1/* $OpenBSD: rt2661.c,v 1.100 2024/04/14 03:26:25 jsg Exp $ */ 2 3/*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20/*- 21 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 22 * http://www.ralinktech.com/ 23 */ 24 25#include "bpfilter.h" 26 27#include <sys/param.h> 28#include <sys/sockio.h> 29#include <sys/mbuf.h> 30#include <sys/kernel.h> 31#include <sys/socket.h> 32#include <sys/systm.h> 33#include <sys/malloc.h> 34#include <sys/timeout.h> 35#include <sys/conf.h> 36#include <sys/device.h> 37#include <sys/queue.h> 38#include <sys/endian.h> 39 40#include <machine/bus.h> 41#include <machine/intr.h> 42 43#if NBPFILTER > 0 44#include <net/bpf.h> 45#endif 46#include <net/if.h> 47#include <net/if_dl.h> 48#include <net/if_media.h> 49 50#include <netinet/in.h> 51#include <netinet/if_ether.h> 52 53#include <net80211/ieee80211_var.h> 54#include <net80211/ieee80211_amrr.h> 55#include <net80211/ieee80211_radiotap.h> 56#include <net80211/ieee80211_node.h> 57 58#include <dev/ic/rt2661var.h> 59#include <dev/ic/rt2661reg.h> 60 61#include <dev/pci/pcidevs.h> 62 63#ifdef RAL_DEBUG 64#define DPRINTF(x) do { if (rt2661_debug > 0) printf x; } while (0) 65#define DPRINTFN(n, x) do { if (rt2661_debug >= (n)) printf x; } while (0) 66int rt2661_debug = 1; 67#else 68#define DPRINTF(x) 69#define DPRINTFN(n, x) 70#endif 71 72void rt2661_attachhook(struct device *); 73int rt2661_alloc_tx_ring(struct rt2661_softc *, 74 struct rt2661_tx_ring *, int); 75void rt2661_reset_tx_ring(struct rt2661_softc *, 76 struct rt2661_tx_ring *); 77void rt2661_free_tx_ring(struct rt2661_softc *, 78 struct rt2661_tx_ring *); 79int rt2661_alloc_rx_ring(struct rt2661_softc *, 80 struct rt2661_rx_ring *, int); 81void rt2661_reset_rx_ring(struct rt2661_softc *, 82 struct rt2661_rx_ring *); 83void rt2661_free_rx_ring(struct rt2661_softc *, 84 struct rt2661_rx_ring *); 85struct ieee80211_node *rt2661_node_alloc(struct ieee80211com *); 86void rt2661_node_free(struct ieee80211com *, 87 struct ieee80211_node *); 88int rt2661_media_change(struct ifnet *); 89void rt2661_next_scan(void *); 90void rt2661_iter_func(void *, struct ieee80211_node *); 91void rt2661_updatestats(void *); 92void rt2661_newassoc(struct ieee80211com *, struct ieee80211_node *, 93 int); 94int rt2661_newstate(struct ieee80211com *, enum ieee80211_state, 95 int); 96uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 97void rt2661_tx_intr(struct rt2661_softc *); 98void rt2661_tx_dma_intr(struct rt2661_softc *, 99 struct rt2661_tx_ring *); 100void rt2661_rx_intr(struct rt2661_softc *); 101#ifndef IEEE80211_STA_ONLY 102void rt2661_mcu_beacon_expire(struct rt2661_softc *); 103#endif 104void rt2661_mcu_wakeup(struct rt2661_softc *); 105void rt2661_mcu_cmd_intr(struct rt2661_softc *); 106int rt2661_intr(void *); 107#if NBPFILTER > 0 108uint8_t rt2661_rxrate(const struct rt2661_rx_desc *); 109#endif 110int rt2661_ack_rate(struct ieee80211com *, int); 111uint16_t rt2661_txtime(int, int, uint32_t); 112uint8_t rt2661_plcp_signal(int); 113void rt2661_setup_tx_desc(struct rt2661_softc *, 114 struct rt2661_tx_desc *, uint32_t, uint16_t, int, int, 115 const bus_dma_segment_t *, int, int, u_int8_t); 116int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 117 struct ieee80211_node *); 118int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 119 struct ieee80211_node *, int); 120void rt2661_start(struct ifnet *); 121void rt2661_watchdog(struct ifnet *); 122int rt2661_ioctl(struct ifnet *, u_long, caddr_t); 123void rt2661_bbp_write(struct rt2661_softc *, uint8_t, uint8_t); 124uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 125void rt2661_rf_write(struct rt2661_softc *, uint8_t, uint32_t); 126int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, uint16_t); 127void rt2661_select_antenna(struct rt2661_softc *); 128void rt2661_enable_mrr(struct rt2661_softc *); 129void rt2661_set_txpreamble(struct rt2661_softc *); 130void rt2661_set_basicrates(struct rt2661_softc *); 131void rt2661_select_band(struct rt2661_softc *, 132 struct ieee80211_channel *); 133void rt2661_set_chan(struct rt2661_softc *, 134 struct ieee80211_channel *); 135void rt2661_set_bssid(struct rt2661_softc *, const uint8_t *); 136void rt2661_set_macaddr(struct rt2661_softc *, const uint8_t *); 137void rt2661_update_promisc(struct rt2661_softc *); 138void rt2661_updateslot(struct ieee80211com *); 139void rt2661_set_slottime(struct rt2661_softc *); 140const char *rt2661_get_rf(int); 141void rt2661_read_eeprom(struct rt2661_softc *); 142int rt2661_bbp_init(struct rt2661_softc *); 143int rt2661_init(struct ifnet *); 144void rt2661_stop(struct ifnet *, int); 145int rt2661_load_microcode(struct rt2661_softc *); 146void rt2661_rx_tune(struct rt2661_softc *); 147#ifdef notyet 148void rt2661_radar_start(struct rt2661_softc *); 149int rt2661_radar_stop(struct rt2661_softc *); 150#endif 151#ifndef IEEE80211_STA_ONLY 152int rt2661_prepare_beacon(struct rt2661_softc *); 153#endif 154void rt2661_enable_tsf_sync(struct rt2661_softc *); 155int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 156struct rt2661_amrr_node *rt2661_amrr_node_alloc(struct ieee80211com *, 157 struct rt2661_node *); 158void rt2661_amrr_node_free(struct rt2661_softc *, 159 struct rt2661_amrr_node *); 160void rt2661_amrr_node_free_all(struct rt2661_softc *); 161void rt2661_amrr_node_free_unused(struct rt2661_softc *); 162struct rt2661_amrr_node *rt2661_amrr_node_find(struct rt2661_softc *, 163 u_int8_t); 164 165static const struct { 166 uint32_t reg; 167 uint32_t val; 168} rt2661_def_mac[] = { 169 RT2661_DEF_MAC 170}; 171 172static const struct { 173 uint8_t reg; 174 uint8_t val; 175} rt2661_def_bbp[] = { 176 RT2661_DEF_BBP 177}; 178 179static const struct rfprog { 180 uint8_t chan; 181 uint32_t r1, r2, r3, r4; 182} rt2661_rf5225_1[] = { 183 RT2661_RF5225_1 184}, rt2661_rf5225_2[] = { 185 RT2661_RF5225_2 186}; 187 188int 189rt2661_attach(void *xsc, int id) 190{ 191 struct rt2661_softc *sc = xsc; 192 struct ieee80211com *ic = &sc->sc_ic; 193 uint32_t val; 194 int error, ac, ntries; 195 196 sc->sc_id = id; 197 198 sc->amrr.amrr_min_success_threshold = 1; 199 sc->amrr.amrr_max_success_threshold = 15; 200 timeout_set(&sc->amrr_to, rt2661_updatestats, sc); 201 timeout_set(&sc->scan_to, rt2661_next_scan, sc); 202 203 TAILQ_INIT(&sc->amn); 204 205 /* wait for NIC to initialize */ 206 for (ntries = 0; ntries < 1000; ntries++) { 207 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 208 break; 209 DELAY(1000); 210 } 211 if (ntries == 1000) { 212 printf("%s: timeout waiting for NIC to initialize\n", 213 sc->sc_dev.dv_xname); 214 return EIO; 215 } 216 217 /* retrieve RF rev. no and various other things from EEPROM */ 218 rt2661_read_eeprom(sc); 219 printf(", address %s\n", ether_sprintf(ic->ic_myaddr)); 220 221 printf("%s: MAC/BBP RT%X, RF %s\n", sc->sc_dev.dv_xname, val, 222 rt2661_get_rf(sc->rf_rev)); 223 224 /* 225 * Allocate Tx and Rx rings. 226 */ 227 for (ac = 0; ac < 4; ac++) { 228 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac], 229 RT2661_TX_RING_COUNT); 230 if (error != 0) { 231 printf("%s: could not allocate Tx ring %d\n", 232 sc->sc_dev.dv_xname, ac); 233 goto fail1; 234 } 235 } 236 237 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 238 if (error != 0) { 239 printf("%s: could not allocate Mgt ring\n", 240 sc->sc_dev.dv_xname); 241 goto fail1; 242 } 243 244 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 245 if (error != 0) { 246 printf("%s: could not allocate Rx ring\n", 247 sc->sc_dev.dv_xname); 248 goto fail2; 249 } 250 251 config_mountroot(xsc, rt2661_attachhook); 252 253 return 0; 254 255fail2: rt2661_free_tx_ring(sc, &sc->mgtq); 256fail1: while (--ac >= 0) 257 rt2661_free_tx_ring(sc, &sc->txq[ac]); 258 return ENXIO; 259} 260 261void 262rt2661_attachhook(struct device *self) 263{ 264 struct rt2661_softc *sc = (struct rt2661_softc *)self; 265 struct ieee80211com *ic = &sc->sc_ic; 266 struct ifnet *ifp = &ic->ic_if; 267 const char *name = NULL; 268 int i, error; 269 270 switch (sc->sc_id) { 271 case PCI_PRODUCT_RALINK_RT2561: 272 name = "ral-rt2561"; 273 break; 274 case PCI_PRODUCT_RALINK_RT2561S: 275 name = "ral-rt2561s"; 276 break; 277 case PCI_PRODUCT_RALINK_RT2661: 278 name = "ral-rt2661"; 279 break; 280 } 281 if ((error = loadfirmware(name, &sc->ucode, &sc->ucsize)) != 0) { 282 printf("%s: error %d, could not read firmware %s\n", 283 sc->sc_dev.dv_xname, error, name); 284 return; 285 } 286 287 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 288 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 289 ic->ic_state = IEEE80211_S_INIT; 290 291 /* set device capabilities */ 292 ic->ic_caps = 293 IEEE80211_C_MONITOR | /* monitor mode supported */ 294#ifndef IEEE80211_STA_ONLY 295 IEEE80211_C_IBSS | /* IBSS mode supported */ 296 IEEE80211_C_HOSTAP | /* HostAP mode supported */ 297#endif 298 IEEE80211_C_TXPMGT | /* tx power management */ 299 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 300 IEEE80211_C_SHSLOT | /* short slot time supported */ 301 IEEE80211_C_WEP | /* s/w WEP */ 302 IEEE80211_C_RSN; /* WPA/RSN */ 303 304 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) { 305 /* set supported .11a rates */ 306 ic->ic_sup_rates[IEEE80211_MODE_11A] = 307 ieee80211_std_rateset_11a; 308 309 /* set supported .11a channels */ 310 for (i = 36; i <= 64; i += 4) { 311 ic->ic_channels[i].ic_freq = 312 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 313 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 314 } 315 for (i = 100; i <= 140; i += 4) { 316 ic->ic_channels[i].ic_freq = 317 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 318 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 319 } 320 for (i = 149; i <= 165; i += 4) { 321 ic->ic_channels[i].ic_freq = 322 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 323 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 324 } 325 } 326 327 /* set supported .11b and .11g rates */ 328 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 329 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 330 331 /* set supported .11b and .11g channels (1 through 14) */ 332 for (i = 1; i <= 14; i++) { 333 ic->ic_channels[i].ic_freq = 334 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 335 ic->ic_channels[i].ic_flags = 336 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 337 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 338 } 339 340 ifp->if_softc = sc; 341 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 342 ifp->if_ioctl = rt2661_ioctl; 343 ifp->if_start = rt2661_start; 344 ifp->if_watchdog = rt2661_watchdog; 345 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 346 347 if_attach(ifp); 348 ieee80211_ifattach(ifp); 349 ic->ic_node_alloc = rt2661_node_alloc; 350 sc->sc_node_free = ic->ic_node_free; 351 ic->ic_node_free = rt2661_node_free; 352 ic->ic_newassoc = rt2661_newassoc; 353 ic->ic_updateslot = rt2661_updateslot; 354 355 /* override state transition machine */ 356 sc->sc_newstate = ic->ic_newstate; 357 ic->ic_newstate = rt2661_newstate; 358 ieee80211_media_init(ifp, rt2661_media_change, ieee80211_media_status); 359 360#if NBPFILTER > 0 361 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 362 sizeof (struct ieee80211_frame) + 64); 363 364 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 365 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 366 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 367 368 sc->sc_txtap_len = sizeof sc->sc_txtapu; 369 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 370 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 371#endif 372} 373 374int 375rt2661_detach(void *xsc) 376{ 377 struct rt2661_softc *sc = xsc; 378 struct ifnet *ifp = &sc->sc_ic.ic_if; 379 int ac; 380 381 timeout_del(&sc->scan_to); 382 timeout_del(&sc->amrr_to); 383 384 ieee80211_ifdetach(ifp); /* free all nodes */ 385 rt2661_amrr_node_free_all(sc); 386 if_detach(ifp); 387 388 for (ac = 0; ac < 4; ac++) 389 rt2661_free_tx_ring(sc, &sc->txq[ac]); 390 rt2661_free_tx_ring(sc, &sc->mgtq); 391 rt2661_free_rx_ring(sc, &sc->rxq); 392 393 if (sc->ucode != NULL) 394 free(sc->ucode, M_DEVBUF, sc->ucsize); 395 396 return 0; 397} 398 399void 400rt2661_suspend(void *xsc) 401{ 402 struct rt2661_softc *sc = xsc; 403 struct ifnet *ifp = &sc->sc_ic.ic_if; 404 405 if (ifp->if_flags & IFF_RUNNING) { 406 rt2661_stop(ifp, 1); 407 sc->sc_flags &= ~RT2661_FWLOADED; 408 } 409} 410 411void 412rt2661_wakeup(void *xsc) 413{ 414 struct rt2661_softc *sc = xsc; 415 struct ifnet *ifp = &sc->sc_ic.ic_if; 416 417 if (ifp->if_flags & IFF_UP) 418 rt2661_init(ifp); 419} 420 421int 422rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 423 int count) 424{ 425 int i, nsegs, error; 426 427 ring->count = count; 428 ring->queued = 0; 429 ring->cur = ring->next = ring->stat = 0; 430 431 error = bus_dmamap_create(sc->sc_dmat, count * RT2661_TX_DESC_SIZE, 1, 432 count * RT2661_TX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map); 433 if (error != 0) { 434 printf("%s: could not create desc DMA map\n", 435 sc->sc_dev.dv_xname); 436 goto fail; 437 } 438 439 error = bus_dmamem_alloc(sc->sc_dmat, count * RT2661_TX_DESC_SIZE, 440 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT | BUS_DMA_ZERO); 441 if (error != 0) { 442 printf("%s: could not allocate DMA memory\n", 443 sc->sc_dev.dv_xname); 444 goto fail; 445 } 446 447 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 448 count * RT2661_TX_DESC_SIZE, (caddr_t *)&ring->desc, 449 BUS_DMA_NOWAIT); 450 if (error != 0) { 451 printf("%s: can't map desc DMA memory\n", 452 sc->sc_dev.dv_xname); 453 goto fail; 454 } 455 456 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 457 count * RT2661_TX_DESC_SIZE, NULL, BUS_DMA_NOWAIT); 458 if (error != 0) { 459 printf("%s: could not load desc DMA map\n", 460 sc->sc_dev.dv_xname); 461 goto fail; 462 } 463 464 ring->physaddr = ring->map->dm_segs->ds_addr; 465 466 ring->data = mallocarray(count, sizeof (struct rt2661_tx_data), 467 M_DEVBUF, M_NOWAIT | M_ZERO); 468 if (ring->data == NULL) { 469 printf("%s: could not allocate soft data\n", 470 sc->sc_dev.dv_xname); 471 error = ENOMEM; 472 goto fail; 473 } 474 475 for (i = 0; i < count; i++) { 476 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 477 RT2661_MAX_SCATTER, MCLBYTES, 0, BUS_DMA_NOWAIT, 478 &ring->data[i].map); 479 if (error != 0) { 480 printf("%s: could not create DMA map\n", 481 sc->sc_dev.dv_xname); 482 goto fail; 483 } 484 } 485 486 return 0; 487 488fail: rt2661_free_tx_ring(sc, ring); 489 return error; 490} 491 492void 493rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 494{ 495 int i; 496 497 for (i = 0; i < ring->count; i++) { 498 struct rt2661_tx_desc *desc = &ring->desc[i]; 499 struct rt2661_tx_data *data = &ring->data[i]; 500 501 if (data->m != NULL) { 502 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 503 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 504 bus_dmamap_unload(sc->sc_dmat, data->map); 505 m_freem(data->m); 506 data->m = NULL; 507 } 508 509 /* 510 * The node has already been freed at that point so don't call 511 * ieee80211_release_node() here. 512 */ 513 data->ni = NULL; 514 515 desc->flags = 0; 516 } 517 518 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 519 BUS_DMASYNC_PREWRITE); 520 521 ring->queued = 0; 522 ring->cur = ring->next = ring->stat = 0; 523} 524 525void 526rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 527{ 528 int i; 529 530 if (ring->desc != NULL) { 531 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 532 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 533 bus_dmamap_unload(sc->sc_dmat, ring->map); 534 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc, 535 ring->count * RT2661_TX_DESC_SIZE); 536 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 537 } 538 539 if (ring->data != NULL) { 540 for (i = 0; i < ring->count; i++) { 541 struct rt2661_tx_data *data = &ring->data[i]; 542 543 if (data->m != NULL) { 544 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 545 data->map->dm_mapsize, 546 BUS_DMASYNC_POSTWRITE); 547 bus_dmamap_unload(sc->sc_dmat, data->map); 548 m_freem(data->m); 549 } 550 /* 551 * The node has already been freed at that point so 552 * don't call ieee80211_release_node() here. 553 */ 554 data->ni = NULL; 555 556 if (data->map != NULL) 557 bus_dmamap_destroy(sc->sc_dmat, data->map); 558 } 559 free(ring->data, M_DEVBUF, ring->count * sizeof *ring->data); 560 } 561} 562 563int 564rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 565 int count) 566{ 567 int i, nsegs, error; 568 569 ring->count = count; 570 ring->cur = ring->next = 0; 571 572 error = bus_dmamap_create(sc->sc_dmat, count * RT2661_RX_DESC_SIZE, 1, 573 count * RT2661_RX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map); 574 if (error != 0) { 575 printf("%s: could not create desc DMA map\n", 576 sc->sc_dev.dv_xname); 577 goto fail; 578 } 579 580 error = bus_dmamem_alloc(sc->sc_dmat, count * RT2661_RX_DESC_SIZE, 581 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT | BUS_DMA_ZERO); 582 if (error != 0) { 583 printf("%s: could not allocate DMA memory\n", 584 sc->sc_dev.dv_xname); 585 goto fail; 586 } 587 588 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 589 count * RT2661_RX_DESC_SIZE, (caddr_t *)&ring->desc, 590 BUS_DMA_NOWAIT); 591 if (error != 0) { 592 printf("%s: can't map desc DMA memory\n", 593 sc->sc_dev.dv_xname); 594 goto fail; 595 } 596 597 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 598 count * RT2661_RX_DESC_SIZE, NULL, BUS_DMA_NOWAIT); 599 if (error != 0) { 600 printf("%s: could not load desc DMA map\n", 601 sc->sc_dev.dv_xname); 602 goto fail; 603 } 604 605 ring->physaddr = ring->map->dm_segs->ds_addr; 606 607 ring->data = mallocarray(count, sizeof (struct rt2661_rx_data), 608 M_DEVBUF, M_NOWAIT | M_ZERO); 609 if (ring->data == NULL) { 610 printf("%s: could not allocate soft data\n", 611 sc->sc_dev.dv_xname); 612 error = ENOMEM; 613 goto fail; 614 } 615 616 /* 617 * Pre-allocate Rx buffers and populate Rx ring. 618 */ 619 for (i = 0; i < count; i++) { 620 struct rt2661_rx_desc *desc = &sc->rxq.desc[i]; 621 struct rt2661_rx_data *data = &sc->rxq.data[i]; 622 623 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 624 0, BUS_DMA_NOWAIT, &data->map); 625 if (error != 0) { 626 printf("%s: could not create DMA map\n", 627 sc->sc_dev.dv_xname); 628 goto fail; 629 } 630 631 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 632 if (data->m == NULL) { 633 printf("%s: could not allocate rx mbuf\n", 634 sc->sc_dev.dv_xname); 635 error = ENOMEM; 636 goto fail; 637 } 638 MCLGET(data->m, M_DONTWAIT); 639 if (!(data->m->m_flags & M_EXT)) { 640 printf("%s: could not allocate rx mbuf cluster\n", 641 sc->sc_dev.dv_xname); 642 error = ENOMEM; 643 goto fail; 644 } 645 646 error = bus_dmamap_load(sc->sc_dmat, data->map, 647 mtod(data->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 648 if (error != 0) { 649 printf("%s: could not load rx buf DMA map", 650 sc->sc_dev.dv_xname); 651 goto fail; 652 } 653 654 desc->flags = htole32(RT2661_RX_BUSY); 655 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 656 } 657 658 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 659 BUS_DMASYNC_PREWRITE); 660 661 return 0; 662 663fail: rt2661_free_rx_ring(sc, ring); 664 return error; 665} 666 667void 668rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 669{ 670 int i; 671 672 for (i = 0; i < ring->count; i++) 673 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 674 675 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 676 BUS_DMASYNC_PREWRITE); 677 678 ring->cur = ring->next = 0; 679} 680 681void 682rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 683{ 684 int i; 685 686 if (ring->desc != NULL) { 687 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 688 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 689 bus_dmamap_unload(sc->sc_dmat, ring->map); 690 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc, 691 ring->count * RT2661_RX_DESC_SIZE); 692 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 693 } 694 695 if (ring->data != NULL) { 696 for (i = 0; i < ring->count; i++) { 697 struct rt2661_rx_data *data = &ring->data[i]; 698 699 if (data->m != NULL) { 700 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 701 data->map->dm_mapsize, 702 BUS_DMASYNC_POSTREAD); 703 bus_dmamap_unload(sc->sc_dmat, data->map); 704 m_freem(data->m); 705 } 706 707 if (data->map != NULL) 708 bus_dmamap_destroy(sc->sc_dmat, data->map); 709 } 710 free(ring->data, M_DEVBUF, ring->count * sizeof *ring->data); 711 } 712} 713 714struct rt2661_amrr_node * 715rt2661_amrr_node_alloc(struct ieee80211com *ic, struct rt2661_node *rn) 716{ 717 struct rt2661_softc *sc = ic->ic_softc; 718 struct rt2661_amrr_node *amn; 719 int s; 720 721 if (sc->amn_count >= RT2661_AMRR_NODES_MAX) 722 rt2661_amrr_node_free_unused(sc); 723 if (sc->amn_count >= RT2661_AMRR_NODES_MAX) 724 return NULL; 725 726 amn = malloc(sizeof (struct rt2661_amrr_node), M_DEVBUF, 727 M_NOWAIT | M_ZERO); 728 729 if (amn) { 730 s = splnet(); 731 amn->id = sc->amn_count++; 732 amn->rn = rn; 733 TAILQ_INSERT_TAIL(&sc->amn, amn, entry); 734 splx(s); 735 } 736 737 return amn; 738} 739 740void 741rt2661_amrr_node_free(struct rt2661_softc *sc, struct rt2661_amrr_node *amn) 742{ 743 int s; 744 745 s = splnet(); 746 if (amn->rn) 747 amn->rn->amn = NULL; 748 TAILQ_REMOVE(&sc->amn, amn, entry); 749 sc->amn_count--; 750 splx(s); 751 free(amn, M_DEVBUF, sizeof *amn); 752} 753 754void 755rt2661_amrr_node_free_all(struct rt2661_softc *sc) 756{ 757 struct rt2661_amrr_node *amn, *a; 758 int s; 759 760 s = splnet(); 761 TAILQ_FOREACH_SAFE(amn, &sc->amn, entry, a) 762 rt2661_amrr_node_free(sc, amn); 763 splx(s); 764} 765 766void 767rt2661_amrr_node_free_unused(struct rt2661_softc *sc) 768{ 769 struct rt2661_amrr_node *amn, *a; 770 int s; 771 772 s = splnet(); 773 TAILQ_FOREACH_SAFE(amn, &sc->amn, entry, a) { 774 if (amn->rn == NULL) 775 rt2661_amrr_node_free(sc, amn); 776 } 777 splx(s); 778} 779 780struct rt2661_amrr_node * 781rt2661_amrr_node_find(struct rt2661_softc *sc, u_int8_t id) 782{ 783 struct rt2661_amrr_node *amn, *a, *ret = NULL; 784 int s; 785 786 if (id == RT2661_AMRR_INVALID_ID) 787 return NULL; 788 789 s = splnet(); 790 TAILQ_FOREACH_SAFE(amn, &sc->amn, entry, a) { 791 /* If the corresponding node was freed, free the amrr node. */ 792 if (amn->rn == NULL) 793 rt2661_amrr_node_free(sc, amn); 794 else if (amn->id == id) 795 ret = amn; 796 } 797 splx(s); 798 799 return ret; 800} 801 802struct ieee80211_node * 803rt2661_node_alloc(struct ieee80211com *ic) 804{ 805 struct rt2661_node *rn; 806 807 rn = malloc(sizeof (struct rt2661_node), M_DEVBUF, 808 M_NOWAIT | M_ZERO); 809 if (rn == NULL) 810 return NULL; 811 812 rn->amn = rt2661_amrr_node_alloc(ic, rn); 813 return (struct ieee80211_node *)rn; 814} 815 816void 817rt2661_node_free(struct ieee80211com *ic, struct ieee80211_node *ni) 818{ 819 struct rt2661_softc *sc = ic->ic_softc; 820 struct rt2661_node *rn = (struct rt2661_node *)ni; 821 822 if (rn->amn) 823 rn->amn->rn = NULL; 824 sc->sc_node_free(ic, ni); 825} 826 827int 828rt2661_media_change(struct ifnet *ifp) 829{ 830 int error; 831 832 error = ieee80211_media_change(ifp); 833 if (error != ENETRESET) 834 return error; 835 836 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 837 rt2661_init(ifp); 838 839 return 0; 840} 841 842/* 843 * This function is called periodically (every 200ms) during scanning to 844 * switch from one channel to another. 845 */ 846void 847rt2661_next_scan(void *arg) 848{ 849 struct rt2661_softc *sc = arg; 850 struct ieee80211com *ic = &sc->sc_ic; 851 struct ifnet *ifp = &ic->ic_if; 852 int s; 853 854 s = splnet(); 855 if (ic->ic_state == IEEE80211_S_SCAN) 856 ieee80211_next_scan(ifp); 857 splx(s); 858} 859 860/* 861 * This function is called for each neighbor node. 862 */ 863void 864rt2661_iter_func(void *arg, struct ieee80211_node *ni) 865{ 866 struct rt2661_softc *sc = arg; 867 struct rt2661_node *rn = (struct rt2661_node *)ni; 868 869 if (rn->amn) 870 ieee80211_amrr_choose(&sc->amrr, ni, &rn->amn->amn); 871} 872 873/* 874 * This function is called periodically (every 500ms) in RUN state to update 875 * various settings like rate control statistics or Rx sensitivity. 876 */ 877void 878rt2661_updatestats(void *arg) 879{ 880 struct rt2661_softc *sc = arg; 881 struct ieee80211com *ic = &sc->sc_ic; 882 int s; 883 884 s = splnet(); 885 if (ic->ic_opmode == IEEE80211_M_STA) 886 rt2661_iter_func(sc, ic->ic_bss); 887 else 888 ieee80211_iterate_nodes(ic, rt2661_iter_func, arg); 889 890 /* update rx sensitivity and free unused amrr nodes every 1 sec */ 891 if (++sc->ncalls & 1) { 892 rt2661_rx_tune(sc); 893 rt2661_amrr_node_free_unused(sc); 894 } 895 splx(s); 896 897 timeout_add_msec(&sc->amrr_to, 500); 898} 899 900void 901rt2661_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 902{ 903 struct rt2661_softc *sc = ic->ic_softc; 904 struct rt2661_node *rn = (struct rt2661_node *)ni; 905 int i; 906 907 if (rn->amn) 908 ieee80211_amrr_node_init(&sc->amrr, &rn->amn->amn); 909 910 /* set rate to some reasonable initial value */ 911 for (i = ni->ni_rates.rs_nrates - 1; 912 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 913 i--); 914 ni->ni_txrate = i; 915} 916 917int 918rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 919{ 920 struct rt2661_softc *sc = ic->ic_if.if_softc; 921 enum ieee80211_state ostate; 922 struct ieee80211_node *ni; 923 uint32_t tmp; 924 925 ostate = ic->ic_state; 926 timeout_del(&sc->scan_to); 927 timeout_del(&sc->amrr_to); 928 929 switch (nstate) { 930 case IEEE80211_S_INIT: 931 if (ostate == IEEE80211_S_RUN) { 932 /* abort TSF synchronization */ 933 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 934 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 935 } 936 break; 937 938 case IEEE80211_S_SCAN: 939 rt2661_set_chan(sc, ic->ic_bss->ni_chan); 940 timeout_add_msec(&sc->scan_to, 200); 941 break; 942 943 case IEEE80211_S_AUTH: 944 case IEEE80211_S_ASSOC: 945 rt2661_set_chan(sc, ic->ic_bss->ni_chan); 946 break; 947 948 case IEEE80211_S_RUN: 949 rt2661_set_chan(sc, ic->ic_bss->ni_chan); 950 951 ni = ic->ic_bss; 952 953 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 954 rt2661_set_slottime(sc); 955 rt2661_enable_mrr(sc); 956 rt2661_set_txpreamble(sc); 957 rt2661_set_basicrates(sc); 958 rt2661_set_bssid(sc, ni->ni_bssid); 959 } 960 961#ifndef IEEE80211_STA_ONLY 962 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 963 ic->ic_opmode == IEEE80211_M_IBSS) 964 rt2661_prepare_beacon(sc); 965#endif 966 967 if (ic->ic_opmode == IEEE80211_M_STA) { 968 /* fake a join to init the tx rate */ 969 rt2661_newassoc(ic, ni, 1); 970 } 971 972 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 973 sc->ncalls = 0; 974 sc->avg_rssi = -95; /* reset EMA */ 975 timeout_add_msec(&sc->amrr_to, 500); 976 rt2661_enable_tsf_sync(sc); 977 } 978 break; 979 } 980 981 return sc->sc_newstate(ic, nstate, arg); 982} 983 984/* 985 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 986 * 93C66). 987 */ 988uint16_t 989rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 990{ 991 uint32_t tmp; 992 uint16_t val; 993 int n; 994 995 /* clock C once before the first command */ 996 RT2661_EEPROM_CTL(sc, 0); 997 998 RT2661_EEPROM_CTL(sc, RT2661_S); 999 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 1000 RT2661_EEPROM_CTL(sc, RT2661_S); 1001 1002 /* write start bit (1) */ 1003 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 1004 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 1005 1006 /* write READ opcode (10) */ 1007 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 1008 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 1009 RT2661_EEPROM_CTL(sc, RT2661_S); 1010 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 1011 1012 /* write address (A5-A0 or A7-A0) */ 1013 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 1014 for (; n >= 0; n--) { 1015 RT2661_EEPROM_CTL(sc, RT2661_S | 1016 (((addr >> n) & 1) << RT2661_SHIFT_D)); 1017 RT2661_EEPROM_CTL(sc, RT2661_S | 1018 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 1019 } 1020 1021 RT2661_EEPROM_CTL(sc, RT2661_S); 1022 1023 /* read data Q15-Q0 */ 1024 val = 0; 1025 for (n = 15; n >= 0; n--) { 1026 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 1027 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 1028 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 1029 RT2661_EEPROM_CTL(sc, RT2661_S); 1030 } 1031 1032 RT2661_EEPROM_CTL(sc, 0); 1033 1034 /* clear Chip Select and clock C */ 1035 RT2661_EEPROM_CTL(sc, RT2661_S); 1036 RT2661_EEPROM_CTL(sc, 0); 1037 RT2661_EEPROM_CTL(sc, RT2661_C); 1038 1039 return val; 1040} 1041 1042/* The TX interrupt handler accumulates statistics based on whether frames 1043 * were sent successfully by the ASIC. */ 1044void 1045rt2661_tx_intr(struct rt2661_softc *sc) 1046{ 1047 struct ieee80211com *ic = &sc->sc_ic; 1048 struct ifnet *ifp = &ic->ic_if; 1049 struct rt2661_amrr_node *amn; 1050 int retrycnt; 1051 u_int8_t amrr_id; 1052 1053 for (;;) { 1054 const uint32_t val = RAL_READ(sc, RT2661_STA_CSR4); 1055 if (!(val & RT2661_TX_STAT_VALID)) 1056 break; 1057 1058 /* retrieve rate control algorithm context */ 1059 amrr_id = RT2661_TX_PRIV_DATA(val); 1060 amn = rt2661_amrr_node_find(sc, amrr_id); 1061 1062 switch (RT2661_TX_RESULT(val)) { 1063 case RT2661_TX_SUCCESS: 1064 retrycnt = RT2661_TX_RETRYCNT(val); 1065 1066 DPRINTFN(10, ("data frame sent successfully after " 1067 "%d retries\n", retrycnt)); 1068 if (amn) { 1069 amn->amn.amn_txcnt++; 1070 if (retrycnt > 0) 1071 amn->amn.amn_retrycnt++; 1072 } 1073 break; 1074 1075 case RT2661_TX_RETRY_FAIL: 1076 DPRINTFN(9, ("sending data frame failed (too much " 1077 "retries)\n")); 1078 if (amn) { 1079 amn->amn.amn_txcnt++; 1080 amn->amn.amn_retrycnt++; 1081 } 1082 ifp->if_oerrors++; 1083 break; 1084 1085 default: 1086 /* other failure */ 1087 printf("%s: sending data frame failed 0x%08x\n", 1088 sc->sc_dev.dv_xname, val); 1089 ifp->if_oerrors++; 1090 } 1091 1092 DPRINTFN(15, ("tx done amrr_id=%hhu amn=0x%x\n", amrr_id, amn)); 1093 } 1094} 1095 1096/* The TX DMA interrupt handler processes frames which have been offloaded 1097 * to the ASIC for transmission. We can free all resources corresponding 1098 * to the frame here. */ 1099void 1100rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 1101{ 1102 struct ieee80211com *ic = &sc->sc_ic; 1103 struct ifnet *ifp = &ic->ic_if; 1104 1105 for (;;) { 1106 struct rt2661_tx_desc *desc = &txq->desc[txq->next]; 1107 struct rt2661_tx_data *data = &txq->data[txq->next]; 1108 1109 bus_dmamap_sync(sc->sc_dmat, txq->map, 1110 txq->next * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1111 BUS_DMASYNC_POSTREAD); 1112 1113 if ((letoh32(desc->flags) & RT2661_TX_BUSY) || 1114 !(letoh32(desc->flags) & RT2661_TX_VALID)) 1115 break; 1116 1117 /* descriptor is no longer valid */ 1118 desc->flags &= ~htole32(RT2661_TX_VALID); 1119 1120 bus_dmamap_sync(sc->sc_dmat, txq->map, 1121 txq->next * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1122 BUS_DMASYNC_PREWRITE); 1123 1124 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1125 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1126 bus_dmamap_unload(sc->sc_dmat, data->map); 1127 m_freem(data->m); 1128 data->m = NULL; 1129 ieee80211_release_node(ic, data->ni); 1130 data->ni = NULL; 1131 1132 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 1133 1134 txq->queued--; 1135 if (++txq->next >= txq->count) /* faster than % count */ 1136 txq->next = 0; 1137 } 1138 1139 if (sc->mgtq.queued == 0 && sc->txq[0].queued == 0) 1140 sc->sc_tx_timer = 0; 1141 if (sc->mgtq.queued < RT2661_MGT_RING_COUNT && 1142 sc->txq[0].queued < RT2661_TX_RING_COUNT - 1) { 1143 if (sc->mgtq.queued < RT2661_MGT_RING_COUNT) 1144 sc->sc_flags &= ~RT2661_MGT_OACTIVE; 1145 if (sc->txq[0].queued < RT2661_TX_RING_COUNT - 1) 1146 sc->sc_flags &= ~RT2661_DATA_OACTIVE; 1147 if (!(sc->sc_flags & (RT2661_MGT_OACTIVE|RT2661_DATA_OACTIVE))) 1148 ifq_clr_oactive(&ifp->if_snd); 1149 rt2661_start(ifp); 1150 } 1151} 1152 1153void 1154rt2661_rx_intr(struct rt2661_softc *sc) 1155{ 1156 struct mbuf_list ml = MBUF_LIST_INITIALIZER(); 1157 struct ieee80211com *ic = &sc->sc_ic; 1158 struct ifnet *ifp = &ic->ic_if; 1159 struct ieee80211_frame *wh; 1160 struct ieee80211_rxinfo rxi; 1161 struct ieee80211_node *ni; 1162 struct mbuf *mnew, *m; 1163 int error, rssi; 1164 1165 for (;;) { 1166 struct rt2661_rx_desc *desc = &sc->rxq.desc[sc->rxq.cur]; 1167 struct rt2661_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 1168 1169 bus_dmamap_sync(sc->sc_dmat, sc->rxq.map, 1170 sc->rxq.cur * RT2661_RX_DESC_SIZE, RT2661_RX_DESC_SIZE, 1171 BUS_DMASYNC_POSTREAD); 1172 1173 if (letoh32(desc->flags) & RT2661_RX_BUSY) 1174 break; 1175 1176 if ((letoh32(desc->flags) & RT2661_RX_PHY_ERROR) || 1177 (letoh32(desc->flags) & RT2661_RX_CRC_ERROR)) { 1178 /* 1179 * This should not happen since we did not request 1180 * to receive those frames when we filled TXRX_CSR0. 1181 */ 1182 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1183 letoh32(desc->flags))); 1184 ifp->if_ierrors++; 1185 goto skip; 1186 } 1187 1188 if ((letoh32(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1189 ifp->if_ierrors++; 1190 goto skip; 1191 } 1192 1193 /* 1194 * Try to allocate a new mbuf for this ring element and load it 1195 * before processing the current mbuf. If the ring element 1196 * cannot be loaded, drop the received packet and reuse the old 1197 * mbuf. In the unlikely case that the old mbuf can't be 1198 * reloaded either, explicitly panic. 1199 */ 1200 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1201 if (mnew == NULL) { 1202 ifp->if_ierrors++; 1203 goto skip; 1204 } 1205 MCLGET(mnew, M_DONTWAIT); 1206 if (!(mnew->m_flags & M_EXT)) { 1207 m_freem(mnew); 1208 ifp->if_ierrors++; 1209 goto skip; 1210 } 1211 1212 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1213 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1214 bus_dmamap_unload(sc->sc_dmat, data->map); 1215 1216 error = bus_dmamap_load(sc->sc_dmat, data->map, 1217 mtod(mnew, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 1218 if (error != 0) { 1219 m_freem(mnew); 1220 1221 /* try to reload the old mbuf */ 1222 error = bus_dmamap_load(sc->sc_dmat, data->map, 1223 mtod(data->m, void *), MCLBYTES, NULL, 1224 BUS_DMA_NOWAIT); 1225 if (error != 0) { 1226 /* very unlikely that it will fail... */ 1227 panic("%s: could not load old rx mbuf", 1228 sc->sc_dev.dv_xname); 1229 } 1230 /* physical address may have changed */ 1231 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 1232 ifp->if_ierrors++; 1233 goto skip; 1234 } 1235 1236 /* 1237 * New mbuf successfully loaded, update Rx ring and continue 1238 * processing. 1239 */ 1240 m = data->m; 1241 data->m = mnew; 1242 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 1243 1244 /* finalize mbuf */ 1245 m->m_pkthdr.len = m->m_len = 1246 (letoh32(desc->flags) >> 16) & 0xfff; 1247 1248#if NBPFILTER > 0 1249 if (sc->sc_drvbpf != NULL) { 1250 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1251 uint32_t tsf_lo, tsf_hi; 1252 1253 /* get timestamp (low and high 32 bits) */ 1254 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1255 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1256 1257 tap->wr_tsf = 1258 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1259 tap->wr_flags = 0; 1260 tap->wr_rate = rt2661_rxrate(desc); 1261 tap->wr_chan_freq = htole16(sc->sc_curchan->ic_freq); 1262 tap->wr_chan_flags = htole16(sc->sc_curchan->ic_flags); 1263 tap->wr_antsignal = desc->rssi; 1264 1265 bpf_mtap_hdr(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m, 1266 BPF_DIRECTION_IN); 1267 } 1268#endif 1269 1270 wh = mtod(m, struct ieee80211_frame *); 1271 ni = ieee80211_find_rxnode(ic, wh); 1272 1273 /* send the frame to the 802.11 layer */ 1274 memset(&rxi, 0, sizeof(rxi)); 1275 rxi.rxi_rssi = desc->rssi; 1276 ieee80211_inputm(ifp, m, ni, &rxi, &ml); 1277 1278 /*- 1279 * Keep track of the average RSSI using an Exponential Moving 1280 * Average (EMA) of 8 Wilder's days: 1281 * avg = (1 / N) x rssi + ((N - 1) / N) x avg 1282 */ 1283 rssi = rt2661_get_rssi(sc, desc->rssi); 1284 sc->avg_rssi = (rssi + 7 * sc->avg_rssi) / 8; 1285 1286 /* node is no longer needed */ 1287 ieee80211_release_node(ic, ni); 1288 1289skip: desc->flags |= htole32(RT2661_RX_BUSY); 1290 1291 bus_dmamap_sync(sc->sc_dmat, sc->rxq.map, 1292 sc->rxq.cur * RT2661_RX_DESC_SIZE, RT2661_RX_DESC_SIZE, 1293 BUS_DMASYNC_PREWRITE); 1294 1295 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur)); 1296 1297 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1298 } 1299 if_input(ifp, &ml); 1300} 1301 1302#ifndef IEEE80211_STA_ONLY 1303/* 1304 * This function is called in HostAP or IBSS modes when it's time to send a 1305 * new beacon (every ni_intval milliseconds). 1306 */ 1307void 1308rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1309{ 1310 struct ieee80211com *ic = &sc->sc_ic; 1311 1312 if (sc->sc_flags & RT2661_UPDATE_SLOT) { 1313 sc->sc_flags &= ~RT2661_UPDATE_SLOT; 1314 sc->sc_flags |= RT2661_SET_SLOTTIME; 1315 } else if (sc->sc_flags & RT2661_SET_SLOTTIME) { 1316 sc->sc_flags &= ~RT2661_SET_SLOTTIME; 1317 rt2661_set_slottime(sc); 1318 } 1319 1320 if (ic->ic_curmode == IEEE80211_MODE_11G) { 1321 /* update ERP Information Element */ 1322 RAL_WRITE_1(sc, sc->erp_csr, ic->ic_bss->ni_erp); 1323 RAL_RW_BARRIER_1(sc, sc->erp_csr); 1324 } 1325 1326 DPRINTFN(15, ("beacon expired\n")); 1327} 1328#endif 1329 1330void 1331rt2661_mcu_wakeup(struct rt2661_softc *sc) 1332{ 1333 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1334 1335 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1336 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1337 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1338 1339 /* send wakeup command to MCU */ 1340 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1341} 1342 1343void 1344rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1345{ 1346 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1347 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1348} 1349 1350int 1351rt2661_intr(void *arg) 1352{ 1353 struct rt2661_softc *sc = arg; 1354 struct ifnet *ifp = &sc->sc_ic.ic_if; 1355 uint32_t r1, r2; 1356 1357 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1358 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1359 if (__predict_false(r1 == 0xffffffff && r2 == 0xffffffff)) 1360 return 0; /* device likely went away */ 1361 if (r1 == 0 && r2 == 0) 1362 return 0; /* not for us */ 1363 1364 /* disable MAC and MCU interrupts */ 1365 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1366 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1367 1368 /* acknowledge interrupts */ 1369 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1370 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1371 1372 /* don't re-enable interrupts if we're shutting down */ 1373 if (!(ifp->if_flags & IFF_RUNNING)) 1374 return 0; 1375 1376 if (r1 & RT2661_MGT_DONE) 1377 rt2661_tx_dma_intr(sc, &sc->mgtq); 1378 1379 if (r1 & RT2661_RX_DONE) 1380 rt2661_rx_intr(sc); 1381 1382 if (r1 & RT2661_TX0_DMA_DONE) 1383 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1384 1385 if (r1 & RT2661_TX1_DMA_DONE) 1386 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1387 1388 if (r1 & RT2661_TX2_DMA_DONE) 1389 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1390 1391 if (r1 & RT2661_TX3_DMA_DONE) 1392 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1393 1394 if (r1 & RT2661_TX_DONE) 1395 rt2661_tx_intr(sc); 1396 1397 if (r2 & RT2661_MCU_CMD_DONE) 1398 rt2661_mcu_cmd_intr(sc); 1399 1400#ifndef IEEE80211_STA_ONLY 1401 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1402 rt2661_mcu_beacon_expire(sc); 1403#endif 1404 1405 if (r2 & RT2661_MCU_WAKEUP) 1406 rt2661_mcu_wakeup(sc); 1407 1408 /* re-enable MAC and MCU interrupts */ 1409 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 1410 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 1411 1412 return 1; 1413} 1414 1415/* quickly determine if a given rate is CCK or OFDM */ 1416#define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1417 1418#define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1419#define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1420 1421/* 1422 * This function is only used by the Rx radiotap code. It returns the rate at 1423 * which a given frame was received. 1424 */ 1425#if NBPFILTER > 0 1426uint8_t 1427rt2661_rxrate(const struct rt2661_rx_desc *desc) 1428{ 1429 if (letoh32(desc->flags) & RT2661_RX_OFDM) { 1430 /* reverse function of rt2661_plcp_signal */ 1431 switch (desc->rate & 0xf) { 1432 case 0xb: return 12; 1433 case 0xf: return 18; 1434 case 0xa: return 24; 1435 case 0xe: return 36; 1436 case 0x9: return 48; 1437 case 0xd: return 72; 1438 case 0x8: return 96; 1439 case 0xc: return 108; 1440 } 1441 } else { 1442 if (desc->rate == 10) 1443 return 2; 1444 if (desc->rate == 20) 1445 return 4; 1446 if (desc->rate == 55) 1447 return 11; 1448 if (desc->rate == 110) 1449 return 22; 1450 } 1451 return 2; /* should not get there */ 1452} 1453#endif 1454 1455/* 1456 * Return the expected ack rate for a frame transmitted at rate `rate'. 1457 */ 1458int 1459rt2661_ack_rate(struct ieee80211com *ic, int rate) 1460{ 1461 switch (rate) { 1462 /* CCK rates */ 1463 case 2: 1464 return 2; 1465 case 4: 1466 case 11: 1467 case 22: 1468 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1469 1470 /* OFDM rates */ 1471 case 12: 1472 case 18: 1473 return 12; 1474 case 24: 1475 case 36: 1476 return 24; 1477 case 48: 1478 case 72: 1479 case 96: 1480 case 108: 1481 return 48; 1482 } 1483 1484 /* default to 1Mbps */ 1485 return 2; 1486} 1487 1488/* 1489 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1490 * The function automatically determines the operating mode depending on the 1491 * given rate. `flags' indicates whether short preamble is in use or not. 1492 */ 1493uint16_t 1494rt2661_txtime(int len, int rate, uint32_t flags) 1495{ 1496 uint16_t txtime; 1497 1498 if (RAL_RATE_IS_OFDM(rate)) { 1499 /* IEEE Std 802.11g-2003, pp. 44 */ 1500 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1501 txtime = 16 + 4 + 4 * txtime + 6; 1502 } else { 1503 /* IEEE Std 802.11b-1999, pp. 28 */ 1504 txtime = (16 * len + rate - 1) / rate; 1505 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1506 txtime += 72 + 24; 1507 else 1508 txtime += 144 + 48; 1509 } 1510 return txtime; 1511} 1512 1513uint8_t 1514rt2661_plcp_signal(int rate) 1515{ 1516 switch (rate) { 1517 /* CCK rates (returned values are device-dependent) */ 1518 case 2: return 0x0; 1519 case 4: return 0x1; 1520 case 11: return 0x2; 1521 case 22: return 0x3; 1522 1523 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1524 case 12: return 0xb; 1525 case 18: return 0xf; 1526 case 24: return 0xa; 1527 case 36: return 0xe; 1528 case 48: return 0x9; 1529 case 72: return 0xd; 1530 case 96: return 0x8; 1531 case 108: return 0xc; 1532 1533 /* unsupported rates (should not get there) */ 1534 default: return 0xff; 1535 } 1536} 1537 1538void 1539rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1540 uint32_t flags, uint16_t xflags, int len, int rate, 1541 const bus_dma_segment_t *segs, int nsegs, int ac, u_int8_t amrr_id) 1542{ 1543 struct ieee80211com *ic = &sc->sc_ic; 1544 uint16_t plcp_length; 1545 int i, remainder; 1546 1547 desc->flags = htole32(flags); 1548 desc->flags |= htole32(len << 16); 1549 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1550 1551 desc->xflags = htole16(xflags); 1552 desc->xflags |= htole16(nsegs << 13); 1553 1554 desc->wme = htole16( 1555 RT2661_QID(ac) | 1556 RT2661_AIFSN(2) | 1557 RT2661_LOGCWMIN(4) | 1558 RT2661_LOGCWMAX(10)); 1559 1560 /* 1561 * Remember the ID of the AMRR node to update when Tx completes. 1562 * This field is driver private data only. It will be made available 1563 * by the NIC in STA_CSR4 on Tx interrupts. 1564 */ 1565 desc->priv_data = amrr_id; 1566 1567 /* setup PLCP fields */ 1568 desc->plcp_signal = rt2661_plcp_signal(rate); 1569 desc->plcp_service = 4; 1570 1571 len += IEEE80211_CRC_LEN; 1572 if (RAL_RATE_IS_OFDM(rate)) { 1573 desc->flags |= htole32(RT2661_TX_OFDM); 1574 1575 plcp_length = len & 0xfff; 1576 desc->plcp_length_hi = plcp_length >> 6; 1577 desc->plcp_length_lo = plcp_length & 0x3f; 1578 } else { 1579 plcp_length = (16 * len + rate - 1) / rate; 1580 if (rate == 22) { 1581 remainder = (16 * len) % 22; 1582 if (remainder != 0 && remainder < 7) 1583 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1584 } 1585 desc->plcp_length_hi = plcp_length >> 8; 1586 desc->plcp_length_lo = plcp_length & 0xff; 1587 1588 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1589 desc->plcp_signal |= 0x08; 1590 } 1591 1592 /* RT2x61 supports scatter with up to 5 segments */ 1593 for (i = 0; i < nsegs; i++) { 1594 desc->addr[i] = htole32(segs[i].ds_addr); 1595 desc->len [i] = htole16(segs[i].ds_len); 1596 } 1597} 1598 1599int 1600rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1601 struct ieee80211_node *ni) 1602{ 1603 struct ieee80211com *ic = &sc->sc_ic; 1604 struct rt2661_tx_desc *desc; 1605 struct rt2661_tx_data *data; 1606 struct ieee80211_frame *wh; 1607 uint16_t dur; 1608 uint32_t flags = 0; 1609 int rate, error; 1610 1611 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1612 data = &sc->mgtq.data[sc->mgtq.cur]; 1613 1614 /* send mgt frames at the lowest available rate */ 1615 rate = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? 12 : 2; 1616 1617 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1618 BUS_DMA_NOWAIT); 1619 if (error != 0) { 1620 printf("%s: can't map mbuf (error %d)\n", 1621 sc->sc_dev.dv_xname, error); 1622 m_freem(m0); 1623 return error; 1624 } 1625 1626#if NBPFILTER > 0 1627 if (sc->sc_drvbpf != NULL) { 1628 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1629 1630 tap->wt_flags = 0; 1631 tap->wt_rate = rate; 1632 tap->wt_chan_freq = htole16(sc->sc_curchan->ic_freq); 1633 tap->wt_chan_flags = htole16(sc->sc_curchan->ic_flags); 1634 1635 bpf_mtap_hdr(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0, 1636 BPF_DIRECTION_OUT); 1637 } 1638#endif 1639 1640 data->m = m0; 1641 data->ni = ni; 1642 1643 wh = mtod(m0, struct ieee80211_frame *); 1644 1645 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1646 flags |= RT2661_TX_NEED_ACK; 1647 1648 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1649 sc->sifs; 1650 *(uint16_t *)wh->i_dur = htole16(dur); 1651 1652#ifndef IEEE80211_STA_ONLY 1653 /* tell hardware to set timestamp in probe responses */ 1654 if ((wh->i_fc[0] & 1655 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1656 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1657 flags |= RT2661_TX_TIMESTAMP; 1658#endif 1659 } 1660 1661 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1662 m0->m_pkthdr.len, rate, data->map->dm_segs, data->map->dm_nsegs, 1663 RT2661_QID_MGT, RT2661_AMRR_INVALID_ID); 1664 1665 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1666 BUS_DMASYNC_PREWRITE); 1667 bus_dmamap_sync(sc->sc_dmat, sc->mgtq.map, 1668 sc->mgtq.cur * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1669 BUS_DMASYNC_PREWRITE); 1670 1671 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1672 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1673 1674 /* kick mgt */ 1675 sc->mgtq.queued++; 1676 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1677 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1678 1679 return 0; 1680} 1681 1682int 1683rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1684 struct ieee80211_node *ni, int ac) 1685{ 1686 struct ieee80211com *ic = &sc->sc_ic; 1687 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1688 struct rt2661_node *rn; 1689 struct rt2661_tx_desc *desc; 1690 struct rt2661_tx_data *data; 1691 struct ieee80211_frame *wh; 1692 struct ieee80211_key *k; 1693 struct mbuf *m1; 1694 uint16_t dur; 1695 uint32_t flags = 0; 1696 int pktlen, rate, needcts = 0, needrts = 0, error; 1697 1698 rn = ((ni == ic->ic_bss) ? NULL : (struct rt2661_node *)ni); 1699 wh = mtod(m0, struct ieee80211_frame *); 1700 1701 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1702 k = ieee80211_get_txkey(ic, wh, ni); 1703 1704 if ((m0 = ieee80211_encrypt(ic, m0, k)) == NULL) 1705 return ENOBUFS; 1706 1707 /* packet header may have moved, reset our local pointer */ 1708 wh = mtod(m0, struct ieee80211_frame *); 1709 } 1710 1711 /* compute actual packet length (including CRC and crypto overhead) */ 1712 pktlen = m0->m_pkthdr.len + IEEE80211_CRC_LEN; 1713 1714 /* pickup a rate */ 1715 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1716 /* multicast frames are sent at the lowest avail. rate */ 1717 rate = ni->ni_rates.rs_rates[0]; 1718 } else if (ic->ic_fixed_rate != -1) { 1719 rate = ic->ic_sup_rates[ic->ic_curmode]. 1720 rs_rates[ic->ic_fixed_rate]; 1721 } else 1722 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1723 if (rate == 0) 1724 rate = 2; /* XXX should not happen */ 1725 rate &= IEEE80211_RATE_VAL; 1726 1727 /* 1728 * Packet Bursting: backoff after ppb=8 frames to give other STAs a 1729 * chance to contend for the wireless medium. 1730 */ 1731 if (ic->ic_opmode == IEEE80211_M_STA && (ni->ni_txseq & 7)) 1732 flags |= RT2661_TX_IFS_SIFS; 1733 1734 /* check if RTS/CTS or CTS-to-self protection must be used */ 1735 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1736 /* multicast frames are not sent at OFDM rates in 802.11b/g */ 1737 if (pktlen > ic->ic_rtsthreshold) { 1738 needrts = 1; /* RTS/CTS based on frame length */ 1739 } else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 1740 RAL_RATE_IS_OFDM(rate)) { 1741 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 1742 needcts = 1; /* CTS-to-self */ 1743 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 1744 needrts = 1; /* RTS/CTS */ 1745 } 1746 } 1747 if (needrts || needcts) { 1748 struct mbuf *mprot; 1749 int protrate, ackrate; 1750 1751 protrate = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? 12 : 2; 1752 ackrate = rt2661_ack_rate(ic, rate); 1753 1754 dur = rt2661_txtime(pktlen, rate, ic->ic_flags) + 1755 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1756 2 * sc->sifs; 1757 if (needrts) { 1758 dur += rt2661_txtime(RAL_CTS_SIZE, rt2661_ack_rate(ic, 1759 protrate), ic->ic_flags) + sc->sifs; 1760 mprot = ieee80211_get_rts(ic, wh, dur); 1761 } else { 1762 mprot = ieee80211_get_cts_to_self(ic, dur); 1763 } 1764 if (mprot == NULL) { 1765 printf("%s: could not allocate protection frame\n", 1766 sc->sc_dev.dv_xname); 1767 m_freem(m0); 1768 return ENOBUFS; 1769 } 1770 1771 desc = &txq->desc[txq->cur]; 1772 data = &txq->data[txq->cur]; 1773 1774 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, mprot, 1775 BUS_DMA_NOWAIT); 1776 if (error != 0) { 1777 printf("%s: can't map mbuf (error %d)\n", 1778 sc->sc_dev.dv_xname, error); 1779 m_freem(mprot); 1780 m_freem(m0); 1781 return error; 1782 } 1783 1784 data->m = mprot; 1785 /* avoid multiple free() of the same node for each fragment */ 1786 data->ni = ieee80211_ref_node(ni); 1787 1788 /* XXX may want to pass the protection frame to BPF */ 1789 1790 rt2661_setup_tx_desc(sc, desc, 1791 (needrts ? RT2661_TX_NEED_ACK : 0) | RT2661_TX_MORE_FRAG, 1792 0, mprot->m_pkthdr.len, protrate, data->map->dm_segs, 1793 data->map->dm_nsegs, ac, 1794 (rn && rn->amn) ? rn->amn->id : RT2661_AMRR_INVALID_ID); 1795 1796 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1797 data->map->dm_mapsize, BUS_DMASYNC_PREWRITE); 1798 bus_dmamap_sync(sc->sc_dmat, txq->map, 1799 txq->cur * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1800 BUS_DMASYNC_PREWRITE); 1801 1802 txq->queued++; 1803 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1804 1805 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS_SIFS; 1806 } 1807 1808 data = &txq->data[txq->cur]; 1809 desc = &txq->desc[txq->cur]; 1810 1811 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1812 BUS_DMA_NOWAIT); 1813 if (error != 0 && error != EFBIG) { 1814 printf("%s: can't map mbuf (error %d)\n", 1815 sc->sc_dev.dv_xname, error); 1816 m_freem(m0); 1817 return error; 1818 } 1819 if (error != 0) { 1820 /* too many fragments, linearize */ 1821 MGETHDR(m1, M_DONTWAIT, MT_DATA); 1822 if (m1 == NULL) { 1823 m_freem(m0); 1824 return ENOBUFS; 1825 } 1826 if (m0->m_pkthdr.len > MHLEN) { 1827 MCLGET(m1, M_DONTWAIT); 1828 if (!(m1->m_flags & M_EXT)) { 1829 m_freem(m0); 1830 m_freem(m1); 1831 return ENOBUFS; 1832 } 1833 } 1834 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(m1, caddr_t)); 1835 m1->m_pkthdr.len = m1->m_len = m0->m_pkthdr.len; 1836 m_freem(m0); 1837 m0 = m1; 1838 1839 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1840 BUS_DMA_NOWAIT); 1841 if (error != 0) { 1842 printf("%s: can't map mbuf (error %d)\n", 1843 sc->sc_dev.dv_xname, error); 1844 m_freem(m0); 1845 return error; 1846 } 1847 1848 /* packet header have moved, reset our local pointer */ 1849 wh = mtod(m0, struct ieee80211_frame *); 1850 } 1851 1852#if NBPFILTER > 0 1853 if (sc->sc_drvbpf != NULL) { 1854 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1855 1856 tap->wt_flags = 0; 1857 tap->wt_rate = rate; 1858 tap->wt_chan_freq = htole16(sc->sc_curchan->ic_freq); 1859 tap->wt_chan_flags = htole16(sc->sc_curchan->ic_flags); 1860 1861 bpf_mtap_hdr(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0, 1862 BPF_DIRECTION_OUT); 1863 } 1864#endif 1865 1866 data->m = m0; 1867 data->ni = ni; 1868 1869 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1870 flags |= RT2661_TX_NEED_ACK; 1871 1872 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1873 ic->ic_flags) + sc->sifs; 1874 *(uint16_t *)wh->i_dur = htole16(dur); 1875 } 1876 1877 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, 1878 data->map->dm_segs, data->map->dm_nsegs, ac, 1879 (rn && rn->amn) ? rn->amn->id : RT2661_AMRR_INVALID_ID); 1880 1881 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1882 BUS_DMASYNC_PREWRITE); 1883 bus_dmamap_sync(sc->sc_dmat, txq->map, txq->cur * RT2661_TX_DESC_SIZE, 1884 RT2661_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE); 1885 1886 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1887 m0->m_pkthdr.len, txq->cur, rate)); 1888 1889 /* kick Tx */ 1890 txq->queued++; 1891 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1892 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1); 1893 1894 return 0; 1895} 1896 1897void 1898rt2661_start(struct ifnet *ifp) 1899{ 1900 struct rt2661_softc *sc = ifp->if_softc; 1901 struct ieee80211com *ic = &sc->sc_ic; 1902 struct mbuf *m0; 1903 struct ieee80211_node *ni; 1904 1905 /* 1906 * net80211 may still try to send management frames even if the 1907 * IFF_RUNNING flag is not set... 1908 */ 1909 if (!(ifp->if_flags & IFF_RUNNING) || ifq_is_oactive(&ifp->if_snd)) 1910 return; 1911 1912 for (;;) { 1913 if (mq_len(&ic->ic_mgtq) > 0) { 1914 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1915 ifq_set_oactive(&ifp->if_snd); 1916 break; 1917 } 1918 1919 m0 = mq_dequeue(&ic->ic_mgtq); 1920 if (m0 == NULL) 1921 continue; 1922 ni = m0->m_pkthdr.ph_cookie; 1923#if NBPFILTER > 0 1924 if (ic->ic_rawbpf != NULL) 1925 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1926#endif 1927 if (rt2661_tx_mgt(sc, m0, ni) != 0) 1928 break; 1929 1930 } else { 1931 if (sc->txq[0].queued >= RT2661_TX_RING_COUNT - 1) { 1932 ifq_set_oactive(&ifp->if_snd); 1933 break; 1934 } 1935 1936 if (ic->ic_state != IEEE80211_S_RUN) 1937 break; 1938 1939 m0 = ifq_dequeue(&ifp->if_snd); 1940 if (m0 == NULL) 1941 break; 1942#if NBPFILTER > 0 1943 if (ifp->if_bpf != NULL) 1944 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1945#endif 1946 m0 = ieee80211_encap(ifp, m0, &ni); 1947 if (m0 == NULL) 1948 continue; 1949#if NBPFILTER > 0 1950 if (ic->ic_rawbpf != NULL) 1951 bpf_mtap(ic->ic_rawbpf, m0, 1952 BPF_DIRECTION_OUT); 1953#endif 1954 if (rt2661_tx_data(sc, m0, ni, 0) != 0) { 1955 if (ni != NULL) 1956 ieee80211_release_node(ic, ni); 1957 ifp->if_oerrors++; 1958 break; 1959 } 1960 } 1961 1962 sc->sc_tx_timer = 5; 1963 ifp->if_timer = 1; 1964 } 1965} 1966 1967void 1968rt2661_watchdog(struct ifnet *ifp) 1969{ 1970 struct rt2661_softc *sc = ifp->if_softc; 1971 1972 ifp->if_timer = 0; 1973 1974 if (sc->sc_tx_timer > 0) { 1975 if (--sc->sc_tx_timer == 0) { 1976 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1977 rt2661_init(ifp); 1978 ifp->if_oerrors++; 1979 return; 1980 } 1981 ifp->if_timer = 1; 1982 } 1983 1984 ieee80211_watchdog(ifp); 1985} 1986 1987int 1988rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1989{ 1990 struct rt2661_softc *sc = ifp->if_softc; 1991 struct ieee80211com *ic = &sc->sc_ic; 1992 int s, error = 0; 1993 1994 s = splnet(); 1995 1996 switch (cmd) { 1997 case SIOCSIFADDR: 1998 ifp->if_flags |= IFF_UP; 1999 /* FALLTHROUGH */ 2000 case SIOCSIFFLAGS: 2001 if (ifp->if_flags & IFF_UP) { 2002 if (ifp->if_flags & IFF_RUNNING) 2003 rt2661_update_promisc(sc); 2004 else 2005 rt2661_init(ifp); 2006 } else { 2007 if (ifp->if_flags & IFF_RUNNING) 2008 rt2661_stop(ifp, 1); 2009 } 2010 break; 2011 2012 case SIOCS80211CHANNEL: 2013 /* 2014 * This allows for fast channel switching in monitor mode 2015 * (used by kismet). In IBSS mode, we must explicitly reset 2016 * the interface to generate a new beacon frame. 2017 */ 2018 error = ieee80211_ioctl(ifp, cmd, data); 2019 if (error == ENETRESET && 2020 ic->ic_opmode == IEEE80211_M_MONITOR) { 2021 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2022 (IFF_UP | IFF_RUNNING)) 2023 rt2661_set_chan(sc, ic->ic_ibss_chan); 2024 error = 0; 2025 } 2026 break; 2027 2028 default: 2029 error = ieee80211_ioctl(ifp, cmd, data); 2030 } 2031 2032 if (error == ENETRESET) { 2033 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2034 (IFF_UP | IFF_RUNNING)) 2035 rt2661_init(ifp); 2036 error = 0; 2037 } 2038 2039 splx(s); 2040 2041 return error; 2042} 2043 2044void 2045rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 2046{ 2047 uint32_t tmp; 2048 int ntries; 2049 2050 for (ntries = 0; ntries < 100; ntries++) { 2051 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 2052 break; 2053 DELAY(1); 2054 } 2055 if (ntries == 100) { 2056 printf("%s: could not write to BBP\n", sc->sc_dev.dv_xname); 2057 return; 2058 } 2059 2060 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 2061 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 2062 2063 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 2064} 2065 2066uint8_t 2067rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 2068{ 2069 uint32_t val; 2070 int ntries; 2071 2072 for (ntries = 0; ntries < 100; ntries++) { 2073 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 2074 break; 2075 DELAY(1); 2076 } 2077 if (ntries == 100) { 2078 printf("%s: could not read from BBP\n", sc->sc_dev.dv_xname); 2079 return 0; 2080 } 2081 2082 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 2083 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 2084 2085 for (ntries = 0; ntries < 100; ntries++) { 2086 val = RAL_READ(sc, RT2661_PHY_CSR3); 2087 if (!(val & RT2661_BBP_BUSY)) 2088 return val & 0xff; 2089 DELAY(1); 2090 } 2091 2092 printf("%s: could not read from BBP\n", sc->sc_dev.dv_xname); 2093 return 0; 2094} 2095 2096void 2097rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 2098{ 2099 uint32_t tmp; 2100 int ntries; 2101 2102 for (ntries = 0; ntries < 100; ntries++) { 2103 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 2104 break; 2105 DELAY(1); 2106 } 2107 if (ntries == 100) { 2108 printf("%s: could not write to RF\n", sc->sc_dev.dv_xname); 2109 return; 2110 } 2111 2112 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 2113 (reg & 3); 2114 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 2115 2116 /* remember last written value in sc */ 2117 sc->rf_regs[reg] = val; 2118 2119 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 2120} 2121 2122int 2123rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 2124{ 2125 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 2126 return EIO; /* there is already a command pending */ 2127 2128 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 2129 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 2130 2131 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 2132 2133 return 0; 2134} 2135 2136void 2137rt2661_select_antenna(struct rt2661_softc *sc) 2138{ 2139 uint8_t bbp4, bbp77; 2140 uint32_t tmp; 2141 2142 bbp4 = rt2661_bbp_read(sc, 4); 2143 bbp77 = rt2661_bbp_read(sc, 77); 2144 2145 /* TBD */ 2146 2147 /* make sure Rx is disabled before switching antenna */ 2148 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2149 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2150 2151 rt2661_bbp_write(sc, 4, bbp4); 2152 rt2661_bbp_write(sc, 77, bbp77); 2153 2154 /* restore Rx filter */ 2155 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2156} 2157 2158/* 2159 * Enable multi-rate retries for frames sent at OFDM rates. 2160 * In 802.11b/g mode, allow fallback to CCK rates. 2161 */ 2162void 2163rt2661_enable_mrr(struct rt2661_softc *sc) 2164{ 2165 struct ieee80211com *ic = &sc->sc_ic; 2166 uint32_t tmp; 2167 2168 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2169 2170 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2171 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2172 tmp |= RT2661_MRR_CCK_FALLBACK; 2173 tmp |= RT2661_MRR_ENABLED; 2174 2175 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2176} 2177 2178void 2179rt2661_set_txpreamble(struct rt2661_softc *sc) 2180{ 2181 uint32_t tmp; 2182 2183 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2184 2185 tmp &= ~RT2661_SHORT_PREAMBLE; 2186 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2187 tmp |= RT2661_SHORT_PREAMBLE; 2188 2189 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2190} 2191 2192void 2193rt2661_set_basicrates(struct rt2661_softc *sc) 2194{ 2195 struct ieee80211com *ic = &sc->sc_ic; 2196 2197 /* update basic rate set */ 2198 if (ic->ic_curmode == IEEE80211_MODE_11B) { 2199 /* 11b basic rates: 1, 2Mbps */ 2200 RAL_WRITE(sc, RT2661_TXRX_CSR5, 0x3); 2201 } else if (ic->ic_curmode == IEEE80211_MODE_11A) { 2202 /* 11a basic rates: 6, 12, 24Mbps */ 2203 RAL_WRITE(sc, RT2661_TXRX_CSR5, 0x150); 2204 } else { 2205 /* 11b/g basic rates: 1, 2, 5.5, 11Mbps */ 2206 RAL_WRITE(sc, RT2661_TXRX_CSR5, 0xf); 2207 } 2208} 2209 2210/* 2211 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2212 * driver. 2213 */ 2214void 2215rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2216{ 2217 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2218 uint32_t tmp; 2219 2220 /* update all BBP registers that depend on the band */ 2221 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2222 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2223 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2224 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2225 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2226 } 2227 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2228 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2229 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2230 } 2231 2232 sc->bbp17 = bbp17; 2233 rt2661_bbp_write(sc, 17, bbp17); 2234 rt2661_bbp_write(sc, 96, bbp96); 2235 rt2661_bbp_write(sc, 104, bbp104); 2236 2237 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2238 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2239 rt2661_bbp_write(sc, 75, 0x80); 2240 rt2661_bbp_write(sc, 86, 0x80); 2241 rt2661_bbp_write(sc, 88, 0x80); 2242 } 2243 2244 rt2661_bbp_write(sc, 35, bbp35); 2245 rt2661_bbp_write(sc, 97, bbp97); 2246 rt2661_bbp_write(sc, 98, bbp98); 2247 2248 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2249 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2250 if (IEEE80211_IS_CHAN_2GHZ(c)) 2251 tmp |= RT2661_PA_PE_2GHZ; 2252 else 2253 tmp |= RT2661_PA_PE_5GHZ; 2254 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2255 2256 /* 802.11a uses a 16 microseconds short interframe space */ 2257 sc->sifs = IEEE80211_IS_CHAN_5GHZ(c) ? 16 : 10; 2258} 2259 2260void 2261rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2262{ 2263 struct ieee80211com *ic = &sc->sc_ic; 2264 const struct rfprog *rfprog; 2265 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2266 int8_t power; 2267 u_int i, chan; 2268 2269 chan = ieee80211_chan2ieee(ic, c); 2270 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2271 return; 2272 2273 /* select the appropriate RF settings based on what EEPROM says */ 2274 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2275 2276 /* find the settings for this channel (we know it exists) */ 2277 for (i = 0; rfprog[i].chan != chan; i++) 2278 ; 2279 2280 power = sc->txpow[i]; 2281 if (power < 0) { 2282 bbp94 += power; 2283 power = 0; 2284 } else if (power > 31) { 2285 bbp94 += power - 31; 2286 power = 31; 2287 } 2288 2289 /* 2290 * If we are switching from the 2GHz band to the 5GHz band or 2291 * vice-versa, BBP registers need to be reprogrammed. 2292 */ 2293 if (c->ic_flags != sc->sc_curchan->ic_flags) { 2294 rt2661_select_band(sc, c); 2295 rt2661_select_antenna(sc); 2296 } 2297 sc->sc_curchan = c; 2298 2299 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2300 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2301 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2302 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2303 2304 DELAY(200); 2305 2306 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2307 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2308 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2309 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2310 2311 DELAY(200); 2312 2313 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2314 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2315 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2316 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2317 2318 /* enable smart mode for MIMO-capable RFs */ 2319 bbp3 = rt2661_bbp_read(sc, 3); 2320 2321 bbp3 &= ~RT2661_SMART_MODE; 2322 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2323 bbp3 |= RT2661_SMART_MODE; 2324 2325 rt2661_bbp_write(sc, 3, bbp3); 2326 2327 if (bbp94 != RT2661_BBPR94_DEFAULT) 2328 rt2661_bbp_write(sc, 94, bbp94); 2329 2330 /* 5GHz radio needs a 1ms delay here */ 2331 if (IEEE80211_IS_CHAN_5GHZ(c)) 2332 DELAY(1000); 2333} 2334 2335void 2336rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2337{ 2338 uint32_t tmp; 2339 2340 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2341 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2342 2343 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2344 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2345} 2346 2347void 2348rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2349{ 2350 uint32_t tmp; 2351 2352 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2353 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2354 2355 tmp = addr[4] | addr[5] << 8 | 0xff << 16; 2356 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2357} 2358 2359void 2360rt2661_update_promisc(struct rt2661_softc *sc) 2361{ 2362 struct ifnet *ifp = &sc->sc_ic.ic_if; 2363 uint32_t tmp; 2364 2365 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2366 2367 tmp &= ~RT2661_DROP_NOT_TO_ME; 2368 if (!(ifp->if_flags & IFF_PROMISC)) 2369 tmp |= RT2661_DROP_NOT_TO_ME; 2370 2371 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2372 2373 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2374 "entering" : "leaving")); 2375} 2376 2377void 2378rt2661_updateslot(struct ieee80211com *ic) 2379{ 2380 struct rt2661_softc *sc = ic->ic_if.if_softc; 2381 2382#ifndef IEEE80211_STA_ONLY 2383 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 2384 /* 2385 * In HostAP mode, we defer setting of new slot time until 2386 * updated ERP Information Element has propagated to all 2387 * associated STAs. 2388 */ 2389 sc->sc_flags |= RT2661_UPDATE_SLOT; 2390 } else 2391#endif 2392 rt2661_set_slottime(sc); 2393} 2394 2395void 2396rt2661_set_slottime(struct rt2661_softc *sc) 2397{ 2398 struct ieee80211com *ic = &sc->sc_ic; 2399 uint8_t slottime; 2400 uint32_t tmp; 2401 2402 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 2403 IEEE80211_DUR_DS_SHSLOT: IEEE80211_DUR_DS_SLOT; 2404 2405 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2406 tmp = (tmp & ~0xff) | slottime; 2407 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2408 2409 DPRINTF(("setting slot time to %uus\n", slottime)); 2410} 2411 2412const char * 2413rt2661_get_rf(int rev) 2414{ 2415 switch (rev) { 2416 case RT2661_RF_5225: return "RT5225"; 2417 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2418 case RT2661_RF_2527: return "RT2527"; 2419 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2420 default: return "unknown"; 2421 } 2422} 2423 2424void 2425rt2661_read_eeprom(struct rt2661_softc *sc) 2426{ 2427 struct ieee80211com *ic = &sc->sc_ic; 2428 uint16_t val; 2429 int i; 2430 2431 /* read MAC address */ 2432 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2433 ic->ic_myaddr[0] = val & 0xff; 2434 ic->ic_myaddr[1] = val >> 8; 2435 2436 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2437 ic->ic_myaddr[2] = val & 0xff; 2438 ic->ic_myaddr[3] = val >> 8; 2439 2440 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2441 ic->ic_myaddr[4] = val & 0xff; 2442 ic->ic_myaddr[5] = val >> 8; 2443 2444 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2445 /* XXX: test if different from 0xffff? */ 2446 sc->rf_rev = (val >> 11) & 0x1f; 2447 sc->hw_radio = (val >> 10) & 0x1; 2448 sc->rx_ant = (val >> 4) & 0x3; 2449 sc->tx_ant = (val >> 2) & 0x3; 2450 sc->nb_ant = val & 0x3; 2451 2452 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2453 2454 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2455 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2456 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2457 2458 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2459 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2460 2461 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2462 if ((val & 0xff) != 0xff) 2463 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2464 2465 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2466 if ((val & 0xff) != 0xff) 2467 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2468 2469 /* adjust RSSI correction for external low-noise amplifier */ 2470 if (sc->ext_2ghz_lna) 2471 sc->rssi_2ghz_corr -= 14; 2472 if (sc->ext_5ghz_lna) 2473 sc->rssi_5ghz_corr -= 14; 2474 2475 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2476 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2477 2478 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2479 if ((val >> 8) != 0xff) 2480 sc->rfprog = (val >> 8) & 0x3; 2481 if ((val & 0xff) != 0xff) 2482 sc->rffreq = val & 0xff; 2483 2484 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2485 2486 /* read Tx power for all a/b/g channels */ 2487 for (i = 0; i < 19; i++) { 2488 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2489 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2490 DPRINTF(("Channel=%d Tx power=%d\n", 2491 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2492 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2493 DPRINTF(("Channel=%d Tx power=%d\n", 2494 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2495 } 2496 2497 /* read vendor-specific BBP values */ 2498 for (i = 0; i < 16; i++) { 2499 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2500 if (val == 0 || val == 0xffff) 2501 continue; /* skip invalid entries */ 2502 sc->bbp_prom[i].reg = val >> 8; 2503 sc->bbp_prom[i].val = val & 0xff; 2504 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2505 sc->bbp_prom[i].val)); 2506 } 2507} 2508 2509int 2510rt2661_bbp_init(struct rt2661_softc *sc) 2511{ 2512 int i, ntries; 2513 2514 /* wait for BBP to be ready */ 2515 for (ntries = 0; ntries < 100; ntries++) { 2516 const uint8_t val = rt2661_bbp_read(sc, 0); 2517 if (val != 0 && val != 0xff) 2518 break; 2519 DELAY(100); 2520 } 2521 if (ntries == 100) { 2522 printf("%s: timeout waiting for BBP\n", sc->sc_dev.dv_xname); 2523 return EIO; 2524 } 2525 2526 /* initialize BBP registers to default values */ 2527 for (i = 0; i < nitems(rt2661_def_bbp); i++) { 2528 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2529 rt2661_def_bbp[i].val); 2530 } 2531 2532 /* write vendor-specific BBP values (from EEPROM) */ 2533 for (i = 0; i < 16; i++) { 2534 if (sc->bbp_prom[i].reg == 0) 2535 continue; 2536 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2537 } 2538 2539 return 0; 2540} 2541 2542int 2543rt2661_init(struct ifnet *ifp) 2544{ 2545 struct rt2661_softc *sc = ifp->if_softc; 2546 struct ieee80211com *ic = &sc->sc_ic; 2547 uint32_t tmp, sta[3]; 2548 int i, ntries; 2549 2550 /* for CardBus, power on the socket */ 2551 if (!(sc->sc_flags & RT2661_ENABLED)) { 2552 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) { 2553 printf("%s: could not enable device\n", 2554 sc->sc_dev.dv_xname); 2555 return EIO; 2556 } 2557 sc->sc_flags |= RT2661_ENABLED; 2558 } 2559 2560 rt2661_stop(ifp, 0); 2561 2562 if (!(sc->sc_flags & RT2661_FWLOADED)) { 2563 if (rt2661_load_microcode(sc) != 0) { 2564 printf("%s: could not load 8051 microcode\n", 2565 sc->sc_dev.dv_xname); 2566 rt2661_stop(ifp, 1); 2567 return EIO; 2568 } 2569 sc->sc_flags |= RT2661_FWLOADED; 2570 } 2571 2572 /* initialize Tx rings */ 2573 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2574 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2575 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2576 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2577 2578 /* initialize Mgt ring */ 2579 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2580 2581 /* initialize Rx ring */ 2582 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2583 2584 /* initialize Tx rings sizes */ 2585 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2586 RT2661_TX_RING_COUNT << 24 | 2587 RT2661_TX_RING_COUNT << 16 | 2588 RT2661_TX_RING_COUNT << 8 | 2589 RT2661_TX_RING_COUNT); 2590 2591 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2592 RT2661_TX_DESC_WSIZE << 16 | 2593 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2594 RT2661_MGT_RING_COUNT); 2595 2596 /* initialize Rx rings */ 2597 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2598 RT2661_RX_DESC_BACK << 16 | 2599 RT2661_RX_DESC_WSIZE << 8 | 2600 RT2661_RX_RING_COUNT); 2601 2602 /* XXX: some magic here */ 2603 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2604 2605 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2606 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2607 2608 /* load base address of Rx ring */ 2609 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2610 2611 /* initialize MAC registers to default values */ 2612 for (i = 0; i < nitems(rt2661_def_mac); i++) 2613 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2614 2615 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2616 rt2661_set_macaddr(sc, ic->ic_myaddr); 2617 2618 /* set host ready */ 2619 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2620 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2621 2622 /* wait for BBP/RF to wakeup */ 2623 for (ntries = 0; ntries < 1000; ntries++) { 2624 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2625 break; 2626 DELAY(1000); 2627 } 2628 if (ntries == 1000) { 2629 printf("timeout waiting for BBP/RF to wakeup\n"); 2630 rt2661_stop(ifp, 1); 2631 return EIO; 2632 } 2633 2634 if (rt2661_bbp_init(sc) != 0) { 2635 rt2661_stop(ifp, 1); 2636 return EIO; 2637 } 2638 2639 /* select default channel */ 2640 sc->sc_curchan = ic->ic_bss->ni_chan = ic->ic_ibss_chan; 2641 rt2661_select_band(sc, sc->sc_curchan); 2642 rt2661_select_antenna(sc); 2643 rt2661_set_chan(sc, sc->sc_curchan); 2644 2645 /* update Rx filter */ 2646 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2647 2648 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2649 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2650 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2651 RT2661_DROP_ACKCTS; 2652#ifndef IEEE80211_STA_ONLY 2653 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2654#endif 2655 tmp |= RT2661_DROP_TODS; 2656 if (!(ifp->if_flags & IFF_PROMISC)) 2657 tmp |= RT2661_DROP_NOT_TO_ME; 2658 } 2659 2660 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2661 2662 /* clear STA registers */ 2663 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, nitems(sta)); 2664 2665 /* initialize ASIC */ 2666 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2667 2668 /* clear any pending interrupt */ 2669 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2670 2671 /* enable interrupts */ 2672 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2673 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2674 2675 /* kick Rx */ 2676 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2677 2678 ifp->if_flags |= IFF_RUNNING; 2679 ifq_clr_oactive(&ifp->if_snd); 2680 2681 if (ic->ic_opmode != IEEE80211_M_MONITOR) 2682 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2683 else 2684 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2685 2686 return 0; 2687} 2688 2689void 2690rt2661_stop(struct ifnet *ifp, int disable) 2691{ 2692 struct rt2661_softc *sc = ifp->if_softc; 2693 struct ieee80211com *ic = &sc->sc_ic; 2694 uint32_t tmp; 2695 int ac; 2696 2697 sc->sc_tx_timer = 0; 2698 ifp->if_timer = 0; 2699 ifp->if_flags &= ~IFF_RUNNING; 2700 ifq_clr_oactive(&ifp->if_snd); 2701 2702 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 2703 rt2661_amrr_node_free_all(sc); 2704 2705 /* abort Tx (for all 5 Tx rings) */ 2706 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2707 2708 /* disable Rx (value remains after reset!) */ 2709 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2710 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2711 2712 /* reset ASIC */ 2713 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2714 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2715 2716 /* disable interrupts */ 2717 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 2718 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2719 2720 /* clear any pending interrupt */ 2721 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2722 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2723 2724 /* reset Tx and Rx rings */ 2725 for (ac = 0; ac < 4; ac++) 2726 rt2661_reset_tx_ring(sc, &sc->txq[ac]); 2727 rt2661_reset_tx_ring(sc, &sc->mgtq); 2728 rt2661_reset_rx_ring(sc, &sc->rxq); 2729 2730 /* for CardBus, power down the socket */ 2731 if (disable && sc->sc_disable != NULL) { 2732 if (sc->sc_flags & RT2661_ENABLED) { 2733 (*sc->sc_disable)(sc); 2734 sc->sc_flags &= ~(RT2661_ENABLED | RT2661_FWLOADED); 2735 } 2736 } 2737} 2738 2739int 2740rt2661_load_microcode(struct rt2661_softc *sc) 2741{ 2742 int ntries; 2743 2744 /* reset 8051 */ 2745 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2746 2747 /* cancel any pending Host to MCU command */ 2748 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2749 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2750 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2751 2752 /* write 8051's microcode */ 2753 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2754 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, sc->ucode, sc->ucsize); 2755 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2756 2757 /* kick 8051's ass */ 2758 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2759 2760 /* wait for 8051 to initialize */ 2761 for (ntries = 0; ntries < 500; ntries++) { 2762 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2763 break; 2764 DELAY(100); 2765 } 2766 if (ntries == 500) { 2767 printf("%s: timeout waiting for MCU to initialize\n", 2768 sc->sc_dev.dv_xname); 2769 return EIO; 2770 } 2771 return 0; 2772} 2773 2774/* 2775 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2776 * false CCA count. This function is called periodically (every seconds) when 2777 * in the RUN state. Values taken from the reference driver. 2778 */ 2779void 2780rt2661_rx_tune(struct rt2661_softc *sc) 2781{ 2782 uint8_t bbp17; 2783 uint16_t cca; 2784 int lo, hi, dbm; 2785 2786 /* 2787 * Tuning range depends on operating band and on the presence of an 2788 * external low-noise amplifier. 2789 */ 2790 lo = 0x20; 2791 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2792 lo += 0x08; 2793 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2794 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2795 lo += 0x10; 2796 hi = lo + 0x20; 2797 2798 dbm = sc->avg_rssi; 2799 /* retrieve false CCA count since last call (clear on read) */ 2800 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2801 2802 DPRINTFN(2, ("RSSI=%ddBm false CCA=%d\n", dbm, cca)); 2803 2804 if (dbm < -74) { 2805 /* very bad RSSI, tune using false CCA count */ 2806 bbp17 = sc->bbp17; /* current value */ 2807 2808 hi -= 2 * (-74 - dbm); 2809 if (hi < lo) 2810 hi = lo; 2811 2812 if (bbp17 > hi) 2813 bbp17 = hi; 2814 else if (cca > 512) 2815 bbp17 = min(bbp17 + 1, hi); 2816 else if (cca < 100) 2817 bbp17 = max(bbp17 - 1, lo); 2818 2819 } else if (dbm < -66) { 2820 bbp17 = lo + 0x08; 2821 } else if (dbm < -58) { 2822 bbp17 = lo + 0x10; 2823 } else if (dbm < -35) { 2824 bbp17 = hi; 2825 } else { /* very good RSSI >= -35dBm */ 2826 bbp17 = 0x60; /* very low sensitivity */ 2827 } 2828 2829 if (bbp17 != sc->bbp17) { 2830 DPRINTF(("BBP17 %x->%x\n", sc->bbp17, bbp17)); 2831 rt2661_bbp_write(sc, 17, bbp17); 2832 sc->bbp17 = bbp17; 2833 } 2834} 2835 2836#ifdef notyet 2837/* 2838 * Enter/Leave radar detection mode. 2839 * This is for 802.11h additional regulatory domains. 2840 */ 2841void 2842rt2661_radar_start(struct rt2661_softc *sc) 2843{ 2844 uint32_t tmp; 2845 2846 /* disable Rx */ 2847 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2848 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2849 2850 rt2661_bbp_write(sc, 82, 0x20); 2851 rt2661_bbp_write(sc, 83, 0x00); 2852 rt2661_bbp_write(sc, 84, 0x40); 2853 2854 /* save current BBP registers values */ 2855 sc->bbp18 = rt2661_bbp_read(sc, 18); 2856 sc->bbp21 = rt2661_bbp_read(sc, 21); 2857 sc->bbp22 = rt2661_bbp_read(sc, 22); 2858 sc->bbp16 = rt2661_bbp_read(sc, 16); 2859 sc->bbp17 = rt2661_bbp_read(sc, 17); 2860 sc->bbp64 = rt2661_bbp_read(sc, 64); 2861 2862 rt2661_bbp_write(sc, 18, 0xff); 2863 rt2661_bbp_write(sc, 21, 0x3f); 2864 rt2661_bbp_write(sc, 22, 0x3f); 2865 rt2661_bbp_write(sc, 16, 0xbd); 2866 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2867 rt2661_bbp_write(sc, 64, 0x21); 2868 2869 /* restore Rx filter */ 2870 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2871} 2872 2873int 2874rt2661_radar_stop(struct rt2661_softc *sc) 2875{ 2876 uint8_t bbp66; 2877 2878 /* read radar detection result */ 2879 bbp66 = rt2661_bbp_read(sc, 66); 2880 2881 /* restore BBP registers values */ 2882 rt2661_bbp_write(sc, 16, sc->bbp16); 2883 rt2661_bbp_write(sc, 17, sc->bbp17); 2884 rt2661_bbp_write(sc, 18, sc->bbp18); 2885 rt2661_bbp_write(sc, 21, sc->bbp21); 2886 rt2661_bbp_write(sc, 22, sc->bbp22); 2887 rt2661_bbp_write(sc, 64, sc->bbp64); 2888 2889 return bbp66 == 1; 2890} 2891#endif 2892 2893#ifndef IEEE80211_STA_ONLY 2894int 2895rt2661_prepare_beacon(struct rt2661_softc *sc) 2896{ 2897 struct ieee80211com *ic = &sc->sc_ic; 2898 struct ieee80211_node *ni = ic->ic_bss; 2899 struct rt2661_tx_desc desc; 2900 struct mbuf *m0; 2901 int rate; 2902 2903 m0 = ieee80211_beacon_alloc(ic, ni); 2904 if (m0 == NULL) { 2905 printf("%s: could not allocate beacon frame\n", 2906 sc->sc_dev.dv_xname); 2907 return ENOBUFS; 2908 } 2909 2910 /* send beacons at the lowest available rate */ 2911 rate = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? 12 : 2; 2912 2913 memset(&desc, 0, sizeof(desc)); 2914 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2915 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT, 2916 RT2661_AMRR_INVALID_ID); 2917 2918 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2919 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2920 2921 /* copy beacon header and payload into NIC memory */ 2922 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2923 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2924 2925 m_freem(m0); 2926 2927 /* 2928 * Store offset of ERP Information Element so that we can update it 2929 * dynamically when the slot time changes. 2930 * XXX: this is ugly since it depends on how net80211 builds beacon 2931 * frames but ieee80211_beacon_alloc() doesn't store offsets for us. 2932 */ 2933 if (ic->ic_curmode == IEEE80211_MODE_11G) { 2934 sc->erp_csr = 2935 RT2661_HW_BEACON_BASE0 + 24 + 2936 sizeof (struct ieee80211_frame) + 2937 8 + 2 + 2 + 2938 ((ic->ic_userflags & IEEE80211_F_HIDENWID) ? 2939 1 : 2 + ni->ni_esslen) + 2940 2 + min(ni->ni_rates.rs_nrates, IEEE80211_RATE_SIZE) + 2941 2 + 1 + 2942 ((ic->ic_opmode == IEEE80211_M_IBSS) ? 4 : 6) + 2943 2; 2944 } 2945 2946 return 0; 2947} 2948#endif 2949 2950/* 2951 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 2952 * and HostAP operating modes. 2953 */ 2954void 2955rt2661_enable_tsf_sync(struct rt2661_softc *sc) 2956{ 2957 struct ieee80211com *ic = &sc->sc_ic; 2958 uint32_t tmp; 2959 2960#ifndef IEEE80211_STA_ONLY 2961 if (ic->ic_opmode != IEEE80211_M_STA) { 2962 /* 2963 * Change default 16ms TBTT adjustment to 8ms. 2964 * Must be done before enabling beacon generation. 2965 */ 2966 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 2967 } 2968#endif 2969 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 2970 2971 /* set beacon interval (in 1/16ms unit) */ 2972 tmp |= ic->ic_bss->ni_intval * 16; 2973 2974 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 2975 if (ic->ic_opmode == IEEE80211_M_STA) 2976 tmp |= RT2661_TSF_MODE(1); 2977#ifndef IEEE80211_STA_ONLY 2978 else 2979 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 2980#endif 2981 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 2982} 2983 2984/* 2985 * Retrieve the "Received Signal Strength Indicator" from the raw values 2986 * contained in Rx descriptors. The computation depends on which band the 2987 * frame was received. Correction values taken from the reference driver. 2988 */ 2989int 2990rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 2991{ 2992 int lna, agc, rssi; 2993 2994 lna = (raw >> 5) & 0x3; 2995 agc = raw & 0x1f; 2996 2997 rssi = 2 * agc; 2998 2999 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 3000 rssi += sc->rssi_2ghz_corr; 3001 3002 if (lna == 1) 3003 rssi -= 64; 3004 else if (lna == 2) 3005 rssi -= 74; 3006 else if (lna == 3) 3007 rssi -= 90; 3008 } else { 3009 rssi += sc->rssi_5ghz_corr; 3010 3011 if (lna == 1) 3012 rssi -= 64; 3013 else if (lna == 2) 3014 rssi -= 86; 3015 else if (lna == 3) 3016 rssi -= 100; 3017 } 3018 return rssi; 3019} 3020