1 /* $FreeBSD$ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __FBSDID("$FreeBSD$"); 22 23 /*- 24 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 25 * http://www.ralinktech.com/ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/sysctl.h> 30 #include <sys/sockio.h> 31 #include <sys/mbuf.h> 32 #include <sys/kernel.h> 33 #include <sys/socket.h> 34 #include <sys/systm.h> 35 #include <sys/malloc.h> 36 #include <sys/lock.h> 37 #include <sys/mutex.h> 38 #include <sys/module.h> 39 #include <sys/bus.h> 40 #include <sys/endian.h> 41 42 #include <machine/bus.h> 43 #include <machine/resource.h> 44 #include <sys/rman.h> 45 46 #include <net/bpf.h> 47 #include <net/if.h> 48 #include <net/if_arp.h> 49 #include <net/ethernet.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 54 #include <net80211/ieee80211_var.h> 55 #include <net80211/ieee80211_radiotap.h> 56 #include <net80211/ieee80211_regdomain.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/ip.h> 62 #include <netinet/if_ether.h> 63 64 #include <dev/ral/if_ralrate.h> 65 #include <dev/ral/rt2661reg.h> 66 #include <dev/ral/rt2661var.h> 67 #include <dev/ral/rt2661_ucode.h> 68 69 #ifdef RAL_DEBUG 70 #define DPRINTF(x) do { if (ral_debug > 0) printf x; } while (0) 71 #define DPRINTFN(n, x) do { if (ral_debug >= (n)) printf x; } while (0) 72 int ral_debug = 0; 73 SYSCTL_INT(_debug, OID_AUTO, ral, CTLFLAG_RW, &ral_debug, 0, "ral debug level"); 74 #else 75 #define DPRINTF(x) 76 #define DPRINTFN(n, x) 77 #endif 78 79 static void rt2661_dma_map_addr(void *, bus_dma_segment_t *, int, 80 int); 81 static int rt2661_alloc_tx_ring(struct rt2661_softc *, 82 struct rt2661_tx_ring *, int); 83 static void rt2661_reset_tx_ring(struct rt2661_softc *, 84 struct rt2661_tx_ring *); 85 static void rt2661_free_tx_ring(struct rt2661_softc *, 86 struct rt2661_tx_ring *); 87 static int rt2661_alloc_rx_ring(struct rt2661_softc *, 88 struct rt2661_rx_ring *, int); 89 static void rt2661_reset_rx_ring(struct rt2661_softc *, 90 struct rt2661_rx_ring *); 91 static void rt2661_free_rx_ring(struct rt2661_softc *, 92 struct rt2661_rx_ring *); 93 static struct ieee80211_node *rt2661_node_alloc( 94 struct ieee80211_node_table *); 95 static int rt2661_media_change(struct ifnet *); 96 static int rt2661_newstate(struct ieee80211com *, 97 enum ieee80211_state, int); 98 static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 99 static void rt2661_rx_intr(struct rt2661_softc *); 100 static void rt2661_tx_intr(struct rt2661_softc *); 101 static void rt2661_tx_dma_intr(struct rt2661_softc *, 102 struct rt2661_tx_ring *); 103 static void rt2661_mcu_beacon_expire(struct rt2661_softc *); 104 static void rt2661_mcu_wakeup(struct rt2661_softc *); 105 static void rt2661_mcu_cmd_intr(struct rt2661_softc *); 106 static int rt2661_ack_rate(struct ieee80211com *, int); 107 static void rt2661_scan_start(struct ieee80211com *); 108 static void rt2661_scan_end(struct ieee80211com *); 109 static void rt2661_set_channel(struct ieee80211com *); 110 static uint16_t rt2661_txtime(int, int, uint32_t); 111 static uint8_t rt2661_rxrate(struct rt2661_rx_desc *); 112 static uint8_t rt2661_plcp_signal(int); 113 static void rt2661_setup_tx_desc(struct rt2661_softc *, 114 struct rt2661_tx_desc *, uint32_t, uint16_t, int, 115 int, const bus_dma_segment_t *, int, int); 116 static struct mbuf * rt2661_get_rts(struct rt2661_softc *, 117 struct ieee80211_frame *, uint16_t); 118 static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 119 struct ieee80211_node *, int); 120 static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 121 struct ieee80211_node *); 122 static void rt2661_start(struct ifnet *); 123 static void rt2661_watchdog(void *); 124 static int rt2661_reset(struct ifnet *); 125 static int rt2661_ioctl(struct ifnet *, u_long, caddr_t); 126 static void rt2661_bbp_write(struct rt2661_softc *, uint8_t, 127 uint8_t); 128 static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 129 static void rt2661_rf_write(struct rt2661_softc *, uint8_t, 130 uint32_t); 131 static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, 132 uint16_t); 133 static void rt2661_select_antenna(struct rt2661_softc *); 134 static void rt2661_enable_mrr(struct rt2661_softc *); 135 static void rt2661_set_txpreamble(struct rt2661_softc *); 136 static void rt2661_set_basicrates(struct rt2661_softc *, 137 const struct ieee80211_rateset *); 138 static void rt2661_select_band(struct rt2661_softc *, 139 struct ieee80211_channel *); 140 static void rt2661_set_chan(struct rt2661_softc *, 141 struct ieee80211_channel *); 142 static void rt2661_set_bssid(struct rt2661_softc *, 143 const uint8_t *); 144 static void rt2661_set_macaddr(struct rt2661_softc *, 145 const uint8_t *); 146 static void rt2661_update_promisc(struct rt2661_softc *); 147 static int rt2661_wme_update(struct ieee80211com *) __unused; 148 static void rt2661_update_slot(struct ifnet *); 149 static const char *rt2661_get_rf(int); 150 static void rt2661_read_eeprom(struct rt2661_softc *); 151 static int rt2661_bbp_init(struct rt2661_softc *); 152 static void rt2661_init(void *); 153 static void rt2661_stop(void *); 154 static void rt2661_stop_locked(struct rt2661_softc *); 155 static int rt2661_load_microcode(struct rt2661_softc *, 156 const uint8_t *, int); 157 #ifdef notyet 158 static void rt2661_rx_tune(struct rt2661_softc *); 159 static void rt2661_radar_start(struct rt2661_softc *); 160 static int rt2661_radar_stop(struct rt2661_softc *); 161 #endif 162 static int rt2661_prepare_beacon(struct rt2661_softc *); 163 static void rt2661_enable_tsf_sync(struct rt2661_softc *); 164 static int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 165 166 static const struct { 167 uint32_t reg; 168 uint32_t val; 169 } rt2661_def_mac[] = { 170 RT2661_DEF_MAC 171 }; 172 173 static const struct { 174 uint8_t reg; 175 uint8_t val; 176 } rt2661_def_bbp[] = { 177 RT2661_DEF_BBP 178 }; 179 180 static const struct rfprog { 181 uint8_t chan; 182 uint32_t r1, r2, r3, r4; 183 } rt2661_rf5225_1[] = { 184 RT2661_RF5225_1 185 }, rt2661_rf5225_2[] = { 186 RT2661_RF5225_2 187 }; 188 189 int 190 rt2661_attach(device_t dev, int id) 191 { 192 struct rt2661_softc *sc = device_get_softc(dev); 193 struct ieee80211com *ic = &sc->sc_ic; 194 struct ifnet *ifp; 195 uint32_t val; 196 const uint8_t *ucode = NULL; 197 int bands, error, ac, ntries, size = 0; 198 199 sc->sc_dev = dev; 200 201 mtx_init(&sc->sc_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK, 202 MTX_DEF | MTX_RECURSE); 203 204 callout_init_mtx(&sc->watchdog_ch, &sc->sc_mtx, 0); 205 callout_init(&sc->rssadapt_ch, CALLOUT_MPSAFE); 206 207 /* wait for NIC to initialize */ 208 for (ntries = 0; ntries < 1000; ntries++) { 209 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 210 break; 211 DELAY(1000); 212 } 213 if (ntries == 1000) { 214 device_printf(sc->sc_dev, 215 "timeout waiting for NIC to initialize\n"); 216 error = EIO; 217 goto fail1; 218 } 219 220 /* retrieve RF rev. no and various other things from EEPROM */ 221 rt2661_read_eeprom(sc); 222 223 device_printf(dev, "MAC/BBP RT%X, RF %s\n", val, 224 rt2661_get_rf(sc->rf_rev)); 225 226 /* 227 * Load 8051 microcode into NIC. 228 */ 229 switch (id) { 230 case 0x0301: 231 ucode = rt2561s_ucode; 232 size = sizeof rt2561s_ucode; 233 break; 234 case 0x0302: 235 ucode = rt2561_ucode; 236 size = sizeof rt2561_ucode; 237 break; 238 case 0x0401: 239 ucode = rt2661_ucode; 240 size = sizeof rt2661_ucode; 241 break; 242 } 243 244 error = rt2661_load_microcode(sc, ucode, size); 245 if (error != 0) { 246 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 247 goto fail1; 248 } 249 250 /* 251 * Allocate Tx and Rx rings. 252 */ 253 for (ac = 0; ac < 4; ac++) { 254 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac], 255 RT2661_TX_RING_COUNT); 256 if (error != 0) { 257 device_printf(sc->sc_dev, 258 "could not allocate Tx ring %d\n", ac); 259 goto fail2; 260 } 261 } 262 263 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 264 if (error != 0) { 265 device_printf(sc->sc_dev, "could not allocate Mgt ring\n"); 266 goto fail2; 267 } 268 269 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 270 if (error != 0) { 271 device_printf(sc->sc_dev, "could not allocate Rx ring\n"); 272 goto fail3; 273 } 274 275 ifp = sc->sc_ifp = if_alloc(IFT_ETHER); 276 if (ifp == NULL) { 277 device_printf(sc->sc_dev, "can not if_alloc()\n"); 278 error = ENOMEM; 279 goto fail4; 280 } 281 282 ifp->if_softc = sc; 283 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 284 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 285 ifp->if_init = rt2661_init; 286 ifp->if_ioctl = rt2661_ioctl; 287 ifp->if_start = rt2661_start; 288 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 289 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN; 290 IFQ_SET_READY(&ifp->if_snd); 291 292 ic->ic_ifp = ifp; 293 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 294 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 295 ic->ic_state = IEEE80211_S_INIT; 296 297 /* set device capabilities */ 298 ic->ic_caps = 299 IEEE80211_C_IBSS | /* IBSS mode supported */ 300 IEEE80211_C_MONITOR | /* monitor mode supported */ 301 IEEE80211_C_HOSTAP | /* HostAp mode supported */ 302 IEEE80211_C_TXPMGT | /* tx power management */ 303 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 304 IEEE80211_C_SHSLOT | /* short slot time supported */ 305 #ifdef notyet 306 IEEE80211_C_WME | /* 802.11e */ 307 #endif 308 IEEE80211_C_BGSCAN | /* bg scanning support */ 309 IEEE80211_C_WPA; /* 802.11i */ 310 311 bands = 0; 312 setbit(&bands, IEEE80211_MODE_11B); 313 setbit(&bands, IEEE80211_MODE_11G); 314 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) 315 setbit(&bands, IEEE80211_MODE_11A); 316 ieee80211_init_channels(ic, 0, CTRY_DEFAULT, bands, 0, 1); 317 318 ieee80211_ifattach(ic); 319 ic->ic_node_alloc = rt2661_node_alloc; 320 /* ic->ic_wme.wme_update = rt2661_wme_update;*/ 321 ic->ic_scan_start = rt2661_scan_start; 322 ic->ic_scan_end = rt2661_scan_end; 323 ic->ic_set_channel = rt2661_set_channel; 324 ic->ic_updateslot = rt2661_update_slot; 325 ic->ic_reset = rt2661_reset; 326 /* enable s/w bmiss handling in sta mode */ 327 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 328 329 /* override state transition machine */ 330 sc->sc_newstate = ic->ic_newstate; 331 ic->ic_newstate = rt2661_newstate; 332 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status); 333 334 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 335 sizeof (struct ieee80211_frame) + sizeof (sc->sc_txtap), 336 &sc->sc_drvbpf); 337 338 sc->sc_rxtap_len = sizeof sc->sc_rxtap; 339 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 340 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 341 342 sc->sc_txtap_len = sizeof sc->sc_txtap; 343 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 344 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 345 346 347 /* 348 * Add a few sysctl knobs. 349 */ 350 sc->dwelltime = 200; 351 352 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev), 353 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO, "dwell", 354 CTLFLAG_RW, &sc->dwelltime, 0, 355 "channel dwell time (ms) for AP/station scanning"); 356 357 if (bootverbose) 358 ieee80211_announce(ic); 359 360 return 0; 361 362 fail4: rt2661_free_rx_ring(sc, &sc->rxq); 363 fail3: rt2661_free_tx_ring(sc, &sc->mgtq); 364 fail2: while (--ac >= 0) 365 rt2661_free_tx_ring(sc, &sc->txq[ac]); 366 fail1: mtx_destroy(&sc->sc_mtx); 367 return error; 368 } 369 370 int 371 rt2661_detach(void *xsc) 372 { 373 struct rt2661_softc *sc = xsc; 374 struct ieee80211com *ic = &sc->sc_ic; 375 struct ifnet *ifp = ic->ic_ifp; 376 377 rt2661_stop(sc); 378 callout_stop(&sc->watchdog_ch); 379 callout_stop(&sc->rssadapt_ch); 380 381 bpfdetach(ifp); 382 ieee80211_ifdetach(ic); 383 384 rt2661_free_tx_ring(sc, &sc->txq[0]); 385 rt2661_free_tx_ring(sc, &sc->txq[1]); 386 rt2661_free_tx_ring(sc, &sc->txq[2]); 387 rt2661_free_tx_ring(sc, &sc->txq[3]); 388 rt2661_free_tx_ring(sc, &sc->mgtq); 389 rt2661_free_rx_ring(sc, &sc->rxq); 390 391 if_free(ifp); 392 393 mtx_destroy(&sc->sc_mtx); 394 395 return 0; 396 } 397 398 void 399 rt2661_shutdown(void *xsc) 400 { 401 struct rt2661_softc *sc = xsc; 402 403 rt2661_stop(sc); 404 } 405 406 void 407 rt2661_suspend(void *xsc) 408 { 409 struct rt2661_softc *sc = xsc; 410 411 rt2661_stop(sc); 412 } 413 414 void 415 rt2661_resume(void *xsc) 416 { 417 struct rt2661_softc *sc = xsc; 418 struct ifnet *ifp = sc->sc_ic.ic_ifp; 419 420 if (ifp->if_flags & IFF_UP) { 421 ifp->if_init(ifp->if_softc); 422 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 423 ifp->if_start(ifp); 424 } 425 } 426 427 static void 428 rt2661_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 429 { 430 if (error != 0) 431 return; 432 433 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 434 435 *(bus_addr_t *)arg = segs[0].ds_addr; 436 } 437 438 static int 439 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 440 int count) 441 { 442 int i, error; 443 444 ring->count = count; 445 ring->queued = 0; 446 ring->cur = ring->next = ring->stat = 0; 447 448 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 449 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 450 count * RT2661_TX_DESC_SIZE, 1, count * RT2661_TX_DESC_SIZE, 451 0, NULL, NULL, &ring->desc_dmat); 452 if (error != 0) { 453 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 454 goto fail; 455 } 456 457 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 458 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 459 if (error != 0) { 460 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 461 goto fail; 462 } 463 464 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 465 count * RT2661_TX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 466 0); 467 if (error != 0) { 468 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 469 goto fail; 470 } 471 472 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF, 473 M_NOWAIT | M_ZERO); 474 if (ring->data == NULL) { 475 device_printf(sc->sc_dev, "could not allocate soft data\n"); 476 error = ENOMEM; 477 goto fail; 478 } 479 480 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 481 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 482 RT2661_MAX_SCATTER, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 483 if (error != 0) { 484 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 485 goto fail; 486 } 487 488 for (i = 0; i < count; i++) { 489 error = bus_dmamap_create(ring->data_dmat, 0, 490 &ring->data[i].map); 491 if (error != 0) { 492 device_printf(sc->sc_dev, "could not create DMA map\n"); 493 goto fail; 494 } 495 } 496 497 return 0; 498 499 fail: rt2661_free_tx_ring(sc, ring); 500 return error; 501 } 502 503 static void 504 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 505 { 506 struct rt2661_tx_desc *desc; 507 struct rt2661_tx_data *data; 508 int i; 509 510 for (i = 0; i < ring->count; i++) { 511 desc = &ring->desc[i]; 512 data = &ring->data[i]; 513 514 if (data->m != NULL) { 515 bus_dmamap_sync(ring->data_dmat, data->map, 516 BUS_DMASYNC_POSTWRITE); 517 bus_dmamap_unload(ring->data_dmat, data->map); 518 m_freem(data->m); 519 data->m = NULL; 520 } 521 522 if (data->ni != NULL) { 523 ieee80211_free_node(data->ni); 524 data->ni = NULL; 525 } 526 527 desc->flags = 0; 528 } 529 530 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 531 532 ring->queued = 0; 533 ring->cur = ring->next = ring->stat = 0; 534 } 535 536 static void 537 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 538 { 539 struct rt2661_tx_data *data; 540 int i; 541 542 if (ring->desc != NULL) { 543 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 544 BUS_DMASYNC_POSTWRITE); 545 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 546 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 547 } 548 549 if (ring->desc_dmat != NULL) 550 bus_dma_tag_destroy(ring->desc_dmat); 551 552 if (ring->data != NULL) { 553 for (i = 0; i < ring->count; i++) { 554 data = &ring->data[i]; 555 556 if (data->m != NULL) { 557 bus_dmamap_sync(ring->data_dmat, data->map, 558 BUS_DMASYNC_POSTWRITE); 559 bus_dmamap_unload(ring->data_dmat, data->map); 560 m_freem(data->m); 561 } 562 563 if (data->ni != NULL) 564 ieee80211_free_node(data->ni); 565 566 if (data->map != NULL) 567 bus_dmamap_destroy(ring->data_dmat, data->map); 568 } 569 570 free(ring->data, M_DEVBUF); 571 } 572 573 if (ring->data_dmat != NULL) 574 bus_dma_tag_destroy(ring->data_dmat); 575 } 576 577 static int 578 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 579 int count) 580 { 581 struct rt2661_rx_desc *desc; 582 struct rt2661_rx_data *data; 583 bus_addr_t physaddr; 584 int i, error; 585 586 ring->count = count; 587 ring->cur = ring->next = 0; 588 589 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 590 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 591 count * RT2661_RX_DESC_SIZE, 1, count * RT2661_RX_DESC_SIZE, 592 0, NULL, NULL, &ring->desc_dmat); 593 if (error != 0) { 594 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 595 goto fail; 596 } 597 598 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 599 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 600 if (error != 0) { 601 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 602 goto fail; 603 } 604 605 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 606 count * RT2661_RX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 607 0); 608 if (error != 0) { 609 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 610 goto fail; 611 } 612 613 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF, 614 M_NOWAIT | M_ZERO); 615 if (ring->data == NULL) { 616 device_printf(sc->sc_dev, "could not allocate soft data\n"); 617 error = ENOMEM; 618 goto fail; 619 } 620 621 /* 622 * Pre-allocate Rx buffers and populate Rx ring. 623 */ 624 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 625 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 626 1, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 627 if (error != 0) { 628 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 629 goto fail; 630 } 631 632 for (i = 0; i < count; i++) { 633 desc = &sc->rxq.desc[i]; 634 data = &sc->rxq.data[i]; 635 636 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 637 if (error != 0) { 638 device_printf(sc->sc_dev, "could not create DMA map\n"); 639 goto fail; 640 } 641 642 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 643 if (data->m == NULL) { 644 device_printf(sc->sc_dev, 645 "could not allocate rx mbuf\n"); 646 error = ENOMEM; 647 goto fail; 648 } 649 650 error = bus_dmamap_load(ring->data_dmat, data->map, 651 mtod(data->m, void *), MCLBYTES, rt2661_dma_map_addr, 652 &physaddr, 0); 653 if (error != 0) { 654 device_printf(sc->sc_dev, 655 "could not load rx buf DMA map"); 656 goto fail; 657 } 658 659 desc->flags = htole32(RT2661_RX_BUSY); 660 desc->physaddr = htole32(physaddr); 661 } 662 663 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 664 665 return 0; 666 667 fail: rt2661_free_rx_ring(sc, ring); 668 return error; 669 } 670 671 static void 672 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 673 { 674 int i; 675 676 for (i = 0; i < ring->count; i++) 677 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 678 679 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 680 681 ring->cur = ring->next = 0; 682 } 683 684 static void 685 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 686 { 687 struct rt2661_rx_data *data; 688 int i; 689 690 if (ring->desc != NULL) { 691 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 692 BUS_DMASYNC_POSTWRITE); 693 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 694 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 695 } 696 697 if (ring->desc_dmat != NULL) 698 bus_dma_tag_destroy(ring->desc_dmat); 699 700 if (ring->data != NULL) { 701 for (i = 0; i < ring->count; i++) { 702 data = &ring->data[i]; 703 704 if (data->m != NULL) { 705 bus_dmamap_sync(ring->data_dmat, data->map, 706 BUS_DMASYNC_POSTREAD); 707 bus_dmamap_unload(ring->data_dmat, data->map); 708 m_freem(data->m); 709 } 710 711 if (data->map != NULL) 712 bus_dmamap_destroy(ring->data_dmat, data->map); 713 } 714 715 free(ring->data, M_DEVBUF); 716 } 717 718 if (ring->data_dmat != NULL) 719 bus_dma_tag_destroy(ring->data_dmat); 720 } 721 722 static struct ieee80211_node * 723 rt2661_node_alloc(struct ieee80211_node_table *nt) 724 { 725 struct rt2661_node *rn; 726 727 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE, 728 M_NOWAIT | M_ZERO); 729 730 return (rn != NULL) ? &rn->ni : NULL; 731 } 732 733 static int 734 rt2661_media_change(struct ifnet *ifp) 735 { 736 struct rt2661_softc *sc = ifp->if_softc; 737 int error; 738 739 error = ieee80211_media_change(ifp); 740 if (error != ENETRESET) 741 return error; 742 743 if ((ifp->if_flags & IFF_UP) && (ifp->if_drv_flags & IFF_DRV_RUNNING)) 744 rt2661_init(sc); 745 746 return 0; 747 } 748 749 /* 750 * This function is called for each node present in the node station table. 751 */ 752 static void 753 rt2661_iter_func(void *arg, struct ieee80211_node *ni) 754 { 755 struct rt2661_node *rn = (struct rt2661_node *)ni; 756 757 ral_rssadapt_updatestats(&rn->rssadapt); 758 } 759 760 /* 761 * This function is called periodically (every 100ms) in RUN state to update 762 * the rate adaptation statistics. 763 */ 764 static void 765 rt2661_update_rssadapt(void *arg) 766 { 767 struct rt2661_softc *sc = arg; 768 struct ieee80211com *ic = &sc->sc_ic; 769 770 RAL_LOCK(sc); 771 772 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg); 773 callout_reset(&sc->rssadapt_ch, hz / 10, rt2661_update_rssadapt, sc); 774 775 RAL_UNLOCK(sc); 776 } 777 778 static int 779 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 780 { 781 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 782 enum ieee80211_state ostate; 783 struct ieee80211_node *ni; 784 uint32_t tmp; 785 int error = 0; 786 787 ostate = ic->ic_state; 788 789 switch (nstate) { 790 case IEEE80211_S_INIT: 791 callout_stop(&sc->rssadapt_ch); 792 793 if (ostate == IEEE80211_S_RUN) { 794 /* abort TSF synchronization */ 795 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 796 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 797 } 798 break; 799 case IEEE80211_S_RUN: 800 ni = ic->ic_bss; 801 802 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 803 rt2661_enable_mrr(sc); 804 rt2661_set_txpreamble(sc); 805 rt2661_set_basicrates(sc, &ni->ni_rates); 806 rt2661_set_bssid(sc, ni->ni_bssid); 807 } 808 809 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 810 ic->ic_opmode == IEEE80211_M_IBSS) { 811 if ((error = rt2661_prepare_beacon(sc)) != 0) 812 break; 813 } 814 815 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 816 callout_reset(&sc->rssadapt_ch, hz / 10, 817 rt2661_update_rssadapt, sc); 818 rt2661_enable_tsf_sync(sc); 819 } 820 break; 821 case IEEE80211_S_SCAN: 822 case IEEE80211_S_AUTH: 823 case IEEE80211_S_ASSOC: 824 break; 825 } 826 827 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg); 828 } 829 830 /* 831 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 832 * 93C66). 833 */ 834 static uint16_t 835 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 836 { 837 uint32_t tmp; 838 uint16_t val; 839 int n; 840 841 /* clock C once before the first command */ 842 RT2661_EEPROM_CTL(sc, 0); 843 844 RT2661_EEPROM_CTL(sc, RT2661_S); 845 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 846 RT2661_EEPROM_CTL(sc, RT2661_S); 847 848 /* write start bit (1) */ 849 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 850 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 851 852 /* write READ opcode (10) */ 853 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 854 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 855 RT2661_EEPROM_CTL(sc, RT2661_S); 856 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 857 858 /* write address (A5-A0 or A7-A0) */ 859 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 860 for (; n >= 0; n--) { 861 RT2661_EEPROM_CTL(sc, RT2661_S | 862 (((addr >> n) & 1) << RT2661_SHIFT_D)); 863 RT2661_EEPROM_CTL(sc, RT2661_S | 864 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 865 } 866 867 RT2661_EEPROM_CTL(sc, RT2661_S); 868 869 /* read data Q15-Q0 */ 870 val = 0; 871 for (n = 15; n >= 0; n--) { 872 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 873 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 874 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 875 RT2661_EEPROM_CTL(sc, RT2661_S); 876 } 877 878 RT2661_EEPROM_CTL(sc, 0); 879 880 /* clear Chip Select and clock C */ 881 RT2661_EEPROM_CTL(sc, RT2661_S); 882 RT2661_EEPROM_CTL(sc, 0); 883 RT2661_EEPROM_CTL(sc, RT2661_C); 884 885 return val; 886 } 887 888 static void 889 rt2661_tx_intr(struct rt2661_softc *sc) 890 { 891 struct ieee80211com *ic = &sc->sc_ic; 892 struct ifnet *ifp = ic->ic_ifp; 893 struct rt2661_tx_ring *txq; 894 struct rt2661_tx_data *data; 895 struct rt2661_node *rn; 896 uint32_t val; 897 int qid, retrycnt; 898 899 for (;;) { 900 struct ieee80211_node *ni; 901 struct mbuf *m; 902 903 val = RAL_READ(sc, RT2661_STA_CSR4); 904 if (!(val & RT2661_TX_STAT_VALID)) 905 break; 906 907 /* retrieve the queue in which this frame was sent */ 908 qid = RT2661_TX_QID(val); 909 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq; 910 911 /* retrieve rate control algorithm context */ 912 data = &txq->data[txq->stat]; 913 m = data->m; 914 data->m = NULL; 915 ni = data->ni; 916 data->ni = NULL; 917 918 /* if no frame has been sent, ignore */ 919 if (ni == NULL) 920 continue; 921 922 rn = (struct rt2661_node *)ni; 923 924 switch (RT2661_TX_RESULT(val)) { 925 case RT2661_TX_SUCCESS: 926 retrycnt = RT2661_TX_RETRYCNT(val); 927 928 DPRINTFN(10, ("data frame sent successfully after " 929 "%d retries\n", retrycnt)); 930 if (retrycnt == 0 && data->id.id_node != NULL) { 931 ral_rssadapt_raise_rate(ic, &rn->rssadapt, 932 &data->id); 933 } 934 ifp->if_opackets++; 935 break; 936 937 case RT2661_TX_RETRY_FAIL: 938 DPRINTFN(9, ("sending data frame failed (too much " 939 "retries)\n")); 940 if (data->id.id_node != NULL) { 941 ral_rssadapt_lower_rate(ic, ni, 942 &rn->rssadapt, &data->id); 943 } 944 ifp->if_oerrors++; 945 break; 946 947 default: 948 /* other failure */ 949 device_printf(sc->sc_dev, 950 "sending data frame failed 0x%08x\n", val); 951 ifp->if_oerrors++; 952 } 953 954 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat)); 955 956 txq->queued--; 957 if (++txq->stat >= txq->count) /* faster than % count */ 958 txq->stat = 0; 959 960 if (m->m_flags & M_TXCB) 961 ieee80211_process_callback(ni, m, 962 RT2661_TX_RESULT(val) != RT2661_TX_SUCCESS); 963 m_freem(m); 964 ieee80211_free_node(ni); 965 } 966 967 sc->sc_tx_timer = 0; 968 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 969 rt2661_start(ifp); 970 } 971 972 static void 973 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 974 { 975 struct rt2661_tx_desc *desc; 976 struct rt2661_tx_data *data; 977 978 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_POSTREAD); 979 980 for (;;) { 981 desc = &txq->desc[txq->next]; 982 data = &txq->data[txq->next]; 983 984 if ((le32toh(desc->flags) & RT2661_TX_BUSY) || 985 !(le32toh(desc->flags) & RT2661_TX_VALID)) 986 break; 987 988 bus_dmamap_sync(txq->data_dmat, data->map, 989 BUS_DMASYNC_POSTWRITE); 990 bus_dmamap_unload(txq->data_dmat, data->map); 991 992 /* descriptor is no longer valid */ 993 desc->flags &= ~htole32(RT2661_TX_VALID); 994 995 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 996 997 if (++txq->next >= txq->count) /* faster than % count */ 998 txq->next = 0; 999 } 1000 1001 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1002 } 1003 1004 static void 1005 rt2661_rx_intr(struct rt2661_softc *sc) 1006 { 1007 struct ieee80211com *ic = &sc->sc_ic; 1008 struct ifnet *ifp = ic->ic_ifp; 1009 struct rt2661_rx_desc *desc; 1010 struct rt2661_rx_data *data; 1011 bus_addr_t physaddr; 1012 struct ieee80211_frame *wh; 1013 struct ieee80211_node *ni; 1014 struct rt2661_node *rn; 1015 struct mbuf *mnew, *m; 1016 int error; 1017 1018 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1019 BUS_DMASYNC_POSTREAD); 1020 1021 for (;;) { 1022 int rssi; 1023 1024 desc = &sc->rxq.desc[sc->rxq.cur]; 1025 data = &sc->rxq.data[sc->rxq.cur]; 1026 1027 if (le32toh(desc->flags) & RT2661_RX_BUSY) 1028 break; 1029 1030 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) || 1031 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) { 1032 /* 1033 * This should not happen since we did not request 1034 * to receive those frames when we filled TXRX_CSR0. 1035 */ 1036 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1037 le32toh(desc->flags))); 1038 ifp->if_ierrors++; 1039 goto skip; 1040 } 1041 1042 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1043 ifp->if_ierrors++; 1044 goto skip; 1045 } 1046 1047 /* 1048 * Try to allocate a new mbuf for this ring element and load it 1049 * before processing the current mbuf. If the ring element 1050 * cannot be loaded, drop the received packet and reuse the old 1051 * mbuf. In the unlikely case that the old mbuf can't be 1052 * reloaded either, explicitly panic. 1053 */ 1054 mnew = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1055 if (mnew == NULL) { 1056 ifp->if_ierrors++; 1057 goto skip; 1058 } 1059 1060 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1061 BUS_DMASYNC_POSTREAD); 1062 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1063 1064 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1065 mtod(mnew, void *), MCLBYTES, rt2661_dma_map_addr, 1066 &physaddr, 0); 1067 if (error != 0) { 1068 m_freem(mnew); 1069 1070 /* try to reload the old mbuf */ 1071 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1072 mtod(data->m, void *), MCLBYTES, 1073 rt2661_dma_map_addr, &physaddr, 0); 1074 if (error != 0) { 1075 /* very unlikely that it will fail... */ 1076 panic("%s: could not load old rx mbuf", 1077 device_get_name(sc->sc_dev)); 1078 } 1079 ifp->if_ierrors++; 1080 goto skip; 1081 } 1082 1083 /* 1084 * New mbuf successfully loaded, update Rx ring and continue 1085 * processing. 1086 */ 1087 m = data->m; 1088 data->m = mnew; 1089 desc->physaddr = htole32(physaddr); 1090 1091 /* finalize mbuf */ 1092 m->m_pkthdr.rcvif = ifp; 1093 m->m_pkthdr.len = m->m_len = 1094 (le32toh(desc->flags) >> 16) & 0xfff; 1095 1096 rssi = rt2661_get_rssi(sc, desc->rssi); 1097 1098 if (bpf_peers_present(sc->sc_drvbpf)) { 1099 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1100 uint32_t tsf_lo, tsf_hi; 1101 1102 /* get timestamp (low and high 32 bits) */ 1103 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1104 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1105 1106 tap->wr_tsf = 1107 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1108 tap->wr_flags = 0; 1109 tap->wr_rate = rt2661_rxrate(desc); 1110 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 1111 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 1112 tap->wr_antsignal = rssi < 0 ? 0 : rssi; 1113 1114 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1115 } 1116 sc->sc_flags |= RAL_INPUT_RUNNING; 1117 RAL_UNLOCK(sc); 1118 wh = mtod(m, struct ieee80211_frame *); 1119 ni = ieee80211_find_rxnode(ic, 1120 (struct ieee80211_frame_min *)wh); 1121 1122 /* Error happened during RSSI conversion. */ 1123 if (rssi < 0) 1124 rssi = ni->ni_rssi; 1125 1126 /* send the frame to the 802.11 layer */ 1127 ieee80211_input(ic, m, ni, rssi, RT2661_NOISE_FLOOR, 0); 1128 1129 /* give rssi to the rate adatation algorithm */ 1130 rn = (struct rt2661_node *)ni; 1131 RAL_LOCK(sc); 1132 sc->sc_flags &= ~RAL_INPUT_RUNNING; 1133 ral_rssadapt_input(ic, ni, &rn->rssadapt, rssi); 1134 1135 /* node is no longer needed */ 1136 ieee80211_free_node(ni); 1137 1138 skip: desc->flags |= htole32(RT2661_RX_BUSY); 1139 1140 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur)); 1141 1142 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1143 } 1144 1145 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1146 BUS_DMASYNC_PREWRITE); 1147 } 1148 1149 /* ARGSUSED */ 1150 static void 1151 rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1152 { 1153 /* do nothing */ 1154 } 1155 1156 static void 1157 rt2661_mcu_wakeup(struct rt2661_softc *sc) 1158 { 1159 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1160 1161 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1162 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1163 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1164 1165 /* send wakeup command to MCU */ 1166 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1167 } 1168 1169 static void 1170 rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1171 { 1172 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1173 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1174 } 1175 1176 void 1177 rt2661_intr(void *arg) 1178 { 1179 struct rt2661_softc *sc = arg; 1180 struct ifnet *ifp = sc->sc_ifp; 1181 uint32_t r1, r2; 1182 1183 RAL_LOCK(sc); 1184 1185 /* disable MAC and MCU interrupts */ 1186 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1187 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1188 1189 /* don't re-enable interrupts if we're shutting down */ 1190 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 1191 RAL_UNLOCK(sc); 1192 return; 1193 } 1194 1195 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1196 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1197 1198 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1199 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1200 1201 if (r1 & RT2661_MGT_DONE) 1202 rt2661_tx_dma_intr(sc, &sc->mgtq); 1203 1204 if (r1 & RT2661_RX_DONE) 1205 rt2661_rx_intr(sc); 1206 1207 if (r1 & RT2661_TX0_DMA_DONE) 1208 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1209 1210 if (r1 & RT2661_TX1_DMA_DONE) 1211 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1212 1213 if (r1 & RT2661_TX2_DMA_DONE) 1214 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1215 1216 if (r1 & RT2661_TX3_DMA_DONE) 1217 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1218 1219 if (r1 & RT2661_TX_DONE) 1220 rt2661_tx_intr(sc); 1221 1222 if (r2 & RT2661_MCU_CMD_DONE) 1223 rt2661_mcu_cmd_intr(sc); 1224 1225 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1226 rt2661_mcu_beacon_expire(sc); 1227 1228 if (r2 & RT2661_MCU_WAKEUP) 1229 rt2661_mcu_wakeup(sc); 1230 1231 /* re-enable MAC and MCU interrupts */ 1232 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 1233 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 1234 1235 RAL_UNLOCK(sc); 1236 } 1237 1238 /* quickly determine if a given rate is CCK or OFDM */ 1239 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1240 1241 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1242 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1243 1244 #define RAL_SIFS 10 /* us */ 1245 1246 /* 1247 * This function is only used by the Rx radiotap code. It returns the rate at 1248 * which a given frame was received. 1249 */ 1250 static uint8_t 1251 rt2661_rxrate(struct rt2661_rx_desc *desc) 1252 { 1253 if (le32toh(desc->flags) & RT2661_RX_OFDM) { 1254 /* reverse function of rt2661_plcp_signal */ 1255 switch (desc->rate & 0xf) { 1256 case 0xb: return 12; 1257 case 0xf: return 18; 1258 case 0xa: return 24; 1259 case 0xe: return 36; 1260 case 0x9: return 48; 1261 case 0xd: return 72; 1262 case 0x8: return 96; 1263 case 0xc: return 108; 1264 } 1265 } else { 1266 if (desc->rate == 10) 1267 return 2; 1268 if (desc->rate == 20) 1269 return 4; 1270 if (desc->rate == 55) 1271 return 11; 1272 if (desc->rate == 110) 1273 return 22; 1274 } 1275 return 2; /* should not get there */ 1276 } 1277 1278 /* 1279 * Return the expected ack rate for a frame transmitted at rate `rate'. 1280 * XXX: this should depend on the destination node basic rate set. 1281 */ 1282 static int 1283 rt2661_ack_rate(struct ieee80211com *ic, int rate) 1284 { 1285 switch (rate) { 1286 /* CCK rates */ 1287 case 2: 1288 return 2; 1289 case 4: 1290 case 11: 1291 case 22: 1292 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1293 1294 /* OFDM rates */ 1295 case 12: 1296 case 18: 1297 return 12; 1298 case 24: 1299 case 36: 1300 return 24; 1301 case 48: 1302 case 72: 1303 case 96: 1304 case 108: 1305 return 48; 1306 } 1307 1308 /* default to 1Mbps */ 1309 return 2; 1310 } 1311 1312 /* 1313 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1314 * The function automatically determines the operating mode depending on the 1315 * given rate. `flags' indicates whether short preamble is in use or not. 1316 */ 1317 static uint16_t 1318 rt2661_txtime(int len, int rate, uint32_t flags) 1319 { 1320 uint16_t txtime; 1321 1322 if (RAL_RATE_IS_OFDM(rate)) { 1323 /* IEEE Std 802.11a-1999, pp. 37 */ 1324 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1325 txtime = 16 + 4 + 4 * txtime + 6; 1326 } else { 1327 /* IEEE Std 802.11b-1999, pp. 28 */ 1328 txtime = (16 * len + rate - 1) / rate; 1329 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1330 txtime += 72 + 24; 1331 else 1332 txtime += 144 + 48; 1333 } 1334 1335 return txtime; 1336 } 1337 1338 static uint8_t 1339 rt2661_plcp_signal(int rate) 1340 { 1341 switch (rate) { 1342 /* CCK rates (returned values are device-dependent) */ 1343 case 2: return 0x0; 1344 case 4: return 0x1; 1345 case 11: return 0x2; 1346 case 22: return 0x3; 1347 1348 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1349 case 12: return 0xb; 1350 case 18: return 0xf; 1351 case 24: return 0xa; 1352 case 36: return 0xe; 1353 case 48: return 0x9; 1354 case 72: return 0xd; 1355 case 96: return 0x8; 1356 case 108: return 0xc; 1357 1358 /* unsupported rates (should not get there) */ 1359 default: return 0xff; 1360 } 1361 } 1362 1363 static void 1364 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1365 uint32_t flags, uint16_t xflags, int len, int rate, 1366 const bus_dma_segment_t *segs, int nsegs, int ac) 1367 { 1368 struct ieee80211com *ic = &sc->sc_ic; 1369 uint16_t plcp_length; 1370 int i, remainder; 1371 1372 desc->flags = htole32(flags); 1373 desc->flags |= htole32(len << 16); 1374 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1375 1376 desc->xflags = htole16(xflags); 1377 desc->xflags |= htole16(nsegs << 13); 1378 1379 desc->wme = htole16( 1380 RT2661_QID(ac) | 1381 RT2661_AIFSN(2) | 1382 RT2661_LOGCWMIN(4) | 1383 RT2661_LOGCWMAX(10)); 1384 1385 /* 1386 * Remember in which queue this frame was sent. This field is driver 1387 * private data only. It will be made available by the NIC in STA_CSR4 1388 * on Tx interrupts. 1389 */ 1390 desc->qid = ac; 1391 1392 /* setup PLCP fields */ 1393 desc->plcp_signal = rt2661_plcp_signal(rate); 1394 desc->plcp_service = 4; 1395 1396 len += IEEE80211_CRC_LEN; 1397 if (RAL_RATE_IS_OFDM(rate)) { 1398 desc->flags |= htole32(RT2661_TX_OFDM); 1399 1400 plcp_length = len & 0xfff; 1401 desc->plcp_length_hi = plcp_length >> 6; 1402 desc->plcp_length_lo = plcp_length & 0x3f; 1403 } else { 1404 plcp_length = (16 * len + rate - 1) / rate; 1405 if (rate == 22) { 1406 remainder = (16 * len) % 22; 1407 if (remainder != 0 && remainder < 7) 1408 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1409 } 1410 desc->plcp_length_hi = plcp_length >> 8; 1411 desc->plcp_length_lo = plcp_length & 0xff; 1412 1413 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1414 desc->plcp_signal |= 0x08; 1415 } 1416 1417 /* RT2x61 supports scatter with up to 5 segments */ 1418 for (i = 0; i < nsegs; i++) { 1419 desc->addr[i] = htole32(segs[i].ds_addr); 1420 desc->len [i] = htole16(segs[i].ds_len); 1421 } 1422 } 1423 1424 static int 1425 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1426 struct ieee80211_node *ni) 1427 { 1428 struct ieee80211com *ic = &sc->sc_ic; 1429 struct rt2661_tx_desc *desc; 1430 struct rt2661_tx_data *data; 1431 struct ieee80211_frame *wh; 1432 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1433 uint16_t dur; 1434 uint32_t flags = 0; /* XXX HWSEQ */ 1435 int nsegs, rate, error; 1436 1437 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1438 data = &sc->mgtq.data[sc->mgtq.cur]; 1439 1440 /* send mgt frames at the lowest available rate */ 1441 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1442 1443 error = bus_dmamap_load_mbuf_sg(sc->mgtq.data_dmat, data->map, m0, 1444 segs, &nsegs, 0); 1445 if (error != 0) { 1446 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1447 error); 1448 m_freem(m0); 1449 return error; 1450 } 1451 1452 if (bpf_peers_present(sc->sc_drvbpf)) { 1453 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1454 1455 tap->wt_flags = 0; 1456 tap->wt_rate = rate; 1457 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1458 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1459 1460 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1461 } 1462 1463 data->m = m0; 1464 data->ni = ni; 1465 1466 wh = mtod(m0, struct ieee80211_frame *); 1467 1468 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1469 flags |= RT2661_TX_NEED_ACK; 1470 1471 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1472 RAL_SIFS; 1473 *(uint16_t *)wh->i_dur = htole16(dur); 1474 1475 /* tell hardware to add timestamp in probe responses */ 1476 if ((wh->i_fc[0] & 1477 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1478 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1479 flags |= RT2661_TX_TIMESTAMP; 1480 } 1481 1482 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1483 m0->m_pkthdr.len, rate, segs, nsegs, RT2661_QID_MGT); 1484 1485 bus_dmamap_sync(sc->mgtq.data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1486 bus_dmamap_sync(sc->mgtq.desc_dmat, sc->mgtq.desc_map, 1487 BUS_DMASYNC_PREWRITE); 1488 1489 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1490 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1491 1492 /* kick mgt */ 1493 sc->mgtq.queued++; 1494 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1495 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1496 1497 return 0; 1498 } 1499 1500 /* 1501 * Build a RTS control frame. 1502 */ 1503 static struct mbuf * 1504 rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh, 1505 uint16_t dur) 1506 { 1507 struct ieee80211_frame_rts *rts; 1508 struct mbuf *m; 1509 1510 MGETHDR(m, M_DONTWAIT, MT_DATA); 1511 if (m == NULL) { 1512 sc->sc_ic.ic_stats.is_tx_nobuf++; 1513 device_printf(sc->sc_dev, "could not allocate RTS frame\n"); 1514 return NULL; 1515 } 1516 1517 rts = mtod(m, struct ieee80211_frame_rts *); 1518 1519 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL | 1520 IEEE80211_FC0_SUBTYPE_RTS; 1521 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1522 *(uint16_t *)rts->i_dur = htole16(dur); 1523 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1); 1524 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2); 1525 1526 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts); 1527 1528 return m; 1529 } 1530 1531 static int 1532 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1533 struct ieee80211_node *ni, int ac) 1534 { 1535 struct ieee80211com *ic = &sc->sc_ic; 1536 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1537 struct rt2661_tx_desc *desc; 1538 struct rt2661_tx_data *data; 1539 struct rt2661_node *rn; 1540 struct ieee80211_frame *wh; 1541 struct ieee80211_key *k; 1542 const struct chanAccParams *cap; 1543 struct mbuf *mnew; 1544 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1545 uint16_t dur; 1546 uint32_t flags = 0; 1547 int error, nsegs, rate, noack = 0; 1548 1549 wh = mtod(m0, struct ieee80211_frame *); 1550 1551 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1552 rate = ic->ic_fixed_rate; 1553 } else { 1554 struct ieee80211_rateset *rs; 1555 1556 rs = &ni->ni_rates; 1557 rn = (struct rt2661_node *)ni; 1558 ni->ni_txrate = ral_rssadapt_choose(&rn->rssadapt, rs, 1559 wh, m0->m_pkthdr.len, NULL, 0); 1560 rate = rs->rs_rates[ni->ni_txrate]; 1561 } 1562 rate &= IEEE80211_RATE_VAL; 1563 1564 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1565 cap = &ic->ic_wme.wme_chanParams; 1566 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1567 } 1568 1569 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1570 k = ieee80211_crypto_encap(ic, ni, m0); 1571 if (k == NULL) { 1572 m_freem(m0); 1573 return ENOBUFS; 1574 } 1575 1576 /* packet header may have moved, reset our local pointer */ 1577 wh = mtod(m0, struct ieee80211_frame *); 1578 } 1579 1580 /* 1581 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange 1582 * for directed frames only when the length of the MPDU is greater 1583 * than the length threshold indicated by [...]" ic_rtsthreshold. 1584 */ 1585 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 1586 m0->m_pkthdr.len > ic->ic_rtsthreshold) { 1587 struct mbuf *m; 1588 uint16_t dur; 1589 int rtsrate, ackrate; 1590 1591 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1592 ackrate = rt2661_ack_rate(ic, rate); 1593 1594 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) + 1595 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) + 1596 /* XXX: noack (QoS)? */ 1597 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1598 3 * RAL_SIFS; 1599 1600 m = rt2661_get_rts(sc, wh, dur); 1601 1602 desc = &txq->desc[txq->cur]; 1603 data = &txq->data[txq->cur]; 1604 1605 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m, 1606 segs, &nsegs, 0); 1607 if (error != 0) { 1608 device_printf(sc->sc_dev, 1609 "could not map mbuf (error %d)\n", error); 1610 m_freem(m); 1611 m_freem(m0); 1612 return error; 1613 } 1614 1615 /* avoid multiple free() of the same node for each fragment */ 1616 ieee80211_ref_node(ni); 1617 1618 data->m = m; 1619 data->ni = ni; 1620 1621 /* RTS frames are not taken into account for rssadapt */ 1622 data->id.id_node = NULL; 1623 1624 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK | 1625 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate, segs, 1626 nsegs, ac); 1627 1628 bus_dmamap_sync(txq->data_dmat, data->map, 1629 BUS_DMASYNC_PREWRITE); 1630 1631 txq->queued++; 1632 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1633 1634 /* 1635 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the 1636 * asynchronous data frame shall be transmitted after the CTS 1637 * frame and a SIFS period. 1638 */ 1639 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS; 1640 } 1641 1642 data = &txq->data[txq->cur]; 1643 desc = &txq->desc[txq->cur]; 1644 1645 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, segs, 1646 &nsegs, 0); 1647 if (error != 0 && error != EFBIG) { 1648 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1649 error); 1650 m_freem(m0); 1651 return error; 1652 } 1653 if (error != 0) { 1654 mnew = m_defrag(m0, M_DONTWAIT); 1655 if (mnew == NULL) { 1656 device_printf(sc->sc_dev, 1657 "could not defragment mbuf\n"); 1658 m_freem(m0); 1659 return ENOBUFS; 1660 } 1661 m0 = mnew; 1662 1663 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, 1664 segs, &nsegs, 0); 1665 if (error != 0) { 1666 device_printf(sc->sc_dev, 1667 "could not map mbuf (error %d)\n", error); 1668 m_freem(m0); 1669 return error; 1670 } 1671 1672 /* packet header have moved, reset our local pointer */ 1673 wh = mtod(m0, struct ieee80211_frame *); 1674 } 1675 1676 if (bpf_peers_present(sc->sc_drvbpf)) { 1677 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1678 1679 tap->wt_flags = 0; 1680 tap->wt_rate = rate; 1681 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1682 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1683 1684 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1685 } 1686 1687 data->m = m0; 1688 data->ni = ni; 1689 1690 /* remember link conditions for rate adaptation algorithm */ 1691 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) { 1692 data->id.id_len = m0->m_pkthdr.len; 1693 data->id.id_rateidx = ni->ni_txrate; 1694 data->id.id_node = ni; 1695 data->id.id_rssi = ni->ni_rssi; 1696 } else 1697 data->id.id_node = NULL; 1698 1699 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1700 flags |= RT2661_TX_NEED_ACK; 1701 1702 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1703 ic->ic_flags) + RAL_SIFS; 1704 *(uint16_t *)wh->i_dur = htole16(dur); 1705 } 1706 1707 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, segs, 1708 nsegs, ac); 1709 1710 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1711 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1712 1713 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1714 m0->m_pkthdr.len, txq->cur, rate)); 1715 1716 /* kick Tx */ 1717 txq->queued++; 1718 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1719 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1 << ac); 1720 1721 return 0; 1722 } 1723 1724 static void 1725 rt2661_start(struct ifnet *ifp) 1726 { 1727 struct rt2661_softc *sc = ifp->if_softc; 1728 struct ieee80211com *ic = &sc->sc_ic; 1729 struct mbuf *m0; 1730 struct ether_header *eh; 1731 struct ieee80211_node *ni; 1732 int ac; 1733 1734 RAL_LOCK(sc); 1735 1736 /* prevent management frames from being sent if we're not ready */ 1737 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING) || sc->sc_invalid) { 1738 RAL_UNLOCK(sc); 1739 return; 1740 } 1741 1742 for (;;) { 1743 IF_POLL(&ic->ic_mgtq, m0); 1744 if (m0 != NULL) { 1745 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1746 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1747 break; 1748 } 1749 IF_DEQUEUE(&ic->ic_mgtq, m0); 1750 1751 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1752 m0->m_pkthdr.rcvif = NULL; 1753 1754 if (bpf_peers_present(ic->ic_rawbpf)) 1755 bpf_mtap(ic->ic_rawbpf, m0); 1756 1757 if (rt2661_tx_mgt(sc, m0, ni) != 0) { 1758 ieee80211_free_node(ni); 1759 break; 1760 } 1761 } else { 1762 if (ic->ic_state != IEEE80211_S_RUN) 1763 break; 1764 1765 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0); 1766 if (m0 == NULL) 1767 break; 1768 1769 if (m0->m_len < sizeof (struct ether_header) && 1770 !(m0 = m_pullup(m0, sizeof (struct ether_header)))) 1771 continue; 1772 1773 eh = mtod(m0, struct ether_header *); 1774 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1775 if (ni == NULL) { 1776 m_freem(m0); 1777 ifp->if_oerrors++; 1778 continue; 1779 } 1780 1781 /* classify mbuf so we can find which tx ring to use */ 1782 if (ieee80211_classify(ic, m0, ni) != 0) { 1783 m_freem(m0); 1784 ieee80211_free_node(ni); 1785 ifp->if_oerrors++; 1786 continue; 1787 } 1788 1789 /* no QoS encapsulation for EAPOL frames */ 1790 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1791 M_WME_GETAC(m0) : WME_AC_BE; 1792 1793 if (sc->txq[ac].queued >= RT2661_TX_RING_COUNT - 1) { 1794 /* there is no place left in this ring */ 1795 IFQ_DRV_PREPEND(&ifp->if_snd, m0); 1796 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1797 ieee80211_free_node(ni); 1798 break; 1799 } 1800 1801 BPF_MTAP(ifp, m0); 1802 1803 m0 = ieee80211_encap(ic, m0, ni); 1804 if (m0 == NULL) { 1805 ieee80211_free_node(ni); 1806 ifp->if_oerrors++; 1807 continue; 1808 } 1809 1810 if (bpf_peers_present(ic->ic_rawbpf)) 1811 bpf_mtap(ic->ic_rawbpf, m0); 1812 1813 if (rt2661_tx_data(sc, m0, ni, ac) != 0) { 1814 ieee80211_free_node(ni); 1815 ifp->if_oerrors++; 1816 break; 1817 } 1818 } 1819 1820 sc->sc_tx_timer = 5; 1821 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1822 } 1823 1824 RAL_UNLOCK(sc); 1825 } 1826 1827 static void 1828 rt2661_watchdog(void *arg) 1829 { 1830 struct rt2661_softc *sc = (struct rt2661_softc *)arg; 1831 1832 if (sc->sc_tx_timer > 0 && !sc->sc_invalid) { 1833 if (--sc->sc_tx_timer == 0) { 1834 device_printf(sc->sc_dev, "device timeout\n"); 1835 rt2661_init(sc); 1836 sc->sc_ifp->if_oerrors++; 1837 return; 1838 } 1839 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1840 } 1841 } 1842 1843 /* 1844 * This function allows for fast channel switching in monitor mode (used by 1845 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to 1846 * generate a new beacon frame. 1847 */ 1848 static int 1849 rt2661_reset(struct ifnet *ifp) 1850 { 1851 struct rt2661_softc *sc = ifp->if_softc; 1852 struct ieee80211com *ic = &sc->sc_ic; 1853 1854 if (ic->ic_opmode != IEEE80211_M_MONITOR) 1855 return ENETRESET; 1856 1857 rt2661_set_chan(sc, ic->ic_curchan); 1858 1859 return 0; 1860 } 1861 1862 static int 1863 rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1864 { 1865 struct rt2661_softc *sc = ifp->if_softc; 1866 struct ieee80211com *ic = &sc->sc_ic; 1867 int error = 0; 1868 1869 switch (cmd) { 1870 case SIOCSIFFLAGS: 1871 if (ifp->if_flags & IFF_UP) { 1872 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1873 rt2661_update_promisc(sc); 1874 else 1875 rt2661_init(sc); 1876 } else { 1877 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1878 rt2661_stop(sc); 1879 } 1880 break; 1881 1882 default: 1883 error = ieee80211_ioctl(ic, cmd, data); 1884 } 1885 1886 if (error == ENETRESET) { 1887 if ((ifp->if_flags & IFF_UP) && 1888 (ifp->if_drv_flags & IFF_DRV_RUNNING) && 1889 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1890 rt2661_init(sc); 1891 error = 0; 1892 } 1893 1894 return error; 1895 } 1896 1897 static void 1898 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 1899 { 1900 uint32_t tmp; 1901 int ntries; 1902 1903 for (ntries = 0; ntries < 100; ntries++) { 1904 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1905 break; 1906 DELAY(1); 1907 } 1908 if (ntries == 100) { 1909 device_printf(sc->sc_dev, "could not write to BBP\n"); 1910 return; 1911 } 1912 1913 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 1914 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 1915 1916 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 1917 } 1918 1919 static uint8_t 1920 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 1921 { 1922 uint32_t val; 1923 int ntries; 1924 1925 for (ntries = 0; ntries < 100; ntries++) { 1926 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1927 break; 1928 DELAY(1); 1929 } 1930 if (ntries == 100) { 1931 device_printf(sc->sc_dev, "could not read from BBP\n"); 1932 return 0; 1933 } 1934 1935 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 1936 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 1937 1938 for (ntries = 0; ntries < 100; ntries++) { 1939 val = RAL_READ(sc, RT2661_PHY_CSR3); 1940 if (!(val & RT2661_BBP_BUSY)) 1941 return val & 0xff; 1942 DELAY(1); 1943 } 1944 1945 device_printf(sc->sc_dev, "could not read from BBP\n"); 1946 return 0; 1947 } 1948 1949 static void 1950 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 1951 { 1952 uint32_t tmp; 1953 int ntries; 1954 1955 for (ntries = 0; ntries < 100; ntries++) { 1956 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 1957 break; 1958 DELAY(1); 1959 } 1960 if (ntries == 100) { 1961 device_printf(sc->sc_dev, "could not write to RF\n"); 1962 return; 1963 } 1964 1965 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 1966 (reg & 3); 1967 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 1968 1969 /* remember last written value in sc */ 1970 sc->rf_regs[reg] = val; 1971 1972 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 1973 } 1974 1975 static int 1976 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 1977 { 1978 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 1979 return EIO; /* there is already a command pending */ 1980 1981 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 1982 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 1983 1984 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 1985 1986 return 0; 1987 } 1988 1989 static void 1990 rt2661_select_antenna(struct rt2661_softc *sc) 1991 { 1992 uint8_t bbp4, bbp77; 1993 uint32_t tmp; 1994 1995 bbp4 = rt2661_bbp_read(sc, 4); 1996 bbp77 = rt2661_bbp_read(sc, 77); 1997 1998 /* TBD */ 1999 2000 /* make sure Rx is disabled before switching antenna */ 2001 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2002 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2003 2004 rt2661_bbp_write(sc, 4, bbp4); 2005 rt2661_bbp_write(sc, 77, bbp77); 2006 2007 /* restore Rx filter */ 2008 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2009 } 2010 2011 /* 2012 * Enable multi-rate retries for frames sent at OFDM rates. 2013 * In 802.11b/g mode, allow fallback to CCK rates. 2014 */ 2015 static void 2016 rt2661_enable_mrr(struct rt2661_softc *sc) 2017 { 2018 struct ieee80211com *ic = &sc->sc_ic; 2019 uint32_t tmp; 2020 2021 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2022 2023 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2024 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2025 tmp |= RT2661_MRR_CCK_FALLBACK; 2026 tmp |= RT2661_MRR_ENABLED; 2027 2028 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2029 } 2030 2031 static void 2032 rt2661_set_txpreamble(struct rt2661_softc *sc) 2033 { 2034 uint32_t tmp; 2035 2036 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2037 2038 tmp &= ~RT2661_SHORT_PREAMBLE; 2039 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2040 tmp |= RT2661_SHORT_PREAMBLE; 2041 2042 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2043 } 2044 2045 /* 2046 * Supported rates for 802.11g. XXX should use ic_sup_rates. 2047 */ 2048 static const struct ieee80211_rateset rt2661_rateset_11g = 2049 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 2050 2051 static void 2052 rt2661_set_basicrates(struct rt2661_softc *sc, 2053 const struct ieee80211_rateset *rs) 2054 { 2055 #define RV(r) ((r) & IEEE80211_RATE_VAL) 2056 struct ieee80211com *ic = &sc->sc_ic; 2057 uint32_t mask = 0; 2058 uint8_t rate; 2059 int i, j; 2060 2061 for (i = 0; i < rs->rs_nrates; i++) { 2062 rate = rs->rs_rates[i]; 2063 2064 if (!(rate & IEEE80211_RATE_BASIC)) 2065 continue; 2066 2067 /* 2068 * Find h/w rate index. We know it exists because the rate 2069 * set has already been negotiated. 2070 */ 2071 for (j = 0; ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates[j] != RV(rate); j++); 2072 2073 mask |= 1 << j; 2074 } 2075 2076 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask); 2077 2078 DPRINTF(("Setting basic rate mask to 0x%x\n", mask)); 2079 #undef RV 2080 } 2081 2082 /* 2083 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2084 * driver. 2085 */ 2086 static void 2087 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2088 { 2089 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2090 uint32_t tmp; 2091 2092 /* update all BBP registers that depend on the band */ 2093 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2094 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2095 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2096 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2097 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2098 } 2099 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2100 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2101 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2102 } 2103 2104 rt2661_bbp_write(sc, 17, bbp17); 2105 rt2661_bbp_write(sc, 96, bbp96); 2106 rt2661_bbp_write(sc, 104, bbp104); 2107 2108 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2109 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2110 rt2661_bbp_write(sc, 75, 0x80); 2111 rt2661_bbp_write(sc, 86, 0x80); 2112 rt2661_bbp_write(sc, 88, 0x80); 2113 } 2114 2115 rt2661_bbp_write(sc, 35, bbp35); 2116 rt2661_bbp_write(sc, 97, bbp97); 2117 rt2661_bbp_write(sc, 98, bbp98); 2118 2119 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2120 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2121 if (IEEE80211_IS_CHAN_2GHZ(c)) 2122 tmp |= RT2661_PA_PE_2GHZ; 2123 else 2124 tmp |= RT2661_PA_PE_5GHZ; 2125 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2126 } 2127 2128 static void 2129 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2130 { 2131 struct ieee80211com *ic = &sc->sc_ic; 2132 const struct rfprog *rfprog; 2133 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2134 int8_t power; 2135 u_int i, chan; 2136 2137 chan = ieee80211_chan2ieee(ic, c); 2138 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2139 return; 2140 2141 /* select the appropriate RF settings based on what EEPROM says */ 2142 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2143 2144 /* find the settings for this channel (we know it exists) */ 2145 for (i = 0; rfprog[i].chan != chan; i++); 2146 2147 power = sc->txpow[i]; 2148 if (power < 0) { 2149 bbp94 += power; 2150 power = 0; 2151 } else if (power > 31) { 2152 bbp94 += power - 31; 2153 power = 31; 2154 } 2155 2156 /* 2157 * If we are switching from the 2GHz band to the 5GHz band or 2158 * vice-versa, BBP registers need to be reprogrammed. 2159 */ 2160 if (c->ic_flags != sc->sc_curchan->ic_flags) { 2161 rt2661_select_band(sc, c); 2162 rt2661_select_antenna(sc); 2163 } 2164 sc->sc_curchan = c; 2165 2166 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2167 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2168 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2169 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2170 2171 DELAY(200); 2172 2173 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2174 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2175 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2176 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2177 2178 DELAY(200); 2179 2180 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2181 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2182 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2183 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2184 2185 /* enable smart mode for MIMO-capable RFs */ 2186 bbp3 = rt2661_bbp_read(sc, 3); 2187 2188 bbp3 &= ~RT2661_SMART_MODE; 2189 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2190 bbp3 |= RT2661_SMART_MODE; 2191 2192 rt2661_bbp_write(sc, 3, bbp3); 2193 2194 if (bbp94 != RT2661_BBPR94_DEFAULT) 2195 rt2661_bbp_write(sc, 94, bbp94); 2196 2197 /* 5GHz radio needs a 1ms delay here */ 2198 if (IEEE80211_IS_CHAN_5GHZ(c)) 2199 DELAY(1000); 2200 } 2201 2202 static void 2203 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2204 { 2205 uint32_t tmp; 2206 2207 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2208 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2209 2210 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2211 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2212 } 2213 2214 static void 2215 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2216 { 2217 uint32_t tmp; 2218 2219 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2220 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2221 2222 tmp = addr[4] | addr[5] << 8; 2223 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2224 } 2225 2226 static void 2227 rt2661_update_promisc(struct rt2661_softc *sc) 2228 { 2229 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2230 uint32_t tmp; 2231 2232 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2233 2234 tmp &= ~RT2661_DROP_NOT_TO_ME; 2235 if (!(ifp->if_flags & IFF_PROMISC)) 2236 tmp |= RT2661_DROP_NOT_TO_ME; 2237 2238 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2239 2240 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2241 "entering" : "leaving")); 2242 } 2243 2244 /* 2245 * Update QoS (802.11e) settings for each h/w Tx ring. 2246 */ 2247 static int 2248 rt2661_wme_update(struct ieee80211com *ic) 2249 { 2250 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 2251 const struct wmeParams *wmep; 2252 2253 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams; 2254 2255 /* XXX: not sure about shifts. */ 2256 /* XXX: the reference driver plays with AC_VI settings too. */ 2257 2258 /* update TxOp */ 2259 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0, 2260 wmep[WME_AC_BE].wmep_txopLimit << 16 | 2261 wmep[WME_AC_BK].wmep_txopLimit); 2262 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1, 2263 wmep[WME_AC_VI].wmep_txopLimit << 16 | 2264 wmep[WME_AC_VO].wmep_txopLimit); 2265 2266 /* update CWmin */ 2267 RAL_WRITE(sc, RT2661_CWMIN_CSR, 2268 wmep[WME_AC_BE].wmep_logcwmin << 12 | 2269 wmep[WME_AC_BK].wmep_logcwmin << 8 | 2270 wmep[WME_AC_VI].wmep_logcwmin << 4 | 2271 wmep[WME_AC_VO].wmep_logcwmin); 2272 2273 /* update CWmax */ 2274 RAL_WRITE(sc, RT2661_CWMAX_CSR, 2275 wmep[WME_AC_BE].wmep_logcwmax << 12 | 2276 wmep[WME_AC_BK].wmep_logcwmax << 8 | 2277 wmep[WME_AC_VI].wmep_logcwmax << 4 | 2278 wmep[WME_AC_VO].wmep_logcwmax); 2279 2280 /* update Aifsn */ 2281 RAL_WRITE(sc, RT2661_AIFSN_CSR, 2282 wmep[WME_AC_BE].wmep_aifsn << 12 | 2283 wmep[WME_AC_BK].wmep_aifsn << 8 | 2284 wmep[WME_AC_VI].wmep_aifsn << 4 | 2285 wmep[WME_AC_VO].wmep_aifsn); 2286 2287 return 0; 2288 } 2289 2290 static void 2291 rt2661_update_slot(struct ifnet *ifp) 2292 { 2293 struct rt2661_softc *sc = ifp->if_softc; 2294 struct ieee80211com *ic = &sc->sc_ic; 2295 uint8_t slottime; 2296 uint32_t tmp; 2297 2298 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2299 2300 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2301 tmp = (tmp & ~0xff) | slottime; 2302 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2303 } 2304 2305 static const char * 2306 rt2661_get_rf(int rev) 2307 { 2308 switch (rev) { 2309 case RT2661_RF_5225: return "RT5225"; 2310 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2311 case RT2661_RF_2527: return "RT2527"; 2312 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2313 default: return "unknown"; 2314 } 2315 } 2316 2317 static void 2318 rt2661_read_eeprom(struct rt2661_softc *sc) 2319 { 2320 struct ieee80211com *ic = &sc->sc_ic; 2321 uint16_t val; 2322 int i; 2323 2324 /* read MAC address */ 2325 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2326 ic->ic_myaddr[0] = val & 0xff; 2327 ic->ic_myaddr[1] = val >> 8; 2328 2329 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2330 ic->ic_myaddr[2] = val & 0xff; 2331 ic->ic_myaddr[3] = val >> 8; 2332 2333 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2334 ic->ic_myaddr[4] = val & 0xff; 2335 ic->ic_myaddr[5] = val >> 8; 2336 2337 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2338 /* XXX: test if different from 0xffff? */ 2339 sc->rf_rev = (val >> 11) & 0x1f; 2340 sc->hw_radio = (val >> 10) & 0x1; 2341 sc->rx_ant = (val >> 4) & 0x3; 2342 sc->tx_ant = (val >> 2) & 0x3; 2343 sc->nb_ant = val & 0x3; 2344 2345 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2346 2347 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2348 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2349 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2350 2351 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2352 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2353 2354 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2355 if ((val & 0xff) != 0xff) 2356 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2357 2358 /* Only [-10, 10] is valid */ 2359 if (sc->rssi_2ghz_corr < -10 || sc->rssi_2ghz_corr > 10) 2360 sc->rssi_2ghz_corr = 0; 2361 2362 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2363 if ((val & 0xff) != 0xff) 2364 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2365 2366 /* Only [-10, 10] is valid */ 2367 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10) 2368 sc->rssi_5ghz_corr = 0; 2369 2370 /* adjust RSSI correction for external low-noise amplifier */ 2371 if (sc->ext_2ghz_lna) 2372 sc->rssi_2ghz_corr -= 14; 2373 if (sc->ext_5ghz_lna) 2374 sc->rssi_5ghz_corr -= 14; 2375 2376 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2377 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2378 2379 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2380 if ((val >> 8) != 0xff) 2381 sc->rfprog = (val >> 8) & 0x3; 2382 if ((val & 0xff) != 0xff) 2383 sc->rffreq = val & 0xff; 2384 2385 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2386 2387 /* read Tx power for all a/b/g channels */ 2388 for (i = 0; i < 19; i++) { 2389 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2390 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2391 DPRINTF(("Channel=%d Tx power=%d\n", 2392 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2393 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2394 DPRINTF(("Channel=%d Tx power=%d\n", 2395 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2396 } 2397 2398 /* read vendor-specific BBP values */ 2399 for (i = 0; i < 16; i++) { 2400 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2401 if (val == 0 || val == 0xffff) 2402 continue; /* skip invalid entries */ 2403 sc->bbp_prom[i].reg = val >> 8; 2404 sc->bbp_prom[i].val = val & 0xff; 2405 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2406 sc->bbp_prom[i].val)); 2407 } 2408 } 2409 2410 static int 2411 rt2661_bbp_init(struct rt2661_softc *sc) 2412 { 2413 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2414 int i, ntries; 2415 uint8_t val; 2416 2417 /* wait for BBP to be ready */ 2418 for (ntries = 0; ntries < 100; ntries++) { 2419 val = rt2661_bbp_read(sc, 0); 2420 if (val != 0 && val != 0xff) 2421 break; 2422 DELAY(100); 2423 } 2424 if (ntries == 100) { 2425 device_printf(sc->sc_dev, "timeout waiting for BBP\n"); 2426 return EIO; 2427 } 2428 2429 /* initialize BBP registers to default values */ 2430 for (i = 0; i < N(rt2661_def_bbp); i++) { 2431 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2432 rt2661_def_bbp[i].val); 2433 } 2434 2435 /* write vendor-specific BBP values (from EEPROM) */ 2436 for (i = 0; i < 16; i++) { 2437 if (sc->bbp_prom[i].reg == 0) 2438 continue; 2439 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2440 } 2441 2442 return 0; 2443 #undef N 2444 } 2445 2446 static void 2447 rt2661_init(void *priv) 2448 { 2449 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2450 struct rt2661_softc *sc = priv; 2451 struct ieee80211com *ic = &sc->sc_ic; 2452 struct ifnet *ifp = ic->ic_ifp; 2453 uint32_t tmp, sta[3]; 2454 int i, ntries; 2455 2456 RAL_LOCK(sc); 2457 2458 rt2661_stop_locked(sc); 2459 2460 /* initialize Tx rings */ 2461 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2462 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2463 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2464 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2465 2466 /* initialize Mgt ring */ 2467 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2468 2469 /* initialize Rx ring */ 2470 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2471 2472 /* initialize Tx rings sizes */ 2473 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2474 RT2661_TX_RING_COUNT << 24 | 2475 RT2661_TX_RING_COUNT << 16 | 2476 RT2661_TX_RING_COUNT << 8 | 2477 RT2661_TX_RING_COUNT); 2478 2479 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2480 RT2661_TX_DESC_WSIZE << 16 | 2481 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2482 RT2661_MGT_RING_COUNT); 2483 2484 /* initialize Rx rings */ 2485 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2486 RT2661_RX_DESC_BACK << 16 | 2487 RT2661_RX_DESC_WSIZE << 8 | 2488 RT2661_RX_RING_COUNT); 2489 2490 /* XXX: some magic here */ 2491 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2492 2493 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2494 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2495 2496 /* load base address of Rx ring */ 2497 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2498 2499 /* initialize MAC registers to default values */ 2500 for (i = 0; i < N(rt2661_def_mac); i++) 2501 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2502 2503 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2504 rt2661_set_macaddr(sc, ic->ic_myaddr); 2505 2506 /* set host ready */ 2507 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2508 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2509 2510 /* wait for BBP/RF to wakeup */ 2511 for (ntries = 0; ntries < 1000; ntries++) { 2512 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2513 break; 2514 DELAY(1000); 2515 } 2516 if (ntries == 1000) { 2517 printf("timeout waiting for BBP/RF to wakeup\n"); 2518 rt2661_stop_locked(sc); 2519 RAL_UNLOCK(sc); 2520 return; 2521 } 2522 2523 if (rt2661_bbp_init(sc) != 0) { 2524 rt2661_stop_locked(sc); 2525 RAL_UNLOCK(sc); 2526 return; 2527 } 2528 2529 /* select default channel */ 2530 sc->sc_curchan = ic->ic_curchan; 2531 rt2661_select_band(sc, sc->sc_curchan); 2532 rt2661_select_antenna(sc); 2533 rt2661_set_chan(sc, sc->sc_curchan); 2534 2535 /* update Rx filter */ 2536 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2537 2538 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2539 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2540 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2541 RT2661_DROP_ACKCTS; 2542 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2543 tmp |= RT2661_DROP_TODS; 2544 if (!(ifp->if_flags & IFF_PROMISC)) 2545 tmp |= RT2661_DROP_NOT_TO_ME; 2546 } 2547 2548 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2549 2550 /* clear STA registers */ 2551 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta)); 2552 2553 /* initialize ASIC */ 2554 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2555 2556 /* clear any pending interrupt */ 2557 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2558 2559 /* enable interrupts */ 2560 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2561 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2562 2563 /* kick Rx */ 2564 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2565 RAL_UNLOCK(sc); 2566 2567 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2568 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2569 2570 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2571 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2572 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2573 } else 2574 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2575 2576 2577 #undef N 2578 } 2579 2580 void 2581 rt2661_stop(void *priv) 2582 { 2583 struct rt2661_softc *sc = priv; 2584 2585 RAL_LOCK(sc); 2586 rt2661_stop_locked(sc); 2587 RAL_UNLOCK(sc); 2588 } 2589 2590 void 2591 rt2661_stop_locked(struct rt2661_softc *sc) 2592 { 2593 struct ieee80211com *ic = &sc->sc_ic; 2594 struct ifnet *ifp = ic->ic_ifp; 2595 uint32_t tmp; 2596 volatile int *flags = &sc->sc_flags; 2597 2598 while (*flags & RAL_INPUT_RUNNING) { 2599 msleep(sc, &sc->sc_mtx, 0, "ralrunning", hz/10); 2600 } 2601 2602 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 2603 sc->sc_tx_timer = 0; 2604 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 2605 2606 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2607 2608 /* abort Tx (for all 5 Tx rings) */ 2609 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2610 2611 /* disable Rx (value remains after reset!) */ 2612 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2613 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2614 2615 /* reset ASIC */ 2616 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2617 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2618 2619 /* disable interrupts */ 2620 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffffff); 2621 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2622 2623 /* clear any pending interrupt */ 2624 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2625 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2626 2627 /* reset Tx and Rx rings */ 2628 rt2661_reset_tx_ring(sc, &sc->txq[0]); 2629 rt2661_reset_tx_ring(sc, &sc->txq[1]); 2630 rt2661_reset_tx_ring(sc, &sc->txq[2]); 2631 rt2661_reset_tx_ring(sc, &sc->txq[3]); 2632 rt2661_reset_tx_ring(sc, &sc->mgtq); 2633 rt2661_reset_rx_ring(sc, &sc->rxq); 2634 } 2635 } 2636 2637 static int 2638 rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size) 2639 { 2640 int ntries; 2641 2642 /* reset 8051 */ 2643 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2644 2645 /* cancel any pending Host to MCU command */ 2646 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2647 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2648 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2649 2650 /* write 8051's microcode */ 2651 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2652 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size); 2653 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2654 2655 /* kick 8051's ass */ 2656 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2657 2658 /* wait for 8051 to initialize */ 2659 for (ntries = 0; ntries < 500; ntries++) { 2660 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2661 break; 2662 DELAY(100); 2663 } 2664 if (ntries == 500) { 2665 printf("timeout waiting for MCU to initialize\n"); 2666 return EIO; 2667 } 2668 return 0; 2669 } 2670 2671 #ifdef notyet 2672 /* 2673 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2674 * false CCA count. This function is called periodically (every seconds) when 2675 * in the RUN state. Values taken from the reference driver. 2676 */ 2677 static void 2678 rt2661_rx_tune(struct rt2661_softc *sc) 2679 { 2680 uint8_t bbp17; 2681 uint16_t cca; 2682 int lo, hi, dbm; 2683 2684 /* 2685 * Tuning range depends on operating band and on the presence of an 2686 * external low-noise amplifier. 2687 */ 2688 lo = 0x20; 2689 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2690 lo += 0x08; 2691 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2692 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2693 lo += 0x10; 2694 hi = lo + 0x20; 2695 2696 /* retrieve false CCA count since last call (clear on read) */ 2697 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2698 2699 if (dbm >= -35) { 2700 bbp17 = 0x60; 2701 } else if (dbm >= -58) { 2702 bbp17 = hi; 2703 } else if (dbm >= -66) { 2704 bbp17 = lo + 0x10; 2705 } else if (dbm >= -74) { 2706 bbp17 = lo + 0x08; 2707 } else { 2708 /* RSSI < -74dBm, tune using false CCA count */ 2709 2710 bbp17 = sc->bbp17; /* current value */ 2711 2712 hi -= 2 * (-74 - dbm); 2713 if (hi < lo) 2714 hi = lo; 2715 2716 if (bbp17 > hi) { 2717 bbp17 = hi; 2718 2719 } else if (cca > 512) { 2720 if (++bbp17 > hi) 2721 bbp17 = hi; 2722 } else if (cca < 100) { 2723 if (--bbp17 < lo) 2724 bbp17 = lo; 2725 } 2726 } 2727 2728 if (bbp17 != sc->bbp17) { 2729 rt2661_bbp_write(sc, 17, bbp17); 2730 sc->bbp17 = bbp17; 2731 } 2732 } 2733 2734 /* 2735 * Enter/Leave radar detection mode. 2736 * This is for 802.11h additional regulatory domains. 2737 */ 2738 static void 2739 rt2661_radar_start(struct rt2661_softc *sc) 2740 { 2741 uint32_t tmp; 2742 2743 /* disable Rx */ 2744 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2745 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2746 2747 rt2661_bbp_write(sc, 82, 0x20); 2748 rt2661_bbp_write(sc, 83, 0x00); 2749 rt2661_bbp_write(sc, 84, 0x40); 2750 2751 /* save current BBP registers values */ 2752 sc->bbp18 = rt2661_bbp_read(sc, 18); 2753 sc->bbp21 = rt2661_bbp_read(sc, 21); 2754 sc->bbp22 = rt2661_bbp_read(sc, 22); 2755 sc->bbp16 = rt2661_bbp_read(sc, 16); 2756 sc->bbp17 = rt2661_bbp_read(sc, 17); 2757 sc->bbp64 = rt2661_bbp_read(sc, 64); 2758 2759 rt2661_bbp_write(sc, 18, 0xff); 2760 rt2661_bbp_write(sc, 21, 0x3f); 2761 rt2661_bbp_write(sc, 22, 0x3f); 2762 rt2661_bbp_write(sc, 16, 0xbd); 2763 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2764 rt2661_bbp_write(sc, 64, 0x21); 2765 2766 /* restore Rx filter */ 2767 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2768 } 2769 2770 static int 2771 rt2661_radar_stop(struct rt2661_softc *sc) 2772 { 2773 uint8_t bbp66; 2774 2775 /* read radar detection result */ 2776 bbp66 = rt2661_bbp_read(sc, 66); 2777 2778 /* restore BBP registers values */ 2779 rt2661_bbp_write(sc, 16, sc->bbp16); 2780 rt2661_bbp_write(sc, 17, sc->bbp17); 2781 rt2661_bbp_write(sc, 18, sc->bbp18); 2782 rt2661_bbp_write(sc, 21, sc->bbp21); 2783 rt2661_bbp_write(sc, 22, sc->bbp22); 2784 rt2661_bbp_write(sc, 64, sc->bbp64); 2785 2786 return bbp66 == 1; 2787 } 2788 #endif 2789 2790 static int 2791 rt2661_prepare_beacon(struct rt2661_softc *sc) 2792 { 2793 struct ieee80211com *ic = &sc->sc_ic; 2794 struct ieee80211_beacon_offsets bo; 2795 struct rt2661_tx_desc desc; 2796 struct mbuf *m0; 2797 int rate; 2798 2799 m0 = ieee80211_beacon_alloc(ic, ic->ic_bss, &bo); 2800 if (m0 == NULL) { 2801 device_printf(sc->sc_dev, "could not allocate beacon frame\n"); 2802 return ENOBUFS; 2803 } 2804 2805 /* send beacons at the lowest available rate */ 2806 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2; 2807 2808 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2809 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT); 2810 2811 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2812 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2813 2814 /* copy beacon header and payload into NIC memory */ 2815 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2816 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2817 2818 m_freem(m0); 2819 2820 return 0; 2821 } 2822 2823 /* 2824 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 2825 * and HostAP operating modes. 2826 */ 2827 static void 2828 rt2661_enable_tsf_sync(struct rt2661_softc *sc) 2829 { 2830 struct ieee80211com *ic = &sc->sc_ic; 2831 uint32_t tmp; 2832 2833 if (ic->ic_opmode != IEEE80211_M_STA) { 2834 /* 2835 * Change default 16ms TBTT adjustment to 8ms. 2836 * Must be done before enabling beacon generation. 2837 */ 2838 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 2839 } 2840 2841 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 2842 2843 /* set beacon interval (in 1/16ms unit) */ 2844 tmp |= ic->ic_bss->ni_intval * 16; 2845 2846 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 2847 if (ic->ic_opmode == IEEE80211_M_STA) 2848 tmp |= RT2661_TSF_MODE(1); 2849 else 2850 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 2851 2852 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 2853 } 2854 2855 /* 2856 * Retrieve the "Received Signal Strength Indicator" from the raw values 2857 * contained in Rx descriptors. The computation depends on which band the 2858 * frame was received. Correction values taken from the reference driver. 2859 */ 2860 static int 2861 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 2862 { 2863 int lna, agc, rssi; 2864 2865 lna = (raw >> 5) & 0x3; 2866 agc = raw & 0x1f; 2867 2868 if (lna == 0) { 2869 /* 2870 * No mapping available. 2871 * 2872 * NB: Since RSSI is relative to noise floor, -1 is 2873 * adequate for caller to know error happened. 2874 */ 2875 return -1; 2876 } 2877 2878 rssi = (2 * agc) - RT2661_NOISE_FLOOR; 2879 2880 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 2881 rssi += sc->rssi_2ghz_corr; 2882 2883 if (lna == 1) 2884 rssi -= 64; 2885 else if (lna == 2) 2886 rssi -= 74; 2887 else if (lna == 3) 2888 rssi -= 90; 2889 } else { 2890 rssi += sc->rssi_5ghz_corr; 2891 2892 if (lna == 1) 2893 rssi -= 64; 2894 else if (lna == 2) 2895 rssi -= 86; 2896 else if (lna == 3) 2897 rssi -= 100; 2898 } 2899 return rssi; 2900 } 2901 2902 static void 2903 rt2661_scan_start(struct ieee80211com *ic) 2904 { 2905 struct ifnet *ifp = ic->ic_ifp; 2906 struct rt2661_softc *sc = ifp->if_softc; 2907 uint32_t tmp; 2908 2909 /* abort TSF synchronization */ 2910 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 2911 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0xffffff); 2912 rt2661_set_bssid(sc, ifp->if_broadcastaddr); 2913 } 2914 2915 static void 2916 rt2661_scan_end(struct ieee80211com *ic) 2917 { 2918 struct ifnet *ifp = ic->ic_ifp; 2919 struct rt2661_softc *sc = ifp->if_softc; 2920 2921 rt2661_enable_tsf_sync(sc); 2922 /* XXX keep local copy */ 2923 rt2661_set_bssid(sc, ic->ic_bss->ni_bssid); 2924 } 2925 2926 static void 2927 rt2661_set_channel(struct ieee80211com *ic) 2928 { 2929 struct ifnet *ifp = ic->ic_ifp; 2930 struct rt2661_softc *sc = ifp->if_softc; 2931 2932 RAL_LOCK(sc); 2933 rt2661_set_chan(sc, ic->ic_curchan); 2934 RAL_UNLOCK(sc); 2935 2936 } 2937