bssid(sc, ifp->if_broadcastaddr); 2933} 2934 2935static void 2936rt2661_scan_end(struct ieee80211com *ic) 2937{ 2938 struct ifnet *ifp = ic->ic_ifp; 2939 struct rt2661_softc *sc = ifp->if_softc; 2940 2941 rt2661_enable_tsf_sync(sc); 2942 /* XXX keep local copy */ 2943 rt2661_set_bssid(sc, ic->ic_bss->ni_bssid); 2944} 2945 2946static void 2947rt2661_set_channel(struct ieee80211com *ic) 2948{ 2949 struct ifnet *ifp = ic->ic_ifp; 2950 struct rt2661_softc *sc = ifp->if_softc; 2951 2952 RAL_LOCK(sc); 2953 rt2661_set_chan(sc, ic->ic_curchan); 2954 RAL_UNLOCK(sc); 2955 2956} 2957