1 /* $NetBSD: rt2661.c,v 1.36 2017/10/23 09:31:17 msaitoh Exp $ */ 2 /* $OpenBSD: rt2661.c,v 1.17 2006/05/01 08:41:11 damien Exp $ */ 3 /* $FreeBSD: rt2560.c,v 1.5 2006/06/02 19:59:31 csjp Exp $ */ 4 5 /*- 6 * Copyright (c) 2006 7 * Damien Bergamini <damien.bergamini@free.fr> 8 * 9 * Permission to use, copy, modify, and distribute this software for any 10 * purpose with or without fee is hereby granted, provided that the above 11 * copyright notice and this permission notice appear in all copies. 12 * 13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20 */ 21 22 /*- 23 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 24 * http://www.ralinktech.com/ 25 */ 26 27 #include <sys/cdefs.h> 28 __KERNEL_RCSID(0, "$NetBSD: rt2661.c,v 1.36 2017/10/23 09:31:17 msaitoh Exp $"); 29 30 31 #include <sys/param.h> 32 #include <sys/sockio.h> 33 #include <sys/sysctl.h> 34 #include <sys/mbuf.h> 35 #include <sys/kernel.h> 36 #include <sys/socket.h> 37 #include <sys/systm.h> 38 #include <sys/malloc.h> 39 #include <sys/callout.h> 40 #include <sys/conf.h> 41 #include <sys/device.h> 42 43 #include <sys/bus.h> 44 #include <machine/endian.h> 45 #include <sys/intr.h> 46 47 #include <net/bpf.h> 48 #include <net/if.h> 49 #include <net/if_arp.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 #include <net/if_ether.h> 54 55 #include <netinet/in.h> 56 #include <netinet/in_systm.h> 57 #include <netinet/in_var.h> 58 #include <netinet/ip.h> 59 60 #include <net80211/ieee80211_var.h> 61 #include <net80211/ieee80211_amrr.h> 62 #include <net80211/ieee80211_radiotap.h> 63 64 #include <dev/ic/rt2661reg.h> 65 #include <dev/ic/rt2661var.h> 66 67 #include <dev/pci/pcireg.h> 68 #include <dev/pci/pcivar.h> 69 #include <dev/pci/pcidevs.h> 70 71 #include <dev/firmload.h> 72 73 #ifdef RAL_DEBUG 74 #define DPRINTF(x) do { if (rt2661_debug > 0) printf x; } while (0) 75 #define DPRINTFN(n, x) do { if (rt2661_debug >= (n)) printf x; } while (0) 76 int rt2661_debug = 0; 77 #else 78 #define DPRINTF(x) 79 #define DPRINTFN(n, x) 80 #endif 81 82 static int rt2661_alloc_tx_ring(struct rt2661_softc *, 83 struct rt2661_tx_ring *, int); 84 static void rt2661_reset_tx_ring(struct rt2661_softc *, 85 struct rt2661_tx_ring *); 86 static void rt2661_free_tx_ring(struct rt2661_softc *, 87 struct rt2661_tx_ring *); 88 static int rt2661_alloc_rx_ring(struct rt2661_softc *, 89 struct rt2661_rx_ring *, int); 90 static void rt2661_reset_rx_ring(struct rt2661_softc *, 91 struct rt2661_rx_ring *); 92 static void rt2661_free_rx_ring(struct rt2661_softc *, 93 struct rt2661_rx_ring *); 94 static struct ieee80211_node * 95 rt2661_node_alloc(struct ieee80211_node_table *); 96 static int rt2661_media_change(struct ifnet *); 97 static void rt2661_next_scan(void *); 98 static void rt2661_iter_func(void *, struct ieee80211_node *); 99 static void rt2661_updatestats(void *); 100 static void rt2661_newassoc(struct ieee80211_node *, int); 101 static int rt2661_newstate(struct ieee80211com *, enum ieee80211_state, 102 int); 103 static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 104 static void rt2661_tx_intr(struct rt2661_softc *); 105 static void rt2661_tx_dma_intr(struct rt2661_softc *, 106 struct rt2661_tx_ring *); 107 static void rt2661_rx_intr(struct rt2661_softc *); 108 static void rt2661_mcu_beacon_expire(struct rt2661_softc *); 109 static void rt2661_mcu_wakeup(struct rt2661_softc *); 110 static void rt2661_mcu_cmd_intr(struct rt2661_softc *); 111 int rt2661_intr(void *); 112 static uint8_t rt2661_rxrate(struct rt2661_rx_desc *); 113 static int rt2661_ack_rate(struct ieee80211com *, int); 114 static uint16_t rt2661_txtime(int, int, uint32_t); 115 static uint8_t rt2661_plcp_signal(int); 116 static void rt2661_setup_tx_desc(struct rt2661_softc *, 117 struct rt2661_tx_desc *, uint32_t, uint16_t, int, int, 118 const bus_dma_segment_t *, int, int); 119 static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 120 struct ieee80211_node *); 121 static struct mbuf * 122 rt2661_get_rts(struct rt2661_softc *, 123 struct ieee80211_frame *, uint16_t); 124 static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 125 struct ieee80211_node *, int); 126 static void rt2661_start(struct ifnet *); 127 static void rt2661_watchdog(struct ifnet *); 128 static int rt2661_reset(struct ifnet *); 129 static int rt2661_ioctl(struct ifnet *, u_long, void *); 130 static void rt2661_bbp_write(struct rt2661_softc *, uint8_t, uint8_t); 131 static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 132 static void rt2661_rf_write(struct rt2661_softc *, uint8_t, uint32_t); 133 static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, uint16_t); 134 static void rt2661_select_antenna(struct rt2661_softc *); 135 static void rt2661_enable_mrr(struct rt2661_softc *); 136 static void rt2661_set_txpreamble(struct rt2661_softc *); 137 static void rt2661_set_basicrates(struct rt2661_softc *, 138 const struct ieee80211_rateset *); 139 static void rt2661_select_band(struct rt2661_softc *, 140 struct ieee80211_channel *); 141 static void rt2661_set_chan(struct rt2661_softc *, 142 struct ieee80211_channel *); 143 static void rt2661_set_bssid(struct rt2661_softc *, const uint8_t *); 144 static void rt2661_set_macaddr(struct rt2661_softc *, const uint8_t *); 145 static void rt2661_update_promisc(struct rt2661_softc *); 146 #if 0 147 static int rt2661_wme_update(struct ieee80211com *); 148 #endif 149 150 static void rt2661_updateslot(struct ifnet *); 151 static void rt2661_set_slottime(struct rt2661_softc *); 152 static const char * 153 rt2661_get_rf(int); 154 static void rt2661_read_eeprom(struct rt2661_softc *); 155 static int rt2661_bbp_init(struct rt2661_softc *); 156 static int rt2661_init(struct ifnet *); 157 static void rt2661_stop(struct ifnet *, int); 158 static int rt2661_load_microcode(struct rt2661_softc *, const uint8_t *, 159 int); 160 static void rt2661_rx_tune(struct rt2661_softc *); 161 #ifdef notyet 162 static void rt2661_radar_start(struct rt2661_softc *); 163 static int rt2661_radar_stop(struct rt2661_softc *); 164 #endif 165 static int rt2661_prepare_beacon(struct rt2661_softc *); 166 static void rt2661_enable_tsf_sync(struct rt2661_softc *); 167 static int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 168 static void rt2661_softintr(void *); 169 170 /* 171 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 172 */ 173 static const struct ieee80211_rateset rt2661_rateset_11a = 174 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 175 176 static const struct ieee80211_rateset rt2661_rateset_11b = 177 { 4, { 2, 4, 11, 22 } }; 178 179 static const struct ieee80211_rateset rt2661_rateset_11g = 180 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 181 182 static const struct { 183 uint32_t reg; 184 uint32_t val; 185 } rt2661_def_mac[] = { 186 RT2661_DEF_MAC 187 }; 188 189 static const struct { 190 uint8_t reg; 191 uint8_t val; 192 } rt2661_def_bbp[] = { 193 RT2661_DEF_BBP 194 }; 195 196 static const struct rfprog { 197 uint8_t chan; 198 uint32_t r1, r2, r3, r4; 199 } rt2661_rf5225_1[] = { 200 RT2661_RF5225_1 201 }, rt2661_rf5225_2[] = { 202 RT2661_RF5225_2 203 }; 204 205 int 206 rt2661_attach(void *xsc, int id) 207 { 208 struct rt2661_softc *sc = xsc; 209 struct ieee80211com *ic = &sc->sc_ic; 210 struct ifnet *ifp = &sc->sc_if; 211 uint32_t val; 212 int error, i, ntries; 213 214 sc->sc_id = id; 215 216 sc->amrr.amrr_min_success_threshold = 1; 217 sc->amrr.amrr_max_success_threshold = 15; 218 callout_init(&sc->scan_ch, 0); 219 callout_init(&sc->amrr_ch, 0); 220 221 /* wait for NIC to initialize */ 222 for (ntries = 0; ntries < 1000; ntries++) { 223 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 224 break; 225 DELAY(1000); 226 } 227 if (ntries == 1000) { 228 aprint_error_dev(sc->sc_dev, "timeout waiting for NIC to initialize\n"); 229 return EIO; 230 } 231 232 /* retrieve RF rev. no and various other things from EEPROM */ 233 rt2661_read_eeprom(sc); 234 aprint_normal_dev(sc->sc_dev, "802.11 address %s\n", 235 ether_sprintf(ic->ic_myaddr)); 236 237 aprint_normal_dev(sc->sc_dev, "MAC/BBP RT%X, RF %s\n", val, 238 rt2661_get_rf(sc->rf_rev)); 239 240 sc->sc_soft_ih = softint_establish(SOFTINT_NET, rt2661_softintr, sc); 241 if (sc->sc_soft_ih == NULL) { 242 aprint_error_dev(sc->sc_dev, "could not establish softint\n"); 243 goto fail0; 244 } 245 246 /* 247 * Allocate Tx and Rx rings. 248 */ 249 error = rt2661_alloc_tx_ring(sc, &sc->txq[0], RT2661_TX_RING_COUNT); 250 if (error != 0) { 251 aprint_error_dev(sc->sc_dev, "could not allocate Tx ring 0\n"); 252 goto fail1; 253 } 254 255 error = rt2661_alloc_tx_ring(sc, &sc->txq[1], RT2661_TX_RING_COUNT); 256 if (error != 0) { 257 aprint_error_dev(sc->sc_dev, "could not allocate Tx ring 1\n"); 258 goto fail2; 259 } 260 261 error = rt2661_alloc_tx_ring(sc, &sc->txq[2], RT2661_TX_RING_COUNT); 262 if (error != 0) { 263 aprint_error_dev(sc->sc_dev, "could not allocate Tx ring 2\n"); 264 goto fail3; 265 } 266 267 error = rt2661_alloc_tx_ring(sc, &sc->txq[3], RT2661_TX_RING_COUNT); 268 if (error != 0) { 269 aprint_error_dev(sc->sc_dev, "could not allocate Tx ring 3\n"); 270 goto fail4; 271 } 272 273 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 274 if (error != 0) { 275 aprint_error_dev(sc->sc_dev, "could not allocate Mgt ring\n"); 276 goto fail5; 277 } 278 279 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 280 if (error != 0) { 281 aprint_error_dev(sc->sc_dev, "could not allocate Rx ring\n"); 282 goto fail6; 283 } 284 285 ifp->if_softc = sc; 286 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 287 ifp->if_init = rt2661_init; 288 ifp->if_stop = rt2661_stop; 289 ifp->if_ioctl = rt2661_ioctl; 290 ifp->if_start = rt2661_start; 291 ifp->if_watchdog = rt2661_watchdog; 292 IFQ_SET_READY(&ifp->if_snd); 293 memcpy(ifp->if_xname, device_xname(sc->sc_dev), IFNAMSIZ); 294 295 ic->ic_ifp = ifp; 296 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 297 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 298 ic->ic_state = IEEE80211_S_INIT; 299 300 /* set device capabilities */ 301 ic->ic_caps = 302 IEEE80211_C_IBSS | /* IBSS mode supported */ 303 IEEE80211_C_MONITOR | /* monitor mode supported */ 304 IEEE80211_C_HOSTAP | /* HostAP mode supported */ 305 IEEE80211_C_TXPMGT | /* tx power management */ 306 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 307 IEEE80211_C_SHSLOT | /* short slot time supported */ 308 IEEE80211_C_WPA; /* 802.11i */ 309 310 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) { 311 /* set supported .11a rates */ 312 ic->ic_sup_rates[IEEE80211_MODE_11A] = rt2661_rateset_11a; 313 314 /* set supported .11a channels */ 315 for (i = 36; i <= 64; i += 4) { 316 ic->ic_channels[i].ic_freq = 317 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 318 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 319 } 320 for (i = 100; i <= 140; i += 4) { 321 ic->ic_channels[i].ic_freq = 322 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 323 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 324 } 325 for (i = 149; i <= 165; i += 4) { 326 ic->ic_channels[i].ic_freq = 327 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 328 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 329 } 330 } 331 332 /* set supported .11b and .11g rates */ 333 ic->ic_sup_rates[IEEE80211_MODE_11B] = rt2661_rateset_11b; 334 ic->ic_sup_rates[IEEE80211_MODE_11G] = rt2661_rateset_11g; 335 336 /* set supported .11b and .11g channels (1 through 14) */ 337 for (i = 1; i <= 14; i++) { 338 ic->ic_channels[i].ic_freq = 339 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 340 ic->ic_channels[i].ic_flags = 341 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 342 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 343 } 344 345 error = if_initialize(ifp); 346 if (error != 0) { 347 aprint_error_dev(sc->sc_dev, "if_initialize failed(%d)\n", 348 error); 349 goto fail7; 350 } 351 ieee80211_ifattach(ic); 352 /* Use common softint-based if_input */ 353 ifp->if_percpuq = if_percpuq_create(ifp); 354 if_register(ifp); 355 356 ic->ic_node_alloc = rt2661_node_alloc; 357 ic->ic_newassoc = rt2661_newassoc; 358 ic->ic_updateslot = rt2661_updateslot; 359 ic->ic_reset = rt2661_reset; 360 361 /* override state transition machine */ 362 sc->sc_newstate = ic->ic_newstate; 363 ic->ic_newstate = rt2661_newstate; 364 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status); 365 366 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 367 sizeof(struct ieee80211_frame) + sizeof(sc->sc_txtap), 368 &sc->sc_drvbpf); 369 370 sc->sc_rxtap_len = roundup(sizeof(sc->sc_rxtap), sizeof(u_int32_t)); 371 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 372 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 373 374 sc->sc_txtap_len = roundup(sizeof(sc->sc_txtap), sizeof(u_int32_t)); 375 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 376 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 377 378 ieee80211_announce(ic); 379 380 if (pmf_device_register(sc->sc_dev, NULL, NULL)) 381 pmf_class_network_register(sc->sc_dev, ifp); 382 else 383 aprint_error_dev(sc->sc_dev, 384 "couldn't establish power handler\n"); 385 386 return 0; 387 388 fail7: rt2661_free_rx_ring(sc, &sc->rxq); 389 fail6: rt2661_free_tx_ring(sc, &sc->mgtq); 390 fail5: rt2661_free_tx_ring(sc, &sc->txq[3]); 391 fail4: rt2661_free_tx_ring(sc, &sc->txq[2]); 392 fail3: rt2661_free_tx_ring(sc, &sc->txq[1]); 393 fail2: rt2661_free_tx_ring(sc, &sc->txq[0]); 394 fail1: softint_disestablish(sc->sc_soft_ih); 395 sc->sc_soft_ih = NULL; 396 fail0: return ENXIO; 397 } 398 399 int 400 rt2661_detach(void *xsc) 401 { 402 struct rt2661_softc *sc = xsc; 403 struct ifnet *ifp = &sc->sc_if; 404 405 callout_stop(&sc->scan_ch); 406 callout_stop(&sc->amrr_ch); 407 408 pmf_device_deregister(sc->sc_dev); 409 410 ieee80211_ifdetach(&sc->sc_ic); 411 if_detach(ifp); 412 413 rt2661_free_tx_ring(sc, &sc->txq[0]); 414 rt2661_free_tx_ring(sc, &sc->txq[1]); 415 rt2661_free_tx_ring(sc, &sc->txq[2]); 416 rt2661_free_tx_ring(sc, &sc->txq[3]); 417 rt2661_free_tx_ring(sc, &sc->mgtq); 418 rt2661_free_rx_ring(sc, &sc->rxq); 419 420 if (sc->sc_soft_ih != NULL) { 421 softint_disestablish(sc->sc_soft_ih); 422 sc->sc_soft_ih = NULL; 423 } 424 425 return 0; 426 } 427 428 static int 429 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 430 int count) 431 { 432 int i, nsegs, error; 433 434 ring->count = count; 435 ring->queued = 0; 436 ring->cur = ring->next = ring->stat = 0; 437 438 error = bus_dmamap_create(sc->sc_dmat, count * RT2661_TX_DESC_SIZE, 1, 439 count * RT2661_TX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map); 440 if (error != 0) { 441 aprint_error_dev(sc->sc_dev, "could not create desc DMA map\n"); 442 goto fail; 443 } 444 445 error = bus_dmamem_alloc(sc->sc_dmat, count * RT2661_TX_DESC_SIZE, 446 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT); 447 if (error != 0) { 448 aprint_error_dev(sc->sc_dev, "could not allocate DMA memory\n"); 449 goto fail; 450 } 451 452 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 453 count * RT2661_TX_DESC_SIZE, (void **)&ring->desc, 454 BUS_DMA_NOWAIT); 455 if (error != 0) { 456 aprint_error_dev(sc->sc_dev, "could not map desc DMA memory\n"); 457 goto fail; 458 } 459 460 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 461 count * RT2661_TX_DESC_SIZE, NULL, BUS_DMA_NOWAIT); 462 if (error != 0) { 463 aprint_error_dev(sc->sc_dev, "could not load desc DMA map\n"); 464 goto fail; 465 } 466 467 memset(ring->desc, 0, count * RT2661_TX_DESC_SIZE); 468 ring->physaddr = ring->map->dm_segs->ds_addr; 469 470 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF, 471 M_NOWAIT); 472 if (ring->data == NULL) { 473 aprint_error_dev(sc->sc_dev, "could not allocate soft data\n"); 474 error = ENOMEM; 475 goto fail; 476 } 477 478 memset(ring->data, 0, count * sizeof (struct rt2661_tx_data)); 479 for (i = 0; i < count; i++) { 480 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 481 RT2661_MAX_SCATTER, MCLBYTES, 0, BUS_DMA_NOWAIT, 482 &ring->data[i].map); 483 if (error != 0) { 484 aprint_error_dev(sc->sc_dev, "could not create DMA map\n"); 485 goto fail; 486 } 487 } 488 489 return 0; 490 491 fail: rt2661_free_tx_ring(sc, ring); 492 return error; 493 } 494 495 static void 496 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 497 { 498 struct rt2661_tx_desc *desc; 499 struct rt2661_tx_data *data; 500 int i; 501 502 for (i = 0; i < ring->count; i++) { 503 desc = &ring->desc[i]; 504 data = &ring->data[i]; 505 506 if (data->m != NULL) { 507 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 508 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 509 bus_dmamap_unload(sc->sc_dmat, data->map); 510 m_freem(data->m); 511 data->m = NULL; 512 } 513 514 if (data->ni != NULL) { 515 ieee80211_free_node(data->ni); 516 data->ni = NULL; 517 } 518 519 desc->flags = 0; 520 } 521 522 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 523 BUS_DMASYNC_PREWRITE); 524 525 ring->queued = 0; 526 ring->cur = ring->next = ring->stat = 0; 527 } 528 529 530 static void 531 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 532 { 533 struct rt2661_tx_data *data; 534 int i; 535 536 if (ring->desc != NULL) { 537 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 538 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 539 bus_dmamap_unload(sc->sc_dmat, ring->map); 540 bus_dmamem_unmap(sc->sc_dmat, (void *)ring->desc, 541 ring->count * RT2661_TX_DESC_SIZE); 542 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 543 } 544 545 if (ring->data != NULL) { 546 for (i = 0; i < ring->count; i++) { 547 data = &ring->data[i]; 548 549 if (data->m != NULL) { 550 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 551 data->map->dm_mapsize, 552 BUS_DMASYNC_POSTWRITE); 553 bus_dmamap_unload(sc->sc_dmat, data->map); 554 m_freem(data->m); 555 } 556 557 if (data->ni != NULL) 558 ieee80211_free_node(data->ni); 559 560 if (data->map != NULL) 561 bus_dmamap_destroy(sc->sc_dmat, data->map); 562 } 563 free(ring->data, M_DEVBUF); 564 } 565 } 566 567 static int 568 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 569 int count) 570 { 571 struct rt2661_rx_desc *desc; 572 struct rt2661_rx_data *data; 573 int i, nsegs, error; 574 575 ring->count = count; 576 ring->cur = ring->next = 0; 577 578 error = bus_dmamap_create(sc->sc_dmat, count * RT2661_RX_DESC_SIZE, 1, 579 count * RT2661_RX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map); 580 if (error != 0) { 581 aprint_error_dev(sc->sc_dev, "could not create desc DMA map\n"); 582 goto fail; 583 } 584 585 error = bus_dmamem_alloc(sc->sc_dmat, count * RT2661_RX_DESC_SIZE, 586 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT); 587 if (error != 0) { 588 aprint_error_dev(sc->sc_dev, "could not allocate DMA memory\n"); 589 goto fail; 590 } 591 592 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 593 count * RT2661_RX_DESC_SIZE, (void **)&ring->desc, 594 BUS_DMA_NOWAIT); 595 if (error != 0) { 596 aprint_error_dev(sc->sc_dev, "could not map desc DMA memory\n"); 597 goto fail; 598 } 599 600 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 601 count * RT2661_RX_DESC_SIZE, NULL, BUS_DMA_NOWAIT); 602 if (error != 0) { 603 aprint_error_dev(sc->sc_dev, "could not load desc DMA map\n"); 604 goto fail; 605 } 606 607 memset(ring->desc, 0, count * RT2661_RX_DESC_SIZE); 608 ring->physaddr = ring->map->dm_segs->ds_addr; 609 610 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF, 611 M_NOWAIT); 612 if (ring->data == NULL) { 613 aprint_error_dev(sc->sc_dev, "could not allocate soft data\n"); 614 error = ENOMEM; 615 goto fail; 616 } 617 618 /* 619 * Pre-allocate Rx buffers and populate Rx ring. 620 */ 621 memset(ring->data, 0, count * sizeof (struct rt2661_rx_data)); 622 for (i = 0; i < count; i++) { 623 desc = &sc->rxq.desc[i]; 624 data = &sc->rxq.data[i]; 625 626 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 627 0, BUS_DMA_NOWAIT, &data->map); 628 if (error != 0) { 629 aprint_error_dev(sc->sc_dev, "could not create DMA map\n"); 630 goto fail; 631 } 632 633 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 634 if (data->m == NULL) { 635 aprint_error_dev(sc->sc_dev, "could not allocate rx mbuf\n"); 636 error = ENOMEM; 637 goto fail; 638 } 639 640 MCLGET(data->m, M_DONTWAIT); 641 if (!(data->m->m_flags & M_EXT)) { 642 aprint_error_dev(sc->sc_dev, "could not allocate rx mbuf cluster\n"); 643 error = ENOMEM; 644 goto fail; 645 } 646 647 error = bus_dmamap_load(sc->sc_dmat, data->map, 648 mtod(data->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 649 if (error != 0) { 650 aprint_error_dev(sc->sc_dev, "could not load rx buf DMA map"); 651 goto fail; 652 } 653 654 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 655 desc->flags = htole32(RT2661_RX_BUSY); 656 } 657 658 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 659 BUS_DMASYNC_PREWRITE); 660 661 return 0; 662 663 fail: rt2661_free_rx_ring(sc, ring); 664 return error; 665 } 666 667 static void 668 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 669 { 670 int i; 671 672 for (i = 0; i < ring->count; i++) 673 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 674 675 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 676 BUS_DMASYNC_PREWRITE); 677 678 ring->cur = ring->next = 0; 679 } 680 681 static void 682 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 683 { 684 struct rt2661_rx_data *data; 685 int i; 686 687 if (ring->desc != NULL) { 688 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 689 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 690 bus_dmamap_unload(sc->sc_dmat, ring->map); 691 bus_dmamem_unmap(sc->sc_dmat, (void *)ring->desc, 692 ring->count * RT2661_RX_DESC_SIZE); 693 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 694 } 695 696 if (ring->data != NULL) { 697 for (i = 0; i < ring->count; i++) { 698 data = &ring->data[i]; 699 700 if (data->m != NULL) { 701 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 702 data->map->dm_mapsize, 703 BUS_DMASYNC_POSTREAD); 704 bus_dmamap_unload(sc->sc_dmat, data->map); 705 m_freem(data->m); 706 } 707 708 if (data->map != NULL) 709 bus_dmamap_destroy(sc->sc_dmat, data->map); 710 } 711 free(ring->data, M_DEVBUF); 712 } 713 } 714 715 static struct ieee80211_node * 716 rt2661_node_alloc(struct ieee80211_node_table *nt) 717 { 718 struct rt2661_node *rn; 719 720 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE, 721 M_NOWAIT | M_ZERO); 722 723 return (rn != NULL) ? &rn->ni : NULL; 724 } 725 726 static int 727 rt2661_media_change(struct ifnet *ifp) 728 { 729 int error; 730 731 error = ieee80211_media_change(ifp); 732 if (error != ENETRESET) 733 return error; 734 735 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 736 rt2661_init(ifp); 737 738 return 0; 739 } 740 741 /* 742 * This function is called periodically (every 200ms) during scanning to 743 * switch from one channel to another. 744 */ 745 static void 746 rt2661_next_scan(void *arg) 747 { 748 struct rt2661_softc *sc = arg; 749 struct ieee80211com *ic = &sc->sc_ic; 750 int s; 751 752 s = splnet(); 753 if (ic->ic_state == IEEE80211_S_SCAN) 754 ieee80211_next_scan(ic); 755 splx(s); 756 } 757 758 /* 759 * This function is called for each neighbor node. 760 */ 761 static void 762 rt2661_iter_func(void *arg, struct ieee80211_node *ni) 763 { 764 struct rt2661_softc *sc = arg; 765 struct rt2661_node *rn = (struct rt2661_node *)ni; 766 767 ieee80211_amrr_choose(&sc->amrr, ni, &rn->amn); 768 } 769 770 /* 771 * This function is called periodically (every 500ms) in RUN state to update 772 * various settings like rate control statistics or Rx sensitivity. 773 */ 774 static void 775 rt2661_updatestats(void *arg) 776 { 777 struct rt2661_softc *sc = arg; 778 struct ieee80211com *ic = &sc->sc_ic; 779 int s; 780 781 s = splnet(); 782 if (ic->ic_opmode == IEEE80211_M_STA) 783 rt2661_iter_func(sc, ic->ic_bss); 784 else 785 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg); 786 787 /* update rx sensitivity every 1 sec */ 788 if (++sc->ncalls & 1) 789 rt2661_rx_tune(sc); 790 splx(s); 791 792 callout_reset(&sc->amrr_ch, hz / 2, rt2661_updatestats, sc); 793 } 794 795 static void 796 rt2661_newassoc(struct ieee80211_node *ni, int isnew) 797 { 798 struct rt2661_softc *sc = ni->ni_ic->ic_ifp->if_softc; 799 int i; 800 801 ieee80211_amrr_node_init(&sc->amrr, &((struct rt2661_node *)ni)->amn); 802 803 /* set rate to some reasonable initial value */ 804 for (i = ni->ni_rates.rs_nrates - 1; 805 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 806 i--); 807 ni->ni_txrate = i; 808 } 809 810 static int 811 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 812 { 813 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 814 enum ieee80211_state ostate; 815 struct ieee80211_node *ni; 816 uint32_t tmp; 817 818 ostate = ic->ic_state; 819 callout_stop(&sc->scan_ch); 820 821 switch (nstate) { 822 case IEEE80211_S_INIT: 823 callout_stop(&sc->amrr_ch); 824 825 if (ostate == IEEE80211_S_RUN) { 826 /* abort TSF synchronization */ 827 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 828 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 829 } 830 break; 831 832 case IEEE80211_S_SCAN: 833 rt2661_set_chan(sc, ic->ic_curchan); 834 callout_reset(&sc->scan_ch, hz / 5, rt2661_next_scan, sc); 835 break; 836 837 case IEEE80211_S_AUTH: 838 case IEEE80211_S_ASSOC: 839 rt2661_set_chan(sc, ic->ic_curchan); 840 break; 841 842 case IEEE80211_S_RUN: 843 rt2661_set_chan(sc, ic->ic_curchan); 844 845 ni = ic->ic_bss; 846 847 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 848 rt2661_set_slottime(sc); 849 rt2661_enable_mrr(sc); 850 rt2661_set_txpreamble(sc); 851 rt2661_set_basicrates(sc, &ni->ni_rates); 852 rt2661_set_bssid(sc, ni->ni_bssid); 853 } 854 855 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 856 ic->ic_opmode == IEEE80211_M_IBSS) 857 rt2661_prepare_beacon(sc); 858 859 if (ic->ic_opmode == IEEE80211_M_STA) { 860 /* fake a join to init the tx rate */ 861 rt2661_newassoc(ni, 1); 862 } 863 864 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 865 sc->ncalls = 0; 866 sc->avg_rssi = -95; /* reset EMA */ 867 callout_reset(&sc->amrr_ch, hz / 2, 868 rt2661_updatestats, sc); 869 rt2661_enable_tsf_sync(sc); 870 } 871 break; 872 } 873 874 return sc->sc_newstate(ic, nstate, arg); 875 } 876 877 /* 878 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 879 * 93C66). 880 */ 881 static uint16_t 882 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 883 { 884 uint32_t tmp; 885 uint16_t val; 886 int n; 887 888 /* clock C once before the first command */ 889 RT2661_EEPROM_CTL(sc, 0); 890 891 RT2661_EEPROM_CTL(sc, RT2661_S); 892 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 893 RT2661_EEPROM_CTL(sc, RT2661_S); 894 895 /* write start bit (1) */ 896 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 897 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 898 899 /* write READ opcode (10) */ 900 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 901 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 902 RT2661_EEPROM_CTL(sc, RT2661_S); 903 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 904 905 /* write address (A5-A0 or A7-A0) */ 906 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 907 for (; n >= 0; n--) { 908 RT2661_EEPROM_CTL(sc, RT2661_S | 909 (((addr >> n) & 1) << RT2661_SHIFT_D)); 910 RT2661_EEPROM_CTL(sc, RT2661_S | 911 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 912 } 913 914 RT2661_EEPROM_CTL(sc, RT2661_S); 915 916 /* read data Q15-Q0 */ 917 val = 0; 918 for (n = 15; n >= 0; n--) { 919 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 920 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 921 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 922 RT2661_EEPROM_CTL(sc, RT2661_S); 923 } 924 925 RT2661_EEPROM_CTL(sc, 0); 926 927 /* clear Chip Select and clock C */ 928 RT2661_EEPROM_CTL(sc, RT2661_S); 929 RT2661_EEPROM_CTL(sc, 0); 930 RT2661_EEPROM_CTL(sc, RT2661_C); 931 932 return val; 933 } 934 935 static void 936 rt2661_tx_intr(struct rt2661_softc *sc) 937 { 938 struct ifnet *ifp = &sc->sc_if; 939 struct rt2661_tx_ring *txq; 940 struct rt2661_tx_data *data; 941 struct rt2661_node *rn; 942 uint32_t val; 943 int qid, retrycnt, s; 944 945 s = splnet(); 946 947 for (;;) { 948 val = RAL_READ(sc, RT2661_STA_CSR4); 949 if (!(val & RT2661_TX_STAT_VALID)) 950 break; 951 952 /* retrieve the queue in which this frame was sent */ 953 qid = RT2661_TX_QID(val); 954 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq; 955 956 /* retrieve rate control algorithm context */ 957 data = &txq->data[txq->stat]; 958 rn = (struct rt2661_node *)data->ni; 959 960 /* if no frame has been sent, ignore */ 961 if (rn == NULL) 962 continue; 963 964 switch (RT2661_TX_RESULT(val)) { 965 case RT2661_TX_SUCCESS: 966 retrycnt = RT2661_TX_RETRYCNT(val); 967 968 DPRINTFN(10, ("data frame sent successfully after " 969 "%d retries\n", retrycnt)); 970 rn->amn.amn_txcnt++; 971 if (retrycnt > 0) 972 rn->amn.amn_retrycnt++; 973 ifp->if_opackets++; 974 break; 975 976 case RT2661_TX_RETRY_FAIL: 977 DPRINTFN(9, ("sending data frame failed (too much " 978 "retries)\n")); 979 rn->amn.amn_txcnt++; 980 rn->amn.amn_retrycnt++; 981 ifp->if_oerrors++; 982 break; 983 984 default: 985 /* other failure */ 986 aprint_error_dev(sc->sc_dev, "sending data frame failed 0x%08x\n", val); 987 ifp->if_oerrors++; 988 } 989 990 ieee80211_free_node(data->ni); 991 data->ni = NULL; 992 993 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat)); 994 995 txq->queued--; 996 if (++txq->stat >= txq->count) /* faster than % count */ 997 txq->stat = 0; 998 } 999 1000 sc->sc_tx_timer = 0; 1001 ifp->if_flags &= ~IFF_OACTIVE; 1002 rt2661_start(ifp); /* in softint */ 1003 1004 splx(s); 1005 } 1006 1007 static void 1008 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 1009 { 1010 struct rt2661_tx_desc *desc; 1011 struct rt2661_tx_data *data; 1012 1013 for (;;) { 1014 desc = &txq->desc[txq->next]; 1015 data = &txq->data[txq->next]; 1016 1017 bus_dmamap_sync(sc->sc_dmat, txq->map, 1018 txq->next * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1019 BUS_DMASYNC_POSTREAD); 1020 1021 if ((le32toh(desc->flags) & RT2661_TX_BUSY) || 1022 !(le32toh(desc->flags) & RT2661_TX_VALID)) 1023 break; 1024 1025 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1026 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1027 bus_dmamap_unload(sc->sc_dmat, data->map); 1028 m_freem(data->m); 1029 data->m = NULL; 1030 /* node reference is released in rt2661_tx_intr() */ 1031 1032 /* descriptor is no longer valid */ 1033 desc->flags &= ~htole32(RT2661_TX_VALID); 1034 1035 bus_dmamap_sync(sc->sc_dmat, txq->map, 1036 txq->next * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1037 BUS_DMASYNC_PREWRITE); 1038 1039 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 1040 1041 if (++txq->next >= txq->count) /* faster than % count */ 1042 txq->next = 0; 1043 } 1044 } 1045 1046 static void 1047 rt2661_rx_intr(struct rt2661_softc *sc) 1048 { 1049 struct ieee80211com *ic = &sc->sc_ic; 1050 struct ifnet *ifp = &sc->sc_if; 1051 struct rt2661_rx_desc *desc; 1052 struct rt2661_rx_data *data; 1053 struct ieee80211_frame *wh; 1054 struct ieee80211_node *ni; 1055 struct mbuf *mnew, *m; 1056 int error, rssi, s; 1057 1058 for (;;) { 1059 desc = &sc->rxq.desc[sc->rxq.cur]; 1060 data = &sc->rxq.data[sc->rxq.cur]; 1061 1062 bus_dmamap_sync(sc->sc_dmat, sc->rxq.map, 1063 sc->rxq.cur * RT2661_RX_DESC_SIZE, RT2661_RX_DESC_SIZE, 1064 BUS_DMASYNC_POSTREAD); 1065 1066 if (le32toh(desc->flags) & RT2661_RX_BUSY) 1067 break; 1068 1069 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) || 1070 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) { 1071 /* 1072 * This should not happen since we did not request 1073 * to receive those frames when we filled TXRX_CSR0. 1074 */ 1075 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1076 le32toh(desc->flags))); 1077 ifp->if_ierrors++; 1078 goto skip; 1079 } 1080 1081 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1082 ifp->if_ierrors++; 1083 goto skip; 1084 } 1085 1086 /* 1087 * Try to allocate a new mbuf for this ring element and load it 1088 * before processing the current mbuf. If the ring element 1089 * cannot be loaded, drop the received packet and reuse the old 1090 * mbuf. In the unlikely case that the old mbuf can't be 1091 * reloaded either, explicitly panic. 1092 */ 1093 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1094 if (mnew == NULL) { 1095 ifp->if_ierrors++; 1096 goto skip; 1097 } 1098 1099 MCLGET(mnew, M_DONTWAIT); 1100 if (!(mnew->m_flags & M_EXT)) { 1101 m_freem(mnew); 1102 ifp->if_ierrors++; 1103 goto skip; 1104 } 1105 1106 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1107 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1108 bus_dmamap_unload(sc->sc_dmat, data->map); 1109 1110 error = bus_dmamap_load(sc->sc_dmat, data->map, 1111 mtod(mnew, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 1112 if (error != 0) { 1113 m_freem(mnew); 1114 1115 /* try to reload the old mbuf */ 1116 error = bus_dmamap_load(sc->sc_dmat, data->map, 1117 mtod(data->m, void *), MCLBYTES, NULL, 1118 BUS_DMA_NOWAIT); 1119 if (error != 0) { 1120 /* very unlikely that it will fail... */ 1121 panic("%s: could not load old rx mbuf", 1122 device_xname(sc->sc_dev)); 1123 } 1124 /* physical address may have changed */ 1125 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 1126 ifp->if_ierrors++; 1127 goto skip; 1128 } 1129 1130 /* 1131 * New mbuf successfully loaded, update Rx ring and continue 1132 * processing. 1133 */ 1134 m = data->m; 1135 data->m = mnew; 1136 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 1137 1138 /* finalize mbuf */ 1139 m_set_rcvif(m, ifp); 1140 m->m_pkthdr.len = m->m_len = 1141 (le32toh(desc->flags) >> 16) & 0xfff; 1142 1143 s = splnet(); 1144 1145 if (sc->sc_drvbpf != NULL) { 1146 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1147 uint32_t tsf_lo, tsf_hi; 1148 1149 /* get timestamp (low and high 32 bits) */ 1150 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1151 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1152 1153 tap->wr_tsf = 1154 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1155 tap->wr_flags = 0; 1156 tap->wr_rate = rt2661_rxrate(desc); 1157 tap->wr_chan_freq = htole16(sc->sc_curchan->ic_freq); 1158 tap->wr_chan_flags = htole16(sc->sc_curchan->ic_flags); 1159 tap->wr_antsignal = desc->rssi; 1160 1161 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1162 } 1163 1164 wh = mtod(m, struct ieee80211_frame *); 1165 ni = ieee80211_find_rxnode(ic, 1166 (struct ieee80211_frame_min *)wh); 1167 1168 /* send the frame to the 802.11 layer */ 1169 ieee80211_input(ic, m, ni, desc->rssi, 0); 1170 1171 /*- 1172 * Keep track of the average RSSI using an Exponential Moving 1173 * Average (EMA) of 8 Wilder's days: 1174 * avg = (1 / N) x rssi + ((N - 1) / N) x avg 1175 */ 1176 rssi = rt2661_get_rssi(sc, desc->rssi); 1177 sc->avg_rssi = (rssi + 7 * sc->avg_rssi) / 8; 1178 1179 /* node is no longer needed */ 1180 ieee80211_free_node(ni); 1181 1182 splx(s); 1183 1184 skip: desc->flags |= htole32(RT2661_RX_BUSY); 1185 1186 bus_dmamap_sync(sc->sc_dmat, sc->rxq.map, 1187 sc->rxq.cur * RT2661_RX_DESC_SIZE, RT2661_RX_DESC_SIZE, 1188 BUS_DMASYNC_PREWRITE); 1189 1190 DPRINTFN(16, ("rx intr idx=%u\n", sc->rxq.cur)); 1191 1192 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1193 } 1194 1195 /* 1196 * In HostAP mode, ieee80211_input() will enqueue packets in if_snd 1197 * without calling if_start(). 1198 */ 1199 s = splnet(); 1200 if (!IFQ_IS_EMPTY(&ifp->if_snd) && !(ifp->if_flags & IFF_OACTIVE)) 1201 rt2661_start(ifp); 1202 splx(s); 1203 } 1204 1205 /* 1206 * This function is called in HostAP or IBSS modes when it's time to send a 1207 * new beacon (every ni_intval milliseconds). 1208 */ 1209 static void 1210 rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1211 { 1212 struct ieee80211com *ic = &sc->sc_ic; 1213 1214 if (sc->sc_flags & RT2661_UPDATE_SLOT) { 1215 sc->sc_flags &= ~RT2661_UPDATE_SLOT; 1216 sc->sc_flags |= RT2661_SET_SLOTTIME; 1217 } else if (sc->sc_flags & RT2661_SET_SLOTTIME) { 1218 sc->sc_flags &= ~RT2661_SET_SLOTTIME; 1219 rt2661_set_slottime(sc); 1220 } 1221 1222 if (ic->ic_curmode == IEEE80211_MODE_11G) { 1223 /* update ERP Information Element */ 1224 RAL_WRITE_1(sc, sc->erp_csr, ic->ic_bss->ni_erp); 1225 RAL_RW_BARRIER_1(sc, sc->erp_csr); 1226 } 1227 1228 DPRINTFN(15, ("beacon expired\n")); 1229 } 1230 1231 static void 1232 rt2661_mcu_wakeup(struct rt2661_softc *sc) 1233 { 1234 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1235 1236 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1237 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1238 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1239 1240 /* send wakeup command to MCU */ 1241 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1242 } 1243 1244 static void 1245 rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1246 { 1247 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1248 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1249 } 1250 1251 int 1252 rt2661_intr(void *arg) 1253 { 1254 struct rt2661_softc *sc = arg; 1255 struct ifnet *ifp = &sc->sc_if; 1256 uint32_t r1, r2; 1257 1258 /* don't re-enable interrupts if we're shutting down */ 1259 if (!(ifp->if_flags & IFF_RUNNING)) { 1260 /* disable MAC and MCU interrupts */ 1261 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1262 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1263 return 0; 1264 } 1265 1266 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1267 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1268 1269 if ((r1 & RT2661_INT_CSR_ALL) == 0 && (r2 & RT2661_MCU_INT_ALL) == 0) 1270 return 0; 1271 1272 /* disable interrupts */ 1273 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1274 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1275 1276 softint_schedule(sc->sc_soft_ih); 1277 return 1; 1278 } 1279 1280 static void 1281 rt2661_softintr(void *arg) 1282 { 1283 struct rt2661_softc *sc = arg; 1284 uint32_t r1, r2; 1285 1286 for (;;) { 1287 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1288 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1289 1290 if ((r1 & RT2661_INT_CSR_ALL) == 0 && 1291 (r2 & RT2661_MCU_INT_ALL) == 0) 1292 break; 1293 1294 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1295 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1296 1297 if (r1 & RT2661_MGT_DONE) 1298 rt2661_tx_dma_intr(sc, &sc->mgtq); 1299 1300 if (r1 & RT2661_RX_DONE) 1301 rt2661_rx_intr(sc); 1302 1303 if (r1 & RT2661_TX0_DMA_DONE) 1304 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1305 1306 if (r1 & RT2661_TX1_DMA_DONE) 1307 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1308 1309 if (r1 & RT2661_TX2_DMA_DONE) 1310 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1311 1312 if (r1 & RT2661_TX3_DMA_DONE) 1313 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1314 1315 if (r1 & RT2661_TX_DONE) 1316 rt2661_tx_intr(sc); 1317 1318 if (r2 & RT2661_MCU_CMD_DONE) 1319 rt2661_mcu_cmd_intr(sc); 1320 1321 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1322 rt2661_mcu_beacon_expire(sc); 1323 1324 if (r2 & RT2661_MCU_WAKEUP) 1325 rt2661_mcu_wakeup(sc); 1326 } 1327 1328 /* enable interrupts */ 1329 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 1330 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 1331 } 1332 1333 /* quickly determine if a given rate is CCK or OFDM */ 1334 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1335 1336 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1337 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1338 1339 /* 1340 * This function is only used by the Rx radiotap code. It returns the rate at 1341 * which a given frame was received. 1342 */ 1343 static uint8_t 1344 rt2661_rxrate(struct rt2661_rx_desc *desc) 1345 { 1346 if (le32toh(desc->flags) & RT2661_RX_OFDM) { 1347 /* reverse function of rt2661_plcp_signal */ 1348 switch (desc->rate & 0xf) { 1349 case 0xb: return 12; 1350 case 0xf: return 18; 1351 case 0xa: return 24; 1352 case 0xe: return 36; 1353 case 0x9: return 48; 1354 case 0xd: return 72; 1355 case 0x8: return 96; 1356 case 0xc: return 108; 1357 } 1358 } else { 1359 if (desc->rate == 10) 1360 return 2; 1361 if (desc->rate == 20) 1362 return 4; 1363 if (desc->rate == 55) 1364 return 11; 1365 if (desc->rate == 110) 1366 return 22; 1367 } 1368 return 2; /* should not get there */ 1369 } 1370 1371 /* 1372 * Return the expected ack rate for a frame transmitted at rate `rate'. 1373 * XXX: this should depend on the destination node basic rate set. 1374 */ 1375 static int 1376 rt2661_ack_rate(struct ieee80211com *ic, int rate) 1377 { 1378 switch (rate) { 1379 /* CCK rates */ 1380 case 2: 1381 return 2; 1382 case 4: 1383 case 11: 1384 case 22: 1385 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1386 1387 /* OFDM rates */ 1388 case 12: 1389 case 18: 1390 return 12; 1391 case 24: 1392 case 36: 1393 return 24; 1394 case 48: 1395 case 72: 1396 case 96: 1397 case 108: 1398 return 48; 1399 } 1400 1401 /* default to 1Mbps */ 1402 return 2; 1403 } 1404 1405 /* 1406 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1407 * The function automatically determines the operating mode depending on the 1408 * given rate. `flags' indicates whether short preamble is in use or not. 1409 */ 1410 static uint16_t 1411 rt2661_txtime(int len, int rate, uint32_t flags) 1412 { 1413 uint16_t txtime; 1414 1415 if (RAL_RATE_IS_OFDM(rate)) { 1416 /* IEEE Std 802.11g-2003, pp. 44 */ 1417 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1418 txtime = 16 + 4 + 4 * txtime + 6; 1419 } else { 1420 /* IEEE Std 802.11b-1999, pp. 28 */ 1421 txtime = (16 * len + rate - 1) / rate; 1422 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1423 txtime += 72 + 24; 1424 else 1425 txtime += 144 + 48; 1426 } 1427 return txtime; 1428 } 1429 1430 static uint8_t 1431 rt2661_plcp_signal(int rate) 1432 { 1433 switch (rate) { 1434 /* CCK rates (returned values are device-dependent) */ 1435 case 2: return 0x0; 1436 case 4: return 0x1; 1437 case 11: return 0x2; 1438 case 22: return 0x3; 1439 1440 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1441 case 12: return 0xb; 1442 case 18: return 0xf; 1443 case 24: return 0xa; 1444 case 36: return 0xe; 1445 case 48: return 0x9; 1446 case 72: return 0xd; 1447 case 96: return 0x8; 1448 case 108: return 0xc; 1449 1450 /* unsupported rates (should not get there) */ 1451 default: return 0xff; 1452 } 1453 } 1454 1455 static void 1456 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1457 uint32_t flags, uint16_t xflags, int len, int rate, 1458 const bus_dma_segment_t *segs, int nsegs, int ac) 1459 { 1460 struct ieee80211com *ic = &sc->sc_ic; 1461 uint16_t plcp_length; 1462 int i, remainder; 1463 1464 desc->flags = htole32(flags); 1465 desc->flags |= htole32(len << 16); 1466 1467 desc->xflags = htole16(xflags); 1468 desc->xflags |= htole16(nsegs << 13); 1469 1470 desc->wme = htole16( 1471 RT2661_QID(ac) | 1472 RT2661_AIFSN(2) | 1473 RT2661_LOGCWMIN(4) | 1474 RT2661_LOGCWMAX(10)); 1475 1476 /* 1477 * Remember in which queue this frame was sent. This field is driver 1478 * private data only. It will be made available by the NIC in STA_CSR4 1479 * on Tx interrupts. 1480 */ 1481 desc->qid = ac; 1482 1483 /* setup PLCP fields */ 1484 desc->plcp_signal = rt2661_plcp_signal(rate); 1485 desc->plcp_service = 4; 1486 1487 len += IEEE80211_CRC_LEN; 1488 if (RAL_RATE_IS_OFDM(rate)) { 1489 desc->flags |= htole32(RT2661_TX_OFDM); 1490 1491 plcp_length = len & 0xfff; 1492 desc->plcp_length_hi = plcp_length >> 6; 1493 desc->plcp_length_lo = plcp_length & 0x3f; 1494 } else { 1495 plcp_length = (16 * len + rate - 1) / rate; 1496 if (rate == 22) { 1497 remainder = (16 * len) % 22; 1498 if (remainder != 0 && remainder < 7) 1499 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1500 } 1501 desc->plcp_length_hi = plcp_length >> 8; 1502 desc->plcp_length_lo = plcp_length & 0xff; 1503 1504 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1505 desc->plcp_signal |= 0x08; 1506 } 1507 1508 /* RT2x61 supports scatter with up to 5 segments */ 1509 for (i = 0; i < nsegs; i++) { 1510 desc->addr[i] = htole32(segs[i].ds_addr); 1511 desc->len [i] = htole16(segs[i].ds_len); 1512 } 1513 1514 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1515 } 1516 1517 static int 1518 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1519 struct ieee80211_node *ni) 1520 { 1521 struct ieee80211com *ic = &sc->sc_ic; 1522 struct rt2661_tx_desc *desc; 1523 struct rt2661_tx_data *data; 1524 struct ieee80211_frame *wh; 1525 uint16_t dur; 1526 uint32_t flags = 0; 1527 int rate, error; 1528 1529 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1530 data = &sc->mgtq.data[sc->mgtq.cur]; 1531 1532 /* send mgt frames at the lowest available rate */ 1533 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1534 1535 wh = mtod(m0, struct ieee80211_frame *); 1536 1537 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1538 if (ieee80211_crypto_encap(ic, ni, m0) == NULL) { 1539 m_freem(m0); 1540 return ENOBUFS; 1541 } 1542 1543 /* packet header may have moved, reset our local pointer */ 1544 wh = mtod(m0, struct ieee80211_frame *); 1545 } 1546 1547 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1548 BUS_DMA_NOWAIT); 1549 if (error != 0) { 1550 aprint_error_dev(sc->sc_dev, "could not map mbuf (error %d)\n", 1551 error); 1552 m_freem(m0); 1553 return error; 1554 } 1555 1556 if (sc->sc_drvbpf != NULL) { 1557 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1558 1559 tap->wt_flags = 0; 1560 tap->wt_rate = rate; 1561 tap->wt_chan_freq = htole16(sc->sc_curchan->ic_freq); 1562 tap->wt_chan_flags = htole16(sc->sc_curchan->ic_flags); 1563 1564 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1565 } 1566 1567 data->m = m0; 1568 data->ni = ni; 1569 1570 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1571 flags |= RT2661_TX_NEED_ACK; 1572 1573 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1574 sc->sifs; 1575 *(uint16_t *)wh->i_dur = htole16(dur); 1576 1577 /* tell hardware to set timestamp in probe responses */ 1578 if ((wh->i_fc[0] & 1579 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1580 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1581 flags |= RT2661_TX_TIMESTAMP; 1582 } 1583 1584 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1585 m0->m_pkthdr.len, rate, data->map->dm_segs, data->map->dm_nsegs, 1586 RT2661_QID_MGT); 1587 1588 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1589 BUS_DMASYNC_PREWRITE); 1590 bus_dmamap_sync(sc->sc_dmat, sc->mgtq.map, 1591 sc->mgtq.cur * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1592 BUS_DMASYNC_PREWRITE); 1593 1594 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1595 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1596 1597 /* kick mgt */ 1598 sc->mgtq.queued++; 1599 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1600 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1601 1602 return 0; 1603 } 1604 1605 /* 1606 * Build a RTS control frame. 1607 */ 1608 static struct mbuf * 1609 rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh, 1610 uint16_t dur) 1611 { 1612 struct ieee80211_frame_rts *rts; 1613 struct mbuf *m; 1614 1615 MGETHDR(m, M_DONTWAIT, MT_DATA); 1616 if (m == NULL) { 1617 sc->sc_ic.ic_stats.is_tx_nobuf++; 1618 aprint_error_dev(sc->sc_dev, "could not allocate RTS frame\n"); 1619 return NULL; 1620 } 1621 1622 rts = mtod(m, struct ieee80211_frame_rts *); 1623 1624 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL | 1625 IEEE80211_FC0_SUBTYPE_RTS; 1626 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1627 *(uint16_t *)rts->i_dur = htole16(dur); 1628 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1); 1629 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2); 1630 1631 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts); 1632 1633 return m; 1634 } 1635 1636 static int 1637 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1638 struct ieee80211_node *ni, int ac) 1639 { 1640 struct ieee80211com *ic = &sc->sc_ic; 1641 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1642 struct rt2661_tx_desc *desc; 1643 struct rt2661_tx_data *data; 1644 struct ieee80211_frame *wh; 1645 struct ieee80211_key *k; 1646 struct mbuf *mnew; 1647 uint16_t dur; 1648 uint32_t flags = 0; 1649 int rate, useprot, error, tid; 1650 1651 wh = mtod(m0, struct ieee80211_frame *); 1652 1653 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1654 rate = ic->ic_sup_rates[ic->ic_curmode]. 1655 rs_rates[ic->ic_fixed_rate]; 1656 } else 1657 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1658 rate &= IEEE80211_RATE_VAL; 1659 if (rate == 0) 1660 rate = 2; /* XXX should not happen */ 1661 1662 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1663 k = ieee80211_crypto_encap(ic, ni, m0); 1664 if (k == NULL) { 1665 m_freem(m0); 1666 return ENOBUFS; 1667 } 1668 1669 /* packet header may have moved, reset our local pointer */ 1670 wh = mtod(m0, struct ieee80211_frame *); 1671 } 1672 1673 /* 1674 * Packet Bursting: backoff after ppb=8 frames to give other STAs a 1675 * chance to contend for the wireless medium. 1676 */ 1677 tid = WME_AC_TO_TID(M_WME_GETAC(m0)); 1678 if (ic->ic_opmode == IEEE80211_M_STA && (ni->ni_txseqs[tid] & 7)) 1679 flags |= RT2661_TX_IFS_SIFS; 1680 1681 /* 1682 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange 1683 * for directed frames only when the length of the MPDU is greater 1684 * than the length threshold indicated by" ic_rtsthreshold. 1685 * 1686 * IEEE Std 802.11-2003g, pp 13: "ERP STAs shall use protection 1687 * mechanism (such as RTS/CTS or CTS-to-self) for ERP-OFDM MPDUs of 1688 * type Data or an MMPDU". 1689 */ 1690 useprot = !IEEE80211_IS_MULTICAST(wh->i_addr1) && 1691 (m0->m_pkthdr.len + IEEE80211_CRC_LEN > ic->ic_rtsthreshold || 1692 ((ic->ic_flags & IEEE80211_F_USEPROT) && RAL_RATE_IS_OFDM(rate))); 1693 if (useprot) { 1694 struct mbuf *m; 1695 int rtsrate, ackrate; 1696 1697 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1698 ackrate = rt2661_ack_rate(ic, rate); 1699 1700 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) + 1701 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) + 1702 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1703 3 * sc->sifs; 1704 1705 m = rt2661_get_rts(sc, wh, dur); 1706 if (m == NULL) { 1707 aprint_error_dev(sc->sc_dev, "could not allocate RTS " 1708 "frame\n"); 1709 m_freem(m0); 1710 return ENOBUFS; 1711 } 1712 1713 desc = &txq->desc[txq->cur]; 1714 data = &txq->data[txq->cur]; 1715 1716 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 1717 BUS_DMA_NOWAIT); 1718 if (error != 0) { 1719 aprint_error_dev(sc->sc_dev, "could not map mbuf (error %d)\n", error); 1720 m_freem(m); 1721 m_freem(m0); 1722 return error; 1723 } 1724 1725 /* avoid multiple free() of the same node for each fragment */ 1726 ieee80211_ref_node(ni); 1727 1728 data->m = m; 1729 data->ni = ni; 1730 1731 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK | 1732 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate, 1733 data->map->dm_segs, data->map->dm_nsegs, ac); 1734 1735 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1736 data->map->dm_mapsize, BUS_DMASYNC_PREWRITE); 1737 bus_dmamap_sync(sc->sc_dmat, txq->map, 1738 txq->cur * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1739 BUS_DMASYNC_PREWRITE); 1740 1741 txq->queued++; 1742 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1743 1744 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS_SIFS; 1745 } 1746 1747 data = &txq->data[txq->cur]; 1748 desc = &txq->desc[txq->cur]; 1749 1750 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1751 BUS_DMA_NOWAIT); 1752 if (error != 0 && error != EFBIG) { 1753 aprint_error_dev(sc->sc_dev, "could not map mbuf (error %d)\n", 1754 error); 1755 m_freem(m0); 1756 return error; 1757 } 1758 if (error != 0) { 1759 /* too many fragments, linearize */ 1760 1761 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1762 if (mnew == NULL) { 1763 m_freem(m0); 1764 return ENOMEM; 1765 } 1766 1767 M_COPY_PKTHDR(mnew, m0); 1768 if (m0->m_pkthdr.len > MHLEN) { 1769 MCLGET(mnew, M_DONTWAIT); 1770 if (!(mnew->m_flags & M_EXT)) { 1771 m_freem(m0); 1772 m_freem(mnew); 1773 return ENOMEM; 1774 } 1775 } 1776 1777 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, void *)); 1778 m_freem(m0); 1779 mnew->m_len = mnew->m_pkthdr.len; 1780 m0 = mnew; 1781 1782 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1783 BUS_DMA_NOWAIT); 1784 if (error != 0) { 1785 aprint_error_dev(sc->sc_dev, "could not map mbuf (error %d)\n", error); 1786 m_freem(m0); 1787 return error; 1788 } 1789 1790 /* packet header have moved, reset our local pointer */ 1791 wh = mtod(m0, struct ieee80211_frame *); 1792 } 1793 1794 if (sc->sc_drvbpf != NULL) { 1795 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1796 1797 tap->wt_flags = 0; 1798 tap->wt_rate = rate; 1799 tap->wt_chan_freq = htole16(sc->sc_curchan->ic_freq); 1800 tap->wt_chan_flags = htole16(sc->sc_curchan->ic_flags); 1801 1802 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1803 } 1804 1805 data->m = m0; 1806 data->ni = ni; 1807 1808 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1809 flags |= RT2661_TX_NEED_ACK; 1810 1811 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1812 ic->ic_flags) + sc->sifs; 1813 *(uint16_t *)wh->i_dur = htole16(dur); 1814 } 1815 1816 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, 1817 data->map->dm_segs, data->map->dm_nsegs, ac); 1818 1819 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1820 BUS_DMASYNC_PREWRITE); 1821 bus_dmamap_sync(sc->sc_dmat, txq->map, txq->cur * RT2661_TX_DESC_SIZE, 1822 RT2661_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE); 1823 1824 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1825 m0->m_pkthdr.len, txq->cur, rate)); 1826 1827 /* kick Tx */ 1828 txq->queued++; 1829 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1830 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1); 1831 1832 return 0; 1833 } 1834 1835 static void 1836 rt2661_start(struct ifnet *ifp) 1837 { 1838 struct rt2661_softc *sc = ifp->if_softc; 1839 struct ieee80211com *ic = &sc->sc_ic; 1840 struct mbuf *m0; 1841 struct ether_header *eh; 1842 struct ieee80211_node *ni = NULL; 1843 1844 /* 1845 * net80211 may still try to send management frames even if the 1846 * IFF_RUNNING flag is not set... 1847 */ 1848 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1849 return; 1850 1851 for (;;) { 1852 IF_POLL(&ic->ic_mgtq, m0); 1853 if (m0 != NULL) { 1854 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1855 ifp->if_flags |= IFF_OACTIVE; 1856 break; 1857 } 1858 IF_DEQUEUE(&ic->ic_mgtq, m0); 1859 if (m0 == NULL) 1860 break; 1861 1862 ni = M_GETCTX(m0, struct ieee80211_node *); 1863 M_CLEARCTX(m0); 1864 bpf_mtap3(ic->ic_rawbpf, m0); 1865 if (rt2661_tx_mgt(sc, m0, ni) != 0) 1866 break; 1867 1868 } else { 1869 IF_POLL(&ifp->if_snd, m0); 1870 if (m0 == NULL || ic->ic_state != IEEE80211_S_RUN) 1871 break; 1872 1873 if (sc->txq[0].queued >= RT2661_TX_RING_COUNT - 1) { 1874 /* there is no place left in this ring */ 1875 ifp->if_flags |= IFF_OACTIVE; 1876 break; 1877 } 1878 1879 IFQ_DEQUEUE(&ifp->if_snd, m0); 1880 1881 if (m0->m_len < sizeof (struct ether_header) && 1882 !(m0 = m_pullup(m0, sizeof (struct ether_header)))) 1883 continue; 1884 1885 eh = mtod(m0, struct ether_header *); 1886 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1887 if (ni == NULL) { 1888 m_freem(m0); 1889 ifp->if_oerrors++; 1890 continue; 1891 } 1892 1893 bpf_mtap3(ifp->if_bpf, m0); 1894 m0 = ieee80211_encap(ic, m0, ni); 1895 if (m0 == NULL) { 1896 ieee80211_free_node(ni); 1897 ifp->if_oerrors++; 1898 continue; 1899 } 1900 bpf_mtap3(ic->ic_rawbpf, m0); 1901 if (rt2661_tx_data(sc, m0, ni, 0) != 0) { 1902 if (ni != NULL) 1903 ieee80211_free_node(ni); 1904 ifp->if_oerrors++; 1905 break; 1906 } 1907 } 1908 1909 sc->sc_tx_timer = 5; 1910 ifp->if_timer = 1; 1911 } 1912 } 1913 1914 static void 1915 rt2661_watchdog(struct ifnet *ifp) 1916 { 1917 struct rt2661_softc *sc = ifp->if_softc; 1918 1919 ifp->if_timer = 0; 1920 1921 if (sc->sc_tx_timer > 0) { 1922 if (--sc->sc_tx_timer == 0) { 1923 aprint_error_dev(sc->sc_dev, "device timeout\n"); 1924 rt2661_init(ifp); 1925 ifp->if_oerrors++; 1926 return; 1927 } 1928 ifp->if_timer = 1; 1929 } 1930 1931 ieee80211_watchdog(&sc->sc_ic); 1932 } 1933 1934 /* 1935 * This function allows for fast channel switching in monitor mode (used by 1936 * kismet). In IBSS mode, we must explicitly reset the interface to 1937 * generate a new beacon frame. 1938 */ 1939 static int 1940 rt2661_reset(struct ifnet *ifp) 1941 { 1942 struct rt2661_softc *sc = ifp->if_softc; 1943 struct ieee80211com *ic = &sc->sc_ic; 1944 1945 if (ic->ic_opmode != IEEE80211_M_MONITOR) 1946 return ENETRESET; 1947 1948 rt2661_set_chan(sc, ic->ic_curchan); 1949 1950 return 0; 1951 } 1952 1953 static int 1954 rt2661_ioctl(struct ifnet *ifp, u_long cmd, void *data) 1955 { 1956 struct rt2661_softc *sc = ifp->if_softc; 1957 struct ieee80211com *ic = &sc->sc_ic; 1958 int s, error = 0; 1959 1960 s = splnet(); 1961 1962 switch (cmd) { 1963 case SIOCSIFFLAGS: 1964 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 1965 break; 1966 if (ifp->if_flags & IFF_UP) { 1967 if (ifp->if_flags & IFF_RUNNING) 1968 rt2661_update_promisc(sc); 1969 else 1970 rt2661_init(ifp); 1971 } else { 1972 if (ifp->if_flags & IFF_RUNNING) 1973 rt2661_stop(ifp, 1); 1974 } 1975 break; 1976 1977 case SIOCADDMULTI: 1978 case SIOCDELMULTI: 1979 /* XXX no h/w multicast filter? --dyoung */ 1980 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) 1981 error = 0; 1982 break; 1983 1984 case SIOCS80211CHANNEL: 1985 /* 1986 * This allows for fast channel switching in monitor mode 1987 * (used by kismet). In IBSS mode, we must explicitly reset 1988 * the interface to generate a new beacon frame. 1989 */ 1990 error = ieee80211_ioctl(ic, cmd, data); 1991 if (error == ENETRESET && 1992 ic->ic_opmode == IEEE80211_M_MONITOR) { 1993 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1994 (IFF_UP | IFF_RUNNING)) 1995 rt2661_set_chan(sc, ic->ic_ibss_chan); 1996 error = 0; 1997 } 1998 break; 1999 2000 default: 2001 error = ieee80211_ioctl(ic, cmd, data); 2002 2003 } 2004 2005 if (error == ENETRESET) { 2006 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2007 (IFF_UP | IFF_RUNNING)) 2008 rt2661_init(ifp); 2009 error = 0; 2010 } 2011 2012 splx(s); 2013 2014 return error; 2015 } 2016 2017 static void 2018 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 2019 { 2020 uint32_t tmp; 2021 int ntries; 2022 2023 for (ntries = 0; ntries < 100; ntries++) { 2024 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 2025 break; 2026 DELAY(1); 2027 } 2028 if (ntries == 100) { 2029 aprint_error_dev(sc->sc_dev, "could not write to BBP\n"); 2030 return; 2031 } 2032 2033 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 2034 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 2035 2036 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 2037 } 2038 2039 static uint8_t 2040 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 2041 { 2042 uint32_t val; 2043 int ntries; 2044 2045 for (ntries = 0; ntries < 100; ntries++) { 2046 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 2047 break; 2048 DELAY(1); 2049 } 2050 if (ntries == 100) { 2051 aprint_error_dev(sc->sc_dev, "could not read from BBP\n"); 2052 return 0; 2053 } 2054 2055 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 2056 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 2057 2058 for (ntries = 0; ntries < 100; ntries++) { 2059 val = RAL_READ(sc, RT2661_PHY_CSR3); 2060 if (!(val & RT2661_BBP_BUSY)) 2061 return val & 0xff; 2062 DELAY(1); 2063 } 2064 2065 aprint_error_dev(sc->sc_dev, "could not read from BBP\n"); 2066 return 0; 2067 } 2068 2069 static void 2070 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 2071 { 2072 uint32_t tmp; 2073 int ntries; 2074 2075 for (ntries = 0; ntries < 100; ntries++) { 2076 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 2077 break; 2078 DELAY(1); 2079 } 2080 if (ntries == 100) { 2081 aprint_error_dev(sc->sc_dev, "could not write to RF\n"); 2082 return; 2083 } 2084 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 2085 (reg & 3); 2086 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 2087 2088 /* remember last written value in sc */ 2089 sc->rf_regs[reg] = val; 2090 2091 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 2092 } 2093 2094 static int 2095 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 2096 { 2097 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 2098 return EIO; /* there is already a command pending */ 2099 2100 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 2101 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 2102 2103 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 2104 2105 return 0; 2106 } 2107 2108 static void 2109 rt2661_select_antenna(struct rt2661_softc *sc) 2110 { 2111 uint8_t bbp4, bbp77; 2112 uint32_t tmp; 2113 2114 bbp4 = rt2661_bbp_read(sc, 4); 2115 bbp77 = rt2661_bbp_read(sc, 77); 2116 2117 /* TBD */ 2118 2119 /* make sure Rx is disabled before switching antenna */ 2120 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2121 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2122 2123 rt2661_bbp_write(sc, 4, bbp4); 2124 rt2661_bbp_write(sc, 77, bbp77); 2125 2126 /* restore Rx filter */ 2127 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2128 } 2129 2130 /* 2131 * Enable multi-rate retries for frames sent at OFDM rates. 2132 * In 802.11b/g mode, allow fallback to CCK rates. 2133 */ 2134 static void 2135 rt2661_enable_mrr(struct rt2661_softc *sc) 2136 { 2137 struct ieee80211com *ic = &sc->sc_ic; 2138 uint32_t tmp; 2139 2140 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2141 2142 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2143 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2144 tmp |= RT2661_MRR_CCK_FALLBACK; 2145 tmp |= RT2661_MRR_ENABLED; 2146 2147 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2148 } 2149 2150 static void 2151 rt2661_set_txpreamble(struct rt2661_softc *sc) 2152 { 2153 uint32_t tmp; 2154 2155 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2156 2157 tmp &= ~RT2661_SHORT_PREAMBLE; 2158 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2159 tmp |= RT2661_SHORT_PREAMBLE; 2160 2161 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2162 } 2163 2164 static void 2165 rt2661_set_basicrates(struct rt2661_softc *sc, 2166 const struct ieee80211_rateset *rs) 2167 { 2168 #define RV(r) ((r) & IEEE80211_RATE_VAL) 2169 uint32_t mask = 0; 2170 uint8_t rate; 2171 int i, j; 2172 2173 for (i = 0; i < rs->rs_nrates; i++) { 2174 rate = rs->rs_rates[i]; 2175 2176 if (!(rate & IEEE80211_RATE_BASIC)) 2177 continue; 2178 2179 /* 2180 * Find h/w rate index. We know it exists because the rate 2181 * set has already been negotiated. 2182 */ 2183 for (j = 0; rt2661_rateset_11g.rs_rates[j] != RV(rate); j++); 2184 2185 mask |= 1 << j; 2186 } 2187 2188 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask); 2189 2190 DPRINTF(("Setting basic rate mask to 0x%x\n", mask)); 2191 #undef RV 2192 } 2193 2194 /* 2195 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2196 * driver. 2197 */ 2198 static void 2199 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2200 { 2201 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2202 uint32_t tmp; 2203 2204 /* update all BBP registers that depend on the band */ 2205 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2206 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2207 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2208 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2209 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2210 } 2211 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2212 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2213 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2214 } 2215 2216 sc->bbp17 = bbp17; 2217 rt2661_bbp_write(sc, 17, bbp17); 2218 rt2661_bbp_write(sc, 96, bbp96); 2219 rt2661_bbp_write(sc, 104, bbp104); 2220 2221 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2222 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2223 rt2661_bbp_write(sc, 75, 0x80); 2224 rt2661_bbp_write(sc, 86, 0x80); 2225 rt2661_bbp_write(sc, 88, 0x80); 2226 } 2227 2228 rt2661_bbp_write(sc, 35, bbp35); 2229 rt2661_bbp_write(sc, 97, bbp97); 2230 rt2661_bbp_write(sc, 98, bbp98); 2231 2232 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2233 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2234 if (IEEE80211_IS_CHAN_2GHZ(c)) 2235 tmp |= RT2661_PA_PE_2GHZ; 2236 else 2237 tmp |= RT2661_PA_PE_5GHZ; 2238 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2239 2240 /* 802.11a uses a 16 microseconds short interframe space */ 2241 sc->sifs = IEEE80211_IS_CHAN_5GHZ(c) ? 16 : 10; 2242 } 2243 2244 static void 2245 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2246 { 2247 struct ieee80211com *ic = &sc->sc_ic; 2248 const struct rfprog *rfprog; 2249 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2250 int8_t power; 2251 u_int i, chan; 2252 2253 chan = ieee80211_chan2ieee(ic, c); 2254 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2255 return; 2256 2257 /* select the appropriate RF settings based on what EEPROM says */ 2258 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2259 2260 /* find the settings for this channel (we know it exists) */ 2261 for (i = 0; rfprog[i].chan != chan; i++); 2262 2263 power = sc->txpow[i]; 2264 if (power < 0) { 2265 bbp94 += power; 2266 power = 0; 2267 } else if (power > 31) { 2268 bbp94 += power - 31; 2269 power = 31; 2270 } 2271 2272 /* 2273 * If we've yet to select a channel, or we are switching from the 2274 * 2GHz band to the 5GHz band or vice-versa, BBP registers need to 2275 * be reprogrammed. 2276 */ 2277 if (sc->sc_curchan == NULL || c->ic_flags != sc->sc_curchan->ic_flags) { 2278 rt2661_select_band(sc, c); 2279 rt2661_select_antenna(sc); 2280 } 2281 sc->sc_curchan = c; 2282 2283 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2284 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2285 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2286 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2287 2288 DELAY(200); 2289 2290 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2291 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2292 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2293 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2294 2295 DELAY(200); 2296 2297 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2298 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2299 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2300 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2301 2302 /* enable smart mode for MIMO-capable RFs */ 2303 bbp3 = rt2661_bbp_read(sc, 3); 2304 2305 bbp3 &= ~RT2661_SMART_MODE; 2306 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2307 bbp3 |= RT2661_SMART_MODE; 2308 2309 rt2661_bbp_write(sc, 3, bbp3); 2310 2311 if (bbp94 != RT2661_BBPR94_DEFAULT) 2312 rt2661_bbp_write(sc, 94, bbp94); 2313 2314 /* 5GHz radio needs a 1ms delay here */ 2315 if (IEEE80211_IS_CHAN_5GHZ(c)) 2316 DELAY(1000); 2317 } 2318 2319 static void 2320 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2321 { 2322 uint32_t tmp; 2323 2324 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2325 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2326 2327 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2328 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2329 } 2330 2331 static void 2332 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2333 { 2334 uint32_t tmp; 2335 2336 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2337 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2338 2339 tmp = addr[4] | addr[5] << 8 | 0xff << 16; 2340 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2341 } 2342 2343 static void 2344 rt2661_update_promisc(struct rt2661_softc *sc) 2345 { 2346 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2347 uint32_t tmp; 2348 2349 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2350 2351 tmp &= ~RT2661_DROP_NOT_TO_ME; 2352 if (!(ifp->if_flags & IFF_PROMISC)) 2353 tmp |= RT2661_DROP_NOT_TO_ME; 2354 2355 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2356 2357 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2358 "entering" : "leaving")); 2359 } 2360 2361 #if 0 2362 /* 2363 * Update QoS (802.11e) settings for each h/w Tx ring. 2364 */ 2365 static int 2366 rt2661_wme_update(struct ieee80211com *ic) 2367 { 2368 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 2369 const struct wmeParams *wmep; 2370 2371 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams; 2372 2373 /* XXX: not sure about shifts. */ 2374 /* XXX: the reference driver plays with AC_VI settings too. */ 2375 2376 /* update TxOp */ 2377 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0, 2378 wmep[WME_AC_BE].wmep_txopLimit << 16 | 2379 wmep[WME_AC_BK].wmep_txopLimit); 2380 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1, 2381 wmep[WME_AC_VI].wmep_txopLimit << 16 | 2382 wmep[WME_AC_VO].wmep_txopLimit); 2383 2384 /* update CWmin */ 2385 RAL_WRITE(sc, RT2661_CWMIN_CSR, 2386 wmep[WME_AC_BE].wmep_logcwmin << 12 | 2387 wmep[WME_AC_BK].wmep_logcwmin << 8 | 2388 wmep[WME_AC_VI].wmep_logcwmin << 4 | 2389 wmep[WME_AC_VO].wmep_logcwmin); 2390 2391 /* update CWmax */ 2392 RAL_WRITE(sc, RT2661_CWMAX_CSR, 2393 wmep[WME_AC_BE].wmep_logcwmax << 12 | 2394 wmep[WME_AC_BK].wmep_logcwmax << 8 | 2395 wmep[WME_AC_VI].wmep_logcwmax << 4 | 2396 wmep[WME_AC_VO].wmep_logcwmax); 2397 2398 /* update Aifsn */ 2399 RAL_WRITE(sc, RT2661_AIFSN_CSR, 2400 wmep[WME_AC_BE].wmep_aifsn << 12 | 2401 wmep[WME_AC_BK].wmep_aifsn << 8 | 2402 wmep[WME_AC_VI].wmep_aifsn << 4 | 2403 wmep[WME_AC_VO].wmep_aifsn); 2404 2405 return 0; 2406 } 2407 #endif 2408 2409 static void 2410 rt2661_updateslot(struct ifnet *ifp) 2411 { 2412 struct rt2661_softc *sc = ifp->if_softc; 2413 struct ieee80211com *ic = &sc->sc_ic; 2414 2415 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 2416 /* 2417 * In HostAP mode, we defer setting of new slot time until 2418 * updated ERP Information Element has propagated to all 2419 * associated STAs. 2420 */ 2421 sc->sc_flags |= RT2661_UPDATE_SLOT; 2422 } else 2423 rt2661_set_slottime(sc); 2424 } 2425 2426 static void 2427 rt2661_set_slottime(struct rt2661_softc *sc) 2428 { 2429 struct ieee80211com *ic = &sc->sc_ic; 2430 uint8_t slottime; 2431 uint32_t tmp; 2432 2433 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2434 2435 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2436 tmp = (tmp & ~0xff) | slottime; 2437 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2438 2439 DPRINTF(("setting slot time to %uus\n", slottime)); 2440 } 2441 2442 static const char * 2443 rt2661_get_rf(int rev) 2444 { 2445 switch (rev) { 2446 case RT2661_RF_5225: return "RT5225"; 2447 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2448 case RT2661_RF_2527: return "RT2527"; 2449 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2450 default: return "unknown"; 2451 } 2452 } 2453 2454 static void 2455 rt2661_read_eeprom(struct rt2661_softc *sc) 2456 { 2457 struct ieee80211com *ic = &sc->sc_ic; 2458 uint16_t val; 2459 int i; 2460 2461 /* read MAC address */ 2462 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2463 ic->ic_myaddr[0] = val & 0xff; 2464 ic->ic_myaddr[1] = val >> 8; 2465 2466 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2467 ic->ic_myaddr[2] = val & 0xff; 2468 ic->ic_myaddr[3] = val >> 8; 2469 2470 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2471 ic->ic_myaddr[4] = val & 0xff; 2472 ic->ic_myaddr[5] = val >> 8; 2473 2474 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2475 /* XXX: test if different from 0xffff? */ 2476 sc->rf_rev = (val >> 11) & 0x1f; 2477 sc->hw_radio = (val >> 10) & 0x1; 2478 sc->rx_ant = (val >> 4) & 0x3; 2479 sc->tx_ant = (val >> 2) & 0x3; 2480 sc->nb_ant = val & 0x3; 2481 2482 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2483 2484 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2485 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2486 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2487 2488 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2489 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2490 2491 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2492 if ((val & 0xff) != 0xff) 2493 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2494 2495 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2496 if ((val & 0xff) != 0xff) 2497 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2498 2499 /* adjust RSSI correction for external low-noise amplifier */ 2500 if (sc->ext_2ghz_lna) 2501 sc->rssi_2ghz_corr -= 14; 2502 if (sc->ext_5ghz_lna) 2503 sc->rssi_5ghz_corr -= 14; 2504 2505 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2506 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2507 2508 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2509 if ((val >> 8) != 0xff) 2510 sc->rfprog = (val >> 8) & 0x3; 2511 if ((val & 0xff) != 0xff) 2512 sc->rffreq = val & 0xff; 2513 2514 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2515 2516 /* read Tx power for all a/b/g channels */ 2517 for (i = 0; i < 19; i++) { 2518 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2519 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2520 DPRINTF(("Channel=%d Tx power=%d\n", 2521 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2522 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2523 DPRINTF(("Channel=%d Tx power=%d\n", 2524 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2525 } 2526 2527 /* read vendor-specific BBP values */ 2528 for (i = 0; i < 16; i++) { 2529 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2530 if (val == 0 || val == 0xffff) 2531 continue; /* skip invalid entries */ 2532 sc->bbp_prom[i].reg = val >> 8; 2533 sc->bbp_prom[i].val = val & 0xff; 2534 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2535 sc->bbp_prom[i].val)); 2536 } 2537 } 2538 2539 static int 2540 rt2661_bbp_init(struct rt2661_softc *sc) 2541 { 2542 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2543 int i, ntries; 2544 uint8_t val; 2545 2546 /* wait for BBP to be ready */ 2547 for (ntries = 0; ntries < 100; ntries++) { 2548 val = rt2661_bbp_read(sc, 0); 2549 if (val != 0 && val != 0xff) 2550 break; 2551 DELAY(100); 2552 } 2553 if (ntries == 100) { 2554 aprint_error_dev(sc->sc_dev, "timeout waiting for BBP\n"); 2555 return EIO; 2556 } 2557 2558 /* initialize BBP registers to default values */ 2559 for (i = 0; i < N(rt2661_def_bbp); i++) { 2560 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2561 rt2661_def_bbp[i].val); 2562 } 2563 2564 /* write vendor-specific BBP values (from EEPROM) */ 2565 for (i = 0; i < 16; i++) { 2566 if (sc->bbp_prom[i].reg == 0) 2567 continue; 2568 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2569 } 2570 2571 return 0; 2572 #undef N 2573 } 2574 2575 static int 2576 rt2661_init(struct ifnet *ifp) 2577 { 2578 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2579 struct rt2661_softc *sc = ifp->if_softc; 2580 struct ieee80211com *ic = &sc->sc_ic; 2581 const char *name = NULL; /* make lint happy */ 2582 uint8_t *ucode; 2583 size_t size; 2584 uint32_t tmp, star[3]; 2585 int i, ntries; 2586 firmware_handle_t fh; 2587 2588 /* for CardBus, power on the socket */ 2589 if (!(sc->sc_flags & RT2661_ENABLED)) { 2590 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) { 2591 aprint_error_dev(sc->sc_dev, "could not enable device\n"); 2592 return EIO; 2593 } 2594 sc->sc_flags |= RT2661_ENABLED; 2595 } 2596 2597 rt2661_stop(ifp, 0); 2598 2599 if (!(sc->sc_flags & RT2661_FWLOADED)) { 2600 switch (sc->sc_id) { 2601 case PCI_PRODUCT_RALINK_RT2561: 2602 name = "ral-rt2561"; 2603 break; 2604 case PCI_PRODUCT_RALINK_RT2561S: 2605 name = "ral-rt2561s"; 2606 break; 2607 case PCI_PRODUCT_RALINK_RT2661: 2608 name = "ral-rt2661"; 2609 break; 2610 } 2611 2612 if (firmware_open("ral", name, &fh) != 0) { 2613 aprint_error_dev(sc->sc_dev, "could not open microcode %s\n", name); 2614 rt2661_stop(ifp, 1); 2615 return EIO; 2616 } 2617 2618 size = firmware_get_size(fh); 2619 if (!(ucode = firmware_malloc(size))) { 2620 aprint_error_dev(sc->sc_dev, "could not alloc microcode memory\n"); 2621 firmware_close(fh); 2622 rt2661_stop(ifp, 1); 2623 return ENOMEM; 2624 } 2625 2626 if (firmware_read(fh, 0, ucode, size) != 0) { 2627 aprint_error_dev(sc->sc_dev, "could not read microcode %s\n", name); 2628 firmware_free(ucode, size); 2629 firmware_close(fh); 2630 rt2661_stop(ifp, 1); 2631 return EIO; 2632 } 2633 2634 if (rt2661_load_microcode(sc, ucode, size) != 0) { 2635 aprint_error_dev(sc->sc_dev, "could not load 8051 microcode\n"); 2636 firmware_free(ucode, size); 2637 firmware_close(fh); 2638 rt2661_stop(ifp, 1); 2639 return EIO; 2640 } 2641 2642 firmware_free(ucode, size); 2643 firmware_close(fh); 2644 sc->sc_flags |= RT2661_FWLOADED; 2645 } 2646 2647 /* initialize Tx rings */ 2648 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2649 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2650 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2651 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2652 2653 /* initialize Mgt ring */ 2654 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2655 2656 /* initialize Rx ring */ 2657 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2658 2659 /* initialize Tx rings sizes */ 2660 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2661 RT2661_TX_RING_COUNT << 24 | 2662 RT2661_TX_RING_COUNT << 16 | 2663 RT2661_TX_RING_COUNT << 8 | 2664 RT2661_TX_RING_COUNT); 2665 2666 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2667 RT2661_TX_DESC_WSIZE << 16 | 2668 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2669 RT2661_MGT_RING_COUNT); 2670 2671 /* initialize Rx rings */ 2672 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2673 RT2661_RX_DESC_BACK << 16 | 2674 RT2661_RX_DESC_WSIZE << 8 | 2675 RT2661_RX_RING_COUNT); 2676 2677 /* XXX: some magic here */ 2678 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2679 2680 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2681 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2682 2683 /* load base address of Rx ring */ 2684 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2685 2686 /* initialize MAC registers to default values */ 2687 for (i = 0; i < N(rt2661_def_mac); i++) 2688 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2689 2690 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 2691 rt2661_set_macaddr(sc, ic->ic_myaddr); 2692 2693 /* set host ready */ 2694 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2695 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2696 2697 /* wait for BBP/RF to wakeup */ 2698 for (ntries = 0; ntries < 1000; ntries++) { 2699 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2700 break; 2701 DELAY(1000); 2702 } 2703 if (ntries == 1000) { 2704 printf("timeout waiting for BBP/RF to wakeup\n"); 2705 rt2661_stop(ifp, 1); 2706 return EIO; 2707 } 2708 2709 if (rt2661_bbp_init(sc) != 0) { 2710 rt2661_stop(ifp, 1); 2711 return EIO; 2712 } 2713 2714 /* select default channel */ 2715 sc->sc_curchan = ic->ic_curchan; 2716 rt2661_select_band(sc, sc->sc_curchan); 2717 rt2661_select_antenna(sc); 2718 rt2661_set_chan(sc, sc->sc_curchan); 2719 2720 /* update Rx filter */ 2721 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2722 2723 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2724 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2725 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2726 RT2661_DROP_ACKCTS; 2727 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2728 tmp |= RT2661_DROP_TODS; 2729 if (!(ifp->if_flags & IFF_PROMISC)) 2730 tmp |= RT2661_DROP_NOT_TO_ME; 2731 } 2732 2733 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2734 2735 /* clear STA registers */ 2736 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, star, N(star)); 2737 2738 /* initialize ASIC */ 2739 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2740 2741 /* clear any pending interrupt */ 2742 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2743 2744 /* enable interrupts */ 2745 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2746 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2747 2748 /* kick Rx */ 2749 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2750 2751 ifp->if_flags &= ~IFF_OACTIVE; 2752 ifp->if_flags |= IFF_RUNNING; 2753 2754 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2755 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2756 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2757 } else 2758 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2759 2760 return 0; 2761 #undef N 2762 } 2763 2764 static void 2765 rt2661_stop(struct ifnet *ifp, int disable) 2766 { 2767 struct rt2661_softc *sc = ifp->if_softc; 2768 struct ieee80211com *ic = &sc->sc_ic; 2769 uint32_t tmp; 2770 2771 sc->sc_tx_timer = 0; 2772 ifp->if_timer = 0; 2773 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2774 2775 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 2776 2777 /* abort Tx (for all 5 Tx rings) */ 2778 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2779 2780 /* disable Rx (value remains after reset!) */ 2781 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2782 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2783 2784 /* reset ASIC */ 2785 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2786 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2787 2788 /* disable interrupts */ 2789 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 2790 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2791 2792 /* clear any pending interrupt */ 2793 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2794 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2795 2796 /* reset Tx and Rx rings */ 2797 rt2661_reset_tx_ring(sc, &sc->txq[0]); 2798 rt2661_reset_tx_ring(sc, &sc->txq[1]); 2799 rt2661_reset_tx_ring(sc, &sc->txq[2]); 2800 rt2661_reset_tx_ring(sc, &sc->txq[3]); 2801 rt2661_reset_tx_ring(sc, &sc->mgtq); 2802 rt2661_reset_rx_ring(sc, &sc->rxq); 2803 2804 /* for CardBus, power down the socket */ 2805 if (disable && sc->sc_disable != NULL) { 2806 if (sc->sc_flags & RT2661_ENABLED) { 2807 (*sc->sc_disable)(sc); 2808 sc->sc_flags &= ~(RT2661_ENABLED | RT2661_FWLOADED); 2809 } 2810 } 2811 } 2812 2813 static int 2814 rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size) 2815 { 2816 int ntries; 2817 2818 /* reset 8051 */ 2819 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2820 2821 /* cancel any pending Host to MCU command */ 2822 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2823 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2824 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2825 2826 /* write 8051's microcode */ 2827 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2828 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size); 2829 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2830 2831 /* kick 8051's ass */ 2832 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2833 2834 /* wait for 8051 to initialize */ 2835 for (ntries = 0; ntries < 500; ntries++) { 2836 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2837 break; 2838 DELAY(100); 2839 } 2840 if (ntries == 500) { 2841 printf("timeout waiting for MCU to initialize\n"); 2842 return EIO; 2843 } 2844 return 0; 2845 } 2846 2847 /* 2848 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2849 * false CCA count. This function is called periodically (every seconds) when 2850 * in the RUN state. Values taken from the reference driver. 2851 */ 2852 static void 2853 rt2661_rx_tune(struct rt2661_softc *sc) 2854 { 2855 uint8_t bbp17; 2856 uint16_t cca; 2857 int lo, hi, dbm; 2858 2859 /* 2860 * Tuning range depends on operating band and on the presence of an 2861 * external low-noise amplifier. 2862 */ 2863 lo = 0x20; 2864 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2865 lo += 0x08; 2866 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2867 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2868 lo += 0x10; 2869 hi = lo + 0x20; 2870 2871 dbm = sc->avg_rssi; 2872 /* retrieve false CCA count since last call (clear on read) */ 2873 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2874 2875 DPRINTFN(2, ("RSSI=%ddBm false CCA=%d\n", dbm, cca)); 2876 2877 if (dbm < -74) { 2878 /* very bad RSSI, tune using false CCA count */ 2879 bbp17 = sc->bbp17; /* current value */ 2880 2881 hi -= 2 * (-74 - dbm); 2882 if (hi < lo) 2883 hi = lo; 2884 2885 if (bbp17 > hi) 2886 bbp17 = hi; 2887 else if (cca > 512) 2888 bbp17 = min(bbp17 + 1, hi); 2889 else if (cca < 100) 2890 bbp17 = max(bbp17 - 1, lo); 2891 2892 } else if (dbm < -66) { 2893 bbp17 = lo + 0x08; 2894 } else if (dbm < -58) { 2895 bbp17 = lo + 0x10; 2896 } else if (dbm < -35) { 2897 bbp17 = hi; 2898 } else { /* very good RSSI >= -35dBm */ 2899 bbp17 = 0x60; /* very low sensitivity */ 2900 } 2901 2902 if (bbp17 != sc->bbp17) { 2903 DPRINTF(("BBP17 %x->%x\n", sc->bbp17, bbp17)); 2904 rt2661_bbp_write(sc, 17, bbp17); 2905 sc->bbp17 = bbp17; 2906 } 2907 } 2908 2909 #ifdef notyet 2910 /* 2911 * Enter/Leave radar detection mode. 2912 * This is for 802.11h additional regulatory domains. 2913 */ 2914 static void 2915 rt2661_radar_start(struct rt2661_softc *sc) 2916 { 2917 uint32_t tmp; 2918 2919 /* disable Rx */ 2920 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2921 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2922 2923 rt2661_bbp_write(sc, 82, 0x20); 2924 rt2661_bbp_write(sc, 83, 0x00); 2925 rt2661_bbp_write(sc, 84, 0x40); 2926 2927 /* save current BBP registers values */ 2928 sc->bbp18 = rt2661_bbp_read(sc, 18); 2929 sc->bbp21 = rt2661_bbp_read(sc, 21); 2930 sc->bbp22 = rt2661_bbp_read(sc, 22); 2931 sc->bbp16 = rt2661_bbp_read(sc, 16); 2932 sc->bbp17 = rt2661_bbp_read(sc, 17); 2933 sc->bbp64 = rt2661_bbp_read(sc, 64); 2934 2935 rt2661_bbp_write(sc, 18, 0xff); 2936 rt2661_bbp_write(sc, 21, 0x3f); 2937 rt2661_bbp_write(sc, 22, 0x3f); 2938 rt2661_bbp_write(sc, 16, 0xbd); 2939 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2940 rt2661_bbp_write(sc, 64, 0x21); 2941 2942 /* restore Rx filter */ 2943 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2944 } 2945 2946 static int 2947 rt2661_radar_stop(struct rt2661_softc *sc) 2948 { 2949 uint8_t bbp66; 2950 2951 /* read radar detection result */ 2952 bbp66 = rt2661_bbp_read(sc, 66); 2953 2954 /* restore BBP registers values */ 2955 rt2661_bbp_write(sc, 16, sc->bbp16); 2956 rt2661_bbp_write(sc, 17, sc->bbp17); 2957 rt2661_bbp_write(sc, 18, sc->bbp18); 2958 rt2661_bbp_write(sc, 21, sc->bbp21); 2959 rt2661_bbp_write(sc, 22, sc->bbp22); 2960 rt2661_bbp_write(sc, 64, sc->bbp64); 2961 2962 return bbp66 == 1; 2963 } 2964 #endif 2965 2966 static int 2967 rt2661_prepare_beacon(struct rt2661_softc *sc) 2968 { 2969 struct ieee80211com *ic = &sc->sc_ic; 2970 struct ieee80211_node *ni = ic->ic_bss; 2971 struct rt2661_tx_desc desc; 2972 struct mbuf *m0; 2973 struct ieee80211_beacon_offsets bo; 2974 int rate; 2975 2976 m0 = ieee80211_beacon_alloc(ic, ni, &bo); 2977 if (m0 == NULL) { 2978 aprint_error_dev(sc->sc_dev, "could not allocate beacon frame\n"); 2979 return ENOBUFS; 2980 } 2981 2982 /* send beacons at the lowest available rate */ 2983 rate = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? 12 : 2; 2984 2985 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2986 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT); 2987 2988 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2989 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2990 2991 /* copy beacon header and payload into NIC memory */ 2992 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2993 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2994 2995 m_freem(m0); 2996 2997 /* 2998 * Store offset of ERP Information Element so that we can update it 2999 * dynamically when the slot time changes. 3000 * XXX: this is ugly since it depends on how net80211 builds beacon 3001 * frames but ieee80211_beacon_alloc() doesn't store offsets for us. 3002 */ 3003 if (ic->ic_curmode == IEEE80211_MODE_11G) { 3004 sc->erp_csr = 3005 RT2661_HW_BEACON_BASE0 + 24 + 3006 sizeof (struct ieee80211_frame) + 3007 8 + 2 + 2 + 2 + ni->ni_esslen + 3008 2 + min(ni->ni_rates.rs_nrates, IEEE80211_RATE_SIZE) + 3009 2 + 1 + 3010 ((ic->ic_opmode == IEEE80211_M_IBSS) ? 4 : 6) + 3011 2; 3012 } 3013 3014 return 0; 3015 } 3016 3017 /* 3018 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 3019 * and HostAP operating modes. 3020 */ 3021 static void 3022 rt2661_enable_tsf_sync(struct rt2661_softc *sc) 3023 { 3024 struct ieee80211com *ic = &sc->sc_ic; 3025 uint32_t tmp; 3026 3027 if (ic->ic_opmode != IEEE80211_M_STA) { 3028 /* 3029 * Change default 16ms TBTT adjustment to 8ms. 3030 * Must be done before enabling beacon generation. 3031 */ 3032 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 3033 } 3034 3035 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 3036 3037 /* set beacon interval (in 1/16ms unit) */ 3038 tmp |= ic->ic_bss->ni_intval * 16; 3039 3040 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 3041 if (ic->ic_opmode == IEEE80211_M_STA) 3042 tmp |= RT2661_TSF_MODE(1); 3043 else 3044 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 3045 3046 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 3047 } 3048 3049 /* 3050 * Retrieve the "Received Signal Strength Indicator" from the raw values 3051 * contained in Rx descriptors. The computation depends on which band the 3052 * frame was received. Correction values taken from the reference driver. 3053 */ 3054 static int 3055 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 3056 { 3057 int lna, agc, rssi; 3058 3059 lna = (raw >> 5) & 0x3; 3060 agc = raw & 0x1f; 3061 3062 rssi = 2 * agc; 3063 3064 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 3065 rssi += sc->rssi_2ghz_corr; 3066 3067 if (lna == 1) 3068 rssi -= 64; 3069 else if (lna == 2) 3070 rssi -= 74; 3071 else if (lna == 3) 3072 rssi -= 90; 3073 } else { 3074 rssi += sc->rssi_5ghz_corr; 3075 3076 if (lna == 1) 3077 rssi -= 64; 3078 else if (lna == 2) 3079 rssi -= 86; 3080 else if (lna == 3) 3081 rssi -= 100; 3082 } 3083 return rssi; 3084 } 3085