1 /* $FreeBSD$ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __FBSDID("$FreeBSD$"); 22 23 /*- 24 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 25 * http://www.ralinktech.com/ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/sysctl.h> 30 #include <sys/sockio.h> 31 #include <sys/mbuf.h> 32 #include <sys/kernel.h> 33 #include <sys/socket.h> 34 #include <sys/systm.h> 35 #include <sys/malloc.h> 36 #include <sys/lock.h> 37 #include <sys/mutex.h> 38 #include <sys/module.h> 39 #include <sys/bus.h> 40 #include <sys/endian.h> 41 42 #include <machine/bus.h> 43 #include <machine/resource.h> 44 #include <sys/rman.h> 45 46 #include <net/bpf.h> 47 #include <net/if.h> 48 #include <net/if_arp.h> 49 #include <net/ethernet.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 54 #include <net80211/ieee80211_var.h> 55 #include <net80211/ieee80211_radiotap.h> 56 #include <net80211/ieee80211_regdomain.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/ip.h> 62 #include <netinet/if_ether.h> 63 64 #include <dev/ral/if_ralrate.h> 65 #include <dev/ral/rt2661reg.h> 66 #include <dev/ral/rt2661var.h> 67 #include <dev/ral/rt2661_ucode.h> 68 69 #ifdef RAL_DEBUG 70 #define DPRINTF(x) do { if (ral_debug > 0) printf x; } while (0) 71 #define DPRINTFN(n, x) do { if (ral_debug >= (n)) printf x; } while (0) 72 int ral_debug = 0; 73 SYSCTL_INT(_debug, OID_AUTO, ral, CTLFLAG_RW, &ral_debug, 0, "ral debug level"); 74 #else 75 #define DPRINTF(x) 76 #define DPRINTFN(n, x) 77 #endif 78 79 static void rt2661_dma_map_addr(void *, bus_dma_segment_t *, int, 80 int); 81 static int rt2661_alloc_tx_ring(struct rt2661_softc *, 82 struct rt2661_tx_ring *, int); 83 static void rt2661_reset_tx_ring(struct rt2661_softc *, 84 struct rt2661_tx_ring *); 85 static void rt2661_free_tx_ring(struct rt2661_softc *, 86 struct rt2661_tx_ring *); 87 static int rt2661_alloc_rx_ring(struct rt2661_softc *, 88 struct rt2661_rx_ring *, int); 89 static void rt2661_reset_rx_ring(struct rt2661_softc *, 90 struct rt2661_rx_ring *); 91 static void rt2661_free_rx_ring(struct rt2661_softc *, 92 struct rt2661_rx_ring *); 93 static struct ieee80211_node *rt2661_node_alloc( 94 struct ieee80211_node_table *); 95 static int rt2661_media_change(struct ifnet *); 96 static int rt2661_newstate(struct ieee80211com *, 97 enum ieee80211_state, int); 98 static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 99 static void rt2661_rx_intr(struct rt2661_softc *); 100 static void rt2661_tx_intr(struct rt2661_softc *); 101 static void rt2661_tx_dma_intr(struct rt2661_softc *, 102 struct rt2661_tx_ring *); 103 static void rt2661_mcu_beacon_expire(struct rt2661_softc *); 104 static void rt2661_mcu_wakeup(struct rt2661_softc *); 105 static void rt2661_mcu_cmd_intr(struct rt2661_softc *); 106 static int rt2661_ack_rate(struct ieee80211com *, int); 107 static void rt2661_scan_start(struct ieee80211com *); 108 static void rt2661_scan_end(struct ieee80211com *); 109 static void rt2661_set_channel(struct ieee80211com *); 110 static uint16_t rt2661_txtime(int, int, uint32_t); 111 static uint8_t rt2661_rxrate(struct rt2661_rx_desc *); 112 static uint8_t rt2661_plcp_signal(int); 113 static void rt2661_setup_tx_desc(struct rt2661_softc *, 114 struct rt2661_tx_desc *, uint32_t, uint16_t, int, 115 int, const bus_dma_segment_t *, int, int); 116 static struct mbuf * rt2661_get_rts(struct rt2661_softc *, 117 struct ieee80211_frame *, uint16_t); 118 static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 119 struct ieee80211_node *, int); 120 static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 121 struct ieee80211_node *); 122 static void rt2661_start(struct ifnet *); 123 static void rt2661_watchdog(void *); 124 static int rt2661_reset(struct ifnet *); 125 static int rt2661_ioctl(struct ifnet *, u_long, caddr_t); 126 static void rt2661_bbp_write(struct rt2661_softc *, uint8_t, 127 uint8_t); 128 static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 129 static void rt2661_rf_write(struct rt2661_softc *, uint8_t, 130 uint32_t); 131 static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, 132 uint16_t); 133 static void rt2661_select_antenna(struct rt2661_softc *); 134 static void rt2661_enable_mrr(struct rt2661_softc *); 135 static void rt2661_set_txpreamble(struct rt2661_softc *); 136 static void rt2661_set_basicrates(struct rt2661_softc *, 137 const struct ieee80211_rateset *); 138 static void rt2661_select_band(struct rt2661_softc *, 139 struct ieee80211_channel *); 140 static void rt2661_set_chan(struct rt2661_softc *, 141 struct ieee80211_channel *); 142 static void rt2661_set_bssid(struct rt2661_softc *, 143 const uint8_t *); 144 static void rt2661_set_macaddr(struct rt2661_softc *, 145 const uint8_t *); 146 static void rt2661_update_promisc(struct rt2661_softc *); 147 static int rt2661_wme_update(struct ieee80211com *) __unused; 148 static void rt2661_update_slot(struct ifnet *); 149 static const char *rt2661_get_rf(int); 150 static void rt2661_read_eeprom(struct rt2661_softc *); 151 static int rt2661_bbp_init(struct rt2661_softc *); 152 static void rt2661_init(void *); 153 static void rt2661_stop(void *); 154 static void rt2661_stop_locked(struct rt2661_softc *); 155 static int rt2661_load_microcode(struct rt2661_softc *, 156 const uint8_t *, int); 157 #ifdef notyet 158 static void rt2661_rx_tune(struct rt2661_softc *); 159 static void rt2661_radar_start(struct rt2661_softc *); 160 static int rt2661_radar_stop(struct rt2661_softc *); 161 #endif 162 static int rt2661_prepare_beacon(struct rt2661_softc *); 163 static void rt2661_enable_tsf_sync(struct rt2661_softc *); 164 static int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 165 166 static const struct { 167 uint32_t reg; 168 uint32_t val; 169 } rt2661_def_mac[] = { 170 RT2661_DEF_MAC 171 }; 172 173 static const struct { 174 uint8_t reg; 175 uint8_t val; 176 } rt2661_def_bbp[] = { 177 RT2661_DEF_BBP 178 }; 179 180 static const struct rfprog { 181 uint8_t chan; 182 uint32_t r1, r2, r3, r4; 183 } rt2661_rf5225_1[] = { 184 RT2661_RF5225_1 185 }, rt2661_rf5225_2[] = { 186 RT2661_RF5225_2 187 }; 188 189 int 190 rt2661_attach(device_t dev, int id) 191 { 192 struct rt2661_softc *sc = device_get_softc(dev); 193 struct ieee80211com *ic = &sc->sc_ic; 194 struct ifnet *ifp; 195 uint32_t val; 196 const uint8_t *ucode = NULL; 197 int bands, error, ac, ntries, size = 0; 198 199 sc->sc_dev = dev; 200 201 mtx_init(&sc->sc_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK, 202 MTX_DEF | MTX_RECURSE); 203 204 callout_init_mtx(&sc->watchdog_ch, &sc->sc_mtx, 0); 205 callout_init(&sc->rssadapt_ch, CALLOUT_MPSAFE); 206 207 /* wait for NIC to initialize */ 208 for (ntries = 0; ntries < 1000; ntries++) { 209 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 210 break; 211 DELAY(1000); 212 } 213 if (ntries == 1000) { 214 device_printf(sc->sc_dev, 215 "timeout waiting for NIC to initialize\n"); 216 error = EIO; 217 goto fail1; 218 } 219 220 /* retrieve RF rev. no and various other things from EEPROM */ 221 rt2661_read_eeprom(sc); 222 223 device_printf(dev, "MAC/BBP RT%X, RF %s\n", val, 224 rt2661_get_rf(sc->rf_rev)); 225 226 /* 227 * Load 8051 microcode into NIC. 228 */ 229 switch (id) { 230 case 0x0301: 231 ucode = rt2561s_ucode; 232 size = sizeof rt2561s_ucode; 233 break; 234 case 0x0302: 235 ucode = rt2561_ucode; 236 size = sizeof rt2561_ucode; 237 break; 238 case 0x0401: 239 ucode = rt2661_ucode; 240 size = sizeof rt2661_ucode; 241 break; 242 } 243 244 error = rt2661_load_microcode(sc, ucode, size); 245 if (error != 0) { 246 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 247 goto fail1; 248 } 249 250 /* 251 * Allocate Tx and Rx rings. 252 */ 253 for (ac = 0; ac < 4; ac++) { 254 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac], 255 RT2661_TX_RING_COUNT); 256 if (error != 0) { 257 device_printf(sc->sc_dev, 258 "could not allocate Tx ring %d\n", ac); 259 goto fail2; 260 } 261 } 262 263 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 264 if (error != 0) { 265 device_printf(sc->sc_dev, "could not allocate Mgt ring\n"); 266 goto fail2; 267 } 268 269 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 270 if (error != 0) { 271 device_printf(sc->sc_dev, "could not allocate Rx ring\n"); 272 goto fail3; 273 } 274 275 ifp = sc->sc_ifp = if_alloc(IFT_ETHER); 276 if (ifp == NULL) { 277 device_printf(sc->sc_dev, "can not if_alloc()\n"); 278 error = ENOMEM; 279 goto fail4; 280 } 281 282 ifp->if_softc = sc; 283 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 284 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 285 ifp->if_init = rt2661_init; 286 ifp->if_ioctl = rt2661_ioctl; 287 ifp->if_start = rt2661_start; 288 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 289 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN; 290 IFQ_SET_READY(&ifp->if_snd); 291 292 ic->ic_ifp = ifp; 293 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 294 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 295 ic->ic_state = IEEE80211_S_INIT; 296 297 /* set device capabilities */ 298 ic->ic_caps = 299 IEEE80211_C_IBSS | /* IBSS mode supported */ 300 IEEE80211_C_MONITOR | /* monitor mode supported */ 301 IEEE80211_C_HOSTAP | /* HostAp mode supported */ 302 IEEE80211_C_TXPMGT | /* tx power management */ 303 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 304 IEEE80211_C_SHSLOT | /* short slot time supported */ 305 #ifdef notyet 306 IEEE80211_C_WME | /* 802.11e */ 307 #endif 308 IEEE80211_C_BGSCAN | /* bg scanning support */ 309 IEEE80211_C_WPA; /* 802.11i */ 310 311 bands = 0; 312 setbit(&bands, IEEE80211_MODE_11B); 313 setbit(&bands, IEEE80211_MODE_11G); 314 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) 315 setbit(&bands, IEEE80211_MODE_11A); 316 ieee80211_init_channels(ic, 0, CTRY_DEFAULT, bands, 0, 1); 317 318 ieee80211_ifattach(ic); 319 ic->ic_node_alloc = rt2661_node_alloc; 320 /* ic->ic_wme.wme_update = rt2661_wme_update;*/ 321 ic->ic_scan_start = rt2661_scan_start; 322 ic->ic_scan_end = rt2661_scan_end; 323 ic->ic_set_channel = rt2661_set_channel; 324 ic->ic_updateslot = rt2661_update_slot; 325 ic->ic_reset = rt2661_reset; 326 /* enable s/w bmiss handling in sta mode */ 327 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 328 329 /* override state transition machine */ 330 sc->sc_newstate = ic->ic_newstate; 331 ic->ic_newstate = rt2661_newstate; 332 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status); 333 334 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 335 sizeof (struct ieee80211_frame) + sizeof (sc->sc_txtap), 336 &sc->sc_drvbpf); 337 338 sc->sc_rxtap_len = sizeof sc->sc_rxtap; 339 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 340 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 341 342 sc->sc_txtap_len = sizeof sc->sc_txtap; 343 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 344 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 345 346 347 /* 348 * Add a few sysctl knobs. 349 */ 350 sc->dwelltime = 200; 351 352 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev), 353 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO, "dwell", 354 CTLFLAG_RW, &sc->dwelltime, 0, 355 "channel dwell time (ms) for AP/station scanning"); 356 357 if (bootverbose) 358 ieee80211_announce(ic); 359 360 return 0; 361 362 fail4: rt2661_free_rx_ring(sc, &sc->rxq); 363 fail3: rt2661_free_tx_ring(sc, &sc->mgtq); 364 fail2: while (--ac >= 0) 365 rt2661_free_tx_ring(sc, &sc->txq[ac]); 366 fail1: mtx_destroy(&sc->sc_mtx); 367 return error; 368 } 369 370 int 371 rt2661_detach(void *xsc) 372 { 373 struct rt2661_softc *sc = xsc; 374 struct ieee80211com *ic = &sc->sc_ic; 375 struct ifnet *ifp = ic->ic_ifp; 376 377 rt2661_stop(sc); 378 callout_stop(&sc->watchdog_ch); 379 callout_stop(&sc->rssadapt_ch); 380 381 bpfdetach(ifp); 382 ieee80211_ifdetach(ic); 383 384 rt2661_free_tx_ring(sc, &sc->txq[0]); 385 rt2661_free_tx_ring(sc, &sc->txq[1]); 386 rt2661_free_tx_ring(sc, &sc->txq[2]); 387 rt2661_free_tx_ring(sc, &sc->txq[3]); 388 rt2661_free_tx_ring(sc, &sc->mgtq); 389 rt2661_free_rx_ring(sc, &sc->rxq); 390 391 if_free(ifp); 392 393 mtx_destroy(&sc->sc_mtx); 394 395 return 0; 396 } 397 398 void 399 rt2661_shutdown(void *xsc) 400 { 401 struct rt2661_softc *sc = xsc; 402 403 rt2661_stop(sc); 404 } 405 406 void 407 rt2661_suspend(void *xsc) 408 { 409 struct rt2661_softc *sc = xsc; 410 411 rt2661_stop(sc); 412 } 413 414 void 415 rt2661_resume(void *xsc) 416 { 417 struct rt2661_softc *sc = xsc; 418 struct ifnet *ifp = sc->sc_ic.ic_ifp; 419 420 if (ifp->if_flags & IFF_UP) { 421 ifp->if_init(ifp->if_softc); 422 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 423 ifp->if_start(ifp); 424 } 425 } 426 427 static void 428 rt2661_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 429 { 430 if (error != 0) 431 return; 432 433 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 434 435 *(bus_addr_t *)arg = segs[0].ds_addr; 436 } 437 438 static int 439 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 440 int count) 441 { 442 int i, error; 443 444 ring->count = count; 445 ring->queued = 0; 446 ring->cur = ring->next = ring->stat = 0; 447 448 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 449 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 450 count * RT2661_TX_DESC_SIZE, 1, count * RT2661_TX_DESC_SIZE, 451 0, NULL, NULL, &ring->desc_dmat); 452 if (error != 0) { 453 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 454 goto fail; 455 } 456 457 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 458 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 459 if (error != 0) { 460 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 461 goto fail; 462 } 463 464 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 465 count * RT2661_TX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 466 0); 467 if (error != 0) { 468 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 469 goto fail; 470 } 471 472 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF, 473 M_NOWAIT | M_ZERO); 474 if (ring->data == NULL) { 475 device_printf(sc->sc_dev, "could not allocate soft data\n"); 476 error = ENOMEM; 477 goto fail; 478 } 479 480 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 481 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 482 RT2661_MAX_SCATTER, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 483 if (error != 0) { 484 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 485 goto fail; 486 } 487 488 for (i = 0; i < count; i++) { 489 error = bus_dmamap_create(ring->data_dmat, 0, 490 &ring->data[i].map); 491 if (error != 0) { 492 device_printf(sc->sc_dev, "could not create DMA map\n"); 493 goto fail; 494 } 495 } 496 497 return 0; 498 499 fail: rt2661_free_tx_ring(sc, ring); 500 return error; 501 } 502 503 static void 504 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 505 { 506 struct rt2661_tx_desc *desc; 507 struct rt2661_tx_data *data; 508 int i; 509 510 for (i = 0; i < ring->count; i++) { 511 desc = &ring->desc[i]; 512 data = &ring->data[i]; 513 514 if (data->m != NULL) { 515 bus_dmamap_sync(ring->data_dmat, data->map, 516 BUS_DMASYNC_POSTWRITE); 517 bus_dmamap_unload(ring->data_dmat, data->map); 518 m_freem(data->m); 519 data->m = NULL; 520 } 521 522 if (data->ni != NULL) { 523 ieee80211_free_node(data->ni); 524 data->ni = NULL; 525 } 526 527 desc->flags = 0; 528 } 529 530 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 531 532 ring->queued = 0; 533 ring->cur = ring->next = ring->stat = 0; 534 } 535 536 static void 537 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 538 { 539 struct rt2661_tx_data *data; 540 int i; 541 542 if (ring->desc != NULL) { 543 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 544 BUS_DMASYNC_POSTWRITE); 545 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 546 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 547 } 548 549 if (ring->desc_dmat != NULL) 550 bus_dma_tag_destroy(ring->desc_dmat); 551 552 if (ring->data != NULL) { 553 for (i = 0; i < ring->count; i++) { 554 data = &ring->data[i]; 555 556 if (data->m != NULL) { 557 bus_dmamap_sync(ring->data_dmat, data->map, 558 BUS_DMASYNC_POSTWRITE); 559 bus_dmamap_unload(ring->data_dmat, data->map); 560 m_freem(data->m); 561 } 562 563 if (data->ni != NULL) 564 ieee80211_free_node(data->ni); 565 566 if (data->map != NULL) 567 bus_dmamap_destroy(ring->data_dmat, data->map); 568 } 569 570 free(ring->data, M_DEVBUF); 571 } 572 573 if (ring->data_dmat != NULL) 574 bus_dma_tag_destroy(ring->data_dmat); 575 } 576 577 static int 578 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 579 int count) 580 { 581 struct rt2661_rx_desc *desc; 582 struct rt2661_rx_data *data; 583 bus_addr_t physaddr; 584 int i, error; 585 586 ring->count = count; 587 ring->cur = ring->next = 0; 588 589 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 590 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 591 count * RT2661_RX_DESC_SIZE, 1, count * RT2661_RX_DESC_SIZE, 592 0, NULL, NULL, &ring->desc_dmat); 593 if (error != 0) { 594 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 595 goto fail; 596 } 597 598 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 599 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 600 if (error != 0) { 601 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 602 goto fail; 603 } 604 605 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 606 count * RT2661_RX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 607 0); 608 if (error != 0) { 609 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 610 goto fail; 611 } 612 613 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF, 614 M_NOWAIT | M_ZERO); 615 if (ring->data == NULL) { 616 device_printf(sc->sc_dev, "could not allocate soft data\n"); 617 error = ENOMEM; 618 goto fail; 619 } 620 621 /* 622 * Pre-allocate Rx buffers and populate Rx ring. 623 */ 624 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 625 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 626 1, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 627 if (error != 0) { 628 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 629 goto fail; 630 } 631 632 for (i = 0; i < count; i++) { 633 desc = &sc->rxq.desc[i]; 634 data = &sc->rxq.data[i]; 635 636 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 637 if (error != 0) { 638 device_printf(sc->sc_dev, "could not create DMA map\n"); 639 goto fail; 640 } 641 642 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 643 if (data->m == NULL) { 644 device_printf(sc->sc_dev, 645 "could not allocate rx mbuf\n"); 646 error = ENOMEM; 647 goto fail; 648 } 649 650 error = bus_dmamap_load(ring->data_dmat, data->map, 651 mtod(data->m, void *), MCLBYTES, rt2661_dma_map_addr, 652 &physaddr, 0); 653 if (error != 0) { 654 device_printf(sc->sc_dev, 655 "could not load rx buf DMA map"); 656 goto fail; 657 } 658 659 desc->flags = htole32(RT2661_RX_BUSY); 660 desc->physaddr = htole32(physaddr); 661 } 662 663 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 664 665 return 0; 666 667 fail: rt2661_free_rx_ring(sc, ring); 668 return error; 669 } 670 671 static void 672 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 673 { 674 int i; 675 676 for (i = 0; i < ring->count; i++) 677 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 678 679 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 680 681 ring->cur = ring->next = 0; 682 } 683 684 static void 685 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 686 { 687 struct rt2661_rx_data *data; 688 int i; 689 690 if (ring->desc != NULL) { 691 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 692 BUS_DMASYNC_POSTWRITE); 693 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 694 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 695 } 696 697 if (ring->desc_dmat != NULL) 698 bus_dma_tag_destroy(ring->desc_dmat); 699 700 if (ring->data != NULL) { 701 for (i = 0; i < ring->count; i++) { 702 data = &ring->data[i]; 703 704 if (data->m != NULL) { 705 bus_dmamap_sync(ring->data_dmat, data->map, 706 BUS_DMASYNC_POSTREAD); 707 bus_dmamap_unload(ring->data_dmat, data->map); 708 m_freem(data->m); 709 } 710 711 if (data->map != NULL) 712 bus_dmamap_destroy(ring->data_dmat, data->map); 713 } 714 715 free(ring->data, M_DEVBUF); 716 } 717 718 if (ring->data_dmat != NULL) 719 bus_dma_tag_destroy(ring->data_dmat); 720 } 721 722 static struct ieee80211_node * 723 rt2661_node_alloc(struct ieee80211_node_table *nt) 724 { 725 struct rt2661_node *rn; 726 727 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE, 728 M_NOWAIT | M_ZERO); 729 730 return (rn != NULL) ? &rn->ni : NULL; 731 } 732 733 static int 734 rt2661_media_change(struct ifnet *ifp) 735 { 736 struct rt2661_softc *sc = ifp->if_softc; 737 int error; 738 739 error = ieee80211_media_change(ifp); 740 if (error != ENETRESET) 741 return error; 742 743 if ((ifp->if_flags & IFF_UP) && (ifp->if_drv_flags & IFF_DRV_RUNNING)) 744 rt2661_init(sc); 745 746 return 0; 747 } 748 749 /* 750 * This function is called for each node present in the node station table. 751 */ 752 static void 753 rt2661_iter_func(void *arg, struct ieee80211_node *ni) 754 { 755 struct rt2661_node *rn = (struct rt2661_node *)ni; 756 757 ral_rssadapt_updatestats(&rn->rssadapt); 758 } 759 760 /* 761 * This function is called periodically (every 100ms) in RUN state to update 762 * the rate adaptation statistics. 763 */ 764 static void 765 rt2661_update_rssadapt(void *arg) 766 { 767 struct rt2661_softc *sc = arg; 768 struct ieee80211com *ic = &sc->sc_ic; 769 770 RAL_LOCK(sc); 771 772 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg); 773 callout_reset(&sc->rssadapt_ch, hz / 10, rt2661_update_rssadapt, sc); 774 775 RAL_UNLOCK(sc); 776 } 777 778 static int 779 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 780 { 781 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 782 enum ieee80211_state ostate; 783 struct ieee80211_node *ni; 784 uint32_t tmp; 785 int error = 0; 786 787 ostate = ic->ic_state; 788 789 switch (nstate) { 790 case IEEE80211_S_INIT: 791 callout_stop(&sc->rssadapt_ch); 792 793 if (ostate == IEEE80211_S_RUN) { 794 /* abort TSF synchronization */ 795 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 796 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 797 } 798 break; 799 case IEEE80211_S_RUN: 800 ni = ic->ic_bss; 801 802 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 803 rt2661_enable_mrr(sc); 804 rt2661_set_txpreamble(sc); 805 rt2661_set_basicrates(sc, &ni->ni_rates); 806 rt2661_set_bssid(sc, ni->ni_bssid); 807 } 808 809 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 810 ic->ic_opmode == IEEE80211_M_IBSS) { 811 if ((error = rt2661_prepare_beacon(sc)) != 0) 812 break; 813 } 814 815 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 816 callout_reset(&sc->rssadapt_ch, hz / 10, 817 rt2661_update_rssadapt, sc); 818 rt2661_enable_tsf_sync(sc); 819 } 820 break; 821 case IEEE80211_S_SCAN: 822 case IEEE80211_S_AUTH: 823 case IEEE80211_S_ASSOC: 824 default: 825 break; 826 } 827 828 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg); 829 } 830 831 /* 832 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 833 * 93C66). 834 */ 835 static uint16_t 836 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 837 { 838 uint32_t tmp; 839 uint16_t val; 840 int n; 841 842 /* clock C once before the first command */ 843 RT2661_EEPROM_CTL(sc, 0); 844 845 RT2661_EEPROM_CTL(sc, RT2661_S); 846 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 847 RT2661_EEPROM_CTL(sc, RT2661_S); 848 849 /* write start bit (1) */ 850 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 851 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 852 853 /* write READ opcode (10) */ 854 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 855 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 856 RT2661_EEPROM_CTL(sc, RT2661_S); 857 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 858 859 /* write address (A5-A0 or A7-A0) */ 860 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 861 for (; n >= 0; n--) { 862 RT2661_EEPROM_CTL(sc, RT2661_S | 863 (((addr >> n) & 1) << RT2661_SHIFT_D)); 864 RT2661_EEPROM_CTL(sc, RT2661_S | 865 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 866 } 867 868 RT2661_EEPROM_CTL(sc, RT2661_S); 869 870 /* read data Q15-Q0 */ 871 val = 0; 872 for (n = 15; n >= 0; n--) { 873 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 874 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 875 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 876 RT2661_EEPROM_CTL(sc, RT2661_S); 877 } 878 879 RT2661_EEPROM_CTL(sc, 0); 880 881 /* clear Chip Select and clock C */ 882 RT2661_EEPROM_CTL(sc, RT2661_S); 883 RT2661_EEPROM_CTL(sc, 0); 884 RT2661_EEPROM_CTL(sc, RT2661_C); 885 886 return val; 887 } 888 889 static void 890 rt2661_tx_intr(struct rt2661_softc *sc) 891 { 892 struct ieee80211com *ic = &sc->sc_ic; 893 struct ifnet *ifp = ic->ic_ifp; 894 struct rt2661_tx_ring *txq; 895 struct rt2661_tx_data *data; 896 struct rt2661_node *rn; 897 uint32_t val; 898 int qid, retrycnt; 899 900 for (;;) { 901 struct ieee80211_node *ni; 902 struct mbuf *m; 903 904 val = RAL_READ(sc, RT2661_STA_CSR4); 905 if (!(val & RT2661_TX_STAT_VALID)) 906 break; 907 908 /* retrieve the queue in which this frame was sent */ 909 qid = RT2661_TX_QID(val); 910 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq; 911 912 /* retrieve rate control algorithm context */ 913 data = &txq->data[txq->stat]; 914 m = data->m; 915 data->m = NULL; 916 ni = data->ni; 917 data->ni = NULL; 918 919 /* if no frame has been sent, ignore */ 920 if (ni == NULL) 921 continue; 922 923 rn = (struct rt2661_node *)ni; 924 925 switch (RT2661_TX_RESULT(val)) { 926 case RT2661_TX_SUCCESS: 927 retrycnt = RT2661_TX_RETRYCNT(val); 928 929 DPRINTFN(10, ("data frame sent successfully after " 930 "%d retries\n", retrycnt)); 931 if (retrycnt == 0 && data->id.id_node != NULL) { 932 ral_rssadapt_raise_rate(ic, &rn->rssadapt, 933 &data->id); 934 } 935 ifp->if_opackets++; 936 break; 937 938 case RT2661_TX_RETRY_FAIL: 939 DPRINTFN(9, ("sending data frame failed (too much " 940 "retries)\n")); 941 if (data->id.id_node != NULL) { 942 ral_rssadapt_lower_rate(ic, ni, 943 &rn->rssadapt, &data->id); 944 } 945 ifp->if_oerrors++; 946 break; 947 948 default: 949 /* other failure */ 950 device_printf(sc->sc_dev, 951 "sending data frame failed 0x%08x\n", val); 952 ifp->if_oerrors++; 953 } 954 955 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat)); 956 957 txq->queued--; 958 if (++txq->stat >= txq->count) /* faster than % count */ 959 txq->stat = 0; 960 961 if (m->m_flags & M_TXCB) 962 ieee80211_process_callback(ni, m, 963 RT2661_TX_RESULT(val) != RT2661_TX_SUCCESS); 964 m_freem(m); 965 ieee80211_free_node(ni); 966 } 967 968 sc->sc_tx_timer = 0; 969 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 970 rt2661_start(ifp); 971 } 972 973 static void 974 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 975 { 976 struct rt2661_tx_desc *desc; 977 struct rt2661_tx_data *data; 978 979 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_POSTREAD); 980 981 for (;;) { 982 desc = &txq->desc[txq->next]; 983 data = &txq->data[txq->next]; 984 985 if ((le32toh(desc->flags) & RT2661_TX_BUSY) || 986 !(le32toh(desc->flags) & RT2661_TX_VALID)) 987 break; 988 989 bus_dmamap_sync(txq->data_dmat, data->map, 990 BUS_DMASYNC_POSTWRITE); 991 bus_dmamap_unload(txq->data_dmat, data->map); 992 993 /* descriptor is no longer valid */ 994 desc->flags &= ~htole32(RT2661_TX_VALID); 995 996 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 997 998 if (++txq->next >= txq->count) /* faster than % count */ 999 txq->next = 0; 1000 } 1001 1002 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1003 } 1004 1005 static void 1006 rt2661_rx_intr(struct rt2661_softc *sc) 1007 { 1008 struct ieee80211com *ic = &sc->sc_ic; 1009 struct ifnet *ifp = ic->ic_ifp; 1010 struct rt2661_rx_desc *desc; 1011 struct rt2661_rx_data *data; 1012 bus_addr_t physaddr; 1013 struct ieee80211_frame *wh; 1014 struct ieee80211_node *ni; 1015 struct rt2661_node *rn; 1016 struct mbuf *mnew, *m; 1017 int error; 1018 1019 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1020 BUS_DMASYNC_POSTREAD); 1021 1022 for (;;) { 1023 int rssi; 1024 1025 desc = &sc->rxq.desc[sc->rxq.cur]; 1026 data = &sc->rxq.data[sc->rxq.cur]; 1027 1028 if (le32toh(desc->flags) & RT2661_RX_BUSY) 1029 break; 1030 1031 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) || 1032 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) { 1033 /* 1034 * This should not happen since we did not request 1035 * to receive those frames when we filled TXRX_CSR0. 1036 */ 1037 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1038 le32toh(desc->flags))); 1039 ifp->if_ierrors++; 1040 goto skip; 1041 } 1042 1043 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1044 ifp->if_ierrors++; 1045 goto skip; 1046 } 1047 1048 /* 1049 * Try to allocate a new mbuf for this ring element and load it 1050 * before processing the current mbuf. If the ring element 1051 * cannot be loaded, drop the received packet and reuse the old 1052 * mbuf. In the unlikely case that the old mbuf can't be 1053 * reloaded either, explicitly panic. 1054 */ 1055 mnew = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1056 if (mnew == NULL) { 1057 ifp->if_ierrors++; 1058 goto skip; 1059 } 1060 1061 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1062 BUS_DMASYNC_POSTREAD); 1063 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1064 1065 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1066 mtod(mnew, void *), MCLBYTES, rt2661_dma_map_addr, 1067 &physaddr, 0); 1068 if (error != 0) { 1069 m_freem(mnew); 1070 1071 /* try to reload the old mbuf */ 1072 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1073 mtod(data->m, void *), MCLBYTES, 1074 rt2661_dma_map_addr, &physaddr, 0); 1075 if (error != 0) { 1076 /* very unlikely that it will fail... */ 1077 panic("%s: could not load old rx mbuf", 1078 device_get_name(sc->sc_dev)); 1079 } 1080 ifp->if_ierrors++; 1081 goto skip; 1082 } 1083 1084 /* 1085 * New mbuf successfully loaded, update Rx ring and continue 1086 * processing. 1087 */ 1088 m = data->m; 1089 data->m = mnew; 1090 desc->physaddr = htole32(physaddr); 1091 1092 /* finalize mbuf */ 1093 m->m_pkthdr.rcvif = ifp; 1094 m->m_pkthdr.len = m->m_len = 1095 (le32toh(desc->flags) >> 16) & 0xfff; 1096 1097 rssi = rt2661_get_rssi(sc, desc->rssi); 1098 1099 if (bpf_peers_present(sc->sc_drvbpf)) { 1100 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1101 uint32_t tsf_lo, tsf_hi; 1102 1103 /* get timestamp (low and high 32 bits) */ 1104 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1105 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1106 1107 tap->wr_tsf = 1108 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1109 tap->wr_flags = 0; 1110 tap->wr_rate = rt2661_rxrate(desc); 1111 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 1112 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 1113 tap->wr_antsignal = rssi < 0 ? 0 : rssi; 1114 1115 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1116 } 1117 sc->sc_flags |= RAL_INPUT_RUNNING; 1118 RAL_UNLOCK(sc); 1119 wh = mtod(m, struct ieee80211_frame *); 1120 ni = ieee80211_find_rxnode(ic, 1121 (struct ieee80211_frame_min *)wh); 1122 1123 /* Error happened during RSSI conversion. */ 1124 if (rssi < 0) 1125 rssi = ni->ni_rssi; 1126 1127 /* send the frame to the 802.11 layer */ 1128 ieee80211_input(ic, m, ni, rssi, RT2661_NOISE_FLOOR, 0); 1129 1130 /* give rssi to the rate adatation algorithm */ 1131 rn = (struct rt2661_node *)ni; 1132 RAL_LOCK(sc); 1133 sc->sc_flags &= ~RAL_INPUT_RUNNING; 1134 ral_rssadapt_input(ic, ni, &rn->rssadapt, rssi); 1135 1136 /* node is no longer needed */ 1137 ieee80211_free_node(ni); 1138 1139 skip: desc->flags |= htole32(RT2661_RX_BUSY); 1140 1141 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur)); 1142 1143 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1144 } 1145 1146 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1147 BUS_DMASYNC_PREWRITE); 1148 } 1149 1150 /* ARGSUSED */ 1151 static void 1152 rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1153 { 1154 /* do nothing */ 1155 } 1156 1157 static void 1158 rt2661_mcu_wakeup(struct rt2661_softc *sc) 1159 { 1160 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1161 1162 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1163 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1164 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1165 1166 /* send wakeup command to MCU */ 1167 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1168 } 1169 1170 static void 1171 rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1172 { 1173 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1174 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1175 } 1176 1177 void 1178 rt2661_intr(void *arg) 1179 { 1180 struct rt2661_softc *sc = arg; 1181 struct ifnet *ifp = sc->sc_ifp; 1182 uint32_t r1, r2; 1183 1184 RAL_LOCK(sc); 1185 1186 /* disable MAC and MCU interrupts */ 1187 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1188 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1189 1190 /* don't re-enable interrupts if we're shutting down */ 1191 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 1192 RAL_UNLOCK(sc); 1193 return; 1194 } 1195 1196 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1197 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1198 1199 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1200 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1201 1202 if (r1 & RT2661_MGT_DONE) 1203 rt2661_tx_dma_intr(sc, &sc->mgtq); 1204 1205 if (r1 & RT2661_RX_DONE) 1206 rt2661_rx_intr(sc); 1207 1208 if (r1 & RT2661_TX0_DMA_DONE) 1209 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1210 1211 if (r1 & RT2661_TX1_DMA_DONE) 1212 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1213 1214 if (r1 & RT2661_TX2_DMA_DONE) 1215 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1216 1217 if (r1 & RT2661_TX3_DMA_DONE) 1218 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1219 1220 if (r1 & RT2661_TX_DONE) 1221 rt2661_tx_intr(sc); 1222 1223 if (r2 & RT2661_MCU_CMD_DONE) 1224 rt2661_mcu_cmd_intr(sc); 1225 1226 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1227 rt2661_mcu_beacon_expire(sc); 1228 1229 if (r2 & RT2661_MCU_WAKEUP) 1230 rt2661_mcu_wakeup(sc); 1231 1232 /* re-enable MAC and MCU interrupts */ 1233 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 1234 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 1235 1236 RAL_UNLOCK(sc); 1237 } 1238 1239 /* quickly determine if a given rate is CCK or OFDM */ 1240 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1241 1242 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1243 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1244 1245 #define RAL_SIFS 10 /* us */ 1246 1247 /* 1248 * This function is only used by the Rx radiotap code. It returns the rate at 1249 * which a given frame was received. 1250 */ 1251 static uint8_t 1252 rt2661_rxrate(struct rt2661_rx_desc *desc) 1253 { 1254 if (le32toh(desc->flags) & RT2661_RX_OFDM) { 1255 /* reverse function of rt2661_plcp_signal */ 1256 switch (desc->rate & 0xf) { 1257 case 0xb: return 12; 1258 case 0xf: return 18; 1259 case 0xa: return 24; 1260 case 0xe: return 36; 1261 case 0x9: return 48; 1262 case 0xd: return 72; 1263 case 0x8: return 96; 1264 case 0xc: return 108; 1265 } 1266 } else { 1267 if (desc->rate == 10) 1268 return 2; 1269 if (desc->rate == 20) 1270 return 4; 1271 if (desc->rate == 55) 1272 return 11; 1273 if (desc->rate == 110) 1274 return 22; 1275 } 1276 return 2; /* should not get there */ 1277 } 1278 1279 /* 1280 * Return the expected ack rate for a frame transmitted at rate `rate'. 1281 * XXX: this should depend on the destination node basic rate set. 1282 */ 1283 static int 1284 rt2661_ack_rate(struct ieee80211com *ic, int rate) 1285 { 1286 switch (rate) { 1287 /* CCK rates */ 1288 case 2: 1289 return 2; 1290 case 4: 1291 case 11: 1292 case 22: 1293 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1294 1295 /* OFDM rates */ 1296 case 12: 1297 case 18: 1298 return 12; 1299 case 24: 1300 case 36: 1301 return 24; 1302 case 48: 1303 case 72: 1304 case 96: 1305 case 108: 1306 return 48; 1307 } 1308 1309 /* default to 1Mbps */ 1310 return 2; 1311 } 1312 1313 /* 1314 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1315 * The function automatically determines the operating mode depending on the 1316 * given rate. `flags' indicates whether short preamble is in use or not. 1317 */ 1318 static uint16_t 1319 rt2661_txtime(int len, int rate, uint32_t flags) 1320 { 1321 uint16_t txtime; 1322 1323 if (RAL_RATE_IS_OFDM(rate)) { 1324 /* IEEE Std 802.11a-1999, pp. 37 */ 1325 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1326 txtime = 16 + 4 + 4 * txtime + 6; 1327 } else { 1328 /* IEEE Std 802.11b-1999, pp. 28 */ 1329 txtime = (16 * len + rate - 1) / rate; 1330 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1331 txtime += 72 + 24; 1332 else 1333 txtime += 144 + 48; 1334 } 1335 1336 return txtime; 1337 } 1338 1339 static uint8_t 1340 rt2661_plcp_signal(int rate) 1341 { 1342 switch (rate) { 1343 /* CCK rates (returned values are device-dependent) */ 1344 case 2: return 0x0; 1345 case 4: return 0x1; 1346 case 11: return 0x2; 1347 case 22: return 0x3; 1348 1349 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1350 case 12: return 0xb; 1351 case 18: return 0xf; 1352 case 24: return 0xa; 1353 case 36: return 0xe; 1354 case 48: return 0x9; 1355 case 72: return 0xd; 1356 case 96: return 0x8; 1357 case 108: return 0xc; 1358 1359 /* unsupported rates (should not get there) */ 1360 default: return 0xff; 1361 } 1362 } 1363 1364 static void 1365 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1366 uint32_t flags, uint16_t xflags, int len, int rate, 1367 const bus_dma_segment_t *segs, int nsegs, int ac) 1368 { 1369 struct ieee80211com *ic = &sc->sc_ic; 1370 uint16_t plcp_length; 1371 int i, remainder; 1372 1373 desc->flags = htole32(flags); 1374 desc->flags |= htole32(len << 16); 1375 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1376 1377 desc->xflags = htole16(xflags); 1378 desc->xflags |= htole16(nsegs << 13); 1379 1380 desc->wme = htole16( 1381 RT2661_QID(ac) | 1382 RT2661_AIFSN(2) | 1383 RT2661_LOGCWMIN(4) | 1384 RT2661_LOGCWMAX(10)); 1385 1386 /* 1387 * Remember in which queue this frame was sent. This field is driver 1388 * private data only. It will be made available by the NIC in STA_CSR4 1389 * on Tx interrupts. 1390 */ 1391 desc->qid = ac; 1392 1393 /* setup PLCP fields */ 1394 desc->plcp_signal = rt2661_plcp_signal(rate); 1395 desc->plcp_service = 4; 1396 1397 len += IEEE80211_CRC_LEN; 1398 if (RAL_RATE_IS_OFDM(rate)) { 1399 desc->flags |= htole32(RT2661_TX_OFDM); 1400 1401 plcp_length = len & 0xfff; 1402 desc->plcp_length_hi = plcp_length >> 6; 1403 desc->plcp_length_lo = plcp_length & 0x3f; 1404 } else { 1405 plcp_length = (16 * len + rate - 1) / rate; 1406 if (rate == 22) { 1407 remainder = (16 * len) % 22; 1408 if (remainder != 0 && remainder < 7) 1409 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1410 } 1411 desc->plcp_length_hi = plcp_length >> 8; 1412 desc->plcp_length_lo = plcp_length & 0xff; 1413 1414 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1415 desc->plcp_signal |= 0x08; 1416 } 1417 1418 /* RT2x61 supports scatter with up to 5 segments */ 1419 for (i = 0; i < nsegs; i++) { 1420 desc->addr[i] = htole32(segs[i].ds_addr); 1421 desc->len [i] = htole16(segs[i].ds_len); 1422 } 1423 } 1424 1425 static int 1426 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1427 struct ieee80211_node *ni) 1428 { 1429 struct ieee80211com *ic = &sc->sc_ic; 1430 struct rt2661_tx_desc *desc; 1431 struct rt2661_tx_data *data; 1432 struct ieee80211_frame *wh; 1433 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1434 uint16_t dur; 1435 uint32_t flags = 0; /* XXX HWSEQ */ 1436 int nsegs, rate, error; 1437 1438 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1439 data = &sc->mgtq.data[sc->mgtq.cur]; 1440 1441 /* send mgt frames at the lowest available rate */ 1442 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1443 1444 error = bus_dmamap_load_mbuf_sg(sc->mgtq.data_dmat, data->map, m0, 1445 segs, &nsegs, 0); 1446 if (error != 0) { 1447 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1448 error); 1449 m_freem(m0); 1450 return error; 1451 } 1452 1453 if (bpf_peers_present(sc->sc_drvbpf)) { 1454 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1455 1456 tap->wt_flags = 0; 1457 tap->wt_rate = rate; 1458 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1459 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1460 1461 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1462 } 1463 1464 data->m = m0; 1465 data->ni = ni; 1466 1467 wh = mtod(m0, struct ieee80211_frame *); 1468 1469 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1470 flags |= RT2661_TX_NEED_ACK; 1471 1472 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1473 RAL_SIFS; 1474 *(uint16_t *)wh->i_dur = htole16(dur); 1475 1476 /* tell hardware to add timestamp in probe responses */ 1477 if ((wh->i_fc[0] & 1478 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1479 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1480 flags |= RT2661_TX_TIMESTAMP; 1481 } 1482 1483 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1484 m0->m_pkthdr.len, rate, segs, nsegs, RT2661_QID_MGT); 1485 1486 bus_dmamap_sync(sc->mgtq.data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1487 bus_dmamap_sync(sc->mgtq.desc_dmat, sc->mgtq.desc_map, 1488 BUS_DMASYNC_PREWRITE); 1489 1490 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1491 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1492 1493 /* kick mgt */ 1494 sc->mgtq.queued++; 1495 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1496 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1497 1498 return 0; 1499 } 1500 1501 /* 1502 * Build a RTS control frame. 1503 */ 1504 static struct mbuf * 1505 rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh, 1506 uint16_t dur) 1507 { 1508 struct ieee80211_frame_rts *rts; 1509 struct mbuf *m; 1510 1511 MGETHDR(m, M_DONTWAIT, MT_DATA); 1512 if (m == NULL) { 1513 sc->sc_ic.ic_stats.is_tx_nobuf++; 1514 device_printf(sc->sc_dev, "could not allocate RTS frame\n"); 1515 return NULL; 1516 } 1517 1518 rts = mtod(m, struct ieee80211_frame_rts *); 1519 1520 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL | 1521 IEEE80211_FC0_SUBTYPE_RTS; 1522 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1523 *(uint16_t *)rts->i_dur = htole16(dur); 1524 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1); 1525 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2); 1526 1527 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts); 1528 1529 return m; 1530 } 1531 1532 static int 1533 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1534 struct ieee80211_node *ni, int ac) 1535 { 1536 struct ieee80211com *ic = &sc->sc_ic; 1537 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1538 struct rt2661_tx_desc *desc; 1539 struct rt2661_tx_data *data; 1540 struct rt2661_node *rn; 1541 struct ieee80211_frame *wh; 1542 struct ieee80211_key *k; 1543 const struct chanAccParams *cap; 1544 struct mbuf *mnew; 1545 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1546 uint16_t dur; 1547 uint32_t flags = 0; 1548 int error, nsegs, rate, noack = 0; 1549 1550 wh = mtod(m0, struct ieee80211_frame *); 1551 1552 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1553 rate = ic->ic_fixed_rate; 1554 } else { 1555 struct ieee80211_rateset *rs; 1556 1557 rs = &ni->ni_rates; 1558 rn = (struct rt2661_node *)ni; 1559 ni->ni_txrate = ral_rssadapt_choose(&rn->rssadapt, rs, 1560 wh, m0->m_pkthdr.len, NULL, 0); 1561 rate = rs->rs_rates[ni->ni_txrate]; 1562 } 1563 rate &= IEEE80211_RATE_VAL; 1564 1565 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1566 cap = &ic->ic_wme.wme_chanParams; 1567 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1568 } 1569 1570 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1571 k = ieee80211_crypto_encap(ic, ni, m0); 1572 if (k == NULL) { 1573 m_freem(m0); 1574 return ENOBUFS; 1575 } 1576 1577 /* packet header may have moved, reset our local pointer */ 1578 wh = mtod(m0, struct ieee80211_frame *); 1579 } 1580 1581 /* 1582 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange 1583 * for directed frames only when the length of the MPDU is greater 1584 * than the length threshold indicated by [...]" ic_rtsthreshold. 1585 */ 1586 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 1587 m0->m_pkthdr.len > ic->ic_rtsthreshold) { 1588 struct mbuf *m; 1589 uint16_t dur; 1590 int rtsrate, ackrate; 1591 1592 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1593 ackrate = rt2661_ack_rate(ic, rate); 1594 1595 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) + 1596 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) + 1597 /* XXX: noack (QoS)? */ 1598 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1599 3 * RAL_SIFS; 1600 1601 m = rt2661_get_rts(sc, wh, dur); 1602 1603 desc = &txq->desc[txq->cur]; 1604 data = &txq->data[txq->cur]; 1605 1606 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m, 1607 segs, &nsegs, 0); 1608 if (error != 0) { 1609 device_printf(sc->sc_dev, 1610 "could not map mbuf (error %d)\n", error); 1611 m_freem(m); 1612 m_freem(m0); 1613 return error; 1614 } 1615 1616 /* avoid multiple free() of the same node for each fragment */ 1617 ieee80211_ref_node(ni); 1618 1619 data->m = m; 1620 data->ni = ni; 1621 1622 /* RTS frames are not taken into account for rssadapt */ 1623 data->id.id_node = NULL; 1624 1625 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK | 1626 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate, segs, 1627 nsegs, ac); 1628 1629 bus_dmamap_sync(txq->data_dmat, data->map, 1630 BUS_DMASYNC_PREWRITE); 1631 1632 txq->queued++; 1633 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1634 1635 /* 1636 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the 1637 * asynchronous data frame shall be transmitted after the CTS 1638 * frame and a SIFS period. 1639 */ 1640 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS; 1641 } 1642 1643 data = &txq->data[txq->cur]; 1644 desc = &txq->desc[txq->cur]; 1645 1646 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, segs, 1647 &nsegs, 0); 1648 if (error != 0 && error != EFBIG) { 1649 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1650 error); 1651 m_freem(m0); 1652 return error; 1653 } 1654 if (error != 0) { 1655 mnew = m_defrag(m0, M_DONTWAIT); 1656 if (mnew == NULL) { 1657 device_printf(sc->sc_dev, 1658 "could not defragment mbuf\n"); 1659 m_freem(m0); 1660 return ENOBUFS; 1661 } 1662 m0 = mnew; 1663 1664 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, 1665 segs, &nsegs, 0); 1666 if (error != 0) { 1667 device_printf(sc->sc_dev, 1668 "could not map mbuf (error %d)\n", error); 1669 m_freem(m0); 1670 return error; 1671 } 1672 1673 /* packet header have moved, reset our local pointer */ 1674 wh = mtod(m0, struct ieee80211_frame *); 1675 } 1676 1677 if (bpf_peers_present(sc->sc_drvbpf)) { 1678 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1679 1680 tap->wt_flags = 0; 1681 tap->wt_rate = rate; 1682 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1683 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1684 1685 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1686 } 1687 1688 data->m = m0; 1689 data->ni = ni; 1690 1691 /* remember link conditions for rate adaptation algorithm */ 1692 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) { 1693 data->id.id_len = m0->m_pkthdr.len; 1694 data->id.id_rateidx = ni->ni_txrate; 1695 data->id.id_node = ni; 1696 data->id.id_rssi = ni->ni_rssi; 1697 } else 1698 data->id.id_node = NULL; 1699 1700 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1701 flags |= RT2661_TX_NEED_ACK; 1702 1703 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1704 ic->ic_flags) + RAL_SIFS; 1705 *(uint16_t *)wh->i_dur = htole16(dur); 1706 } 1707 1708 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, segs, 1709 nsegs, ac); 1710 1711 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1712 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1713 1714 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1715 m0->m_pkthdr.len, txq->cur, rate)); 1716 1717 /* kick Tx */ 1718 txq->queued++; 1719 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1720 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1 << ac); 1721 1722 return 0; 1723 } 1724 1725 static void 1726 rt2661_start(struct ifnet *ifp) 1727 { 1728 struct rt2661_softc *sc = ifp->if_softc; 1729 struct ieee80211com *ic = &sc->sc_ic; 1730 struct mbuf *m0; 1731 struct ether_header *eh; 1732 struct ieee80211_node *ni; 1733 int ac; 1734 1735 RAL_LOCK(sc); 1736 1737 /* prevent management frames from being sent if we're not ready */ 1738 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING) || sc->sc_invalid) { 1739 RAL_UNLOCK(sc); 1740 return; 1741 } 1742 1743 for (;;) { 1744 IF_POLL(&ic->ic_mgtq, m0); 1745 if (m0 != NULL) { 1746 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1747 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1748 break; 1749 } 1750 IF_DEQUEUE(&ic->ic_mgtq, m0); 1751 1752 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1753 m0->m_pkthdr.rcvif = NULL; 1754 1755 if (bpf_peers_present(ic->ic_rawbpf)) 1756 bpf_mtap(ic->ic_rawbpf, m0); 1757 1758 if (rt2661_tx_mgt(sc, m0, ni) != 0) { 1759 ieee80211_free_node(ni); 1760 break; 1761 } 1762 } else { 1763 if (ic->ic_state != IEEE80211_S_RUN) 1764 break; 1765 1766 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0); 1767 if (m0 == NULL) 1768 break; 1769 /* 1770 * Cancel any background scan. 1771 */ 1772 if (ic->ic_flags & IEEE80211_F_SCAN) 1773 ieee80211_cancel_scan(ic); 1774 1775 if (m0->m_len < sizeof (struct ether_header) && 1776 !(m0 = m_pullup(m0, sizeof (struct ether_header)))) 1777 continue; 1778 1779 eh = mtod(m0, struct ether_header *); 1780 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1781 if (ni == NULL) { 1782 m_freem(m0); 1783 ifp->if_oerrors++; 1784 continue; 1785 } 1786 1787 /* classify mbuf so we can find which tx ring to use */ 1788 if (ieee80211_classify(ic, m0, ni) != 0) { 1789 m_freem(m0); 1790 ieee80211_free_node(ni); 1791 ifp->if_oerrors++; 1792 continue; 1793 } 1794 1795 /* no QoS encapsulation for EAPOL frames */ 1796 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1797 M_WME_GETAC(m0) : WME_AC_BE; 1798 1799 if (sc->txq[ac].queued >= RT2661_TX_RING_COUNT - 1) { 1800 /* there is no place left in this ring */ 1801 IFQ_DRV_PREPEND(&ifp->if_snd, m0); 1802 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1803 ieee80211_free_node(ni); 1804 break; 1805 } 1806 1807 BPF_MTAP(ifp, m0); 1808 1809 m0 = ieee80211_encap(ic, m0, ni); 1810 if (m0 == NULL) { 1811 ieee80211_free_node(ni); 1812 ifp->if_oerrors++; 1813 continue; 1814 } 1815 1816 if (bpf_peers_present(ic->ic_rawbpf)) 1817 bpf_mtap(ic->ic_rawbpf, m0); 1818 1819 if (rt2661_tx_data(sc, m0, ni, ac) != 0) { 1820 ieee80211_free_node(ni); 1821 ifp->if_oerrors++; 1822 break; 1823 } 1824 } 1825 1826 sc->sc_tx_timer = 5; 1827 ic->ic_lastdata = ticks; 1828 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1829 } 1830 1831 RAL_UNLOCK(sc); 1832 } 1833 1834 static void 1835 rt2661_watchdog(void *arg) 1836 { 1837 struct rt2661_softc *sc = (struct rt2661_softc *)arg; 1838 1839 if (sc->sc_tx_timer > 0 && !sc->sc_invalid) { 1840 if (--sc->sc_tx_timer == 0) { 1841 device_printf(sc->sc_dev, "device timeout\n"); 1842 rt2661_init(sc); 1843 sc->sc_ifp->if_oerrors++; 1844 return; 1845 } 1846 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1847 } 1848 } 1849 1850 /* 1851 * This function allows for fast channel switching in monitor mode (used by 1852 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to 1853 * generate a new beacon frame. 1854 */ 1855 static int 1856 rt2661_reset(struct ifnet *ifp) 1857 { 1858 struct rt2661_softc *sc = ifp->if_softc; 1859 struct ieee80211com *ic = &sc->sc_ic; 1860 1861 if (ic->ic_opmode != IEEE80211_M_MONITOR) 1862 return ENETRESET; 1863 1864 rt2661_set_chan(sc, ic->ic_curchan); 1865 1866 return 0; 1867 } 1868 1869 static int 1870 rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1871 { 1872 struct rt2661_softc *sc = ifp->if_softc; 1873 struct ieee80211com *ic = &sc->sc_ic; 1874 int error = 0; 1875 1876 switch (cmd) { 1877 case SIOCSIFFLAGS: 1878 if (ifp->if_flags & IFF_UP) { 1879 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1880 rt2661_update_promisc(sc); 1881 else 1882 rt2661_init(sc); 1883 } else { 1884 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1885 rt2661_stop(sc); 1886 } 1887 break; 1888 1889 default: 1890 error = ieee80211_ioctl(ic, cmd, data); 1891 } 1892 1893 if (error == ENETRESET) { 1894 if ((ifp->if_flags & IFF_UP) && 1895 (ifp->if_drv_flags & IFF_DRV_RUNNING) && 1896 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1897 rt2661_init(sc); 1898 error = 0; 1899 } 1900 1901 return error; 1902 } 1903 1904 static void 1905 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 1906 { 1907 uint32_t tmp; 1908 int ntries; 1909 1910 for (ntries = 0; ntries < 100; ntries++) { 1911 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1912 break; 1913 DELAY(1); 1914 } 1915 if (ntries == 100) { 1916 device_printf(sc->sc_dev, "could not write to BBP\n"); 1917 return; 1918 } 1919 1920 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 1921 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 1922 1923 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 1924 } 1925 1926 static uint8_t 1927 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 1928 { 1929 uint32_t val; 1930 int ntries; 1931 1932 for (ntries = 0; ntries < 100; ntries++) { 1933 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1934 break; 1935 DELAY(1); 1936 } 1937 if (ntries == 100) { 1938 device_printf(sc->sc_dev, "could not read from BBP\n"); 1939 return 0; 1940 } 1941 1942 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 1943 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 1944 1945 for (ntries = 0; ntries < 100; ntries++) { 1946 val = RAL_READ(sc, RT2661_PHY_CSR3); 1947 if (!(val & RT2661_BBP_BUSY)) 1948 return val & 0xff; 1949 DELAY(1); 1950 } 1951 1952 device_printf(sc->sc_dev, "could not read from BBP\n"); 1953 return 0; 1954 } 1955 1956 static void 1957 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 1958 { 1959 uint32_t tmp; 1960 int ntries; 1961 1962 for (ntries = 0; ntries < 100; ntries++) { 1963 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 1964 break; 1965 DELAY(1); 1966 } 1967 if (ntries == 100) { 1968 device_printf(sc->sc_dev, "could not write to RF\n"); 1969 return; 1970 } 1971 1972 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 1973 (reg & 3); 1974 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 1975 1976 /* remember last written value in sc */ 1977 sc->rf_regs[reg] = val; 1978 1979 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 1980 } 1981 1982 static int 1983 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 1984 { 1985 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 1986 return EIO; /* there is already a command pending */ 1987 1988 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 1989 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 1990 1991 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 1992 1993 return 0; 1994 } 1995 1996 static void 1997 rt2661_select_antenna(struct rt2661_softc *sc) 1998 { 1999 uint8_t bbp4, bbp77; 2000 uint32_t tmp; 2001 2002 bbp4 = rt2661_bbp_read(sc, 4); 2003 bbp77 = rt2661_bbp_read(sc, 77); 2004 2005 /* TBD */ 2006 2007 /* make sure Rx is disabled before switching antenna */ 2008 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2009 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2010 2011 rt2661_bbp_write(sc, 4, bbp4); 2012 rt2661_bbp_write(sc, 77, bbp77); 2013 2014 /* restore Rx filter */ 2015 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2016 } 2017 2018 /* 2019 * Enable multi-rate retries for frames sent at OFDM rates. 2020 * In 802.11b/g mode, allow fallback to CCK rates. 2021 */ 2022 static void 2023 rt2661_enable_mrr(struct rt2661_softc *sc) 2024 { 2025 struct ieee80211com *ic = &sc->sc_ic; 2026 uint32_t tmp; 2027 2028 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2029 2030 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2031 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2032 tmp |= RT2661_MRR_CCK_FALLBACK; 2033 tmp |= RT2661_MRR_ENABLED; 2034 2035 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2036 } 2037 2038 static void 2039 rt2661_set_txpreamble(struct rt2661_softc *sc) 2040 { 2041 uint32_t tmp; 2042 2043 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2044 2045 tmp &= ~RT2661_SHORT_PREAMBLE; 2046 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2047 tmp |= RT2661_SHORT_PREAMBLE; 2048 2049 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2050 } 2051 2052 /* 2053 * Supported rates for 802.11g. XXX should use ic_sup_rates. 2054 */ 2055 static const struct ieee80211_rateset rt2661_rateset_11g = 2056 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 2057 2058 static void 2059 rt2661_set_basicrates(struct rt2661_softc *sc, 2060 const struct ieee80211_rateset *rs) 2061 { 2062 #define RV(r) ((r) & IEEE80211_RATE_VAL) 2063 struct ieee80211com *ic = &sc->sc_ic; 2064 uint32_t mask = 0; 2065 uint8_t rate; 2066 int i, j; 2067 2068 for (i = 0; i < rs->rs_nrates; i++) { 2069 rate = rs->rs_rates[i]; 2070 2071 if (!(rate & IEEE80211_RATE_BASIC)) 2072 continue; 2073 2074 /* 2075 * Find h/w rate index. We know it exists because the rate 2076 * set has already been negotiated. 2077 */ 2078 for (j = 0; ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates[j] != RV(rate); j++); 2079 2080 mask |= 1 << j; 2081 } 2082 2083 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask); 2084 2085 DPRINTF(("Setting basic rate mask to 0x%x\n", mask)); 2086 #undef RV 2087 } 2088 2089 /* 2090 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2091 * driver. 2092 */ 2093 static void 2094 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2095 { 2096 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2097 uint32_t tmp; 2098 2099 /* update all BBP registers that depend on the band */ 2100 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2101 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2102 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2103 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2104 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2105 } 2106 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2107 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2108 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2109 } 2110 2111 rt2661_bbp_write(sc, 17, bbp17); 2112 rt2661_bbp_write(sc, 96, bbp96); 2113 rt2661_bbp_write(sc, 104, bbp104); 2114 2115 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2116 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2117 rt2661_bbp_write(sc, 75, 0x80); 2118 rt2661_bbp_write(sc, 86, 0x80); 2119 rt2661_bbp_write(sc, 88, 0x80); 2120 } 2121 2122 rt2661_bbp_write(sc, 35, bbp35); 2123 rt2661_bbp_write(sc, 97, bbp97); 2124 rt2661_bbp_write(sc, 98, bbp98); 2125 2126 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2127 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2128 if (IEEE80211_IS_CHAN_2GHZ(c)) 2129 tmp |= RT2661_PA_PE_2GHZ; 2130 else 2131 tmp |= RT2661_PA_PE_5GHZ; 2132 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2133 } 2134 2135 static void 2136 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2137 { 2138 struct ieee80211com *ic = &sc->sc_ic; 2139 const struct rfprog *rfprog; 2140 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2141 int8_t power; 2142 u_int i, chan; 2143 2144 chan = ieee80211_chan2ieee(ic, c); 2145 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2146 return; 2147 2148 /* select the appropriate RF settings based on what EEPROM says */ 2149 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2150 2151 /* find the settings for this channel (we know it exists) */ 2152 for (i = 0; rfprog[i].chan != chan; i++); 2153 2154 power = sc->txpow[i]; 2155 if (power < 0) { 2156 bbp94 += power; 2157 power = 0; 2158 } else if (power > 31) { 2159 bbp94 += power - 31; 2160 power = 31; 2161 } 2162 2163 /* 2164 * If we are switching from the 2GHz band to the 5GHz band or 2165 * vice-versa, BBP registers need to be reprogrammed. 2166 */ 2167 if (c->ic_flags != sc->sc_curchan->ic_flags) { 2168 rt2661_select_band(sc, c); 2169 rt2661_select_antenna(sc); 2170 } 2171 sc->sc_curchan = c; 2172 2173 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2174 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2175 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2176 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2177 2178 DELAY(200); 2179 2180 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2181 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2182 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2183 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2184 2185 DELAY(200); 2186 2187 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2188 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2189 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2190 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2191 2192 /* enable smart mode for MIMO-capable RFs */ 2193 bbp3 = rt2661_bbp_read(sc, 3); 2194 2195 bbp3 &= ~RT2661_SMART_MODE; 2196 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2197 bbp3 |= RT2661_SMART_MODE; 2198 2199 rt2661_bbp_write(sc, 3, bbp3); 2200 2201 if (bbp94 != RT2661_BBPR94_DEFAULT) 2202 rt2661_bbp_write(sc, 94, bbp94); 2203 2204 /* 5GHz radio needs a 1ms delay here */ 2205 if (IEEE80211_IS_CHAN_5GHZ(c)) 2206 DELAY(1000); 2207 } 2208 2209 static void 2210 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2211 { 2212 uint32_t tmp; 2213 2214 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2215 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2216 2217 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2218 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2219 } 2220 2221 static void 2222 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2223 { 2224 uint32_t tmp; 2225 2226 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2227 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2228 2229 tmp = addr[4] | addr[5] << 8; 2230 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2231 } 2232 2233 static void 2234 rt2661_update_promisc(struct rt2661_softc *sc) 2235 { 2236 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2237 uint32_t tmp; 2238 2239 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2240 2241 tmp &= ~RT2661_DROP_NOT_TO_ME; 2242 if (!(ifp->if_flags & IFF_PROMISC)) 2243 tmp |= RT2661_DROP_NOT_TO_ME; 2244 2245 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2246 2247 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2248 "entering" : "leaving")); 2249 } 2250 2251 /* 2252 * Update QoS (802.11e) settings for each h/w Tx ring. 2253 */ 2254 static int 2255 rt2661_wme_update(struct ieee80211com *ic) 2256 { 2257 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 2258 const struct wmeParams *wmep; 2259 2260 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams; 2261 2262 /* XXX: not sure about shifts. */ 2263 /* XXX: the reference driver plays with AC_VI settings too. */ 2264 2265 /* update TxOp */ 2266 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0, 2267 wmep[WME_AC_BE].wmep_txopLimit << 16 | 2268 wmep[WME_AC_BK].wmep_txopLimit); 2269 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1, 2270 wmep[WME_AC_VI].wmep_txopLimit << 16 | 2271 wmep[WME_AC_VO].wmep_txopLimit); 2272 2273 /* update CWmin */ 2274 RAL_WRITE(sc, RT2661_CWMIN_CSR, 2275 wmep[WME_AC_BE].wmep_logcwmin << 12 | 2276 wmep[WME_AC_BK].wmep_logcwmin << 8 | 2277 wmep[WME_AC_VI].wmep_logcwmin << 4 | 2278 wmep[WME_AC_VO].wmep_logcwmin); 2279 2280 /* update CWmax */ 2281 RAL_WRITE(sc, RT2661_CWMAX_CSR, 2282 wmep[WME_AC_BE].wmep_logcwmax << 12 | 2283 wmep[WME_AC_BK].wmep_logcwmax << 8 | 2284 wmep[WME_AC_VI].wmep_logcwmax << 4 | 2285 wmep[WME_AC_VO].wmep_logcwmax); 2286 2287 /* update Aifsn */ 2288 RAL_WRITE(sc, RT2661_AIFSN_CSR, 2289 wmep[WME_AC_BE].wmep_aifsn << 12 | 2290 wmep[WME_AC_BK].wmep_aifsn << 8 | 2291 wmep[WME_AC_VI].wmep_aifsn << 4 | 2292 wmep[WME_AC_VO].wmep_aifsn); 2293 2294 return 0; 2295 } 2296 2297 static void 2298 rt2661_update_slot(struct ifnet *ifp) 2299 { 2300 struct rt2661_softc *sc = ifp->if_softc; 2301 struct ieee80211com *ic = &sc->sc_ic; 2302 uint8_t slottime; 2303 uint32_t tmp; 2304 2305 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2306 2307 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2308 tmp = (tmp & ~0xff) | slottime; 2309 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2310 } 2311 2312 static const char * 2313 rt2661_get_rf(int rev) 2314 { 2315 switch (rev) { 2316 case RT2661_RF_5225: return "RT5225"; 2317 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2318 case RT2661_RF_2527: return "RT2527"; 2319 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2320 default: return "unknown"; 2321 } 2322 } 2323 2324 static void 2325 rt2661_read_eeprom(struct rt2661_softc *sc) 2326 { 2327 struct ieee80211com *ic = &sc->sc_ic; 2328 uint16_t val; 2329 int i; 2330 2331 /* read MAC address */ 2332 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2333 ic->ic_myaddr[0] = val & 0xff; 2334 ic->ic_myaddr[1] = val >> 8; 2335 2336 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2337 ic->ic_myaddr[2] = val & 0xff; 2338 ic->ic_myaddr[3] = val >> 8; 2339 2340 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2341 ic->ic_myaddr[4] = val & 0xff; 2342 ic->ic_myaddr[5] = val >> 8; 2343 2344 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2345 /* XXX: test if different from 0xffff? */ 2346 sc->rf_rev = (val >> 11) & 0x1f; 2347 sc->hw_radio = (val >> 10) & 0x1; 2348 sc->rx_ant = (val >> 4) & 0x3; 2349 sc->tx_ant = (val >> 2) & 0x3; 2350 sc->nb_ant = val & 0x3; 2351 2352 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2353 2354 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2355 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2356 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2357 2358 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2359 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2360 2361 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2362 if ((val & 0xff) != 0xff) 2363 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2364 2365 /* Only [-10, 10] is valid */ 2366 if (sc->rssi_2ghz_corr < -10 || sc->rssi_2ghz_corr > 10) 2367 sc->rssi_2ghz_corr = 0; 2368 2369 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2370 if ((val & 0xff) != 0xff) 2371 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2372 2373 /* Only [-10, 10] is valid */ 2374 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10) 2375 sc->rssi_5ghz_corr = 0; 2376 2377 /* adjust RSSI correction for external low-noise amplifier */ 2378 if (sc->ext_2ghz_lna) 2379 sc->rssi_2ghz_corr -= 14; 2380 if (sc->ext_5ghz_lna) 2381 sc->rssi_5ghz_corr -= 14; 2382 2383 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2384 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2385 2386 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2387 if ((val >> 8) != 0xff) 2388 sc->rfprog = (val >> 8) & 0x3; 2389 if ((val & 0xff) != 0xff) 2390 sc->rffreq = val & 0xff; 2391 2392 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2393 2394 /* read Tx power for all a/b/g channels */ 2395 for (i = 0; i < 19; i++) { 2396 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2397 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2398 DPRINTF(("Channel=%d Tx power=%d\n", 2399 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2400 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2401 DPRINTF(("Channel=%d Tx power=%d\n", 2402 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2403 } 2404 2405 /* read vendor-specific BBP values */ 2406 for (i = 0; i < 16; i++) { 2407 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2408 if (val == 0 || val == 0xffff) 2409 continue; /* skip invalid entries */ 2410 sc->bbp_prom[i].reg = val >> 8; 2411 sc->bbp_prom[i].val = val & 0xff; 2412 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2413 sc->bbp_prom[i].val)); 2414 } 2415 } 2416 2417 static int 2418 rt2661_bbp_init(struct rt2661_softc *sc) 2419 { 2420 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2421 int i, ntries; 2422 uint8_t val; 2423 2424 /* wait for BBP to be ready */ 2425 for (ntries = 0; ntries < 100; ntries++) { 2426 val = rt2661_bbp_read(sc, 0); 2427 if (val != 0 && val != 0xff) 2428 break; 2429 DELAY(100); 2430 } 2431 if (ntries == 100) { 2432 device_printf(sc->sc_dev, "timeout waiting for BBP\n"); 2433 return EIO; 2434 } 2435 2436 /* initialize BBP registers to default values */ 2437 for (i = 0; i < N(rt2661_def_bbp); i++) { 2438 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2439 rt2661_def_bbp[i].val); 2440 } 2441 2442 /* write vendor-specific BBP values (from EEPROM) */ 2443 for (i = 0; i < 16; i++) { 2444 if (sc->bbp_prom[i].reg == 0) 2445 continue; 2446 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2447 } 2448 2449 return 0; 2450 #undef N 2451 } 2452 2453 static void 2454 rt2661_init(void *priv) 2455 { 2456 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2457 struct rt2661_softc *sc = priv; 2458 struct ieee80211com *ic = &sc->sc_ic; 2459 struct ifnet *ifp = ic->ic_ifp; 2460 uint32_t tmp, sta[3]; 2461 int i, ntries; 2462 2463 RAL_LOCK(sc); 2464 2465 rt2661_stop_locked(sc); 2466 2467 /* initialize Tx rings */ 2468 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2469 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2470 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2471 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2472 2473 /* initialize Mgt ring */ 2474 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2475 2476 /* initialize Rx ring */ 2477 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2478 2479 /* initialize Tx rings sizes */ 2480 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2481 RT2661_TX_RING_COUNT << 24 | 2482 RT2661_TX_RING_COUNT << 16 | 2483 RT2661_TX_RING_COUNT << 8 | 2484 RT2661_TX_RING_COUNT); 2485 2486 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2487 RT2661_TX_DESC_WSIZE << 16 | 2488 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2489 RT2661_MGT_RING_COUNT); 2490 2491 /* initialize Rx rings */ 2492 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2493 RT2661_RX_DESC_BACK << 16 | 2494 RT2661_RX_DESC_WSIZE << 8 | 2495 RT2661_RX_RING_COUNT); 2496 2497 /* XXX: some magic here */ 2498 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2499 2500 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2501 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2502 2503 /* load base address of Rx ring */ 2504 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2505 2506 /* initialize MAC registers to default values */ 2507 for (i = 0; i < N(rt2661_def_mac); i++) 2508 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2509 2510 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2511 rt2661_set_macaddr(sc, ic->ic_myaddr); 2512 2513 /* set host ready */ 2514 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2515 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2516 2517 /* wait for BBP/RF to wakeup */ 2518 for (ntries = 0; ntries < 1000; ntries++) { 2519 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2520 break; 2521 DELAY(1000); 2522 } 2523 if (ntries == 1000) { 2524 printf("timeout waiting for BBP/RF to wakeup\n"); 2525 rt2661_stop_locked(sc); 2526 RAL_UNLOCK(sc); 2527 return; 2528 } 2529 2530 if (rt2661_bbp_init(sc) != 0) { 2531 rt2661_stop_locked(sc); 2532 RAL_UNLOCK(sc); 2533 return; 2534 } 2535 2536 /* select default channel */ 2537 sc->sc_curchan = ic->ic_curchan; 2538 rt2661_select_band(sc, sc->sc_curchan); 2539 rt2661_select_antenna(sc); 2540 rt2661_set_chan(sc, sc->sc_curchan); 2541 2542 /* update Rx filter */ 2543 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2544 2545 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2546 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2547 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2548 RT2661_DROP_ACKCTS; 2549 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2550 tmp |= RT2661_DROP_TODS; 2551 if (!(ifp->if_flags & IFF_PROMISC)) 2552 tmp |= RT2661_DROP_NOT_TO_ME; 2553 } 2554 2555 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2556 2557 /* clear STA registers */ 2558 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta)); 2559 2560 /* initialize ASIC */ 2561 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2562 2563 /* clear any pending interrupt */ 2564 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2565 2566 /* enable interrupts */ 2567 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2568 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2569 2570 /* kick Rx */ 2571 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2572 RAL_UNLOCK(sc); 2573 2574 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2575 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2576 2577 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2578 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2579 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2580 } else 2581 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2582 2583 2584 #undef N 2585 } 2586 2587 void 2588 rt2661_stop(void *priv) 2589 { 2590 struct rt2661_softc *sc = priv; 2591 2592 RAL_LOCK(sc); 2593 rt2661_stop_locked(sc); 2594 RAL_UNLOCK(sc); 2595 } 2596 2597 void 2598 rt2661_stop_locked(struct rt2661_softc *sc) 2599 { 2600 struct ieee80211com *ic = &sc->sc_ic; 2601 struct ifnet *ifp = ic->ic_ifp; 2602 uint32_t tmp; 2603 volatile int *flags = &sc->sc_flags; 2604 2605 while (*flags & RAL_INPUT_RUNNING) { 2606 msleep(sc, &sc->sc_mtx, 0, "ralrunning", hz/10); 2607 } 2608 2609 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 2610 sc->sc_tx_timer = 0; 2611 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 2612 2613 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2614 2615 /* abort Tx (for all 5 Tx rings) */ 2616 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2617 2618 /* disable Rx (value remains after reset!) */ 2619 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2620 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2621 2622 /* reset ASIC */ 2623 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2624 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2625 2626 /* disable interrupts */ 2627 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffffff); 2628 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2629 2630 /* clear any pending interrupt */ 2631 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2632 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2633 2634 /* reset Tx and Rx rings */ 2635 rt2661_reset_tx_ring(sc, &sc->txq[0]); 2636 rt2661_reset_tx_ring(sc, &sc->txq[1]); 2637 rt2661_reset_tx_ring(sc, &sc->txq[2]); 2638 rt2661_reset_tx_ring(sc, &sc->txq[3]); 2639 rt2661_reset_tx_ring(sc, &sc->mgtq); 2640 rt2661_reset_rx_ring(sc, &sc->rxq); 2641 } 2642 } 2643 2644 static int 2645 rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size) 2646 { 2647 int ntries; 2648 2649 /* reset 8051 */ 2650 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2651 2652 /* cancel any pending Host to MCU command */ 2653 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2654 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2655 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2656 2657 /* write 8051's microcode */ 2658 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2659 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size); 2660 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2661 2662 /* kick 8051's ass */ 2663 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2664 2665 /* wait for 8051 to initialize */ 2666 for (ntries = 0; ntries < 500; ntries++) { 2667 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2668 break; 2669 DELAY(100); 2670 } 2671 if (ntries == 500) { 2672 printf("timeout waiting for MCU to initialize\n"); 2673 return EIO; 2674 } 2675 return 0; 2676 } 2677 2678 #ifdef notyet 2679 /* 2680 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2681 * false CCA count. This function is called periodically (every seconds) when 2682 * in the RUN state. Values taken from the reference driver. 2683 */ 2684 static void 2685 rt2661_rx_tune(struct rt2661_softc *sc) 2686 { 2687 uint8_t bbp17; 2688 uint16_t cca; 2689 int lo, hi, dbm; 2690 2691 /* 2692 * Tuning range depends on operating band and on the presence of an 2693 * external low-noise amplifier. 2694 */ 2695 lo = 0x20; 2696 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2697 lo += 0x08; 2698 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2699 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2700 lo += 0x10; 2701 hi = lo + 0x20; 2702 2703 /* retrieve false CCA count since last call (clear on read) */ 2704 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2705 2706 if (dbm >= -35) { 2707 bbp17 = 0x60; 2708 } else if (dbm >= -58) { 2709 bbp17 = hi; 2710 } else if (dbm >= -66) { 2711 bbp17 = lo + 0x10; 2712 } else if (dbm >= -74) { 2713 bbp17 = lo + 0x08; 2714 } else { 2715 /* RSSI < -74dBm, tune using false CCA count */ 2716 2717 bbp17 = sc->bbp17; /* current value */ 2718 2719 hi -= 2 * (-74 - dbm); 2720 if (hi < lo) 2721 hi = lo; 2722 2723 if (bbp17 > hi) { 2724 bbp17 = hi; 2725 2726 } else if (cca > 512) { 2727 if (++bbp17 > hi) 2728 bbp17 = hi; 2729 } else if (cca < 100) { 2730 if (--bbp17 < lo) 2731 bbp17 = lo; 2732 } 2733 } 2734 2735 if (bbp17 != sc->bbp17) { 2736 rt2661_bbp_write(sc, 17, bbp17); 2737 sc->bbp17 = bbp17; 2738 } 2739 } 2740 2741 /* 2742 * Enter/Leave radar detection mode. 2743 * This is for 802.11h additional regulatory domains. 2744 */ 2745 static void 2746 rt2661_radar_start(struct rt2661_softc *sc) 2747 { 2748 uint32_t tmp; 2749 2750 /* disable Rx */ 2751 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2752 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2753 2754 rt2661_bbp_write(sc, 82, 0x20); 2755 rt2661_bbp_write(sc, 83, 0x00); 2756 rt2661_bbp_write(sc, 84, 0x40); 2757 2758 /* save current BBP registers values */ 2759 sc->bbp18 = rt2661_bbp_read(sc, 18); 2760 sc->bbp21 = rt2661_bbp_read(sc, 21); 2761 sc->bbp22 = rt2661_bbp_read(sc, 22); 2762 sc->bbp16 = rt2661_bbp_read(sc, 16); 2763 sc->bbp17 = rt2661_bbp_read(sc, 17); 2764 sc->bbp64 = rt2661_bbp_read(sc, 64); 2765 2766 rt2661_bbp_write(sc, 18, 0xff); 2767 rt2661_bbp_write(sc, 21, 0x3f); 2768 rt2661_bbp_write(sc, 22, 0x3f); 2769 rt2661_bbp_write(sc, 16, 0xbd); 2770 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2771 rt2661_bbp_write(sc, 64, 0x21); 2772 2773 /* restore Rx filter */ 2774 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2775 } 2776 2777 static int 2778 rt2661_radar_stop(struct rt2661_softc *sc) 2779 { 2780 uint8_t bbp66; 2781 2782 /* read radar detection result */ 2783 bbp66 = rt2661_bbp_read(sc, 66); 2784 2785 /* restore BBP registers values */ 2786 rt2661_bbp_write(sc, 16, sc->bbp16); 2787 rt2661_bbp_write(sc, 17, sc->bbp17); 2788 rt2661_bbp_write(sc, 18, sc->bbp18); 2789 rt2661_bbp_write(sc, 21, sc->bbp21); 2790 rt2661_bbp_write(sc, 22, sc->bbp22); 2791 rt2661_bbp_write(sc, 64, sc->bbp64); 2792 2793 return bbp66 == 1; 2794 } 2795 #endif 2796 2797 static int 2798 rt2661_prepare_beacon(struct rt2661_softc *sc) 2799 { 2800 struct ieee80211com *ic = &sc->sc_ic; 2801 struct ieee80211_beacon_offsets bo; 2802 struct rt2661_tx_desc desc; 2803 struct mbuf *m0; 2804 int rate; 2805 2806 m0 = ieee80211_beacon_alloc(ic, ic->ic_bss, &bo); 2807 if (m0 == NULL) { 2808 device_printf(sc->sc_dev, "could not allocate beacon frame\n"); 2809 return ENOBUFS; 2810 } 2811 2812 /* send beacons at the lowest available rate */ 2813 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2; 2814 2815 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2816 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT); 2817 2818 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2819 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2820 2821 /* copy beacon header and payload into NIC memory */ 2822 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2823 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2824 2825 m_freem(m0); 2826 2827 return 0; 2828 } 2829 2830 /* 2831 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 2832 * and HostAP operating modes. 2833 */ 2834 static void 2835 rt2661_enable_tsf_sync(struct rt2661_softc *sc) 2836 { 2837 struct ieee80211com *ic = &sc->sc_ic; 2838 uint32_t tmp; 2839 2840 if (ic->ic_opmode != IEEE80211_M_STA) { 2841 /* 2842 * Change default 16ms TBTT adjustment to 8ms. 2843 * Must be done before enabling beacon generation. 2844 */ 2845 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 2846 } 2847 2848 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 2849 2850 /* set beacon interval (in 1/16ms unit) */ 2851 tmp |= ic->ic_bss->ni_intval * 16; 2852 2853 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 2854 if (ic->ic_opmode == IEEE80211_M_STA) 2855 tmp |= RT2661_TSF_MODE(1); 2856 else 2857 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 2858 2859 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 2860 } 2861 2862 /* 2863 * Retrieve the "Received Signal Strength Indicator" from the raw values 2864 * contained in Rx descriptors. The computation depends on which band the 2865 * frame was received. Correction values taken from the reference driver. 2866 */ 2867 static int 2868 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 2869 { 2870 int lna, agc, rssi; 2871 2872 lna = (raw >> 5) & 0x3; 2873 agc = raw & 0x1f; 2874 2875 if (lna == 0) { 2876 /* 2877 * No mapping available. 2878 * 2879 * NB: Since RSSI is relative to noise floor, -1 is 2880 * adequate for caller to know error happened. 2881 */ 2882 return -1; 2883 } 2884 2885 rssi = (2 * agc) - RT2661_NOISE_FLOOR; 2886 2887 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 2888 rssi += sc->rssi_2ghz_corr; 2889 2890 if (lna == 1) 2891 rssi -= 64; 2892 else if (lna == 2) 2893 rssi -= 74; 2894 else if (lna == 3) 2895 rssi -= 90; 2896 } else { 2897 rssi += sc->rssi_5ghz_corr; 2898 2899 if (lna == 1) 2900 rssi -= 64; 2901 else if (lna == 2) 2902 rssi -= 86; 2903 else if (lna == 3) 2904 rssi -= 100; 2905 } 2906 return rssi; 2907 } 2908 2909 static void 2910 rt2661_scan_start(struct ieee80211com *ic) 2911 { 2912 struct ifnet *ifp = ic->ic_ifp; 2913 struct rt2661_softc *sc = ifp->if_softc; 2914 uint32_t tmp; 2915 2916 /* abort TSF synchronization */ 2917 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 2918 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0xffffff); 2919 rt2661_set_bssid(sc, ifp->if_broadcastaddr); 2920 } 2921 2922 static void 2923 rt2661_scan_end(struct ieee80211com *ic) 2924 { 2925 struct ifnet *ifp = ic->ic_ifp; 2926 struct rt2661_softc *sc = ifp->if_softc; 2927 2928 rt2661_enable_tsf_sync(sc); 2929 /* XXX keep local copy */ 2930 rt2661_set_bssid(sc, ic->ic_bss->ni_bssid); 2931 } 2932 2933 static void 2934 rt2661_set_channel(struct ieee80211com *ic) 2935 { 2936 struct ifnet *ifp = ic->ic_ifp; 2937 struct rt2661_softc *sc = ifp->if_softc; 2938 2939 RAL_LOCK(sc); 2940 rt2661_set_chan(sc, ic->ic_curchan); 2941 RAL_UNLOCK(sc); 2942 2943 } 2944