1 /* $FreeBSD$ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __FBSDID("$FreeBSD$"); 22 23 /*- 24 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 25 * http://www.ralinktech.com/ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/sysctl.h> 30 #include <sys/sockio.h> 31 #include <sys/mbuf.h> 32 #include <sys/kernel.h> 33 #include <sys/socket.h> 34 #include <sys/systm.h> 35 #include <sys/malloc.h> 36 #include <sys/lock.h> 37 #include <sys/mutex.h> 38 #include <sys/module.h> 39 #include <sys/bus.h> 40 #include <sys/endian.h> 41 42 #include <machine/bus.h> 43 #include <machine/resource.h> 44 #include <sys/rman.h> 45 46 #include <net/bpf.h> 47 #include <net/if.h> 48 #include <net/if_arp.h> 49 #include <net/ethernet.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 54 #include <net80211/ieee80211_var.h> 55 #include <net80211/ieee80211_radiotap.h> 56 57 #include <netinet/in.h> 58 #include <netinet/in_systm.h> 59 #include <netinet/in_var.h> 60 #include <netinet/ip.h> 61 #include <netinet/if_ether.h> 62 63 #include <dev/ral/if_ralrate.h> 64 #include <dev/ral/rt2661reg.h> 65 #include <dev/ral/rt2661var.h> 66 #include <dev/ral/rt2661_ucode.h> 67 68 #ifdef RAL_DEBUG 69 #define DPRINTF(x) do { if (ral_debug > 0) printf x; } while (0) 70 #define DPRINTFN(n, x) do { if (ral_debug >= (n)) printf x; } while (0) 71 int ral_debug = 0; 72 SYSCTL_INT(_debug, OID_AUTO, ral, CTLFLAG_RW, &ral_debug, 0, "ral debug level"); 73 #else 74 #define DPRINTF(x) 75 #define DPRINTFN(n, x) 76 #endif 77 78 static void rt2661_dma_map_addr(void *, bus_dma_segment_t *, int, 79 int); 80 static int rt2661_alloc_tx_ring(struct rt2661_softc *, 81 struct rt2661_tx_ring *, int); 82 static void rt2661_reset_tx_ring(struct rt2661_softc *, 83 struct rt2661_tx_ring *); 84 static void rt2661_free_tx_ring(struct rt2661_softc *, 85 struct rt2661_tx_ring *); 86 static int rt2661_alloc_rx_ring(struct rt2661_softc *, 87 struct rt2661_rx_ring *, int); 88 static void rt2661_reset_rx_ring(struct rt2661_softc *, 89 struct rt2661_rx_ring *); 90 static void rt2661_free_rx_ring(struct rt2661_softc *, 91 struct rt2661_rx_ring *); 92 static struct ieee80211_node *rt2661_node_alloc( 93 struct ieee80211_node_table *); 94 static int rt2661_media_change(struct ifnet *); 95 static void rt2661_next_scan(void *); 96 static int rt2661_newstate(struct ieee80211com *, 97 enum ieee80211_state, int); 98 static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 99 static void rt2661_rx_intr(struct rt2661_softc *); 100 static void rt2661_tx_intr(struct rt2661_softc *); 101 static void rt2661_tx_dma_intr(struct rt2661_softc *, 102 struct rt2661_tx_ring *); 103 static void rt2661_mcu_beacon_expire(struct rt2661_softc *); 104 static void rt2661_mcu_wakeup(struct rt2661_softc *); 105 static void rt2661_mcu_cmd_intr(struct rt2661_softc *); 106 static int rt2661_ack_rate(struct ieee80211com *, int); 107 static uint16_t rt2661_txtime(int, int, uint32_t); 108 static uint8_t rt2661_rxrate(struct rt2661_rx_desc *); 109 static uint8_t rt2661_plcp_signal(int); 110 static void rt2661_setup_tx_desc(struct rt2661_softc *, 111 struct rt2661_tx_desc *, uint32_t, uint16_t, int, 112 int, const bus_dma_segment_t *, int, int); 113 static struct mbuf * rt2661_get_rts(struct rt2661_softc *, 114 struct ieee80211_frame *, uint16_t); 115 static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 116 struct ieee80211_node *, int); 117 static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 118 struct ieee80211_node *); 119 static void rt2661_start(struct ifnet *); 120 static void rt2661_watchdog(void *); 121 static int rt2661_reset(struct ifnet *); 122 static int rt2661_ioctl(struct ifnet *, u_long, caddr_t); 123 static void rt2661_bbp_write(struct rt2661_softc *, uint8_t, 124 uint8_t); 125 static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 126 static void rt2661_rf_write(struct rt2661_softc *, uint8_t, 127 uint32_t); 128 static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, 129 uint16_t); 130 static void rt2661_select_antenna(struct rt2661_softc *); 131 static void rt2661_enable_mrr(struct rt2661_softc *); 132 static void rt2661_set_txpreamble(struct rt2661_softc *); 133 static void rt2661_set_basicrates(struct rt2661_softc *, 134 const struct ieee80211_rateset *); 135 static void rt2661_select_band(struct rt2661_softc *, 136 struct ieee80211_channel *); 137 static void rt2661_set_chan(struct rt2661_softc *, 138 struct ieee80211_channel *); 139 static void rt2661_set_bssid(struct rt2661_softc *, 140 const uint8_t *); 141 static void rt2661_set_macaddr(struct rt2661_softc *, 142 const uint8_t *); 143 static void rt2661_update_promisc(struct rt2661_softc *); 144 static int rt2661_wme_update(struct ieee80211com *) __unused; 145 static void rt2661_update_slot(struct ifnet *); 146 static const char *rt2661_get_rf(int); 147 static void rt2661_read_eeprom(struct rt2661_softc *); 148 static int rt2661_bbp_init(struct rt2661_softc *); 149 static void rt2661_init(void *); 150 static void rt2661_stop(void *); 151 static int rt2661_load_microcode(struct rt2661_softc *, 152 const uint8_t *, int); 153 #ifdef notyet 154 static void rt2661_rx_tune(struct rt2661_softc *); 155 static void rt2661_radar_start(struct rt2661_softc *); 156 static int rt2661_radar_stop(struct rt2661_softc *); 157 #endif 158 static int rt2661_prepare_beacon(struct rt2661_softc *); 159 static void rt2661_enable_tsf_sync(struct rt2661_softc *); 160 static int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 161 162 static const struct { 163 uint32_t reg; 164 uint32_t val; 165 } rt2661_def_mac[] = { 166 RT2661_DEF_MAC 167 }; 168 169 static const struct { 170 uint8_t reg; 171 uint8_t val; 172 } rt2661_def_bbp[] = { 173 RT2661_DEF_BBP 174 }; 175 176 static const struct rfprog { 177 uint8_t chan; 178 uint32_t r1, r2, r3, r4; 179 } rt2661_rf5225_1[] = { 180 RT2661_RF5225_1 181 }, rt2661_rf5225_2[] = { 182 RT2661_RF5225_2 183 }; 184 185 int 186 rt2661_attach(device_t dev, int id) 187 { 188 struct rt2661_softc *sc = device_get_softc(dev); 189 struct ieee80211com *ic = &sc->sc_ic; 190 struct ifnet *ifp; 191 uint32_t val; 192 const uint8_t *ucode = NULL; 193 int error, i, ac, ntries, size = 0; 194 195 sc->sc_dev = dev; 196 197 mtx_init(&sc->sc_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK, 198 MTX_DEF | MTX_RECURSE); 199 200 callout_init_mtx(&sc->watchdog_ch, &sc->sc_mtx, 0); 201 callout_init(&sc->scan_ch, debug_mpsafenet ? CALLOUT_MPSAFE : 0); 202 callout_init(&sc->rssadapt_ch, CALLOUT_MPSAFE); 203 204 /* wait for NIC to initialize */ 205 for (ntries = 0; ntries < 1000; ntries++) { 206 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 207 break; 208 DELAY(1000); 209 } 210 if (ntries == 1000) { 211 device_printf(sc->sc_dev, 212 "timeout waiting for NIC to initialize\n"); 213 error = EIO; 214 goto fail1; 215 } 216 217 /* retrieve RF rev. no and various other things from EEPROM */ 218 rt2661_read_eeprom(sc); 219 220 device_printf(dev, "MAC/BBP RT%X, RF %s\n", val, 221 rt2661_get_rf(sc->rf_rev)); 222 223 /* 224 * Load 8051 microcode into NIC. 225 */ 226 switch (id) { 227 case 0x0301: 228 ucode = rt2561s_ucode; 229 size = sizeof rt2561s_ucode; 230 break; 231 case 0x0302: 232 ucode = rt2561_ucode; 233 size = sizeof rt2561_ucode; 234 break; 235 case 0x0401: 236 ucode = rt2661_ucode; 237 size = sizeof rt2661_ucode; 238 break; 239 } 240 241 error = rt2661_load_microcode(sc, ucode, size); 242 if (error != 0) { 243 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 244 goto fail1; 245 } 246 247 /* 248 * Allocate Tx and Rx rings. 249 */ 250 for (ac = 0; ac < 4; ac++) { 251 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac], 252 RT2661_TX_RING_COUNT); 253 if (error != 0) { 254 device_printf(sc->sc_dev, 255 "could not allocate Tx ring %d\n", ac); 256 goto fail2; 257 } 258 } 259 260 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 261 if (error != 0) { 262 device_printf(sc->sc_dev, "could not allocate Mgt ring\n"); 263 goto fail2; 264 } 265 266 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 267 if (error != 0) { 268 device_printf(sc->sc_dev, "could not allocate Rx ring\n"); 269 goto fail3; 270 } 271 272 ifp = sc->sc_ifp = if_alloc(IFT_ETHER); 273 if (ifp == NULL) { 274 device_printf(sc->sc_dev, "can not if_alloc()\n"); 275 error = ENOMEM; 276 goto fail4; 277 } 278 279 ifp->if_softc = sc; 280 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 281 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 282 ifp->if_init = rt2661_init; 283 ifp->if_ioctl = rt2661_ioctl; 284 ifp->if_start = rt2661_start; 285 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 286 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN; 287 IFQ_SET_READY(&ifp->if_snd); 288 289 ic->ic_ifp = ifp; 290 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 291 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 292 ic->ic_state = IEEE80211_S_INIT; 293 294 /* set device capabilities */ 295 ic->ic_caps = 296 IEEE80211_C_IBSS | /* IBSS mode supported */ 297 IEEE80211_C_MONITOR | /* monitor mode supported */ 298 IEEE80211_C_HOSTAP | /* HostAp mode supported */ 299 IEEE80211_C_TXPMGT | /* tx power management */ 300 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 301 IEEE80211_C_SHSLOT | /* short slot time supported */ 302 #ifdef notyet 303 IEEE80211_C_WME | /* 802.11e */ 304 #endif 305 IEEE80211_C_WPA; /* 802.11i */ 306 307 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) { 308 /* set supported .11a channels */ 309 for (i = 36; i <= 64; i += 4) { 310 ic->ic_channels[i].ic_freq = 311 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 312 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 313 } 314 for (i = 100; i <= 140; i += 4) { 315 ic->ic_channels[i].ic_freq = 316 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 317 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 318 } 319 for (i = 149; i <= 165; i += 4) { 320 ic->ic_channels[i].ic_freq = 321 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 322 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 323 } 324 } 325 326 /* set supported .11b and .11g channels (1 through 14) */ 327 for (i = 1; i <= 14; i++) { 328 ic->ic_channels[i].ic_freq = 329 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 330 ic->ic_channels[i].ic_flags = 331 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 332 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 333 } 334 335 ieee80211_ifattach(ic); 336 ic->ic_node_alloc = rt2661_node_alloc; 337 /* ic->ic_wme.wme_update = rt2661_wme_update;*/ 338 ic->ic_updateslot = rt2661_update_slot; 339 ic->ic_reset = rt2661_reset; 340 /* enable s/w bmiss handling in sta mode */ 341 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 342 343 /* override state transition machine */ 344 sc->sc_newstate = ic->ic_newstate; 345 ic->ic_newstate = rt2661_newstate; 346 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status); 347 348 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 349 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf); 350 351 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 352 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 353 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 354 355 sc->sc_txtap_len = sizeof sc->sc_txtapu; 356 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 357 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 358 359 /* 360 * Add a few sysctl knobs. 361 */ 362 sc->dwelltime = 200; 363 364 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev), 365 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO, "dwell", 366 CTLFLAG_RW, &sc->dwelltime, 0, 367 "channel dwell time (ms) for AP/station scanning"); 368 369 if (bootverbose) 370 ieee80211_announce(ic); 371 372 return 0; 373 374 fail4: rt2661_free_rx_ring(sc, &sc->rxq); 375 fail3: rt2661_free_tx_ring(sc, &sc->mgtq); 376 fail2: while (--ac >= 0) 377 rt2661_free_tx_ring(sc, &sc->txq[ac]); 378 fail1: mtx_destroy(&sc->sc_mtx); 379 380 return error; 381 } 382 383 int 384 rt2661_detach(void *xsc) 385 { 386 struct rt2661_softc *sc = xsc; 387 struct ieee80211com *ic = &sc->sc_ic; 388 struct ifnet *ifp = ic->ic_ifp; 389 390 rt2661_stop(sc); 391 callout_stop(&sc->watchdog_ch); 392 callout_stop(&sc->scan_ch); 393 callout_stop(&sc->rssadapt_ch); 394 395 bpfdetach(ifp); 396 ieee80211_ifdetach(ic); 397 398 rt2661_free_tx_ring(sc, &sc->txq[0]); 399 rt2661_free_tx_ring(sc, &sc->txq[1]); 400 rt2661_free_tx_ring(sc, &sc->txq[2]); 401 rt2661_free_tx_ring(sc, &sc->txq[3]); 402 rt2661_free_tx_ring(sc, &sc->mgtq); 403 rt2661_free_rx_ring(sc, &sc->rxq); 404 405 if_free(ifp); 406 407 mtx_destroy(&sc->sc_mtx); 408 409 return 0; 410 } 411 412 void 413 rt2661_shutdown(void *xsc) 414 { 415 struct rt2661_softc *sc = xsc; 416 417 rt2661_stop(sc); 418 } 419 420 void 421 rt2661_suspend(void *xsc) 422 { 423 struct rt2661_softc *sc = xsc; 424 425 rt2661_stop(sc); 426 } 427 428 void 429 rt2661_resume(void *xsc) 430 { 431 struct rt2661_softc *sc = xsc; 432 struct ifnet *ifp = sc->sc_ic.ic_ifp; 433 434 if (ifp->if_flags & IFF_UP) { 435 ifp->if_init(ifp->if_softc); 436 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 437 ifp->if_start(ifp); 438 } 439 } 440 441 static void 442 rt2661_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 443 { 444 if (error != 0) 445 return; 446 447 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 448 449 *(bus_addr_t *)arg = segs[0].ds_addr; 450 } 451 452 static int 453 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 454 int count) 455 { 456 int i, error; 457 458 ring->count = count; 459 ring->queued = 0; 460 ring->cur = ring->next = ring->stat = 0; 461 462 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 463 BUS_SPACE_MAXADDR, NULL, NULL, count * RT2661_TX_DESC_SIZE, 1, 464 count * RT2661_TX_DESC_SIZE, 0, NULL, NULL, &ring->desc_dmat); 465 if (error != 0) { 466 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 467 goto fail; 468 } 469 470 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 471 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 472 if (error != 0) { 473 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 474 goto fail; 475 } 476 477 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 478 count * RT2661_TX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 479 0); 480 if (error != 0) { 481 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 482 goto fail; 483 } 484 485 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF, 486 M_NOWAIT | M_ZERO); 487 if (ring->data == NULL) { 488 device_printf(sc->sc_dev, "could not allocate soft data\n"); 489 error = ENOMEM; 490 goto fail; 491 } 492 493 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 494 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, RT2661_MAX_SCATTER, 495 MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 496 if (error != 0) { 497 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 498 goto fail; 499 } 500 501 for (i = 0; i < count; i++) { 502 error = bus_dmamap_create(ring->data_dmat, 0, 503 &ring->data[i].map); 504 if (error != 0) { 505 device_printf(sc->sc_dev, "could not create DMA map\n"); 506 goto fail; 507 } 508 } 509 510 return 0; 511 512 fail: rt2661_free_tx_ring(sc, ring); 513 return error; 514 } 515 516 static void 517 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 518 { 519 struct rt2661_tx_desc *desc; 520 struct rt2661_tx_data *data; 521 int i; 522 523 for (i = 0; i < ring->count; i++) { 524 desc = &ring->desc[i]; 525 data = &ring->data[i]; 526 527 if (data->m != NULL) { 528 bus_dmamap_sync(ring->data_dmat, data->map, 529 BUS_DMASYNC_POSTWRITE); 530 bus_dmamap_unload(ring->data_dmat, data->map); 531 m_freem(data->m); 532 data->m = NULL; 533 } 534 535 if (data->ni != NULL) { 536 ieee80211_free_node(data->ni); 537 data->ni = NULL; 538 } 539 540 desc->flags = 0; 541 } 542 543 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 544 545 ring->queued = 0; 546 ring->cur = ring->next = ring->stat = 0; 547 } 548 549 static void 550 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 551 { 552 struct rt2661_tx_data *data; 553 int i; 554 555 if (ring->desc != NULL) { 556 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 557 BUS_DMASYNC_POSTWRITE); 558 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 559 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 560 } 561 562 if (ring->desc_dmat != NULL) 563 bus_dma_tag_destroy(ring->desc_dmat); 564 565 if (ring->data != NULL) { 566 for (i = 0; i < ring->count; i++) { 567 data = &ring->data[i]; 568 569 if (data->m != NULL) { 570 bus_dmamap_sync(ring->data_dmat, data->map, 571 BUS_DMASYNC_POSTWRITE); 572 bus_dmamap_unload(ring->data_dmat, data->map); 573 m_freem(data->m); 574 } 575 576 if (data->ni != NULL) 577 ieee80211_free_node(data->ni); 578 579 if (data->map != NULL) 580 bus_dmamap_destroy(ring->data_dmat, data->map); 581 } 582 583 free(ring->data, M_DEVBUF); 584 } 585 586 if (ring->data_dmat != NULL) 587 bus_dma_tag_destroy(ring->data_dmat); 588 } 589 590 static int 591 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 592 int count) 593 { 594 struct rt2661_rx_desc *desc; 595 struct rt2661_rx_data *data; 596 bus_addr_t physaddr; 597 int i, error; 598 599 ring->count = count; 600 ring->cur = ring->next = 0; 601 602 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT, 603 BUS_SPACE_MAXADDR, NULL, NULL, count * RT2661_RX_DESC_SIZE, 1, 604 count * RT2661_RX_DESC_SIZE, 0, NULL, NULL, &ring->desc_dmat); 605 if (error != 0) { 606 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 607 goto fail; 608 } 609 610 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 611 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 612 if (error != 0) { 613 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 614 goto fail; 615 } 616 617 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 618 count * RT2661_RX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr, 619 0); 620 if (error != 0) { 621 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 622 goto fail; 623 } 624 625 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF, 626 M_NOWAIT | M_ZERO); 627 if (ring->data == NULL) { 628 device_printf(sc->sc_dev, "could not allocate soft data\n"); 629 error = ENOMEM; 630 goto fail; 631 } 632 633 /* 634 * Pre-allocate Rx buffers and populate Rx ring. 635 */ 636 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT, 637 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, NULL, 638 NULL, &ring->data_dmat); 639 if (error != 0) { 640 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 641 goto fail; 642 } 643 644 for (i = 0; i < count; i++) { 645 desc = &sc->rxq.desc[i]; 646 data = &sc->rxq.data[i]; 647 648 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 649 if (error != 0) { 650 device_printf(sc->sc_dev, "could not create DMA map\n"); 651 goto fail; 652 } 653 654 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 655 if (data->m == NULL) { 656 device_printf(sc->sc_dev, 657 "could not allocate rx mbuf\n"); 658 error = ENOMEM; 659 goto fail; 660 } 661 662 error = bus_dmamap_load(ring->data_dmat, data->map, 663 mtod(data->m, void *), MCLBYTES, rt2661_dma_map_addr, 664 &physaddr, 0); 665 if (error != 0) { 666 device_printf(sc->sc_dev, 667 "could not load rx buf DMA map"); 668 goto fail; 669 } 670 671 desc->flags = htole32(RT2661_RX_BUSY); 672 desc->physaddr = htole32(physaddr); 673 } 674 675 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 676 677 return 0; 678 679 fail: rt2661_free_rx_ring(sc, ring); 680 return error; 681 } 682 683 static void 684 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 685 { 686 int i; 687 688 for (i = 0; i < ring->count; i++) 689 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 690 691 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE); 692 693 ring->cur = ring->next = 0; 694 } 695 696 static void 697 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 698 { 699 struct rt2661_rx_data *data; 700 int i; 701 702 if (ring->desc != NULL) { 703 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 704 BUS_DMASYNC_POSTWRITE); 705 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 706 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 707 } 708 709 if (ring->desc_dmat != NULL) 710 bus_dma_tag_destroy(ring->desc_dmat); 711 712 if (ring->data != NULL) { 713 for (i = 0; i < ring->count; i++) { 714 data = &ring->data[i]; 715 716 if (data->m != NULL) { 717 bus_dmamap_sync(ring->data_dmat, data->map, 718 BUS_DMASYNC_POSTREAD); 719 bus_dmamap_unload(ring->data_dmat, data->map); 720 m_freem(data->m); 721 } 722 723 if (data->map != NULL) 724 bus_dmamap_destroy(ring->data_dmat, data->map); 725 } 726 727 free(ring->data, M_DEVBUF); 728 } 729 730 if (ring->data_dmat != NULL) 731 bus_dma_tag_destroy(ring->data_dmat); 732 } 733 734 static struct ieee80211_node * 735 rt2661_node_alloc(struct ieee80211_node_table *nt) 736 { 737 struct rt2661_node *rn; 738 739 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE, 740 M_NOWAIT | M_ZERO); 741 742 return (rn != NULL) ? &rn->ni : NULL; 743 } 744 745 static int 746 rt2661_media_change(struct ifnet *ifp) 747 { 748 struct rt2661_softc *sc = ifp->if_softc; 749 int error; 750 751 error = ieee80211_media_change(ifp); 752 if (error != ENETRESET) 753 return error; 754 755 if ((ifp->if_flags & IFF_UP) && (ifp->if_drv_flags & IFF_DRV_RUNNING)) 756 rt2661_init(sc); 757 758 return 0; 759 } 760 761 /* 762 * This function is called periodically (every 200ms) during scanning to 763 * switch from one channel to another. 764 */ 765 static void 766 rt2661_next_scan(void *arg) 767 { 768 struct rt2661_softc *sc = arg; 769 struct ieee80211com *ic = &sc->sc_ic; 770 771 if (ic->ic_state == IEEE80211_S_SCAN) 772 ieee80211_next_scan(ic); 773 } 774 775 /* 776 * This function is called for each node present in the node station table. 777 */ 778 static void 779 rt2661_iter_func(void *arg, struct ieee80211_node *ni) 780 { 781 struct rt2661_node *rn = (struct rt2661_node *)ni; 782 783 ral_rssadapt_updatestats(&rn->rssadapt); 784 } 785 786 /* 787 * This function is called periodically (every 100ms) in RUN state to update 788 * the rate adaptation statistics. 789 */ 790 static void 791 rt2661_update_rssadapt(void *arg) 792 { 793 struct rt2661_softc *sc = arg; 794 struct ieee80211com *ic = &sc->sc_ic; 795 796 RAL_LOCK(sc); 797 798 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg); 799 callout_reset(&sc->rssadapt_ch, hz / 10, rt2661_update_rssadapt, sc); 800 801 RAL_UNLOCK(sc); 802 } 803 804 static int 805 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 806 { 807 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 808 enum ieee80211_state ostate; 809 struct ieee80211_node *ni; 810 uint32_t tmp; 811 int error = 0; 812 813 ostate = ic->ic_state; 814 callout_stop(&sc->scan_ch); 815 816 switch (nstate) { 817 case IEEE80211_S_INIT: 818 callout_stop(&sc->rssadapt_ch); 819 820 if (ostate == IEEE80211_S_RUN) { 821 /* abort TSF synchronization */ 822 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 823 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 824 } 825 break; 826 827 case IEEE80211_S_SCAN: 828 rt2661_set_chan(sc, ic->ic_curchan); 829 callout_reset(&sc->scan_ch, (sc->dwelltime * hz) / 1000, 830 rt2661_next_scan, sc); 831 break; 832 833 case IEEE80211_S_AUTH: 834 case IEEE80211_S_ASSOC: 835 rt2661_set_chan(sc, ic->ic_curchan); 836 break; 837 838 case IEEE80211_S_RUN: 839 rt2661_set_chan(sc, ic->ic_curchan); 840 841 ni = ic->ic_bss; 842 843 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 844 rt2661_enable_mrr(sc); 845 rt2661_set_txpreamble(sc); 846 rt2661_set_basicrates(sc, &ni->ni_rates); 847 rt2661_set_bssid(sc, ni->ni_bssid); 848 } 849 850 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 851 ic->ic_opmode == IEEE80211_M_IBSS) { 852 if ((error = rt2661_prepare_beacon(sc)) != 0) 853 break; 854 } 855 856 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 857 callout_reset(&sc->rssadapt_ch, hz / 10, 858 rt2661_update_rssadapt, sc); 859 rt2661_enable_tsf_sync(sc); 860 } 861 break; 862 } 863 864 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg); 865 } 866 867 /* 868 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 869 * 93C66). 870 */ 871 static uint16_t 872 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 873 { 874 uint32_t tmp; 875 uint16_t val; 876 int n; 877 878 /* clock C once before the first command */ 879 RT2661_EEPROM_CTL(sc, 0); 880 881 RT2661_EEPROM_CTL(sc, RT2661_S); 882 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 883 RT2661_EEPROM_CTL(sc, RT2661_S); 884 885 /* write start bit (1) */ 886 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 887 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 888 889 /* write READ opcode (10) */ 890 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 891 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 892 RT2661_EEPROM_CTL(sc, RT2661_S); 893 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 894 895 /* write address (A5-A0 or A7-A0) */ 896 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 897 for (; n >= 0; n--) { 898 RT2661_EEPROM_CTL(sc, RT2661_S | 899 (((addr >> n) & 1) << RT2661_SHIFT_D)); 900 RT2661_EEPROM_CTL(sc, RT2661_S | 901 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 902 } 903 904 RT2661_EEPROM_CTL(sc, RT2661_S); 905 906 /* read data Q15-Q0 */ 907 val = 0; 908 for (n = 15; n >= 0; n--) { 909 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 910 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 911 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 912 RT2661_EEPROM_CTL(sc, RT2661_S); 913 } 914 915 RT2661_EEPROM_CTL(sc, 0); 916 917 /* clear Chip Select and clock C */ 918 RT2661_EEPROM_CTL(sc, RT2661_S); 919 RT2661_EEPROM_CTL(sc, 0); 920 RT2661_EEPROM_CTL(sc, RT2661_C); 921 922 return val; 923 } 924 925 static void 926 rt2661_tx_intr(struct rt2661_softc *sc) 927 { 928 struct ieee80211com *ic = &sc->sc_ic; 929 struct ifnet *ifp = ic->ic_ifp; 930 struct rt2661_tx_ring *txq; 931 struct rt2661_tx_data *data; 932 struct rt2661_node *rn; 933 uint32_t val; 934 int qid, retrycnt; 935 936 for (;;) { 937 val = RAL_READ(sc, RT2661_STA_CSR4); 938 if (!(val & RT2661_TX_STAT_VALID)) 939 break; 940 941 /* retrieve the queue in which this frame was sent */ 942 qid = RT2661_TX_QID(val); 943 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq; 944 945 /* retrieve rate control algorithm context */ 946 data = &txq->data[txq->stat]; 947 rn = (struct rt2661_node *)data->ni; 948 949 /* if no frame has been sent, ignore */ 950 if (rn == NULL) 951 continue; 952 953 switch (RT2661_TX_RESULT(val)) { 954 case RT2661_TX_SUCCESS: 955 retrycnt = RT2661_TX_RETRYCNT(val); 956 957 DPRINTFN(10, ("data frame sent successfully after " 958 "%d retries\n", retrycnt)); 959 if (retrycnt == 0 && data->id.id_node != NULL) { 960 ral_rssadapt_raise_rate(ic, &rn->rssadapt, 961 &data->id); 962 } 963 ifp->if_opackets++; 964 break; 965 966 case RT2661_TX_RETRY_FAIL: 967 DPRINTFN(9, ("sending data frame failed (too much " 968 "retries)\n")); 969 if (data->id.id_node != NULL) { 970 ral_rssadapt_lower_rate(ic, data->ni, 971 &rn->rssadapt, &data->id); 972 } 973 ifp->if_oerrors++; 974 break; 975 976 default: 977 /* other failure */ 978 device_printf(sc->sc_dev, 979 "sending data frame failed 0x%08x\n", val); 980 ifp->if_oerrors++; 981 } 982 983 ieee80211_free_node(data->ni); 984 data->ni = NULL; 985 986 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat)); 987 988 txq->queued--; 989 if (++txq->stat >= txq->count) /* faster than % count */ 990 txq->stat = 0; 991 } 992 993 sc->sc_tx_timer = 0; 994 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 995 rt2661_start(ifp); 996 } 997 998 static void 999 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 1000 { 1001 struct rt2661_tx_desc *desc; 1002 struct rt2661_tx_data *data; 1003 1004 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_POSTREAD); 1005 1006 for (;;) { 1007 desc = &txq->desc[txq->next]; 1008 data = &txq->data[txq->next]; 1009 1010 if ((le32toh(desc->flags) & RT2661_TX_BUSY) || 1011 !(le32toh(desc->flags) & RT2661_TX_VALID)) 1012 break; 1013 1014 bus_dmamap_sync(txq->data_dmat, data->map, 1015 BUS_DMASYNC_POSTWRITE); 1016 bus_dmamap_unload(txq->data_dmat, data->map); 1017 m_freem(data->m); 1018 data->m = NULL; 1019 /* node reference is released in rt2661_tx_intr() */ 1020 1021 /* descriptor is no longer valid */ 1022 desc->flags &= ~htole32(RT2661_TX_VALID); 1023 1024 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 1025 1026 if (++txq->next >= txq->count) /* faster than % count */ 1027 txq->next = 0; 1028 } 1029 1030 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1031 } 1032 1033 static void 1034 rt2661_rx_intr(struct rt2661_softc *sc) 1035 { 1036 struct ieee80211com *ic = &sc->sc_ic; 1037 struct ifnet *ifp = ic->ic_ifp; 1038 struct rt2661_rx_desc *desc; 1039 struct rt2661_rx_data *data; 1040 bus_addr_t physaddr; 1041 struct ieee80211_frame *wh; 1042 struct ieee80211_node *ni; 1043 struct rt2661_node *rn; 1044 struct mbuf *mnew, *m; 1045 int error; 1046 1047 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1048 BUS_DMASYNC_POSTREAD); 1049 1050 for (;;) { 1051 desc = &sc->rxq.desc[sc->rxq.cur]; 1052 data = &sc->rxq.data[sc->rxq.cur]; 1053 1054 if (le32toh(desc->flags) & RT2661_RX_BUSY) 1055 break; 1056 1057 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) || 1058 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) { 1059 /* 1060 * This should not happen since we did not request 1061 * to receive those frames when we filled TXRX_CSR0. 1062 */ 1063 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1064 le32toh(desc->flags))); 1065 ifp->if_ierrors++; 1066 goto skip; 1067 } 1068 1069 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1070 ifp->if_ierrors++; 1071 goto skip; 1072 } 1073 1074 /* 1075 * Try to allocate a new mbuf for this ring element and load it 1076 * before processing the current mbuf. If the ring element 1077 * cannot be loaded, drop the received packet and reuse the old 1078 * mbuf. In the unlikely case that the old mbuf can't be 1079 * reloaded either, explicitly panic. 1080 */ 1081 mnew = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1082 if (mnew == NULL) { 1083 ifp->if_ierrors++; 1084 goto skip; 1085 } 1086 1087 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1088 BUS_DMASYNC_POSTREAD); 1089 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1090 1091 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1092 mtod(mnew, void *), MCLBYTES, rt2661_dma_map_addr, 1093 &physaddr, 0); 1094 if (error != 0) { 1095 m_freem(mnew); 1096 1097 /* try to reload the old mbuf */ 1098 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1099 mtod(data->m, void *), MCLBYTES, 1100 rt2661_dma_map_addr, &physaddr, 0); 1101 if (error != 0) { 1102 /* very unlikely that it will fail... */ 1103 panic("%s: could not load old rx mbuf", 1104 device_get_name(sc->sc_dev)); 1105 } 1106 ifp->if_ierrors++; 1107 goto skip; 1108 } 1109 1110 /* 1111 * New mbuf successfully loaded, update Rx ring and continue 1112 * processing. 1113 */ 1114 m = data->m; 1115 data->m = mnew; 1116 desc->physaddr = htole32(physaddr); 1117 1118 /* finalize mbuf */ 1119 m->m_pkthdr.rcvif = ifp; 1120 m->m_pkthdr.len = m->m_len = 1121 (le32toh(desc->flags) >> 16) & 0xfff; 1122 1123 if (bpf_peers_present(sc->sc_drvbpf)) { 1124 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1125 uint32_t tsf_lo, tsf_hi; 1126 1127 /* get timestamp (low and high 32 bits) */ 1128 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1129 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1130 1131 tap->wr_tsf = 1132 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1133 tap->wr_flags = 0; 1134 tap->wr_rate = rt2661_rxrate(desc); 1135 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 1136 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 1137 tap->wr_antsignal = desc->rssi; 1138 1139 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1140 } 1141 1142 wh = mtod(m, struct ieee80211_frame *); 1143 ni = ieee80211_find_rxnode(ic, 1144 (struct ieee80211_frame_min *)wh); 1145 1146 /* send the frame to the 802.11 layer */ 1147 ieee80211_input(ic, m, ni, desc->rssi, 0); 1148 1149 /* give rssi to the rate adatation algorithm */ 1150 rn = (struct rt2661_node *)ni; 1151 ral_rssadapt_input(ic, ni, &rn->rssadapt, 1152 rt2661_get_rssi(sc, desc->rssi)); 1153 1154 /* node is no longer needed */ 1155 ieee80211_free_node(ni); 1156 1157 skip: desc->flags |= htole32(RT2661_RX_BUSY); 1158 1159 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur)); 1160 1161 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1162 } 1163 1164 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map, 1165 BUS_DMASYNC_PREWRITE); 1166 } 1167 1168 /* ARGSUSED */ 1169 static void 1170 rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1171 { 1172 /* do nothing */ 1173 } 1174 1175 static void 1176 rt2661_mcu_wakeup(struct rt2661_softc *sc) 1177 { 1178 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1179 1180 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1181 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1182 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1183 1184 /* send wakeup command to MCU */ 1185 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1186 } 1187 1188 static void 1189 rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1190 { 1191 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1192 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1193 } 1194 1195 void 1196 rt2661_intr(void *arg) 1197 { 1198 struct rt2661_softc *sc = arg; 1199 struct ifnet *ifp = sc->sc_ifp; 1200 uint32_t r1, r2; 1201 1202 RAL_LOCK(sc); 1203 1204 /* disable MAC and MCU interrupts */ 1205 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1206 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1207 1208 /* don't re-enable interrupts if we're shutting down */ 1209 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 1210 RAL_UNLOCK(sc); 1211 return; 1212 } 1213 1214 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1215 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1216 1217 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1218 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1219 1220 if (r1 & RT2661_MGT_DONE) 1221 rt2661_tx_dma_intr(sc, &sc->mgtq); 1222 1223 if (r1 & RT2661_RX_DONE) 1224 rt2661_rx_intr(sc); 1225 1226 if (r1 & RT2661_TX0_DMA_DONE) 1227 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1228 1229 if (r1 & RT2661_TX1_DMA_DONE) 1230 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1231 1232 if (r1 & RT2661_TX2_DMA_DONE) 1233 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1234 1235 if (r1 & RT2661_TX3_DMA_DONE) 1236 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1237 1238 if (r1 & RT2661_TX_DONE) 1239 rt2661_tx_intr(sc); 1240 1241 if (r2 & RT2661_MCU_CMD_DONE) 1242 rt2661_mcu_cmd_intr(sc); 1243 1244 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1245 rt2661_mcu_beacon_expire(sc); 1246 1247 if (r2 & RT2661_MCU_WAKEUP) 1248 rt2661_mcu_wakeup(sc); 1249 1250 /* re-enable MAC and MCU interrupts */ 1251 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 1252 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 1253 1254 RAL_UNLOCK(sc); 1255 } 1256 1257 /* quickly determine if a given rate is CCK or OFDM */ 1258 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1259 1260 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1261 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1262 1263 #define RAL_SIFS 10 /* us */ 1264 1265 /* 1266 * This function is only used by the Rx radiotap code. It returns the rate at 1267 * which a given frame was received. 1268 */ 1269 static uint8_t 1270 rt2661_rxrate(struct rt2661_rx_desc *desc) 1271 { 1272 if (le32toh(desc->flags) & RT2661_RX_OFDM) { 1273 /* reverse function of rt2661_plcp_signal */ 1274 switch (desc->rate & 0xf) { 1275 case 0xb: return 12; 1276 case 0xf: return 18; 1277 case 0xa: return 24; 1278 case 0xe: return 36; 1279 case 0x9: return 48; 1280 case 0xd: return 72; 1281 case 0x8: return 96; 1282 case 0xc: return 108; 1283 } 1284 } else { 1285 if (desc->rate == 10) 1286 return 2; 1287 if (desc->rate == 20) 1288 return 4; 1289 if (desc->rate == 55) 1290 return 11; 1291 if (desc->rate == 110) 1292 return 22; 1293 } 1294 return 2; /* should not get there */ 1295 } 1296 1297 /* 1298 * Return the expected ack rate for a frame transmitted at rate `rate'. 1299 * XXX: this should depend on the destination node basic rate set. 1300 */ 1301 static int 1302 rt2661_ack_rate(struct ieee80211com *ic, int rate) 1303 { 1304 switch (rate) { 1305 /* CCK rates */ 1306 case 2: 1307 return 2; 1308 case 4: 1309 case 11: 1310 case 22: 1311 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1312 1313 /* OFDM rates */ 1314 case 12: 1315 case 18: 1316 return 12; 1317 case 24: 1318 case 36: 1319 return 24; 1320 case 48: 1321 case 72: 1322 case 96: 1323 case 108: 1324 return 48; 1325 } 1326 1327 /* default to 1Mbps */ 1328 return 2; 1329 } 1330 1331 /* 1332 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1333 * The function automatically determines the operating mode depending on the 1334 * given rate. `flags' indicates whether short preamble is in use or not. 1335 */ 1336 static uint16_t 1337 rt2661_txtime(int len, int rate, uint32_t flags) 1338 { 1339 uint16_t txtime; 1340 1341 if (RAL_RATE_IS_OFDM(rate)) { 1342 /* IEEE Std 802.11a-1999, pp. 37 */ 1343 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1344 txtime = 16 + 4 + 4 * txtime + 6; 1345 } else { 1346 /* IEEE Std 802.11b-1999, pp. 28 */ 1347 txtime = (16 * len + rate - 1) / rate; 1348 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1349 txtime += 72 + 24; 1350 else 1351 txtime += 144 + 48; 1352 } 1353 1354 return txtime; 1355 } 1356 1357 static uint8_t 1358 rt2661_plcp_signal(int rate) 1359 { 1360 switch (rate) { 1361 /* CCK rates (returned values are device-dependent) */ 1362 case 2: return 0x0; 1363 case 4: return 0x1; 1364 case 11: return 0x2; 1365 case 22: return 0x3; 1366 1367 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1368 case 12: return 0xb; 1369 case 18: return 0xf; 1370 case 24: return 0xa; 1371 case 36: return 0xe; 1372 case 48: return 0x9; 1373 case 72: return 0xd; 1374 case 96: return 0x8; 1375 case 108: return 0xc; 1376 1377 /* unsupported rates (should not get there) */ 1378 default: return 0xff; 1379 } 1380 } 1381 1382 static void 1383 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1384 uint32_t flags, uint16_t xflags, int len, int rate, 1385 const bus_dma_segment_t *segs, int nsegs, int ac) 1386 { 1387 struct ieee80211com *ic = &sc->sc_ic; 1388 uint16_t plcp_length; 1389 int i, remainder; 1390 1391 desc->flags = htole32(flags); 1392 desc->flags |= htole32(len << 16); 1393 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1394 1395 desc->xflags = htole16(xflags); 1396 desc->xflags |= htole16(nsegs << 13); 1397 1398 desc->wme = htole16( 1399 RT2661_QID(ac) | 1400 RT2661_AIFSN(2) | 1401 RT2661_LOGCWMIN(4) | 1402 RT2661_LOGCWMAX(10)); 1403 1404 /* 1405 * Remember in which queue this frame was sent. This field is driver 1406 * private data only. It will be made available by the NIC in STA_CSR4 1407 * on Tx interrupts. 1408 */ 1409 desc->qid = ac; 1410 1411 /* setup PLCP fields */ 1412 desc->plcp_signal = rt2661_plcp_signal(rate); 1413 desc->plcp_service = 4; 1414 1415 len += IEEE80211_CRC_LEN; 1416 if (RAL_RATE_IS_OFDM(rate)) { 1417 desc->flags |= htole32(RT2661_TX_OFDM); 1418 1419 plcp_length = len & 0xfff; 1420 desc->plcp_length_hi = plcp_length >> 6; 1421 desc->plcp_length_lo = plcp_length & 0x3f; 1422 } else { 1423 plcp_length = (16 * len + rate - 1) / rate; 1424 if (rate == 22) { 1425 remainder = (16 * len) % 22; 1426 if (remainder != 0 && remainder < 7) 1427 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1428 } 1429 desc->plcp_length_hi = plcp_length >> 8; 1430 desc->plcp_length_lo = plcp_length & 0xff; 1431 1432 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1433 desc->plcp_signal |= 0x08; 1434 } 1435 1436 /* RT2x61 supports scatter with up to 5 segments */ 1437 for (i = 0; i < nsegs; i++) { 1438 desc->addr[i] = htole32(segs[i].ds_addr); 1439 desc->len [i] = htole16(segs[i].ds_len); 1440 } 1441 } 1442 1443 static int 1444 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1445 struct ieee80211_node *ni) 1446 { 1447 struct ieee80211com *ic = &sc->sc_ic; 1448 struct rt2661_tx_desc *desc; 1449 struct rt2661_tx_data *data; 1450 struct ieee80211_frame *wh; 1451 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1452 uint16_t dur; 1453 uint32_t flags = 0; /* XXX HWSEQ */ 1454 int nsegs, rate, error; 1455 1456 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1457 data = &sc->mgtq.data[sc->mgtq.cur]; 1458 1459 /* send mgt frames at the lowest available rate */ 1460 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1461 1462 error = bus_dmamap_load_mbuf_sg(sc->mgtq.data_dmat, data->map, m0, 1463 segs, &nsegs, 0); 1464 if (error != 0) { 1465 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1466 error); 1467 m_freem(m0); 1468 return error; 1469 } 1470 1471 if (bpf_peers_present(sc->sc_drvbpf)) { 1472 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1473 1474 tap->wt_flags = 0; 1475 tap->wt_rate = rate; 1476 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1477 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1478 1479 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1480 } 1481 1482 data->m = m0; 1483 data->ni = ni; 1484 1485 wh = mtod(m0, struct ieee80211_frame *); 1486 1487 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1488 flags |= RT2661_TX_NEED_ACK; 1489 1490 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1491 RAL_SIFS; 1492 *(uint16_t *)wh->i_dur = htole16(dur); 1493 1494 /* tell hardware to add timestamp in probe responses */ 1495 if ((wh->i_fc[0] & 1496 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1497 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1498 flags |= RT2661_TX_TIMESTAMP; 1499 } 1500 1501 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1502 m0->m_pkthdr.len, rate, segs, nsegs, RT2661_QID_MGT); 1503 1504 bus_dmamap_sync(sc->mgtq.data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1505 bus_dmamap_sync(sc->mgtq.desc_dmat, sc->mgtq.desc_map, 1506 BUS_DMASYNC_PREWRITE); 1507 1508 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1509 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1510 1511 /* kick mgt */ 1512 sc->mgtq.queued++; 1513 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1514 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1515 1516 return 0; 1517 } 1518 1519 /* 1520 * Build a RTS control frame. 1521 */ 1522 static struct mbuf * 1523 rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh, 1524 uint16_t dur) 1525 { 1526 struct ieee80211_frame_rts *rts; 1527 struct mbuf *m; 1528 1529 MGETHDR(m, M_DONTWAIT, MT_DATA); 1530 if (m == NULL) { 1531 sc->sc_ic.ic_stats.is_tx_nobuf++; 1532 device_printf(sc->sc_dev, "could not allocate RTS frame\n"); 1533 return NULL; 1534 } 1535 1536 rts = mtod(m, struct ieee80211_frame_rts *); 1537 1538 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL | 1539 IEEE80211_FC0_SUBTYPE_RTS; 1540 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1541 *(uint16_t *)rts->i_dur = htole16(dur); 1542 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1); 1543 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2); 1544 1545 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts); 1546 1547 return m; 1548 } 1549 1550 static int 1551 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1552 struct ieee80211_node *ni, int ac) 1553 { 1554 struct ieee80211com *ic = &sc->sc_ic; 1555 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1556 struct rt2661_tx_desc *desc; 1557 struct rt2661_tx_data *data; 1558 struct rt2661_node *rn; 1559 struct ieee80211_rateset *rs; 1560 struct ieee80211_frame *wh; 1561 struct ieee80211_key *k; 1562 const struct chanAccParams *cap; 1563 struct mbuf *mnew; 1564 bus_dma_segment_t segs[RT2661_MAX_SCATTER]; 1565 uint16_t dur; 1566 uint32_t flags = 0; 1567 int error, nsegs, rate, noack = 0; 1568 1569 wh = mtod(m0, struct ieee80211_frame *); 1570 1571 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1572 rs = &ic->ic_sup_rates[ic->ic_curmode]; 1573 rate = rs->rs_rates[ic->ic_fixed_rate]; 1574 } else { 1575 rs = &ni->ni_rates; 1576 rn = (struct rt2661_node *)ni; 1577 ni->ni_txrate = ral_rssadapt_choose(&rn->rssadapt, rs, 1578 wh, m0->m_pkthdr.len, NULL, 0); 1579 rate = rs->rs_rates[ni->ni_txrate]; 1580 } 1581 rate &= IEEE80211_RATE_VAL; 1582 1583 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) { 1584 cap = &ic->ic_wme.wme_chanParams; 1585 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1586 } 1587 1588 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1589 k = ieee80211_crypto_encap(ic, ni, m0); 1590 if (k == NULL) { 1591 m_freem(m0); 1592 return ENOBUFS; 1593 } 1594 1595 /* packet header may have moved, reset our local pointer */ 1596 wh = mtod(m0, struct ieee80211_frame *); 1597 } 1598 1599 /* 1600 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange 1601 * for directed frames only when the length of the MPDU is greater 1602 * than the length threshold indicated by [...]" ic_rtsthreshold. 1603 */ 1604 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 1605 m0->m_pkthdr.len > ic->ic_rtsthreshold) { 1606 struct mbuf *m; 1607 uint16_t dur; 1608 int rtsrate, ackrate; 1609 1610 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1611 ackrate = rt2661_ack_rate(ic, rate); 1612 1613 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) + 1614 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) + 1615 /* XXX: noack (QoS)? */ 1616 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1617 3 * RAL_SIFS; 1618 1619 m = rt2661_get_rts(sc, wh, dur); 1620 1621 desc = &txq->desc[txq->cur]; 1622 data = &txq->data[txq->cur]; 1623 1624 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m, 1625 segs, &nsegs, 0); 1626 if (error != 0) { 1627 device_printf(sc->sc_dev, 1628 "could not map mbuf (error %d)\n", error); 1629 m_freem(m); 1630 m_freem(m0); 1631 return error; 1632 } 1633 1634 /* avoid multiple free() of the same node for each fragment */ 1635 ieee80211_ref_node(ni); 1636 1637 data->m = m; 1638 data->ni = ni; 1639 1640 /* RTS frames are not taken into account for rssadapt */ 1641 data->id.id_node = NULL; 1642 1643 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK | 1644 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate, segs, 1645 nsegs, ac); 1646 1647 bus_dmamap_sync(txq->data_dmat, data->map, 1648 BUS_DMASYNC_PREWRITE); 1649 1650 txq->queued++; 1651 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1652 1653 /* 1654 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the 1655 * asynchronous data frame shall be transmitted after the CTS 1656 * frame and a SIFS period. 1657 */ 1658 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS; 1659 } 1660 1661 data = &txq->data[txq->cur]; 1662 desc = &txq->desc[txq->cur]; 1663 1664 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, segs, 1665 &nsegs, 0); 1666 if (error != 0 && error != EFBIG) { 1667 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1668 error); 1669 m_freem(m0); 1670 return error; 1671 } 1672 if (error != 0) { 1673 mnew = m_defrag(m0, M_DONTWAIT); 1674 if (mnew == NULL) { 1675 device_printf(sc->sc_dev, 1676 "could not defragment mbuf\n"); 1677 m_freem(m0); 1678 return ENOBUFS; 1679 } 1680 m0 = mnew; 1681 1682 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, 1683 segs, &nsegs, 0); 1684 if (error != 0) { 1685 device_printf(sc->sc_dev, 1686 "could not map mbuf (error %d)\n", error); 1687 m_freem(m0); 1688 return error; 1689 } 1690 1691 /* packet header have moved, reset our local pointer */ 1692 wh = mtod(m0, struct ieee80211_frame *); 1693 } 1694 1695 if (bpf_peers_present(sc->sc_drvbpf)) { 1696 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1697 1698 tap->wt_flags = 0; 1699 tap->wt_rate = rate; 1700 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1701 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1702 1703 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1704 } 1705 1706 data->m = m0; 1707 data->ni = ni; 1708 1709 /* remember link conditions for rate adaptation algorithm */ 1710 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) { 1711 data->id.id_len = m0->m_pkthdr.len; 1712 data->id.id_rateidx = ni->ni_txrate; 1713 data->id.id_node = ni; 1714 data->id.id_rssi = ni->ni_rssi; 1715 } else 1716 data->id.id_node = NULL; 1717 1718 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1719 flags |= RT2661_TX_NEED_ACK; 1720 1721 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1722 ic->ic_flags) + RAL_SIFS; 1723 *(uint16_t *)wh->i_dur = htole16(dur); 1724 } 1725 1726 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, segs, 1727 nsegs, ac); 1728 1729 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1730 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1731 1732 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1733 m0->m_pkthdr.len, txq->cur, rate)); 1734 1735 /* kick Tx */ 1736 txq->queued++; 1737 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1738 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1 << ac); 1739 1740 return 0; 1741 } 1742 1743 static void 1744 rt2661_start(struct ifnet *ifp) 1745 { 1746 struct rt2661_softc *sc = ifp->if_softc; 1747 struct ieee80211com *ic = &sc->sc_ic; 1748 struct mbuf *m0; 1749 struct ether_header *eh; 1750 struct ieee80211_node *ni; 1751 int ac; 1752 1753 RAL_LOCK(sc); 1754 1755 /* prevent management frames from being sent if we're not ready */ 1756 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 1757 RAL_UNLOCK(sc); 1758 return; 1759 } 1760 1761 for (;;) { 1762 IF_POLL(&ic->ic_mgtq, m0); 1763 if (m0 != NULL) { 1764 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1765 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1766 break; 1767 } 1768 IF_DEQUEUE(&ic->ic_mgtq, m0); 1769 1770 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1771 m0->m_pkthdr.rcvif = NULL; 1772 1773 if (bpf_peers_present(ic->ic_rawbpf)) 1774 bpf_mtap(ic->ic_rawbpf, m0); 1775 1776 if (rt2661_tx_mgt(sc, m0, ni) != 0) 1777 break; 1778 1779 } else { 1780 if (ic->ic_state != IEEE80211_S_RUN) 1781 break; 1782 1783 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0); 1784 if (m0 == NULL) 1785 break; 1786 1787 if (m0->m_len < sizeof (struct ether_header) && 1788 !(m0 = m_pullup(m0, sizeof (struct ether_header)))) 1789 continue; 1790 1791 eh = mtod(m0, struct ether_header *); 1792 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1793 if (ni == NULL) { 1794 m_freem(m0); 1795 ifp->if_oerrors++; 1796 continue; 1797 } 1798 1799 /* classify mbuf so we can find which tx ring to use */ 1800 if (ieee80211_classify(ic, m0, ni) != 0) { 1801 m_freem(m0); 1802 ieee80211_free_node(ni); 1803 ifp->if_oerrors++; 1804 continue; 1805 } 1806 1807 /* no QoS encapsulation for EAPOL frames */ 1808 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1809 M_WME_GETAC(m0) : WME_AC_BE; 1810 1811 if (sc->txq[ac].queued >= RT2661_TX_RING_COUNT - 1) { 1812 /* there is no place left in this ring */ 1813 IFQ_DRV_PREPEND(&ifp->if_snd, m0); 1814 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1815 break; 1816 } 1817 1818 BPF_MTAP(ifp, m0); 1819 1820 m0 = ieee80211_encap(ic, m0, ni); 1821 if (m0 == NULL) { 1822 ieee80211_free_node(ni); 1823 ifp->if_oerrors++; 1824 continue; 1825 } 1826 1827 if (bpf_peers_present(ic->ic_rawbpf)) 1828 bpf_mtap(ic->ic_rawbpf, m0); 1829 1830 if (rt2661_tx_data(sc, m0, ni, ac) != 0) { 1831 ieee80211_free_node(ni); 1832 ifp->if_oerrors++; 1833 break; 1834 } 1835 } 1836 1837 sc->sc_tx_timer = 5; 1838 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1839 } 1840 1841 RAL_UNLOCK(sc); 1842 } 1843 1844 static void 1845 rt2661_watchdog(void *arg) 1846 { 1847 struct rt2661_softc *sc = (struct rt2661_softc *)arg; 1848 struct ieee80211com *ic = &sc->sc_ic; 1849 1850 if (sc->sc_tx_timer > 0) { 1851 if (--sc->sc_tx_timer == 0) { 1852 device_printf(sc->sc_dev, "device timeout\n"); 1853 rt2661_init(sc); 1854 sc->sc_ifp->if_oerrors++; 1855 return; 1856 } 1857 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc); 1858 } 1859 1860 ieee80211_watchdog(ic); 1861 } 1862 1863 /* 1864 * This function allows for fast channel switching in monitor mode (used by 1865 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to 1866 * generate a new beacon frame. 1867 */ 1868 static int 1869 rt2661_reset(struct ifnet *ifp) 1870 { 1871 struct rt2661_softc *sc = ifp->if_softc; 1872 struct ieee80211com *ic = &sc->sc_ic; 1873 1874 if (ic->ic_opmode != IEEE80211_M_MONITOR) 1875 return ENETRESET; 1876 1877 rt2661_set_chan(sc, ic->ic_curchan); 1878 1879 return 0; 1880 } 1881 1882 static int 1883 rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1884 { 1885 struct rt2661_softc *sc = ifp->if_softc; 1886 struct ieee80211com *ic = &sc->sc_ic; 1887 int error = 0; 1888 1889 RAL_LOCK(sc); 1890 1891 switch (cmd) { 1892 case SIOCSIFFLAGS: 1893 if (ifp->if_flags & IFF_UP) { 1894 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1895 rt2661_update_promisc(sc); 1896 else 1897 rt2661_init(sc); 1898 } else { 1899 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1900 rt2661_stop(sc); 1901 } 1902 break; 1903 1904 default: 1905 error = ieee80211_ioctl(ic, cmd, data); 1906 } 1907 1908 if (error == ENETRESET) { 1909 if ((ifp->if_flags & IFF_UP) && 1910 (ifp->if_drv_flags & IFF_DRV_RUNNING) && 1911 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 1912 rt2661_init(sc); 1913 error = 0; 1914 } 1915 1916 RAL_UNLOCK(sc); 1917 1918 return error; 1919 } 1920 1921 static void 1922 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 1923 { 1924 uint32_t tmp; 1925 int ntries; 1926 1927 for (ntries = 0; ntries < 100; ntries++) { 1928 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1929 break; 1930 DELAY(1); 1931 } 1932 if (ntries == 100) { 1933 device_printf(sc->sc_dev, "could not write to BBP\n"); 1934 return; 1935 } 1936 1937 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 1938 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 1939 1940 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 1941 } 1942 1943 static uint8_t 1944 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 1945 { 1946 uint32_t val; 1947 int ntries; 1948 1949 for (ntries = 0; ntries < 100; ntries++) { 1950 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1951 break; 1952 DELAY(1); 1953 } 1954 if (ntries == 100) { 1955 device_printf(sc->sc_dev, "could not read from BBP\n"); 1956 return 0; 1957 } 1958 1959 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 1960 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 1961 1962 for (ntries = 0; ntries < 100; ntries++) { 1963 val = RAL_READ(sc, RT2661_PHY_CSR3); 1964 if (!(val & RT2661_BBP_BUSY)) 1965 return val & 0xff; 1966 DELAY(1); 1967 } 1968 1969 device_printf(sc->sc_dev, "could not read from BBP\n"); 1970 return 0; 1971 } 1972 1973 static void 1974 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 1975 { 1976 uint32_t tmp; 1977 int ntries; 1978 1979 for (ntries = 0; ntries < 100; ntries++) { 1980 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 1981 break; 1982 DELAY(1); 1983 } 1984 if (ntries == 100) { 1985 device_printf(sc->sc_dev, "could not write to RF\n"); 1986 return; 1987 } 1988 1989 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 1990 (reg & 3); 1991 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 1992 1993 /* remember last written value in sc */ 1994 sc->rf_regs[reg] = val; 1995 1996 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 1997 } 1998 1999 static int 2000 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 2001 { 2002 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 2003 return EIO; /* there is already a command pending */ 2004 2005 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 2006 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 2007 2008 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 2009 2010 return 0; 2011 } 2012 2013 static void 2014 rt2661_select_antenna(struct rt2661_softc *sc) 2015 { 2016 uint8_t bbp4, bbp77; 2017 uint32_t tmp; 2018 2019 bbp4 = rt2661_bbp_read(sc, 4); 2020 bbp77 = rt2661_bbp_read(sc, 77); 2021 2022 /* TBD */ 2023 2024 /* make sure Rx is disabled before switching antenna */ 2025 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2026 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2027 2028 rt2661_bbp_write(sc, 4, bbp4); 2029 rt2661_bbp_write(sc, 77, bbp77); 2030 2031 /* restore Rx filter */ 2032 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2033 } 2034 2035 /* 2036 * Enable multi-rate retries for frames sent at OFDM rates. 2037 * In 802.11b/g mode, allow fallback to CCK rates. 2038 */ 2039 static void 2040 rt2661_enable_mrr(struct rt2661_softc *sc) 2041 { 2042 struct ieee80211com *ic = &sc->sc_ic; 2043 uint32_t tmp; 2044 2045 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2046 2047 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2048 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2049 tmp |= RT2661_MRR_CCK_FALLBACK; 2050 tmp |= RT2661_MRR_ENABLED; 2051 2052 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2053 } 2054 2055 static void 2056 rt2661_set_txpreamble(struct rt2661_softc *sc) 2057 { 2058 uint32_t tmp; 2059 2060 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2061 2062 tmp &= ~RT2661_SHORT_PREAMBLE; 2063 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2064 tmp |= RT2661_SHORT_PREAMBLE; 2065 2066 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2067 } 2068 2069 static void 2070 rt2661_set_basicrates(struct rt2661_softc *sc, 2071 const struct ieee80211_rateset *rs) 2072 { 2073 #define RV(r) ((r) & IEEE80211_RATE_VAL) 2074 struct ieee80211com *ic = &sc->sc_ic; 2075 uint32_t mask = 0; 2076 uint8_t rate; 2077 int i, j; 2078 2079 for (i = 0; i < rs->rs_nrates; i++) { 2080 rate = rs->rs_rates[i]; 2081 2082 if (!(rate & IEEE80211_RATE_BASIC)) 2083 continue; 2084 2085 /* 2086 * Find h/w rate index. We know it exists because the rate 2087 * set has already been negotiated. 2088 */ 2089 for (j = 0; ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates[j] != RV(rate); j++); 2090 2091 mask |= 1 << j; 2092 } 2093 2094 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask); 2095 2096 DPRINTF(("Setting basic rate mask to 0x%x\n", mask)); 2097 #undef RV 2098 } 2099 2100 /* 2101 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2102 * driver. 2103 */ 2104 static void 2105 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2106 { 2107 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2108 uint32_t tmp; 2109 2110 /* update all BBP registers that depend on the band */ 2111 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2112 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2113 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2114 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2115 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2116 } 2117 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2118 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2119 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2120 } 2121 2122 rt2661_bbp_write(sc, 17, bbp17); 2123 rt2661_bbp_write(sc, 96, bbp96); 2124 rt2661_bbp_write(sc, 104, bbp104); 2125 2126 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2127 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2128 rt2661_bbp_write(sc, 75, 0x80); 2129 rt2661_bbp_write(sc, 86, 0x80); 2130 rt2661_bbp_write(sc, 88, 0x80); 2131 } 2132 2133 rt2661_bbp_write(sc, 35, bbp35); 2134 rt2661_bbp_write(sc, 97, bbp97); 2135 rt2661_bbp_write(sc, 98, bbp98); 2136 2137 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2138 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2139 if (IEEE80211_IS_CHAN_2GHZ(c)) 2140 tmp |= RT2661_PA_PE_2GHZ; 2141 else 2142 tmp |= RT2661_PA_PE_5GHZ; 2143 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2144 } 2145 2146 static void 2147 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2148 { 2149 struct ieee80211com *ic = &sc->sc_ic; 2150 const struct rfprog *rfprog; 2151 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2152 int8_t power; 2153 u_int i, chan; 2154 2155 chan = ieee80211_chan2ieee(ic, c); 2156 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2157 return; 2158 2159 /* select the appropriate RF settings based on what EEPROM says */ 2160 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2161 2162 /* find the settings for this channel (we know it exists) */ 2163 for (i = 0; rfprog[i].chan != chan; i++); 2164 2165 power = sc->txpow[i]; 2166 if (power < 0) { 2167 bbp94 += power; 2168 power = 0; 2169 } else if (power > 31) { 2170 bbp94 += power - 31; 2171 power = 31; 2172 } 2173 2174 /* 2175 * If we are switching from the 2GHz band to the 5GHz band or 2176 * vice-versa, BBP registers need to be reprogrammed. 2177 */ 2178 if (c->ic_flags != sc->sc_curchan->ic_flags) { 2179 rt2661_select_band(sc, c); 2180 rt2661_select_antenna(sc); 2181 } 2182 sc->sc_curchan = c; 2183 2184 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2185 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2186 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2187 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2188 2189 DELAY(200); 2190 2191 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2192 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2193 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2194 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2195 2196 DELAY(200); 2197 2198 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2199 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2200 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2201 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2202 2203 /* enable smart mode for MIMO-capable RFs */ 2204 bbp3 = rt2661_bbp_read(sc, 3); 2205 2206 bbp3 &= ~RT2661_SMART_MODE; 2207 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2208 bbp3 |= RT2661_SMART_MODE; 2209 2210 rt2661_bbp_write(sc, 3, bbp3); 2211 2212 if (bbp94 != RT2661_BBPR94_DEFAULT) 2213 rt2661_bbp_write(sc, 94, bbp94); 2214 2215 /* 5GHz radio needs a 1ms delay here */ 2216 if (IEEE80211_IS_CHAN_5GHZ(c)) 2217 DELAY(1000); 2218 } 2219 2220 static void 2221 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2222 { 2223 uint32_t tmp; 2224 2225 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2226 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2227 2228 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2229 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2230 } 2231 2232 static void 2233 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2234 { 2235 uint32_t tmp; 2236 2237 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2238 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2239 2240 tmp = addr[4] | addr[5] << 8; 2241 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2242 } 2243 2244 static void 2245 rt2661_update_promisc(struct rt2661_softc *sc) 2246 { 2247 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2248 uint32_t tmp; 2249 2250 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2251 2252 tmp &= ~RT2661_DROP_NOT_TO_ME; 2253 if (!(ifp->if_flags & IFF_PROMISC)) 2254 tmp |= RT2661_DROP_NOT_TO_ME; 2255 2256 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2257 2258 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2259 "entering" : "leaving")); 2260 } 2261 2262 /* 2263 * Update QoS (802.11e) settings for each h/w Tx ring. 2264 */ 2265 static int 2266 rt2661_wme_update(struct ieee80211com *ic) 2267 { 2268 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 2269 const struct wmeParams *wmep; 2270 2271 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams; 2272 2273 /* XXX: not sure about shifts. */ 2274 /* XXX: the reference driver plays with AC_VI settings too. */ 2275 2276 /* update TxOp */ 2277 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0, 2278 wmep[WME_AC_BE].wmep_txopLimit << 16 | 2279 wmep[WME_AC_BK].wmep_txopLimit); 2280 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1, 2281 wmep[WME_AC_VI].wmep_txopLimit << 16 | 2282 wmep[WME_AC_VO].wmep_txopLimit); 2283 2284 /* update CWmin */ 2285 RAL_WRITE(sc, RT2661_CWMIN_CSR, 2286 wmep[WME_AC_BE].wmep_logcwmin << 12 | 2287 wmep[WME_AC_BK].wmep_logcwmin << 8 | 2288 wmep[WME_AC_VI].wmep_logcwmin << 4 | 2289 wmep[WME_AC_VO].wmep_logcwmin); 2290 2291 /* update CWmax */ 2292 RAL_WRITE(sc, RT2661_CWMAX_CSR, 2293 wmep[WME_AC_BE].wmep_logcwmax << 12 | 2294 wmep[WME_AC_BK].wmep_logcwmax << 8 | 2295 wmep[WME_AC_VI].wmep_logcwmax << 4 | 2296 wmep[WME_AC_VO].wmep_logcwmax); 2297 2298 /* update Aifsn */ 2299 RAL_WRITE(sc, RT2661_AIFSN_CSR, 2300 wmep[WME_AC_BE].wmep_aifsn << 12 | 2301 wmep[WME_AC_BK].wmep_aifsn << 8 | 2302 wmep[WME_AC_VI].wmep_aifsn << 4 | 2303 wmep[WME_AC_VO].wmep_aifsn); 2304 2305 return 0; 2306 } 2307 2308 static void 2309 rt2661_update_slot(struct ifnet *ifp) 2310 { 2311 struct rt2661_softc *sc = ifp->if_softc; 2312 struct ieee80211com *ic = &sc->sc_ic; 2313 uint8_t slottime; 2314 uint32_t tmp; 2315 2316 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2317 2318 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2319 tmp = (tmp & ~0xff) | slottime; 2320 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2321 } 2322 2323 static const char * 2324 rt2661_get_rf(int rev) 2325 { 2326 switch (rev) { 2327 case RT2661_RF_5225: return "RT5225"; 2328 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2329 case RT2661_RF_2527: return "RT2527"; 2330 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2331 default: return "unknown"; 2332 } 2333 } 2334 2335 static void 2336 rt2661_read_eeprom(struct rt2661_softc *sc) 2337 { 2338 struct ieee80211com *ic = &sc->sc_ic; 2339 uint16_t val; 2340 int i; 2341 2342 /* read MAC address */ 2343 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2344 ic->ic_myaddr[0] = val & 0xff; 2345 ic->ic_myaddr[1] = val >> 8; 2346 2347 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2348 ic->ic_myaddr[2] = val & 0xff; 2349 ic->ic_myaddr[3] = val >> 8; 2350 2351 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2352 ic->ic_myaddr[4] = val & 0xff; 2353 ic->ic_myaddr[5] = val >> 8; 2354 2355 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2356 /* XXX: test if different from 0xffff? */ 2357 sc->rf_rev = (val >> 11) & 0x1f; 2358 sc->hw_radio = (val >> 10) & 0x1; 2359 sc->rx_ant = (val >> 4) & 0x3; 2360 sc->tx_ant = (val >> 2) & 0x3; 2361 sc->nb_ant = val & 0x3; 2362 2363 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2364 2365 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2366 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2367 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2368 2369 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2370 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2371 2372 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2373 if ((val & 0xff) != 0xff) 2374 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2375 2376 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2377 if ((val & 0xff) != 0xff) 2378 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2379 2380 /* adjust RSSI correction for external low-noise amplifier */ 2381 if (sc->ext_2ghz_lna) 2382 sc->rssi_2ghz_corr -= 14; 2383 if (sc->ext_5ghz_lna) 2384 sc->rssi_5ghz_corr -= 14; 2385 2386 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2387 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2388 2389 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2390 if ((val >> 8) != 0xff) 2391 sc->rfprog = (val >> 8) & 0x3; 2392 if ((val & 0xff) != 0xff) 2393 sc->rffreq = val & 0xff; 2394 2395 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2396 2397 /* read Tx power for all a/b/g channels */ 2398 for (i = 0; i < 19; i++) { 2399 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2400 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2401 DPRINTF(("Channel=%d Tx power=%d\n", 2402 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2403 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2404 DPRINTF(("Channel=%d Tx power=%d\n", 2405 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2406 } 2407 2408 /* read vendor-specific BBP values */ 2409 for (i = 0; i < 16; i++) { 2410 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2411 if (val == 0 || val == 0xffff) 2412 continue; /* skip invalid entries */ 2413 sc->bbp_prom[i].reg = val >> 8; 2414 sc->bbp_prom[i].val = val & 0xff; 2415 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2416 sc->bbp_prom[i].val)); 2417 } 2418 } 2419 2420 static int 2421 rt2661_bbp_init(struct rt2661_softc *sc) 2422 { 2423 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2424 int i, ntries; 2425 uint8_t val; 2426 2427 /* wait for BBP to be ready */ 2428 for (ntries = 0; ntries < 100; ntries++) { 2429 val = rt2661_bbp_read(sc, 0); 2430 if (val != 0 && val != 0xff) 2431 break; 2432 DELAY(100); 2433 } 2434 if (ntries == 100) { 2435 device_printf(sc->sc_dev, "timeout waiting for BBP\n"); 2436 return EIO; 2437 } 2438 2439 /* initialize BBP registers to default values */ 2440 for (i = 0; i < N(rt2661_def_bbp); i++) { 2441 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2442 rt2661_def_bbp[i].val); 2443 } 2444 2445 /* write vendor-specific BBP values (from EEPROM) */ 2446 for (i = 0; i < 16; i++) { 2447 if (sc->bbp_prom[i].reg == 0) 2448 continue; 2449 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2450 } 2451 2452 return 0; 2453 #undef N 2454 } 2455 2456 static void 2457 rt2661_init(void *priv) 2458 { 2459 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2460 struct rt2661_softc *sc = priv; 2461 struct ieee80211com *ic = &sc->sc_ic; 2462 struct ifnet *ifp = ic->ic_ifp; 2463 uint32_t tmp, sta[3]; 2464 int i, ntries; 2465 2466 RAL_LOCK(sc); 2467 2468 rt2661_stop(sc); 2469 2470 /* initialize Tx rings */ 2471 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2472 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2473 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2474 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2475 2476 /* initialize Mgt ring */ 2477 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2478 2479 /* initialize Rx ring */ 2480 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2481 2482 /* initialize Tx rings sizes */ 2483 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2484 RT2661_TX_RING_COUNT << 24 | 2485 RT2661_TX_RING_COUNT << 16 | 2486 RT2661_TX_RING_COUNT << 8 | 2487 RT2661_TX_RING_COUNT); 2488 2489 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2490 RT2661_TX_DESC_WSIZE << 16 | 2491 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2492 RT2661_MGT_RING_COUNT); 2493 2494 /* initialize Rx rings */ 2495 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2496 RT2661_RX_DESC_BACK << 16 | 2497 RT2661_RX_DESC_WSIZE << 8 | 2498 RT2661_RX_RING_COUNT); 2499 2500 /* XXX: some magic here */ 2501 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2502 2503 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2504 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2505 2506 /* load base address of Rx ring */ 2507 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2508 2509 /* initialize MAC registers to default values */ 2510 for (i = 0; i < N(rt2661_def_mac); i++) 2511 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2512 2513 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2514 rt2661_set_macaddr(sc, ic->ic_myaddr); 2515 2516 /* set host ready */ 2517 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2518 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2519 2520 /* wait for BBP/RF to wakeup */ 2521 for (ntries = 0; ntries < 1000; ntries++) { 2522 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2523 break; 2524 DELAY(1000); 2525 } 2526 if (ntries == 1000) { 2527 printf("timeout waiting for BBP/RF to wakeup\n"); 2528 rt2661_stop(sc); 2529 RAL_UNLOCK(sc); 2530 return; 2531 } 2532 2533 if (rt2661_bbp_init(sc) != 0) { 2534 rt2661_stop(sc); 2535 RAL_UNLOCK(sc); 2536 return; 2537 } 2538 2539 /* select default channel */ 2540 sc->sc_curchan = ic->ic_curchan; 2541 rt2661_select_band(sc, sc->sc_curchan); 2542 rt2661_select_antenna(sc); 2543 rt2661_set_chan(sc, sc->sc_curchan); 2544 2545 /* update Rx filter */ 2546 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2547 2548 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2549 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2550 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2551 RT2661_DROP_ACKCTS; 2552 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2553 tmp |= RT2661_DROP_TODS; 2554 if (!(ifp->if_flags & IFF_PROMISC)) 2555 tmp |= RT2661_DROP_NOT_TO_ME; 2556 } 2557 2558 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2559 2560 /* clear STA registers */ 2561 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta)); 2562 2563 /* initialize ASIC */ 2564 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2565 2566 /* clear any pending interrupt */ 2567 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2568 2569 /* enable interrupts */ 2570 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2571 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2572 2573 /* kick Rx */ 2574 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2575 2576 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2577 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2578 2579 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2580 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2581 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2582 } else 2583 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2584 2585 RAL_UNLOCK(sc); 2586 #undef N 2587 } 2588 2589 void 2590 rt2661_stop(void *priv) 2591 { 2592 struct rt2661_softc *sc = priv; 2593 struct ieee80211com *ic = &sc->sc_ic; 2594 struct ifnet *ifp = ic->ic_ifp; 2595 uint32_t tmp; 2596 2597 sc->sc_tx_timer = 0; 2598 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 2599 2600 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2601 2602 /* abort Tx (for all 5 Tx rings) */ 2603 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2604 2605 /* disable Rx (value remains after reset!) */ 2606 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2607 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2608 2609 /* reset ASIC */ 2610 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2611 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2612 2613 /* disable interrupts */ 2614 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffffff); 2615 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2616 2617 /* clear any pending interrupt */ 2618 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2619 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2620 2621 /* reset Tx and Rx rings */ 2622 rt2661_reset_tx_ring(sc, &sc->txq[0]); 2623 rt2661_reset_tx_ring(sc, &sc->txq[1]); 2624 rt2661_reset_tx_ring(sc, &sc->txq[2]); 2625 rt2661_reset_tx_ring(sc, &sc->txq[3]); 2626 rt2661_reset_tx_ring(sc, &sc->mgtq); 2627 rt2661_reset_rx_ring(sc, &sc->rxq); 2628 } 2629 2630 static int 2631 rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size) 2632 { 2633 int ntries; 2634 2635 /* reset 8051 */ 2636 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2637 2638 /* cancel any pending Host to MCU command */ 2639 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2640 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2641 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2642 2643 /* write 8051's microcode */ 2644 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2645 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size); 2646 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2647 2648 /* kick 8051's ass */ 2649 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2650 2651 /* wait for 8051 to initialize */ 2652 for (ntries = 0; ntries < 500; ntries++) { 2653 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2654 break; 2655 DELAY(100); 2656 } 2657 if (ntries == 500) { 2658 printf("timeout waiting for MCU to initialize\n"); 2659 return EIO; 2660 } 2661 return 0; 2662 } 2663 2664 #ifdef notyet 2665 /* 2666 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2667 * false CCA count. This function is called periodically (every seconds) when 2668 * in the RUN state. Values taken from the reference driver. 2669 */ 2670 static void 2671 rt2661_rx_tune(struct rt2661_softc *sc) 2672 { 2673 uint8_t bbp17; 2674 uint16_t cca; 2675 int lo, hi, dbm; 2676 2677 /* 2678 * Tuning range depends on operating band and on the presence of an 2679 * external low-noise amplifier. 2680 */ 2681 lo = 0x20; 2682 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2683 lo += 0x08; 2684 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2685 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2686 lo += 0x10; 2687 hi = lo + 0x20; 2688 2689 /* retrieve false CCA count since last call (clear on read) */ 2690 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2691 2692 if (dbm >= -35) { 2693 bbp17 = 0x60; 2694 } else if (dbm >= -58) { 2695 bbp17 = hi; 2696 } else if (dbm >= -66) { 2697 bbp17 = lo + 0x10; 2698 } else if (dbm >= -74) { 2699 bbp17 = lo + 0x08; 2700 } else { 2701 /* RSSI < -74dBm, tune using false CCA count */ 2702 2703 bbp17 = sc->bbp17; /* current value */ 2704 2705 hi -= 2 * (-74 - dbm); 2706 if (hi < lo) 2707 hi = lo; 2708 2709 if (bbp17 > hi) { 2710 bbp17 = hi; 2711 2712 } else if (cca > 512) { 2713 if (++bbp17 > hi) 2714 bbp17 = hi; 2715 } else if (cca < 100) { 2716 if (--bbp17 < lo) 2717 bbp17 = lo; 2718 } 2719 } 2720 2721 if (bbp17 != sc->bbp17) { 2722 rt2661_bbp_write(sc, 17, bbp17); 2723 sc->bbp17 = bbp17; 2724 } 2725 } 2726 2727 /* 2728 * Enter/Leave radar detection mode. 2729 * This is for 802.11h additional regulatory domains. 2730 */ 2731 static void 2732 rt2661_radar_start(struct rt2661_softc *sc) 2733 { 2734 uint32_t tmp; 2735 2736 /* disable Rx */ 2737 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2738 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2739 2740 rt2661_bbp_write(sc, 82, 0x20); 2741 rt2661_bbp_write(sc, 83, 0x00); 2742 rt2661_bbp_write(sc, 84, 0x40); 2743 2744 /* save current BBP registers values */ 2745 sc->bbp18 = rt2661_bbp_read(sc, 18); 2746 sc->bbp21 = rt2661_bbp_read(sc, 21); 2747 sc->bbp22 = rt2661_bbp_read(sc, 22); 2748 sc->bbp16 = rt2661_bbp_read(sc, 16); 2749 sc->bbp17 = rt2661_bbp_read(sc, 17); 2750 sc->bbp64 = rt2661_bbp_read(sc, 64); 2751 2752 rt2661_bbp_write(sc, 18, 0xff); 2753 rt2661_bbp_write(sc, 21, 0x3f); 2754 rt2661_bbp_write(sc, 22, 0x3f); 2755 rt2661_bbp_write(sc, 16, 0xbd); 2756 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2757 rt2661_bbp_write(sc, 64, 0x21); 2758 2759 /* restore Rx filter */ 2760 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2761 } 2762 2763 static int 2764 rt2661_radar_stop(struct rt2661_softc *sc) 2765 { 2766 uint8_t bbp66; 2767 2768 /* read radar detection result */ 2769 bbp66 = rt2661_bbp_read(sc, 66); 2770 2771 /* restore BBP registers values */ 2772 rt2661_bbp_write(sc, 16, sc->bbp16); 2773 rt2661_bbp_write(sc, 17, sc->bbp17); 2774 rt2661_bbp_write(sc, 18, sc->bbp18); 2775 rt2661_bbp_write(sc, 21, sc->bbp21); 2776 rt2661_bbp_write(sc, 22, sc->bbp22); 2777 rt2661_bbp_write(sc, 64, sc->bbp64); 2778 2779 return bbp66 == 1; 2780 } 2781 #endif 2782 2783 static int 2784 rt2661_prepare_beacon(struct rt2661_softc *sc) 2785 { 2786 struct ieee80211com *ic = &sc->sc_ic; 2787 struct ieee80211_beacon_offsets bo; 2788 struct rt2661_tx_desc desc; 2789 struct mbuf *m0; 2790 int rate; 2791 2792 m0 = ieee80211_beacon_alloc(ic, ic->ic_bss, &bo); 2793 if (m0 == NULL) { 2794 device_printf(sc->sc_dev, "could not allocate beacon frame\n"); 2795 return ENOBUFS; 2796 } 2797 2798 /* send beacons at the lowest available rate */ 2799 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2; 2800 2801 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2802 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT); 2803 2804 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2805 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2806 2807 /* copy beacon header and payload into NIC memory */ 2808 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2809 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2810 2811 m_freem(m0); 2812 2813 return 0; 2814 } 2815 2816 /* 2817 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 2818 * and HostAP operating modes. 2819 */ 2820 static void 2821 rt2661_enable_tsf_sync(struct rt2661_softc *sc) 2822 { 2823 struct ieee80211com *ic = &sc->sc_ic; 2824 uint32_t tmp; 2825 2826 if (ic->ic_opmode != IEEE80211_M_STA) { 2827 /* 2828 * Change default 16ms TBTT adjustment to 8ms. 2829 * Must be done before enabling beacon generation. 2830 */ 2831 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 2832 } 2833 2834 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 2835 2836 /* set beacon interval (in 1/16ms unit) */ 2837 tmp |= ic->ic_bss->ni_intval * 16; 2838 2839 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 2840 if (ic->ic_opmode == IEEE80211_M_STA) 2841 tmp |= RT2661_TSF_MODE(1); 2842 else 2843 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 2844 2845 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 2846 } 2847 2848 /* 2849 * Retrieve the "Received Signal Strength Indicator" from the raw values 2850 * contained in Rx descriptors. The computation depends on which band the 2851 * frame was received. Correction values taken from the reference driver. 2852 */ 2853 static int 2854 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 2855 { 2856 int lna, agc, rssi; 2857 2858 lna = (raw >> 5) & 0x3; 2859 agc = raw & 0x1f; 2860 2861 rssi = 2 * agc; 2862 2863 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 2864 rssi += sc->rssi_2ghz_corr; 2865 2866 if (lna == 1) 2867 rssi -= 64; 2868 else if (lna == 2) 2869 rssi -= 74; 2870 else if (lna == 3) 2871 rssi -= 90; 2872 } else { 2873 rssi += sc->rssi_5ghz_corr; 2874 2875 if (lna == 1) 2876 rssi -= 64; 2877 else if (lna == 2) 2878 rssi -= 86; 2879 else if (lna == 3) 2880 rssi -= 100; 2881 } 2882 return rssi; 2883 } 2884