1 /* $FreeBSD$ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __FBSDID("$FreeBSD$"); 22 23 /*- 24 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 25 * http://www.ralinktech.com/ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/sysctl.h> 30 #include <sys/sockio.h> 31 #include <sys/mbuf.h> 32 #include <sys/kernel.h> 33 #include <sys/socket.h> 34 #include <sys/systm.h> 35 #include <sys/malloc.h> 36 #include <sys/lock.h> 37 #include <sys/mutex.h> 38 #include <sys/module.h> 39 #include <sys/bus.h> 40 #include <sys/endian.h> 41 42 #include <machine/bus.h> 43 #include <machine/resource.h> 44 #include <sys/rman.h> 45 46 #include <net/bpf.h> 47 #include <net/if.h> 48 #include <net/if_arp.h> 49 #include <net/ethernet.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 54 #include <net80211/ieee80211_var.h> 55 #include <net80211/ieee80211_radiotap.h> 56 #include <net80211/ieee80211_regdomain.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/ip.h> 62 #include <netinet/if_ether.h> 63 64 #include <dev/ral/if_ralrate.h> 65 #include <dev/ral/rt2661reg.h> 66 #include <dev/ral/rt2661var.h> 67 #include <dev/ral/rt2661_ucode.h> 68 69 #ifdef RAL_DEBUG 70 #define DPRINTF(x) do { if (ral_debug > 0) printf x; } while (0) 71 #define DPRINTFN(n, x) do { if (ral_debug >= (n)) printf x; } while (0) 72 int ral_debug = 0; 73 SYSCTL_INT(_debug, OID_AUTO, ral, CTLFLAG_RW, &ral_debug, 0, "ral debug level"); 74 #else 75 #define DPRINTF(x) 76 #define DPRINTFN(n, x) 77 #endif 78 79 static void rt2661_dma_map_addr(void *, bus_dma_segment_t *, int, 80 int); 81 static int rt2661_alloc_tx_ring(struct rt2661_softc *, 82 struct rt2661_tx_ring *, int); 83 static void rt2661_reset_tx_ring(struct rt2661_softc *, 84 struct rt2661_tx_ring *); 85 static void rt2661_free_tx_ring(struct rt2661_softc *, 86 struct rt2661_tx_ring *); 87 static int rt2661_alloc_rx_ring(struct rt2661_softc *, 88 struct rt2661_rx_ring *, int); 89 static void rt2661_reset_rx_ring(struct rt2661_softc *, 90 struct rt2661_rx_ring *); 91 static void rt2661_free_rx_ring(struct rt2661_softc *, 92 struct rt2661_rx_ring *); 93 static struct ieee80211_node *rt2661_node_alloc( 94 struct ieee80211_node_table *); 95 static int rt2661_media_change(struct ifnet *); 96 static int rt2661_newstate(struct ieee80211com *, 97 enum ieee80211_state, int); 98 static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 99 static void rt2661_rx_intr(struct rt2661_softc *); 100 static void rt2661_tx_intr(struct rt2661_softc *); 101 static void rt2661_tx_dma_intr(struct rt2661_softc *, 102 struct rt2661_tx_ring *); 103 static void rt2661_mcu_beacon_expire(struct rt2661_softc *); 104 static void rt2661_mcu_wakeup(struct rt2661_softc *); 105 static void rt2661_mcu_cmd_intr(struct rt2661_softc *); 106 static int rt2661_ack_rate(struct ieee80211com *, int); 107 static void rt2661_scan_start(struct ieee80211com *); 108 static void rt2661_scan_end(struct ieee80211com *); 109 static void rt2661_set_channel(struct ieee80211com *); 110 static uint16_t rt2661_txtime(int, int, uint32_t); 111 static uint8_t rt2661_rxrate(struct rt2661_rx_desc *); 112 static uint8_t rt2661_plcp_signal(int); 113 static void rt2661_setup_tx_desc(struct rt2661_softc *, 114 struct rt2661_tx_desc *, uint32_t, uint16_t, int, 115 int, const bus_dma_segment_t *, int, int); 116 static struct mbuf * rt2661_get_rts(struct rt2661_softc *, 117 struct ieee80211_frame *, uint16_t); 118 static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 119 struct ieee80211_node *, int); 120 static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 121 struct ieee80211_node *); 122 static void rt2661_start(struct ifnet *); 123 static void rt2661_watchdog(void *); 124 static int rt2661_reset(struct ifnet *); 125 static int rt2661_ioctl(struct ifnet *, u_long, caddr_t); 126 static void rt2661_bbp_write(struct rt2661_softc *, uint8_t, 127 uint8_t); 128 static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 129 static void rt2661_rf_write(struct rt2661_softc *, uint8_t, 130 uint32_t); 131 static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, 132 uint16_t); 133 static void rt2661_select_antenna(struct rt2661_softc *); 134 static void rt2661_enable_mrr(struct rt2661_softc *); 135 static void rt2661_set_txpreamble(struct rt2661_softc *); 136 static void rt2661_set_basicrates(struct rt2661_softc *, 137 const struct ieee80211_rateset *); 138 static void rt2661_select_band(struct rt2661_softc *, 139 struct ieee80211_channel *); 140 static void rt2661_set_chan(struct rt2661_softc *, 141 struct ieee80211_channel *); 142 static void rt2661_set_bssid(struct rt2661_softc *, 143 const uint8_t *); 144 static void rt2661_set_macaddr(struct rt2661_softc *, 145 const uint8_t *); 146 static void rt2661_update_promisc(struct rt2661_softc *); 147 static int rt2661_wme_update(struct ieee80211com *) __unused; 148 static void rt2661_update_slot(struct ifnet *); 149 static const char *rt2661_get_rf(int); 150 static void rt2661_read_eeprom(struct rt2661_softc *); 151 static int rt2661_bbp_init(struct rt2661_softc *); 152 static void rt2661_init(void *); 153 static void rt2661_stop(void *); 154 static void rt2661_stop_locked(struct rt2661_softc *); 155 static int rt2661_load_microcode(struct rt2661_softc *, 156 const uint8_t *, int); 157 #ifdef notyet 158 static void rt2661_rx_tune(struct rt2661_softc *); 159 static void rt2661_radar_start(struct rt2661_softc *); 160 static int rt2661_radar_stop(struct rt2661_softc *); 161 #endif 162 static int rt2661_prepare_beacon(struct rt2661_softc *); 163 static void rt2661_enable_tsf_sync(struct rt2661_softc *); 164 static int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 165 166 static const struct { 167 uint32_t reg; 168 uint32_t val; 169 } rt2661_def_mac[] = { 170 RT2661_DEF_MAC 171 }; 172 173 static const struct { 174 uint8_t reg; 175 uint8_t val; 176 } rt2661_def_bbp[] = { 177 RT2661_DEF_BBP 178 }; 179 180 static const struct rfprog { 181 uint8_t chan; 182 uint32_t r1, r2, r3, r4; 183 } rt2661_rf5225_1[] = { 184 RT2661_RF5225_1 185 }, rt2661_rf5225_2[] = { 186 RT2661_RF5225_2 187 }; 188 189 int 190 rt2661_attach(device_t dev, int id) 191 { 192 struct rt2661_softc *sc = device_get_softc(dev); 193 struct ieee80211com *ic = &sc->sc_ic; 194 struct ifnet *ifp; 195 uint32_t val; 196 const uint8_t *ucode = NULL; 197 int bands, error, ac, ntries, size = 0; 198 199 sc->sc_dev = dev; 200 201 mtx_init(&sc->sc_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK, 202 MTX_DEF | MTX_RECURSE); 203 204 callout_init_mtx(&sc->watchdog_ch, &sc->sc_mtx, 0); 205 callout_init(&sc->rssadapt_ch, CALLOUT_MPSAFE); 206 207 /* wait for NIC to initialize */ 208 for (ntries = 0; ntries < 1000; ntries++) { 209 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 210 break; 211 DELAY(1000); 212 } 213 if (ntries == 1000) { 214 device_printf(sc->sc_dev, 215 "timeout waiting for NIC to initialize\n"); 216 error = EIO; 217 goto fail1; 218 } 219 220 /* retrieve RF rev. no and various other things from EEPROM */ 221 rt2661_read_eeprom(sc); 222 223 device_printf(dev, "MAC/BBP RT%X, RF %s\n", val, 224 rt2661_get_rf(sc->rf_rev)); 225 226 /* 227 * Load 8051 microcode into NIC. 228 */ 229 switch (id) { 230 case 0x0301: 231 ucode = rt2561s_ucode; 232 size = sizeof rt2561s_ucode; 233 break; 234 case 0x0302: 235 ucode = rt2561_ucode; 236 size = sizeof rt2561_ucode; 237 break; 238 case 0x0401: 239 ucode = rt2661_ucode; 240 size = sizeof rt2661_ucode; 241 break; 242 } 243 244 error = rt2661_load_microcode(sc, ucode, size); 245 if (error != 0) { 246 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 247 goto fail1; 248 } 249 250 /* 251 * Allocate Tx and Rx rings. 252 */ 253 for (ac = 0; ac < 4; ac++) { 254 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac], 255 RT2661_TX_RING_COUNT); 256 if (error != 0) { 257 device_printf(sc->sc_dev, 258 "could not allocate Tx ring %d\n", ac); 259 goto fail2; 260 } 261 } 262 263 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 264 if (error != 0) { 265 device_printf(sc->sc_dev, "could not allocate Mgt ring\n"); 266 goto fail2; 267 } 268 269 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 270 if (error != 0) { 271 device_printf(sc->sc_dev, "could not allocate Rx ring\n"); 272 goto fail3; 273 } 274 275 ifp = sc->sc_ifp = if_alloc(IFT_ETHER); 276 if (ifp == NULL) { 277 device_printf(sc->sc_dev, "can not if_alloc()\n"); 278 error = ENOMEM; 279 goto fail4; 280 } 281 282 ifp->if_softc = sc; 283 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 284 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 285 ifp->if_init = rt2661_init; 286 ifp->if_ioctl = rt2661_ioctl; 287 ifp->if_start = rt2661_start; 288 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 289 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN; 290 IFQ_SET_READY(&ifp->if_snd); 291 292 ic->ic_ifp = ifp; 293 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 294 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 295 ic->ic_state = IEEE80211_S_INIT; 296 297 /* set device capabilities */ 298 ic->ic_caps = 299 IEEE80211_C_IBSS | /* IBSS mode supported */ 300 IEEE80211_C_MONITOR | /* monitor mode supported */ 301 IEEE80211_C_HOSTAP | /* HostAp mode supported */ 302 IEEE80211_C_TXPMGT | /* tx power management */ 303 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 304 IEEE80211_C_SHSLOT | /* short slot time supported */ 305 #ifdef notyet 306 IEEE80211_C_WME | /* 802.11e */ 307 #endif 308 IEEE80211_C_BGSCAN | /* bg scanning support */ 309 IEEE80211_C_WPA; /* 802.11i */ 310 311 bands = 0; 312 setbit(&bands, IEEE80211_MODE_11B); 313 setbit(&bands, IEEE80211_MODE_11G); 314 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) 315 setbit(&bands, IEEE80211_MODE_11A); 316 ieee80211_init_channels(ic, 0, CTRY_DEFAULT, bands, 0, 1); 317 318 ieee80211_ifattach(ic); 319 ic->ic_node_alloc = rt2661_node_alloc; 320 /* ic->ic_wme.wme_update = rt2661_wme_update;*/ 321 ic->ic_scan_start = rt2661_scan_start; 322 ic->ic_scan_end = rt2661_scan_end; 323 ic->ic_set_channel = rt2661_set_channel; 324 ic->ic_updateslot = rt2661_update_slot; 325 ic->ic_reset = rt2661_reset; 326 /* enable s/w bmiss handling in sta mode */ 327 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 328 329 /* override state transition machine */ 330 sc->sc_newstate = ic->ic_newstate; 331 ic->ic_newstate = rt2661_newstate; 332 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status); 333 334 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 335 sizeof (struct ieee80211_frame) + sizeof (sc->sc_txtap), 336 &sc->sc_drvbpf); 337 338 sc->sc_rxtap_len = sizeof sc->sc_rxtap; 339 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 340 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 341 342 sc->sc_txtap_len = sizeof sc->sc_txtap; 343 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 344 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 345 346 347 /* 348 * Add a few sysctl knobs. 349 */ 350 sc->dwelltime = 200; 351 352 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev), 353 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO, "dwell", 354 CTLFLAG_RW, &sc->dwelltime, 0, 355 "channel dwell time (ms) for AP/station scanning"); 356 357 if (bootverbose) 358 ieee80211_announce(ic); 359 360 return 0; 361 362 fail4: rt2661_free_rx_ring(sc, &sc->rxq); 363 fail3: rt2661_free_tx_ring(sc, &sc->mgtq); 364 fail2: while (--ac >= 0) 365 rt2661_free_tx_ring(sc, &sc->txq[ac]); 366 fail1: mtx_destroy(&sc->sc_mtx); 367 return error; 368 } 369 370 int 371 rt2661_detach(void *xsc) 372 { 373 struct rt2661_softc *sc = xsc; 374 struct ieee80211com *ic = &sc->sc_ic; 375 struct ifnet *ifp = ic->ic_ifp; 376 377 rt2661_stop(sc); 378 callout_stop(&sc->watchdog_ch); 379 callout_stop(&sc->rssadapt_ch); 380 381 bpfdetach(ifp); 382 ieee80211_ifdetach(ic); 383 384 rt2661_free_tx_ring(sc, &sc->txq[0]); 385 rt2661_free_tx_ring(sc, &sc->txq[1]); 386 rt2661_free_tx_ring(sc, &sc->txq[2]); 387 rt2661_free_tx_ring(sc, &sc->txq[3]); 388 rt2661_free_tx_ring(sc, &sc->mgtq); 389 rt2661_free_rx_ring(sc, &sc->rxq); 390 391 if_free(ifp); 392 393 mtx_destroy(&sc->sc_mtx); 394 395 return 0; 396 } 397 398 void 399 rt2661_shutdown(void *xsc) 400 { 401 struct rt2661_softc *sc = xsc; 402 403 rt2661_stop(sc); 404 } 405 406 void 407 rt2661_suspend(void *xsc) 408 { 409 struct rt2661_softc *sc = xsc; 410 411 rt2661_stop(sc); 412 } 413 414 void 415 rt2661_resume(void *xsc) 416 { 417 struct rt2661_softc *sc = xsc; 418 struct ifnet *ifp = sc->sc_ic.ic_ifp; 419 420 if (ifp->if_flags & IFF_UP) { 421 ifp->if_init(ifp->if_softc); 422 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 423 ifp->if_start(ifp); 424 } 425 } 426 427 static void 428 rt2661_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 429 { 430 if (error != 0) 431 return; 432 433 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 434 435 *(bus_addr_t *)arg = segs[0].ds_addr; 436 } 437 438 static int 439 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 440 int count) 441 { 442 int i, error; 443 444 ring->count = count; 445 ring->queued = 0; 446 ring->cur = ring->next = ring->stat = 0; 447 448 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 449 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 450 count * RT2661_TX_DESC_SIZE, 1, count * RT2661_TX_DESC_SIZE, 451 0, NULL, NULL, &ring->desc_dmat); 452 if (error != 0) { 453 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 454 goto fail; 455 } 456 457 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 458 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 459 if (error != 0) { 460 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 461 goto fail; 462 } 463 464 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 465 count * RT2661_TX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 466 0); 467 if (error != 0) { 468 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 469 goto fail; 470 } 471 472 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF, 473 M_NOWAIT | M_ZERO); 474 if (ring->data == NULL) { 475 device_printf(sc->sc_dev, "could not allocate soft data\n"); 476 error = ENOMEM; 477 goto fail; 478 } 479 480 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 481 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 482 RT2661_MAX_SCATTER, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 483 if (error != 0) { 484 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 485 goto fail; 486 } 487 488 for (i = 0; i < count; i++) { 489 error = bus_dmamap_create(ring->data_dmat, 0, 490 &ring->data[i].map); 491 if (error != 0) { 492 device_printf(sc->sc_dev, "could not create DMA map\n"); 493 goto fail; 494 } 495 } 496 497 return 0; 498 499 fail: rt2661_free_tx_ring(sc, ring); 500 return error; 501 } 502 503 static void 504 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 505 { 506 struct rt2661_tx_desc *desc; 507 struct rt2661_tx_data *data; 508 int i; 509 510 for (i = 0; i < ring->count; i++) { 511 desc = &ring->desc[i]; 512 data = &ring->data[i]; 513 514 if (data->m != NULL) { 515 bus_dmamap_sync(ring->data_dmat, data->map, 516 BUS_DMASYNC_POSTWRITE); 517 bus_dmamap_unload(ring->data_dmat, data->map); 518 m_freem(data->m); 519 data->m = NULL; 520 } 521 522 if (data->ni != NULL) { 523 ieee80211_free_node(data->ni); 524 data->ni = NULL; 525 } 526 527 desc->flags = 0; 528 } 529 530 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 531 532 ring->queued = 0; 533 ring->cur = ring->next = ring->stat = 0; 534 } 535 536 static void 537 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 538 { 539 struct rt2661_tx_data *data; 540 int i; 541 542 if (ring->desc != NULL) { 543 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 544 BUS_DMASYNC_POSTWRITE); 545 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 546 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 547 } 548 549 if (ring->desc_dmat != NULL) 550 bus_dma_tag_destroy(ring->desc_dmat); 551 552 if (ring->data != NULL) { 553 for (i = 0; i < ring->count; i++) { 554 data = &ring->data[i]; 555 556 if (data->m != NULL) { 557 bus_dmamap_sync(ring->data_dmat, data->map, 558 BUS_DMASYNC_POSTWRITE); 559 bus_dmamap_unload(ring->data_dmat, data->map); 560 m_freem(data->m); 561 } 562 563 if (data->ni != NULL) 564 ieee80211_free_node(data->ni); 565 566 if (data->map != NULL) 567 bus_dmamap_destroy(ring->data_dmat, data->map); 568 } 569 570 free(ring->data, M_DEVBUF); 571 } 572 573 if (ring->data_dmat != NULL) 574 bus_dma_tag_destroy(ring->data_dmat); 575 } 576 577 static int 578 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 579 int count) 580 { 581 struct rt2661_rx_desc *desc; 582 struct rt2661_rx_data *data; 583 bus_addr_t physaddr; 584 int i, error; 585 586 ring->count = count; 587 ring->cur = ring->next = 0; 588 589 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 590 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 591 count * RT2661_RX_DESC_SIZE, 1, count * RT2661_RX_DESC_SIZE, 592 0, NULL, NULL, &ring->desc_dmat); 593 if (error != 0) { 594 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 595 goto fail; 596 } 597 598 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 599 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 600 if (error != 0) { 601 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 602 goto fail; 603 } 604 605 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 606 count * RT2661_RX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 607 0); 608 if (error != 0) { 609 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 610 goto fail; 611 } 612 613 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF, 614 M_NOWAIT | M_ZERO); 615 if (ring->data == NULL) { 616 device_printf(sc->sc_dev, "could not allocate soft data\n"); 617 error = ENOMEM; 618 goto fail; 619 } 620 621 /* 622 * Pre-allocate Rx buffers and populate Rx ring. 623 */ 624 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 625 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 626 1, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 627 if (error != 0) { 628 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 629 goto fail; 630 } 631 632 for (i = 0; i < count; i++) { 633 desc = &sc->rxq.desc[i]; 634 data = &sc->rxq.data[i]; 635 636 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 637 if (error != 0) { 638 device_printf(sc->sc_dev, "could not create DMA map\n"); 639 goto fail; 640 } 641 642 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 643 if (data->m == NULL) { 644 device_printf(sc->sc_dev, 645 "could not allocate rx mbuf\n"); 646 error = ENOMEM; 647 goto fail; 648 } 649 650 error = bus_dmamap_load(ring->data_dmat, data->map, 651 mtod(data->m, void *), MCLBYTES, rt2661_dma_map_addr, 652 &physaddr, 0); 653 if (error != 0) { 654 device_printf(sc->sc_dev, 655 "could not load rx buf DMA map"); 656 goto fail; 657 } 658 659 desc->flags = htole32(RT2661_RX_BUSY); 660 desc->physaddr = htole32(physaddr); 661 } 662 663 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 664 665 return 0; 666 667 fail: rt2661_free_rx_ring(sc, ring); 668 return error; 669 } 670 671 static void 672 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 673 { 674 int i; 675 676 for (i = 0; i < ring->count; i++) 677 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 678 679 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 680 681 ring->cur = ring->next = 0; 682 } 683 684 static void 685 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 686 { 687 struct rt2661_rx_data *data; 688 int i; 689 690 if (ring->desc != NULL) { 691 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 692 BUS_DMASYNC_POSTWRITE); 693 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 694 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 695 } 696 697 if (ring->desc_dmat != NULL) 698 bus_dma_tag_destroy(ring->desc_dmat); 699 700 if (ring->data != NULL) { 701 for (i = 0; i < ring->count; i++) { 702 data = &ring->data[i]; 703 704 if (data->m != NULL) { 705 bus_dmamap_sync(ring->data_dmat, data->map, 706 BUS_DMASYNC_POSTREAD); 707 bus_dmamap_unload(ring->data_dmat, data->map); 708 m_freem(data->m); 709 } 710 711 if (data->map != NULL) 712 bus_dmamap_destroy(ring->data_dmat, data->map); 713 } 714 715 free(ring->data, M_DEVBUF); 716 } 717 718 if (ring->data_dmat != NULL) 719 bus_dma_tag_destroy(ring->data_dmat); 720 } 721 722 static struct ieee80211_node * 723 rt2661_node_alloc(struct ieee80211_node_table *nt) 724 { 725 struct rt2661_node *rn; 726 727 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE, 728 M_NOWAIT | M_ZERO); 729 730 return (rn != NULL) ? &rn->ni : NULL; 731 } 732 733 static int 734 rt2661_media_change(struct ifnet *ifp) 735 { 736 struct rt2661_softc *sc = ifp->if_softc; 737 int error; 738 739 error = ieee80211_media_change(ifp); 740 if (error != ENETRESET) 741 return error; 742 743 if ((ifp->if_flags & IFF_UP) && (ifp->if_drv_flags & IFF_DRV_RUNNING)) 744 rt2661_init(sc); 745 746 return 0; 747 } 748 749 /* 750 * This function is called for each node present in the node station table. 751 */ 752 static void 753 rt2661_iter_func(void *arg, struct ieee80211_node *ni) 754 { 755 struct rt2661_node *rn = (struct rt2661_node *)ni; 756 757 ral_rssadapt_updatestats(&rn->rssadapt); 758 } 759 760 /* 761 * This function is called periodically (every 100ms) in RUN state to update 762 * the rate adaptation statistics. 763 */ 764 static void 765 rt2661_update_rssadapt(void *arg) 766 { 767 struct rt2661_softc *sc = arg; 768 struct ieee80211com *ic = &sc->sc_ic; 769 770 RAL_LOCK(sc); 771 772 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg); 773 callout_reset(&sc->rssadapt_ch, hz / 10, rt2661_update_rssadapt, sc); 774 775 RAL_UNLOCK(sc); 776 } 777 778 static int 779 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 780 { 781 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 782 enum ieee80211_state ostate; 783 struct ieee80211_node *ni; 784 uint32_t tmp; 785 int error = 0; 786 787 ostate = ic->ic_state; 788 789 switch (nstate) { 790 case IEEE80211_S_INIT: 791 callout_stop(&sc->rssadapt_ch); 792 793 if (ostate == IEEE80211_S_RUN) { 794 /* abort TSF synchronization */ 795 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 796 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 797 } 798 break; 799 case IEEE80211_S_RUN: 800 ni = ic->ic_bss; 801 802 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 803 rt2661_enable_mrr(sc); 804 rt2661_set_txpreamble(sc); 805 rt2661_set_basicrates(sc, &ni->ni_rates); 806 rt2661_set_bssid(sc, ni->ni_bssid); 807 } 808 809 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 810 ic->ic_opmode == IEEE80211_M_IBSS) { 811 if ((error = rt2661_prepare_beacon(sc)) != 0) 812 break; 813 } 814 815 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 816 callout_reset(&sc->rssadapt_ch, hz / 10, 817 rt2661_update_rssadapt, sc); 818 rt2661_enable_tsf_sync(sc); 819 } 820 break; 821 case IEEE80211_S_SCAN: 822 case IEEE80211_S_AUTH: 823 case IEEE80211_S_ASSOC: 824 default: 825 break; 826 } 827 828 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg); 829 } 830 831 /* 832 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 833 * 93C66). 834 */ 835 static uint16_t 836 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 837 { 838 uint32_t tmp; 839 uint16_t val; 840 int n; 841 842 /* clock C once before the first command */ 843 RT2661_EEPROM_CTL(sc, 0); 844 845 RT2661_EEPROM_CTL(sc, RT2661_S); 846 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 847 RT2661_EEPROM_CTL(sc, RT2661_S); 848 849 /* write start bit (1) */ 850 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 851 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 852 853 /* write READ opcode (10) */ 854 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 855 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 856 RT2661_EEPROM_CTL(sc, RT2661_S); 857 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 858 859 /* write address (A5-A0 or A7-A0) */ 860 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 861 for (; n >= 0; n--) { 862 RT2661_EEPROM_CTL(sc, RT2661_S | 863 (((addr >> n) & 1) << RT2661_SHIFT_D)); 864 RT2661_EEPROM_CTL(sc, RT2661_S | 865 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 866 } 867 868 RT2661_EEPROM_CTL(sc, RT2661_S); 869 870 /* read data Q15-Q0 */ 871 val = 0; 872 for (n = 15; n >= 0; n--) { 873 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 874 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 875 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 876 RT2661_EEPROM_CTL(sc, RT2661_S); 877 } 878 879 RT2661_EEPROM_CTL(sc, 0); 880 881 /* clear Chip Select and clock C */ 882 RT2661_EEPROM_CTL(sc, RT2661_S); 883 RT2661_EEPROM_CTL(sc, 0); 884 RT2661_EEPROM_CTL(sc, RT2661_C); 885 886 return val; 887 } 888 889 static void 890 rt2661_tx_intr(struct rt2661_softc *sc) 891 { 892 struct ieee80211com *ic = &sc->sc_ic; 893 struct ifnet *ifp = ic->ic_ifp; 894 struct rt2661_tx_ring *txq; 895 struct rt2661_tx_data *data; 896 struct rt2661_node *rn; 897 uint32_t val; 898 int qid, retrycnt; 899 900 for (;;) { 901 struct ieee80211_node *ni; 902 struct mbuf *m; 903 904 val = RAL_READ(sc, RT2661_STA_CSR4); 905 if (!(val & RT2661_TX_STAT_VALID)) 906 break; 907 908 /* retrieve the queue in which this frame was sent */ 909 qid = RT2661_TX_QID(val); 910 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq; 911 912 /* retrieve rate control algorithm context */ 913 data = &txq->data[txq->stat]; 914 m = data->m; 915 data->m = NULL; 916 ni = data->ni; 917 data->ni = NULL; 918 919 /* if no frame has been sent, ignore */ 920 if (ni == NULL) 921 continue; 922 923 rn = (struct rt2661_node *)ni; 924 925 switch (RT2661_TX_RESULT(val)) { 926 case RT2661_TX_SUCCESS: 927 retrycnt = RT2661_TX_RETRYCNT(val); 928 929 DPRINTFN(10, ("data frame sent successfully after " 930 "%d retries\n", retrycnt)); 931 if (retrycnt == 0 && data->id.id_node != NULL) { 932 ral_rssadapt_raise_rate(ic, &rn->rssadapt, 933 &data->id); 934 } 935 ifp->if_opackets++; 936 break; 937 938 case RT2661_TX_RETRY_FAIL: 939 DPRINTFN(9, ("sending data frame failed (too much " 940 "retries)\n")); 941 if (data->id.id_node != NULL) { 942 ral_rssadapt_lower_rate(ic, ni, 943 &rn->rssadapt, &data->id); 944 } 945 ifp->if_oerrors++; 946 break; 947 948 default: 949 /* other failure */ 950 device_printf(sc->sc_dev, 951 "sending data frame failed 0x%08x\n", val); 952 ifp->if_oerrors++; 953 } 954 955 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat)); 956 957 txq->queued--; 958 if (++txq->stat >= txq->count) /* faster than % count */ 959 txq->stat = 0; 960 961 if (m->m_flags & M_TXCB) 962 ieee80211_process_callback(ni, m, 963 RT2661_TX_RESULT(val) != RT2661_TX_SUCCESS); 964 m_freem(m); 965 ieee80211_free_node(ni); 966 } 967 968 sc->sc_tx_timer = 0; 969 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 970 rt2661_start(ifp); 971 } 972 973 static void 974 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 975 { 976 struct rt2661_tx_desc *desc; 977 struct rt2661_tx_data *data; 978 979 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_POSTREAD); 980 981 for (;;) { 982 desc = &txq->desc[txq->next]; 983 data = &txq->data[txq->next]; 984 985 if ((le32toh(desc->flags) & RT2661_TX_BUSY) || 986 !(le32toh(desc->flags) & RT2661_TX_VALID)) 987 break; 988 989 bus_dmamap_sync(txq->data_dmat, data->map, 990 BUS_DMASYNC_POSTWRITE); 991 bus_dmamap_unload(txq->data_dmat, data->map); 992 993 /* descriptor is no longer valid */ 994 desc->flags &= ~htole32(RT2661_TX_VALID); 995 996 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 997 998 if (++txq->next >= txq->count) /* faster than % count */ 999 txq->next = 0; 1000 } 1001 1002 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1003 } 1004 1005 static void 1006 rt2661_rx_intr(struct rt2661_softc *sc) 1007 { 1008 struct ieee80211com *ic = &sc->sc_ic; 1009 struct ifnet *ifp = ic->ic_ifp; 1010 struct rt2661_rx_desc *desc; 1011 struct rt2661_rx_data *data; 1012 bus_addr_t physaddr; 1013 struct ieee80211_frame *wh; 1014 struct ieee80211_node *ni; 1015 struct rt2661_node *rn; 1016 struct mbuf *mnew, *m; 1017 int error; 1018 1019 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1020 BUS_DMASYNC_POSTREAD); 1021 1022 for (;;) { 1023 int rssi; 1024 1025 desc = &sc->rxq.desc[sc->rxq.cur]; 1026 data = &sc->rxq.data[sc->rxq.cur]; 1027 1028 if (le32toh(desc->flags) & RT2661_RX_BUSY) 1029 break; 1030 1031 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) || 1032 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) { 1033 /* 1034 * This should not happen since we did not request 1035 * to receive those frames when we filled TXRX_CSR0. 1036 */ 1037 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1038 le32toh(desc->flags))); 1039 ifp->if_ierrors++; 1040 goto skip; 1041 } 1042 1043 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1044 ifp->if_ierrors++; 1045 goto skip; 1046 } 1047 1048 /* 1049 * Try to allocate a new mbuf for this ring element and load it 1050 * before processing the current mbuf. If the ring element 1051 * cannot be loaded, drop the received packet and reuse the old 1052 * mbuf. In the unlikely case that the old mbuf can't be 1053 * reloaded either, explicitly panic. 1054 */ 1055 mnew = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1056 if (mnew == NULL) { 1057 ifp->if_ierrors++; 1058 goto skip; 1059 } 1060 1061 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1062 BUS_DMASYNC_POSTREAD); 1063 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1064 1065 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1066 mtod(mnew, void *), MCLBYTES, rt2661_dma_map_addr, 1067 &physaddr, 0); 1068 if (error != 0) { 1069 m_freem(mnew); 1070 1071 /* try to reload the old mbuf */ 1072 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1073 mtod(data->m, void *), MCLBYTES, 1074 rt2661_dma_map_addr, &physaddr, 0); 1075 if (error != 0) { 1076 /* very unlikely that it will fail... */ 1077 panic("%s: could not load old rx mbuf", 1078 device_get_name(sc->sc_dev)); 1079 } 1080 ifp->if_ierrors++; 1081 goto skip; 1082 } 1083 1084 /* 1085 * New mbuf successfully loaded, update Rx ring and continue 1086 * processing. 1087 */ 1088 m = data->m; 1089 data->m = mnew; 1090 desc->physaddr = htole32(physaddr); 1091 1092 /* finalize mbuf */ 1093 m->m_pkthdr.rcvif = ifp; 1094 m->m_pkthdr.len = m->m_len = 1095 (le32toh(desc->flags) >> 16) & 0xfff; 1096 1097 rssi = rt2661_get_rssi(sc, desc->rssi); 1098 1099 if (bpf_peers_present(sc->sc_drvbpf)) { 1100 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1101 uint32_t tsf_lo, tsf_hi; 1102 1103 /* get timestamp (low and high 32 bits) */ 1104 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1105 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1106 1107 tap->wr_tsf = 1108 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1109 tap->wr_flags = 0; 1110 tap->wr_rate = rt2661_rxrate(desc); 1111 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 1112 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 1113 tap->wr_antsignal = rssi < 0 ? 0 : rssi; 1114 1115 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1116 } 1117 sc->sc_flags |= RAL_INPUT_RUNNING; 1118 RAL_UNLOCK(sc); 1119 wh = mtod(m, struct ieee80211_frame *); 1120 ni = ieee80211_find_rxnode(ic, 1121 (struct ieee80211_frame_min *)wh); 1122 1123 /* Error happened during RSSI conversion. */ 1124 if (rssi < 0) 1125 rssi = ni->ni_rssi; 1126 1127 /* send the frame to the 802.11 layer */ 1128 ieee80211_input(ic, m, ni, rssi, RT2661_NOISE_FLOOR, 0); 1129 1130 /* give rssi to the rate adatation algorithm */ 1131 rn = (struct rt2661_node *)ni; 1132 RAL_LOCK(sc); 1133 sc->sc_flags &= ~RAL_INPUT_RUNNING; 1134 ral_rssadapt_input(ic, ni, &rn->rssadapt, rssi); 1135 1136 /* node is no longer needed */ 1137 ieee80211_free_node(ni); 1138 1139 skip: desc->flags |= htole32(RT2661_RX_BUSY); 1140 1141 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur)); 1142 1143 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1144 } 1145 1146 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1147 BUS_DMASYNC_PREWRITE); 1148 } 1149 1150 /* ARGSUSED */ 1151 static void 1152 rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1153 { 1154 /* do nothing */ 1155 } 1156 1157 static void 1158 rt2661_mcu_wakeup(struct rt2661_softc *sc) 1159 { 1160 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1161 1162 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1163 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1164 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1165 1166 /* send wakeup command to MCU */ 1167 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1168 } 1169 1170 static void 1171 rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1172 { 1173 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1174 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1175 } 1176 1177 void 1178 rt2661_intr(void *arg) 1179 { 1180 struct rt2661_softc *sc = arg; 1181 struct ifnet *ifp = sc->sc_ifp; 1182 uint32_t r1, r2; 1183 1184 RAL_LOCK(sc); 1185 1186 /* disable MAC and MCU interrupts */ 1187 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1188 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1189 1190 /* don't re-enable interrupts if we're shutting down */ 1191 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 1192 RAL_UNLOCK(sc); 1193 return; 1194 } 1195 1196 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1197 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1198 1199 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1200 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1201 1202 if (r1 & RT2661_MGT_DONE) 1203 rt2661_tx_dma_intr(sc, &sc->mgtq); 1204 1205 if (r1 & RT2661_RX_DONE) 1206 rt2661_rx_intr(sc); 1207 1208 if (r1 & RT2661_TX0_DMA_DONE) 1209 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1210 1211 if (r1 & RT2661_TX1_DMA_DONE) 1212 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1213 1214 if (r1 & RT2661_TX2_DMA_DONE) 1215 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1216 1217 if (r1 & RT2661_TX3_DMA_DONE) 1218 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1219 1220 if (r1 & RT2661_TX_DONE) 1221 rt2661_tx_intr(sc); 1222 1223 if (r2 & RT2661_MCU_CMD_DONE) 1224 rt2661_mcu_cmd_intr(sc); 1225 1226 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1227 rt2661_mcu_beacon_expire(sc); 1228 1229 if (r2 & RT2661_MCU_WAKEUP) 1230 rt2661_mcu_wakeup(sc); 1231 1232 /* re-enable MAC and MCU interrupts */ 1233 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 1234 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 1235 1236 RAL_UNLOCK(sc); 1237 } 1238 1239 /* quickly determine if a given rate is CCK or OFDM */ 1240 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1241 1242 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1243 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1244 1245 #define RAL_SIFS 10 /* us */ 1246 1247 /* 1248 * This function is only used by the Rx radiotap code. It returns the rate at 1249 * which a given frame was received. 1250 */ 1251 static uint8_t 1252 rt2661_rxrate(struct rt2661_rx_desc *desc) 1253 { 1254 if (le32toh(desc->flags) & RT2661_RX_OFDM) { 1255 /* reverse function of rt2661_plcp_signal */ 1256 switch (desc->rate & 0xf) { 1257 case 0xb: return 12; 1258 case 0xf: return 18; 1259 case 0xa: return 24; 1260 case 0xe: return 36; 1261 case 0x9: return 48; 1262 case 0xd: return 72; 1263 case 0x8: return 96; 1264 case 0xc: return 108; 1265 } 1266 } else { 1267 if (desc->rate == 10) 1268 return 2; 1269 if (desc->rate == 20) 1270 return 4; 1271 if (desc->rate == 55) 1272 return 11; 1273 if (desc->rate == 110) 1274 return 22; 1275 } 1276 return 2; /* should not get there */ 1277 } 1278 1279 /* 1280 * Return the expected ack rate for a frame transmitted at rate `rate'. 1281 * XXX: this should depend on the destination node basic rate set. 1282 */ 1283 static int 1284 rt2661_ack_rate(struct ieee80211com *ic, int rate) 1285 { 1286 switch (rate) { 1287 /* CCK rates */ 1288 case 2: 1289 return 2; 1290 case 4: 1291 case 11: 1292 case 22: 1293 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1294 1295 /* OFDM rates */ 1296 case 12: 1297 case 18: 1298 return 12; 1299 case 24: 1300 case 36: 1301 return 24; 1302 case 48: 1303 case 72: 1304 case 96: 1305 case 108: 1306 return 48; 1307 } 1308 1309 /* default to 1Mbps */ 1310 return 2; 1311 } 1312 1313 /* 1314 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1315 * The function automatically determines the operating mode depending on the 1316 * given rate. `flags' indicates whether short preamble is in use or not. 1317 */ 1318 static uint16_t 1319 rt2661_txtime(int len, int rate, uint32_t flags) 1320 { 1321 uint16_t txtime; 1322 1323 if (RAL_RATE_IS_OFDM(rate)) { 1324 /* IEEE Std 802.11a-1999, pp. 37 */ 1325 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1326 txtime = 16 + 4 + 4 * txtime + 6; 1327 } else { 1328 /* IEEE Std 802.11b-1999, pp. 28 */ 1329 txtime = (16 * len + rate - 1) / rate; 1330 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1331 txtime += 72 + 24; 1332 else 1333 txtime += 144 + 48; 1334 } 1335 1336 return txtime; 1337 } 1338 1339 static uint8_t 1340 rt2661_plcp_signal(int rate) 1341 { 1342 switch (rate) { 1343 /* CCK rates (returned values are device-dependent) */ 1344 case 2: return 0x0; 1345 case 4: return 0x1; 1346 case 11: return 0x2; 1347 case 22: return 0x3; 1348 1349 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1350 case 12: return 0xb; 1351 case 18: return 0xf; 1352 case 24: return 0xa; 1353 case 36: return 0xe; 1354 case 48: return 0x9; 1355 case 72: return 0xd; 1356 case 96: return 0x8; 1357 case 108: return 0xc; 1358 1359 /* unsupported rates (should not get there) */ 1360 default: return 0xff; 1361 } 1362 } 1363 1364 static void 1365 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1366 uint32_t flags, uint16_t xflags, int len, int rate, 1367 const bus_dma_segment_t *segs, int nsegs, int ac) 1368 { 1369 struct ieee80211com *ic = &sc->sc_ic; 1370 uint16_t plcp_length; 1371 int i, remainder; 1372 1373 desc->flags = htole32(flags); 1374 desc->flags |= htole32(len << 16); 1375 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1376 1377 desc->xflags = htole16(xflags); 1378 desc->xflags |= htole16(nsegs << 13); 1379 1380 desc->wme = htole16( 1381 RT2661_QID(ac) | 1382 RT2661_AIFSN(2) | 1383 RT2661_LOGCWMIN(4) | 1384 RT2661_LOGCWMAX(10)); 1385 1386 /* 1387 * Remember in which queue this frame was sent. This field is driver 1388 * private data only. It will be made available by the NIC in STA_CSR4 1389 * on Tx interrupts. 1390 */ 1391 desc->qid = ac; 1392 1393 /* setup PLCP fields */ 1394 desc->plcp_signal = rt2661_plcp_signal(rate); 1395 desc->plcp_service = 4; 1396 1397 len += IEEE80211_CRC_LEN; 1398 if (RAL_RATE_IS_OFDM(rate)) { 1399 desc->flags |= htole32(RT2661_TX_OFDM); 1400 1401 plcp_length = len & 0xfff; 1402 desc->plcp_length_hi = plcp_length >> 6; 1403 desc->plcp_length_lo = plcp_length & 0x3f; 1404 } else { 1405 plcp_length = (16 * len + rate - 1) / rate; 1406 if (rate == 22) { 1407 remainder = (16 * len) % 22; 1408 if (remainder != 0 && remainder < 7) 1409 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1410 } 1411 desc->plcp_length_hi = plcp_length >> 8; 1412 desc->plcp_length_lo = plcp_length & 0xff; 1413 1414 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1415 desc->plcp_signal |= 0x08; 1416 } 1417 1418 /* RT2x61 supports scatter with up to 5 segments */ 1419 for (i = 0; i < nsegs; i++) { 1420 desc->addr[i] = htole32(segs[i].ds_addr); 1421 desc->len [i] = htole16(segs[i].ds_len); 1422 } 1423 } 1424 1425 static int 1426 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1427 struct ieee80211_node *ni) 1428 { 1429 struct ieee80211com *ic = &sc->sc_ic; 1430 struct rt2661_tx_desc *desc; 1431 struct rt2661_tx_data *data; 1432 struct ieee80211_frame *wh; 1433 struct ieee80211_key *k; 1434 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1435 uint16_t dur; 1436 uint32_t flags = 0; /* XXX HWSEQ */ 1437 int nsegs, rate, error; 1438 1439 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1440 data = &sc->mgtq.data[sc->mgtq.cur]; 1441 1442 /* send mgt frames at the lowest available rate */ 1443 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1444 1445 wh = mtod(m0, struct ieee80211_frame *); 1446 1447 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1448 k = ieee80211_crypto_encap(ic, ni, m0); 1449 if (k == NULL) { 1450 m_freem(m0); 1451 return ENOBUFS; 1452 } 1453 } 1454 1455 error = bus_dmamap_load_mbuf_sg(sc->mgtq.data_dmat, data->map, m0, 1456 segs, &nsegs, 0); 1457 if (error != 0) { 1458 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1459 error); 1460 m_freem(m0); 1461 return error; 1462 } 1463 1464 if (bpf_peers_present(sc->sc_drvbpf)) { 1465 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1466 1467 tap->wt_flags = 0; 1468 tap->wt_rate = rate; 1469 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1470 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1471 1472 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1473 } 1474 1475 data->m = m0; 1476 data->ni = ni; 1477 1478 wh = mtod(m0, struct ieee80211_frame *); 1479 1480 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1481 flags |= RT2661_TX_NEED_ACK; 1482 1483 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1484 RAL_SIFS; 1485 *(uint16_t *)wh->i_dur = htole16(dur); 1486 1487 /* tell hardware to add timestamp in probe responses */ 1488 if ((wh->i_fc[0] & 1489 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1490 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1491 flags |= RT2661_TX_TIMESTAMP; 1492 } 1493 1494 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1495 m0->m_pkthdr.len, rate, segs, nsegs, RT2661_QID_MGT); 1496 1497 bus_dmamap_sync(sc->mgtq.data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1498 bus_dmamap_sync(sc->mgtq.desc_dmat, sc->mgtq.desc_map, 1499 BUS_DMASYNC_PREWRITE); 1500 1501 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1502 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1503 1504 /* kick mgt */ 1505 sc->mgtq.queued++; 1506 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1507 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1508 1509 return 0; 1510 } 1511 1512 /* 1513 * Build a RTS control frame. 1514 */ 1515 static struct mbuf * 1516 rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh, 1517 uint16_t dur) 1518 { 1519 struct ieee80211_frame_rts *rts; 1520 struct mbuf *m; 1521 1522 MGETHDR(m, M_DONTWAIT, MT_DATA); 1523 if (m == NULL) { 1524 sc->sc_ic.ic_stats.is_tx_nobuf++; 1525 device_printf(sc->sc_dev, "could not allocate RTS frame\n"); 1526 return NULL; 1527 } 1528 1529 rts = mtod(m, struct ieee80211_frame_rts *); 1530 1531 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL | 1532 IEEE80211_FC0_SUBTYPE_RTS; 1533 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1534 *(uint16_t *)rts->i_dur = htole16(dur); 1535 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1); 1536 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2); 1537 1538 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts); 1539 1540 return m; 1541 } 1542 1543 static int 1544 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1545 struct ieee80211_node *ni, int ac) 1546 { 1547 struct ieee80211com *ic = &sc->sc_ic; 1548 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1549 struct rt2661_tx_desc *desc; 1550 struct rt2661_tx_data *data; 1551 struct rt2661_node *rn; 1552 struct ieee80211_frame *wh; 1553 struct ieee80211_key *k; 1554 const struct chanAccParams *cap; 1555 struct mbuf *mnew; 1556 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1557 uint16_t dur; 1558 uint32_t flags = 0; 1559 int error, nsegs, rate, noack = 0; 1560 1561 wh = mtod(m0, struct ieee80211_frame *); 1562 1563 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1564 rate = ic->ic_fixed_rate; 1565 } else { 1566 struct ieee80211_rateset *rs; 1567 1568 rs = &ni->ni_rates; 1569 rn = (struct rt2661_node *)ni; 1570 ni->ni_txrate = ral_rssadapt_choose(&rn->rssadapt, rs, 1571 wh, m0->m_pkthdr.len, NULL, 0); 1572 rate = rs->rs_rates[ni->ni_txrate]; 1573 } 1574 rate &= IEEE80211_RATE_VAL; 1575 1576 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1577 cap = &ic->ic_wme.wme_chanParams; 1578 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1579 } 1580 1581 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1582 k = ieee80211_crypto_encap(ic, ni, m0); 1583 if (k == NULL) { 1584 m_freem(m0); 1585 return ENOBUFS; 1586 } 1587 1588 /* packet header may have moved, reset our local pointer */ 1589 wh = mtod(m0, struct ieee80211_frame *); 1590 } 1591 1592 /* 1593 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange 1594 * for directed frames only when the length of the MPDU is greater 1595 * than the length threshold indicated by [...]" ic_rtsthreshold. 1596 */ 1597 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 1598 m0->m_pkthdr.len > ic->ic_rtsthreshold) { 1599 struct mbuf *m; 1600 uint16_t dur; 1601 int rtsrate, ackrate; 1602 1603 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1604 ackrate = rt2661_ack_rate(ic, rate); 1605 1606 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) + 1607 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) + 1608 /* XXX: noack (QoS)? */ 1609 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1610 3 * RAL_SIFS; 1611 1612 m = rt2661_get_rts(sc, wh, dur); 1613 1614 desc = &txq->desc[txq->cur]; 1615 data = &txq->data[txq->cur]; 1616 1617 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m, 1618 segs, &nsegs, 0); 1619 if (error != 0) { 1620 device_printf(sc->sc_dev, 1621 "could not map mbuf (error %d)\n", error); 1622 m_freem(m); 1623 m_freem(m0); 1624 return error; 1625 } 1626 1627 /* avoid multiple free() of the same node for each fragment */ 1628 ieee80211_ref_node(ni); 1629 1630 data->m = m; 1631 data->ni = ni; 1632 1633 /* RTS frames are not taken into account for rssadapt */ 1634 data->id.id_node = NULL; 1635 1636 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK | 1637 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate, segs, 1638 nsegs, ac); 1639 1640 bus_dmamap_sync(txq->data_dmat, data->map, 1641 BUS_DMASYNC_PREWRITE); 1642 1643 txq->queued++; 1644 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1645 1646 /* 1647 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the 1648 * asynchronous data frame shall be transmitted after the CTS 1649 * frame and a SIFS period. 1650 */ 1651 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS; 1652 } 1653 1654 data = &txq->data[txq->cur]; 1655 desc = &txq->desc[txq->cur]; 1656 1657 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, segs, 1658 &nsegs, 0); 1659 if (error != 0 && error != EFBIG) { 1660 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1661 error); 1662 m_freem(m0); 1663 return error; 1664 } 1665 if (error != 0) { 1666 mnew = m_defrag(m0, M_DONTWAIT); 1667 if (mnew == NULL) { 1668 device_printf(sc->sc_dev, 1669 "could not defragment mbuf\n"); 1670 m_freem(m0); 1671 return ENOBUFS; 1672 } 1673 m0 = mnew; 1674 1675 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, 1676 segs, &nsegs, 0); 1677 if (error != 0) { 1678 device_printf(sc->sc_dev, 1679 "could not map mbuf (error %d)\n", error); 1680 m_freem(m0); 1681 return error; 1682 } 1683 1684 /* packet header have moved, reset our local pointer */ 1685 wh = mtod(m0, struct ieee80211_frame *); 1686 } 1687 1688 if (bpf_peers_present(sc->sc_drvbpf)) { 1689 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1690 1691 tap->wt_flags = 0; 1692 tap->wt_rate = rate; 1693 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1694 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1695 1696 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1697 } 1698 1699 data->m = m0; 1700 data->ni = ni; 1701 1702 /* remember link conditions for rate adaptation algorithm */ 1703 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) { 1704 data->id.id_len = m0->m_pkthdr.len; 1705 data->id.id_rateidx = ni->ni_txrate; 1706 data->id.id_node = ni; 1707 data->id.id_rssi = ni->ni_rssi; 1708 } else 1709 data->id.id_node = NULL; 1710 1711 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1712 flags |= RT2661_TX_NEED_ACK; 1713 1714 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1715 ic->ic_flags) + RAL_SIFS; 1716 *(uint16_t *)wh->i_dur = htole16(dur); 1717 } 1718 1719 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, segs, 1720 nsegs, ac); 1721 1722 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1723 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1724 1725 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1726 m0->m_pkthdr.len, txq->cur, rate)); 1727 1728 /* kick Tx */ 1729 txq->queued++; 1730 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1731 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1 << ac); 1732 1733 return 0; 1734 } 1735 1736 static void 1737 rt2661_start(struct ifnet *ifp) 1738 { 1739 struct rt2661_softc *sc = ifp->if_softc; 1740 struct ieee80211com *ic = &sc->sc_ic; 1741 struct mbuf *m0; 1742 struct ether_header *eh; 1743 struct ieee80211_node *ni; 1744 int ac; 1745 1746 RAL_LOCK(sc); 1747 1748 /* prevent management frames from being sent if we're not ready */ 1749 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING) || sc->sc_invalid) { 1750 RAL_UNLOCK(sc); 1751 return; 1752 } 1753 1754 for (;;) { 1755 IF_POLL(&ic->ic_mgtq, m0); 1756 if (m0 != NULL) { 1757 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1758 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1759 break; 1760 } 1761 IF_DEQUEUE(&ic->ic_mgtq, m0); 1762 1763 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1764 m0->m_pkthdr.rcvif = NULL; 1765 1766 if (bpf_peers_present(ic->ic_rawbpf)) 1767 bpf_mtap(ic->ic_rawbpf, m0); 1768 1769 if (rt2661_tx_mgt(sc, m0, ni) != 0) { 1770 ieee80211_free_node(ni); 1771 break; 1772 } 1773 } else { 1774 if (ic->ic_state != IEEE80211_S_RUN) 1775 break; 1776 1777 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0); 1778 if (m0 == NULL) 1779 break; 1780 /* 1781 * Cancel any background scan. 1782 */ 1783 if (ic->ic_flags & IEEE80211_F_SCAN) 1784 ieee80211_cancel_scan(ic); 1785 1786 if (m0->m_len < sizeof (struct ether_header) && 1787 !(m0 = m_pullup(m0, sizeof (struct ether_header)))) 1788 continue; 1789 1790 eh = mtod(m0, struct ether_header *); 1791 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1792 if (ni == NULL) { 1793 m_freem(m0); 1794 ifp->if_oerrors++; 1795 continue; 1796 } 1797 1798 /* classify mbuf so we can find which tx ring to use */ 1799 if (ieee80211_classify(ic, m0, ni) != 0) { 1800 m_freem(m0); 1801 ieee80211_free_node(ni); 1802 ifp->if_oerrors++; 1803 continue; 1804 } 1805 1806 /* no QoS encapsulation for EAPOL frames */ 1807 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1808 M_WME_GETAC(m0) : WME_AC_BE; 1809 1810 if (sc->txq[ac].queued >= RT2661_TX_RING_COUNT - 1) { 1811 /* there is no place left in this ring */ 1812 IFQ_DRV_PREPEND(&ifp->if_snd, m0); 1813 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1814 ieee80211_free_node(ni); 1815 break; 1816 } 1817 1818 BPF_MTAP(ifp, m0); 1819 1820 m0 = ieee80211_encap(ic, m0, ni); 1821 if (m0 == NULL) { 1822 ieee80211_free_node(ni); 1823 ifp->if_oerrors++; 1824 continue; 1825 } 1826 1827 if (bpf_peers_present(ic->ic_rawbpf)) 1828 bpf_mtap(ic->ic_rawbpf, m0); 1829 1830 if (rt2661_tx_data(sc, m0, ni, ac) != 0) { 1831 ieee80211_free_node(ni); 1832 ifp->if_oerrors++; 1833 break; 1834 } 1835 } 1836 1837 sc->sc_tx_timer = 5; 1838 ic->ic_lastdata = ticks; 1839 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1840 } 1841 1842 RAL_UNLOCK(sc); 1843 } 1844 1845 static void 1846 rt2661_watchdog(void *arg) 1847 { 1848 struct rt2661_softc *sc = (struct rt2661_softc *)arg; 1849 1850 if (sc->sc_tx_timer > 0 && !sc->sc_invalid) { 1851 if (--sc->sc_tx_timer == 0) { 1852 device_printf(sc->sc_dev, "device timeout\n"); 1853 rt2661_init(sc); 1854 sc->sc_ifp->if_oerrors++; 1855 return; 1856 } 1857 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1858 } 1859 } 1860 1861 /* 1862 * This function allows for fast channel switching in monitor mode (used by 1863 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to 1864 * generate a new beacon frame. 1865 */ 1866 static int 1867 rt2661_reset(struct ifnet *ifp) 1868 { 1869 struct rt2661_softc *sc = ifp->if_softc; 1870 struct ieee80211com *ic = &sc->sc_ic; 1871 1872 if (ic->ic_opmode != IEEE80211_M_MONITOR) 1873 return ENETRESET; 1874 1875 rt2661_set_chan(sc, ic->ic_curchan); 1876 1877 return 0; 1878 } 1879 1880 static int 1881 rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1882 { 1883 struct rt2661_softc *sc = ifp->if_softc; 1884 struct ieee80211com *ic = &sc->sc_ic; 1885 int error = 0; 1886 1887 switch (cmd) { 1888 case SIOCSIFFLAGS: 1889 if (ifp->if_flags & IFF_UP) { 1890 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1891 rt2661_update_promisc(sc); 1892 else 1893 rt2661_init(sc); 1894 } else { 1895 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1896 rt2661_stop(sc); 1897 } 1898 break; 1899 1900 default: 1901 error = ieee80211_ioctl(ic, cmd, data); 1902 } 1903 1904 if (error == ENETRESET) { 1905 if ((ifp->if_flags & IFF_UP) && 1906 (ifp->if_drv_flags & IFF_DRV_RUNNING) && 1907 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1908 rt2661_init(sc); 1909 error = 0; 1910 } 1911 1912 return error; 1913 } 1914 1915 static void 1916 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 1917 { 1918 uint32_t tmp; 1919 int ntries; 1920 1921 for (ntries = 0; ntries < 100; ntries++) { 1922 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1923 break; 1924 DELAY(1); 1925 } 1926 if (ntries == 100) { 1927 device_printf(sc->sc_dev, "could not write to BBP\n"); 1928 return; 1929 } 1930 1931 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 1932 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 1933 1934 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 1935 } 1936 1937 static uint8_t 1938 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 1939 { 1940 uint32_t val; 1941 int ntries; 1942 1943 for (ntries = 0; ntries < 100; ntries++) { 1944 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1945 break; 1946 DELAY(1); 1947 } 1948 if (ntries == 100) { 1949 device_printf(sc->sc_dev, "could not read from BBP\n"); 1950 return 0; 1951 } 1952 1953 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 1954 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 1955 1956 for (ntries = 0; ntries < 100; ntries++) { 1957 val = RAL_READ(sc, RT2661_PHY_CSR3); 1958 if (!(val & RT2661_BBP_BUSY)) 1959 return val & 0xff; 1960 DELAY(1); 1961 } 1962 1963 device_printf(sc->sc_dev, "could not read from BBP\n"); 1964 return 0; 1965 } 1966 1967 static void 1968 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 1969 { 1970 uint32_t tmp; 1971 int ntries; 1972 1973 for (ntries = 0; ntries < 100; ntries++) { 1974 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 1975 break; 1976 DELAY(1); 1977 } 1978 if (ntries == 100) { 1979 device_printf(sc->sc_dev, "could not write to RF\n"); 1980 return; 1981 } 1982 1983 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 1984 (reg & 3); 1985 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 1986 1987 /* remember last written value in sc */ 1988 sc->rf_regs[reg] = val; 1989 1990 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 1991 } 1992 1993 static int 1994 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 1995 { 1996 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 1997 return EIO; /* there is already a command pending */ 1998 1999 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 2000 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 2001 2002 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 2003 2004 return 0; 2005 } 2006 2007 static void 2008 rt2661_select_antenna(struct rt2661_softc *sc) 2009 { 2010 uint8_t bbp4, bbp77; 2011 uint32_t tmp; 2012 2013 bbp4 = rt2661_bbp_read(sc, 4); 2014 bbp77 = rt2661_bbp_read(sc, 77); 2015 2016 /* TBD */ 2017 2018 /* make sure Rx is disabled before switching antenna */ 2019 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2020 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2021 2022 rt2661_bbp_write(sc, 4, bbp4); 2023 rt2661_bbp_write(sc, 77, bbp77); 2024 2025 /* restore Rx filter */ 2026 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2027 } 2028 2029 /* 2030 * Enable multi-rate retries for frames sent at OFDM rates. 2031 * In 802.11b/g mode, allow fallback to CCK rates. 2032 */ 2033 static void 2034 rt2661_enable_mrr(struct rt2661_softc *sc) 2035 { 2036 struct ieee80211com *ic = &sc->sc_ic; 2037 uint32_t tmp; 2038 2039 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2040 2041 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2042 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2043 tmp |= RT2661_MRR_CCK_FALLBACK; 2044 tmp |= RT2661_MRR_ENABLED; 2045 2046 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2047 } 2048 2049 static void 2050 rt2661_set_txpreamble(struct rt2661_softc *sc) 2051 { 2052 uint32_t tmp; 2053 2054 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2055 2056 tmp &= ~RT2661_SHORT_PREAMBLE; 2057 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2058 tmp |= RT2661_SHORT_PREAMBLE; 2059 2060 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2061 } 2062 2063 /* 2064 * Supported rates for 802.11g. XXX should use ic_sup_rates. 2065 */ 2066 static const struct ieee80211_rateset rt2661_rateset_11g = 2067 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 2068 2069 static void 2070 rt2661_set_basicrates(struct rt2661_softc *sc, 2071 const struct ieee80211_rateset *rs) 2072 { 2073 #define RV(r) ((r) & IEEE80211_RATE_VAL) 2074 struct ieee80211com *ic = &sc->sc_ic; 2075 uint32_t mask = 0; 2076 uint8_t rate; 2077 int i, j; 2078 2079 for (i = 0; i < rs->rs_nrates; i++) { 2080 rate = rs->rs_rates[i]; 2081 2082 if (!(rate & IEEE80211_RATE_BASIC)) 2083 continue; 2084 2085 /* 2086 * Find h/w rate index. We know it exists because the rate 2087 * set has already been negotiated. 2088 */ 2089 for (j = 0; ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates[j] != RV(rate); j++); 2090 2091 mask |= 1 << j; 2092 } 2093 2094 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask); 2095 2096 DPRINTF(("Setting basic rate mask to 0x%x\n", mask)); 2097 #undef RV 2098 } 2099 2100 /* 2101 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2102 * driver. 2103 */ 2104 static void 2105 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2106 { 2107 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2108 uint32_t tmp; 2109 2110 /* update all BBP registers that depend on the band */ 2111 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2112 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2113 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2114 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2115 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2116 } 2117 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2118 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2119 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2120 } 2121 2122 rt2661_bbp_write(sc, 17, bbp17); 2123 rt2661_bbp_write(sc, 96, bbp96); 2124 rt2661_bbp_write(sc, 104, bbp104); 2125 2126 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2127 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2128 rt2661_bbp_write(sc, 75, 0x80); 2129 rt2661_bbp_write(sc, 86, 0x80); 2130 rt2661_bbp_write(sc, 88, 0x80); 2131 } 2132 2133 rt2661_bbp_write(sc, 35, bbp35); 2134 rt2661_bbp_write(sc, 97, bbp97); 2135 rt2661_bbp_write(sc, 98, bbp98); 2136 2137 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2138 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2139 if (IEEE80211_IS_CHAN_2GHZ(c)) 2140 tmp |= RT2661_PA_PE_2GHZ; 2141 else 2142 tmp |= RT2661_PA_PE_5GHZ; 2143 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2144 } 2145 2146 static void 2147 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2148 { 2149 struct ieee80211com *ic = &sc->sc_ic; 2150 const struct rfprog *rfprog; 2151 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2152 int8_t power; 2153 u_int i, chan; 2154 2155 chan = ieee80211_chan2ieee(ic, c); 2156 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2157 return; 2158 2159 /* select the appropriate RF settings based on what EEPROM says */ 2160 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2161 2162 /* find the settings for this channel (we know it exists) */ 2163 for (i = 0; rfprog[i].chan != chan; i++); 2164 2165 power = sc->txpow[i]; 2166 if (power < 0) { 2167 bbp94 += power; 2168 power = 0; 2169 } else if (power > 31) { 2170 bbp94 += power - 31; 2171 power = 31; 2172 } 2173 2174 /* 2175 * If we are switching from the 2GHz band to the 5GHz band or 2176 * vice-versa, BBP registers need to be reprogrammed. 2177 */ 2178 if (c->ic_flags != sc->sc_curchan->ic_flags) { 2179 rt2661_select_band(sc, c); 2180 rt2661_select_antenna(sc); 2181 } 2182 sc->sc_curchan = c; 2183 2184 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2185 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2186 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2187 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2188 2189 DELAY(200); 2190 2191 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2192 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2193 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2194 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2195 2196 DELAY(200); 2197 2198 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2199 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2200 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2201 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2202 2203 /* enable smart mode for MIMO-capable RFs */ 2204 bbp3 = rt2661_bbp_read(sc, 3); 2205 2206 bbp3 &= ~RT2661_SMART_MODE; 2207 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2208 bbp3 |= RT2661_SMART_MODE; 2209 2210 rt2661_bbp_write(sc, 3, bbp3); 2211 2212 if (bbp94 != RT2661_BBPR94_DEFAULT) 2213 rt2661_bbp_write(sc, 94, bbp94); 2214 2215 /* 5GHz radio needs a 1ms delay here */ 2216 if (IEEE80211_IS_CHAN_5GHZ(c)) 2217 DELAY(1000); 2218 } 2219 2220 static void 2221 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2222 { 2223 uint32_t tmp; 2224 2225 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2226 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2227 2228 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2229 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2230 } 2231 2232 static void 2233 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2234 { 2235 uint32_t tmp; 2236 2237 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2238 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2239 2240 tmp = addr[4] | addr[5] << 8; 2241 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2242 } 2243 2244 static void 2245 rt2661_update_promisc(struct rt2661_softc *sc) 2246 { 2247 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2248 uint32_t tmp; 2249 2250 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2251 2252 tmp &= ~RT2661_DROP_NOT_TO_ME; 2253 if (!(ifp->if_flags & IFF_PROMISC)) 2254 tmp |= RT2661_DROP_NOT_TO_ME; 2255 2256 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2257 2258 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2259 "entering" : "leaving")); 2260 } 2261 2262 /* 2263 * Update QoS (802.11e) settings for each h/w Tx ring. 2264 */ 2265 static int 2266 rt2661_wme_update(struct ieee80211com *ic) 2267 { 2268 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 2269 const struct wmeParams *wmep; 2270 2271 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams; 2272 2273 /* XXX: not sure about shifts. */ 2274 /* XXX: the reference driver plays with AC_VI settings too. */ 2275 2276 /* update TxOp */ 2277 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0, 2278 wmep[WME_AC_BE].wmep_txopLimit << 16 | 2279 wmep[WME_AC_BK].wmep_txopLimit); 2280 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1, 2281 wmep[WME_AC_VI].wmep_txopLimit << 16 | 2282 wmep[WME_AC_VO].wmep_txopLimit); 2283 2284 /* update CWmin */ 2285 RAL_WRITE(sc, RT2661_CWMIN_CSR, 2286 wmep[WME_AC_BE].wmep_logcwmin << 12 | 2287 wmep[WME_AC_BK].wmep_logcwmin << 8 | 2288 wmep[WME_AC_VI].wmep_logcwmin << 4 | 2289 wmep[WME_AC_VO].wmep_logcwmin); 2290 2291 /* update CWmax */ 2292 RAL_WRITE(sc, RT2661_CWMAX_CSR, 2293 wmep[WME_AC_BE].wmep_logcwmax << 12 | 2294 wmep[WME_AC_BK].wmep_logcwmax << 8 | 2295 wmep[WME_AC_VI].wmep_logcwmax << 4 | 2296 wmep[WME_AC_VO].wmep_logcwmax); 2297 2298 /* update Aifsn */ 2299 RAL_WRITE(sc, RT2661_AIFSN_CSR, 2300 wmep[WME_AC_BE].wmep_aifsn << 12 | 2301 wmep[WME_AC_BK].wmep_aifsn << 8 | 2302 wmep[WME_AC_VI].wmep_aifsn << 4 | 2303 wmep[WME_AC_VO].wmep_aifsn); 2304 2305 return 0; 2306 } 2307 2308 static void 2309 rt2661_update_slot(struct ifnet *ifp) 2310 { 2311 struct rt2661_softc *sc = ifp->if_softc; 2312 struct ieee80211com *ic = &sc->sc_ic; 2313 uint8_t slottime; 2314 uint32_t tmp; 2315 2316 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2317 2318 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2319 tmp = (tmp & ~0xff) | slottime; 2320 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2321 } 2322 2323 static const char * 2324 rt2661_get_rf(int rev) 2325 { 2326 switch (rev) { 2327 case RT2661_RF_5225: return "RT5225"; 2328 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2329 case RT2661_RF_2527: return "RT2527"; 2330 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2331 default: return "unknown"; 2332 } 2333 } 2334 2335 static void 2336 rt2661_read_eeprom(struct rt2661_softc *sc) 2337 { 2338 struct ieee80211com *ic = &sc->sc_ic; 2339 uint16_t val; 2340 int i; 2341 2342 /* read MAC address */ 2343 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2344 ic->ic_myaddr[0] = val & 0xff; 2345 ic->ic_myaddr[1] = val >> 8; 2346 2347 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2348 ic->ic_myaddr[2] = val & 0xff; 2349 ic->ic_myaddr[3] = val >> 8; 2350 2351 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2352 ic->ic_myaddr[4] = val & 0xff; 2353 ic->ic_myaddr[5] = val >> 8; 2354 2355 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2356 /* XXX: test if different from 0xffff? */ 2357 sc->rf_rev = (val >> 11) & 0x1f; 2358 sc->hw_radio = (val >> 10) & 0x1; 2359 sc->rx_ant = (val >> 4) & 0x3; 2360 sc->tx_ant = (val >> 2) & 0x3; 2361 sc->nb_ant = val & 0x3; 2362 2363 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2364 2365 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2366 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2367 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2368 2369 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2370 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2371 2372 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2373 if ((val & 0xff) != 0xff) 2374 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2375 2376 /* Only [-10, 10] is valid */ 2377 if (sc->rssi_2ghz_corr < -10 || sc->rssi_2ghz_corr > 10) 2378 sc->rssi_2ghz_corr = 0; 2379 2380 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2381 if ((val & 0xff) != 0xff) 2382 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2383 2384 /* Only [-10, 10] is valid */ 2385 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10) 2386 sc->rssi_5ghz_corr = 0; 2387 2388 /* adjust RSSI correction for external low-noise amplifier */ 2389 if (sc->ext_2ghz_lna) 2390 sc->rssi_2ghz_corr -= 14; 2391 if (sc->ext_5ghz_lna) 2392 sc->rssi_5ghz_corr -= 14; 2393 2394 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2395 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2396 2397 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2398 if ((val >> 8) != 0xff) 2399 sc->rfprog = (val >> 8) & 0x3; 2400 if ((val & 0xff) != 0xff) 2401 sc->rffreq = val & 0xff; 2402 2403 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2404 2405 /* read Tx power for all a/b/g channels */ 2406 for (i = 0; i < 19; i++) { 2407 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2408 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2409 DPRINTF(("Channel=%d Tx power=%d\n", 2410 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2411 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2412 DPRINTF(("Channel=%d Tx power=%d\n", 2413 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2414 } 2415 2416 /* read vendor-specific BBP values */ 2417 for (i = 0; i < 16; i++) { 2418 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2419 if (val == 0 || val == 0xffff) 2420 continue; /* skip invalid entries */ 2421 sc->bbp_prom[i].reg = val >> 8; 2422 sc->bbp_prom[i].val = val & 0xff; 2423 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2424 sc->bbp_prom[i].val)); 2425 } 2426 } 2427 2428 static int 2429 rt2661_bbp_init(struct rt2661_softc *sc) 2430 { 2431 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2432 int i, ntries; 2433 uint8_t val; 2434 2435 /* wait for BBP to be ready */ 2436 for (ntries = 0; ntries < 100; ntries++) { 2437 val = rt2661_bbp_read(sc, 0); 2438 if (val != 0 && val != 0xff) 2439 break; 2440 DELAY(100); 2441 } 2442 if (ntries == 100) { 2443 device_printf(sc->sc_dev, "timeout waiting for BBP\n"); 2444 return EIO; 2445 } 2446 2447 /* initialize BBP registers to default values */ 2448 for (i = 0; i < N(rt2661_def_bbp); i++) { 2449 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2450 rt2661_def_bbp[i].val); 2451 } 2452 2453 /* write vendor-specific BBP values (from EEPROM) */ 2454 for (i = 0; i < 16; i++) { 2455 if (sc->bbp_prom[i].reg == 0) 2456 continue; 2457 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2458 } 2459 2460 return 0; 2461 #undef N 2462 } 2463 2464 static void 2465 rt2661_init(void *priv) 2466 { 2467 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2468 struct rt2661_softc *sc = priv; 2469 struct ieee80211com *ic = &sc->sc_ic; 2470 struct ifnet *ifp = ic->ic_ifp; 2471 uint32_t tmp, sta[3]; 2472 int i, ntries; 2473 2474 RAL_LOCK(sc); 2475 2476 rt2661_stop_locked(sc); 2477 2478 /* initialize Tx rings */ 2479 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2480 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2481 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2482 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2483 2484 /* initialize Mgt ring */ 2485 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2486 2487 /* initialize Rx ring */ 2488 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2489 2490 /* initialize Tx rings sizes */ 2491 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2492 RT2661_TX_RING_COUNT << 24 | 2493 RT2661_TX_RING_COUNT << 16 | 2494 RT2661_TX_RING_COUNT << 8 | 2495 RT2661_TX_RING_COUNT); 2496 2497 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2498 RT2661_TX_DESC_WSIZE << 16 | 2499 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2500 RT2661_MGT_RING_COUNT); 2501 2502 /* initialize Rx rings */ 2503 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2504 RT2661_RX_DESC_BACK << 16 | 2505 RT2661_RX_DESC_WSIZE << 8 | 2506 RT2661_RX_RING_COUNT); 2507 2508 /* XXX: some magic here */ 2509 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2510 2511 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2512 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2513 2514 /* load base address of Rx ring */ 2515 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2516 2517 /* initialize MAC registers to default values */ 2518 for (i = 0; i < N(rt2661_def_mac); i++) 2519 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2520 2521 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2522 rt2661_set_macaddr(sc, ic->ic_myaddr); 2523 2524 /* set host ready */ 2525 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2526 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2527 2528 /* wait for BBP/RF to wakeup */ 2529 for (ntries = 0; ntries < 1000; ntries++) { 2530 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2531 break; 2532 DELAY(1000); 2533 } 2534 if (ntries == 1000) { 2535 printf("timeout waiting for BBP/RF to wakeup\n"); 2536 rt2661_stop_locked(sc); 2537 RAL_UNLOCK(sc); 2538 return; 2539 } 2540 2541 if (rt2661_bbp_init(sc) != 0) { 2542 rt2661_stop_locked(sc); 2543 RAL_UNLOCK(sc); 2544 return; 2545 } 2546 2547 /* select default channel */ 2548 sc->sc_curchan = ic->ic_curchan; 2549 rt2661_select_band(sc, sc->sc_curchan); 2550 rt2661_select_antenna(sc); 2551 rt2661_set_chan(sc, sc->sc_curchan); 2552 2553 /* update Rx filter */ 2554 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2555 2556 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2557 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2558 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2559 RT2661_DROP_ACKCTS; 2560 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2561 tmp |= RT2661_DROP_TODS; 2562 if (!(ifp->if_flags & IFF_PROMISC)) 2563 tmp |= RT2661_DROP_NOT_TO_ME; 2564 } 2565 2566 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2567 2568 /* clear STA registers */ 2569 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta)); 2570 2571 /* initialize ASIC */ 2572 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2573 2574 /* clear any pending interrupt */ 2575 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2576 2577 /* enable interrupts */ 2578 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2579 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2580 2581 /* kick Rx */ 2582 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2583 RAL_UNLOCK(sc); 2584 2585 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2586 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2587 2588 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2589 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2590 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2591 } else 2592 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2593 2594 2595 #undef N 2596 } 2597 2598 void 2599 rt2661_stop(void *priv) 2600 { 2601 struct rt2661_softc *sc = priv; 2602 2603 RAL_LOCK(sc); 2604 rt2661_stop_locked(sc); 2605 RAL_UNLOCK(sc); 2606 } 2607 2608 void 2609 rt2661_stop_locked(struct rt2661_softc *sc) 2610 { 2611 struct ieee80211com *ic = &sc->sc_ic; 2612 struct ifnet *ifp = ic->ic_ifp; 2613 uint32_t tmp; 2614 volatile int *flags = &sc->sc_flags; 2615 2616 while (*flags & RAL_INPUT_RUNNING) { 2617 msleep(sc, &sc->sc_mtx, 0, "ralrunning", hz/10); 2618 } 2619 2620 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 2621 sc->sc_tx_timer = 0; 2622 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 2623 2624 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2625 2626 /* abort Tx (for all 5 Tx rings) */ 2627 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2628 2629 /* disable Rx (value remains after reset!) */ 2630 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2631 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2632 2633 /* reset ASIC */ 2634 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2635 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2636 2637 /* disable interrupts */ 2638 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffffff); 2639 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2640 2641 /* clear any pending interrupt */ 2642 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2643 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2644 2645 /* reset Tx and Rx rings */ 2646 rt2661_reset_tx_ring(sc, &sc->txq[0]); 2647 rt2661_reset_tx_ring(sc, &sc->txq[1]); 2648 rt2661_reset_tx_ring(sc, &sc->txq[2]); 2649 rt2661_reset_tx_ring(sc, &sc->txq[3]); 2650 rt2661_reset_tx_ring(sc, &sc->mgtq); 2651 rt2661_reset_rx_ring(sc, &sc->rxq); 2652 } 2653 } 2654 2655 static int 2656 rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size) 2657 { 2658 int ntries; 2659 2660 /* reset 8051 */ 2661 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2662 2663 /* cancel any pending Host to MCU command */ 2664 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2665 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2666 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2667 2668 /* write 8051's microcode */ 2669 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2670 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size); 2671 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2672 2673 /* kick 8051's ass */ 2674 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2675 2676 /* wait for 8051 to initialize */ 2677 for (ntries = 0; ntries < 500; ntries++) { 2678 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2679 break; 2680 DELAY(100); 2681 } 2682 if (ntries == 500) { 2683 printf("timeout waiting for MCU to initialize\n"); 2684 return EIO; 2685 } 2686 return 0; 2687 } 2688 2689 #ifdef notyet 2690 /* 2691 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2692 * false CCA count. This function is called periodically (every seconds) when 2693 * in the RUN state. Values taken from the reference driver. 2694 */ 2695 static void 2696 rt2661_rx_tune(struct rt2661_softc *sc) 2697 { 2698 uint8_t bbp17; 2699 uint16_t cca; 2700 int lo, hi, dbm; 2701 2702 /* 2703 * Tuning range depends on operating band and on the presence of an 2704 * external low-noise amplifier. 2705 */ 2706 lo = 0x20; 2707 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2708 lo += 0x08; 2709 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2710 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2711 lo += 0x10; 2712 hi = lo + 0x20; 2713 2714 /* retrieve false CCA count since last call (clear on read) */ 2715 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2716 2717 if (dbm >= -35) { 2718 bbp17 = 0x60; 2719 } else if (dbm >= -58) { 2720 bbp17 = hi; 2721 } else if (dbm >= -66) { 2722 bbp17 = lo + 0x10; 2723 } else if (dbm >= -74) { 2724 bbp17 = lo + 0x08; 2725 } else { 2726 /* RSSI < -74dBm, tune using false CCA count */ 2727 2728 bbp17 = sc->bbp17; /* current value */ 2729 2730 hi -= 2 * (-74 - dbm); 2731 if (hi < lo) 2732 hi = lo; 2733 2734 if (bbp17 > hi) { 2735 bbp17 = hi; 2736 2737 } else if (cca > 512) { 2738 if (++bbp17 > hi) 2739 bbp17 = hi; 2740 } else if (cca < 100) { 2741 if (--bbp17 < lo) 2742 bbp17 = lo; 2743 } 2744 } 2745 2746 if (bbp17 != sc->bbp17) { 2747 rt2661_bbp_write(sc, 17, bbp17); 2748 sc->bbp17 = bbp17; 2749 } 2750 } 2751 2752 /* 2753 * Enter/Leave radar detection mode. 2754 * This is for 802.11h additional regulatory domains. 2755 */ 2756 static void 2757 rt2661_radar_start(struct rt2661_softc *sc) 2758 { 2759 uint32_t tmp; 2760 2761 /* disable Rx */ 2762 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2763 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2764 2765 rt2661_bbp_write(sc, 82, 0x20); 2766 rt2661_bbp_write(sc, 83, 0x00); 2767 rt2661_bbp_write(sc, 84, 0x40); 2768 2769 /* save current BBP registers values */ 2770 sc->bbp18 = rt2661_bbp_read(sc, 18); 2771 sc->bbp21 = rt2661_bbp_read(sc, 21); 2772 sc->bbp22 = rt2661_bbp_read(sc, 22); 2773 sc->bbp16 = rt2661_bbp_read(sc, 16); 2774 sc->bbp17 = rt2661_bbp_read(sc, 17); 2775 sc->bbp64 = rt2661_bbp_read(sc, 64); 2776 2777 rt2661_bbp_write(sc, 18, 0xff); 2778 rt2661_bbp_write(sc, 21, 0x3f); 2779 rt2661_bbp_write(sc, 22, 0x3f); 2780 rt2661_bbp_write(sc, 16, 0xbd); 2781 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2782 rt2661_bbp_write(sc, 64, 0x21); 2783 2784 /* restore Rx filter */ 2785 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2786 } 2787 2788 static int 2789 rt2661_radar_stop(struct rt2661_softc *sc) 2790 { 2791 uint8_t bbp66; 2792 2793 /* read radar detection result */ 2794 bbp66 = rt2661_bbp_read(sc, 66); 2795 2796 /* restore BBP registers values */ 2797 rt2661_bbp_write(sc, 16, sc->bbp16); 2798 rt2661_bbp_write(sc, 17, sc->bbp17); 2799 rt2661_bbp_write(sc, 18, sc->bbp18); 2800 rt2661_bbp_write(sc, 21, sc->bbp21); 2801 rt2661_bbp_write(sc, 22, sc->bbp22); 2802 rt2661_bbp_write(sc, 64, sc->bbp64); 2803 2804 return bbp66 == 1; 2805 } 2806 #endif 2807 2808 static int 2809 rt2661_prepare_beacon(struct rt2661_softc *sc) 2810 { 2811 struct ieee80211com *ic = &sc->sc_ic; 2812 struct ieee80211_beacon_offsets bo; 2813 struct rt2661_tx_desc desc; 2814 struct mbuf *m0; 2815 int rate; 2816 2817 m0 = ieee80211_beacon_alloc(ic->ic_bss, &bo); 2818 if (m0 == NULL) { 2819 device_printf(sc->sc_dev, "could not allocate beacon frame\n"); 2820 return ENOBUFS; 2821 } 2822 2823 /* send beacons at the lowest available rate */ 2824 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2; 2825 2826 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2827 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT); 2828 2829 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2830 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2831 2832 /* copy beacon header and payload into NIC memory */ 2833 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2834 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2835 2836 m_freem(m0); 2837 2838 return 0; 2839 } 2840 2841 /* 2842 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 2843 * and HostAP operating modes. 2844 */ 2845 static void 2846 rt2661_enable_tsf_sync(struct rt2661_softc *sc) 2847 { 2848 struct ieee80211com *ic = &sc->sc_ic; 2849 uint32_t tmp; 2850 2851 if (ic->ic_opmode != IEEE80211_M_STA) { 2852 /* 2853 * Change default 16ms TBTT adjustment to 8ms. 2854 * Must be done before enabling beacon generation. 2855 */ 2856 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 2857 } 2858 2859 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 2860 2861 /* set beacon interval (in 1/16ms unit) */ 2862 tmp |= ic->ic_bss->ni_intval * 16; 2863 2864 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 2865 if (ic->ic_opmode == IEEE80211_M_STA) 2866 tmp |= RT2661_TSF_MODE(1); 2867 else 2868 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 2869 2870 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 2871 } 2872 2873 /* 2874 * Retrieve the "Received Signal Strength Indicator" from the raw values 2875 * contained in Rx descriptors. The computation depends on which band the 2876 * frame was received. Correction values taken from the reference driver. 2877 */ 2878 static int 2879 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 2880 { 2881 int lna, agc, rssi; 2882 2883 lna = (raw >> 5) & 0x3; 2884 agc = raw & 0x1f; 2885 2886 if (lna == 0) { 2887 /* 2888 * No mapping available. 2889 * 2890 * NB: Since RSSI is relative to noise floor, -1 is 2891 * adequate for caller to know error happened. 2892 */ 2893 return -1; 2894 } 2895 2896 rssi = (2 * agc) - RT2661_NOISE_FLOOR; 2897 2898 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 2899 rssi += sc->rssi_2ghz_corr; 2900 2901 if (lna == 1) 2902 rssi -= 64; 2903 else if (lna == 2) 2904 rssi -= 74; 2905 else if (lna == 3) 2906 rssi -= 90; 2907 } else { 2908 rssi += sc->rssi_5ghz_corr; 2909 2910 if (lna == 1) 2911 rssi -= 64; 2912 else if (lna == 2) 2913 rssi -= 86; 2914 else if (lna == 3) 2915 rssi -= 100; 2916 } 2917 return rssi; 2918 } 2919 2920 static void 2921 rt2661_scan_start(struct ieee80211com *ic) 2922 { 2923 struct ifnet *ifp = ic->ic_ifp; 2924 struct rt2661_softc *sc = ifp->if_softc; 2925 uint32_t tmp; 2926 2927 /* abort TSF synchronization */ 2928 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 2929 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0xffffff); 2930 rt2661_set_bssid(sc, ifp->if_broadcastaddr); 2931 } 2932 2933 static void 2934 rt2661_scan_end(struct ieee80211com *ic) 2935 { 2936 struct ifnet *ifp = ic->ic_ifp; 2937 struct rt2661_softc *sc = ifp->if_softc; 2938 2939 rt2661_enable_tsf_sync(sc); 2940 /* XXX keep local copy */ 2941 rt2661_set_bssid(sc, ic->ic_bss->ni_bssid); 2942 } 2943 2944 static void 2945 rt2661_set_channel(struct ieee80211com *ic) 2946 { 2947 struct ifnet *ifp = ic->ic_ifp; 2948 struct rt2661_softc *sc = ifp->if_softc; 2949 2950 RAL_LOCK(sc); 2951 rt2661_set_chan(sc, ic->ic_curchan); 2952 RAL_UNLOCK(sc); 2953 2954 } 2955